Thema: [Windows XP-32 bit] Virenentfernung Phase I
Einzelnen Beitrag anzeigen
Alt 09.03.2010, 17:24   #12 (Direktlink)
Sichel
Erfolgreich angemeldet
 
Registriert seit: 08.03.2010
Beiträge: 13
Standard
Logfile of random's system information tool 1.06 (written by random/random)
Run by Owner at 2009-08-12 10:47:40
Microsoft Windows XP Professional Service Pack 3
System drive C: has 6 GB (32%) free of 20 GB
Total RAM: 2047 MB (77% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:48:00 AM, on 8/12/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\taskswitch.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\BitSpirit\BitSpirit.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\Program Files\UPHClean\uphclean.exe
C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Owner\Desktop\RSIT.exe
C:\Program Files\trend micro\Owner.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN, Messenger und Hotmail sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN, Messenger und Hotmail sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [CBitSpirit] "C:\Program Files\BitSpirit\BitSpirit.exe" /start /nosplash
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O8 - Extra context menu item: Download Using &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O13 - Gopher Prefix:
O17 - HKLM\System\CCS\Services\Tcpip\..\{4C4A9644-9DFD-414E-A050-51E9048A5EF6}: NameServer = 193.231.252.1 213.154.124.1
O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe

--
End of file - 6950 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1614895754-329068152-1177238915-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1614895754-329068152-1177238915-1003UA.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{CA2ED0E5-9037-47CE-AD63-47D756A08AE5}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-25 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-07-25 73728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2008-04-14 208952]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2008-04-14 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2008-04-14 455168]
"CoolSwitch"=C:\WINDOWS\system32\taskswitch.exe [2002-03-20 45632]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-05-01 86016]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-05-01 13750272]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-11-22 16858112]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"CBitSpirit"=C:\Program Files\BitSpirit\BitSpirit.exe [2009-06-11 3541504]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-25 149280]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2009-05-14 2029640]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2009-04-23 691656]
"Google Update"=C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-08-10 133104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-24 3584]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectD elayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2009-06-14 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"ForceClassicControlPanel"=
"MaxRecentDocs"=
"NoSMConfigurePrograms"=
"NoDriveTypeAutoRun"=
"NoRecentDocsNetHood"=
"MemCheckBoxInRunDlg"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\fir ewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2r es.dll,-22019"
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\Program Files\BitSpirit\BitSpirit.exe"="C:\Program Files\BitSpirit\BitSpirit.exe:*:Enabled:The powerful and easy-to-use BitTorrent Client"
"D:\GAMES\World of Warcraft\Launcher.exe"="D:\GAMES\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher"
"D:\GAMES\Gears of War\Binaries\WarGame-G4WLive.exe"="D:\GAMES\Gears of War\Binaries\WarGame-G4WLive.exe:*:Enabled:Gears of War"
"D:\Programs And Misc\[PC] Alien Shooter - Vengeance [RIP] [dopeman]\AS-V\AlienShooter.exe"="D:\Programs And Misc\[PC] Alien Shooter - Vengeance [RIP] [dopeman]\AS-V\AlienShooter.exe:*:Enabled:AlienShooter Application"
"D:\GAMES\Test Drive Unlimited\TestDriveUnlimited.exe"="D:\GAMES\Test Drive Unlimited\TestDriveUnlimited.exe:*:Enabled:Test Drive Unlimited"
"D:\GAMES\Burnout(TM) Paradise The Ultimate Box\BurnoutLauncher.exe"="D:\GAMES\Burnout(TM) Paradise The Ultimate Box\BurnoutLauncher.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box"
"D:\GAMES\Burnout(TM) Paradise The Ultimate Box\BurnoutConfigTool.exe"="D:\GAMES\Burnout(TM) Paradise The Ultimate Box\BurnoutConfigTool.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box"
"D:\GAMES\Burnout(TM) Paradise The Ultimate Box\BurnoutParadise.exe"="D:\GAMES\Burnout(TM) Paradise The Ultimate Box\BurnoutParadise.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\fir ewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2r es.dll,-22019"

