Trojaner-Board
Seite 2 von 4 1 2 34
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Bitte um Hilfe, ie und mozilla sehr langsam etc (https://www.trojaner-board.de/78126-bitte-um-hilfe-ie-mozilla-sehr-langsam-etc.html)

maulwurf123 11.10.2009 14:58
OTL logfile created on: 11.10.2009 15:46:47 - Run 1
OTL by OldTimer - Version 3.0.19.0 Folder = C:\Dokumente und Einstellungen\Wagner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

1022,04 Mb Total Physical Memory | 599,07 Mb Available Physical Memory | 58,62% Memory free
2,40 Gb Paging File | 2,08 Gb Available in Paging File | 86,53% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 54,46 Gb Total Space | 20,00 Gb Free Space | 36,72% Space Free | Partition Type: FAT32
Drive D: | 50,80 Gb Total Space | 37,27 Gb Free Space | 73,35% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ACER-0C7D612F1B
Current User Name: Wagner
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Acer\Empowering Technology\admServ.exe (Avocent Inc.)
PRC - C:\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Incorporated)
PRC - C:\Dokumente und Einstellungen\Wagner\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe (Cyberlink)
PRC - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe (Cyberlink)
PRC - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe ()
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\CyberLink\Shared Files\RichVideo.exe ()
PRC - C:\Programme\Gemeinsame Dateien\aol\ACS\AOLacsd.exe (America Online, Inc.)
PRC - C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
PRC - c:\programme\gemeinsame dateien\logitech\lvmvfm\LVPrcSrv.exe (Logitech)
PRC - C:\Programme\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation)
PRC - C:\Programme\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation)
PRC - C:\Programme\Intel\Wireless\Bin\S24EvMon.exe (Intel Corporation )
PRC - C:\Programme\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
PRC - C:\WINDOWS\System32\FsUsbExService.Exe (Teruten)
PRC - C:\WINDOWS\System32\nvsvc32.exe (NVIDIA Corporation)
PRC - C:\WINDOWS\System32\wbem\unsecapp.exe (Microsoft Corporation)
PRC - C:\WINDOWS\System32\wbem\wmiprvse.exe (Microsoft Corporation)

========== Win32 Services (SafeList) ==========

SRV - (AntiVirSchedulerService [Auto | Running]) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AntiVirService [Auto | Running]) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AOL ACS [Auto | Running]) -- C:\Programme\Gemeinsame Dateien\aol\ACS\AOLacsd.exe (America Online, Inc.)
SRV - (aspnet_state [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation)
SRV - (AWService [Auto | Running]) -- C:\Acer\Empowering Technology\admServ.exe (Avocent Inc.)
SRV - (CLCapSvc [Auto | Running]) -- C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe ()
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (CLSched [Auto | Stopped]) -- C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe ()
SRV - (CyberLink Media Library Service [Auto | Running]) -- C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe (Cyberlink)
SRV - (EvtEng [Auto | Running]) -- C:\Programme\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation)
SRV - (FontCache3.0.0.0 [On_Demand | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (FsUsbExService [Auto | Running]) -- C:\WINDOWS\System32\FsUsbExService.Exe (Teruten)
SRV - (getPlusHelper [On_Demand | Stopped]) -- C:\Programme\NOS\bin\getPlus_Helper.dll (NOS Microsystems Ltd.)
SRV - (gusvc [Auto | Stopped]) -- C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe (Google)
SRV - (helpsvc [Auto | Running]) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (idsvc [Unknown | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (Irmon [Auto | Running]) -- C:\WINDOWS\System32\irmon.dll (Microsoft Corporation)
SRV - (JavaQuickStarterService [Auto | Running]) -- C:\Programme\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
SRV - (LightScribeService [Auto | Running]) -- C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
SRV - (LVPrcSrv [Auto | Running]) -- c:\programme\gemeinsame dateien\logitech\lvmvfm\LVPrcSrv.exe (Logitech)
SRV - (NetTcpPortSharing [Disabled | Stopped]) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (NVSvc [Auto | Running]) -- C:\WINDOWS\System32\nvsvc32.exe (NVIDIA Corporation)
SRV - (ose [On_Demand | Stopped]) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (RegSrvc [Auto | Running]) -- C:\Programme\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation)
SRV - (RichVideo [Auto | Running]) -- C:\Programme\CyberLink\Shared Files\RichVideo.exe ()
SRV - (S24EventMonitor [Auto | Running]) -- C:\Programme\Intel\Wireless\Bin\S24EvMon.exe (Intel Corporation )
SRV - (ServiceLayer [On_Demand | Stopped]) -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
SRV - (WMPNetworkSvc [On_Demand | Stopped]) -- C:\Programme\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (AegisP [Auto | Running]) -- C:\WINDOWS\System32\DRIVERS\AegisP.sys (Meetinghouse Data Communications)
DRV - (AliIde [Boot | Stopped]) -- C:\WINDOWS\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (amdagp [Boot | Stopped]) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys (Advanced Micro Devices, Inc.)
DRV - (asc [Boot | Stopped]) -- C:\WINDOWS\system32\DRIVERS\asc.sys (Advanced System Products, Inc.)
DRV - (asc3550 [Boot | Stopped]) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys (Advanced System Products, Inc.)
DRV - (avgio [System | Running]) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (avgntflt [Auto | Running]) -- C:\WINDOWS\System32\DRIVERS\avgntflt.sys (Avira GmbH)
DRV - (avipbb [System | Running]) -- C:\WINDOWS\System32\DRIVERS\avipbb.sys (Avira GmbH)
DRV - (b57w2k [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\b57xp32.sys (Broadcom Corporation)
DRV - (bcm4sbxp [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\bcm4sbxp.sys (Broadcom Corporation)
DRV - (CmdIde [Boot | Stopped]) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (dac2w2k [Boot | Stopped]) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys (Mylex Corporation)
DRV - (DKbFltr [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\DKbFltr.sys (Dritek System Inc.)
DRV - (EMSCR [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\EMS7SK.sys (ENE Technology Inc.)
DRV - (EpmPsd [Auto | Running]) -- C:\WINDOWS\System32\drivers\epm-psd.sys (Acer Value Labs, USA)
DRV - (EpmShd [Auto | Running]) -- C:\WINDOWS\System32\drivers\epm-shd.sys (Acer Value Labs, USA)
DRV - (ESDCR [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\ESD7SK.sys (ENE Technology Inc.)
DRV - (ESMCR [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\ESM7SK.sys (ENE Technology Inc.)
DRV - (FsUsbExDisk [On_Demand | Running]) -- C:\WINDOWS\System32\FsUsbExDisk.SYS ()
DRV - (HDAudBus [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\HDAudBus.sys (Windows (R) Server 2003 DDK provider)
DRV - (HSF_DPV [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\HSF_DPV.sys (Conexant Systems, Inc.)
DRV - (HSFHWAZL [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\HSFHWAZL.sys (Conexant Systems, Inc.)
DRV - (ialm [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\ialmnt5.sys (Intel Corporation)
DRV - (IntcAzAudAddService [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (lv321av [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\lv321av.sys (Logitech)
DRV - (lvmvdrv [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\lvmvdrv.sys ()
DRV - (LVPrcMon [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\LVPrcMon.sys ()
DRV - (LVUSBSta [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\lvusbsta.sys (Logitech)
DRV - (mdmxsdk [Auto | Running]) -- C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys (Conexant)
DRV - (mraid35x [Boot | Stopped]) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys (American Megatrends Inc.)
DRV - (NdisFilt [On_Demand | Stopped]) -- C:\WINDOWS\System32\Drivers\NdisFilt.sys (OSA Technologies)
DRV - (NETMNT [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\NETMNT.sys ()
DRV - (NTIDrvr [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\NTIDrvr.sys (NewTech Infosystems, Inc.)
DRV - (nv [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\nv4_mini.sys (NVIDIA Corporation)
DRV - (OsaFsLoc [System | Running]) -- C:\WINDOWS\System32\drivers\OsaFsLoc.sys (OSA Technologies)
DRV - (osaio [Auto | Running]) -- C:\WINDOWS\System32\drivers\osaio.sys (OSA Technologies, An Avocent Company)
DRV - (osanbm [Auto | Running]) -- C:\WINDOWS\System32\drivers\osanbm.sys (Windows (R) 2000 DDK provider)
DRV - (pccsmcfd [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\pccsmcfd.sys (Nokia)
DRV - (Ptilink [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys (Parallel Technologies, Inc.)
DRV - (PxHelp20 [Boot | Running]) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (ql1080 [Boot | Stopped]) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys (QLogic Corporation)
DRV - (ql12160 [Boot | Stopped]) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys (QLogic Corporation)
DRV - (ql1280 [Boot | Stopped]) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys (QLogic Corporation)
DRV - (s24trans [Auto | Running]) -- C:\WINDOWS\System32\DRIVERS\s24trans.sys (Intel Corporation)
DRV - (Secdrv [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (sisagp [Boot | Stopped]) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys (Silicon Integrated Systems Corporation)
DRV - (SMCIRDA [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\smcirda.sys (SMSC)
DRV - (Sparrow [Boot | Stopped]) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys (Adaptec, Inc.)
DRV - (sscdbus [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\sscdbus.sys (MCCI Corporation)
DRV - (sscdmdfl [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\sscdmdfl.sys (MCCI Corporation)
DRV - (sscdmdm [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\sscdmdm.sys (MCCI Corporation)
DRV - (sscdserd [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\sscdserd.sys (MCCI Corporation)
DRV - (ssmdrv [System | Running]) -- C:\WINDOWS\System32\DRIVERS\ssmdrv.sys (Avira GmbH)
DRV - (sym_hi [Boot | Stopped]) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys (LSI Logic)
DRV - (sym_u3 [Boot | Stopped]) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys (LSI Logic)
DRV - (symc810 [Boot | Stopped]) -- C:\WINDOWS\system32\DRIVERS\symc810.sys (Symbios Logic Inc.)
DRV - (symc8xx [Boot | Stopped]) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys (LSI Logic)
DRV - (SynTP [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\SynTP.sys (Synaptics, Inc.)
DRV - (UBHelper [Boot | Running]) -- C:\WINDOWS\System32\drivers\UBHelper.sys ()
DRV - (ultra [Boot | Stopped]) -- C:\WINDOWS\system32\DRIVERS\ultra.sys (Promise Technology, Inc.)
DRV - (usbbus [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\lgusbbus.sys (LG Electronics Inc.)
DRV - (UsbDiag [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\lgusbdiag.sys (LG Electronics Inc.)
DRV - (USBModem [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\lgusbmodem.sys (LG Electronics Inc.)
DRV - (w39n51 [On_Demand | Stopped]) -- C:\WINDOWS\System32\DRIVERS\w39n51.sys (Intel® Corporation)
DRV - (wanatw [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\wanatw4.sys (America Online, Inc.)
DRV - (winachsf [On_Demand | Running]) -- C:\WINDOWS\System32\DRIVERS\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (WinDriver6 [On_Demand | Running]) -- C:\WINDOWS\System32\drivers\windrvr6.sys (Jungo)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "kino.to"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:9.0.0.463
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.3
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_results.php?ch_id=afex&q="
FF - prefs.js..network.proxy.type: 2


FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Programme\Java\jre6\lib\deploy\jqs\ff [2009.03.11 15:36:46 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009.08.10 06:53:00 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Components: C:\Programme\Mozilla Firefox\components [2008.12.25 11:15:12 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2008.12.25 11:15:12 | 00,000,000 | ---D | M]

[2008.10.09 23:27:02 | 00,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Wagner\Anwendungsdaten\mozilla\Extensions
[2008.10.09 23:27:02 | 00,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Wagner\Anwendungsdaten\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2008.10.09 23:27:02 | 00,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Wagner\Anwendungsdaten\mozilla\Firefox\Profiles\aekxxpdq.default\extensions
[2009.09.03 18:07:02 | 00,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Wagner\Anwendungsdaten\mozilla\Firefox\Profiles\aekxxpdq.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009.09.11 20:40:34 | 00,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Wagner\Anwendungsdaten\mozilla\Firefox\Profiles\aekxxpdq.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009.09.25 07:53:38 | 00,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Wagner\Anwendungsdaten\Mozilla\FireFox\Profiles\aekxxpdq.default\searchplugins\icqplugin-1.xml
[2009.09.28 07:57:40 | 00,000,944 | ---- | M] () -- C:\Dokumente und Einstellungen\Wagner\Anwendungsdaten\Mozilla\FireFox\Profiles\aekxxpdq.default\searchplugins\icqplugin.xml
[2009.10.09 21:57:38 | 00,000,961 | ---- | M] () -- C:\Dokumente und Einstellungen\Wagner\Anwendungsdaten\Mozilla\FireFox\Profiles\aekxxpdq.default\searchplugins\icqplugin-2.xml
[2008.12.25 11:15:12 | 00,000,000 | ---D | M] -- C:\Programme\mozilla firefox\extensions
[2009.07.14 19:45:34 | 00,000,000 | ---D | M] -- C:\Programme\mozilla firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2009.10.02 21:32:56 | 00,000,000 | ---D | M] -- C:\Programme\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009.03.11 15:37:00 | 00,000,000 | ---D | M] -- C:\Programme\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
[2009.08.12 20:18:18 | 00,000,000 | ---D | M] -- C:\Programme\mozilla firefox\extensions\linkfilter@kaspersky.ru
[2009.08.24 22:17:30 | 00,023,544 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browserdirprovider.dll
[2009.08.24 22:17:30 | 00,137,208 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\brwsrcmp.dll
[2003.07.14 22:56:52 | 00,013,888 | ---- | M] (Microsoft Corporation) -- C:\Programme\mozilla firefox\plugins\NPOFFICE.DLL
[2008.12.05 22:52:44 | 00,114,688 | ---- | M] (Adobe Systems, Inc.) -- C:\Programme\mozilla firefox\plugins\np32dsw.dll
[2008.07.04 12:31:06 | 00,214,272 | ---- | M] (Midasplayer Ltd) -- C:\Programme\mozilla firefox\plugins\npmidas.dll
[2009.03.11 15:36:44 | 00,410,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\mozilla firefox\plugins\npdeploytk.dll
[2009.08.24 22:17:30 | 00,065,016 | ---- | M] (mozilla.org) -- C:\Programme\mozilla firefox\plugins\npnul32.dll
[2009.08.24 21:25:20 | 00,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2009.08.24 21:25:20 | 00,002,344 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2009.08.24 21:25:20 | 00,002,371 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\google.xml
[2009.08.24 21:25:20 | 00,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2009.08.24 21:25:20 | 00,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2009.08.24 21:25:20 | 00,000,801 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml

maulwurf123 11.10.2009 15:03
O1 HOSTS File: (335311 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 11488 more lines...
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\System32\eDStoolbar.dll (HiTRUST)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O4 - HKLM..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Incorporated)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetActiveDesktop = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Maulwurf\Office 11\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Programme\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Maulwurf\Office 11\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Maulwurf\icq\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Maulwurf\icq\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\System32\wshbth.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\System32\rsvpsp.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 57 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 57 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6796.cab (Windows Live Safety Center Base Module)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab (get_atlcom Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 83.169.185.33 83.169.185.97
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\320d180e651: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.08.25 07:43:32 | 00,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found

========== Files/Folders - Created Within 30 Days ==========

[2 C:\WINDOWS\*.tmp files]
[2009.10.11 00:51:15 | 00,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Lavasoft
[2009.10.05 19:39:18 | 00,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2009.10.11 00:51:18 | 00,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\nView_Profiles
[2009.10.02 00:39:21 | 00,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Wagner\Anwendungsdaten\GlarySoft
[2009.10.11 00:52:51 | 00,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Wagner\Anwendungsdaten\Malwarebytes
[2009.09.12 20:56:53 | 00,000,000 | ---D | C] -- C:\Programme\Avira
[2009.10.11 00:52:50 | 00,000,000 | ---D | C] -- C:\Programme\CCleaner
[2009.10.11 00:51:18 | 00,000,000 | ---D | C] -- C:\Programme\Free Download Manager
[2009.10.02 00:37:42 | 00,000,000 | ---D | C] -- C:\Programme\Glary Utilities
[2009.10.01 10:33:45 | 00,000,000 | ---D | C] -- C:\Programme\RegCleaner
[2009.10.11 00:51:18 | 00,000,000 | ---D | C] -- C:\Programme\Software Informer
[2009.10.11 00:51:18 | 00,000,000 | ---D | C] -- C:\Programme\SystemRequirementsLab
[2009.10.05 19:41:50 | 00,000,000 | ---D | C] -- C:\Programme\trend micro
[2009.10.01 23:00:59 | 00,000,000 | ---D | C] -- C:\Programme\Windows Live Safety Center
[2009.10.11 15:44:50 | 00,520,192 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Wagner\Desktop\OTL.exe
[2009.10.11 15:37:19 | 00,000,000 | ---D | C] -- C:\Avenger
[2009.10.11 14:39:24 | 00,401,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\CF4870.exe
[2009.10.11 14:39:24 | 00,000,000 | --SD | C] -- C:\coFix
[2009.10.11 14:30:41 | 00,401,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\CF18504.exe
[2009.10.11 14:06:05 | 00,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Wagner\Desktop\FixPolicies
[2009.10.11 00:52:16 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\de
[2009.10.11 00:52:16 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2009.10.11 00:51:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\EHome
[2009.10.10 22:17:14 | 00,401,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\CF7767.exe
[2009.10.10 21:37:11 | 00,401,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\CF31208.exe
[2009.10.10 20:48:48 | 00,401,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\CF4314.exe
[2009.10.10 20:29:00 | 00,401,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\CF23385.exe
[2009.10.10 20:07:58 | 00,000,000 | -HSD | C] -- C:\FOUND.018
[2009.10.10 20:01:28 | 00,000,000 | RHSD | C] -- C:\cmdcons
[2009.10.10 19:52:59 | 00,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2009.10.10 19:52:59 | 00,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.EXE
[2009.10.10 19:52:59 | 00,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2009.10.10 19:52:59 | 00,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2009.10.10 19:52:54 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009.10.10 19:52:52 | 00,401,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\CF11799.exe
[2009.10.10 19:52:27 | 00,000,000 | ---D | C] -- C:\Qoobox
[2009.10.10 13:05:31 | 00,000,000 | ---D | C] -- C:\Lop SD
[2009.10.08 20:15:45 | 00,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Wagner\Desktop\fegfs
[2009.10.08 15:29:04 | 00,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Wagner\Desktop\fussball lieder
[2009.10.05 19:41:49 | 00,000,000 | ---D | C] -- C:\rsit
[2009.10.04 23:26:34 | 00,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2009.10.04 23:04:12 | 00,121,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbvideo.sys
[2009.10.04 23:04:12 | 00,014,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\wacompen.sys
[2009.10.04 23:04:12 | 00,011,325 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\vchnt5.dll
[2009.10.04 23:04:11 | 00,286,792 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slextspk.dll
[2009.10.04 23:04:11 | 00,188,508 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slgen.dll
[2009.10.04 23:04:11 | 00,073,832 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slcoinst.dll
[2009.10.04 23:04:11 | 00,073,796 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slserv.exe
[2009.10.04 23:04:11 | 00,044,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\uagp35.sys
[2009.10.04 23:04:11 | 00,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slrundll.exe
[2009.10.04 23:04:11 | 00,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\slrundll.exe
[2009.10.04 23:04:11 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usb8023x.sys
[2009.10.04 23:04:11 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sffp_mmc.sys
[2009.10.04 23:04:11 | 00,005,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\smbali.sys
[2009.10.04 23:04:11 | 00,003,901 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\siint5.dll
[2009.10.04 23:04:10 | 00,397,056 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\s3gnb.dll
[2009.10.04 23:04:10 | 00,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismpx.sys
[2009.10.04 23:04:08 | 01,737,856 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\mtxparhd.dll
[2009.10.04 23:04:08 | 00,012,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mutohpen.sys
[2009.10.04 23:04:07 | 00,032,285 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\hsfcisp2.dll
[2009.10.04 23:04:06 | 00,046,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\gagp30kx.sys
[2009.10.04 23:04:06 | 00,025,856 | ---- | C] (Microsoft Corporation) --

