Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
IE hängt sich dauernd auf nach gelöschtem Trojaner

IE hängt sich dauernd auf nach gelöschtem Trojaner


Plagegeister aller Art und deren Bekämpfung: IE hängt sich dauernd auf nach gelöschtem Trojaner

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 07.05.2010, 13:21   #1
Mavez
 
IE hängt sich dauernd auf nach gelöschtem Trojaner - Standard

IE hängt sich dauernd auf nach gelöschtem Trojaner


Hallo,

Ich mir vor kurzem ein Trojaner (trotz start der datei mit Sandbox) eingefangen, Avast war natürlich sofort weg vom Fenster. Anstattdessen hatte ich nun ein Trojaner-AntiViren Programm aufm meinem Pc, sowohl IE und Firefox liesen mich aus "Sicherheitsgründen" nur auf die bezahl-seite des Security Centers, gut PC aus, abgesicherter Modus und TheCleaner hat mir 2 dateien und 2 reg keys gelöscht. Noch die Proxy einstellungen des Trojaners gelöscht und ich konnte wieder ins Internet. Tags darauf fand ich nen 500mb großen "emule" Ordner mit diversen XXX und gepackten rar dateien unter Appdata\LocalLow\M und noch mal nen 2. Ordner mit dem selben inhalt unter Local. Natürlich beides gleich gelöscht. Endlich Ruhe - dachte ich, nun hängt sich der IE bei jeder Seite auf die etwas mehr Inhalt hat, als die Google Startseite. Woran kann das liegen, immernoch was von dem Virus auf dem PC, oder IE kaputt?

Zitat:
OTL logfile created on: 07.05.2010 13:33:13 - Run 1
OTL by OldTimer - Version 3.2.4.1 Folder = C:\Users\xxxxx\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 48,00% Memory free
6,00 Gb Paging File | 4,00 Gb Available in Paging File | 72,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 140,50 Gb Total Space | 34,36 Gb Free Space | 24,46% Space Free | Partition Type: NTFS
Drive D: | 144,04 Gb Total Space | 89,52 Gb Free Space | 62,15% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: xxxxx-PC
Current User Name: xxxxx
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.05.07 13:33:05 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Users\xxxxx\Desktop\OTL.exe
PRC - [2010.04.14 18:47:08 | 002,790,472 | ---- | M] (ALWIL Software) -- C:\Programme\Alwil Software\Avast5\AvastUI.exe
PRC - [2010.04.14 18:47:05 | 000,040,384 | ---- | M] (ALWIL Software) -- C:\Programme\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010.04.07 21:08:52 | 000,810,120 | ---- | M] (ESET) -- C:\Programme\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2010.04.07 21:08:30 | 002,145,000 | ---- | M] (ESET) -- C:\Programme\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2009.10.27 05:34:44 | 000,289,072 | ---- | M] (BitTorrent, Inc.) -- C:\Programme\uTorrent\uTorrent.exe
PRC - [2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.07.14 03:17:29 | 000,673,048 | ---- | M] (Microsoft Corporation) -- C:\Programme\Internet Explorer\iexplore.exe
PRC - [2009.07.14 03:14:47 | 001,121,280 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2009.07.14 03:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009.06.04 20:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009.06.04 20:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008.08.19 15:27:22 | 000,024,576 | ---- | M] () -- C:\Programme\Acer\Empowering Technology\Service\ETService.exe
PRC - [2008.08.01 10:51:42 | 000,405,504 | ---- | M] (Acer Inc.) -- C:\Programme\Acer\Empowering Technology\ePower\ePower_DMC.exe


========== Modules (SafeList) ==========

MOD - [2010.05.07 13:33:05 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Users\xxxxx\Desktop\OTL.exe
MOD - [2009.07.14 03:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll
MOD - [2009.07.14 03:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll
MOD - [2009.07.14 03:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll
MOD - [2009.07.14 03:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll
MOD - [2009.07.14 03:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll
MOD - [2009.07.14 03:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll
MOD - [2009.07.14 03:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll
MOD - [2009.07.14 03:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll
MOD - [2009.07.14 03:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll
MOD - [2009.07.14 03:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll
MOD - [2009.07.14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
MOD - [2009.07.14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (DAUpdaterSvc)
SRV - [2010.05.02 19:18:03 | 000,390,952 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010.04.14 18:47:05 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010.04.14 18:47:05 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010.04.14 18:47:05 | 000,040,384 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010.04.07 21:13:20 | 000,033,560 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV - [2010.04.07 21:08:52 | 000,810,120 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2010.03.10 19:54:45 | 000,435,016 | ---- | M] (TuneUp Software) [Disabled | Stopped] -- C:\Programme\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (XXXX Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\XXXX\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2010.02.01 14:00:40 | 001,043,784 | ---- | M] (TuneUp Software) [Disabled | Stopped] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2010.02.01 13:57:16 | 000,030,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
SRV - [2009.12.26 02:27:06 | 000,658,432 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009.09.12 00:34:12 | 001,488,128 | ---- | M] (O&O Software GmbH) [Auto | Stopped] -- C:\Program Files\OO Software\Defrag\oodag.exe -- (O&O Defrag)
SRV - [2009.07.14 03:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc)
SRV - [2009.07.14 03:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc)
SRV - [2009.07.14 03:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power)
SRV - [2009.07.14 03:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes)
SRV - [2009.07.14 03:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify)
SRV - [2009.07.14 03:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 03:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc)
SRV - [2009.07.14 03:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc)
SRV - [2009.07.14 03:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider)
SRV - [2009.07.14 03:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.07.14 03:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener)
SRV - [2009.07.14 03:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009.07.14 03:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)
SRV - [2009.07.14 03:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc)
SRV - [2009.07.14 03:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC)
SRV - [2009.07.14 03:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) ActiveX-Installer (AxInstSV)
SRV - [2009.07.14 03:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc)
SRV - [2009.07.14 03:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\sppsvc.exe -- (sppsvc)
SRV - [2009.06.04 20:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2008.08.19 15:27:22 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Programme\Acer\Empowering Technology\Service\ETService.exe -- (ETService)


