ComboFix 07-09-21.2 - "Nukkis" 2007-09-23 21:14:49.1 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.2.1252.49.1031.18.553 [GMT 2:00] * Created a new restore point . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\Programme\VideoAccessCodec C:\Programme\VideoAccessCodec\install.ico C:\WINDOWS\dat.txt C:\WINDOWS\main_uninstaller.exe C:\WINDOWS\msmdev.dll C:\WINDOWS\msmhost.dll C:\WINDOWS\rs.txt D:\Nukki\FAVORI~1\.url D:\Nukki\FAVORI~1\Error Cleaner.url D:\Nukki\FAVORI~1\Privacy Protector.url D:\Nukki\FAVORI~1\Spyware&Malware Protection.url . ((((((((((((((((((((((((( Files Created from 2007-08-23 to 2007-09-23 ))))))))))))))))))))))))))))))) . 2007-09-23 21:13 51,200 --a------ C:\WINDOWS\NirCmd.exe 2007-09-15 10:50 d-------- C:\WINDOWS\system32\ActiveScan 2007-09-15 10:27 d-------- C:\WINDOWS\BDOSCAN8 2007-09-12 22:54 d-------- C:\DOKUME~1\ALLUSE~1\ANWEND~1\Spybot - Search & Destroy 2007-09-06 23:44 d-------- C:\Programme\MSXML 4.0 2007-09-04 17:14 d-------- C:\DOKUME~1\Nukkis\ANWEND~1\Teleca 2007-09-04 17:09 d-------- C:\DOKUME~1\Nukkis\ANWEND~1\Sony Ericsson 2007-09-04 17:03 d-------- C:\Programme\Sony Ericsson 2007-09-04 17:03 d-------- C:\Programme\Gemeinsame Dateien\Teleca Shared 2007-09-04 17:03 d-------- C:\Programme\Gemeinsame Dateien\Sony Ericsson Shared 2007-09-04 17:03 d-------- C:\DOKUME~1\ALLUSE~1\ANWEND~1\Teleca 2007-09-04 17:03 d-------- C:\DOKUME~1\ALLUSE~1\ANWEND~1\Sony Ericsson . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2007-09-23 21:18 --------- d-------- C:\DOKUME~1\Nukkis\ANWEND~1\FRITZ! 2007-09-23 18:02 --------- d-------- C:\DOKUME~1\ALLUSE~1\ANWEND~1\AntiVir PersonalEdition Classic 2007-09-15 12:22 --------- d-------- C:\DOKUME~1\Nukkis\ANWEND~1\Skype 2007-09-13 00:25 --------- d-------- C:\Programme\Soulseek 2007-09-13 00:24 --------- d--h----- C:\Programme\InstallShield Installation Information 2007-09-13 00:24 --------- d-------- C:\DOKUME~1\ALLUSE~1\ANWEND~1\Napster 2007-09-12 23:32 --------- d-------- C:\Programme\MyWay 2007-08-10 22:44 --------- d-------- C:\DOKUME~1\Nukkis\ANWEND~1\tunebite 2007-07-30 10:34 63488 --a------ C:\WINDOWS\xobglu16.dll 2007-07-30 10:34 34782 --a------ C:\WINDOWS\xobglu32.dll 2005-10-24 00:58 21 --a------ C:\Programme\AVPersonalAVWIN.INI 2004-10-01 15:00 40960 --a------ C:\Programme\Uninstall_CDS.exe . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [2004-09-26 14:25] "QuickTime Task"="C:\Programme\QuickTime\qttask.exe" [2007-04-27 09:41] "PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2002-08-29 06:39] "PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2002-08-29 06:39] "nwiz"="nwiz.exe" [2003-10-06 14:16 C:\WINDOWS\system32\nwiz.exe] "MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [2002-08-29 06:39] "Microsoft Update"="wumgrd.exe" [] "IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-04 07:31] "C-Media Mixer"="Mixer.exe" [2002-10-15 19:00 C:\WINDOWS\mixer.exe] "avgnt"="C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe" [2007-09-22 14:37] "SetDefPrt"="C:\Programme\Brother\Brmfl04b\BrStDvPt.exe" [2004-05-25 09:16] "ControlCenter2.0"="C:\Programme\Brother\ControlCenter2\brctrcen.exe" [2004-07-20 09:34] "InCD"="C:\Programme\Ahead\InCD\InCD.exe" [2005-07-08 