Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   TR/Kazy.mekml.1 hat mich auch erwischt! (https://www.trojaner-board.de/98321-tr-kazy-mekml-1-hat-mich-erwischt.html)

Kahe 27.04.2011 17:22
TR/Kazy.mekml.1 hat mich auch erwischt!
 
Hallo Leute, der TR/Kazy.mekml.1 hat mich auch erwischt! Schwarzer Bildschirm wie unsichtbare Dateien gehören zu den Auswirkungen.

Ich weiss nicht was ich tun soll, bin Laie,wenn überhaupt;)
Habe nach durchlesen des Forums ein OTL Scan laufen lassen.
Als ich das OTL Dokument hochladen wollte,wurde mir angezeigt es sei zu groß, habe nur OTL Extras hochgeladen.

Bitte um eure Hilfe.

cosinus 28.04.2011 19:36
OTL.txt zippen und hier anhängen!
Was ist mit Malwarebytes?

Kahe 28.04.2011 19:53
Hallo Cosinus,

malwarebytes habe ich versucht runterzuladen.Scheitert aber an der Instalation.Hier noch das OTL Dokument:OTL Logfile:
Code:
OTL logfile created on: 28.04.2011 21:08:53 - Run 3
OTL by OldTimer - Version 3.2.22.3    Folder = C:\Users\Jan\Desktop
Windows Vista Home Premium Edition  (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.17037)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
766,00 Mb Total Physical Memory | 229,00 Mb Available Physical Memory | 30,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 55,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 37,56 Gb Total Space | 9,40 Gb Free Space | 25,03% Space Free | Partition Type: NTFS
Drive D: | 51,00 Gb Total Space | 50,87 Gb Free Space | 99,75% Space Free | Partition Type: NTFS
Drive F: | 13,23 Gb Total Space | 13,14 Gb Free Space | 99,34% Space Free | Partition Type: NTFS
 
Computer Name: xxx | User Name: xxx | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Jan\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\AntiVir PersonalEdition Classic\sched.exe (Avira GmbH)
PRC - C:\Programme\AntiVir PersonalEdition Classic\avguard.exe (Avira GmbH)
PRC - C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe (Avira GmbH)
PRC - C:\Programme\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Programme\Samsung\Samsung Update Plus\SLUTrayNotifier.exe ()
PRC - C:\Programme\Samsung\Easy Display Manager\dmhkcore.exe (SAMSUNG Electronics)
PRC - C:\Programme\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Programme\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\Windows\System32\agrsmsvc.exe (Agere Systems)
PRC - C:\Programme\Common Files\AccSys\accsvc.exe (AccSys GmbH)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Jan\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (AntiVirScheduler) -- C:\Programme\AntiVir PersonalEdition Classic\sched.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Programme\AntiVir PersonalEdition Classic\avguard.exe (Avira GmbH)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (Samsung Update Plus) -- C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe ()
SRV - (AgereModemAudio) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems)
SRV - (accsvc) -- C:\Programme\Common Files\AccSys\accsvc.exe (AccSys GmbH)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Programme\AntiVir PersonalEdition Classic\avgntflt.sys (Avira GmbH)
DRV - (avgio) -- C:\Programme\AntiVir PersonalEdition Classic\avgio.sys (Avira GmbH)
DRV - (hcw95rc) -- C:\Windows\System32\drivers\hcw95rc.sys (Hauppauge Computer Works, Inc.)
DRV - (hcw95bda) -- C:\Windows\System32\drivers\hcw95bda.sys (Hauppauge Computer Works, Inc.)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (AVIRA GmbH)
DRV - (motmodem) -- C:\Windows\System32\drivers\motmodem.sys (Motorola)
DRV - (KMDFMEMIO) -- C:\Windows\System32\drivers\KMDFMEMIO.sys (SAMSUNG ELECTRONICS CO., LTD.)
DRV - (R300) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)
DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC)
DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
DRV - (RTL8023xp) -- C:\Windows\System32\drivers\Rtnicxp.sys (Realtek Semiconductor Corporation                          )
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems)
DRV - (NETw2v32) Intel(R) -- C:\Windows\System32\drivers\NETw2v32.sys (Intel® Corporation)
DRV - (NPF) -- C:\Windows\System32\drivers\npf.sys (CACE Technologies)
DRV - (sscdbus) SAMSUNG USB Composite Device driver (WDM) -- C:\Windows\System32\drivers\sscdbus.sys (MCCI)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=307636bd0000000000000016e3df6c05&tlver=1.4.19.19&ss=1&affID=17395
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.babylon.com/?babsrc=HP_ss&mntrId=307636bd0000000000000016e3df6c05&tlver=1.4.19.19&ss=1&affID=17395
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaulturl: "hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "hxxp://t-online.de"
FF - prefs.js..network.proxy.type: 1
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2008.04.25 21:26:42 | 000,000,000 | -H-D | M]
 
[2011.04.26 15:31:59 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Jan\AppData\Roaming\mozilla\Firefox\Profiles\7gvwj2yj.default\extensions
[2011.04.26 15:32:01 | 000,000,000 | -H-D | M] (Babylon) -- C:\Users\Jan\AppData\Roaming\mozilla\Firefox\Profiles\7gvwj2yj.default\extensions\ffxtlbr@babylon.com
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
[2008.04.25 21:26:42 | 000,000,000 | -H-D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAM FILES\REAL\REALPLAYER\BROWSERRECORD
[2011.04.26 15:32:01 | 000,002,428 | -H-- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\babylon.xml
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | -H-- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O1 - Hosts: ::1            localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (CescrtHlpr Object) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Programme\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Programme\Google\GoogleToolbar2.dll (Google Germany GmbH)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Programme\Google\GoogleToolbar2.dll (Google Germany GmbH)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Programme\Google\GoogleToolbar2.dll (Google Germany GmbH)
O4 - HKLM..\Run: [avgnt] C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BabylonToolbar] C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe (Babylon Ltd.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: []  File not found
O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [InnoSetupRegFile.0000000001] C:\Windows\is-L400V.exe ()
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware (registration)] C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoHotStart = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} -  File not found
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} -  File not found
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O13 - gopher Prefix: missing
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab (QuickTime Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Public\Pictures\Sample Pictures\Humpback Whale.jpg
O24 - Desktop BackupWallPaper: C:\Users\Public\Pictures\Sample Pictures\Humpback Whale.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | -H-- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.04.27 17:43:07 | 007,734,208 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Users\Jan\Desktop\mbam-setup-1.50.1.1100[1].exe
[2011.04.27 16:56:29 | 000,000,000 | ---D | C] -- C:\_OTL
[2011.04.27 16:45:49 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Jan\Desktop\OTL.exe
[2011.04.26 15:32:01 | 000,000,000 | -H-D | C] -- C:\Programme\Mozilla Firefox
[2011.04.26 15:31:58 | 000,000,000 | -H-D | C] -- C:\Programme\BabylonToolbar
[2011.04.26 15:31:40 | 007,734,208 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Users\Jan\Desktop\mbam-setup-1.50.1.1100.exe
[2011.04.26 14:40:25 | 000,000,000 | -H-D | C] -- C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Recovery
[2011.04.18 19:49:16 | 000,000,000 | -H-D | C] -- C:\Users\Jan\AppData\Local\FullTiltPoker.NET
[2011.04.18 19:48:32 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Full Tilt Poker.Net
[2011.04.18 19:47:40 | 000,000,000 | -H-D | C] -- C:\Programme\Full Tilt Poker.Net
[2009.12.14 20:13:05 | 000,047,360 | -H-- | C] (VSO Software) -- C:\Users\Jan\AppData\Roaming\pcouffin.sys
[2006.11.25 00:14:44 | 000,139,264 | -H-- | C] ( ) -- C:\Windows\System32\MACSSDK_wiz.dll
[2006.11.25 00:14:44 | 000,126,976 | -H-- | C] ( ) -- C:\Windows\System32\MACSSDK.dll
 
========== Files - Modified Within 30 Days ==========
 
[2011.04.28 21:10:08 | 000,000,388 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{4C4FF26D-227A-4538-94B4-4F1F9660B9F7}.job
[2011.04.28 21:08:54 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.04.28 21:08:54 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.04.28 20:45:30 | 000,096,375 | ---- | M] () -- C:\Users\Jan\Desktop\txt.pdf
[2011.04.28 20:17:12 | 000,012,846 | ---- | M] () -- C:\Windows\is-L400V.msg
[2011.04.28 20:17:12 | 000,000,342 | ---- | M] () -- C:\Windows\is-L400V.lst
[2011.04.28 20:17:11 | 000,709,456 | ---- | M] () -- C:\Windows\is-L400V.exe
[2011.04.28 20:08:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.04.28 10:50:42 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011.04.27 17:43:18 | 007,734,208 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Users\Jan\Desktop\mbam-setup-1.50.1.1100[1].exe
[2011.04.27 17:42:18 | 000,287,048 | ---- | M] () -- C:\Users\Jan\Desktop\SoftonicDownloader_fuer_malwarebytes-anti-malware.exe
[2011.04.27 17:26:16 | 007,734,208 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Users\Jan\Desktop\mbam-setup-1.50.1.1100.exe
[2011.04.27 16:41:36 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Jan\Desktop\OTL.exe
[2011.04.27 15:20:43 | 000,002,962 | ---- | M] () -- C:\Users\Jan\Desktop\Windows-Kompatibilitätsbericht.htm
[2011.04.26 14:47:59 | 000,000,144 | -H-- | M] () -- C:\ProgramData\~24239904r
[2011.04.26 14:47:59 | 000,000,128 | -H-- | M] () -- C:\ProgramData\~24239904
[2011.04.26 14:40:18 | 000,000,344 | -H-- | M] () -- C:\ProgramData\24239904
[2011.04.18 19:48:32 | 000,000,899 | -H-- | M] () -- C:\Users\Public\Desktop\Full Tilt Poker.Net.lnk
[2011.04.18 15:52:56 | 000,644,844 | -H-- | M] () -- C:\Windows\System32\perfh007.dat
[2011.04.18 15:52:56 | 000,613,046 | -H-- | M] () -- C:\Windows\System32\perfh009.dat
[2011.04.18 15:52:56 | 000,117,724 | -H-- | M] () -- C:\Windows\System32\perfc007.dat
[2011.04.18 15:52:56 | 000,104,768 | -H-- | M] () -- C:\Windows\System32\perfc009.dat
 
