| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: system infiziert?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
| |
23.05.2010, 17:46
| #1 | |
 |  system infiziert?Zitat:
poste mal diese Logs: http://www.trojaner-board.de/51130-a...ijackthis.html http://www.trojaner-board.de/51187-a...i-malware.html lg.
__________________ Arroganz ist das Selbstbewusstsein des Minderwertigkeitskomplexes. (Jean Rostand) |
|
23.05.2010, 18:42
| #2 | ||
| | system infiziert?Zitat:
hier meine logfiles: Code:
ATTFilter Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:06:33, on 23.05.2010 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.21228) Boot mode: Normal Running processes: C:\WINXP\System32\smss.exe C:\WINXP\system32\winlogon.exe C:\WINXP\system32\services.exe C:\WINXP\system32\lsass.exe C:\WINXP\system32\Ati2evxx.exe C:\WINXP\system32\svchost.exe C:\WINXP\System32\svchost.exe C:\WINXP\system32\spoolsv.exe C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Programme\Bonjour\mDNSResponder.exe C:\Programme\Java\jre6\bin\jqs.exe C:\WINXP\system32\lxdncoms.exe C:\WINXP\system32\svchost.exe C:\WINXP\system32\Ati2evxx.exe C:\WINXP\Explorer.EXE C:\WINXP\system32\wscntfy.exe C:\WINXP\system32\RunDll32.exe C:\WINXP\htpatch.exe C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe C:\Programme\iTunes\iTunesHelper.exe C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe C:\Programme\DivX\DivX Update\DivXUpdate.exe C:\WINXP\system32\ctfmon.exe C:\Programme\Windows Live\Messenger\msnmsgr.exe C:\Programme\DAEMON Tools Lite\DTLite.exe C:\Programme\iPod\bin\iPodService.exe C:\Programme\ESET\ESET NOD32 Antivirus\ekrn.exe C:\Programme\ESET\ESET NOD32 Antivirus\egui.exe C:\Programme\Adobe\Reader 9.0\Reader\AcroRd32.exe C:\Programme\Mozilla Firefox\firefox.exe C:\Dokumente und Einstellungen\MILENA\Eigene Dateien\Downloads\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [HTpatch] C:\WINXP\htpatch.exe O4 - HKLM\..\Run: [SiSUSBRG] C:\WINXP\SiSUSBrg.exe O4 - HKLM\..\Run: [ATIPTA] C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Programme\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [DivXUpdate] "C:\Programme\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW O4 - HKLM\..\Run: [egui] "C:\Programme\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINXP\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Programme\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Programme\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINXP\system32\CTFMON.EXE (User 'LOKALER DIENST') O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINXP\system32\CTFMON.EXE (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINXP\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINXP\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user') O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINXP\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINXP\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINXP\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINXP\system32\ati2sgag.exe O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Programme\Bonjour\mDNSResponder.exe O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Programme\ESET\ESET NOD32 Antivirus\EHttpSrv.exe O23 - Service: ESET Service (ekrn) - ESET - C:\Programme\ESET\ESET NOD32 Antivirus\ekrn.exe O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Programme\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe O23 - Service: lxdn_device - - C:\WINXP\system32\lxdncoms.exe O24 - Desktop Component 0: (no name) - hxxp://i.ebayimg.com/03/%21BcvWF5w%21mk%7E$%28KGrHqYOKjIEq5DBdy%21uBK10jSKY4%21%7E%7E_12.JPG -- End of file - 7512 bytes Zitat:
|
|
23.05.2010, 18:46
| #3 |
| | system infiziert? Du musst Malwarebytes updaten bevor du den Scan machst!
__________________Datenbank Version: 4052 = veraltert! Neu ist: 4132! Updaten und dann nochmal scannen. Steht in der Anleitung. lg.
__________________ |
|
23.05.2010, 19:04
| #4 |
| | system infiziert?
__________________ Arroganz ist das Selbstbewusstsein des Minderwertigkeitskomplexes. (Jean Rostand) |
|
23.05.2010, 19:27
| #5 |
| | system infiziert?Code:
ATTFilter Logfile of random's system information tool 1.07 (written by random/random) Run by MILENA at 2010-05-23 20:10:00 Microsoft Windows XP Professional Service Pack 2 System drive C: has 95 GB (83%) free of 114 GB Total RAM: 511 MB (40% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 20:10:22, on 23.05.2010 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.21228) Boot mode: Normal Running processes: C:\WINXP\System32\smss.exe C:\WINXP\system32\winlogon.exe C:\WINXP\system32\services.exe C:\WINXP\system32\lsass.exe C:\WINXP\system32\Ati2evxx.exe C:\WINXP\system32\svchost.exe C:\WINXP\System32\svchost.exe C:\WINXP\system32\spoolsv.exe C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Programme\Bonjour\mDNSResponder.exe C:\Programme\Java\jre6\bin\jqs.exe C:\WINXP\system32\lxdncoms.exe C:\WINXP\system32\svchost.exe C:\WINXP\system32\Ati2evxx.exe C:\WINXP\Explorer.EXE C:\WINXP\system32\wscntfy.exe C:\WINXP\system32\RunDll32.exe C:\WINXP\htpatch.exe C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe C:\Programme\iTunes\iTunesHelper.exe C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe C:\Programme\DivX\DivX Update\DivXUpdate.exe C:\WINXP\system32\ctfmon.exe C:\Programme\Windows Live\Messenger\msnmsgr.exe C:\Programme\Messenger\msmsgs.exe C:\Programme\DAEMON Tools Lite\DTLite.exe C:\Programme\iPod\bin\iPodService.exe C:\Programme\ESET\ESET NOD32 Antivirus\ekrn.exe C:\Programme\ESET\ESET NOD32 Antivirus\egui.exe C:\Programme\Adobe\Reader 9.0\Reader\AcroRd32.exe C:\Programme\Mozilla Firefox\firefox.exe C:\Dokumente und Einstellungen\MILENA\Eigene Dateien\Downloads\RSIT(2).exe C:\Programme\trend micro\MILENA.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [HTpatch] C:\WINXP\htpatch.exe O4 - HKLM\..\Run: [SiSUSBRG] C:\WINXP\SiSUSBrg.exe O4 - HKLM\..\Run: [ATIPTA] C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Programme\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [DivXUpdate] "C:\Programme\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW O4 - HKLM\..\Run: [ Malwarebytes Anti-Malware (reboot)] "C:\Programme\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKLM\..\Run: [egui] "C:\Programme\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINXP\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Programme\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Programme\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINXP\system32\CTFMON.EXE (User 'LOKALER DIENST') O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINXP\system32\CTFMON.EXE (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINXP\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINXP\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user') O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINXP\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINXP\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINXP\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINXP\system32\browseui.dll O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINXP\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINXP\system32\ati2sgag.exe O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Programme\Bonjour\mDNSResponder.exe O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Programme\ESET\ESET NOD32 Antivirus\EHttpSrv.exe O23 - Service: ESET Service (ekrn) - ESET - C:\Programme\ESET\ESET NOD32 Antivirus\ekrn.exe O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Programme\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe O23 - Service: lxdnCATSCustConnectService - Lexmark International, Inc. - C:\WINXP\System32\spool\DRIVERS\W32X86\3\\lxdnserv.exe O23 - Service: lxdn_device - - C:\WINXP\system32\lxdncoms.exe O24 - Desktop Component 0: (no name) - hxxp://i.ebayimg.com/03/%21BcvWF5w%21mk%7E$%28KGrHqYOKjIEq5DBdy%21uBK10jSKY4%21%7E%7E_12.JPG -- End of file - 7924 bytes ======Scheduled tasks folder====== C:\WINXP\tasks\AppleSoftwareUpdate.