Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
virus drauf, dachte entfernt, und dann doch wieder drauf, krieg den nicht runter

virus drauf, dachte entfernt, und dann doch wieder drauf, krieg den nicht runter


Log-Analyse und Auswertung: virus drauf, dachte entfernt, und dann doch wieder drauf, krieg den nicht runter

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 28.12.2010, 22:45   #1
varmevoll
 
virus drauf, dachte entfernt, und dann doch wieder drauf, krieg den nicht runter - Standard

virus drauf, dachte entfernt, und dann doch wieder drauf, krieg den nicht runter


o.k arne du wolltest das ich das jetzt hier alles rein copiere ....fuer mich sind das boemische doerfer und ich hoffe das ist nicht alles so schlimm wie es lang ist.

OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 28.12.2010 22:37:38 - Run 1
OTL by OldTimer - Version 3.2.18.0     Folder = C:\Users\Szlvia\Desktop
 Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000414 | Country: Norge | Language: NOR | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 53,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 144,04 Gb Total Space | 15,97 Gb Free Space | 11,09% Space Free | Partition Type: NTFS
Drive D: | 298,09 Gb Total Space | 63,53 Gb Free Space | 21,31% Space Free | Partition Type: NTFS
Drive E: | 140,50 Gb Total Space | 140,11 Gb Free Space | 99,72% Space Free | Partition Type: NTFS
Drive I: | 931,51 Gb Total Space | 805,87 Gb Free Space | 86,51% Space Free | Partition Type: NTFS
 