maulwurf123 11.10.2009 15:05
C:\WINDOWS\System32\drivers\hidbth.sys
[2009.10.04 23:04:06 | 00,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidir.sys
[2009.10.04 23:04:05 | 00,516,768 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ativvaxx.dll
[2009.10.04 23:04:05 | 00,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthmodem.sys
[2009.10.04 23:04:05 | 00,036,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthprint.sys
[2009.10.04 23:04:05 | 00,032,768 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativtmxx.dll
[2009.10.04 23:04:05 | 00,025,471 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv04nt5.dll
[2009.10.04 23:04:05 | 00,023,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativmvxx.ax
[2009.10.04 23:04:05 | 00,021,183 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv01nt5.dll
[2009.10.04 23:04:05 | 00,017,279 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv10nt5.dll
[2009.10.04 23:04:05 | 00,015,423 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\ch7xxnt5.dll
[2009.10.04 23:04:05 | 00,014,143 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv06nt5.dll
[2009.10.04 23:04:05 | 00,011,359 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv02nt5.dll
[2009.10.04 23:04:05 | 00,009,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativdaxx.ax
[2009.10.04 23:04:04 | 01,888,992 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3duag.dll
[2009.10.04 23:04:04 | 00,870,784 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3d1ag.dll
[2009.10.04 23:04:04 | 00,377,984 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvaa.dll
[2009.10.04 23:04:04 | 00,229,376 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2cqag.dll
[2009.10.04 23:04:04 | 00,201,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvag.dll
[2009.10.04 23:04:01 | 00,003,775 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv11nt5.dll
[2009.10.04 23:04:01 | 00,003,711 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv09nt5.dll
[2009.10.04 23:04:00 | 00,685,056 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\drivers\hsfcxts2.sys
[2009.10.04 23:04:00 | 00,104,960 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinrvxx.sys
[2009.10.04 23:04:00 | 00,036,463 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1tuxx.sys
[2009.10.04 23:04:00 | 00,031,744 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxbxx.sys
[2009.10.04 23:04:00 | 00,028,672 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinsnxx.sys
[2009.10.04 23:04:00 | 00,013,240 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slwdmsup.sys
[2009.10.04 23:04:00 | 00,011,935 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv11nt.sys
[2009.10.04 23:04:00 | 00,004,255 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv01nt5.dll
[2009.10.04 23:04:00 | 00,003,967 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv02nt5.dll
[2009.10.04 23:04:00 | 00,003,647 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv07nt5.dll
[2009.10.04 23:04:00 | 00,003,615 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv05nt5.dll
[2009.10.04 23:04:00 | 00,003,135 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv08nt5.dll
[2009.10.04 23:03:59 | 01,309,184 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlstrm.sys
[2009.10.04 23:03:59 | 00,220,032 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\drivers\hsfbs2s2.sys
[2009.10.04 23:03:59 | 00,073,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atintuxx.sys
[2009.10.04 23:03:59 | 00,022,271 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv06nt.sys
[2009.10.04 23:03:58 | 00,701,952 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtag.sys
[2009.10.04 23:03:58 | 00,056,623 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1btxx.sys
[2009.10.04 23:03:58 | 00,013,776 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\recagent.sys
[2009.10.04 23:03:57 | 00,404,990 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slntamr.sys
[2009.10.04 23:03:57 | 00,327,168 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtaa.sys
[2009.10.04 23:03:57 | 00,180,360 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys
[2009.10.04 23:03:57 | 00,126,686 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys
[2009.10.04 23:03:57 | 00,057,856 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinbtxx.sys
[2009.10.04 23:03:57 | 00,034,735 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xsxx.sys
[2009.10.04 23:03:57 | 00,011,807 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv07nt.sys
[2009.10.04 23:03:56 | 00,452,736 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\drivers\mtxparhm.sys
[2009.10.04 23:03:56 | 00,166,912 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\drivers\s3gnbm.sys
[2009.10.04 23:03:56 | 00,095,424 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnthal.sys
[2009.10.04 23:03:56 | 00,063,488 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxsxx.sys
[2009.10.04 23:03:56 | 00,052,224 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinraxx.sys
[2009.10.04 23:03:56 | 00,030,671 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1raxx.sys
[2009.10.04 23:03:56 | 00,025,471 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv10nt.sys
[2009.10.04 23:03:56 | 00,021,343 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1ttxx.sys
[2009.10.04 23:03:56 | 00,012,047 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1pdxx.sys
[2009.10.04 23:03:56 | 00,011,615 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1mdxx.sys
[2009.10.04 23:03:56 | 00,011,295 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv08nt.sys
[2009.10.04 23:03:55 | 01,041,536 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\drivers\hsfdpsp2.sys
[2009.10.04 23:03:55 | 00,129,535 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnt7554.sys
[2009.10.04 23:03:55 | 00,063,663 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1rvxx.sys
[2009.10.04 23:03:55 | 00,029,455 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xbxx.sys
[2009.10.04 23:03:55 | 00,026,367 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1snxx.sys
[2009.10.04 23:03:55 | 00,014,336 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinpdxx.sys
[2009.10.04 23:03:55 | 00,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinttxx.sys
[2009.10.04 23:03:55 | 00,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinmdxx.sys
[2009.10.04 23:03:55 | 00,011,871 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv09nt.sys
[2009.10.03 08:45:44 | 00,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Wagner\Desktop\Döner
[2009.10.02 22:32:18 | 00,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Wagner\Eigene Dateien\Downloads
[2009.10.01 20:46:32 | 00,000,000 | -H-D | C] -- C:\WINDOWS\msdownld.tmp
[2009.10.01 20:46:30 | 00,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Wagner\Desktop\san
[2009.10.01 08:37:13 | 00,515,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_5.dll
[2009.10.01 08:37:12 | 01,974,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_42.dll
[2009.10.01 08:37:12 | 00,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_5.dll
[2009.10.01 08:37:11 | 05,501,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_42.dll
[2009.10.01 08:37:11 | 00,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_42.dll
[2009.10.01 08:37:11 | 00,235,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_42.dll
[2009.10.01 08:37:10 | 01,892,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_42.dll
[2009.10.01 08:37:10 | 01,846,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_41.dll
[2009.10.01 08:37:10 | 00,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_41.dll
[2009.10.01 08:37:09 | 04,178,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_41.dll
[2009.10.01 08:37:09 | 00,517,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_4.dll
[2009.10.01 08:37:09 | 00,069,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_3.dll
[2009.10.01 08:37:08 | 00,235,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_4.dll
[2009.10.01 08:37:08 | 00,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_6.dll
[2009.10.01 08:37:07 | 04,379,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_40.dll
[2009.10.01 08:37:07 | 02,036,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_40.dll
[2009.10.01 08:37:07 | 00,514,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_3.dll
[2009.10.01 08:37:07 | 00,452,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_40.dll
[2009.10.01 08:37:07 | 00,070,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_2.dll
[2009.10.01 08:37:06 | 00,509,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_2.dll
[2009.10.01 08:37:06 | 00,235,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_3.dll
[2009.10.01 08:37:06 | 00,068,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_1.dll
[2009.10.01 08:37:06 | 00,023,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_5.dll
[2009.10.01 08:37:05 | 01,493,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_39.dll
[2009.10.01 08:37:05 | 00,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_39.dll
[2009.10.01 08:37:05 | 00,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_2.dll
[2009.10.01 08:37:04 | 03,851,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_39.dll
[2009.10.01 08:37:04 | 00,507,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_1.dll
[2009.10.01 08:37:04 | 00,065,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_0.dll
[2009.10.01 08:37:03 | 00,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_1.dll
[2009.10.01 08:37:03 | 00,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_4.dll
[2009.10.01 08:37:01 | 01,491,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_38.dll
[2009.10.01 08:37:01 | 00,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_38.dll
[2009.10.01 08:37:00 | 03,850,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_38.dll
[2009.10.01 07:50:58 | 00,000,000 | ---D | C] -- C:\WINDOWS\Logs
[2009.09.29 22:03:33 | 00,100,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iecompat.dll
[2009.09.29 22:03:21 | 00,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2009.09.29 22:03:12 | 00,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieproxy.dll[2009.09.29 22:03:12 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpshims.dll
[2009.09.29 22:00:43 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ieencode.dll
[2009.09.29 22:00:43 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieencode.dll
[2009.09.24 12:25:06 | 00,000,000 | -HSD | C] -- C:\FOUND.017
[2009.09.21 18:45:20 | 00,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Wagner\Desktop\caddy
[2009.09.12 20:56:55 | 00,096,104 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2009.09.12 20:56:55 | 00,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2009.09.12 20:56:55 | 00,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2009.09.12 20:56:55 | 00,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2009.09.12 12:02:15 | 00,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Wagner\Desktop\gerdy
[2009.09.11 22:09:45 | 00,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Wagner\Desktop\av2========== Files - Modified Within 30 Days ==========