========== Files Created - No Company Name ==========
 
[2011.04.28 20:45:28 | 000,096,375 | ---- | C] () -- C:\Users\Jan\Desktop\txt.pdf
[2011.04.28 20:17:12 | 000,012,846 | ---- | C] () -- C:\Windows\is-L400V.msg
[2011.04.28 20:17:12 | 000,000,342 | ---- | C] () -- C:\Windows\is-L400V.lst
[2011.04.28 20:17:11 | 000,709,456 | ---- | C] () -- C:\Windows\is-L400V.exe
[2011.04.27 17:42:15 | 000,287,048 | ---- | C] () -- C:\Users\Jan\Desktop\SoftonicDownloader_fuer_malwarebytes-anti-malware.exe
[2011.04.27 15:18:57 | 000,002,962 | ---- | C] () -- C:\Users\Jan\Desktop\Windows-Kompatibilitätsbericht.htm
[2011.04.26 14:40:32 | 000,000,144 | -H-- | C] () -- C:\ProgramData\~24239904r
[2011.04.26 14:40:31 | 000,000,128 | -H-- | C] () -- C:\ProgramData\~24239904
[2011.04.26 14:40:18 | 000,000,344 | -H-- | C] () -- C:\ProgramData\24239904
[2011.04.18 19:48:32 | 000,000,899 | -H-- | C] () -- C:\Users\Public\Desktop\Full Tilt Poker.Net.lnk
[2011.02.09 21:09:51 | 000,000,050 | -H-- | C] () -- C:\Windows\cdplayer.ini
[2010.07.06 18:09:51 | 000,116,224 | -H-- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2009.12.28 17:41:16 | 000,014,320 | -H-- | C] () -- C:\Windows\3f2fs5eal9498z.dll
[2009.12.27 22:36:04 | 000,009,381 | -H-- | C] () -- C:\Windows\5z077virus6de9.bin
[2009.12.25 05:10:07 | 000,003,442 | -H-- | C] () -- C:\Windows\System32\e04t5reat252z49.exe
[2009.12.16 23:40:24 | 000,006,650 | -H-- | C] () -- C:\Windows\z3558spy9d9.dll
[2009.12.16 13:36:59 | 000,003,508 | -H-- | C] () -- C:\Windows\525spazb9t328.bin
[2009.12.14 20:13:05 | 000,087,608 | -H-- | C] () -- C:\Users\Jan\AppData\Roaming\inst.exe
[2009.12.14 20:13:05 | 000,007,887 | -H-- | C] () -- C:\Users\Jan\AppData\Roaming\pcouffin.cat
[2009.12.14 20:13:05 | 000,001,144 | -H-- | C] () -- C:\Users\Jan\AppData\Roaming\pcouffin.inf
[2009.12.11 23:46:36 | 000,003,254 | -H-- | C] () -- C:\Windows\System32\1c79zhie5632.bin
[2009.12.10 00:26:12 | 000,007,976 | -H-- | C] () -- C:\Windows\System32\459bvir4z9.dll
[2009.12.08 16:41:38 | 000,014,508 | -H-- | C] () -- C:\Windows\System32\z99dthief593.exe
[2009.12.05 13:24:15 | 000,002,975 | -H-- | C] () -- C:\Windows\System32\7659s5ywzr9200.dll
[2009.12.04 22:11:01 | 000,009,036 | -H-- | C] () -- C:\Windows\450stezl2639.dll
[2009.12.03 18:21:46 | 000,016,811 | -H-- | C] () -- C:\Windows\System32\4495szyware9839.bin
[2009.12.03 18:11:20 | 000,008,372 | -H-- | C] () -- C:\Windows\3ff2sz95are2166.bin
[2009.12.01 15:59:23 | 000,010,724 | -H-- | C] () -- C:\Windows\369bspyware296z5.dll
[2009.12.01 13:27:47 | 000,009,485 | -H-- | C] () -- C:\Windows\112z29py256.bin
[2009.11.25 09:29:43 | 000,008,648 | -H-- | C] () -- C:\Windows\System32\203z99ot-a-5irus131.dll
[2009.11.25 09:19:17 | 000,017,621 | -H-- | C] () -- C:\Windows\System32\23164spambz91905.bin
[2009.11.22 08:37:20 | 000,004,685 | -H-- | C] () -- C:\Windows\System32\460zspa5se18089.dll
[2009.11.22 08:06:24 | 000,010,580 | -H-- | C] () -- C:\Windows\System32\de6th9eaz15383.dll
[2009.11.14 16:00:29 | 000,013,768 | -H-- | C] () -- C:\Windows\2dazaddware1509.dll
[2009.11.14 03:44:02 | 000,013,075 | -H-- | C] () -- C:\Windows\41035pz9e5.exe
[2009.11.12 09:08:23 | 000,002,794 | -H-- | C] () -- C:\Windows\19809vir5s55z.bin
[2009.11.11 21:36:34 | 000,012,273 | -H-- | C] () -- C:\Windows\System32\9z459hackto5l52.dll
[2009.11.11 10:19:46 | 000,008,425 | -H-- | C] () -- C:\Windows\911do9zloader2950.dll
[2009.11.11 03:19:16 | 000,003,024 | -H-- | C] () -- C:\Windows\97593not-a-virus594z.bin
[2009.11.10 12:45:15 | 000,017,350 | -H-- | C] () -- C:\Windows\System32\585zad9ware2795.bin
[2009.11.10 11:00:47 | 000,004,096 | -H-- | C] () -- C:\Users\Jan\AppData\Local\keyfile3.drm
[2009.11.07 15:48:34 | 000,005,481 | -H-- | C] () -- C:\Windows\29eespa95ez844.dll
[2009.11.07 13:24:34 | 000,002,782 | -H-- | C] () -- C:\Windows\System32\1z565not-a9virus157.exe
[2009.11.06 14:23:57 | 000,008,504 | -H-- | C] () -- C:\Windows\System32\5ca9backdoor23z7.exe
[2009.11.01 14:59:52 | 000,016,467 | -H-- | C] () -- C:\Windows\11z56tr9j793.dll
[2009.10.27 13:40:02 | 000,011,760 | -H-- | C] () -- C:\Windows\21121nzt-a-5irus33b9.exe
[2009.10.25 21:41:40 | 000,016,609 | -H-- | C] () -- C:\Windows\System32\4718sp54fz9.exe
[2009.10.21 17:38:18 | 000,017,492 | -H-- | C] () -- C:\Windows\System32\5192s9arze520.bin
[2009.10.21 17:38:18 | 000,014,540 | -H-- | C] () -- C:\Windows\9df6st5zl144.dll
[2009.10.21 17:38:18 | 000,013,585 | -H-- | C] () -- C:\Windows\90c7tzief1375.dll
[2009.10.21 17:38:18 | 000,013,229 | -H-- | C] () -- C:\Windows\System32\3256s9azse3559.bin
[2009.10.21 17:38:18 | 000,011,899 | -H-- | C] () -- C:\Windows\System32\288zvir9915.bin
[2009.10.21 17:38:18 | 000,010,005 | -H-- | C] () -- C:\Windows\54zfbackdoo52917.exe
[2009.10.21 17:38:18 | 000,006,260 | -H-- | C] () -- C:\Windows\System32\715ath9eat189z.bin
[2009.10.21 17:38:18 | 000,005,685 | -H-- | C] () -- C:\Windows\System32\59984wormz89.dll
[2009.10.21 17:38:18 | 000,004,284 | -H-- | C] () -- C:\Windows\1489359t-a-vzrus184.bin
[2009.10.21 17:38:17 | 000,018,132 | -H-- | C] () -- C:\Windows\System32\5158no9-z-virus46f.exe
[2009.10.21 17:38:17 | 000,008,877 | -H-- | C] () -- C:\Windows\5af8sparsz9591.bin
[2009.10.21 17:38:16 | 000,017,830 | -H-- | C] () -- C:\Windows\14558sp9mbot5z4.bin
[2009.10.21 17:38:16 | 000,012,032 | -H-- | C] () -- C:\Windows\System32\1z66ha9kt5ol6db.exe
[2009.10.21 17:38:16 | 000,003,911 | -H-- | C] () -- C:\Windows\9c69zteal1225.dll
[2009.10.21 17:38:11 | 000,017,181 | -H-- | C] () -- C:\Windows\System32\zeaadd5are2598.bin
[2009.10.21 17:38:11 | 000,014,381 | -H-- | C] () -- C:\Windows\System32\394edownlza5er1496.dll
[2009.10.21 17:38:11 | 000,012,214 | -H-- | C] () -- C:\Windows\System32\36ddt9izf5135.bin
[2009.10.21 17:38:11 | 000,011,532 | -H-- | C] () -- C:\Windows\System32\69aspyw9rz15855.exe
[2009.10.21 17:38:11 | 000,011,065 | -H-- | C] () -- C:\Windows\System32\7z1cvi5946.bin
[2009.10.21 17:38:11 | 000,009,570 | -H-- | C] () -- C:\Windows\39afviz15365.dll
[2009.10.21 17:38:11 | 000,007,828 | -H-- | C] () -- C:\Windows\System32\3ffest9a526z.bin
[2009.10.21 17:38:11 | 000,005,341 | -H-- | C] () -- C:\Windows\96z73troj1f5.bin
[2009.10.21 17:38:10 | 000,018,423 | -H-- | C] () -- C:\Windows\18675hack5zol980.exe
[2009.10.21 17:38:10 | 000,018,115 | -H-- | C] () -- C:\Windows\b29backdoor95z.exe
[2009.10.21 17:38:10 | 000,013,242 | -H-- | C] () -- C:\Windows\56d9spywarz597.bin
[2009.10.21 17:38:10 | 000,006,420 | -H-- | C] () -- C:\Windows\System32\5699virus55z.exe
[2009.10.21 17:38:09 | 000,018,112 | -H-- | C] () -- C:\Windows\System32\2225ba9kdoor50z8.dll
[2009.10.21 17:38:09 | 000,012,607 | -H-- | C] () -- C:\Windows\f58downlz5de959.exe
[2009.10.21 17:38:09 | 000,010,630 | -H-- | C] () -- C:\Windows\28958vzru9535.exe
[2009.10.21 17:38:09 | 000,009,453 | -H-- | C] () -- C:\Windows\3f07zhreat551299.dll
[2009.10.21 17:38:09 | 000,005,395 | -H-- | C] () -- C:\Windows\5f1bb5ckzoo92837.dll
[2009.10.21 17:38:08 | 000,017,029 | -H-- | C] () -- C:\Windows\System32\25afspyw5rz21639.exe
[2009.10.21 17:38:08 | 000,016,790 | -H-- | C] () -- C:\Windows\System32\5z319py397.bin
[2009.10.21 17:38:08 | 000,016,684 | -H-- | C] () -- C:\Windows\System32\1d95thre9t169z0.bin
[2009.10.21 17:38:08 | 000,011,573 | -H-- | C] () -- C:\Windows\3f3spy9az51025.bin
[2009.10.21 17:38:08 | 000,008,785 | -H-- | C] () -- C:\Windows\System32\5697spazbot4a5.exe
[2009.10.21 17:38:08 | 000,008,514 | -H-- | C] () -- C:\Windows\System32\6a53addwarez1159.bin
[2009.10.21 17:38:08 | 000,003,327 | -H-- | C] () -- C:\Windows\17599wormfz.exe
[2009.10.21 17:38:08 | 000,003,124 | -H-- | C] () -- C:\Windows\System32\369ad5wnzoader779.exe
[2009.10.21 17:38:07 | 000,018,132 | -H-- | C] () -- C:\Windows\System32\29959virzs76e.bin
[2009.10.21 17:38:07 | 000,017,251 | -H-- | C] () -- C:\Windows\System32\236aaddw5ze2939.dll
[2009.10.21 17:38:07 | 000,017,048 | -H-- | C] () -- C:\Windows\19589spy5zf.dll
[2009.10.21 17:38:07 | 000,015,852 | -H-- | C] () -- C:\Windows\15915not-a-viruszd2.dll
[2009.10.21 17:38:07 | 000,014,383 | -H-- | C] () -- C:\Windows\5z6fsteal5979.exe
[2009.10.21 17:38:07 | 000,014,176 | -H-- | C] () -- C:\Windows\System32\z695py4b7.exe
[2009.10.21 17:38:07 | 000,012,430 | -H-- | C] () -- C:\Windows\System32\18705h9cktozl678.bin
[2009.10.21 17:38:07 | 000,012,202 | -H-- | C] () -- C:\Windows\System32\12z5spa5s9291.exe
[2009.10.21 17:38:07 | 000,011,939 | -H-- | C] () -- C:\Windows\System32\z471back9oo5467.bin
[2009.10.21 17:38:07 | 000,010,689 | -H-- | C] () -- C:\Windows\System32\55d5zparse20159.exe
[2009.10.21 17:38:07 | 000,010,619 | -H-- | C] () -- C:\Windows\System32\7dz7thi5f31959.dll
[2009.10.21 17:38:07 | 000,010,488 | -H-- | C] () -- C:\Windows\System32\15050spy90z.bin
[2009.10.21 17:38:07 | 000,009,603 | -H-- | C] () -- C:\Windows\System32\65ecsparz92435.dll
[2009.10.21 17:38:07 | 000,008,125 | -H-- | C] () -- C:\Windows\5z896viru974a.dll
[2009.10.21 17:38:07 | 000,006,947 | -H-- | C] () -- C:\Windows\System32\9dd2stea53z26.dll
[2009.10.21 17:38:07 | 000,006,831 | -H-- | C] () -- C:\Windows\953z5hief247.dll
[2009.10.21 17:38:07 | 000,004,708 | -H-- | C] () -- C:\Windows\System32\2039ztroj1b5.bin
[2009.10.21 17:38:07 | 000,004,239 | -H-- | C] () -- C:\Windows\152ftzre9t5662.bin
[2009.10.21 17:38:07 | 000,004,140 | -H-- | C] () -- C:\Windows\2db9z9ckdoor11855.dll
[2009.10.21 17:38:07 | 000,003,147 | -H-- | C] () -- C:\Windows\System32\24999spambot415z.dll
[2009.10.21 17:38:06 | 000,018,425 | -H-- | C] () -- C:\Windows\z3916worm9e25.exe
[2009.10.21 17:38:06 | 000,018,027 | -H-- | C] () -- C:\Windows\System32\z752not-a-viru5339.bin
[2009.10.21 17:38:06 | 000,017,861 | -H-- | C] () -- C:\Windows\System32\285779roj64z5.dll
[2009.10.21 17:38:06 | 000,016,681 | -H-- | C] () -- C:\Windows\34c0d5znloade9582.dll
[2009.10.21 17:38:06 | 000,016,368 | -H-- | C] () -- C:\Windows\1999vzr1655.dll
[2009.10.21 17:38:06 | 000,015,081 | -H-- | C] () -- C:\Windows\System32\33z1not-a-viru5719.bin
[2009.10.21 17:38:06 | 000,014,219 | -H-- | C] () -- C:\Windows\System32\z58bt9ief319.bin
[2009.10.21 17:38:06 | 000,013,385 | -H-- | C] () -- C:\Windows\System32\4222vir95zc.dll
[2009.10.21 17:38:06 | 000,011,338 | -H-- | C] () -- C:\Windows\System32\4b65vzr2995.dll
[2009.10.21 17:38:06 | 000,010,556 | -H-- | C] () -- C:\Windows\6b425ddzare21249.bin
[2009.10.21 17:38:06 | 000,007,604 | -H-- | C] () -- C:\Windows\System32\22835zpambot109.bin
[2009.10.21 17:38:06 | 000,005,472 | -H-- | C] () -- C:\Windows\27549sp9mbot5dz.dll
[2009.10.21 17:38:06 | 000,002,852 | -H-- | C] () -- C:\Windows\System32\4945spyz3.exe
[2009.10.21 17:38:05 | 000,016,817 | -H-- | C] () -- C:\Windows\753zsteal9020.exe
[2009.10.21 17:38:05 | 000,002,564 | -H-- | C] () -- C:\Windows\1094spamzot22b5.bin
[2009.10.21 17:38:04 | 000,018,303 | -H-- | C] () -- C:\Windows\System32\755cst9zl3125.dll
[2009.10.21 17:38:04 | 000,003,027 | -H-- | C] () -- C:\Windows\69z7w59m59a.exe
[2009.10.18 15:53:37 | 000,014,773 | -H-- | C] () -- C:\Windows\System32\d35bac5door95z7.dll
[2009.10.18 13:12:11 | 000,009,052 | -H-- | C] () -- C:\Windows\262045ackto9lza6.bin
[2009.10.18 11:43:08 | 000,003,990 | -H-- | C] () -- C:\Windows\2996tzie5131.exe
[2009.10.17 09:01:55 | 000,015,460 | -H-- | C] () -- C:\Windows\54c9szeal1781.bin
[2009.10.16 18:48:33 | 000,007,375 | -H-- | C] () -- C:\Windows\55f2zpywa5e9137.bin
[2009.10.15 08:41:55 | 000,002,547 | -H-- | C] () -- C:\Windows\35d99pywarez053.exe
[2009.10.13 13:18:33 | 000,012,325 | -H-- | C] () -- C:\Windows\15896virz9358.dll
[2009.10.12 13:59:29 | 000,012,413 | -H-- | C] () -- C:\Windows\System32\2z772no9-a-virus455.exe
[2009.10.06 13:24:16 | 000,013,617 | -H-- | C] () -- C:\Windows\System32\3588not-a-5irusz9.dll
[2009.10.04 01:07:12 | 000,007,000 | -H-- | C] () -- C:\Windows\System32\z04435py4ac9.dll
[2009.10.02 05:27:48 | 000,014,172 | -H-- | C] () -- C:\Windows\System32\16769trzj2b35.exe
[2009.09.25 03:42:52 | 000,016,495 | -H-- | C] () -- C:\Windows\95733t5zj2ff.dll
[2009.09.24 19:32:45 | 000,012,627 | -H-- | C] () -- C:\Windows\System32\215z65ro93a3.dll
[2009.09.22 07:46:53 | 000,005,344 | -H-- | C] () -- C:\Windows\System32\97885zro55f6.dll
[2009.09.17 09:43:28 | 000,011,441 | -H-- | C] () -- C:\Windows\35736sp9389z.bin
[2009.09.14 21:50:18 | 000,003,102 | -H-- | C] () -- C:\Windows\System32\96909acktozl75f.exe
[2009.09.09 10:05:52 | 000,011,769 | -H-- | C] () -- C:\Windows\System32\311z1hacktoo95.exe
[2009.09.09 04:09:36 | 000,015,792 | -H-- | C] () -- C:\Windows\15480wormz95.bin
[2009.09.09 02:17:14 | 000,007,104 | -H-- | C] () -- C:\Windows\System32\6z7at9reat54483.bin
[2009.09.08 21:07:10 | 000,008,887 | -H-- | C] () -- C:\Windows\System32\96522zot-a-virus592.bin
[2009.09.04 19:55:35 | 000,017,064 | -H-- | C] () -- C:\Windows\System32\13602v9rus25z.dll
[2009.09.03 22:57:29 | 000,003,491 | -H-- | C] () -- C:\Windows\System32\7f71azdw59e1328.dll
[2009.08.26 06:43:27 | 000,010,496 | -H-- | C] () -- C:\Windows\System32\1139zac5door6689.dll
[2009.08.21 03:27:03 | 000,010,600 | -H-- | C] () -- C:\Windows\System32\1794spaz9e19875.dll
[2009.08.16 22:25:18 | 000,002,597 | -H-- | C] () -- C:\Windows\System32\7e25zownloader938.exe
[2009.08.16 02:36:21 | 000,007,376 | -H-- | C] () -- C:\Windows\System32\5999notza-virus9e8.bin
[2009.08.15 08:44:46 | 000,005,584 | -H-- | C] () -- C:\Windows\System32\55325r9j31dz.bin
[2009.08.15 02:13:16 | 000,004,023 | -H-- | C] () -- C:\Windows\169dthrza915957.dll
[2009.08.14 01:52:39 | 000,016,545 | -H-- | C] () -- C:\Windows\System32\1z756worm9c5.dll
[2009.08.13 10:12:36 | 000,012,590 | -H-- | C] () -- C:\Windows\56z2vi52948.dll
[2009.08.13 07:54:04 | 000,016,636 | -H-- | C] () -- C:\Windows\3zc4spar5e25899.dll
[2009.08.07 12:40:17 | 000,003,071 | -H-- | C] () -- C:\Windows\System32\2124495cktozl676.exe
[2009.08.05 13:02:33 | 000,017,411 | -H-- | C] () -- C:\Windows\System32\z2f1backdoor9555.bin
[2009.08.02 11:19:28 | 000,007,993 | -H-- | C] () -- C:\Windows\System32\6793vi5us82z.bin
[2009.07.29 00:20:56 | 000,006,486 | -H-- | C] () -- C:\Windows\15594spz6c9.dll
[2009.07.27 03:54:09 | 000,011,772 | -H-- | C] () -- C:\Windows\7ba259dwzre2798.dll
[2009.07.26 16:03:16 | 000,017,796 | -H-- | C] () -- C:\Windows\System32\26z35py4639.exe
[2009.07.26 03:51:04 | 000,011,286 | -H-- | C] () -- C:\Windows\System32\530dt5reaz16499.dll
[2009.07.20 07:58:57 | 000,007,544 | -H-- | C] () -- C:\Windows\System32\10zb5ir31189.exe
[2009.07.18 07:58:39 | 000,008,161 | -H-- | C] () -- C:\Windows\System32\z8169ha5ktool284.exe
[2009.07.17 21:31:29 | 000,009,295 | -H-- | C] () -- C:\Windows\3z9ddownloader22245.bin
[2009.07.17 20:06:54 | 000,018,335 | -H-- | C] () -- C:\Windows\9z5fvir1650.bin
[2009.07.16 13:19:13 | 000,004,404 | -H-- | C] () -- C:\Windows\System32\21205wor95z5.bin
[2009.07.14 04:32:47 | 000,016,940 | -H-- | C] () -- C:\Windows\System32\691tzreat25908.bin
[2009.07.14 01:02:11 | 000,013,050 | -H-- | C] () -- C:\Windows\454ddow5loader1972z.exe
[2009.07.11 19:15:16 | 000,017,730 | -H-- | C] () -- C:\Windows\5574zown9oader2398.exe
[2009.07.11 14:39:43 | 000,011,171 | -H-- | C] () -- C:\Windows\System32\7958addzare76.bin
[2009.07.10 16:26:42 | 000,016,269 | -H-- | C] () -- C:\Windows\273945ro9ddz.exe
[2009.07.06 19:22:22 | 000,009,272 | -H-- | C] () -- C:\Windows\3597steal1499z.bin
[2009.07.04 06:42:01 | 000,017,011 | -H-- | C] () -- C:\Windows\System32\2az9backdoor265.exe
[2009.07.02 22:29:39 | 000,016,991 | -H-- | C] () -- C:\Windows\System32\20690spambot5d2z.exe
[2009.06.27 10:11:38 | 000,004,289 | -H-- | C] () -- C:\Windows\5d44th5zf30639.dll
[2009.06.26 06:39:08 | 000,002,959 | -H-- | C] () -- C:\Windows\System32\11780no5-a-vi9us4c3z.exe
[2009.06.26 05:42:21 | 000,003,395 | -H-- | C] () -- C:\Windows\System32\26z9downl95der1653.exe
[2009.06.22 16:20:22 | 000,011,828 | -H-- | C] () -- C:\Windows\105bsparze2497.exe
[2009.06.22 11:12:30 | 000,014,834 | -H-- | C] () -- C:\Windows\3af0zhr9a516824.dll
[2009.06.22 04:22:26 | 000,015,434 | -H-- | C] () -- C:\Windows\System32\ez0spy5are1978.dll
[2009.06.22 00:28:46 | 000,003,188 | -H-- | C] () -- C:\Windows\System32\7249tzie52593.exe
[2009.06.18 02:24:28 | 000,018,167 | -H-- | C] () -- C:\Windows\System32\72c6down9o5derz316.dll
[2009.06.15 05:55:46 | 000,013,712 | -H-- | C] () -- C:\Windows\System32\39e69zreat57595.dll
[2009.06.14 03:53:51 | 000,008,446 | -H-- | C] () -- C:\Windows\64909pa5zot9b.bin
[2009.06.13 22:22:46 | 000,008,019 | -H-- | C] () -- C:\Windows\System32\594zhacktool293.bin
[2009.06.07 02:42:17 | 000,005,972 | -H-- | C] () -- C:\Windows\2059zvi9us1cf5.exe
[2009.06.06 10:18:29 | 000,005,829 | -H-- | C] () -- C:\Windows\255z2t9o5412.exe
[2009.06.02 10:43:58 | 000,006,947 | -H-- | C] () -- C:\Windows\System32\5da3s9yware239z.dll
[2009.05.28 22:32:08 | 000,017,186 | -H-- | C] () -- C:\Windows\System32\1e92stezl952.dll
[2009.05.27 20:52:57 | 000,009,853 | -H-- | C] () -- C:\Windows\System32\429hacktoolz5f9.bin
[2009.05.25 19:03:39 | 000,005,238 | -H-- | C] () -- C:\Windows\16c9stz5l455.bin
[2009.05.25 12:41:22 | 000,007,624 | -H-- | C] () -- C:\Windows\23073hack5ozl940.exe
[2009.05.25 01:44:21 | 000,007,471 | -H-- | C] () -- C:\Windows\System32\35499ddwaze2913.exe
[2009.05.20 06:36:54 | 000,008,516 | -H-- | C] () -- C:\Windows\3c795ir2z0.dll
[2009.05.17 15:09:52 | 000,015,108 | -H-- | C] () -- C:\Windows\System32\14791viz5s189.dll
[2009.05.16 22:03:33 | 000,010,928 | -H-- | C] () -- C:\Windows\850th5ezt13987.dll
[2009.05.16 05:29:19 | 000,015,768 | -H-- | C] () -- C:\Windows\System32\4593zhie93514.bin
[2009.05.15 20:11:34 | 000,008,821 | -H-- | C] () -- C:\Windows\21z51tro593f.dll
[2009.05.14 14:46:46 | 000,012,191 | -H-- | C] () -- C:\Windows\System32\597bzteal764.exe
[2009.05.04 23:38:42 | 000,017,457 | -H-- | C] () -- C:\Windows\System32\313z7hack5oo9314.exe
[2009.05.03 14:27:40 | 000,018,129 | -H-- | C] () -- C:\Windows\10559tzoj664.bin
[2009.05.03 01:48:24 | 000,011,651 | -H-- | C] () -- C:\Windows\System32\54a6add5aze18439.exe
[2009.04.28 12:36:15 | 000,016,344 | -H-- | C] () -- C:\Windows\129zthief59.exe
[2009.04.26 04:35:20 | 000,010,784 | -H-- | C] () -- C:\Windows\System32\2d275ac9door2z37.dll
[2009.04.23 12:59:23 | 000,010,941 | -H-- | C] () -- C:\Windows\32358t9oj23ez.bin
[2009.04.20 01:36:26 | 000,002,742 | -H-- | C] () -- C:\Windows\System32\48e9spzrse2555.exe
[2009.04.19 10:56:11 | 000,000,399 | -H-- | C] () -- C:\Windows\vtplus32.ini
[2009.04.19 10:54:48 | 000,163,840 | -H-- | C] () -- C:\Windows\System32\hcwChDB.dll
[2009.04.19 10:54:00 | 000,006,542 | -H-- | C] () -- C:\Windows\HCWPNP.INI
[2009.04.19 08:25:36 | 000,011,949 | -H-- | C] () -- C:\Windows\System32\756zpar9e265.dll
[2009.04.13 11:37:11 | 000,015,559 | -H-- | C] () -- C:\Windows\System32\4a50t9ief1152z.bin
[2009.04.11 12:27:58 | 000,005,283 | -H-- | C] () -- C:\Windows\76z9hacktoo5109.dll
[2009.04.11 11:53:46 | 000,003,033 | -H-- | C] () -- C:\Windows\4z5cvir9414.exe
[2009.04.10 21:09:25 | 000,011,953 | -H-- | C] () -- C:\Windows\1526zhackt9ol207.dll
[2009.04.10 17:33:27 | 000,014,695 | -H-- | C] () -- C:\Windows\System32\54635worm9az.bin
[2009.04.08 04:50:20 | 000,013,855 | -H-- | C] () -- C:\Windows\System32\22b5sp5rz9136.exe
[2009.04.06 17:19:32 | 000,010,698 | -H-- | C] () -- C:\Windows\5dz09ir695.bin
[2009.04.06 11:55:48 | 000,005,507 | -H-- | C] () -- C:\Windows\System32\4628s9ywaze1755.dll
[2009.04.05 08:37:47 | 000,008,235 | -H-- | C] () -- C:\Windows\System32\5136virzs4a89.bin
[2009.04.04 11:38:05 | 000,149,504 | -H-- | C] () -- C:\Windows\System32\UNWISE.EXE
[2009.04.04 11:37:30 | 000,032,987 | -H-- | C] () -- C:\Windows\Irremote.ini
[2009.04.04 11:37:18 | 000,065,536 | -H-- | C] () -- C:\Windows\System32\dmcrypto.dll
[2009.04.04 11:36:45 | 000,000,209 | -H-- | C] () -- C:\Windows\ODBCINST.INI
[2009.04.02 23:01:45 | 000,002,840 | -H-- | C] () -- C:\Windows\System32\20e7ztea93513.dll
[2009.04.02 17:45:15 | 000,006,313 | -H-- | C] () -- C:\Windows\System32\z1712spamb9t2f65.bin
[2009.04.01 20:48:52 | 000,005,778 | -H-- | C] () -- C:\Windows\104745pambzt6e9.dll
[2009.03.26 08:36:34 | 000,018,413 | -H-- | C] () -- C:\Windows\System32\52eetzief90875.bin
[2009.03.26 05:25:23 | 000,013,143 | -H-- | C] () -- C:\Windows\e56sp5warez97.exe
[2009.03.26 02:42:03 | 000,011,609 | -H-- | C] () -- C:\Windows\3zc1thie513899.exe
[2009.03.24 12:18:50 | 000,002,937 | -H-- | C] () -- C:\Windows\9285zspy424.dll
[2009.03.23 08:53:52 | 000,003,270 | -H-- | C] () -- C:\Windows\d79tzi5f1362.dll
[2009.03.23 03:11:47 | 000,015,344 | -H-- | C] () -- C:\Windows\System32\155b9hiefz80.exe
[2009.03.22 07:08:47 | 000,004,746 | -H-- | C] () -- C:\Windows\65zeaddware1977.bin
[2009.03.19 10:09:31 | 000,008,906 | -H-- | C] () -- C:\Windows\136azh9eat97445.dll
[2009.03.19 02:09:20 | 000,003,108 | -H-- | C] () -- C:\Windows\51z4ad5ware1798.dll
[2009.03.18 15:13:32 | 000,013,447 | -H-- | C] () -- C:\Windows\System32\5z370worm6e9.exe
[2009.03.15 14:13:58 | 000,015,811 | -H-- | C] () -- C:\Windows\17115hackzool2a9.exe
[2009.03.15 05:29:03 | 000,011,598 | -H-- | C] () -- C:\Windows\System32\zaa6v5r9616.exe
[2009.03.11 06:24:39 | 000,002,980 | -H-- | C] () -- C:\Windows\System32\3f7d5wnload9r1z04.exe
[2009.03.11 01:21:59 | 000,008,103 | -H-- | C] () -- C:\Windows\6a9stzal1560.exe
[2009.03.10 18:19:44 | 000,008,834 | -H-- | C] () -- C:\Windows\5f08addware593z.bin
[2009.03.10 04:54:21 | 000,003,126 | -H-- | C] () -- C:\Windows\c8zbackdoo5299.exe
[2009.03.08 12:21:47 | 000,009,444 | -H-- | C] () -- C:\Windows\System32\150z7not-9-virus197.exe
[2009.03.04 07:12:35 | 000,006,268 | -H-- | C] () -- C:\Windows\System32\5zcea9dwar558.exe
[2009.03.02 20:39:49 | 000,015,398 | -H-- | C] () -- C:\Windows\51c2v9r152z.exe
[2009.03.01 16:38:02 | 000,012,282 | -H-- | C] () -- C:\Windows\960zvir1705.bin
[2009.03.01 01:55:10 | 000,007,008 | -H-- | C] () -- C:\Windows\System32\2688s9azbot5f5.exe
[2009.02.21 23:05:41 | 000,008,744 | -H-- | C] () -- C:\Windows\System32\71z19parse526.exe
[2009.02.21 01:54:22 | 000,017,099 | -H-- | C] () -- C:\Windows\3a2zspar9e2651.exe
[2009.02.20 13:42:15 | 000,006,485 | -H-- | C] () -- C:\Windows\13522s9zmbot4c0.bin
[2009.02.20 01:32:36 | 000,002,709 | -H-- | C] () -- C:\Windows\System32\57109ackto5l7d9z.exe
[2009.02.15 22:46:29 | 000,015,608 | -H-- | C] () -- C:\Windows\System32\9892wzrm3a5.bin
[2009.02.15 08:10:47 | 000,016,549 | -H-- | C] () -- C:\Windows\5906thizf29305.bin
[2009.02.13 04:09:39 | 000,018,052 | -H-- | C] () -- C:\Windows\System32\f9cszywa5e1899.bin
[2009.02.12 21:45:37 | 000,011,696 | -H-- | C] () -- C:\Windows\System32\5a249hief447z.bin
[2009.02.10 16:21:36 | 000,005,440 | -H-- | C] () -- C:\Windows\System32\241b5t9al3z1.bin
[2009.02.09 14:17:42 | 000,004,586 | -H-- | C] () -- C:\Windows\System32\57z7hack9ool2b4.bin
[2009.02.07 08:00:05 | 000,011,822 | -H-- | C] () -- C:\Windows\System32\20a9stea52z59.bin
[2009.02.07 00:59:33 | 000,002,809 | -H-- | C] () -- C:\Windows\27299not-a-viru5z4a.bin
[2009.02.05 10:57:31 | 000,004,712 | -H-- | C] () -- C:\Windows\179edownlz5der2182.dll
[2009.02.03 17:18:53 | 000,016,910 | -H-- | C] () -- C:\Windows\32bzvir9095.dll
[2009.02.03 15:25:34 | 000,008,888 | -H-- | C] () -- C:\Windows\System32\2dd4st9zl25135.bin
[2009.02.03 07:52:19 | 000,007,981 | -H-- | C] () -- C:\Windows\5059th5eat28877z.exe
[2009.02.01 14:30:41 | 000,008,010 | -H-- | C] () -- C:\Windows\z0789spambot115.bin
[2009.01.27 23:46:41 | 000,008,428 | -H-- | C] () -- C:\Windows\15855noz9a-virus7ec.dll
[2009.01.27 10:07:38 | 000,008,522 | -H-- | C] () -- C:\Windows\System32\5625zroj3709.exe
[2009.01.25 19:38:35 | 000,011,526 | -H-- | C] () -- C:\Windows\System32\5945dowzloader411.bin
[2009.01.25 08:55:07 | 000,012,491 | -H-- | C] () -- C:\Windows\System32\z75dsparse9623.exe
[2009.01.23 13:02:46 | 000,005,131 | -H-- | C] () -- C:\Windows\System32\1455bac9doorz608.dll
[2009.01.21 08:41:48 | 000,016,441 | -H-- | C] () -- C:\Windows\System32\2c58adzwar92357.bin
[2009.01.21 01:36:09 | 000,003,408 | -H-- | C] () -- C:\Windows\59c6baczdoor5211.exe
[2009.01.18 08:05:58 | 000,005,333 | -H-- | C] () -- C:\Windows\11958tzo958b.exe
[2009.01.15 05:05:12 | 000,015,289 | -H-- | C] () -- C:\Windows\System32\7507b9ckdoor2799z.dll
[2009.01.14 13:20:44 | 000,003,372 | -H-- | C] () -- C:\Windows\793as9ezl5976.dll
[2009.01.14 09:55:10 | 000,013,127 | -H-- | C] () -- C:\Windows\9542zro9745.bin
[2009.01.13 19:57:51 | 000,013,665 | -H-- | C] () -- C:\Windows\System32\22759spy3z0.exe
[2009.01.10 22:47:09 | 000,013,908 | -H-- | C] () -- C:\Windows\System32\395bzpy5are1291.dll
[2009.01.10 18:03:24 | 000,016,033 | -H-- | C] () -- C:\Windows\5524thre9t23z80.dll
[2009.01.07 16:01:41 | 000,014,193 | -H-- | C] () -- C:\Windows\596evir27z7.exe
[2009.01.06 11:03:52 | 000,014,506 | -H-- | C] () -- C:\Windows\System32\335zhr95t10309.bin
[2009.01.06 08:46:08 | 000,008,439 | -H-- | C] () -- C:\Windows\System32\95359spz405.exe
[2009.01.04 18:58:49 | 000,009,835 | -H-- | C] () -- C:\Windows\19995woz5667.bin
[2009.01.03 12:15:42 | 000,005,390 | -H-- | C] () -- C:\Windows\System32\19azaddw5re2546.bin
[2009.01.02 12:59:01 | 000,008,508 | -H-- | C] () -- C:\Windows\System32\1z897not-a-9irus31e5.exe
[2008.12.28 09:51:01 | 000,016,997 | -H-- | C] () -- C:\Windows\926t9reat155z5.exe
[2008.12.17 10:01:32 | 000,003,743 | -H-- | C] () -- C:\Windows\7e159iz2646.dll
[2008.12.16 01:12:02 | 000,012,238 | -H-- | C] () -- C:\Windows\System32\55z0sp9rse223.dll
[2008.12.15 18:11:39 | 000,010,996 | -H-- | C] () -- C:\Windows\System32\z1544spambo5729.bin
[2008.12.11 03:54:42 | 000,002,654 | -H-- | C] () -- C:\Windows\System32\12429tzo5109.bin
[2008.12.10 19:55:22 | 000,012,765 | -H-- | C] () -- C:\Windows\System32\9539spy9z8.dll
[2008.12.02 17:35:17 | 000,007,741 | -H-- | C] () -- C:\Windows\135935irus2cz.dll
[2008.12.02 05:26:38 | 000,008,575 | -H-- | C] () -- C:\Windows\System32\11837tro598cz.bin
[2008.12.01 23:12:57 | 000,016,060 | -H-- | C] () -- C:\Windows\16056hac9tool135z.exe
[2008.11.27 15:53:28 | 000,010,326 | -H-- | C] () -- C:\Windows\234az9yware11585.exe
[2008.11.22 19:50:38 | 000,003,424 | -H-- | C] () -- C:\Windows\13141zacktool35b9.dll
[2008.11.22 11:29:19 | 000,010,566 | -H-- | C] () -- C:\Windows\ae6z95ware3110.exe
[2008.11.20 03:23:15 | 000,009,472 | -H-- | C] () -- C:\Windows\97913spzmbo5644.exe
[2008.11.19 23:13:56 | 000,017,558 | -H-- | C] () -- C:\Windows\1337zor51e59.exe
[2008.11.18 19:00:40 | 000,004,128 | -H-- | C] () -- C:\Windows\System32\3z465viru96c5.dll
[2008.11.16 07:42:08 | 000,011,045 | -H-- | C] () -- C:\Windows\System32\33addware295z.bin
[2008.11.11 01:01:16 | 000,004,400 | -H-- | C] () -- C:\Windows\9z389spa5bot628.bin
[2008.11.08 13:00:27 | 000,013,678 | -H-- | C] () -- C:\Windows\System32\15465zacktool579.dll
[2008.11.08 00:51:59 | 000,004,119 | -H-- | C] () -- C:\Windows\116z4t9oj54b.exe
[2008.11.07 23:23:12 | 000,013,452 | -H-- | C] () -- C:\Windows\System32\45d5s9arse2858z.dll
[2008.11.06 02:13:37 | 000,012,777 | -H-- | C] () -- C:\Windows\System32\705zth9ef1357.dll
[2008.11.04 18:33:11 | 000,002,830 | -H-- | C] () -- C:\Windows\8235notza-5ir9s348.dll
[2008.11.03 15:08:26 | 000,009,151 | -H-- | C] () -- C:\Windows\124z7viru5809.dll
[2008.11.01 06:21:19 | 000,017,486 | -H-- | C] () -- C:\Windows\System32\167z5worm59d9.exe
[2008.10.27 21:44:50 | 000,007,299 | -H-- | C] () -- C:\Windows\System32\4ddath9e5t9z36.exe
[2008.10.24 08:31:56 | 000,008,052 | -H-- | C] () -- C:\Windows\System32\55b7tz9ef5043.exe
[2008.10.22 14:26:31 | 000,011,868 | -H-- | C] () -- C:\Windows\12f6steal5479z.dll
[2008.10.17 23:06:31 | 000,012,374 | -H-- | C] () -- C:\Windows\System32\14z6stea5951.bin
[2008.10.12 18:14:23 | 000,010,943 | -H-- | C] () -- C:\Windows\7aa8zh5ef2929.bin
[2008.10.11 22:44:52 | 000,016,010 | -H-- | C] () -- C:\Windows\System32\z5585w9rm6f2.exe
[2008.10.11 00:38:43 | 000,009,184 | -H-- | C] () -- C:\Windows\18zcsp9rse1715.dll
[2008.10.02 22:41:26 | 000,012,235 | -H-- | C] () -- C:\Windows\6zaca5dware989.bin
[2008.10.01 17:35:46 | 000,005,535 | -H-- | C] () -- C:\Windows\9z5vir2947.bin
[2008.09.28 14:36:45 | 000,009,057 | -H-- | C] () -- C:\Windows\399dadzw5re2005.exe
[2008.09.26 19:38:07 | 000,016,559 | -H-- | C] () -- C:\Windows\1z991worm325.dll
[2008.09.23 23:33:35 | 000,009,295 | -H-- | C] () -- C:\Windows\38f495rzat13808.exe
[2008.09.20 06:40:44 | 000,011,291 | -H-- | C] () -- C:\Windows\3200thre9t15z56.dll
[2008.09.20 04:44:32 | 000,017,086 | -H-- | C] () -- C:\Windows\65z8hacktoo599.exe
[2008.09.18 16:23:07 | 000,008,455 | -H-- | C] () -- C:\Windows\System32\20942h5cktooz209.dll
[2008.09.17 22:34:43 | 000,016,592 | -H-- | C] () -- C:\Windows\System32\26098sp5mbot710z.exe
[2008.09.14 22:22:56 | 000,004,592 | -H-- | C] () -- C:\Windows\z52v9r5867.dll
[2008.09.14 07:30:21 | 000,008,526 | -H-- | C] () -- C:\Windows\System32\311thr9at25168z.bin
[2008.09.11 22:27:09 | 000,005,159 | -H-- | C] () -- C:\Windows\45z7s9ambot5e2.dll
[2008.09.10 22:33:48 | 000,003,659 | -H-- | C] () -- C:\Windows\905aspyzare2269.bin
[2008.09.10 22:20:53 | 000,011,428 | -H-- | C] () -- C:\Windows\39035spy30z.dll
[2008.09.10 02:50:42 | 000,015,197 | -H-- | C] () -- C:\Windows\95cathief2514z.exe
[2008.09.07 00:29:38 | 000,010,903 | -H-- | C] () -- C:\Windows\37465ackt9zlca.exe
[2008.09.06 10:40:29 | 000,011,176 | -H-- | C] () -- C:\Windows\System32\7421noz-a-virus2059.bin
[2008.09.05 17:15:29 | 000,005,054 | -H-- | C] () -- C:\Windows\21z33vir9s44d5.dll
[2008.09.01 12:52:21 | 000,014,033 | -H-- | C] () -- C:\Windows\System32\5a99szyware26549.exe
[2008.08.28 16:33:32 | 000,017,196 | -H-- | C] () -- C:\Windows\System32\57e8sz9ware928.exe
[2008.08.28 02:11:05 | 000,003,023 | -H-- | C] () -- C:\Windows\138959py550z.exe
[2008.08.26 14:11:31 | 000,015,591 | -H-- | C] () -- C:\Windows\System32\11a7bazk5oor25659.exe
[2008.08.24 08:26:29 | 000,002,762 | -H-- | C] () -- C:\Windows\19565spambot738z.dll
[2008.08.23 13:07:35 | 000,003,710 | -H-- | C] () -- C:\Windows\5256th9ef1z54.dll
[2008.08.20 01:54:08 | 000,006,127 | -H-- | C] () -- C:\Windows\System32\6c29addw9re2456z.exe
[2008.08.19 21:19:20 | 000,005,036 | -H-- | C] () -- C:\Windows\System32\3a98downl5a9erz585.bin
[2008.08.19 14:50:39 | 000,012,836 | -H-- | C] () -- C:\Windows\System32\92757trzj561.dll
[2008.08.18 07:54:09 | 000,005,068 | -H-- | C] () -- C:\Windows\System32\76e09hr5zt20047.exe
[2008.08.18 07:11:30 | 000,011,896 | -H-- | C] () -- C:\Windows\192fa5zware552.dll
[2008.08.18 04:58:45 | 000,012,573 | -H-- | C] () -- C:\Windows\z9360spambot65d.bin
[2008.08.17 16:39:13 | 000,017,671 | -H-- | C] () -- C:\Windows\System32\358s9y2z1.dll
[2008.08.17 05:40:49 | 000,008,913 | -H-- | C] () -- C:\Windows\55779irus23z.dll
[2008.08.16 00:03:10 | 000,018,074 | -H-- | C] () -- C:\Windows\System32\30925wzr952f.dll
[2008.08.11 16:19:04 | 000,013,124 | -H-- | C] () -- C:\Windows\124169ackto5l573z.exe
[2008.08.06 18:00:32 | 000,010,857 | -H-- | C] () -- C:\Windows\System32\16491ziru9656.bin
[2008.08.06 02:15:40 | 000,006,562 | -H-- | C] () -- C:\Windows\System32\21957szambot188.bin
[2008.08.05 04:43:10 | 000,009,024 | -H-- | C] () -- C:\Windows\System32\5addsp5war9z42.bin
[2008.08.02 21:28:07 | 000,015,642 | -H-- | C] () -- C:\Windows\96197not5azvirus2bc.exe
[2008.07.23 15:47:11 | 000,012,372 | -H-- | C] () -- C:\Windows\System32\4233sp5wzre1918.dll
[2008.07.20 20:39:48 | 000,015,907 | -H-- | C] () -- C:\Windows\System32\26079not-a-vi59z28a.bin
[2008.07.20 14:49:39 | 000,012,714 | -H-- | C] () -- C:\Windows\19595spamzot5569.dll
[2008.07.17 14:43:16 | 000,011,955 | -H-- | C] () -- C:\Windows\System32\15570notz5-vi9us225.exe
[2008.07.17 04:22:20 | 000,005,475 | -H-- | C] () -- C:\Windows\29452nzt-a-9irus43f.dll
[2008.07.13 20:33:44 | 000,005,443 | -H-- | C] () -- C:\Windows\System32\104z2spa9b5t705.bin
[2008.07.13 08:09:48 | 000,009,863 | -H-- | C] () -- C:\Windows\3c55stea9215z.exe
[2008.07.11 19:30:11 | 000,012,134 | -H-- | C] () -- C:\Windows\zcd6spy5are1984.exe
[2008.07.10 10:28:36 | 000,002,948 | -H-- | C] () -- C:\Windows\System32\18bzspyware15359.exe
[2008.07.08 08:43:12 | 000,012,034 | -H-- | C] () -- C:\Windows\13335tzoj26b9.dll
[2008.07.07 22:09:34 | 000,017,899 | -H-- | C] () -- C:\Windows\258b5iz2598.bin
[2008.07.04 00:18:09 | 000,003,312 | -H-- | C] () -- C:\Windows\97853zacktool3d9.dll
[2008.07.01 23:51:19 | 000,009,424 | -H-- | C] () -- C:\Windows\19z58hacktool45b5.dll
[2008.06.28 20:23:34 | 000,008,466 | -H-- | C] () -- C:\Windows\System32\z9876not-a-59rusd7.bin
[2008.06.25 04:20:41 | 000,009,838 | -H-- | C] () -- C:\Windows\9abfspyzare1052.dll
[2008.06.24 20:25:24 | 000,011,589 | -H-- | C] () -- C:\Windows\90447zacktool455.bin
[2008.06.24 19:54:07 | 000,002,673 | -H-- | C] () -- C:\Windows\19cz9ir3540.bin
[2008.06.23 09:39:42 | 000,010,654 | -H-- | C] () -- C:\Windows\System32\11554szy749.dll
[2008.06.21 10:24:01 | 000,018,009 | -H-- | C] () -- C:\Windows\325495ot9a-virus60z.exe
[2008.06.20 02:53:57 | 000,010,692 | -H-- | C] () -- C:\Windows\System32\5f11down9ozder2165.exe
[2008.06.18 17:19:21 | 000,010,847 | -H-- | C] () -- C:\Windows\26393not-a-virus73z5.bin
[2008.06.15 03:42:18 | 000,008,877 | -H-- | C] () -- C:\Windows\5a4avi520z99.bin
[2008.06.12 16:18:16 | 000,008,257 | -H-- | C] () -- C:\Windows\System32\6385hr9at4653z.dll
[2008.06.11 07:10:43 | 000,017,063 | -H-- | C] () -- C:\Windows\92295dware7z9.bin
[2008.06.09 15:35:56 | 000,007,798 | -H-- | C] () -- C:\Windows\System32\25389worm7z7.bin
[2008.06.08 19:23:35 | 000,006,255 | -H-- | C] () -- C:\Windows\System32\2931z5r9s353.exe
[2008.06.07 08:18:47 | 000,015,115 | -H-- | C] () -- C:\Windows\System32\960evz51760.bin
[2008.05.26 09:20:16 | 000,009,697 | -H-- | C] () -- C:\Windows\System32\5291vir2z93.bin
[2008.05.23 23:24:08 | 000,005,447 | -H-- | C] () -- C:\Windows\System32\1c85vi9z57.exe
[2008.05.22 13:54:14 | 000,015,168 | -H-- | C] () -- C:\Windows\System32\91c8stea5115z.exe
[2008.05.22 02:54:16 | 000,004,289 | -H-- | C] () -- C:\Windows\a5fzpywa9e2498.exe
[2008.05.17 02:47:54 | 000,004,321 | -H-- | C] () -- C:\Windows\System32\zf1fdownload951154.bin
[2008.05.16 16:30:04 | 000,004,186 | -H-- | C] () -- C:\Windows\System32\102729rzj5a5.dll
[2008.05.15 20:55:54 | 000,013,077 | -H-- | C] () -- C:\Windows\56994trzj790.dll
[2008.05.15 04:31:39 | 000,012,934 | -H-- | C] () -- C:\Windows\System32\72dzv953127.dll
[2008.05.13 04:35:04 | 000,015,960 | -H-- | C] () -- C:\Windows\System32\z4947troj7805.dll
[2008.05.12 13:03:15 | 000,003,854 | -H-- | C] () -- C:\Windows\14dspzrse16985.exe
[2008.05.12 11:15:19 | 000,006,635 | -H-- | C] () -- C:\Windows\25413s9zmbot217.bin
[2008.05.12 01:46:20 | 000,014,386 | -H-- | C] () -- C:\Windows\System32\95303szy4b5.bin
[2008.05.11 15:22:01 | 000,017,720 | -H-- | C] () -- C:\Windows\System32\zad7ad9war52635.exe
[2008.05.10 23:53:54 | 000,005,017 | -H-- | C] () -- C:\Windows\1557downl9zder2301.bin
[2008.05.09 09:44:57 | 000,000,507 | -H-- | C] () -- C:\Windows\ODBC.INI
[2008.05.07 07:13:11 | 000,011,123 | -H-- | C] () -- C:\Windows\System32\22dbackd95r1z78.bin
[2008.05.06 21:48:58 | 000,004,866 | -H-- | C] () -- C:\Windows\System32\26625ownzoader289.exe
[2008.05.03 16:40:25 | 000,007,881 | -H-- | C] () -- C:\Windows\System32\79f5vzr20259.dll
[2008.05.01 08:14:50 | 000,007,122 | -H-- | C] () -- C:\Windows\2z799sp9mb5t515.dll
[2008.04.20 12:17:52 | 000,013,304 | -H-- | C] () -- C:\Windows\99098s5y476z.dll
[2008.04.20 01:05:40 | 000,008,556 | -H-- | C] () -- C:\Windows\System32\5579viz346.dll
[2008.04.19 08:00:47 | 000,016,349 | -H-- | C] () -- C:\Windows\1995trojz89.exe
[2008.04.18 12:52:50 | 000,016,538 | -H-- | C] () -- C:\Windows\System32\z192stea59329.exe
[2008.04.16 01:02:38 | 000,003,711 | -H-- | C] () -- C:\Windows\6fbed9wnl5ader141z.exe
[2008.04.13 08:41:07 | 000,017,278 | -H-- | C] () -- C:\Windows\4z65s9arse5121.bin
[2008.04.10 22:44:23 | 000,007,783 | -H-- | C] () -- C:\Windows\System32\12999sp5f5z.bin
[2008.04.09 12:43:09 | 000,013,591 | -H-- | C] () -- C:\Windows\System32\585zs9y45d.exe
[2008.04.09 01:27:53 | 000,012,137 | -H-- | C] () -- C:\Windows\System32\35229acktozl417.dll
[2008.04.08 19:43:26 | 000,006,130 | -H-- | C] () -- C:\Windows\1854t5ojz99.bin
[2008.04.06 03:00:00 | 000,006,782 | -H-- | C] () -- C:\Windows\System32\5959thzef2219.bin
[2008.04.04 15:59:56 | 000,005,344 | -H-- | C] () -- C:\Windows\7135addwa5ez790.dll
[2008.04.04 05:45:45 | 000,007,577 | -H-- | C] () -- C:\Windows\3252thi9f5z52.exe
[2008.03.27 09:31:51 | 000,005,856 | -H-- | C] () -- C:\Windows\System32\756sz9rse1576.dll
[2008.03.27 01:23:20 | 000,017,747 | -H-- | C] () -- C:\Windows\19c0vi51071z.dll
[2008.03.26 21:27:06 | 000,012,641 | -H-- | C] () -- C:\Windows\System32\5095zir455.bin
[2008.03.25 03:26:50 | 000,008,221 | -H-- | C] () -- C:\Windows\5z55spambot549.bin
[2008.03.22 16:01:01 | 000,006,508 | -H-- | C] () -- C:\Windows\System32\93656vzrus505.exe
[2008.03.21 23:26:20 | 000,000,036 | -H-- | C] () -- C:\Windows\System32\swk.ini
[2008.03.21 16:17:03 | 000,017,777 | -H-- | C] () -- C:\Windows\System32\75threat14319z.dll
[2008.03.19 11:26:57 | 000,005,959 | -H-- | C] () -- C:\Windows\System32\294249ac5zool780.dll
[2008.03.18 19:55:57 | 000,005,210 | -H-- | C] () -- C:\Windows\490zbackd5or289.exe
[2008.03.18 13:51:35 | 000,017,149 | -H-- | C] () -- C:\Windows\System32\9554trojzee.exe
[2008.03.17 13:22:42 | 000,003,742 | -H-- | C] () -- C:\Windows\System32\78585roz349.exe
[2008.03.13 20:48:56 | 000,011,941 | -H-- | C] () -- C:\Windows\11b3zownloa9er2567.dll
[2008.03.12 15:29:06 | 000,008,882 | -H-- | C] () -- C:\Windows\System32\24355hzcktool2009.dll
[2008.03.12 01:03:19 | 000,016,059 | -H-- | C] () -- C:\Windows\System32\7686za5ktoo94c7.exe
[2008.03.11 15:40:27 | 000,013,655 | -H-- | C] () -- C:\Windows\System32\28523hacktozl4915.exe
[2008.03.10 20:43:14 | 000,009,660 | -H-- | C] () -- C:\Windows\26365zackto5l9b6.bin
[2008.03.09 15:35:33 | 000,012,797 | -H-- | C] () -- C:\Windows\System32\5e99addwa5z2230.exe
[2008.03.08 06:40:53 | 000,003,115 | -H-- | C] () -- C:\Windows\System32\1z456virus59b.dll
[2008.03.06 06:57:14 | 000,015,895 | -H-- | C] () -- C:\Windows\System32\9zbaddware584.dll
[2008.03.04 06:46:36 | 000,003,624 | -H-- | C] () -- C:\Windows\7z90v5ru9443.bin
[2008.03.03 17:27:00 | 000,009,292 | -H-- | C] () -- C:\Windows\System32\21386hac5too950dz.exe
[2008.02.28 05:01:38 | 000,017,338 | -H-- | C] () -- C:\Windows\System32\15769no95azvirus699.exe
[2008.02.24 16:48:26 | 000,010,151 | -H-- | C] () -- C:\Windows\24651not-a-vir9s49ez.exe
[2008.02.23 19:02:14 | 000,013,640 | -H-- | C] () -- C:\Windows\2z9ethief259.dll
[2008.02.18 02:50:48 | 000,008,480 | -H-- | C] () -- C:\Windows\cfzt5ief9943.bin
[2008.02.17 17:44:03 | 000,010,169 | -H-- | C] () -- C:\Windows\System32\158595roj497z.exe
[2008.02.17 12:44:02 | 000,005,187 | -H-- | C] () -- C:\Windows\19597hazkt5ol5ad9.bin
[2008.02.17 02:08:08 | 000,016,740 | -H-- | C] () -- C:\Windows\12c959iez934.bin
[2008.02.16 05:44:16 | 000,003,829 | -H-- | C] () -- C:\Windows\System32\369dowzloa5er2791.exe
[2008.02.09 04:43:04 | 000,013,847 | -H-- | C] () -- C:\Windows\System32\5a9cdzwnload5r395.exe
[2008.02.08 21:53:33 | 000,017,392 | -H-- | C] () -- C:\Windows\1cz5sp5ware279.dll
[2008.02.07 08:46:58 | 000,015,260 | -H-- | C] () -- C:\Windows\System32\7799zpa5se1807.dll
[2008.02.05 04:22:00 | 000,015,977 | -H-- | C] () -- C:\Windows\System32\32702z9y565.dll
[2008.02.01 15:39:42 | 000,013,490 | -H-- | C] () -- C:\Windows\23599worm56z.dll
[2008.01.25 12:49:42 | 000,008,505 | -H-- | C] () -- C:\Windows\System32\9951wormz93.dll
[2008.01.25 01:19:50 | 000,017,085 | -H-- | C] () -- C:\Windows\50809orz22f.dll
[2008.01.22 16:16:17 | 000,000,027 | -H-- | C] () -- C:\Windows\CDE DX4400DEFGIPS.ini
[2008.01.20 18:18:12 | 000,005,663 | -H-- | C] () -- C:\Windows\46e2addz9r5226.bin
[2008.01.20 11:10:02 | 000,007,250 | -H-- | C] () -- C:\Windows\53489pambotzb2.bin
[2008.01.17 16:25:56 | 000,010,262 | -H-- | C] () -- C:\Windows\System32\6656hacktool9z6.exe
[2008.01.15 09:58:06 | 000,013,232 | -H-- | C] () -- C:\Windows\437dzpar5e9866.dll
[2008.01.14 09:26:56 | 000,010,650 | -H-- | C] () -- C:\Windows\5b58zir92515.bin
[2008.01.12 23:07:48 | 000,006,945 | -H-- | C] () -- C:\Windows\zadasparse5039.dll
[2008.01.12 07:39:24 | 000,009,358 | -H-- | C] () -- C:\Windows\System32\1595ack9ooz1102.exe
[2008.01.08 16:25:18 | 000,006,373 | -H-- | C] () -- C:\Windows\91937wormz56.exe
[2008.01.07 19:50:32 | 000,006,877 | -H-- | C] () -- C:\Windows\System32\112319p5z9.bin
[2008.01.05 23:27:20 | 000,008,821 | -H-- | C] () -- C:\Windows\System32\1953zs9amb5t582.dll
[2008.01.05 18:47:37 | 000,004,060 | -H-- | C] () -- C:\Windows\1591zspyc5.bin
[2008.01.03 16:03:10 | 000,008,121 | -H-- | C] () -- C:\Windows\9e6f5ddware321z.dll
[2007.11.07 22:05:57 | 000,000,095 | -H-- | C] () -- C:\Windows\winamp.ini
[2007.06.30 14:52:19 | 000,000,282 | -H-- | C] () -- C:\Windows\Lexstat.ini
[2007.06.11 20:18:07 | 000,000,305 | -H-- | C] () -- C:\ProgramData\addr_file.html
[2007.05.30 20:42:17 | 000,035,328 | -H-- | C] () -- C:\Users\Jan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.05.27 11:17:46 | 000,032,549 | -H-- | C] () -- C:\Windows\king-uninstall.exe
[2007.05.25 19:35:49 | 000,000,000 | -H-- | C] () -- C:\Windows\nsreg.dat
[2007.02.28 20:27:59 | 000,000,135 | RH-- | C] () -- C:\Windows\System32\lngEng.ini
[2007.02.28 20:27:59 | 000,000,117 | -H-- | C] () -- C:\Windows\System32\lngKor.ini
[2007.02.28 20:27:14 | 000,221,184 | -H-- | C] () -- C:\Windows\SetDisplayResolution.exe
[2007.02.28 20:13:14 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2007.02.28 20:10:32 | 000,040,960 | -H-- | C] () -- C:\Windows\System32\IhDEV.exe
[2007.02.28 20:10:32 | 000,024,576 | -H-- | C] () -- C:\Windows\System32\IhINF.exe
[2007.02.28 20:09:05 | 000,002,744 | -H-- | C] () -- C:\Windows\System32\drivers\HDACfg.dat
[2007.02.28 20:09:04 | 000,049,152 | -H-- | C] () -- C:\Windows\System32\ChCfg.exe
[2007.02.28 19:48:18 | 000,644,844 | -H-- | C] () -- C:\Windows\System32\perfh007.dat
[2007.02.28 19:48:18 | 000,290,748 | -H-- | C] () -- C:\Windows\System32\perfi007.dat
[2007.02.28 19:48:18 | 000,117,724 | -H-- | C] () -- C:\Windows\System32\perfc007.dat
[2007.02.28 19:48:18 | 000,036,916 | -H-- | C] () -- C:\Windows\System32\perfd007.dat
[2007.02.28 19:39:32 | 000,016,480 | -H-- | C] () -- C:\Windows\System32\rixdicon.dll
[2007.02.28 19:39:25 | 001,060,424 | -H-- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2007.02.28 19:39:20 | 003,107,788 | -H-- | C] () -- C:\Windows\System32\atiumdva.dat
[2007.02.28 19:39:19 | 000,145,112 | -H-- | C] () -- C:\Windows\System32\atiicdxx.dat
[2007.02.16 02:51:02 | 000,274,432 | -H-- | C] () -- C:\Windows\System32\NDADLL.dll
[2006.11.30 03:00:30 | 000,045,056 | -H-- | C] () -- C:\Windows\System32\MAWebControl.exe
[2006.11.30 03:00:28 | 000,307,200 | -H-- | C] () -- C:\Windows\System32\LDBGenWizView.dll
[2006.11.21 23:43:46 | 000,389,120 | -H-- | C] () -- C:\Windows\System32\btwhidcs.dll
[2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:47:37 | 000,367,624 | -H-- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:33:01 | 000,613,046 | -H-- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | -H-- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,104,768 | -H-- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | -H-- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 12:25:44 | 000,159,744 | -H-- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006.11.02 12:23:21 | 000,215,943 | -H-- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | -H-- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | -H-- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | -H-- | C] () -- C:\Windows\System32\mlang.dat
[2006.11.02 09:22:43 | 000,099,999 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2006.11.02 09:22:43 | 000,018,271 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2006.10.09 20:01:28 | 000,061,440 | -H-- | C] () -- C:\Windows\System32\AVSAudioWideStereoDMO.dll
[2003.02.20 17:53:42 | 000,005,702 | -H-- | C] () -- C:\Windows\System32\OUTLPERF.INI
[2001.11.14 22:56:00 | 001,802,240 | -H-- | C] () -- C:\Windows\System32\lcppn21.dll

