Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
TrojanDownloader:Win32/Bubnix.A

TrojanDownloader:Win32/Bubnix.A


Plagegeister aller Art und deren Bekämpfung: TrojanDownloader:Win32/Bubnix.A

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 16.09.2010, 19:52   #1
transall
 
TrojanDownloader:Win32/Bubnix.A - Standard

TrojanDownloader:Win32/Bubnix.A


Hallo an Alle,

ich bin am verzweifeln.
Habe hier einen Rechner mit Win 7 Ultimade und einem Trojaner, der ihn sehr ärgert und mich zur Weißglut bringt.
Also :
Lasse ich ihn ohne Lan-Kabel starten scheint alles normal zu laufen, stecke ich das Lan-Kabel ein und er verbindet sich mit dem I-net kommt gleich ein Fenster,
schwerwiegender Fehler, ihr System wird in einer Minute neu gestartet.
GMER Logfile:
Code:
ATTFilter
GMER 1.0.15.15281 - hxxp://www.gmer.net
Rootkit scan 2010-09-16 20:29:27
Windows 6.1.7600 
Running: hu1uzrhz.exe; Driver: C:\Users\ADMINI~1\AppData\Local\Temp\kwldrpog.sys


---- System - GMER 1.0.15 ----

INT 0x1F        \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)                 83C1FAF8
INT 0x37        \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)                 83C1F104
INT 0xC1        \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)                 83C1F3F4
INT 0xD1        \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)                 83C082D8
INT 0xDF        \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)                 83C1F1DC
INT 0xE1        \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)                 83C1F958
INT 0xE3        \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)                 83C1F6F8
INT 0xFD        \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)                 83C1FF2C
INT 0xFE        \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)                 83C201A8

---- Kernel code sections - GMER 1.0.15 ----

.text           ntkrnlpa.exe!ZwSaveKeyEx + 13AD                                                                          83C7F599 1 Byte  [06]
.text           ntkrnlpa.exe!KiDispatchInterrupt + 5A2                                                                   83CA3F52 19 Bytes  [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
?               System32\Drivers\bkeqia.sys                                                                              Ein an das System angeschlossenes Gerät funktioniert nicht. !
.text           peauth.sys                                                                                               A4698C9D 28 Bytes  [9E, 86, D9, BB, 36, 6E, 32, ...]
.text           peauth.sys                                                                                               A4698CC1 28 Bytes  [9E, 86, D9, BB, 36, 6E, 32, ...]
PAGE            peauth.sys                                                                                               A469F02C 102 Bytes  [C1, 5B, 7A, AD, 5B, EB, 2A, ...]

---- User IAT/EAT - GMER 1.0.15 ----

IAT             C:\Windows\System32\rundll32.exe[2060] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress]    [75605E25] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT             C:\Windows\System32\rundll32.exe[2060] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress]     [75605E25] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT             C:\Windows\System32\rundll32.exe[2060] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress]   [75605E25] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT             C:\Windows\System32\rundll32.exe[2060] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress]  [75605E25] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)

---- Devices - GMER 1.0.15 ----

Device          \FileSystem\Ntfs \Ntfs                                                                                   87411218

AttachedDevice  \Driver\tdx \Device\Tcp                                                                                  Lbd.sys (Boot Driver/Lavasoft AB)
AttachedDevice  \Driver\volmgr \Device\HarddiskVolume1                                                                   fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice  \Driver\volmgr \Device\HarddiskVolume1                                                                   rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)
AttachedDevice  \Driver\volmgr \Device\HarddiskVolume2                                                                   fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice  \Driver\volmgr \Device\HarddiskVolume2                                                                   rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)
AttachedDevice  \Driver\volmgr \Device\HarddiskVolume3                                                                   fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice  \Driver\volmgr \Device\HarddiskVolume3                                                                   rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)
AttachedDevice  \Driver\volmgr \Device\HarddiskVolume4                                                                   fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice  \Driver\volmgr \Device\HarddiskVolume4                                                                   rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)

Device          \Driver\ACPI_HAL \Device\0000004e                                                                        halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)

AttachedDevice  \FileSystem\fastfat \Fat                                                                                 fltmgr.sys (Microsoft Dateisystem-Filter-Manager/Microsoft Corporation)

---- Registry - GMER 1.0.15 ----

Reg             HKLM\SYSTEM\ControlSet001\services\bkeqia@Type                                                           1
Reg             HKLM\SYSTEM\ControlSet001\services\bkeqia@Start                                                          0
Reg             HKLM\SYSTEM\ControlSet001\services\bkeqia@ErrorControl                                                   0
Reg             HKLM\SYSTEM\ControlSet001\services\bkeqia@Group                                                          Boot Bus Extender
Reg             HKLM\SYSTEM\ControlSet002\services\bkeqia@Type                                                           1
Reg             HKLM\SYSTEM\ControlSet002\services\bkeqia@Start                                                          0
Reg             HKLM\SYSTEM\ControlSet002\services\bkeqia@ErrorControl                                                   0
Reg             HKLM\SYSTEM\ControlSet002\services\bkeqia@Group                                                          Boot Bus Extender
Reg             HKLM\SYSTEM\ControlSet003\services\bkeqia@Type                                                           1
Reg             HKLM\SYSTEM\ControlSet003\services\bkeqia@Start                                                          0
Reg             HKLM\SYSTEM\ControlSet003\services\bkeqia@ErrorControl                                                   0
Reg             HKLM\SYSTEM\ControlSet003\services\bkeqia@Group                                                          Boot Bus Extender
Reg             HKLM\SYSTEM\CurrentControlSet\services\bkeqia@Type                                                       1
Reg             HKLM\SYSTEM\CurrentControlSet\services\bkeqia@Start                                                      0
Reg             HKLM\SYSTEM\CurrentControlSet\services\bkeqia@ErrorControl                                               0
Reg             HKLM\SYSTEM\CurrentControlSet\services\bkeqia@Group                                                      Boot Bus Extender

---- EOF - GMER 1.0.15 ----
--- --- ---

Kann mir da jemand von euch weiterhelfen?
Wäre unendlich dankbar.

