Home » Spyware & Browser Hijacker Support Forum » Virus Alert! Your Computer is Infected Popup... » Themenansicht

Virus Alert! Your Computer is Infected Popup...
#0
18.08.2006, 04:27
Benjo
...neu hier

Beiträge: 1
#1 Hi,

habe vor ein paar Tagen mein System neu aufgesetzt und seit etwa 2 Tagen hab ich dieses nervige Pop Up in meiner Startleiste.

Ich hab schon vieles was zu diesem Problem hier stehen probiert, doch leider hat nichts funktioniert.
Ich hoffe daher das ihr mir weiterhelfen könnt

Hier das Hijack File:

Logfile of HijackThis v1.99.1
Scan saved at 04:10:52, on 18.08.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\AntiVir PersonalEdition Classic\sched.exe
C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Programme\CyberLink\Shared files\RichVideo.exe
C:\Programme\Sunbelt Software\CounterSpy\Consumer\Thread.exe
C:\Programme\Sunbelt Software\CounterSpy\Consumer\SunProtectionServer.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe
C:\Programme\CyberLink\PowerDVD\PDVDServ.exe
C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe
C:\Programme\Java\jre1.5.0_08\bin\jusched.exe
C:\Programme\Winamp\winampa.exe
C:\Programme\Wecker\Wecker.exe
C:\Programme\Sunbelt Software\CounterSpy\Consumer\sunserver.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis2\kernel.exe
C:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis2\sc_watch.exe
C:\PROGRA~1\T-Online\T-ONLI~1\BASIS-~1\Basis2\PROFIL~1.EXE
C:\PROGRA~1\T-Online\T-ONLI~1\Notifier\Notifier.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\Dokumente und Einstellungen\Benjamin Hagedorn\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
O3 - Toolbar: (no name) - {CBCC61FA-0221-4ccc-B409-CEE865CACA3A} - (no file)
O3 - Toolbar: Yahoo! Toolbar mit Pop-Up-Blocker - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Windows Explorer] C:\WINDOWS\system32\explorer.exe
O4 - HKLM\..\Run: [Microsoft (R) Windows Update Manager] C:\WINDOWS\update\updmgr.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [RemoteControl] C:\Programme\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [LanguageShortcut] C:\Programme\CyberLink\PowerDVD\Language\Language.exe
O4 - HKLM\..\Run: [SpyQuake2.com] C:\Programme\SpyQuake2.com\Spy-Quake2.exe /h
O4 - HKLM\..\Run: [avgnt] "C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre1.5.0_08\bin\jusched.exe"
O4 - HKLM\..\Run: [ICQ Lite] "C:\Programme\ICQLite\ICQLite.exe" -minimize
O4 - HKLM\..\Run: [WinampAgent] C:\Programme\Winamp\winampa.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Programme\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [wecker] C:\Programme\Wecker\Wecker.exe
O4 - HKLM\..\Run: [SunServer] C:\Programme\Sunbelt Software\CounterSpy\Consumer\sunserver.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [InfoCockpit] C:\Programme\T-Online\T-Online_Software_6\Info-Cockpit\INFOCOCKPIT.EXE /nosplash
O4 - Global Startup: Adobe Reader - Schnellstart.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programme\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programme\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O15 - Trusted Zone: http://www.amaena.com
O15 - Trusted Zone: http://locator.cdn.imageservr.com
O15 - Trusted Zone: http://scanner.sysprotect.com
O15 - Trusted Zone: http://*.systemdoctor.com
O15 - Trusted Zone: http://www.winantivirus.com
O15 - Trusted Zone: http://www.winantiviruspro.com
O15 - Trusted Zone: http://download.cdn.winsoftware.com
O15 - Trusted IP range: http://202.67.220.225
O15 - Trusted IP range: http://59.148.220.121
O15 - Trusted IP range: http://62.4.84.53
O15 - Trusted IP range: http://82.98.235.58
O15 - Trusted IP range: http://85.12.25.90
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1155508071031
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1155508582296
O17 - HKLM\System\CCS\Services\Tcpip\..\{A619F6A8-53F7-42ED-8686-4E8E39067FF0}: NameServer = 217.237.151.225 217.237.150.205
O21 - SSODL: incestuously - {03413bf7-e34c-445b-bfc0-a2b127255871} - C:\WINDOWS\system32\urroxtl.dll
O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Programme\CyberLink\Shared files\RichVideo.exe
O23 - Service: Windows Update Manager (UpdateManager) - Unknown owner - C:\WINDOWS\update\updmgr.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe


So hier der Log von combofix:
Start Time= 18.08.2006 4:36:35,76
Running from: C:\Dokumente und Einstellungen\Benjamin Hagedorn\Desktop