< End of report >
--- --- ---

cosinus 28.04.2011 20:19
Das schon probiert => http://www.trojaner-board.de/82699-m...tet-nicht.html
Ggf im Zusammenhang mit dem random installer probieren, falls man schon Probleme bei der Installation bzw. beim Download hat => http://malwarebytes.org/mbam-download-exe-random.php

Kahe 28.04.2011 21:19
Hallo Cosinus,

also,habe es geschafft das meine Datein und Ordner wieder sichtbar sind,danke.Allerdings kann ich Malwarebytes immer noch nicht installieren.Kurz vor Ende der Instalation erscheint die Meldung-Setup konnte nicht abgeschlossen werden.

Was kann ich tun?
Danke im Voraus.

Kahe 28.04.2011 23:44
Hallo Cosinus,

also habe Malwarebytes jetzt doch installiert bekommen.
Hier sind die Logdatein.

Was sollte ich als nächstes tun?

Danke im Voraus

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 5363

Windows 6.0.6000
Internet Explorer 7.0.6000.17037

28.04.2011 23:13:44
mbam-log-2011-04-28 (23-13-44).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 134445
Laufzeit: 8 Minute(n), 53 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 3
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop\NoChangingWallPaper (PUM.Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (PUM.Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (PUM.Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)





Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 6467

Windows 6.0.6000
Internet Explorer 7.0.6000.17037

29.04.2011 00:28:31
mbam-log-2011-04-29 (00-28-31).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|)
Durchsuchte Objekte: 246151
Laufzeit: 1 Stunde(n), 8 Minute(n), 8 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 1
Infizierte Dateien: 2

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
c:\Users\xxx\AppData\Roaming\microsoft\Windows\start menu\Programs\windows recovery (Trojan.FakeAV) -> Quarantined and deleted successfully.

Infizierte Dateien:
c:\Users\xxx\AppData\Roaming\microsoft\Windows\start menu\Programs\windows recovery\uninstall windows recovery.lnk (Trojan.FakeAV) -> Quarantined and deleted successfully.
c:\Users\xxx\AppData\Roaming\microsoft\Windows\start menu\Programs\windows recovery\windows recovery.lnk (Trojan.FakeAV) -> Quarantined and deleted successfully.

