IE öffnet sich von selbst trotz Deinstallation

Rohal · 12.07.2009, 16:56

Hallo, ich hoffe daß ihr mir helfen könnt, bin mit meinem Latein am Ende...

Der Internet Explorer öffnet ständig Werbepopups, auch deinstallieren hat nix genützt...

Malwarebytes' Anti-Malware 1.38
Datenbank Version: 2411
Windows 5.1.2600 Service Pack 3

12.07.2009 17:04:42
mbam-log-2009-07-12 (17-04-42).txt

Scan-Methode: Vollständiger Scan (C:\|D:\|F:\|)
Durchsuchte Objekte: 288243
Laufzeit: 2 hour(s), 38 minute(s), 17 second(s)

Infizierte Speicherprozesse: 1
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 8
Infizierte Registrierungswerte: 9
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 9

Infizierte Speicherprozesse:
C:\WINXP\msa.exe (Trojan.Agent) -> Unloaded process successfully.

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_CLASSES_ROOT\xml.xml (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\xml.xml.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{500bca15-57a7-4eaf-8143-8c619470b13d} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{40196867-19f8-7157-c097-ecaff653c9ad} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{500bca15-57a7-4eaf-8143-8c619470b13d} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Cognac (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\ColdWare (Malware.Trace) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\coldware (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\BuildW (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\FirstInstallFlag (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\mso (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\udso (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\uid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\Ulrn (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\Update (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\UpdateNew (Malware.Trace) -> Quarantined and deleted successfully.

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
C:\WINXP\msa.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5ff3694b-eabf-4d46-ba27-e0f89d957eab}\RP14\A0001958.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5ff3694b-eabf-4d46-ba27-e0f89d957eab}\RP14\A0001960.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5ff3694b-eabf-4d46-ba27-e0f89d957eab}\RP16\A0002305.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5ff3694b-eabf-4d46-ba27-e0f89d957eab}\RP16\A0002307.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\WINXP\system32\comsa32.sys (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINXP\system32\FInstall.sys (Backdoor.Bot) -> Quarantined and deleted successfully.
c:\WINXP\Tasks\{5B57CF47-0BFA-43c6-ACF9-3B3653DCADBA}.job (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINXP\Tasks\{783AF354-B514-42d6-970E-3E8BF0A5279C}.job (Trojan.Downloader) -> Quarantined and deleted successfully.

Rohal · 12.07.2009, 16:59

Logfile of random's system information tool 1.06 (written by random/random)
Run by Rohal at 2009-07-12 17:48:51
Microsoft Windows XP Professional Service Pack 3
System drive C: has 9 GB (24%) free of 38 GB
Total RAM: 1535 MB (66% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:48:56, on 12.07.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINXP\System32\smss.exe
C:\WINXP\system32\winlogon.exe
C:\WINXP\system32\services.exe
C:\WINXP\system32\lsass.exe
C:\WINXP\system32\svchost.exe
C:\WINXP\System32\svchost.exe
C:\WINXP\system32\spoolsv.exe
C:\WINXP\Explorer.EXE
C:\WINXP\system32\RUNDLL32.EXE
C:\WINXP\system32\CTHELPER.EXE
C:\WINXP\system32\ctfmon.exe
C:\Programme\Messenger\msmsgs.exe
C:\WINXP\system32\nvsvc32.exe
C:\WINXP\system32\wuauclt.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\Programme\Outlook Express\msimn.exe
C:\Programme\Malwarebytes' Anti-Malware\mbam.exe
C:\WINXP\system32\NOTEPAD.EXE
D:\Downloads\RSIT.exe
C:\Programme\Trend Micro\HijackThis\Rohal.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINXP\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINXP\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [AVP] "C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINXP\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINXP\system32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINXP\system32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINXP\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINXP\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
O9 - Extra button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINXP\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINXP\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{896662D4-8BDA-4E25-929F-235C68CE6B7D}: NameServer = 213.191.92.87 62.109.123.6
O20 - AppInit_DLLs: c:\progra~1\kasper~1\kasper~1\mzvkbd.dll,c:\progra~1\kasper~1\kasper~1\mzvkbd3.dll,c:\progra~1\kasper~1\kasper~1\kloehk.dll
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINXP\system32\nvsvc32.exe

--
End of file - 4836 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
IEVkbdBHO Class - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll [2009-05-25 68112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]
FilterBHO Class - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll [2009-05-25 264720]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINXP\system32\NvCpl.dll [2008-10-07 13574144]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINXP\system32\NvMcTray.dll [2008-10-07 86016]
"CTHelper"=C:\WINXP\system32\CTHELPER.EXE [2008-06-27 19456]
"AVP"=C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [2009-05-25 303376]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINXP\system32\ctfmon.exe [2008-04-14 15360]
"MSMSGS"=C:\Programme\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="c:\progra~1\kasper~1\kasper~1\mzvkbd.dll,c:\progra~1\kasper~1\kasper~1\mzvkbd3.dll,c:\progra~1\kasper~1\kasper~1\kloehk.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
C:\WINXP\system32\klogon.dll [2009-05-25 219664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINXP\system32\WgaLogon.dll [2008-08-27 3584]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINXP\system32\wpdshserviceobj.dll [2008-07-08 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Programme\uTorrent\uTorrent.exe"="C:\Programme\uTorrent\uTorrent.exe:*:Enabled:µTorrent"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

