Trojaner-Board - wA6mruD6.exe öffnet sich dauernd im Hintergund

so hier nun die OTL.txt:

#

Code:

OTL logfile created on: 17.05.2010 18:51:34 - Run 2

OTL by OldTimer - Version 3.2.4.1     Folder = C:\Dokumente und Einstellungen\Tror\Desktop

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 6.0.2900.5512)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 76,00% Memory free

4,00 Gb Paging File | 3,00 Gb Available in Paging File | 91,00% Paging File free

Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme

Drive C: | 76,32 Gb Total Space | 66,57 Gb Free Space | 87,22% Space Free | Partition Type: NTFS

Drive D: | 465,76 Gb Total Space | 91,41 Gb Free Space | 19,63% Space Free | Partition Type: NTFS

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

 

Computer Name: BKB

Current User Name: Tror

NOT logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: Current user

Company Name Whitelist: On

Skip Microsoft Files: On

File Age = 90 Days

Output = Standard

Quick Scan

 
 ========== Processes (SafeList) ==========

 

PRC - [2010.05.17 09:41:39 | 000,571,392 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Tror\Desktop\OTL.exe

PRC - [2010.03.02 11:28:23 | 000,282,792 | ---- | M] (Avira GmbH) -- D:\Tools\Avira\AntiVir Desktop\avgnt.exe

PRC - [2010.02.18 11:43:18 | 000,248,040 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe

PRC - [2009.01.09 21:14:48 | 007,418,368 | ---- | M] (OpenOffice.org) -- D:\Tools\Open Office 3\OpenOffice.org 3\program\soffice.bin

PRC - [2009.01.09 21:14:42 | 007,424,000 | ---- | M] (OpenOffice.org) -- D:\Tools\Open Office 3\OpenOffice.org 3\program\soffice.exe

PRC - [2008.04.14 08:52:46 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

PRC - [2006.02.09 20:15:42 | 000,106,551 | ---- | M] (Hauppauge Computer Works) -- D:\Tools\WinTV\Ir.exe

PRC - [2005.01.07 18:30:56 | 000,864,256 | ---- | M] (Brother Industries, Ltd.) -- C:\Programme\Brother\ControlCenter2\brctrcen.exe

PRC - [2004.03.09 16:54:44 | 000,057,393 | ---- | M] (ScanSoft, Inc.) -- C:\Programme\ScanSoft\PaperPort\pptd40nt.exe

 

 
 ========== Modules (SafeList) ==========

 

MOD - [2010.05.17 09:41:39 | 000,571,392 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Tror\Desktop\OTL.exe

MOD - [2008.04.14 08:51:08 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx

 

 
 ========== Win32 Services (SafeList) ==========

 

 
 ========== Driver Services (SafeList) ==========

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

 

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

 
 ========== FireFox ==========

 

FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:3.3.0.3971

 

FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: D:\Tools\Java\lib\deploy\jqs\ff [2010.04.28 12:20:37 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: D:\Tools\Mozilla Firefox\components [2010.05.10 05:02:23 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: D:\Tools\Mozilla Firefox\plugins [2010.05.05 17:52:48 | 000,000,000 | ---D | M]

 

[2010.03.16 16:31:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Tror\Anwendungsdaten\Mozilla\Extensions

[2010.03.16 16:31:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Tror\Anwendungsdaten\Mozilla\Firefox\Profiles\2b502jvp.default\extensions

[2010.05.17 09:44:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Tror\Anwendungsdaten\Mozilla\Firefox\Profiles\lwsr0sx8.default\extensions

[2010.03.16 16:31:58 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\Tror\Anwendungsdaten\Mozilla\Firefox\Profiles\lwsr0sx8.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2010.03.16 16:31:58 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Tror\Anwendungsdaten\Mozilla\Firefox\Profiles\lwsr0sx8.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}

[2010.05.04 23:43:08 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Dokumente und Einstellungen\Tror\Anwendungsdaten\Mozilla\Firefox\Profiles\lwsr0sx8.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

[2010.04.29 21:02:11 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Dokumente und Einstellungen\Tror\Anwendungsdaten\Mozilla\Firefox\Profiles\lwsr0sx8.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}

[2010.05.04 23:48:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Tror\Anwendungsdaten\Mozilla\Firefox\Profiles\lwsr0sx8.default\extensions\video.downloader.plugin@ffpimp.com

[2010.03.16 16:31:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Tror\Anwendungsdaten\Mozilla\Firefox\Profiles\o615735r.default\extensions

 

O1 HOSTS File: ([2010.05.17 13:10:00 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1       localhost

O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Tools\Java\bin\jp2ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Tools\Java\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)

O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [Adobe Reader Speed Launcher] D:\Tools\Acrobat Reader\Reader\Reader_sl.exe File not found

O4 - HKLM..\Run: [avgnt] D:\Tools\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

O4 - HKLM..\Run: [ControlCenter2.0] C:\Programme\Brother\ControlCenter2\brctrcen.exe (Brother Industries, Ltd.)

O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)

O4 - HKLM..\Run: [IndexSearch] C:\Programme\ScanSoft\PaperPort\IndexSearch.exe (ScanSoft, Inc.)

O4 - HKLM..\Run: [iTunesHelper] D:\Tools\iTunes\iTunesHelper.exe File not found

O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] D:\Tools\Malwarebytes' Anti-Malware\mbam.exe File not found

O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()

O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)

O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)

O4 - HKLM..\Run: [nwiz]  File not found

O4 - HKLM..\Run: [PaperPort PTD] C:\Programme\ScanSoft\PaperPort\pptd40nt.exe (ScanSoft, Inc.)

O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)

O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)

O4 - HKLM..\Run: [QuickTime Task] C:\Programme\QuickTime\qttask  .exe File not found

O4 - HKLM..\Run: [SetDefPrt] C:\Programme\Brother\Brmfl04g\BrStDvPt.exe (Brother Industories, Ltd.)

O4 - HKLM..\Run: [SSBkgdUpdate] C:\Programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Scansoft, Inc.)

O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)

O4 - HKCU..\Run: [Steam] D:\Games\Steam\Steam.exe File not found

O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\AutoStart IR.lnk = D:\Tools\WinTV\Ir.exe (Hauppauge Computer Works)

O4 - Startup: C:\Dokumente und Einstellungen\Tror\Startmenü\Programme\Autostart\OpenOffice.org 3.0.lnk = D:\Tools\Open Office 3\OpenOffice.org 3\program\quickstart.exe ()

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Tools\ICQ6.5\ICQ.exe (ICQ, LLC.)

O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Tools\ICQ6.5\ICQ.exe (ICQ, LLC.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)

O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - Winlogon\Notify\opaqcx: DllName - opaqcx.dll - C:\WINDOWS\System32\opaqcx.dll ()

O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home

O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp

O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2010.03.16 15:41:22 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *) -  File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = ComFile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 
 ========== Files/Folders - Created Within 90 Days ==========

 

[2010.05.17 13:11:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood

[2010.05.17 13:01:02 | 000,000,000 | RHSD | C] -- C:\cmdcons

[2010.05.17 12:58:46 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe

[2010.05.17 12:58:46 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe

[2010.05.17 12:58:46 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe

[2010.05.17 12:58:46 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe

[2010.05.17 12:58:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT

[2010.05.17 12:57:14 | 000,000,000 | ---D | C] -- C:\ComboFix

[2010.05.17 12:56:46 | 000,000,000 | ---D | C] -- C:\Qoobox

[2010.05.17 12:18:14 | 000,444,416 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Tror\Desktop\TFC.exe

[2010.05.17 09:41:39 | 000,571,392 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Tror\Desktop\OTL.exe

[2010.05.14 01:14:57 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\GroupPolicy

[2010.05.13 23:42:26 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF

[2010.05.10 17:52:40 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TrackMania

[2010.05.10 17:48:25 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tror\Eigene Dateien\TrackMania

[2010.05.10 17:48:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp

[2010.05.05 17:52:04 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Adobe

[2010.05.04 23:46:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tror\dwhelper

[2010.04.28 12:20:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Sun

[2010.04.28 12:19:27 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tror\Eigene Dateien\Downloads

[2010.04.25 18:50:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall

[2010.04.25 01:27:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution

[2010.04.24 00:45:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData

[2010.04.24 00:44:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tror\Anwendungsdaten\Avira

[2010.04.23 18:08:14 | 000,000,000 | ---D | C] -- C:\Programme\trend micro

[2010.04.23 18:08:14 | 000,000,000 | ---D | C] -- C:\rsit

[2010.04.15 17:22:31 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tror\Anwendungsdaten\OpenOffice.org

[2010.04.13 19:24:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tror\Anwendungsdaten\ICQ

[2010.04.13 19:23:06 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tror\Anwendungsdaten\teamspeak2

[2010.04.10 02:48:15 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tror\Anwendungsdaten\DivX

[2010.04.01 22:25:07 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tror\Eigene Dateien\Test Drive Unlimited

[2010.04.01 22:24:44 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Test Drive Unlimited

[2010.03.31 17:53:40 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tror\Eigene Dateien\Total Overdose

[2010.03.30 16:12:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun

[2010.03.30 13:09:28 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tror\Anwendungsdaten\dvdcss

[2010.03.30 10:06:37 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tror\Anwendungsdaten\vlc

[2010.03.22 04:02:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tror\Eigene Dateien\SH4

[2010.03.21 22:40:08 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tror\Anwendungsdaten\InstallShield

[2010.03.21 22:27:35 | 000,717,296 | ---- | C] (Duplex Secure Ltd.) -- C:\WINDOWS\System32\drivers\sptd.sys

[2010.03.21 22:27:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tror\Anwendungsdaten\DAEMON Tools

[2010.03.21 21:12:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tror\Eigene Dateien\Alcohol 120%

[2010.03.21 04:11:01 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tror\Anwendungsdaten\WinRAR

[2010.03.16 17:23:54 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\IviSDK

[2010.03.16 17:08:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tror\Lokale Einstellungen\Anwendungsdaten\Adobe

[2010.03.16 17:00:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tror\Anwendungsdaten\Macromedia

[2010.03.16 17:00:32 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tror\Anwendungsdaten\Adobe

[2010.03.16 16:59:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch

[2010.03.16 16:52:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Logs

[2010.03.16 16:49:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\de-de

[2010.03.16 16:49:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas

[2010.03.16 16:49:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\de

[2010.03.16 16:49:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits

[2010.03.16 16:49:27 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Tror\Recent

[2010.03.16 16:48:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles

[2010.03.16 16:46:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic

[2010.03.16 16:45:08 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$

[2010.03.16 16:41:11 | 000,000,000 | ---D | C] -- C:\Programme\Java

[2010.03.16 16:41:10 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Java

[2010.03.16 16:41:03 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tror\Anwendungsdaten\Sun

[2010.03.16 16:40:23 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tror\Anwendungsdaten\Apple Computer

[2010.03.16 16:39:38 | 000,000,000 | ---D | C] -- C:\Programme\iPod

[2010.03.16 16:39:36 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}

[2010.03.16 16:39:29 | 000,000,000 | ---D | C] -- C:\Programme\Bonjour

[2010.03.16 16:39:12 | 000,000,000 | ---D | C] -- C:\Programme\QuickTime

[2010.03.16 16:39:11 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Apple Computer

[2010.03.16 16:39:06 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tror\Lokale Einstellungen\Anwendungsdaten\Apple

[2010.03.16 16:39:05 | 000,000,000 | ---D | C] -- C:\Programme\Apple Software Update

[2010.03.16 16:39:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE

[2010.03.16 16:38:47 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Apple

[2010.03.16 16:38:47 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Apple

[2010.03.16 16:37:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tror\Lokale Einstellungen\Anwendungsdaten\Apple Computer

[2010.03.16 16:35:16 | 000,286,720 | ---- | C] (Zilog) -- C:\WINDOWS\System32\hcwzblast.dll

[2010.03.16 16:35:16 | 000,081,983 | ---- | C] (Hauppauge Computer Works, Inc.) -- C:\WINDOWS\System32\hcwblast.ocx

[2010.03.16 16:35:16 | 000,073,792 | ---- | C] (Hauppauge Computer Works, Inc) -- C:\WINDOWS\System32\ChSuite.ocx

[2010.03.16 16:35:16 | 000,065,603 | ---- | C] (Hauppauge Computer Works) -- C:\WINDOWS\System32\hcwIRblast.dll

[2010.03.16 16:35:16 | 000,040,960 | ---- | C] (Hauppauge Computer Works, Inc) -- C:\WINDOWS\System32\GButton.ocx

[2010.03.16 16:33:29 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Adobe

[2010.03.16 16:31:40 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tror\Lokale Einstellungen\Anwendungsdaten\Mozilla

[2010.03.16 16:31:40 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tror\Anwendungsdaten\Mozilla

[2010.03.16 16:29:31 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tror\Anwendungsdaten\Malwarebytes

[2010.03.16 16:29:28 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys

[2010.03.16 16:29:22 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2010.03.16 16:29:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes

[2010.03.16 16:27:49 | 000,124,784 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys

[2010.03.16 16:27:49 | 000,051,992 | ---- | C] (AVIRA GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys

[2010.03.16 16:27:49 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys

[2010.03.16 16:27:49 | 000,017,016 | ---- | C] (AVIRA GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys

[2010.03.16 16:27:44 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira

[2010.03.16 16:16:04 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$MSI31Uninstall_KB893803v2$

[2010.03.16 16:15:25 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NVIDIA Corporation

[2010.03.16 16:15:19 | 000,000,000 | ---D | C] -- C:\Programme\NVIDIA Corporation

[2010.03.16 16:14:57 | 000,061,440 | ---- | C] (Khronos Group) -- C:\WINDOWS\System32\OpenCL.dll

[2010.03.16 16:14:52 | 000,000,000 | ---D | C] -- C:\NVIDIA

[2010.03.16 16:14:01 | 000,074,496 | R--- | C] (Realtek Semiconductor Corporation                           ) -- C:\WINDOWS\System32\drivers\Rtlnicxp.sys

[2010.03.16 16:09:04 | 000,319,488 | R--- | C] (Hauppauge Computer Works, Inc.) -- C:\WINDOWS\System32\hcwECP.ax

[2010.03.16 16:09:03 | 000,253,952 | R--- | C] (Hauppauge Computer Works, Inc.) -- C:\WINDOWS\System32\hcwCCnv2.ax

[2010.03.16 16:09:02 | 000,274,432 | R--- | C] (Hauppauge Computer Works, Inc.) -- C:\WINDOWS\System32\hcwPrxA2.ax

[2010.03.16 16:09:01 | 000,168,064 | R--- | C] (Hauppauge Computer Works, Inc.) -- C:\WINDOWS\System32\drivers\hcwPP2.sys

[2010.03.16 16:07:43 | 000,188,416 | ---- | C] (Hauppauge Computer Works) -- C:\WINDOWS\System32\hcwUtl32.dll

[2010.03.16 16:07:43 | 000,186,880 | ---- | C] (Hauppauge Computer Works, Inc.) -- C:\WINDOWS\System32\hcwCConv.ax

[2010.03.16 16:07:43 | 000,090,190 | ---- | C] (Hauppauge Computer Works) -- C:\WINDOWS\System32\Bt848WST.DLL

[2010.03.16 16:07:43 | 000,069,632 | ---- | C] (Hauppauge Computer Works, Inc.) -- C:\WINDOWS\System32\hcwPP2PP.ocx

[2010.03.16 16:07:43 | 000,065,536 | ---- | C] (Hauppauge Computer Works) -- C:\WINDOWS\System32\hcwDlg.ocx

[2010.03.16 16:07:43 | 000,061,440 | ---- | C] (Hauppauge Computer Works, Inc.) -- C:\WINDOWS\System32\hcwPrxP2.ax

[2010.03.16 16:07:43 | 000,000,000 | ---D | C] -- C:\MyVideos

[2010.03.16 16:07:42 | 000,639,049 | ---- | C] (Hauppauge Computer Works) -- C:\WINDOWS\System32\hcwtvwnd.dll

[2010.03.16 16:07:42 | 000,229,432 | ---- | C] (Hauppauge Computer Works) -- C:\WINDOWS\System32\hcwpnp32.dll

[2010.03.16 16:07:42 | 000,213,050 | ---- | C] (Hauppauge Computer Works) -- C:\WINDOWS\System32\Hcwchan.dll

[2010.03.16 16:07:42 | 000,192,571 | ---- | C] (Hauppauge Computer Works, Inc.) -- C:\WINDOWS\System32\hcwav.dll

[2010.03.16 16:07:42 | 000,139,329 | ---- | C] (Hauppauge Computer Works) -- C:\WINDOWS\System32\hcwaud32.dll

[2010.03.16 16:07:42 | 000,106,559 | ---- | C] (Hauppauge Computer Works) -- C:\WINDOWS\System32\hcwTVDlg.dll

[2010.03.16 16:07:42 | 000,094,264 | ---- | C] (Hauppauge Computer Works, Inc.) -- C:\WINDOWS\System32\hcwi2c32.dll

[2010.03.16 16:07:42 | 000,081,920 | ---- | C] (Hauppauge Computer Works, Inc.) -- C:\WINDOWS\System32\hcwSplit.ax

[2010.03.16 16:07:42 | 000,081,920 | ---- | C] (Hauppauge Computer Works, Inc.) -- C:\WINDOWS\System32\hcwNull.ax

[2010.03.16 16:07:42 | 000,073,728 | ---- | C] (Hauppauge Computer Works, Inc.) -- C:\WINDOWS\System32\hcwSnap.ax

[2010.03.16 16:07:42 | 000,073,728 | ---- | C] (Hauppauge Computer Works, Inc.) -- C:\WINDOWS\System32\hcwFRead.ax

[2010.03.16 16:07:42 | 000,061,440 | ---- | C] (Hauppauge Computer Works) -- C:\WINDOWS\System32\Hcwtuner.dll

[2010.03.16 16:07:42 | 000,057,344 | ---- | C] (Hauppauge Computer Works, Inc.) -- C:\WINDOWS\System32\hcwFWrit.ax

[2010.03.16 16:07:42 | 000,011,264 | ---- | C] (Hauppauge Computer Works) -- C:\WINDOWS\System32\hcwhook.dll

[2010.03.16 16:07:41 | 000,393,216 | ---- | C] (Snowbound Software Corporation (www.Snowbnd.com)) -- C:\WINDOWS\System32\hcwsnbd9.dll

[2010.03.16 16:07:41 | 000,000,000 | ---D | C] -- C:\Programme\WinTV

[2010.03.16 16:03:41 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts

[2010.03.16 16:03:41 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache

[2010.03.16 16:03:41 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web

[2010.03.16 16:03:41 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf

[2010.03.16 16:03:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS

[2010.03.16 16:03:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins

[2010.03.16 16:03:41 | 000,000,000 | ---D | C] -- C:\WINDOWS

[2010.03.16 16:03:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem

[2010.03.16 16:03:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt

[2010.03.16 16:03:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32

[2010.03.16 16:03:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32

[2010.03.16 16:03:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\system

[2010.03.16 16:03:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool

[2010.03.16 16:03:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt

[2010.03.16 16:03:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup

[2010.03.16 16:03:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\security

[2010.03.16 16:03:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources

[2010.03.16 16:03:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair

[2010.03.16 16:03:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras

[2010.03.16 16:03:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\Provisioning

[2010.03.16 16:03:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\PeerNet

[2010.03.16 16:03:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\pchealth

[2010.03.16 16:03:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe

[2010.03.16 16:03:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp

[2010.03.16 16:03:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui

[2010.03.16 16:03:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui

[2010.03.16 16:03:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps

[2010.03.16 16:03:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent

[2010.03.16 16:03:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media

[2010.03.16 16:03:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\java

[2010.03.16 16:03:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv

[2010.03.16 16:03:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME

[2010.03.16 16:03:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime

[2010.03.16 16:03:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml

[2010.03.16 16:03:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias

[2010.03.16 16:03:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help

[2010.03.16 16:03:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export

[2010.03.16 16:03:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc

[2010.03.16 16:03:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\ehome

[2010.03.16 16:03:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers

[2010.03.16 16:03:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache

[2010.03.16 16:03:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn

[2010.03.16 16:03:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp

[2010.03.16 16:03:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug

[2010.03.16 16:03:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors

[2010.03.16 16:03:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard

[2010.03.16 16:03:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config

[2010.03.16 16:03:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config

[2010.03.16 16:03:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch

[2010.03.16 16:03:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins

[2010.03.16 16:03:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033

[2010.03.16 16:03:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031

[2010.03.16 15:57:43 | 000,120,832 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\BrWia04b.dll

[2010.03.16 15:57:43 | 000,037,888 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\BrUSi04b.dll

[2010.03.16 15:57:43 | 000,015,295 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\drivers\BrScnUsb.sys

[2010.03.16 15:57:42 | 000,054,272 | ---- | C] (Brother Industries,Ltd.) -- C:\WINDOWS\System32\brinsstr.dll

[2010.03.16 15:57:39 | 000,073,728 | ---- | C] (Brother Industries Ltd) -- C:\WINDOWS\System32\brrbtool.exe

[2010.03.16 15:57:39 | 000,024,223 | ---- | C] (brother Industries Ltd) -- C:\WINDOWS\System32\brlm03a.dll

[2010.03.16 15:57:37 | 000,188,416 | ---- | C] (brother) -- C:\WINDOWS\System32\PDRVINST.DLL

[2010.03.16 15:57:37 | 000,081,920 | ---- | C] (brother) -- C:\WINDOWS\System32\BrWebIns.dll

[2010.03.16 15:57:37 | 000,065,536 | ---- | C] (brother) -- C:\WINDOWS\System32\BRWEBUP.EXE

[2010.03.16 15:57:37 | 000,000,000 | ---D | C] -- C:\Programme\Common Files

[2010.03.16 15:57:37 | 000,000,000 | ---D | C] -- C:\Programme\Brother

[2010.03.16 15:57:35 | 000,000,000 | ---D | C] -- C:\Brother

[2010.03.16 15:57:34 | 000,147,456 | ---- | C] (Brother Industries,Ltd.) -- C:\WINDOWS\brunin03.dll

[2010.03.16 15:56:26 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\ScanSoft Shared

[2010.03.16 15:56:25 | 000,000,000 | ---D | C] -- C:\Programme\ScanSoft

[2010.03.16 15:56:25 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ScanSoft

[2010.03.16 15:55:47 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Brother

[2010.03.16 15:53:12 | 000,392,960 | R--- | C] (Sensaura) -- C:\WINDOWS\System32\drivers\senfilt.sys

[2010.03.16 15:53:06 | 000,053,248 | ---- | C] (Analog Devices Inc.) -- C:\WINDOWS\System32\wdmioctl.dll

[2010.03.16 15:53:05 | 001,285,632 | ---- | C] (Analog Devices) -- C:\WINDOWS\System32\SMMedia.dll

[2010.03.16 15:53:03 | 000,049,152 | ---- | C] (Analog Devices Inc.) -- C:\WINDOWS\System32\DSndUp.exe

[2010.03.16 15:53:03 | 000,000,000 | ---D | C] -- C:\Programme\Analog Devices

[2010.03.16 15:53:02 | 000,045,056 | ---- | C] (adi) -- C:\WINDOWS\System32\CleanUp.exe

[2010.03.16 15:51:17 | 000,000,000 | -H-D | C] -- C:\Programme\InstallShield Installation Information

[2010.03.16 15:51:17 | 000,000,000 | ---D | C] -- C:\Programme\AMD

[2010.03.16 15:50:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups

[2010.03.16 15:49:52 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\InstallShield

[2010.03.16 15:49:49 | 000,486,400 | R--- | C] (ASUS) -- C:\WINDOWS\System32\AsusSetup.exe

[2010.03.16 15:49:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\ASUSInstAll

[2010.03.16 15:44:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tror\Anwendungsdaten\Identities

[2010.03.16 15:44:52 | 000,000,000 | -H-D | C] -- C:\Programme\Uninstall Information

[2010.03.16 15:44:50 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Tror\Eigene Dateien\Eigene Musik

[2010.03.16 15:44:50 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Tror\Eigene Dateien

[2010.03.16 15:44:50 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Tror\Eigene Dateien\Eigene Bilder

[2010.03.16 15:44:46 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\Tror\Anwendungsdaten\Microsoft

[2010.03.16 15:44:46 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\Tror\Cookies

[2010.03.16 15:44:46 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Tror\SendTo

[2010.03.16 15:44:46 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Tror\Anwendungsdaten

[2010.03.16 15:44:46 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Tror\Startmenü

[2010.03.16 15:44:46 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Tror\Favoriten

[2010.03.16 15:44:46 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Tror\Vorlagen

[2010.03.16 15:44:46 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Tror\Netzwerkumgebung

[2010.03.16 15:44:46 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Tror\Lokale Einstellungen

[2010.03.16 15:44:46 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Tror\Druckumgebung

[2010.03.16 15:44:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tror\Lokale Einstellungen\Anwendungsdaten\Microsoft

[2010.03.16 15:44:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tror\Desktop

[2010.03.16 15:44:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution

[2010.03.16 15:44:06 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft

[2010.03.16 15:41:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom

[2010.03.16 15:41:45 | 000,000,000 | ---D | C] -- C:\Programme\xerox

[2010.03.16 15:41:45 | 000,000,000 | ---D | C] -- C:\Programme\microsoft frontpage

[2010.03.16 15:41:34 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$

[2010.03.16 15:40:30 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\All Users\DRM