Computer Name: SZLVIA-PC | User Name: Szlvia | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Szlvia\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Mozilla Firefox\plugin-container.exe (Mozilla Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe (Sony Ericsson)
PRC - C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe (Nitro PDF Software)
PRC - C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\TMonitor.exe ()
PRC - C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\PROGRA~1\MICROS~3\OFFICE11\OUTLOOK.EXE (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
PRC - C:\Users\Szlvia\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe (Octoshape ApS)
PRC - C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Szlvia\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\sspicli.dll (Microsoft Corporation)
MOD - C:\Windows\System32\sechost.dll (Microsoft Corporation)
MOD - C:\Windows\System32\profapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\KernelBase.dll (Microsoft Corporation)
MOD - C:\Windows\System32\dwmapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\devobj.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cryptbase.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cfgmgr32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (oofvtwdy) -- C:\Windows\System32\alk3275.dll File not found
SRV - (Sony Ericsson PCCompanion) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe (Avanquest Software)
SRV - (NitroDriverReadSpool) -- C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe (Nitro PDF Software)
SRV - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (MsMpSvc) -- C:\Program Files\Microsoft Security Essentials\MsMpEng.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (WwanSvc) -- C:\Windows\System32\wwansvc.dll (Microsoft Corporation)
SRV - (WbioSrvc) -- C:\Windows\System32\wbiosrvc.dll (Microsoft Corporation)
SRV - (Power) -- C:\Windows\System32\umpo.dll (Microsoft Corporation)
SRV - (Themes) -- C:\Windows\System32\themeservice.dll (Microsoft Corporation)
SRV - (sppuinotify) -- C:\Windows\System32\sppuinotify.dll (Microsoft Corporation)
SRV - (RpcEptMapper) -- C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PNRPsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (p2pimsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (HomeGroupProvider) -- C:\Windows\System32\provsvc.dll (Microsoft Corporation)
SRV - (PNRPAutoReg) -- C:\Windows\System32\pnrpauto.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (HomeGroupListener) -- C:\Windows\System32\ListSvc.dll (Microsoft Corporation)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (Dhcp) -- C:\Windows\System32\dhcpcore.dll (Microsoft Corporation)
SRV - (defragsvc) -- C:\Windows\System32\defragsvc.dll (Microsoft Corporation)
SRV - (BDESVC) -- C:\Windows\System32\bdesvc.dll (Microsoft Corporation)
SRV - (AxInstSV) ActiveX-Installer (AxInstSV) -- C:\Windows\System32\AxInstSv.dll (Microsoft Corporation)
SRV - (AppIDSvc) -- C:\Windows\System32\appidsvc.dll (Microsoft Corporation)
SRV - (sppsvc) -- C:\Windows\System32\sppsvc.exe (Microsoft Corporation)
SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (cpuz132) -- C:\Users\Szlvia\AppData\Local\Temp\cpuz132\cpuz132_x32.sys File not found
DRV - (seehcri) -- C:\Windows\System32\drivers\seehcri.sys (Sony Ericsson Mobile Communications)
DRV - (ggsemc) -- C:\Windows\System32\drivers\ggsemc.sys (Sony Ericsson Mobile Communications)
DRV - (ggflt) -- C:\Windows\System32\drivers\ggflt.sys (Sony Ericsson Mobile Communications)
DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys ()
DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (MpNWMon) -- C:\Windows\System32\drivers\MpNWMon.sys (Microsoft Corporation)
DRV - (KSecPkg) -- C:\Windows\System32\Drivers\ksecpkg.sys (Microsoft Corporation)
DRV - (kl1) -- C:\Windows\System32\drivers\kl1.sys (Kaspersky Lab)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (cmdide) -- C:\Windows\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (adpahci) -- C:\Windows\system32\DRIVERS\adpahci.sys (Adaptec, Inc.)
DRV - (adp94xx) -- C:\Windows\system32\DRIVERS\adp94xx.sys (Adaptec, Inc.)
DRV - (amdsbs) -- C:\Windows\system32\DRIVERS\amdsbs.sys (AMD Technologies Inc.)
DRV - (adpu320) -- C:\Windows\system32\DRIVERS\adpu320.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\DRIVERS\arcsas.sys (Adaptec, Inc.)
DRV - (amdsata) -- C:\Windows\system32\DRIVERS\amdsata.sys (Advanced Micro Devices)
DRV - (arc) -- C:\Windows\system32\DRIVERS\arc.sys (Adaptec, Inc.)
DRV - (amdxata) -- C:\Windows\system32\DRIVERS\amdxata.sys (Advanced Micro Devices)
DRV - (aliide) -- C:\Windows\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (nvstor) -- C:\Windows\system32\DRIVERS\nvstor.sys (NVIDIA Corporation)
DRV - (nvraid) -- C:\Windows\system32\DRIVERS\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\DRIVERS\nfrd960.sys (IBM Corporation)
DRV - (LSI_SAS) -- C:\Windows\system32\DRIVERS\lsi_sas.sys (LSI Corporation)
DRV - (iaStorV) -- C:\Windows\system32\DRIVERS\iaStorV.sys (Intel Corporation)
DRV - (MegaSR) -- C:\Windows\system32\DRIVERS\MegaSR.sys (LSI Corporation, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\DRIVERS\lsi_scsi.sys (LSI Corporation)
DRV - (LSI_FC) -- C:\Windows\system32\DRIVERS\lsi_fc.sys (LSI Corporation)
DRV - (LSI_SAS2) -- C:\Windows\system32\DRIVERS\lsi_sas2.sys (LSI Corporation)
DRV - (iirsp) -- C:\Windows\system32\DRIVERS\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (megasas) -- C:\Windows\system32\DRIVERS\megasas.sys (LSI Corporation)
DRV - (hwpolicy) -- C:\Windows\System32\drivers\hwpolicy.sys (Microsoft Corporation)