QuickScan did not find any signs of infected files

(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


2006-08-18 03:31:26 ( .D... ) "C:\Programme\CleanUp!"
2006-08-18 02:49:56 ( .D... ) "C:\Programme\Sunbelt Software"
2006-08-17 22:26:16 13844 ( A.... ) "C:\WINDOWS\system32\hcnmosol.exe"
2006-08-16 22:26:10 12308 ( A.... ) "C:\WINDOWS\system32\qnxcglvn.exe"
2006-08-16 22:26:08 12820 ( A.... ) "C:\WINDOWS\system32\pmmojyes.exe"
2006-08-15 18:02:24 ( .D... ) "C:\Dokumente und Einstellungen\Benjamin Hagedorn\Anwendungsdaten\AdobeUM"
2006-08-15 17:58:20 1557 ( A.... ) "C:\Dokumente und Einstellungen\Benjamin Hagedorn\Anwendungsdaten\AdobeDLM.log"
2006-08-15 17:58:20 0 ( A.... ) "C:\Dokumente und Einstellungen\Benjamin Hagedorn\Anwendungsdaten\dm.ini"
2006-08-15 17:57:24 ( .D... ) "C:\Programme\Adobe"
2006-08-15 17:56:36 ( .D... ) "C:\Programme\Yahoo!"
2006-08-15 17:52:04 ( .D... ) "C:\Dokumente und Einstellungen\Benjamin Hagedorn\Anwendungsdaten\Adobe"
2006-08-15 17:51:58 ( .D... ) "C:\Programme\Gemeinsame Dateien\Adobe"
2006-08-15 17:39:36 ( .D... ) "C:\Programme\Winamp"
2006-08-15 17:32:14 ( .D... ) "C:\Dokumente und Einstellungen\Benjamin Hagedorn\Anwendungsdaten\ICQLite"
2006-08-15 17:32:12 ( .D... ) "C:\Programme\ICQLite"
2006-08-15 05:27:32 ( .D... ) "C:\Dokumente und Einstellungen\Benjamin Hagedorn\Anwendungsdaten\Media Player Classic"
2006-08-15 05:01:20 ( .D... ) "C:\Programme\Wecker"
2006-08-15 04:57:34 ( .D... ) "C:\Programme\Wecker 2.2"
2006-08-15 04:54:18 ( .D... ) "C:\Dokumente und Einstellungen\Benjamin Hagedorn\Anwendungsdaten\dvdcss"
2006-08-15 04:25:14 ( .D... ) "C:\Dokumente und Einstellungen\Benjamin Hagedorn\Anwendungsdaten\Azureus"
2006-08-15 04:25:04 ( .D... ) "C:\Programme\Azureus"
2006-08-15 04:23:52 ( .D... ) "C:\Programme\Java"
2006-08-15 04:23:50 ( .D... ) "C:\Programme\Gemeinsame Dateien\Java"
2006-08-15 04:02:34 ( .D... ) "C:\Programme\PartyGaming"
2006-08-15 02:17:34 ( .D... ) "C:\Programme\AntiVir PersonalEdition Classic"
2006-08-15 01:57:40 176128 ( A.... ) "C:\WINDOWS\system32\urroxtl.dll"
2006-08-15 00:22:00 67584 ( A.... ) "C:\WINDOWS\ScUnin.exe"
2006-08-15 00:12:14 ( .D... ) "C:\Dokumente und Einstellungen\Benjamin Hagedorn\Anwendungsdaten\CyberLink"
2006-08-15 00:01:04 ( .D... ) "C:\Programme\CyberLink"
2006-08-14 23:39:50 47564 ( A.SHR ) "C:\NTDETECT.COM"
2006-08-14 18:22:16 573492 ( ..... ) "C:\WINDOWS\system32\awvvs.dll"
2006-08-14 16:45:04 ( .D... ) "C:\Programme\Gemeinsame Dateien\{E86603E9-0A2D-1031-0124-030611200031}"
2006-08-14 16:40:44 ( .D... ) "C:\Programme\WinRAR"
2006-08-14 04:55:30 ( .D... ) "C:\Dokumente und Einstellungen\Benjamin Hagedorn\Anwendungsdaten\vlc"
2006-08-14 04:02:36 ( .D... ) "C:\Programme\VideoLAN"
2006-08-14 03:07:52 ( .D... ) "C:\Programme\Installs"
2006-08-14 02:50:14 ( .D... ) "C:\Programme\Zone Labs"
2006-08-14 01:56:38 ( .D... ) "C:\Programme\Realtek AC97"
2006-08-14 00:54:44 ( .D... ) "C:\Programme\Realtek Sound Manager"
2006-08-14 00:54:44 ( .D... ) "C:\Programme\AvRack"
2006-08-14 00:23:42 ( .D... ) "C:\Dokumente und Einstellungen\Benjamin Hagedorn\Anwendungsdaten\teamspeak2"
2006-08-14 00:23:24 ( .D... ) "C:\Programme\Teamspeak2_RC2"
2006-08-14 00:11:36 ( .D... ) "C:\Programme\Gemeinsame Dateien\ODBC"
2006-08-14 00:11:32 ( .D... ) "C:\Programme\Gemeinsame Dateien\SpeechEngines"
2006-08-14 00:11:32 ( .D... ) "C:\Programme\Gemeinsame Dateien\Microsoft Shared"
2006-08-14 00:11:32 ( .D... ) "C:\Programme\Gemeinsame Dateien"
2006-08-14 00:11:06 62 ( A.SH. ) "C:\Dokumente und Einstellungen\Benjamin Hagedorn\Anwendungsdaten\desktop.ini"
2006-08-13 23:53:06 ( .D... ) "C:\Dokumente und Einstellungen\Benjamin Hagedorn\Anwendungsdaten\Talkback"
2006-08-13 23:43:56 ( .D... ) "C:\Programme\Mozilla Firefox"
2006-08-13 23:43:56 ( .D... ) "C:\Dokumente und Einstellungen\Benjamin Hagedorn\Anwendungsdaten\Mozilla"
2006-08-13 23:32:20 ( .D... ) "C:\Dokumente und Einstellungen\Benjamin Hagedorn\Anwendungsdaten\T-Online"
2006-08-13 23:31:44 ( .D.H. ) "C:\Programme\InstallShield Installation Information"
2006-08-13 23:31:44 ( .D... ) "C:\Programme\T-Online"
2006-08-13 23:31:32 ( .D... ) "C:\Programme\Gemeinsame Dateien\InstallShield"
2006-08-13 23:30:46 ( .D... ) "C:\Dokumente und Einstellungen\Benjamin Hagedorn\Anwendungsdaten\Macromedia"
2006-08-13 23:29:20 ( .D... ) "C:\Dokumente und Einstellungen\Benjamin Hagedorn\Anwendungsdaten\Identities"
2006-08-13 23:29:18 ( .D.H. ) "C:\Programme\Uninstall Information"
2006-08-13 23:29:14 ( .DS.. ) "C:\Dokumente und Einstellungen\Benjamin Hagedorn\Anwendungsdaten\Microsoft"
2006-08-13 23:20:24 ( .D... ) "C:\Programme\xerox"
2006-08-13 23:20:24 ( .D... ) "C:\Programme\microsoft frontpage"
2006-08-13 23:20:14 0 ( A.... ) "C:\AUTOEXEC.BAT"
2006-08-13 23:19:00 ( .D... ) "C:\Programme\Online-Dienste"
2006-08-13 23:18:02 ( .D... ) "C:\Programme\Gemeinsame Dateien\Dienste"
2006-08-13 23:17:54 ( .D... ) "C:\Programme\Gemeinsame Dateien\MSSoap"
2006-08-13 23:17:48 ( .D... ) "C:\Programme\Movie Maker"
2006-08-13 23:17:40 ( .D... ) "C:\Programme\NetMeeting"
2006-08-13 23:17:38 ( .D... ) "C:\Programme\Outlook Express"
2006-08-13 23:17:32 ( .D... ) "C:\Programme\Internet Explorer"
2006-08-13 23:17:32 ( .D... ) "C:\Programme\Gemeinsame Dateien\System"
2006-08-13 23:17:14 ( .D... ) "C:\Programme\ComPlus Applications"
2006-08-13 23:16:40 ( .D.H. ) "C:\Programme\WindowsUpdate"
2006-08-13 23:16:40 ( .D... ) "C:\Programme\Windows Media Player"
2006-08-13 23:16:40 ( .D... ) "C:\Programme\Online Services"
2006-08-13 23:16:34 ( .D... ) "C:\Programme\Messenger"
2006-08-13 23:16:28 ( .D... ) "C:\Programme\MSN Gaming Zone"
2006-08-13 23:15:52 ( .D... ) "C:\Programme\Windows NT"
2006-08-13 23:15:52 ( .D... ) "C:\Programme\MSN"
2006-08-01 15:02:32 49152 ( A.... ) "C:\WINDOWS\system32\ChCfg.exe"
2006-07-31 11:19:24 315392 ( A.... ) "C:\WINDOWS\alcupd.exe"
2006-07-27 15:25:20 679424 ( A.... ) "C:\WINDOWS\system32\inetcomm.dll"
2006-07-26 03:03:16 127078 ( A.... ) "C:\WINDOWS\system32\javaws.exe"
2006-07-26 01:26:06 53346 ( A.... ) "C:\WINDOWS\system32\javaw.exe"
2006-07-26 01:25:56 49248 ( A.... ) "C:\WINDOWS\system32\java.exe"
2006-07-21 10:29:00 72704 ( A.... ) "C:\WINDOWS\system32\hlink.dll"
2006-07-14 17:38:52 332288 ( A.... ) "C:\WINDOWS\system32\netapi32.dll"
2006-07-14 08:44:56 10528256 ( A.... ) "C:\WINDOWS\system32\RTLCPL.exe"
2006-07-13 15:34:28 8494592 ( A.... ) "C:\WINDOWS\system32\shell32.dll"
2006-07-09 13:42:58 42920 ( A.... ) "C:\WINDOWS\system32\vsutil_loc0407.dll"
2006-07-09 13:42:44 392824 ( A.... ) "C:\WINDOWS\system32\vsdatant.sys"
2006-07-09 13:42:44 392824 ( A.... ) "C:\WINDOWS\system32\vsdatant.sys"
2006-07-09 13:42:14 83960 ( A.... ) "C:\WINDOWS\system32\zlcomm.dll"
2006-07-09 13:42:14 71672 ( A.... ) "C:\WINDOWS\system32\zlcommdb.dll"
2006-07-09 13:42:12 100344 ( A.... ) "C:\WINDOWS\system32\vsxml.dll"
2006-07-09 13:42:12 59384 ( A.... ) "C:\WINDOWS\system32\vswmi.dll"
2006-07-09 13:42:10 440312 ( A.... ) "C:\WINDOWS\system32\vsutil.dll"
2006-07-09 13:42:10 71672 ( A.... ) "C:\WINDOWS\system32\vsregexp.dll"
2006-07-09 13:42:08 268280 ( A.... ) "C:\WINDOWS\system32\vspubapi.dll"
2006-07-09 13:42:08 157688 ( A.... ) "C:\WINDOWS\system32\vsinit.dll"
2006-07-09 13:42:08 104440 ( A.... ) "C:\WINDOWS\system32\vsmonapi.dll"