========== Driver Services (SafeList) ==========

DRV - [2010.05.07 13:06:23 | 000,054,920 | ---- | M] (Prevx) [File_System | Auto | Running] -- C:\Windows\System32\drivers\pxrts.sys -- (pxrts)
DRV - [2010.05.07 13:06:23 | 000,030,320 | ---- | M] (Prevx) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pxscan.sys -- (pxscan)
DRV - [2010.05.07 13:06:22 | 000,024,400 | ---- | M] (Prevx) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\pxkbf.sys -- (pxkbf)
DRV - [2010.05.06 00:31:36 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010.04.14 18:35:47 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010.04.14 18:35:25 | 000,162,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010.04.14 18:31:39 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010.04.14 18:31:23 | 000,051,792 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2010.04.14 18:31:01 | 000,019,024 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010.04.07 21:09:52 | 000,096,896 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV - [2010.04.07 21:08:36 | 000,114,984 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2010.04.07 21:05:14 | 000,134,024 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm)
DRV - [2010.03.17 02:01:53 | 011,597,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010.01.28 16:25:03 | 000,068,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2009.12.17 11:17:57 | 000,279,712 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2009.12.17 11:17:57 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2009.11.30 05:09:28 | 000,223,440 | ---- | M] (TrueCrypt Foundation) [Kernel | System | Running] -- C:\Windows\System32\drivers\truecrypt.sys -- (truecrypt)
DRV - [2009.10.14 08:24:44 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Stopped] -- C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2009.09.15 20:40:18 | 006,114,816 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5s32.sys -- (NETw5s32) Intel(R)
DRV - [2009.08.28 10:33:50 | 000,228,784 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)
DRV - [2009.08.23 06:06:38 | 000,048,640 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1E62x86.sys -- (L1E)
DRV - [2009.07.14 03:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\cmdide.sys -- (cmdide)
DRV - [2009.07.14 03:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpahci.sys -- (adpahci)
DRV - [2009.07.14 03:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adp94xx.sys -- (adp94xx)
DRV - [2009.07.14 03:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsbs.sys -- (amdsbs)
DRV - [2009.07.14 03:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpu320.sys -- (adpu320)
DRV - [2009.07.14 03:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arcsas.sys -- (arcsas)
DRV - [2009.07.14 03:26:15 | 000,079,952 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsata.sys -- (amdsata)
DRV - [2009.07.14 03:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arc.sys -- (arc)
DRV - [2009.07.14 03:26:15 | 000,023,616 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\amdxata.sys -- (amdxata)
DRV - [2009.07.14 03:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\aliide.sys -- (aliide)
DRV - [2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvstor.sys -- (nvstor)
DRV - [2009.07.14 03:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvraid.sys -- (nvraid)
DRV - [2009.07.14 03:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nfrd960.sys -- (nfrd960)
DRV - [2009.07.14 03:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS)
DRV - [2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iaStorV.sys -- (iaStorV)
DRV - [2009.07.14 03:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MegaSR.sys -- (MegaSR)
DRV - [2009.07.14 03:20:36 | 000,133,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\ksecpkg.sys -- (KSecPkg)
DRV - [2009.07.14 03:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2009.07.14 03:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC)
DRV - [2009.07.14 03:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2)
DRV - [2009.07.14 03:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iirsp.sys -- (iirsp)
DRV - [2009.07.14 03:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\megasas.sys -- (megasas)
DRV - [2009.07.14 03:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy)
DRV - [2009.07.14 03:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\elxstor.sys -- (elxstor)
DRV - [2009.07.14 03:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\djsvs.sys -- (aic78xx)
DRV - [2009.07.14 03:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD)
DRV - [2009.07.14 03:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends)
DRV - [2009.07.14 03:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vsmraid.sys -- (vsmraid)
DRV - [2009.07.14 03:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)
DRV - [2009.07.14 03:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vhdmp.sys -- (vhdmp)
DRV - [2009.07.14 03:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt)
DRV - [2009.07.14 03:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vdrvroot.sys -- (vdrvroot)
DRV - [2009.07.14 03:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount)
DRV - [2009.07.14 03:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\viaide.sys -- (viaide)
DRV - [2009.07.14 03:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql2300.sys -- (ql2300)
DRV - [2009.07.14 03:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\rdyboost.sys -- (rdyboost)
