Home » Viren, Trojaner & Malware Forum » Es hat sich ein VIRUS eingenistet » Themenansicht

Firefox Tipp: Instantfox - Quick Search Add-On!

Seite(n): 1 2 3 4 5

Antworten

Es hat sich ein VIRUS eingenistet

14.07.2010, 22:34

r123s

Member

Themenstarter

Beiträge: 262

#46 Alles klar
morgen Vormittag

15.07.2010, 07:48

r123s

Member

Themenstarter

Beiträge: 262

#47 OTL logfile created on: 15.07.2010 07:31:26 - Run 2
OTL by OldTimer - Version 3.2.9.0 Folder = C:\Dokumente und Einstellungen\Admin\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 88,00% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 94,00% Paging File free
Paging file location(s): C:\pagefile.sys 1512 3024 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 232,88 Gb Total Space | 223,14 Gb Free Space | 95,82% Space Free | Partition Type: NTFS
Drive D: | 37,21 Gb Total Space | 32,16 Gb Free Space | 86,43% Space Free | Partition Type: NTFS
Drive E: | 34,88 Gb Total Space | 30,59 Gb Free Space | 87,71% Space Free | Partition Type: NTFS
Drive F: | 2,44 Gb Total Space | 2,44 Gb Free Space | 99,99% Space Free | Partition Type: FAT32
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MAIN-1B84F08B18
Current User Name: Admin
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2010.07.14 15:17:00 | 000,126,976 | ---- | M] (Google Inc.) -- C:\Programme\Google\Quick Search Box\GoogleQuickSearchBox.exe
PRC - [2010.07.14 12:11:32 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Admin\Desktop\OTL.exe
PRC - [2009.07.13 11:50:54 | 000,719,392 | ---- | M] (Emsi Software GmbH) -- C:\Programme\a-squared Free\a2service.exe
PRC - [2009.07.11 05:58:18 | 000,362,184 | ---- | M] (Tall Emu) -- C:\Programme\Tall Emu\Online Armor\oacat.exe
PRC - [2009.07.11 05:58:14 | 003,142,344 | ---- | M] (Tall Emu) -- C:\Programme\Tall Emu\Online Armor\oasrv.exe
PRC - [2009.03.01 11:55:15 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2008.04.14 04:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006.04.07 14:54:09 | 000,191,016 | ---- | M] (AVIRA GmbH) -- C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
PRC - [2006.04.05 13:03:58 | 000,034,344 | ---- | M] (Avira GmbH) -- C:\Programme\AntiVir PersonalEdition Classic\sched.exe

[color=#E56717]========== Modules (SafeList) ==========[/color]

MOD - [2010.07.14 12:11:32 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Admin\Desktop\OTL.exe
MOD - [2009.07.11 05:59:16 | 000,860,360 | ---- | M] (Tall Emu) -- C:\Programme\Tall Emu\Online Armor\oawatch.dll
MOD - [2008.04.14 04:22:32 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winsta.dll
MOD - [2008.04.14 04:22:32 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wsock32.dll
MOD - [2008.04.14 04:22:32 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wtsapi32.dll
MOD - [2008.04.14 04:21:06 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx

[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2009.07.13 11:50:54 | 000,719,392 | ---- | M] (Emsi Software GmbH) [Auto | Running] -- C:\PROGRAMME\A-SQUARED FREE\a2service.exe -- (a2free)
SRV - [2009.07.11 05:58:18 | 000,362,184 | ---- | M] (Tall Emu) [Auto | Running] -- C:\Programme\Tall Emu\Online Armor\OAcat.exe -- (OAcat)
SRV - [2009.07.11 05:58:14 | 003,142,344 | ---- | M] (Tall Emu) [Auto | Running] -- C:\Programme\Tall Emu\Online Armor\oasrv.exe -- (SvcOnlineArmor)
SRV - [2006.04.07 14:54:09 | 000,191,016 | ---- | M] (AVIRA GmbH) [Auto | Running] -- C:\Programme\AntiVir PersonalEdition Classic\avguard.exe -- (AntiVirService)
SRV - [2006.04.05 13:03:58 | 000,034,344 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\AntiVir PersonalEdition Classic\sched.exe -- (AntiVirScheduler)
SRV - [2003.03.09 22:31:02 | 000,065,795 | R--- | M] (HP) [Disabled | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)

[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2009.07.11 05:59:08 | 000,029,776 | ---- | M] (Tall Emu Pty Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\OAnet.sys -- (OAnet)
DRV - [2009.07.11 05:17:14 | 000,024,656 | ---- | M] (Tall Emu) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\OAmon.sys -- (OAmon)
DRV - [2009.07.11 05:17:00 | 000,200,784 | ---- | M] (Tall Emu) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\OADriver.sys -- (OADevice)
DRV - [2009.06.30 09:37:16 | 000,028,552 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\pavboot.sys -- (pavboot)
DRV - [2009.02.24 09:13:45 | 000,082,380 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K)
DRV - [2008.09.18 00:55:00 | 006,132,576 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2008.04.13 18:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2006.06.05 15:49:08 | 000,230,400 | R--- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\e1e5132.sys -- (e1express) Intel(R)
DRV - [2006.06.01 14:43:56 | 000,043,264 | R--- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HECI.sys -- (HECI) Intel(R)
DRV - [2006.05.26 09:59:12 | 001,177,032 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2006.02.22 16:21:30 | 000,007,168 | ---- | M] (H+BEDV Datentechnik GmbH) [Kernel | System | Running] -- C:\Programme\AntiVir PersonalEdition Classic\avgio.sys -- (avgio)
DRV - [2005.12.07 13:58:29 | 000,026,112 | ---- | M] (H+BEDV Datentechnik GmbH) [File_System | On_Demand | Running] -- C:\Programme\AntiVir PersonalEdition Classic\avgntflt.sys -- (avgntflt)
DRV - [2005.12.02 19:38:04 | 000,041,728 | ---- | M] (Sonic Focus, Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sfng32.sys -- (sfng32)
DRV - [2002.07.17 08:05:10 | 000,016,512 | ---- | M] (Adaptec) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (ASPI)