[2010.03.16 15:40:19 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files

[2010.03.16 15:40:19 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages

[2010.03.16 15:40:09 | 000,000,000 | -H-D | C] -- C:\Programme\WindowsUpdate

[2010.03.16 15:40:04 | 000,000,000 | ---D | C] -- C:\Programme\Online-Dienste

[2010.03.16 15:39:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX

[2010.03.16 15:39:31 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Dienste

[2010.03.16 15:39:29 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks

[2010.03.16 15:39:29 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\MSSoap

[2010.03.16 15:39:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst

[2010.03.16 15:39:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed

[2010.03.16 15:39:21 | 000,000,000 | ---D | C] -- C:\Programme\Movie Maker

[2010.03.16 15:39:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore

[2010.03.16 15:39:13 | 000,000,000 | ---D | C] -- C:\Programme\NetMeeting

[2010.03.16 15:39:11 | 000,000,000 | ---D | C] -- C:\Programme\Outlook Express

[2010.03.16 15:39:07 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\System

[2010.03.16 15:39:06 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users\Dokumente\Eigene Bilder

[2010.03.16 15:39:06 | 000,000,000 | ---D | C] -- C:\Programme\Internet Explorer

[2010.03.16 15:38:34 | 000,000,000 | ---D | C] -- C:\Programme\ComPlus Applications

[2010.03.16 15:38:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration

[2010.03.16 15:38:19 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users\Dokumente\Eigene Musik

[2010.03.16 15:38:19 | 000,000,000 | ---D | C] -- C:\Programme\Windows Media Player

[2010.03.16 15:38:19 | 000,000,000 | ---D | C] -- C:\Programme\Online Services

[2010.03.16 15:38:13 | 000,000,000 | ---D | C] -- C:\Programme\Messenger

[2010.03.16 15:38:10 | 000,000,000 | ---D | C] -- C:\Programme\MSN Gaming Zone

[2010.03.16 15:37:45 | 000,000,000 | ---D | C] -- C:\Programme\MSN

[2010.03.16 15:37:43 | 000,000,000 | ---D | C] -- C:\Programme\Windows NT

[2010.03.16 15:37:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc

[2010.03.16 15:37:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com

[2010.03.16 15:37:23 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users\Dokumente\Eigene Videos

[2010.03.16 15:10:15 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer

[2010.03.16 15:10:14 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\ODBC

[2010.03.16 15:10:10 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\SpeechEngines

[2010.03.16 15:10:09 | 000,000,000 | R--D | C] -- C:\Programme

[2010.03.16 15:10:09 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared

[2010.03.16 15:10:09 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien

[2010.03.16 15:09:39 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü

[2010.03.16 15:09:39 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users\Dokumente

[2010.03.16 15:09:39 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users\Vorlagen

[2010.03.16 15:09:39 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Favoriten

[2010.03.16 15:09:39 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Desktop

[2010.03.16 15:09:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2

[2010.03.16 15:09:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot

[2010.03.16 15:09:20 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft

[2010.03.16 15:09:20 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten

[2010.03.16 15:08:55 | 000,000,000 | -HSD | C] -- C:\System Volume Information

[2010.03.16 15:08:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen

 
 ========== Files - Modified Within 90 Days ==========

 

[2010.05.17 13:22:58 | 000,271,997 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml

[2010.05.17 13:10:21 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini

[2010.05.17 13:10:00 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts

[2010.05.17 13:09:50 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT

[2010.05.17 13:09:48 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2010.05.17 13:09:04 | 003,145,728 | -H-- | M] () -- C:\Dokumente und Einstellungen\Tror\NTUSER.DAT

[2010.05.17 13:05:11 | 000,013,688 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2010.05.17 13:01:07 | 000,000,293 | RHS- | M] () -- C:\boot.ini

[2010.05.17 12:54:45 | 003,690,041 | R--- | M] () -- C:\Dokumente und Einstellungen\Tror\Desktop\ComboFix.exe

[2010.05.17 12:18:32 | 000,000,112 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RUn4J5hx.dat

[2010.05.17 12:18:14 | 000,444,416 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Tror\Desktop\TFC.exe

[2010.05.17 10:13:27 | 000,023,124 | ---- | M] () -- C:\Dokumente und Einstellungen\Tror\Desktop\OTL.zip

[2010.05.17 09:41:39 | 000,571,392 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Tror\Desktop\OTL.exe

[2010.05.14 03:02:24 | 000,039,352 | ---- | M] () -- C:\Dokumente und Einstellungen\Tror\Lokale Einstellungen\Anwendungsdaten\GDIPFONTCACHEV1.DAT

[2010.05.14 01:10:06 | 000,022,016 | ---- | M] () -- C:\WINDOWS\System32\opaqcx.dll

[2010.05.14 00:54:24 | 000,179,448 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2010.05.14 00:52:53 | 000,000,540 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk

[2010.05.13 20:46:25 | 000,021,441 | ---- | M] () -- C:\debug

[2010.05.10 17:48:10 | 000,000,640 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TmNationsForever.lnk

[2010.05.09 05:10:22 | 000,000,190 | -HS- | M] () -- C:\Dokumente und Einstellungen\Tror\ntuser.ini

[2010.05.05 17:52:48 | 000,001,516 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Adobe Reader 9.lnk

[2010.04.30 05:59:30 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat

[2010.04.29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys

[2010.04.29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2010.04.28 16:16:45 | 000,000,527 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Steam.lnk

[2010.04.27 18:42:31 | 000,000,481 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\VLC media player.lnk

[2010.04.26 15:58:12 | 000,256,512 | ---- | M] () -- C:\WINDOWS\PEV.exe

[2010.04.15 17:22:52 | 000,000,783 | ---- | M] () -- C:\Dokumente und Einstellungen\Tror\Startmenü\Programme\Autostart\OpenOffice.org 3.0.lnk

[2010.04.13 19:28:24 | 000,000,548 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ICQ6.5.lnk

[2010.04.13 19:22:44 | 000,000,594 | ---- | M] () -- C:\Dokumente und Einstellungen\Tror\Desktop\Teamspeak 2 RC2.lnk

[2010.04.10 02:48:21 | 000,008,192 | ---- | M] () -- C:\Dokumente und Einstellungen\Tror\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010.04.01 22:18:29 | 000,000,731 | ---- | M] () -- C:\Dokumente und Einstellungen\Tror\Desktop\Test Drive Unlimited starten.lnk

[2010.03.31 17:40:32 | 000,001,626 | ---- | M] () -- C:\Dokumente und Einstellungen\Tror\Desktop\Total Overdose.lnk

[2010.03.28 18:21:56 | 000,723,744 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI

[2010.03.28 18:21:56 | 000,316,594 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat

[2010.03.28 18:21:56 | 000,311,604 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2010.03.28 18:21:56 | 000,048,156 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat

[2010.03.28 18:21:56 | 000,039,992 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2010.03.27 06:11:57 | 000,000,675 | ---- | M] () -- C:\Dokumente und Einstellungen\Tror\Desktop\Team Fortress 2.lnk

[2010.03.21 22:50:30 | 000,000,563 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Silent Hunter 4 Wolves of the Pacific starten.lnk

[2010.03.21 22:50:21 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx

[2010.03.21 22:29:36 | 000,000,570 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\DAEMON Tools Lite.lnk

[2010.03.21 22:27:36 | 000,717,296 | ---- | M] (Duplex Secure Ltd.) -- C:\WINDOWS\System32\drivers\sptd.sys

[2010.03.16 17:24:34 | 000,029,731 | ---- | M] () -- C:\WINDOWS\Irremote.ini

[2010.03.16 17:24:34 | 000,000,550 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\AutoStart IR.lnk

[2010.03.16 17:24:29 | 000,000,511 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\WinTV2000.lnk

[2010.03.16 17:23:50 | 000,004,015 | ---- | M] () -- C:\WINDOWS\HCWPNP.INI

[2010.03.16 16:57:50 | 005,873,094 | -H-- | M] () -- C:\Dokumente und Einstellungen\Tror\Lokale Einstellungen\Anwendungsdaten\IconCache.db

[2010.03.16 16:57:16 | 000,013,688 | ---- | M] () -- C:\WINDOWS\System32\wpa.bak

[2010.03.16 16:54:58 | 000,002,675 | ---- | M] () -- C:\WINDOWS\imsins.BAK

[2010.03.16 16:46:18 | 000,251,712 | RHS- | M] () -- C:\ntldr

[2010.03.16 16:42:31 | 000,000,839 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\OpenOffice.org 3.0.lnk

[2010.03.16 16:40:20 | 000,001,804 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\iTunes.lnk

[2010.03.16 16:39:22 | 000,001,584 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\QuickTime Player.lnk

[2010.03.16 16:37:17 | 000,000,624 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\DivX Player.lnk

[2010.03.16 16:37:13 | 000,000,633 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\DivX Converter.lnk

[2010.03.16 16:37:03 | 000,000,543 | ---- | M] () -- C:\Dokumente und Einstellungen\Tror\Desktop\DivX Movies.lnk

[2010.03.16 16:36:28 | 000,000,515 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\DivX Movies.lnk

[2010.03.16 16:31:42 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat

[2010.03.16 16:30:47 | 000,000,637 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mozilla Firefox.lnk

[2010.03.16 16:27:55 | 000,000,728 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Avira AntiVir Control Center.lnk

[2010.03.16 16:10:11 | 000,023,207 | ---- | M] () -- C:\WINDOWS\Ascd_tmp.ini

[2010.03.16 16:01:51 | 000,000,416 | ---- | M] () -- C:\WINDOWS\BRWMARK.INI

[2010.03.16 16:01:51 | 000,000,065 | ---- | M] () -- C:\WINDOWS\System32\BD7010.dat

[2010.03.16 15:51:17 | 000,000,223 | ---- | M] () -- C:\Boot.bak

[2010.03.16 15:43:57 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD

[2010.03.16 15:43:10 | 000,000,261 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf

[2010.03.16 15:41:22 | 000,002,951 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT

[2010.03.16 15:41:22 | 000,000,477 | ---- | M] () -- C:\WINDOWS\win.ini

[2010.03.16 15:41:22 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS

[2010.03.16 15:41:22 | 000,000,000 | RHS- | M] () -- C:\IO.SYS

[2010.03.16 15:41:22 | 000,000,000 | ---- | M] () -- C:\WINDOWS\control.ini

[2010.03.16 15:41:22 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS

[2010.03.16 15:41:22 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT

[2010.03.16 15:41:19 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb

[2010.03.16 15:41:19 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb

[2010.03.16 15:41:10 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI

[2010.03.16 15:40:19 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\WindowsLogon.manifest

[2010.03.16 15:40:19 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\logonui.exe.manifest

[2010.03.16 15:40:13 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest

[2010.03.16 15:40:13 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest

[2010.03.16 15:40:13 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest

[2010.03.16 15:40:13 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest

[2010.03.16 15:40:13 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest

[2010.03.16 15:40:13 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest

[2010.03.16 15:38:45 | 000,021,740 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat

[2010.03.16 15:38:32 | 000,000,037 | ---- | M] () -- C:\WINDOWS\vbaddin.ini

[2010.03.16 15:38:32 | 000,000,036 | ---- | M] () -- C:\WINDOWS\vb.ini

[2010.03.01 10:05:19 | 000,124,784 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys

 
 ========== Files Created - No Company Name ==========

 

[2010.05.17 13:01:07 | 000,000,223 | ---- | C] () -- C:\Boot.bak

[2010.05.17 13:01:04 | 000,262,448 | ---- | C] () -- C:\cmldr

[2010.05.17 12:58:46 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe

[2010.05.17 12:58:46 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe

[2010.05.17 12:58:46 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe

[2010.05.17 12:58:46 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe

[2010.05.17 12:58:46 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe

[2010.05.17 12:54:37 | 003,690,041 | R--- | C] () -- C:\Dokumente und Einstellungen\Tror\Desktop\ComboFix.exe

[2010.05.17 10:13:26 | 000,023,124 | ---- | C] () -- C:\Dokumente und Einstellungen\Tror\Desktop\OTL.zip

[2010.05.14 01:10:06 | 000,022,016 | ---- | C] () -- C:\WINDOWS\System32\opaqcx.dll

[2010.05.13 20:46:25 | 000,021,441 | ---- | C] () -- C:\debug

[2010.05.13 20:45:25 | 000,000,112 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RUn4J5hx.dat

[2010.05.10 17:48:10 | 000,000,640 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TmNationsForever.lnk

[2010.05.05 17:52:16 | 000,001,516 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Adobe Reader 9.lnk

[2010.04.28 14:03:39 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat

[2010.04.27 18:42:31 | 000,000,481 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\VLC media player.lnk

[2010.04.15 17:22:52 | 000,000,783 | ---- | C] () -- C:\Dokumente und Einstellungen\Tror\Startmenü\Programme\Autostart\OpenOffice.org 3.0.lnk

[2010.04.13 19:28:24 | 000,000,548 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ICQ6.5.lnk