DRV - [2009.07.14 03:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql40xx.sys -- (ql40xx)
DRV - [2009.07.14 03:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4)
DRV - [2009.07.14 03:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pcw.sys -- (pcw)
DRV - [2009.07.14 03:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2)
DRV - [2009.07.14 03:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\stexstor.sys -- (stexstor)
DRV - [2009.07.14 03:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\cng.sys -- (CNG)
DRV - [2009.07.14 02:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC-Seriellschnittstellentreiber (WDM)
DRV - [2009.07.14 02:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rdpbus.sys -- (rdpbus)
DRV - [2009.07.14 02:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP)
DRV - [2009.07.14 01:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
DRV - [2009.07.14 01:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf)
DRV - [2009.07.14 01:53:40 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rmcast.sys -- (RMCAST)
DRV - [2009.07.14 01:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap)
DRV - [2009.07.14 01:52:04 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vwififlt.sys -- (vwififlt)
DRV - [2009.07.14 01:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus)
DRV - [2009.07.14 01:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\1394ohci.sys -- (1394ohci)
DRV - [2009.07.14 01:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\umpass.sys -- (UmPass)
DRV - [2009.07.14 01:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV - [2009.07.14 01:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MTConfig.sys -- (MTConfig)
DRV - [2009.07.14 01:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus)
DRV - [2009.07.14 01:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\appid.sys -- (AppID)
DRV - [2009.07.14 01:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter)
DRV - [2009.07.14 01:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)
DRV - [2009.07.14 01:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)
DRV - [2009.07.14 01:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\discache.sys -- (discache)
DRV - [2009.07.14 01:19:21 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HidBatt.sys -- (HidBatt)
DRV - [2009.07.14 01:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi)
DRV - [2009.07.14 01:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdppm.sys -- (AmdPPM)
DRV - [2009.07.14 00:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009.07.14 00:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm) Brother MFC-nur-Fax-Modem (USB)
DRV - [2009.07.14 00:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer) Brother MFC-WDM-Treiber (USB,seriell)
DRV - [2009.07.14 00:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm) Brother WDM-Treiber (seriell)
DRV - [2009.07.14 00:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo)
DRV - [2009.07.14 00:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp)
DRV - [2009.07.14 00:13:46 | 000,980,992 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VSTDPV3.SYS -- (SrvHsfV92)
DRV - [2009.07.14 00:13:45 | 000,661,504 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VSTCNXT3.SYS -- (SrvHsfWinac)
DRV - [2009.07.14 00:13:45 | 000,207,360 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (SrvHsfHDA)
DRV - [2009.07.14 00:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32) Intel(R)
DRV - [2009.07.14 00:02:50 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2009.07.14 00:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)
DRV - [2009.07.14 00:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\evbdx.sys -- (ebdrv)
DRV - [2009.07.14 00:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv)
DRV - [2009.06.24 15:03:02 | 000,044,544 | ---- | M] (Nuvoton Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nuvotoncir.sys -- (nuvotoncir)
DRV - [2009.06.09 05:18:16 | 000,038,400 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\DGIVECP.SYS -- (DgiVecp)
DRV - [2009.06.04 19:43:16 | 000,330,264 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\iaStor.sys -- (iaStor)
DRV - [2008.08.19 15:23:00 | 000,015,392 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\int15.sys -- (int15)
DRV - [2008.01.10 20:34:44 | 000,005,120 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\SSPORT.SYS -- (SSPORT)
DRV - [2007.08.02 18:32:26 | 000,022,784 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dadder.sys -- (DAdderFltr)
DRV - [2006.09.24 15:28:46 | 000,005,248 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Boot | Running] -- C:\Windows\system32\speedfan.sys -- (speedfan)
DRV - [1996.04.03 21:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\system32\giveio.sys -- (giveio)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "hxxp://google.de/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.1.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.9\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.04.13 13:17:21 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.9\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.05.05 20:19:06 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.4\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010.04.05 14:44:03 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010.05.06 00:55:45 | 000,000,000 | ---D | M]