Rohal · 12.07.2009, 17:01

======List of files/folders created in the last 1 months======

2009-07-12 17:48:51 ----D---- C:\rsit
2009-07-12 17:13:42 ----A---- C:\WINXP\{00000001-00000000-00000007-00001102-00000004-00511102}.BAK
2009-07-12 11:35:37 ----D---- C:\Dokumente und Einstellungen\Rohal.ROHE-141271FFF1\Anwendungsdaten\Malwarebytes
2009-07-12 11:35:23 ----D---- C:\Dokumente und Einstellungen\All Users.WINXP\Anwendungsdaten\Malwarebytes
2009-07-12 11:35:15 ----D---- C:\Programme\Malwarebytes' Anti-Malware
2009-07-12 11:28:04 ----D---- C:\Programme\CCleaner
2009-07-12 11:20:07 ----D---- C:\Programme\Trend Micro
2009-07-11 10:53:12 ----D---- C:\Programme\Kaspersky Lab
2009-07-11 10:53:12 ----D---- C:\Dokumente und Einstellungen\All Users.WINXP\Anwendungsdaten\Kaspersky Lab
2009-07-11 10:50:34 ----D---- C:\Dokumente und Einstellungen\All Users.WINXP\Anwendungsdaten\Kaspersky Lab Setup Files
2009-07-08 20:58:56 ----D---- C:\Dokumente und Einstellungen\Rohal.ROHE-141271FFF1\Anwendungsdaten\Ubisoft
2009-07-07 21:27:47 ----D---- C:\Dokumente und Einstellungen\All Users.WINXP\Anwendungsdaten\Tages
2009-07-07 21:24:38 ----A---- C:\WINXP\system32\D3DX9_41.dll
2009-07-07 21:24:38 ----A---- C:\WINXP\system32\d3dx10_41.dll
2009-07-07 21:24:38 ----A---- C:\WINXP\system32\D3DCompiler_41.dll
2009-07-07 21:24:37 ----A---- C:\WINXP\system32\XAudio2_4.dll
2009-07-07 21:24:37 ----A---- C:\WINXP\system32\XAPOFX1_3.dll
2009-07-07 21:24:37 ----A---- C:\WINXP\system32\xactengine3_4.dll
2009-07-07 21:24:36 ----A---- C:\WINXP\system32\X3DAudio1_6.dll
2009-07-07 21:24:36 ----A---- C:\WINXP\system32\d3dx10_40.dll
2009-07-07 21:24:36 ----A---- C:\WINXP\system32\D3DCompiler_40.dll
2009-07-07 21:24:35 ----A---- C:\WINXP\system32\XAudio2_3.dll
2009-07-07 21:24:35 ----A---- C:\WINXP\system32\XAPOFX1_2.dll
2009-07-07 21:24:35 ----A---- C:\WINXP\system32\D3DX9_40.dll
2009-07-07 21:24:34 ----A---- C:\WINXP\system32\XAudio2_2.dll
2009-07-07 21:24:34 ----A---- C:\WINXP\system32\XAPOFX1_1.dll
2009-07-07 21:24:34 ----A---- C:\WINXP\system32\xactengine3_3.dll
2009-07-07 21:24:34 ----A---- C:\WINXP\system32\X3DAudio1_5.dll
2009-07-07 21:24:33 ----A---- C:\WINXP\system32\xactengine3_2.dll
2009-07-07 21:24:33 ----A---- C:\WINXP\system32\d3dx10_39.dll
2009-07-07 21:24:33 ----A---- C:\WINXP\system32\D3DCompiler_39.dll
2009-07-07 21:24:32 ----A---- C:\WINXP\system32\XAudio2_1.dll
2009-07-07 21:24:32 ----A---- C:\WINXP\system32\XAPOFX1_0.dll
2009-07-07 21:24:32 ----A---- C:\WINXP\system32\D3DX9_39.dll
2009-07-07 21:24:31 ----A---- C:\WINXP\system32\xactengine3_1.dll
2009-07-07 21:24:31 ----A---- C:\WINXP\system32\X3DAudio1_4.dll
2009-07-07 21:24:30 ----A---- C:\WINXP\system32\D3DX9_38.dll
2009-07-07 21:24:30 ----A---- C:\WINXP\system32\d3dx10_38.dll
2009-07-07 21:24:30 ----A---- C:\WINXP\system32\D3DCompiler_38.dll
2009-07-05 11:55:19 ----D---- C:\Programme\uTorrent
2009-07-05 11:54:52 ----D---- C:\Dokumente und Einstellungen\Rohal.ROHE-141271FFF1\Anwendungsdaten\uTorrent
2009-07-04 20:14:39 ----D---- C:\Dokumente und Einstellungen\Rohal.ROHE-141271FFF1\Anwendungsdaten\Skunk Studios
2009-07-04 20:12:45 ----D---- C:\Programme\DEUTSCHLAND SPIELT
2009-07-04 13:13:24 ----A---- C:\WINXP\system32\nvuide.exe
2009-07-04 13:13:06 ----A---- C:\WINXP\system32\nvusmb.exe
2009-07-04 13:13:04 ----A---- C:\WINXP\system32\nvumctl.exe
2009-07-04 13:12:52 ----A---- C:\WINXP\system32\nvugart.exe
2009-07-04 13:05:44 ----D---- C:\Programme\PC Drivers HeadQuarters
2009-07-04 13:05:44 ----D---- C:\Dokumente und Einstellungen\All Users.WINXP\Anwendungsdaten\PC Drivers HeadQuarters
2009-07-04 12:47:49 ----D---- C:\Dokumente und Einstellungen\All Users.WINXP\Anwendungsdaten\Adobe
2009-07-04 07:43:01 ----A---- C:\WINXP\system32\XAudio2_0.dll
2009-07-04 07:43:00 ----A---- C:\WINXP\system32\xactengine3_0.dll
2009-07-04 07:42:59 ----A---- C:\WINXP\system32\X3DAudio1_3.dll
2009-07-04 07:42:58 ----A---- C:\WINXP\system32\D3DX9_37.dll
2009-07-04 07:42:58 ----A---- C:\WINXP\system32\d3dx10_37.dll
2009-07-04 07:42:58 ----A---- C:\WINXP\system32\D3DCompiler_37.dll
2009-07-04 07:42:57 ----A---- C:\WINXP\system32\xactengine2_10.dll
2009-07-04 07:42:55 ----A---- C:\WINXP\system32\d3dx9_36.dll
