Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
trojaner OTL.txt

trojaner OTL.txt


Plagegeister aller Art und deren Bekämpfung: trojaner OTL.txt

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 16.02.2013, 18:01   #1
lissy200681
 
trojaner OTL.txt - Frage

trojaner OTL.txt


hallo zusammen! ich habe mich hier quer durchs forum gelesen und es bis hier hin (OTL.txt) geschafft. nun brauche ich aber hilfe, weil ich keine ahnung habe wie es jetzt weitergeht und so wie ich es verstanden habe sind diese OTL.txt immer nur für den infizierten pc und nicht allgemein ich schick euch mal den text durch und würde mich wirklich sehr über hilfe freuen:

OTL logfile created on: 2/16/2013 5:05:16 PM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Windows Vista (TM) Home Basic (Version = 6.0.6000) - Type = System
Internet Explorer (Version = 7.0.6000.16473)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

894.00 Mb Total Physical Memory | 690.00 Mb Available Physical Memory | 77.00% Memory free
806.00 Mb Paging File | 717.00 Mb Available in Paging File | 89.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 68.67 Gb Total Space | 36.36 Gb Free Space | 52.95% Space Free | Partition Type: NTFS
Drive D: | 5.86 Gb Total Space | 2.65 Gb Free Space | 45.28% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001

========== Win32 Services (SafeList) ==========

SRV - [2007/06/19 06:31:37 | 001,174,152 | ---- | M] (Symantec Corporation) [On_Demand] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2007/03/12 03:22:00 | 000,517,768 | ---- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe -- (LiveUpdate Notice Service)
SRV - [2007/01/10 23:02:00 | 000,113,664 | ---- | M] (SEIKO EPSON CORPORATION) [Auto] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE -- (EPSON_PM_RPCV4_01) EPSON V3 Service4(01)
SRV - [2007/01/09 15:59:32 | 000,108,648 | ---- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (LiveUpdate Notice Ex)
SRV - [2007/01/09 15:59:32 | 000,108,648 | ---- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (CLTNetCnService)
SRV - [2007/01/09 15:59:32 | 000,108,648 | ---- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2007/01/09 15:59:32 | 000,108,648 | ---- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2006/11/08 07:42:27 | 002,541,248 | ---- | M] (Symantec Corporation) [On_Demand] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE -- (LiveUpdate)
SRV - [2006/11/08 07:42:27 | 000,194,240 | ---- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe -- (Automatisches LiveUpdate - Scheduler)
SRV - [2006/11/02 04:46:13 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2006/11/02 04:46:12 | 000,167,424 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2006/10/26 18:18:36 | 000,080,552 | ---- | M] (Symantec Corporation) [On_Demand] -- C:\Program Files\Norton Internet Security\isPwdSvc.exe -- (ISPwdSvc)
SRV - [2006/10/13 09:29:12 | 000,049,296 | ---- | M] (Symantec Corporation) [On_Demand] -- C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe -- (comHost)
SRV - [2006/09/20 12:05:16 | 000,046,736 | ---- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe -- (SymAppCore)
SRV - [2005/11/17 08:18:52 | 001,527,900 | ---- | M] (MAGIX®) [On_Demand] -- C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2004/12/12 22:34:32 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand] -- -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand] -- -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand] -- -- (IpInIp)
DRV - [2008/11/11 07:23:09 | 000,045,344 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\emOEM.sys -- (USB28xxOEM)
DRV - [2008/11/11 07:23:01 | 000,485,920 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\emBDA.sys -- (USB28xxBGA)
DRV - [2007/06/19 06:34:49 | 000,109,744 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2007/06/07 03:24:04 | 000,212,280 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\ProgramData\Symantec\Definitions\SymcData\idsdefs\20070612.005\IDSvix86.sys -- (IDSvix86)
DRV - [2007/05/15 03:00:00 | 000,852,824 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20070618.019\NAVEX15.SYS -- (NAVEX15)
DRV - [2007/05/15 03:00:00 | 000,389,432 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2007/05/15 03:00:00 | 000,106,808 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2007/05/15 03:00:00 | 000,077,688 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20070618.019\NAVENG.SYS -- (NAVENG)
DRV - [2007/04/23 11:47:20 | 000,219,136 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\viahduaa.sys -- (HdAudAddService)
DRV - [2007/03/27 10:11:42 | 000,276,792 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\srtspl.sys -- (SRTSPL)
DRV - [2007/03/27 10:11:42 | 000,247,608 | ---- | M] (Symantec Corporation) [File_System | On_Demand] -- C:\Windows\System32\drivers\srtsp.sys -- (SRTSP)
DRV - [2007/03/27 10:11:42 | 000,025,400 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\Windows\System32\drivers\srtspx.sys -- (SRTSPX)
DRV - [2007/02/05 07:53:42 | 000,842,752 | ---- | M] (S3 Graphics Co., Ltd.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\VTGKModeDX32.sys -- (S3GIGP)
DRV - [2007/01/06 16:05:42 | 000,199,680 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand] -- C:\Windows\System32\drivers\RTL8187.sys -- (RTL8187)
DRV - [2006/11/02 02:41:49 | 001,010,560 | ---- | M] (Motorola Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)
DRV - [2006/10/25 07:36:48 | 000,042,240 | ---- | M] (ENE Technology Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ESD7SK.sys -- (ESDCR)
DRV - [2006/10/25 07:36:36 | 000,062,208 | ---- | M] (ENE Technology Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\EMS7SK.sys -- (EMSCR)
DRV - [2006/10/24 07:40:22 | 000,185,744 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\Windows\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2006/10/24 07:40:22 | 000,026,384 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Windows\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2006/10/06 08:26:16 | 000,406,672 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2004/12/23 10:27:56 | 000,027,392 | ---- | M] (Ulead Systems, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ULCDRHlp.sys -- (ULCDRHlp)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\BUDA_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.kabeldeutschland.de/portal
IE - HKU\BUDA_ON_C\Software\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\BUDA_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0