[2010.04.13 19:22:44 | 000,000,594 | ---- | C] () -- C:\Dokumente und Einstellungen\Tror\Desktop\Teamspeak 2 RC2.lnk

[2010.04.10 02:48:13 | 000,008,192 | ---- | C] () -- C:\Dokumente und Einstellungen\Tror\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010.04.01 22:18:29 | 000,000,731 | ---- | C] () -- C:\Dokumente und Einstellungen\Tror\Desktop\Test Drive Unlimited starten.lnk

[2010.03.31 17:40:32 | 000,001,626 | ---- | C] () -- C:\Dokumente und Einstellungen\Tror\Desktop\Total Overdose.lnk

[2010.03.27 06:11:57 | 000,000,675 | ---- | C] () -- C:\Dokumente und Einstellungen\Tror\Desktop\Team Fortress 2.lnk

[2010.03.27 06:03:45 | 000,000,527 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Steam.lnk

[2010.03.21 22:50:30 | 000,000,563 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Silent Hunter 4 Wolves of the Pacific starten.lnk

[2010.03.21 22:29:36 | 000,000,570 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\DAEMON Tools Lite.lnk

[2010.03.16 17:24:34 | 000,000,550 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\AutoStart IR.lnk

[2010.03.16 17:24:29 | 000,000,511 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\WinTV2000.lnk

[2010.03.16 16:57:17 | 000,013,688 | ---- | C] () -- C:\WINDOWS\System32\wpa.bak

[2010.03.16 16:46:33 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod

[2010.03.16 16:46:32 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty

[2010.03.16 16:46:31 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img

[2010.03.16 16:42:31 | 000,000,839 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\OpenOffice.org 3.0.lnk

[2010.03.16 16:40:20 | 000,001,804 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\iTunes.lnk

[2010.03.16 16:39:22 | 000,001,584 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\QuickTime Player.lnk

[2010.03.16 16:37:17 | 000,000,624 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\DivX Player.lnk

[2010.03.16 16:37:13 | 000,000,633 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\DivX Converter.lnk

[2010.03.16 16:37:03 | 000,000,543 | ---- | C] () -- C:\Dokumente und Einstellungen\Tror\Desktop\DivX Movies.lnk

[2010.03.16 16:36:28 | 000,000,515 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\DivX Movies.lnk

[2010.03.16 16:35:16 | 000,000,248 | ---- | C] () -- C:\WINDOWS\HCWBlast_sav.ini

[2010.03.16 16:35:16 | 000,000,248 | ---- | C] () -- C:\WINDOWS\HCWBlast.ini

[2010.03.16 16:35:07 | 000,029,731 | ---- | C] () -- C:\WINDOWS\Irremote.ini

[2010.03.16 16:33:48 | 000,004,015 | ---- | C] () -- C:\WINDOWS\HCWPNP.INI

[2010.03.16 16:31:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat

[2010.03.16 16:30:47 | 000,000,637 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mozilla Firefox.lnk

[2010.03.16 16:29:31 | 000,000,540 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk

[2010.03.16 16:27:55 | 000,000,728 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Avira AntiVir Control Center.lnk

[2010.03.16 16:14:57 | 000,009,047 | ---- | C] () -- C:\WINDOWS\System32\nvinfo.pb

[2010.03.16 16:14:54 | 002,283,526 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin

[2010.03.16 16:09:04 | 000,102,400 | R--- | C] () -- C:\WINDOWS\System32\hcwXDS.dll

[2010.03.16 16:09:02 | 000,376,836 | R--- | C] () -- C:\WINDOWS\System32\drivers\HcwFalcn.rom

[2010.03.16 16:09:02 | 000,016,382 | R--- | C] () -- C:\WINDOWS\System32\drivers\HcwMakoC.rom

[2010.03.16 16:09:02 | 000,014,264 | R--- | C] () -- C:\WINDOWS\System32\drivers\HcwMakoB.rom

[2010.03.16 16:08:02 | 000,000,293 | RHS- | C] () -- C:\boot.ini

[2010.03.16 16:07:59 | 000,000,261 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf

[2010.03.16 16:01:51 | 000,000,416 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI

[2010.03.16 15:57:52 | 000,000,065 | ---- | C] () -- C:\WINDOWS\System32\BD7010.dat

[2010.03.16 15:57:39 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\BROSNMP.DLL

[2010.03.16 15:57:35 | 000,006,224 | ---- | C] () -- C:\WINDOWS\CVRPAGE.bmp

[2010.03.16 15:56:35 | 000,027,114 | ---- | C] () -- C:\WINDOWS\maxlink.ini

[2010.03.16 15:50:38 | 000,001,570 | ---- | C] () -- C:\WINDOWS\System32\nvide.nvu

[2010.03.16 15:50:18 | 000,003,903 | ---- | C] () -- C:\WINDOWS\System32\nvnrm.nvu

[2010.03.16 15:50:15 | 000,001,864 | R--- | C] () -- C:\WINDOWS\System32\nvsmb.nvu

[2010.03.16 15:49:50 | 000,000,402 | R--- | C] () -- C:\WINDOWS\System32\raidmgmt.ini

[2010.03.16 15:49:49 | 000,849,654 | R--- | C] () -- C:\WINDOWS\System32\SATA.bmp

[2010.03.16 15:49:49 | 000,000,804 | R--- | C] () -- C:\WINDOWS\System32\AsusSetup.ini

[2010.03.16 15:49:48 | 000,849,654 | R--- | C] () -- C:\WINDOWS\System32\Alert.bmp

[2010.03.16 15:49:11 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys

[2010.03.16 15:49:07 | 000,023,207 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini

[2010.03.16 15:48:51 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS

[2010.03.16 15:47:40 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\korwbrkr.lex

[2010.03.16 15:47:40 | 000,002,060 | ---- | C] () -- C:\WINDOWS\System32\noise.jpn

[2010.03.16 15:47:40 | 000,001,486 | ---- | C] () -- C:\WINDOWS\System32\noise.kor

[2010.03.16 15:47:34 | 000,211,938 | ---- | C] () -- C:\WINDOWS\System32\lcphrase.tbl

[2010.03.16 15:47:34 | 000,146,126 | ---- | C] () -- C:\WINDOWS\System32\array30.tab

[2010.03.16 15:47:34 | 000,110,566 | ---- | C] () -- C:\WINDOWS\System32\arphr.tbl

[2010.03.16 15:47:34 | 000,024,114 | ---- | C] () -- C:\WINDOWS\System32\lcptr.tbl

[2010.03.16 15:47:34 | 000,018,600 | ---- | C] () -- C:\WINDOWS\System32\arrayhw.tab

[2010.03.16 15:47:34 | 000,016,312 | ---- | C] () -- C:\WINDOWS\System32\arptr.tbl

[2010.03.16 15:47:33 | 000,195,618 | ---- | C] () -- C:\WINDOWS\System32\c_10002.nls

[2010.03.16 15:47:33 | 000,116,285 | ---- | C] () -- C:\WINDOWS\System32\msdayi.tbl

[2010.03.16 15:47:33 | 000,082,172 | ---- | C] () -- C:\WINDOWS\System32\bopomofo.nls

[2010.03.16 15:47:33 | 000,066,728 | ---- | C] () -- C:\WINDOWS\System32\big5.nls

[2010.03.16 15:47:33 | 000,044,370 | ---- | C] () -- C:\WINDOWS\System32\acode.tbl

[2010.03.16 15:47:33 | 000,044,370 | ---- | C] () -- C:\WINDOWS\System32\a234.tbl

[2010.03.16 15:47:33 | 000,043,242 | ---- | C] () -- C:\WINDOWS\System32\phoncode.tbl

[2010.03.16 15:47:33 | 000,016,254 | ---- | C] () -- C:\WINDOWS\System32\PINTLPAE.HLP

[2010.03.16 15:47:33 | 000,014,821 | ---- | C] () -- C:\WINDOWS\System32\PINTLPAD.HLP

[2010.03.16 15:47:33 | 000,004,071 | ---- | C] () -- C:\WINDOWS\System32\phon.tbl

[2010.03.16 15:47:33 | 000,002,714 | ---- | C] () -- C:\WINDOWS\System32\phonptr.tbl

[2010.03.16 15:47:33 | 000,001,460 | ---- | C] () -- C:\WINDOWS\System32\a15.tbl

[2010.03.16 15:47:33 | 000,000,700 | ---- | C] () -- C:\WINDOWS\System32\dayiptr.tbl

[2010.03.16 15:47:33 | 000,000,520 | ---- | C] () -- C:\WINDOWS\System32\dayiphr.tbl

[2010.03.16 15:47:30 | 001,564,868 | ---- | C] () -- C:\WINDOWS\System32\WINSP.MB

[2010.03.16 15:47:30 | 001,223,500 | ---- | C] () -- C:\WINDOWS\System32\WINZM.MB

[2010.03.16 15:47:29 | 001,783,864 | ---- | C] () -- C:\WINDOWS\System32\WINPY.MB

[2010.03.16 15:47:29 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\c_10008.nls

[2010.03.16 15:47:29 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\prcp.nls

[2010.03.16 15:47:29 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\prc.nls

[2010.03.16 15:47:24 | 000,189,986 | ---- | C] () -- C:\WINDOWS\System32\c_1361.nls

[2010.03.16 15:47:24 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\c_10003.nls

[2010.03.16 15:47:24 | 000,047,066 | ---- | C] () -- C:\WINDOWS\System32\ksc.nls

[2010.03.16 15:47:12 | 000,180,770 | ---- | C] () -- C:\WINDOWS\System32\c_20932.nls

[2010.03.16 15:47:12 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\c_20000.nls

[2010.03.16 15:47:12 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\c_20949.nls

[2010.03.16 15:47:12 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\c_20936.nls

[2010.03.16 15:47:12 | 000,162,850 | ---- | C] () -- C:\WINDOWS\System32\c_10001.nls

[2010.03.16 15:47:12 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_21027.nls

[2010.03.16 15:47:12 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_20290.nls

[2010.03.16 15:47:12 | 000,028,288 | ---- | C] () -- C:\WINDOWS\System32\xjis.nls

[2010.03.16 15:46:53 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_864.nls

[2010.03.16 15:46:53 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_720.nls

[2010.03.16 15:46:53 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_708.nls

[2010.03.16 15:46:53 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28596.NLS

[2010.03.16 15:46:53 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10004.nls

[2010.03.16 15:46:50 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_862.nls

[2010.03.16 15:46:50 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10005.nls

[2010.03.16 15:46:45 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10021.nls

[2010.03.16 15:44:47 | 000,000,190 | -HS- | C] () -- C:\Dokumente und Einstellungen\Tror\ntuser.ini

[2010.03.16 15:44:46 | 000,001,024 | -H-- | C] () -- C:\Dokumente und Einstellungen\Tror\ntuser.dat.LOG

[2010.03.16 15:44:45 | 003,145,728 | -H-- | C] () -- C:\Dokumente und Einstellungen\Tror\NTUSER.DAT

[2010.03.16 15:43:57 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD

[2010.03.16 15:43:10 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat

[2010.03.16 15:41:22 | 000,002,951 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT

[2010.03.16 15:41:22 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS

[2010.03.16 15:41:22 | 000,000,000 | RHS- | C] () -- C:\IO.SYS

[2010.03.16 15:41:22 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS

[2010.03.16 15:41:22 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT

[2010.03.16 15:41:19 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb

[2010.03.16 15:41:19 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb

[2010.03.16 15:41:18 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx

[2010.03.16 15:40:19 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\WindowsLogon.manifest

[2010.03.16 15:40:19 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest

[2010.03.16 15:40:13 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest

[2010.03.16 15:40:13 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\WindowsShell.Manifest

[2010.03.16 15:40:13 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\sapi.cpl.manifest

[2010.03.16 15:40:13 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\nwc.cpl.manifest

[2010.03.16 15:40:13 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\ncpa.cpl.manifest

[2010.03.16 15:40:13 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest

[2010.03.16 15:39:37 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp

[2010.03.16 15:39:37 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp

[2010.03.16 15:38:45 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

[2010.03.16 15:38:01 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Seifenblase.bmp

[2010.03.16 15:38:01 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Präriewind.bmp

[2010.03.16 15:38:01 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe-Stuck.bmp

[2010.03.16 15:38:01 | 000,026,680 | ---- | C] () -- C:\WINDOWS\Fächer.bmp

[2010.03.16 15:38:01 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Granit.bmp

[2010.03.16 15:38:01 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp

[2010.03.16 15:38:01 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Angler.bmp

[2010.03.16 15:38:01 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Kaffeetasse.bmp

[2010.03.16 15:38:01 | 000,016,730 | ---- | C] () -- C:\WINDOWS\Feder.bmp

[2010.03.16 15:38:01 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Zapotek.bmp

[2010.03.16 15:38:01 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Blaue Spitzen 16.bmp

[2010.03.16 15:38:00 | 000,093,702 | ---- | C] () -- C:\WINDOWS\System32\subrange.uce