[color=#E56717]========== Standard Registry (SafeList) ==========[/color]

[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaulturl: "http://search.yahoo.com/search?ei=UTF-8&fr=ffas&p="
FF - prefs.js..browser.search.param.yahoo-fr: "moz3"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "moz3"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.startup.homepage: "http://www.google.de"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {AA994882-F391-4d2e-806F-8908DA4814ED}:2.2
FF - prefs.js..extensions.enabledItems: {E84D42CA-64EB-11DE-A65F-8C3656D89593}:3.1
FF - prefs.js..extensions.enabledItems: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065}:2.5.8.6
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.6.5.200812101546
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?ei=UTF-8&fr=ffas&p="

FF - HKLM\software\mozilla\Mozilla Firefox 3.0\extensions\\Components: C:\Programme\Mozilla Firefox\components [2010.07.13 20:02:04 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2010.07.13 20:02:03 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.24\extensions\\Components: C:\Programme\Mozilla Thunderbird\components [2010.03.22 20:29:16 | 000,000,000 | ---D | M]

[2009.05.25 11:38:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Mozilla\Extensions
[2010.07.13 20:22:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Mozilla\Firefox\Profiles\6n81zofd.default\extensions
[2010.06.30 12:40:06 | 000,000,000 | ---D | M] (kikin plugin (Softonic Edition)) -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Mozilla\Firefox\Profiles\6n81zofd.default\extensions\{AA994882-F391-4d2e-806F-8908DA4814ED}
[2010.04.11 13:21:26 | 000,000,000 | ---D | M] (softonic-de3 Toolbar) -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Mozilla\Firefox\Profiles\6n81zofd.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}
[2010.05.17 17:10:28 | 000,000,000 | ---D | M] (MediaBar) -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Mozilla\Firefox\Profiles\6n81zofd.default\extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593}
[2009.12.03 10:54:24 | 000,002,476 | ---- | M] () -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Mozilla\Firefox\Profiles\6n81zofd.default\searchplugins\BearShareWebSearch.xml
[2010.03.16 11:42:56 | 000,000,927 | ---- | M] () -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Mozilla\Firefox\Profiles\6n81zofd.default\searchplugins\conduit.xml
[2010.07.13 20:22:13 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2009.05.25 11:39:57 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Programme\Mozilla Firefox\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2008.12.19 00:30:20 | 000,106,128 | ---- | M] ( ) -- C:\Programme\Mozilla Firefox\plugins\npstrlnk.dll
[2008.03.15 15:56:14 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2008.03.15 15:56:14 | 000,002,642 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2008.02.19 16:40:48 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2006.12.03 17:59:22 | 000,000,986 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2006.11.17 13:19:24 | 000,000,801 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2010.07.14 10:09:40 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [Google Quick Search Box] C:\Programme\Google\Quick Search Box\GoogleQuickSearchBox.exe (Google Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKCU..\Run: [swg] C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O8 - Extra context menu item: Google Sidewiki... - C:\Programme\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O28 - HKLM ShellExecuteHooks: {4F07DA45-8170-4859-9B5F-037EF2970034} - C:\Programme\Tall Emu\Online Armor\oaevent.dll (Tall Emu)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.02.16 12:15:42 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2005.11.14 20:40:48 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{219e8048-bef1-11de-8a77-001676b68f9e}\Shell\AutoRun\command - "" = RECYCLER32\dmgr.exe
O33 - MountPoints2\{219e8048-bef1-11de-8a77-001676b68f9e}\Shell\open\command - "" = RECYCLER32\dmgr.exe
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2010.07.14 19:53:58 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2010.07.14 19:52:36 | 017,010,016 | ---- | C] (Microsoft Corporation) -- C:\Dokumente und Einstellungen\Admin\Desktop\IE8-WindowsXP-x86-DEU.exe
[2010.07.14 19:43:09 | 000,028,552 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\pavboot.sys
[2010.07.14 19:36:55 | 000,000,000 | ---D | C] -- C:\Programme\Panda Security
[2010.07.14 15:16:29 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\Temp
[2010.07.14 12:19:06 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe
[2010.07.14 12:14:38 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Admin\Desktop\OTL.exe
[2010.07.14 12:09:18 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010.07.14 11:57:40 | 001,013,584 | ---- | C] (Kaspersky Lab) -- C:\Dokumente und Einstellungen\Admin\Desktop\TDSSKiller.exe
[2010.07.14 11:53:13 | 006,153,352 | ---- | C] (Malwarebytes Corporation ) -- C:\Dokumente und Einstellungen\Admin\Desktop\mbam146-setup.exe
[2010.07.14 11:11:26 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidserv.dll
[2010.07.14 11:11:23 | 000,014,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhid.sys
[2010.07.14 10:02:34 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010.07.14 10:00:29 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010.07.14 10:00:29 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010.07.14 10:00:29 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010.07.14 10:00:29 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010.07.14 10:00:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010.07.14 10:00:13 | 000,000,000 | ---D | C] -- C:\ComboFix
[2010.07.14 09:55:22 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010.07.13 19:58:56 | 000,000,000 | ---D | C] -- C:\Avenger
[2010.07.13 18:24:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2010.07.13 18:18:32 | 000,000,000 | ---D | C] -- C:\6643525cf2c0be45efd67939211c71
[2010.07.11 10:04:53 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Admin\IECompatCache
[2010.07.11 10:04:05 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Admin\PrivacIE
[2010.07.11 09:58:51 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2010.07.11 09:32:29 | 000,046,080 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunib.dll
[2010.07.11 09:32:27 | 000,046,080 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuni.dll
[2010.07.11 09:32:22 | 000,034,816 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimg.dll
[2010.07.11 09:31:23 | 000,043,008 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucm.dll
[2010.07.11 09:31:22 | 000,137,088 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\essm2e.sys
[2010.07.11 09:31:20 | 000,063,360 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\ess.sys
[2010.07.11 09:31:18 | 000,347,870 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es56tpi.sys
[2010.07.11 09:31:17 | 000,594,558 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es56hpi.sys
[2010.07.11 09:31:15 | 000,595,999 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es56cvmp.sys
[2010.07.11 09:31:13 | 000,174,464 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es198x.sys
[2010.07.11 09:31:12 | 000,072,192 | ---- | C] (ESS Technology Inc.) -- C:\WINDOWS\System32\dllcache\es1969.sys
[2010.07.11 09:31:10 | 000,040,704 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\es1371mp.sys
[2010.07.11 09:31:08 | 000,037,120 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\es1370mp.sys