========== FireFox ==========



FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/02/10 04:23:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2013/02/10 04:23:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\BUDA\AppData\Roaming\Mozilla\Extensions
[2013/02/10 04:23:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) --
[2011/12/21 02:42:29 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/12/21 00:08:50 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011/12/21 00:02:40 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/12/21 00:08:50 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011/12/21 00:08:50 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011/12/21 00:08:50 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2011/12/21 00:08:50 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2006/09/18 16:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBHO.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Show Norton Toolbar) - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll (Symantec Corporation)
O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [CHotkey] C:\Windows\mHotkey.exe ()
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VistaADeck\HDAudioCPL.exe (VIA.)
O4 - HKLM..\Run: [IS CfgWiz] C:\Program Files\Common Files\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\cltUIStb.exe (Symantec Corporation)
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [Lexmark 1200 Series] File not found
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [osCheck] C:\Program Files\Norton Internet Security\osCheck.exe (Symantec Corporation)
O4 - HKLM..\Run: [S3Trayp] C:\Windows\System32\s3trayp.exe (S3 Graphics Co., Ltd.)
O4 - HKLM..\Run: [showwnd] C:\Windows\ShowWnd.exe ()
O4 - HKLM..\Run: [Symantec PIF AlertEng] C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
O4 - HKU\BUDA_ON_C..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\BUDA_ON_C..\Run: [EPSON Stylus DX4400 Series] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE (SEIKO EPSON CORPORATION)
O4 - HKU\BUDA_ON_C..\Run: [Teikel] C:\Users\BUDA\AppData\Roaming\Uwadb\eneg.exe ()
O4 - HKU\BUDA_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\LocalService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\NetworkService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - Startup: C:\Users\BUDA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe ()
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKU\BUDA_ON_C Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKU\BUDA_ON_C Winlogon: Shell - (C:\Users\BUDA\AppData\Roaming\skype.dat) - C:\Users\BUDA\AppData\Roaming\skype.dat ()
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper:
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{2368f650-3516-11dc-9054-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{2368f650-3516-11dc-9054-806e6f6e6963}\Shell\AutoRun\command - "" = E:\setup.exe
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2013/02/16 10:43:03 | 000,000,000 | ---D | C] -- C:\Users\BUDA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD
[2013/02/14 15:17:34 | 000,000,000 | ---D | C] -- C:\Users\BUDA\AppData\Roaming\Uwadb
[2013/02/14 15:17:34 | 000,000,000 | ---D | C] -- C:\Users\BUDA\AppData\Roaming\Opfi
[2013/02/14 15:17:34 | 000,000,000 | ---D | C] -- C:\Users\BUDA\AppData\Roaming\Bikuva
[2013/02/11 11:54:35 | 003,502,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2013/02/11 11:54:33 | 003,468,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2013/02/11 11:43:43 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2013/02/11 11:36:01 | 000,374,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcupdate_GenuineIntel.dll
[2013/02/11 11:34:19 | 000,500,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcprx.dll
[2013/02/11 11:34:19 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xolehlp.dll
[2013/02/11 11:31:02 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll
[2013/02/11 11:31:02 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll
[2013/02/11 11:29:19 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll
[2013/02/11 11:27:48 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll
[2013/02/11 11:26:22 | 000,713,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2013/02/11 11:24:55 | 000,356,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MediaMetadataHandler.dll
[2013/02/11 11:23:30 | 000,392,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FirewallAPI.dll
[2013/02/11 11:23:29 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icfupgd.dll
[2013/02/11 11:23:29 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmifw.dll
[2013/02/11 11:23:29 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wfapigp.dll
[2013/02/11 11:15:07 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2013/02/11 11:13:43 | 000,696,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localspl.dll
[2013/02/11 11:12:30 | 000,109,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ataport.sys
[2013/02/11 11:12:30 | 000,045,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pciidex.sys
[2013/02/11 11:11:12 | 002,923,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2013/02/11 11:09:18 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hcrstco.dll
[2013/02/11 11:09:18 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hccoin.dll
[2013/02/11 11:09:18 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys
[2013/02/11 11:09:17 | 000,224,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2013/02/11 10:10:14 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2013/02/11 10:10:08 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll
[2013/02/11 10:10:07 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll
[2013/02/11 09:44:49 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2013/02/11 09:44:43 | 004,247,552 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2013/02/11 09:44:43 | 001,686,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2013/02/11 09:43:34 | 002,855,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2013/02/11 09:43:34 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll
[2013/02/11 09:43:33 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rrinstaller.exe
[2013/02/11 09:43:33 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfpmp.exe
[2013/02/11 09:43:33 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mferror.dll
[2013/02/11 09:43:30 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe
[2013/02/11 09:43:28 | 000,996,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMNetMgr.dll
[2013/02/11 09:43:27 | 002,433,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL
[2013/02/11 09:41:57 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\INETRES.dll
[2013/02/11 09:40:13 | 001,645,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\connect.dll
[2013/02/11 09:37:08 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\raschap.dll
[2013/02/11 09:37:08 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rastls.dll
[2013/02/11 09:36:07 | 000,321,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll
[2013/02/11 09:35:13 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\poqexec.exe
[2013/02/11 09:33:35 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml6r.dll
[2013/02/11 09:32:34 | 001,327,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2013/02/11 09:32:32 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvfw32.dll
[2013/02/11 09:32:32 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2013/02/11 09:32:32 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avicap32.dll
[2013/02/11 09:32:31 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll
[2013/02/11 09:30:49 | 000,604,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL
[2013/02/11 09:29:27 | 008,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2013/02/11 09:29:21 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
[2013/02/11 09:29:20 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
[2013/02/11 09:29:20 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll
[2013/02/11 09:29:08 | 000,311,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unregmp2.exe
[2013/02/10 14:22:26 | 000,232,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2013/02/10 04:23:27 | 000,000,000 | ---D | C] -- C:\Users\BUDA\AppData\Roaming\Mozilla
[2013/02/10 04:23:27 | 000,000,000 | ---D | C] -- C:\Users\BUDA\AppData\Local\Mozilla
[2013/02/10 04:22:58 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/02/10 03:50:11 | 000,000,000 | -H-D | C] -- C:\ProgramData\{3192C226-BD81-479F-822D-6CF72EE1AB45}
[2013/02/10 03:49:50 | 000,000,000 | ---D | C] -- C:\Program Files\Kabel Deutschland
[2013/02/10 03:49:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kabel Deutschland
[2013/02/10 03:49:44 | 000,000,000 | ---D | C] -- C:\ProgramData\mquadr.at
[2013/02/10 03:47:55 | 000,000,000 | ---D | C] -- C:\Users\BUDA\AppData\Local\PackageAware
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/02/16 10:51:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/02/16 10:50:13 | 000,003,456 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/02/16 10:50:13 | 000,003,456 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/02/16 10:49:55 | 937,541,632 | -HS- | M] () -- C:\hiberfil.sys
[2013/02/16 10:43:31 | 000,000,004 | ---- | M] () -- C:\Users\BUDA\AppData\Roaming\skype.ini
[2013/02/16 09:20:00 | 000,000,416 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{5CDEEC43-AD70-4717-8A64-53F46756EE77}.job
[2013/02/14 16:27:44 | 022,396,928 | ---- | M] () -- C:\Windows\ocsetup_install_NetFx3.etl
[2013/02/14 16:27:43 | 000,049,152 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_NetFx3.perf
[2013/02/14 16:27:43 | 000,016,384 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_NetFx3.dpx
[2013/02/14 15:34:13 | 000,610,142 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/02/14 15:34:12 | 000,641,344 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013/02/14 15:34:12 | 000,116,706 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013/02/14 15:34:12 | 000,103,924 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/02/14 15:02:28 | 000,001,768 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Movie Maker.lnk
[2013/02/14 15:02:21 | 000,000,000 | R--D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
[2013/02/14 15:02:20 | 000,000,000 | R--D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Extras and Upgrades
[2013/02/14 14:56:38 | 000,394,368 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/02/11 11:54:36 | 003,502,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2013/02/11 11:54:34 | 003,468,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2013/02/11 11:43:43 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2013/02/11 11:36:01 | 000,374,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mcupdate_GenuineIntel.dll
