Bernd - 06-11-11 16:56:14,45 Service Pack 2 ComboFix 06.11.9 - Running from: "C:\Dokumente und Einstellungen\Bernd" (((((((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) C:\WINDOWS\system32\ismini.exe C:\WINDOWS\system32\isnotify.exe C:\WINDOWS\system32\issearch.exe C:\Programme\Gemeinsame Dateien\Yazzle1162OinAdmin.exe C:\Programme\Gemeinsame Dateien\Yazzle1162OinUninstaller.exe C:\WINDOWS\system32\ixt0.dll C:\Programme\Safety Bar C:\WINDOWS\system32\components ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ Purity ~ ~ ~ ~ ~ ~ ~ ~~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ Folders Quarantined: C:\QooBox\Purity\WINDOWS\SMANTE~1 C:\QooBox\Purity\WINDOWS\system32\CROSOF~1 C:\QooBox\Purity\WINDOWS\system32\CROSOF~1\n?tepad.exe ((((((((((((((((((((((((((((((( Files Created from 2006-10-11 to 2006-11-11 )))))))))))))))))))))))))))))))))) 2006-11-11 16:48 131,072 --a------ C:\WINDOWS\system32\thpvmasw.dll 2006-11-11 16:47 705,957 ---hs---- C:\WINDOWS\system32\xbadd.bak2 2006-11-10 12:30 106,496 --a------ C:\WINDOWS\system32\impgsje.dll 2006-11-10 12:29 581,508 ---hs---- C:\WINDOWS\system32\xbadd.bak1 2006-11-10 12:28 692,276 ---hs---- C:\WINDOWS\system32\ddabx.dll 2006-11-10 12:25 2 --a------ C:\WINDOWS\system32\wnsapisv.exe 2006-11-10 12:25 101,888 --a------ C:\WINDOWS\system32\drvbug.dll 2006-11-10 12:23 40,973 ---hs---- C:\WINDOWS\system32\jkkkkhf.dll 2006-11-10 12:23 15,872 --a------ C:\WINDOWS\system32\winmbj32.dll 2006-11-09 21:49 89,360 -ra------ C:\WINDOWS\system32\VB5DB.DLL 2006-11-09 21:49 69,632 -ra------ C:\WINDOWS\system32\xmltok.dll 2006-11-09 21:49 36,864 -ra------ C:\WINDOWS\system32\xmlparse.dll 2006-11-09 21:26 76,288 --a------ C:\WINDOWS\system32\drivers\SSHDRV82.sys 2006-10-16 16:43 43,520 --a------ C:\WINDOWS\system32\CmdLineExt03.dll (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))) 2006-11-11 16:56 -------- d-------- C:\Programme\Gemeinsame Dateien 2006-11-10 16:44 -------- d-------- C:\Programme\VirusBursters 2006-11-10 12:35 -------- d-------- C:\Programme\NavNT 2006-11-10 12:23 -------- d-------- C:\Programme\Google 2006-11-10 12:06 -------- d-------- C:\Programme\SlySoft 2006-11-09 21:48 -------- d-------- C:\Programme\Ubi Soft 2006-11-09 21:31 -------- d-------- C:\Programme\Bethesda Softworks 2006-11-09 15:05 -------- d-------- C:\Programme\WinRAR 2006-11-01 18:11 -------- d-------- C:\Programme\Chess 2006-10-24 09:36 -------- d-------- C:\Programme\iTunes 2006-10-24 09:35 -------- d-------- C:\Programme\QuickTime 2006-10-24 09:35 -------- d-------- C:\Programme\iPod 2006-10-24 09:33 -------- d-------- C:\Programme\Apple Software Update 2006-10-10 15:06 -------- d-------- C:\Programme\ElsterFormular2005 2006-09-18 18:11 -------- d-------- C:\Programme\Internet Explorer 2006-09-18 18:08 -------- d-------- C:\Programme\Windows Media Player 2006-09-18 18:08 -------- d-------- C:\Programme\Outlook Express 2006-09-18 18:08 -------- d-------- C:\Programme\Gemeinsame Dateien\System 2006-08-21 13:26 16896 --a------ C:\WINDOWS\system32\fltlib.dll 2006-08-21 10:14 23040 --a------ C:\WINDOWS\system32\fltmc.exe (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries are not shown [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run] "Mozilla Quick Launch"="\"C:\\Programme\\Mozilla1.7.6\\Mozilla.exe\" -turbo" "freenetiPhone"="c:\\programme\\freenetiphone\\iPhoneStarter.exe -minimized" "PcSync"="C:\\Programme\\Nokia\\Nokia PC Suite 6\\PcSync2.exe /NoDialog" "Tmto"="\"C:\\WINDOWS\\system32\\ASKS~1\\lsass.exe\" -vt yazb" "Vlijxa"="C:\\WINDOWS\\system32\\??crosoft\\n?tepad.exe" "swg"="C:\\Programme\\Google\\GoogleToolbarNotifier\\1.2.908.5008\\GoogleToolbarNotifier.exe" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] "Cmaudio"="RunDll32 cmicnfg.cpl,CMICtrlWnd" "CHotkey"="zHotkey.exe" "NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup" "nwiz"="nwiz.exe /install" "NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe" "vptray"="C:\\Programme\\NavNT\\vptray.exe" "HP Component Manager"="\"C:\\Programme\\HP\\hpcoretech\\hpcmpmgr.exe\"" "HP Software Update"="C:\\Programme\\HP\\HP Software Update\\HPWuSchd2.exe" "PCSuiteTrayApplication"="C:\\PROGRA~1\\Nokia\\NOKIAP~1\\LAUNCH~1.EXE -startup" "QuickTime Task"="\"C:\\Programme\\QuickTime\\qttask.exe\" -atboottime" "iTunesHelper"="\"C:\\Programme\\iTunes\\iTunesHelper.exe\"" "CTDrive"="rundll32.exe C:\\WINDOWS\\system32\\drvbug.dll,startup" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL] "Installed"="1" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI] "NoChange"="1" "Installed"="1" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS] "Installed"="1" [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components] "DeskHtmlVersion"=dword:00000110 "DeskHtmlMinorVersion"=dword:00000005 "Settings"=dword:00000001 "GeneralFlags"=dword:00000005 [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="Die derzeitige Homepage" "Flags"=dword:00000002 "Position"=hex:2c,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,e2,02,00,00,00,\ 00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00 "CurrentState"=hex:04,00,00,40 "OriginalStateInfo"=hex:18,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,e2,02,\ 00,00,04,00,00,40 "RestoredStateInfo"=hex:18,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,e2,02,\ 00,00,01,00,00,00 [HKEY_USERS\.default\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE" [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon" "{d7bdd42a-7e69-4bb8-aac3-d76ff65a3aa3}"="archenteric" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"="" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "dontdisplaylastusername"=dword:00000000 "legalnoticecaption"="" "legalnoticetext"="" "shutdownwithoutlogon"=dword:00000001 "undockwithoutlogon"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run] "issearch.exe"="issearch.exe" "kernel32.dll"="C:\\WINDOWS\\system32\\isnotify.exe" [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload] "PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}" "CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}" "WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" "SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}" "archenteric"="{d7bdd42a-7e69-4bb8-aac3-d76ff65a3aa3}" HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ddabx HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\winmbj32 [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll" Contents of the 'Scheduled Tasks' folder C:\WINDOWS\tasks\AppleSoftwareUpdate.job Completion time: 06-11-11 16:57:19.57 C:\ComboFix.txt ... 06-11-11 16:57