[2 C:\WINDOWS\*.tmp files]
[2009.10.11 15:45:38 | 00,520,192 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Wagner\Desktop\OTL.exe
[2009.10.11 15:41:00 | 00,001,044 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2009.10.11 15:40:52 | 00,051,048 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2009.10.11 15:40:40 | 00,000,308 | ---- | M] () -- C:\WINDOWS\tasks\GlaryInitialize.job
[2009.10.11 15:40:36 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009.10.11 15:40:32 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009.10.11 15:40:26 | 10,717,63456 | -HS- | M] () -- C:\hiberfil.sys
[2009.10.11 15:36:58 | 00,000,012 | ---- | M] () -- C:\WINDOWS\bthservsdp.dat
[2009.10.11 15:35:26 | 00,731,136 | ---- | M] () -- C:\Dokumente und Einstellungen\Wagner\Desktop\gehweg.exe
[2009.10.11 14:39:14 | 00,401,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\CF4870.exe
[2009.10.11 14:39:00 | 03,329,980 | R--- | M] () -- C:\Dokumente und Einstellungen\Wagner\Desktop\coFix.exe
[2009.10.11 14:30:38 | 00,401,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\CF18504.exe
[2009.10.11 14:05:32 | 00,169,398 | ---- | M] () -- C:\Dokumente und Einstellungen\Wagner\Desktop\FixPolicies.exe
[2009.10.11 00:19:00 | 00,290,816 | ---- | M] () -- C:\Dokumente und Einstellungen\Wagner\Desktop\duhsvczr.exe
[2009.10.10 22:16:58 | 00,401,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\CF7767.exe
[2009.10.10 21:37:06 | 00,401,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\CF31208.exe
[2009.10.10 21:18:58 | 00,000,202 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009.10.10 20:48:30 | 00,401,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\CF4314.exe
[2009.10.10 20:28:56 | 00,401,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\CF23385.exe
[2009.10.10 20:01:32 | 00,000,281 | RHS- | M] () -- C:\boot.ini
[2009.10.10 19:52:24 | 00,401,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\CF11799.exe
[2009.10.09 13:37:00 | 00,000,458 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2009.10.07 22:20:00 | 01,053,385 | ---- | M] () -- C:\Dokumente und Einstellungen\Wagner\Desktop\2009-10-07 11.29.59.jpg
[2009.10.07 22:19:58 | 00,861,863 | ---- | M] () -- C:\Dokumente und Einstellungen\Wagner\Desktop\2009-10-07 11.30.38.jpg
[2009.10.07 22:19:56 | 00,938,374 | ---- | M] () -- C:\Dokumente und Einstellungen\Wagner\Desktop\2009-10-07 11.29.45.jpg
[2009.10.05 14:24:22 | 00,000,330 | ---- | M] () -- C:\Dokumente und Einstellungen\Wagner\Eigene Dateien\cc_20091005_142331.reg
[2009.10.05 14:23:22 | 00,000,206 | ---- | M] () -- C:\Dokumente und Einstellungen\Wagner\Eigene Dateien\cc_20091005_142317.reg
[2009.10.05 14:23:08 | 00,000,206 | ---- | M] () -- C:\Dokumente und Einstellungen\Wagner\Eigene Dateien\cc_20091005_142304.reg
[2009.10.05 14:22:54 | 00,000,206 | ---- | M] () -- C:\Dokumente und Einstellungen\Wagner\Eigene Dateien\cc_20091005_142250.reg
[2009.10.05 14:22:42 | 00,000,288 | ---- | M] () -- C:\Dokumente und Einstellungen\Wagner\Eigene Dateien\cc_20091005_142236.reg
[2009.10.05 14:22:26 | 00,000,642 | ---- | M] () -- C:\Dokumente und Einstellungen\Wagner\Eigene Dateien\cc_20091005_142220.reg
[2009.10.05 14:22:04 | 00,012,020 | ---- | M] () -- C:\Dokumente und Einstellungen\Wagner\Eigene Dateien\cc_20091005_142122.reg
[2009.10.05 14:20:12 | 00,001,425 | ---- | M] () -- C:\Dokumente und Einstellungen\Wagner\Desktop\CCleaner.lnk
[2009.10.05 13:01:16 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009.10.04 23:26:16 | 00,273,376 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009.10.02 21:33:00 | 00,001,479 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mozilla Firefox.lnk
[2009.10.02 00:37:48 | 00,000,568 | ---- | M] () -- C:\Dokumente und Einstellungen\Wagner\Desktop\Glary Utilities.lnk
[2009.10.01 10:33:48 | 00,000,538 | ---- | M] () -- C:\Dokumente und Einstellungen\Wagner\Desktop\RegCleaner.lnk
[2009.09.29 22:57:08 | 00,000,424 | ---- | M] () -- C:\WINDOWS\zipgenius.xml
[2009.09.15 10:40:10 | 00,818,990 | ---- | M] () -- C:\Dokumente und Einstellungen\Wagner\Desktop\Hans.MP3
[2009.09.14 02:12:38 | 00,229,888 | ---- | M] () -- C:\WINDOWS\pev.exe
[2009.09.12 20:57:04 | 00,001,584 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Avira AntiVir Control Center.lnk