cosinus 29.04.2011 10:52
Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:
:OTL
[2009.04.19 08:25:36 | 000,011,949 | -H-- | C] () -- C:\Windows\System32\756zpar9e265.dll
[2009.04.13 11:37:11 | 000,015,559 | -H-- | C] () -- C:\Windows\System32\4a50t9ief1152z.bin
[2009.04.11 12:27:58 | 000,005,283 | -H-- | C] () -- C:\Windows\76z9hacktoo5109.dll
[2009.04.11 11:53:46 | 000,003,033 | -H-- | C] () -- C:\Windows\4z5cvir9414.exe
[2009.04.10 21:09:25 | 000,011,953 | -H-- | C] () -- C:\Windows\1526zhackt9ol207.dll
[2009.04.10 17:33:27 | 000,014,695 | -H-- | C] () -- C:\Windows\System32\54635worm9az.bin
[2009.04.08 04:50:20 | 000,013,855 | -H-- | C] () -- C:\Windows\System32\22b5sp5rz9136.exe
[2009.04.06 17:19:32 | 000,010,698 | -H-- | C] () -- C:\Windows\5dz09ir695.bin
[2009.04.06 11:55:48 | 000,005,507 | -H-- | C] () -- C:\Windows\System32\4628s9ywaze1755.dll
[2009.04.05 08:37:47 | 000,008,235 | -H-- | C] () -- C:\Windows\System32\5136virzs4a89.bin
[2009.04.02 23:01:45 | 000,002,840 | -H-- | C] () -- C:\Windows\System32\20e7ztea93513.dll
[2009.04.02 17:45:15 | 000,006,313 | -H-- | C] () -- C:\Windows\System32\z1712spamb9t2f65.bin
[2009.04.01 20:48:52 | 000,005,778 | -H-- | C] () -- C:\Windows\104745pambzt6e9.dll
[2009.03.26 08:36:34 | 000,018,413 | -H-- | C] () -- C:\Windows\System32\52eetzief90875.bin
[2009.03.26 05:25:23 | 000,013,143 | -H-- | C] () -- C:\Windows\e56sp5warez97.exe
[2009.03.26 02:42:03 | 000,011,609 | -H-- | C] () -- C:\Windows\3zc1thie513899.exe
[2009.03.24 12:18:50 | 000,002,937 | -H-- | C] () -- C:\Windows\9285zspy424.dll
[2009.03.23 08:53:52 | 000,003,270 | -H-- | C] () -- C:\Windows\d79tzi5f1362.dll
[2009.03.23 03:11:47 | 000,015,344 | -H-- | C] () -- C:\Windows\System32\155b9hiefz80.exe
[2009.03.22 07:08:47 | 000,004,746 | -H-- | C] () -- C:\Windows\65zeaddware1977.bin
[2009.03.19 10:09:31 | 000,008,906 | -H-- | C] () -- C:\Windows\136azh9eat97445.dll
[2009.03.19 02:09:20 | 000,003,108 | -H-- | C] () -- C:\Windows\51z4ad5ware1798.dll
[2009.03.18 15:13:32 | 000,013,447 | -H-- | C] () -- C:\Windows\System32\5z370worm6e9.exe
[2009.03.15 14:13:58 | 000,015,811 | -H-- | C] () -- C:\Windows\17115hackzool2a9.exe
[2009.03.15 05:29:03 | 000,011,598 | -H-- | C] () -- C:\Windows\System32\zaa6v5r9616.exe
[2009.03.11 06:24:39 | 000,002,980 | -H-- | C] () -- C:\Windows\System32\3f7d5wnload9r1z04.exe
[2009.03.11 01:21:59 | 000,008,103 | -H-- | C] () -- C:\Windows\6a9stzal1560.exe
[2009.03.10 18:19:44 | 000,008,834 | -H-- | C] () -- C:\Windows\5f08addware593z.bin
[2009.03.10 04:54:21 | 000,003,126 | -H-- | C] () -- C:\Windows\c8zbackdoo5299.exe
[2009.03.08 12:21:47 | 000,009,444 | -H-- | C] () -- C:\Windows\System32\150z7not-9-virus197.exe
[2009.03.04 07:12:35 | 000,006,268 | -H-- | C] () -- C:\Windows\System32\5zcea9dwar558.exe
[2009.03.02 20:39:49 | 000,015,398 | -H-- | C] () -- C:\Windows\51c2v9r152z.exe
[2009.03.01 16:38:02 | 000,012,282 | -H-- | C] () -- C:\Windows\960zvir1705.bin
[2009.03.01 01:55:10 | 000,007,008 | -H-- | C] () -- C:\Windows\System32\2688s9azbot5f5.exe
[2009.02.21 23:05:41 | 000,008,744 | -H-- | C] () -- C:\Windows\System32\71z19parse526.exe
[2009.02.21 01:54:22 | 000,017,099 | -H-- | C] () -- C:\Windows\3a2zspar9e2651.exe
[2009.02.20 13:42:15 | 000,006,485 | -H-- | C] () -- C:\Windows\13522s9zmbot4c0.bin
[2009.02.20 01:32:36 | 000,002,709 | -H-- | C] () -- C:\Windows\System32\57109ackto5l7d9z.exe
[2009.02.15 22:46:29 | 000,015,608 | -H-- | C] () -- C:\Windows\System32\9892wzrm3a5.bin
[2009.02.15 08:10:47 | 000,016,549 | -H-- | C] () -- C:\Windows\5906thizf29305.bin
[2009.02.13 04:09:39 | 000,018,052 | -H-- | C] () -- C:\Windows\System32\f9cszywa5e1899.bin
[2009.02.12 21:45:37 | 000,011,696 | -H-- | C] () -- C:\Windows\System32\5a249hief447z.bin
[2009.02.10 16:21:36 | 000,005,440 | -H-- | C] () -- C:\Windows\System32\241b5t9al3z1.bin
[2009.02.09 14:17:42 | 000,004,586 | -H-- | C] () -- C:\Windows\System32\57z7hack9ool2b4.bin
[2009.02.07 08:00:05 | 000,011,822 | -H-- | C] () -- C:\Windows\System32\20a9stea52z59.bin
[2009.02.07 00:59:33 | 000,002,809 | -H-- | C] () -- C:\Windows\27299not-a-viru5z4a.bin
[2009.02.05 10:57:31 | 000,004,712 | -H-- | C] () -- C:\Windows\179edownlz5der2182.dll
[2009.02.03 17:18:53 | 000,016,910 | -H-- | C] () -- C:\Windows\32bzvir9095.dll
[2009.02.03 15:25:34 | 000,008,888 | -H-- | C] () -- C:\Windows\System32\2dd4st9zl25135.bin
[2009.02.03 07:52:19 | 000,007,981 | -H-- | C] () -- C:\Windows\5059th5eat28877z.exe
[2009.02.01 14:30:41 | 000,008,010 | -H-- | C] () -- C:\Windows\z0789spambot115.bin
[2009.01.27 23:46:41 | 000,008,428 | -H-- | C] () -- C:\Windows\15855noz9a-virus7ec.dll
[2009.01.27 10:07:38 | 000,008,522 | -H-- | C] () -- C:\Windows\System32\5625zroj3709.exe
[2009.01.25 19:38:35 | 000,011,526 | -H-- | C] () -- C:\Windows\System32\5945dowzloader411.bin
[2009.01.25 08:55:07 | 000,012,491 | -H-- | C] () -- C:\Windows\System32\z75dsparse9623.exe
[2009.01.23 13:02:46 | 000,005,131 | -H-- | C] () -- C:\Windows\System32\1455bac9doorz608.dll
[2009.01.21 08:41:48 | 000,016,441 | -H-- | C] () -- C:\Windows\System32\2c58adzwar92357.bin
[2009.01.21 01:36:09 | 000,003,408 | -H-- | C] () -- C:\Windows\59c6baczdoor5211.exe
[2009.01.18 08:05:58 | 000,005,333 | -H-- | C] () -- C:\Windows\11958tzo958b.exe
[2009.01.15 05:05:12 | 000,015,289 | -H-- | C] () -- C:\Windows\System32\7507b9ckdoor2799z.dll
[2009.01.14 13:20:44 | 000,003,372 | -H-- | C] () -- C:\Windows\793as9ezl5976.dll
[2009.01.14 09:55:10 | 000,013,127 | -H-- | C] () -- C:\Windows\9542zro9745.bin
[2009.01.13 19:57:51 | 000,013,665 | -H-- | C] () -- C:\Windows\System32\22759spy3z0.exe
[2009.01.10 22:47:09 | 000,013,908 | -H-- | C] () -- C:\Windows\System32\395bzpy5are1291.dll
[2009.01.10 18:03:24 | 000,016,033 | -H-- | C] () -- C:\Windows\5524thre9t23z80.dll
[2009.01.07 16:01:41 | 000,014,193 | -H-- | C] () -- C:\Windows\596evir27z7.exe
[2009.01.06 11:03:52 | 000,014,506 | -H-- | C] () -- C:\Windows\System32\335zhr95t10309.bin
[2009.01.06 08:46:08 | 000,008,439 | -H-- | C] () -- C:\Windows\System32\95359spz405.exe
[2009.01.04 18:58:49 | 000,009,835 | -H-- | C] () -- C:\Windows\19995woz5667.bin
[2009.01.03 12:15:42 | 000,005,390 | -H-- | C] () -- C:\Windows\System32\19azaddw5re2546.bin
[2009.01.02 12:59:01 | 000,008,508 | -H-- | C] () -- C:\Windows\System32\1z897not-a-9irus31e5.exe
[2008.12.28 09:51:01 | 000,016,997 | -H-- | C] () -- C:\Windows\926t9reat155z5.exe
[2008.12.17 10:01:32 | 000,003,743 | -H-- | C] () -- C:\Windows\7e159iz2646.dll
[2008.12.16 01:12:02 | 000,012,238 | -H-- | C] () -- C:\Windows\System32\55z0sp9rse223.dll
[2008.12.15 18:11:39 | 000,010,996 | -H-- | C] () -- C:\Windows\System32\z1544spambo5729.bin
[2008.12.11 03:54:42 | 000,002,654 | -H-- | C] () -- C:\Windows\System32\12429tzo5109.bin
[2008.12.10 19:55:22 | 000,012,765 | -H-- | C] () -- C:\Windows\System32\9539spy9z8.dll
[2008.12.02 17:35:17 | 000,007,741 | -H-- | C] () -- C:\Windows\135935irus2cz.dll
[2008.12.02 05:26:38 | 000,008,575 | -H-- | C] () -- C:\Windows\System32\11837tro598cz.bin
[2008.12.01 23:12:57 | 000,016,060 | -H-- | C] () -- C:\Windows\16056hac9tool135z.exe
[2008.11.27 15:53:28 | 000,010,326 | -H-- | C] () -- C:\Windows\234az9yware11585.exe
[2008.11.22 19:50:38 | 000,003,424 | -H-- | C] () -- C:\Windows\13141zacktool35b9.dll
[2008.11.22 11:29:19 | 000,010,566 | -H-- | C] () -- C:\Windows\ae6z95ware3110.exe
[2008.11.20 03:23:15 | 000,009,472 | -H-- | C] () -- C:\Windows\97913spzmbo5644.exe
[2008.11.19 23:13:56 | 000,017,558 | -H-- | C] () -- C:\Windows\1337zor51e59.exe
[2008.11.18 19:00:40 | 000,004,128 | -H-- | C] () -- C:\Windows\System32\3z465viru96c5.dll
[2008.11.16 07:42:08 | 000,011,045 | -H-- | C] () -- C:\Windows\System32\33addware295z.bin
[2008.11.11 01:01:16 | 000,004,400 | -H-- | C] () -- C:\Windows\9z389spa5bot628.bin
[2008.11.08 13:00:27 | 000,013,678 | -H-- | C] () -- C:\Windows\System32\15465zacktool579.dll
[2008.11.08 00:51:59 | 000,004,119 | -H-- | C] () -- C:\Windows\116z4t9oj54b.exe
[2008.11.07 23:23:12 | 000,013,452 | -H-- | C] () -- C:\Windows\System32\45d5s9arse2858z.dll
[2008.11.06 02:13:37 | 000,012,777 | -H-- | C] () -- C:\Windows\System32\705zth9ef1357.dll
[2008.11.04 18:33:11 | 000,002,830 | -H-- | C] () -- C:\Windows\8235notza-5ir9s348.dll
[2008.11.03 15:08:26 | 000,009,151 | -H-- | C] () -- C:\Windows\124z7viru5809.dll
[2008.11.01 06:21:19 | 000,017,486 | -H-- | C] () -- C:\Windows\System32\167z5worm59d9.exe
[2008.10.27 21:44:50 | 000,007,299 | -H-- | C] () -- C:\Windows\System32\4ddath9e5t9z36.exe
[2008.10.24 08:31:56 | 000,008,052 | -H-- | C] () -- C:\Windows\System32\55b7tz9ef5043.exe
[2008.10.22 14:26:31 | 000,011,868 | -H-- | C] () -- C:\Windows\12f6steal5479z.dll
[2008.10.17 23:06:31 | 000,012,374 | -H-- | C] () -- C:\Windows\System32\14z6stea5951.bin
[2008.10.12 18:14:23 | 000,010,943 | -H-- | C] () -- C:\Windows\7aa8zh5ef2929.bin
[2008.10.11 22:44:52 | 000,016,010 | -H-- | C] () -- C:\Windows\System32\z5585w9rm6f2.exe
[2008.10.11 00:38:43 | 000,009,184 | -H-- | C] () -- C:\Windows\18zcsp9rse1715.dll
[2008.10.02 22:41:26 | 000,012,235 | -H-- | C] () -- C:\Windows\6zaca5dware989.bin
[2008.10.01 17:35:46 | 000,005,535 | -H-- | C] () -- C:\Windows\9z5vir2947.bin
[2008.09.28 14:36:45 | 000,009,057 | -H-- | C] () -- C:\Windows\399dadzw5re2005.exe
[2008.09.26 19:38:07 | 000,016,559 | -H-- | C] () -- C:\Windows\1z991worm325.dll
[2008.09.23 23:33:35 | 000,009,295 | -H-- | C] () -- C:\Windows\38f495rzat13808.exe
[2008.09.20 06:40:44 | 000,011,291 | -H-- | C] () -- C:\Windows\3200thre9t15z56.dll
[2008.09.20 04:44:32 | 000,017,086 | -H-- | C] () -- C:\Windows\65z8hacktoo599.exe
[2008.09.18 16:23:07 | 000,008,455 | -H-- | C] () -- C:\Windows\System32\20942h5cktooz209.dll
[2008.09.17 22:34:43 | 000,016,592 | -H-- | C] () -- C:\Windows\System32\26098sp5mbot710z.exe
[2008.09.14 22:22:56 | 000,004,592 | -H-- | C] () -- C:\Windows\z52v9r5867.dll
[2008.09.14 07:30:21 | 000,008,526 | -H-- | C] () -- C:\Windows\System32\311thr9at25168z.bin
[2008.09.11 22:27:09 | 000,005,159 | -H-- | C] () -- C:\Windows\45z7s9ambot5e2.dll
[2008.09.10 22:33:48 | 000,003,659 | -H-- | C] () -- C:\Windows\905aspyzare2269.bin
[2008.09.10 22:20:53 | 000,011,428 | -H-- | C] () -- C:\Windows\39035spy30z.dll
[2008.09.10 02:50:42 | 000,015,197 | -H-- | C] () -- C:\Windows\95cathief2514z.exe
[2008.09.07 00:29:38 | 000,010,903 | -H-- | C] () -- C:\Windows\37465ackt9zlca.exe
[2008.09.06 10:40:29 | 000,011,176 | -H-- | C] () -- C:\Windows\System32\7421noz-a-virus2059.bin
[2008.09.05 17:15:29 | 000,005,054 | -H-- | C] () -- C:\Windows\21z33vir9s44d5.dll
[2008.09.01 12:52:21 | 000,014,033 | -H-- | C] () -- C:\Windows\System32\5a99szyware26549.exe
[2008.08.28 16:33:32 | 000,017,196 | -H-- | C] () -- C:\Windows\System32\57e8sz9ware928.exe
[2008.08.28 02:11:05 | 000,003,023 | -H-- | C] () -- C:\Windows\138959py550z.exe
[2008.08.26 14:11:31 | 000,015,591 | -H-- | C] () -- C:\Windows\System32\11a7bazk5oor25659.exe
[2008.08.24 08:26:29 | 000,002,762 | -H-- | C] () -- C:\Windows\19565spambot738z.dll
[2008.08.23 13:07:35 | 000,003,710 | -H-- | C] () -- C:\Windows\5256th9ef1z54.dll
[2008.08.20 01:54:08 | 000,006,127 | -H-- | C] () -- C:\Windows\System32\6c29addw9re2456z.exe
[2008.08.19 21:19:20 | 000,005,036 | -H-- | C] () -- C:\Windows\System32\3a98downl5a9erz585.bin
[2008.08.19 14:50:39 | 000,012,836 | -H-- | C] () -- C:\Windows\System32\92757trzj561.dll
[2008.08.18 07:54:09 | 000,005,068 | -H-- | C] () -- C:\Windows\System32\76e09hr5zt20047.exe
[2008.08.18 07:11:30 | 000,011,896 | -H-- | C] () -- C:\Windows\192fa5zware552.dll
[2008.08.18 04:58:45 | 000,012,573 | -H-- | C] () -- C:\Windows\z9360spambot65d.bin
[2008.08.17 16:39:13 | 000,017,671 | -H-- | C] () -- C:\Windows\System32\358s9y2z1.dll
[2008.08.17 05:40:49 | 000,008,913 | -H-- | C] () -- C:\Windows\55779irus23z.dll
[2008.08.16 00:03:10 | 000,018,074 | -H-- | C] () -- C:\Windows\System32\30925wzr952f.dll
[2008.08.11 16:19:04 | 000,013,124 | -H-- | C] () -- C:\Windows\124169ackto5l573z.exe
[2008.08.06 18:00:32 | 000,010,857 | -H-- | C] () -- C:\Windows\System32\16491ziru9656.bin
[2008.08.06 02:15:40 | 000,006,562 | -H-- | C] () -- C:\Windows\System32\21957szambot188.bin
[2008.08.05 04:43:10 | 000,009,024 | -H-- | C] () -- C:\Windows\System32\5addsp5war9z42.bin
[2008.08.02 21:28:07 | 000,015,642 | -H-- | C] () -- C:\Windows\96197not5azvirus2bc.exe
[2008.07.23 15:47:11 | 000,012,372 | -H-- | C] () -- C:\Windows\System32\4233sp5wzre1918.dll
[2008.07.20 20:39:48 | 000,015,907 | -H-- | C] () -- C:\Windows\System32\26079not-a-vi59z28a.bin
[2008.07.20 14:49:39 | 000,012,714 | -H-- | C] () -- C:\Windows\19595spamzot5569.dll
[2008.07.17 14:43:16 | 000,011,955 | -H-- | C] () -- C:\Windows\System32\15570notz5-vi9us225.exe
[2008.07.17 04:22:20 | 000,005,475 | -H-- | C] () -- C:\Windows\29452nzt-a-9irus43f.dll
[2008.07.13 20:33:44 | 000,005,443 | -H-- | C] () -- C:\Windows\System32\104z2spa9b5t705.bin
[2008.07.13 08:09:48 | 000,009,863 | -H-- | C] () -- C:\Windows\3c55stea9215z.exe
[2008.07.11 19:30:11 | 000,012,134 | -H-- | C] () -- C:\Windows\zcd6spy5are1984.exe
[2008.07.10 10:28:36 | 000,002,948 | -H-- | C] () -- C:\Windows\System32\18bzspyware15359.exe
[2008.07.08 08:43:12 | 000,012,034 | -H-- | C] () -- C:\Windows\13335tzoj26b9.dll
[2008.07.07 22:09:34 | 000,017,899 | -H-- | C] () -- C:\Windows\258b5iz2598.bin
[2008.07.04 00:18:09 | 000,003,312 | -H-- | C] () -- C:\Windows\97853zacktool3d9.dll
[2008.07.01 23:51:19 | 000,009,424 | -H-- | C] () -- C:\Windows\19z58hacktool45b5.dll
[2008.06.28 20:23:34 | 000,008,466 | -H-- | C] () -- C:\Windows\System32\z9876not-a-59rusd7.bin
[2008.06.25 04:20:41 | 000,009,838 | -H-- | C] () -- C:\Windows\9abfspyzare1052.dll
[2008.06.24 20:25:24 | 000,011,589 | -H-- | C] () -- C:\Windows\90447zacktool455.bin
[2008.06.24 19:54:07 | 000,002,673 | -H-- | C] () -- C:\Windows\19cz9ir3540.bin
[2008.06.23 09:39:42 | 000,010,654 | -H-- | C] () -- C:\Windows\System32\11554szy749.dll
[2008.06.21 10:24:01 | 000,018,009 | -H-- | C] () -- C:\Windows\325495ot9a-virus60z.exe
[2008.06.20 02:53:57 | 000,010,692 | -H-- | C] () -- C:\Windows\System32\5f11down9ozder2165.exe
[2008.06.18 17:19:21 | 000,010,847 | -H-- | C] () -- C:\Windows\26393not-a-virus73z5.bin
[2008.06.15 03:42:18 | 000,008,877 | -H-- | C] () -- C:\Windows\5a4avi520z99.bin
[2008.06.12 16:18:16 | 000,008,257 | -H-- | C] () -- C:\Windows\System32\6385hr9at4653z.dll
[2008.06.11 07:10:43 | 000,017,063 | -H-- | C] () -- C:\Windows\92295dware7z9.bin
[2008.06.09 15:35:56 | 000,007,798 | -H-- | C] () -- C:\Windows\System32\25389worm7z7.bin
[2008.06.08 19:23:35 | 000,006,255 | -H-- | C] () -- C:\Windows\System32\2931z5r9s353.exe
[2008.06.07 08:18:47 | 000,015,115 | -H-- | C] () -- C:\Windows\System32\960evz51760.bin
[2008.05.26 09:20:16 | 000,009,697 | -H-- | C] () -- C:\Windows\System32\5291vir2z93.bin
[2008.05.23 23:24:08 | 000,005,447 | -H-- | C] () -- C:\Windows\System32\1c85vi9z57.exe
[2008.05.22 13:54:14 | 000,015,168 | -H-- | C] () -- C:\Windows\System32\91c8stea5115z.exe
[2008.05.22 02:54:16 | 000,004,289 | -H-- | C] () -- C:\Windows\a5fzpywa9e2498.exe
[2008.05.17 02:47:54 | 000,004,321 | -H-- | C] () -- C:\Windows\System32\zf1fdownload951154.bin
[2008.05.16 16:30:04 | 000,004,186 | -H-- | C] () -- C:\Windows\System32\102729rzj5a5.dll
[2008.05.15 20:55:54 | 000,013,077 | -H-- | C] () -- C:\Windows\56994trzj790.dll
[2008.05.15 04:31:39 | 000,012,934 | -H-- | C] () -- C:\Windows\System32\72dzv953127.dll
[2008.05.13 04:35:04 | 000,015,960 | -H-- | C] () -- C:\Windows\System32\z4947troj7805.dll
[2008.05.12 13:03:15 | 000,003,854 | -H-- | C] () -- C:\Windows\14dspzrse16985.exe
[2008.05.12 11:15:19 | 000,006,635 | -H-- | C] () -- C:\Windows\25413s9zmbot217.bin
[2008.05.12 01:46:20 | 000,014,386 | -H-- | C] () -- C:\Windows\System32\95303szy4b5.bin
[2008.05.11 15:22:01 | 000,017,720 | -H-- | C] () -- C:\Windows\System32\zad7ad9war52635.exe
[2008.05.10 23:53:54 | 000,005,017 | -H-- | C] () -- C:\Windows\1557downl9zder2301.bin
[2008.05.07 07:13:11 | 000,011,123 | -H-- | C] () -- C:\Windows\System32\22dbackd95r1z78.bin
[2008.05.06 21:48:58 | 000,004,866 | -H-- | C] () -- C:\Windows\System32\26625ownzoader289.exe
[2008.05.03 16:40:25 | 000,007,881 | -H-- | C] () -- C:\Windows\System32\79f5vzr20259.dll
[2008.05.01 08:14:50 | 000,007,122 | -H-- | C] () -- C:\Windows\2z799sp9mb5t515.dll
[2008.04.20 12:17:52 | 000,013,304 | -H-- | C] () -- C:\Windows\99098s5y476z.dll
[2008.04.20 01:05:40 | 000,008,556 | -H-- | C] () -- C:\Windows\System32\5579viz346.dll
[2008.04.19 08:00:47 | 000,016,349 | -H-- | C] () -- C:\Windows\1995trojz89.exe
[2008.04.18 12:52:50 | 000,016,538 | -H-- | C] () -- C:\Windows\System32\z192stea59329.exe
[2008.04.16 01:02:38 | 000,003,711 | -H-- | C] () -- C:\Windows\6fbed9wnl5ader141z.exe
[2008.04.13 08:41:07 | 000,017,278 | -H-- | C] () -- C:\Windows\4z65s9arse5121.bin
[2008.04.10 22:44:23 | 000,007,783 | -H-- | C] () -- C:\Windows\System32\12999sp5f5z.bin
[2008.04.09 12:43:09 | 000,013,591 | -H-- | C] () -- C:\Windows\System32\585zs9y45d.exe
[2008.04.09 01:27:53 | 000,012,137 | -H-- | C] () -- C:\Windows\System32\35229acktozl417.dll
[2008.04.08 19:43:26 | 000,006,130 | -H-- | C] () -- C:\Windows\1854t5ojz99.bin
[2008.04.06 03:00:00 | 000,006,782 | -H-- | C] () -- C:\Windows\System32\5959thzef2219.bin
[2008.04.04 15:59:56 | 000,005,344 | -H-- | C] () -- C:\Windows\7135addwa5ez790.dll
[2008.04.04 05:45:45 | 000,007,577 | -H-- | C] () -- C:\Windows\3252thi9f5z52.exe
[2008.03.27 09:31:51 | 000,005,856 | -H-- | C] () -- C:\Windows\System32\756sz9rse1576.dll
[2008.03.27 01:23:20 | 000,017,747 | -H-- | C] () -- C:\Windows\19c0vi51071z.dll
[2008.03.26 21:27:06 | 000,012,641 | -H-- | C] () -- C:\Windows\System32\5095zir455.bin
[2008.03.25 03:26:50 | 000,008,221 | -H-- | C] () -- C:\Windows\5z55spambot549.bin
[2008.03.22 16:01:01 | 000,006,508 | -H-- | C] () -- C:\Windows\System32\93656vzrus505.exe
[2008.03.21 16:17:03 | 000,017,777 | -H-- | C] () -- C:\Windows\System32\75threat14319z.dll
[2008.03.19 11:26:57 | 000,005,959 | -H-- | C] () -- C:\Windows\System32\294249ac5zool780.dll
[2008.03.18 19:55:57 | 000,005,210 | -H-- | C] () -- C:\Windows\490zbackd5or289.exe
[2008.03.18 13:51:35 | 000,017,149 | -H-- | C] () -- C:\Windows\System32\9554trojzee.exe
[2008.03.17 13:22:42 | 000,003,742 | -H-- | C] () -- C:\Windows\System32\78585roz349.exe
[2008.03.13 20:48:56 | 000,011,941 | -H-- | C] () -- C:\Windows\11b3zownloa9er2567.dll
[2008.03.12 15:29:06 | 000,008,882 | -H-- | C] () -- C:\Windows\System32\24355hzcktool2009.dll
[2008.03.12 01:03:19 | 000,016,059 | -H-- | C] () -- C:\Windows\System32\7686za5ktoo94c7.exe
[2008.03.11 15:40:27 | 000,013,655 | -H-- | C] () -- C:\Windows\System32\28523hacktozl4915.exe
[2008.03.10 20:43:14 | 000,009,660 | -H-- | C] () -- C:\Windows\26365zackto5l9b6.bin
[2008.03.09 15:35:33 | 000,012,797 | -H-- | C] () -- C:\Windows\System32\5e99addwa5z2230.exe
[2008.03.08 06:40:53 | 000,003,115 | -H-- | C] () -- C:\Windows\System32\1z456virus59b.dll
[2008.03.06 06:57:14 | 000,015,895 | -H-- | C] () -- C:\Windows\System32\9zbaddware584.dll
[2008.03.04 06:46:36 | 000,003,624 | -H-- | C] () -- C:\Windows\7z90v5ru9443.bin
[2008.03.03 17:27:00 | 000,009,292 | -H-- | C] () -- C:\Windows\System32\21386hac5too950dz.exe
[2008.02.28 05:01:38 | 000,017,338 | -H-- | C] () -- C:\Windows\System32\15769no95azvirus699.exe
[2008.02.24 16:48:26 | 000,010,151 | -H-- | C] () -- C:\Windows\24651not-a-vir9s49ez.exe
[2008.02.23 19:02:14 | 000,013,640 | -H-- | C] () -- C:\Windows\2z9ethief259.dll
[2008.02.18 02:50:48 | 000,008,480 | -H-- | C] () -- C:\Windows\cfzt5ief9943.bin
[2008.02.17 17:44:03 | 000,010,169 | -H-- | C] () -- C:\Windows\System32\158595roj497z.exe
[2008.02.17 12:44:02 | 000,005,187 | -H-- | C] () -- C:\Windows\19597hazkt5ol5ad9.bin
[2008.02.17 02:08:08 | 000,016,740 | -H-- | C] () -- C:\Windows\12c959iez934.bin
[2008.02.16 05:44:16 | 000,003,829 | -H-- | C] () -- C:\Windows\System32\369dowzloa5er2791.exe
[2008.02.09 04:43:04 | 000,013,847 | -H-- | C] () -- C:\Windows\System32\5a9cdzwnload5r395.exe
[2008.02.08 21:53:33 | 000,017,392 | -H-- | C] () -- C:\Windows\1cz5sp5ware279.dll
[2008.02.07 08:46:58 | 000,015,260 | -H-- | C] () -- C:\Windows\System32\7799zpa5se1807.dll
[2008.02.05 04:22:00 | 000,015,977 | -H-- | C] () -- C:\Windows\System32\32702z9y565.dll
[2008.02.01 15:39:42 | 000,013,490 | -H-- | C] () -- C:\Windows\23599worm56z.dll
[2008.01.25 12:49:42 | 000,008,505 | -H-- | C] () -- C:\Windows\System32\9951wormz93.dll
[2008.01.25 01:19:50 | 000,017,085 | -H-- | C] () -- C:\Windows\50809orz22f.dll
[2008.01.22 16:16:17 | 000,000,027 | -H-- | C] () -- C:\Windows\CDE DX4400DEFGIPS.ini
[2008.01.20 18:18:12 | 000,005,663 | -H-- | C] () -- C:\Windows\46e2addz9r5226.bin
[2008.01.20 11:10:02 | 000,007,250 | -H-- | C] () -- C:\Windows\53489pambotzb2.bin
[2008.01.17 16:25:56 | 000,010,262 | -H-- | C] () -- C:\Windows\System32\6656hacktool9z6.exe
[2008.01.15 09:58:06 | 000,013,232 | -H-- | C] () -- C:\Windows\437dzpar5e9866.dll
[2008.01.14 09:26:56 | 000,010,650 | -H-- | C] () -- C:\Windows\5b58zir92515.bin
[2008.01.12 23:07:48 | 000,006,945 | -H-- | C] () -- C:\Windows\zadasparse5039.dll
[2008.01.12 07:39:24 | 000,009,358 | -H-- | C] () -- C:\Windows\System32\1595ack9ooz1102.exe
[2008.01.08 16:25:18 | 000,006,373 | -H-- | C] () -- C:\Windows\91937wormz56.exe
[2008.01.07 19:50:32 | 000,006,877 | -H-- | C] () -- C:\Windows\System32\112319p5z9.bin
[2008.01.05 23:27:20 | 000,008,821 | -H-- | C] () -- C:\Windows\System32\1953zs9amb5t582.dll
[2008.01.05 18:47:37 | 000,004,060 | -H-- | C] () -- C:\Windows\1591zspyc5.bin
[2008.01.03 16:03:10 | 000,008,121 | -H-- | C] () -- C:\Windows\9e6f5ddware321z.dll
[2009.12.11 23:46:36 | 000,003,254 | -H-- | C] () -- C:\Windows\System32\1c79zhie5632.bin
[2009.12.10 00:26:12 | 000,007,976 | -H-- | C] () -- C:\Windows\System32\459bvir4z9.dll
[2009.12.08 16:41:38 | 000,014,508 | -H-- | C] () -- C:\Windows\System32\z99dthief593.exe
[2009.12.05 13:24:15 | 000,002,975 | -H-- | C] () -- C:\Windows\System32\7659s5ywzr9200.dll
[2009.12.04 22:11:01 | 000,009,036 | -H-- | C] () -- C:\Windows\450stezl2639.dll
[2009.12.03 18:21:46 | 000,016,811 | -H-- | C] () -- C:\Windows\System32\4495szyware9839.bin
[2009.12.03 18:11:20 | 000,008,372 | -H-- | C] () -- C:\Windows\3ff2sz95are2166.bin
[2009.12.01 15:59:23 | 000,010,724 | -H-- | C] () -- C:\Windows\369bspyware296z5.dll
[2009.12.01 13:27:47 | 000,009,485 | -H-- | C] () -- C:\Windows\112z29py256.bin
[2009.11.25 09:29:43 | 000,008,648 | -H-- | C] () -- C:\Windows\System32\203z99ot-a-5irus131.dll
[2009.11.25 09:19:17 | 000,017,621 | -H-- | C] () -- C:\Windows\System32\23164spambz91905.bin
[2009.11.22 08:37:20 | 000,004,685 | -H-- | C] () -- C:\Windows\System32\460zspa5se18089.dll
[2009.11.22 08:06:24 | 000,010,580 | -H-- | C] () -- C:\Windows\System32\de6th9eaz15383.dll
[2009.11.14 16:00:29 | 000,013,768 | -H-- | C] () -- C:\Windows\2dazaddware1509.dll
[2009.11.14 03:44:02 | 000,013,075 | -H-- | C] () -- C:\Windows\41035pz9e5.exe
[2009.11.12 09:08:23 | 000,002,794 | -H-- | C] () -- C:\Windows\19809vir5s55z.bin
[2009.11.11 21:36:34 | 000,012,273 | -H-- | C] () -- C:\Windows\System32\9z459hackto5l52.dll
[2009.11.11 10:19:46 | 000,008,425 | -H-- | C] () -- C:\Windows\911do9zloader2950.dll
[2009.11.11 03:19:16 | 000,003,024 | -H-- | C] () -- C:\Windows\97593not-a-virus594z.bin
[2009.11.10 12:45:15 | 000,017,350 | -H-- | C] () -- C:\Windows\System32\585zad9ware2795.bin
[2009.11.07 15:48:34 | 000,005,481 | -H-- | C] () -- C:\Windows\29eespa95ez844.dll
[2009.11.07 13:24:34 | 000,002,782 | -H-- | C] () -- C:\Windows\System32\1z565not-a9virus157.exe
[2009.11.06 14:23:57 | 000,008,504 | -H-- | C] () -- C:\Windows\System32\5ca9backdoor23z7.exe
[2009.11.01 14:59:52 | 000,016,467 | -H-- | C] () -- C:\Windows\11z56tr9j793.dll
[2009.10.27 13:40:02 | 000,011,760 | -H-- | C] () -- C:\Windows\21121nzt-a-5irus33b9.exe
[2009.10.25 21:41:40 | 000,016,609 | -H-- | C] () -- C:\Windows\System32\4718sp54fz9.exe
[2009.10.21 17:38:18 | 000,017,492 | -H-- | C] () -- C:\Windows\System32\5192s9arze520.bin
[2009.10.21 17:38:18 | 000,014,540 | -H-- | C] () -- C:\Windows\9df6st5zl144.dll
[2009.10.21 17:38:18 | 000,013,585 | -H-- | C] () -- C:\Windows\90c7tzief1375.dll
[2009.10.21 17:38:18 | 000,013,229 | -H-- | C] () -- C:\Windows\System32\3256s9azse3559.bin
[2009.10.21 17:38:18 | 000,011,899 | -H-- | C] () -- C:\Windows\System32\288zvir9915.bin
[2009.10.21 17:38:18 | 000,010,005 | -H-- | C] () -- C:\Windows\54zfbackdoo52917.exe
[2009.10.21 17:38:18 | 000,006,260 | -H-- | C] () -- C:\Windows\System32\715ath9eat189z.bin
[2009.10.21 17:38:18 | 000,005,685 | -H-- | C] () -- C:\Windows\System32\59984wormz89.dll
[2009.10.21 17:38:18 | 000,004,284 | -H-- | C] () -- C:\Windows\1489359t-a-vzrus184.bin
[2009.10.21 17:38:17 | 000,018,132 | -H-- | C] () -- C:\Windows\System32\5158no9-z-virus46f.exe
[2009.10.21 17:38:17 | 000,008,877 | -H-- | C] () -- C:\Windows\5af8sparsz9591.bin
[2009.10.21 17:38:16 | 000,017,830 | -H-- | C] () -- C:\Windows\14558sp9mbot5z4.bin
[2009.10.21 17:38:16 | 000,012,032 | -H-- | C] () -- C:\Windows\System32\1z66ha9kt5ol6db.exe
[2009.10.21 17:38:16 | 000,003,911 | -H-- | C] () -- C:\Windows\9c69zteal1225.dll
[2009.10.21 17:38:11 | 000,017,181 | -H-- | C] () -- C:\Windows\System32\zeaadd5are2598.bin
[2009.10.21 17:38:11 | 000,014,381 | -H-- | C] () -- C:\Windows\System32\394edownlza5er1496.dll
[2009.10.21 17:38:11 | 000,012,214 | -H-- | C] () -- C:\Windows\System32\36ddt9izf5135.bin
[2009.10.21 17:38:11 | 000,011,532 | -H-- | C] () -- C:\Windows\System32\69aspyw9rz15855.exe
[2009.10.21 17:38:11 | 000,011,065 | -H-- | C] () -- C:\Windows\System32\7z1cvi5946.bin
[2009.10.21 17:38:11 | 000,009,570 | -H-- | C] () -- C:\Windows\39afviz15365.dll
[2009.10.21 17:38:11 | 000,007,828 | -H-- | C] () -- C:\Windows\System32\3ffest9a526z.bin
[2009.10.21 17:38:11 | 000,005,341 | -H-- | C] () -- C:\Windows\96z73troj1f5.bin
[2009.10.21 17:38:10 | 000,018,423 | -H-- | C] () -- C:\Windows\18675hack5zol980.exe
[2009.10.21 17:38:10 | 000,018,115 | -H-- | C] () -- C:\Windows\b29backdoor95z.exe
[2009.10.21 17:38:10 | 000,013,242 | -H-- | C] () -- C:\Windows\56d9spywarz597.bin
[2009.10.21 17:38:10 | 000,006,420 | -H-- | C] () -- C:\Windows\System32\5699virus55z.exe
[2009.10.21 17:38:09 | 000,018,112 | -H-- | C] () -- C:\Windows\System32\2225ba9kdoor50z8.dll
[2009.10.21 17:38:09 | 000,012,607 | -H-- | C] () -- C:\Windows\f58downlz5de959.exe
[2009.10.21 17:38:09 | 000,010,630 | -H-- | C] () -- C:\Windows\28958vzru9535.exe
[2009.10.21 17:38:09 | 000,009,453 | -H-- | C] () -- C:\Windows\3f07zhreat551299.dll
[2009.10.21 17:38:09 | 000,005,395 | -H-- | C] () -- C:\Windows\5f1bb5ckzoo92837.dll
[2009.10.21 17:38:08 | 000,017,029 | -H-- | C] () -- C:\Windows\System32\25afspyw5rz21639.exe
[2009.10.21 17:38:08 | 000,016,790 | -H-- | C] () -- C:\Windows\System32\5z319py397.bin
[2009.10.21 17:38:08 | 000,016,684 | -H-- | C] () -- C:\Windows\System32\1d95thre9t169z0.bin
[2009.10.21 17:38:08 | 000,011,573 | -H-- | C] () -- C:\Windows\3f3spy9az51025.bin
[2009.10.21 17:38:08 | 000,008,785 | -H-- | C] () -- C:\Windows\System32\5697spazbot4a5.exe
[2009.10.21 17:38:08 | 000,008,514 | -H-- | C] () -- C:\Windows\System32\6a53addwarez1159.bin
[2009.10.21 17:38:08 | 000,003,327 | -H-- | C] () -- C:\Windows\17599wormfz.exe
[2009.10.21 17:38:08 | 000,003,124 | -H-- | C] () -- C:\Windows\System32\369ad5wnzoader779.exe
[2009.10.21 17:38:07 | 000,018,132 | -H-- | C] () -- C:\Windows\System32\29959virzs76e.bin
[2009.10.21 17:38:07 | 000,017,251 | -H-- | C] () -- C:\Windows\System32\236aaddw5ze2939.dll
[2009.10.21 17:38:07 | 000,017,048 | -H-- | C] () -- C:\Windows\19589spy5zf.dll
[2009.10.21 17:38:07 | 000,015,852 | -H-- | C] () -- C:\Windows\15915not-a-viruszd2.dll
[2009.10.21 17:38:07 | 000,014,383 | -H-- | C] () -- C:\Windows\5z6fsteal5979.exe
[2009.10.21 17:38:07 | 000,014,176 | -H-- | C] () -- C:\Windows\System32\z695py4b7.exe
[2009.10.21 17:38:07 | 000,012,430 | -H-- | C] () -- C:\Windows\System32\18705h9cktozl678.bin
[2009.10.21 17:38:07 | 000,012,202 | -H-- | C] () -- C:\Windows\System32\12z5spa5s9291.exe
[2009.10.21 17:38:07 | 000,011,939 | -H-- | C] () -- C:\Windows\System32\z471back9oo5467.bin
[2009.10.21 17:38:07 | 000,010,689 | -H-- | C] () -- C:\Windows\System32\55d5zparse20159.exe
[2009.10.21 17:38:07 | 000,010,619 | -H-- | C] () -- C:\Windows\System32\7dz7thi5f31959.dll
[2009.10.21 17:38:07 | 000,010,488 | -H-- | C] () -- C:\Windows\System32\15050spy90z.bin
[2009.10.21 17:38:07 | 000,009,603 | -H-- | C] () -- C:\Windows\System32\65ecsparz92435.dll
[2009.10.21 17:38:07 | 000,008,125 | -H-- | C] () -- C:\Windows\5z896viru974a.dll
[2009.10.21 17:38:07 | 000,006,947 | -H-- | C] () -- C:\Windows\System32\9dd2stea53z26.dll
[2009.10.21 17:38:07 | 000,006,831 | -H-- | C] () -- C:\Windows\953z5hief247.dll
[2009.10.21 17:38:07 | 000,004,708 | -H-- | C] () -- C:\Windows\System32\2039ztroj1b5.bin
[2009.10.21 17:38:07 | 000,004,239 | -H-- | C] () -- C:\Windows\152ftzre9t5662.bin
[2009.10.21 17:38:07 | 000,004,140 | -H-- | C] () -- C:\Windows\2db9z9ckdoor11855.dll
[2009.10.21 17:38:07 | 000,003,147 | -H-- | C] () -- C:\Windows\System32\24999spambot415z.dll
[2009.10.21 17:38:06 | 000,018,425 | -H-- | C] () -- C:\Windows\z3916worm9e25.exe
[2009.10.21 17:38:06 | 000,018,027 | -H-- | C] () -- C:\Windows\System32\z752not-a-viru5339.bin
[2009.10.21 17:38:06 | 000,017,861 | -H-- | C] () -- C:\Windows\System32\285779roj64z5.dll
[2009.10.21 17:38:06 | 000,016,681 | -H-- | C] () -- C:\Windows\34c0d5znloade9582.dll
[2009.10.21 17:38:06 | 000,016,368 | -H-- | C] () -- C:\Windows\1999vzr1655.dll
[2009.10.21 17:38:06 | 000,015,081 | -H-- | C] () -- C:\Windows\System32\33z1not-a-viru5719.bin
[2009.10.21 17:38:06 | 000,014,219 | -H-- | C] () -- C:\Windows\System32\z58bt9ief319.bin
[2009.10.21 17:38:06 | 000,013,385 | -H-- | C] () -- C:\Windows\System32\4222vir95zc.dll
[2009.10.21 17:38:06 | 000,011,338 | -H-- | C] () -- C:\Windows\System32\4b65vzr2995.dll
[2009.10.21 17:38:06 | 000,010,556 | -H-- | C] () -- C:\Windows\6b425ddzare21249.bin
[2009.10.21 17:38:06 | 000,007,604 | -H-- | C] () -- C:\Windows\System32\22835zpambot109.bin
[2009.10.21 17:38:06 | 000,005,472 | -H-- | C] () -- C:\Windows\27549sp9mbot5dz.dll
[2009.10.21 17:38:06 | 000,002,852 | -H-- | C] () -- C:\Windows\System32\4945spyz3.exe
[2009.10.21 17:38:05 | 000,016,817 | -H-- | C] () -- C:\Windows\753zsteal9020.exe
[2009.10.21 17:38:05 | 000,002,564 | -H-- | C] () -- C:\Windows\1094spamzot22b5.bin
[2009.10.21 17:38:04 | 000,018,303 | -H-- | C] () -- C:\Windows\System32\755cst9zl3125.dll
[2009.10.21 17:38:04 | 000,003,027 | -H-- | C] () -- C:\Windows\69z7w59m59a.exe
[2009.10.18 15:53:37 | 000,014,773 | -H-- | C] () -- C:\Windows\System32\d35bac5door95z7.dll
[2009.10.18 13:12:11 | 000,009,052 | -H-- | C] () -- C:\Windows\262045ackto9lza6.bin
[2009.10.18 11:43:08 | 000,003,990 | -H-- | C] () -- C:\Windows\2996tzie5131.exe
[2009.10.17 09:01:55 | 000,015,460 | -H-- | C] () -- C:\Windows\54c9szeal1781.bin
[2009.10.16 18:48:33 | 000,007,375 | -H-- | C] () -- C:\Windows\55f2zpywa5e9137.bin
[2009.10.15 08:41:55 | 000,002,547 | -H-- | C] () -- C:\Windows\35d99pywarez053.exe
[2009.10.13 13:18:33 | 000,012,325 | -H-- | C] () -- C:\Windows\15896virz9358.dll
[2009.10.12 13:59:29 | 000,012,413 | -H-- | C] () -- C:\Windows\System32\2z772no9-a-virus455.exe
[2009.10.06 13:24:16 | 000,013,617 | -H-- | C] () -- C:\Windows\System32\3588not-a-5irusz9.dll
[2009.10.04 01:07:12 | 000,007,000 | -H-- | C] () -- C:\Windows\System32\z04435py4ac9.dll
[2009.10.02 05:27:48 | 000,014,172 | -H-- | C] () -- C:\Windows\System32\16769trzj2b35.exe
[2009.09.25 03:42:52 | 000,016,495 | -H-- | C] () -- C:\Windows\95733t5zj2ff.dll
[2009.09.24 19:32:45 | 000,012,627 | -H-- | C] () -- C:\Windows\System32\215z65ro93a3.dll
[2009.09.22 07:46:53 | 000,005,344 | -H-- | C] () -- C:\Windows\System32\97885zro55f6.dll
[2009.09.17 09:43:28 | 000,011,441 | -H-- | C] () -- C:\Windows\35736sp9389z.bin
[2009.09.14 21:50:18 | 000,003,102 | -H-- | C] () -- C:\Windows\System32\96909acktozl75f.exe
[2009.09.09 10:05:52 | 000,011,769 | -H-- | C] () -- C:\Windows\System32\311z1hacktoo95.exe
[2009.09.09 04:09:36 | 000,015,792 | -H-- | C] () -- C:\Windows\15480wormz95.bin
[2009.09.09 02:17:14 | 000,007,104 | -H-- | C] () -- C:\Windows\System32\6z7at9reat54483.bin
[2009.09.08 21:07:10 | 000,008,887 | -H-- | C] () -- C:\Windows\System32\96522zot-a-virus592.bin
[2009.09.04 19:55:35 | 000,017,064 | -H-- | C] () -- C:\Windows\System32\13602v9rus25z.dll
[2009.09.03 22:57:29 | 000,003,491 | -H-- | C] () -- C:\Windows\System32\7f71azdw59e1328.dll
[2009.08.26 06:43:27 | 000,010,496 | -H-- | C] () -- C:\Windows\System32\1139zac5door6689.dll
[2009.08.21 03:27:03 | 000,010,600 | -H-- | C] () -- C:\Windows\System32\1794spaz9e19875.dll
[2009.08.16 22:25:18 | 000,002,597 | -H-- | C] () -- C:\Windows\System32\7e25zownloader938.exe
[2009.08.16 02:36:21 | 000,007,376 | -H-- | C] () -- C:\Windows\System32\5999notza-virus9e8.bin
[2009.08.15 08:44:46 | 000,005,584 | -H-- | C] () -- C:\Windows\System32\55325r9j31dz.bin
[2009.08.15 02:13:16 | 000,004,023 | -H-- | C] () -- C:\Windows\169dthrza915957.dll
[2009.08.14 01:52:39 | 000,016,545 | -H-- | C] () -- C:\Windows\System32\1z756worm9c5.dll
[2009.08.13 10:12:36 | 000,012,590 | -H-- | C] () -- C:\Windows\56z2vi52948.dll
[2009.08.13 07:54:04 | 000,016,636 | -H-- | C] () -- C:\Windows\3zc4spar5e25899.dll
[2009.08.07 12:40:17 | 000,003,071 | -H-- | C] () -- C:\Windows\System32\2124495cktozl676.exe
[2009.08.05 13:02:33 | 000,017,411 | -H-- | C] () -- C:\Windows\System32\z2f1backdoor9555.bin
[2009.08.02 11:19:28 | 000,007,993 | -H-- | C] () -- C:\Windows\System32\6793vi5us82z.bin
[2009.07.29 00:20:56 | 000,006,486 | -H-- | C] () -- C:\Windows\15594spz6c9.dll
[2009.07.27 03:54:09 | 000,011,772 | -H-- | C] () -- C:\Windows\7ba259dwzre2798.dll
[2009.07.26 16:03:16 | 000,017,796 | -H-- | C] () -- C:\Windows\System32\26z35py4639.exe
[2009.07.26 03:51:04 | 000,011,286 | -H-- | C] () -- C:\Windows\System32\530dt5reaz16499.dll
[2009.07.20 07:58:57 | 000,007,544 | -H-- | C] () -- C:\Windows\System32\10zb5ir31189.exe
[2009.07.18 07:58:39 | 000,008,161 | -H-- | C] () -- C:\Windows\System32\z8169ha5ktool284.exe
[2009.07.17 21:31:29 | 000,009,295 | -H-- | C] () -- C:\Windows\3z9ddownloader22245.bin
[2009.07.17 20:06:54 | 000,018,335 | -H-- | C] () -- C:\Windows\9z5fvir1650.bin
[2009.07.16 13:19:13 | 000,004,404 | -H-- | C] () -- C:\Windows\System32\21205wor95z5.bin
[2009.07.14 04:32:47 | 000,016,940 | -H-- | C] () -- C:\Windows\System32\691tzreat25908.bin
[2009.07.14 01:02:11 | 000,013,050 | -H-- | C] () -- C:\Windows\454ddow5loader1972z.exe
[2009.07.11 19:15:16 | 000,017,730 | -H-- | C] () -- C:\Windows\5574zown9oader2398.exe
[2009.07.11 14:39:43 | 000,011,171 | -H-- | C] () -- C:\Windows\System32\7958addzare76.bin
[2009.07.10 16:26:42 | 000,016,269 | -H-- | C] () -- C:\Windows\273945ro9ddz.exe
[2009.07.06 19:22:22 | 000,009,272 | -H-- | C] () -- C:\Windows\3597steal1499z.bin
[2009.07.04 06:42:01 | 000,017,011 | -H-- | C] () -- C:\Windows\System32\2az9backdoor265.exe
[2009.07.02 22:29:39 | 000,016,991 | -H-- | C] () -- C:\Windows\System32\20690spambot5d2z.exe
[2009.06.27 10:11:38 | 000,004,289 | -H-- | C] () -- C:\Windows\5d44th5zf30639.dll
[2009.06.26 06:39:08 | 000,002,959 | -H-- | C] () -- C:\Windows\System32\11780no5-a-vi9us4c3z.exe
[2009.06.26 05:42:21 | 000,003,395 | -H-- | C] () -- C:\Windows\System32\26z9downl95der1653.exe
[2009.06.22 16:20:22 | 000,011,828 | -H-- | C] () -- C:\Windows\105bsparze2497.exe
[2009.06.22 11:12:30 | 000,014,834 | -H-- | C] () -- C:\Windows\3af0zhr9a516824.dll
[2009.06.22 04:22:26 | 000,015,434 | -H-- | C] () -- C:\Windows\System32\ez0spy5are1978.dll
[2009.06.22 00:28:46 | 000,003,188 | -H-- | C] () -- C:\Windows\System32\7249tzie52593.exe
[2009.06.18 02:24:28 | 000,018,167 | -H-- | C] () -- C:\Windows\System32\72c6down9o5derz316.dll
[2009.06.15 05:55:46 | 000,013,712 | -H-- | C] () -- C:\Windows\System32\39e69zreat57595.dll
[2009.06.14 03:53:51 | 000,008,446 | -H-- | C] () -- C:\Windows\64909pa5zot9b.bin
[2009.06.13 22:22:46 | 000,008,019 | -H-- | C] () -- C:\Windows\System32\594zhacktool293.bin
[2009.06.07 02:42:17 | 000,005,972 | -H-- | C] () -- C:\Windows\2059zvi9us1cf5.exe
[2009.06.06 10:18:29 | 000,005,829 | -H-- | C] () -- C:\Windows\255z2t9o5412.exe
[2009.06.02 10:43:58 | 000,006,947 | -H-- | C] () -- C:\Windows\System32\5da3s9yware239z.dll
[2009.05.28 22:32:08 | 000,017,186 | -H-- | C] () -- C:\Windows\System32\1e92stezl952.dll
[2009.05.27 20:52:57 | 000,009,853 | -H-- | C] () -- C:\Windows\System32\429hacktoolz5f9.bin
[2009.05.25 19:03:39 | 000,005,238 | -H-- | C] () -- C:\Windows\16c9stz5l455.bin
[2009.05.25 12:41:22 | 000,007,624 | -H-- | C] () -- C:\Windows\23073hack5ozl940.exe
[2009.05.25 01:44:21 | 000,007,471 | -H-- | C] () -- C:\Windows\System32\35499ddwaze2913.exe
[2009.05.20 06:36:54 | 000,008,516 | -H-- | C] () -- C:\Windows\3c795ir2z0.dll
[2009.05.17 15:09:52 | 000,015,108 | -H-- | C] () -- C:\Windows\System32\14791viz5s189.dll
[2009.05.16 22:03:33 | 000,010,928 | -H-- | C] () -- C:\Windows\850th5ezt13987.dll
[2009.05.16 05:29:19 | 000,015,768 | -H-- | C] () -- C:\Windows\System32\4593zhie93514.bin
[2009.05.15 20:11:34 | 000,008,821 | -H-- | C] () -- C:\Windows\21z51tro593f.dll
[2009.05.14 14:46:46 | 000,012,191 | -H-- | C] () -- C:\Windows\System32\597bzteal764.exe
[2009.05.04 23:38:42 | 000,017,457 | -H-- | C] () -- C:\Windows\System32\313z7hack5oo9314.exe
[2009.05.03 14:27:40 | 000,018,129 | -H-- | C] () -- C:\Windows\10559tzoj664.bin
[2009.05.03 01:48:24 | 000,011,651 | -H-- | C] () -- C:\Windows\System32\54a6add5aze18439.exe
[2009.04.28 12:36:15 | 000,016,344 | -H-- | C] () -- C:\Windows\129zthief59.exe
[2009.04.26 04:35:20 | 000,010,784 | -H-- | C] () -- C:\Windows\System32\2d275ac9door2z37.dll
[2009.04.23 12:59:23 | 000,010,941 | -H-- | C] () -- C:\Windows\32358t9oj23ez.bin
[2009.04.20 01:36:26 | 000,002,742 | -H-- | C] () -- C:\Windows\System32\48e9spzrse2555.exe
[2009.12.28 17:41:16 | 000,014,320 | -H-- | C] () -- C:\Windows\3f2fs5eal9498z.dll
[2009.12.27 22:36:04 | 000,009,381 | -H-- | C] () -- C:\Windows\5z077virus6de9.bin
[2009.12.25 05:10:07 | 000,003,442 | -H-- | C] () -- C:\Windows\System32\e04t5reat252z49.exe
[2009.12.16 23:40:24 | 000,006,650 | -H-- | C] () -- C:\Windows\z3558spy9d9.dll
[2009.12.16 13:36:59 | 000,003,508 | -H-- | C] () -- C:\Windows\525spazb9t328.bin
[2011.04.26 14:40:32 | 000,000,144 | -H-- | C] () -- C:\ProgramData\~24239904r
[2011.04.26 14:40:31 | 000,000,128 | -H-- | C] () -- C:\ProgramData\~24239904
[2011.04.26 14:40:18 | 000,000,344 | -H-- | C] () -- C:\ProgramData\24239904
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | -H-- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\setup.exe
:Commands
[purity]
[resethosts]
[emptytemp]
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Kahe 29.04.2011 12:48
Hallo Cosinus,

habe Folgendes gemacht.