16:25] "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50] "TkBellExe"="C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" [2007-04-20 10:50] "PCSuiteTrayApplication"="C:\Programme\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-03-23 13:20] "iTunesHelper"="C:\Programme\iTunes\iTunesHelper.exe" [2007-06-28 09:14] "Sony Ericsson PC Suite"="C:\Programme\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2006-11-24 01:06] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Microsoft Works Update Detection"="C:\Programme\Microsoft Works\WkDetect.exe" [] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 09:57] "NBJ"="C:\Programme\Ahead\Nero BackItUp\NBJ.exe" [2005-10-11 18:25] "SpybotSD TeaTimer"="d:\Programme\Spybot - Search & Destroy\TeaTimer.exe" [2007-08-31 16:46] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runservices] "Microsoft Update"=wumgrd.exe [HKEY_USERS\.default\software\microsoft\windows\currentversion\run] "Microsoft Update"=wumgrd.exe "Nokia.PCSync"=C:\Programme\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog C:\DOKUME~1\ALLUSE~1\STARTM~1\PROGRA~1\AUTOST~1\ Adobe Reader Speed Launch.lnk - C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 23:05:26] Status Monitor.lnk - C:\Programme\Brother\Brmfcmon\BrMfcWnd.exe [2006-08-07 00:08:04] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "kavsvc"=2 (0x2) R0 avgntmgr;avgntmgr;C:\WINDOWS\system32\drivers\avgntmgr.sys R0 Stealth;Stealth;C:\WINDOWS\system32\DRIVERS\stealth.sys R1 avgntdd;avgntdd;C:\WINDOWS\system32\DRIVERS\avgntdd.sys R1 NETDSL;AVM PPP over Ethernet;C:\WINDOWS\system32\DRIVERS\netdsl.sys R2 Fswsclds;F-Secure Windows Security Center Legacy Detection Service;C:\Programme\F-Secure Internet Security\fswsclds.exe R2 nvcap;nVidia WDM Video Capture (universal);C:\WINDOWS\system32\DRIVERS\nvcap.sys R2 NVXBAR;nVidia WDM A/V Crossbar;C:\WINDOWS\system32\DRIVERS\NVxbar.sys R3 ham50;V9X HAM 1394V;C:\WINDOWS\system32\DRIVERS\CTXH51.sys R3 tbhsd;Tunebite High-Speed Dubbing;C:\WINDOWS\system32\drivers\tbhsd.sys S2 nvTUNEP;nVidia WDM TVTuner;C:\WINDOWS\system32\DRIVERS\nvtunep.sys S2 nvtvSND;nVidia WDM TVAudio Crossbar;C:\WINDOWS\system32\DRIVERS\nvtvsnd.sys S2 WksPatch;Internet Logging Provider;C:\WINDOWS\System32\drivers\svchost.exe S3 BrScnUsb;Brother USB Still Image driver;C:\WINDOWS\system32\Drivers\BrScnUsb.sys S3 BrSerIf;Brother MFC Serial Port Interface WDM Driver;C:\WINDOWS\system32\Drivers\BrSerIf.sys S3 BrUsbSer;Brother MFC USB Serial WDM Driver;C:\WINDOWS\system32\Drivers\BrUsbSer.sys S3 MintonD5;Minton D5 USB Digital Camera;C:\WINDOWS\system32\Drivers\MintonD5.sys S3 NETFWDSL;AVM FRITZ!web DSL PPP;C:\WINDOWS\system32\DRIVERS\NETFWDSL.SYS S3 se44bus;Sony Ericsson Device 068 driver (WDM);C:\WINDOWS\system32\DRIVERS\se44bus.sys S3 se44mdfl;Sony Ericsson Device 068 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\se44mdfl.sys S3 se44mdm;Sony Ericsson Device 068 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\se44mdm.sys S3 se44mgmt;Sony Ericsson Device 068 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\se44mgmt.sys S3 se44nd5;Sony Ericsson Device 068 USB Ethernet Emulation SEMC44 (NDIS);C:\WINDOWS\system32\DRIVERS\se44nd5.sys S3 