========== Files - No Company Name ==========
[2009.10.11 15:34:40 | 00,731,136 | ---- | C] () -- C:\Dokumente und Einstellungen\Wagner\Desktop\gehweg.exe
[2009.10.11 14:05:28 | 00,169,398 | ---- | C] () -- C:\Dokumente und Einstellungen\Wagner\Desktop\FixPolicies.exe
[2009.10.11 00:18:30 | 00,290,816 | ---- | C] () -- C:\Dokumente und Einstellungen\Wagner\Desktop\duhsvczr.exe
[2009.10.10 22:12:36 | 03,329,980 | R--- | C] () -- C:\Dokumente und Einstellungen\Wagner\Desktop\coFix.exe
[2009.10.10 20:01:30 | 00,000,211 | ---- | C] () -- C:\Boot.bak
[2009.10.10 20:01:29 | 00,262,448 | ---- | C] () -- C:\cmldr
[2009.10.10 19:52:59 | 00,229,888 | ---- | C] () -- C:\WINDOWS\pev.exe
[2009.10.10 19:52:59 | 00,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2009.10.10 19:52:59 | 00,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2009.10.10 19:52:59 | 00,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2009.10.07 22:18:11 | 01,053,385 | ---- | C] () -- C:\Dokumente und Einstellungen\Wagner\Desktop\2009-10-07 11.29.59.jpg
[2009.10.07 22:18:11 | 00,861,863 | ---- | C] () -- C:\Dokumente und Einstellungen\Wagner\Desktop\2009-10-07 11.30.38.jpg
[2009.10.07 22:18:06 | 00,938,374 | ---- | C] () -- C:\Dokumente und Einstellungen\Wagner\Desktop\2009-10-07 11.29.45.jpg
[2009.10.05 14:23:32 | 00,000,330 | ---- | C] () -- C:\Dokumente und Einstellungen\Wagner\Eigene Dateien\cc_20091005_142331.reg
[2009.10.05 14:23:18 | 00,000,206 | ---- | C] () -- C:\Dokumente und Einstellungen\Wagner\Eigene Dateien\cc_20091005_142317.reg
[2009.10.05 14:23:05 | 00,000,206 | ---- | C] () -- C:\Dokumente und Einstellungen\Wagner\Eigene Dateien\cc_20091005_142304.reg
[2009.10.05 14:22:52 | 00,000,206 | ---- | C] () -- C:\Dokumente und Einstellungen\Wagner\Eigene Dateien\cc_20091005_142250.reg
[2009.10.05 14:22:38 | 00,000,288 | ---- | C] () -- C:\Dokumente und Einstellungen\Wagner\Eigene Dateien\cc_20091005_142236.reg
[2009.10.05 14:22:21 | 00,000,642 | ---- | C] () -- C:\Dokumente und Einstellungen\Wagner\Eigene Dateien\cc_20091005_142220.reg
[2009.10.05 14:21:28 | 00,012,020 | ---- | C] () -- C:\Dokumente und Einstellungen\Wagner\Eigene Dateien\cc_20091005_142122.reg
[2009.10.05 14:20:11 | 00,001,425 | ---- | C] () -- C:\Dokumente und Einstellungen\Wagner\Desktop\CCleaner.lnk
[2009.10.04 23:03:59 | 00,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2009.10.02 21:32:58 | 00,001,479 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mozilla Firefox.lnk
[2009.10.02 13:37:13 | 00,000,458 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2009.10.02 00:37:48 | 00,000,308 | ---- | C] () -- C:\WINDOWS\tasks\GlaryInitialize.job