2009-07-04 07:42:55 ----A---- C:\WINXP\system32\d3dx10_36.dll
2009-07-04 07:42:55 ----A---- C:\WINXP\system32\D3DCompiler_36.dll
2009-07-04 07:42:53 ----A---- C:\WINXP\system32\xactengine2_9.dll
2009-07-04 07:42:52 ----A---- C:\WINXP\system32\d3dx10_35.dll
2009-07-04 07:42:52 ----A---- C:\WINXP\system32\D3DCompiler_35.dll
2009-07-04 07:42:51 ----A---- C:\WINXP\system32\xactengine2_8.dll
2009-07-04 07:42:51 ----A---- C:\WINXP\system32\X3DAudio1_2.dll
2009-07-04 07:42:51 ----A---- C:\WINXP\system32\d3dx9_35.dll
2009-07-04 07:42:50 ----A---- C:\WINXP\system32\d3dx10_34.dll
2009-07-04 07:42:50 ----A---- C:\WINXP\system32\D3DCompiler_34.dll
2009-07-04 07:42:49 ----A---- C:\WINXP\system32\xinput1_3.dll
2009-07-04 07:42:49 ----A---- C:\WINXP\system32\d3dx9_34.dll
2009-07-04 07:42:47 ----A---- C:\WINXP\system32\xactengine2_7.dll
2009-07-04 07:42:42 ----A---- C:\WINXP\system32\d3dx10_33.dll
2009-07-04 07:42:42 ----A---- C:\WINXP\system32\D3DCompiler_33.dll
2009-07-04 07:42:39 ----A---- C:\WINXP\system32\d3dx9_33.dll
2009-07-04 07:42:38 ----A---- C:\WINXP\system32\xactengine2_6.dll
2009-07-04 07:42:37 ----A---- C:\WINXP\system32\xactengine2_5.dll
2009-07-04 07:42:36 ----A---- C:\WINXP\system32\d3dx9_32.dll
2009-07-04 07:42:35 ----A---- C:\WINXP\system32\xactengine2_4.dll
2009-07-04 07:42:35 ----A---- C:\WINXP\system32\x3daudio1_1.dll
2009-07-04 07:42:34 ----A---- C:\WINXP\system32\xinput1_2.dll
2009-07-04 07:42:34 ----A---- C:\WINXP\system32\xactengine2_3.dll
2009-07-04 07:42:33 ----A---- C:\WINXP\system32\xinput1_1.dll
2009-07-04 07:42:33 ----A---- C:\WINXP\system32\xactengine2_2.dll
2009-07-04 07:42:32 ----A---- C:\WINXP\system32\xactengine2_1.dll
2009-07-04 07:42:02 ----A---- C:\WINXP\system32\d3dx9_30.dll
2009-07-04 07:42:00 ----A---- C:\WINXP\system32\xactengine2_0.dll
2009-07-04 07:42:00 ----A---- C:\WINXP\system32\x3daudio1_0.dll
2009-07-04 07:41:59 ----A---- C:\WINXP\system32\d3dx9_29.dll
2009-07-04 07:41:58 ----A---- C:\WINXP\system32\d3dx9_28.dll
2009-07-04 07:41:57 ----A---- C:\WINXP\system32\xinput9_1_0.dll
2009-07-04 07:41:57 ----A---- C:\WINXP\system32\d3dx9_27.dll
2009-07-04 07:41:56 ----A---- C:\WINXP\system32\d3dx9_26.dll
2009-07-04 07:41:56 ----A---- C:\WINXP\system32\d3dx9_25.dll
2009-07-04 07:41:54 ----A---- C:\WINXP\system32\d3dx9_24.dll
2009-07-04 07:35:21 ----D---- C:\Dokumente und Einstellungen\All Users.WINXP\Anwendungsdaten\DAEMON Tools Lite
2009-07-04 07:35:03 ----D---- C:\Programme\DAEMON Tools Toolbar
2009-07-04 07:32:10 ----D---- C:\Dokumente und Einstellungen\Rohal.ROHE-141271FFF1\Anwendungsdaten\DAEMON Tools Lite
2009-07-03 17:36:04 ----D---- C:\Dokumente und Einstellungen\All Users.WINXP\Anwendungsdaten\DAEMON Tools Pro
2009-07-03 17:33:20 ----D---- C:\Dokumente und Einstellungen\Rohal.ROHE-141271FFF1\Anwendungsdaten\DAEMON Tools Pro
2009-07-03 16:40:10 ----D---- C:\Dokumente und Einstellungen\Rohal.ROHE-141271FFF1\Anwendungsdaten\Macromedia
2009-07-03 16:40:09 ----D---- C:\Dokumente und Einstellungen\Rohal.ROHE-141271FFF1\Anwendungsdaten\Adobe
2009-07-02 22:04:11 ----A---- C:\WINXP\system32\xvidcore.dll
2009-07-02 22:04:10 ----A---- C:\WINXP\system32\xvidvfw.dll
2009-07-02 20:55:29 ----D---- C:\Dokumente und Einstellungen\Rohal.ROHE-141271FFF1\Anwendungsdaten\WinRAR
2009-07-02 20:45:04 ----RA---- C:\WINXP\system32\vp6vfw.dll
2009-07-02 20:40:18 ----A---- C:\WINXP\system32\d3dx9_31.dll
2009-07-02 19:36:54 ----D---- C:\Dokumente und Einstellungen\Rohal.ROHE-141271FFF1\Anwendungsdaten\Mozilla
2009-07-02 19:11:03 ----D---- C:\Dokumente und Einstellungen\Rohal.ROHE-141271FFF1\Anwendungsdaten\Creative
2009-07-02 19:11:03 ----A---- C:\WINXP\system32\wrap_oal.dll
2009-07-02 19:11:03 ----A---- C:\WINXP\system32\OpenAL32.dll
2009-07-02 19:10:30 ----A---- C:\WINXP\system32\ksuser.dll
2009-07-02 19:10:09 ----A---- C:\WINXP\system32\h323log.txt
2009-07-02 19:08:11 ----A---- C:\WINXP\system32\hidserv.dll
2009-07-02 19:06:35 ----A---- C:\WINXP\system32\usbui.dll
2009-07-02 18:58:16 ----A---- C:\WINXP\system32\nvudisp.exe
2009-07-02 18:57:44 ----A---- C:\WINXP\system32\NVUNINST.EXE
2009-07-02 18:57:14 ----A---- C:\WINXP\system32\PerfStringBackup.INI
2009-07-02 18:57:12 ----A---- C:\WINXP\ODBCINST.INI
2009-07-02 18:56:56 ----RA---- C:\WINXP\system32\kbdazel.dll