[2010.03.29 22:27:32 | 000,000,000 | ---D | M] -- C:\Users\xxxxx\AppData\Roaming\mozilla\Extensions
[2010.02.19 13:26:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xxxxx\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010.03.29 22:27:32 | 000,000,000 | ---D | M] -- C:\Users\xxxxx\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
[2010.05.06 14:44:28 | 000,000,000 | ---D | M] -- C:\Users\xxxxx\AppData\Roaming\mozilla\Firefox\Profiles\5l84llkb.default\extensions
[2010.04.13 18:36:42 | 000,000,000 | ---D | M] (FlashGot) -- C:\Users\xxxxx\AppData\Roaming\mozilla\Firefox\Profiles\5l84llkb.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
[2010.04.15 21:19:11 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\xxxxx\AppData\Roaming\mozilla\Firefox\Profiles\5l84llkb.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010.05.03 22:00:37 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\xxxxx\AppData\Roaming\mozilla\Firefox\Profiles\5l84llkb.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.05.01 19:02:50 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2010.05.01 19:02:50 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.05.01 19:02:39 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.01.12 22:03:50 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npwachk.dll
[2009.11.03 04:14:39 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2009.11.03 04:14:39 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2009.11.03 04:14:39 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2009.11.03 04:14:39 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2009.11.03 04:14:39 | 000,000,801 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2010.05.04 17:39:17 | 000,001,077 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1
O1 - Hosts: 127.0.0.1
O1 - Hosts: 127.0.0.1
O1 - Hosts: 127.0.0.1
O1 - Hosts: 127.0.0.1
O1 - Hosts: 127.0.0.1
O1 - Hosts: 127.0.0.1
O1 - Hosts: 127.0.0.1
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4F11ACBB-393F-4C86-A214-FF3D0D155CC3} - No CLSID value found.
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (ALWIL Software)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [ePower_DMC] C:\Programme\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Inc.)
O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} hxxp://download.bitdefender.com/resources/scanner/sources/de/scan8/oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} hxxp://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-29-0.cab (EPUImageControl Class)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.XXXX.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (OODBS) - C:\Windows\System32\OODBS.exe (O&O Software GmbH)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010.05.07 13:32:14 | 000,570,880 | ---- | C] (OldTimer Tools) -- C:\Users\xxxxx\Desktop\OTL.exe
[2010.05.07 13:24:51 | 000,000,000 | ---D | C] -- C:\rsit
[2010.05.07 13:06:23 | 000,060,928 | ---- | C] (Prevx) -- C:\Windows\System32\PxSecure.dll-67246867
[2010.05.07 13:06:23 | 000,054,920 | ---- | C] (Prevx) -- C:\Windows\System32\drivers\pxrts.sys
[2010.05.07 13:06:23 | 000,030,320 | ---- | C] (Prevx) -- C:\Windows\System32\drivers\pxscan.sys
[2010.05.07 13:06:22 | 000,024,400 | ---- | C] (Prevx) -- C:\Windows\System32\drivers\pxkbf.sys
[2010.05.06 23:52:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2010.05.06 20:35:09 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Blizzard Entertainment
[2010.05.06 20:31:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard
[2010.05.06 19:03:20 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010.05.06 01:32:41 | 000,000,000 | ---D | C] -- C:\Users\xxxxx\AppData\Local\ESET
[2010.05.06 00:55:44 | 000,000,000 | ---D | C] -- C:\Programme\ESET
[2010.05.06 00:55:44 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2010.05.05 20:19:46 | 000,000,000 | ---D | C] -- C:\Windows\System32\XXXX
[2010.05.05 20:19:05 | 000,000,000 | ---D | C] -- C:\ProgramData\NOS
[2010.05.05 19:46:51 | 000,000,000 | ---D | C] -- C:\Programme\Spybot - Search & Destroy
[2010.05.05 19:46:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2010.05.04 22:22:50 | 000,000,000 | ---D | C] -- C:\Programme\Eraser
[2010.05.04 18:11:31 | 000,000,000 | ---D | C] -- C:\ProgramData\XXXX
[2010.05.04 17:51:06 | 000,000,000 | ---D | C] -- C:\ProgramData\ALM
[2010.05.04 17:48:06 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\XXXX
[2010.05.04 17:44:41 | 000,000,000 | ---D | C] -- C:\Programme\XXXX Media Player
[2010.05.04 17:43:41 | 000,000,000 | ---D | C] -- C:\Programme\XXXX
[2010.05.04 17:41:52 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\XXXX
[2010.05.04 17:34:29 | 000,000,000 | ---D | C] -- C:\Users\xxxxx\AppData\Local\XXXX
[2010.05.02 18:49:20 | 000,000,000 | ---D | C] -- C:\Users\xxxxx\AppData\Roaming\TrueCrypt
[2010.05.02 18:42:36 | 000,000,000 | ---D | C] -- C:\Programme\eBay