2006-07-09 13:42:06 83960 ( A.... ) "C:\WINDOWS\system32\vsdata.dll"
2006-07-09 13:41:58 796584 ( A.... ) "C:\WINDOWS\system32\libeay32_0.9.6l.dll"
2006-07-05 12:55:22 1057792 ( A.... ) "C:\WINDOWS\system32\kernel32.dll"
2006-06-30 06:32:46 143360 ( A.... ) "C:\WINDOWS\system32\RtlCPAPI.dll"
2006-06-26 19:40:34 148480 ( A.... ) "C:\WINDOWS\system32\dnsapi.dll"
2006-06-26 19:40:34 8192 ( A.... ) "C:\WINDOWS\system32\rasadhlp.dll"
2006-06-21 05:42:44 577536 ( A.... ) "C:\WINDOWS\soundman.exe"
2006-06-02 11:04:44 57384 ( A.... ) "C:\WINDOWS\system32\avsda.dll"
2006-06-01 19:09:24 208896 ( A.... ) "C:\WINDOWS\system32\NVUNINST.EXE"
2006-06-01 17:22:00 7618560 ( A.... ) "C:\WINDOWS\system32\nvcpl.dll"
2006-06-01 17:22:00 5652480 ( A.... ) "C:\WINDOWS\system32\nvdisps.dll"
2006-06-01 17:22:00 5632000 ( A.... ) "C:\WINDOWS\system32\nvoglnt.dll"
2006-06-01 17:22:00 5246976 ( A.... ) "C:\WINDOWS\system32\nvdispsr.dll"
2006-06-01 17:22:00 4529408 ( A.... ) "C:\WINDOWS\system32\nv4_disp.dll"
2006-06-01 17:22:00 3100672 ( A.... ) "C:\WINDOWS\system32\nvgames.dll"
2006-06-01 17:22:00 2977792 ( A.... ) "C:\WINDOWS\system32\nvvitvsr.dll"
2006-06-01 17:22:00 2924544 ( A.... ) "C:\WINDOWS\system32\nvvitvs.dll"
2006-06-01 17:22:00 2916352 ( A.... ) "C:\WINDOWS\system32\nvgamesr.dll"
2006-06-01 17:22:00 2859008 ( A.... ) "C:\WINDOWS\system32\nvmoblsr.dll"
2006-06-01 17:22:00 1740800 ( A.... ) "C:\WINDOWS\system32\nvwssr.dll"
2006-06-01 17:22:00 1662976 ( A.... ) "C:\WINDOWS\system32\nvwdmcpl.dll"
2006-06-01 17:22:00 1519616 ( A.... ) "C:\WINDOWS\system32\nwiz.exe"
2006-06-01 17:22:00 1466368 ( A.... ) "C:\WINDOWS\system32\nview.dll"
2006-06-01 17:22:00 1339392 ( A.... ) "C:\WINDOWS\system32\nvdspsch.exe"
2006-06-01 17:22:00 1257472 ( A.... ) "C:\WINDOWS\system32\nvwss.dll"
2006-06-01 17:22:00 1019904 ( A.... ) "C:\WINDOWS\system32\nvwimg.dll"
2006-06-01 17:22:00 1011712 ( A.... ) "C:\WINDOWS\system32\nvcpluir.dll"
2006-06-01 17:22:00 888832 ( A.... ) "C:\WINDOWS\system32\nvmobls.dll"
2006-06-01 17:22:00 794624 ( A.... ) "C:\WINDOWS\system32\nvcplui.exe"
2006-06-01 17:22:00 581632 ( A.... ) "C:\WINDOWS\system32\nvhwvid.dll"
2006-06-01 17:22:00 466944 ( A.... ) "C:\WINDOWS\system32\nvshell.dll"
2006-06-01 17:22:00 462848 ( A.... ) "C:\WINDOWS\system32\nvmccssr.dll"
2006-06-01 17:22:00 442368 ( A.... ) "C:\WINDOWS\system32\nvappbar.exe"
2006-06-01 17:22:00 425984 ( A.... ) "C:\WINDOWS\system32\keystone.exe"
2006-06-01 17:22:00 335872 ( A.... ) "C:\WINDOWS\system32\nvwrses.dll"
2006-06-01 17:22:00 335872 ( A.... ) "C:\WINDOWS\system32\nvwrsel.dll"
2006-06-01 17:22:00 327680 ( A.... ) "C:\WINDOWS\system32\nvwrsfr.dll"
2006-06-01 17:22:00 327680 ( A.... ) "C:\WINDOWS\system32\nvwrsesm.dll"
2006-06-01 17:22:00 327680 ( A.... ) "C:\WINDOWS\system32\nvrshe.dll"
2006-06-01 17:22:00 327680 ( A.... ) "C:\WINDOWS\system32\nvrsar.dll"
2006-06-01 17:22:00 323584 ( A.... ) "C:\WINDOWS\system32\nvwrspt.dll"
2006-06-01 17:22:00 323584 ( A.... ) "C:\WINDOWS\system32\nvwrsit.dll"
2006-06-01 17:22:00 319488 ( A.... ) "C:\WINDOWS\system32\nvwrsptb.dll"
2006-06-01 17:22:00 319488 ( A.... ) "C:\WINDOWS\system32\nvwrsnl.dll"
2006-06-01 17:22:00 315392 ( A.... ) "C:\WINDOWS\system32\nvwrsru.dll"
2006-06-01 17:22:00 315392 ( A.... ) "C:\WINDOWS\system32\nvwrshu.dll"
2006-06-01 17:22:00 311296 ( A.... ) "C:\WINDOWS\system32\nvwrsde.dll"
2006-06-01 17:22:00 311296 ( A.... ) "C:\WINDOWS\system32\nvexpbar.dll"
2006-06-01 17:22:00 303104 ( A.... ) "C:\WINDOWS\system32\nvwrstr.dll"
2006-06-01 17:22:00 303104 ( A.... ) "C:\WINDOWS\system32\nvwrssl.dll"
2006-06-01 17:22:00 303104 ( A.... ) "C:\WINDOWS\system32\nvwrsfi.dll"
2006-06-01 17:22:00 299008 ( A.... ) "C:\WINDOWS\system32\nvwrssk.dll"
2006-06-01 17:22:00 299008 ( A.... ) "C:\WINDOWS\system32\nvwrsno.dll"
2006-06-01 17:22:00 294912 ( A.... ) "C:\WINDOWS\system32\nvwrssv.dll"
2006-06-01 17:22:00 294912 ( A.... ) "C:\WINDOWS\system32\nvwrspl.dll"
2006-06-01 17:22:00 294912 ( A.... ) "C:\WINDOWS\system32\nvwrsda.dll"
2006-06-01 17:22:00 286720 ( A.... ) "C:\WINDOWS\system32\nvwrseng.dll"
2006-06-01 17:22:00 286720 ( A.... ) "C:\WINDOWS\system32\nvwrscs.dll"
2006-06-01 17:22:00 286720 ( A.... ) "C:\WINDOWS\system32\nvnt4cpl.dll"
2006-06-01 17:22:00 282624 ( A.... ) "C:\WINDOWS\system32\nvwrsar.dll"
2006-06-01 17:22:00 282624 ( A.... ) "C:\WINDOWS\system32\nvrsit.dll"
2006-06-01 17:22:00 282624 ( A.... ) "C:\WINDOWS\system32\nvrsfr.dll"
2006-06-01 17:22:00 282624 ( A.... ) "C:\WINDOWS\system32\nvrses.dll"
2006-06-01 17:22:00 282624 ( A.... ) "C:\WINDOWS\system32\nvrsel.dll"
2006-06-01 17:22:00 278528 ( A.... ) "C:\WINDOWS\system32\nvwrshe.dll"
2006-06-01 17:22:00 278528 ( A.... ) "C:\WINDOWS\system32\nvrsde.dll"
2006-06-01 17:22:00 274432 ( A.... ) "C:\WINDOWS\system32\nvrspt.dll"
2006-06-01 17:22:00 274432 ( A.... ) "C:\WINDOWS\system32\nvrsnl.dll"
2006-06-01 17:22:00 274432 ( A.... ) "C:\WINDOWS\system32\nvrsesm.dll"
2006-06-01 17:22:00 270336 ( A.... ) "C:\WINDOWS\system32\nvrsru.dll"
2006-06-01 17:22:00 266240 ( A.... ) "C:\WINDOWS\system32\nvrsptb.dll"
2006-06-01 17:22:00 266240 ( A.... ) "C:\WINDOWS\system32\nvrsja.dll"
2006-06-01 17:22:00 262144 ( A.... ) "C:\WINDOWS\system32\nvrsko.dll"
2006-06-01 17:22:00 258048 ( A.... ) "C:\WINDOWS\system32\nvrstr.dll"
2006-06-01 17:22:00 258048 ( A.... ) "C:\WINDOWS\system32\nvrssl.dll"
2006-06-01 17:22:00 258048 ( A.... ) "C:\WINDOWS\system32\nvrssk.dll"
2006-06-01 17:22:00 258048 ( A.... ) "C:\WINDOWS\system32\nvrspl.dll"
2006-06-01 17:22:00 258048 ( A.... ) "C:\WINDOWS\system32\nvrshu.dll"
2006-06-01 17:22:00 253952 ( A.... ) "C:\WINDOWS\system32\nvrssv.dll"
2006-06-01 17:22:00 253952 ( A.... ) "C:\WINDOWS\system32\nvrsno.dll"
2006-06-01 17:22:00 253952 ( A.... ) "C:\WINDOWS\system32\nvrsda.dll"
2006-06-01 17:22:00 249856 ( A.... ) "C:\WINDOWS\system32\nvrsfi.dll"
2006-06-01 17:22:00 245760 ( A.... ) "C:\WINDOWS\system32\nvrseng.dll"
2006-06-01 17:22:00 245760 ( A.... ) "C:\WINDOWS\system32\nvrscs.dll"
2006-06-01 17:22:00 229376 ( A.... ) "C:\WINDOWS\system32\nvmccs.dll"
2006-06-01 17:22:00 225280 ( A.... ) "C:\WINDOWS\system32\nvrszhc.dll"
2006-06-01 17:22:00 212992 ( A.... ) "C:\WINDOWS\system32\nvwrsja.dll"
2006-06-01 17:22:00 208896 ( A.... ) "C:\WINDOWS\system32\nvudisp.exe"
2006-06-01 17:22:00 196608 ( A.... ) "C:\WINDOWS\system32\nvwrsko.dll"
2006-06-01 17:22:00 196608 ( A.... ) "C:\WINDOWS\system32\nvapi.dll"
2006-06-01 17:22:00 188416 ( A.... ) "C:\WINDOWS\system32\nvmccss.dll"
2006-06-01 17:22:00 167936 ( A.... ) "C:\WINDOWS\system32\nvwrszht.dll"
2006-06-01 17:22:00 163840 ( A.... ) "C:\WINDOWS\system32\nvwrszhc.dll"
2006-06-01 17:22:00 155715 ( A.... ) "C:\WINDOWS\system32\nvsvc32.exe"
2006-06-01 17:22:00 147456 ( A.... ) "C:\WINDOWS\system32\nvcolor.exe"
2006-06-01 17:22:00 122880 ( A.... ) "C:\WINDOWS\system32\nvrszht.dll"
2006-06-01 17:22:00 86016 ( A.... ) "C:\WINDOWS\system32\nvmctray.dll"
2006-06-01 17:22:00 81920 ( A.... ) "C:\WINDOWS\system32\nvwddi.dll"
2006-06-01 17:22:00 45056 ( A.... ) "C:\WINDOWS\system32\nvmccsrs.dll"
2006-06-01 17:22:00 35840 ( A.... ) "C:\WINDOWS\system32\nvcodins.dll"
2006-06-01 17:22:00 35840 ( A.... ) "C:\WINDOWS\system32\nvcod.dll"
2006-05-19 15:09:50 112128 ( A.... ) "C:\WINDOWS\system32\dhcpcsvc.dll"
2006-05-19 15:09:50 95744 ( A.... ) "C:\WINDOWS\system32\iphlpapi.dll"