2009-07-02 18:56:55 ----RA---- C:\WINXP\system32\kbdtuq.dll
2009-07-02 18:56:55 ----RA---- C:\WINXP\system32\kbdtuf.dll
2009-07-02 18:56:54 ----RA---- C:\WINXP\system32\kbdycc.dll
2009-07-02 18:56:54 ----RA---- C:\WINXP\system32\kbduzb.dll
2009-07-02 18:56:54 ----RA---- C:\WINXP\system32\kbdur.dll
2009-07-02 18:56:54 ----RA---- C:\WINXP\system32\kbdtat.dll
2009-07-02 18:56:54 ----RA---- C:\WINXP\system32\kbdru1.dll
2009-07-02 18:56:54 ----RA---- C:\WINXP\system32\kbdru.dll
2009-07-02 18:56:54 ----RA---- C:\WINXP\system32\kbdmon.dll
2009-07-02 18:56:54 ----RA---- C:\WINXP\system32\kbdkyr.dll
2009-07-02 18:56:54 ----RA---- C:\WINXP\system32\kbdkaz.dll
2009-07-02 18:56:54 ----RA---- C:\WINXP\system32\kbdbu.dll
2009-07-02 18:56:54 ----RA---- C:\WINXP\system32\kbdblr.dll
2009-07-02 18:56:54 ----RA---- C:\WINXP\system32\kbdaze.dll
2009-07-02 18:56:52 ----RA---- C:\WINXP\system32\kbdhept.dll
2009-07-02 18:56:52 ----RA---- C:\WINXP\system32\kbdhela3.dll
2009-07-02 18:56:52 ----RA---- C:\WINXP\system32\kbdhela2.dll
2009-07-02 18:56:52 ----RA---- C:\WINXP\system32\kbdhe319.dll
2009-07-02 18:56:52 ----RA---- C:\WINXP\system32\kbdhe220.dll
2009-07-02 18:56:52 ----RA---- C:\WINXP\system32\kbdhe.dll
2009-07-02 18:56:52 ----RA---- C:\WINXP\system32\kbdgkl.dll
2009-07-02 18:56:51 ----RA---- C:\WINXP\system32\kbdlv1.dll
2009-07-02 18:56:51 ----RA---- C:\WINXP\system32\kbdlv.dll
2009-07-02 18:56:51 ----RA---- C:\WINXP\system32\kbdlt1.dll
2009-07-02 18:56:51 ----RA---- C:\WINXP\system32\kbdlt.dll
2009-07-02 18:56:51 ----RA---- C:\WINXP\system32\kbdest.dll
2009-07-02 18:56:50 ----RA---- C:\WINXP\system32\kbdycl.dll
2009-07-02 18:56:50 ----RA---- C:\WINXP\system32\kbdsl1.dll
2009-07-02 18:56:50 ----RA---- C:\WINXP\system32\kbdsl.dll
2009-07-02 18:56:50 ----RA---- C:\WINXP\system32\kbdro.dll
2009-07-02 18:56:50 ----RA---- C:\WINXP\system32\kbdpl1.dll
2009-07-02 18:56:50 ----RA---- C:\WINXP\system32\kbdpl.dll
2009-07-02 18:56:50 ----RA---- C:\WINXP\system32\kbdhu1.dll
2009-07-02 18:56:50 ----RA---- C:\WINXP\system32\kbdhu.dll
2009-07-02 18:56:50 ----RA---- C:\WINXP\system32\kbdcz2.dll
2009-07-02 18:56:50 ----RA---- C:\WINXP\system32\kbdcz1.dll
2009-07-02 18:56:50 ----RA---- C:\WINXP\system32\kbdcz.dll
2009-07-02 18:56:50 ----RA---- C:\WINXP\system32\kbdcr.dll
2009-07-02 18:56:50 ----RA---- C:\WINXP\system32\KBDAL.DLL
2009-07-02 18:56:44 ----A---- C:\WINXP\system32\spxcoins.dll
2009-07-02 18:56:44 ----A---- C:\WINXP\system32\irclass.dll
2009-07-02 18:56:44 ----A---- C:\WINXP\system32\EqnClass.Dll
2009-07-02 18:56:44 ----A---- C:\WINXP\system32\dgsetup.dll
2009-07-02 18:56:44 ----A---- C:\WINXP\system32\dgrpsetu.dll
2009-07-02 18:56:42 ----N---- C:\WINXP\system32\CONFIG.TMP
2009-07-02 18:56:42 ----A---- C:\WINXP\TASKMAN.EXE
2009-07-02 18:56:42 ----A---- C:\WINXP\system32\batt.dll
2009-07-02 18:56:41 ----A---- C:\WINXP\NOTEPAD.EXE
2009-07-02 18:56:37 ----A---- C:\WINXP\system32\storprop.dll
2009-07-02 18:56:25 ----ASH---- C:\Dokumente und Einstellungen\All Users.WINXP\Anwendungsdaten\desktop.ini
2009-07-02 18:54:45 ----RA---- C:\WINXP\SET8.tmp
2009-07-02 18:54:41 ----RA---- C:\WINXP\SET4.tmp
2009-07-02 18:54:39 ----RA---- C:\WINXP\SET3.tmp
2009-07-02 18:54:27 ----SD---- C:\Dokumente und Einstellungen\All Users.WINXP\Anwendungsdaten\Microsoft
2009-07-02 18:53:50 ----A---- C:\WINXP\WINCMD.INI
2009-07-02 18:51:08 ----D---- C:\Dokumente und Einstellungen\Rohal.ROHE-141271FFF1\Anwendungsdaten\Identities
2009-07-02 18:50:59 ----ASH---- C:\Dokumente und Einstellungen\Rohal.ROHE-141271FFF1\Anwendungsdaten\desktop.ini
2009-07-02 18:50:58 ----SD---- C:\Dokumente und Einstellungen\Rohal.ROHE-141271FFF1\Anwendungsdaten\Microsoft
2009-07-02 18:36:53 ----A---- C:\WINXP\SchedLgU.Txt
2009-07-02 18:17:53 ----N---- C:\WINXP\system32\WgaTray.exe
2009-07-02 18:17:53 ----N---- C:\WINXP\system32\WgaLogon.dll
2009-07-02 18:17:53 ----N---- C:\WINXP\system32\LegitCheckControl.dll
2009-07-02 18:16:11 ----A---- C:\WINXP\system32\spupdsvc.exe
2009-07-02 18:15:32 ----N---- C:\WINXP\system32\spmsg.dll
2009-07-02 18:15:15 ----A---- C:\WINXP\control.ini
2009-07-02 18:14:41 ----A---- C:\WINXP\system32\mapi32.dll
2009-07-02 18:13:07 ----RAH---- C:\WINXP\system32\logonui.exe.manifest