[2010.07.11 09:31:06 | 000,062,464 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnloop.exe
[2010.07.11 09:31:05 | 000,052,224 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnlogr.exe
[2010.07.11 09:31:03 | 000,053,760 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqndiag.exe
[2010.07.11 09:31:01 | 000,629,952 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqn.sys
[2010.07.11 09:30:59 | 000,114,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\epstw2k.sys
[2010.07.11 09:30:57 | 000,018,503 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\epro4.sys
[2010.07.11 09:30:56 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\epcfw2k.sys
[2010.07.11 09:30:55 | 000,283,904 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\emu10k1m.sys
[2010.07.11 09:30:51 | 000,019,996 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\em556n4.sys
[2010.07.11 09:30:50 | 000,025,159 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\elnk3.sys
[2010.07.11 09:30:49 | 000,007,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\elmsmc.sys
[2010.07.11 09:30:48 | 000,176,128 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el99xn51.sys
[2010.07.11 09:30:47 | 000,070,174 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el98xn5.sys
[2010.07.11 09:30:45 | 000,455,711 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el985n51.sys
[2010.07.11 09:30:44 | 000,153,631 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el90xnd5.sys
[2010.07.11 09:30:43 | 000,066,591 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el90xbc5.sys
[2010.07.11 09:30:42 | 000,241,270 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656se5.sys
[2010.07.11 09:30:41 | 000,077,386 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656nd5.sys
[2010.07.11 09:30:39 | 000,634,198 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656ct5.sys
[2010.07.11 09:30:38 | 000,069,194 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656cd5.sys
[2010.07.11 09:30:37 | 000,026,141 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el589nd5.sys
[2010.07.11 09:30:36 | 000,069,692 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el575nd5.sys
[2010.07.11 09:30:35 | 000,024,653 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el574nd4.sys
[2010.07.11 09:30:34 | 000,055,999 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el556nd5.sys
[2010.07.11 09:30:33 | 000,044,103 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el515.sys
[2010.07.11 09:30:24 | 000,019,594 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\e100isa4.sys
[2010.07.11 09:30:23 | 000,117,760 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\e100b325.sys
[2010.07.11 09:30:22 | 000,051,743 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\e1000nt5.sys
[2010.07.11 09:30:19 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dshowext.ax
[2010.07.11 09:30:17 | 000,334,208 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\ds1wdm.sys
[2010.07.11 09:30:16 | 000,020,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpti2o.sys
[2010.07.11 09:30:14 | 000,028,062 | ---- | C] (National Semiconductor Coproration) -- C:\WINDOWS\System32\dllcache\dp83820.sys
[2010.07.11 09:30:12 | 000,023,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4usb.sys
[2010.07.11 09:30:11 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4scan.sys
[2010.07.11 09:30:10 | 000,012,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4prt.sys
[2010.07.11 09:30:09 | 000,206,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4.sys
[2010.07.11 09:30:06 | 000,029,696 | ---- | C] (CNet Technology, Inc. ) -- C:\WINDOWS\System32\dllcache\dm9pci5.sys
[2010.07.11 09:30:06 | 000,008,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dlttape.sys
[2010.07.11 09:30:05 | 000,026,698 | ---- | C] (D-Link Corporation) -- C:\WINDOWS\System32\dllcache\dlh5xnd5.sys
[2010.07.11 09:30:04 | 000,952,007 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diwan.sys
[2010.07.11 09:30:00 | 000,236,060 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\ditrace.exe
[2010.07.11 09:29:59 | 000,038,985 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvsu.dll
[2010.07.11 09:29:57 | 000,006,729 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvci.dll
[2010.07.11 09:29:55 | 000,091,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\dimaint.sys
[2010.07.11 09:29:54 | 000,626,717 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiview.exe
[2010.07.11 09:29:53 | 000,042,880 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\digirlpt.sys
[2010.07.11 09:29:52 | 000,110,621 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\digirlpt.dll
[2010.07.11 09:29:52 | 000,021,606 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiisdn.sys
[2010.07.11 09:29:51 | 000,041,046 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiisdn.dll
[2010.07.11 09:29:50 | 000,102,484 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiinf.dll
[2010.07.11 09:29:49 | 000,159,828 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digihlc.dll
[2010.07.11 09:29:48 | 000,229,462 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digifwrk.dll
[2010.07.11 09:29:47 | 000,090,717 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digifep5.sys
[2010.07.11 09:29:46 | 000,103,524 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digidxb.sys
[2010.07.11 09:29:45 | 000,135,252 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digidbp.dll
[2010.07.11 09:29:44 | 000,038,087 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiasyn.sys
[2010.07.11 09:29:43 | 000,065,622 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiasyn.dll
[2010.07.11 09:29:41 | 000,424,477 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dllcache\dgconfig.dll
[2010.07.11 09:29:40 | 000,029,851 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\dgapci.sys
[2010.07.11 09:29:39 | 000,024,649 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650d.sys
[2010.07.11 09:29:38 | 000,024,648 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650.sys
[2010.07.11 09:29:37 | 000,024,064 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\devldr32.exe
[2010.07.11 09:29:36 | 000,256,512 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\devcon32.dll
[2010.07.11 09:29:35 | 000,020,928 | ---- | C] (Digital Networks, LLC) -- C:\WINDOWS\System32\dllcache\defpa.sys
[2010.07.11 09:29:34 | 000,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ddsmc.sys
[2010.07.11 09:29:33 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc260usd.dll
[2010.07.11 09:29:32 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc240usd.dll
[2010.07.11 09:29:31 | 000,063,208 | ---- | C] (Intel Corporation.) -- C:\WINDOWS\System32\dllcache\dc21x4.sys
[2010.07.11 09:29:30 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc210usd.dll
[2010.07.11 09:29:29 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc210_32.dll
[2010.07.11 09:29:26 | 000,179,584 | ---- | C] (Mylex Corporation) -- C:\WINDOWS\System32\dllcache\dac2w2k.sys
[2010.07.11 09:29:26 | 000,014,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dac960nt.sys
[2010.07.11 09:29:18 | 000,117,760 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\d100ib5.sys
[2010.07.11 09:29:17 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyzports.dll
[2010.07.11 09:29:16 | 000,050,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyzport.sys
[2010.07.11 09:29:15 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyzcoins.dll
[2010.07.11 09:29:14 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyyports.dll