DRV - (elxstor) -- C:\Windows\system32\DRIVERS\elxstor.sys (Emulex)
DRV - (aic78xx) -- C:\Windows\system32\DRIVERS\djsvs.sys (Adaptec, Inc.)
DRV - (HpSAMD) -- C:\Windows\system32\DRIVERS\HpSAMD.sys (Hewlett-Packard Company)
DRV - (FsDepends) -- C:\Windows\System32\drivers\fsdepends.sys (Microsoft Corporation)
DRV - (vsmraid) -- C:\Windows\system32\DRIVERS\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (vhdmp) -- C:\Windows\system32\DRIVERS\vhdmp.sys (Microsoft Corporation)
DRV - (vdrvroot) -- C:\Windows\system32\DRIVERS\vdrvroot.sys (Microsoft Corporation)
DRV - (WIMMount) -- C:\Windows\System32\drivers\wimmount.sys (Microsoft Corporation)
DRV - (viaide) -- C:\Windows\system32\DRIVERS\viaide.sys (VIA Technologies, Inc.)
DRV - (ql2300) -- C:\Windows\system32\DRIVERS\ql2300.sys (QLogic Corporation)
DRV - (rdyboost) -- C:\Windows\System32\drivers\rdyboost.sys (Microsoft Corporation)
DRV - (ql40xx) -- C:\Windows\system32\DRIVERS\ql40xx.sys (QLogic Corporation)
DRV - (SiSRaid4) -- C:\Windows\system32\DRIVERS\sisraid4.sys (Silicon Integrated Systems)
DRV - (pcw) -- C:\Windows\System32\drivers\pcw.sys (Microsoft Corporation)
DRV - (SiSRaid2) -- C:\Windows\system32\DRIVERS\SiSRaid2.sys (Silicon Integrated Systems Corp.)
DRV - (stexstor) -- C:\Windows\system32\DRIVERS\stexstor.sys (Promise Technology)
DRV - (CNG) -- C:\Windows\System32\Drivers\cng.sys (Microsoft Corporation)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\System32\Drivers\Brserid.sys (Brother Industries Ltd.)
DRV - (rdpbus) -- C:\Windows\system32\DRIVERS\rdpbus.sys (Microsoft Corporation)
DRV - (RDPREFMP) -- C:\Windows\System32\drivers\RDPREFMP.sys (Microsoft Corporation)
DRV - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\System32\drivers\agilevpn.sys (Microsoft Corporation)
DRV - (WfpLwf) -- C:\Windows\System32\drivers\wfplwf.sys (Microsoft Corporation)
DRV - (NdisCap) -- C:\Windows\System32\drivers\ndiscap.sys (Microsoft Corporation)
DRV - (vwifibus) -- C:\Windows\System32\drivers\vwifibus.sys (Microsoft Corporation)
DRV - (1394ohci) -- C:\Windows\system32\DRIVERS\1394ohci.sys (Microsoft Corporation)
DRV - (UmPass) -- C:\Windows\system32\DRIVERS\umpass.sys (Microsoft Corporation)
DRV - (usbaudio) USB-Audiotreiber (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (mshidkmdf) -- C:\Windows\System32\drivers\mshidkmdf.sys (Microsoft Corporation)
DRV - (MTConfig) -- C:\Windows\system32\DRIVERS\MTConfig.sys (Microsoft Corporation)
DRV - (CompositeBus) -- C:\Windows\System32\drivers\CompositeBus.sys (Microsoft Corporation)
DRV - (AppID) -- C:\Windows\system32\drivers\appid.sys (Microsoft Corporation)
DRV - (scfilter) -- C:\Windows\System32\drivers\scfilter.sys (Microsoft Corporation)
DRV - (discache) -- C:\Windows\System32\drivers\discache.sys (Microsoft Corporation)
DRV - (AcpiPmi) -- C:\Windows\system32\DRIVERS\acpipmi.sys (Microsoft Corporation)
DRV - (AmdPPM) -- C:\Windows\system32\DRIVERS\amdppm.sys (Microsoft Corporation)
DRV - (hcw85cir) -- C:\Windows\system32\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (BrUsbMdm) -- C:\Windows\System32\Drivers\BrUsbMdm.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\System32\Drivers\BrUsbSer.sys (Brother Industries Ltd.)
DRV - (BrSerWdm) -- C:\Windows\System32\Drivers\BrSerWdm.sys (Brother Industries Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\DRIVERS\BrFiltLo.sys (Brother Industries, Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\DRIVERS\BrFiltUp.sys (Brother Industries, Ltd.)
DRV - (SrvHsfV92) -- C:\Windows\System32\drivers\VSTDPV3.SYS (Conexant Systems, Inc.)
DRV - (SrvHsfWinac) -- C:\Windows\System32\drivers\VSTCNXT3.SYS (Conexant Systems, Inc.)
DRV - (SrvHsfHDA) -- C:\Windows\System32\drivers\VSTAZL3.SYS (Conexant Systems, Inc.)
DRV - (netw5v32) Intel(R) -- C:\Windows\System32\drivers\netw5v32.sys (Intel Corporation)
DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation)
DRV - (ebdrv) -- C:\Windows\system32\DRIVERS\evbdx.sys (Broadcom Corporation)
DRV - (b06bdrv) -- C:\Windows\system32\DRIVERS\bxvbdx.sys (Broadcom Corporation)
DRV - (L1E) NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20) -- C:\Windows\System32\drivers\L1E62x86.sys (Atheros Communications, Inc.)
DRV - (winbondcir) -- C:\Windows\System32\drivers\winbondcir.sys (Winbond Electronics Corporation)
DRV - (w550bus) Sony Ericsson W550 driver (WDM) -- C:\Windows\System32\drivers\w550bus.sys (MCCI)
DRV - (w800bus) Sony Ericsson W800 driver (WDM) -- C:\Windows\System32\drivers\w800bus.sys (MCCI)
DRV - (Aspi32) -- C:\Windows\System32\drivers\ASPI32.SYS (Adaptec)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.varmevoll.no/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://no.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = no
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..CommunityToolbar.SearchFromAddressBarSavedUrl: "data:text/plain,keyword.URL=hxxp://de.search.yahoo.com/search?ei=UTF-8&fr=ffbr&type=moz35awe&p="
FF - prefs.js..browser.search.defaultthis.engineName: "Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398"
FF - prefs.js..browser.search.selectedEngine: "Search"
FF - prefs.js..browser.startup.homepage: "www.varmevoll.no"
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4}:2.5.6.0
FF - prefs.js..extensions.enabledItems: {e001c731-5e37-4538-a5cb-8168736a2360}:0.9.9.52
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..keyword.URL: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2475029&q="
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.12.18 20:18:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.12.28 16:40:40 | 000,000,000 | ---D | M]
 