[2010.05.02 18:42:36 | 000,000,000 | ---D | C] -- C:\ProgramData\eBay
[2010.05.01 23:42:25 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations
[2010.05.01 21:00:16 | 000,000,000 | ---D | C] -- C:\Users\xxxxx\AppData\Roaming\NVIDIA
[2010.05.01 20:31:10 | 000,304,128 | ---- | C] (InstallShield Corporation, Inc.) -- C:\Windows\unin0407.exe
[2010.05.01 19:02:49 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2010.05.01 19:02:49 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010.05.01 19:02:49 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010.05.01 19:02:49 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010.05.01 19:02:38 | 000,000,000 | ---D | C] -- C:\Programme\Java
[2010.04.26 22:45:24 | 000,000,000 | ---D | C] -- C:\Windows\System32\directx
[2010.04.23 16:59:54 | 001,044,480 | R--- | C] (eHelp Corporation.) -- C:\Windows\System32\roboex32.dll
[2010.04.23 16:59:54 | 000,049,152 | R--- | C] (Blue Sky Software Corporation.) -- C:\Windows\System32\inetwh32.dll
[2010.04.21 00:25:16 | 000,000,000 | ---D | C] -- C:\Programme\Trend Micro
[2010.04.20 22:13:31 | 000,000,000 | ---D | C] -- C:\Users\xxxxx\AppData\Roaming\Real
[2010.04.16 22:26:25 | 000,068,200 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvhda32v.sys
[2010.04.16 22:26:25 | 000,057,344 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\System32\nvapo32v.dll
[2010.04.16 22:26:25 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nvhdap32.dll
[2010.04.16 22:25:59 | 000,000,000 | ---D | C] -- C:\Windows\DEA314C409294250BC9298E4C105F28D.TMP
[2010.04.16 22:15:09 | 011,597,416 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys
[2010.04.16 22:15:09 | 004,513,896 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvwgf2um.dll
[2010.04.16 22:15:09 | 000,223,848 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvumdshim.dll
[2010.04.16 22:15:09 | 000,056,424 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll
[2010.04.16 22:15:09 | 000,010,920 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvBridge.kmd
[2010.04.16 22:15:08 | 015,235,688 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll
[2010.04.16 22:15:08 | 009,393,256 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvd3dum.dll
[2010.04.16 22:15:08 | 002,908,264 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvencodemft.dll
[2010.04.16 22:15:08 | 000,316,008 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdecodemft.dll
[2010.04.16 22:15:08 | 000,088,168 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvinit.dll
[2010.04.16 22:15:07 | 002,647,144 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll
[2010.04.16 22:15:07 | 002,009,704 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll
[2010.04.16 22:15:05 | 011,647,592 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll
[2010.04.16 22:15:05 | 004,029,544 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll
[2010.04.16 22:15:05 | 001,299,048 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvapi.dll
[2010.04.16 22:15:05 | 000,215,656 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcod1910.dll
[2010.04.16 22:15:05 | 000,215,656 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcod.dll
[2010.04.16 22:13:55 | 000,000,000 | ---D | C] -- C:\Users\xxxxx\AppData\Local\Diagnostics
[2010.04.16 22:08:09 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2010.04.16 22:06:18 | 000,000,000 | ---D | C] -- C:\Windows\System32\xlive
[2010.04.16 22:06:18 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Games for Windows - LIVE
[2010.04.15 18:54:52 | 000,000,000 | R--D | C] -- C:\Sandbox
[2010.04.11 19:28:34 | 000,000,000 | ---D | C] -- C:\Programme\Avira
[2010.04.11 16:30:31 | 000,066,800 | ---- | C] (Just Great Software) -- C:\Windows\UnDeployV.exe
[2010.04.11 16:21:45 | 000,000,000 | ---D | C] -- C:\Users\xxxxx\AppData\Roaming\FileMaker Pro Advanced
[2010.04.11 16:20:41 | 000,000,000 | ---D | C] -- C:\Users\xxxxx\AppData\Roaming\Leadertech
[2010.04.10 19:54:36 | 000,000,000 | ---D | C] -- C:\Users\xxxxx\AppData\Roaming\IrfanView
[2010.04.10 19:54:36 | 000,000,000 | ---D | C] -- C:\Programme\IrfanView
[2010.04.07 21:09:52 | 000,096,896 | ---- | C] (ESET) -- C:\Windows\System32\drivers\epfwwfpr.sys
[2010.04.07 21:08:36 | 000,114,984 | ---- | C] (ESET) -- C:\Windows\System32\drivers\ehdrv.sys
[2010.04.07 21:05:14 | 000,134,024 | ---- | C] (ESET) -- C:\Windows\System32\drivers\eamonm.sys
[2009.10.28 00:17:11 | 000,172,032 | ---- | C] ( ) -- C:\Windows\System32\rsnp2uvc.dll
[2009.10.28 00:17:11 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\csnp2uvc.dll
[5 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.05.07 13:34:23 | 002,359,296 | -HS- | M] () -- C:\Users\xxxxx\ntuser.dat
[2010.05.07 13:33:05 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Users\xxxxx\Desktop\OTL.exe
[2010.05.07 13:24:45 | 000,824,681 | ---- | M] () -- C:\Users\xxxxx\Desktop\RSIT.exe