[2010.07.11 09:29:13 | 000,051,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyyport.sys
[2010.07.11 09:29:12 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyycoins.dll
[2010.07.11 09:29:11 | 000,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyclom-y.sys
[2010.07.11 09:29:10 | 000,048,640 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwrwdm.sys
[2010.07.11 09:29:10 | 000,017,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyclad-z.sys
[2010.07.11 09:29:09 | 000,093,952 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcwdm.sys
[2010.07.11 09:29:07 | 000,111,872 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcspud.sys
[2010.07.11 09:29:06 | 000,003,584 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcosnt5.sys
[2010.07.11 09:29:05 | 000,072,832 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbwdm.sys
[2010.07.11 09:29:04 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbmidi.sys
[2010.07.11 09:29:03 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbase.sys
[2010.07.11 09:29:02 | 000,252,928 | ---- | C] (Comtrol® Corporation) -- C:\WINDOWS\System32\dllcache\ctmasetp.dll
[2010.07.11 09:29:02 | 000,004,096 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\ctwdm32.dll
[2010.07.11 09:29:01 | 000,096,256 | ---- | C] (Copyright (C) Creative Technology Ltd. 1994-2001) -- C:\WINDOWS\System32\dllcache\ctlsb16.sys
[2010.07.11 09:29:00 | 000,003,712 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\ctljystk.sys
[2010.07.11 09:28:59 | 000,006,912 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\ctlfacem.sys
[2010.07.11 09:28:58 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\csamsp.dll
[2010.07.11 09:28:57 | 000,042,112 | ---- | C] (Conexant Systems Inc.) -- C:\WINDOWS\System32\dllcache\crtaud.sys
[2010.07.11 09:28:56 | 000,216,576 | ---- | C] (COMPAQ Inc.) -- C:\WINDOWS\System32\dllcache\cpscan.dll
[2010.07.11 09:28:55 | 000,061,130 | ---- | C] (Compaq Computer Corp.) -- C:\WINDOWS\System32\dllcache\cpqtrnd5.sys
[2010.07.11 09:28:54 | 000,022,045 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\cpqndis5.sys
[2010.07.11 09:28:53 | 000,014,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cpqarray.sys
[2010.07.11 09:28:50 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\compbatt.sys
[2010.07.11 09:28:49 | 000,039,936 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\dllcache\cnxt1803.sys
[2010.07.11 09:28:48 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cnusd.dll
[2010.07.11 09:28:47 | 000,006,656 | ---- | C] (CMD Technology, Inc.) -- C:\WINDOWS\System32\dllcache\cmdide.sys
[2010.07.11 09:28:46 | 000,020,864 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\cmbp0wdm.sys
[2010.07.11 09:28:46 | 000,013,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmbatt.sys
[2010.07.11 09:28:45 | 000,248,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cl546xm.sys
[2010.07.11 09:28:44 | 000,170,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cl546x.dll
[2010.07.11 09:28:44 | 000,111,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cl5465.dll
[2010.07.11 09:28:43 | 000,091,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cirrus.dll
[2010.07.11 09:28:43 | 000,045,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cirrus.sys
[2010.07.11 09:28:41 | 000,980,034 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\cicap.sys
[2010.07.11 09:28:41 | 000,272,640 | ---- | C] (RAVISENT Technologies Inc.) -- C:\WINDOWS\System32\dllcache\cinemclc.sys
[2010.07.11 09:28:37 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\changer.sys
[2010.07.11 09:28:36 | 000,049,182 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem56n5.sys
[2010.07.11 09:28:35 | 000,022,556 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem33n5.sys
[2010.07.11 09:28:35 | 000,022,556 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem28n5.sys
[2010.07.11 09:28:34 | 000,027,164 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce3n5.sys
[2010.07.11 09:28:34 | 000,021,530 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce2n5.sys
[2010.07.11 09:28:32 | 000,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ccdecode.sys
[2010.07.11 09:28:32 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cd20xrnt.sys
[2010.07.11 09:28:31 | 000,715,210 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cbmdmkxx.sys
[2010.07.11 09:28:31 | 000,046,108 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cben5.sys
[2010.07.11 09:28:30 | 000,039,680 | ---- | C] (Silicom Ltd.) -- C:\WINDOWS\System32\dllcache\cb325.sys
[2010.07.11 09:28:30 | 000,037,916 | ---- | C] (Fast Ethernet Controller Provider) -- C:\WINDOWS\System32\dllcache\cb102.sys
[2010.07.11 09:28:29 | 000,032,256 | ---- | C] (Eicon Technology Corporation) -- C:\WINDOWS\System32\dllcache\diapi2NT.dll
[2010.07.11 09:28:28 | 000,164,923 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diapi2.sys
[2010.07.11 09:28:25 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext30.dll
[2010.07.11 09:28:25 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext30.ax
[2010.07.11 09:28:24 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext20.ax
[2010.07.11 09:28:24 | 000,236,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext20.dll
[2010.07.11 09:28:23 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camexo20.dll
[2010.07.11 09:28:23 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camexo20.ax
[2010.07.11 09:28:22 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camdrv21.sys
[2010.07.11 09:28:22 | 000,171,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camdrv30.sys
[2010.07.11 09:28:21 | 000,314,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camdro21.sys
[2010.07.11 09:28:02 | 000,014,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bulltlp3.sys
[2010.07.11 09:28:01 | 000,031,529 | ---- | C] (BreezeCOM) -- C:\WINDOWS\System32\dllcache\brzwlan.sys
[2010.07.11 09:28:01 | 000,010,368 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbscn.sys
[2010.07.11 09:28:00 | 000,060,416 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brserwdm.sys
[2010.07.11 09:28:00 | 000,011,008 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbmdm.sys
[2010.07.11 09:27:59 | 000,009,728 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brserif.dll
[2010.07.11 09:27:59 | 000,005,120 | ---- | C] (Brother Industries,Ltd.) -- C:\WINDOWS\System32\dllcache\brscnrsm.dll
[2010.07.11 09:27:58 | 000,039,808 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparwdm.sys
[2010.07.11 09:27:58 | 000,003,168 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparimg.sys
[2010.07.11 09:27:57 | 000,041,472 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfusb.dll
[2010.07.11 09:27:56 | 000,032,256 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfrsmg.exe
[2010.07.11 09:27:56 | 000,029,696 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmflpt.dll
[2010.07.11 09:27:55 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\brmfcwia.dll
[2010.07.11 09:27:55 | 000,015,360 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfbidi.dll
[2010.07.11 09:27:54 | 000,012,160 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltlo.sys
[2010.07.11 09:27:54 | 000,003,968 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltup.sys
[2010.07.11 09:27:54 | 000,002,944 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brfilt.sys
[2010.07.11 09:27:53 | 000,012,800 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brevif.dll
[2010.07.11 09:27:53 | 000,009,728 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brcoinst.dll