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live Anmelde-Hilfsprogramm - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Programme\Java\jre6\bin\jp2ssv.dll [2010-04-26 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-04-26 79648] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Cmaudio"=RunDll32 cmicnfg.cpl,CMICtrlWnd [] "HTpatch"=C:\WINXP\htpatch.exe [2002-10-30 28672] "SiSUSBRG"=C:\WINXP\SiSUSBrg.exe [2002-07-12 106496] "ATIPTA"=C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe [2003-09-12 335872] "SunJavaUpdateSched"=C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe [2010-02-18 248040] "QuickTime Task"=C:\Programme\QuickTime\QTTask.exe [2010-03-17 421888] "iTunesHelper"=C:\Programme\iTunes\iTunesHelper.exe [2010-03-26 142120] "Adobe Reader Speed Launcher"=C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760] "Adobe ARM"=C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe [2010-03-24 952768] "DivXUpdate"=C:\Programme\DivX\DivX Update\DivXUpdate.exe [2010-04-13 1135912] " Malwarebytes Anti-Malware (reboot)"=C:\Programme\Malwarebytes' Anti-Malware\mbam.exe [2010-04-29 1090952] "egui"=C:\Programme\ESET\ESET NOD32 Antivirus\egui.exe [2009-05-14 2029640] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Malwarebytes' Anti-Malware"=C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe [2010-04-29 437584] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"=C:\WINXP\system32\ctfmon.exe [2004-08-03 15360] "msnmsgr"=C:\Programme\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883840] "MSMSGS"=C:\Programme\Messenger\msmsgs.exe [2004-10-13 1694208] "DAEMON Tools Lite"=C:\Programme\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] C:\WINXP\system32\Ati2evxx.dll [2003-09-12 86016] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINXP\system32\wpdshserviceobj.dll [2007-10-09 133632] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Programme\Windows Live\Messenger\wlcsdk.exe"="C:\Programme\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Programme\Windows Live\Messenger\msnmsgr.exe"="C:\Programme\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Programme\Bonjour\mDNSResponder.exe"="C:\Programme\Bonjour\mDNSResponder.exe:*:Enabled:Dienst "Bonjour"" "C:\Programme\iTunes\iTunes.exe"="C:\Programme\iTunes\iTunes.exe:*:Enabled:iTunes" "C:\Programme\Conference\Conference.dll"="C:\Programme\Conference\Conference.dll:*:Enabled:Audio/Video Conference" "C:\WINXP\system32\lxdncoms.exe"="C:\WINXP\system32\lxdncoms.exe:*:Enabled:Lexmark Communications System" "C:\WINXP\system32\spool\drivers\w32x86\3\lxdnpswx.exe"="C:\WINXP\system32\spool\drivers\w32x86\3\lxdnpswx.exe:*:Enabled:Printer Status Window Interface" "C:\WINXP\system32\spool\drivers\w32x86\3\lxdntime.exe"="C:\WINXP\system32\spool\drivers\w32x86\3\lxdntime.exe:*:Enabled:Lexmark Connect Time Executable" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Programme\Windows Live\Messenger\wlcsdk.exe"="C:\Programme\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Programme\Windows Live\Messenger\msnmsgr.exe"="C:\Programme\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9cd122e2-5178-11df-9993-000b6a287407}] shell\AutoRun\command - F:\LaunchU3.exe -a ======List of files/folders created in the last 1 months====== 2010-05-23 19:18:21 ----D---- C:\Programme\Malwarebytes' Anti-Malware 2010-05-23 04:56:54 ----D---- C:\WINXP\LastGood 2010-05-23 04:56:11 ----D---- C:\Programme\ESET 2010-05-23 04:56:11 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ESET 2010-05-23 03:56:03 ----D---- C:\Programme\trend micro 2010-05-23 03:56:01 ----D---- C:\rsit 2010-05-23 03:39:26 ----D---- C:\Dokumente und Einstellungen\M\Anwendungsdaten\Malwarebytes 2010-05-23 03:39:13 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes 2010-05-16 10:02:25 ----AD---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP 2010-05-16 09:03:53 ----D---- C:\Programme\ElcomSoft 2010-05-16 08:21:55 ----D---- C:\Dokumente und Einstellungen\MILENA\Anwendungsdaten\UDC Profiles 2010-05-16 06:53:29 ----D---- C:\logs 2010-05-16 06:52:53 ----A---- C:\WINXP\system32\lxdnvs.dll 2010-05-16 06:52:50 ----A---- C:\WINXP\system32\lxdncoin.dll 2010-05-16 06:52:26 ----A---- C:\WINXP\system32\wiafbdrv.dll 2010-05-16 06:52:05 ----A---- C:\WINXP\system32\lxdndrs.dll 2010-05-16 06:52:05 ----A---- C:\WINXP\system32\lxdncaps.dll 2010-05-16 06:52:04 ----A---- C:\WINXP\system32\lxdncnv4.dll 2010-05-16 06:51:46 ----D---- C:\Programme\Lexmark Toolbar 2010-05-16 06:51:35 ----A---- C:\WINXP\system32\lxdnwupd.exe 2010-05-16 06:51:35 ----A---- C:\WINXP\system32\lxdnwupd.dll 2010-05-16 06:51:18 ----A---- C:\WINXP\system32\LXDNinst.dll 2010-05-16 06:51:18 ----A---- C:\WINXP\system32\lxdninpa.dll 2010-05-16 06:51:18 ----A---- C:\WINXP\system32\LXDNhcp.dll 2010-05-16 06:51:17 ----A---- C:\WINXP\system32\lxdnutil.dll 2010-05-16 06:51:17 ----A---- C:\WINXP\system32\lxdnusb1.dll 2010-05-16 06:51:17 ----A---- C:\WINXP\system32\lxdnserv.dll 2010-05-16 06:51:17 ----A---- C:\WINXP\system32\lxdnprox.dll 2010-05-16 06:51:17 ----A---- C:\WINXP\system32\lxdnpmui.dll 2010-05-16 06:51:17 ----A---- C:\WINXP\system32\lxdniesc.dll 2010-05-16 06:51:16 ----A---- C:\WINXP\system32\lxdnlmpm.dll 2010-05-16 06:51:16 ----A---- C:\WINXP\system32\lxdnjswr.dll 2010-05-16 06:51:16 ----A---- C:\WINXP\system32\lxdninsr.dll 2010-05-16 06:51:16 ----A---- C:\WINXP\system32\lxdninsb.dll 2010-05-16 06:51:16 ----A---- C:\WINXP\system32\lxdnins.dll 2010-05-16 06:51:16 ----A---- C:\WINXP\system32\lxdnih.exe 2010-05-16 06:51:16 ----A---- C:\WINXP\system32\lxdnhbn3.dll 2010-05-16 06:51:16 ----A---- C:\WINXP\system32\lxdngrd.dll 2010-05-16 06:51:16 ----A---- C:\WINXP\system32\lxdngf.dll 2010-05-16 06:51:15 ----A---- C:\WINXP\system32\lxdncur.dll 2010-05-16 06:51:15 ----A---- C:\WINXP\system32\lxdncub.dll 2010-05-16 06:51:15 ----A---- C:\WINXP\system32\lxdncu.dll 2010-05-16 06:51:15 ----A---- C:\WINXP\system32\lxdncoms.exe 2010-05-16 06:51:15 ----A---- C:\WINXP\system32\lxdncomm.dll 2010-05-16 06:51:15 ----A---- C:\WINXP\system32\lxdncomc.dll 2010-05-16 06:51:15 ----A---- C:\WINXP\system32\lxdncfg.exe 2010-05-16 06:51:14 ----A---- C:\WINXP\system32\LXDNcfg.dll 2010-05-16 06:48:47 ----D---- C:\drivers 2010-05-13 03:02:30 ----HDC---- C:\WINXP\$NtUninstallKB978542$ 2010-05-12 21:13:37 ----A---- C:\WINXP\system32\XAudio2_6.dll 2010-05-12 21:13:37 ----A---- C:\WINXP\system32\XAPOFX1_4.dll 2010-05-12 21:13:36 ----A---- C:\WINXP\system32\xactengine3_6.dll 2010-05-12 21:13:35 ----A---- C:\WINXP\system32\X3DAudio1_7.dll 2010-05-12 21:13:34 ----A---- C:\WINXP\system32\XAudio2_5.dll 2010-05-12 21:13:32 ----A---- C:\WINXP\system32\xactengine3_5.dll 2010-05-12 21:13:32 ----A---- C:\WINXP\system32\D3DCompiler_42.dll 2010-05-12 21:13:29 ----A---- C:\WINXP\system32\d3dcsx_42.dll 2010-05-12 21:13:23 ----A---- C:\WINXP\system32\d3dx11_42.dll 2010-05-12 21:13:22 ----A---- C:\WINXP\system32\d3dx10_42.dll 2010-05-12 21:13:21 ----A---- C:\WINXP\system32\D3DX9_42.dll 2010-05-12 21:13:18 ----A---- C:\WINXP\system32\d3dx10_41.dll 2010-05-12 21:13:18 ----A---- C:\WINXP\system32\D3DCompiler_41.dll 2010-05-12 21:13:16 ----A---- C:\WINXP\system32\D3DX9_41.dll 2010-05-12 21:13:12 ----A---- C:\WINXP\system32\XAudio2_4.dll 2010-05-12 21:13:12 ----A---- C:\WINXP\system32\XAPOFX1_3.dll 2010-05-12 21:13:11 ----A---- C:\WINXP\system32\xactengine3_4.dll 2010-05-12 21:13:10 ----A---- C:\WINXP\system32\X3DAudio1_6.dll 2010-05-12 21:13:09 ----A---- C:\WINXP\system32\d3dx10_40.dll 2010-05-12 21:13:09 ----A---- C:\WINXP\system32\D3DCompiler_40.dll 2010-05-12 21:13:06 ----A---- C:\WINXP\system32\D3DX9_40.dll 2010-05-12 21:13:02 ----A---- C:\WINXP\system32\XAudio2_3.dll 2010-05-12 21:13:02 ----A---- C:\WINXP\system32\XAPOFX1_2.dll 2010-05-12 21:13:01 ----A---- C:\WINXP\system32\xactengine3_3.dll 2010-05-12 21:13:00 ----A---- C:\WINXP\system32\X3DAudio1_5.dll 2010-05-12 21:12:59 ----A---- C:\WINXP\system32\XAudio2_2.dll 2010-05-12 21:12:59 ----A---- C:\WINXP\system32\XAPOFX1_1.dll 2010-05-12 21:12:58 ----A---- C:\WINXP\system32\xactengine3_2.dll 2010-05-12 21:12:57 ----A---- C:\WINXP\system32\D3DCompiler_39.dll 2010-05-12 21:12:56 ----A---- C:\WINXP\system32\d3dx10_39.dll 2010-05-12 21:12:54 ----A---- C:\WINXP\system32\XAudio2_1.dll 2010-05-12 21:12:54 ----A---- C:\WINXP\system32\XAPOFX1_0.dll 2010-05-12 21:12:53 ----A---- C:\WINXP\system32\xactengine3_1.dll 2010-05-12 21:12:52 ----A---- C:\WINXP\system32\X3DAudio1_4.dll 2010-05-12 21:12:51 ----A---- C:\WINXP\system32\d3dx10_38.dll 2010-05-12 21:12:51 ----A---- C:\WINXP\system32\D3DCompiler_38.dll 2010-05-12 21:12:48 ----A---- C:\WINXP\system32\D3DX9_38.dll 2010-05-12 21:12:44 ----A---- C:\WINXP\system32\XAudio2_0.dll 2010-05-12 21:12:43 ----A---- C:\WINXP\system32\xactengine3_0.dll 2010-05-12 21:12:43 ----A---- C:\WINXP\system32\X3DAudio1_3.dll 2010-05-12 21:12:42 ----A---- C:\WINXP\system32\d3dx10_37.dll 2010-05-12 21:12:42 ----A---- C:\WINXP\system32\D3DCompiler_37.dll 2010-05-12 21:12:39 ----A---- C:\WINXP\system32\D3DX9_37.dll 2010-05-12 21:12:35 ----A---- C:\WINXP\system32\xactengine2_10.dll 2010-05-12 21:12:34 ----A---- C:\WINXP\system32\d3dx10_36.dll 2010-05-12 21:12:34 ----A---- C:\WINXP\system32\D3DCompiler_36.dll 2010-05-12 21:12:31 ----A---- C:\WINXP\system32\d3dx9_36.dll 2010-05-12 21:12:27 ----A---- C:\WINXP\system32\xactengine2_9.dll 2010-05-12 21:12:26 ----A---- C:\WINXP\system32\d3dx10_35.dll 2010-05-12 21:12:26 ----A---- C:\WINXP\system32\D3DCompiler_35.dll 2010-05-12 21:12:23 ----A---- C:\WINXP\system32\d3dx9_35.dll 2010-05-12 21:12:19 ----A---- C:\WINXP\system32\xactengine2_8.dll 2010-05-12 21:12:19 ----A---- C:\WINXP\system32\X3DAudio1_2.dll 2010-05-12 21:12:18 ----A---- C:\WINXP\system32\d3dx10_34.dll 2010-05-12 21:12:18 ----A---- C:\WINXP\system32\D3DCompiler_34.dll 2010-05-12 21:12:11 ----A---- C:\WINXP\system32\d3dx9_34.dll 2010-05-12 21:12:01 ----A---- C:\WINXP\system32\xinput1_3.dll 2010-05-12 21:11:54 ----A---- C:\WINXP\system32\xactengine2_7.dll 2010-05-12 21:11:48 ----A---- C:\WINXP\system32\d3dx10_33.dll 2010-05-12 21:11:48 ----A---- C:\WINXP\system32\D3DCompiler_33.dll 2010-05-12 21:11:39 ----A---- C:\WINXP\system32\d3dx9_33.dll 2010-05-12 21:11:35 ----A---- C:\WINXP\system32\xactengine2_6.dll 2010-05-12 21:11:34 ----A---- C:\WINXP\system32\xactengine2_5.dll 2010-05-12 21:11:33 ----A---- C:\WINXP\system32\d3dx9_32.dll 2010-05-12 21:11:30 ----A---- C:\WINXP\system32\xactengine2_4.dll 2010-05-12 21:11:30 ----A---- C:\WINXP\system32\x3daudio1_1.dll 2010-05-12 21:11:29 ----A---- C:\WINXP\system32\d3dx9_31.dll 2010-05-12 21:11:26 ----A---- C:\WINXP\system32\xinput1_2.dll 2010-05-12 21:11:26 ----A---- C:\WINXP\system32\xactengine2_3.dll 2010-05-12 21:11:25 ----A---- C:\WINXP\system32\xactengine2_2.dll 2010-05-12 21:11:24 ----A---- C:\WINXP\system32\xinput1_1.dll 2010-05-12 21:11:23 ----A---- C:\WINXP\system32\xactengine2_1.dll 2010-05-12 21:11:06 ----A---- C:\WINXP\system32\xactengine2_0.dll 2010-05-12 21:11:06 ----A---- C:\WINXP\system32\x3daudio1_0.dll 2010-05-12 21:11:04 ----A---- C:\WINXP\system32\d3dx9_29.dll 2010-05-12 21:11:00 ----A---- C:\WINXP\system32\d3dx9_28.dll 2010-05-12 21:10:56 ----A---- C:\WINXP\system32\xinput9_1_0.dll 2010-05-12 21:10:55 ----A---- C:\WINXP\system32\d3dx9_27.dll 2010-05-12 21:10:53 ----A---- C:\WINXP\system32\d3dx9_26.dll 2010-05-12 21:10:50 ----A---- C:\WINXP\system32\d3dx9_25.dll 2010-05-12 21:10:42 ----A---- C:\WINXP\system32\d3dx9_24.dll 2010-05-11 21:05:25 ----A---- C:\WINXP\system32\SYNSOPOS.exe.cfg 2010-05-11 21:05:24 ----A---- C:\WINXP\system32\SYNSOPOS.exe 2010-05-11 21:05:24 ----A---- C:\WINXP\system32\SYNSOACC.dll 2010-05-11 18:39:28 ----D---- C:\Programme\Conference 2010-05-10 11:55:39 ----D---- C:\WINXP\Minidump 2010-05-09 19:41:12 ----D---- C:\Dokumente und Einstellungen\MILENA\Anwendungsdaten\temp 2010-05-09 17:50:19 ----A---- C:\WINXP\system32\CmdLineExt.dll 2010-05-09 17:43:34 ----A---- C:\WINXP\system32\D3DX9_39.dll 2010-05-09 17:43:28 ----A---- C:\WINXP\system32\d3dx9_30.dll 2010-05-09 17:41:56 ----D---- C:\WINXP\Logs 2010-05-09 17:01:27 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Windows Genuine Advantage 2010-05-09 16:55:10 ----D---- C:\Programme\DAEMON Tools Lite 2010-05-09 16:54:45 ----D---- C:\Dokumente und Einstellungen\MILENA\Anwendungsdaten\DAEMON Tools Lite 2010-05-09 16:54:40 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DAEMON Tools Lite 2010-05-03 02:39:24 ----HDC---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{A7689876-F0D2-4DC6-9C70-CA306AA80853} 2010-05-03 02:38:50 ----HDC---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{8E4DC1D0-364F-4942-85CD-BCD7298D633E} 2010-05-03 02:00:36 ----A---- C:\WINXP\system32\msvcp71.dll 2010-05-03 02:00:35 ----A---- C:\WINXP\system32\msvcr71.dll 2010-05-02 08:17:19 ----D---- C:\Dokumente und Einstellungen\MILENA\Anwendungsdaten\vlc 2010-05-02 08:13:49 ----D---- C:\Programme\VideoLAN 2010-05-02 08:09:37 ----A---- C:\WINXP\system32\gdiplus.dll 2010-04-30 03:11:19 ----D---- C:\Programme\Gemeinsame Dateien\DivX Shared 2010-04-30 03:09:51 ----D---- C:\Programme\DivX 2010-04-30 03:08:18 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DivX 2010-04-29 22:06:11 ----D---- C:\WINXP\KConvert Temp 2010-04-29 22:06:11 ----D---- C:\WINXP\KConvert Logs 2010-04-29 21:45:25 ----D---- C:\Programme\u-he 2010-04-29 18:21:21 ----D---- C:\WINXP\system32\NtmsData 2010-04-29 18:11:45 ----A---- C:\WINXP\system32\NI_IRC_1_2.dll 2010-04-29 18:11:45 ----A---- C:\WINXP\system32\NI_DFD_1_5.dll 2010-04-29 18:11:45 ----A---- C:\WINXP\system32\bconvert.dll 2010-04-29 18:11:44 ----A---- C:\WINXP\system32\REX Shared Library.dll 2010-04-29 03:10:31 ----HDC---- C:\WINXP\$NtUninstallKB970430$ 2010-04-29 03:09:06 ----HDC---- C:\WINXP\$NtUninstallKB961118$ 2010-04-29 03:01:42 ----HDC---- C:\WINXP\$NtUninstallKB925720$ 2010-04-29 03:01:20 ----HDC---- C:\WINXP\$NtUninstallKB971737$ 2010-04-29 02:02:45 ----A---- C:\WINXP\system32\rewire.dll 2010-04-29 02:00:16 ----D---- C:\Programme\Outsim 2010-04-28 20:53:52 ----D---- C:\WINXP\Sun 2010-04-28 19:28:05 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Adobe 2010-04-28 19:26:51 ----D---- C:\Programme\Gemeinsame Dateien\Adobe 2010-04-28 19:26:51 ----D---- C:\Programme\Adobe 2010-04-28 03:13:13 ----HDC---- C:\WINXP\$NtUninstallKB978262$ 2010-04-28 03:13:07 ----HDC---- C:\WINXP\$NtUninstallKB951376-v2$ 2010-04-28 03:13:01 ----HDC---- C:\WINXP\$NtUninstallKB952954$ 2010-04-28 03:12:53 ----HDC---- C:\WINXP\$NtUninstallKB959426$ 2010-04-28 03:12:46 ----HDC---- C:\WINXP\$NtUninstallKB946648$ 2010-04-28 03:12:39 ----HDC---- C:\WINXP\$NtUninstallKB956803$ 2010-04-28 03:12:32 ----HDC---- C:\WINXP\$NtUninstallKB960859$ 2010-04-28 03:12:25 ----HDC---- C:\WINXP\$NtUninstallKB971468$ 2010-04-28 03:12:11 ----HDC---- C:\WINXP\$NtUninstallKB979683$ 2010-04-28 03:11:50 ----HDC---- C:\WINXP\$NtUninstallKB958869$ 2010-04-28 03:11:44 ----HDC---- C:\WINXP\$NtUninstallKB954155_WM9$ 2010-04-28 03:11:39 ----HDC---- C:\WINXP\$NtUninstallKB980232$ 2010-04-28 03:11:27 ----HDC---- C:\WINXP\$NtUninstallKB955759$ 2010-04-28 03:10:42 ----HDC---- C:\WINXP\$NtUninstallKB974318$ 2010-04-28 03:10:34 ----HDC---- C:\WINXP\$NtUninstallKB969059$ 2010-04-28 03:10:27 ----HDC---- C:\WINXP\$NtUninstallKB981349$ 2010-04-28 03:10:19 ----HDC---- C:\WINXP\$NtUninstallKB961503$ 2010-04-28 03:10:13 ----HDC---- C:\WINXP\$NtUninstallKB950974$ 2010-04-28 03:10:06 ----HDC---- C:\WINXP\$NtUninstallKB978037$ 2010-04-28 03:10:00 ----HDC---- C:\WINXP\$NtUninstallKB975713$ 2010-04-28 03:09:53 ----HDC---- C:\WINXP\$NtUninstallKB971657$ 2010-04-28 03:09:44 ----HDC---- C:\WINXP\$NtUninstallKB978338$ 2010-04-28 03:09:38 ----HDC---- C:\WINXP\$NtUninstallKB960225$ 2010-04-28 03:09:32 ----HDC---- C:\WINXP\$NtUninstallKB972270$ 2010-04-28 03:09:26 ----D---- C:\WINXP\ServicePackFiles 2010-04-28 03:09:23 ----HDC---- C:\WINXP\$NtUninstallKB956744$ 2010-04-28 03:09:15 ----HDC---- C:\WINXP\$NtUninstallKB974112$ 2010-04-28 03:08:53 ----HDC---- C:\WINXP\$NtUninstallKB956572$ 2010-04-28 03:08:41 ----HDC---- C:\WINXP\$NtUninstallKB956844$ 2010-04-28 03:08:32 ----HDC---- C:\WINXP\$NtUninstallKB961501$ 2010-04-28 03:08:25 ----HDC---- C:\WINXP\$NtUninstallKB968816_WM9$ 2010-04-28 03:08:17 ----HDC---- C:\WINXP\$NtUninstallKB975561$ 2010-04-28 03:08:08 ----HDC---- C:\WINXP\$NtUninstallKB952069_WM9$ 2010-04-28 03:08:02 ----HDC---- C:\WINXP\$NtUninstallKB973869$ 2010-04-28 03:07:56 ----HDC---- C:\WINXP\$NtUninstallKB975025$ 2010-04-28 03:07:53 ----A---- C:\WINXP\system32\wmpns.dll 2010-04-28 03:07:40 ----HDC---- C:\WINXP\$NtUninstallKB973540_WM9L$ 2010-04-28 03:07:30 ----HDC---- C:\WINXP\$NtUninstallKB952004$ 2010-04-28 03:07:22 ----HDC---- C:\WINXP\$NtUninstallKB974571$ 2010-04-28 03:07:15 ----HDC---- C:\WINXP\$NtUninstallKB975560$ 2010-04-28 03:07:04 ----HDC---- C:\WINXP\$NtUninstallKB973507$ 2010-04-28 03:06:57 ----HDC---- C:\WINXP\$NtUninstallKB941569$ 2010-04-28 03:06:38 ----HDC---- C:\WINXP\$NtUninstallKB977816$ 2010-04-28 03:06:31 ----HDC---- C:\WINXP\$NtUninstallKB973687$ 2010-04-28 03:06:24 ----HDC---- C:\WINXP\$NtUninstallKB950762$ 2010-04-28 03:06:15 ----HDC---- C:\WINXP\$NtUninstallKB978601$ 2010-04-28 03:06:09 ----HDC---- C:\WINXP\$NtUninstallKB952287$ 2010-04-28 03:06:02 ----HDC---- C:\WINXP\$NtUninstallKB973354$ 2010-04-28 03:05:54 ----HDC---- C:\WINXP\$NtUninstallKB973904$ 2010-04-28 03:05:38 ----HDC---- C:\WINXP\$NtUninstallKB967715$ 2010-04-28 03:05:29 ----HDC---- C:\WINXP\$NtUninstallKB950760$ 2010-04-28 03:05:23 ----HDC---- C:\WINXP\$NtUninstallKB951066$ 2010-04-28 03:05:16 ----HDC---- C:\WINXP\$NtUninstallKB974392$ 2010-04-28 03:05:04 ----HDC---- C:\WINXP\$NtUninstallKB977914$ 2010-04-28 03:04:51 ----HDC---- C:\WINXP\$NtUninstallKB951748$ 2010-04-28 03:04:43 ----HDC---- C:\WINXP\$NtUninstallKB970238$ 2010-04-28 03:04:34 ----HDC---- C:\WINXP\$NtUninstallKB979309$ 2010-04-28 03:04:28 ----HDC---- C:\WINXP\$NtUninstallKB978706$ 2010-04-28 03:04:21 ----HDC---- C:\WINXP\$NtUninstallKB960803$ 2010-04-28 03:04:13 ----HDC---- C:\WINXP\$NtUninstallKB973815$ 2010-04-28 03:03:58 ----HDC---- C:\WINXP\$NtUninstallKB971032$ 2010-04-28 03:03:50 ----HDC---- C:\WINXP\$NtUninstallKB958644$ 2010-04-28 03:03:43 ----HDC---- C:\WINXP\$NtUninstallKB955069$ 2010-04-28 03:03:36 ----HDC---- C:\WINXP\$NtUninstallKB956802$ 2010-04-28 03:03:30 ----HDC---- C:\WINXP\$NtUninstallKB979306$ 2010-04-28 03:03:24 ----HDC---- C:\WINXP\$NtUninstallKB954154_WM11$ 2010-04-28 03:03:16 ----HDC---- C:\WINXP\$NtUninstallKB923561$ 2010-04-28 03:03:09 ----HDC---- C:\WINXP\$NtUninstallKB971961$ 2010-04-28 03:02:31 ----D---- C:\WINXP\ie7updates 2010-04-28 03:02:10 ----HDC---- C:\WINXP\$NtUninstallKB975467$ 2010-04-28 03:02:00 ----HDC---- C:\WINXP\$NtUninstallKB968389$ 2010-04-28 03:01:23 ----HDC---- C:\WINXP\$NtUninstallKB969947$ 2010-04-28 00:31:40 ----D---- C:\Downloads 2010-04-27 22:08:52 ----D---- C:\WINXP\system32\appmgmt 2010-04-27 22:03:25 ----D---- C:\Dokumente und Einstellungen\MILENA\Anwendungsdaten\Thinstall 2010-04-27 21:16:02 ----N---- C:\WINXP\system32\browserchoice.exe 2010-04-27 21:09:19 ----N---- C:\WINXP\system32\spmsg2.dll 2010-04-27 21:09:14 ----HDC---- C:\WINXP\$NtUninstallXPSEPSCLP$ 2010-04-27 21:03:55 ----D---- C:\WINXP\system32\XPSViewer 2010-04-27 21:03:48 ----D---- C:\Programme\MSBuild 2010-04-27 21:03:44 ----D---- C:\WINXP\system32\en-US 2010-04-27 21:03:31 ----D---- C:\Programme\Reference Assemblies 2010-04-27 21:02:17 ----N---- C:\WINXP\system32\prntvpt.dll 2010-04-27 21:02:16 ----N---- C:\WINXP\system32\xpsshhdr.dll 2010-04-27 21:02:15 ----N---- C:\WINXP\system32\xpssvcs.dll 2010-04-27 21:02:13 ----D---- C:\de872e18fedcb6f9ea8d059ffb5696 2010-04-27 21:00:13 ----RSD---- C:\WINXP\assembly 2010-04-27 20:59:16 ----D---- C:\WINXP\Microsoft.NET 2010-04-27 20:57:32 ----HDC---- C:\WINXP\$NtUninstallWIC$ 2010-04-27 20:57:23 ----D---- C:\Programme\MSXML 6.0 2010-04-27 19:44:24 ----A---- C:\WINXP\system32\muweb.dll 2010-04-27 19:44:24 ----A---- C:\WINXP\system32\mucltui.dll.mui 2010-04-27 19:44:24 ----A---- C:\WINXP\system32\mucltui.dll 2010-04-27 19:06:04 ----D---- C:\Dokumente und Einstellungen\MILENA\Anwendungsdaten\Apple Computer 2010-04-27 19:05:10 ----A---- C:\WINXP\system32\GEARAspi.dll 2010-04-27 19:03:39 ----D---- C:\Programme\iPod 2010-04-27 19:02:55 ----D---- C:\Programme\iTunes 2010-04-27 19:02:55 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521} 2010-04-27 19:00:42 ----D---- C:\Programme\QuickTime 2010-04-27 19:00:41 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Apple Computer 2010-04-27 19:00:13 ----D---- C:\Programme\Apple Software Update 2010-04-27 18:59:54 ----DC---- C:\WINXP\system32\DRVSTORE 2010-04-27 18:59:11 ----D---- C:\Programme\Bonjour 2010-04-27 18:58:53 ----D---- C:\Programme\Gemeinsame Dateien\Apple 2010-04-27 18:58:53 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Apple 2010-04-27 16:37:10 ----D---- C:\Dokumente und Einstellungen\MILENA\Anwendungsdaten\WinRAR 2010-04-27 16:30:25 ----D---- C:\Programme\WinRAR 2010-04-27 00:03:57 ----SH---- C:\boot.ini 2010-04-27 00:03:46 ----D---- C:\Postinstall 2010-04-27 00:00:52 ----SHD---- C:\WINXP\Installer 2010-04-27 00:00:52 ----SD---- C:\WINXP\Downloaded Program Files 2010-04-27 00:00:52 ----RSD---- C:\WINXP\Fonts 2010-04-27 00:00:52 ----RD---- C:\WINXP\Web 2010-04-27 00:00:52 ----HD---- C:\WINXP\inf 2010-04-27 00:00:52 ----D---- C:\WINXP\WinSxS 2010-04-27 00:00:52 ----D---- C:\WINXP\WBEM 2010-04-27 00:00:52 ----D---- C:\WINXP\twain_32 2010-04-27 00:00:52 ----D---- C:\WINXP\Temp 2010-04-27 00:00:52 ----D---- C:\WINXP\system32\wins 2010-04-27 00:00:52 ----D---- C:\WINXP\system32\wbem 2010-04-27 00:00:52 ----D---- C:\WINXP\system32\usmt 2010-04-27 00:00:52 ----D---- C:\WINXP\system32\spool 2010-04-27 00:00:52 ----D---- C:\WINXP\system32\ShellExt 2010-04-27 00:00:52 ----D---- C:\WINXP\system32\Setup 2010-04-27 00:00:52 ----D---- C:\WINXP\system32\ras 2010-04-27 00:00:52 ----D---- C:\WINXP\system32\PreInstall 2010-04-27 00:00:52 ----D---- C:\WINXP\system32\oobe 2010-04-27 00:00:52 ----D---- C:\WINXP\system32\npp 2010-04-27 00:00:52 ----D---- C:\WINXP\system32\mui 2010-04-27 00:00:52 ----D---- C:\WINXP\system32\inetsrv 2010-04-27 00:00:52 ----D---- C:\WINXP\system32\IME 2010-04-27 00:00:52 ----D---- C:\WINXP\system32\icsxml 2010-04-27 00:00:52 ----D---- C:\WINXP\system32\ias 2010-04-27 00:00:52 ----D---- C:\WINXP\system32\export 2010-04-27 00:00:52 ----D---- C:\WINXP\system32\drivers 2010-04-27 00:00:52 ----D---- C:\WINXP\system32\dhcp 2010-04-27 00:00:52 ----D---- C:\WINXP\system32\de-de 2010-04-27 00:00:52 ----D---- C:\WINXP\system32\config 2010-04-27 00:00:52 ----D---- C:\WINXP\system32\3com_dmi 2010-04-27 00:00:52 ----D---- C:\WINXP\system32\3076 2010-04-27 00:00:52 ----D---- C:\WINXP\system32\2052 2010-04-27 00:00:52 ----D---- C:\WINXP\system32\1054 2010-04-27 00:00:52 ----D---- C:\WINXP\system32\1042 2010-04-27 00:00:52 ----D---- C:\WINXP\system32\1041 2010-04-27 00:00:52 ----D---- C:\WINXP\system32\1037 2010-04-27 00:00:52 ----D---- C:\WINXP\system32\1033 2010-04-27 00:00:52 ----D---- C:\WINXP\system32\1031 2010-04-27 00:00:52 ----D---- C:\WINXP\system32\1028 2010-04-27 00:00:52 ----D---- C:\WINXP\system32\1025 2010-04-27 00:00:52 ----D---- C:\WINXP\system32 2010-04-27 00:00:52 ----D---- C:\WINXP\system 2010-04-27 00:00:52 ----D---- C:\WINXP\security 2010-04-27 00:00:52 ----D---- C:\WINXP\Resources 2010-04-27 00:00:52 ----D---- C:\WINXP\repair 2010-04-27 00:00:52 ----D---- C:\WINXP\Provisioning 2010-04-27 00:00:52 ----D---- C:\WINXP\PeerNet 2010-04-27 00:00:52 ----D---- C:\WINXP\pchealth 2010-04-27 00:00:52 ----D---- C:\WINXP\Offline Web Pages 2010-04-27 00:00:52 ----D---- C:\WINXP\Network Diagnostic 2010-04-27 00:00:52 ----D---- C:\WINXP\mui 2010-04-27 00:00:52 ----D---- C:\WINXP\msapps 2010-04-27 00:00:52 ----D---- C:\WINXP\msagent 2010-04-27 00:00:52 ----D---- C:\WINXP\Media 2010-04-27 00:00:52 ----D---- C:\WINXP\java 2010-04-27 