[2010.05.07 13:06:23 | 000,060,928 | ---- | M] (Prevx) -- C:\Windows\System32\PxSecure.dll-67246867
[2010.05.07 13:06:23 | 000,054,920 | ---- | M] (Prevx) -- C:\Windows\System32\drivers\pxrts.sys
[2010.05.07 13:06:23 | 000,030,320 | ---- | M] (Prevx) -- C:\Windows\System32\drivers\pxscan.sys
[2010.05.07 13:06:22 | 000,024,400 | ---- | M] (Prevx) -- C:\Windows\System32\drivers\pxkbf.sys
[2010.05.07 01:11:11 | 000,000,644 | ---- | M] () -- C:\Users\Public\Desktop\World of Warcraft.lnk
[2010.05.07 01:06:19 | 000,001,334 | ---- | M] () -- C:\Users\xxxxx\Desktop\World of Warcraft-Installationsprogramm.lnk
[2010.05.06 19:03:13 | 000,000,387 | ---- | M] () -- C:\Windows\win.ini
[2010.05.06 18:50:37 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.05.06 18:50:37 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.05.06 18:49:53 | 001,472,002 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.05.06 18:49:53 | 000,643,866 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.05.06 18:49:53 | 000,607,190 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.05.06 18:49:53 | 000,126,394 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.05.06 18:49:53 | 000,103,568 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.05.06 18:45:36 | 000,000,436 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.ics
[2010.05.06 18:45:29 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.05.06 18:45:22 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.05.06 18:45:18 | 2411,876,352 | -HS- | M] () -- C:\hiberfil.sys
[2010.05.06 18:45:18 | 000,026,796 | ---- | M] () -- C:\Windows\System32\oodbs.lor
[2010.05.06 00:33:27 | 000,000,057 | ---- | M] () -- C:\Windows\System32\mapisvc.inf
[2010.05.06 00:31:36 | 000,691,696 | ---- | M] () -- C:\Windows\System32\drivers\sptd.sys
[2010.05.04 22:22:51 | 000,001,751 | ---- | M] () -- C:\Users\Public\Desktop\Eraser.lnk
[2010.05.04 18:23:08 | 003,766,288 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.05.04 17:39:17 | 000,001,077 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2010.05.01 19:02:39 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2010.05.01 19:02:39 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010.05.01 19:02:39 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010.05.01 19:02:39 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010.04.29 21:24:02 | 000,012,162 | ---- | M] () -- C:\Users\xxxxx\Desktop\Microsoft Office Word-Dokument (neu).docx
[2010.04.28 03:34:55 | 000,065,223 | ---- | M] () -- C:\Windows\System32\MiniDump.dmp
[2010.04.27 22:08:19 | 000,000,000 | -H-- | M] () -- C:\Users\xxxxx\Documents\Default.rdp
[2010.04.24 23:41:35 | 000,000,202 | ---- | M] () -- C:\Users\xxxxx\Desktop\ebm-radio.de.pls
[2010.04.23 16:59:54 | 001,044,480 | R--- | M] (eHelp Corporation.) -- C:\Windows\System32\roboex32.dll
[2010.04.23 16:59:54 | 000,049,152 | R--- | M] (Blue Sky Software Corporation.) -- C:\Windows\System32\inetwh32.dll
[2010.04.23 02:50:24 | 000,524,288 | -HS- | M] () -- C:\Users\xxxxx\ntuser.dat{e7b90a43-4ca8-11df-9ef1-c9feaf2651f7}.TMContainer00000000000000000002.regtrans-ms
[2010.04.23 02:50:24 | 000,524,288 | -HS- | M] () -- C:\Users\xxxxx\ntuser.dat{e7b90a43-4ca8-11df-9ef1-c9feaf2651f7}.TMContainer00000000000000000001.regtrans-ms
[2010.04.23 02:50:24 | 000,065,536 | -HS- | M] () -- C:\Users\xxxxx\ntuser.dat{e7b90a43-4ca8-11df-9ef1-c9feaf2651f7}.TM.blf
[2010.04.22 17:20:24 | 000,000,156 | ---- | M] () -- C:\Users\xxxxx\Desktop\Rautemusik Extreme.pls
[2010.04.20 20:44:47 | 560,220,198 | ---- | M] () -- C:\Users\xxxxx\Documents\Test Drive Unlimited.rar
[2010.04.20 20:39:16 | 039,104,348 | ---- | M] () -- C:\Users\xxxxx\Pictures.rar
[2010.04.20 20:35:16 | 035,559,405 | ---- | M] () -- C:\Users\xxxxx\Desktop\jdownloader.rar
[2010.04.20 20:24:19 | 000,262,144 | ---- | M] () -- C:\ntuser.dat
[2010.04.17 00:46:10 | 000,003,584 | ---- | M] () -- C:\Users\xxxxx\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.04.15 11:16:28 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2010.04.14 18:47:23 | 000,038,848 | ---- | M] (ALWIL Software) -- C:\Windows\System32\avastSS.scr
[2010.04.14 18:47:03 | 000,153,184 | ---- | M] (ALWIL Software) -- C:\Windows\System32\aswBoot.exe
[2010.04.14 18:35:47 | 000,046,672 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2010.04.14 18:35:25 | 000,162,768 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswSP.sys
[2010.04.14 18:31:39 | 000,023,376 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2010.04.14 18:31:23 | 000,051,792 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2010.04.14 18:31:01 | 000,019,024 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2010.04.11 18:53:45 | 001,126,400 | ---- | M] () -- C:\Users\xxxxx\Documents\Posten.accdb
[2010.04.11 16:22:40 | 000,053,248 | ---- | M] () -- C:\Users\xxxxx\Documents\LOL.fp7
[2010.04.07 21:09:52 | 000,096,896 | ---- | M] (ESET) -- C:\Windows\System32\drivers\epfwwfpr.sys
