Trojaner-Board - Alle Ordner wurden in Verknüpfungen verwandelt-F:\0.vbs "F:\Gert\Dir"

hier kommt der Run ...
Code:
OTL logfile created on: 20.05.2010 16:40:11 - Run 1

OTL by OldTimer - Version 3.2.5.0     Folder = C:\Dokumente und Einstellungen\Holsträter\Desktop

Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

503,00 Mb Total Physical Memory | 236,00 Mb Available Physical Memory | 47,00% Memory free

1,00 Gb Paging File | 1,00 Gb Available in Paging File | 69,00% Paging File free

Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme

Drive C: | 22,36 Gb Total Space | 9,20 Gb Free Space | 41,14% Space Free | Partition Type: NTFS

Drive D: | 49,72 Gb Total Space | 49,40 Gb Free Space | 99,35% Space Free | Partition Type: NTFS

E: Drive not present or media not loaded

Drive F: | 493,27 Mb Total Space | 276,62 Mb Free Space | 56,08% Space Free | Partition Type: FAT

Drive G: | 983,72 Mb Total Space | 402,36 Mb Free Space | 40,90% Space Free | Partition Type: FAT

H: Drive not present or media not loaded

I: Drive not present or media not loaded

 

Computer Name: EURONAT

Current User Name: H*******

Logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: Current user

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Minimal

 
 ========== Processes (SafeList) ==========

 

PRC - C:\Dokumente und Einstellungen\Holsträter\Desktop\OTL.exe (OldTimer Tools)

PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)

PRC - C:\Programme\Kaspersky Lab\Kaspersky PURE\avp.exe (Kaspersky Lab)

PRC - C:\Programme\Kaspersky Lab\Kaspersky PURE\klwtblfs.exe (Kaspersky Lab)

PRC - C:\Programme\Gemeinsame Dateien\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe (Infowatch)

PRC - C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe (TuneUp Software)

PRC - C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp Software)

PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)

PRC - C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe ()

PRC - C:\WINDOWS\twain_32\Samsung\CLX3170\Scan2Pc.exe ()

PRC - C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)

PRC - C:\Programme\OpenOffice.org 2.1\program\soffice.bin (OpenOffice.org)

PRC - C:\Programme\OpenOffice.org 2.1\program\soffice.exe (OpenOffice.org)

PRC - C:\Programme\MSI\Live Update 3\LMonitor.exe ()

PRC - C:\Programme\System Control Manager\MGSysCtrl.exe (MSI)

PRC - C:\WINDOWS\vsnp2std.exe (Sonix)

PRC - C:\Programme\System Control Manager\edd.exe ()

PRC - C:\Programme\CyberLink\Power2Go\Power2GoExpress.exe (Cyberlink)

PRC - C:\WINDOWS\system32\o2flash.exe ()

 

 
 ========== Modules (SafeList) ==========

 

MOD - C:\Dokumente und Einstellungen\xyz***\Desktop\OTL.exe (OldTimer Tools)

MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)

 

 
 ========== Win32 Services (SafeList) ==========

 

SRV - (TuneUp.Defrag) -- C:\Programme\TuneUp Utilities 2010\TuneUpDefragService.exe (TuneUp Software)

SRV - (AVP) -- C:\Programme\Kaspersky Lab\Kaspersky PURE\avp.exe (Kaspersky Lab)

SRV - (CSObjectsSrv) -- C:\Programme\Gemeinsame Dateien\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe (Infowatch)

SRV - (TuneUp.UtilitiesSvc) -- C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp Software)

SRV - (UxTuneUp) -- C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software)

SRV - (NishService) -- C:\Programme\System Control Manager\edd.exe ()

SRV - (IDriverT) -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1150\Intel 32\IDriverT.exe (Macrovision Corporation)

SRV - (O2Flash) -- C:\WINDOWS\system32\o2flash.exe ()

SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV - (KLIF) -- C:\WINDOWS\system32\drivers\klif.sys (Kaspersky Lab)

DRV - (CSCrySec) -- C:\WINDOWS\system32\DRIVERS\CSCrySec.sys (Infowatch)

DRV - (CSVirtualDiskDrv) -- C:\WINDOWS\system32\drivers\CSVirtualDiskDrv.sys (Infowatch)

DRV - (KLBG) -- C:\WINDOWS\system32\DRIVERS\klbg.sys (Kaspersky Lab)

DRV - (TuneUpUtilitiesDrv) -- C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys (TuneUp Software)

DRV - (klmouflt) -- C:\WINDOWS\system32\drivers\klmouflt.sys (Kaspersky Lab)

DRV - (klim5) -- C:\WINDOWS\system32\drivers\klim5.sys (Kaspersky Lab)

DRV - (kl1) -- C:\WINDOWS\system32\drivers\kl1.sys (Kaspersky Lab)

DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider)

DRV - (DgiVecp) -- C:\WINDOWS\system32\drivers\DgivEcp.sys (Samsung Electronics Co., Ltd.)