[2010.03.16 15:38:00 | 000,060,458 | ---- | C] () -- C:\WINDOWS\System32\ideograf.uce

[2010.03.16 15:38:00 | 000,024,006 | ---- | C] () -- C:\WINDOWS\System32\gb2312.uce

[2010.03.16 15:38:00 | 000,022,984 | ---- | C] () -- C:\WINDOWS\System32\bopomofo.uce

[2010.03.16 15:38:00 | 000,016,740 | ---- | C] () -- C:\WINDOWS\System32\shiftjis.uce

[2010.03.16 15:38:00 | 000,012,876 | ---- | C] () -- C:\WINDOWS\System32\korean.uce

[2010.03.16 15:38:00 | 000,008,484 | ---- | C] () -- C:\WINDOWS\System32\kanji_2.uce

[2010.03.16 15:38:00 | 000,006,948 | ---- | C] () -- C:\WINDOWS\System32\kanji_1.uce

[2010.03.16 15:37:59 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h

[2010.03.16 15:37:59 | 000,001,237 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd

[2010.03.16 15:37:58 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h

[2010.03.16 15:37:54 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc

[2010.03.16 15:10:17 | 000,002,675 | ---- | C] () -- C:\WINDOWS\imsins.BAK

[2010.03.16 15:10:07 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28603.nls

[2010.03.16 15:10:05 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_857.nls

[2010.03.16 15:10:05 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28599.nls

[2010.03.16 15:10:05 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10081.nls

[2010.03.16 15:10:02 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28595.NLS

[2010.03.16 15:10:02 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10017.nls

[2010.03.16 15:10:02 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10007.nls

[2010.03.16 15:09:59 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_869.nls

[2010.03.16 15:09:59 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_737.nls

[2010.03.16 15:09:59 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_875.nls

[2010.03.16 15:09:59 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28597.NLS

[2010.03.16 15:09:59 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10006.nls

[2010.03.16 15:09:57 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_866.nls

[2010.03.16 15:09:57 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_855.nls

[2010.03.16 15:09:57 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28594.NLS

[2010.03.16 15:09:54 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_852.nls

[2010.03.16 15:09:54 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10082.nls

[2010.03.16 15:09:54 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10029.nls

[2010.03.16 15:09:54 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10010.nls

[2010.03.16 15:09:53 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_20127.nls

[2010.03.16 15:09:49 | 000,001,806 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT

[2010.03.16 15:08:55 | 000,179,448 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2008.11.06 18:37:32 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll

[2008.11.06 18:34:00 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest

[2008.11.06 18:34:00 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dpl100.dll.manifest

[2008.11.06 18:33:02 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll

[2002.03.04 11:16:34 | 000,110,592 | R--- | C] () -- C:\WINDOWS\System32\Jpeg32.dll

 
 ========== LOP Check ==========

 

[2010.03.16 15:56:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ScanSoft

[2010.04.26 16:39:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Test Drive Unlimited

[2010.05.10 18:07:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TrackMania

[2010.03.16 16:39:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}

[2010.03.21 22:27:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Tror\Anwendungsdaten\DAEMON Tools

[2010.04.13 19:25:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Tror\Anwendungsdaten\ICQ

[2010.04.15 17:22:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Tror\Anwendungsdaten\OpenOffice.org

 
 ========== Purity Check ==========

 

 

< End of report >

so habs doch noch hinbekommen^^
lag daran, dass ich meinem Hauptbenutzerkonto während dieses Reparaturmarathons die Adminrechte entzogen hab und ein extra Adminbenutzerkonto angelegt hab (ich weiß ich hätte von vornherein nicht grad mit adminrechten im Netz unterwegs sein sollen :( )
Er hat also bei dem Versuch das script zu verwenden immer gefragt ob ich das über den Adminbenutzer laufen lassen will was ich bejaht hab, aber irgendwie scheint das so nicht zu klappen also hab ich das mit dem script jetzt mal direkt über den Adminbenutzer gemacht und es hat funktioniert, also hier das CF-log:

#

Code:

ComboFix 10-05-16.05 - Admin 18.05.2010  12:54:31.2.2 - x86

Microsoft Windows XP Professional  5.1.2600.3.1252.49.1031.18.2046.1672 [GMT 2:00]

ausgeführt von:: c:\dokumente und einstellungen\Admin\Desktop\ComboFix.exe

Benutzte Befehlsschalter :: c:\dokumente und einstellungen\Admin\Desktop\cfscript.txt

AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
 

FILE ::

"c:\windows\system32\opaqcx.dll"

.
 

((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))

.
 

c:\windows\system32\opaqcx.dll
 

.

(((((((((((((((((((((((   Dateien erstellt von 2010-04-18 bis 2010-05-18  ))))))))))))))))))))))))))))))

.
 

2010-05-17 11:16 . 2010-02-12 10:03        293376        ------w-        c:\windows\system32\browserchoice.exe

2010-05-17 11:16 . 2008-06-14 17:32        273024        -c----w-        c:\windows\system32\dllcache\bthport.sys

2010-05-17 11:14 . 2009-07-31 04:32        1172480        -c----w-        c:\windows\system32\dllcache\msxml3.dll

2010-05-17 11:01 . 2008-04-14 06:28        154112        -c--a-w-        c:\windows\system32\dllcache\dmio.sys

2010-05-17 11:01 . 2008-04-14 06:28        154112        ----a-w-        c:\windows\system32\drivers\dmio.sys

2010-05-13 23:14 . 2010-05-13 23:14        --------        d--h--w-        c:\windows\system32\GroupPolicy

2010-05-13 21:42 . 2010-05-13 21:42        --------        d--h--w-        c:\windows\PIF

2010-05-13 21:37 . 2010-05-13 21:37        --------        d-----w-        c:\dokumente und einstellungen\NetworkService\Anwendungsdaten\Malwarebytes

2010-05-10 15:52 . 2010-05-10 15:53        --------        d-----w-        c:\dokumente und einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\Adobe

2010-05-10 15:52 . 2010-05-10 16:07        --------        d-----w-        c:\dokumente und einstellungen\All Users\Anwendungsdaten\TrackMania

2010-05-10 15:50 . 2010-05-10 15:50        --------        d-----r-        c:\dokumente und einstellungen\NetworkService\Favoriten

2010-05-05 15:52 . 2010-05-05 15:52        --------        d-----w-        c:\programme\Gemeinsame Dateien\Adobe

2010-05-04 21:46 . 2010-05-04 21:46        --------        d-----w-        c:\dokumente und einstellungen\Tror\dwhelper

2010-04-28 12:16 . 2010-04-28 12:16        --------        d-s---w-        c:\dokumente und einstellungen\LocalService\UserData

2010-04-28 12:03 . 2010-04-30 03:59        664        ----a-w-        c:\windows\system32\d3d9caps.dat

2010-04-28 10:20 . 2010-04-28 10:20        503808        ----a-w-        c:\dokumente und einstellungen\Tror\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-5a8de208-n\msvcp71.dll

2010-04-28 10:20 . 2010-04-28 10:20        499712        ----a-w-        c:\dokumente und einstellungen\Tror\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-5a8de208-n\jmc.dll

2010-04-28 10:20 . 2010-04-28 10:20        348160        ----a-w-        c:\dokumente und einstellungen\Tror\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-5a8de208-n\msvcr71.dll

2010-04-28 10:20 . 2010-04-28 10:20        61440        ----a-w-        c:\dokumente und einstellungen\Tror\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-3762b8ef-n\decora-sse.dll

2010-04-28 10:20 . 2010-04-28 10:20        12800        ----a-w-        c:\dokumente und einstellungen\Tror\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-3762b8ef-n\decora-d3d.dll

2010-04-28 10:20 . 2010-04-28 10:20        411368        ----a-w-        c:\windows\system32\deployJava1.dll

2010-04-26 01:01 . 2009-12-31 16:50        353792        -c----w-        c:\windows\system32\dllcache\srv.sys

2010-04-26 01:01 . 2010-02-24 13:11        455680        -c----w-        c:\windows\system32\dllcache\mrxsmb.sys

2010-04-26 01:01 . 2009-11-21 15:54        471552        -c----w-        c:\windows\system32\dllcache\aclayers.dll

2010-04-26 01:00 . 2009-10-15 16:28        81920        -c----w-        c:\windows\system32\dllcache\fontsub.dll

2010-04-26 01:00 . 2009-10-15 16:28        119808        -c----w-        c:\windows\system32\dllcache\t2embed.dll

2010-04-26 01:00 . 2009-06-21 21:45        153088        -c----w-        c:\windows\system32\dllcache\triedit.dll

2010-04-26 01:00 . 2009-10-23 15:28        3558912        -c----w-        c:\windows\system32\dllcache\moviemk.exe

2010-04-26 00:58 . 2008-04-21 21:13        217600        -c----w-        c:\windows\system32\dllcache\wordpad.exe

2010-04-26 00:58 . 2009-08-13 15:15        512000        -c----w-        c:\windows\system32\dllcache\jscript.dll

2010-04-23 22:45 . 2010-05-17 07:49        --------        d-----w-        c:\windows\system32\NtmsData

2010-04-23 22:44 . 2010-04-23 22:44        --------        d-----w-        c:\dokumente und einstellungen\Tror\Anwendungsdaten\Avira

2010-04-23 16:08 . 2010-05-15 08:23        --------        d-----w-        c:\programme\trend micro

2010-04-23 16:08 . 2010-04-23 16:08        --------        d-----w-        C:\rsit

2010-04-19 22:23 . 2010-04-19 22:23        --------        d-s---w-        c:\dokumente und einstellungen\NetworkService\UserData
 

.

((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-05-18 10:47 . 2006-02-28 12:00        48156        ----a-w-        c:\windows\system32\perfc007.dat

2010-05-18 10:47 . 2006-02-28 12:00        316594        ----a-w-        c:\windows\system32\perfh007.dat

2010-05-17 12:59 . 2010-03-16 14:40        --------        d-----w-        c:\dokumente und einstellungen\Tror\Anwendungsdaten\Apple Computer

2010-05-17 12:52 . 2010-03-30 08:06        --------        d-----w-        c:\dokumente und einstellungen\Tror\Anwendungsdaten\vlc

2010-05-17 11:10 . 2010-03-16 14:39        --------        d-----w-        c:\programme\QuickTime

2010-05-17 10:18 . 2010-05-13 18:45        112        ----a-w-        c:\dokumente und einstellungen\All Users\Anwendungsdaten\RUn4J5hx.dat

2010-05-14 01:02 . 2010-03-18 03:52        39352        ----a-w-        c:\dokumente und einstellungen\Tror\Lokale Einstellungen\Anwendungsdaten\GDIPFONTCACHEV1.DAT

2010-04-29 13:39 . 2010-03-16 14:29        38224        ----a-w-        c:\windows\system32\drivers\mbamswissarmy.sys

2010-04-29 13:39 . 2010-03-16 14:29        20952        ----a-w-        c:\windows\system32\drivers\mbam.sys

2010-04-28 10:20 . 2010-03-16 14:41        --------        d-----w-        c:\programme\Gemeinsame Dateien\Java

2010-04-26 14:39 . 2010-04-01 20:24        --------        d-----w-        c:\dokumente und einstellungen\All Users\Anwendungsdaten\Test Drive Unlimited

2010-04-20 21:21 . 2010-04-15 15:22        1        ----a-w-        c:\dokumente und einstellungen\Tror\Anwendungsdaten\OpenOffice.org\3\user\uno_packages\cache\stamp.sys

2010-04-15 15:22 . 2010-04-15 15:22        --------        d-----w-        c:\dokumente und einstellungen\Tror\Anwendungsdaten\OpenOffice.org

2010-04-13 17:25 . 2010-04-13 17:24        --------        d-----w-        c:\dokumente und einstellungen\Tror\Anwendungsdaten\ICQ

2010-04-13 17:25 . 2010-03-16 13:51        --------        d--h--w-        c:\programme\InstallShield Installation Information

2010-04-13 17:23 . 2010-04-13 17:23        --------        d-----w-        c:\dokumente und einstellungen\Tror\Anwendungsdaten\teamspeak2

2010-04-10 00:48 . 2010-04-10 00:48        --------        d-----w-        c:\dokumente und einstellungen\Tror\Anwendungsdaten\DivX

2010-04-01 20:18 . 2010-04-01 20:18        49152        ----a-r-        c:\dokumente und einstellungen\Tror\Anwendungsdaten\Microsoft\Installer\{C37A0BC1-52EE-4F97-8223-5CA9FC0357B0}\ARPPRODUCTICON.exe

2010-03-31 15:40 . 2010-03-31 15:40        5632        ----a-r-        c:\dokumente und einstellungen\Tror\Anwendungsdaten\Microsoft\Installer\{051E7B99-6D35-4905-BAF3-740893EF657A}\Icon051E7B992.exe