00:00:52 ----D---- C:\WINXP\ime 2010-04-27 00:00:52 ----D---- C:\WINXP\Help 2010-04-27 00:00:52 ----D---- C:\WINXP\ehome 2010-04-27 00:00:52 ----D---- C:\WINXP\Driver Cache 2010-04-27 00:00:52 ----D---- C:\WINXP\Debug 2010-04-27 00:00:52 ----D---- C:\WINXP\Cursors 2010-04-27 00:00:52 ----D---- C:\WINXP\Connection Wizard 2010-04-27 00:00:52 ----D---- C:\WINXP\Config 2010-04-27 00:00:52 ----D---- C:\WINXP\AppPatch 2010-04-27 00:00:52 ----D---- C:\WINXP\addins 2010-04-27 00:00:52 ----D---- C:\WINXP 2010-04-26 23:56:57 ----D---- C:\WINXP\system32\CatRoot_bak 2010-04-26 23:16:58 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Sun 2010-04-26 23:16:57 ----D---- C:\Programme\Gemeinsame Dateien\Java 2010-04-26 23:16:35 ----A---- C:\WINXP\system32\javaws.exe 2010-04-26 23:16:35 ----A---- C:\WINXP\system32\javaw.exe 2010-04-26 23:16:35 ----A---- C:\WINXP\system32\java.exe 2010-04-26 23:16:35 ----A---- C:\WINXP\system32\deployJava1.dll 2010-04-26 23:16:22 ----D---- C:\Programme\Java 2010-04-26 23:15:11 ----D---- C:\Dokumente und Einstellungen\MILENA\Anwendungsdaten\Macromedia 2010-04-26 23:15:11 ----D---- C:\Dokumente und Einstellungen\MILENA\Anwendungsdaten\Adobe 2010-04-26 23:13:59 ----D---- C:\Dokumente und Einstellungen\MILENA\Anwendungsdaten\U3 2010-04-26 23:12:45 ----D---- C:\Dokumente und Einstellungen\MILENA\Anwendungsdaten\Sun 2010-04-26 23:08:58 ----A---- C:\WINXP\system32\h323log.txt 2010-04-26 23:06:54 ----A---- C:\WINXP\system32\usbui.dll 2010-04-26 23:05:49 ----A---- C:\WINXP\imsins.BAK 2010-04-26 23:05:46 ----A---- C:\WINXP\system32\PerfStringBackup.INI 2010-04-26 23:05:45 ----D---- C:\Programme\Gemeinsame Dateien\ODBC 2010-04-26 23:05:45 ----A---- C:\WINXP\ODBCINST.INI 2010-04-26 23:05:43 ----D---- C:\Programme\Gemeinsame Dateien\SpeechEngines 2010-04-26 23:05:42 ----RD---- C:\Programme 2010-04-26 23:05:42 ----D---- C:\Programme\Gemeinsame Dateien\Microsoft Shared 2010-04-26 23:05:42 ----D---- C:\Programme\Gemeinsame Dateien 2010-04-26 23:05:35 ----RA---- C:\WINXP\system32\kbdtuq.dll 2010-04-26 23:05:35 ----RA---- C:\WINXP\system32\kbdtuf.dll 2010-04-26 23:05:35 ----RA---- C:\WINXP\system32\kbdazel.dll 2010-04-26 23:05:34 ----RA---- C:\WINXP\system32\kbduzb.dll 2010-04-26 23:05:34 ----RA---- C:\WINXP\system32\kbdur.dll 2010-04-26 23:05:34 ----RA---- C:\WINXP\system32\kbdtat.dll 2010-04-26 23:05:34 ----RA---- C:\WINXP\system32\kbdmon.dll 2010-04-26 23:05:34 ----RA---- C:\WINXP\system32\kbdkyr.dll 2010-04-26 23:05:34 ----RA---- C:\WINXP\system32\kbdkaz.dll 2010-04-26 23:05:34 ----RA---- C:\WINXP\system32\kbdaze.dll 2010-04-26 23:05:33 ----RA---- C:\WINXP\system32\kbdycc.dll 2010-04-26 23:05:33 ----RA---- C:\WINXP\system32\kbdru1.dll 2010-04-26 23:05:33 ----RA---- C:\WINXP\system32\kbdru.dll 2010-04-26 23:05:33 ----RA---- C:\WINXP\system32\kbdbu.dll 2010-04-26 23:05:33 ----RA---- C:\WINXP\system32\kbdblr.dll 2010-04-26 23:05:32 ----RA---- C:\WINXP\system32\kbdhept.dll 2010-04-26 23:05:32 ----RA---- C:\WINXP\system32\kbdhela3.dll 2010-04-26 23:05:32 ----RA---- C:\WINXP\system32\kbdhela2.dll 2010-04-26 23:05:32 ----RA---- C:\WINXP\system32\kbdhe319.dll 2010-04-26 23:05:32 ----RA---- C:\WINXP\system32\kbdhe220.dll 2010-04-26 23:05:32 ----RA---- C:\WINXP\system32\kbdhe.dll 2010-04-26 23:05:32 ----RA---- C:\WINXP\system32\kbdgkl.dll 2010-04-26 23:05:31 ----RA---- C:\WINXP\system32\kbdlv1.dll 2010-04-26 23:05:31 ----RA---- C:\WINXP\system32\kbdlv.dll 2010-04-26 23:05:31 ----RA---- C:\WINXP\system32\kbdlt1.dll 2010-04-26 23:05:31 ----RA---- C:\WINXP\system32\kbdlt.dll 2010-04-26 23:05:31 ----RA---- C:\WINXP\system32\kbdest.dll 2010-04-26 23:05:30 ----RA---- C:\WINXP\system32\kbdycl.dll 2010-04-26 23:05:30 ----RA---- C:\WINXP\system32\kbdsl1.dll 2010-04-26 23:05:30 ----RA---- C:\WINXP\system32\kbdsl.dll 2010-04-26 23:05:30 ----RA---- C:\WINXP\system32\kbdro.dll 2010-04-26 23:05:30 ----RA---- C:\WINXP\system32\kbdpl1.dll 2010-04-26 23:05:30 ----RA---- C:\WINXP\system32\kbdpl.dll 2010-04-26 23:05:30 ----RA---- C:\WINXP\system32\kbdhu1.dll 2010-04-26 23:05:30 ----RA---- C:\WINXP\system32\kbdhu.dll 2010-04-26 23:05:30 ----RA---- C:\WINXP\system32\kbdcz2.dll 2010-04-26 23:05:30 ----RA---- C:\WINXP\system32\kbdcz1.dll 2010-04-26 23:05:30 ----RA---- C:\WINXP\system32\kbdcz.dll 2010-04-26 23:05:30 ----RA---- C:\WINXP\system32\kbdcr.dll 2010-04-26 23:05:30 ----RA---- C:\WINXP\system32\KBDAL.DLL 2010-04-26 23:05:25 ----A---- C:\WINXP\system32\spxcoins.dll 2010-04-26 23:05:25 ----A---- C:\WINXP\system32\irclass.dll 2010-04-26 23:05:25 ----A---- C:\WINXP\system32\EqnClass.Dll 2010-04-26 23:05:25 ----A---- C:\WINXP\system32\dgsetup.dll 2010-04-26 23:05:25 ----A---- C:\WINXP\system32\dgrpsetu.dll 2010-04-26 23:05:23 ----N---- C:\WINXP\system32\CONFIG.TMP 2010-04-26 23:05:23 ----A---- C:\WINXP\TASKMAN.EXE 2010-04-26 23:05:23 ----A---- C:\WINXP\system32\batt.dll 2010-04-26 23:05:23 ----A---- C:\WINXP\NOTEPAD.EXE 2010-04-26 23:05:22 ----A---- C:\WINXP\system32\storprop.dll 2010-04-26 23:05:13 ----ASH---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\desktop.ini 2010-04-26 23:05:06 ----RA---- C:\WINXP\SET8.tmp 2010-04-26 23:05:03 ----RA---- C:\WINXP\SET4.tmp 2010-04-26 23:05:02 ----RA---- C:\WINXP\SET3.tmp 2010-04-26 23:04:57 ----D---- C:\WINXP\system32\CatRoot2 2010-04-26 23:04:57 ----D---- C:\WINXP\system32\CatRoot 2010-04-26 23:04:51 ----SD---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft 2010-04-26 23:04:34 ----A---- C:\WINXP\setuplog.txt 2010-04-26 23:04:30 ----D---- C:\Dokumente und Einstellungen 2010-04-26 23:04:29 ----SHD---- C:\System Volume Information 2010-04-26 23:00:28 ----D---- C:\Dokumente und Einstellungen\MILENA\Anwendungsdaten\Help 2010-04-26 22:58:01 ----N---- C:\WINXP\system32\ati2sgag.exe 2010-04-26 22:57:57 ----RA---- C:\WINXP\system32\atiiiexx.dll 2010-04-26 22:42:03 ----D---- C:\Programme\Microsoft 2010-04-26 22:41:47 ----D---- C:\Programme\Windows Live SkyDrive 2010-04-26 22:41:26 ----D---- C:\Programme\Windows Live 2010-04-26 22:37:22 ----D---- C:\Dokumente und Einstellungen\MILENA\Anwendungsdaten\Mozilla 2010-04-26 22:35:57 ----D---- C:\Programme\Mozilla Firefox 2010-04-26 22:34:07 ----D---- C:\Programme\ATI Technologies 2010-04-26 22:34:04 ----HD---- C:\Programme\InstallShield Installation Information 2010-04-26 22:33:38 ----D---- C:\Programme\Gemeinsame Dateien\InstallShield 2010-04-26 22:29:28 ----D---- C:\Programme\Gemeinsame Dateien\Windows Live 2010-04-26 22:28:30 ----SHD---- C:\RECYCLER 2010-04-26 22:27:48 ----A---- C:\WINXP\SiSUSBrg.exe 2010-04-26 22:27:48 ----A---- C:\WINXP\SIS_LIB.DLL 2010-04-26 22:27:47 ----RA---- C:\WINXP\winio.dll 2010-04-26 22:27:47 ----RA---- C:\WINXP\htpatch.exe 2010-04-26 22:27:09 ----D---- C:\Programme\SiSLan 2010-04-26 22:27:08 ----D---- C:\WINXP\system32\ReinstallBackups 2010-04-26 22:26:05 ----A---- C:\WINXP\system32\ksuser.dll 2010-04-26 22:25:59 ----D---- C:\Program Files 2010-04-26 22:25:59 ----A---- C:\WINXP\Wininit.ini 2010-04-26 22:25:59 ----A---- C:\WINXP\system32\udaprop.dll 2010-04-26 22:25:59 ----A---- C:\WINXP\system32\cmuda.dll 2010-04-26 22:25:59 ----A---- C:\WINXP\system32\Audio3D.dll 2010-04-26 22:25:59 ----A---- C:\WINXP\system32\a3d.dll 2010-04-26 22:25:59 ----A---- C:\WINXP\CMISETUP.INI 2010-04-26 22:25:59 ----A---- C:\WINXP\CMCDPLAY.INI 2010-04-26 22:25:47 ----D---- C:\Programme\C-Media 3D Audio 2010-04-26 22:25:47 ----A---- C:\WINXP\CMIUninstall.exe 2010-04-26 22:25:47 ----A---- C:\WINXP\CmiRmRedundDir.exe 2010-04-26 22:25:47 ----A---- C:\WINXP\CMIRmDriver.dll 2010-04-26 22:25:37 ----A---- C:\WINXP\IsUn0407.exe 2010-04-26 22:25:26 ----A---- C:\WINXP\Ascd_tmp.ini 2010-04-26 22:20:03 ----D---- C:\Dokumente und Einstellungen\MILENA\Anwendungsdaten\Identities 2010-04-26 22:20:01 ----HD---- C:\Programme\Uninstall Information 2010-04-26 22:19:58 ----ASH---- C:\Dokumente und Einstellungen\MILENA\Anwendungsdaten\desktop.ini 2010-04-26 22:19:57 ----SD---- C:\Dokumente und Einstellungen\MILENA\Anwendungsdaten\Microsoft 2010-04-26 22:19:45 ----D---- C:\WINXP\system32\SoftwareDistribution 