[2010.01.13 17:42:00 | 000,000,000 | ---D | M] -- C:\Users\Szlvia\AppData\Roaming\mozilla\Extensions
[2010.12.28 16:16:54 | 000,000,000 | ---D | M] -- C:\Users\Szlvia\AppData\Roaming\mozilla\Firefox\Profiles\u26frjt0.default\extensions
[2010.09.14 17:16:41 | 000,000,000 | ---D | M] (MyAshampoo Toolbar) -- C:\Users\Szlvia\AppData\Roaming\mozilla\Firefox\Profiles\u26frjt0.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}
[2010.07.13 17:20:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Szlvia\AppData\Roaming\mozilla\Firefox\Profiles\u26frjt0.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010.12.28 00:28:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Szlvia\AppData\Roaming\mozilla\Firefox\Profiles\u26frjt0.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
[2010.02.07 20:44:10 | 000,000,881 | ---- | M] () -- C:\Users\Szlvia\AppData\Roaming\Mozilla\FireFox\Profiles\u26frjt0.default\searchplugins\conduit.xml
[2010.12.28 16:16:54 | 000,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2010.12.28 15:49:00 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2010.12.28 15:48:53 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
 
O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2 - BHO: () - {AA83843F-843F-AA83-3F84-83AA3F8483AA} - C:\Windows\System32\alk3275.dll File not found
O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [EEventManager] C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [ExtraFilmManager] C:\Program Files\ExtraFilm Designer NO\ExtraFilmManager.exe File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKCU..\Run: [Octoshape Streaming Services] C:\Users\Szlvia\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe (Octoshape ApS)
O4 - HKCU..\Run: [Sony Ericsson PC Companion] C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe (Sony Ericsson)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Oppslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {B60CEFE7-2DD0-4B78-951A-509D951DB1F0} hxxp://www.extrafilm.no/ExtraFilmUploader6.cab (ExtraFilm Uploader Control)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.19.2.11 194.19.3.11
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.12.28 22:30:51 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Users\Szlvia\Desktop\OTL.exe
[2010.12.28 15:49:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010.12.28 15:48:59 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010.12.28 15:48:59 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010.12.28 15:48:59 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010.12.28 15:33:02 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010.12.28 10:19:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2010.12.28 09:04:51 | 000,000,000 | ---D | C] -- C:\Users\Szlvia\AppData\Roaming\Malwarebytes
[2010.12.28 09:04:46 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.12.28 09:04:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.12.28 09:04:43 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.12.28 09:04:43 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010.12.28 00:28:47 | 000,000,000 | ---D | C] -- C:\Users\Szlvia\AppData\Roaming\QuickScan
[2010.12.28 00:14:30 | 000,165,584 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2010.12.28 00:14:30 | 000,017,744 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2010.12.28 00:14:28 | 000,023,376 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2010.12.28 00:14:26 | 000,046,672 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2010.12.28 00:14:24 | 000,050,768 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2010.12.28 00:14:19 | 000,167,592 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2010.12.28 00:14:19 | 000,038,848 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2010.12.27 22:42:11 | 000,000,000 | ---D | C] -- C:\Users\Szlvia\Documents\Xilisoft
[2010.12.27 22:42:08 | 000,000,000 | ---D | C] -- C:\Users\Szlvia\AppData\Roaming\Xilisoft
[2010.12.27 20:17:52 | 000,000,000 | ---D | C] -- C:\Users\Szlvia\Documents\tausenmeileneis
[2010.12.27 19:10:01 | 000,000,000 | ---D | C] -- C:\Users\Szlvia\Calibre-bibliotek
[2010.12.27 19:09:59 | 000,000,000 | ---D | C] -- C:\Users\Szlvia\AppData\Roaming\calibre
[2010.12.27 18:51:17 | 000,000,000 | ---D | C] -- C:\Users\Szlvia\Documents\AnyBizSoft PDF to EPUB
[2010.12.27 17:20:13 | 000,000,000 | ---D | C] -- C:\Users\Szlvia\AppData\Roaming\Nitro PDF
[2010.12.27 17:14:04 | 000,026,432 | ---- | C] (Nitro PDF Software) -- C:\Windows\System32\nitrolocalmon.dll
[2010.12.27 17:14:04 | 000,017,728 | ---- | C] (Nitro PDF Software) -- C:\Windows\System32\nitrolocalui.dll
[2010.12.27 17:13:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Nitro PDF
[2010.12.27 17:13:48 | 000,000,000 | ---D | C] -- C:\Program Files\Nitro PDF