[2013/02/11 11:34:19 | 000,500,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msdtcprx.dll
[2013/02/11 11:34:19 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xolehlp.dll
[2013/02/11 11:31:02 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll
[2013/02/11 11:31:02 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll
[2013/02/11 11:29:19 | 000,303,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll
[2013/02/11 11:27:48 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll
[2013/02/11 11:26:22 | 000,713,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2013/02/11 11:24:55 | 000,356,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MediaMetadataHandler.dll
[2013/02/11 11:23:30 | 000,392,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FirewallAPI.dll
[2013/02/11 11:23:29 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\icfupgd.dll
[2013/02/11 11:23:29 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cmifw.dll
[2013/02/11 11:23:29 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wfapigp.dll
[2013/02/11 11:15:07 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2013/02/11 11:13:43 | 000,696,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\localspl.dll
[2013/02/11 11:12:30 | 000,109,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ataport.sys
[2013/02/11 11:12:30 | 000,045,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\pciidex.sys
[2013/02/11 11:11:12 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2013/02/11 11:09:18 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\hcrstco.dll
[2013/02/11 11:09:18 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\hccoin.dll
[2013/02/11 11:09:18 | 000,005,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys
[2013/02/11 11:09:17 | 000,224,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2013/02/11 10:10:14 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2013/02/11 10:10:08 | 000,158,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll
[2013/02/11 10:10:07 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll
[2013/02/11 09:44:49 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2013/02/11 09:44:43 | 004,247,552 | ---- | M] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2013/02/11 09:44:43 | 001,686,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2013/02/11 09:43:35 | 002,855,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2013/02/11 09:43:34 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll
[2013/02/11 09:43:33 | 000,052,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rrinstaller.exe
[2013/02/11 09:43:33 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfpmp.exe
[2013/02/11 09:43:33 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mferror.dll
[2013/02/11 09:43:30 | 000,094,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe
[2013/02/11 09:43:29 | 000,996,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WMNetMgr.dll
[2013/02/11 09:43:28 | 002,433,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL
[2013/02/11 09:41:57 | 000,084,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\INETRES.dll
[2013/02/11 09:40:14 | 001,645,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\connect.dll
[2013/02/11 09:37:08 | 000,274,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\raschap.dll
[2013/02/11 09:37:08 | 000,232,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rastls.dll
[2013/02/11 09:36:07 | 000,321,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll
[2013/02/11 09:35:13 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\poqexec.exe
[2013/02/11 09:33:35 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msxml6r.dll
[2013/02/11 09:32:32 | 000,123,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvfw32.dll
[2013/02/11 09:32:32 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll
[2013/02/11 09:32:32 | 000,082,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2013/02/11 09:32:32 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\avicap32.dll
[2013/02/11 09:30:49 | 000,604,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL
[2013/02/11 09:29:28 | 008,147,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2013/02/11 09:29:21 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
[2013/02/11 09:29:20 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
[2013/02/11 09:29:08 | 000,311,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\unregmp2.exe
[2013/02/10 04:23:11 | 000,000,875 | ---- | M] () -- C:\Users\BUDA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013/02/10 04:23:11 | 000,000,863 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013/02/10 04:23:11 | 000,000,851 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013/02/10 03:49:49 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kabel Deutschland
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/02/16 10:49:55 | 937,541,632 | -HS- | C] () -- C:\hiberfil.sys
[2013/02/14 15:24:12 | 000,000,004 | ---- | C] () -- C:\Users\BUDA\AppData\Roaming\skype.ini
[2013/02/11 10:16:35 | 000,049,152 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_NetFx3.perf
[2013/02/11 10:16:35 | 000,016,384 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_NetFx3.dpx
[2013/02/11 10:16:34 | 022,396,928 | ---- | C] () -- C:\Windows\ocsetup_install_NetFx3.etl