2009-07-02 18:13:02 ----RAH---- C:\WINXP\system32\cdplayer.exe.manifest
2009-07-02 18:12:17 ----A---- C:\WINXP\system32\atrace.dll
2009-07-02 18:12:14 ----A---- C:\WINXP\system32\desktop.ini
2009-07-02 18:12:14 ----A---- C:\WINXP\desktop.ini
2009-07-02 18:12:08 ----A---- C:\WINXP\system32\nmevtmsg.dll
2009-07-02 18:12:07 ----A---- C:\WINXP\system32\acctres.dll
2009-07-02 18:12:04 ----A---- C:\WINXP\system32\icfgnt5.dll
2009-07-02 18:11:54 ----A---- C:\WINXP\system32\wuweb.dll
2009-07-02 18:11:54 ----A---- C:\WINXP\system32\wucltui.dll
2009-07-02 18:11:54 ----A---- C:\WINXP\system32\wuauserv.dll
2009-07-02 18:11:54 ----A---- C:\WINXP\system32\wuaueng1.dll
2009-07-02 18:11:53 ----A---- C:\WINXP\system32\wups.dll
2009-07-02 18:11:53 ----A---- C:\WINXP\system32\wuaueng.dll
2009-07-02 18:11:53 ----A---- C:\WINXP\system32\wuauclt1.exe
2009-07-02 18:11:53 ----A---- C:\WINXP\system32\wuauclt.exe
2009-07-02 18:11:53 ----A---- C:\WINXP\system32\wuapi.dll
2009-07-02 18:11:53 ----A---- C:\WINXP\system32\qmgrprxy.dll
2009-07-02 18:11:53 ----A---- C:\WINXP\system32\qmgr.dll
2009-07-02 18:11:53 ----A---- C:\WINXP\system32\bitsprx4.dll
2009-07-02 18:11:53 ----A---- C:\WINXP\system32\bitsprx3.dll
2009-07-02 18:11:53 ----A---- C:\WINXP\system32\bitsprx2.dll
2009-07-02 18:11:32 ----A---- C:\WINXP\system32\safrslv.dll
2009-07-02 18:11:32 ----A---- C:\WINXP\system32\safrdm.dll
2009-07-02 18:11:32 ----A---- C:\WINXP\system32\safrcdlg.dll
2009-07-02 18:11:31 ----A---- C:\WINXP\system32\racpldlg.dll
2009-07-02 18:11:27 ----A---- C:\WINXP\system32\fltMc.exe
2009-07-02 18:11:27 ----A---- C:\WINXP\system32\fltlib.dll
2009-07-02 18:11:26 ----A---- C:\WINXP\system32\srsvc.dll
2009-07-02 18:11:26 ----A---- C:\WINXP\system32\srrstr.dll
2009-07-02 18:11:26 ----A---- C:\WINXP\system32\srclient.dll
2009-07-02 18:11:25 ----A---- C:\WINXP\system32\nmmkcert.dll
2009-07-02 18:11:25 ----A---- C:\WINXP\system32\msconf.dll
2009-07-02 18:11:25 ----A---- C:\WINXP\system32\mnmsrvc.exe
2009-07-02 18:11:25 ----A---- C:\WINXP\system32\mnmdd.dll
2009-07-02 18:11:25 ----A---- C:\WINXP\system32\isrdbg32.dll
2009-07-02 18:11:25 ----A---- C:\WINXP\system32\ils.dll
2009-07-02 18:11:22 ----A---- C:\WINXP\system32\msoert2.dll
2009-07-02 18:11:21 ----A---- C:\WINXP\system32\msoeacct.dll
2009-07-02 18:11:21 ----A---- C:\WINXP\system32\inetres.dll
2009-07-02 18:11:20 ----A---- C:\WINXP\system32\inetcomm.dll
2009-07-02 18:11:17 ----A---- C:\WINXP\system32\schedsvc.dll
2009-07-02 18:11:17 ----A---- C:\WINXP\system32\mstinit.exe
2009-07-02 18:11:17 ----A---- C:\WINXP\system32\mstask.dll
2009-07-02 18:11:17 ----A---- C:\WINXP\system32\isign32.dll
2009-07-02 18:11:17 ----A---- C:\WINXP\system32\icwphbk.dll
2009-07-02 18:11:17 ----A---- C:\WINXP\system32\icwdial.dll
2009-07-02 18:11:16 ----A---- C:\WINXP\system32\inetcfg.dll
2009-07-02 18:10:07 ----A---- C:\WINXP\vbaddin.ini
2009-07-02 18:10:07 ----A---- C:\WINXP\vb.ini
2009-07-02 18:09:18 ----A---- C:\WINXP\system32\write.exe
2009-07-02 18:09:09 ----A---- C:\WINXP\system32\sndvol32.exe
2009-07-02 18:09:08 ----A---- C:\WINXP\system32\winchat.exe
2009-07-02 18:09:08 ----A---- C:\WINXP\system32\hticons.dll
2009-07-02 18:09:08 ----A---- C:\WINXP\system32\avwav.dll
2009-07-02 18:09:08 ----A---- C:\WINXP\system32\avtapi.dll
2009-07-02 18:09:08 ----A---- C:\WINXP\system32\avmeter.dll
2009-07-02 18:09:01 ----A---- C:\WINXP\system32\getuname.dll
2009-07-02 18:09:01 ----A---- C:\WINXP\system32\charmap.exe
2009-07-02 18:09:01 ----A---- C:\WINXP\system32\calc.exe
2009-07-02 18:09:00 ----A---- C:\WINXP\system32\winmine.exe
2009-07-02 18:09:00 ----A---- C:\WINXP\system32\sol.exe
2009-07-02 18:09:00 ----A---- C:\WINXP\system32\reset.exe
2009-07-02 18:09:00 ----A---- C:\WINXP\system32\mshearts.exe
2009-07-02 18:09:00 ----A---- C:\WINXP\system32\freecell.exe
2009-07-02 18:08:59 ----A---- C:\WINXP\system32\usrlogon.cmd
2009-07-02 18:08:59 ----A---- C:\WINXP\system32\tsshutdn.exe
2009-07-02 18:08:59 ----A---- C:\WINXP\system32\tslabels.ini
2009-07-02 18:08:59 ----A---- C:\WINXP\system32\tskill.exe
2009-07-02 18:08:59 ----A---- C:\WINXP\system32\tsdiscon.exe
2009-07-02 18:08:59 ----A---- C:\WINXP\system32\tscon.exe
2009-07-02 18:08:59 ----A---- C:\WINXP\system32\shadow.exe