2010-03-31 15:40 . 2010-03-31 15:40        4608        ----a-r-        c:\dokumente und einstellungen\Tror\Anwendungsdaten\Microsoft\Installer\{051E7B99-6D35-4905-BAF3-740893EF657A}\Icon051E7B993.exe

2010-03-30 11:09 . 2010-03-30 11:09        --------        d-----w-        c:\dokumente und einstellungen\Tror\Anwendungsdaten\dvdcss

2010-03-21 20:40 . 2010-03-21 20:40        --------        d-----w-        c:\dokumente und einstellungen\Tror\Anwendungsdaten\InstallShield

2010-03-21 20:27 . 2010-03-21 20:27        717296        ----a-w-        c:\windows\system32\drivers\sptd.sys

2010-03-21 20:27 . 2010-03-21 20:27        --------        d-----w-        c:\dokumente und einstellungen\Tror\Anwendungsdaten\DAEMON Tools

2010-03-16 14:52 . 2010-03-16 13:40        86327        ----a-w-        c:\windows\pchealth\helpctr\OfflineCache\index.dat

2010-03-16 14:31 . 2010-03-16 14:31        0        ----a-w-        c:\windows\nsreg.dat

2010-03-16 14:23 . 2010-03-16 13:55        57        ----a-w-        c:\dokumente und einstellungen\All Users\Anwendungsdaten\Brother\BrLog\BrCollectDir\BR_cat.bat

2010-03-16 14:01 . 2010-03-16 13:57        65        ----a-w-        c:\windows\system32\BD7010.dat

2010-03-16 13:38 . 2010-03-16 13:38        21740        ----a-w-        c:\windows\system32\emptyregdb.dat

2010-03-09 11:09 . 2006-02-28 12:00        430080        ----a-w-        c:\windows\system32\vbscript.dll

2010-03-01 08:05 . 2010-03-16 14:27        124784        ----a-w-        c:\windows\system32\drivers\avipbb.sys

2010-02-26 05:41 . 2006-02-28 12:00        672768        ----a-w-        c:\windows\system32\wininet.dll

2010-02-26 05:41 . 2006-02-28 12:00        81920        ----a-w-        c:\windows\system32\ieencode.dll

2010-02-24 13:11 . 2006-02-28 12:00        455680        ----a-w-        c:\windows\system32\drivers\mrxsmb.sys

.
 

(((((((((((((((((((((((((((((   SnapShot@2010-05-17_11.10.20   )))))))))))))))))))))))))))))))))))))))))

.

+ 2010-05-18 10:58 . 2010-05-18 10:58        16384              c:\windows\temp\Perflib_Perfdata_770.dat

+ 2006-02-28 12:00 . 2008-05-09 10:54        90112              c:\windows\system32\wshext.dll

- 2006-02-28 12:00 . 2008-04-14 06:52        90112              c:\windows\system32\wshext.dll

+ 2006-02-28 12:00 . 2009-06-25 08:25        54272              c:\windows\system32\wdigest.dll

+ 2010-03-16 14:49 . 2010-01-23 08:11        46080              c:\windows\system32\tzchange.exe

+ 2006-02-28 12:00 . 2009-06-15 10:43        82944              c:\windows\system32\tlntsess.exe

+ 2006-02-28 12:00 . 2009-06-15 10:43        78848              c:\windows\system32\telnet.exe

- 2010-03-16 13:52 . 2007-08-10 19:44        26488              c:\windows\system32\spupdsvc.exe

+ 2010-03-16 13:52 . 2007-07-27 21:11        26488              c:\windows\system32\spupdsvc.exe

+ 2010-03-16 14:16 . 2009-05-26 11:40        18808              c:\windows\system32\spmsg.dll

- 2010-03-16 14:16 . 2007-11-30 11:18        18808              c:\windows\system32\spmsg.dll

+ 2006-02-28 12:00 . 2009-06-25 08:25        56832              c:\windows\system32\secur32.dll

+ 2006-02-28 12:00 . 2009-02-06 10:39        35328              c:\windows\system32\sc.exe

+ 2006-02-28 12:00 . 2009-10-12 13:38        79872              c:\windows\system32\raschap.dll

- 2006-02-28 12:00 . 2008-04-14 06:52        79872              c:\windows\system32\raschap.dll

- 2006-02-28 12:00 . 2010-03-28 16:21        39992              c:\windows\system32\perfc009.dat

+ 2006-02-28 12:00 . 2010-05-18 10:47        39992              c:\windows\system32\perfc009.dat

- 2010-03-16 13:37 . 2008-04-14 06:52        91648              c:\windows\system32\mtxoci.dll

+ 2010-03-16 13:37 . 2008-06-12 14:20        91648              c:\windows\system32\mtxoci.dll

+ 2006-02-28 12:00 . 2008-06-12 14:20        66560              c:\windows\system32\mtxclu.dll

- 2006-02-28 12:00 . 2008-04-14 06:52        66560              c:\windows\system32\mtxclu.dll

+ 2004-08-04 00:57 . 2009-11-27 17:11        17920              c:\windows\system32\msyuv.dll

+ 2006-02-28 12:00 . 2009-11-27 16:08        28672              c:\windows\system32\msvidc32.dll

- 2006-02-28 12:00 . 2008-04-14 06:52        11264              c:\windows\system32\msrle32.dll

+ 2006-02-28 12:00 . 2009-11-27 16:08        11264              c:\windows\system32\msrle32.dll

+ 2010-03-16 13:37 . 2008-06-12 14:20        58880              c:\windows\system32\msdtclog.dll

- 2010-03-16 13:37 . 2008-04-14 06:52        58880              c:\windows\system32\msdtclog.dll

+ 2006-02-28 12:00 . 2008-06-24 16:42        74240              c:\windows\system32\mscms.dll

+ 2006-02-28 12:00 . 2009-09-04 21:03        58880              c:\windows\system32\msasn1.dll

+ 2004-08-04 00:57 . 2009-11-27 16:08        48128              c:\windows\system32\iyuv_32.dll

+ 2006-02-28 12:00 . 2009-10-15 16:28        81920              c:\windows\system32\fontsub.dll

+ 2006-02-28 12:00 . 2009-06-24 11:18        92928              c:\windows\system32\drivers\ksecdd.sys

+ 2008-05-09 10:54 . 2008-05-09 10:54        90112              c:\windows\system32\dllcache\wshext.dll

+ 2009-06-25 08:25 . 2009-06-25 08:25        54272              c:\windows\system32\dllcache\wdigest.dll

+ 2009-06-15 10:43 . 2009-06-15 10:43        82944              c:\windows\system32\dllcache\tlntsess.exe

+ 2009-06-15 10:43 . 2009-06-15 10:43        78848              c:\windows\system32\dllcache\telnet.exe

+ 2009-06-25 08:25 . 2009-06-25 08:25        56832              c:\windows\system32\dllcache\secur32.dll

+ 2006-02-28 12:00 . 2009-02-06 10:39        35328              c:\windows\system32\dllcache\sc.exe

+ 2009-10-12 13:38 . 2009-10-12 13:38        79872              c:\windows\system32\dllcache\raschap.dll

+ 2008-06-12 14:20 . 2008-06-12 14:20        91648              c:\windows\system32\dllcache\mtxoci.dll

+ 2008-06-12 14:20 . 2008-06-12 14:20        66560              c:\windows\system32\dllcache\mtxclu.dll

+ 2009-11-27 17:11 . 2009-11-27 17:11        17920              c:\windows\system32\dllcache\msyuv.dll

+ 2006-02-28 12:00 . 2009-11-27 16:08        28672              c:\windows\system32\dllcache\msvidc32.dll

+ 2009-11-27 16:08 . 2009-11-27 16:08        11264              c:\windows\system32\dllcache\msrle32.dll

+ 2008-06-12 14:20 . 2008-06-12 14:20        58880              c:\windows\system32\dllcache\msdtclog.dll

+ 2008-06-24 16:42 . 2008-06-24 16:42        74240              c:\windows\system32\dllcache\mscms.dll

+ 2009-09-04 21:03 . 2009-09-04 21:03        58880              c:\windows\system32\dllcache\msasn1.dll

+ 2009-06-24 11:18 . 2009-06-24 11:18        92928              c:\windows\system32\dllcache\ksecdd.sys

+ 2009-11-27 16:08 . 2009-11-27 16:08        48128              c:\windows\system32\dllcache\iyuv_32.dll

+ 2010-02-26 05:41 . 2010-02-26 05:41        81920              c:\windows\system32\dllcache\ieencode.dll

+ 2009-12-14 07:08 . 2009-12-14 07:08        33280              c:\windows\system32\dllcache\csrsrv.dll

+ 2010-01-13 14:00 . 2010-01-13 14:00        86528              c:\windows\system32\dllcache\cabview.dll

+ 2009-11-27 16:08 . 2009-11-27 16:08        85504              c:\windows\system32\dllcache\avifil32.dll

+ 2009-07-17 19:01 . 2009-07-17 19:01        58880              c:\windows\system32\dllcache\atl.dll

+ 2006-02-28 12:00 . 2009-12-14 07:08        33280              c:\windows\system32\csrsrv.dll

+ 2006-02-28 12:00 . 2010-01-13 14:00        86528              c:\windows\system32\cabview.dll

- 2006-02-28 12:00 . 2008-04-14 06:52        85504              c:\windows\system32\avifil32.dll

+ 2006-02-28 12:00 . 2009-11-27 16:08        85504              c:\windows\system32\avifil32.dll

- 2006-02-28 12:00 . 2008-04-14 06:52        58880              c:\windows\system32\atl.dll

+ 2006-02-28 12:00 . 2009-07-17 19:01        58880              c:\windows\system32\atl.dll

- 2010-04-26 00:58 . 2009-05-26 11:40        26488              c:\windows\SoftwareDistribution\Download\3e594b60493d692efce2887e5c682ac1\update\spcustom.dll

- 2010-04-26 00:58 . 2009-05-26 11:40        18808              c:\windows\SoftwareDistribution\Download\3e594b60493d692efce2887e5c682ac1\spmsg.dll

- 2010-04-26 01:00 . 2009-05-26 11:40        26488              c:\windows\SoftwareDistribution\Download\3c3da99c8d6def0626ed97ec4f3f9af4\update\spcustom.dll

- 2010-04-26 01:00 . 2009-05-26 11:40        18808              c:\windows\SoftwareDistribution\Download\3c3da99c8d6def0626ed97ec4f3f9af4\spmsg.dll

+ 2009-11-27 17:11 . 2009-11-27 17:11        17920              c:\windows\Driver Cache\i386\msyuv.dll

+ 2009-11-27 16:08 . 2009-11-27 16:08        48128              c:\windows\Driver Cache\i386\iyuv_32.dll

+ 2008-05-05 05:25 . 2008-05-05 05:25        3072              c:\windows\system32\xpsp4res.dll

+ 2001-08-18 04:54 . 2009-11-27 16:08        8704              c:\windows\system32\tsbyuv.dll

+ 2001-08-18 04:54 . 2009-11-27 16:08        8704              c:\windows\system32\dllcache\tsbyuv.dll

+ 2009-11-27 16:08 . 2009-11-27 16:08        8704              c:\windows\Driver Cache\i386\tsbyuv.dll

+ 2006-02-28 12:00 . 2008-05-08 11:24        155648              c:\windows\system32\wscript.exe

- 2006-02-28 12:00 . 2008-04-14 06:53        155648              c:\windows\system32\wscript.exe

+ 2006-02-28 12:00 . 2009-04-03 10:15        485376              c:\windows\system32\wmspdmod.dll

- 2006-02-28 12:00 . 2008-04-14 06:52        485376              c:\windows\system32\wmspdmod.dll

- 2006-02-28 12:00 . 2008-04-14 06:52        233472              c:\windows\system32\wmpdxm.dll

+ 2006-02-28 12:00 . 2009-07-12 10:21        233472              c:\windows\system32\wmpdxm.dll

+ 2006-02-28 12:00 . 2009-06-10 06:14        132096              c:\windows\system32\wkssvc.dll

- 2006-02-28 12:00 . 2008-04-14 06:52        132096              c:\windows\system32\wkssvc.dll

+ 2006-02-28 12:00 . 2009-12-24 06:42        178176              c:\windows\system32\wintrust.dll

+ 2006-02-28 12:00 . 2008-12-16 12:30        354304              c:\windows\system32\winhttp.dll

- 2006-02-28 12:00 . 2008-04-14 06:52        354304              c:\windows\system32\winhttp.dll

+ 2009-03-10 20:18 . 2009-03-10 20:18        970632              c:\windows\system32\WgaTray.exe

+ 2009-03-10 20:18 . 2009-03-10 20:18        265096              c:\windows\system32\WgaLogon.dll

+ 2010-03-16 13:37 . 2009-02-06 10:10        227840              c:\windows\system32\wbem\wmiprvse.exe

+ 2010-03-16 13:37 . 2009-02-09 10:51        453120              c:\windows\system32\wbem\wmiprvsd.dll