[2010.07.11 09:27:52 | 000,019,456 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brbidiif.dll
[2010.07.11 09:27:51 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\binlsvc.dll
[2010.07.11 09:27:50 | 000,871,388 | ---- | C] (BCM) -- C:\WINDOWS\System32\dllcache\bcmdm.sys
[2010.07.11 09:27:50 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdaplgin.ax
[2010.07.11 09:27:50 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdasup.sys
[2010.07.11 09:27:49 | 000,066,557 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\bcm42u.sys
[2010.07.11 09:27:49 | 000,054,271 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\bcm42xx5.sys
[2010.07.11 09:27:49 | 000,026,568 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\bcm4e5.sys
[2010.07.11 09:27:48 | 000,036,128 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.sys
[2010.07.11 09:27:48 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\battc.sys
[2010.07.11 09:27:47 | 000,342,336 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.dll
[2010.07.11 09:27:47 | 000,097,440 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\b57xp32.sys
[2010.07.11 09:27:46 | 000,089,952 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\b1cbase.sys
[2010.07.11 09:27:46 | 000,037,568 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmwan.sys
[2010.07.11 09:27:46 | 000,036,992 | ---- | C] (Aztech Systems Ltd) -- C:\WINDOWS\System32\dllcache\aztw2320.sys
[2010.07.11 09:27:45 | 000,144,384 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmenum.dll
[2010.07.11 09:27:45 | 000,087,552 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmcoxp.dll
[2010.07.11 09:27:44 | 000,036,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avcaudio.sys
[2010.07.11 09:27:44 | 000,013,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avcstrm.sys
[2010.07.11 09:27:43 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avc.sys
[2010.07.11 09:27:39 | 000,070,784 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atiragem.sys
[2010.07.11 09:27:38 | 000,104,832 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atiraged.dll
[2010.07.11 09:27:37 | 000,281,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atimtai.sys
[2010.07.11 09:27:37 | 000,075,392 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atimpae.sys
[2010.07.11 09:27:36 | 000,289,920 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atimpab.sys
[2010.07.11 09:27:36 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atievxx.exe
[2010.07.11 09:27:35 | 000,382,592 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atidrab.dll
[2010.07.11 09:27:35 | 000,268,160 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atidvai.dll
[2010.07.11 09:27:35 | 000,137,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atidrae.dll
[2010.07.11 09:27:33 | 000,097,354 | ---- | C] (Bay Networks, Inc.) -- C:\WINDOWS\System32\dllcache\aspndis3.sys
[2010.07.11 09:27:33 | 000,096,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ati.dll
[2010.07.11 09:27:33 | 000,077,824 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\ati.sys
[2010.07.11 09:27:32 | 000,026,496 | ---- | C] (Advanced System Products, Inc.) -- C:\WINDOWS\System32\dllcache\asc.sys
[2010.07.11 09:27:32 | 000,022,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asc3350p.sys
[2010.07.11 09:27:32 | 000,014,848 | ---- | C] (Advanced System Products, Inc.) -- C:\WINDOWS\System32\dllcache\asc3550.sys
[2010.07.11 09:27:31 | 000,006,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\apmbatt.sys
[2010.07.11 09:27:30 | 000,036,224 | ---- | C] (ADMtek Incorporated.) -- C:\WINDOWS\System32\dllcache\an983.sys
[2010.07.11 09:27:30 | 000,016,969 | ---- | C] (AmbiCom, Inc.) -- C:\WINDOWS\System32\dllcache\amb8002.sys
[2010.07.11 09:27:30 | 000,012,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\amsint.sys
[2010.07.11 09:27:29 | 000,027,678 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\ali5261.sys
[2010.07.11 09:27:29 | 000,026,624 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\alifir.sys
[2010.07.11 09:27:29 | 000,005,248 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\aliide.sys
[2010.07.11 09:27:28 | 000,056,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aic78xx.sys
[2010.07.11 09:27:28 | 000,055,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aic78u2.sys
[2010.07.11 09:27:28 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aha154x.sys
[2010.07.11 09:27:26 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agcgauge.ax
[2010.07.11 09:26:40 | 000,747,392 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8830.sys
[2010.07.11 09:26:40 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adpu160m.sys
[2010.07.11 09:26:40 | 000,046,112 | ---- | C] (Adaptec, Inc ) -- C:\WINDOWS\System32\dllcache\adptsf50.sys
[2010.07.11 09:26:40 | 000,010,880 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\admjoy.sys
[2010.07.11 09:26:39 | 000,584,448 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8810.sys
[2010.07.11 09:26:39 | 000,553,984 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8820.sys
[2010.07.11 09:26:39 | 000,020,160 | ---- | C] (ADMtek Incorporated) -- C:\WINDOWS\System32\dllcache\adm8511.sys
[2010.07.11 09:26:38 | 000,061,952 | ---- | C] (Farb-Flachbett-Scanner) -- C:\WINDOWS\System32\dllcache\acerscad.dll
[2010.07.11 09:26:38 | 000,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adicvls.sys
[2010.07.11 09:26:37 | 000,297,728 | ---- | C] (Silicon Integrated Systems Corp.) -- C:\WINDOWS\System32\dllcache\ac97sis.sys
[2010.07.11 09:26:37 | 000,231,552 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\ac97ali.sys
[2010.07.11 09:26:37 | 000,096,256 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\ac97intc.sys
[2010.07.11 09:26:37 | 000,084,480 | ---- | C] (VIA Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\ac97via.sys
[2010.07.11 09:26:37 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\abp480n5.sys
[2010.07.11 09:26:36 | 000,462,848 | ---- | C] (Aureal Inc.) -- C:\WINDOWS\System32\dllcache\a3dapi.dll
[2010.07.11 09:26:36 | 000,098,304 | ---- | C] (Aureal Semiconductor) -- C:\WINDOWS\System32\dllcache\a3d.dll
[2010.07.11 09:26:36 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\8514a.dll
[2010.07.11 09:26:35 | 000,762,780 | ---- | C] (3Com, Inc.) -- C:\WINDOWS\System32\dllcache\3cwmcru.sys
[2010.07.11 09:26:35 | 000,689,216 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvs.dll
[2010.07.11 09:26:35 | 000,148,352 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvsm.sys
[2010.07.11 09:26:35 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\61883.sys
[2010.07.11 09:26:35 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\4mmdat.sys
[2010.07.11 09:26:34 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\1394vdbg.sys
[2010.07.11 09:26:20 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\s3legacy.dll
[2010.07.10 09:06:47 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Admin\IETldCache
[2010.07.09 11:28:19 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Beok
[2010.07.09 10:06:59 | 000,000,000 | ---D | C] -- C:\_OTL
[2010.07.09 09:31:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\Macromedia
[2010.07.08 16:35:39 | 000,000,000 | ---D | C] -- C:\Programme\a-squared Free
[2010.07.08 16:35:39 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Admin\Eigene Dateien\a-squared Free
[2010.07.08 16:32:38 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\Adobe
[2010.06.28 08:03:44 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Admin\Desktop\lap-rechnungen