2009-07-02 18:08:59 ----A---- C:\WINXP\system32\rwinsta.exe
2009-07-02 18:08:59 ----A---- C:\WINXP\system32\regini.exe
2009-07-02 18:08:59 ----A---- C:\WINXP\system32\rdpcfgex.dll
2009-07-02 18:08:59 ----A---- C:\WINXP\system32\qwinsta.exe
2009-07-02 18:08:59 ----A---- C:\WINXP\system32\qappsrv.exe
2009-07-02 18:08:59 ----A---- C:\WINXP\system32\msg.exe
2009-07-02 18:08:59 ----A---- C:\WINXP\system32\logoff.exe
2009-07-02 18:08:59 ----A---- C:\WINXP\system32\cdmodem.dll
2009-07-02 18:08:58 ----A---- C:\WINXP\system32\msdtcprf.ini
2009-07-02 18:08:53 ----A---- C:\WINXP\system32\wmimgmt.msc
2009-07-02 18:08:42 ----A---- C:\WINXP\system32\sndrec32.exe
2009-07-02 18:08:42 ----A---- C:\WINXP\system32\accwiz.exe
2009-07-02 18:08:41 ----A---- C:\WINXP\system32\mplay32.exe
2009-07-02 18:08:41 ----A---- C:\WINXP\system32\hypertrm.dll
2009-07-02 18:08:40 ----A---- C:\WINXP\system32\spider.exe
2009-07-02 18:08:40 ----A---- C:\WINXP\system32\mspaint.exe
2009-07-02 18:08:40 ----A---- C:\WINXP\system32\clipbrd.exe
2009-07-02 18:08:39 ----A---- C:\WINXP\system32\tsgqec.dll
2009-07-02 18:08:39 ----A---- C:\WINXP\system32\tscfgwmi.dll
2009-07-02 18:08:39 ----A---- C:\WINXP\system32\rhttpaa.dll
2009-07-02 18:08:39 ----A---- C:\WINXP\system32\aaclient.dll
2009-07-02 18:08:38 ----A---- C:\WINXP\system32\mstscax.dll
2009-07-02 18:08:37 ----A---- C:\WINXP\system32\termsrv.dll
2009-07-02 18:08:37 ----A---- C:\WINXP\system32\sessmgr.exe
2009-07-02 18:08:37 ----A---- C:\WINXP\system32\remotepg.dll
2009-07-02 18:08:37 ----A---- C:\WINXP\system32\rdshost.exe
2009-07-02 18:08:37 ----A---- C:\WINXP\system32\rdsaddin.exe
2009-07-02 18:08:37 ----A---- C:\WINXP\system32\rdpwsx.dll
2009-07-02 18:08:37 ----A---- C:\WINXP\system32\rdchost.dll
2009-07-02 18:08:37 ----A---- C:\WINXP\system32\mstsc.exe
2009-07-02 18:08:36 ----A---- C:\WINXP\system32\rdpsnd.dll
2009-07-02 18:08:36 ----A---- C:\WINXP\system32\rdpclip.exe
2009-07-02 18:08:36 ----A---- C:\WINXP\system32\qprocess.exe
2009-07-02 18:08:36 ----A---- C:\WINXP\system32\mtxoci.dll
2009-07-02 18:08:36 ----A---- C:\WINXP\system32\msdtcuiu.dll
2009-07-02 18:08:36 ----A---- C:\WINXP\system32\msdtcprx.dll
2009-07-02 18:08:36 ----A---- C:\WINXP\system32\icaapi.dll
2009-07-02 18:08:36 ----A---- C:\WINXP\system32\cfgbkend.dll
2009-07-02 18:08:35 ----A---- C:\WINXP\system32\xolehlp.dll
2009-07-02 18:08:35 ----A---- C:\WINXP\system32\msdtctm.dll
2009-07-02 18:08:35 ----A---- C:\WINXP\system32\msdtclog.dll
2009-07-02 18:08:35 ----A---- C:\WINXP\system32\msdtc.exe
2009-07-02 18:08:34 ----A---- C:\WINXP\system32\stclient.dll
2009-07-02 18:08:34 ----A---- C:\WINXP\system32\mtxlegih.dll
2009-07-02 18:08:34 ----A---- C:\WINXP\system32\mtxex.dll
2009-07-02 18:08:34 ----A---- C:\WINXP\system32\mtxdm.dll
2009-07-02 18:08:34 ----A---- C:\WINXP\system32\dcomcnfg.exe
2009-07-02 18:08:34 ----A---- C:\WINXP\system32\comrepl.dll
2009-07-02 18:08:34 ----A---- C:\WINXP\system32\comaddin.dll
2009-07-02 18:08:34 ----A---- C:\WINXP\system32\colbact.dll
2009-07-02 18:08:33 ----A---- C:\WINXP\system32\comsvcs.dll
2009-07-02 18:08:33 ----A---- C:\WINXP\system32\clbcatex.dll
2009-07-02 18:08:33 ----A---- C:\WINXP\system32\catsrvut.dll
2009-07-02 18:08:33 ----A---- C:\WINXP\system32\catsrvps.dll
2009-07-02 18:08:33 ----A---- C:\WINXP\system32\catsrv.dll
2009-07-02 18:08:32 ----A---- C:\WINXP\system32\comuid.dll
2009-07-02 18:08:32 ----A---- C:\WINXP\system32\comsnap.dll
2009-07-02 18:08:31 ----A---- C:\WINXP\system32\clbcatq.dll
2009-07-02 18:08:24 ----A---- C:\WINXP\system32\servdeps.dll
2009-07-02 18:08:24 ----A---- C:\WINXP\system32\mmfutil.dll
2009-07-02 18:08:24 ----A---- C:\WINXP\system32\licwmi.dll
2009-07-02 18:08:24 ----A---- C:\WINXP\system32\cmprops.dll
2009-07-01 18:14:19 ----D---- C:\Programme\DAEMON Tools Pro
2009-06-20 11:57:54 ----D---- C:\Programme\NT Registry Optimizer
2009-06-20 11:55:06 ----D---- C:\Programme\RegCleaner
2009-06-20 11:47:44 ----D---- C:\Programme\JGoodies
2009-06-19 19:23:21 ----D---- C:\Programme\Joy RingTone Converter Evaluation Edition
2009-06-19 18:15:52 ----D---- C:\Programme\Groschengrab Deluxe Demo
2009-06-17 20:38:23 ----D---- C:\Programme\dolp_demo
2009-06-17 20:29:09 ----A---- C:\bass.dll