(((((((((((((((((((((((((((((((((((((( Files Created - Last 30days )))))))))))))))))))))))))))))))))))))))))))


2006-08-17 22:26 13.844 C:\WINDOWS\system32\hcnmosol.exe
2006-08-16 22:26 12.820 C:\WINDOWS\system32\pmmojyes.exe
2006-08-16 22:26 12.308 C:\WINDOWS\system32\qnxcglvn.exe
2006-08-15 15:09 221.184 C:\WINDOWS\system32\wmpns.dll
2006-08-15 04:24 53.346 C:\WINDOWS\system32\javaw.exe
2006-08-15 04:24 49.248 C:\WINDOWS\system32\java.exe
2006-08-15 04:24 127.078 C:\WINDOWS\system32\javaws.exe
2006-08-15 02:17 57.384 C:\WINDOWS\system32\avsda.dll
2006-08-15 02:03 46.352 C:\WINDOWS\setdebug.exe
2006-08-15 02:03 139.536 C:\WINDOWS\system32\javaee.dll
2006-08-15 02:03 113 C:\WINDOWS\system32\zonedon.reg
2006-08-15 02:03 113 C:\WINDOWS\system32\zonedoff.reg
2006-08-15 01:57 176.128 C:\WINDOWS\system32\urroxtl.dll
2006-08-15 00:05 67.584 C:\WINDOWS\ScUnin.exe
2006-08-15 00:01 24.064 C:\WINDOWS\system32\msxml3a.dll
2006-08-14 23:45 9.728 C:\WINDOWS\system32\proxycfg.exe
2006-08-14 23:45 61.440 C:\WINDOWS\system32\logman.exe
2006-08-14 23:44 88.064 C:\WINDOWS\system32\p2pnetsh.dll
2006-08-14 23:44 870.784 C:\WINDOWS\system32\ati3d1ag.dll
2006-08-14 23:44 86.016 C:\WINDOWS\system32\p2pgasvc.dll
2006-08-14 23:44 86.016 C:\WINDOWS\system32\mdmxsdk.dll
2006-08-14 23:44 81.920 C:\WINDOWS\system32\ieencode.dll
2006-08-14 23:44 81.408 C:\WINDOWS\system32\wscsvc.dll
2006-08-14 23:44 8.192 C:\WINDOWS\system32\smbinst.exe
2006-08-14 23:44 755.200 C:\WINDOWS\system32\ir50_32.dll
2006-08-14 23:44 75.776 C:\WINDOWS\system32\strmfilt.dll
2006-08-14 23:44 73.832 C:\WINDOWS\system32\slcoinst.dll
2006-08-14 23:44 73.796 C:\WINDOWS\system32\slserv.exe
2006-08-14 23:44 71.680 C:\WINDOWS\system32\blastcln.exe
2006-08-14 23:44 7.680 C:\WINDOWS\system32\kbdsmsno.dll
2006-08-14 23:44 7.680 C:\WINDOWS\system32\kbdsmsfi.dll
2006-08-14 23:44 7.168 C:\WINDOWS\system32\kbdukx.dll
2006-08-14 23:44 7.168 C:\WINDOWS\system32\kbdno1.dll
2006-08-14 23:44 7.168 C:\WINDOWS\system32\kbdfi1.dll
2006-08-14 23:44 60.416 C:\WINDOWS\system32\fwcfg.dll
2006-08-14 23:44 6.656 C:\WINDOWS\system32\kbdinmal.dll
2006-08-14 23:44 6.656 C:\WINDOWS\system32\kbdinben.dll
2006-08-14 23:44 6.144 C:\WINDOWS\system32\kbdmlt48.dll
2006-08-14 23:44 6.144 C:\WINDOWS\system32\kbdmlt47.dll
2006-08-14 23:44 6.144 C:\WINDOWS\system32\kbdinbe1.dll
2006-08-14 23:44 526.848 C:\WINDOWS\system32\p2psvc.dll
2006-08-14 23:44 516.768 C:\WINDOWS\system32\ativvaxx.dll
2006-08-14 23:44 50.688 C:\WINDOWS\system32\btpanui.dll
2006-08-14 23:44 50.176 C:\WINDOWS\system32\xmlprovi.dll
2006-08-14 23:44 5.632 C:\WINDOWS\system32\kbdmaori.dll
2006-08-14 23:44 49.152 C:\WINDOWS\system32\powercfg.exe
2006-08-14 23:44 48.640 C:\WINDOWS\system32\pnrpnsp.dll
2006-08-14 23:44 44.032 C:\WINDOWS\system32\twext.dll
2006-08-14 23:44 397.056 C:\WINDOWS\system32\s3gnb.dll
2006-08-14 23:44 384.512 C:\WINDOWS\system32\mp4sdmod.dll
2006-08-14 23:44 377.984 C:\WINDOWS\system32\ati2dvaa.dll
2006-08-14 23:44 338.432 C:\WINDOWS\system32\ir41_qcx.dll
2006-08-14 23:44 32.866 C:\WINDOWS\system32\slrundll.exe
2006-08-14 23:44 32.866 C:\WINDOWS\slrundll.exe
2006-08-14 23:44 32.768 C:\WINDOWS\system32\ativtmxx.dll
2006-08-14 23:44 32.285 C:\WINDOWS\system32\hsfcisp2.dll
2006-08-14 23:44 312.320 C:\WINDOWS\system32\p2pgraph.dll
2006-08-14 23:44 310.272 C:\WINDOWS\system32\mp43dmod.dll
2006-08-14 23:44 30.208 C:\WINDOWS\system32\bthserv.dll
2006-08-14 23:44 29.184 C:\WINDOWS\system32\sdhcinst.dll
2006-08-14 23:44 286.792 C:\WINDOWS\system32\slextspk.dll
2006-08-14 23:44 24.576 C:\WINDOWS\system32\httpapi.dll
2006-08-14 23:44 229.376 C:\WINDOWS\system32\ati2cqag.dll
2006-08-14 23:44 22.528 C:\WINDOWS\system32\fltmc.exe
2006-08-14 23:44 201.728 C:\WINDOWS\system32\ati2dvag.dll
2006-08-14 23:44 200.192 C:\WINDOWS\system32\ir50_qc.dll
2006-08-14 23:44 20.992 C:\WINDOWS\system32\bthci.dll
2006-08-14 23:44 2.981.888 C:\WINDOWS\system32\xpsp2res.dll
2006-08-14 23:44 193.024 C:\WINDOWS\system32\fsquirt.exe
2006-08-14 23:44 188.508 C:\WINDOWS\system32\slgen.dll
2006-08-14 23:44 183.808 C:\WINDOWS\system32\ir50_qcx.dll
2006-08-14 23:44 17.408 C:\WINDOWS\system32\winshfhc.dll
2006-08-14 23:44 16.896 C:\WINDOWS\system32\fltlib.dll
2006-08-14 23:44 15.872 C:\WINDOWS\system32\w3ssl.dll
2006-08-14 23:44 14.336 C:\WINDOWS\system32\auditusr.exe
2006-08-14 23:44 13.824 C:\WINDOWS\system32\wscntfy.exe
2006-08-14 23:44 13.824 C:\WINDOWS\system32\cmsetacl.dll
2006-08-14 23:44 129.536 C:\WINDOWS\system32\xmlprov.dll
2006-08-14 23:44 120.320 C:\WINDOWS\system32\ir41_qc.dll
2006-08-14 23:44 118.784 C:\WINDOWS\system32\msdadiag.dll
2006-08-14 23:44 116.224 C:\WINDOWS\system32\p2p.dll
2006-08-14 23:44 108.032 C:\WINDOWS\system32\wshbth.dll
2006-08-14 23:44 1.888.992 C:\WINDOWS\system32\ati3duag.dll
2006-08-14 23:44 1.737.856 C:\WINDOWS\system32\mtxparhd.dll
2006-08-14 18:21 573.492 C:\WINDOWS\system32\awvvs.dll
2006-08-14 17:27 83.456 C:\WINDOWS\system32\dpvsetup.exe
2006-08-14 17:27 825.344 C:\WINDOWS\system32\d3dim700.dll
2006-08-14 17:27 82.432 C:\WINDOWS\system32\dmscript.dll
2006-08-14 17:27 8.192 C:\WINDOWS\system32\d3d8thk.dll
2006-08-14 17:27 74.240 C:\WINDOWS\system32\dsdmoprp.dll
2006-08-14 17:27 733.696 C:\WINDOWS\system32\qedwipes.dll
2006-08-14 17:27 70.656 C:\WINDOWS\system32\amstream.dll
2006-08-14 17:27 619.008 C:\WINDOWS\system32\dx7vb.dll
2006-08-14 17:27 61.440 C:\WINDOWS\system32\dmcompos.dll
2006-08-14 17:27 60.928 C:\WINDOWS\system32\dpnhupnp.dll
2006-08-14 17:27 59.904 C:\WINDOWS\system32\devenum.dll
2006-08-14 17:27 57.856 C:\WINDOWS\system32\dpwsockx.dll
2006-08-14 17:27 563.200 C:\WINDOWS\system32\qedit.dll
2006-08-14 17:27 51.200 C:\WINDOWS\system32\wstdecod.dll
2006-08-14 17:27 46.592 C:\WINDOWS\system32\dxdllreg.exe
2006-08-14 17:27 4.096 C:\WINDOWS\system32\ksuser.dll
2006-08-14 17:27 386.048 C:\WINDOWS\system32\qdvd.dll
2006-08-14 17:27 375.296 C:\WINDOWS\system32\dpnet.dll
2006-08-14 17:27 367.616 C:\WINDOWS\system32\dsound.dll
2006-08-14 17:27 363.520 C:\WINDOWS\system32\psisdecd.dll
2006-08-14 17:27 35.840 C:\WINDOWS\system32\dmloader.dll
2006-08-14 17:27 35.328 C:\WINDOWS\system32\mciqtz32.dll
2006-08-14 17:27 35.328 C:\WINDOWS\system32\dpnhpast.dll
2006-08-14 17:27 30.208 C:\WINDOWS\system32\dplaysvr.exe
2006-08-14 17:27 3.584 C:\WINDOWS\system32\dpnlobby.dll
2006-08-14 17:27 3.584 C:\WINDOWS\system32\dpnaddr.dll
2006-08-14 17:27 28.672 C:\WINDOWS\system32\dmband.dll
2006-08-14 17:27 279.040 C:\WINDOWS\system32\qdv.dll
2006-08-14 17:27 27.136 C:\WINDOWS\system32\ddrawex.dll
2006-08-14 17:27 266.240 C:\WINDOWS\system32\ddraw.dll
