| |
| |||||||
Log-Analyse und Auswertung: Trojaner TR/kazy.mekml.1 (laut AntiVir) ?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
20.04.2011, 14:32
| #3 |
 |  Trojaner TR/kazy.mekml.1 (laut AntiVir) ? OTL.Txt:
__________________Die Datei, die Sie anhängen möchten, ist zu groß. Die maximale Dateigröße für diesen Dateityp beträgt 97,7 KB. Ihre Datei ist 136,8 KB groß. Also nicht als Anhang. OTL Logfile: Code:
ATTFilter OTL logfile created on: 20.04.2011 15:09:30 - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Dokumente und Einstellungen\San\Desktop Windows XP Professional Edition Service Pack 3, v.5857 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.3244) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1.022,00 Mb Total Physical Memory | 518,00 Mb Available Physical Memory | 51,00% Memory free 2,00 Gb Paging File | 1,00 Gb Available in Paging File | 74,00% Paging File free Paging file location(s): c:\pagefile.sys 768 1536 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 19,53 Gb Total Space | 6,81 Gb Free Space | 34,87% Space Free | Partition Type: NTFS Drive D: | 11,95 Gb Total Space | 11,87 Gb Free Space | 99,35% Space Free | Partition Type: NTFS Drive G: | 149,05 Gb Total Space | 32,84 Gb Free Space | 22,03% Space Free | Partition Type: NTFS Computer Name: PIKACHU | User Name: San | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011.04.20 15:07:39 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\San\Desktop\OTL.exe PRC - [2011.04.18 21:31:14 | 000,569,344 | -H-- | M] (BitSprx) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PFmPbJoHGuT.exe PRC - [2011.03.18 19:56:37 | 000,924,632 | -H-- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe PRC - [2011.03.04 14:36:20 | 000,135,336 | -H-- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe PRC - [2011.03.04 14:36:11 | 000,281,768 | -H-- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe PRC - [2011.03.04 14:36:11 | 000,269,480 | -H-- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe PRC - [2010.03.19 10:49:20 | 000,144,672 | -H-- | M] (Apple Inc.) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe PRC - [2010.01.14 21:10:53 | 000,076,968 | -H-- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe PRC - [2007.12.29 14:05:17 | 000,486,856 | -H-- | M] (DT Soft Ltd) -- C:\Programme\DAEMON Tools Lite\daemon.exe PRC - [2007.10.30 23:51:22 | 001,036,800 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2007.10.30 23:51:14 | 000,012,288 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\attrib.exe PRC - [2004.12.28 06:08:24 | 000,253,952 | -H-- | M] () -- C:\Programme\Mouse Driver\MouseDriver.exe ========== Modules (SafeList) ========== MOD - [2011.04.20 15:07:39 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\San\Desktop\OTL.exe MOD - [2007.10.30 23:51:10 | 000,278,528 | -H-- | M] () -- C:\WINDOWS\ofadagak.dll MOD - [2007.10.30 23:49:12 | 001,054,208 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.3244_x-ww_d74fff41\comctl32.dll ========== Win32 Services (SafeList) ========== SRV - [2011.03.04 14:36:20 | 000,135,336 | -H-- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2011.03.04 14:36:11 | 000,269,480 | -H-- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2010.03.19 10:49:20 | 000,144,672 | -H-- | M] (Apple Inc.) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2005.04.04 01:41:10 | 000,069,632 | -H-- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT) ========== Driver Services (SafeList) ========== DRV - [2011.03.04 16:11:12 | 000,137,656 | -H-- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb) DRV - [2011.03.04 14:36:34 | 000,061,960 | -H-- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt) DRV - [2010.06.17 14:27:02 | 000,028,520 | -H-- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2010.06.17 14:26:52 | 000,011,608 | -H-- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio) DRV - [2009.07.21 18:30:48 | 003,565,056 | -H-- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2009.05.05 09:58:30 | 000,013,976 | -H-- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\videX32.sys -- (videX32) DRV - [2008.11.06 07:13:33 | 000,044,696 | -H-- | M] (Phantombility, Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\phmcd.sys -- (phmcd) DRV - [2008.06.20 13:08:27 | 000,225,856 | -H-- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6) DRV - [2008.01.22 16:50:42 | 000,715,248 | -H-- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2008.01.18 16:16:28 | 000,100,648 | -H-- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\a016obex.sys -- (a016obex) DRV - [2008.01.18 16:16:26 | 000,110,504 | -H-- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\a016mdm.sys -- (a016mdm) DRV - [2008.01.18 16:16:26 | 000,104,488 | -H-- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\a016mgmt.sys -- (a016mgmt) Sony Ericsson Device A016 USB WMC Device Management Drivers (WDM) DRV - [2008.01.18 16:16:24 | 000,015,016 | -H-- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\a016mdfl.sys -- (a016mdfl) DRV - [2008.01.18 16:16:22 | 000,083,880 | -H-- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\a016bus.sys -- (a016bus) Sony Ericsson Device A016 driver (WDM) DRV - [2007.10.30 18:47:08 | 000,010,624 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum) DRV - [2007.10.30 18:44:36 | 000,088,320 | -H-- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx) DRV - [2007.01.16 19:28:00 | 000,165,376 | -H-- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt) DRV - [2007.01.16 19:27:59 | 000,018,048 | -H-- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt) DRV - [2005.06.20 16:08:44 | 002,324,480 | RH-- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM) DRV - [2005.03.04 05:10:26 | 000,074,496 | -H-- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp) DRV - [2004.08.31 20:07:08 | 000,026,240 | -H-- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ElbyCDFL.sys -- (ElbyCDFL) DRV - [2004.08.09 13:33:26 | 000,114,016 | -H-- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prohlp02.sys -- (prohlp02) DRV - [2004.08.09 13:29:28 | 000,053,920 | -H-- | M] (Protection Technology) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\prodrv06.sys -- (prodrv06) DRV - [2004.08.03 23:31:36 | 000,032,768 | -H-- | M] (SiS Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sisnic.sys -- (SISNIC) DRV - [2004.08.03 22:31:34 | 000,020,992 | -H-- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) NT-Treiber für Realtek RTL8139(A/B/C) DRV - [2004.07.19 16:49:54 | 000,007,040 | -H-- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prosync1.sys -- (prosync1) DRV - [2004.02.12 19:11:28 | 000,003,968 | -H-- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ElbyDelay.sys -- (ElbyDelay) DRV - [2003.12.16 19:13:02 | 000,034,297 | -H-- | M] (Generic) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\StMp3Rec.sys -- (StMp3Rec) DRV - [2003.12.01 17:20:52 | 000,004,832 | -H-- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp01.sys -- (sfhlp01) DRV - [2003.10.02 17:25:48 | 000,011,264 | RH-- | M] (Silicon Integrated Systems Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srvkp.sys -- (SiSkp) DRV - [2003.07.01 22:42:00 | 000,027,904 | -H-- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\viaagp1.sys -- (viaagp1) DRV - [2003.03.25 18:50:46 | 000,004,096 | RH-- | M] (Silicon Integrated Systems Corp.