2010-04-26 22:18:29 ----D---- C:\WINXP\SoftwareDistribution 2010-04-26 22:18:18 ----D---- C:\WINXP\Prefetch 2010-04-26 22:18:17 ----SD---- C:\WINXP\system32\Microsoft 2010-04-26 22:18:17 ----A---- C:\WINXP\SchedLgU.Txt 2010-04-26 22:17:09 ----HDC---- C:\WINXP\$NtUninstallKB939683$ 2010-04-26 22:17:03 ----A---- C:\WINXP\system32\spupdsvc.exe 2010-04-26 22:17:01 ----HDC---- C:\WINXP\$NtUninstallKB936782_WMP11$ 2010-04-26 22:16:52 ----N---- C:\WINXP\system32\WgaTray.exe 2010-04-26 22:16:52 ----N---- C:\WINXP\system32\LegitCheckControl.dll 2010-04-26 22:16:52 ----A---- C:\WINXP\system32\WgaLogon.dll 2010-04-26 22:16:29 ----N---- C:\WINXP\system32\tzchange.exe 2010-04-26 22:16:27 ----N---- C:\WINXP\system32\spmsg.dll 2010-04-26 22:16:26 ----HD---- C:\WINXP\$hf_mig$ 2010-04-26 22:16:12 ----A---- C:\WINXP\control.ini 2010-04-26 22:16:12 ----A---- C:\AUTOEXEC.BAT 2010-04-26 22:16:01 ----A---- C:\WINXP\OEWABLog.txt 2010-04-26 22:15:57 ----A---- C:\WINXP\system32\mapi32.dll 2010-04-26 22:15:54 ----D---- C:\WINXP\system32\dllcache 2010-04-26 22:14:40 ----RAH---- C:\WINXP\system32\logonui.exe.manifest 2010-04-26 22:14:36 ----RAH---- C:\WINXP\system32\cdplayer.exe.manifest 2010-04-26 22:14:31 ----HD---- C:\Programme\WindowsUpdate 2010-04-26 22:14:27 ----D---- C:\Programme\Online-Dienste 2010-04-26 22:14:13 ----D---- C:\WINXP\system32\DirectX 2010-04-26 22:13:55 ----A---- C:\WINXP\system32\desktop.ini 2010-04-26 22:13:55 ----A---- C:\WINXP\desktop.ini 2010-04-26 22:13:50 ----A---- C:\WINXP\system32\nmevtmsg.dll 2010-04-26 22:13:49 ----A---- C:\WINXP\system32\acctres.dll 2010-04-26 22:13:48 ----D---- C:\Programme\Gemeinsame Dateien\Dienste 2010-04-26 22:13:46 ----SD---- C:\WINXP\Tasks 2010-04-26 22:13:46 ----D---- C:\Programme\Gemeinsame Dateien\MSSoap 2010-04-26 22:13:46 ----A---- C:\WINXP\system32\icfgnt5.dll 2010-04-26 22:13:42 ----D---- C:\WINXP\system32\Macromed 2010-04-26 22:13:42 ----D---- C:\WINXP\srchasst 2010-04-26 22:13:40 ----A---- C:\WINXP\system32\wuweb.dll 2010-04-26 22:13:40 ----A---- C:\WINXP\system32\wucltui.dll 2010-04-26 22:13:40 ----A---- C:\WINXP\system32\wuauserv.dll 2010-04-26 22:13:39 ----A---- C:\WINXP\system32\wups.dll 2010-04-26 22:13:39 ----A---- C:\WINXP\system32\wuaueng1.dll 2010-04-26 22:13:39 ----A---- C:\WINXP\system32\wuaueng.dll 2010-04-26 22:13:39 ----A---- C:\WINXP\system32\wuauclt1.exe 2010-04-26 22:13:39 ----A---- C:\WINXP\system32\wuauclt.exe 2010-04-26 22:13:39 ----A---- C:\WINXP\system32\wuapi.dll 2010-04-26 22:13:39 ----A---- C:\WINXP\system32\qmgrprxy.dll 2010-04-26 22:13:39 ----A---- C:\WINXP\system32\qmgr.dll 2010-04-26 22:13:39 ----A---- C:\WINXP\system32\bitsprx3.dll 2010-04-26 22:13:39 ----A---- C:\WINXP\system32\bitsprx2.dll 2010-04-26 22:13:36 ----D---- C:\Programme\Movie Maker 2010-04-26 22:13:33 ----A---- C:\WINXP\system32\safrslv.dll 2010-04-26 22:13:33 ----A---- C:\WINXP\system32\safrdm.dll 2010-04-26 22:13:33 ----A---- C:\WINXP\system32\safrcdlg.dll 2010-04-26 22:13:33 ----A---- C:\WINXP\system32\racpldlg.dll 2010-04-26 22:13:30 ----D---- C:\WINXP\system32\Restore 2010-04-26 22:13:30 ----A---- C:\WINXP\system32\srrstr.dll 2010-04-26 22:13:30 ----A---- C:\WINXP\system32\fltMc.exe 2010-04-26 22:13:30 ----A---- C:\WINXP\system32\fltlib.dll 2010-04-26 22:13:29 ----A---- C:\WINXP\system32\srsvc.dll 2010-04-26 22:13:29 ----A---- C:\WINXP\system32\srclient.dll 2010-04-26 22:13:29 ----A---- C:\WINXP\system32\nmmkcert.dll 2010-04-26 22:13:29 ----A---- C:\WINXP\system32\mnmdd.dll 2010-04-26 22:13:29 ----A---- C:\WINXP\system32\isrdbg32.dll 2010-04-26 22:13:29 ----A---- C:\WINXP\system32\ils.dll 2010-04-26 22:13:28 ----A---- C:\WINXP\system32\msconf.dll 2010-04-26 22:13:28 ----A---- C:\WINXP\system32\mnmsrvc.exe 2010-04-26 22:13:26 ----D---- C:\Programme\NetMeeting 2010-04-26 22:13:26 ----A---- C:\WINXP\system32\msoert2.dll 2010-04-26 22:13:26 ----A---- C:\WINXP\system32\msoeacct.dll 2010-04-26 22:13:25 ----A---- C:\WINXP\system32\inetres.dll 2010-04-26 22:13:25 ----A---- C:\WINXP\system32\inetcomm.dll 2010-04-26 22:13:24 ----D---- C:\Programme\Outlook Express 2010-04-26 22:13:24 ----A---- C:\WINXP\system32\schedsvc.dll 2010-04-26 22:13:24 ----A---- C:\WINXP\system32\mstinit.exe 2010-04-26 22:13:24 ----A---- C:\WINXP\system32\mstask.dll 2010-04-26 22:13:23 ----A---- C:\WINXP\system32\isign32.dll 2010-04-26 22:13:23 ----A---- C:\WINXP\system32\inetcfg.dll 2010-04-26 22:13:23 ----A---- C:\WINXP\system32\icwphbk.dll 2010-04-26 22:13:23 ----A---- C:\WINXP\system32\icwdial.dll 2010-04-26 22:13:19 ----D---- C:\Programme\Gemeinsame Dateien\System 2010-04-26 22:13:18 ----D---- C:\Programme\Internet Explorer 2010-04-26 22:12:39 ----D---- C:\Programme\ComPlus Applications 2010-04-26 22:12:37 ----A---- C:\WINXP\vbaddin.ini 2010-04-26 22:12:37 ----A---- C:\WINXP\vb.ini 2010-04-26 22:12:33 ----D---- C:\WINXP\Registration 2010-04-26 22:12:26 ----D---- C:\Programme\Online Services 2010-04-26 22:12:14 ----D---- C:\Programme\Windows Media Player 2010-04-26 22:12:14 ----D---- C:\Programme\Windows Media Connect 2 2010-04-26 22:12:12 ----D---- C:\Programme\Messenger 2010-04-26 22:12:09 ----D---- C:\Programme\MSN Gaming Zone 2010-04-26 22:12:09 ----A---- C:\WINXP\system32\write.exe 2010-04-26 22:12:03 ----A---- C:\WINXP\system32\sndvol32.exe 2010-04-26 22:12:03 ----A---- C:\WINXP\system32\hticons.dll 2010-04-26 22:12:02 ----A---- C:\WINXP\system32\winchat.exe 2010-04-26 22:12:02 ----A---- C:\WINXP\system32\avwav.dll 2010-04-26 22:12:02 ----A---- C:\WINXP\system32\avtapi.dll 2010-04-26 22:12:02 ----A---- C:\WINXP\system32\avmeter.dll 2010-04-26 22:11:57 ----A---- C:\WINXP\system32\winmine.exe 2010-04-26 22:11:57 ----A---- C:\WINXP\system32\sol.exe 2010-04-26 22:11:57 ----A---- C:\WINXP\system32\getuname.dll 2010-04-26 22:11:57 ----A---- C:\WINXP\system32\charmap.exe 2010-04-26 22:11:57 ----A---- C:\WINXP\system32\calc.exe 2010-04-26 22:11:56 ----A---- C:\WINXP\system32\usrlogon.cmd 2010-04-26 22:11:56 ----A---- C:\WINXP\system32\tsshutdn.exe 2010-04-26 22:11:56 ----A---- C:\WINXP\system32\tslabels.ini 2010-04-26 22:11:56 ----A---- C:\WINXP\system32\tskill.exe 2010-04-26 22:11:56 ----A---- C:\WINXP\system32\tsdiscon.exe 2010-04-26 22:11:56 ----A---- C:\WINXP\system32\tscon.exe 2010-04-26 22:11:56 ----A---- C:\WINXP\system32\shadow.exe 2010-04-26 22:11:56 ----A---- C:\WINXP\system32\rwinsta.exe 2010-04-26 22:11:56 ----A---- C:\WINXP\system32\reset.exe 2010-04-26 22:11:56 ----A---- C:\WINXP\system32\regini.exe 2010-04-26 22:11:56 ----A---- C:\WINXP\system32\rdpcfgex.dll 2010-04-26 22:11:56 ----A---- C:\WINXP\system32\qwinsta.exe 2010-04-26 22:11:56 ----A---- C:\WINXP\system32\qappsrv.exe 2010-04-26 22:11:56 ----A---- C:\WINXP\system32\mshearts.exe 2010-04-26 22:11:56 ----A---- C:\WINXP\system32\freecell.exe 2010-04-26 22:11:55 ----A---- C:\WINXP\system32\mtxlegih.dll 2010-04-26 22:11:55 ----A---- C:\WINXP\system32\mtxex.dll 2010-04-26 22:11:55 ----A---- C:\WINXP\system32\mtxdm.dll 2010-04-26 22:11:55 ----A---- C:\WINXP\system32\msg.exe 2010-04-26 22:11:55 ----A---- C:\WINXP\system32\msdtcprf.ini 2010-04-26 22:11:55 ----A---- C:\WINXP\system32\logoff.exe 2010-04-26 22:11:55 ----A---- C:\WINXP\system32\dcomcnfg.exe 2010-04-26 22:11:55 ----A---- C:\WINXP\system32\cdmodem.dll 2010-04-26 22:11:54 ----A---- C:\WINXP\system32\stclient.dll 2010-04-26 22:11:54 ----A---- C:\WINXP\system32\comsnap.dll 2010-04-26 22:11:54 ----A---- C:\WINXP\system32\comrepl.dll 2010-04-26 22:11:54 ----A---- C:\WINXP\system32\comaddin.dll 2010-04-26 22:11:50 ----A---- C:\WINXP\system32\wmimgmt.msc 2010-04-26 22:11:43 ----D---- C:\Programme\MSN 2010-04-26 22:11:42 ----D---- C:\Programme\Windows NT 2010-04-26 22:11:42 ----A---- C:\WINXP\system32\sndrec32.exe 2010-04-26 22:11:42 ----A---- C:\WINXP\system32\mspaint.exe 2010-04-26 22:11:42 ----A---- C:\WINXP\system32\mplay32.exe 2010-04-26 22:11:42 ----A---- C:\WINXP\system32\hypertrm.dll 2010-04-26 22:11:42 ----A---- C:\WINXP\system32\accwiz.exe 2010-04-26 22:11:41 ----A---- C:\WINXP\system32\tscfgwmi.dll 