LG
Geändert von transall (16.09.2010 um 19:54 Uhr) Grund: Fehler

Alt 16.09.2010, 21:34   #2
transall
 
TrojanDownloader:Win32/Bubnix.A - Standard

TrojanDownloader:Win32/Bubnix.A


Scan mit OTLOTL Logfile:
Code:
ATTFilter
OTL logfile created on: 16.09.2010 22:16:32 - Run 3
OTL by OldTimer - Version 3.2.12.1     Folder = C:\Users\Administrator\Desktop
 Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 70,00% Memory free
5,00 Gb Paging File | 5,00 Gb Available in Paging File | 85,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 380,93 Gb Total Space | 351,74 Gb Free Space | 92,34% Space Free | Partition Type: NTFS
Drive D: | 317,60 Gb Total Space | 293,10 Gb Free Space | 92,29% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 1,85 Gb Total Space | 1,07 Gb Free Space | 57,75% Space Free | Partition Type: FAT32
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: ALEX-PC
Current User Name: Administrator
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 360 Days
Output = Minimal
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Administrator\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Windows\System32\sppsvc.exe (Microsoft Corporation)
PRC - C:\Windows\vsnpstd.exe ()
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Administrator\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\System32\rsaenh.dll (Microsoft Corporation)
MOD - C:\Windows\System32\sspicli.dll (Microsoft Corporation)
MOD - C:\Windows\System32\sechost.dll (Microsoft Corporation)
MOD - C:\Windows\System32\samcli.dll (Microsoft Corporation)
MOD - C:\Windows\System32\RpcRtRemote.dll (Microsoft Corporation)
MOD - C:\Windows\System32\profapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\netutils.dll (Microsoft Corporation)
MOD - C:\Windows\System32\mssprxy.dll (Microsoft Corporation)
MOD - C:\Windows\System32\KernelBase.dll (Microsoft Corporation)
MOD - C:\Windows\System32\dwmapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\devobj.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cryptsp.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cryptbase.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cfgmgr32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe File not found
SRV - (Lavasoft Ad-Aware Service) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (WwanSvc) -- C:\Windows\System32\wwansvc.dll (Microsoft Corporation)
SRV - (WbioSrvc) -- C:\Windows\System32\wbiosrvc.dll (Microsoft Corporation)
SRV - (Power) -- C:\Windows\System32\umpo.dll (Microsoft Corporation)
SRV - (Themes) -- C:\Windows\System32\themeservice.dll (Microsoft Corporation)
SRV - (sppuinotify) -- C:\Windows\System32\sppuinotify.dll (Microsoft Corporation)
SRV - (RpcEptMapper) -- C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (PNRPsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (p2pimsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (HomeGroupProvider) -- C:\Windows\System32\provsvc.dll (Microsoft Corporation)
SRV - (PNRPAutoReg) -- C:\Windows\System32\pnrpauto.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (HomeGroupListener) -- C:\Windows\System32\ListSvc.dll (Microsoft Corporation)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (Dhcp) -- C:\Windows\System32\dhcpcore.dll (Microsoft Corporation)
SRV - (defragsvc) -- C:\Windows\System32\defragsvc.dll (Microsoft Corporation)
SRV - (BDESVC) -- C:\Windows\System32\bdesvc.dll (Microsoft Corporation)
SRV - (AxInstSV) ActiveX-Installer (AxInstSV) -- C:\Windows\System32\AxInstSv.dll (Microsoft Corporation)
SRV - (AppIDSvc) -- C:\Windows\System32\appidsvc.dll (Microsoft Corporation)
SRV - (sppsvc) -- C:\Windows\System32\sppsvc.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (XDva358) -- C:\Windows\System32\XDva358.sys File not found
DRV - (XDva352) -- C:\Windows\System32\XDva352.sys File not found
DRV - (XDva349) -- C:\Windows\System32\XDva349.sys File not found
DRV - (XDva347) -- C:\Windows\System32\XDva347.sys File not found
DRV - (XDva346) -- C:\Windows\System32\XDva346.sys File not found
DRV - (XDva336) -- C:\Windows\System32\XDva336.sys File not found
DRV - (XDva332) -- C:\Windows\System32\XDva332.sys File not found
DRV - (XDva327) -- C:\Windows\System32\XDva327.sys File not found
DRV - (USBModem) -- C:\Windows\System32\DRIVERS\lgusbmodem.sys File not found
DRV - (usbbus) -- C:\Windows\System32\DRIVERS\lgusbbus.sys File not found
DRV - (gmwxpnlk) -- C:\Windows\System32\drivers\gmwxpnlk.sys File not found
DRV - (Lbd) -- C:\Windows\system32\DRIVERS\Lbd.sys (Lavasoft AB)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (SASKUTIL) -- C:\Programme\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASDIFSV) -- C:\Programme\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (KSecPkg) -- C:\Windows\System32\Drivers\ksecpkg.sys (Microsoft Corporation)
DRV - (cmdide) -- C:\Windows\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (adpahci) -- C:\Windows\system32\DRIVERS\adpahci.sys (Adaptec, Inc.)
DRV - (adp94xx) -- C:\Windows\system32\DRIVERS\adp94xx.sys (Adaptec, Inc.)
DRV - (amdsbs) -- C:\Windows\system32\DRIVERS\amdsbs.sys (AMD Technologies Inc.)
DRV - (adpu320) -- C:\Windows\system32\DRIVERS\adpu320.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\DRIVERS\arcsas.sys (Adaptec, Inc.)
DRV - (amdsata) -- C:\Windows\system32\DRIVERS\amdsata.sys (Advanced Micro Devices)
DRV - (arc) -- C:\Windows\system32\DRIVERS\arc.sys (Adaptec, Inc.)
DRV - (amdxata) -- C:\Windows\system32\DRIVERS\amdxata.sys (Advanced Micro Devices)
DRV - (aliide) -- C:\Windows\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (nvstor) -- C:\Windows\system32\DRIVERS\nvstor.sys (NVIDIA Corporation)
DRV - (nvraid) -- C:\Windows\system32\DRIVERS\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\DRIVERS\nfrd960.sys (IBM Corporation)
DRV - (LSI_SAS) -- C:\Windows\system32\DRIVERS\lsi_sas.sys (LSI Corporation)
DRV - (iaStorV) -- C:\Windows\system32\DRIVERS\iaStorV.sys (Intel Corporation)
DRV - (MegaSR) -- C:\Windows\system32\DRIVERS\MegaSR.sys (LSI Corporation, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\DRIVERS\lsi_scsi.sys (LSI Corporation)