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\siside.sys -- (SiSide) DRV - [2003.01.13 11:43:56 | 000,030,720 | RH-- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\SISAGPX.sys -- (sisagp) DRV - [2002.10.17 16:14:46 | 000,049,024 | RH-- | M] (Windows (R) 2000 DDK provider) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\sisidex.sys -- (sisidex) DRV - [2002.08.20 18:19:08 | 000,009,472 | RH-- | M] (Silicon Integrated Systems Corp.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sisperf.sys -- (sisperf) DRV - [2002.07.17 19:03:10 | 000,008,584 | -H-- | M] (AIPTEK International Inc. ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\stv680m.sys -- (STV680m) DRV - [2002.07.17 19:03:08 | 000,111,800 | -H-- | M] (AIPTEK International Inc. ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\stv680.sys -- (STV680) DRV - [2001.08.23 14:00:00 | 000,063,232 | -H-- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb) DRV - [2001.08.23 14:00:00 | 000,055,936 | -H-- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx) DRV - [2001.08.17 15:00:04 | 000,002,944 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://toolbar.ask.com/toolbarv/askRedirect?o=13165&gct=&gc=1&q= IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://toolbar.ask.com/toolbarv/askRedirect?o=13165&gct=&gc=1&q= IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-515967899-789336058-1708537768-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = IE - HKU\S-1-5-21-515967899-789336058-1708537768-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.tattoodle.com?tid={B1310335-40C3-4490-97C0-C6FA98242D82} IE - HKU\S-1-5-21-515967899-789336058-1708537768-1003\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - File not found IE - HKU\S-1-5-21-515967899-789336058-1708537768-1003\..\URLSearchHook: {C94E154B-1459-4A47-966B-4B843BEFC7DB} - C:\Programme\AskSearch\bin\DefaultSearch.dll () IE - HKU\S-1-5-21-515967899-789336058-1708537768-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-515967899-789336058-1708537768-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Fast Browser Search" FF - prefs.js..browser.search.defaultthis.engineName: "Fast Browser Search" FF - prefs.js..browser.search.order.1: "Fast Browser Search" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/" FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.4 FF - prefs.js..extensions.enabledItems: {c50ca3c4-5656-43c2-a061-13e717f73fc8}:4.0.1 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {dc572301-7619-498c-a57d-39143191b318}:0.3.8.5 FF - prefs.js..extensions.enabledItems: {00352F14-3F76-4e4d-ACFF-9972D7E4B3B9}:0.7.2 FF - HKLM\software\mozilla\Firefox\extensions\\{CA4A6ABB-34A1-4CB4-9665-84E8B5130EAF}: C:\Dokumente und Einstellungen\San\Lokale Einstellungen\Anwendungsdaten\{CA4A6ABB-34A1-4CB4-9665-84E8B5130EAF} [2011.04.18 21:32:59 | 000,000,000 | -H-D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Programme\Mozilla Firefox\components [2011.04.19 22:23:13 | 000,000,000 | -H-D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2011.04.19 22:23:13 | 000,000,000 | -H-D | M] [2008.08.29 17:10:07 | 000,000,000 | -H-D | M] (No name found) -- C:\Dokumente und Einstellungen\San\Anwendungsdaten\Mozilla\Extensions [2011.04.19 22:14:51 | 000,000,000 | -H-D | M] (No name found) -- C:\Dokumente und Einstellungen\San\Anwendungsdaten\Mozilla\Firefox\Profiles\dh96igz4.default\extensions [2010.10.31 02:37:09 | 000,000,000 | -H-D | M] (MacOSX Theme) -- C:\Dokumente und Einstellungen\San\Anwendungsdaten\Mozilla\Firefox\Profiles\dh96igz4.default\extensions\{00352F14-3F76-4e4d-ACFF-9972D7E4B3B9} [2010.11.01 18:32:15 | 000,000,000 | -H-D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\San\Anwendungsdaten\Mozilla\Firefox\Profiles\dh96igz4.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011.04.19 22:14:51 | 000,000,000 | -H-D | M] (DownloadHelper) -- C:\Dokumente und Einstellungen\San\Anwendungsdaten\Mozilla\Firefox\Profiles\dh96igz4.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2011.03.26 12:21:04 | 000,000,000 | -H-D | M] (Fast Video Download (with SearchMenu)) -- C:\Dokumente und Einstellungen\San\Anwendungsdaten\Mozilla\Firefox\Profiles\dh96igz4.default\extensions\{c50ca3c4-5656-43c2-a061-13e717f73fc8} [2011.03.26 12:21:05 | 000,000,000 | -H-D | M] (No name found) -- C:\Dokumente und Einstellungen\San\Anwendungsdaten\Mozilla\Firefox\Profiles\dh96igz4.default\extensions\{dc572301-7619-498c-a57d-39143191b318} [2011.03.26 12:21:05 | 000,000,000 | -H-D | M] (No name found) -- C:\Dokumente und Einstellungen\San\Anwendungsdaten\Mozilla\Firefox\Profiles\dh96igz4.default\extensions\{dc572301-7619-498c-a57d-39143191b318}\modules\extensions [2009.10.28 20:02:03 | 000,002,171 | -H-- | M] () -- C:\Dokumente und Einstellungen\San\Anwendungsdaten\Mozilla\Firefox\Profiles\dh96igz4.default\searchplugins\bing.xml [2009.12.05 16:28:31 | 000,005,413 | -H-- | M] () -- C:\Dokumente und Einstellungen\San\Anwendungsdaten\Mozilla\Firefox\Profiles\dh96igz4.default\searchplugins\fast-browser-search.xml [2011.04.17 16:16:59 | 000,000,961 | -H-- | M] () -- C:\Dokumente und Einstellungen\San\Anwendungsdaten\Mozilla\Firefox\Profiles\dh96igz4.default\searchplugins\icqplugin-2.xml [2008.07.05 19:15:26 | 000,000,950 | -H-- | M] () -- C:\Dokumente und Einstellungen\San\Anwendungsdaten\Mozilla\Firefox\Profiles\dh96igz4.default\searchplugins\icqplugin-3.xml [2008.07.19 17:48:29 | 000,000,950 | -H-- | M] () -- C:\Dokumente und Einstellungen\San\Anwendungsdaten\Mozilla\Firefox\Profiles\dh96igz4.default\searchplugins\icqplugin-4.xml [2008.10.01 16:32:29 | 000,000,950 | -H-- | M] () -- C:\Dokumente und Einstellungen\San\Anwendungsdaten\Mozilla\Firefox\Profiles\dh96igz4.default\searchplugins\icqplugin-5.xml [2008.11.21 16:37:41 | 000,000,950 | -H-- | M] () -- C:\Dokumente und