2006-08-14 17:27 24.064 C:\WINDOWS\system32\dpmodemx.dll
2006-08-14 17:27 229.888 C:\WINDOWS\system32\dplayx.dll
2006-08-14 17:27 214.016 C:\WINDOWS\system32\dpvoice.dll
2006-08-14 17:27 21.504 C:\WINDOWS\system32\dpvacm.dll
2006-08-14 17:27 205.312 C:\WINDOWS\system32\mswebdvd.dll
2006-08-14 17:27 20.480 C:\WINDOWS\system32\encapi.dll
2006-08-14 17:27 2.113.536 C:\WINDOWS\system32\dxdiagn.dll
2006-08-14 17:27 192.512 C:\WINDOWS\system32\qcap.dll
2006-08-14 17:27 19.456 C:\WINDOWS\system32\dswave.dll
2006-08-14 17:27 181.760 C:\WINDOWS\system32\dsdmo.dll
2006-08-14 17:27 181.248 C:\WINDOWS\system32\dmime.dll
2006-08-14 17:27 18.432 C:\WINDOWS\system32\dpnsvr.exe
2006-08-14 17:27 17.408 C:\WINDOWS\system32\msyuv.dll
2006-08-14 17:27 14.336 C:\WINDOWS\system32\msdmo.dll
2006-08-14 17:27 116.736 C:\WINDOWS\system32\dpvvox.dll
2006-08-14 17:27 105.984 C:\WINDOWS\system32\dmstyle.dll
2006-08-14 17:27 104.448 C:\WINDOWS\system32\dmusic.dll
2006-08-14 17:27 103.424 C:\WINDOWS\system32\dmsynth.dll
2006-08-14 17:27 1.689.088 C:\WINDOWS\system32\d3d9.dll
2006-08-14 17:27 1.432.576 C:\WINDOWS\system32\msvidctl.dll
2006-08-14 17:27 1.298.432 C:\WINDOWS\system32\dxdiag.exe
2006-08-14 17:27 1.294.336 C:\WINDOWS\system32\dsound3d.dll
2006-08-14 17:27 1.292.800 C:\WINDOWS\system32\quartz.dll
2006-08-14 17:27 1.227.264 C:\WINDOWS\system32\dx8vb.dll
2006-08-14 17:27 1.179.648 C:\WINDOWS\system32\d3d8.dll
2006-08-14 02:50 83.960 C:\WINDOWS\system32\zlcomm.dll
2006-08-14 02:50 796.584 C:\WINDOWS\system32\libeay32_0.9.6l.dll
2006-08-14 02:50 71.672 C:\WINDOWS\system32\zlcommdb.dll
2006-08-14 02:50 71.672 C:\WINDOWS\system32\vsregexp.dll
2006-08-14 02:50 59.384 C:\WINDOWS\system32\vswmi.dll
2006-08-14 02:50 42.920 C:\WINDOWS\system32\vsutil_loc0407.dll
2006-08-14 02:50 392.824 C:\WINDOWS\system32\vsdatant.sys
2006-08-14 02:50 268.280 C:\WINDOWS\system32\vspubapi.dll
2006-08-14 02:50 104.440 C:\WINDOWS\system32\vsmonapi.dll
2006-08-14 02:50 100.344 C:\WINDOWS\system32\vsxml.dll
2006-08-14 02:49 83.960 C:\WINDOWS\system32\vsdata.dll
2006-08-14 02:49 440.312 C:\WINDOWS\system32\vsutil.dll
2006-08-14 02:49 157.688 C:\WINDOWS\system32\vsinit.dll
2006-08-14 01:59 22.752 C:\WINDOWS\system32\spupdsvc.exe
2006-08-14 01:56 577.536 C:\WINDOWS\soundman.exe
2006-08-14 01:56 49.152 C:\WINDOWS\system32\ChCfg.exe
2006-08-14 01:56 315.392 C:\WINDOWS\alcupd.exe
2006-08-14 01:56 217.088 C:\WINDOWS\Alcrmv.exe
2006-08-14 01:56 143.360 C:\WINDOWS\system32\RtlCPAPI.dll
2006-08-14 01:56 10.528.256 C:\WINDOWS\system32\RTLCPL.exe
2006-08-14 01:32 74.752 C:\WINDOWS\system32\olecli32.dll
2006-08-14 01:32 581.120 C:\WINDOWS\system32\rpcrt4.dll
2006-08-14 01:32 397.824 C:\WINDOWS\system32\rpcss.dll
2006-08-14 01:32 1.285.120 C:\WINDOWS\system32\ole32.dll
2006-08-14 01:05 8.192 C:\WINDOWS\system32\bitsprx2.dll
2006-08-14 01:05 7.168 C:\WINDOWS\system32\bitsprx3.dll
2006-08-14 01:05 351.232 C:\WINDOWS\system32\winhttp.dll
2006-08-14 01:05 18.944 C:\WINDOWS\system32\qmgrprxy.dll
2006-08-14 00:38 128.232 C:\WINDOWS\system32\mucltui.dll
2006-08-14 00:30 466.200 C:\WINDOWS\system32\wuapi.dll
2006-08-14 00:30 41.240 C:\WINDOWS\system32\wups.dll
2006-08-14 00:30 194.840 C:\WINDOWS\system32\wuaueng1.dll
2006-08-14 00:30 18.200 C:\WINDOWS\system32\wups2.dll
2006-08-14 00:30 174.872 C:\WINDOWS\system32\wuauclt1.exe
2006-08-14 00:30 128.280 C:\WINDOWS\system32\wucltui.dll
2006-08-14 00:14 208.896 C:\WINDOWS\system32\nvudisp.exe
2006-08-14 00:13 208.896 C:\WINDOWS\system32\NVUNINST.EXE
2006-08-14 00:12 77.312 C:\WINDOWS\system32\usbui.dll
2006-08-14 00:11 86.556 C:\WINDOWS\system32\dgsetup.dll
2006-08-14 00:11 8.704 C:\WINDOWS\system32\batt.dll
2006-08-14 00:11 8.192 C:\WINDOWS\system32\kbdhept.dll
2006-08-14 00:11 76.288 C:\WINDOWS\system32\storprop.dll
2006-08-14 00:11 70.144 C:\WINDOWS\notepad.exe
2006-08-14 00:11 7.168 C:\WINDOWS\system32\kbdcz.dll
2006-08-14 00:11 6.656 C:\WINDOWS\system32\kbdycl.dll
2006-08-14 00:11 6.656 C:\WINDOWS\system32\kbdsl1.dll
2006-08-14 00:11 6.656 C:\WINDOWS\system32\kbdsl.dll
2006-08-14 00:11 6.656 C:\WINDOWS\system32\kbdpl.dll
2006-08-14 00:11 6.656 C:\WINDOWS\system32\kbdhu.dll
2006-08-14 00:11 6.656 C:\WINDOWS\system32\kbdhela3.dll
2006-08-14 00:11 6.656 C:\WINDOWS\system32\kbdcz2.dll
2006-08-14 00:11 6.656 C:\WINDOWS\system32\kbdcz1.dll
2006-08-14 00:11 6.656 C:\WINDOWS\system32\kbdcr.dll
2006-08-14 00:11 6.656 C:\WINDOWS\system32\KBDAL.DLL
2006-08-14 00:11 6.144 C:\WINDOWS\system32\kbdtuq.dll
2006-08-14 00:11 6.144 C:\WINDOWS\system32\kbdtuf.dll
2006-08-14 00:11 6.144 C:\WINDOWS\system32\kbdlv1.dll
2006-08-14 00:11 6.144 C:\WINDOWS\system32\kbdlv.dll
2006-08-14 00:11 6.144 C:\WINDOWS\system32\kbdhela2.dll
2006-08-14 00:11 6.144 C:\WINDOWS\system32\kbdgkl.dll
2006-08-14 00:11 6.144 C:\WINDOWS\system32\kbdest.dll
2006-08-14 00:11 5.632 C:\WINDOWS\system32\kbdycc.dll
2006-08-14 00:11 5.632 C:\WINDOWS\system32\kbduzb.dll
2006-08-14 00:11 5.632 C:\WINDOWS\system32\kbdur.dll
2006-08-14 00:11 5.632 C:\WINDOWS\system32\kbdtat.dll
2006-08-14 00:11 5.632 C:\WINDOWS\system32\kbdru1.dll
2006-08-14 00:11 5.632 C:\WINDOWS\system32\kbdru.dll
2006-08-14 00:11 5.632 C:\WINDOWS\system32\kbdro.dll
2006-08-14 00:11 5.632 C:\WINDOWS\system32\kbdpl1.dll
2006-08-14 00:11 5.632 C:\WINDOWS\system32\kbdmon.dll
2006-08-14 00:11 5.632 C:\WINDOWS\system32\kbdlt1.dll
2006-08-14 00:11 5.632 C:\WINDOWS\system32\kbdlt.dll
2006-08-14 00:11 5.632 C:\WINDOWS\system32\kbdkyr.dll
2006-08-14 00:11 5.632 C:\WINDOWS\system32\kbdkaz.dll
2006-08-14 00:11 5.632 C:\WINDOWS\system32\kbdhu1.dll
2006-08-14 00:11 5.632 C:\WINDOWS\system32\kbdhe319.dll
2006-08-14 00:11 5.632 C:\WINDOWS\system32\kbdhe220.dll
2006-08-14 00:11 5.632 C:\WINDOWS\system32\kbdhe.dll
2006-08-14 00:11 5.632 C:\WINDOWS\system32\kbdbu.dll
2006-08-14 00:11 5.632 C:\WINDOWS\system32\kbdblr.dll
2006-08-14 00:11 5.632 C:\WINDOWS\system32\kbdazel.dll
2006-08-14 00:11 5.632 C:\WINDOWS\system32\kbdaze.dll
2006-08-14 00:11 24.661 C:\WINDOWS\system32\spxcoins.dll
2006-08-14 00:11 176.157 C:\WINDOWS\system32\dgrpsetu.dll
2006-08-14 00:11 15.872 C:\WINDOWS\TASKMAN.EXE
2006-08-14 00:11 13.824 C:\WINDOWS\system32\irclass.dll
2006-08-14 00:11 103.936 C:\WINDOWS\system32\EqnClass.Dll
2006-08-14 00:10 805.306.368 C:\pagefile.sys
2006-08-13 23:32 50.688 C:\WINDOWS\system32\wbhelp2.dll
2006-08-13 23:32 499.712 C:\WINDOWS\system32\msvcp71.dll
2006-08-13 23:32 348.160 C:\WINDOWS\system32\msvcr71.dll
2006-08-13 23:32 344.064 C:\WINDOWS\system32\msvcr70.dll
2006-08-13 23:32 109.568 C:\WINDOWS\vos364mi.dll