[2013/02/10 04:23:11 | 000,000,875 | ---- | C] () -- C:\Users\BUDA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013/02/10 04:23:11 | 000,000,863 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013/02/10 04:23:11 | 000,000,851 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/12/08 12:03:20 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll
[2010/12/08 12:02:42 | 000,007,119 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2010/06/08 08:19:24 | 000,692,224 | ---- | C] () -- C:\Windows\System32\libeay32.dll
[2010/06/08 08:19:24 | 000,151,552 | ---- | C] () -- C:\Windows\System32\ssleay32.dll
[2009/07/19 06:17:41 | 000,552,960 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2009/07/19 06:17:41 | 000,159,744 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2009/07/19 06:17:41 | 000,008,704 | ---- | C] () -- C:\Windows\System32\vidccleaner.exe
[2008/09/18 09:52:50 | 000,000,196 | ---- | C] () -- C:\Windows\ulead32.ini
[2008/09/18 09:05:04 | 000,087,312 | ---- | C] () -- C:\Windows\mws.exe
[2008/01/22 11:04:22 | 000,000,680 | ---- | C] () -- C:\Users\BUDA\AppData\Local\d3d9caps.dat
[2008/01/11 14:26:59 | 000,000,042 | ---- | C] () -- C:\Users\BUDA\AppData\default.pls
[2007/12/21 09:24:01 | 000,013,574 | ---- | C] () -- C:\Users\BUDA\AppData\Roaming\wklnhst.dat
[2007/11/29 13:40:06 | 000,111,932 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat
[2007/11/29 13:40:06 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat
[2007/11/29 13:40:06 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat
[2007/11/29 13:40:06 | 000,026,154 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat
[2007/11/29 13:40:06 | 000,024,903 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat
[2007/11/29 13:40:06 | 000,021,390 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat
[2007/11/29 13:40:06 | 000,020,148 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat
[2007/11/29 13:40:06 | 000,011,811 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat
[2007/11/29 13:40:06 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat
[2007/11/29 13:40:06 | 000,001,146 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_DU.dat
[2007/11/29 13:40:06 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat
[2007/11/29 13:40:06 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat
[2007/11/29 13:40:06 | 000,001,136 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat
[2007/11/29 13:40:06 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat
[2007/11/29 13:40:06 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat
[2007/11/29 13:40:06 | 000,001,120 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_IT.dat
[2007/11/29 13:40:06 | 000,001,107 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_GE.dat
[2007/11/29 13:40:06 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat
[2007/11/29 13:40:06 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2007/11/29 13:31:10 | 000,000,027 | ---- | C] () -- C:\Windows\CDE DX4400DEFGIPS.ini
[2007/10/18 02:43:30 | 000,000,441 | ---- | C] () -- C:\Windows\hwsolii.ini
[2007/07/27 13:43:31 | 000,000,092 | ---- | C] () -- C:\Windows\lexstat.ini
[2007/07/27 13:43:01 | 000,155,648 | ---- | C] () -- C:\Windows\System32\LEXPING.EXE
[2007/07/27 13:42:59 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxczvs.dll
[2007/07/27 13:42:59 | 000,040,960 | ---- | C] () -- C:\Windows\System32\INSTMON.EXE
[2007/07/25 16:51:56 | 000,036,864 | ---- | C] () -- C:\Users\BUDA\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/06/19 03:36:32 | 000,036,864 | ---- | C] () -- C:\Windows\ShowWnd.exe
[2007/06/19 03:36:31 | 000,547,840 | ---- | C] () -- C:\Windows\mHotkey.exe
[2007/06/19 03:36:31 | 000,532,544 | ---- | C] () -- C:\Windows\PIC.dll
[2007/06/19 03:36:31 | 000,024,576 | ---- | C] () -- C:\Windows\HKNTDLL.dll
[2007/06/19 03:36:31 | 000,011,776 | ---- | C] () -- C:\Windows\HIDMNT.dll
[2007/06/19 03:34:09 | 000,356,352 | ---- | C] () -- C:\Windows\EMCRI.dll
[2007/01/24 00:08:03 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2006/11/02 10:38:05 | 000,641,344 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2006/11/02 10:38:05 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2006/11/02 10:38:05 | 000,116,706 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2006/11/02 10:38:05 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2006/11/02 07:53:49 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 07:44:53 | 000,394,368 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 05:33:01 | 000,610,142 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 05:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 05:33:01 | 000,103,924 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 05:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 05:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 03:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 03:31:23 | 000,122,880 | -HS- | C] () -- C:\Users\BUDA\AppData\Roaming\skype.dat
[2006/11/02 03:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 02:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/11/02 02:22:43 | 000,099,999 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2006/11/02 02:22:43 | 000,018,271 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2006/10/27 01:26:56 | 000,069,632 | ---- | C] () -- C:\Windows\System32\vuins32.dll
[2006/01/30 07:42:22 | 000,000,270 | ---- | C] () -- C:\Windows\System32\lxczcoin.ini
[1997/12/12 21:05:06 | 000,000,008 | ---- | C] () -- C:\Windows\pkkeor.ini