DRV - (RT73) -- C:\WINDOWS\system32\drivers\rt73.sys (Ralink Technology, Corp.)

DRV - (SNP2STD) USB2.0 PC Camera (SNP2STD) -- C:\WINDOWS\system32\drivers\snp2sxp.sys ()

DRV - (MGHwCtrl) -- C:\WINDOWS\system32\drivers\MGHwCtrl.sys (Windows (R) 2000 DDK provider)

DRV - (AgereSoftModem) -- C:\WINDOWS\system32\drivers\AGRSM.sys (Agere Systems)

DRV - (O2SDRDR) -- C:\WINDOWS\system32\DRIVERS\o2sd.sys (O2Micro )

DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys (Realtek Semiconductor Corp.)

DRV - (RTLE8023xp) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation                           )

DRV - (O2MDRDR) -- C:\WINDOWS\system32\DRIVERS\o2media.sys (O2Micro )

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 
 ========== FireFox ==========

 

FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.6.6.20090220

FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:9.0.0.192

 

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Components: C:\Programme\Mozilla Firefox\components [2009.10.19 20:23:00 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2009.10.19 20:22:47 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Programme\Kaspersky Lab\Kaspersky PURE\THBExt [2010.05.20 10:58:49 | 000,000,000 | ---D | M]

 

[2009.10.19 20:23:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Holsträter\Anwendungsdaten\Mozilla\Extensions

[2010.05.19 22:41:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Holsträter\Anwendungsdaten\Mozilla\Firefox\Profiles\shsiexxv.default\extensions

[2009.10.19 20:25:56 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\Holsträter\Anwendungsdaten\Mozilla\Firefox\Profiles\shsiexxv.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2010.05.20 11:34:13 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions

[2009.10.19 20:23:32 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Programme\Mozilla Firefox\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}

[2010.05.20 10:59:43 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions\linkfilter@kaspersky.ru

[2009.08.24 21:25:19 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml

[2009.08.24 21:25:19 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml

[2009.08.24 21:25:19 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml

[2009.08.24 21:25:19 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml

[2009.08.24 21:25:19 | 000,000,801 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml

 

O1 HOSTS File: ([2004.08.03 22:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1       localhost

O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Programme\Skype\toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)

O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Programme\Kaspersky Lab\Kaspersky PURE\ievkbd.dll (Kaspersky Lab)

O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll (Google Inc.)

O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Programme\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll (Kaspersky Lab)

O3 - HKLM\..\Toolbar: (no name) -  - No CLSID value found.

O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O4 - HKLM..\Run: []  File not found

O4 - HKLM..\Run: [3170 Scan2PC] C:\WINDOWS\Twain_32\Samsung\CLX3170\Scan2pc.exe ()

O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)

O4 - HKLM..\Run: [AVP] C:\Programme\Kaspersky Lab\Kaspersky PURE\avp.exe (Kaspersky Lab)

O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)

O4 - HKLM..\Run: [LiveMonitor] C:\Programme\MSI\Live Update 3\LMonitor.exe ()

O4 - HKLM..\Run: [MGSysCtrl] C:\Programme\System Control Manager\MGSysCtrl.exe (MSI)

O4 - HKLM..\Run: [Samsung PanelMgr] C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe ()

O4 - HKLM..\Run: [SkyTel] C:\WINDOWS\SkyTel.exe (Realtek Semiconductor Corp.)

O4 - HKLM..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe (Sonix)

O4 - HKCU..\Run: [Power2GoExpress] C:\Programme\CyberLink\Power2Go\Power2GoExpress.exe (Cyberlink)

O4 - HKCU..\Run: [swg] C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)

O4 - Startup: C:\Dokumente und Einstellungen\Holsträter\Startmenü\Programme\Autostart\OpenOffice.org 2.1.lnk = C:\Programme\OpenOffice.org 2.1\program\quickstart.exe ()

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0

O8 - Extra context menu item: Google Sidewiki... - C:\Programme\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.)