2010-04-26 22:11:41 ----A---- C:\WINXP\system32\spider.exe 2010-04-26 22:11:41 ----A---- C:\WINXP\system32\clipbrd.exe 2010-04-26 22:11:40 ----A---- C:\WINXP\system32\tscupgrd.exe 2010-04-26 22:11:40 ----A---- C:\WINXP\system32\termsrv.dll 2010-04-26 22:11:40 ----A---- C:\WINXP\system32\sessmgr.exe 2010-04-26 22:11:40 ----A---- C:\WINXP\system32\remotepg.dll 2010-04-26 22:11:40 ----A---- C:\WINXP\system32\rdshost.exe 2010-04-26 22:11:40 ----A---- C:\WINXP\system32\rdsaddin.exe 2010-04-26 22:11:40 ----A---- C:\WINXP\system32\rdchost.dll 2010-04-26 22:11:40 ----A---- C:\WINXP\system32\mstscax.dll 2010-04-26 22:11:40 ----A---- C:\WINXP\system32\mstsc.exe 2010-04-26 22:11:39 ----D---- C:\WINXP\system32\MsDtc 2010-04-26 22:11:39 ----A---- C:\WINXP\system32\rdpwsx.dll 2010-04-26 22:11:39 ----A---- C:\WINXP\system32\rdpsnd.dll 2010-04-26 22:11:39 ----A---- C:\WINXP\system32\rdpclip.exe 2010-04-26 22:11:39 ----A---- C:\WINXP\system32\qprocess.exe 2010-04-26 22:11:39 ----A---- C:\WINXP\system32\mtxoci.dll 2010-04-26 22:11:39 ----A---- C:\WINXP\system32\msdtcuiu.dll 2010-04-26 22:11:39 ----A---- C:\WINXP\system32\msdtctm.dll 2010-04-26 22:11:39 ----A---- C:\WINXP\system32\msdtcprx.dll 2010-04-26 22:11:39 ----A---- C:\WINXP\system32\icaapi.dll 2010-04-26 22:11:39 ----A---- C:\WINXP\system32\cfgbkend.dll 2010-04-26 22:11:38 ----D---- C:\WINXP\system32\Com 2010-04-26 22:11:38 ----A---- C:\WINXP\system32\xolehlp.dll 2010-04-26 22:11:38 ----A---- C:\WINXP\system32\msdtclog.dll 2010-04-26 22:11:38 ----A---- C:\WINXP\system32\msdtc.exe 2010-04-26 22:11:38 ----A---- C:\WINXP\system32\colbact.dll 2010-04-26 22:11:37 ----A---- C:\WINXP\system32\comsvcs.dll 2010-04-26 22:11:37 ----A---- C:\WINXP\system32\clbcatex.dll 2010-04-26 22:11:37 ----A---- C:\WINXP\system32\catsrvut.dll 2010-04-26 22:11:37 ----A---- C:\WINXP\system32\catsrvps.dll 2010-04-26 22:11:37 ----A---- C:\WINXP\system32\catsrv.dll 2010-04-26 22:11:36 ----A---- C:\WINXP\system32\comuid.dll 2010-04-26 22:11:36 ----A---- C:\WINXP\system32\clbcatq.dll 2010-04-26 22:11:31 ----A---- C:\WINXP\system32\servdeps.dll 2010-04-26 22:11:31 ----A---- C:\WINXP\system32\mmfutil.dll 2010-04-26 22:11:31 ----A---- C:\WINXP\system32\licwmi.dll 2010-04-26 22:11:31 ----A---- C:\WINXP\system32\cmprops.dll ======List of files/folders modified in the last 1 months====== 2010-04-26 23:05:41 ----A---- C:\WINXP\system.ini 2010-04-26 22:16:11 ----A---- C:\WINXP\win.ini ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 AmdK7;AMD K7-Prozessortreiber; C:\WINXP\system32\DRIVERS\amdk7.sys [2007-10-09 41472] R1 ehdrv;ehdrv; C:\WINXP\system32\DRIVERS\ehdrv.sys [2009-05-14 107256] R1 epfwtdir;epfwtdir; C:\WINXP\system32\DRIVERS\epfwtdir.sys [2009-05-14 94360] R2 eamon;eamon; C:\WINXP\system32\DRIVERS\eamon.sys [2009-05-14 114472] R3 ati2mtag;ati2mtag; C:\WINXP\system32\DRIVERS\ati2mtag.sys [2003-09-12 611328] R3 cmuda;C-Media WDM Audio Interface; C:\WINXP\system32\drivers\cmuda.sys [2002-11-01 451599] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINXP\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600] R3 hidusb;Microsoft HID Class-Treiber; C:\WINXP\system32\DRIVERS\hidusb.sys [2001-08-23 9600] R3 mouhid;Maus-HID-Treiber; C:\WINXP\system32\DRIVERS\mouhid.sys [2007-10-09 12288] R3 SISNIC;SiS PCI Fast Ethernet Adapter Driver; C:\WINXP\system32\DRIVERS\sisnic.sys [2002-07-10 32256] R3 usbehci;Miniporttreiber für erweiterten Microsoft USB 2.0-Hostcontroller; C:\WINXP\system32\DRIVERS\usbehci.sys [2004-08-03 26624] R3 usbhub;USB2-aktivierter Hub; C:\WINXP\system32\DRIVERS\usbhub.sys [2004-08-03 57600] R3 usbohci;Miniporttreiber für Microsoft USB Open Host-Controller; C:\WINXP\system32\DRIVERS\usbohci.sys [2004-08-03 17024] S3 as22tuia;as22tuia; C:\WINXP\system32\drivers\as22tuia.sys [] S3 usbccgp;Microsoft Standard-USB-Haupttreiber; C:\WINXP\system32\DRIVERS\usbccgp.sys [2004-08-03 31616] S3 usbprint;Microsoft USB-Druckerklasse; C:\WINXP\system32\DRIVERS\usbprint.sys [2004-08-03 25856] S3 usbscan;USB-Scannertreiber; C:\WINXP\system32\DRIVERS\usbscan.sys [2004-08-03 15104] S3 USBSTOR;USB-Massenspeichertreiber; C:\WINXP\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINXP\system32\DRIVERS\WudfPf.sys [2007-10-09 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINXP\system32\DRIVERS\wudfrd.sys [2007-10-09 82944] S4 IntelIde;IntelIde; C:\WINXP\system32\drivers\IntelIde.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 Apple Mobile Device;Apple Mobile Device; C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-03-19 144672] R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINXP\system32\Ati2evxx.exe [2003-09-12 376832] R2 Bonjour Service;Dienst "Bonjour"; C:\Programme\Bonjour\mDNSResponder.exe [2010-02-12 345376] R2 ekrn;ESET Service; C:\Programme\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-05-14 731840] R2 JavaQuickStarterService;Java Quick Starter; C:\Programme\Java\jre6\bin\jqs.exe [2010-04-26 153376] R2 lxdn_device;lxdn_device; C:\WINXP\system32\lxdncoms.exe [2008-02-27 594600] R3 iPod Service;iPod-Dienst; C:\Programme\iPod\bin\iPodService.exe [2010-03-26 545576] S2 ATI Smart;ATI Smart; C:\WINXP\system32\ati2sgag.exe [2003-09-12 114688] S2 lxdnCATSCustConnectService;lxdnCATSCustConnectService; C:\WINXP\System32\spool\DRIVERS\W32X86\3\\lxdnserv.exe [2008-02-27 98984] S3 aspnet_state;ASP.NET-Zustandsdienst; C:\WINXP\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINXP\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 EhttpSrv;ESET HTTP Server; C:\Programme\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2009-05-14 20680] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINXP\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 idsvc;Windows CardSpace; C:\WINXP\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 WMPNetworkSvc;Windows Media Player-Netzwerkfreigabedienst; C:\Programme\Windows Media Player\WMPNetwk.exe [2006-11-03 920576] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINXP\system32\svchost.exe [2004-08-03 14336] S4 NetTcpPortSharing;Net.Tcp-Portfreigabedienst; C:\WINXP\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF----------------- |
|
23.05.2010, 20:05
| #6 |
| | system infiziert? Diese: C:\WINXP\system32\drivers\as22tuia.sys hier mal checken: http://www.virustotal.com/de/ > Scanne mit GMER und poste das Log: > Mache einen Vollscan mit Malwarebytes und poste das Log. lg.
__________________ --> system infiziert? |
|
23.05.2010, 20:24
| #7 | |
| | system infiziert?Zitat:
die logfiles poste ich gleich. |
|
23.05.2010, 20:55
| #8 |
| | system infiziert? GMER log: Code:
ATTFilter GMER 1.0.15.15281 - hxxp://www.gmer.net
Rootkit scan 2010-05-23 21:51:45
Windows 5.1.2600 Service Pack 2
Running: 4myw1nfg.exe; Driver: C:\DOKUME~1\MILENA\LOKALE~1\Temp\afaiikog.sys
---- System - GMER 1.0.15 ----
SSDT 82282630 ZwAssignProcessToJobObject
SSDT spqr.sys ZwCreateKey [0xF84230E0]
SSDT spqr.sys ZwEnumerateKey [0xF843BDA4]
SSDT spqr.sys ZwEnumerateValueKey [0xF843C132]
SSDT spqr.sys ZwOpenKey [0xF84230C0]
SSDT 82281A60 ZwOpenProcess
SSDT 82281E80 ZwOpenThread
SSDT spqr.sys ZwQueryKey [0xF843C20A]
SSDT spqr.sys ZwQueryValueKey [0xF843C08A]
SSDT spqr.sys ZwSetValueKey [0xF843C29C]
SSDT 82282460 ZwSuspendProcess
SSDT 82282280 ZwSuspendThread
SSDT 82281C90 ZwTerminateProcess
SSDT 822820B0 ZwTerminateThread
INT 0x62 ? 823E0BF8
INT 0x63 ? 81FD7F00
INT 0x82 ? 823E0BF8
INT 0xA4 ? 81FD7F00
INT 0xB4 ? 81FD7F00
---- Kernel code sections - GMER 1.0.15 ----
? spqr.sys Das System kann die angegebene Datei nicht finden. !
.text USBPORT.SYS!DllUnload F7B9F62C 5 Bytes JMP 81FD74E0
.text as22tuia.SYS F7B4E386 35 Bytes [00, 00, 00, 00, 00, 00, 20, ...]
.text as22tuia.SYS F7B4E3AA 24 Bytes [00, 00, 00, 00, 00, 00, 00, ...]
.text as22tuia.SYS F7B4E3C4 3 Bytes [00, 80, 02]
.text as22tuia.SYS F7B4E3C9 1 Byte [30]
.text as22tuia.SYS F7B4E3C9 11 Bytes [30, 00, 00, 00, 5E, 02, 00, ...] {XOR [EAX], AL; ADD [EAX], AL; POP ESI; ADD AL, [EAX]; ADD [EAX], AL; ADD [EAX], AL}
.text ...