DRV - (LSI_FC) -- C:\Windows\system32\DRIVERS\lsi_fc.sys (LSI Corporation)
DRV - (LSI_SAS2) -- C:\Windows\system32\DRIVERS\lsi_sas2.sys (LSI Corporation)
DRV - (iirsp) -- C:\Windows\system32\DRIVERS\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (megasas) -- C:\Windows\system32\DRIVERS\megasas.sys (LSI Corporation)
DRV - (hwpolicy) -- C:\Windows\System32\drivers\hwpolicy.sys (Microsoft Corporation)
DRV - (elxstor) -- C:\Windows\system32\DRIVERS\elxstor.sys (Emulex)
DRV - (aic78xx) -- C:\Windows\system32\DRIVERS\djsvs.sys (Adaptec, Inc.)
DRV - (HpSAMD) -- C:\Windows\system32\DRIVERS\HpSAMD.sys (Hewlett-Packard Company)
DRV - (FsDepends) -- C:\Windows\System32\drivers\fsdepends.sys (Microsoft Corporation)
DRV - (vsmraid) -- C:\Windows\system32\DRIVERS\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (vmbus) -- C:\Windows\system32\DRIVERS\vmbus.sys (Microsoft Corporation)
DRV - (vhdmp) -- C:\Windows\system32\DRIVERS\vhdmp.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\system32\DRIVERS\vmstorfl.sys (Microsoft Corporation)
DRV - (vdrvroot) -- C:\Windows\system32\DRIVERS\vdrvroot.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\system32\DRIVERS\storvsc.sys (Microsoft Corporation)
DRV - (WIMMount) -- C:\Windows\System32\drivers\wimmount.sys (Microsoft Corporation)
DRV - (viaide) -- C:\Windows\system32\DRIVERS\viaide.sys (VIA Technologies, Inc.)
DRV - (ql2300) -- C:\Windows\system32\DRIVERS\ql2300.sys (QLogic Corporation)
DRV - (rdyboost) -- C:\Windows\System32\drivers\rdyboost.sys (Microsoft Corporation)
DRV - (ql40xx) -- C:\Windows\system32\DRIVERS\ql40xx.sys (QLogic Corporation)
DRV - (SiSRaid4) -- C:\Windows\system32\DRIVERS\sisraid4.sys (Silicon Integrated Systems)
DRV - (pcw) -- C:\Windows\System32\drivers\pcw.sys (Microsoft Corporation)
DRV - (SiSRaid2) -- C:\Windows\system32\DRIVERS\SiSRaid2.sys (Silicon Integrated Systems Corp.)
DRV - (stexstor) -- C:\Windows\system32\DRIVERS\stexstor.sys (Promise Technology)
DRV - (CNG) -- C:\Windows\System32\Drivers\cng.sys (Microsoft Corporation)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\System32\Drivers\Brserid.sys (Brother Industries Ltd.)
DRV - (rdpbus) -- C:\Windows\System32\drivers\rdpbus.sys (Microsoft Corporation)
DRV - (RDPREFMP) -- C:\Windows\System32\drivers\RDPREFMP.sys (Microsoft Corporation)
DRV - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\System32\drivers\agilevpn.sys (Microsoft Corporation)
DRV - (WfpLwf) -- C:\Windows\System32\drivers\wfplwf.sys (Microsoft Corporation)
DRV - (NdisCap) -- C:\Windows\System32\drivers\ndiscap.sys (Microsoft Corporation)
DRV - (vwifibus) -- C:\Windows\System32\drivers\vwifibus.sys (Microsoft Corporation)
DRV - (1394ohci) -- C:\Windows\System32\drivers\1394ohci.sys (Microsoft Corporation)
DRV - (UmPass) -- C:\Windows\system32\DRIVERS\umpass.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (mshidkmdf) -- C:\Windows\System32\drivers\mshidkmdf.sys (Microsoft Corporation)
DRV - (MTConfig) -- C:\Windows\system32\DRIVERS\MTConfig.sys (Microsoft Corporation)
DRV - (CompositeBus) -- C:\Windows\System32\drivers\CompositeBus.sys (Microsoft Corporation)
DRV - (AppID) -- C:\Windows\system32\drivers\appid.sys (Microsoft Corporation)
DRV - (scfilter) -- C:\Windows\System32\drivers\scfilter.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\system32\DRIVERS\vms3cap.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\system32\DRIVERS\VMBusHID.sys (Microsoft Corporation)
DRV - (discache) -- C:\Windows\System32\drivers\discache.sys (Microsoft Corporation)
DRV - (HidBatt) -- C:\Windows\system32\DRIVERS\HidBatt.sys (Microsoft Corporation)
DRV - (AcpiPmi) -- C:\Windows\system32\DRIVERS\acpipmi.sys (Microsoft Corporation)
DRV - (AmdPPM) -- C:\Windows\System32\drivers\amdppm.sys (Microsoft Corporation)
DRV - (hcw85cir) -- C:\Windows\system32\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (BrUsbMdm) -- C:\Windows\System32\Drivers\BrUsbMdm.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\System32\Drivers\BrUsbSer.sys (Brother Industries Ltd.)
DRV - (BrSerWdm) -- C:\Windows\System32\Drivers\BrSerWdm.sys (Brother Industries Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\DRIVERS\BrFiltLo.sys (Brother Industries, Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\DRIVERS\BrFiltUp.sys (Brother Industries, Ltd.)
DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvm62x32.sys (NVIDIA Corporation)
DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation)
DRV - (ebdrv) -- C:\Windows\system32\DRIVERS\evbdx.sys (Broadcom Corporation)
DRV - (b06bdrv) -- C:\Windows\system32\DRIVERS\bxvbdx.sys (Broadcom Corporation)
DRV - (t3) -- C:\Windows\System32\drivers\t3.sys (Creative Technology Ltd.)
DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation)
DRV - (NVNET) -- C:\Windows\System32\drivers\nvmf6232.sys (NVIDIA Corporation)
DRV - (nvsmu) -- C:\Windows\System32\drivers\nvsmu.sys (NVIDIA Corporation)
DRV - (RTL8167) -- C:\Windows\System32\drivers\Rt86win7.sys (Realtek Corporation                                            )
DRV - (SaiNtBus) -- C:\Windows\System32\drivers\SaiBus.sys (Saitek)
DRV - (SaiMini) -- C:\Windows\System32\drivers\SaiMini.sys (Saitek)
DRV - (SaiK0728) -- C:\Windows\System32\drivers\SaiK0728.sys (Saitek)
DRV - (snpstd) -- C:\Windows\System32\drivers\snpstd.sys ()
DRV - (ZD1211U(Digital Data Communication)) LevelOne WNC-0301USB 11g Wireless USB Adapter(Digital Data Communication) -- C:\Windows\System32\drivers\ZD1211U.sys (ZyDAS Technology Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F0 19 29 50 F6 54 CB 01  [binary data]
IE - HKCU\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
O4 - HKLM..\Run: [snpstd] C:\Windows\vsnpstd.exe ()
O4 - HKLM..\Run: [SPIRunE] C:\Windows\System32\SpiRunE.dll (Creative Technology Ltd.)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Programme\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - Startup: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O13 - gopher Prefix: missing
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 360 Days ==========
 