Habe OTL geöffnet, dann deinen Text reinkopiert und auf Fix gedrückt.Dann wurde der Computer neu gestartet und folgendes Dokument wurde mir nach dem Neustart angezeigt:


All processes killed
========== OTL ==========
C:\Windows\System32\756zpar9e265.dll moved successfully.
C:\Windows\System32\4a50t9ief1152z.bin moved successfully.
C:\Windows\76z9hacktoo5109.dll moved successfully.
C:\Windows\4z5cvir9414.exe moved successfully.
C:\Windows\1526zhackt9ol207.dll moved successfully.
C:\Windows\System32\54635worm9az.bin moved successfully.
C:\Windows\System32\22b5sp5rz9136.exe moved successfully.
C:\Windows\5dz09ir695.bin moved successfully.
C:\Windows\System32\4628s9ywaze1755.dll moved successfully.
C:\Windows\System32\5136virzs4a89.bin moved successfully.
C:\Windows\System32\20e7ztea93513.dll moved successfully.
C:\Windows\System32\z1712spamb9t2f65.bin moved successfully.
C:\Windows\104745pambzt6e9.dll moved successfully.
C:\Windows\System32\52eetzief90875.bin moved successfully.
C:\Windows\e56sp5warez97.exe moved successfully.
C:\Windows\3zc1thie513899.exe moved successfully.
C:\Windows\9285zspy424.dll moved successfully.
C:\Windows\d79tzi5f1362.dll moved successfully.
C:\Windows\System32\155b9hiefz80.exe moved successfully.
C:\Windows\65zeaddware1977.bin moved successfully.
C:\Windows\136azh9eat97445.dll moved successfully.
C:\Windows\51z4ad5ware1798.dll moved successfully.
C:\Windows\System32\5z370worm6e9.exe moved successfully.
C:\Windows\17115hackzool2a9.exe moved successfully.
C:\Windows\System32\zaa6v5r9616.exe moved successfully.
C:\Windows\System32\3f7d5wnload9r1z04.exe moved successfully.
C:\Windows\6a9stzal1560.exe moved successfully.
C:\Windows\5f08addware593z.bin moved successfully.
C:\Windows\c8zbackdoo5299.exe moved successfully.
C:\Windows\System32\150z7not-9-virus197.exe moved successfully.
C:\Windows\System32\5zcea9dwar558.exe moved successfully.
C:\Windows\51c2v9r152z.exe moved successfully.
C:\Windows\960zvir1705.bin moved successfully.
C:\Windows\System32\2688s9azbot5f5.exe moved successfully.
C:\Windows\System32\71z19parse526.exe moved successfully.
C:\Windows\3a2zspar9e2651.exe moved successfully.
C:\Windows\13522s9zmbot4c0.bin moved successfully.
C:\Windows\System32\57109ackto5l7d9z.exe moved successfully.
C:\Windows\System32\9892wzrm3a5.bin moved successfully.
C:\Windows\5906thizf29305.bin moved successfully.
C:\Windows\System32\f9cszywa5e1899.bin moved successfully.
C:\Windows\System32\5a249hief447z.bin moved successfully.
C:\Windows\System32\241b5t9al3z1.bin moved successfully.
C:\Windows\System32\57z7hack9ool2b4.bin moved successfully.
C:\Windows\System32\20a9stea52z59.bin moved successfully.
C:\Windows\27299not-a-viru5z4a.bin moved successfully.
C:\Windows\179edownlz5der2182.dll moved successfully.
C:\Windows\32bzvir9095.dll moved successfully.
C:\Windows\System32\2dd4st9zl25135.bin moved successfully.
C:\Windows\5059th5eat28877z.exe moved successfully.
C:\Windows\z0789spambot115.bin moved successfully.
C:\Windows\15855noz9a-virus7ec.dll moved successfully.
C:\Windows\System32\5625zroj3709.exe moved successfully.
C:\Windows\System32\5945dowzloader411.bin moved successfully.
C:\Windows\System32\z75dsparse9623.exe moved successfully.
C:\Windows\System32\1455bac9doorz608.dll moved successfully.
C:\Windows\System32\2c58adzwar92357.bin moved successfully.
C:\Windows\59c6baczdoor5211.exe moved successfully.
C:\Windows\11958tzo958b.exe moved successfully.
C:\Windows\System32\7507b9ckdoor2799z.dll moved successfully.
C:\Windows\793as9ezl5976.dll moved successfully.
C:\Windows\9542zro9745.bin moved successfully.
C:\Windows\System32\22759spy3z0.exe moved successfully.
C:\Windows\System32\395bzpy5are1291.dll moved successfully.
C:\Windows\5524thre9t23z80.dll moved successfully.
C:\Windows\596evir27z7.exe moved successfully.
C:\Windows\System32\335zhr95t10309.bin moved successfully.
C:\Windows\System32\95359spz405.exe moved successfully.
C:\Windows\19995woz5667.bin moved successfully.
C:\Windows\System32\19azaddw5re2546.bin moved successfully.
C:\Windows\System32\1z897not-a-9irus31e5.exe moved successfully.
C:\Windows\926t9reat155z5.exe moved successfully.
C:\Windows\7e159iz2646.dll moved successfully.
C:\Windows\System32\55z0sp9rse223.dll moved successfully.
C:\Windows\System32\z1544spambo5729.bin moved successfully.
C:\Windows\System32\12429tzo5109.bin moved successfully.
C:\Windows\System32\9539spy9z8.dll moved successfully.
C:\Windows\135935irus2cz.dll moved successfully.
C:\Windows\System32\11837tro598cz.bin moved successfully.
C:\Windows\16056hac9tool135z.exe moved successfully.
C:\Windows\234az9yware11585.exe moved successfully.
C:\Windows\13141zacktool35b9.dll moved successfully.
C:\Windows\ae6z95ware3110.exe moved successfully.
C:\Windows\97913spzmbo5644.exe moved successfully.
C:\Windows\1337zor51e59.exe moved successfully.
C:\Windows\System32\3z465viru96c5.dll moved successfully.
C:\Windows\System32\33addware295z.bin moved successfully.
C:\Windows\9z389spa5bot628.bin moved successfully.
C:\Windows\System32\15465zacktool579.dll moved successfully.
C:\Windows\116z4t9oj54b.exe moved successfully.
C:\Windows\System32\45d5s9arse2858z.dll moved successfully.
C:\Windows\System32\705zth9ef1357.dll moved successfully.
C:\Windows\8235notza-5ir9s348.dll moved successfully.
C:\Windows\124z7viru5809.dll moved successfully.
C:\Windows\System32\167z5worm59d9.exe moved successfully.
C:\Windows\System32\4ddath9e5t9z36.exe moved successfully.
C:\Windows\System32\55b7tz9ef5043.exe moved successfully.
C:\Windows\12f6steal5479z.dll moved successfully.
C:\Windows\System32\14z6stea5951.bin moved successfully.
C:\Windows\7aa8zh5ef2929.bin moved successfully.
C:\Windows\System32\z5585w9rm6f2.exe moved successfully.
C:\Windows\18zcsp9rse1715.dll moved successfully.
C:\Windows\6zaca5dware989.bin moved successfully.
C:\Windows\9z5vir2947.bin moved successfully.
C:\Windows\399dadzw5re2005.exe moved successfully.
C:\Windows\1z991worm325.dll moved successfully.
C:\Windows\38f495rzat13808.exe moved successfully.
C:\Windows\3200thre9t15z56.dll moved successfully.
C:\Windows\65z8hacktoo599.exe moved successfully.
C:\Windows\System32\20942h5cktooz209.dll moved successfully.
C:\Windows\System32\26098sp5mbot710z.exe moved successfully.
C:\Windows\z52v9r5867.dll moved successfully.
C:\Windows\System32\311thr9at25168z.bin moved successfully.
C:\Windows\45z7s9ambot5e2.dll moved successfully.
C:\Windows\905aspyzare2269.bin moved successfully.
C:\Windows\39035spy30z.dll moved successfully.
C:\Windows\95cathief2514z.exe moved successfully.
C:\Windows\37465ackt9zlca.exe moved successfully.
C:\Windows\System32\7421noz-a-virus2059.bin moved successfully.
C:\Windows\21z33vir9s44d5.dll moved successfully.
C:\Windows\System32\5a99szyware26549.exe moved successfully.
C:\Windows\System32\57e8sz9ware928.exe moved successfully.
C:\Windows\138959py550z.exe moved successfully.
C:\Windows\System32\11a7bazk5oor25659.exe moved successfully.
C:\Windows\19565spambot738z.dll moved successfully.
C:\Windows\5256th9ef1z54.dll moved successfully.
C:\Windows\System32\6c29addw9re2456z.exe moved successfully.
C:\Windows\System32\3a98downl5a9erz585.bin moved successfully.
C:\Windows\System32\92757trzj561.dll moved successfully.
C:\Windows\System32\76e09hr5zt20047.exe moved successfully.
C:\Windows\192fa5zware552.dll moved successfully.
C:\Windows\z9360spambot65d.bin moved successfully.
C:\Windows\System32\358s9y2z1.dll moved successfully.
C:\Windows\55779irus23z.dll moved successfully.
C:\Windows\System32\30925wzr952f.dll moved successfully.
C:\Windows\124169ackto5l573z.exe moved successfully.
C:\Windows\System32\16491ziru9656.bin moved successfully.
C:\Windows\System32\21957szambot188.bin moved successfully.
C:\Windows\System32\5addsp5war9z42.bin moved successfully.
C:\Windows\96197not5azvirus2bc.exe moved successfully.
C:\Windows\System32\4233sp5wzre1918.dll moved successfully.
C:\Windows\System32\26079not-a-vi59z28a.bin moved successfully.
C:\Windows\19595spamzot5569.dll moved successfully.
C:\Windows\System32\15570notz5-vi9us225.exe moved successfully.
C:\Windows\29452nzt-a-9irus43f.dll moved successfully.
C:\Windows\System32\104z2spa9b5t705.bin moved successfully.
C:\Windows\3c55stea9215z.exe moved successfully.
C:\Windows\zcd6spy5are1984.exe moved successfully.
C:\Windows\System32\18bzspyware15359.exe moved successfully.
C:\Windows\13335tzoj26b9.dll moved successfully.
C:\Windows\258b5iz2598.bin moved successfully.
C:\Windows\97853zacktool3d9.dll moved successfully.
C:\Windows\19z58hacktool45b5.dll moved successfully.
C:\Windows\System32\z9876not-a-59rusd7.bin moved successfully.
C:\Windows\9abfspyzare1052.dll moved successfully.
C:\Windows\90447zacktool455.bin moved successfully.
C:\Windows\19cz9ir3540.bin moved successfully.
C:\Windows\System32\11554szy749.dll moved successfully.
C:\Windows\325495ot9a-virus60z.exe moved successfully.
C:\Windows\System32\5f11down9ozder2165.exe moved successfully.
C:\Windows\26393not-a-virus73z5.bin moved successfully.
C:\Windows\5a4avi520z99.bin moved successfully.
C:\Windows\System32\6385hr9at4653z.dll moved successfully.
C:\Windows\92295dware7z9.bin moved successfully.
C:\Windows\System32\25389worm7z7.bin moved successfully.
C:\Windows\System32\2931z5r9s353.exe moved successfully.
C:\Windows\System32\960evz51760.bin moved successfully.
C:\Windows\System32\5291vir2z93.bin moved successfully.
C:\Windows\System32\1c85vi9z57.exe moved successfully.
C:\Windows\System32\91c8stea5115z.exe moved successfully.
C:\Windows\a5fzpywa9e2498.exe moved successfully.
C:\Windows\System32\zf1fdownload951154.bin moved successfully.
C:\Windows\System32\102729rzj5a5.dll moved successfully.
C:\Windows\56994trzj790.dll moved successfully.
C:\Windows\System32\72dzv953127.dll moved successfully.
C:\Windows\System32\z4947troj7805.dll moved successfully.
C:\Windows\14dspzrse16985.exe moved successfully.
C:\Windows\25413s9zmbot217.bin moved successfully.
C:\Windows\System32\95303szy4b5.bin moved successfully.
C:\Windows\System32\zad7ad9war52635.exe moved successfully.
C:\Windows\1557downl9zder2301.bin moved successfully.
C:\Windows\System32\22dbackd95r1z78.bin moved successfully.
C:\Windows\System32\26625ownzoader289.exe moved successfully.
C:\Windows\System32\79f5vzr20259.dll moved successfully.
C:\Windows\2z799sp9mb5t515.dll moved successfully.
C:\Windows\99098s5y476z.dll moved successfully.
C:\Windows\System32\5579viz346.dll moved successfully.
C:\Windows\1995trojz89.exe moved successfully.
C:\Windows\System32\z192stea59329.exe moved successfully.
C:\Windows\6fbed9wnl5ader141z.exe moved successfully.
C:\Windows\4z65s9arse5121.bin moved successfully.
C:\Windows\System32\12999sp5f5z.bin moved successfully.
C:\Windows\System32\585zs9y45d.exe moved successfully.
C:\Windows\System32\35229acktozl417.dll moved successfully.
C:\Windows\1854t5ojz99.bin moved successfully.
C:\Windows\System32\5959thzef2219.bin moved successfully.
C:\Windows\7135addwa5ez790.dll moved successfully.
C:\Windows\3252thi9f5z52.exe moved successfully.
C:\Windows\System32\756sz9rse1576.dll moved successfully.
C:\Windows\19c0vi51071z.dll moved successfully.
C:\Windows\System32\5095zir455.bin moved successfully.
C:\Windows\5z55spambot549.bin moved successfully.
C:\Windows\System32\93656vzrus505.exe moved successfully.
C:\Windows\System32\75threat14319z.dll moved successfully.
C:\Windows\System32\294249ac5zool780.dll moved successfully.
C:\Windows\490zbackd5or289.exe moved successfully.
C:\Windows\System32\9554trojzee.exe moved successfully.
C:\Windows\System32\78585roz349.exe moved successfully.
C:\Windows\11b3zownloa9er2567.dll moved successfully.
C:\Windows\System32\24355hzcktool2009.dll moved successfully.
C:\Windows\System32\7686za5ktoo94c7.exe moved successfully.
C:\Windows\System32\28523hacktozl4915.exe moved successfully.
C:\Windows\26365zackto5l9b6.bin moved successfully.
C:\Windows\System32\5e99addwa5z2230.exe moved successfully.
C:\Windows\System32\1z456virus59b.dll moved successfully.
C:\Windows\System32\9zbaddware584.dll moved successfully.
C:\Windows\7z90v5ru9443.bin moved successfully.
C:\Windows\System32\21386hac5too950dz.exe moved successfully.
C:\Windows\System32\15769no95azvirus699.exe moved successfully.
C:\Windows\24651not-a-vir9s49ez.exe moved successfully.
C:\Windows\2z9ethief259.dll moved successfully.
C:\Windows\cfzt5ief9943.bin moved successfully.
C:\Windows\System32\158595roj497z.exe moved successfully.
C:\Windows\19597hazkt5ol5ad9.bin moved successfully.
C:\Windows\12c959iez934.bin moved successfully.
C:\Windows\System32\369dowzloa5er2791.exe moved successfully.
C:\Windows\System32\5a9cdzwnload5r395.exe moved successfully.
C:\Windows\1cz5sp5ware279.dll moved successfully.
C:\Windows\System32\7799zpa5se1807.dll moved successfully.
C:\Windows\System32\32702z9y565.dll moved successfully.
C:\Windows\23599worm56z.dll moved successfully.
C:\Windows\System32\9951wormz93.dll moved successfully.
C:\Windows\50809orz22f.dll moved successfully.
C:\Windows\CDE DX4400DEFGIPS.ini moved successfully.
C:\Windows\46e2addz9r5226.bin moved successfully.
C:\Windows\53489pambotzb2.bin moved successfully.
C:\Windows\System32\6656hacktool9z6.exe moved successfully.
C:\Windows\437dzpar5e9866.dll moved successfully.
C:\Windows\5b58zir92515.bin moved successfully.
C:\Windows\zadasparse5039.dll moved successfully.
C:\Windows\System32\1595ack9ooz1102.exe moved successfully.
C:\Windows\91937wormz56.exe moved successfully.
C:\Windows\System32\112319p5z9.bin moved successfully.
C:\Windows\System32\1953zs9amb5t582.dll moved successfully.
C:\Windows\1591zspyc5.bin moved successfully.
C:\Windows\9e6f5ddware321z.dll moved successfully.
C:\Windows\System32\1c79zhie5632.bin moved successfully.
C:\Windows\System32\459bvir4z9.dll moved successfully.
C:\Windows\System32\z99dthief593.exe moved successfully.
C:\Windows\System32\7659s5ywzr9200.dll moved successfully.
C:\Windows\450stezl2639.dll moved successfully.
C:\Windows\System32\4495szyware9839.bin moved successfully.
C:\Windows\3ff2sz95are2166.bin moved successfully.
C:\Windows\369bspyware296z5.dll moved successfully.
C:\Windows\112z29py256.bin moved successfully.
C:\Windows\System32\203z99ot-a-5irus131.dll moved successfully.
C:\Windows\System32\23164spambz91905.bin moved successfully.
C:\Windows\System32\460zspa5se18089.dll moved successfully.
C:\Windows\System32\de6th9eaz15383.dll moved successfully.
C:\Windows\2dazaddware1509.dll moved successfully.
C:\Windows\41035pz9e5.exe moved successfully.
C:\Windows\19809vir5s55z.bin moved successfully.
C:\Windows\System32\9z459hackto5l52.dll moved successfully.
C:\Windows\911do9zloader2950.dll moved successfully.
C:\Windows\97593not-a-virus594z.bin moved successfully.
C:\Windows\System32\585zad9ware2795.bin moved successfully.
C:\Windows\29eespa95ez844.dll moved successfully.
C:\Windows\System32\1z565not-a9virus157.exe moved successfully.
C:\Windows\System32\5ca9backdoor23z7.exe moved successfully.
C:\Windows\11z56tr9j793.dll moved successfully.
C:\Windows\21121nzt-a-5irus33b9.exe moved successfully.
C:\Windows\System32\4718sp54fz9.exe moved successfully.
C:\Windows\System32\5192s9arze520.bin moved successfully.
C:\Windows\9df6st5zl144.dll moved successfully.
C:\Windows\90c7tzief1375.dll moved successfully.
C:\Windows\System32\3256s9azse3559.bin moved successfully.
C:\Windows\System32\288zvir9915.bin moved successfully.
C:\Windows\54zfbackdoo52917.exe moved successfully.
C:\Windows\System32\715ath9eat189z.bin moved successfully.
C:\Windows\System32\59984wormz89.dll moved successfully.
C:\Windows\1489359t-a-vzrus184.bin moved successfully.
C:\Windows\System32\5158no9-z-virus46f.exe moved successfully.
C:\Windows\5af8sparsz9591.bin moved successfully.
C:\Windows\14558sp9mbot5z4.bin moved successfully.
C:\Windows\System32\1z66ha9kt5ol6db.exe moved successfully.
C:\Windows\9c69zteal1225.dll moved successfully.
C:\Windows\System32\zeaadd5are2598.bin moved successfully.
C:\Windows\System32\394edownlza5er1496.dll moved successfully.
C:\Windows\System32\36ddt9izf5135.bin moved successfully.
C:\Windows\System32\69aspyw9rz15855.exe moved successfully.
C:\Windows\System32\7z1cvi5946.bin moved successfully.
C:\Windows\39afviz15365.dll moved successfully.
C:\Windows\System32\3ffest9a526z.bin moved successfully.
C:\Windows\96z73troj1f5.bin moved successfully.
C:\Windows\18675hack5zol980.exe moved successfully.
C:\Windows\b29backdoor95z.exe moved successfully.
C:\Windows\56d9spywarz597.bin moved successfully.
C:\Windows\System32\5699virus55z.exe moved successfully.
C:\Windows\System32\2225ba9kdoor50z8.dll moved successfully.
C:\Windows\f58downlz5de959.exe moved successfully.
C:\Windows\28958vzru9535.exe moved successfully.
C:\Windows\3f07zhreat551299.dll moved successfully.
C:\Windows\5f1bb5ckzoo92837.dll moved successfully.
C:\Windows\System32\25afspyw5rz21639.exe moved successfully.
C:\Windows\System32\5z319py397.bin moved successfully.
C:\Windows\System32\1d95thre9t169z0.bin moved successfully.
C:\Windows\3f3spy9az51025.bin moved successfully.
C:\Windows\System32\5697spazbot4a5.exe moved successfully.
C:\Windows\System32\6a53addwarez1159.bin moved successfully.
C:\Windows\17599wormfz.exe moved successfully.
C:\Windows\System32\369ad5wnzoader779.exe moved successfully.
C:\Windows\System32\29959virzs76e.bin moved successfully.
C:\Windows\System32\236aaddw5ze2939.dll moved successfully.
C:\Windows\19589spy5zf.dll moved successfully.
C:\Windows\15915not-a-viruszd2.dll moved successfully.
C:\Windows\5z6fsteal5979.exe moved successfully.
C:\Windows\System32\z695py4b7.exe moved successfully.
C:\Windows\System32\18705h9cktozl678.bin moved successfully.
C:\Windows\System32\12z5spa5s9291.exe moved successfully.
C:\Windows\System32\z471back9oo5467.bin moved successfully.
C:\Windows\System32\55d5zparse20159.exe moved successfully.
C:\Windows\System32\7dz7thi5f31959.dll moved successfully.
C:\Windows\System32\15050spy90z.bin moved successfully.
C:\Windows\System32\65ecsparz92435.dll moved successfully.
C:\Windows\5z896viru974a.dll moved successfully.
C:\Windows\System32\9dd2stea53z26.dll moved successfully.
C:\Windows\953z5hief247.dll moved successfully.
C:\Windows\System32\2039ztroj1b5.bin moved successfully.
C:\Windows\152ftzre9t5662.bin moved successfully.
C:\Windows\2db9z9ckdoor11855.dll moved successfully.
C:\Windows\System32\24999spambot415z.dll moved successfully.
C:\Windows\z3916worm9e25.exe moved successfully.
C:\Windows\System32\z752not-a-viru5339.bin moved successfully.
C:\Windows\System32\285779roj64z5.dll moved successfully.
C:\Windows\34c0d5znloade9582.dll moved successfully.
C:\Windows\1999vzr1655.dll moved successfully.
C:\Windows\System32\33z1not-a-viru5719.bin moved successfully.
C:\Windows\System32\z58bt9ief319.bin moved successfully.
C:\Windows\System32\4222vir95zc.dll moved successfully.
C:\Windows\System32\4b65vzr2995.dll moved successfully.
C:\Windows\6b425ddzare21249.bin moved successfully.
C:\Windows\System32\22835zpambot109.bin moved successfully.
C:\Windows\27549sp9mbot5dz.dll moved successfully.
C:\Windows\System32\4945spyz3.exe moved successfully.
C:\Windows\753zsteal9020.exe moved successfully.
C:\Windows\1094spamzot22b5.bin moved successfully.
C:\Windows\System32\755cst9zl3125.dll moved successfully.
C:\Windows\69z7w59m59a.exe moved successfully.
C:\Windows\System32\d35bac5door95z7.dll moved successfully.
C:\Windows\262045ackto9lza6.bin moved successfully.
C:\Windows\2996tzie5131.exe moved successfully.
C:\Windows\54c9szeal1781.bin moved successfully.
C:\Windows\55f2zpywa5e9137.bin moved successfully.
C:\Windows\35d99pywarez053.exe moved successfully.
C:\Windows\15896virz9358.dll moved successfully.
C:\Windows\System32\2z772no9-a-virus455.exe moved successfully.
C:\Windows\System32\3588not-a-5irusz9.dll moved successfully.
C:\Windows\System32\z04435py4ac9.dll moved successfully.
C:\Windows\System32\16769trzj2b35.exe moved successfully.
C:\Windows\95733t5zj2ff.dll moved successfully.
C:\Windows\System32\215z65ro93a3.dll moved successfully.
C:\Windows\System32\97885zro55f6.dll moved successfully.
C:\Windows\35736sp9389z.bin moved successfully.
C:\Windows\System32\96909acktozl75f.exe moved successfully.
C:\Windows\System32\311z1hacktoo95.exe moved successfully.
C:\Windows\15480wormz95.bin moved successfully.
C:\Windows\System32\6z7at9reat54483.bin moved successfully.
C:\Windows\System32\96522zot-a-virus592.bin moved successfully.
C:\Windows\System32\13602v9rus25z.dll moved successfully.
C:\Windows\System32\7f71azdw59e1328.dll moved successfully.
C:\Windows\System32\1139zac5door6689.dll moved successfully.
C:\Windows\System32\1794spaz9e19875.dll moved successfully.
C:\Windows\System32\7e25zownloader938.exe moved successfully.
C:\Windows\System32\5999notza-virus9e8.bin moved successfully.
C:\Windows\System32\55325r9j31dz.bin moved successfully.
C:\Windows\169dthrza915957.dll moved successfully.
C:\Windows\System32\1z756worm9c5.dll moved successfully.
C:\Windows\56z2vi52948.dll moved successfully.
C:\Windows\3zc4spar5e25899.dll moved successfully.
C:\Windows\System32\2124495cktozl676.exe moved successfully.
C:\Windows\System32\z2f1backdoor9555.bin moved successfully.
C:\Windows\System32\6793vi5us82z.bin moved successfully.
C:\Windows\15594spz6c9.dll moved successfully.
C:\Windows\7ba259dwzre2798.dll moved successfully.
C:\Windows\System32\26z35py4639.exe moved successfully.
C:\Windows\System32\530dt5reaz16499.dll moved successfully.
C:\Windows\System32\10zb5ir31189.exe moved successfully.
C:\Windows\System32\z8169ha5ktool284.exe moved successfully.
C:\Windows\3z9ddownloader22245.bin moved successfully.
C:\Windows\9z5fvir1650.bin moved successfully.
C:\Windows\System32\21205wor95z5.bin moved successfully.
C:\Windows\System32\691tzreat25908.bin moved successfully.
C:\Windows\454ddow5loader1972z.exe moved successfully.
C:\Windows\5574zown9oader2398.exe moved successfully.
C:\Windows\System32\7958addzare76.bin moved successfully.
C:\Windows\273945ro9ddz.exe moved successfully.
C:\Windows\3597steal1499z.bin moved successfully.
C:\Windows\System32\2az9backdoor265.exe moved successfully.
C:\Windows\System32\20690spambot5d2z.exe moved successfully.
C:\Windows\5d44th5zf30639.dll moved successfully.
C:\Windows\System32\11780no5-a-vi9us4c3z.exe moved successfully.
C:\Windows\System32\26z9downl95der1653.exe moved successfully.
C:\Windows\105bsparze2497.exe moved successfully.
C:\Windows\3af0zhr9a516824.dll moved successfully.
C:\Windows\System32\ez0spy5are1978.dll moved successfully.
C:\Windows\System32\7249tzie52593.exe moved successfully.
C:\Windows\System32\72c6down9o5derz316.dll moved successfully.
C:\Windows\System32\39e69zreat57595.dll moved successfully.
C:\Windows\64909pa5zot9b.bin moved successfully.
C:\Windows\System32\594zhacktool293.bin moved successfully.
C:\Windows\2059zvi9us1cf5.exe moved successfully.
C:\Windows\255z2t9o5412.exe moved successfully.
C:\Windows\System32\5da3s9yware239z.dll moved successfully.
C:\Windows\System32\1e92stezl952.dll moved successfully.
C:\Windows\System32\429hacktoolz5f9.bin moved successfully.
C:\Windows\16c9stz5l455.bin moved successfully.
C:\Windows\23073hack5ozl940.exe moved successfully.
C:\Windows\System32\35499ddwaze2913.exe moved successfully.
C:\Windows\3c795ir2z0.dll moved successfully.
C:\Windows\System32\14791viz5s189.dll moved successfully.
C:\Windows\850th5ezt13987.dll moved successfully.
C:\Windows\System32\4593zhie93514.bin moved successfully.
C:\Windows\21z51tro593f.dll moved successfully.
C:\Windows\System32\597bzteal764.exe moved successfully.
C:\Windows\System32\313z7hack5oo9314.exe moved successfully.
C:\Windows\10559tzoj664.bin moved successfully.
C:\Windows\System32\54a6add5aze18439.exe moved successfully.
C:\Windows\129zthief59.exe moved successfully.
C:\Windows\System32\2d275ac9door2z37.dll moved successfully.
C:\Windows\32358t9oj23ez.bin moved successfully.
C:\Windows\System32\48e9spzrse2555.exe moved successfully.
C:\Windows\3f2fs5eal9498z.dll moved successfully.
C:\Windows\5z077virus6de9.bin moved successfully.
C:\Windows\System32\e04t5reat252z49.exe moved successfully.
C:\Windows\z3558spy9d9.dll moved successfully.
C:\Windows\525spazb9t328.bin moved successfully.
C:\ProgramData\~24239904r moved successfully.
C:\ProgramData\~24239904 moved successfully.
C:\ProgramData\24239904 moved successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
C:\autoexec.bat moved successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\ not found.
File E:\setup.exe not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Jan
->Temp folder emptied: 971354 bytes
->Temporary Internet Files folder emptied: 27581890 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 902 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 807648 bytes
RecycleBin emptied: 38794458 bytes

Total Files Cleaned = 65,00 mb


OTL by OldTimer - Version 3.2.22.3 log created on 04292011_133739

Files\Folders moved on Reboot...
File\Folder C:\Windows\temp\TMP000000451A7E951A95AC3B31 not found!