[2010.12.27 17:13:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nitro PDF
[2010.12.27 17:12:38 | 000,000,000 | ---D | C] -- C:\Users\Szlvia\AppData\Roaming\Downloaded Installations
[2010.12.26 13:44:04 | 000,000,000 | ---D | C] -- C:\Users\Szlvia\AppData\Local\ScriptPower OHG
[2010.12.24 18:21:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Sony Shared
[2010.12.24 18:20:14 | 000,000,000 | ---D | C] -- C:\Program Files\Sony Media Go Install
[2010.12.24 09:26:56 | 000,000,000 | ---D | C] -- C:\Users\Szlvia\AppData\Roaming\Ahead
[2010.12.18 18:47:02 | 000,000,000 | ---D | C] -- C:\Program Files\MSECache
[2010.12.18 17:22:53 | 000,000,000 | ---D | C] -- C:\Users\Szlvia\.jenny
[2010.12.16 15:45:49 | 000,000,000 | ---D | C] -- C:\ProgramData\tmp
[2010.12.16 15:45:49 | 000,000,000 | ---D | C] -- C:\ProgramData\hps
[2010.12.16 15:33:05 | 000,000,000 | ---D | C] -- C:\Program Files\Elkjøp fotoservice_4.6
[2010.12.15 11:26:25 | 000,137,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMAPI32.OCX
[2010.12.15 11:26:24 | 000,662,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCOMCT2.OCX
[2010.12.15 11:26:22 | 000,158,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCMCDE.DLL
[2010.12.15 11:26:22 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCC2DE.DLL
[2010.12.15 11:26:22 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPIDE.DLL
[2010.12.15 11:26:22 | 000,000,000 | ---D | C] -- C:\Program Files\PDFCreator
[2010.12.14 23:25:28 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010.12.14 23:25:24 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010.12.14 23:25:21 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010.12.14 23:25:21 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010.12.14 23:25:21 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010.12.14 23:25:21 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010.12.14 23:25:21 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010.12.14 23:25:21 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2010.12.14 23:25:20 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010.12.14 23:25:20 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2010.12.14 23:25:20 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010.12.14 23:25:20 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010.12.14 23:25:18 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll
[2010.12.14 23:25:18 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
[2010.12.14 23:25:18 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
[2010.12.14 23:25:18 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schtasks.exe
[2010.12.14 23:25:17 | 000,101,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2010.12.14 23:25:16 | 002,327,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010.12.14 23:25:15 | 000,294,400 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2010.12.14 23:25:15 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2010.12.14 23:25:14 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webio.dll
[2010.12.14 07:45:05 | 000,000,000 | ---D | C] -- C:\Users\Szlvia\AppData\Local\Sony
[2010.12.14 07:44:17 | 000,000,000 | ---D | C] -- C:\Users\Szlvia\Podcasts
[2010.12.14 07:44:17 | 000,000,000 | ---D | C] -- C:\Users\Szlvia\Documents\Media Go
[2010.12.14 07:43:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony Corporation
[2010.12.14 07:43:37 | 000,000,000 | ---D | C] -- C:\Program Files\Sony
[2010.12.14 07:32:26 | 000,000,000 | ---D | C] -- C:\Users\Szlvia\AppData\Roaming\Sony
[2010.12.14 07:09:46 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010.12.12 09:20:21 | 000,027,632 | ---- | C] (Sony Ericsson Mobile Communications) -- C:\Windows\System32\drivers\seehcri.sys
[2010.12.12 09:19:51 | 001,112,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WdfCoInstaller01007.dll
[2010.12.12 09:19:51 | 000,025,512 | ---- | C] (Sony Ericsson Mobile Communications) -- C:\Windows\System32\drivers\ggsemc.sys
[2010.12.12 09:19:51 | 000,013,224 | ---- | C] (Sony Ericsson Mobile Communications) -- C:\Windows\System32\drivers\ggflt.sys
[2010.12.11 08:45:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2010.12.10 17:33:26 | 000,000,000 | ---D | C] -- C:\Users\Szlvia\Documents\posterXXL.de Bestellsoftware Projekte
[2010.12.10 17:33:26 | 000,000,000 | ---D | C] -- C:\Users\Szlvia\AppData\Roaming\posterXXL.de Bestellsoftware
[2010.12.09 20:49:34 | 000,000,000 | ---D | C] -- C:\Users\Szlvia\AppData\Roaming\ExtraFilm
[2010.12.09 20:49:22 | 000,000,000 | ---D | C] -- C:\ProgramData\ExtraFilm
[2010.11.29 17:38:30 | 000,094,208 | ---- | C] (Apple Inc.) -- C:\Windows\System32\QuickTimeVR.qtx
[2010.11.29 17:38:30 | 000,069,632 | ---- | C] (Apple Inc.) -- C:\Windows\System32\QuickTime.qts