[2010.09.16 22:15:40 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Administrator\Desktop\OTL.exe
[2010.09.16 22:10:17 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Desktop\bootkit_remover
[2010.09.16 17:39:38 | 000,064,288 | ---- | C] (Lavasoft AB) -- C:\Windows\System32\drivers\Lbd.sys
[2010.09.16 17:39:19 | 000,000,000 | -H-D | C] -- C:\ProgramData\{ECC164E0-3133-4C70-A831-F08DB2940F70}
[2010.09.16 17:39:10 | 000,000,000 | ---D | C] -- C:\Programme\Lavasoft
[2010.09.16 17:39:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2010.09.15 23:49:21 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\SUPERAntiSpyware.com
[2010.09.15 23:49:21 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2010.09.15 23:49:16 | 000,000,000 | ---D | C] -- C:\Programme\SUPERAntiSpyware
[2010.09.15 23:44:04 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner
[2010.09.15 23:32:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2010.09.15 23:32:17 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Adobe
[2010.09.15 23:32:17 | 000,000,000 | ---D | C] -- C:\Programme\Adobe
[2010.09.15 20:44:12 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\ElevatedDiagnostics
[2010.09.15 20:07:46 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.09.15 20:07:45 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.09.15 20:07:45 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.09.15 20:07:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.09.15 19:59:36 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Windows Live
[2010.09.15 19:57:59 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Silverlight
[2010.09.15 19:57:37 | 000,000,000 | ---D | C] -- C:\Windows\System32\MpEngineStore
[2010.09.15 19:54:21 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft.NET
[2010.09.15 19:53:00 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll
[2010.09.15 19:52:59 | 003,955,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2010.09.15 19:52:59 | 003,899,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2010.09.15 19:52:55 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010.09.15 19:52:55 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010.09.15 19:52:55 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010.09.15 19:52:55 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010.09.15 19:52:55 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010.09.15 19:52:55 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010.09.15 19:52:55 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010.09.15 19:52:55 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010.09.15 19:52:53 | 000,197,632 | ---- | C] (Intel(R) Corporation) -- C:\Windows\System32\ir32_32.dll
[2010.09.15 19:52:53 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll
[2010.09.15 19:52:09 | 002,326,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010.09.15 19:42:07 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2010.09.15 18:26:05 | 000,000,000 | ---D | C] -- C:\Programme\Alwil Software
[2010.09.15 18:26:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Alwil Software
[2010.09.15 18:11:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Creative
[2010.09.15 14:59:51 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\OpenOffice.org
[2010.09.15 14:40:59 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Mozilla
[2010.09.15 13:53:20 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\InstallShield
[2010.09.15 13:51:14 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Adobe
[2010.09.15 13:50:19 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Adobe
[2010.08.13 20:29:28 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Malwarebytes
[2010.08.13 20:29:20 | 000,000,000 | R--D | C] -- C:\Users\Administrator\Searches
[2010.08.13 20:29:12 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Identities
[2010.08.13 20:29:11 | 000,000,000 | R--D | C] -- C:\Users\Administrator\Contacts
[2010.08.13 20:29:07 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\Vorlagen
[2010.08.13 20:29:07 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\AppData\Local\Verlauf
[2010.08.13 20:29:07 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\AppData\Local\Temporary Internet Files
[2010.08.13 20:29:07 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\Startmenü
[2010.08.13 20:29:07 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\SendTo
[2010.08.13 20:29:07 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\Recent
[2010.08.13 20:29:07 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\Netzwerkumgebung
[2010.08.13 20:29:07 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\Lokale Einstellungen
[2010.08.13 20:29:07 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\Documents\Eigene Videos
[2010.08.13 20:29:07 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\Documents\Eigene Musik
[2010.08.13 20:29:07 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\Eigene Dateien
[2010.08.13 20:29:07 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\Documents\Eigene Bilder
[2010.08.13 20:29:07 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\Druckumgebung
[2010.08.13 20:29:07 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\Cookies
[2010.08.13 20:29:07 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\AppData\Local\Anwendungsdaten
[2010.08.13 20:29:07 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\Anwendungsdaten
[2010.08.13 20:29:06 | 000,000,000 | --SD | C] -- C:\Users\Administrator\AppData\Roaming\Microsoft
[2010.08.13 20:29:06 | 000,000,000 | R--D | C] -- C:\Users\Administrator\Videos
[2010.08.13 20:29:06 | 000,000,000 | R--D | C] -- C:\Users\Administrator\Saved Games
[2010.08.13 20:29:06 | 000,000,000 | R--D | C] -- C:\Users\Administrator\Pictures
[2010.08.13 20:29:06 | 000,000,000 | R--D | C] -- C:\Users\Administrator\Music
[2010.08.13 20:29:06 | 000,000,000 | R--D | C] -- C:\Users\Administrator\Links
[2010.08.13 20:29:06 | 000,000,000 | R--D | C] -- C:\Users\Administrator\Favorites
[2010.08.13 20:29:06 | 000,000,000 | R--D | C] -- C:\Users\Administrator\Downloads
[2010.08.13 20:29:06 | 000,000,000 | R--D | C] -- C:\Users\Administrator\Documents
[2010.08.13 20:29:06 | 000,000,000 | R--D | C] -- C:\Users\Administrator\Desktop
[2010.08.13 20:29:06 | 000,000,000 | -H-D | C] -- C:\Users\Administrator\AppData
[2010.08.13 20:29:06 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Temp
[2010.08.13 20:29:06 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\Microsoft
[2010.08.13 20:29:06 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Media Center Programs
[2010.08.13 20:29:06 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Macromedia
[2010.08.03 13:43:17 | 000,000,000 | ---D | C] -- C:\Windows\System32\Adobe
[2010.07.19 12:52:08 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_40.dll
[2010.07.19 12:52:08 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_40.dll
[2010.07.19 12:52:08 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_3.dll
[2010.07.19 12:52:08 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_40.dll
[2010.07.19 12:52:08 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_3.dll
[2010.07.19 12:52:08 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_2.dll
[2010.07.19 12:52:07 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_39.dll
[2010.07.19 12:52:07 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_2.dll
[2010.07.19 12:52:07 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_39.dll
[2010.07.19 12:52:07 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_2.dll
[2010.07.19 12:52:07 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_1.dll
[2010.07.19 12:52:07 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_5.dll
[2010.07.10 05:37:00 | 014,092,904 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll
[2010.07.10 05:37:00 | 011,008,040 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys
[2010.07.10 05:37:00 | 010,267,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll
[2010.07.10 05:37:00 | 009,818,728 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvd3dum.dll
[2010.07.10 05:37:00 | 004,553,832 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll
[2010.07.10 05:37:00 | 002,892,904 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll
[2010.07.10 05:37:00 | 002,506,344 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll
[2010.07.10 05:37:00 | 000,314,984 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdecodemft.dll
[2010.07.10 05:37:00 | 000,236,136 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcod1922.dll
[2010.07.10 05:37:00 | 000,236,136 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcod.dll
[2010.07.10 05:37:00 | 000,056,936 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll
[2010.07.10 05:37:00 | 000,010,920 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvBridge.kmd
[2010.07.09 16:37:10 | 013,939,816 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcpl.dll
[2010.07.09 16:37:10 | 001,469,544 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvsvc.dll
[2010.07.09 16:37:10 | 000,110,696 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvmctray.dll
[2010.06.25 07:19:15 | 000,000,000 | ---D | C] -- C:\4599042274ea9e3b71810ee285af
[2010.06.23 17:05:52 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2010.06.23 17:05:52 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2010.06.23 17:05:52 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2010.06.23 15:34:12 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CPFilters.dll
[2010.06.23 15:34:11 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdri.dll
[2010.06.23 15:34:11 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2010.06.23 15:34:11 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2010.06.10 07:17:06 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll
[2010.06.10 07:15:58 | 000,293,888 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2010.06.10 07:15:58 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2010.05.26 09:12:39 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010.04.29 11:47:50 | 000,499,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcp71.dll
[2010.04.28 15:11:57 | 001,037,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll
[2010.04.28 15:11:57 | 000,133,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ksecpkg.sys
[2010.04.19 20:47:44 | 003,062,048 | ---- | C] (Apple, Inc.) -- C:\Windows\System32\usbaaplrc.dll
[2010.04.14 15:13:53 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2010.04.04 10:37:01 | 000,035,456 | ---- | C] (Saitek) -- C:\Windows\System32\drivers\SaiBus.sys
[2010.04.04 10:37:01 | 000,014,080 | ---- | C] (Saitek) -- C:\Windows\System32\drivers\SaiMini.sys