2006-08-13 23:31 91.648 C:\WINDOWS\osl364mi.dll
2006-08-13 23:31 287.744 C:\WINDOWS\uno364mi.dll
2006-08-13 23:20 112.128 C:\WINDOWS\system32\mapi32.dll
2006-08-13 23:20 0 C:\MSDOS.SYS
2006-08-13 23:20 0 C:\IO.SYS
2006-08-13 23:20 0 C:\CONFIG.SYS
2006-08-13 23:20 0 C:\AUTOEXEC.BAT
2006-08-13 23:18 70.144 C:\WINDOWS\system32\acctres.dll
2006-08-13 23:18 45.568 C:\WINDOWS\system32\safrslv.dll
2006-08-13 23:18 44.032 C:\WINDOWS\system32\racpldlg.dll
2006-08-13 23:18 43.520 C:\WINDOWS\system32\safrcdlg.dll
2006-08-13 23:18 32.768 C:\WINDOWS\system32\mnmsrvc.exe
2006-08-13 23:18 32.768 C:\WINDOWS\system32\isrdbg32.dll
2006-08-13 23:18 29.696 C:\WINDOWS\system32\safrdm.dll
2006-08-13 23:18 12.288 C:\WINDOWS\system32\nmevtmsg.dll
2006-08-13 23:18 11.264 C:\WINDOWS\system32\atrace.dll
2006-08-13 23:17 86.016 C:\WINDOWS\system32\isign32.dll
2006-08-13 23:17 81.920 C:\WINDOWS\system32\ils.dll
2006-08-13 23:17 73.728 C:\WINDOWS\system32\icwdial.dll
2006-08-13 23:17 69.632 C:\WINDOWS\system32\msconf.dll
2006-08-13 23:17 679.424 C:\WINDOWS\system32\inetcomm.dll
2006-08-13 23:17 67.584 C:\WINDOWS\system32\srclient.dll
2006-08-13 23:17 65.536 C:\WINDOWS\system32\icwphbk.dll
2006-08-13 23:17 51.712 C:\WINDOWS\system32\inetres.dll
2006-08-13 23:17 382.464 C:\WINDOWS\system32\qmgr.dll
2006-08-13 23:17 34.560 C:\WINDOWS\system32\mnmdd.dll
2006-08-13 23:17 282.624 C:\WINDOWS\system32\inetcfg.dll
2006-08-13 23:17 280.064 C:\WINDOWS\system32\mstask.dll
2006-08-13 23:17 28.672 C:\WINDOWS\system32\nmmkcert.dll
2006-08-13 23:17 252.928 C:\WINDOWS\system32\msoeacct.dll
2006-08-13 23:17 242.176 C:\WINDOWS\system32\srrstr.dll
2006-08-13 23:17 192.000 C:\WINDOWS\system32\schedsvc.dll
2006-08-13 23:17 171.008 C:\WINDOWS\system32\srsvc.dll
2006-08-13 23:17 16.384 C:\WINDOWS\system32\icfgnt5.dll
2006-08-13 23:17 12.288 C:\WINDOWS\system32\mstinit.exe
2006-08-13 23:17 105.984 C:\WINDOWS\system32\msoert2.dll
2006-08-13 23:16 97.792 C:\WINDOWS\system32\comrepl.dll
2006-08-13 23:16 956.416 C:\WINDOWS\system32\msdtctm.dll
2006-08-13 23:16 91.136 C:\WINDOWS\system32\mtxoci.dll
2006-08-13 23:16 85.504 C:\WINDOWS\system32\catsrvps.dll
2006-08-13 23:16 80.896 C:\WINDOWS\system32\charmap.exe
2006-08-13 23:16 73.216 C:\WINDOWS\system32\avwav.dll
2006-08-13 23:16 683.520 C:\WINDOWS\system32\getuname.dll
2006-08-13 23:16 67.072 C:\WINDOWS\system32\rdshost.exe
2006-08-13 23:16 60.416 C:\WINDOWS\system32\colbact.dll
2006-08-13 23:16 6.144 C:\WINDOWS\system32\msdtc.exe
2006-08-13 23:16 58.880 C:\WINDOWS\system32\msdtclog.dll
2006-08-13 23:16 57.344 C:\WINDOWS\system32\sol.exe
2006-08-13 23:16 55.808 C:\WINDOWS\system32\freecell.exe
2006-08-13 23:16 540.160 C:\WINDOWS\system32\comuid.dll
2006-08-13 23:16 54.272 C:\WINDOWS\system32\stclient.dll
2006-08-13 23:16 5.632 C:\WINDOWS\system32\write.exe
2006-08-13 23:16 5.120 C:\WINDOWS\system32\dcomcnfg.exe
2006-08-13 23:16 498.688 C:\WINDOWS\system32\clbcatq.dll
2006-08-13 23:16 44.544 C:\WINDOWS\system32\hticons.dll
2006-08-13 23:16 4.608 C:\WINDOWS\system32\rdpcfgex.dll
2006-08-13 23:16 4.096 C:\WINDOWS\system32\mtxex.dll
2006-08-13 23:16 356.352 C:\WINDOWS\system32\hypertrm.dll
2006-08-13 23:16 35.840 C:\WINDOWS\system32\winchat.exe
2006-08-13 23:16 33.792 C:\WINDOWS\system32\regini.exe
2006-08-13 23:16 25.600 C:\WINDOWS\system32\comaddin.dll
2006-08-13 23:16 25.088 C:\WINDOWS\system32\mtxlegih.dll
2006-08-13 23:16 232.960 C:\WINDOWS\system32\avtapi.dll
2006-08-13 23:16 225.792 C:\WINDOWS\system32\catsrv.dll
2006-08-13 23:16 22.528 C:\WINDOWS\system32\qwinsta.exe
2006-08-13 23:16 22.528 C:\WINDOWS\system32\msg.exe
2006-08-13 23:16 20.480 C:\WINDOWS\system32\qprocess.exe
2006-08-13 23:16 20.480 C:\WINDOWS\system32\mtxdm.dll
2006-08-13 23:16 188.416 C:\WINDOWS\system32\accwiz.exe
2006-08-13 23:16 17.920 C:\WINDOWS\system32\tsshutdn.exe
2006-08-13 23:16 17.408 C:\WINDOWS\system32\qappsrv.exe
2006-08-13 23:16 161.280 C:\WINDOWS\system32\msdtcuiu.dll
2006-08-13 23:16 16.384 C:\WINDOWS\system32\tskill.exe
2006-08-13 23:16 16.384 C:\WINDOWS\system32\rwinsta.exe
2006-08-13 23:16 16.384 C:\WINDOWS\system32\avmeter.dll
2006-08-13 23:16 15.872 C:\WINDOWS\system32\logoff.exe
2006-08-13 23:16 15.872 C:\WINDOWS\system32\cdmodem.dll
2006-08-13 23:16 15.360 C:\WINDOWS\system32\tsdiscon.exe
2006-08-13 23:16 15.360 C:\WINDOWS\system32\tscon.exe
2006-08-13 23:16 15.360 C:\WINDOWS\system32\shadow.exe
2006-08-13 23:16 147.456 C:\WINDOWS\system32\comsnap.dll
2006-08-13 23:16 139.776 C:\WINDOWS\system32\sndvol32.exe
2006-08-13 23:16 133.120 C:\WINDOWS\system32\sndrec32.exe
2006-08-13 23:16 128.000 C:\WINDOWS\system32\mshearts.exe
2006-08-13 23:16 120.320 C:\WINDOWS\system32\winmine.exe
2006-08-13 23:16 114.688 C:\WINDOWS\system32\calc.exe
2006-08-13 23:16 110.080 C:\WINDOWS\system32\clbcatex.dll
2006-08-13 23:16 11.776 C:\WINDOWS\system32\xolehlp.dll
2006-08-13 23:16 10.240 C:\WINDOWS\system32\reset.exe
2006-08-13 23:16 1.237 C:\WINDOWS\system32\usrlogon.cmd
2006-08-13 23:15 94.720 C:\WINDOWS\system32\tscfgwmi.dll
2006-08-13 23:15 87.176 C:\WINDOWS\system32\rdpwsx.dll
2006-08-13 23:15 655.360 C:\WINDOWS\system32\mstscax.dll
2006-08-13 23:15 625.152 C:\WINDOWS\system32\catsrvut.dll
2006-08-13 23:15 62.464 C:\WINDOWS\system32\rdpclip.exe
2006-08-13 23:15 61.440 C:\WINDOWS\system32\remotepg.dll
2006-08-13 23:15 6.656 C:\WINDOWS\system32\wuauserv.dll
2006-08-13 23:15 58.880 C:\WINDOWS\system32\licwmi.dll
2006-08-13 23:15 56.320 C:\WINDOWS\system32\servdeps.dll
2006-08-13 23:15 539.136 C:\WINDOWS\system32\spider.exe
2006-08-13 23:15 44.544 C:\WINDOWS\system32\tscupgrd.exe
2006-08-13 23:15 426.496 C:\WINDOWS\system32\msdtcprx.dll
2006-08-13 23:15 412.672 C:\WINDOWS\system32\mstsc.exe
2006-08-13 23:15 39.424 C:\WINDOWS\system32\cfgbkend.dll
2006-08-13 23:15 346.624 C:\WINDOWS\system32\mspaint.exe
2006-08-13 23:15 297.472 C:\WINDOWS\system32\termsrv.dll
2006-08-13 23:15 19.968 C:\WINDOWS\system32\rdpsnd.dll
2006-08-13 23:15 189.440 C:\WINDOWS\system32\cmprops.dll
2006-08-13 23:15 17.920 C:\WINDOWS\system32\mmfutil.dll
2006-08-13 23:15 147.968 C:\WINDOWS\system32\rdchost.dll
2006-08-13 23:15 142.848 C:\WINDOWS\system32\sessmgr.exe
2006-08-13 23:15 13.824 C:\WINDOWS\system32\rdsaddin.exe
2006-08-13 23:15 124.928 C:\WINDOWS\system32\mplay32.exe
2006-08-13 23:15 124.696 C:\WINDOWS\system32\wuauclt.exe
2006-08-13 23:15 11.264 C:\WINDOWS\system32\icaapi.dll
2006-08-13 23:15 104.448 C:\WINDOWS\system32\clipbrd.exe
2006-08-13 23:15 1.343.768 C:\WINDOWS\system32\wuaueng.dll
2006-08-13 23:15 1.267.200 C:\WINDOWS\system32\comsvcs.dll