O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Programme\Kaspersky Lab\Kaspersky PURE\ie_banner_deny.htm ()

O8 - Extra context menu item: SmarThru4 Capture Selection - C:\Programme\SmarThru 4\WEBCapture.dll2.htm ()

O8 - Extra context menu item: SmarThru4 Save as HTML - C:\Programme\SmarThru 4\WEBCapture.dll1.htm ()

O8 - Extra context menu item: SmarThru4 Save Selected Text - C:\Programme\SmarThru 4\WEBCapture.dll.htm ()

O8 - Extra context menu item: SmarThru4 Web Capture - C:\Programme\SmarThru 4\WebCapture.dll ()

O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Programme\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll (Kaspersky Lab)

O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Programme\Skype\toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)

O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Programme\Skype\toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)

O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Programme\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll (Kaspersky Lab)

O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://a1540.g.akamai.net/7/1540/52/20061205/qtinstall.info.apple.com/qtactivex/qtplugin.cab (QuickTime Object)

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1020692982796 (WUWebControl Class)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)

O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)

O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Programme\Kaspersky Lab\Kaspersky PURE\mzvkbd3.dll (Kaspersky Lab)

O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll) - C:\Programme\Kaspersky Lab\Kaspersky PURE\kloehk.dll (Kaspersky Lab)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)

O20 - Winlogon\Notify\klogon: DllName - C:\WINDOWS\system32\klogon.dll - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab)

O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home

O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Notebook-660+662.bmp

O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Notebook-660+662.bmp

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006.08.17 23:37:34 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O32 - AutoRun File - [2010.05.19 18:48:29 | 000,000,243 | -HS- | M] () - C:\AutoRun.inf -- [ NTFS ]

O32 - AutoRun File - [2010.05.20 11:42:34 | 000,000,033 | -HS- | M] () - D:\AutoRun.inf -- [ NTFS ]

O32 - AutoRun File - [2010.05.19 17:04:56 | 000,000,033 | -HS- | M] () - F:\AutoRun.inf -- [ FAT ]

O33 - MountPoints2\{94897e4b-4099-11de-8b1f-0013d380326b}\Shell - "" = AutoRun

O33 - MountPoints2\{94897e4b-4099-11de-8b1f-0013d380326b}\Shell\AutoRun - "" = Auto&Play

O33 - MountPoints2\{a1ab659c-b86b-11db-8849-0013d380326b}\Shell\AutoRun\command - "" = F:\setupSNK.exe -- File not found

O34 - HKLM BootExecute: (autocheck autochk *) -  File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2010.05.20 16:38:09 | 000,571,904 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Holsträter\Desktop\OTL.exe

[2010.05.20 10:58:56 | 000,039,352 | ---- | C] (Infowatch) -- C:\WINDOWS\System32\drivers\CSVirtualDiskDrv.sys

[2010.05.20 10:58:53 | 000,088,632 | ---- | C] (Infowatch) -- C:\WINDOWS\System32\drivers\CSCrySec.sys

[2010.05.20 10:58:00 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\InfoWatch

[2010.05.20 10:57:59 | 000,000,000 | ---D | C] -- C:\Programme\Kaspersky Lab

[2010.05.20 10:57:59 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Kaspersky Lab

[2010.05.20 10:57:37 | 000,315,408 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys

[2010.05.20 10:44:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Kaspersky Lab Setup Files

[2010.05.19 22:26:14 | 000,000,000 | ---D | C] -- C:\Programme\trend micro

[2010.05.19 22:26:13 | 000,000,000 | ---D | C] -- C:\rsit

[2010.05.19 22:09:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Holsträter\Anwendungsdaten\Malwarebytes

[2010.05.19 22:09:11 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys

[2010.05.19 22:09:02 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2010.05.19 22:09:02 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware

[2010.05.19 22:09:02 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes

[2010.05.19 22:05:16 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Holsträter\Recent

[2010.05.19 21:41:29 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner

[2010.05.19 20:00:01 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\TuneUp Software

[2010.05.19 19:51:34 | 000,029,512 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\TURegOpt.exe

[2010.05.19 19:51:31 | 000,030,024 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\uxtuneup.dll

[2010.05.19 19:50:57 | 000,000,000 | ---D | C] -- C:\Programme\TuneUp Utilities 2010