[2010.04.01 11:05:35 | 000,000,000 | ---D | C] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010.03.29 14:51:07 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
[2010.03.23 20:43:05 | 000,000,000 | ---D | C] -- C:\Windows\System32\appmgmt
[2010.03.18 13:16:28 | 000,771,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcr100_clr0400.dll
[2010.03.07 13:10:14 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2010.03.04 11:26:04 | 000,086,016 | ---- | C] (Beepa P/L) -- C:\Windows\System32\frapsvid.dll
[2010.02.24 16:25:45 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2010.02.24 16:25:37 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2010.02.21 18:26:52 | 000,000,000 | ---D | C] -- C:\Programme\OpenOffice.org 3
[2010.02.10 20:36:13 | 000,000,000 | ---D | C] -- C:\ProgramData\TVU Networks
[2010.02.10 20:35:23 | 000,000,000 | ---D | C] -- C:\Windows\System32\TVUAx
[2010.02.10 16:26:34 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2010.02.10 16:26:34 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll
[2010.02.10 16:26:34 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2010.02.10 16:26:12 | 000,369,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2010.02.10 16:26:12 | 000,365,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2010.02.10 16:26:12 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2010.02.10 16:26:12 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2010.02.10 16:26:12 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2010.02.10 16:26:12 | 000,277,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2010.02.10 16:26:12 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2010.02.10 16:26:12 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2010.02.09 20:59:15 | 000,000,000 | ---D | C] -- C:\Programme\NVIDIA Corporation
[2010.01.29 20:38:42 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll
[2010.01.29 19:52:52 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2010.01.29 19:52:06 | 000,000,000 | ---D | C] -- C:\Windows\System32\AGEIA
[2010.01.29 19:51:53 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Wise Installation Wizard
[2010.01.29 19:50:30 | 000,604,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\NVUNINST.EXE
[2010.01.29 19:50:23 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2010.01.29 19:26:10 | 000,000,000 | ---D | C] -- C:\Programme\Realtek
[2010.01.29 14:47:09 | 000,000,000 | ---D | C] -- C:\Programme\WinRAR
[2010.01.29 13:48:11 | 000,000,000 | ---D | C] -- C:\Programme\SystemRequirementsLab
[2010.01.27 16:44:10 | 002,614,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2010.01.16 20:20:08 | 000,000,000 | ---D | C] -- C:\Programme\MSXML 4.0
[2010.01.16 20:04:38 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\InstallShield
[2010.01.13 20:22:56 | 000,000,000 | ---D | C] -- C:\CFLog
[2010.01.13 17:02:13 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2010.01.13 17:02:13 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2010.01.12 19:10:14 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations
[2010.01.12 13:03:34 | 005,107,816 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvwgf2um.dll
[2010.01.12 13:03:34 | 004,338,792 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvencodemft.dll
[2010.01.12 13:03:34 | 001,625,192 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvapi.dll
[2010.01.12 13:03:34 | 000,182,888 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcod189.dll
[2010.01.11 22:18:00 | 001,515,112 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvsvcr.dll
[2010.01.11 22:18:00 | 000,066,664 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvshext.dll
[2010.01.08 19:12:29 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deploytk.dll
[2010.01.07 21:31:22 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\System32\GEARAspi.dll
[2010.01.07 21:31:22 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2010.01.07 21:31:03 | 000,000,000 | ---D | C] -- C:\ProgramData\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2010.01.06 14:59:38 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_38.dll
[2010.01.06 14:59:38 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_38.dll
[2010.01.06 14:59:38 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_1.dll
[2010.01.06 14:59:38 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_0.dll
[2010.01.06 14:59:38 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_38.dll
[2010.01.06 14:59:38 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_1.dll
[2010.01.06 14:59:38 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_0.dll
[2010.01.06 14:59:38 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_4.dll
[2010.01.06 14:59:37 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_37.dll
[2010.01.06 14:59:37 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_36.dll
[2010.01.06 14:59:37 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_37.dll
[2010.01.06 14:59:37 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_36.dll
[2010.01.06 14:59:37 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_37.dll
[2010.01.06 14:59:37 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_36.dll
[2010.01.06 14:59:37 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_10.dll
[2010.01.06 14:59:37 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_9.dll
[2010.01.06 14:59:37 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_0.dll
[2010.01.06 14:59:37 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_3.dll
[2010.01.06 14:59:36 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_35.dll
[2010.01.06 14:59:36 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_34.dll
[2010.01.06 14:59:36 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_35.dll
[2010.01.06 14:59:36 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_34.dll
[2010.01.06 14:59:36 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_35.dll
[2010.01.06 14:59:36 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_34.dll
[2010.01.06 14:59:36 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_8.dll
[2010.01.06 14:59:36 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_7.dll
[2010.01.06 14:59:36 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_3.dll
[2010.01.06 14:59:36 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_2.dll
[2010.01.06 14:59:35 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_33.dll
[2010.01.06 14:59:35 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll
[2010.01.06 14:59:35 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll
[2010.01.06 14:59:35 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_33.dll
[2010.01.06 14:59:35 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_33.dll
[2010.01.06 14:59:35 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10.dll
[2010.01.06 14:59:35 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_6.dll
[2010.01.06 14:59:35 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_5.dll
[2010.01.06 14:59:35 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_4.dll
[2010.01.06 14:59:35 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_3.dll
[2010.01.06 14:59:35 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_1.dll
[2010.01.06 14:59:34 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll
[2010.01.06 14:59:34 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_1.dll
[2010.01.06 14:59:34 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_2.dll
[2010.01.06 14:59:34 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_1.dll
[2010.01.06 14:59:32 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_30.dll
[2010.01.06 14:59:31 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_25.dll
[2010.01.06 14:59:31 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_29.dll
[2010.01.06 14:59:31 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_28.dll
[2010.01.06 14:59:31 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll
[2010.01.06 14:59:31 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_26.dll
[2010.01.06 14:59:31 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_24.dll
[2010.01.06 14:59:31 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_0.dll
[2010.01.06 14:59:31 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_0.dll
[2010.01.05 21:35:17 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010.01.05 11:30:54 | 000,221,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010.01.03 14:24:51 | 001,081,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCOMCTL.OCX
[2010.01.03 14:24:51 | 000,152,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\COMDLG32.OCX
[2010.01.03 12:47:59 | 001,320,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll
[2010.01.03 12:47:59 | 000,507,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2010.01.03 12:47:59 | 000,442,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
[2010.01.03 12:47:58 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2010.01.02 21:03:28 | 000,034,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lhacm.acm
[2010.01.02 18:39:50 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2010.01.02 18:39:03 | 000,000,000 | -H-D | C] -- C:\Programme\InstallShield Installation Information
[2010.01.02 18:39:01 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2010.01.02 18:15:15 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2010.01.02 18:11:35 | 000,056,816 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2010.01.02 18:10:24 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2010.01.02 17:34:03 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2010.01.02 17:34:03 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2010.01.02 17:34:03 | 000,000,000 | -HSD | C] -- C:\Recovery
[2010.01.02 17:34:03 | 000,000,000 | -HSD | C] -- C:\Programme
[2010.01.02 17:34:03 | 000,000,000 | -HSD | C] -- C:\Programme\Gemeinsame Dateien
[2010.01.02 17:34:03 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2010.01.02 17:34:03 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2010.01.02 17:34:03 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2010.01.02 17:34:03 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2010.01.02 17:34:03 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2010.01.02 17:34:03 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2010.01.02 17:34:03 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2010.01.02 17:24:13 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2010.01.02 17:21:46 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2010.01.02 17:21:24 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2010.01.02 17:20:30 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2005.04.21 00:16:28 | 000,036,864 | ---- | C] ( ) -- C:\Windows\System32\vsnpstd.dll
[2004.02.16 20:59:50 | 000,061,440 | ---- | C] ( ) -- C:\Windows\System32\csnpstd.dll
 