Rohal · 12.07.2009, 17:02

======List of files/folders modified in the last 1 months======

2009-07-12 17:45:23 ----D---- C:\WINXP\Temp
2009-07-12 17:22:23 ----D---- C:\Programme\Mozilla Firefox
2009-07-12 17:14:41 ----D---- C:\WINXP
2009-07-12 17:13:47 ----D---- C:\WINXP\system32\drivers
2009-07-12 17:13:39 ----D---- C:\WINXP\Prefetch
2009-07-12 17:04:42 ----SD---- C:\WINXP\Tasks
2009-07-12 17:04:42 ----D---- C:\WINXP\system32
2009-07-12 11:35:15 ----RD---- C:\Programme
2009-07-12 11:31:06 ----D---- C:\WINXP\Debug
2009-07-11 10:55:27 ----SHD---- C:\WINXP\Installer
2009-07-11 10:55:26 ----D---- C:\Config.Msi
2009-07-11 10:54:55 ----HD---- C:\WINXP\inf
2009-07-11 10:18:35 ----D---- C:\WINXP\system32\CatRoot2
2009-07-11 10:16:19 ----D---- C:\WINXP\system32\DirectX
2009-07-11 10:15:56 ----HD---- C:\Programme\InstallShield Installation Information
2009-07-11 10:15:16 ----D---- C:\Dokumente und Einstellungen
2009-07-11 10:14:47 ----D---- C:\WINXP\system32\Restore
2009-07-08 20:49:32 ----RSD---- C:\WINXP\assembly
2009-07-04 13:13:22 ----D---- C:\WINXP\system32\ReinstallBackups
2009-07-04 13:12:18 ----D---- C:\NVIDIA
2009-07-04 07:35:04 ----D---- C:\Programme\DAEMON Tools Lite
2009-07-03 17:21:57 ----SHD---- C:\RECYCLER
2009-07-02 22:04:13 ----D---- C:\Programme\Xvid
2009-07-02 20:54:53 ----D---- C:\Programme\WinRAR
2009-07-02 20:50:53 ----D---- C:\WINXP\Microsoft.NET
2009-07-02 20:42:08 ----D---- C:\WINXP\WinSxS
2009-07-02 20:40:12 ----D---- C:\WINXP\Logs
2009-07-02 19:52:44 ----D---- C:\Postinstall
2009-07-02 19:52:28 ----D---- C:\WINXP\AppPatch
2009-07-02 19:52:27 ----D---- C:\WINXP\system32\Setup
2009-07-02 19:51:55 ----D---- C:\WINXP\PeerNet
2009-07-02 19:51:55 ----D---- C:\WINXP\ime
2009-07-02 19:51:31 ----D---- C:\WINXP\system32\npp
2009-07-02 19:51:22 ----D---- C:\WINXP\msagent
2009-07-02 19:50:51 ----D---- C:\WINXP\system32\1031
2009-07-02 19:50:46 ----D---- C:\WINXP\ehome
2009-07-02 19:50:26 ----D---- C:\WINXP\Offline Web Pages
2009-07-02 19:49:03 ----SD---- C:\WINXP\Downloaded Program Files
2009-07-02 19:48:40 ----D---- C:\WINXP\twain_32
2009-07-02 19:48:19 ----D---- C:\WINXP\system32\ras
2009-07-02 19:47:50 ----D---- C:\WINXP\system32\icsxml
2009-07-02 19:47:18 ----D---- C:\WINXP\system32\1033
2009-07-02 19:46:21 ----D---- C:\WINXP\TEMPcursors
2009-07-02 19:46:18 ----D---- C:\WINXP\system32\XPSViewer
2009-07-02 19:46:18 ----D---- C:\WINXP\system32\xlive
2009-07-02 19:46:16 ----D---- C:\WINXP\system32\QuickTime
2009-07-02 19:46:15 ----D---- C:\WINXP\system32\oodag
2009-07-02 19:46:14 ----HD---- C:\WINXP\system32\GroupPolicy
2009-07-02 19:46:14 ----D---- C:\WINXP\system32\MAGIX
2009-07-02 19:46:14 ----D---- C:\WINXP\system32\en-us
2009-07-02 19:46:09 ----D---- C:\WINXP\system32\Color
2009-07-02 19:46:07 ----D---- C:\WINXP\Puzzle Quest Galactrix
2009-07-02 19:46:04 ----D---- C:\WINXP\Minidump
2009-07-02 19:45:57 ----D---- C:\WINXP\Downloaded Installations
2009-07-02 19:45:56 ----D---- C:\WINXP\CONCORDE SSTSIM
2009-07-02 19:45:55 ----HDC---- C:\WINXP\$NtUninstallWudf01005$
2009-07-02 19:45:55 ----HDC---- C:\WINXP\$NtUninstallWMFDist11$
2009-07-02 19:45:55 ----D---- C:\WINXP\95FC26FB19FD4A96BBB1B1062E8648F5.TMP
2009-07-02 19:14:37 ----D---- C:\WINXP\system32\Defaults
2009-07-02 19:12:36 ----D---- C:\Programme\Paint.NET
2009-07-02 19:12:36 ----D---- C:\Programme\Google
2009-07-02 19:12:36 ----D---- C:\Programme\Gemeinsame Dateien\MAGIX Shared
2009-07-02 19:12:36 ----D---- C:\Programme\Gemeinsame Dateien
2009-07-02 19:12:36 ----D---- C:\Programme\eMule
2009-07-02 19:12:36 ----D---- C:\Programme\DivX
2009-07-02 19:12:36 ----D---- C:\Programme\Ashampoo
2009-07-02 19:12:35 ----D---- C:\Programme\Styler
2009-07-02 19:12:34 ----D---- C:\Programme\Windows Media Player
2009-07-02 19:12:34 ----D---- C:\Programme\UltraISO
2009-07-02 19:12:34 ----D---- C:\Programme\Tri Peaks 2 Quest For The Ruby Ring
2009-07-02 19:12:01 ----RSHDC---- C:\WINXP\system32\dllcache
2009-07-02 19:10:51 ----D---- C:\WINXP\system
2009-07-02 19:10:46 ----D---- C:\WINXP\system32\Data
2009-07-02 19:05:14 ----D---- C:\totalcmd
2009-07-02 18:58:32 ----D---- C:\WINXP\Help
2009-07-02 18:58:16 ----D---- C:\WINXP\nview
2009-07-02 18:57:05 ----A---- C:\WINXP\system.ini
2009-07-02 18:57:03 ----RSD---- C:\WINXP\Fonts
2009-07-02 18:53:42 ----D---- C:\WINXP\WBEM
2009-07-02 18:53:42 ----D---- C:\WINXP\system32\usmt
2009-07-02 18:53:42 ----D---- C:\WINXP\system32\de
2009-07-02 18:53:42 ----D---- C:\WINXP\Network Diagnostic
2009-07-02 18:53:42 ----D---- C:\WINXP\Media
2009-07-02 18:53:42 ----D---- C:\WINXP\L2Schemas
2009-07-02 18:37:04 ----D---- C:\WINXP\SoftwareDistribution
2009-07-02 18:37:03 ----SHD---- C:\System Volume Information
2009-07-02 18:21:59 ----D---- C:\WINXP\system32\config
2009-07-02 18:17:53 ----D---- C:\WINXP\security
2009-07-02 18:17:53 ----D---- C:\WINXP\repair
2009-07-02 18:17:24 ----D---- C:\WINXP\system32\CatRoot
2009-07-02 18:15:11 ----A---- C:\WINXP\win.ini
2009-07-02 18:14:33 ----D---- C:\WINXP\Registration
2009-07-02 18:14:20 ----D---- C:\WINXP\system32\ias
2009-07-02 18:13:11 ----RD---- C:\WINXP\Web
2009-07-02 18:12:33 ----D---- C:\WINXP\srchasst
2009-07-02 18:12:08 ----D---- C:\Programme\NetMeeting
2009-07-02 18:12:07 ----D---- C:\Programme\Gemeinsame Dateien\Dienste
2009-07-02 18:12:04 ----D---- C:\Programme\Outlook Express
2009-07-02 18:12:01 ----D---- C:\Programme\Internet Explorer
2009-07-02 18:11:51 ----D---- C:\Programme\Movie Maker
2009-07-02 18:11:35 ----D---- C:\WINXP\system32\oobe
2009-07-02 18:11:21 ----D---- C:\Programme\Gemeinsame Dateien\System
2009-07-02 18:10:24 ----D---- C:\WINXP\system32\Com
2009-07-02 18:09:56 ----D---- C:\WINXP\system32\MsDtc
2009-07-02 18:09:31 ----D---- C:\Programme\Windows Media Connect 2
2009-07-02 18:09:23 ----D---- C:\Programme\Messenger
2009-07-02 18:09:13 ----D---- C:\WINXP\Cursors
2009-07-02 18:09:08 ----D---- C:\Programme\Windows NT
2009-07-02 18:08:58 ----D---- C:\WINXP\system32\wbem
2009-07-02 18:08:40 ----D---- C:\WINXP\system32\de-de
2009-07-02 18:06:15 ----SH---- C:\boot.ini
2009-06-13 18:56:55 ----D---- C:\Programme\Gemeinsame Dateien\Wise Installation Wizard
2009-06-13 18:45:54 ----DC---- C:\WINXP\system32\DRVSTORE