se44obex;Sony Ericsson Device 068 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\se44obex.sys S3 se44unic;Sony Ericsson Device 068 USB Ethernet Emulation SEMC44 (WDM);C:\WINDOWS\system32\DRIVERS\se44unic.sys S3 w89c940;Winbond W89C940-PCI-Ethernetadaptertreiber;C:\WINDOWS\system32\DRIVERS\w940nd.sys . Contents of the 'Scheduled Tasks' folder "2007-08-25 16:35:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job" - C:\Programme\Apple Software Update\SoftwareUpdate.exe . ************************************************************************** catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-09-23 21:21:08 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... ************************************************************************** . Completion time: 2007-09-23 21:26:36 - machine was rebooted C:\ComboFix-quarantined-files.txt ... 2007-09-23 21:26 . --- E O F --- ******************************************************************************** ******************************************************************************** Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:35:15, on 23.09.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\brss01a.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Programme\AntiVir PersonalEdition Classic\sched.exe C:\Programme\AntiVir PersonalEdition Classic\avguard.exe C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Programme\FRITZ!DSL\IGDCTRL.EXE C:\WINDOWS\system32\Brmfrmps.exe C:\Programme\F-Secure Internet Security\fswsclds.exe C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Mixer.exe C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\system32\wuauclt.exe C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe C:\Programme\Nokia\Nokia PC Suite 6\LaunchApplication.exe C:\Programme\iTunes\iTunesHelper.exe C:\Programme\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe C:\WINDOWS\system32\ctfmon.exe C:\Programme\PC Connectivity Solution\ServiceLayer.exe C:\Programme\FRITZ!DSL\FwebProt.exe C:\Programme\FRITZ!DSL\StCenter.exe C:\Programme\iPod\bin\iPodService.exe C:\WINDOWS\system32\notepad.exe C:\Programme\Microsoft Office\Office10\OUTLOOK.EXE C:\Programme\Gemeinsame Dateien\Teleca Shared\Generic.exe C:\Programme\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe C:\Programme\Internet Explorer\IEXPLORE.EXE D:\Nukki\Desktop\HJT.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://softwarereferral.com/jump.php?wmid=6010&mid=MjI6Ojg5&lid=2 O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar4.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar4.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [Microsoft Update] wumgrd.exe O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup O4 - HKLM\..\Run: [avgnt] "C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [SetDefPrt] C:\Programme\Brother\Brmfl04b\BrStDvPt.exe O4 - HKLM\..\Run: [ControlCenter2.0] C:\Programme\Brother\ControlCenter2\brctrcen.exe /autorun O4 - HKLM\..\Run: [InCD] C:\Programme\Ahead\InCD\InCD.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Programme\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup O4 - HKLM\..