========== Files - Modified Within 360 Days ==========
 
[2010.09.16 22:17:30 | 000,781,824 | ---- | M] () -- C:\Windows\System32\drivers\bkeqia.sys
[2010.09.16 22:13:45 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.09.16 22:13:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.09.16 22:13:31 | 2213,994,496 | -HS- | M] () -- C:\hiberfil.sys
[2010.09.16 22:12:13 | 001,048,576 | -HS- | M] () -- C:\Users\Administrator\NTUSER.DAT
[2010.09.16 22:11:14 | 001,527,504 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.09.16 22:11:14 | 000,664,396 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.09.16 22:11:14 | 000,624,578 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.09.16 22:11:14 | 000,134,564 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.09.16 22:11:14 | 000,110,216 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.09.16 21:54:21 | 000,001,114 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3564356177-1057262427-4110569737-1000UA.job
[2010.09.16 21:05:40 | 000,014,608 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.09.16 21:05:40 | 000,014,608 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.09.16 20:57:38 | 001,058,568 | -H-- | M] () -- C:\Users\Administrator\AppData\Local\IconCache.db
[2010.09.16 20:39:04 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Administrator\Desktop\OTL.exe
[2010.09.16 17:39:17 | 000,001,114 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware.lnk
[2010.09.15 23:49:17 | 000,001,967 | ---- | M] () -- C:\Users\Administrator\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010.09.15 23:44:05 | 000,000,971 | ---- | M] () -- C:\Users\Administrator\Desktop\CCleaner.lnk
[2010.09.15 23:32:31 | 000,001,990 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010.09.15 23:22:06 | 000,293,376 | ---- | M] () -- C:\hu1uzrhz.exe
[2010.09.15 20:39:11 | 000,291,144 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.09.15 19:57:37 | 000,000,184 | ---- | M] () -- C:\Windows\System32\MRT.INI
[2010.09.15 19:49:41 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2010.09.15 19:34:00 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3564356177-1057262427-4110569737-1000Core.job
[2010.09.15 16:24:47 | 000,064,400 | ---- | M] () -- C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.09.15 15:00:24 | 000,001,199 | ---- | M] () -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
[2010.09.15 14:41:06 | 000,000,000 | ---- | M] () -- C:\Windows\nsreg.dat
[2010.08.13 20:56:24 | 000,524,288 | -HS- | M] () -- C:\Users\Administrator\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
[2010.08.13 20:56:24 | 000,524,288 | -HS- | M] () -- C:\Users\Administrator\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
[2010.08.13 20:56:24 | 000,065,536 | -HS- | M] () -- C:\Users\Administrator\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[2010.08.13 20:29:07 | 000,000,020 | -HS- | M] () -- C:\Users\Administrator\ntuser.ini
[2010.08.12 14:15:20 | 000,064,288 | ---- | M] (Lavasoft AB) -- C:\Windows\System32\drivers\Lbd.sys
[2010.07.30 11:47:23 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010.07.30 11:47:23 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010.07.29 08:30:49 | 000,197,632 | ---- | M] (Intel(R) Corporation) -- C:\Windows\System32\ir32_32.dll
[2010.07.29 08:30:34 | 000,082,944 | ---- | M] (Radius Inc.) -- C:\Windows\System32\iccvid.dll
[2010.07.10 05:37:00 | 014,092,904 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll
[2010.07.10 05:37:00 | 011,008,040 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys
[2010.07.10 05:37:00 | 010,267,240 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll
[2010.07.10 05:37:00 | 009,818,728 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvd3dum.dll
[2010.07.10 05:37:00 | 005,107,816 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvwgf2um.dll
[2010.07.10 05:37:00 | 004,553,832 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll
[2010.07.10 05:37:00 | 002,892,904 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll
[2010.07.10 05:37:00 | 002,506,344 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll
[2010.07.10 05:37:00 | 001,625,192 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvapi.dll
[2010.07.10 05:37:00 | 000,604,776 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\NVUNINST.EXE
[2010.07.10 05:37:00 | 000,314,984 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvdecodemft.dll
[2010.07.10 05:37:00 | 000,236,136 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcod1922.dll
[2010.07.10 05:37:00 | 000,236,136 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcod.dll
[2010.07.10 05:37:00 | 000,056,936 | ---- | M] (Khronos Group) -- C:\Windows\System32\OpenCL.dll
[2010.07.10 05:37:00 | 000,010,920 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvBridge.kmd
[2010.07.10 05:37:00 | 000,009,596 | ---- | M] () -- C:\Windows\System32\nvinfo.pb
[2010.07.09 16:37:10 | 013,939,816 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcpl.dll
[2010.07.09 16:37:10 | 001,469,544 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvsvc.dll
[2010.07.09 16:37:10 | 000,110,696 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvmctray.dll
[2010.06.30 08:22:45 | 000,606,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010.06.30 08:22:33 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010.06.30 08:21:57 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010.06.30 08:21:47 | 000,185,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010.06.30 08:21:47 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010.06.30 08:21:44 | 000,381,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010.06.30 08:19:16 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010.06.30 06:21:49 | 001,638,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010.06.19 08:33:29 | 003,955,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2010.06.19 08:33:29 | 003,899,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2010.06.19 08:23:50 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll
[2010.06.19 06:07:18 | 002,326,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010.05.27 09:24:13 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2010.05.27 05:49:37 | 000,293,888 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2010.05.21 17:09:24 | 000,152,088 | ---- | M] () -- C:\img1-001.raw
[2010.05.21 14:14:28 | 000,221,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010.05.09 11:14:55 | 000,641,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\CPFilters.dll
[2010.05.09 11:14:50 | 000,417,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msdri.dll
[2010.05.09 11:13:30 | 000,204,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2010.05.09 11:13:30 | 000,199,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2010.04.29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.04.29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.04.29 11:47:50 | 000,499,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcp71.dll
[2010.04.23 09:13:36 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010.04.19 20:47:44 | 003,062,048 | ---- | M] (Apple, Inc.) -- C:\Windows\System32\usbaaplrc.dll
[2010.04.04 10:27:43 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_SaiK0728_01005.Wdf
[2010.03.21 15:07:47 | 000,190,160 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr
[2010.03.18 13:16:28 | 000,771,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcr100_clr0400.dll
[2010.03.10 16:43:57 | 000,669,184 | ---- | M] () -- C:\Windows\System32\pbsvc.exe
[2010.03.08 23:33:56 | 000,427,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2010.03.05 09:42:42 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll
[2010.03.04 11:26:04 | 000,086,016 | ---- | M] (Beepa P/L) -- C:\Windows\System32\frapsvid.dll
[2010.02.21 18:27:22 | 000,001,102 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice.org 3.2.lnk
[2010.02.21 18:26:18 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deploytk.dll
[2010.02.12 13:20:08 | 000,255,072 | ---- | M] () -- C:\ituneslib.itl
[2010.02.11 09:10:14 | 000,293,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
[2010.02.09 21:08:48 | 000,000,087 | RH-- | M] () -- C:\Windows\ctfile.rfc
[2010.01.19 01:29:31 | 000,365,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2010.01.19 01:29:31 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2010.01.19 01:29:31 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2010.01.19 01:29:30 | 000,369,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2010.01.19 01:28:33 | 000,324,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2010.01.19 01:28:33 | 000,277,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2010.01.19 01:28:30 | 000,320,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2010.01.19 01:28:30 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2010.01.12 13:03:34 | 004,338,792 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvencodemft.dll
[2010.01.12 13:03:34 | 000,182,888 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcod189.dll
[2010.01.11 22:18:44 | 000,271,481 | ---- | M] () -- C:\Windows\System32\NvApps.xml
[2010.01.11 22:18:44 | 000,065,332 | ---- | M] () -- C:\Windows\System32\NvwsApps.xml
[2010.01.11 22:18:00 | 001,515,112 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvsvcr.dll
[2010.01.11 22:18:00 | 000,066,664 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvshext.dll
[2010.01.07 21:34:12 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2010.01.02 21:03:28 | 000,034,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lhacm.acm
[2010.01.02 18:41:32 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat
[2010.01.02 18:02:45 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010.01.02 17:25:09 | 000,057,050 | ---- | M] () -- C:\Windows\System32\license.rtf
[2009.12.19 11:02:48 | 001,328,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2009.12.19 11:02:40 | 000,084,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2009.12.19 11:02:01 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll
[2009.12.13 11:30:50 | 000,465,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2009.12.11 09:44:02 | 000,133,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ksecpkg.sys
[2009.12.11 09:38:58 | 001,037,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll
[2009.12.02 10:17:14 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2009.11.25 12:47:34 | 000,295,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2009.11.25 12:47:34 | 000,099,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2009.11.25 12:47:34 | 000,049,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2009.11.25 12:19:02 | 000,056,816 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2009.10.19 16:10:20 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2009.10.19 16:10:06 | 000,070,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
 