Registry entries deleted on Reboot...

cosinus 29.04.2011 19:41
Ich brauch den Quarantäneordner von OTL. Bitte folgendes machen:

1.) GANZ WICHTIG!! Virenscanner deaktivieren, der darf da nicht rummurksen!
2.) Ordner C:\_OTL in eine Datei zippen
3.) Die erstellte ZIP-Datei hier hochladen => http://www.trojaner-board.de/54791-a...ner-board.html
4.) Wenns erfolgreich war Bescheid sagen
5.) Erst dann wieder den Virenscanner einschalten

Kahe 30.04.2011 17:07
Hallo Cosinus,

ok werde ich tun aber erstmal eine Frage:Wie zippe ich eine Datei,bin wie gesagt totaler Laie.Danke dir.

Kahe 30.04.2011 17:51
Hallo Cosinus,alles klar habe mir 7Zip runtergeladen und den gesamten OTL Ordner gezippt dann hochgeladen.

cosinus 01.05.2011 14:04
Bitte nun dieses Tool von Kaspersky ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html

Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, bitte unhide ausführen:
Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop.
Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )
http://www.trojaner-board.de/images/icons/icon4.gif Vista und 7 User müssen das Tool per Rechtsklick als Administrator ausführen! http://www.trojaner-board.de/images/icons/icon4.gif

Kahe 01.05.2011 16:38
Hallo Cosinus,

habe tdsskiller.exe runtergeladen und den Scan durchlaufen lassen.
Die Logdatei ist im Anhang.Dann habe ich einen Quick Scan bei Malwarebytes laufen lassen.Auch der Log ist im Anhang.Meine Datein und Ordner konnte ich schon voher wieder sehen und auch darauf zugreifen.Allerdings sind manche zwar sichtbar aber etwas verblasst.

Gruss kahe






Tdsskiller Log Datei:


2011/05/01 17:22:19.0895 1964 TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:28
2011/05/01 17:22:20.0098 1964 ================================================================================
2011/05/01 17:22:20.0098 1964 SystemInfo:
2011/05/01 17:22:20.0098 1964
2011/05/01 17:22:20.0098 1964 OS Version: 6.0.6000 ServicePack: 0.0
2011/05/01 17:22:20.0098 1964 Product type: Workstation
2011/05/01 17:22:20.0098 1964 ComputerName: xxx
2011/05/01 17:22:20.0098 1964 UserName: xxx
2011/05/01 17:22:20.0098 1964 Windows directory: C:\Windows
2011/05/01 17:22:20.0098 1964 System windows directory: C:\Windows
2011/05/01 17:22:20.0098 1964 Processor architecture: Intel x86
2011/05/01 17:22:20.0098 1964 Number of processors: 1
2011/05/01 17:22:20.0098 1964 Page size: 0x1000
2011/05/01 17:22:20.0098 1964 Boot type: Normal boot
2011/05/01 17:22:20.0098 1964 ================================================================================
2011/05/01 17:22:21.0658 1964 Initialize success





Malwarebytes Log Datei:



Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 6467

Windows 6.0.6000
Internet Explorer 7.0.6000.17037

01.05.2011 17:30:15
mbam-log-2011-05-01 (17-30-15).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 139678
Laufzeit: 11 Minute(n), 5 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

cosinus 01.05.2011 18:43
Log vom tdsskiller ist zu kurz. hast du es richtig bedient? beide Haken musst du setzen

Kahe 02.05.2011 18:29
Hi,wie siehts damit aus?hab noch mal einen Scan laufen lassen.


2011/05/02 19:23:09.0461 3076 TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:28
2011/05/02 19:23:09.0508 3076 ================================================================================
2011/05/02 19:23:09.0508 3076 SystemInfo:
2011/05/02 19:23:09.0508 3076
2011/05/02 19:23:09.0508 3076 OS Version: 6.0.6000 ServicePack: 0.0
2011/05/02 19:23:09.0508 3076 Product type: Workstation
2011/05/02 19:23:09.0508 3076 ComputerName: xxx
2011/05/02 19:23:09.0508 3076 UserName: xxx
2011/05/02 19:23:09.0508 3076 Windows directory: C:\Windows
2011/05/02 19:23:09.0508 3076 System windows directory: C:\Windows
2011/05/02 19:23:09.0508 3076 Processor architecture: Intel x86
2011/05/02 19:23:09.0508 3076 Number of processors: 1
2011/05/02 19:23:09.0508 3076 Page size: 0x1000
2011/05/02 19:23:09.0508 3076 Boot type: Normal boot
2011/05/02 19:23:09.0508 3076 ================================================================================
2011/05/02 19:23:10.0007 3076 Initialize success
2011/05/02 19:23:12.0659 4052 ================================================================================
2011/05/02 19:23:12.0659 4052 Scan started
2011/05/02 19:23:12.0659 4052 Mode: Manual;
2011/05/02 19:23:12.0659 4052 ================================================================================
2011/05/02 19:23:16.0419 4052 ACPI (84fc6df81212d16be5c4f441682feccc) C:\Windows\system32\drivers\acpi.sys
2011/05/02 19:23:16.0543 4052 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
2011/05/02 19:23:16.0621 4052 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
2011/05/02 19:23:16.0777 4052 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
2011/05/02 19:23:16.0824 4052 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
2011/05/02 19:23:16.0918 4052 AFD (5d24caf8efd924a875698ff28384db8b) C:\Windows\system32\drivers\afd.sys
2011/05/02 19:23:17.0058 4052 AgereSoftModem (a19871ae65a769c65034b4dc44c29023) C:\Windows\system32\DRIVERS\AGRSM.sys
2011/05/02 19:23:17.0152 4052 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
2011/05/02 19:23:17.0214 4052 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
2011/05/02 19:23:17.0277 4052 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
2011/05/02 19:23:17.0339 4052 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
2011/05/02 19:23:17.0386 4052 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
2011/05/02 19:23:17.0448 4052 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
2011/05/02 19:23:17.0511 4052 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
2011/05/02 19:23:17.0667 4052 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
2011/05/02 19:23:17.0745 4052 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
2011/05/02 19:23:17.0823 4052 AsyncMac (e86cf7ce67d5de898f27ef884dc357d8) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/05/02 19:23:17.0916 4052 atapi (b35cfcef838382ab6490b321c87edf17) C:\Windows\system32\drivers\atapi.sys
2011/05/02 19:23:18.0041 4052 athr (889e7f06279fd16549b77628918ff666) C:\Windows\system32\DRIVERS\athr.sys
2011/05/02 19:23:18.0337 4052 avgio (87828ecd657f81503465ac705e845076) C:\Program Files\AntiVir PersonalEdition Classic\avgio.sys
2011/05/02 19:23:18.0415 4052 avgntflt (fcb30820bed1d3feb55e3dd55a3f947f) C:\Program Files\AntiVir PersonalEdition Classic\avgntflt.sys
2011/05/02 19:23:18.0493 4052 avipbb (0b09df022250fb7ba91fb932eac6ea9b) C:\Windows\system32\DRIVERS\avipbb.sys
2011/05/02 19:23:18.0618 4052 Beep (ac3dd1708b22761ebd7cbe14dcc3b5d7) C:\Windows\system32\drivers\Beep.sys
2011/05/02 19:23:18.0790 4052 bowser (913cd06fbe9105ce6077e90fd4418561) C:\Windows\system32\DRIVERS\bowser.sys
2011/05/02 19:23:18.0852 4052 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
2011/05/02 19:23:18.0915 4052 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
2011/05/02 19:23:18.0993 4052 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
2011/05/02 19:23:19.0055 4052 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
2011/05/02 19:23:19.0149 4052 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
2011/05/02 19:23:19.0227 4052 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
2011/05/02 19:23:19.0336 4052 BthEnum (064fbc56921051de1075495d628b815f) C:\Windows\system32\DRIVERS\BthEnum.sys
2011/05/02 19:23:19.0429 4052 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
2011/05/02 19:23:19.0507 4052 BthPan (b8c3d9ddf85fd197c3e5f849fef71144) C:\Windows\system32\DRIVERS\bthpan.sys
2011/05/02 19:23:19.0601 4052 BTHPORT (b24757d9154cca035e1bbd3db92966d7) C:\Windows\system32\Drivers\BTHport.sys
2011/05/02 19:23:19.0695 4052 BTHUSB (d42cf5f0c7635b3f1578810fe34d9e41) C:\Windows\system32\Drivers\BTHUSB.sys
2011/05/02 19:23:19.0788 4052 btwaudio (0cf62c498d60253a4fc3b2aff0e6373e) C:\Windows\system32\drivers\btwaudio.sys
2011/05/02 19:23:19.0882 4052 btwavdt (d094142ade0da18463609ae656b1f3ed) C:\Windows\system32\drivers\btwavdt.sys
2011/05/02 19:23:19.0960 4052 btwrchid (511159fcb07fd7442e7f399c94a3b408) C:\Windows\system32\DRIVERS\btwrchid.sys
2011/05/02 19:23:20.0007 4052 cdfs (6c3a437fc873c6f6a4fc620b6888cb86) C:\Windows\system32\DRIVERS\cdfs.sys
2011/05/02 19:23:20.0085 4052 cdrom (8d1866e61af096ae8b582454f5e4d303) C:\Windows\system32\DRIVERS\cdrom.sys
2011/05/02 19:23:20.0147 4052 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
2011/05/02 19:23:20.0272 4052 CLFS (1b84fd0937d3b99af9ba38ddff3daf54) C:\Windows\system32\CLFS.sys
2011/05/02 19:23:20.0397 4052 CmBatt (ed97ad3df1b9005989eaf149bf06c821) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/05/02 19:23:20.0475 4052 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
2011/05/02 19:23:20.0553 4052 Compbatt (722936afb75a7f509662b69b5632f48a) C:\Windows\system32\DRIVERS\compbatt.sys
2011/05/02 19:23:20.0615 4052 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
2011/05/02 19:23:20.0662 4052 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
2011/05/02 19:23:20.0802 4052 DfsC (a7179de59ae269ab70345527894ccd7c) C:\Windows\system32\Drivers\dfsc.sys
2011/05/02 19:23:20.0943 4052 disk (841af4c4d41d3e3b2f244e976b0f7963) C:\Windows\system32\drivers\disk.sys
2011/05/02 19:23:21.0052 4052 drmkaud (ee472cd2c01f6f8e8aa1fa06ffef61b6) C:\Windows\system32\drivers\drmkaud.sys
2011/05/02 19:23:21.0286 4052 DXGKrnl (334988883de69adb27e2cf9f9715bbdb) C:\Windows\System32\drivers\dxgkrnl.sys
2011/05/02 19:23:21.0364 4052 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
2011/05/02 19:23:21.0442 4052 Ecache (0efc7531b936ee57fdb4e837664c509f) C:\Windows\system32\drivers\ecache.sys
2011/05/02 19:23:21.0551 4052 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
2011/05/02 19:23:21.0723 4052 fastfat (84a317cb0b3954d3768cdcd018dbf670) C:\Windows\system32\drivers\fastfat.sys
2011/05/02 19:23:21.0816 4052 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
2011/05/02 19:23:21.0894 4052 FileInfo (65773d6115c037ffd7ef8280ae85eb9d) C:\Windows\system32\drivers\fileinfo.sys
2011/05/02 19:23:21.0972 4052 Filetrace (c226dd0de060745f3e042f58dcf78402) C:\Windows\system32\drivers\filetrace.sys
2011/05/02 19:23:22.0050 4052 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/05/02 19:23:22.0113 4052 FltMgr (a6a8da7ae4d53394ab22ac3ab6d3f5d3) C:\Windows\system32\drivers\fltmgr.sys
2011/05/02 19:23:22.0253 4052 Fs_Rec (66a078591208baa210c7634b11eb392c) C:\Windows\system32\drivers\Fs_Rec.sys
2011/05/02 19:23:22.0331 4052 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
2011/05/02 19:23:22.0425 4052 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
2011/05/02 19:23:22.0643 4052 hcw95bda (a036414384b1f3f36d7e40286cf6dd07) C:\Windows\system32\Drivers\hcw95bda.sys
2011/05/02 19:23:22.0721 4052 hcw95rc (a83862f32f86da77b1ab3a11e18bb62f) C:\Windows\system32\DRIVERS\hcw95rc.sys
2011/05/02 19:23:22.0799 4052 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
2011/05/02 19:23:22.0893 4052 HDAudBus (0db613a7e427b5663563677796fd5258) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/05/02 19:23:23.0017 4052 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
2011/05/02 19:23:23.0064 4052 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
2011/05/02 19:23:23.0345 4052 HidUsb (3c64042b95e583b366ba4e5d2450235e) C:\Windows\system32\DRIVERS\hidusb.sys
2011/05/02 19:23:23.0423 4052 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
2011/05/02 19:23:23.0548 4052 HTTP (ea24fe637d974a8a31bc650f478e3533) C:\Windows\system32\drivers\HTTP.sys
2011/05/02 19:23:23.0610 4052 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
2011/05/02 19:23:23.0735 4052 i8042prt (1c9ee072baa3abb460b91d7ee9152660) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/05/02 19:23:23.0797 4052 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
2011/05/02 19:23:23.0875 4052 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
2011/05/02 19:23:24.0078 4052 IntcAzAudAddService (a47b2875680ad67b35c6150bd0203056) C:\Windows\system32\drivers\RTKVHDA.sys
2011/05/02 19:23:24.0172 4052 intelide (97469037714070e45194ed318d636401) C:\Windows\system32\drivers\intelide.sys
2011/05/02 19:23:24.0219 4052 intelppm (ce44cc04262f28216dd4341e9e36a16f) C:\Windows\system32\DRIVERS\intelppm.sys
2011/05/02 19:23:24.0297 4052 IpFilterDriver (880c6f86cc3f551b8fea2c11141268c0) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/05/02 19:23:24.0421 4052 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
2011/05/02 19:23:24.0562 4052 IPNAT (10077c35845101548037df04fd1a420b) C:\Windows\system32\DRIVERS\ipnat.sys
2011/05/02 19:23:24.0655 4052 IRENUM (a82f328f4792304184642d6d397bb1e3) C:\Windows\system32\drivers\irenum.sys
2011/05/02 19:23:24.0702 4052 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
2011/05/02 19:23:24.0765 4052 iScsiPrt (4dca456d4d5723f8fa9c6760d240b0df) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/05/02 19:23:24.0827 4052 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
2011/05/02 19:23:24.0889 4052 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
2011/05/02 19:23:24.0999 4052 kbdclass (b076b2ab806b3f696dab21375389101c) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/05/02 19:23:25.0108 4052 kbdhid (ed61dbc6603f612b7338283edbacbc4b) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/05/02 19:23:25.0217 4052 KMDFMEMIO (ebc507f129df8f0e0ca270dcfc0cf87f) C:\Windows\system32\DRIVERS\kmdfmemio.sys
2011/05/02 19:23:25.0357 4052 KSecDD (0a829977b078dea11641fc2af87ceade) C:\Windows\system32\Drivers\ksecdd.sys
2011/05/02 19:23:25.0529 4052 lltdio (fd015b4f95daa2b712f0e372a116fbad) C:\Windows\system32\DRIVERS\lltdio.sys
2011/05/02 19:23:25.0685 4052 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
2011/05/02 19:23:25.0732 4052 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
2011/05/02 19:23:25.0810 4052 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
2011/05/02 19:23:25.0888 4052 luafv (42885bb44b6e065b8575a8dd6c430c52) C:\Windows\system32\drivers\luafv.sys
2011/05/02 19:23:25.0966 4052 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
2011/05/02 19:23:26.0059 4052 Modem (21755967298a46fb6adfec9db6012211) C:\Windows\system32\drivers\modem.sys
2011/05/02 19:23:26.0137 4052 monitor (7446e104a5fe5987ca9e4983fbac4f97) C:\Windows\system32\DRIVERS\monitor.sys
2011/05/02 19:23:26.0231 4052 motmodem (59f513e9a519a5fd6fa6b03d3aa8081b) C:\Windows\system32\DRIVERS\motmodem.sys
2011/05/02 19:23:26.0325 4052 mouclass (5fba13c1a1841b0885d316ed3589489d) C:\Windows\system32\DRIVERS\mouclass.sys
2011/05/02 19:23:26.0403 4052 mouhid (b569b5c5d3bde545df3a6af512cccdba) C:\Windows\system32\DRIVERS\mouhid.sys
2011/05/02 19:23:26.0465 4052 MountMgr (01f1e5a3e4877c931cbb31613fec16a6) C:\Windows\system32\drivers\mountmgr.sys
2011/05/02 19:23:26.0543 4052 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
2011/05/02 19:23:26.0637 4052 mpsdrv (6e7a7f0c1193ee5648443fe2d4b789ec) C:\Windows\system32\drivers\mpsdrv.sys
2011/05/02 19:23:26.0715 4052 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
2011/05/02 19:23:26.0793 4052 MRxDAV (1d8828b98ee309d65e006f0829e280e5) C:\Windows\system32\drivers\mrxdav.sys
2011/05/02 19:23:26.0886 4052 mrxsmb (8af705ce1bb907932157fab821170f27) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/05/02 19:23:27.0011 4052 mrxsmb10 (47e13ab23371be3279eef22bbfa2c1be) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/05/02 19:23:27.0089 4052 mrxsmb20 (90b3fc7bd6b3d7ee7635debba2187f66) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/05/02 19:23:27.0151 4052 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys
2011/05/02 19:23:27.0229 4052 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
2011/05/02 19:23:27.0307 4052 Msfs (729eafefd4e7417165f353a18dbe947d) C:\Windows\system32\drivers\Msfs.sys
2011/05/02 19:23:27.0401 4052 msisadrv (207df26dbb2537c20276da0e15892274) C:\Windows\system32\drivers\msisadrv.sys
2011/05/02 19:23:27.0495 4052 MSKSSRV (892cedefa7e0ffe7be8da651b651d047) C:\Windows\system32\drivers\MSKSSRV.sys
2011/05/02 19:23:27.0541 4052 MSPCLOCK (ae2cb1da69b2676b4cee2a501af5871c) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/05/02 19:23:27.0604 4052 MSPQM (f910da84fa90c44a3addb7cd874463fd) C:\Windows\system32\drivers\MSPQM.sys
2011/05/02 19:23:27.0791 4052 MsRPC (84571c0ae07647ba38d493f5f0015df7) C:\Windows\system32\drivers\MsRPC.sys
2011/05/02 19:23:27.0931 4052 mssmbios (7dbaa028f625aa46b95dda4fbe4b602b) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/05/02 19:23:27.0994 4052 MSTEE (c826dd1373f38afd9ca46ec3c436a14e) C:\Windows\system32\drivers\MSTEE.sys
2011/05/02 19:23:28.0056 4052 Mup (fa7aa70050cf5e2d15de00941e5665e5) C:\Windows\system32\Drivers\mup.sys
2011/05/02 19:23:28.0197 4052 NativeWifiP (6da4a0fc7c0e83df0cb3cfd0a514c3bc) C:\Windows\system32\DRIVERS\nwifi.sys
2011/05/02 19:23:28.0353 4052 NDIS (227c11e1e7cf6ef8afb2a238d209760c) C:\Windows\system32\drivers\ndis.sys
2011/05/02 19:23:28.0431 4052 NdisTapi (81659cdcbd0f9a9e07e6878ad8c78d3f) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/05/02 19:23:28.0493 4052 Ndisuio (5de5ee546bf40838ebe0e01cb629df64) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/05/02 19:23:28.0571 4052 NdisWan (397402adcbb8946223a1950101f6cd94) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/05/02 19:23:28.0633 4052 NDProxy (1b24fa907af283199a81b3bb37e5e526) C:\Windows\system32\drivers\NDProxy.sys
2011/05/02 19:23:28.0696 4052 NetBIOS (356dbb9f98e8dc1028dd3092fceeb877) C:\Windows\system32\DRIVERS\netbios.sys
2011/05/02 19:23:28.0758 4052 netbt (e3a168912e7eefc3bd3b814720d68b41) C:\Windows\system32\DRIVERS\netbt.sys
2011/05/02 19:23:29.0039 4052 NETw2v32 (6e9edc1020b319e7676387b8cdf2398c) C:\Windows\system32\DRIVERS\NETw2v32.sys
2011/05/02 19:23:29.0133 4052 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
2011/05/02 19:23:29.0226 4052 NPF (d21fee8db254ba762656878168ac1db6) C:\Windows\system32\drivers\npf.sys
2011/05/02 19:23:29.0289 4052 Npfs (4f9832beb9fafd8ceb0e541f1323b26e) C:\Windows\system32\drivers\Npfs.sys
2011/05/02 19:23:29.0351 4052 nsiproxy (b488dfec274de1fc9d653870ef2587be) C:\Windows\system32\drivers\nsiproxy.sys
2011/05/02 19:23:29.0694 4052 Ntfs (37430aa7a66d7a63407adc2c0d05e9f6) C:\Windows\system32\drivers\Ntfs.sys
2011/05/02 19:23:29.0772 4052 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
2011/05/02 19:23:29.0835 4052 Null (ec5efb3c60f1b624648344a328bce596) C:\Windows\system32\drivers\Null.sys
2011/05/02 19:23:29.0897 4052 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
2011/05/02 19:23:29.0959 4052 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
2011/05/02 19:23:30.0022 4052 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
2011/05/02 19:23:30.0240 4052 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
2011/05/02 19:23:30.0396 4052 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
2011/05/02 19:23:30.0490 4052 partmgr (555a5b2c8022983bc7467bc925b222ee) C:\Windows\system32\drivers\partmgr.sys
2011/05/02 19:23:30.0568 4052 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
2011/05/02 19:23:30.0677 4052 pci (bdd96f9cf34d58958aff1be6ef4c8020) C:\Windows\system32\drivers\pci.sys
2011/05/02 19:23:30.0802 4052 pciide (caba65e9c41cd2900d4c92d4f825c5f8) C:\Windows\system32\drivers\pciide.sys
2011/05/02 19:23:30.0880 4052 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\DRIVERS\pcmcia.sys
2011/05/02 19:23:30.0989 4052 pcouffin (5b6c11de7e839c05248ced8825470fef) C:\Windows\system32\Drivers\pcouffin.sys
2011/05/02 19:23:31.0114 4052 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
2011/05/02 19:23:31.0317 4052 PptpMiniport (6c359ac71d7b550a0d41f9db4563ce05) C:\Windows\system32\DRIVERS\raspptp.sys
2011/05/02 19:23:31.0363 4052 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
2011/05/02 19:23:31.0488 4052 PSched (2c8bae55247c4e09352e870292e4d1ab) C:\Windows\system32\DRIVERS\pacer.sys
2011/05/02 19:23:31.0644 4052 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
2011/05/02 19:23:31.0722 4052 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
2011/05/02 19:23:31.0831 4052 QWAVEdrv (d2b3e2b7426dc23e185fbc73c8936c12) C:\Windows\system32\drivers\qwavedrv.sys
2011/05/02 19:23:32.0050 4052 R300 (1fd94b167a03c4e9909f6e28a6320019) C:\Windows\system32\DRIVERS\atikmdag.sys
2011/05/02 19:23:32.0143 4052 RasAcd (bd7b30f55b3649506dd8b3d38f571d2a) C:\Windows\system32\DRIVERS\rasacd.sys
2011/05/02 19:23:32.0221 4052 Rasl2tp (88587dd843e2059848995b407b67f6cf) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/05/02 19:23:32.0299 4052 RasPppoe (ccf4e9c6cbbac81437f88cb2ae0b6c96) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/05/02 19:23:32.0362 4052 rdbss (54129c5d9581bbec8bd1ebd3ba813f47) C:\Windows\system32\DRIVERS\rdbss.sys
2011/05/02 19:23:32.0424 4052 RDPCDD (794585276b5d7fca9f3fc15543f9f0b9) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/05/02 19:23:32.0518 4052 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
2011/05/02 19:23:32.0580 4052 RDPENCDD (980b56e2e273e19d3a9d72d5c420f008) C:\Windows\system32\drivers\rdpencdd.sys
2011/05/02 19:23:32.0643 4052 RDPWD (8830e790a74a96605faba74f9665bb3c) C:\Windows\system32\drivers\RDPWD.sys
2011/05/02 19:23:32.0767 4052 RFCOMM (7ec90c316177ba3f1bce92005264b447) C:\Windows\system32\DRIVERS\rfcomm.sys
2011/05/02 19:23:32.0861 4052 rimmptsk (b39f1bd472e4992382875baf0b645c6d) C:\Windows\system32\DRIVERS\rimmptsk.sys
2011/05/02 19:23:32.0955 4052 rimsptsk (a4216c71dd4f60b26418ccfd99cd0815) C:\Windows\system32\DRIVERS\rimsptsk.sys
2011/05/02 19:23:33.0017 4052 rismxdp (c663af77e2f4eabf8eb08b388d2f1f36) C:\Windows\system32\DRIVERS\rixdptsk.sys
2011/05/02 19:23:33.0111 4052 rspndr (97e939d2128fec5d5a3e6e79b290a2f4) C:\Windows\system32\DRIVERS\rspndr.sys
2011/05/02 19:23:33.0173 4052 RTL8023xp (f7a8c9024e82534cec50613d87e88645) C:\Windows\system32\DRIVERS\Rtnicxp.sys
2011/05/02 19:23:33.0251 4052 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
2011/05/02 19:23:33.0376 4052 sdbus (7b3973cc28b8aa3e9e2e5d53e720e2c9) C:\Windows\system32\DRIVERS\sdbus.sys
2011/05/02 19:23:33.0438 4052 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/05/02 19:23:33.0516 4052 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\DRIVERS\serenum.sys
2011/05/02 19:23:33.0579 4052 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
2011/05/02 19:23:33.0672 4052 sermouse (450accd77ec5cea720c1cdb9e26b953b) C:\Windows\system32\drivers\sermouse.sys
2011/05/02 19:23:33.0844 4052 sffdisk (103b79418da647736ee95645f305f68a) C:\Windows\system32\DRIVERS\sffdisk.sys
2011/05/02 19:23:33.0906 4052 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
2011/05/02 19:23:33.0953 4052 sffp_sd (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\DRIVERS\sffp_sd.sys
2011/05/02 19:23:34.0015 4052 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
2011/05/02 19:23:34.0093 4052 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
2011/05/02 19:23:34.0171 4052 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
2011/05/02 19:23:34.0218 4052 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
2011/05/02 19:23:34.0374 4052 Smb (ac0d90738adb51a6fd12ff00874a2162) C:\Windows\system32\DRIVERS\smb.sys
2011/05/02 19:23:34.0468 4052 spldr (426f9b029aa9162ceccf65369457d046) C:\Windows\system32\drivers\spldr.sys
2011/05/02 19:23:34.0608 4052 srv (038579c35f7cad4a4bbf735dbf83277d) C:\Windows\system32\DRIVERS\srv.sys
2011/05/02 19:23:34.0827 4052 srv2 (6971a757af8cb5e2cbcbb76cc530db6c) C:\Windows\system32\DRIVERS\srv2.sys
2011/05/02 19:23:34.0889 4052 srvnet (9e1a4603b874eebce0298113951abefb) C:\Windows\system32\DRIVERS\srvnet.sys
2011/05/02 19:23:34.0998 4052 sscdbus (d5dffeaa1e15d4effabb9d9a3068ac5b) C:\Windows\system32\DRIVERS\sscdbus.sys
2011/05/02 19:23:35.0092 4052 ssmdrv (71d609c5dff067906d930bde031c4cfe) C:\Windows\system32\DRIVERS\ssmdrv.sys
2011/05/02 19:23:35.0232 4052 swenum (3b80b4383c9bce13279c8482734b32b2) C:\Windows\system32\DRIVERS\swenum.sys
2011/05/02 19:23:35.0341 4052 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
2011/05/02 19:23:35.0388 4052 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
2011/05/02 19:23:35.0451 4052 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
2011/05/02 19:23:35.0544 4052 SynTP (c7dd991423d364d06fc2dd1b00b53dce) C:\Windows\system32\DRIVERS\SynTP.sys
2011/05/02 19:23:35.0794 4052 Tcpip (4a82fa8f0df67aa354580c3faaf8bde3) C:\Windows\system32\drivers\tcpip.sys
2011/05/02 19:23:35.0887 4052 Tcpip6 (4a82fa8f0df67aa354580c3faaf8bde3) C:\Windows\system32\DRIVERS\tcpip.sys
2011/05/02 19:23:35.0950 4052 tcpipreg (5ce0c4a7b12d0067dad527d72b68c726) C:\Windows\system32\drivers\tcpipreg.sys
2011/05/02 19:23:36.0012 4052 TDPIPE (964248aef49c31fa6a93201a73ffaf50) C:\Windows\system32\drivers\tdpipe.sys
2011/05/02 19:23:36.0059 4052 TDTCP (7d2c1ae1648a60fce4aa0f7982e419d3) C:\Windows\system32\drivers\tdtcp.sys
2011/05/02 19:23:36.0121 4052 tdx (ab4fde8af4a0270a46a001c08cbce1c2) C:\Windows\system32\DRIVERS\tdx.sys
2011/05/02 19:23:36.0199 4052 TermDD (849ed71967d45f15c3e0abfc633fdf2a) C:\Windows\system32\DRIVERS\termdd.sys
2011/05/02 19:23:36.0324 4052 tssecsrv (29f0eca726f0d51f7e048bdb0b372f29) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/05/02 19:23:36.0418 4052 tunmp (65e953bc0084d44498b51f59784d2a82) C:\Windows\system32\DRIVERS\tunmp.sys
2011/05/02 19:23:36.0496 4052 tunnel (4a39bda5e0fd30bdf4884f9d33ae6105) C:\Windows\system32\DRIVERS\tunnel.sys
2011/05/02 19:23:36.0558 4052 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
2011/05/02 19:23:36.0621 4052 udfs (6348da98707ceda8a0dfb05820e17732) C:\Windows\system32\DRIVERS\udfs.sys
2011/05/02 19:23:36.0730 4052 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
2011/05/02 19:23:36.0792 4052 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
2011/05/02 19:23:36.0855 4052 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
2011/05/02 19:23:36.0933 4052 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
2011/05/02 19:23:37.0011 4052 umbus (3fb78f1d1dd86d87bececd9dffa24dd9) C:\Windows\system32\DRIVERS\umbus.sys
2011/05/02 19:23:37.0135 4052 usbccgp (b0ba9caffe9b0555ec0317f30cb79cd2) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/05/02 19:23:37.0213 4052 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
2011/05/02 19:23:37.0323 4052 usbehci (c9fcd05b0a80ea08c2768e5a279b14de) C:\Windows\system32\DRIVERS\usbehci.sys
2011/05/02 19:23:37.0463 4052 usbhub (5e44f7d957f7560da06bfe6b84b58a35) C:\Windows\system32\DRIVERS\usbhub.sys
2011/05/02 19:23:37.0635 4052 usbohci (9333e482a173938788cbde8f81ec52fb) C:\Windows\system32\DRIVERS\usbohci.sys
2011/05/02 19:23:37.0697 4052 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\DRIVERS\usbprint.sys
2011/05/02 19:23:37.0791 4052 usbscan (b1f95285c08ddfe00c0b955462637ec7) C:\Windows\system32\DRIVERS\usbscan.sys
2011/05/02 19:23:37.0884 4052 USBSTOR (7887ce56934e7f104e98c975f47353c5) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/05/02 19:23:37.0962 4052 usbuhci (325dbbacb8a36af9988ccf40eac228cc) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/05/02 19:23:38.0056 4052 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/05/02 19:23:38.0118 4052 VgaSave (17a8f877314e4067f8c8172cc6d9101c) C:\Windows\System32\drivers\vga.sys
2011/05/02 19:23:38.0196 4052 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
2011/05/02 19:23:38.0259 4052 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
2011/05/02 19:23:38.0337 4052 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
2011/05/02 19:23:38.0461 4052 volmgr (fd16fac15f9f165ac19a618e7b391f5c) C:\Windows\system32\drivers\volmgr.sys
2011/05/02 19:23:38.0539 4052 volmgrx (294da8d3f965f6a8db934a83c7b461ff) C:\Windows\system32\drivers\volmgrx.sys
2011/05/02 19:23:38.0617 4052 volsnap (80dc0c9bcb579ed9815001a4d37cbfd5) C:\Windows\system32\drivers\volsnap.sys
2011/05/02 19:23:38.0695 4052 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
2011/05/02 19:23:38.0789 4052 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
2011/05/02 19:23:38.0883 4052 Wanarp (6798c1209a53b5a0ded8d437c45145ff) C:\Windows\system32\DRIVERS\wanarp.sys
2011/05/02 19:23:38.0945 4052 Wanarpv6 (6798c1209a53b5a0ded8d437c45145ff) C:\Windows\system32\DRIVERS\wanarp.sys
2011/05/02 19:23:39.0023 4052 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
2011/05/02 19:23:39.0117 4052 Wdf01000 (7b5f66e4a2219c7d9daf9e738480e534) C:\Windows\system32\drivers\Wdf01000.sys
2011/05/02 19:23:39.0335 4052 WmiAcpi (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys
2011/05/02 19:23:39.0475 4052 WpdUsb (2d27171b16a577ef14c1273668753485) C:\Windows\system32\DRIVERS\wpdusb.sys
2011/05/02 19:23:39.0553 4052 ws2ifsl (84620aecdcfd2a7a14e6263927d8c0ed) C:\Windows\system32\drivers\ws2ifsl.sys
2011/05/02 19:23:39.0647 4052 WUDFRd (a2aafcc8a204736296d937c7c545b53f) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/05/02 19:23:40.0209 4052 ================================================================================
2011/05/02 19:23:40.0209 4052 Scan finished
2011/05/02 19:23:40.0209 4052 ================================================================================

cosinus 02.05.2011 19:59
Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Lade dir ComboFix hier herunter auf deinen Desktop. Benenne es beim Runterladen um in cofi.exe.
http://saved.im/mtm0nzyzmzd5/cofi.jpg
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte cofi.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Kahe 02.05.2011 21:09
Hallo Cosinus,

habe alles gemacht wie du geschrieben hast folgende Log Datei ist dabei herum gekommen:


Combofix Logfile:
Code:
ComboFix 11-05-02.02 - xxx 02.05.2011  21:32:38.1.1 - x86
Microsoft® Windows Vista™ Home Premium  6.0.6000.0.1252.49.1031.18.766.267 [GMT 2:00]
ausgeführt von:: c:\users\xxx\Desktop\cofi.exe
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\xxx\AppData\Roaming\inst.exe
c:\users\xxx\vlc-0.8.6f-win32.exe
c:\windows\11014no5-a-zir9s633.cpl
c:\windows\11568viruz1b9.cpl
c:\windows\1179sp5zbot6c9.ocx
c:\windows\12684s9azbot45a5.cpl
c:\windows\129z6s5y1fe.ocx
c:\windows\13357tr59z56.ocx
c:\windows\14449not-a-5izus42e.cpl
c:\windows\14568spy6z59.ocx
c:\windows\146995ormzd8.ocx
c:\windows\14985trz592c.ocx
c:\windows\1595stzal1358.cpl
c:\windows\1599zspambot600.ocx
c:\windows\15z5v59usb.cpl
c:\windows\16269p5mzot4e1.ocx
c:\windows\16406zi9u5127.ocx
c:\windows\16591hacktzol5965.cpl
c:\windows\16946spz9b5t12.cpl
c:\windows\17885zacktool5f9.cpl
c:\windows\17abstz592547.cpl
c:\windows\1815spyware2290z.ocx
c:\windows\18162troj54z9.cpl
c:\windows\18175szy59f.ocx
c:\windows\182z3spamb9tb5.ocx
c:\windows\1872zte9l1598.cpl
c:\windows\19395vzrusc6.ocx
c:\windows\19553spy1zc.ocx
c:\windows\197z4troj1859.ocx
c:\windows\198s5arse2z92.cpl
c:\windows\1cdct5ie9z232.ocx
c:\windows\1e7z9hief5411.ocx
c:\windows\1fzspars5299.ocx
c:\windows\1z4319ac5tool1af.cpl
c:\windows\1z8dspar9e521.cpl
c:\windows\1z949ha5ktool145.ocx
c:\windows\1zdspyware55289.cpl
c:\windows\219335pz8f.cpl
c:\windows\22355zackto9l5a75.ocx
c:\windows\22794nzt-a-virus5de.cpl
c:\windows\2305z95oj513.cpl
c:\windows\23596virz9602.ocx
c:\windows\2393spyware23z25.cpl
c:\windows\245179pambot74z.cpl
c:\windows\2499threzt29599.cpl
c:\windows\255cthrz9t294215.cpl
c:\windows\25ecthr9at14553z.ocx
c:\windows\266z39irus592.cpl
c:\windows\27116hacztool25d9.ocx
c:\windows\2731spaz5ot905.ocx
c:\windows\2797zpyware3583.cpl
c:\windows\29928wo9z5ec.cpl
c:\windows\29975z5rus435.ocx
c:\windows\2b4ca95ware3z5.cpl
c:\windows\2f64t9izf22675.cpl
c:\windows\2f675ir1z479.cpl
c:\windows\2f87d9wnl5ader925z.cpl
c:\windows\2z43thre5t24195.cpl
c:\windows\2zaback9oor2533.ocx
c:\windows\31555vizus195.ocx
c:\windows\318259o5z593.cpl
c:\windows\31997szambot59.cpl
c:\windows\35250v9rusz2a.ocx
c:\windows\35c4s9ywarez103.ocx
c:\windows\393evi9z564.cpl
c:\windows\39b5sp5zare806.cpl
c:\windows\3b92adzware15559.cpl
c:\windows\3cf5zpar9e2159.cpl
c:\windows\3z528s9y5f9.cpl
c:\windows\3z90s5ambot4e9.cpl
c:\windows\413ath5eat2z293.ocx
c:\windows\43495oznloader2953.ocx
c:\windows\44zsparse1593.cpl
c:\windows\4545vi9316z.cpl
c:\windows\47429pyw5rez88.ocx
c:\windows\4zd39ir1538.ocx
c:\windows\503asza9se25185.ocx
c:\windows\50917troj19z.cpl
c:\windows\509ft5ief2z80.ocx
c:\windows\50f8d5wzloader2892.cpl
c:\windows\53785p9560z.ocx
c:\windows\5519sp5ware130z9.ocx
c:\windows\5596spy4z39.ocx
c:\windows\559czpyware5657.ocx
c:\windows\55c4spzrse1999.ocx
c:\windows\55z6spa5s92634.cpl
c:\windows\56f69hzef2961.ocx
c:\windows\57960spy3ez.ocx
c:\windows\57ezvir9396.ocx
c:\windows\5859spy20dz.ocx
c:\windows\590abazkdoor90.cpl
c:\windows\5955spyw9ze985.ocx
c:\windows\5a05szeal869.cpl
c:\windows\5a9b5t9al3z43.ocx
c:\windows\5bccth9eat1588z5.ocx
c:\windows\5c07back9o5z1417.cpl
c:\windows\5cdasp5rsez69.cpl
c:\windows\5d96szyware75.cpl
c:\windows\5e29addw9re176z.ocx
c:\windows\5z28vir99.cpl
c:\windows\5zb7thre9t20652.ocx
c:\windows\60ffsparsz25759.cpl
c:\windows\61e3viz2095.ocx
c:\windows\625bthze9695.ocx
c:\windows\6403steaz25029.ocx
c:\windows\6565thiefz4709.ocx
c:\windows\65f7add9aze2505.cpl
c:\windows\698dthzef2252.cpl
c:\windows\69965ot-9-virus61fz.ocx
c:\windows\6baspy5zre2689.ocx
c:\windows\6c449pywa5z1906.ocx
c:\windows\6e05zd9w5re1697.cpl
c:\windows\6z71addw9re5000.cpl
c:\windows\71c7zhre5t93033.cpl
c:\windows\759zvir597.ocx
c:\windows\7914viz5scf.cpl
c:\windows\79d5vir280z.cpl
c:\windows\7b8bs9arse2z65.cpl
c:\windows\7bz0stea95853.cpl
c:\windows\7d07zpy9are14265.cpl
c:\windows\8551z9rm32a.cpl
c:\windows\8623w95m1z9.ocx
c:\windows\9005spz455.ocx
c:\windows\9098spambot4z85.ocx
c:\windows\91029spazbo5601.cpl
c:\windows\9195stzal1256.cpl
c:\windows\9280viz95349.cpl
c:\windows\948a5ownloadez1534.cpl
c:\windows\9541s9azbot2a5.cpl
c:\windows\957asteal19z35.ocx
c:\windows\9956worm77z.cpl
c:\windows\9e8zthrea530624.cpl
c:\windows\9f17ba5zdoor3013.ocx
c:\windows\bzfst5al9299.cpl
c:\windows\ezcv9r26495.cpl
c:\windows\f45down9ozder1049.cpl
c:\windows\system32\10545spy569z.cpl
c:\windows\system32\10a9dzwnloader13925.ocx
c:\windows\system32\11259hzck9ool4e9.ocx
c:\windows\system32\118469pamz5t4bf.cpl
c:\windows\system32\12525n9t-a-virus2z4.ocx
c:\windows\system32\12899troj40z5.ocx
c:\windows\system32\13c2vi9z567.cpl
c:\windows\system32\13ea9ddwar5z449.ocx
c:\windows\system32\14499worm395z.ocx
c:\windows\system32\1516759cktool36z.cpl
c:\windows\system32\1567tzie92554.cpl
c:\windows\system32\16255hackzool9a5.cpl
c:\windows\system32\17174ha9ktooz485.cpl
c:\windows\system32\17955hacktool9cfz.ocx
c:\windows\system32\1835d9wnloadez2773.ocx
c:\windows\system32\191239z5mbot4a.cpl
c:\windows\system32\19159spambz919e5.ocx
c:\windows\system32\19205tr9z5a6.cpl
c:\windows\system32\19359zirus724.ocx
c:\windows\system32\1965znot-a-v9rus761.ocx
c:\windows\system32\19950w5zm2b2.cpl
c:\windows\system32\1aa0b9ckdoorz544.cpl
c:\windows\system32\1cz2vi93215.cpl
c:\windows\system32\2057tzief20739.cpl
c:\windows\system32\217259rm73z.cpl
c:\windows\system32\2269v5r18z9.ocx
c:\windows\system32\23025not-a9virz5201.cpl
c:\windows\system32\2381zt9oj19d5.cpl
c:\windows\system32\24237ha5ktool4fz9.cpl
c:\windows\system32\25079azktool75b.ocx
c:\windows\system32\253f9zreat5635.ocx
c:\windows\system32\25640spy95z.cpl
c:\windows\system32\25869troj5z79.cpl
c:\windows\system32\25996tzo548b.ocx
c:\windows\system32\259cspywzr5997.cpl
c:\windows\system32\25z99hacktool689.ocx
c:\windows\system32\26497zor5145.cpl
c:\windows\system32\284z4no9-a-virus5a5.cpl
c:\windows\system32\29079hazk5ool6de.cpl
c:\windows\system32\29278hacktzo51c5.ocx
c:\windows\system32\29589wzrm393.cpl
c:\windows\system32\29765troz9b5.cpl
c:\windows\system32\29b1stzal29155.ocx
c:\windows\system32\29e5s5ealz162.cpl
c:\windows\system32\2c5baddware18z9.ocx
c:\windows\system32\2z945no9-a-v5rus591.ocx
c:\windows\system32\30ebs5arse31z39.ocx
c:\windows\system32\3159zspy1be.cpl
c:\windows\system32\31zfspyware5759.cpl
c:\windows\system32\3357tro923ez.ocx
c:\windows\system32\3789hack9oolz45.cpl
c:\windows\system32\380ba9dw5re2z75.cpl
c:\windows\system32\3859t9z55e3.cpl
c:\windows\system32\3970dozn5o9der2173.cpl
c:\windows\system32\3e51sparsez99.ocx
c:\windows\system32\429d5zarse5789.cpl
c:\windows\system32\4451vi92495z.ocx
c:\windows\system32\44z9w5rm42b.cpl
c:\windows\system32\457fspywarz1928.cpl
c:\windows\system32\45zdownl5ader6979.cpl
c:\windows\system32\4659down9oadzr558.ocx
c:\windows\system32\47adzownlo9der6695.ocx
c:\windows\system32\4957thizf15559.cpl
c:\windows\system32\4965thizf656.cpl
c:\windows\system32\4984vir9z75.cpl
c:\windows\system32\499795arsz681.cpl
c:\windows\system32\4998zi9535.ocx
c:\windows\system32\4a5cspywarz9659.ocx
c:\windows\system32\4z06spyware94515.ocx
c:\windows\system32\5091steaz920.ocx
c:\windows\system32\520es5az9e182.ocx
c:\windows\system32\5237th9ez3214.ocx
c:\windows\system32\5250back5oor11z9.ocx
c:\windows\system32\530fdzwnloa9er856.ocx
c:\windows\system32\5512thief9z89.ocx
c:\windows\system32\559zspa9se608.cpl
c:\windows\system32\56zpywa9e2243.cpl
c:\windows\system32\595spywa9e9z.ocx
c:\windows\system32\59f9azdwa5e1663.ocx
c:\windows\system32\5c40addware22z59.cpl
c:\windows\system32\5d42spa9se2z55.ocx
c:\windows\system32\5d8f9hiefz5.cpl
c:\windows\system32\5e19backdzor90905.ocx
c:\windows\system32\5z59downloader1955.ocx
c:\windows\system32\5z93thre5t5350.ocx
c:\windows\system32\6331s95676z.cpl
c:\windows\system32\69009pam5otzaa.cpl
c:\windows\system32\697dbackd5or2z8.cpl
c:\windows\system32\6f5av9z870.cpl
c:\windows\system32\6z8aste9l795.ocx
c:\windows\system32\7136tzi9f5026.ocx
c:\windows\system32\7151t9i5f1z99.ocx
c:\windows\system32\750c59r2449z.cpl
c:\windows\system32\755z9pyware795.ocx
c:\windows\system32\7832z9ru554c.ocx
c:\windows\system32\7893zir5990.cpl
c:\windows\system32\79455ackdooz7999.cpl
c:\windows\system32\7ad49hi5f25z8.cpl
c:\windows\system32\7cdatz9ef2555.ocx
c:\windows\system32\7df9t59ef2722z.ocx
c:\windows\system32\7ee5vir9189z.ocx
c:\windows\system32\7ez6th95at11505.cpl
c:\windows\system32\7f39spzware5919.ocx
c:\windows\system32\7z74vir2954.ocx
c:\windows\system32\8099ownlo5dzr197.cpl
c:\windows\system32\8910zacktool465.cpl
c:\windows\system32\8990wzrm50d.ocx
c:\windows\system32\9223spaz95t467.ocx
c:\windows\system32\9274steal2z57.ocx
c:\windows\system32\94861s5azbot1e1.cpl
c:\windows\system32\9582spyz59.ocx
c:\windows\system32\9623za5ktool5a9.ocx
c:\windows\system32\970ztr956b.cpl
c:\windows\system32\9749ddwarez195.cpl
c:\windows\system32\986w9rzf55.cpl
c:\windows\system32\9c7zsteal925.cpl
c:\windows\system32\9f0downlza5er1486.cpl
c:\windows\system32\9z534troj566.cpl
c:\windows\system32\a24sp95are25z5.cpl
c:\windows\system32\C
c:\windows\system32\drivers\npf.sys
c:\windows\system32\f585hz9at6583.ocx
c:\windows\system32\fcbspz59re1691.cpl
c:\windows\system32\Packet.dll
c:\windows\system32\WanPacket.dll
c:\windows\system32\wpcap.dll
c:\windows\system32\z1465troj3849.cpl
c:\windows\system32\z5b1sp5ware11349.ocx
c:\windows\system32\z710s5y5d29.cpl
c:\windows\system32\z80599pam5ot37f.cpl
c:\windows\system32\z854th5ef1999.cpl
c:\windows\system32\z862sp5mbot2f9.ocx
c:\windows\system32\z917worm235.cpl
c:\windows\system32\z996vi5us413.ocx
c:\windows\system32\zb0adownload5r99.cpl
c:\windows\z069559oj2b6.cpl
c:\windows\z1411not-a5v9rus636.ocx
c:\windows\z5561troj199.cpl
c:\windows\z5899spy25a9.ocx
c:\windows\z7480virus59.ocx
c:\windows\z982not-a-v9rus5cd.cpl
c:\windows\z987backdo5r322.cpl
c:\windows\z9f9hreat109555.cpl
c:\windows\zc8t59ef885.cpl
.
.
(((((((((((((((((((((((((((((((((((((((  Treiber/Dienste  )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
-------\Service_NPF
.
.
(((((((((((((((((((((((  Dateien erstellt von 2011-04-02 bis 2011-05-02  ))))))))))))))))))))))))))))))
.
.
2011-05-02 19:19 . 2011-05-02 19:19        --------        d-----w-        c:\program files\CCleaner
2011-04-30 16:29 . 2011-04-30 16:29        --------        d-----w-        c:\program files\7-Zip
2011-04-30 15:52 . 2011-04-30 15:53        --------        d-----w-        c:\users\xxx\AppData\Roaming\GetRightToGo
2011-04-30 15:49 . 2011-04-11 07:04        7071056        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{0A62105D-74EA-44AC-884E-9FEFD09EB21A}\mpengine.dll
2011-04-27 14:56 . 2011-04-27 14:56        --------        d-----w-        C:\_OTL
2011-04-27 14:36 . 2011-04-27 14:36        1186056        ----a-w-        c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2011-04-26 13:31 . 2011-04-26 13:31        --------        d--h--w-        c:\program files\BabylonToolbar
2011-04-18 17:49 . 2011-04-24 14:16        --------        d--h--w-        c:\users\xxx\AppData\Local\FullTiltPoker.NET
2011-04-18 17:47 . 2011-05-02 17:55        --------        d--h--w-        c:\program files\Full Tilt Poker.Net
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-02 16:11 . 2009-10-02 15:59        222080        ------w-        c:\windows\system32\MpSigStub.exe
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-10 1232896]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2006-11-02 125440]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 201728]
"swg"="c:\program files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2007-06-13 171448]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2006-11-09 3784704]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-12-09 815104]
"avgnt"="c:\program files\AntiVir PersonalEdition Classic\avgnt.exe" [2008-07-17 266497]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-04-25 185896]
"BabylonToolbar"="c:\program files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe" [2010-11-07 286720]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"NoHotStart"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
.
R3 hcw95bda;Hauppauge MOD7700 Tuner Driver;c:\windows\system32\Drivers\hcw95bda.sys [2008-04-17 560640]
R3 hcw95rc;Hauppauge MOD7700 IR Driver;c:\windows\system32\DRIVERS\hcw95rc.sys [2008-04-17 15616]
R3 NETw2v32;Intel(R) PRO/Wireless 2915ABG Network Connection Driver for Windows Vista;c:\windows\system32\DRIVERS\NETw2v32.sys [2006-11-02 2589184]
S2 accsvc;AccSys WiFi Component;c:\program files\Common Files\AccSys\accsvc.exe [2006-01-11 147456]
S2 KMDFMEMIO;SAMSUNG Kernel Driver;c:\windows\system32\DRIVERS\kmdfmemio.sys [2007-02-28 13312]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs        REG_MULTI_SZ          BthServ
.
Inhalt des "geplante Tasks" Ordners
.
2011-05-02 c:\windows\Tasks\User_Feed_Synchronization-{4C4FF26D-227A-4538-94B4-4F1F9660B9F7}.job
- c:\windows\system32\msfeedssync.exe [2006-11-02 09:45]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.tonline.de/
IE: Nach Microsoft &Excel exportieren - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM_ActiveSetup-ccc-core-static - msiexec
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2011-05-02 21:50
Windows 6.0.6000  NTFS
.
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-2496915154-763937879-3278519054-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:71,a0,28,6e,a1,c7,77,8d,e7,5c,58,6b,43,73,23,94,c8,4b,6c,07,0d,dd,00,
  c2,bd,47,17,d4,c9,fd,cc,00,4b,86,81,6d,f5,24,90,ad,14,4a,d7,3c,ae,06,ed,62,\
"??"=hex:57,3c,c3,fe,8f,04,5b,a1,99,46,b3,82,80,32,48,f3
.
[HKEY_USERS\S-1-5-21-2496915154-763937879-3278519054-1003\Software\SecuROM\License information*]
"datasecu"=hex:44,a3,52,61,c8,32,b2,c1,5f,d5,97,2f,e9,b3,34,1a,42,76,eb,ef,67,
  49,17,aa,9d,65,e4,0a,b2,91,e1,68,28,ef,0b,97,99,3e,48,3e,ed,31,1b,f5,b7,0c,\
"rkeysecu"=hex:5e,18,22,8d,23,8f,b3,41,19,b5,65,fc,b6,be,ef,ac
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'Explorer.exe'(3888)
c:\windows\system32\btncopy.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\System32\LEXBCES.EXE
c:\windows\System32\LEXPPS.EXE
c:\program files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe
c:\windows\RtHDVCpl.exe
c:\windows\ehome\ehmsas.exe
c:\windows\system32\agrsmsvc.exe
c:\program files\AntiVir PersonalEdition Classic\sched.exe
c:\program files\AntiVir PersonalEdition Classic\avguard.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\program files\Samsung\Easy Display Manager\dmhkcore.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\conime.exe
c:\program files\Samsung\Samsung Update Plus\SLUTrayNotifier.exe
c:\windows\system32\conime.exe
c:\windows\system32\RacAgent.exe
c:\windows\system32\lpremove.exe
c:\windows\system32\lpksetup.exe
c:\windows\servicing\TrustedInstaller.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2011-05-02  22:01:03 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2011-05-02 20:00
.
Vor Suchlauf: 2 Verzeichnis(se), 10.311.761.920 Bytes frei
Nach Suchlauf: 9.973.088.256 Bytes frei
.
- - End Of File - - 141B3BDE4C02AF1BEBB3EED1AA737F61
--- --- ---

cosinus 02.05.2011 21:20
Ok. Bitte nun Logs mit GMER und OSAM erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen.
Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst.


Downloade Dir danach bitte MBRCheck (by a_d_13) und speichere die Datei auf dem Desktop.
  • Doppelklick auf die MBRCheck.exe.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Das Tool braucht nur wenige Sekunden.
  • Danach solltest du eine MBRCheck_<Datum>_<Uhrzeit>.txt auf dem Desktop finden.
Poste mir bitte den Inhalt des .txt Dokumentes

Kahe 02.05.2011 21:49
Hallo Cosinus,

also,GMER stürzt wie du gesagt hast ab.Wenn ich OSAM heruntergeladen habe kann ich es nicht öffnen.Es erscheint die Meldung, diese datei kann nicht geöffnet werden.

Was kann ich tun?

cosinus 02.05.2011 21:59
Zum Entpacken WinRAR oder 7zip nehmen!

Kahe 02.05.2011 22:26
Brauchst du auch das Log von OSAM?

Kahe 02.05.2011 22:31
Und hier das Log von MBR Check



MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows Vista Home Premium Edition
Windows Information: (build 6000), 32-bit
Base Board Manufacturer: SAMSUNG ELECTRONICS CO., LTD.
BIOS Manufacturer: Phoenix Technologies LTD
System Manufacturer: SAMSUNG ELECTRONICS CO., LTD.
System Product Name: R40P/R41P
Logical Drives Mask: 0x0000003c

Kernel Drivers (total 143):
0x81C00000 \SystemRoot\system32\ntoskrnl.exe
0x81F95000 \SystemRoot\system32\hal.dll
0x806C6000 \SystemRoot\system32\kdcom.dll
0x80666000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x8065D000 \SystemRoot\system32\PSHED.dll
0x80655000 \SystemRoot\system32\BOOTVID.dll
0x8061A000 \SystemRoot\system32\CLFS.SYS
0x80539000 \SystemRoot\system32\CI.dll
0x804BE000 \SystemRoot\system32\drivers\Wdf01000.sys
0x804B1000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x8046E000 \SystemRoot\system32\drivers\acpi.sys
0x80465000 \SystemRoot\system32\drivers\WMILIB.SYS
0x8045D000 \SystemRoot\system32\drivers\msisadrv.sys
0x80438000 \SystemRoot\system32\drivers\pci.sys
0x80429000 \SystemRoot\system32\drivers\volmgr.sys
0x80426000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x8041C000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x8040C000 \SystemRoot\System32\drivers\mountmgr.sys
0x80405000 \SystemRoot\system32\drivers\pciide.sys
0x847F2000 \SystemRoot\system32\drivers\PCIIDEX.SYS
0x847C8000 \SystemRoot\system32\DRIVERS\pcmcia.sys
0x8477E000 \SystemRoot\System32\drivers\volmgrx.sys
0x84776000 \SystemRoot\system32\drivers\atapi.sys
0x84758000 \SystemRoot\system32\drivers\ataport.SYS
0x84727000 \SystemRoot\system32\drivers\fltmgr.sys
0x84717000 \SystemRoot\system32\drivers\fileinfo.sys
0x84613000 \SystemRoot\system32\drivers\ndis.sys
0x845E8000 \SystemRoot\system32\drivers\msrpc.sys
0x845AF000 \SystemRoot\system32\drivers\NETIO.SYS
0x844A7000 \SystemRoot\System32\Drivers\Ntfs.sys
0x8443D000 \SystemRoot\System32\Drivers\ksecdd.sys
0x84407000 \SystemRoot\system32\drivers\volsnap.sys
0x84BF8000 \SystemRoot\System32\Drivers\spldr.sys
0x84BE9000 \SystemRoot\System32\drivers\partmgr.sys
0x84BDA000 \SystemRoot\System32\Drivers\mup.sys
0x84BB5000 \SystemRoot\System32\drivers\ecache.sys
0x84BA4000 \SystemRoot\system32\drivers\disk.sys
0x84B83000 \SystemRoot\system32\drivers\CLASSPNP.SYS
0x84B7A000 \SystemRoot\system32\drivers\crcdisk.sys
0x85F1F000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x85DD5000 \SystemRoot\system32\DRIVERS\tunmp.sys
0x85CEF000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x85E27000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x88C78000 \SystemRoot\system32\DRIVERS\atikmdag.sys
0x85C52000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x85C45000 \SystemRoot\System32\drivers\watchdog.sys
0x85C3B000 \SystemRoot\system32\DRIVERS\usbohci.sys
0x88C3B000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x85C2D000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x85C15000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x85D52000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0x85C03000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x88B68000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x85F2A000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x88B3D000 \SystemRoot\system32\DRIVERS\SynTP.sys
0x84837000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x85F35000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x85E63000 \SystemRoot\system32\DRIVERS\Rtnicxp.sys
0x88A2C000 \SystemRoot\system32\DRIVERS\athr.sys
0x88A14000 \SystemRoot\system32\DRIVERS\sdbus.sys
0x85E7D000 \SystemRoot\system32\DRIVERS\rimmptsk.sys
0x88A00000 \SystemRoot\system32\DRIVERS\rimsptsk.sys
0x889AF000 \SystemRoot\system32\DRIVERS\rixdptsk.sys
0x88984000 \SystemRoot\system32\DRIVERS\msiscsi.sys
0x88944000 \SystemRoot\system32\DRIVERS\storport.sys
0x85F40000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x8892D000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x85F4B000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x8890A000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x888FB000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x888E8000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x888CC000 \SystemRoot\system32\DRIVERS\termdd.sys
0x8483B000 \SystemRoot\system32\DRIVERS\swenum.sys
0x888A2000 \SystemRoot\system32\DRIVERS\ks.sys
0x88898000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x888DB000 \SystemRoot\system32\DRIVERS\umbus.sys
0x88864000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x84932000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x89A74000 \SystemRoot\system32\DRIVERS\AGRSM.sys
0x88BF5000 \SystemRoot\system32\drivers\modem.sys
0x898E3000 \SystemRoot\system32\drivers\RTKVHDA.sys
0x898B6000 \SystemRoot\system32\drivers\portcls.sys
0x89891000 \SystemRoot\system32\drivers\drmk.sys
0x88AB6000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0x85D9E000 \SystemRoot\System32\Drivers\Null.SYS
0x85DA5000 \SystemRoot\System32\Drivers\Beep.SYS
0x85DAC000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x89885000 \SystemRoot\System32\drivers\vga.sys
0x89864000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x85EB4000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x85EBC000 \SystemRoot\system32\drivers\rdpencdd.sys
0x85F61000 \SystemRoot\System32\Drivers\Msfs.SYS
0x89836000 \SystemRoot\System32\Drivers\Npfs.SYS
0x88AC8000 \SystemRoot\System32\DRIVERS\rasacd.sys
0x89F2B000 \SystemRoot\System32\drivers\tcpip.sys
0x8981D000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x89808000 \SystemRoot\system32\DRIVERS\tdx.sys
0x89ED7000 \SystemRoot\system32\DRIVERS\smb.sys
0x89E90000 \SystemRoot\system32\drivers\afd.sys
0x89E5E000 \SystemRoot\System32\DRIVERS\netbt.sys
0x89E48000 \SystemRoot\system32\DRIVERS\pacer.sys
0x89E3A000 \SystemRoot\system32\DRIVERS\netbios.sys
0x89E27000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x88BCF000 \SystemRoot\system32\DRIVERS\ssmdrv.sys
0x89DEC000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x89DE2000 \SystemRoot\system32\drivers\nsiproxy.sys
0x89DCB000 \SystemRoot\System32\Drivers\dfsc.sys
0x89DAB000 \SystemRoot\system32\DRIVERS\avipbb.sys
0x84839000 \??\C:\Program Files\AntiVir PersonalEdition Classic\avgio.sys
0x85DC8000 \SystemRoot\System32\Drivers\crashdmp.sys
0x85F6C000 \SystemRoot\System32\Drivers\dump_dumpata.sys
0x85ECC000 \SystemRoot\System32\Drivers\dump_atapi.sys
0x91600000 \SystemRoot\System32\win32k.sys
0x89C64000 \SystemRoot\System32\drivers\Dxapi.sys
0x91E1C000 \SystemRoot\system32\DRIVERS\monitor.sys
0x91400000 \SystemRoot\System32\TSDDD.dll
0x91410000 \SystemRoot\System32\cdd.dll
0x921F4000 \SystemRoot\system32\drivers\luafv.sys
0x85EE4000 \SystemRoot\system32\DRIVERS\kmdfmemio.sys
0x92040000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x94B15000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x9237E000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x9223C000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x9488E000 \SystemRoot\system32\drivers\HTTP.sys
0x94ABA000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x94A61000 \SystemRoot\system32\DRIVERS\bowser.sys
0x92404000 \SystemRoot\System32\drivers\mpsdrv.sys
0x94A01000 \SystemRoot\system32\drivers\mrxdav.sys
0x949E3000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x957C7000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x9483C000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x957A3000 \SystemRoot\System32\DRIVERS\srv2.sys
0x95752000 \SystemRoot\System32\DRIVERS\srv.sys
0x95423000 \SystemRoot\system32\drivers\spsys.sys
0x9A522000 \SystemRoot\system32\drivers\peauth.sys
0x923C4000 \SystemRoot\System32\Drivers\secdrv.SYS
0x85FAE000 \SystemRoot\System32\drivers\tcpipreg.sys
0x95500000 \??\C:\Program Files\AntiVir PersonalEdition Classic\avgntflt.sys
0x92503000 \SystemRoot\system32\DRIVERS\cdfs.sys
0x9558E000 \??\C:\cofi\catchme.sys
0x9230E000 \??\C:\Windows\system32\Drivers\PROCEXP113.SYS
0x92782000 \??\C:\Users\Jan\AppData\Local\Temp\uwrdypow.sys
0x77C40000 \Windows\System32\ntdll.dll

Processes (total 62):
0 System Idle Process
4 System
436 C:\Windows\System32\smss.exe
500 csrss.exe
548 C:\Windows\System32\wininit.exe
556 csrss.exe
604 C:\Windows\System32\winlogon.exe
632 C:\Windows\System32\services.exe
648 C:\Windows\System32\lsass.exe
656 C:\Windows\System32\lsm.exe
804 C:\Windows\System32\svchost.exe
852 C:\Windows\System32\svchost.exe
892 C:\Windows\System32\svchost.exe
956 C:\Windows\System32\Ati2evxx.exe
1020 C:\Windows\System32\svchost.exe
1084 C:\Windows\System32\svchost.exe
1100 C:\Windows\System32\svchost.exe
1172 C:\Windows\System32\audiodg.exe
1200 C:\Windows\System32\SLsvc.exe
1232 C:\Windows\System32\svchost.exe
1344 C:\Windows\System32\svchost.exe
1468 C:\Windows\System32\Ati2evxx.exe
1624 C:\Windows\System32\LEXBCES.EXE
1668 C:\Windows\System32\spoolsv.exe
1676 C:\Windows\System32\LEXPPS.EXE
1724 C:\Windows\System32\svchost.exe
2044 C:\Windows\System32\taskeng.exe
304 C:\Windows\System32\dwm.exe
616 C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe
1252 C:\Windows\RtHDVCpl.exe
1316 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
1340 C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
768 C:\Program Files\Common Files\Real\Update_OB\realsched.exe
1964 C:\Program Files\Windows Sidebar\sidebar.exe
1732 C:\Windows\ehome\ehtray.exe
2000 C:\Program Files\Windows Media Player\wmpnscfg.exe
3088 C:\Windows\ehome\ehmsas.exe
3620 C:\Program Files\Common Files\AccSys\accsvc.exe
3640 C:\Windows\System32\agrsmsvc.exe
3660 C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
3688 C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
3704 C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
3716 C:\Windows\System32\svchost.exe
3736 C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
3808 C:\Windows\System32\svchost.exe
3860 C:\Program Files\CyberLink\Shared Files\RichVideo.exe
788 C:\Windows\System32\svchost.exe
1008 C:\Windows\System32\svchost.exe
1820 C:\Windows\System32\SearchIndexer.exe
3392 C:\Windows\System32\taskeng.exe
1148 C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
1256 C:\Program Files\Windows Media Player\wmpnetwk.exe
3560 C:\Windows\System32\conime.exe
2160 C:\Program Files\Samsung\Samsung Update Plus\SLUTrayNotifier.exe
2132 C:\Windows\System32\conime.exe
3888 C:\Windows\explorer.exe
2176 C:\Windows\System32\wuauclt.exe
3536 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
2400 C:\Program Files\Internet Explorer\iexplore.exe
3272 C:\Windows\System32\SearchProtocolHost.exe
2436 C:\Windows\System32\SearchFilterHost.exe
2004 C:\Users\Jan\Desktop\MBRCheck.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000002`80100000 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x0000000f`32900000 (NTFS)
\\.\F: --> \\.\PhysicalDrive0 at offset 0x0000000b`e3e00000 (NTFS)

PhysicalDrive0 Model Number: SAMSUNGHM120JI, Rev: YF100-13

Size Device Name MBR Status
--------------------------------------------
111 GB \\.\PhysicalDrive0 Unknown MBR code
SHA1: A2D287FA4F944275462643BCFFB6129A056114F3


Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:

Done!

cosinus 02.05.2011 22:48
Was heißt denn auch?? Wenn ich das nicht bräuchte hätte dich wohl kaum gebeten ein Log von OSAM zu erstellen!