---- User code sections - GMER 1.0.15 ----
.text C:\Programme\Mozilla Firefox\firefox.exe[2704] ntdll.dll!LdrLoadDll 7C925CD3 5 Bytes JMP 004013F0 C:\Programme\Mozilla Firefox\firefox.exe (Firefox/Mozilla Corporation)
.text C:\Programme\ESET\ESET NOD32 Antivirus\ekrn.exe[4000] kernel32.dll!SetUnhandledExceptionFilter 7C844915 4 Bytes [C2, 04, 00, 00]
---- Kernel IAT/EAT - GMER 1.0.15 ----
IAT \WINXP\System32\Drivers\SCSIPORT.SYS[ntoskrnl.exe!DbgBreakPoint] 823742D8
IAT pci.sys[ntoskrnl.exe!IoDetachDevice] [F844EDDC] spqr.sys
IAT pci.sys[ntoskrnl.exe!IoAttachDeviceToDeviceStack] [F844EE30] spqr.sys
IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [F8424042] spqr.sys
IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [F842413E] spqr.sys
IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [F84240C0] spqr.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [F8424800] spqr.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [F84246D6] spqr.sys
IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [F8433B90] spqr.sys
IAT \SystemRoot\system32\DRIVERS\USBPORT.SYS[ntoskrnl.exe!DbgBreakPoint] 81FD75E0
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!RtlInitUnicodeString] 00021483
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!swprintf] 01B05E00
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!KeSetEvent] 5DE58B5B
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!IoCreateSymbolicLink] 7E8366C3
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!IoGetConfigurationInformation] 0F740028
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!IoDeleteSymbolicLink] 89320C8D
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!MmFreeMappingAddress] 00022C8B
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!IoFreeErrorLogEntry] 46B70F00
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!IoDisconnectInterrupt] 66D00328
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!MmUnmapIoSpace] 002A7E83
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!ObReferenceObjectByPointer] 0C8D1574
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!IofCompleteRequest] 288B8932
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!RtlCompareUnicodeString] 0F000002
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!IofCallDriver] 832A46B7
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!MmAllocateMappingAddress] E08303C0
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!IoAllocateErrorLogEntry] 66D003FC
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!IoConnectInterrupt] 002C7E83
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!IoDetachDevice] 0C8D1E74
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!KeWaitForSingleObject] 248B8932
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!KeInitializeEvent] 8A000002
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!RtlAnsiStringToUnicodeString] 83880846
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!RtlInitAnsiString] 000001C4
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!IoBuildDeviceIoControlRequest] 2C4EB70F
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!IoQueueWorkItem] 8303C183
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!MmMapIoSpace] D103FCE1
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!IoInvalidateDeviceRelations] 2E7E8366
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!IoReportDetectedDevice] 8D1C7400
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!IoReportResourceForDetection] 83893204
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!RtlxAnsiStringToUnicodeSize] 0000021C
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!NlsMbCodePageTag] 2E4EB70F
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!PoRequestPowerIrp] 02208B89
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!KeInsertByKeyDeviceQueue] B70F0000
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!PoRegisterDeviceForIdleDetection] E0C12E46
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!sprintf] 03D00304
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!MmMapLockedPagesSpecifyCache] 10B389F2
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!ObfDereferenceObject] 80000002
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!IoGetAttachedDeviceReference] 0975013E
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!IoInvalidateDeviceState] 1BD2E853
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!ZwClose] C4830000
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!ObReferenceObjectByHandle] B05E5F04
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!ZwCreateDirectoryObject] E58B5B01
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!IoBuildSynchronousFsdRequest] CCCCC35D
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!PoStartNextPowerIrp] CCCCCCCC
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!PoCallDriver] 53EC8B55
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!IoCreateDevice] 08758B56
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!IoAllocateDriverObjectExtension] 0218BE83
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!RtlQueryRegistryValues] 57000000
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!ZwOpenKey] 45C60674
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!RtlFreeUnicodeString] 1EEB010B
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!IoStartTimer] 0210868B
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!KeInitializeTimer] C0850000
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!IoInitializeTimer] 808A1074
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!KeInitializeDpc] 00000804
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!KeInitializeSpinLock] A03CF024
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!IoInitializeIrp] 0B45950F
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!ZwCreateKey] 45C604EB
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!RtlAppendUnicodeStringToString] 458A000B
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!RtlIntegerToUnicodeString] 88C0840B
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!ZwSetValueKey] 840F0946
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!KeInsertQueueDpc] 000000C1
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!KefAcquireSpinLockAtDpcLevel] 14B30E8B
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!IoStartPacket] 1C8A86C6
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!KefReleaseSpinLockFromDpcLevel] 88010000
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!IoBuildAsynchronousFsdRequest] 001C8D9E
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!IoFreeMdl] A99E8800
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!MmUnlockPages] C600001C
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!IoWriteErrorLogEntry] 001C8E86
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!KeRemoveByKeyDeviceQueue] 86C60100
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!MmMapLockedPagesWithReservedMapping] 00001CAA
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!MmUnmapReservedMapping] 70518B01
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!KeSynchronizeExecution] 8D52006A
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!IoStartNextPacket] 001C9086
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!KeBugCheckEx] E5E85000
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!KeRemoveDeviceQueue] 8B000023
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!KeSetTimer] 70518B0E
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!KeCancelTimer] 8D52016A
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!_allmul] 001CAC86
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!MmProbeAndLockPages] D1E85000
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!_except_handler3] 8B000023
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!PoSetPowerState] 18C4830E
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!IoOpenDeviceRegistryKey] 1C959E88
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!RtlWriteRegistryValue] 9E880000
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!_aulldiv] 00001CB1
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!strstr] 0E798366
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!_strupr] 74AAB000
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!KeQuerySystemTime] 8986C636
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!IoWMIRegistrationControl] 1A00001C
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!KeTickCount] 1C8B86C6
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!IoAttachDeviceToDeviceStack] C6020000
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!IoDeleteDevice] 001C9686
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!ExAllocatePoolWithTag] 86C60200
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!IoAllocateWorkItem] 00001CB2
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!IoAllocateIrp] 9D9E8802
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!IoAllocateMdl] 8800001C
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!MmBuildMdlForNonPagedPool] 001CB99E
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!MmLockPagableDataSection] 9E868800
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!IoGetDriverObjectExtension] 8800001C
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!MmUnlockPagableImageSection] 001CBA86
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!ExFreePoolWithTag] C61AEB00
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!IoFreeIrp] 001C8986
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!IoFreeWorkItem] 86C61200
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!InitSafeBootMode] 00001C8B
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!RtlCompareMemory] 96868801
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!RtlCopyUnicodeString] 8800001C
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!memmove] 001CB286
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[ntoskrnl.exe!MmHighestUserAddress] 88968B00
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[HAL.dll!KfAcquireSpinLock] 0C8D1C46
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[HAL.dll!READ_PORT_UCHAR] B48B8932
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[HAL.dll!KeGetCurrentIrql] 89000001
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[HAL.dll!KfRaiseIrql] 0001C083
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[HAL.dll!KfLowerIrql] 24468B00
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[HAL.dll!HalGetInterruptVector] 89820C8D
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[HAL.dll!HalTranslateBusAddress] D18BF84D
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[HAL.dll!KeStallExecutionProcessor] 860F1639
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[HAL.dll!KfReleaseSpinLock] 000000BD
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[HAL.dll!READ_PORT_BUFFER_USHORT] 020CB389
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[HAL.dll!READ_PORT_USHORT] 83660000
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[HAL.dll!WRITE_PORT_BUFFER_USHORT] 7400067E
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[HAL.dll!WRITE_PORT_UCHAR] 89D60320
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[WMILIB.SYS!WmiSystemControl] 8D168B00
IAT \SystemRoot\System32\Drivers\as22tuia.SYS[WMILIB.SYS!WmiCompleteRequest] F0003284
---- Devices - GMER 1.0.15 ----
Device \FileSystem\Ntfs \Ntfs 823DF1F8
AttachedDevice \FileSystem\Ntfs \Ntfs eamon.sys (Amon monitor/ESET)
Device \Driver\sptd \Device\4227874988 spqr.sys
Device \Driver\usbohci \Device\USBPDO-0 81FCD1F8
Device \Driver\dmio \Device\DmControl\DmIoDaemon 823721F8
Device \Driver\dmio \Device\DmControl\DmConfig 823721F8
Device \Driver\dmio \Device\DmControl\DmPnP 823721F8
Device \Driver\dmio \Device\DmControl\DmInfo 823721F8
Device \Driver\usbohci \Device\USBPDO-1 81FCD1F8
Device \Driver\PCI_PNP2488 \Device\00000039 spqr.sys
Device \Driver\usbehci \Device\USBPDO-2 8218A1F8
AttachedDevice \Driver\Tcpip \Device\Tcp epfwtdir.sys (ESET Antivirus Network Redirector/ESET)
Device \Driver\Ftdisk \Device\HarddiskVolume1 823E11F8
Device \Driver\Cdrom \Device\CdRom0 822311F8
Device \Driver\Cdrom \Device\CdRom1 822311F8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-17 823E01F8
Device \Driver\atapi \Device\Ide\IdePort0 823E01F8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 823E01F8
Device \Driver\atapi \Device\Ide\IdePort1 823E01F8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-f 823E01F8
Device \Driver\Cdrom \Device\CdRom2 822311F8
Device \Driver\NetBT \Device\NetBt_Wins_Export 821361F8
Device \Driver\NetBT \Device\NetbiosSmb 821361F8
Device \Driver\usbohci \Device\USBFDO-0 81FCD1F8
Device \Driver\usbohci \Device\USBFDO-1 81FCD1F8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 821B11F8
Device \Driver\usbehci \Device\USBFDO-2 8218A1F8
Device \FileSystem\MRxSmb \Device\LanmanRedirector 821B11F8
Device \Driver\Ftdisk \Device\FtControl 823E11F8
Device \Driver\NetBT \Device\NetBT_Tcpip_{D20F6B86-A4AE-4242-B9E1-450432B7378F} 821361F8
Device \Driver\as22tuia \Device\Scsi\as22tuia1Port2Path0Target0Lun0 8211F1F8
Device \Driver\as22tuia \Device\Scsi\as22tuia1 8211F1F8
Device \FileSystem\Cdfs \Cdfs 81FCE1F8
---- Threads - GMER 1.0.15 ----
Thread System [4:3876] 82280790
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Programme\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xA9 0x25 0xB5 0x6E ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xBE 0x9C 0xE9 0x14 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xD4 0x2A 0x97 0x2D ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Programme\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x54 0x27 0x31 0x30 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xBE 0x9C 0xE9 0x14 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xD4 0x2A 0x97 0x2D ...
---- EOF - GMER 1.0.15 ----
|
|
23.05.2010, 20:06
| #9 |
| | system infiziert? komisch das antivir und nod32 verschiedene objekte melden. |
|
23.05.2010, 20:09
| #10 | |
| | system infiziert?Zitat:
__________________ Arroganz ist das Selbstbewusstsein des Minderwertigkeitskomplexes. (Jean Rostand) |
|
23.05.2010, 19:07
| #11 | ||
| | system infiziert?Zitat:
Zitat:
|
|
| Themen zu system infiziert? |
| antivir, infiziert, infiziert?, java, objekte, runtergeladen, sorge, sorgen, system, tr/crypt.xpack.ge, troja, trojaner, trojaner?, website, wirklich |
Hybrid-Darstellung