========== Files Created - No Company Name ==========
 
[2010.09.16 20:25:34 | 000,293,376 | ---- | C] () -- C:\hu1uzrhz.exe
[2010.09.16 17:39:17 | 000,001,114 | ---- | C] () -- C:\Users\Public\Desktop\Ad-Aware.lnk
[2010.09.15 23:49:17 | 000,001,967 | ---- | C] () -- C:\Users\Administrator\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010.09.15 23:44:05 | 000,000,971 | ---- | C] () -- C:\Users\Administrator\Desktop\CCleaner.lnk
[2010.09.15 23:32:31 | 000,001,990 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010.09.15 19:57:37 | 000,000,184 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2010.09.15 15:00:24 | 000,001,199 | ---- | C] () -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
[2010.09.15 14:41:06 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010.08.13 20:29:07 | 000,524,288 | -HS- | C] () -- C:\Users\Administrator\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
[2010.08.13 20:29:07 | 000,524,288 | -HS- | C] () -- C:\Users\Administrator\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
[2010.08.13 20:29:07 | 000,262,144 | -HS- | C] () -- C:\Users\Administrator\ntuser.dat.LOG1
[2010.08.13 20:29:07 | 000,065,536 | -HS- | C] () -- C:\Users\Administrator\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[2010.08.13 20:29:07 | 000,000,020 | -HS- | C] () -- C:\Users\Administrator\ntuser.ini
[2010.08.13 20:29:07 | 000,000,000 | -HS- | C] () -- C:\Users\Administrator\ntuser.dat.LOG2
[2010.08.13 20:29:06 | 001,048,576 | -HS- | C] () -- C:\Users\Administrator\NTUSER.DAT
[2010.08.04 16:54:07 | 000,781,824 | ---- | C] () -- C:\Windows\System32\drivers\bkeqia.sys
[2010.07.30 11:47:23 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2010.07.30 11:47:23 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2010.05.21 17:09:24 | 000,152,088 | ---- | C] () -- C:\img1-001.raw
[2010.04.04 10:27:43 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_SaiK0728_01005.Wdf
[2010.02.26 22:41:43 | 000,001,114 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3564356177-1057262427-4110569737-1000UA.job
[2010.02.26 22:41:42 | 000,001,062 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3564356177-1057262427-4110569737-1000Core.job
[2010.02.21 18:27:22 | 000,001,102 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice.org 3.2.lnk
[2010.02.12 13:14:44 | 000,255,072 | ---- | C] () -- C:\ituneslib.itl
[2010.02.09 21:13:24 | 000,007,062 | ---- | C] () -- C:\Windows\System32\audiopid.vxd
[2010.02.09 21:08:48 | 000,148,480 | ---- | C] () -- C:\Windows\System32\APOMngr.DLL
[2010.02.09 21:08:48 | 000,073,728 | ---- | C] () -- C:\Windows\System32\CmdRtr.DLL
[2010.02.09 21:08:48 | 000,000,087 | RH-- | C] () -- C:\Windows\ctfile.rfc
[2010.01.29 19:51:10 | 000,704,512 | ---- | C] () -- C:\Windows\System32\cohelper.dll
[2010.01.29 19:51:10 | 000,005,940 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2010.01.12 13:03:34 | 000,009,596 | ---- | C] () -- C:\Windows\System32\nvinfo.pb
[2010.01.11 22:18:44 | 000,271,481 | ---- | C] () -- C:\Windows\System32\NvApps.xml
[2010.01.11 22:18:44 | 000,065,332 | ---- | C] () -- C:\Windows\System32\NvwsApps.xml
[2010.01.07 21:34:12 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2010.01.06 14:58:27 | 000,669,184 | ---- | C] () -- C:\Windows\System32\pbsvc.exe
[2010.01.02 22:27:20 | 000,190,160 | ---- | C] () -- C:\Windows\System32\PnkBstrB.xtr
[2010.01.02 18:41:32 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.01.02 18:02:45 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010.01.02 17:21:24 | 2213,994,496 | -HS- | C] () -- C:\hiberfil.sys
[2009.08.26 06:29:28 | 000,150,016 | ---- | C] () -- C:\Windows\System32\OemSpiE.dll
[2009.07.15 09:22:48 | 000,032,914 | ---- | C] () -- C:\Windows\System32\t3.ini
[2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009.01.14 03:47:24 | 000,001,436 | ---- | C] () -- C:\Windows\CfgHPSp.ini
[2009.01.14 03:47:24 | 000,001,434 | ---- | C] () -- C:\Windows\Cfg05Sp.ini
[2009.01.14 03:47:24 | 000,001,434 | ---- | C] () -- C:\Windows\Cfg04Sp.ini
[2009.01.14 03:47:24 | 000,001,091 | ---- | C] () -- C:\Windows\Cfg03Sp.ini
[2009.01.14 03:47:24 | 000,001,091 | ---- | C] () -- C:\Windows\Cfg02Sp.ini
[2009.01.14 03:47:24 | 000,001,000 | ---- | C] () -- C:\Windows\Cfg01Sp.ini
[2009.01.14 03:47:24 | 000,000,932 | ---- | C] () -- C:\Windows\CfgHPHp.ini
[2009.01.14 03:47:24 | 000,000,932 | ---- | C] () -- C:\Windows\CfgHPDO.ini
[2009.01.14 03:47:24 | 000,000,932 | ---- | C] () -- C:\Windows\Cfg05DO.ini
[2009.01.14 03:47:24 | 000,000,932 | ---- | C] () -- C:\Windows\Cfg04DO.ini
[2009.01.14 03:47:24 | 000,000,930 | ---- | C] () -- C:\Windows\Cfg05Hp.ini
[2009.01.14 03:47:24 | 000,000,930 | ---- | C] () -- C:\Windows\Cfg04Hp.ini
[2009.01.14 03:47:24 | 000,000,818 | ---- | C] () -- C:\Windows\Cfg01APR.ini
[2009.01.14 03:47:24 | 000,000,725 | ---- | C] () -- C:\Windows\Cfg03Hp.ini
[2009.01.14 03:47:24 | 000,000,725 | ---- | C] () -- C:\Windows\Cfg03DO.ini
[2009.01.14 03:47:24 | 000,000,725 | ---- | C] () -- C:\Windows\Cfg02Hp.ini
[2009.01.14 03:47:24 | 000,000,725 | ---- | C] () -- C:\Windows\Cfg02DO.ini
[2009.01.14 03:47:24 | 000,000,725 | ---- | C] () -- C:\Windows\Cfg01Hp.ini
[2009.01.14 03:47:24 | 000,000,725 | ---- | C] () -- C:\Windows\Cfg01DO.ini
[2009.01.14 03:47:24 | 000,000,453 | ---- | C] () -- C:\Windows\CfgHPRMi.ini
[2009.01.14 03:47:24 | 000,000,453 | ---- | C] () -- C:\Windows\CfgHPRLI.ini
[2009.01.14 03:47:24 | 000,000,453 | ---- | C] () -- C:\Windows\CfgHPFMi.ini
[2009.01.14 03:47:24 | 000,000,453 | ---- | C] () -- C:\Windows\CfgHPDI.ini
[2009.01.14 03:47:24 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg05RMi.ini
[2009.01.14 03:47:24 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg05RLI.ini
[2009.01.14 03:47:24 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg05FMi.ini
[2009.01.14 03:47:24 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg05DI.ini
[2009.01.14 03:47:24 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg04RMi.ini
[2009.01.14 03:47:24 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg04RLI.ini
[2009.01.14 03:47:24 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg04FMi.ini
[2009.01.14 03:47:24 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg04DI.ini
[2009.01.14 03:47:24 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg03RMi.ini
[2009.01.14 03:47:24 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg03RLI.ini
[2009.01.14 03:47:24 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg03FMi.ini
[2009.01.14 03:47:24 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg03DI.ini
[2009.01.14 03:47:24 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg02RMi.ini
[2009.01.14 03:47:24 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg02RLI.ini
[2009.01.14 03:47:24 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg02FMi.ini
[2009.01.14 03:47:24 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg02DI.ini
[2009.01.14 03:47:24 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg01Mic.ini
[2009.01.14 03:47:24 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg01LI.ini
[2009.01.14 03:47:24 | 000,000,453 | ---- | C] () -- C:\Windows\Cfg01DI.ini
[2008.10.07 10:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2008.10.07 10:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2006.05.03 22:40:42 | 000,390,784 | ---- | C] () -- C:\Windows\System32\drivers\snpstd.sys
[2003.01.18 00:34:40 | 000,015,541 | ---- | C] () -- C:\Windows\snpstd.ini
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:05EE1EEF
< End of report >
--- --- ---
__________________
Alt 16.09.2010, 21:35   #3
transall
 