Kahe 02.05.2011 22:49
sorry,hier ist es


OSAM Logfile:
Code:
Report of OSAM: Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 23:23:47 on 02.05.2011

OS: Windows Vista Home Premium Edition (Build 6000), 32-bit
Default Browser: Microsoft Corporation Internet Explorer 7.00.6000.16386

Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures

Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries


[Control Panel Objects]
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )-----
"Avira AntiVir PersonalEdition Classic" - "Avira GmbH" - C:\PROGRA~1\ANTIVI~1\avconfig.cpl
"QuickTime" - "Apple Inc." - C:\Program Files\QuickTime\QTSystem\QuickTime.cpl

[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"avgio" (avgio) - "Avira GmbH" - C:\Program Files\AntiVir PersonalEdition Classic\avgio.sys
"avgntflt" (avgntflt) - "Avira GmbH" - C:\Program Files\AntiVir PersonalEdition Classic\avgntflt.sys
"avipbb" (avipbb) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avipbb.sys
"catchme" (catchme) - ? - C:\cofi\catchme.sys  (File not found)
"IP in IP Tunnel Driver" (IpInIp) - ? - C:\Windows\System32\DRIVERS\ipinip.sys  (File not found)
"IPX Traffic Filter Driver" (NwlnkFlt) - ? - C:\Windows\System32\DRIVERS\nwlnkflt.sys  (File not found)
"IPX Traffic Forwarder Driver" (NwlnkFwd) - ? - C:\Windows\System32\DRIVERS\nwlnkfwd.sys  (File not found)
"mbr" (mbr) - ? - C:\Users\Jan\AppData\Local\Temp\mbr.sys  (Hidden registry entry, rootkit activity | File not found)
"ssmdrv" (ssmdrv) - "AVIRA GmbH" - C:\Windows\System32\DRIVERS\ssmdrv.sys
"uwrdypow" (uwrdypow) - ? - C:\Users\Jan\AppData\Local\Temp\uwrdypow.sys  (Hidden registry entry, rootkit activity | File not found)

[Explorer]
-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----
{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll
-----( HKLM\Software\Classes\Protocols\Filter )-----
{807553E5-5146-11D5-A672-00B0D022E945} "text/xml" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL
-----( HKLM\Software\Classes\Protocols\Handler )-----
{32505114-5902-49B2-880A-1F7738E5A384} "Data Page Plugable Protocal mso-offdap11 Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL
{3D9F03FA-7A94-11D3-BE81-0050048385D1} "Data Page Pluggable Protocol mso-offdap Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks )-----
{AEB6717E-7E19-11d0-97EE-00C04FD91972} "{AEB6717E-7E19-11d0-97EE-00C04FD91972}" - ? -  (File not found | COM-object registry key not found)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{911051fa-c21c-4246-b470-070cd8df6dc4} ".cab or .zip files" - ? -  (File not found | COM-object registry key not found)
{23170F69-40C1-278A-1000-000100020000} "7-Zip Shell Extension" - "Igor Pavlov" - C:\Program Files\7-Zip\7-zip.dll
{1b24a030-9b20-49bc-97ac-1be4426f9e59} "ActiveDirectory Folder" - ? -  (File not found | COM-object registry key not found)
{34449847-FD14-4fc8-A75A-7432F5181EFB} "ActiveDirectory Folder" - ? -  (File not found | COM-object registry key not found)
{0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48} "Contacts folder" - ? -  (File not found | COM-object registry key not found)
{2C2577C2-63A7-40e3-9B7F-586602617ECB} "Explorer Query Band" - ? -  (File not found | COM-object registry key not found)
{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} "iTunes" - "Apple Inc." - C:\Program Files\iTunes\iTunesMiniPlayer.dll
{42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\OFFICE11\msohev.dll
{00020D75-0000-0000-C000-000000000046} "Microsoft Office Outlook" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\OFFICE11\MLSHEXT.DLL
{7842554E-6BED-11D2-8CDB-B05550C10000} "Monitor Class" - "Broadcom Corporation." - C:\Windows\system32\btncopy.dll
{0006F045-0000-0000-C000-000000000046} "Outlook-Dateisymbolerweiterung" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\OFFICE11\OLKFSTUB.DLL
{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} "RealOne Player Context Menu Class" - "RealNetworks, Inc." - C:\Program Files\Real\RealPlayer\rpshell.dll
{C8494E42-ACDD-4739-B0FB-217361E4894F} "Sam Account Folder" - ? -  (File not found | COM-object registry key not found)
{E29F9716-5C08-4FCD-955A-119FDB5A522D} "Sam Account Folder" - ? -  (File not found | COM-object registry key not found)
{45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira GmbH" - C:\Program Files\AntiVir PersonalEdition Classic\shlext.dll
{5E2121EE-0300-11D4-8D3B-444553540000} "SimpleShlExt Class" - ? - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll
{BDEADF00-C265-11D0-BCED-00A0C90AB50F} "Webordner" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL
{da67b8ad-e81b-4c70-9b91b417b5e33527} "Windows Search Shell Service" - ? -  (File not found | COM-object registry key not found)

[Internet Explorer]
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
<binary data> "Google Toolbar" - "Google Inc." - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
<binary data> "ITBar7Layout" - ? -  (File not found | COM-object registry key not found)
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_15" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} "Java Plug-in 1.6.0_15" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_15" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\npjpi160_15.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} "QuickTime Object" - "Apple Inc." - C:\Program Files\QuickTime\QTPlugin.ocx / hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
{8FFBE65D-2C9C-4669-84BD-5829DC0B603C} "{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}" - ? -  (File not found | COM-object registry key not found) / hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
"@btrez.dll,-4015" - ? - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
"PartyPoker.com" - ? - C:\Programs\PartyGaming\PartyPoker\RunApp.exe  (File not found)
{FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Recherchieren" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )-----
{98889811-442D-49dd-99D7-DC866BE87DBC} "Babylon Toolbar" - "Babylon Ltd." - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll
<binary data> "Google Toolbar" - "Google Inc." - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} "Adobe PDF Reader Link Helper" - "Adobe Systems Incorporated" - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
{2EECD738-5844-4a99-B4B6-146BF802613B} "CescrtHlpr Object" - "Babylon BHO" - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll
{C84D72FE-E17D-4195-BB24-76C02E2E7C4E} "Google Dictionary Compression sdch" - "Google Inc." - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
{AA58ED58-01DD-4d91-8333-CF10577473F7} "Google Toolbar Helper" - "Google Inc." - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} "Google Toolbar Notifier BHO" - "Google Inc." - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2ssv.dll
{3049C3E9-B461-4BC5-8870-4C09146192CA} "RealPlayer Download and Record Plugin for Internet Explorer" - "RealPlayer" - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll

[Logon]
-----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )-----
"swg" - "Google Inc." - "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
-----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )-----
"StartupPrograms" - ? - rdpclip  (File not found)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"avgnt" - "Avira GmbH" - "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
"BabylonToolbar" - "Babylon Ltd." - "C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe" /md I
"TkBellExe" - "RealNetworks, Inc." - "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot

[Print Monitors]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )-----
"Lexmark Network Port" - "Lexmark International, Inc." - C:\Windows\system32\LEXLMPM.DLL
"Microsoft Document Imaging Writer Monitor" - "Microsoft Corporation" - C:\Windows\system32\mdimon.dll
"PDFCreator" - ? - C:\Windows\system32\pdfcmnnt.dll  (File found, but it contains no detailed information)

[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"AccSys WiFi Component" (accsvc) - "AccSys GmbH" - C:\Program Files\Common Files\AccSys\accsvc.exe
"AntiVir PersonalEdition Classic Guard" (AntiVirService) - "Avira GmbH" - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
"AntiVir PersonalEdition Classic Planer" (AntiVirScheduler) - "Avira GmbH" - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
"Apple Mobile Device" (Apple Mobile Device) - "Apple Inc." - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
"Bluetooth Service" (btwdins) - "Broadcom Corporation." - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
"Cyberlink RichVideo Service(CRVS)" (RichVideo) - ? - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
"Google Software Updater" (gusvc) - "Google" - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
"iPod-Dienst" (iPod Service) - "Apple Inc." - C:\Program Files\iPod\bin\iPodService.exe
"LexBce Server" (LexBceS) - "Lexmark International, Inc." - C:\Windows\System32\LEXBCES.EXE
"Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
"Samsung Update Plus" (Samsung Update Plus) - ? - C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe  (File found, but it contains no detailed information)
"SQL Server VSS Writer" (SQLWriter) - ? - C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

===[ Logfile end ]=========================================[ Logfile end ]===
--- --- ---

If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru

cosinus 02.05.2011 22:58
Wir sollten den MBR manuell fixen. Sichere für den Fall der Fälle alle wichtigen Daten.

Hast Du noch andere Betriebssysteme außer Vista installiert?
Wenn nicht: Schau mal hier => Vista Notfall/Recovery-CD 32-Bit - Dr. Windows

Lad das iso runter, brenn es zB mit ImgBurn per Imagebrennfunktion auf eine CD und starte damit den Rechner (von dieser CD booten).

Falls Du eine normale Vista-Installations-DVD hast, brauchst Du das o.g. Image nicht sondern kannst einfach von der Vista-DVD booten.

Klick auf Computerreparaturoptionen, weiter, Eingabeaufforderung - die Konsole öffnet sich. Da bitte bootrec.exe /fixboot eintippen (mit enter bestätigen), dann bootrec.exe /fixmbr eintippen (mit enter bestätigen) - Rechner neustarten, CD vorher rausnehmen. Erstell danach wieder neue Logs mit MBRCheck und wenn es geht GMER.

Kahe 02.05.2011 23:25
Habe keine weiteren Betriebssysteme auf dem Rechner.All meine wichtigen Daten habe ich schon vor langer Zeit auf einem Stick kopiert.Soll ich die Cd trotzdem brennen? Habe aber eine Cd mit Windows 7 drauf.

cosinus 03.05.2011 08:31
Ja bitte den MBR-Fix durchführen. Mach es bitte mit der Recovery-CD, die ich verlinkt habe, denn du hast Vista und kein Win7.

Kahe 03.05.2011 16:50
Hi,

habe das Brenn Programm runtergeladen und auch vista recover.iso.Die CD lässt sich nicht brennen.Habe es 2mal probiert.Wird immer eine Warnung in Englisch angezeigt und dann gehts nicht weiter.

cosinus 04.05.2011 09:04
Was soll das werden? Wieso postest du nicht den genauen Wortlaut der Fehlermeldung?
Geh beim Brennen des Images so vor, wie Markus (mmk) zB hier geschrieben hat => http://www.trojaner-board.de/82533-d...ml#post8806518

Kahe 05.05.2011 17:07
Also bin wie folgt vorgegangen:

Habe das Iso runtergeladen, dann IMgBurn auch runtergeladen.Habe dann mit der rechten Maustatste das Iso angeklickt und auf Burn using IMGBurn geklickt.Die CD hatte ich schon eingelegt.Als die CD anfing beschrieben zu werden,wurde mir nach 1 min folgende Meldung angezeigt:

I/O Error
Device (2:0:0) TSST corp CD/DVDW TS-L632D SCO3 (E) (ATA)
ScsiStatus:0x02
Interpretation:Check Condition

CDB: 2A 00 00 00 D5 60 00 00 20 00
Interpretation: Write (10) - Sectors: 54624 - 54655

Sense Area : 70 00 05 00 00 00 00 0A 00 00 00 00 21 02 00 00 00 00
Interpretation: Invalid Address For Write.


Wiederholen Abbrechen


Ich habe auf Wiederholen gedrückt, es passierte nichts ausser das mir die Nachricht noch mal angezeigt wurde.
Also habe ich auf Abbrechen gedrückt.

Dann wurde mir folgende Nachricht angezeigt:


Would you still like me to try and perform the `Close Track/Session/Disc`functions, even though the write operations appears to have failed?

Yes No

Ich habe auf Yes gedrückt.



Die CD wurde noch kurz weiter beschrieben bis dann folgende Melodung angezeigt wurde

Finalise Disc Failed!
Device : (2:0:0) TSST corp CD/DVDW TS - L632D SC03 (E) (ATA)
Reason: Session Fixation Error Writing Lead Out


es passierte nichts mehr und ich habe das Fenster des Brennprogramms geschlossen.Das ganze hab ich 3mal versucht es passierte immer das gleiche.

cosinus 05.05.2011 19:21
Was ist das für ein Rohling den du da eingelegt hast?

Kahe 07.05.2011 18:23
Hallo Cosinus,

auf dem Rohling steht DVD+R 120min 4,7GB RIDATA 8x

cosinus 07.05.2011 19:20
Du solltest einen CD-Rohling nehmen. Das ist ein CD- und kein DVD-Image!

Kahe 07.05.2011 19:33
Alles klar,mach ich und versuchs dann noch mal.

Kahe 09.05.2011 18:10
Hallo Cosinus,

habe mir neue Rohlinge gekauft.Hat auch funktioniert das Iso wurde erfolgreuch gebrannt.Habe dann den Computer von der CD aus gestartet.Habe bootrec.exe/fixboot eingegeben und auch bootrec.exe/fixmbr.Beides wurde mit erfolgreich abgeschlossen bestätigt.Habe dann den Computer neu gestartet und einen MBR laufen lassen.Hier das Log:


MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows Vista Home Premium Edition
Windows Information: (build 6000), 32-bit
Base Board Manufacturer: SAMSUNG ELECTRONICS CO., LTD.
BIOS Manufacturer: Phoenix Technologies LTD
System Manufacturer: SAMSUNG ELECTRONICS CO., LTD.
System Product Name: R40P/R41P
Logical Drives Mask: 0x0000003c

Kernel Drivers (total 137):
0x81C00000 \SystemRoot\system32\ntoskrnl.exe
0x81F95000 \SystemRoot\system32\hal.dll
0x806C6000 \SystemRoot\system32\kdcom.dll
0x80666000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x8065D000 \SystemRoot\system32\PSHED.dll
0x80655000 \SystemRoot\system32\BOOTVID.dll
0x8061A000 \SystemRoot\system32\CLFS.SYS
0x80539000 \SystemRoot\system32\CI.dll
0x804BE000 \SystemRoot\system32\drivers\Wdf01000.sys
0x804B1000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x8046E000 \SystemRoot\system32\drivers\acpi.sys
0x80465000 \SystemRoot\system32\drivers\WMILIB.SYS
0x8045D000 \SystemRoot\system32\drivers\msisadrv.sys
0x80438000 \SystemRoot\system32\drivers\pci.sys
0x80429000 \SystemRoot\system32\drivers\volmgr.sys
0x80426000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x8041C000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x8040C000 \SystemRoot\System32\drivers\mountmgr.sys
0x80405000 \SystemRoot\system32\drivers\pciide.sys
0x847F2000 \SystemRoot\system32\drivers\PCIIDEX.SYS
0x847C8000 \SystemRoot\system32\DRIVERS\pcmcia.sys
0x8477E000 \SystemRoot\System32\drivers\volmgrx.sys
0x84776000 \SystemRoot\system32\drivers\atapi.sys
0x84758000 \SystemRoot\system32\drivers\ataport.SYS
0x84727000 \SystemRoot\system32\drivers\fltmgr.sys
0x84717000 \SystemRoot\system32\drivers\fileinfo.sys
0x84613000 \SystemRoot\system32\drivers\ndis.sys
0x845E8000 \SystemRoot\system32\drivers\msrpc.sys
0x845AF000 \SystemRoot\system32\drivers\NETIO.SYS
0x844A7000 \SystemRoot\System32\Drivers\Ntfs.sys
0x8443D000 \SystemRoot\System32\Drivers\ksecdd.sys
0x84407000 \SystemRoot\system32\drivers\volsnap.sys
0x84BF8000 \SystemRoot\System32\Drivers\spldr.sys
0x84BE9000 \SystemRoot\System32\drivers\partmgr.sys
0x84BDA000 \SystemRoot\System32\Drivers\mup.sys
0x84BB5000 \SystemRoot\System32\drivers\ecache.sys
0x84BA4000 \SystemRoot\system32\drivers\disk.sys
0x84B83000 \SystemRoot\system32\drivers\CLASSPNP.SYS
0x84B7A000 \SystemRoot\system32\drivers\crcdisk.sys
0x85D24000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x85DF2000 \SystemRoot\system32\DRIVERS\tunmp.sys
0x85C76000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x85E3B000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x88478000 \SystemRoot\system32\DRIVERS\atikmdag.sys
0x85F63000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x85C69000 \SystemRoot\System32\drivers\watchdog.sys
0x85C5F000 \SystemRoot\system32\DRIVERS\usbohci.sys
0x85C22000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x85C14000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x85F4B000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x85D34000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0x85C02000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x88405000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x85EF0000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x883DA000 \SystemRoot\system32\DRIVERS\SynTP.sys
0x85E0B000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x883CF000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x883BE000 \SystemRoot\system32\DRIVERS\Rtnicxp.sys
0x8833D000 \SystemRoot\system32\DRIVERS\athr.sys
0x88325000 \SystemRoot\system32\DRIVERS\sdbus.sys
0x88316000 \SystemRoot\system32\DRIVERS\rimmptsk.sys
0x88302000 \SystemRoot\system32\DRIVERS\rimsptsk.sys
0x882B1000 \SystemRoot\system32\DRIVERS\rixdptsk.sys
0x88286000 \SystemRoot\system32\DRIVERS\msiscsi.sys
0x88246000 \SystemRoot\system32\DRIVERS\storport.sys
0x8823B000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x88224000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x88219000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x881F6000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x881E7000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x881D4000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x881B8000 \SystemRoot\system32\DRIVERS\termdd.sys
0x85E15000 \SystemRoot\system32\DRIVERS\swenum.sys
0x8818E000 \SystemRoot\system32\DRIVERS\ks.sys
0x88184000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x881C7000 \SystemRoot\system32\DRIVERS\umbus.sys
0x88150000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x848C2000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x8926F000 \SystemRoot\system32\drivers\RTKVHDA.sys
0x8800A000 \SystemRoot\system32\drivers\portcls.sys
0x8924A000 \SystemRoot\system32\drivers\drmk.sys
0x85CA6000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0x85D98000 \SystemRoot\System32\Drivers\Null.SYS
0x85D9F000 \SystemRoot\System32\Drivers\Beep.SYS
0x85DA6000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x8923E000 \SystemRoot\System32\drivers\vga.sys
0x8921D000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x85E97000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x85E9F000 \SystemRoot\system32\drivers\rdpencdd.sys
0x891F2000 \SystemRoot\System32\Drivers\Msfs.SYS
0x891E4000 \SystemRoot\System32\Drivers\Npfs.SYS
0x85CC1000 \SystemRoot\System32\DRIVERS\rasacd.sys
0x8910F000 \SystemRoot\System32\drivers\tcpip.sys
0x890F6000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x890E1000 \SystemRoot\system32\DRIVERS\tdx.sys
0x890CD000 \SystemRoot\system32\DRIVERS\smb.sys
0x89086000 \SystemRoot\system32\drivers\afd.sys
0x89054000 \SystemRoot\System32\DRIVERS\netbt.sys
0x8903E000 \SystemRoot\system32\DRIVERS\pacer.sys
0x89030000 \SystemRoot\system32\DRIVERS\netbios.sys
0x8901D000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x88454000 \SystemRoot\system32\DRIVERS\ssmdrv.sys
0x89BC5000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x88000000 \SystemRoot\system32\drivers\nsiproxy.sys
0x89006000 \SystemRoot\System32\Drivers\dfsc.sys
0x89B65000 \SystemRoot\system32\DRIVERS\avipbb.sys
0x84976000 \??\C:\Program Files\AntiVir PersonalEdition Classic\avgio.sys
0x85DE5000 \SystemRoot\System32\Drivers\crashdmp.sys
0x85D6A000 \SystemRoot\System32\Drivers\dump_dumpata.sys
0x85EA7000 \SystemRoot\System32\Drivers\dump_atapi.sys
0x91A00000 \SystemRoot\System32\win32k.sys
0x8999B000 \SystemRoot\System32\drivers\Dxapi.sys
0x90A2A000 \SystemRoot\system32\DRIVERS\monitor.sys
0x91800000 \SystemRoot\System32\TSDDD.dll
0x91810000 \SystemRoot\System32\cdd.dll
0x9217C000 \SystemRoot\system32\drivers\luafv.sys
0x85EBF000 \SystemRoot\system32\DRIVERS\kmdfmemio.sys
0x92020000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x9239B000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x908A0000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x92405000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x94E6A000 \SystemRoot\system32\drivers\HTTP.sys
0x94DCF000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x94D76000 \SystemRoot\system32\DRIVERS\bowser.sys
0x94D62000 \SystemRoot\System32\drivers\mpsdrv.sys
0x94D42000 \SystemRoot\system32\drivers\mrxdav.sys
0x94D24000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x94CEB000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x94CD9000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x94CB5000 \SystemRoot\System32\DRIVERS\srv2.sys
0x94C64000 \SystemRoot\System32\DRIVERS\srv.sys
0x95E72000 \SystemRoot\system32\drivers\spsys.sys
0x923D4000 \??\C:\Program Files\AntiVir PersonalEdition Classic\avgntflt.sys
0x9A096000 \SystemRoot\system32\drivers\peauth.sys
0x90850000 \SystemRoot\System32\Drivers\secdrv.SYS
0x89A8A000 \SystemRoot\System32\drivers\tcpipreg.sys
0x77920000 \Windows\System32\ntdll.dll

Processes (total 61):
0 System Idle Process
4 System
408 C:\Windows\System32\smss.exe
472 csrss.exe
520 C:\Windows\System32\wininit.exe
528 csrss.exe
576 C:\Windows\System32\winlogon.exe
596 C:\Windows\System32\services.exe
608 C:\Windows\System32\lsass.exe
616 C:\Windows\System32\lsm.exe
776 C:\Windows\System32\svchost.exe
824 C:\Windows\System32\svchost.exe
864 C:\Windows\System32\svchost.exe
928 C:\Windows\System32\Ati2evxx.exe
948 C:\Windows\System32\svchost.exe
1044 C:\Windows\System32\svchost.exe
1056 C:\Windows\System32\svchost.exe
1132 C:\Windows\System32\audiodg.exe
1160 C:\Windows\System32\SLsvc.exe
1200 C:\Windows\System32\svchost.exe
1280 C:\Windows\System32\Ati2evxx.exe
1416 C:\Windows\System32\svchost.exe
1576 C:\Windows\System32\LEXBCES.EXE
1620 C:\Windows\System32\spoolsv.exe
1628 C:\Windows\System32\LEXPPS.EXE
1676 C:\Windows\System32\svchost.exe
2040 C:\Windows\System32\taskeng.exe
232 C:\Windows\System32\dwm.exe
344 C:\Windows\explorer.exe
1072 C:\Windows\RtHDVCpl.exe
1124 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
1252 C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
1408 C:\Program Files\Common Files\Real\Update_OB\realsched.exe
1472 C:\Program Files\Windows Sidebar\sidebar.exe
1784 C:\Windows\ehome\ehtray.exe
1756 C:\Program Files\Windows Media Player\wmpnscfg.exe
1688 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
1548 C:\Windows\ehome\ehmsas.exe
2144 C:\Windows\System32\taskeng.exe
2176 C:\Program Files\Google\Update\GoogleUpdate.exe
2212 C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe
2220 C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
2296 <unknown>
2632 C:\Program Files\Common Files\AccSys\accsvc.exe
2652 C:\Windows\System32\agrsmsvc.exe
2684 C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
2696 C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
2724 C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
2740 C:\Windows\System32\svchost.exe
2776 C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
2916 C:\Windows\System32\svchost.exe
3024 C:\Program Files\CyberLink\Shared Files\RichVideo.exe
3040 C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe
3096 <unknown>
3116 C:\Windows\System32\svchost.exe
3176 C:\Windows\System32\svchost.exe
3236 C:\Windows\System32\SearchIndexer.exe
1188 C:\Users\Jan\Desktop\MBRCheck.exe
2912 C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
3056 C:\Program Files\Windows Media Player\wmpnetwk.exe
2556 <unknown>

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000002`80100000 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x0000000f`32900000 (NTFS)
\\.\F: --> \\.\PhysicalDrive0 at offset 0x0000000b`e3e00000 (NTFS)

PhysicalDrive0 Model Number: SAMSUNGHM120JI, Rev: YF100-13

Size Device Name MBR Status
--------------------------------------------
111 GB \\.\PhysicalDrive0 Windows 2008 MBR code detected
SHA1: 8DF43F2BDE2D9451948FA14B5279969C777A7979


Done!

cosinus 09.05.2011 19:10
Zitat:
111 GB \\.\PhysicalDrive0 Windows 2008 MBR code detected
SHA1: 8DF43F2BDE2D9451948FA14B5279969C777A7979
Sieht sehr viel freundlicher aus! :)

Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SASW und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!

Kahe 11.05.2011 16:25
Alles klar werde ich machen.Poste dann die Logs.Vielen Dank erstmal.

Kahe 12.05.2011 19:12
Hallo Cosinus,

habe einen Voll Scan von Malwarebytes und von SUPERAntiSpyware durchgeführt. Bei Malewarebytes wurde nichts gefunden,bei SUPERAntiSPyware allerding 6 Bedrohungen.Hier die Logs:

SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com

Generated 05/12/2011 at 07:54 PM

Application Version : 4.52.1000

Core Rules Database Version : 7039
Trace Rules Database Version: 4851

Scan type : Complete Scan
Total Scan Time : 01:36:50

Memory items scanned : 605
Memory threats detected : 0
Registry items scanned : 8578
Registry threats detected : 5
File items scanned : 114563
File threats detected : 1

Browser Hijacker.Deskbar
HKCR\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
HKCR\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}\ProxyStubClsid
HKCR\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}\ProxyStubClsid32
HKCR\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}\TypeLib
HKCR\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}\TypeLib#Version

Rogue.Agent/Gen-Nullo[OCX]
C:\WINDOWS\5CA9VIRZ.OCX






Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 6561

Windows 6.0.6000
Internet Explorer 7.0.6000.17037

12.05.2011 17:39:25
mbam-log-2011-05-12 (17-39-25).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|)
Durchsuchte Objekte: 248557
Laufzeit: 57 Minute(n), 10 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

cosinus 12.05.2011 19:23
Sieht ok aus, da wurden nur Überreste gefunden.
Noch Probleme oder weitere Funde in der Zwischenzeit?

Kahe 13.05.2011 19:35
Keine weiteren Funde auch keine Probleme.Es läuft alles so wie vor dem Virus.
Hast du vieleicht ein Tipp wie ich mich zukünftig besser schützen kann?Ich habe eigentlich nur anti virus als Schutz.
Danke erstmal.

cosinus 13.05.2011 19:56
Halte Dich am besten grob an diese fünf Regeln, der Virenscanner ist bestenfalls ein Sicherheitsgurt, der bei unbekannten Sachen versagt!

1) Sei misstrauisch im Internet und v.a. bei unbekannten E-Mails, sei vorsichtig bei der Herausgabe persönlicher Daten!!
2) Halte Windows und alle verwendeten Programme immer aktuell
3) Führe regelmäßig Backups auf externe Medien durch
4) Arbeite mit eingeschränkten Rechten
5) Nutze sichere Programme wie zB Opera oder Firefox zum Surfen statt den IE, zum Mailen Thunderbird statt Outlook Express - E-Mails nur als reinen text anzeigen lassen

Alles noch genauer erklärt steht hier => Kompromittierung unvermeidbar?


Dann wären wir durch! :abklatsch:

Bitte abschließend die Updates prüfen, unten mein Leitfaden dazu.
Für noch mehr Sicherheit solltest Du nach der beseitigten Infektion auch möglichst alle Passwörter ändern.


Microsoftupdate

Windows XP: Besuch mit dem IE die MS-Updateseite und lass Dir alle wichtigen Updates installieren.

Windows Vista/7: Anleitung Windows-Update



PDF-Reader aktualisieren
Dein Adobe Reader ist nicht aktuell, was ein großes Sicherheitsrisiko darstellt. Du solltest daher besser die alte Version über Systemsteuerung => Software deinstallieren, indem Du dort auf "Adobe Reader x.0" klickst und das Programm entfernst.

Ich empfehle einen alternativen PDF-Reader wie SumatraPDF oder Foxit PDF Reader, beide sind sehr viel schlanker und flotter als der AdobeReader.

Bitte überprüf bei der Gelegenheit auch die Aktualität des Flashplayers, hier der direkte Downloadlink:

Mozilla und andere Browser => http://filepony.de/?q=Flash+Player
Internet Explorer => http://fpdownload.adobe.com/get/flas..._player_ax.exe


Java-Update
Veraltete Java-Installationen sind ein Sicherheitsrisiko, daher solltest Du die alten Versionen löschen (falls vorhanden, am besten mit JavaRa) und auf die neuste aktualisieren. Beende dazu alle Programme (v.a. die Browser), klick danach auf Start, Systemsteuerung, Software und deinstalliere darüber alle aufgelisteten Java-Versionen. Lad Dir danach von hier das aktuelle Java SE Runtime Environment (JRE) herunter und installiere es.

Kahe 15.05.2011 13:16
Alles klar Cosinus.Vielen Dank für deine Hilfe,alleine hätte ich das nicht geschafft.Ihr macht hier tolle Arbeit,danke dir!


Alle Zeitangaben in WEZ +1. Es ist jetzt 02:13 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22