======List of files/folders created in the last 1 months======

2009-08-12 10:47:41 ----D---- C:\Program Files\trend micro
2009-08-12 10:47:40 ----D---- C:\rsit
2009-08-11 17:44:29 ----D---- C:\Program Files\Zone Labs
2009-08-11 17:41:24 ----D---- C:\WINDOWS\Internet Logs
2009-08-11 12:50:31 ----D---- C:\Program Files\ESET
2009-08-10 23:20:12 ----D---- C:\Documents and Settings\Owner\Application Data\Auslogics
2009-08-10 23:20:09 ----D---- C:\Program Files\Auslogics
2009-08-10 18:12:05 ----A---- C:\WINDOWS\NeroDigital.ini
2009-08-10 18:01:36 ----N---- C:\WINDOWS\UNNMP.exe
2009-08-10 18:00:33 ----A---- C:\WINDOWS\system32\NeroCheck.exe
2009-08-10 18:00:03 ----N---- C:\WINDOWS\UNNeroVision.exe
2009-08-10 18:00:03 ----N---- C:\WINDOWS\system32\msxml3a.dll
2009-08-10 17:59:52 ----D---- C:\Documents and Settings\All Users\Application Data\Ahead
2009-08-10 17:59:51 ----N---- C:\WINDOWS\system32\TwnLib4.dll
2009-08-10 17:59:51 ----N---- C:\WINDOWS\system32\picn20.dll
2009-08-10 17:59:51 ----N---- C:\WINDOWS\system32\ImagXRA7.dll
2009-08-10 17:59:51 ----N---- C:\WINDOWS\system32\ImagXR7.dll
2009-08-10 17:59:51 ----N---- C:\WINDOWS\system32\ImagXpr7.dll
2009-08-10 17:59:51 ----N---- C:\WINDOWS\system32\ImagX7.dll
2009-08-10 17:59:51 ----D---- C:\Program Files\Common Files\Ahead
2009-08-10 17:59:51 ----A---- C:\WINDOWS\system32\TwnLib20.dll
2009-08-10 17:59:47 ----D---- C:\Program Files\Ahead
2009-08-09 18:37:46 ----D---- C:\WINDOWS\Minidump
2009-08-09 16:39:22 ----D---- C:\Documents and Settings\All Users\Application Data\Electronic Arts
2009-08-08 17:57:24 ----D---- C:\Documents and Settings\All Users\Application Data\Test Drive Unlimited
2009-08-08 17:54:16 ----RHD---- C:\Documents and Settings\Owner\Application Data\SecuROM
2009-08-08 17:54:16 ----A---- C:\WINDOWS\system32\CmdLineExt.dll
2009-08-05 13:40:23 ----D---- C:\Program Files\Common Files\Macrovision Shared
2009-08-05 13:26:32 ----D---- C:\WINDOWS\system32\syncdb
2009-08-05 12:08:44 ----A---- C:\WINDOWS\system32\javaws.exe
2009-08-05 12:08:44 ----A---- C:\WINDOWS\system32\javaw.exe
2009-08-05 12:08:44 ----A---- C:\WINDOWS\system32\java.exe
2009-07-29 12:30:19 ----D---- C:\Program Files\Common Files\INCA Shared
2009-07-29 10:06:43 ----D---- C:\Documents and Settings\Owner\Application Data\GetRightToGo
2009-07-26 13:09:54 ----D---- C:\Documents and Settings\Owner\Application Data\BoneTown
2009-07-24 17:09:25 ----D---- C:\Documents and Settings\Owner\Application Data\Publish Providers
2009-07-24 17:09:13 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2009-07-24 17:09:10 ----D---- C:\Documents and Settings\Owner\Application Data\Sony
2009-07-23 00:09:01 ----D---- C:\Documents and Settings\All Users\Application Data\espionServerData
2009-07-21 22:11:15 ----D---- C:\Program Files\Microsoft WSE
2009-07-18 22:02:21 ----D---- C:\Program Files\SIGTrader
2009-07-16 00:25:56 ----A---- C:\WINDOWS\system32\CmdLineExt03.dll
2009-07-16 00:15:15 ----AT---- C:\WINDOWS\system32\SIntfNT.dll
2009-07-16 00:15:15 ----AT---- C:\WINDOWS\system32\SIntf32.dll
2009-07-16 00:15:15 ----AT---- C:\WINDOWS\system32\SIntf16.dll