maulwurf123 11.10.2009 15:06
[2009.10.02 00:37:46 | 00,000,568 | ---- | C] () -- C:\Dokumente und Einstellungen\Wagner\Desktop\Glary Utilities.lnk
[2009.10.01 10:33:46 | 00,000,538 | ---- | C] () -- C:\Dokumente und Einstellungen\Wagner\Desktop\RegCleaner.lnk
[2009.09.24 12:25:38 | 00,001,044 | ---- | C] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2009.09.15 10:24:07 | 00,818,990 | ---- | C] () -- C:\Dokumente und Einstellungen\Wagner\Desktop\Hans.MP3
[2009.09.12 20:57:03 | 00,001,584 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Avira AntiVir Control Center.lnk
[2009.08.19 20:27:05 | 00,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2009.08.19 20:27:05 | 00,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2009.08.19 20:26:57 | 00,002,528 | ---- | C] () -- C:\Dokumente und Einstellungen\Wagner\Anwendungsdaten\$_hpcst$.hpc
[2009.08.12 19:41:47 | 00,000,215 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2009.08.09 14:09:28 | 00,017,428 | ---- | C] () -- C:\WINDOWS\GnuHashes.ini
[2009.08.05 22:22:04 | 00,005,493 | -HS- | C] () -- C:\Dokumente und Einstellungen\Wagner\Anwendungsdaten\0200000090214691651C.manifest
[2009.08.05 22:22:04 | 00,002,466 | -HS- | C] () -- C:\Dokumente und Einstellungen\Wagner\Anwendungsdaten\0200000090214691651P.manifest
[2009.08.05 22:22:04 | 00,000,513 | -HS- | C] () -- C:\Dokumente und Einstellungen\Wagner\Anwendungsdaten\0200000090214691651O.manifest
[2009.08.05 22:22:04 | 00,000,011 | -HS- | C] () -- C:\Dokumente und Einstellungen\Wagner\Anwendungsdaten\0200000090214691651S.manifest
[2009.06.01 09:48:50 | 00,000,278 | ---- | C] () -- C:\WINDOWS\p71892.ini
[2009.02.20 12:14:02 | 00,143,872 | ---- | C] () -- C:\WINDOWS\System32\swscale-0.dll
[2009.02.20 12:14:02 | 00,143,872 | ---- | C] () -- C:\WINDOWS\System32\swscale.dll
[2009.02.20 12:14:01 | 00,319,488 | ---- | C] () -- C:\WINDOWS\System32\sdl.dll
[2009.02.20 12:14:01 | 00,032,768 | ---- | C] () -- C:\WINDOWS\System32\postproc-51.dll
[2009.02.20 12:14:01 | 00,032,768 | ---- | C] () -- C:\WINDOWS\System32\postproc.dll
[2009.02.20 12:14:00 | 00,045,568 | ---- | C] () -- C:\WINDOWS\System32\cygz.dll
[2009.02.20 12:13:58 | 00,026,112 | ---- | C] () -- C:\WINDOWS\System32\avutil-49.dll
[2009.02.20 12:13:58 | 00,026,112 | ---- | C] () -- C:\WINDOWS\System32\avutil.dll
[2009.02.20 12:13:57 | 06,902,272 | ---- | C] () -- C:\WINDOWS\System32\avcodec-51.dll
[2009.02.20 12:13:57 | 06,902,272 | ---- | C] () -- C:\WINDOWS\System32\avcodec.dll
[2009.02.20 12:13:57 | 00,458,752 | ---- | C] () -- C:\WINDOWS\System32\avformat-51.dll
[2009.02.20 12:13:57 | 00,458,752 | ---- | C] () -- C:\WINDOWS\System32\avformat.dll
[2009.02.20 12:13:57 | 00,032,256 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2009.01.03 16:46:24 | 00,000,202 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009.01.03 14:46:40 | 00,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008.10.19 18:56:34 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\CommonDL.dll
[2008.10.19 18:56:34 | 00,002,412 | ---- | C] () -- C:\WINDOWS\System32\lgAxconfig.ini
[2008.10.17 19:01:34 | 00,000,424 | ---- | C] () -- C:\Dokumente und Einstellungen\Wagner\Anwendungsdaten\mainhst.zgh
[2008.10.16 18:11:07 | 00,028,672 | ---- | C] () -- C:\WINDOWS\System32\nnr.dll
[2008.10.12 09:30:46 | 00,179,200 | ---- | C] () -- C:\Dokumente und Einstellungen\Wagner\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.09.29 09:46:17 | 00,000,450 | ---- | C] () -- C:\WINDOWS\System32\eRLog.ini
[2008.09.29 09:42:49 | 00,000,719 | R--- | C] () -- C:\WINDOWS\System32\InstExec.ini
[2008.09.29 09:39:41 | 00,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2008.09.29 09:37:49 | 00,066,416 | ---- | C] () -- C:\Dokumente und Einstellungen\Wagner\Lokale Einstellungen\Anwendungsdaten\GDIPFONTCACHEV1.DAT
[2008.09.29 09:34:17 | 05,363,546 | -H-- | C] () -- C:\Dokumente und Einstellungen\Wagner\Lokale Einstellungen\Anwendungsdaten\IconCache.db
[2008.09.29 09:34:17 | 00,000,139 | ---- | C] () -- C:\Dokumente und Einstellungen\Wagner\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2008.09.29 09:34:17 | 00,000,062 | -HS- | C] () -- C:\Dokumente und Einstellungen\Wagner\Anwendungsdaten\desktop.ini
[2008.04.02 12:52:16 | 00,009,849 | ---- | C] () -- C:\WINDOWS\System32\mswrn0o7e.dll
[2008.02.15 04:55:28 | 00,000,084 | ---- | C] () -- C:\WINDOWS\EMEAPAGE.INI
[2008.01.21 01:04:53 | 00,139,264 | ---- | C] () -- C:\WINDOWS\System32\mserc0o7d.dll
[2007.10.25 17:26:10 | 00,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2006.08.29 23:36:08 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006.08.29 23:21:46 | 00,000,745 | ---- | C] () -- C:\WINDOWS\win.ini
[2006.08.25 07:43:56 | 00,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIBUN4.dll
[2006.08.25 07:42:38 | 00,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMPEG2.dll
[2006.08.25 07:42:38 | 00,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMP3.dll
[2006.08.25 07:42:38 | 00,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIFCD3.dll
[2006.08.25 07:42:38 | 00,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTICDMK7.dll
[2006.08.25 07:12:22 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini
[2006.08.25 07:12:06 | 00,000,062 | -HS- | C] () -- C:\Dokumente undEinstellungen\All Users\Anwendungsdaten\desktop.ini
[2006.06.23 10:40:58 | 02,400,128 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVMVdrv.sys
[2006.06.23 10:40:58 | 00,016,768 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPrcMon.sys
[2006.06.19 11:59:24 | 00,013,227 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2006.06.16 19:17:32 | 00,356,352 | ---- | C] () -- C:\WINDOWS\EMCRI.dll
[2006.06.12 16:11:00 | 01,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006.06.12 16:11:00 | 01,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006.06.12 16:11:00 | 01,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006.06.12 16:11:00 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006.06.12 16:11:00 | 00,098,304 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2006.03.10 14:15:44 | 00,037,706 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2005.12.27 15:50:26 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\APISlice.dll
[2005.12.27 15:50:26 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\SC_res.dll
[2005.12.27 15:50:26 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\EN_res.dll
[2005.12.27 15:50:26 | 00,032,768 | ---- | C] () -- C:\WINDOWS\System32\TC_res.dll
[2005.12.27 15:50:26 | 00,010,752 | ---- | C] () -- C:\WINDOWS\System32\MSNChatHook.dll
[2005.12.14 20:59:52 | 00,000,038 | ---- | C] () -- C:\WINDOWS\Acer.ini
[2005.05.02 12:13:42 | 00,009,600 | ---- | C] () -- C:\WINDOWS\System32\drivers\NETMNT.sys
[2005.03.28 15:45:26 | 00,000,081 | ---- | C] () -- C:\WINDOWS\alaunch.ini
[2004.12.17 17:14:44 | 00,013,952 | ---- | C] () -- C:\WINDOWS\System32\drivers\UBHelper.sys
[2004.08.04 05:00:00 | 00,014,336 | ---- | C] () -- C:\WINDOWS\System32\MSDMO(2).DLL
[2004.08.04 05:00:00 | 00,003,776 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2003.12.29 20:45:08 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\ServiceControl.dll
[2003.02.20 17:53:42 | 00,005,702 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001.12.26 16:12:30 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\multiplex_vcd.dll
[2001.09.03 23:46:38 | 00,110,592 | ---- | C] () -- C:\WINDOWS\System32\Hmpg12.dll
[2001.07.30 16:33:56 | 00,118,784 | ---- | C] () -- C:\WINDOWS\System32\HMPV2_ENC.dll
[2001.07.23 22:04:36 | 00,118,784 | ---- | C] () -- C:\WINDOWS\System32\HMPV2_ENC_MMX.dll
[1999.01.27 13:39:06 | 00,065,024 | ---- | C] () -- C:\WINDOWS\System32\indounin.dll
[1997.06.13 07:56:08 | 00,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
< End of report >

cosinus 11.10.2009 15:25
Und nochmal den Avenger bitte genau wie eben anwenden, nur diesmal dieses Script hier verwenden:

Code:
Files to delete:
C:\WINDOWS\System32\CF4870.exe
C:\WINDOWS\System32\CF18504.exe
C:\WINDOWS\System32\CF7767.exe
C:\WINDOWS\System32\CF31208.exe
C:\WINDOWS\System32\CF4314.exe
C:\WINDOWS\System32\CF23385.exe
C:\WINDOWS\System32\CF11799.exe
C:\WINDOWS\tasks\GlaryInitialize.job
C:\Dokumente und Einstellungen\Wagner\Desktop\FixPolicies.exe
C:\Dokumente und Einstellungen\Wagner\Desktop\duhsvczr.exe
C:\WINDOWS\System32\drivers\cxthsfs2.cty
C:\WINDOWS\System32\lgAxconfig.ini
C:\Dokumente und Einstellungen\Wagner\Anwendungsdaten\mainhst.zgh
C:\WINDOWS\System32\nnr.dll

maulwurf123 11.10.2009 15:31
Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com

Platform: Windows XP

*******************

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

Rootkit scan active.
No rootkits found!

File "C:\WINDOWS\System32\CF4870.exe" deleted successfully.
File "C:\WINDOWS\System32\CF18504.exe" deleted successfully.
File "C:\WINDOWS\System32\CF7767.exe" deleted successfully.
File "C:\WINDOWS\System32\CF31208.exe" deleted successfully.
File "C:\WINDOWS\System32\CF4314.exe" deleted successfully.
File "C:\WINDOWS\System32\CF23385.exe" deleted successfully.
File "C:\WINDOWS\System32\CF11799.exe" deleted successfully.
File "C:\WINDOWS\tasks\GlaryInitialize.job" deleted successfully.
File "C:\Dokumente und Einstellungen\Wagner\Desktop\FixPolicies.exe" deleted successfully.
File "C:\Dokumente und Einstellungen\Wagner\Desktop\duhsvczr.exe" deleted successfully.
File "C:\WINDOWS\System32\drivers\cxthsfs2.cty" deleted successfully.
File "C:\WINDOWS\System32\lgAxconfig.ini" deleted successfully.
File "C:\Dokumente und Einstellungen\Wagner\Anwendungsdaten\mainhst.zgh" deleted successfully.
File "C:\WINDOWS\System32\nnr.dll" deleted successfully.

Completed script processing.

*******************

Finished! Terminate.

cosinus 11.10.2009 15:33
Okay, probier bitte nun noch einen Durchlauf mit Combofix.

maulwurf123 11.10.2009 15:43
immer noch dasselbe... combofix sucht, dann steht in dem blauen fenster löscht dateien... fährt runter... neustart... aber kein log....

cosinus 11.10.2009 15:56
Hm sehr merkwürdig. :(
Kannst Du bitte nochmal MalwareBytes (mit frischen Signaturen) durchlaufen lassen? Vergiss bitte diesmal nicht wieder, etwaige Funde löschen zu lassen!!

maulwurf123 11.10.2009 17:05
Malwarebytes' Anti-Malware 1.41
Datenbank Version: 2941
Windows 5.1.2600 Service Pack 3

11.10.2009 18:03:35
mbam-log-2009-10-11 (18-03-35).txt

Scan-Methode: Vollständiger Scan (C:\|D:\|)
Durchsuchte Objekte: 206856
Laufzeit: 36 minute(s), 6 second(s)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 1
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 4
Infizierte Verzeichnisse: 1
Infizierte Dateien: 3

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{28abc5c0-4fcb-11cf-aax5-81cx1c635612} (Generic.Bot.H) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetActiveDesktop (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\activedesktop\NoChangingWallpaper (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetActiveDesktop (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Infizierte Verzeichnisse:
C:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013 (Trojan.Agent) -> Quarantined and deleted successfully.

Infizierte Dateien:
C:\Dokumente und Einstellungen\Wagner\Anwendungsdaten\AD ON Multimedia\eBay Shortcuts\eBayShortcuts.exe (Adware.ADON) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\Wagner\Anwendungsdaten\Desktopicon\eBayShortcuts.exe (Adware.ADON) -> Quarantined and deleted successfully.
C:\WINDOWS\GnuHashes.ini (Malware.Trace) -> Quarantined and deleted successfully.

maulwurf123 12.10.2009 10:36
Hallo

habe Malwarebytes mal wieder laufen gelassen. Es hat nichts gefunden.
Malwarebytes' Anti-Malware 1.41
Datenbank Version: 2941
Windows 5.1.2600 Service Pack 3

12.10.2009 11:33:07
mbam-log-2009-10-12 (11-33-07).txt

Scan-Methode: Vollständiger Scan (C:\|D:\|)
Durchsuchte Objekte: 207197
Laufzeit: 37 minute(s), 51 second(s)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

Stattdessen hat Avira Antivir mir 2 mal einen Fund angezeigt während dem Scan.

In der Datei 'C:\System Volume Information\_restore{501249ED-461A-44D4-B160-67D81771EBAB}\RP255\A0141623.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Trash.Gen' [trojan] gefunden.
Ausgeführte Aktion: Zugriff verweigern


In der Datei 'C:\System Volume Information\_restore{501249ED-461A-44D4-B160-67D81771EBAB}\RP255\A0141624.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Trash.Gen' [trojan] gefunden.
Ausgeführte Aktion: Zugriff verweigern

lg Tina

cosinus 12.10.2009 11:38
So, MBAM hat da ja wieder was weggeräumt :)
Probier bitte einen neuen Durchlauf mit Combofix wie oben in der Anleitung. Lade combofix bitte neu herunter und benenne es wie in der Anleitung steht beim Download in cofi um.

maulwurf123 12.10.2009 12:01
hmm, ne das klappt immer noch nicht.
combofix startet, läuft durch bis punkt 50, zeigt lösche dateien an, laptop fäjhrt runter, neustart, blauer bildschirm c muß überprüft werden... aber kein log, kommt jetzt aber auch keine anzeige von schwerwiegendem fehler..

lg

maulwurf123 12.10.2009 12:41
hat der ordner Qoobox was mit combofix zu tun?

cosinus 12.10.2009 12:56
Strange :balla:
Konvertiere mal bitte zuerst Dein Laufwerk C: nach NTFS.

1.) Start, Ausführen cmd eintippen => ok
2.) In die schwarze Konsole diesen Befehl eintippen und mit Enter bestätigen

convert c: /fs:ntfs

3.) Die Abfrage mit der J-Taste bestätigen
4.) Rechner neu starten, warten bis der Konvertiervorgang abgeschlossen ist


Alle Zeitangaben in WEZ +1. Es ist jetzt 12:00 Uhr.
Seite 2 von 4 1 2 34
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131