\Run: [iTunesHelper] "C:\Programme\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Programme\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\RunServices: [Microsoft Update] wumgrd.exe O4 - HKCU\..\Run: [Microsoft Works Update Detection] C:\Programme\Microsoft Works\WkDetect.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [NBJ] "C:\Programme\Ahead\Nero BackItUp\NBJ.exe" O4 - HKCU\..\Run: [SpybotSD TeaTimer] d:\Programme\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Startup: FRITZ!DSL Protect.lnk = C:\Programme\FRITZ!DSL\FwebProt.exe O4 - Startup: FRITZ!DSL Startcenter.lnk = C:\Programme\FRITZ!DSL\StCenter.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Status Monitor.lnk = C:\Programme\Brother\Brmfcmon\BrMfcWnd.exe O8 - Extra context menu item: &Search - http://ku.bar.need2find.com/KU/menusearch.html?p=KU O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O9 - Extra button: MedionShop - {543CDDE7-DF47-47DD-9339-0B023AC5DCA8} - http://www.medionshop.de (file missing) (HKCU) O14 - IERESET.INF: START_PAGE_URL=http://www.msn.de O15 - Trusted Zone: www.adobe.com O15 - Trusted Zone: www.esprit-online-shop.com O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.de/scan_de/scan8/oscan8.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1168654379343 O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{29996496-4A48-466B-99AA-38579D46F4BF}: NameServer = 192.168.122.252,192.168.122.253 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL O23 - Service: AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Service (AntiVirService) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: AVM IGD CTRL Service - AVM Berlin - C:\Programme\FRITZ!DSL\IGDCTRL.EXE O23 - Service: Brother Popup Suspend service for Resource manager (brmfrmps) - Brother Industries, Ltd. - C:\WINDOWS\system32\Brmfrmps.exe O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe O23 - Service: AVM FRITZ!web Routing Service (de_serv) - AVM Berlin - C:\Programme\Gemeinsame Dateien\AVM\de_serv.exe O23 - Service: F-Secure Windows Security Center Legacy Detection Service (Fswsclds) - F-Secure Corporation - C:\Programme\F-Secure Internet Security\fswsclds.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Programme\iPod\bin\iPodService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: ServiceLayer - Nokia. - C:\Programme\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Internet Logging Provider (WksPatch) - Unknown owner - C:\WINDOWS\System32\drivers\svchost.exe (file missing) -- End of file - 9189 bytes ******************************************************************************** ******************************************************************************** . . Datentr„ger in Laufwerk C: ist BOOT Volumeseriennummer: 146C-2993 Verzeichnis von C:\WINDOWS\system32 15.09.2007 10:53 2.550 Uninstall.ico 15.09.2007 10:53 1.406 Help.ico 15.09.2007 10:53 30.590 pavas.ico 12.09.2007 21:31 249.852 TZLog.log 05.09.2007 19:50 17.474.680 MRT.exe 30.07.2007 19:20 30.040 wuaucpl.cpl.mui 30.07.2007 19:20 30.040 wuapi.dll.mui 30.07.2007 19:19 1.712.984 wuaueng.dll 30.07.2007 19:19 549.720 wuapi.dll 30.07.2007 19:19 325.976 wucltui.dll 30.07.2007 19:19 203.096 wuweb.dll 30.07.2007 19:19 216.408 wuaucpl.cpl 30.07.2007 19:19 92.504 cdm.dll 30.07.2007 