======List of files/folders modified in the last 1 months======

2009-08-12 10:47:45 ----D---- C:\WINDOWS\Prefetch
2009-08-12 10:47:41 ----RD---- C:\Program Files
2009-08-12 10:47:41 ----D---- C:\WINDOWS\Temp
2009-08-12 05:40:00 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-08-12 04:53:48 ----D---- C:\WINDOWS\system32\drivers
2009-08-11 17:58:04 ----D---- C:\WINDOWS\system32
2009-08-11 17:41:45 ----SHD---- C:\WINDOWS\Installer
2009-08-11 17:41:24 ----D---- C:\WINDOWS
2009-08-11 17:13:04 ----RSH---- C:\boot.ini
2009-08-11 17:13:04 ----A---- C:\WINDOWS\win.ini
2009-08-11 17:13:04 ----A---- C:\WINDOWS\system.ini
2009-08-11 15:06:06 ----D---- C:\WINDOWS\system32\CatRoot2
2009-08-11 14:20:30 ----D---- C:\WINDOWS\WinSxS
2009-08-11 14:20:08 ----RSD---- C:\WINDOWS\assembly
2009-08-11 13:23:45 ----D---- C:\Program Files\BitSpirit
2009-08-11 12:59:47 ----SD---- C:\Documents and Settings\Owner\Application Data\Microsoft
2009-08-11 12:50:50 ----HD---- C:\WINDOWS\inf
2009-08-10 23:13:56 ----SD---- C:\WINDOWS\Tasks
2009-08-10 17:59:51 ----D---- C:\Program Files\Common Files
2009-08-09 16:50:51 ----D---- C:\WINDOWS\system32\DirectX
2009-08-09 16:40:47 ----D---- C:\Documents and Settings\Owner\Application Data\Adobe
2009-08-09 16:30:28 ----D---- C:\Program Files\Common Files\InstallShield
2009-08-09 16:29:57 ----HD---- C:\Program Files\InstallShield Installation Information
2009-08-05 13:38:31 ----D---- C:\Program Files\Common Files\Adobe
2009-08-05 13:38:31 ----D---- C:\Program Files\Adobe
2009-08-05 12:08:43 ----D---- C:\Program Files\Java
2009-08-04 19:55:50 ----D---- C:\Program Files\Internet Explorer
2009-08-03 15:02:41 ----D---- C:\Documents and Settings\Owner\Application Data\MxBoost
2009-08-01 22:57:55 ----A---- C:\WINDOWS\Trust32.ini
2009-08-01 22:57:55 ----A---- C:\WINDOWS\Ausba2.INI
2009-07-25 05:23:00 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-07-24 17:13:36 ----A---- C:\WINDOWS\BadPixelInfo3.txt

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK8;AMD Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 36864]
R1 ASPI32;ASPI32; C:\WINDOWS\system32\drivers\ASPI32.sys [1999-09-10 25244]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2009-05-14 107256]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2009-05-14 94360]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2009-03-15 56268]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2009-05-14 114472]
R2 irda;IrDA Protocol; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-14 88192]
R2 rspndr;Link-Layer Topology Discovery Responder; C:\WINDOWS\system32\DRIVERS\rspndr.sys [2009-06-14 62848]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-11-27 4630016]
R3 irsir;Microsoft Serial Infrared Driver; C:\WINDOWS\system32\DRIVERS\irsir.sys [2001-08-17 18688]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-05-01 8055584]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-07-11 57856]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-07-11 20480]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2009-06-14 30336]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2009-06-14 17152]
S1 as6eio;as6eio; C:\WINDOWS\System32\drivers\as6eio.sys []
S2 GT680x;Trust Flat Scan USB 19200; C:\WINDOWS\System32\Drivers\Tr11691g.SYS [2000-11-17 17168]
S3 a6b8w6pl;a6b8w6pl; C:\WINDOWS\system32\drivers\a6b8w6pl.sys []
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-06-14 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-06-14 82944]
S4 exFat;exFat; C:\WINDOWS\system32\drivers\exFat.sys [2009-06-14 133632]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7; C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [2008-09-16 169312]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-05-14 731840]
R2 Irmon;Infrared Monitor; C:\WINDOWS\system32\svchost.exe [2009-06-14 14848]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-07-25 153376]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-05-01 168004]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service; C:\WINDOWS\System32\TUProgSt.exe [2009-06-30 603904]
R2 UPHClean;User Profile Hive Cleanup; C:\Program Files\UPHClean\uphclean.exe [2005-04-27 241725]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2009-06-14 14848]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2009-05-14 20680]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-08-05 651720]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-30 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-30 881664]
S3 npggsvc;nProtect GameGuard Service; C:\WINDOWS\system32\GameMon.des [2009-06-29 3110016]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2009-06-30 362240]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2009-06-14 913408]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2009-06-14 14848]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-30 132096]

-----------------EOF-----------------
Sichel ist offline   Mit Zitat antworten