Einstellungen\San\Anwendungsdaten\Mozilla\Firefox\Profiles\dh96igz4.default\searchplugins\icqplugin-6.xml [2008.06.21 13:46:43 | 000,000,962 | -H-- | M] () -- C:\Dokumente und Einstellungen\San\Anwendungsdaten\Mozilla\Firefox\Profiles\dh96igz4.default\searchplugins\icqplugin.xml [2008.09.08 20:30:43 | 000,001,504 | -H-- | M] () -- C:\Dokumente und Einstellungen\San\Anwendungsdaten\Mozilla\Firefox\Profiles\dh96igz4.default\searchplugins\imdb.xml [2011.04.17 16:17:00 | 000,002,019 | -H-- | M] () -- C:\Dokumente und Einstellungen\San\Anwendungsdaten\Mozilla\Firefox\Profiles\dh96igz4.default\searchplugins\leo-de-en.xml [2009.07.18 22:01:44 | 000,004,140 | -H-- | M] () -- C:\Dokumente und Einstellungen\San\Anwendungsdaten\Mozilla\Firefox\Profiles\dh96igz4.default\searchplugins\youtube.xml [2011.04.19 12:26:57 | 000,000,000 | -H-D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions File not found (No name found) -- [2011.04.18 21:32:59 | 000,000,000 | -H-D | M] (XULRunner) -- C:\DOKUMENTE UND EINSTELLUNGEN\SAN\LOKALE EINSTELLUNGEN\ANWENDUNGSDATEN\{CA4A6ABB-34A1-4CB4-9665-84E8B5130EAF} [2009.06.22 21:31:05 | 000,000,000 | -H-D | M] (Java Quick Starter) -- C:\PROGRAMME\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2011.03.18 19:56:37 | 000,142,296 | -H-- | M] (Mozilla Foundation) -- C:\Programme\Mozilla Firefox\components\browsercomps.dll [2010.01.01 10:00:00 | 000,001,392 | -H-- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2009.05.13 15:50:45 | 000,002,194 | -H-- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\babylon.xml [2010.01.01 10:00:00 | 000,002,252 | -H-- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\bing.xml [2010.01.01 10:00:00 | 000,001,153 | -H-- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml [2010.01.01 10:00:00 | 000,006,805 | -H-- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.01.01 10:00:00 | 000,001,178 | -H-- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.01.01 10:00:00 | 000,001,105 | -H-- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2011.03.10 23:27:07 | 000,001,540 | -H-- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 support.steampowered.com O1 - Hosts: 127.0.0.1 support.steampowered.com O1 - Hosts: 127.0.0.1 support.steampowered.com O1 - Hosts: 127.0.0.1 support.steampowered.com O1 - Hosts: 127.0.0.1 support.steampowered.com O1 - Hosts: 127.0.0.1 support.steampowered.com O1 - Hosts: 127.0.0.1 support.steampowered.com O1 - Hosts: 127.0.0.1 support.steampowered.com O1 - Hosts: 127.0.0.1 support.steampowered.com O1 - Hosts: 127.0.0.1 support.steampowered.com O1 - Hosts: 127.0.0.1 support.steampowered.com O1 - Hosts: 127.0.0.1 support.steampowered.com O1 - Hosts: 127.0.0.1 support.steampowered.com O1 - Hosts: 127.0.0.1 support.steampowered.com O1 - Hosts: 127.0.0.1 support.steampowered.com O1 - Hosts: 127.0.0.1 support.steampowered.com O1 - Hosts: 127.0.0.1 support.steampowered.com O1 - Hosts: 127.0.0.1 support.steampowered.com O1 - Hosts: 127.0.0.1 support.steampowered.com O1 - Hosts: 127.0.0.1 support.steampowered.com O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (BrowserHelper Class) - {8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6} - File not found O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (ICQ Toolbar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - File not found O3 - HKU\S-1-5-21-515967899-789336058-1708537768-1003\..\Toolbar\WebBrowser: (ICQ Toolbar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - File not found O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [Csonudo] C:\WINDOWS\ofadagak.dll () O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [SANSUNMouse ] C:\Programme\Mouse Driver\MouseDriver.exe () O4 - HKU\S-1-5-21-515967899-789336058-1708537768-1003..\Run: [DAEMON Tools Lite] C:\Programme\DAEMON Tools Lite\daemon.exe (DT Soft Ltd) O4 - HKU\S-1-5-21-515967899-789336058-1708537768-1003..\Run: [PFmPbJoHGuT] C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PFmPbJoHGuT.exe (BitSprx) O4 - HKU\S-1-5-21-515967899-789336058-1708537768-1003..\Run: [Steam] g:\games\steam\steam.exe (Valve Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-515967899-789336058-1708537768-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O15 - HKU\S-1-5-21-515967899-789336058-1708537768-1003\..Trusted Domains: ([]msn in Arbeitsplatz) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.1.1 O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O20 - Winlogon\Notify\WgaLogon: DllName - Reg Error: Value error. - Reg Error: Value error. File not found O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\San\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\San\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2005.07.08 19:08:55 | 000,000,000 | -H-- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{6ccad9c8-cdff-11de-b090-008048167d4c}\Shell - "" = AutoRun O33 - MountPoints2\{6ccad9c8-cdff-11de-b090-008048167d4c}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{6ccad9c8-cdff-11de-b090-008048167d4c}\Shell\AutoRun\command - "" = K:\autorunner.exe "CosmosDirekt.html" O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: uploadmgr - File not found SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vds - Service SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: nm - File not found SafeBootNet: nm.sys - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: UploadMgr - Service SafeBootNet: vga.sys - Driver SafeBootNet: vsmon - Service SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML) ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4 ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 10.4 ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 10.4 ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offlinebrowsingpaket ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460) ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015C} - Microsoft DirectX ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer-Hilfe ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Sicherheitsupdate für Windows XP (KB923789) ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsererweiterungen ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - Zugang zu MSN Site ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - %SystemRoot%\system32\ie4uinit.exe ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML-Datenbindung ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer-Hauptschriftarten ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML-Hilfe ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\INF\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation) Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.lhacm - C:\WINDOWS\System32\lhacm.acm (Microsoft Corporation) Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.) Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.) Drivers32: msvideo7 - C:\WINDOWS\System32\stv680tg.dll (AIPTEK International Inc.) Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.) Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.) Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation) Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation) Drivers32: vidc.VP60 - C:\WINDOWS\system32\vp6vfw.dll (On2.com) Drivers32: vidc.VP61 - C:\WINDOWS\system32\vp6vfw.dll (On2.com) Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.) CREATERESTOREPOINT Restore point Set: OTL Restore Point (16902109354000384) ========== Files/Folders - Created Within 30 Days ========== [2011.04.20 15:17:02 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\San\Recent [2011.04.20 15:07:38 | 000,580,608 | -H-- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\San\Desktop\OTL.exe [2011.04.20 11:10:26 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\San\Anwendungsdaten\Malwarebytes [2011.04.20 11:07:55 | 000,038,224 | -H-- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2011.04.20 11:07:55 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware [2011.04.20 11:07:54 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes [2011.04.20 11:07:03 | 007,734,208 | -H-- | C] (Malwarebytes Corporation ) -- C:\Dokumente und Einstellungen\San\Desktop\mbam-setup.exe [2011.04.19 22:22:48 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\QuickTime [2011.04.19 22:22:08 | 000,000,000 | -H-D | C] -- C:\Programme\QuickTime [2011.04.19 22:18:03 | 038,147,376 | -H-- | C] (Apple Inc.) -- C:\Dokumente und Einstellungen\San\Desktop\QuickTimeInstaller.exe [2011.04.19 20:59:31 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\San\Anwendungsdaten\Avira [2011.04.19 20:57:10 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Avira [2011.04.19 20:56:10 | 000,028,520 | -H-- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys [2011.04.19 20:55:54 | 000,137,656 | -H-- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys [2011.04.19 20:55:54 | 000,061,960 | -H-- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys [2011.04.19 20:55:54 | 000,045,416 | -H-- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys [2011.04.19 20:55:54 | 000,022,360 | -H-- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys [2011.04.19 20:55:51 | 000,000,000 | -H-D | C] -- C:\Programme\Avira [2011.04.19 20:55:51 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira [2011.04.19 20:50:58 | 012,420,392 | -H-- | C] (Mozilla) -- C:\Dokumente und Einstellungen\San\Desktop\Firefox Setup 4.0.exe [2011.04.19 20:05:19 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\San\Eigene Dateien\My eBooks [2011.04.19 20:02:39 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\San\Eigene Dateien\Eigene Musik [2011.04.19 20:02:39 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\San\Eigene Dateien\Eigene Bilder [2011.04.18 21:32:59 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\San\Lokale Einstellungen\Anwendungsdaten\{CA4A6ABB-34A1-4CB4-9665-84E8B5130EAF} [2011.04.18 21:31:16 | 000,569,344 | -H-- | C] (BitSprx) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PFmPbJoHGuT.exe [2011.04.18 21:07:10 | 000,627,312 | -H-- | C] (Babylon Ltd.) -- C:\Dokumente und Einstellungen\San\Desktop\Babylon9_setup.exe [13 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011.04.20 15:07:39 | 000,580,608 | -H-- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\San\Desktop\OTL.exe [2011.04.20 15:01:58 | 000,001,078 | -H-- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2011.04.20 15:01:42 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011.04.20 14:38:00 | 000,001,082 | -H-- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2011.04.20 11:07:55 | 000,000,635 | -H-- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk [2011.04.20 11:07:12 | 007,734,208 | -H-- | M] (Malwarebytes Corporation ) -- C:\Dokumente und Einstellungen\San\Desktop\mbam-setup.exe [2011.04.20 10:31:14 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\Lbuvunevi.bin [2011.04.19 22:22:49 | 000,001,597 | -H-- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\QuickTime Player.lnk [2011.04.19 22:18:53 | 038,147,376 | -H-- | M] (Apple Inc.) -- C:\Dokumente und Einstellungen\San\Desktop\QuickTimeInstaller.exe [2011.04.19 20:57:10 | 000,001,684 | -H-- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Avira AntiVir Control Center.lnk [2011.04.19 20:54:00 | 051,435,480 | -H-- | M] () -- C:\Dokumente und Einstellungen\San\Desktop\avira_antivir_635personal_de.exe [2011.04.19 20:51:35 | 000,000,709 | -H-- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mozilla Firefox.lnk [2011.04.19 20:50:58 | 012,420,392 | -H-- | M] (Mozilla) -- C:\Dokumente und Einstellungen\San\Desktop\Firefox Setup 4.0.exe [2011.04.19 19:54:48 | 000,000,120 | -H-- | M] () -- C:\WINDOWS\Ntokulufuju.dat [2011.04.19 12:13:45 | 000,000,392 | -H-- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\16047924 [2011.04.19 12:13:02 | 000,000,184 | -H-- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\~16047924 [2011.04.19 12:13:01 | 000,000,152 | -H-- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\~16047924r [2011.04.19 12:11:50 | 000,000,836 | -H-- | M] () -- C:\Dokumente und Einstellungen\San\Desktop\Windows Recovery.lnk [2011.04.18 21:33:16 | 089,693,868 | -H-- | M] () -- C:\Dokumente und Einstellungen\San\Desktop\dfvlrd2h.rar [2011.04.18 21:31:14 | 000,569,344 | -H-- | M] (BitSprx) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PFmPbJoHGuT.exe [2011.04.18 21:12:37 | 000,010,028 | -H-- | M] () -- C:\Dokumente und Einstellungen\San\Desktop\[isoHunt] Die Fantastischen Vier - Lauschgift-Remastered-DE-2009-hbZ seeded by www.p2p-crew.to.torrent [2011.04.18 21:07:11 | 000,627,312 | -H-- | M] (Babylon Ltd.) -- C:\Dokumente und Einstellungen\San\Desktop\Babylon9_setup.exe [2011.04.18 12:58:54 | 000,000,622 | -H-- | M] () -- C:\Dokumente und Einstellungen\San\Desktop\World of Warcraft.lnk [2011.04.17 16:00:43 | 000,002,206 | -H-- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011.04.03 14:05:42 | 000,458,476 | -H-- | M] () -- C:\WINDOWS\System32\perfh007.dat [2011.04.03 14:05:42 | 000,440,684 | -H-- | M] () -- C:\WINDOWS\System32\perfh009.dat [2011.04.03 14:05:42 | 000,084,318 | -H-- | M] () -- C:\WINDOWS\System32\perfc007.dat [2011.04.03 14:05:42 | 000,071,002 | -H-- | M] () -- C:\WINDOWS\System32\perfc009.dat [2011.03.22 16:31:26 | 000,002,243 | -H-- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Skype.lnk [13 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2011.04.20 11:07:55 | 000,000,635 | -H-- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk [2011.04.19 22:22:49 | 000,001,597 | -H-- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\QuickTime Player.lnk [2011.04.19 20:57:10 | 000,001,684 | -H-- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Avira AntiVir Control Center.lnk [2011.04.19 20:52:47 | 051,435,480 | -H-- | C] () -- C:\Dokumente und Einstellungen\San\Desktop\avira_antivir_635personal_de.exe [2011.04.19 20:51:35 | 000,000,709 | -H-- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mozilla Firefox.lnk [2011.04.19 20:51:34 | 000,000,715 | -H-- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Mozilla Firefox [2011.04.19 12:13:01 | 000,000,152 | -H-- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\~16047924r [2011.04.19 12:13:00 | 000,000,184 | -H-- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\~16047924 [2011.04.19 12:11:50 | 000,000,836 | -H-- | C] () -- C:\Dokumente und Einstellungen\San\Desktop\Windows Recovery.lnk [2011.04.19 12:11:22 | 000,000,392 | -H-- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\16047924 [2011.04.18 21:33:01 | 000,000,120 | -H-- | C] () -- C:\WINDOWS\Ntokulufuju.dat [2011.04.18 21:33:01 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\Lbuvunevi.bin [2011.04.18 21:30:20 | 089,693,868 | -H-- | C] () -- C:\Dokumente und Einstellungen\San\Desktop\dfvlrd2h.rar [2011.04.18 21:12:30 | 000,010,028 | -H-- | C] () -- C:\Dokumente und Einstellungen\San\Desktop\[isoHunt] Die Fantastischen Vier - Lauschgift-Remastered-DE-2009-hbZ seeded by www.p2p-crew.to.torrent [2010.04.06 11:51:47 | 000,015,464 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat [2010.01.24 20:52:17 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\iPlayer.INI [2009.12.01 20:13:55 | 000,001,507 | -H-- | C] () -- C:\WINDOWS\HPOCSS05.INI [2009.12.01 20:13:55 | 000,000,490 | -H-- | C] () -- C:\WINDOWS\HPOTBX05.INI [2009.12.01 20:05:32 | 000,000,065 | -H-- | C] () -- C:\WINDOWS\opleinst.ini [2009.12.01 20:05:31 | 000,125,440 | -H-- | C] () -- C:\WINDOWS\System32\hpocnt05.dll [2009.12.01 20:05:31 | 000,000,970 | -H-- | C] () -- C:\WINDOWS\hpoio05.ini [2009.11.06 10:58:04 | 000,178,975 | -H-- | C] () -- C:\WINDOWS\System32\xlive.dll.cat [2009.10.28 19:31:43 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat [2009.10.16 21:25:19 | 000,000,136 | -H-- | C] () -- C:\Dokumente und Einstellungen\San\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat [2009.10.11 19:50:36 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\ativpsrm.bin [2009.10.11 19:47:10 | 000,593,920 | -H-- | C] () -- C:\WINDOWS\System32\ati2sgag.exe [2009.09.25 21:34:45 | 000,022,328 | -H-- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2009.09.25 21:34:33 | 000,022,328 | -H-- | C] () -- C:\Dokumente und Einstellungen\San\Anwendungsdaten\PnkBstrK.sys [2009.09.25 21:33:54 | 000,103,736 | -H-- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe [2009.09.25 21:33:42 | 000,669,184 | -H-- | C] () -- C:\WINDOWS\System32\pbsvc.exe [2009.09.25 21:33:42 | 000,075,064 | -H-- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe [2009.08.14 16:38:45 | 000,004,096 | -H-- | C] () -- C:\WINDOWS\d3dx.dat [2009.08.13 10:43:43 | 000,000,060 | -H-- | C] () -- C:\WINDOWS\Bibi_Tina.ini [2009.08.07 15:34:43 | 000,000,552 | -H-- | C] () -- C:\WINDOWS\System32\d3d8caps.dat [2009.07.21 17:17:04 | 003,107,788 | -H-- | C] () -- C:\WINDOWS\System32\ativva5x.dat [2009.07.21 17:17:04 | 000,887,724 | -H-- | C] () -- C:\WINDOWS\System32\ativva6x.dat [2009.04.23 23:29:16 | 000,189,051 | -H-- | C] () -- C:\WINDOWS\System32\atiicdxx.dat [2009.02.05 22:56:49 | 001,970,176 | -H-- | C] () -- C:\WINDOWS\System32\d3dx9.dll [2008.12.09 20:48:00 | 000,000,083 | -H-- | C] () -- C:\WINDOWS\wwp.INI [2008.01.22 17:10:30 | 000,034,308 | -H-- | C] () -- C:\WINDOWS\System32\Chip.dll [2008.01.19 16:46:38 | 000,000,640 | -H-- | C] () -- C:\WINDOWS\EFXP.INI [2008.01.04 23:58:50 | 003,596,288 | -H-- | C] () -- C:\WINDOWS\System32\qt-dx331.dll [2008.01.04 23:56:24 | 000,012,288 | -H-- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll [2007.12.21 23:12:29 | 000,000,299 | -H-- | C] () -- C:\WINDOWS\game.ini [2007.12.05 02:41:00 | 000,212,992 | -H-- | C] () -- C:\WINDOWS\System32\nvapi.dll [2007.06.13 20:12:27 | 000,001,743 | -H-- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\QTSBandwidthCache [2007.01.16 19:28:00 | 000,165,376 | -H-- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys [2007.01.16 19:27:59 | 000,018,048 | -H-- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys [2006.11.14 17:30:57 | 000,000,169 | -H-- | C] () -- C:\WINDOWS\RtlRack.ini [2006.10.04 11:29:55 | 000,000,216 | -H-- | C] () -- C:\WINDOWS\MPPAGER.INI [2006.09.07 17:10:24 | 000,000,604 | -H-- | C] () -- C:\WINDOWS\Thps3.INI [2006.06.07 16:52:36 | 000,000,192 | -H-- | C] () -- C:\WINDOWS\winamp.ini [2006.01.31 23:20:22 | 000,000,513 | -H-- | C] () -- C:\WINDOWS\DFC.INI [2006.01.31 23:16:38 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat [2006.01.31 23:01:20 | 000,045,056 | -H-- | C] () -- C:\WINDOWS\System32\vusetup.dll [2006.01.31 22:57:19 | 000,156,672 | RH-- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll [2006.01.31 22:56:43 | 000,000,164 | -H-- | C] () -- C:\WINDOWS\avrack.ini [2006.01.31 22:56:16 | 000,040,960 | RH-- | C] () -- C:\WINDOWS\System32\ChCfg.exe [2006.01.25 21:21:41 | 000,363,520 | -H-- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2006.01.24 20:17:04 | 000,155,648 | RH-- | C] () -- C:\WINDOWS\System32\TVModeLib.dll [2006.01.24 20:17:04 | 000,034,915 | -H-- | C] () -- C:\WINDOWS\System32\1_ssetup.ini [2006.01.24 20:17:04 | 000,016,819 | -H-- | C] () -- C:\WINDOWS\System32\sunistlog.ini [2006.01.24 20:16:47 | 000,032,768 | -H-- | C] () -- C:\WINDOWS\SIS_LIB.DLL [2006.01.24 20:16:25 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\khooker.INI [2006.01.24 20:16:23 | 000,049,152 | -H-- | C] () -- C:\WINDOWS\System32\sis740.bin [2006.01.24 20:16:23 | 000,049,152 | -H-- | C] () -- C:\WINDOWS\System32\sis650.bin [2006.01.24 20:05:28 | 000,139,264 | RH-- | C] () -- C:\WINDOWS\System32\IDEproperty.dll [2006.01.12 19:39:09 | 000,056,832 | -H-- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll [2006.01.06 17:45:07 | 000,000,481 | -H-- | C] () -- C:\WINDOWS\eReg.dat [2006.01.02 22:06:56 | 000,240,640 | -H-- | C] () -- C:\WINDOWS\System32\NMOCOD.DLL [2006.01.02 22:06:56 | 000,035,328 | -H-- | C] () -- C:\WINDOWS\System32\INETWH32.DLL [2005.11.01 20:54:51 | 000,000,050 | -H-- | C] () -- C:\WINDOWS\cdplayer.ini [2005.11.01 20:37:10 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\nsreg.dat [2005.11.01 20:37:03 | 000,099,970 | -H-- | C] () -- C:\WINDOWS\UninstallFirefox.exe [2005.11.01 20:36:51 | 000,003,503 | -H-- | C] () -- C:\WINDOWS\mozver.dat [2005.10.22 09:01:10 | 000,000,432 | -H-- | C] () -- C:\WINDOWS\VIEWER.INI [2005.10.22 09:00:53 | 000,000,255 | -H-- | C] () -- C:\WINDOWS\System32\VIEWER.INI [2005.10.11 18:56:51 | 000,010,240 | -H-- | C] () -- C:\Dokumente und Einstellungen\San\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2005.10.11 18:48:00 | 000,105,292 | -H-- | C] () -- C:\WINDOWS\restart.exe [2005.10.10 10:50:36 | 000,001,004 | -H-- | C] () -- C:\WINDOWS\disney.ini [2005.07.20 15:07:00 | 001,662,976 | -H-- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2005.07.20 15:07:00 | 001,622,016 | -H-- | C] () -- C:\WINDOWS\System32\nwiz.exe [2005.07.20 15:07:00 | 001,470,464 | -H-- | C] () -- C:\WINDOWS\System32\nview.dll [2005.07.20 15:07:00 | 001,339,392 | -H-- | C] () -- C:\WINDOWS\System32\nvdspsch.exe [2005.07.20 15:07:00 | 001,019,904 | -H-- | C] () -- C:\WINDOWS\System32\nvwimg.dll [2005.07.20 15:07:00 | 000,581,632 | -H-- | C] () -- C:\WINDOWS\System32\nvhwvid.dll [2005.07.20 15:07:00 | 000,466,944 | -H-- | C] () -- C:\WINDOWS\System32\nvshell.dll [2005.07.20 15:07:00 | 000,442,368 | -H-- | C] () -- C:\WINDOWS\System32\nvappbar.exe [2005.07.20 15:07:00 | 000,425,984 | -H-- | C] () -- C:\WINDOWS\System32\keystone.exe [2005.07.20 15:07:00 | 000,286,720 | -H-- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll [2005.07.09 09:53:08 | 000,000,769 | -H-- | C] () -- C:\WINDOWS\Edofma.INI [2005.07.08 20:14:18 | 000,000,092 | -H-- | C] () -- C:\WINDOWS\CMISETUP.INI [2005.07.08 20:14:18 | 000,000,026 | -H-- | C] () -- C:\WINDOWS\CMCDPLAY.INI [2005.07.08 20:07:39 | 000,381,440 | -H-- | C] () -- C:\WINDOWS\System32\Counter.exe [2005.07.08 20:07:38 | 000,532,480 | -H-- | C] () -- C:\WINDOWS\System32\DeleteFiles.exe [2005.07.08 20:07:38 | 000,351,232 | -H-- | C] () -- C:\WINDOWS\System32\CheckPath.exe [2005.07.08 20:07:37 | 000,382,464 | -H-- | C] () -- C:\WINDOWS\System32\Restart.exe [2005.07.08 20:07:37 | 000,374,784 | -H-- | C] () -- C:\WINDOWS\System32\RunAP.exe [2005.07.08 20:02:00 | 000,073,728 | -H-- | C] () -- C:\WINDOWS\System32\waitwnd.exe [2005.07.08 20:01:59 | 000,155,648 | -H-- | C] () -- C:\WINDOWS\System32\setuplib.dll [2005.07.08 19:46:52 | 000,001,324 | -H-- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2005.07.08 19:13:56 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2005.07.08 19:03:50 | 000,022,908 | -H-- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2005.07.08 08:54:52 | 000,004,161 | -H-- | C] () -- C:\WINDOWS\ODBCINST.INI [2005.07.08 08:53:05 | 000,107,808 | -H-- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2004.08.02 15:20:40 | 000,004,569 | -H-- | C] () -- C:\WINDOWS\System32\secupd.dat [2003.07.10 21:45:46 | 000,651,264 | -H-- | C] () -- C:\WINDOWS\System32\libeay32.dll [2003.07.10 21:45:46 | 000,147,456 | -H-- | C] () -- C:\WINDOWS\System32\ssleay32.dll [2003.07.10 21:45:46 | 000,102,400 | -H-- | C] () -- C:\WINDOWS\System32\AegisI5.exe [2003.07.10 21:45:46 | 000,081,920 | -H-- | C] () -- C:\WINDOWS\System32\AegisI2.exe [2003.07.10 21:45:46 | 000,073,728 | -H-- | C] () -- C:\WINDOWS\System32\AegisI4b.exe [2001.10.22 20:26:16 | 000,049,152 | -H-- | C] () -- C:\WINDOWS\System32\hpomon05.dll [2001.10.22 20:26:16 | 000,005,361 | -H-- | C] () -- C:\WINDOWS\System32\hpolnk05.ini [2001.08.23 14:00:00 | 013,107,200 | -H-- | C] () -- C:\WINDOWS\System32\oembios.bin [2001.08.23 14:00:00 | 000,673,088 | -H-- | C] () -- C:\WINDOWS\System32\mlang.dat [2001.08.23 14:00:00 | 000,458,476 | -H-- | C] () -- C:\WINDOWS\System32\perfh007.dat [2001.08.23 14:00:00 | 000,440,684 | -H-- | C] () -- C:\WINDOWS\System32\perfh009.dat [2001.08.23 14:00:00 | 000,278,528 | -H-- | C] () -- C:\WINDOWS\ofadagak.dll [2001.08.23 14:00:00 | 000,272,128 | -H-- | C] () -- C:\WINDOWS\System32\perfi009.dat [2001.08.23 14:00:00 | 000,269,480 | -H-- | C] () -- C:\WINDOWS\System32\perfi007.dat [2001.08.23 14:00:00 | 000,218,003 | -H-- | C] () -- C:\WINDOWS\System32\dssec.dat [2001.08.23 14:00:00 | 000,084,318 | -H-- | C] () -- C:\WINDOWS\System32\perfc007.dat [2001.08.23 14:00:00 | 000,071,002 | -H-- | C] () -- C:\WINDOWS\System32\perfc009.dat [2001.08.23 14:00:00 | 000,046,258 | -H-- | C] () -- C:\WINDOWS\System32\mib.bin [2001.08.23 14:00:00 | 000,034,478 | -H-- | C] () -- C:\WINDOWS\System32\perfd007.dat [2001.08.23 14:00:00 | 000,028,626 | -H-- | C] () -- C:\WINDOWS\System32\perfd009.dat [2001.08.23 14:00:00 | 000,027,440 | -H-- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys [2001.08.23 14:00:00 | 000,004,463 | -H-- | C] () -- C:\WINDOWS\System32\oembios.dat [2001.08.23 14:00:00 | 000,001,788 | -H-- | C] () -- C:\WINDOWS\System32\dcache.bin [2001.08.23 14:00:00 | 000,000,741 | -H-- | C] () -- C:\WINDOWS\System32\noise.dat ========== LOP Check ========== [2008.07.19 17:52:32 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Armagetron [2008.12.27 12:10:35 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\BVRP Software [2009.06.21 21:19:42 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DriverScanner [2009.06.23 18:51:33 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Electronic Arts [2009.07.18 21:45:56 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MailFrontier [2010.08.25 20:47:10 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ubisoft [2009.06.21 21:18:19 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{148D8B8A-8F96-4822-81EC-D510B626B7D5} [2010.04.04 20:53:11 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521} [2009.04.18 17:52:24 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906} [2008.06.28 18:12:19 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Gast\Anwendungsdaten\ICQ Toolbar [2008.07.19 17:56:48 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\San\Anwendungsdaten\Armagetron [2009.10.16 20:44:52 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\San\Anwendungsdaten\DAEMON Tools [2008.06.25 21:02:19 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\San\Anwendungsdaten\ICQ [2008.07.04 12:04:19 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\San\Anwendungsdaten\ICQ Toolbar [2006.04.11 11:53:36 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\San\Anwendungsdaten\Robots [2009.06.21 21:18:11 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\San\Anwendungsdaten\Uniblue [2007.06.28 12:01:16 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\San\Anwendungsdaten\WengoPhone ========== Purity Check ========== ========== Custom Scans ========== < %ALLUSERSPROFILE%\Application Data\*. > < %ALLUSERSPROFILE%\Application Data\*.exe /s > < %APPDATA%\*. > [2011.04.18 21:31:03 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\San\Anwendungsdaten\Adobe [2006.11.14 19:54:06 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\San\Anwendungsdaten\AdobeUM [2010.04.05 13:22:30 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\San\Anwendungsdaten\Apple Computer [2008.07.19 17:56:48 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\San\Anwendungsdaten\Armagetron [2011.04.19 20:59:31 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\San\Anwendungsdaten\Avira [2011.03.09 23:35:59 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\San\Anwendungsdaten\CyberLink [2009.10.16 20:44:52 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\San\Anwendungsdaten\DAEMON Tools [2007.11.24 17:55:20 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\San\Anwendungsdaten\DivX [2011.04.03 14:32:55 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\San\Anwendungsdaten\dvdcss [2008.05.22 18:20:08 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\San\Anwendungsdaten\Help [2008.06.25 21:02:19 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\San\Anwendungsdaten\ICQ [2008.07.04 12:04:19 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\San\Anwendungsdaten\ICQ Toolbar [2008.02.09 15:29:38 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\San\Anwendungsdaten\Identities [2008.06.21 13:30:10 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\San\Anwendungsdaten\InstallShield [2008.03.29 14:02:53 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\San\Anwendungsdaten\Macromedia [2011.04.20 11:10:26 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\San\Anwendungsdaten\Malwarebytes [2009.12.28 20:53:31 | 000,000,000 | --SD | M] -- C:\Dokumente und Einstellungen\San\Anwendungsdaten\Microsoft [2008.08.29 17:10:07 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\San\Anwendungsdaten\Mozilla [2009.10.29 14:39:59 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\San\Anwendungsdaten\MSN6 [2010.04.10 12:37:42 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\San\Anwendungsdaten\Real [2006.04.11 11:53:36 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\San\Anwendungsdaten\Robots [2008.12.25 22:34:10 | 000,000,000 | RH-D | M] -- C:\Dokumente und Einstellungen\San\Anwendungsdaten\SecuROM [2011.03.22 16:32:30 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\San\Anwendungsdaten\Skype [2011.03.22 16:31:54 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\San\Anwendungsdaten\skypePM [2007.11.15 18:42:17 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\San\Anwendungsdaten\Sun [2007.12.21 22:01:19 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\San\Anwendungsdaten\teamspeak2 [2009.10.15 15:25:01 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\San\Anwendungsdaten\U3 [2009.06.21 21:18:11 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\San\Anwendungsdaten\Uniblue [2008.08.29 17:10:43 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\San\Anwendungsdaten\vlc [2007.06.28 12:01:16 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\San\Anwendungsdaten\WengoPhone [2010.05.18 21:30:26 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\San\Anwendungsdaten\WinRAR [2010.05.20 18:26:26 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\San\Anwendungsdaten\Xfire < %APPDATA%\*.exe /s > [2009.11.27 23:21:46 | 001,924,440 | -H-- | M] (Adobe Systems Incorporated) -- C:\Dokumente und Einstellungen\San\Anwendungsdaten\Macromedia\Flash Player\www.macromedia.com\bin\fpupdatepl\fpupdatepl.exe [2009.06.23 01:28:02 | 000,010,134 | RH-- | M] () -- C:\Dokumente und Einstellungen\San\Anwendungsdaten\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe [2007.10.23 09:27:20 | 000,110,592 | -H-- | M] () -- C:\Dokumente und Einstellungen\San\Anwendungsdaten\U3\temp\cleanup.exe [2008.05.02 10:41:48 | 003,493,888 | -H-- | M] (SanDisk Corporation) -- C:\Dokumente und Einstellungen\San\Anwendungsdaten\U3\temp\Launchpad Removal.exe < %SYSTEMDRIVE%\*.exe > < MD5 for: AGP440.SYS > [2004.08.04 02:10:00 | 018,782,319 | -H-- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys [2007.10.31 00:02:04 | 020,041,765 | -H-- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys [2004.08.04 02:10:00 | 018,782,319 | -H-- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys [2007.10.31 00:02:04 | 020,041,765 | -H-- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys [2008.04.13 20:36:38 | 000,042,368 | -H-- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\agp440.sys [2004.08.04 00:07:42 | 000,042,368 | -H-- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys [2007.10.30 18:46:46 | 000,042,368 | -H-- | M] (Microsoft Corporation) MD5=5A3254D456E574B778148E772E3C39A3 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys [2007.10.30 18:46:46 | 000,042,368 | -H-- | M] (Microsoft Corporation) MD5=5A3254D456E574B778148E772E3C39A3 -- C:\WINDOWS\system32\drivers\agp440.sys < MD5 for: ATAPI.SYS > [2004.08.04 02:10:00 | 018,782,319 | -H-- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys [2007.10.31 00:02:04 | 020,041,765 | -H-- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys [2004.08.04 02:10:00 | 018,782,319 | -H-- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys [2007.10.31 00:02:04 | 020,041,765 | -H-- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys [2007.10.30 18:41:12 | 000,096,384 | -H-- | M] (Microsoft Corporation) MD5=7BACED62B5EC373A60A05C43C6D50ECC -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys [2007.10.30 18:41:12 | 000,096,384 | -H-- | M] (Microsoft Corporation) MD5=7BACED62B5EC373A60A05C43C6D50ECC -- C:\WINDOWS\system32\drivers\atapi.sys [2008.04.13 20:40:30 | 000,096,512 | -H-- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\atapi.sys [2004.08.03 23:59:44 | 000,095,360 | -H-- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys [2004.08.03 23:59:44 | 000,095,360 | -H-- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\i386\atapi.sys < MD5 for: EVENTLOG.DLL > [2008.04.14 04:22:10 | 000,056,320 | -H-- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\eventlog.dll [2007.10.30 23:50:54 | 000,056,320 | -H-- | M] (Microsoft Corporation) MD5=8AA6AAC91EA8305655C6F8A34F89CD4D -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll [2007.10.30 23:50:54 | 000,056,320 | -H-- | M] (Microsoft Corporation) MD5=8AA6AAC91EA8305655C6F8A34F89CD4D -- C:\WINDOWS\system32\eventlog.dll [2004.08.04 01:57:20 | 000,055,808 | -H-- | M] (Microsoft Corporation) MD5=B932C077D5A65B71B4512544AC404CB4 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll < MD5 for: EXPLORER.EXE > [2004.08.04 01:57:54 | 001,035,264 | -H-- | M] (Microsoft Corporation) MD5=22FE1BE02EADDE1632E478E4125639E0 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe [2007.06.13 15:10:08 | 001,036,288 | -H-- | M] (Microsoft Corporation) MD5=331ED93570BAF3CFE30340298762CD56 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe [2008.04.14 04:22:45 | 001,036,800 | -H-- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\explorer.exe [2007.06.13 15:21:45 | 001,036,288 | -H-- | M] (Microsoft Corporation) MD5=64D320C0E301EEDC5A4ADBBDC5024F7F -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe [2007.10.30 23:51:22 | 001,036,800 | -H-- | M] (Microsoft Corporation) MD5=EA1737C741408EF7731CFDB3CC008E8F -- C:\WINDOWS\explorer.exe [2007.10.30 23:51:22 | 001,036,800 | -H-- | M] (Microsoft Corporation) MD5=EA1737C741408EF7731CFDB3CC008E8F -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe < MD5 for: NETLOGON.DLL > [2008.04.14 04:22:19 | 000,407,040 | -H-- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\netlogon.dll [2007.10.30 23:51:02 | 000,407,040 | -H-- | M] (Microsoft Corporation) MD5=CA0153B289A975BD929E775937985297 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll [2007.10.30 23:51:02 | 000,407,040 | -H-- | M] (Microsoft Corporation) MD5=CA0153B289A975BD929E775937985297 -- C:\WINDOWS\system32\netlogon.dll [2004.08.04 01:57:32 | 000,407,040 | -H-- | M] (Microsoft Corporation) MD5=D27395EDCD3416AFD125A9370DCB585C -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll [2009.02.06 20:46:10 | 000,408,064 | -H-- | M] (Microsoft Corporation) MD5=ED4BBAD725A21632FB205452749FC8F5 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll [2009.02.06 20:46:10 | 000,408,064 | -H-- | M] (Microsoft Corporation) MD5=ED4BBAD725A21632FB205452749FC8F5 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll < MD5 for: SCECLI.DLL > [2007.10.30 23:51:06 | 000,187,904 | -H-- | M] (Microsoft Corporation) MD5=12430BE9812C5767FFC135473A02C103 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll [2007.10.30 23:51:06 | 000,187,904 | -H-- | M] (Microsoft Corporation) MD5=12430BE9812C5767FFC135473A02C103 -- C:\WINDOWS\system32\scecli.dll [2008.04.14 04:22:23 | 000,187,904 | -H-- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\scecli.dll [2004.08.04 01:57:34 | 000,186,880 | -H-- | M] (Microsoft Corporation) MD5=64DC26B3CF7BCCAD431CE360A4C625D5 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll < MD5 for: USER32.DLL > [2005.03.02 20:09:46 | 000,578,560 | -H-- | M] (Microsoft Corporation) MD5=3751D7CF0E0A113D84414992146BCE6A -- C:\WINDOWS\$NtUninstallKB925902$\user32.dll [2007.03.08 17:36:30 | 000,579,072 | -H-- | M] (Microsoft Corporation) MD5=492E166CFD26A50FB9160DB536FF7D2B -- C:\WINDOWS\$NtServicePackUninstall$\user32.dll [2005.03.02 20:19:56 | 000,578,560 | -H-- | M] (Microsoft Corporation) MD5=4C90159A69A5FD3EB39C71411F28FCFF -- C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\user32.dll [2004.08.04 01:57:38 | 000,578,560 | -H-- | M] (Microsoft Corporation) MD5=56785FD5236D7B22CF471A6DA9DB46D8 -- C:\WINDOWS\$NtUninstallKB890859$\user32.dll [2007.03.08 17:48:39 | 000,579,584 | -H-- | M] (Microsoft Corporation) MD5=78785EFF8CB90CEC1862A4CCFD9A3C3A -- C:\WINDOWS\$hf_mig$\KB925902\SP2QFE\user32.dll [2008.04.14 04:22:31 | 000,580,096 | -H-- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\user32.dll [2007.10.30 23:51:10 | 000,580,096 | -H-- | M] (Microsoft Corporation) MD5=FD4C4BA5F711A94A3C78F9B686009B93 -- C:\WINDOWS\ServicePackFiles\i386\user32.dll [2007.10.30 23:51:10 | 000,580,096 | -H-- | M] (Microsoft Corporation) MD5=FD4C4BA5F711A94A3C78F9B686009B93 -- C:\WINDOWS\system32\user32.dll < MD5 for: USERINIT.EXE > [2007.10.30 23:51:38 | 000,026,624 | -H-- | M] (Microsoft Corporation) MD5=3E4E5F43834CDBA04A8870D8F8AB4C93 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe [2007.10.30 23:51:38 | 000,026,624 | -H-- | M] (Microsoft Corporation) MD5=3E4E5F43834CDBA04A8870D8F8AB4C93 -- C:\WINDOWS\system32\userinit.exe [2008.04.14 04:23:03 | 000,026,624 | -H-- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\userinit.exe [2004.08.04 01:58:18 | 000,025,088 | -H-- | M] (Microsoft Corporation) MD5=D1E53DC57143F2584B1DD53B036C0633 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe < MD5 for: VIAMRAID.SYS > [2005.04.26 05:22:40 | 000,060,928 | RH-- | M] (VIA Technologies inc,.ltd) MD5=0363E216E4EB5052969C96608934DBDE -- C:\WINDOWS\system32\drivers\viamraid.sys < MD5 for: WINLOGON.EXE > [2004.08.04 01:58:20 | 000,507,392 | -H-- | M] (Microsoft Corporation) MD5=2B6A0BAF33A9918F09442D873848FF72 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe [2007.10.30 23:51:40 | 000,513,024 | -H-- | M] (Microsoft Corporation) MD5=AE88EA45B54F40F99A0A5EF7F3EC240C -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe [2007.10.30 23:51:40 | 000,513,024 | -H-- | M] (Microsoft Corporation) MD5=AE88EA45B54F40F99A0A5EF7F3EC240C -- C:\WINDOWS\system32\winlogon.exe [2008.04.14 04:23:05 | 000,513,024 | -H-- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\winlogon.exe < MD5 for: WS2IFSL.SYS > [2001.08.23 14:00:00 | 000,012,032 | -H-- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\dllcache\ws2ifsl.sys [2001.08.23 14:00:00 | 000,012,032 | -H-- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\drivers\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > [2008.01.22 16:50:42 | 000,715,248 | -H-- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys [1 C:\WINDOWS\system32\drivers\*.tmp files -> C:\WINDOWS\system32\drivers\*.tmp -> ] < %systemroot%\System32\config\*.sav > [2006.12.01 19:39:43 | 000,270,336 | -H-- | M] () -- C:\WINDOWS\system32\config\default.sav [2006.12.01 18:34:22 | 000,262,144 | -H-- | M] () -- C:\WINDOWS\system32\config\security.sav [2006.12.01 19:39:43 | 010,485,760 | -H-- | M] () -- C:\WINDOWS\system32\config\software.sav [2006.12.01 19:39:45 | 003,932,160 | -H-- | M] () -- C:\WINDOWS\system32\config\system.sav < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ] < End of report > |
| Themen zu Trojaner TR/kazy.mekml.1 (laut AntiVir) ? |
| antivir, anzeige, anzeigen, computer, dateien, desktop, explorer, fehlermeldungen, festplatte, folge, grau, icons, ordner, platte, schonmal, script, service, service pack 3, systemsteuerung, trojaner, windows, windows xp |
Baum-Darstellung