19:19 53.080 wuauclt.exe 30.07.2007 19:19 43.352 wups2.dll 30.07.2007 19:19 271.224 mucltui.dll 30.07.2007 19:19 207.736 muweb.dll 30.07.2007 19:18 34.136 wucltui.dll.mui 30.07.2007 19:18 30.072 mucltui.dll.mui 30.07.2007 19:18 33.624 wups.dll 30.07.2007 19:18 20.824 wuaueng.dll.mui 22.07.2007 18:39 279.552 swreg.exe 18.07.2007 14:42 60.416 tzchange.exe 02.07.2007 21:41 1.044.480 libdivx.dll 02.07.2007 21:41 200.704 ssldivx.dll 26.06.2007 08:08 1.104.896 msxml3.dll . . . Datentr„ger in Laufwerk C: ist BOOT Volumeseriennummer: 146C-2993 Verzeichnis von C:\DOKUME~1\Nukkis\LOKALE~1\Temp 23.09.2007 21:36 105.947 datfind.txt 23.09.2007 21:23 32.768 ~DFACB0.tmp 2 Datei(en) 138.715 Bytes 0 Verzeichnis(se), 4.941.864.960 Bytes frei . . . Datentr„ger in Laufwerk C: ist BOOT Volumeseriennummer: 146C-2993 Verzeichnis von C:\WINDOWS 23.09.2007 21:23 54.156 QTFont.qfn 23.09.2007 21:22 261 wiadebug.log 23.09.2007 21:20 1.259.636 WindowsUpdate.log 23.09.2007 21:20 50 wiaservc.log 23.09.2007 21:19 2.048 bootstat.dat 23.09.2007 21:19 32.636 SchedLgU.Txt 23.09.2007 20:44 173.532 setupapi.log 23.09.2007 19:34 87.043 KB922760.log 23.09.2007 15:50 59.675 updspapi.log 22.09.2007 14:46 1.765 Brpfx04a.ini 18.09.2007 07:48 106.168 ntbtlog.txt 17.09.2007 21:33 165.761 KB925454.log 17.09.2007 21:23 9.394.835 setupact.log 17.09.2007 21:12 1.025.258 setupapi.log.10.old 17.09.2007 13:52 1.024.928 setupapi.log.9.old 16.09.2007 16:00 1.024.997 setupapi.log.8.old 16.09.2007 13:46 1.024.940 setupapi.log.7.old 15.09.2007 12:12 286.743 KB928090.log 14.09.2007 17:28 3.264 KB931768.log 13.09.2007 00:28 56.250 KB933566.log 12.09.2007 23:43 66.906 KB937143.log 12.09.2007 22:45 230.931 iis6.log 12.09.2007 22:45 504.915 comsetup.log 12.09.2007 22:45 313.785 ntdtcsetup.log 12.09.2007 22:45 577.197 tsoc.log 12.09.2007 22:45 70.854 ocmsn.log 12.09.2007 22:45 1.374 imsins.log 12.09.2007 22:45 8.864 KB939683.log 12.09.2007 22:45 732.124 ocgen.log 12.09.2007 22:45 74.619 msgsocm.log 12.09.2007 22:45 1.506.101 FaxSetup.log 12.09.2007 21:46 1.374 imsins.BAK 12.09.2007 21:46 69.474 KB931784.log 12.09.2007 21:44 6.447 KB923723.log 12.09.2007 21:43 22.771 KB936021.log 12.09.2007 21:41 22.157 KB938828.log 12.09.2007 21:40 62.796 KB931261.log 12.09.2007 21:39 9.135 KB927891.log 12.09.2007 21:39 21.003 KB936357.log 12.09.2007 21:38 21.279 KB921503.log 12.09.2007 21:35 21.296 KB938829.log 12.09.2007 21:31 21.114 KB938127.log 12.09.2007 21:31 35.004 KB933360.log 12.09.2007 21:27 0 0.log 07.09.2007 09:41 46.321 spupdsvc.log 06.09.2007 23:44 289.864 msxml4-KB936181-enu.LOG 06.09.2007 23:44 11.867 KB936782.log 06.09.2007 23:44 357.426 wmsetup.log 04.09.2007 17:09 1.364.924 DPINST.LOG 04.09.2007 10:09 84 opt_2460.ini 25.08.2007 02:02 116 NeroDigital.ini 30.07.2007 10:34 34.782 xobglu32.dll 30.07.2007 10:34 63.488 xobglu16.dll 20.07.2007 00:47 109.056 catchme.exe 04.07.2007 09:21 1.409 QTFont.for . . . Datentr„ger in Laufwerk C: ist BOOT Volumeseriennummer: 146C-2993 Verzeichnis von C:\WINDOWS\temp . . . Datentr„ger in Laufwerk C: ist BOOT Volumeseriennummer: 146C-2993 Verzeichnis von C:\WINDOWS\Downloaded Program Files 14.02.2007 16:30 144 setup.inf 24.08.2006 08:28 141.424 asinst.dll 22.08.2006 09:06 537 asinst.inf . . .