========== LOP Check ==========

[2013/02/14 15:17:34 | 000,000,000 | ---D | M] -- C:\Users\BUDA\AppData\Roaming\Bikuva
[2008/03/06 14:54:59 | 000,000,000 | ---D | M] -- C:\Users\BUDA\AppData\Roaming\EPSON
[2008/09/18 09:04:48 | 000,000,000 | ---D | M] -- C:\Users\BUDA\AppData\Roaming\InterVideo
[2008/09/18 09:14:43 | 000,000,000 | ---D | M] -- C:\Users\BUDA\AppData\Roaming\Leadertech
[2010/12/08 12:10:49 | 000,000,000 | ---D | M] -- C:\Users\BUDA\AppData\Roaming\MAGIX
[2013/02/14 15:17:44 | 000,000,000 | ---D | M] -- C:\Users\BUDA\AppData\Roaming\Opfi
[2008/02/01 11:56:44 | 000,000,000 | ---D | M] -- C:\Users\BUDA\AppData\Roaming\Sigel
[2007/12/21 09:24:27 | 000,000,000 | ---D | M] -- C:\Users\BUDA\AppData\Roaming\Template
[2013/02/14 15:17:34 | 000,000,000 | ---D | M] -- C:\Users\BUDA\AppData\Roaming\Uwadb
[2007/07/24 16:42:44 | 000,000,000 | -HSD | M] -- C:\ProgramData\Anwendungsdaten
[2007/07/24 16:42:44 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop
[2007/07/24 16:42:44 | 000,000,000 | -HSD | M] -- C:\ProgramData\Dokumente
[2007/11/29 13:39:22 | 000,000,000 | ---D | M] -- C:\ProgramData\EPSON
[2007/07/24 16:42:44 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favoriten
[2010/12/08 13:57:04 | 000,000,000 | ---D | M] -- C:\ProgramData\MAGIX
[2013/02/10 03:49:44 | 000,000,000 | ---D | M] -- C:\ProgramData\mquadr.at
[2009/11/28 01:15:38 | 000,000,000 | ---D | M] -- C:\ProgramData\SF
[2007/07/24 16:42:44 | 000,000,000 | -HSD | M] -- C:\ProgramData\Startmenü
[2009/03/11 17:48:30 | 000,000,000 | ---D | M] -- C:\ProgramData\UDL
[2007/07/24 16:42:44 | 000,000,000 | -HSD | M] -- C:\ProgramData\Vorlagen
[2013/02/10 03:50:25 | 000,000,000 | -H-D | M] -- C:\ProgramData\{3192C226-BD81-479F-822D-6CF72EE1AB45}
[2007/06/19 04:07:46 | 000,000,000 | ---D | M] -- C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}
[2013/02/16 10:51:00 | 000,032,574 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2013/02/16 09:20:00 | 000,000,416 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{5CDEEC43-AD70-4717-8A64-53F46756EE77}.job

========== Purity Check ==========


< End of report >

 

Themen zu trojaner OTL.txt
adobe, autorun, bho, desktop, downloader, explorer, firefox, format, home, infizierte, launch, logfile, microsoft, mozilla, pdf, photoshop, realtek, registry, scan, security, software, symantec, trojaner, usb, vista


« windows defender-warnung Adware: win32/PriceGong | GVU und kann nicht mehr auf Notebook zugreifen »


Zum Thema trojaner OTL.txt - hallo zusammen! ich habe mich hier quer durchs forum gelesen und es bis hier hin (OTL.txt) geschafft. nun brauche ich aber hilfe, weil ich keine ahnung habe wie es jetzt - trojaner OTL.txt...
Archiv
Du betrachtest: trojaner OTL.txt auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131