[2 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2010.12.28 22:30:52 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Szlvia\Desktop\OTL.exe
[2010.12.28 20:12:25 | 000,643,836 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.12.28 20:12:25 | 000,616,008 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.12.28 20:12:25 | 000,458,916 | ---- | M] () -- C:\Windows\System32\perfh014.dat
[2010.12.28 20:12:25 | 000,129,540 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.12.28 20:12:25 | 000,106,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.12.28 20:12:25 | 000,077,562 | ---- | M] () -- C:\Windows\System32\perfc014.dat
[2010.12.28 19:02:47 | 000,000,306 | -HS- | M] () -- C:\Windows\tasks\Rdedlxdft.job
[2010.12.28 18:52:47 | 000,013,440 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.12.28 18:52:47 | 000,013,440 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.12.28 18:45:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.12.28 18:45:05 | 2411,872,256 | -HS- | M] () -- C:\hiberfil.sys
[2010.12.28 15:48:53 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2010.12.28 15:48:53 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010.12.28 15:48:53 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010.12.28 15:48:53 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010.12.28 09:04:46 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.12.28 00:14:30 | 000,002,009 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2010.12.28 00:14:24 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2010.12.27 23:20:55 | 000,052,224 | RHS- | M] () -- C:\Windows\System32\ntvdm8.dll
[2010.12.27 17:14:01 | 000,002,007 | ---- | M] () -- C:\Users\Public\Desktop\Nitro PDF Professional.lnk
[2010.12.26 13:03:18 | 000,614,488 | ---- | M] () -- C:\Users\Szlvia\Documents\Calendar 2008 12.png
[2010.12.26 13:03:17 | 000,619,539 | ---- | M] () -- C:\Users\Szlvia\Documents\Calendar 2008 11.png
[2010.12.26 13:03:15 | 000,965,880 | ---- | M] () -- C:\Users\Szlvia\Documents\Calendar 2008 10.png
[2010.12.26 13:03:14 | 000,992,375 | ---- | M] () -- C:\Users\Szlvia\Documents\Calendar 2008 09.png
[2010.12.26 13:03:13 | 001,036,845 | ---- | M] () -- C:\Users\Szlvia\Documents\Calendar 2008 08.png
[2010.12.26 13:03:12 | 000,677,188 | ---- | M] () -- C:\Users\Szlvia\Documents\Calendar 2008 07.png
[2010.12.26 13:03:11 | 000,942,152 | ---- | M] () -- C:\Users\Szlvia\Documents\Calendar 2008 06.png
[2010.12.26 13:03:10 | 001,146,632 | ---- | M] () -- C:\Users\Szlvia\Documents\Calendar 2008 05.png
[2010.12.26 13:03:09 | 000,599,453 | ---- | M] () -- C:\Users\Szlvia\Documents\Calendar 2008 04.png
[2010.12.26 13:03:08 | 000,803,280 | ---- | M] () -- C:\Users\Szlvia\Documents\Calendar 2008 03.png
[2010.12.26 13:03:07 | 000,558,488 | ---- | M] () -- C:\Users\Szlvia\Documents\Calendar 2008 02.png
[2010.12.26 13:03:06 | 000,676,638 | ---- | M] () -- C:\Users\Szlvia\Documents\Calendar 2008 01.png
[2010.12.24 18:21:38 | 000,001,859 | ---- | M] () -- C:\Users\Public\Desktop\Media Go.lnk
[2010.12.24 11:34:04 | 000,139,022 | ---- | M] () -- C:\Users\Szlvia\Documents\650.jpg
[2010.12.20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.12.20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.12.16 17:58:53 | 036,398,856 | ---- | M] () -- C:\Users\Szlvia\Documents\dokumente.pdf
[2010.12.16 17:15:45 | 000,904,403 | ---- | M] () -- C:\Users\Szlvia\Desktop\img094.jpg
[2010.12.15 13:55:44 | 000,020,335 | ---- | M] () -- C:\Users\Szlvia\Documents\sini.jpg
[2010.12.15 11:26:32 | 000,000,993 | ---- | M] () -- C:\Users\Public\Desktop\PDFCreator.lnk
[2010.12.15 07:37:33 | 000,427,400 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.12.14 07:10:08 | 000,001,819 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010.12.14 06:48:32 | 000,002,214 | ---- | M] () -- C:\Users\Public\Desktop\Sony Ericsson PC Companion 2.0.lnk
[2010.12.12 09:30:42 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_ggsemc_01007.Wdf
[2010.12.12 09:30:42 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_ggflt_01007.Wdf
[2010.12.12 09:21:27 | 000,001,207 | ---- | M] () -- C:\Users\Szlvia\Desktop\Update Service.lnk
[2010.12.12 09:20:21 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) -- C:\Windows\System32\drivers\seehcri.sys
[2010.12.12 09:19:51 | 001,112,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WdfCoInstaller01007.dll
[2010.12.12 09:19:51 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) -- C:\Windows\System32\drivers\ggsemc.sys
[2010.12.12 09:19:51 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) -- C:\Windows\System32\drivers\ggflt.sys
[2010.12.11 08:45:52 | 000,002,503 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2010.11.29 18:07:36 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2010.11.29 17:38:30 | 000,094,208 | ---- | M] (Apple Inc.) -- C:\Windows\System32\QuickTimeVR.qtx