[2010.04.07 21:08:36 | 000,114,984 | ---- | M] (ESET) -- C:\Windows\System32\drivers\ehdrv.sys
[2010.04.07 21:05:14 | 000,134,024 | ---- | M] (ESET) -- C:\Windows\System32\drivers\eamonm.sys
[5 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.05.07 13:24:23 | 000,824,681 | ---- | C] () -- C:\Users\xxxxx\Desktop\RSIT.exe
[2010.05.06 20:35:09 | 000,000,644 | ---- | C] () -- C:\Users\Public\Desktop\World of Warcraft.lnk
[2010.05.06 20:31:44 | 000,001,334 | ---- | C] () -- C:\Users\xxxxx\Desktop\World of Warcraft-Installationsprogramm.lnk
[2010.05.06 00:31:36 | 000,691,696 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2010.05.04 22:22:51 | 000,001,751 | ---- | C] () -- C:\Users\Public\Desktop\Eraser.lnk
[2010.04.29 21:21:24 | 000,012,162 | ---- | C] () -- C:\Users\xxxxx\Desktop\Microsoft Office Word-Dokument (neu).docx
[2010.04.28 03:34:29 | 000,065,223 | ---- | C] () -- C:\Windows\System32\MiniDump.dmp
[2010.04.27 22:08:19 | 000,000,000 | -H-- | C] () -- C:\Users\xxxxx\Documents\Default.rdp
[2010.04.24 23:41:35 | 000,000,202 | ---- | C] () -- C:\Users\xxxxx\Desktop\ebm-radio.de.pls
[2010.04.22 17:20:24 | 000,000,156 | ---- | C] () -- C:\Users\xxxxx\Desktop\Rautemusik Extreme.pls
[2010.04.20 21:51:56 | 000,524,288 | -HS- | C] () -- C:\Users\xxxxx\ntuser.dat{e7b90a43-4ca8-11df-9ef1-c9feaf2651f7}.TMContainer00000000000000000002.regtrans-ms
[2010.04.20 21:51:56 | 000,524,288 | -HS- | C] () -- C:\Users\xxxxx\ntuser.dat{e7b90a43-4ca8-11df-9ef1-c9feaf2651f7}.TMContainer00000000000000000001.regtrans-ms
[2010.04.20 21:51:56 | 000,065,536 | -HS- | C] () -- C:\Users\xxxxx\ntuser.dat{e7b90a43-4ca8-11df-9ef1-c9feaf2651f7}.TM.blf
[2010.04.20 20:38:31 | 039,104,348 | ---- | C] () -- C:\Users\xxxxx\Pictures.rar
[2010.04.20 20:37:40 | 560,220,198 | ---- | C] () -- C:\Users\xxxxx\Documents\Test Drive Unlimited.rar
[2010.04.20 20:31:58 | 035,559,405 | ---- | C] () -- C:\Users\xxxxx\Desktop\jdownloader.rar
[2010.04.20 20:23:52 | 000,262,144 | ---- | C] () -- C:\ntuser.dat
[2010.04.17 00:46:10 | 000,003,584 | ---- | C] () -- C:\Users\xxxxx\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.04.16 22:15:09 | 000,007,772 | ---- | C] () -- C:\Windows\System32\nvinfo.pb
[2010.04.11 18:53:26 | 001,126,400 | ---- | C] () -- C:\Users\xxxxx\Documents\Posten.accdb
[2010.04.11 16:21:44 | 000,053,248 | ---- | C] () -- C:\Users\xxxxx\Documents\LOL.fp7
[2010.04.07 20:53:01 | 000,026,796 | ---- | C] () -- C:\Windows\System32\oodbs.lor
[2010.02.17 16:18:13 | 000,202,240 | ---- | C] () -- C:\Windows\patchw32.dll
[2010.02.17 16:09:12 | 000,069,632 | R--- | C] () -- C:\Windows\System32\xmltok.dll
[2010.02.17 16:09:12 | 000,036,864 | R--- | C] () -- C:\Windows\System32\xmlparse.dll
[2010.02.10 22:33:24 | 000,022,723 | ---- | C] () -- C:\Windows\System32\ssp2ml3.dll
[2009.12.17 11:17:57 | 000,279,712 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2009.12.17 11:17:57 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2009.11.06 10:58:04 | 000,178,975 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2009.10.28 00:17:11 | 001,749,376 | ---- | C] () -- C:\Windows\System32\snp2uvc.sys
[2009.10.28 00:17:11 | 001,749,376 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2009.10.28 00:17:11 | 000,028,032 | ---- | C] () -- C:\Windows\System32\sncduvc.sys
[2009.10.28 00:17:11 | 000,028,032 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys
[2009.10.28 00:17:11 | 000,000,131 | ---- | C] () -- C:\Windows\System32\PidList.ini
[2009.10.27 21:05:07 | 000,487,424 | ---- | C] () -- C:\Windows\System32\INT15.dll
[2009.10.27 06:01:02 | 000,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2009.10.27 06:01:01 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2009.10.27 06:00:58 | 002,378,752 | ---- | C] () -- C:\Windows\System32\x264vfw.dll
[2009.10.27 06:00:57 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2009.10.27 06:00:57 | 000,881,664 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2009.10.27 06:00:57 | 000,205,824 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2009.10.27 06:00:53 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2009.10.27 06:00:53 | 000,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest
[2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009.01.05 16:44:10 | 000,000,483 | ---- | C] () -- C:\Windows\bdoscandellang.ini
[2003.03.11 12:56:52 | 000,051,200 | ---- | C] () -- C:\Windows\System32\ThriXXX010205PNG.dll
[2003.03.11 12:56:36 | 000,023,040 | ---- | C] () -- C:\Windows\System32\ThriXXX010104Z.dll
[2003.03.11 12:56:24 | 000,056,832 | ---- | C] () -- C:\Windows\System32\ThriXXX015003JP2.dll
[2003.01.29 11:10:06 | 000,046,592 | ---- | C] () -- C:\Windows\System32\vorbis.dll
[2003.01.29 11:10:06 | 000,007,168 | ---- | C] () -- C:\Windows\System32\ogg.dll
[1996.04.03 21:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys
< End of report >