[2010.05.19 19:42:02 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Holsträter\Anwendungsdaten\TuneUp Software

[2010.05.19 19:41:28 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software

[2010.05.19 19:41:15 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}

[2005.11.23 06:55:32 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\csnp2std.dll

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

 
 ========== Files - Modified Within 30 Days ==========

 

[2010.05.20 16:38:11 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Holsträter\Desktop\OTL.exe

[2010.05.20 16:12:03 | 000,001,088 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

[2010.05.20 16:00:14 | 000,000,508 | ---- | M] () -- C:\WINDOWS\tasks\Automatische Problemsuche.job

[2010.05.20 15:37:02 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2010.05.20 15:36:04 | 000,001,084 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

[2010.05.20 15:35:57 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT

[2010.05.20 15:35:53 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2010.05.20 15:35:52 | 527,880,192 | -HS- | M] () -- C:\hiberfil.sys

[2010.05.20 15:34:58 | 003,407,872 | ---- | M] () -- C:\Dokumente und Einstellungen\Holsträter\ntuser.dat

[2010.05.20 15:34:33 | 000,000,190 | -HS- | M] () -- C:\Dokumente und Einstellungen\Holsträter\ntuser.ini

[2010.05.20 11:47:33 | 000,002,409 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Skype.lnk

[2010.05.20 11:35:54 | 000,001,698 | ---- | M] () -- C:\Dokumente und Einstellungen\Holsträter\Desktop\HijackThis.lnk

[2010.05.20 11:23:37 | 000,113,933 | ---- | M] () -- C:\WINDOWS\System32\drivers\klin.dat

[2010.05.20 11:23:37 | 000,097,549 | ---- | M] () -- C:\WINDOWS\System32\drivers\klick.dat

[2010.05.20 10:57:37 | 000,315,408 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys

[2010.05.19 22:09:14 | 000,000,676 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk

[2010.05.19 22:06:17 | 000,016,342 | ---- | M] () -- C:\Dokumente und Einstellungen\Holsträter\Eigene Dateien\cc_20100519_220600.reg

[2010.05.19 21:41:30 | 000,001,512 | ---- | M] () -- C:\Dokumente und Einstellungen\Holsträter\Desktop\CCleaner.lnk

[2010.05.19 20:22:10 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\explorer.exe

[2010.05.19 20:22:10 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

[2010.05.19 20:22:10 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smss.exe

[2010.05.19 19:51:29 | 000,001,709 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TuneUp 1-Klick-Wartung.lnk

[2010.05.19 19:51:29 | 000,001,695 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TuneUp Utilities.lnk

[2010.05.19 18:48:29 | 000,000,243 | -HS- | M] () -- C:\AutoRun.inf

[2010.05.18 13:01:53 | 000,000,545 | ---- | M] () -- C:\Dokumente und Einstellungen.lnk

[2010.05.18 13:01:53 | 000,000,541 | ---- | M] () -- C:\System Volume Information.lnk

[2010.05.18 13:01:53 | 000,000,507 | ---- | M] () -- C:\RECYCLER.lnk

[2010.05.18 13:01:53 | 000,000,501 | ---- | M] () -- C:\Intel.lnk

[2010.05.18 13:01:53 | 000,000,499 | ---- | M] () -- C:\Temp.lnk

[2010.05.18 13:01:53 | 000,000,497 | ---- | M] () -- C:\CDS.lnk

[2010.04.29 12:19:24 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys

[2010.04.29 12:19:14 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

 
 ========== Files Created - No Company Name ==========

 

[2010.05.20 11:35:53 | 000,001,698 | ---- | C] () -- C:\Dokumente und Einstellungen\Holsträter\Desktop\HijackThis.lnk

[2010.05.20 10:59:33 | 000,113,933 | ---- | C] () -- C:\WINDOWS\System32\drivers\klin.dat

[2010.05.20 10:59:33 | 000,097,549 | ---- | C] () -- C:\WINDOWS\System32\drivers\klick.dat

[2010.05.19 22:09:14 | 000,000,676 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk

[2010.05.19 22:06:06 | 000,016,342 | ---- | C] () -- C:\Dokumente und Einstellungen\Holsträter\Eigene Dateien\cc_20100519_220600.reg

[2010.05.19 21:41:30 | 000,001,512 | ---- | C] () -- C:\Dokumente und Einstellungen\Holsträter\Desktop\CCleaner.lnk