[2010.11.29 17:38:30 | 000,069,632 | ---- | M] (Apple Inc.) -- C:\Windows\System32\QuickTime.qts
[2 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2010.12.28 09:04:46 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.12.28 00:14:30 | 000,002,009 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2010.12.27 23:20:56 | 000,000,306 | -HS- | C] () -- C:\Windows\tasks\Rdedlxdft.job
[2010.12.27 23:20:55 | 000,052,224 | RHS- | C] () -- C:\Windows\System32\ntvdm8.dll
[2010.12.27 17:14:01 | 000,002,007 | ---- | C] () -- C:\Users\Public\Desktop\Nitro PDF Professional.lnk
[2010.12.26 13:03:17 | 000,614,488 | ---- | C] () -- C:\Users\Szlvia\Documents\Calendar 2008 12.png
[2010.12.26 13:03:16 | 000,619,539 | ---- | C] () -- C:\Users\Szlvia\Documents\Calendar 2008 11.png
[2010.12.26 13:03:15 | 000,965,880 | ---- | C] () -- C:\Users\Szlvia\Documents\Calendar 2008 10.png
[2010.12.26 13:03:14 | 000,992,375 | ---- | C] () -- C:\Users\Szlvia\Documents\Calendar 2008 09.png
[2010.12.26 13:03:12 | 001,036,845 | ---- | C] () -- C:\Users\Szlvia\Documents\Calendar 2008 08.png
[2010.12.26 13:03:11 | 000,677,188 | ---- | C] () -- C:\Users\Szlvia\Documents\Calendar 2008 07.png
[2010.12.26 13:03:10 | 000,942,152 | ---- | C] () -- C:\Users\Szlvia\Documents\Calendar 2008 06.png
[2010.12.26 13:03:09 | 001,146,632 | ---- | C] () -- C:\Users\Szlvia\Documents\Calendar 2008 05.png
[2010.12.26 13:03:08 | 000,599,453 | ---- | C] () -- C:\Users\Szlvia\Documents\Calendar 2008 04.png
[2010.12.26 13:03:07 | 000,803,280 | ---- | C] () -- C:\Users\Szlvia\Documents\Calendar 2008 03.png
[2010.12.26 13:03:06 | 000,558,488 | ---- | C] () -- C:\Users\Szlvia\Documents\Calendar 2008 02.png
[2010.12.26 13:03:05 | 000,676,638 | ---- | C] () -- C:\Users\Szlvia\Documents\Calendar 2008 01.png
[2010.12.24 11:33:59 | 000,139,022 | ---- | C] () -- C:\Users\Szlvia\Documents\650.jpg
[2010.12.16 17:15:23 | 000,904,403 | ---- | C] () -- C:\Users\Szlvia\Desktop\img094.jpg
[2010.12.15 13:55:44 | 000,020,335 | ---- | C] () -- C:\Users\Szlvia\Documents\sini.jpg
[2010.12.15 11:26:32 | 000,000,993 | ---- | C] () -- C:\Users\Public\Desktop\PDFCreator.lnk
[2010.12.15 11:26:24 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2010.12.14 07:44:08 | 000,001,859 | ---- | C] () -- C:\Users\Public\Desktop\Media Go.lnk
[2010.12.14 07:10:08 | 000,001,819 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010.12.14 06:41:05 | 000,002,214 | ---- | C] () -- C:\Users\Public\Desktop\Sony Ericsson PC Companion 2.0.lnk
[2010.12.12 09:30:42 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_ggsemc_01007.Wdf
[2010.12.12 09:30:42 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_ggflt_01007.Wdf
[2010.12.12 09:21:27 | 000,001,207 | ---- | C] () -- C:\Users\Szlvia\Desktop\Update Service.lnk
[2010.12.10 16:46:06 | 036,398,856 | ---- | C] () -- C:\Users\Szlvia\Documents\dokumente.pdf
[2010.11.14 18:39:32 | 000,697,328 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2010.11.14 17:29:48 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2010.09.17 19:42:53 | 000,126,976 | ---- | C] () -- C:\Windows\System32\THBIni20.dll
[2010.08.18 14:50:17 | 000,007,680 | ---- | C] () -- C:\Users\Szlvia\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.06.21 15:44:04 | 000,020,000 | -H-- | C] () -- C:\ProgramData\M33KI
[2010.06.15 18:28:11 | 000,143,360 | ---- | C] () -- C:\Windows\System32\PF1800LC.Dll
[2010.06.15 18:28:11 | 000,049,152 | ---- | C] () -- C:\Windows\System32\PWiaExt.dll
[2010.06.15 18:28:10 | 000,155,648 | ---- | C] () -- C:\Windows\System32\daspi32u.dll
[2010.06.15 18:28:10 | 000,106,496 | ---- | C] () -- C:\Windows\System32\IO_PORT.DLL
[2010.06.15 18:28:09 | 000,000,234 | ---- | C] () -- C:\Windows\Scanner.ini
[2010.05.14 16:38:41 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2010.04.27 07:06:45 | 000,000,000 | ---- | C] () -- C:\Windows\EEventManager.INI
[2010.02.05 13:33:55 | 000,000,000 | ---- | C] () -- C:\Users\Szlvia\AppData\Roaming\downloads.m3u
[2010.01.28 14:30:07 | 000,004,767 | ---- | C] () -- C:\Windows\Irremote.ini
[2010.01.19 18:21:59 | 000,000,123 | ---- | C] () -- C:\Users\Szlvia\AppData\Roaming\default.rss
[2010.01.13 18:11:09 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2009.09.16 18:27:58 | 000,508,224 | ---- | C] () -- C:\Windows\System32\ICCProfiles.dll
[2009.08.03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009.07.14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2007.10.02 06:44:00 | 000,022,723 | ---- | C] () -- C:\Windows\System32\lexr1l3.dll
[2006.12.09 03:54:38 | 000,022,723 | ---- | C] () -- C:\Windows\System32\sugg1l3.dll
[2003.04.02 10:59:50 | 000,005,263 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:0A8E2C33