+ 2010-03-16 13:37 . 2009-02-09 10:51        473600              c:\windows\system32\wbem\fastprox.dll

+ 2006-02-28 12:00 . 2010-02-26 05:41        628736              c:\windows\system32\urlmon.dll

+ 2006-02-28 12:00 . 2009-10-15 16:28        119808              c:\windows\system32\t2embed.dll

+ 2006-02-28 12:00 . 2009-08-26 08:00        247326              c:\windows\system32\strmdll.dll

- 2006-02-28 12:00 . 2008-04-14 06:52        474624              c:\windows\system32\shlwapi.dll

+ 2006-02-28 12:00 . 2009-12-08 09:23        474624              c:\windows\system32\shlwapi.dll

+ 2006-02-28 12:00 . 2009-02-09 11:21        111104              c:\windows\system32\services.exe

+ 2006-02-28 12:00 . 2008-05-09 10:54        172032              c:\windows\system32\scrrun.dll

- 2006-02-28 12:00 . 2008-04-14 06:52        172032              c:\windows\system32\scrrun.dll

+ 2006-02-28 12:00 . 2008-05-09 10:54        180224              c:\windows\system32\scrobj.dll

- 2006-02-28 12:00 . 2008-04-14 06:52        180224              c:\windows\system32\scrobj.dll

+ 2006-02-28 12:00 . 2009-06-25 08:25        147456              c:\windows\system32\schannel.dll

+ 2006-02-28 12:00 . 2009-02-09 10:51        401408              c:\windows\system32\rpcss.dll

+ 2006-02-28 12:00 . 2009-04-15 14:51        585216              c:\windows\system32\rpcrt4.dll

+ 2006-02-28 12:00 . 2009-10-12 13:38        150528              c:\windows\system32\rastls.dll

- 2006-02-28 12:00 . 2010-03-28 16:21        311604              c:\windows\system32\perfh009.dat

+ 2006-02-28 12:00 . 2010-05-18 10:47        311604              c:\windows\system32\perfh009.dat

+ 2006-02-28 12:00 . 2009-03-06 14:19        286720              c:\windows\system32\pdh.dll

- 2006-02-28 12:00 . 2008-04-14 06:52        286720              c:\windows\system32\pdh.dll

+ 2006-02-28 12:00 . 2009-10-13 10:32        271360              c:\windows\system32\oakley.dll

- 2006-02-28 12:00 . 2008-04-14 06:52        271360              c:\windows\system32\oakley.dll

+ 2006-02-28 12:00 . 2009-02-09 10:51        740352              c:\windows\system32\ntdll.dll

- 2006-02-28 12:00 . 2008-04-14 06:52        247296              c:\windows\system32\mswsock.dll

+ 2006-02-28 12:00 . 2008-06-20 17:46        247296              c:\windows\system32\mswsock.dll

+ 2006-02-28 12:00 . 2009-08-05 08:59        206336              c:\windows\system32\mswebdvd.dll

+ 2006-02-28 12:00 . 2009-09-11 14:17        136192              c:\windows\system32\msv1_0.dll

+ 2010-03-16 13:37 . 2009-12-17 07:40        346624              c:\windows\system32\mspaint.exe

- 2010-03-16 13:37 . 2008-04-14 06:52        346624              c:\windows\system32\mspaint.exe

+ 2010-03-16 13:37 . 2008-06-12 14:20        161792              c:\windows\system32\msdtcuiu.dll

- 2010-03-16 13:37 . 2008-04-14 06:52        161792              c:\windows\system32\msdtcuiu.dll

+ 2010-03-16 13:37 . 2008-06-12 14:20        956928              c:\windows\system32\msdtctm.dll

- 2010-03-16 13:37 . 2008-04-14 06:52        956928              c:\windows\system32\msdtctm.dll

+ 2010-03-16 13:37 . 2008-06-12 14:20        428032              c:\windows\system32\msdtcprx.dll

+ 2006-02-28 12:00 . 2009-06-25 08:25        737792              c:\windows\system32\lsasrv.dll

+ 2006-02-28 12:00 . 2008-06-10 01:11        103936              c:\windows\system32\logagent.exe

- 2006-02-28 12:00 . 2008-04-14 06:52        103936              c:\windows\system32\logagent.exe

+ 2006-02-28 12:00 . 2009-05-07 15:32        348160              c:\windows\system32\localspl.dll

+ 2006-02-28 12:00 . 2009-06-25 08:25        301568              c:\windows\system32\kerberos.dll

+ 2006-02-28 12:00 . 2009-08-13 15:15        512000              c:\windows\system32\jscript.dll

- 2006-02-28 12:00 . 2008-04-14 06:52        512000              c:\windows\system32\jscript.dll

- 2010-03-16 13:39 . 2008-04-14 06:52        691712              c:\windows\system32\inetcomm.dll

+ 2010-03-16 13:39 . 2010-01-29 14:59        691712              c:\windows\system32\inetcomm.dll

- 2006-02-28 12:00 . 2008-04-14 06:52        251904              c:\windows\system32\iepeers.dll

+ 2006-02-28 12:00 . 2010-02-26 05:41        251904              c:\windows\system32\iepeers.dll

+ 2006-02-28 12:00 . 2008-10-23 12:36        286720              c:\windows\system32\gdi32.dll

- 2010-03-16 13:08 . 2010-05-13 22:54        179448              c:\windows\system32\FNTCACHE.DAT

+ 2010-03-16 13:08 . 2010-05-18 10:43        179448              c:\windows\system32\FNTCACHE.DAT

+ 2006-02-28 12:00 . 2008-07-07 20:26        253952              c:\windows\system32\es.dll

+ 2006-02-28 12:00 . 2010-02-11 12:02        226880              c:\windows\system32\drivers\tcpip6.sys

+ 2006-02-28 12:00 . 2008-06-20 11:51        361600              c:\windows\system32\drivers\tcpip.sys

+ 2006-02-28 12:00 . 2009-12-31 16:50        353792              c:\windows\system32\drivers\srv.sys

+ 2006-02-28 12:00 . 2008-05-08 14:02        203136              c:\windows\system32\drivers\rmcast.sys

+ 2010-03-16 14:46 . 2008-06-14 17:32        273024              c:\windows\system32\drivers\bthport.sys

+ 2006-02-28 12:00 . 2008-08-14 10:04        138496              c:\windows\system32\drivers\afd.sys

- 2006-02-28 12:00 . 2008-04-14 06:52        147968              c:\windows\system32\dnsapi.dll

+ 2006-02-28 12:00 . 2008-06-20 17:46        147968              c:\windows\system32\dnsapi.dll

+ 2008-05-08 11:24 . 2008-05-08 11:24        155648              c:\windows\system32\dllcache\wscript.exe

+ 2006-02-28 12:00 . 2009-04-03 10:15        485376              c:\windows\system32\dllcache\wmspdmod.dll

- 2006-02-28 12:00 . 2008-04-14 06:52        485376              c:\windows\system32\dllcache\wmspdmod.dll

+ 2006-02-28 12:00 . 2009-07-12 10:21        233472              c:\windows\system32\dllcache\wmpdxm.dll

- 2006-02-28 12:00 . 2008-04-14 06:52        233472              c:\windows\system32\dllcache\wmpdxm.dll

+ 2010-05-17 11:15 . 2009-02-06 10:10        227840              c:\windows\system32\dllcache\wmiprvse.exe

+ 2010-05-17 11:15 . 2009-02-09 10:51        453120              c:\windows\system32\dllcache\wmiprvsd.dll

+ 2009-06-10 06:14 . 2009-06-10 06:14        132096              c:\windows\system32\dllcache\wkssvc.dll

+ 2010-03-16 14:24 . 2009-12-24 06:42        178176              c:\windows\system32\dllcache\wintrust.dll

+ 2010-02-26 05:41 . 2010-02-26 05:41        672768              c:\windows\system32\dllcache\wininet.dll

+ 2008-12-16 12:30 . 2008-12-16 12:30        354304              c:\windows\system32\dllcache\winhttp.dll

+ 2009-03-10 20:18 . 2009-03-10 20:18        970632              c:\windows\system32\dllcache\WgaTray.exe

+ 2009-03-10 20:18 . 2009-03-10 20:18        265096              c:\windows\system32\dllcache\wgaLogon.dll

+ 2010-03-09 11:09 . 2010-03-09 11:09        430080              c:\windows\system32\dllcache\vbscript.dll

+ 2010-02-26 05:41 . 2010-02-26 05:41        628736              c:\windows\system32\dllcache\urlmon.dll

+ 2008-06-20 11:08 . 2010-02-11 12:02        226880              c:\windows\system32\dllcache\tcpip6.sys

+ 2008-06-20 11:51 . 2008-06-20 11:51        361600              c:\windows\system32\dllcache\tcpip.sys

+ 2006-02-28 12:00 . 2009-08-26 08:00        247326              c:\windows\system32\dllcache\strmdll.dll

+ 2009-12-08 09:23 . 2009-12-08 09:23        474624              c:\windows\system32\dllcache\shlwapi.dll

+ 2010-05-17 11:15 . 2009-02-09 11:21        111104              c:\windows\system32\dllcache\services.exe

+ 2008-05-09 10:54 . 2008-05-09 10:54        172032              c:\windows\system32\dllcache\scrrun.dll

+ 2008-05-09 10:54 . 2008-05-09 10:54        180224              c:\windows\system32\dllcache\scrobj.dll

+ 2009-06-25 08:25 . 2009-06-25 08:25        147456              c:\windows\system32\dllcache\schannel.dll

+ 2010-05-17 11:15 . 2009-02-09 10:51        401408              c:\windows\system32\dllcache\rpcss.dll

+ 2009-04-15 14:51 . 2009-04-15 14:51        585216              c:\windows\system32\dllcache\rpcrt4.dll

+ 2010-05-17 11:15 . 2008-05-08 14:02        203136              c:\windows\system32\dllcache\rmcast.sys

+ 2009-10-12 13:38 . 2009-10-12 13:38        150528              c:\windows\system32\dllcache\rastls.dll

+ 2010-05-17 11:15 . 2009-03-06 14:19        286720              c:\windows\system32\dllcache\pdh.dll

+ 2009-10-13 10:32 . 2009-10-13 10:32        271360              c:\windows\system32\dllcache\oakley.dll

+ 2010-05-17 11:15 . 2009-02-09 10:51        740352              c:\windows\system32\dllcache\ntdll.dll

+ 2008-06-20 17:46 . 2008-06-20 17:46        247296              c:\windows\system32\dllcache\mswsock.dll

+ 2009-08-05 08:59 . 2009-08-05 08:59        206336              c:\windows\system32\dllcache\mswebdvd.dll

+ 2009-06-25 08:25 . 2009-09-11 14:17        136192              c:\windows\system32\dllcache\msv1_0.dll

+ 2009-12-17 07:40 . 2009-12-17 07:40        346624              c:\windows\system32\dllcache\mspaint.exe

+ 2008-06-12 14:20 . 2008-06-12 14:20        161792              c:\windows\system32\dllcache\msdtcuiu.dll

+ 2008-06-12 14:20 . 2008-06-12 14:20        956928              c:\windows\system32\dllcache\msdtctm.dll

+ 2008-06-12 14:20 . 2008-06-12 14:20        428032              c:\windows\system32\dllcache\msdtcprx.dll

+ 2010-05-17 11:15 . 2008-05-01 14:34        331776              c:\windows\system32\dllcache\msadce.dll

+ 2009-06-25 08:25 . 2009-06-25 08:25        737792              c:\windows\system32\dllcache\lsasrv.dll

- 2006-02-28 12:00 . 2008-04-14 06:52        103936              c:\windows\system32\dllcache\logagent.exe

+ 2006-02-28 12:00 . 2008-06-10 01:11        103936              c:\windows\system32\dllcache\logagent.exe

+ 2009-05-07 15:32 . 2009-05-07 15:32        348160              c:\windows\system32\dllcache\localspl.dll

+ 2009-06-25 08:25 . 2009-06-25 08:25        301568              c:\windows\system32\dllcache\kerberos.dll

+ 2010-01-29 14:59 . 2010-01-29 14:59        691712              c:\windows\system32\dllcache\inetcomm.dll

+ 2010-02-26 05:41 . 2010-02-26 05:41        251904              c:\windows\system32\dllcache\iepeers.dll

+ 2008-10-23 12:36 . 2008-10-23 12:36        286720              c:\windows\system32\dllcache\gdi32.dll

+ 2010-05-17 11:15 . 2009-02-09 10:51        473600              c:\windows\system32\dllcache\fastprox.dll

+ 2008-07-07 20:26 . 2008-07-07 20:26        253952              c:\windows\system32\dllcache\es.dll

+ 2008-06-20 17:46 . 2008-06-20 17:46        147968              c:\windows\system32\dllcache\dnsapi.dll

+ 2008-05-07 09:07 . 2008-05-07 09:07        135168              c:\windows\system32\dllcache\cscript.exe