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2010.07.15 07:34:00 | 000,000,418 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{EFEF8E6C-0BD5-4F24-BC04-E9CC0FC61AAC}.job
[2010.07.15 07:31:00 | 000,200,712 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010.07.15 07:30:59 | 000,001,084 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010.07.15 07:30:59 | 000,000,362 | ---- | M] () -- C:\WINDOWS\tasks\Registry Reviver-Admin-Startup.job
[2010.07.15 07:30:56 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.07.15 07:30:53 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.07.14 20:39:04 | 005,505,024 | ---- | M] () -- C:\Dokumente und Einstellungen\Admin\NTUSER.DAT
[2010.07.14 20:19:08 | 000,000,263 | ---- | M] () -- C:\Dokumente und Einstellungen\Admin\Desktop\Parallels Confixx.url
[2010.07.14 20:14:00 | 000,001,088 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010.07.14 19:56:20 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010.07.14 19:52:38 | 017,010,016 | ---- | M] (Microsoft Corporation) -- C:\Dokumente und Einstellungen\Admin\Desktop\IE8-WindowsXP-x86-DEU.exe
[2010.07.14 19:36:16 | 000,177,456 | ---- | M] () -- C:\Dokumente und Einstellungen\Admin\Desktop\activescan2_de.exe
[2010.07.14 15:56:15 | 000,000,026 | ---- | M] () -- C:\WINDOWS\Zone.Identifier
[2010.07.14 15:41:37 | 000,464,491 | ---- | M] () -- C:\Dokumente und Einstellungen\Admin\Desktop\RootRepeal.zip
[2010.07.14 13:29:10 | 000,293,376 | ---- | M] () -- C:\Dokumente und Einstellungen\Admin\Desktop\gmer.exe
[2010.07.14 12:11:32 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Admin\Desktop\OTL.exe
[2010.07.14 11:58:39 | 000,000,676 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.07.14 11:52:06 | 006,153,352 | ---- | M] (Malwarebytes Corporation ) -- C:\Dokumente und Einstellungen\Admin\Desktop\mbam146-setup.exe
[2010.07.14 11:20:18 | 000,000,488 | ---- | M] () -- C:\hpfr5550.xml
[2010.07.14 10:10:06 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010.07.14 10:09:40 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010.07.14 10:02:40 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2010.07.14 09:53:04 | 003,739,352 | R--- | M] () -- C:\Dokumente und Einstellungen\Admin\Desktop\ComboFix.exe
[2010.07.13 20:02:05 | 000,001,566 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mozilla Firefox.lnk
[2010.07.13 19:39:16 | 000,000,780 | ---- | M] () -- C:\Dokumente und Einstellungen\Admin\Desktop\bernd-sievers.rtf
[2010.07.13 19:32:51 | 000,000,760 | ---- | M] () -- C:\Dokumente und Einstellungen\Admin\Desktop\kerns.rtf
[2010.07.13 18:36:25 | 000,001,316 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.07.13 18:36:25 | 000,001,316 | ---- | M] () -- C:\WINDOWS\System32\wpa.bak
[2010.07.11 09:28:19 | 000,703,178 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.07.11 09:28:19 | 000,309,810 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2010.07.11 09:28:19 | 000,305,318 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.07.11 09:28:19 | 000,045,672 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2010.07.11 09:28:19 | 000,037,760 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.07.11 09:15:42 | 000,005,208 | ---- | M] () -- C:\WINDOWS\System32\pid.PNF
[2010.07.10 09:48:54 | 000,000,532 | ---- | M] () -- C:\WINDOWS\win.ini
[2010.07.10 09:48:54 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2010.07.10 09:32:45 | 000,000,190 | -HS- | M] () -- C:\Dokumente und Einstellungen\Admin\ntuser.ini
[2010.06.30 17:25:00 | 001,013,584 | ---- | M] (Kaspersky Lab) -- C:\Dokumente und Einstellungen\Admin\Desktop\TDSSKiller.exe