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK7;AMD K7-Prozessortreiber; C:\WINXP\system32\DRIVERS\amdk7.sys [2008-04-14 41856]
R1 kbdhid;Tastatur-HID-Treiber; C:\WINXP\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
R1 KLIF;Kaspersky Lab Driver; C:\WINXP\system32\DRIVERS\klif.sys [2009-07-11 296976]
R2 atksgt;atksgt; C:\WINXP\system32\DRIVERS\atksgt.sys [2009-07-07 281760]
R2 lirsgt;lirsgt; C:\WINXP\system32\DRIVERS\lirsgt.sys [2009-07-07 25888]
R3 Arp1394;1394-ARP-Clientprotokoll; C:\WINXP\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 COMMONFX.SYS;COMMONFX.SYS; C:\WINXP\System32\drivers\COMMONFX.SYS [2008-06-27 99352]
R3 ctac32k;Creative AC3 Software Decoder; C:\WINXP\system32\drivers\ctac32k.sys [2008-07-07 511000]
R3 ctaud2k;Creative Audio Driver (WDM); C:\WINXP\system32\drivers\ctaud2k.sys [2008-07-07 532376]
R3 CTAUDFX.SYS;CTAUDFX.SYS; C:\WINXP\System32\drivers\CTAUDFX.SYS [2008-06-27 555032]
R3 ctprxy2k;Creative Proxy Driver; C:\WINXP\system32\drivers\ctprxy2k.sys [2008-07-07 14360]
R3 CTSBLFX.SYS;CTSBLFX.SYS; C:\WINXP\System32\drivers\CTSBLFX.SYS [2008-06-27 566296]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINXP\system32\drivers\ctsfm2k.sys [2008-07-07 157208]
R3 emupia;E-mu Plug-in Architecture Driver; C:\WINXP\system32\drivers\emupia2k.sys [2008-07-07 92696]
R3 ha10kx2k;Creative Hardware Abstract Layer Driver; C:\WINXP\system32\drivers\ha10kx2k.sys [2008-07-07 797720]
R3 hidusb;Microsoft HID Class-Treiber; C:\WINXP\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINXP\system32\DRIVERS\klim5.sys [2009-05-13 31760]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\WINXP\system32\DRIVERS\klmouflt.sys [2009-05-16 19472]
R3 mouhid;Maus-HID-Treiber; C:\WINXP\system32\DRIVERS\mouhid.sys [2008-04-14 12288]
R3 NIC1394;1394-Netzwerktreiber; C:\WINXP\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 nv;nv; C:\WINXP\system32\DRIVERS\nv4_mini.sys [2008-10-07 6133856]
R3 ossrv;Creative OS Services Driver; C:\WINXP\system32\drivers\ctoss2k.sys [2008-07-07 127512]
R3 rtl8139;NT-Treiber für Realtek RTL8139(A/B/C)-basierten PCI-Fast Ethernet-Adapter; C:\WINXP\system32\DRIVERS\RTL8139.SYS [2008-04-13 20992]
R3 usbccgp;Microsoft Standard-USB-Haupttreiber; C:\WINXP\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbehci;Miniporttreiber für erweiterten Microsoft USB 2.0-Hostcontroller; C:\WINXP\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Microsoft USB-Standardhubtreiber; C:\WINXP\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbohci;Miniporttreiber für Microsoft USB Open Host-Controller; C:\WINXP\system32\DRIVERS\usbohci.sys [2008-04-14 17152]
R3 usbstor;USB-Massenspeichertreiber; C:\WINXP\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 at7hp0bx;at7hp0bx; C:\WINXP\system32\drivers\at7hp0bx.sys []
S3 COMMONFX;COMMONFX; C:\WINXP\system32\drivers\COMMONFX.SYS [2008-06-27 99352]
S3 CTAUDFX;CTAUDFX; C:\WINXP\system32\drivers\CTAUDFX.SYS [2008-06-27 555032]
S3 ctdvda2k;Creative DVD-Audio Device Driver; C:\WINXP\system32\drivers\ctdvda2k.sys [2008-07-07 347080]
S3 CTERFXFX.SYS;CTERFXFX.SYS; C:\WINXP\System32\drivers\CTERFXFX.SYS [2008-06-27 100888]
S3 CTERFXFX;CTERFXFX; C:\WINXP\system32\drivers\CTERFXFX.SYS [2008-06-27 100888]
S3 CTSBLFX;CTSBLFX; C:\WINXP\system32\drivers\CTSBLFX.SYS [2008-06-27 566296]
S3 hap16v2k;Creative P16V HAL Driver; C:\WINXP\system32\drivers\hap16v2k.sys [2008-07-07 162840]
S3 hap17v2k;Creative P17V HAL Driver; C:\WINXP\system32\drivers\hap17v2k.sys [2008-07-07 189464]
S3 TVICHW32;TVICHW32; \??\C:\WINXP\system32\DRIVERS\TVICHW32.SYS []
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINXP\system32\DRIVERS\WudfPf.sys [2008-07-08 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINXP\system32\DRIVERS\wudfrd.sys [2008-07-08 82944]
S4 IntelIde;IntelIde; C:\WINXP\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AVP;Kaspersky Internet Security; C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [2009-05-25 303376]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINXP\system32\nvsvc32.exe [2008-10-07 163908]
S3 aspnet_state;ASP.NET State Service; C:\WINXP\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINXP\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 WMPNetworkSvc;Windows Media Player-Netzwerkfreigabedienst; C:\Programme\Windows Media Player\WMPNetwk.exe [2006-11-03 920576]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINXP\system32\svchost.exe [2008-04-14 14336]

-----------------EOF-----------------

Vielen Dank schon mal fürs drübergucken

Gruß Rohal

Rohal · 18.07.2009, 07:03

Thema erledigt

IE öffnet sich von selbst trotz Deinstallation

Log-Analyse und Auswertung: IE öffnet sich von selbst trotz Deinstallation