+ 2008-06-20 11:40 . 2008-08-14 10:04        138496              c:\windows\system32\dllcache\afd.sys

+ 2010-05-17 11:15 . 2009-02-09 10:51        678400              c:\windows\system32\dllcache\advapi32.dll

+ 2010-02-12 04:33 . 2010-02-12 04:33        100864              c:\windows\system32\dllcache\6to4svc.dll

+ 2006-02-28 12:00 . 2008-05-07 09:07        135168              c:\windows\system32\cscript.exe

- 2006-02-28 12:00 . 2008-04-14 06:52        678400              c:\windows\system32\advapi32.dll

+ 2006-02-28 12:00 . 2009-02-09 10:51        678400              c:\windows\system32\advapi32.dll

+ 2006-02-28 12:00 . 2010-02-12 04:33        100864              c:\windows\system32\6to4svc.dll

- 2010-04-26 00:58 . 2009-05-26 11:40        388984              c:\windows\SoftwareDistribution\Download\3e594b60493d692efce2887e5c682ac1\update\updspapi.dll

- 2010-04-26 00:58 . 2009-05-26 11:40        765304              c:\windows\SoftwareDistribution\Download\3e594b60493d692efce2887e5c682ac1\update\update.exe

- 2010-04-26 00:58 . 2009-05-26 11:40        234872              c:\windows\SoftwareDistribution\Download\3e594b60493d692efce2887e5c682ac1\spuninst.exe

- 2010-04-26 01:00 . 2009-05-26 11:40        388984              c:\windows\SoftwareDistribution\Download\3c3da99c8d6def0626ed97ec4f3f9af4\update\updspapi.dll

- 2010-04-26 01:00 . 2009-05-26 11:40        765304              c:\windows\SoftwareDistribution\Download\3c3da99c8d6def0626ed97ec4f3f9af4\update\update.exe

- 2010-04-26 01:00 . 2009-05-26 11:40        234872              c:\windows\SoftwareDistribution\Download\3c3da99c8d6def0626ed97ec4f3f9af4\spuninst.exe

+ 2010-04-26 01:01 . 2010-02-24 13:11        455680              c:\windows\Driver Cache\i386\mrxsmb.sys

+ 2010-05-17 11:16 . 2008-06-14 17:32        273024              c:\windows\Driver Cache\i386\bthport.sys

+ 2006-02-28 12:00 . 2009-11-21 15:54        471552              c:\windows\AppPatch\aclayers.dll

+ 2010-05-17 11:16 . 2009-08-13 13:55        1748992              c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\GdiPlus.dll

+ 2006-02-28 12:00 . 2009-05-26 14:53        2174976              c:\windows\system32\WMVCore.dll

- 2006-02-28 12:00 . 2008-04-14 06:52        4874240              c:\windows\system32\wmp.dll

+ 2006-02-28 12:00 . 2010-03-19 16:05        4874240              c:\windows\system32\wmp.dll

+ 2006-02-28 12:00 . 2008-06-10 04:11        1053696              c:\windows\system32\WMNetmgr.dll

+ 2006-02-28 12:00 . 2009-08-14 15:10        1850752              c:\windows\system32\win32k.sys

- 2006-02-28 12:00 . 2008-04-14 06:52        8502272              c:\windows\system32\shell32.dll

+ 2006-02-28 12:00 . 2008-06-17 19:00        8502272              c:\windows\system32\shell32.dll

+ 2006-02-28 12:00 . 2010-03-10 04:33        1509888              c:\windows\system32\shdocvw.dll

- 2006-02-28 12:00 . 2008-04-14 06:52        1441792              c:\windows\system32\query.dll

+ 2006-02-28 12:00 . 2009-07-17 16:15        1441792              c:\windows\system32\query.dll

+ 2006-02-28 12:00 . 2009-11-27 17:11        1297408              c:\windows\system32\quartz.dll

+ 2006-02-28 12:00 . 2010-02-16 19:04        2148864              c:\windows\system32\ntoskrnl.exe

+ 2004-08-04 00:50 . 2010-02-16 19:04        2027008              c:\windows\system32\ntkrnlpa.exe

+ 2010-03-16 14:50 . 2009-07-31 08:02        1372672              c:\windows\system32\msxml6.dll

+ 2006-02-28 12:00 . 2009-07-31 04:32        1172480              c:\windows\system32\msxml3.dll

+ 2010-03-16 13:37 . 2009-06-10 07:19        2066432              c:\windows\system32\mstscax.dll

+ 2006-02-28 12:00 . 2010-02-26 05:41        3094016              c:\windows\system32\mshtml.dll

+ 2009-03-10 20:18 . 2009-03-10 20:18        1482112              c:\windows\system32\LegitCheckControl.dll

+ 2006-02-28 12:00 . 2009-03-21 14:06        1063424              c:\windows\system32\kernel32.dll

- 2006-02-28 12:00 . 2008-04-14 06:52        1063424              c:\windows\system32\kernel32.dll

+ 2006-02-28 12:00 . 2009-05-26 14:53        2174976              c:\windows\system32\dllcache\WMVCore.dll

- 2006-02-28 12:00 . 2008-04-14 06:52        4874240              c:\windows\system32\dllcache\wmp.dll

+ 2006-02-28 12:00 . 2010-03-19 16:05        4874240              c:\windows\system32\dllcache\wmp.dll

+ 2006-02-28 12:00 . 2008-06-10 04:11        1053696              c:\windows\system32\dllcache\WMNetmgr.dll

+ 2009-08-14 15:10 . 2009-08-14 15:10        1850752              c:\windows\system32\dllcache\win32k.sys

+ 2008-06-17 19:00 . 2008-06-17 19:00        8502272              c:\windows\system32\dllcache\shell32.dll

+ 2010-03-10 04:33 . 2010-03-10 04:33        1509888              c:\windows\system32\dllcache\shdocvw.dll

+ 2009-07-17 16:15 . 2009-07-17 16:15        1441792              c:\windows\system32\dllcache\query.dll

+ 2009-11-27 17:11 . 2009-11-27 17:11        1297408              c:\windows\system32\dllcache\quartz.dll

+ 2010-05-17 11:15 . 2010-02-17 12:04        2192256              c:\windows\system32\dllcache\ntoskrnl.exe

+ 2010-05-17 11:15 . 2010-02-16 19:04        2027008              c:\windows\system32\dllcache\ntkrpamp.exe

+ 2009-02-10 17:03 . 2010-02-16 19:04        2069120              c:\windows\system32\dllcache\ntkrnlpa.exe

+ 2010-05-17 11:15 . 2010-02-16 19:04        2148864              c:\windows\system32\dllcache\ntkrnlmp.exe

+ 2010-03-16 14:50 . 2009-07-31 08:02        1372672              c:\windows\system32\dllcache\msxml6.dll

+ 2010-03-16 13:37 . 2009-06-10 07:19        2066432              c:\windows\system32\dllcache\mstscax.dll

+ 2010-01-29 14:59 . 2010-01-29 14:59        1315328              c:\windows\system32\dllcache\msoe.dll

+ 2010-02-26 05:41 . 2010-02-26 05:41        3094016              c:\windows\system32\dllcache\mshtml.dll

+ 2009-03-21 14:06 . 2009-03-21 14:06        1063424              c:\windows\system32\dllcache\kernel32.dll

+ 2010-03-10 04:33 . 2010-03-10 04:33        1025024              c:\windows\system32\dllcache\browseui.dll

+ 2006-02-28 12:00 . 2010-03-10 04:33        1025024              c:\windows\system32\browseui.dll

- 2006-02-28 12:00 . 2008-04-14 06:52        1025024              c:\windows\system32\browseui.dll

+ 2010-05-17 11:15 . 2010-02-17 12:04        2192256              c:\windows\Driver Cache\i386\ntoskrnl.exe

+ 2010-05-17 11:15 . 2010-02-16 19:04        2027008              c:\windows\Driver Cache\i386\ntkrpamp.exe

+ 2009-02-10 17:03 . 2010-02-16 19:04        2069120              c:\windows\Driver Cache\i386\ntkrnlpa.exe

+ 2010-05-17 11:15 . 2010-02-16 19:04        2148864              c:\windows\Driver Cache\i386\ntkrnlmp.exe

.

-- Snapshot auf jetziges Datum zurückgesetzt --

.

((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))

.

.

*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 

REGEDIT4
 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"QuickTime Task"="c:\programme\QuickTime\qttask  .exe -atboottime" [X]

"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2006-02-28 208952]

"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2006-02-28 59392]

"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2006-02-28 455168]

"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2006-02-28 455168]

"SSBkgdUpdate"="c:\programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-10-14 155648]

"PaperPort PTD"="c:\programme\ScanSoft\PaperPort\pptd40nt.exe" [2004-03-09 57393]

"IndexSearch"="c:\programme\ScanSoft\PaperPort\IndexSearch.exe" [2004-03-09 40960]

"SetDefPrt"="c:\programme\Brother\Brmfl04g\BrStDvPt.exe" [2004-11-11 49152]

"ControlCenter2.0"="c:\programme\Brother\ControlCenter2\brctrcen.exe" [2005-01-07 864256]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-01-11 110696]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-01-11 13666408]

"avgnt"="d:\tools\Avira\AntiVir Desktop\avgnt.exe" [2010-03-02 282792]

"SunJavaUpdateSched"="c:\programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" [2010-02-18 248040]

"Adobe ARM"="c:\programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768]
 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
 

c:\dokumente und einstellungen\Tror\Startmen\Programme\Autostart\

OpenOffice.org 3.0.lnk - d:\tools\Open Office 3\OpenOffice.org 3\program\quickstart.exe [2008-12-15 384000]
 

c:\dokumente und einstellungen\All Users\Startmen\Programme\Autostart\

AutoStart IR.lnk - d:\tools\WinTV\Ir.exe [2010-3-16 106551]
 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Programme\\Bonjour\\mDNSResponder.exe"=

"d:\\Tools\\iTunes\\iTunes.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"d:\\Games\\Steam\\SteamApps\\trorcrashinghands\\team fortress 2\\hl2.exe"=

"d:\\Games\\Test Drive Unlimited\\TestDriveUnlimited.exe"=

"d:\\Tools\\ICQ6.5\\ICQ.exe"=

"d:\\Games\\TrackmaniaNationsForever\\TmForever.exe"=

"d:\\Games\\Test Drive Unlimited\\Extras\\Acrobat Reader GR.exe"=
 

R2 AntiVirSchedulerService;Avira AntiVir Planer;d:\tools\Avira\AntiVir Desktop\sched.exe [23.09.2009 01:42 135336]

S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [21.03.2010 22:27 717296]

.

.

------- Zusätzlicher Suchlauf -------

.

TCP: {989C251A-F6F6-49D2-9B3F-61335B393702} = 141.44.1.9,141.44.1.1

FF - ProfilePath - 
 

---- FIREFOX Richtlinien ----

d:\tools\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);

d:\tools\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);

d:\tools\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);

d:\tools\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);

d:\tools\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");

d:\tools\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);

d:\tools\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation",  false);

d:\tools\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");

d:\tools\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");

d:\tools\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);

.

- - - - Entfernte verwaiste Registrierungseinträge - - - -
 

HKLM-Run-nwiz - nwiz.exe

HKLM-Run-iTunesHelper - d:\tools\iTunes\iTunesHelper.exe

HKLM-Run-Adobe Reader Speed Launcher - d:\tools\Acrobat Reader\Reader\Reader_sl.exe

HKLM-Run-Malwarebytes Anti-Malware (reboot) - d:\tools\Malwarebytes' Anti-Malware\mbam.exe

Notify-opaqcx - opaqcx.dll
 
 
 

**************************************************************************
 

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net

Rootkit scan 2010-05-18 12:58

Windows 5.1.2600 Service Pack 3 NTFS
 

Scanne versteckte Prozesse... 
 

Scanne versteckte Autostarteinträge... 
 

Scanne versteckte Dateien... 
 

Scan erfolgreich abgeschlossen

versteckte Dateien: 0
 

**************************************************************************

.

------------------------ Weitere laufende Prozesse ------------------------

.

c:\windows\system32\nvsvc32.exe

d:\tools\Avira\AntiVir Desktop\avguard.exe

d:\tools\Avira\AntiVir Desktop\avshadow.exe

c:\programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

c:\programme\Bonjour\mDNSResponder.exe

d:\tools\Java\bin\jqs.exe

c:\windows\system32\RUNDLL32.EXE

c:\windows\system32\wscntfy.exe

.

**************************************************************************

.

Zeit der Fertigstellung: 2010-05-18  13:00:23 - PC wurde neu gestartet

ComboFix-quarantined-files.txt  2010-05-18 11:00

ComboFix2.txt  2010-05-17 11:12
 

Vor Suchlauf: 8 Verzeichnis(se), 70.994.059.264 Bytes frei

Nach Suchlauf: 9 Verzeichnis(se), 70.964.400.128 Bytes frei
 

- - End Of File - - E5AF49ADA949C73E3A6523400C0365CF