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010.07.14 19:36:16 | 000,177,456 | ---- | C] () -- C:\Dokumente und Einstellungen\Admin\Desktop\activescan2_de.exe
[2010.07.14 15:56:15 | 000,000,026 | ---- | C] () -- C:\WINDOWS\Zone.Identifier
[2010.07.14 15:41:37 | 000,464,491 | ---- | C] () -- C:\Dokumente und Einstellungen\Admin\Desktop\RootRepeal.zip
[2010.07.14 13:30:59 | 000,293,376 | ---- | C] () -- C:\Dokumente und Einstellungen\Admin\Desktop\gmer.exe
[2010.07.14 11:53:58 | 000,000,362 | ---- | C] () -- C:\WINDOWS\tasks\Registry Reviver-Admin-Startup.job
[2010.07.14 10:16:50 | 000,000,780 | ---- | C] () -- C:\Dokumente und Einstellungen\Admin\Desktop\bernd-sievers.rtf
[2010.07.14 10:15:59 | 000,000,760 | ---- | C] () -- C:\Dokumente und Einstellungen\Admin\Desktop\kerns.rtf
[2010.07.14 10:02:40 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2010.07.14 10:02:36 | 000,262,448 | ---- | C] () -- C:\cmldr
[2010.07.14 10:00:29 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010.07.14 10:00:29 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010.07.14 10:00:29 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010.07.14 10:00:29 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010.07.14 10:00:29 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010.07.14 09:55:02 | 003,739,352 | R--- | C] () -- C:\Dokumente und Einstellungen\Admin\Desktop\ComboFix.exe
[2010.07.11 10:04:52 | 000,000,418 | -H-- | C] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{EFEF8E6C-0BD5-4F24-BC04-E9CC0FC61AAC}.job
[2010.07.11 09:30:03 | 000,029,768 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divasu.dll
[2010.07.11 09:30:02 | 000,037,962 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaprop.dll
[2010.07.11 09:30:01 | 000,006,216 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaci.dll
[2010.07.11 09:29:58 | 000,031,817 | ---- | C] () -- C:\WINDOWS\System32\dllcache\disrvpp.dll
[2010.07.11 09:27:42 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atixbar.sys
[2010.07.11 09:27:41 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativxbar.sys
[2010.07.11 09:27:41 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativttxx.sys
[2010.07.11 09:27:40 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitvsnd.sys
[2010.07.11 09:27:40 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitunep.sys
[2010.07.11 09:27:40 | 000,009,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativmdcd.sys
[2010.07.11 09:27:39 | 000,049,920 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtcap.sys
[2010.07.11 09:27:39 | 000,026,880 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtsnd.sys
[2010.07.11 09:27:38 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atipcxxx.sys
[2010.07.11 09:27:34 | 000,046,464 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atibt829.sys
[2010.07.11 09:15:38 | 000,005,208 | ---- | C] () -- C:\WINDOWS\System32\pid.PNF
[2010.07.08 16:49:20 | 000,000,676 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.04.08 08:48:46 | 000,000,056 | ---- | C] () -- C:\WINDOWS\uilib.INI
[2010.01.07 17:50:28 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2009.08.16 10:26:39 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009.02.28 18:42:24 | 000,001,176 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2009.02.16 14:46:29 | 000,000,173 | ---- | C] () -- C:\WINDOWS\KPCMS.INI
[2009.02.16 14:46:16 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\MSVCRT10.DLL
[2009.02.16 13:38:31 | 000,065,536 | ---- | C] () -- C:\WINDOWS\Dit.DLL
[2009.02.16 13:38:31 | 000,000,208 | ---- | C] () -- C:\WINDOWS\Dit.INI
[2008.09.18 00:55:00 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008.09.18 00:55:00 | 001,503,232 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008.09.18 00:55:00 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008.09.18 00:55:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008.09.18 00:55:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2003.11.18 10:03:28 | 000,200,704 | --S- | C] () -- C:\WINDOWS\System32\archlib.dll
[2003.03.09 22:31:04 | 000,561,152 | ---- | C] () -- C:\WINDOWS\System32\hpotscl.dll
< End of report >