[2010.05.19 20:13:50 | 000,027,136 | ---- | C] () -- C:\Dokumente und Einstellungen\Holsträter\Desktop\anforderung_declaration_debut_act_.doc

[2010.05.19 19:51:40 | 000,000,508 | ---- | C] () -- C:\WINDOWS\tasks\Automatische Problemsuche.job

[2010.05.19 19:51:29 | 000,001,709 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TuneUp 1-Klick-Wartung.lnk

[2010.05.19 19:51:29 | 000,001,695 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TuneUp Utilities.lnk

[2010.05.19 18:48:29 | 000,000,243 | -HS- | C] () -- C:\AutoRun.inf

[2010.05.19 18:44:25 | 527,880,192 | -HS- | C] () -- C:\hiberfil.sys

[2010.05.18 13:53:09 | 003,407,872 | ---- | C] () -- C:\Dokumente und Einstellungen\Holsträter\ntuser.dat

[2010.05.18 13:01:53 | 000,000,545 | ---- | C] () -- C:\Dokumente und Einstellungen.lnk

[2010.05.18 13:01:53 | 000,000,541 | ---- | C] () -- C:\System Volume Information.lnk

[2010.05.18 13:01:53 | 000,000,507 | ---- | C] () -- C:\RECYCLER.lnk

[2010.05.18 13:01:53 | 000,000,501 | ---- | C] () -- C:\Intel.lnk

[2010.05.18 13:01:53 | 000,000,499 | ---- | C] () -- C:\Temp.lnk

[2010.05.18 13:01:53 | 000,000,497 | ---- | C] () -- C:\CDS.lnk

[2010.02.23 14:22:40 | 000,167,936 | ---- | C] () -- C:\WINDOWS\System32\hpsfs.dll

[2010.02.23 14:15:38 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\SecSNMP.dll

[2010.02.23 14:15:29 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\SamFaxPort.dll

[2010.02.23 14:15:16 | 000,000,136 | ---- | C] () -- C:\WINDOWS\Readiris.ini

[2010.02.23 14:15:12 | 000,023,040 | ---- | C] () -- C:\WINDOWS\System32\irisco32.dll

[2010.02.23 14:11:04 | 000,022,723 | ---- | C] () -- C:\WINDOWS\System32\sst1cl3.dll

[2010.02.23 14:07:48 | 000,139,776 | R--- | C] () -- C:\WINDOWS\System32\SaXPEH.dll

[2010.02.23 14:07:48 | 000,138,240 | R--- | C] () -- C:\WINDOWS\System32\SaXPUIEx.dll

[2010.02.23 14:07:48 | 000,116,736 | R--- | C] () -- C:\WINDOWS\System32\SaXPIPH.dll

[2010.02.23 14:07:48 | 000,087,040 | R--- | C] () -- C:\WINDOWS\System32\SaXPSTI.dll

[2010.02.23 14:07:47 | 000,138,752 | R--- | C] () -- C:\WINDOWS\System32\SaXPWIA.dll

[2008.05.24 17:04:26 | 000,000,082 | ---- | C] () -- C:\WINDOWS\KTEL.INI

[2008.02.07 11:05:18 | 000,163,840 | ---- | C] () -- C:\WINDOWS\System32\hppatusg01.dll

[2007.03.22 18:55:16 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI

[2006.08.18 02:42:00 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini

[2006.08.18 01:08:02 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\MGHwCtrl.dll

[2006.08.18 01:08:02 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\MGFPCtrl.dll

[2006.08.18 01:08:02 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\MGPwrShm.dll

[2006.08.18 00:30:58 | 000,135,168 | R--- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll

[2006.08.17 23:22:47 | 000,001,188 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini

[2006.08.04 08:30:12 | 011,985,280 | ---- | C] () -- C:\WINDOWS\System32\drivers\snp2sxp.sys

[2006.04.27 13:43:14 | 000,024,832 | ---- | C] () -- C:\WINDOWS\System32\drivers\sncamd.sys

[2005.01.21 06:02:00 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\RMDevice.dll

[2004.12.09 10:23:10 | 000,015,497 | ---- | C] () -- C:\WINDOWS\snp2std.ini

[2002.05.06 15:35:37 | 000,006,702 | ---- | C] () -- C:\WINDOWS\System32\drivers\FlashSys.sys

< End of report >
[/QUOTE]