TrojanDownloader:Win32/Bubnix.A - Standard

TrojanDownloader:Win32/Bubnix.A


Malwarebytes' Anti-Malware 1.46
Malwarebytes

Datenbank Version: 4623

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

16.09.2010 20:55:37
mbam-log-2010-09-16 (20-55-37).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Durchsuchte Objekte: 202287
Laufzeit: 17 Minute(n), 49 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 1

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
C:\Windows\System32\drivers\bkeqia.sys (Rootkit.Agent) -> No action taken.
__________________
Alt 16.09.2010, 21:36   #4
transall
 
TrojanDownloader:Win32/Bubnix.A - Standard

TrojanDownloader:Win32/Bubnix.A


SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com

Generated 09/16/2010 at 00:20 AM

Application Version : 4.43.1000

Core Rules Database Version : 5514
Trace Rules Database Version: 3326

Scan type : Complete Scan
Total Scan Time : 00:10:22

Memory items scanned : 657
Memory threats detected : 0
Registry items scanned : 9254
Registry threats detected : 0
File items scanned : 17753
File threats detected : 1

Rootkit.Agent/Gen-TDSS
C:\WINDOWS\SYSTEM32\DRIVERS\BKEQIA.SYS

Alt 16.09.2010, 21:59   #5
transall
 
TrojanDownloader:Win32/Bubnix.A - Standard

TrojanDownloader:Win32/Bubnix.A


Hallo,

dank OSAM habe ich das Problem in den Griff bekommen.
Ich danke für diese tolle Seite.
Macht weiter so.

LG


Antwort

Themen zu TrojanDownloader:Win32/Bubnix.A
appdata, bytes, c:\windows, c:\windows\system32\rundll32.exe, code, controlset002, downloader, driver, fehler, fenster, funktioniert, hardware, i-net, kernel, lan-kabel, local\temp, locker, minute, neu, rechner, rundll, rundll32.exe, scan, starten, system, system32, temp, trojaner, verbindet, win


« Win32.Backdoor.Papras/A | Gmer-Ergebnis,was nun? »


Ähnliche Themen: TrojanDownloader:Win32/Bubnix.A


  1. Trojan:Win32/Matsnu - TrojanDownloader:Win32/Kuluoz.B
    Plagegeister aller Art und deren Bekämpfung - 22.03.2013 (12)
  2. TrojanDownloader:Win32/Adload.DA !?
    Plagegeister aller Art und deren Bekämpfung - 11.12.2012 (41)
  3. Trojan:Win32/Fakesysdef, Win32/FakeRean und TrojanDownloader:Win32/Karagany.G
    Log-Analyse und Auswertung - 05.01.2012 (2)
  4. Trojan:Win32/Fakesysdef und TrojanDownloader:Win32/Karagany.G
    Plagegeister aller Art und deren Bekämpfung - 25.11.2011 (1)
  5. TrojanDownloader Win32/Unruy.H
    Plagegeister aller Art und deren Bekämpfung - 23.01.2011 (10)
  6. Mehrere Trojaner wie Bubnix.ZM, Bubnix.abd.1, Bredolab.AA.312 :-(
    Plagegeister aller Art und deren Bekämpfung - 12.10.2010 (0)
  7. Rootkit (Win32:Bubnix-J[Rtk]) wie sicher löschen?
    Plagegeister aller Art und deren Bekämpfung - 12.09.2010 (15)
  8. Trojan:Win32/Orsam!rtf und Trojandownloader:Win32/Bredolab.AA
    Plagegeister aller Art und deren Bekämpfung - 06.07.2010 (38)
  9. TrojanDownloader:Win32/Bubnix.A & Co. Problem :(
    Plagegeister aller Art und deren Bekämpfung - 24.05.2010 (12)
  10. trojandownloader:win32/renos.gen!af
    Plagegeister aller Art und deren Bekämpfung - 19.10.2008 (10)
  11. trojandownloader:win32/renos.gen!af
    Mülltonne - 19.10.2008 (0)
  12. Win32/TrojanDownloader.Ani.Gen Trojaner ?
    Plagegeister aller Art und deren Bekämpfung - 04.09.2007 (4)
  13. Win32.TrojanDownloader.Alphabet
    Plagegeister aller Art und deren Bekämpfung - 24.05.2007 (3)
  14. TrojanDownloader.Win32.Agent.ic
    Plagegeister aller Art und deren Bekämpfung - 31.01.2005 (3)
  15. Win32.TrojanDownloader.Swizzor.br
    Plagegeister aller Art und deren Bekämpfung - 16.01.2005 (2)
  16. Win32.TrojanDownloader.Swizzor.br
    Log-Analyse und Auswertung - 28.12.2004 (8)
  17. TrojanDownloader.Win32. IstBar.s + TrojanDropper.Win32. Dialex
    Plagegeister aller Art und deren Bekämpfung - 28.01.2004 (9)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema TrojanDownloader:Win32/Bubnix.A - Hallo an Alle, ich bin am verzweifeln. Habe hier einen Rechner mit Win 7 Ultimade und einem Trojaner, der ihn sehr ärgert und mich zur Weißglut bringt. Also : Lasse - TrojanDownloader:Win32/Bubnix.A...
Archiv
Du betrachtest: TrojanDownloader:Win32/Bubnix.A auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55