15.07.2010, 12:06

gangren

Member

Beiträge: 420

#48 Eine Sache ist da noch.
Starte bitte OTL, kopiere unten in das Script-Feld rein

Zitat

:OTL
O33 - MountPoints2\{219e8048-bef1-11de-8a77-001676b68f9e}\Shell\AutoRun\command - "" = RECYCLER32\dmgr.exe
O33 - MountPoints2\{219e8048-bef1-11de-8a77-001676b68f9e}\Shell\open\command - "" = RECYCLER32\dmgr.exe

und Klicke auf Run Fix.

War Laufwerk H: Dein Stick und hast Du es formatiert?

15.07.2010, 12:12

r123s

Member

Themenstarter

Beiträge: 262

#49 ========== OTL ==========
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{219e8048-bef1-11de-8a77-001676b68f9e}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{219e8048-bef1-11de-8a77-001676b68f9e}\ not found.
File C:\RECYCLER32\dmgr.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{219e8048-bef1-11de-8a77-001676b68f9e}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{219e8048-bef1-11de-8a77-001676b68f9e}\ not found.
File C:\RECYCLER32\dmgr.exe not found.

OTL by OldTimer - Version 3.2.9.0 log created on 07152010_121154

15.07.2010, 12:14

r123s

Member

Themenstarter

Beiträge: 262

#50 Der Stick ist nicht drin ich habe ihn rausgezogen.
Wechselmedium H wird nicht im Windows Explorer angezeigt

Meinst du den Inhalt von H da sind aber wichtige Dateien drauf.

15.07.2010, 12:22

gangren

Member

Beiträge: 420

#51 Halte bitte die shift-Taste gedrückt (um Autorun auszuschalten) und schließe Deinen Stick an. Ist es H

Sichere die wichtigen Dateien und formatiere den Stick bitte.

Starte danach OTL, klicke auf None, kopiere unten in das Script-Feld rein:

Zitat

C:\|dmgr.exe;true;true;true /FP

und klicke auf Run Scan. Die OTL.txt bitte posten.

15.07.2010, 15:48

r123s

Member

Themenstarter

Beiträge: 262

#52 Error: Unable to interpret <C:\|dmgr.exe;true;true;true /FP> in the current context!

OTL by OldTimer - Version 3.2.9.0 log created on 07152010_154829

15.07.2010, 15:49

r123s

Member

Themenstarter

Beiträge: 262

#53 Error: Unable to interpret <C:\|dmgr.exe;true;true;true /FP> in the current context!

OTL by OldTimer - Version 3.2.9.0 log created on 07152010_154917

15.07.2010, 16:49

gangren

Member

Beiträge: 420

#54 Hm, naja, wenn der Stick formatiert wurde, sollte es in Ordnung sein.

Wir sind soweit durch. Zum Abschluß:

1. Könntest Du bitte die Ordner C:\_OTL und C:\Qoobox zippen, die zip-Datei auf http://www.file-upload.net/ hochladen und mir den Downloadlink per PM schicken? Das sind die Quarantäne-Ordner. Ich würde mir die Sachen ansehen und ggf. an verschiedene AV-Hersteller schicken, um die Erkennung zu verbessern. Danke

Danach (sonst sind die Ordner weg):
2. Starte OTL und klicke bitte auf CleanUP

3. Für Registry-Bereinigung eignet sich gut http://www.piriform.com/CCleaner (Freeware)

4. Hol Dir http://secunia.com/vulnerability_scanning/personal/ und halte damit Dein System auf dem neuesten Stand.

5. Lies Dir das hier durch: http://malte-wetz.de/wiki/pmwiki.php/De/KompromittierungUnvermeidbar

Wir sind fertig

Gruß,
gangren

17.07.2010, 08:56

r123s

Member

Themenstarter

Beiträge: 262

#55 sollte ich ein Firewall aktivieren welchen Tipp gibst du mir ?
Virenschutz ?

Damit dieses Problem nicht erneut auftaucht
Gruss

17.07.2010, 12:14

gangren

Member

Beiträge: 420

#56 Als Schutz gegen Malware ist die Windows-Firewall vollkommen ausreichend. Möchte man kontrollieren, welche Programme "nach Hause telefonieren", kann man eine zusätzliche Firewall benutzen.

Welches AV-Pogramm (Virenschutz) man einsetzt, ist zweitrangig. Als Freeware (nur für Privatnutzer) haben z.B. Avira Antivir oder auch avast! einen guten Ruf. Die wichtigste Regel lautet aber: vertraue nie einem AV-Programm. Gegen neue Bedrohungen sind solche Programme praktisch wirkungslos.
Halte Dein System auf dem neuesten Stand (Punkt 4 oben) und überlege sorgfältig, was Du auf der Kiste ausgeführt haben willst. Stammt eine ausführbare Datei aus einer fragwürdigen Quelle, gehört sie in den Müll. Siehe auch Punkt 5 oben.

Gruß,
gangren

19.07.2010, 08:47

r123s

Member

Themenstarter

Beiträge: 262

#57 Der Computer ist wieder Top !

Beim Aufruf von Google oder ähnlichen Seiten, habe ich noch das Problem dass
beim runterscrollen die Seiten nicht mehr fliessen gleiten, es ruckelt.
Woran kann das liegen.

19.07.2010, 12:26

gangren

Member

Beiträge: 420

#58 Passiert das bei allen Browsern?

19.07.2010, 15:04

r123s

Member

Themenstarter

Beiträge: 262

#59 Leider ja, vorher hatte ich dieses Problem nicht .

19.07.2010, 18:03

gangren

Member

Beiträge: 420

#60 Du könntest versuchen, die Festplatten zu defragmentieren (vorher alle nicht mehr benötigte Programme deinstallieren, wenn man schon dabei ist).
Wenn das nichts bringt, hilft es vllt. den aktuellsten Grafikkartentreiber zu installieren (bzw. neuinstallieren, falls schon der aktuellste drauf ist).

Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!

Folgende Themen könnten Dich auch interessieren:

Seite(n): 1 2 3 4 5