(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries are not shown

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"Windows Explorer"="C:\\WINDOWS\\system32\\explorer.exe"
"Microsoft (R) Windows Update Manager"="C:\\WINDOWS\\update\\updmgr.exe"
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\System32\\NvCpl.dll,NvStartup"
"nwiz"="nwiz.exe /install"
"NvMediaCenter"="RUNDLL32.EXE C:\\WINDOWS\\System32\\NvMcTray.dll,NvTaskbarInit"
"SoundMan"="SOUNDMAN.EXE"
"Zone Labs Client"="\"C:\\Programme\\Zone Labs\\ZoneAlarm\\zlclient.exe\""
"RemoteControl"="C:\\Programme\\CyberLink\\PowerDVD\\PDVDServ.exe"
"LanguageShortcut"="C:\\Programme\\CyberLink\\PowerDVD\\Language\\Language.exe"
"SpyQuake2.com"="C:\\Programme\\SpyQuake2.com\\Spy-Quake2.exe /h"
"avgnt"="\"C:\\Programme\\AntiVir PersonalEdition Classic\\avgnt.exe\" /min"
"SunJavaUpdateSched"="\"C:\\Programme\\Java\\jre1.5.0_08\\bin\\jusched.exe\""
"ICQ Lite"="\"C:\\Programme\\ICQLite\\ICQLite.exe\" -minimize"
"WinampAgent"="C:\\Programme\\Winamp\\winampa.exe"
"Adobe Photo Downloader"="\"C:\\Programme\\Adobe\\Photoshop Album Starter Edition\\3.0\\Apps\\apdproxy.exe\""
"wecker"="C:\\Programme\\Wecker\\Wecker.exe"
"SunServer"="C:\\Programme\\Sunbelt Software\\CounterSpy\\Consumer\\sunserver.exe"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe"
"InfoCockpit"="C:\\Programme\\T-Online\\T-Online_Software_6\\Info-Cockpit\\INFOCOCKPIT.EXE /nosplash"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\runonce]
"ICQ Lite"="C:\\Programme\\ICQLite\\ICQLite.exe -trayboot"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\run]
"{E86603E9-0A2D-1031-0124-030611200031}"="\"C:\\Programme\\Gemeinsame Dateien\\{E86603E9-0A2D-1031-0124-030611200031}\\Update.exe\" mc-110-12-0000272"

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000001

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Die derzeitige Homepage"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,00,03,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
ff,ff,04,00,00,00
"RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\
00,00,01,00,00,00

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"InfoCockpit"="C:\\Programme\\T-Online\\T-Online_Software_6\\Info-Cockpit\\INFOCOCKPIT.EXE /nosplash"
"Task manager"="carnot.exe"

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"InfoCockpit"="C:\\Programme\\T-Online\\T-Online_Software_6\\Info-Cockpit\\INFOCOCKPIT.EXE /nosplash"
"Task manager"="carnot.exe"

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"
"incestuously"="{03413bf7-e34c-445b-bfc0-a2b127255871}"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
"{076394AD-7FDD-44EF-A075-32C68DBAB99B}"=""




Contents of the 'Scheduled Tasks' folder

Completion time: 18.08.2006 4:37:17,15
ComboFix ver 06.07.15/30 - This logfile is located at C:\ComboFix.txt