Alt 07.05.2010, 15:50   #2
Mavez
 
IE hängt sich dauernd auf nach gelöschtem Trojaner - Standard

IE hängt sich dauernd auf nach gelöschtem Trojaner


Nachtrag:

Kein plan wie ich den beitrag ändern/löschen kann. Aber Combofix hat geholfen, Datei zumindest bei mcafee (Virustotal) erkannt. Geht wieder alles
__________________
Antwort

Themen zu IE hängt sich dauernd auf nach gelöschtem Trojaner
adblock, antivirus, avast, avast!, bho, components, corp./icp, defender, einstellungen, eset nod32, excel.exe, explorer, firefox, fontcache, format, google, hängt, iastor.sys, ie und firefox, kaputt, location, logfile, mozilla, mozilla thunderbird, nvidia, nvlddmkm.sys, nvstor.sys, object, oldtimer, ordner, otl logfile, plug-in, programdata, programm, programme, proxy, registry, safer networking, searchplugins, security, sicherheitsgründe, sicherheitsgründen, software, sptd.sys, trojane, trojaner, virus, virus auf dem pc, webcheck, windows


« Internet Explorer öffnet sich..VIRUS? | Virus, weißer/schwarzer Hintergrund, Fakeantivir »


Ähnliche Themen: IE hängt sich dauernd auf nach gelöschtem Trojaner


  1. Nach Bluestacksroot Download installieren sich dauernd Programme
    Plagegeister aller Art und deren Bekämpfung - 22.09.2015 (12)
  2. PC hängt sich im I-net nach 10 min auf - Win 7 / Firefox
    Plagegeister aller Art und deren Bekämpfung - 25.09.2014 (11)
  3. Computer hängt dauernd
    Log-Analyse und Auswertung - 21.09.2014 (9)
  4. Windows 7 hängt sich nach beliebiger Aktion nach dem hochfahren auf! Abgesicherter Modus ebenfalls!
    Plagegeister aller Art und deren Bekämpfung - 12.09.2013 (21)
  5. PC sehr langsam und hängt sich dauernd auf - evtl. seit Facebooknutzung?
    Log-Analyse und Auswertung - 15.08.2013 (19)
  6. PC hängt sich dauernd auf nach drop.gen (trojan)
    Plagegeister aller Art und deren Bekämpfung - 10.08.2013 (9)
  7. Firefox hängt sich dauernd auf
    Plagegeister aller Art und deren Bekämpfung - 08.08.2013 (5)
  8. pc hängt sich nach 10-20 minuten auf
    Log-Analyse und Auswertung - 19.06.2012 (1)
  9. Pc hängt sich auf nach Virus/Trojaner
    Plagegeister aller Art und deren Bekämpfung - 14.04.2012 (14)
  10. Nach gelöschtem Trojaner und Neustart wird nur die Hintergrundgrafik angezeigt
    Plagegeister aller Art und deren Bekämpfung - 17.05.2011 (10)
  11. PC hängt sich dauernd auf - Virus?
    Log-Analyse und Auswertung - 29.12.2010 (1)
  12. Malwarebytes hängt sich nach 10-20 Sek. auf
    Plagegeister aller Art und deren Bekämpfung - 19.01.2010 (5)
  13. PC hängt sich dauernd auf...Virus??
    Plagegeister aller Art und deren Bekämpfung - 17.06.2009 (0)
  14. nach ca. 2 Minuten hängt er sich auf
    Log-Analyse und Auswertung - 18.05.2009 (1)
  15. PC hängt sich nach 5 Minuten auf
    Mülltonne - 10.11.2008 (1)
  16. Pc hängt dauernd
    Log-Analyse und Auswertung - 08.05.2007 (6)
  17. PC hängt sich nach dem Booten auf
    Log-Analyse und Auswertung - 10.03.2007 (6)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema IE hängt sich dauernd auf nach gelöschtem Trojaner - Hallo, Ich mir vor kurzem ein Trojaner (trotz start der datei mit Sandbox) eingefangen, Avast war natürlich sofort weg vom Fenster. Anstattdessen hatte ich nun ein Trojaner-AntiViren Programm aufm meinem - IE hängt sich dauernd auf nach gelöschtem Trojaner...
Archiv
Du betrachtest: IE hängt sich dauernd auf nach gelöschtem Trojaner auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54