< End of report >
--- --- ---
Antwort

Themen zu virus drauf, dachte entfernt, und dann doch wieder drauf, krieg den nicht runter
5 minuten, adware.widgitoolbar, anti-malware, appdata, bli, browser, dateien, entfernt, erfolgreich, explorer, files, helper, hijack.zones, krieg, malwarebytes, microsoft, minute, minuten, neustart, nicht mehr, pdfforge, pdfforge toolbar, runter, sicherheitscenter, software, spigot, temp, trojan.fakealert, version, virus


« Internet bricht dauernd ab und ist langsam, Virus? | TR/Crypt:Xpack.gen in Skype.exe »


Ähnliche Themen: virus drauf, dachte entfernt, und dann doch wieder drauf, krieg den nicht runter


  1. PC fährt erst nicht hoch, wenn dann doch, stürzt er wieder ab
    Log-Analyse und Auswertung - 14.09.2015 (17)
  2. Virus drauf wird aber von Scanner nicht erkannt
    Plagegeister aller Art und deren Bekämpfung - 31.07.2013 (17)
  3. Bundespolizeivirus wieder drauf
    Plagegeister aller Art und deren Bekämpfung - 11.04.2012 (1)
  4. Hatte einen Virus drauf aber traue der sache nicht
    Plagegeister aller Art und deren Bekämpfung - 11.01.2010 (4)
  5. Hab ein Virus drauf...
    Mülltonne - 11.01.2009 (0)
  6. Habe ich ein Virus drauf?
    Mülltonne - 20.12.2008 (0)
  7. Vista runter > XP drauf
    Alles rund um Windows - 03.11.2008 (25)
  8. TR/Agent.83096 und TR/Gendal.228352 gefunden,gelöscht und wieder drauf
    Plagegeister aller Art und deren Bekämpfung - 20.08.2008 (3)
  9. virus drauf, tatatur funzt nicht mehr
    Mülltonne - 21.08.2007 (0)
  10. viele viren drauf und nix hilft? oder doch?
    Plagegeister aller Art und deren Bekämpfung - 24.10.2006 (6)
  11. schon wieder was drauf?
    Log-Analyse und Auswertung - 23.10.2005 (1)
  12. Warsch en Virus drauf
    Log-Analyse und Auswertung - 01.07.2005 (0)
  13. AZESearch Toolbar entfernt; Kann jemand mal nen Auge drauf werfen?
    Log-Analyse und Auswertung - 24.04.2005 (2)
  14. xp runter, 2000 drauf!
    Alles rund um Windows - 23.03.2005 (1)
  15. Hab ich doch noch Trojaner drauf? :S:S:S
    Plagegeister aller Art und deren Bekämpfung - 22.03.2005 (4)
  16. Neuinstalliert, nach zwei Tagen wieder was drauf
    Plagegeister aller Art und deren Bekämpfung - 10.02.2005 (2)
  17. windows 2000 neu drauf und schon wieder probleme Oo
    Log-Analyse und Auswertung - 07.12.2004 (2)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema virus drauf, dachte entfernt, und dann doch wieder drauf, krieg den nicht runter - o.k arne du wolltest das ich das jetzt hier alles rein copiere ....fuer mich sind das boemische doerfer und ich hoffe das ist nicht alles so schlimm wie es lang - virus drauf, dachte entfernt, und dann doch wieder drauf, krieg den nicht runter...
Archiv
Du betrachtest: virus drauf, dachte entfernt, und dann doch wieder drauf, krieg den nicht runter auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131