Hier noch datfindbat

Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: E866-03E9

Verzeichnis von C:\WINDOWS\system32

18.08.2006 04:43 717.254 svvwa.ini
18.08.2006 04:32 63.804 nvapps.xml
18.08.2006 04:32 54.112 vsconfig.xml
17.08.2006 22:26 13.844 hcnmosol.exe
17.08.2006 22:26 712.837 svvwa.bak2
17.08.2006 16:51 380.350 perfh009.dat
17.08.2006 16:51 52.764 perfc009.dat
17.08.2006 16:51 391.000 perfh007.dat
17.08.2006 16:51 63.580 perfc007.dat
17.08.2006 16:50 897.954 PerfStringBackup.INI
17.08.2006 02:39 96.664 FNTCACHE.DAT
16.08.2006 22:26 12.308 qnxcglvn.exe
16.08.2006 22:26 12.820 pmmojyes.exe
16.08.2006 22:26 695.060 svvwa.bak1
15.08.2006 05:10 143 mcrh.tmp
15.08.2006 04:24 8.891 jupdate-1.5.0_08-b03.log
15.08.2006 03:33 4.016 MRT.INI
15.08.2006 01:57 176.128 urroxtl.dll
14.08.2006 23:54 90 spupdwxp.log
14.08.2006 23:53 2.206 wpa.dbl
14.08.2006 18:22 573.492 awvvs.dll
14.08.2006 02:52 4.212 zllictbl.dat
14.08.2006 00:23 34.064 lhacm.acm
14.08.2006 00:14 0 h323log.txt
14.08.2006 00:14 0 TFTP2476
14.08.2006 00:14 0 TFTP2472
14.08.2006 00:14 0 TFTP396
14.08.2006 00:03 0 TFTP640
13.08.2006 23:43 0 TFTP4016
13.08.2006 23:41 0 TFTP336
13.08.2006 23:36 25.941 NULL
13.08.2006 23:36 23.392 nscompat.tlb
13.08.2006 23:36 16.832 amcompat.tlb
13.08.2006 23:29 25.065 wmpscheme.xml
13.08.2006 23:22 266 $winnt$.inf
13.08.2006 23:20 2.951 CONFIG.NT
13.08.2006 23:19 488 logonui.exe.manifest
13.08.2006 23:19 488 WindowsLogon.manifest
13.08.2006 23:19 749 nwc.cpl.manifest
13.08.2006 23:19 749 cdplayer.exe.manifest
13.08.2006 23:19 749 sapi.cpl.manifest
13.08.2006 23:19 749 wuaucpl.cpl.manifest
13.08.2006 23:19 749 ncpa.cpl.manifest
13.08.2006 23:17 21.740 emptyregdb.dat
09.08.2006 12:03 8.325.544 MRT.exe
01.08.2006 15:02 49.152 ChCfg.exe
28.07.2006 13:28 3.075.072 mshtml.dll
27.07.2006 15:25 679.424 inetcomm.dll
26.07.2006 03:03 127.078 javaws.exe
26.07.2006 03:03 49.265 jpicpl32.cpl
26.07.2006 01:26 53.346 javaw.exe
26.07.2006 01:25 49.248 java.exe
25.07.2006 22:33 615.936 urlmon.dll
21.07.2006 10:29 72.704 hlink.dll
19.07.2006 05:13 18.800.640 alsndmgr.cpl
14.07.2006 17:38 332.288 netapi32.dll
14.07.2006 17:25 546.304 hhctrl.ocx
14.07.2006 08:44 10.528.256 RTLCPL.exe
13.07.2006 15:34 8.494.592 shell32.dll
09.07.2006 13:42 42.920 vsutil_loc0407.dll
09.07.2006 13:42 392.824 vsdatant.sys
09.07.2006 13:42 71.672 zlcommdb.dll
09.07.2006 13:42 83.960 zlcomm.dll
09.07.2006 13:42 59.384 vswmi.dll
09.07.2006 13:42 100.344 vsxml.dll
09.07.2006 13:42 71.672 vsregexp.dll
09.07.2006 13:42 440.312 vsutil.dll
09.07.2006 13:42 104.440 vsmonapi.dll
09.07.2006 13:42 157.688 vsinit.dll
09.07.2006 13:42 268.280 vspubapi.dll
09.07.2006 13:42 83.960 vsdata.dll
09.07.2006 13:41 796.584 libeay32_0.9.6l.dll
05.07.2006 12:55 1.057.792 kernel32.dll
30.06.2006 06:32 143.360 RtlCPAPI.dll
26.06.2006 19:40 8.192 rasadhlp.dll


Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: E866-03E9

Verzeichnis von C:\DOKUME~1\BENJAM~1\LOKALE~1\Temp

18.08.2006 04:38 173 jusched.log
18.08.2006 04:34 16.384 Perflib_Perfdata_990.dat
18.08.2006 04:33 49.152 ~DF53FB.tmp
18.08.2006 04:32 32.768 ~DFB5B6.tmp
18.08.2006 04:32 16.384 ~DF8CEB.tmp
5 Datei(en) 114.861 Bytes
0 Verzeichnis(se), 73.503.752.192 Bytes frei


Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: E866-03E9

Verzeichnis von C:\WINDOWS

18.08.2006 04:41 1.882.177 WindowsUpdate.log
18.08.2006 04:37 197.981 setupact.log
18.08.2006 04:34 574 win.ini
18.08.2006 04:34 159 wiadebug.log
18.08.2006 04:34 50 wiaservc.log
18.08.2006 04:32 0 0.log
18.08.2006 04:30 2.048 bootstat.dat
18.08.2006 04:30 5.326 SchedLgU.Txt
18.08.2006 03:41 858 dprpxdun.txt
17.08.2006 16:47 1.374 imsins.log
17.08.2006 16:47 153.062 tsoc.log
17.08.2006 16:47 20.995 ocmsn.log
17.08.2006 16:47 58.026 iis6.log
17.08.2006 16:47 82.539 ntdtcsetup.log
17.08.2006 16:47 135.929 comsetup.log
17.08.2006 16:47 20.126 KB920214.log
17.08.2006 16:47 208.748 ocgen.log
17.08.2006 16:47 19.918 msgsocm.log
17.08.2006 16:47 379.790 FaxSetup.log
17.08.2006 16:47 797.923 setupapi.log
17.08.2006 16:46 1.374 imsins.BAK
17.08.2006 16:46 2
Dieser Beitrag wurde am 18.08.2006 um 04:49 Uhr von Benjo editiert.
Seitenanfang Seitenende
18.08.2006, 15:36
Sabina
Ehrenmitglied
Avatar Sabina

Beiträge: 29434
#2 Benjo

1.
Vundofix anwenden
http://virus-protect.org/artikel/tools/vundofixx.html

2.
smitfraudfix anwenden (Option 1 und 2)
http://virus-protect.org/artikel/tools/smitfrautfix.html

3.
Den folgenden Text in den Editor (Start - Zubehör - Editor) kopieren und als fixme.reg mit 'Speichern unter' auf dem Desktop. Gebe bei Dateityp 'Alle Dateien' an. Du solltest jetzt auf dem Desktop diese Datei finden.
Die Datei "fixme.reg" auf dem Desktop doppelklicken und der Registry mit "ja" oder "yes" beifügen

Zitat

REGEDIT4

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\run]
"{E86603E9-0A2D-1031-0124-030611200031}"=-

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"Windows Explorer"=-
"Microsoft (R) Windows Update Manager"=-

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"Task manager"=-

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"Task manager"=-

5.
Avenger
http://virus-protect.org/artikel/tools/avenger.html

kopiere rein

Zitat

Files to delete:
C:\WINDOWS\system32\carnot.exe
C:\WINDOWS\carnot.exe
C:\carnot.exe
C:\WINDOWS\system32\svvwa.ini
C:\WINDOWS\system32\hcnmosol.exe
C:\WINDOWS\system32\svvwa.bak2
C:\WINDOWS\system32\qnxcglvn.exe
C:\WINDOWS\system32\pmmojyes.exe
C:\WINDOWS\system32\svvwa.bak1
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\urroxtl.dll
C:\WINDOWS\system32\awvvs.dll
C:\WINDOWS\system32\TFTP2476
C:\WINDOWS\system32\TFTP2472
C:\WINDOWS\system32\TFTP396
C:\WINDOWS\system32\TFTP640
C:\WINDOWS\system32\TFTP4016
C:\WINDOWS\system32\TFTP336
C:\WINDOWS\system32\explorer.exe
C:\WINDOWS\update\updmgr.exe

Klicke die gruene Ampel
das Script wird nun ausgeführt, dann wird der PC automatisch neustarten

**
poste das log vom Avenger, was erscheint


**
loesche:
C:\Programme\Gemeinsame Dateien\{E86603E9-0A2D-1031-0124-030611200031}
C:\WINDOWS\update

**
öffne das HijackThis -- Button "scan" -- vor die Malware-Einträge Häkchen setzen -- Button "Fix checked" -- PC neustarten

Zitat

O3 - Toolbar: (no name) - {CBCC61FA-0221-4ccc-B409-CEE865CACA3A} - (no file)

O4 - HKLM\..\Run: [Windows Explorer] C:\WINDOWS\system32\explorer.exe
O4 - HKLM\..\Run: [Microsoft (R) Windows Update Manager] C:\WINDOWS\update\updmgr.exe

O15 - Trusted Zone: http://www.amaena.com
O15 - Trusted Zone: http://locator.cdn.imageservr.com
O15 - Trusted Zone: http://scanner.sysprotect.com
O15 - Trusted Zone: http://*.systemdoctor.com
O15 - Trusted Zone: http://www.winantivirus.com
O15 - Trusted Zone: http://www.winantiviruspro.com
O15 - Trusted Zone: http://download.cdn.winsoftware.com
O15 - Trusted IP range: http://202.67.220.225
O15 - Trusted IP range: http://59.148.220.121
O15 - Trusted IP range: http://62.4.84.53
O15 - Trusted IP range: http://82.98.235.58
O15 - Trusted IP range: http://85.12.25.90

O21 - SSODL: incestuously - {03413bf7-e34c-445b-bfc0-a2b127255871} - C:\WINDOWS\system32\urroxtl.dll

O23 - Service: Windows Update Manager (UpdateManager) - Unknown owner - C:\WINDOWS\update\updmgr.exe (file missing)

**
Download Registry Search by Bobbi Flekman
http://virus-protect.org/artikel/tools/regsearch.html
und doppelklicken, um zu starten. in: "Enter search strings" (reinschreiben oder reinkopieren)

Windows Update Manager
updmgr.exe

in edit und klicke "Ok".
Notepad wird sich oeffnen -- kopiere den Text ab und poste ihn.

**
poste das neue Log von combofix und die 4 logs von datfindbat


«
__________
MfG Sabina

rund um die PC-Sicherheit
Seitenanfang Seitenende
Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!

Folgende Themen könnten Dich auch interessieren:
Seite(n): 1