Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
bka virus +logfiles

bka virus +logfiles


Log-Analyse und Auswertung: bka virus +logfiles

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 12.06.2011, 12:09   #1
erix
 
bka virus +logfiles - Standard

bka virus +logfiles


habe den schon oft genannten bka virus, habe mit reatogo cd den befallenen pc gestarted.
hier die logfiles:
OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 6/12/2011 2:11:05 PM - Run 
OTLPE by OldTimer - Version 3.1.46.0     Folder = X:\Programs\OTLPE
Windows 7 Professional Service Pack 1 (Version = 6.1.7601) - Type = System
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 91.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 452.99 Gb Total Space | 284.90 Gb Free Space | 62.89% Space Free | Partition Type: NTFS
Drive D: | 7.53 Gb Total Space | 7.53 Gb Free Space | 100.00% Space Free | Partition Type: FAT32
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
 
========== Win32 Services (SafeList) ==========
 
SRV - [2011/06/06 21:30:02 | 003,435,096 | ---- | M] () [Auto] -- C:\Program Files\Common Files\Akamai\netsession_win_8675ab0.dll -- (Akamai)
SRV - [2011/06/02 10:24:53 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/04/29 01:18:28 | 000,136,360 | ---- | M] (Avira GmbH) [Auto] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011/03/17 13:31:09 | 000,269,480 | ---- | M] (Avira GmbH) [Auto] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010/07/28 08:08:20 | 003,447,296 | ---- | M] (Egis Technology Inc.) [Auto] -- C:\Program Files\Acer Bio Protection\BASVC.exe -- (IGBASVC)
SRV - [2010/04/05 15:55:01 | 000,116,104 | ---- | M] () [Auto] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2010/03/23 07:19:32 | 001,528,616 | ---- | M] (Cisco Systems, Inc.) [Auto] -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe -- (CVPND)
SRV - [2009/07/13 21:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009/07/13 21:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 21:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/13 21:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand] --  -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - File not found [Kernel | On_Demand] --  -- (EagleNT)
DRV - File not found [Kernel | System] --  -- (DritekPortIO)
DRV - File not found [Kernel | On_Demand] --  -- (cpuz132)
DRV - File not found [Kernel | Auto] --  -- (adfs)
DRV - [2011/03/17 13:31:09 | 000,137,656 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2010/11/24 12:11:57 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010/11/20 08:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 08:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 08:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 06:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 05:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 05:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 05:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\system32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010/10/06 08:12:19 | 000,697,328 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2010/07/28 08:09:31 | 000,022,528 | ---- | M] (Egistec) [Kernel | Auto] -- C:\Windows\System32\drivers\FPSensor.sys -- (FPSensor) EgisTec-Corp Fingerprint Reader Driver (FPSensor.sys)
DRV - [2010/07/28 08:08:52 | 000,069,632 | ---- | M] () [Kernel | Auto] -- C:\Windows\System32\drivers\int15.sys -- (int15)
DRV - [2010/07/09 18:37:00 | 011,008,040 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010/06/21 18:07:37 | 000,105,576 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2010/03/23 07:15:36 | 000,308,859 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto] -- C:\Windows\System32\drivers\CVPNDRVA.sys -- (CVPNDRVA)
DRV - [2010/02/24 06:22:10 | 000,185,472 | ---- | M] (Protect Software GmbH) [Kernel | Auto] -- C:\Windows\System32\drivers\acedrv11.sys -- (acedrv11)
DRV - [2010/02/10 23:29:56 | 000,106,880 | ---- | M] (HSPADataCard Incorporated) [Kernel | On_Demand] -- C:\Windows\System32\drivers\HSPADataCardusbser.sys -- (HSPADataCardusbser)
DRV - [2010/02/10 23:29:56 | 000,106,880 | ---- | M] (HSPADataCard Incorporated) [Kernel | On_Demand] -- C:\Windows\System32\drivers\HSPADataCardusbnmea.sys -- (HSPADataCardusbnmea)
DRV - [2010/02/10 23:29:56 | 000,106,880 | ---- | M] (HSPADataCard Incorporated) [Kernel | On_Demand] -- C:\Windows\System32\drivers\HSPADataCardusbmdm.sys -- (HSPADataCardusbmdm)
DRV - [2010/02/10 23:29:56 | 000,010,240 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand] -- C:\Windows\System32\drivers\massfilter.sys -- (massfilter)
DRV - [2009/12/14 22:46:26 | 000,024,192 | ---- | M] (Bytemobile, Inc.) [Kernel | System] -- C:\Windows\System32\drivers\tcpipBM.sys -- (tcpipBM)
DRV - [2009/12/14 22:46:18 | 000,013,184 | ---- | M] (Bytemobile, Inc.) [Kernel | Boot] -- C:\Windows\System32\drivers\BMLoad.sys -- (BMLoad)
DRV - [2009/10/02 04:59:16 | 000,489,952 | ---- | M] (ITETech                  ) [Kernel | On_Demand] -- C:\Windows\System32\drivers\AF15BDA.sys -- (AF15BDA)
DRV - [2009/07/13 18:13:48 | 001,035,776 | ---- | M] (LSI Corp) [Kernel | On_Demand] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2009/07/13 18:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32) Intel(R)
DRV - [2009/07/13 18:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\k57nd60x.sys -- (k57nd60x) Broadcom NetLink (TM)
DRV - [2009/05/11 04:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/03/18 11:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2009/01/30 06:14:14 | 000,191,536 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2008/11/16 12:39:44 | 000,131,984 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\dne2000.sys -- (DNE)
DRV - [2008/10/08 04:43:08 | 000,005,632 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand] -- C:\Windows\System32\drivers\hidshim.sys -- (hidshim)
DRV - [2008/10/08 04:43:06 | 000,022,528 | ---- | M] (Nuvoton Technology Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\nuvotonhidgeneric.sys -- (nuvotonhidgeneric)
DRV - [2007/01/18 14:28:02 | 000,005,275 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\CVirtA.sys -- (CVirtA)
DRV - [2003/10/15 11:52:50 | 000,174,530 | ---- | M] (OmniVision Technologies, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ov519vid.sys -- (ovt519)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\erix_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E5 47 83 30 9F 3D CB 01  [binary data]
IE - HKU\erix_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\erix_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 
 
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: battlefieldheroespatcher@ea.com:5.0.31.0
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6
FF - prefs.js..extensions.enabledItems: {000F1EA4-5E08-4564-A29B-29076F63A37A}:1.0.3.139
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: battlefieldplay4free@ea.com:1.0.53.2
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{5AD2E184-68D2-4B21-AF0A-688E0E7680E4}: C:\Users\erix\AppData\Local\{5AD2E184-68D2-4B21-AF0A-688E0E7680E4} [2011/05/02 18:31:59 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\ff-bmboc@bytemobile.com: C:\Program Files\congstar\Internetmanager\Bin\addon [2010/04/01 08:29:34 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/05/10 06:57:02 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/05/10 07:19:04 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.2\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011/05/10 06:57:02 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.2\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2011/05/10 06:57:02 | 000,000,000 | ---D | M]
 
[2010/07/29 12:07:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\erix\AppData\Roaming\Mozilla\Extensions
[2010/07/29 12:07:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\erix\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011/05/23 15:24:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\erix\AppData\Roaming\Mozilla\Firefox\Profiles\539gp8u2.default\extensions
[2010/11/24 18:51:26 | 000,000,000 | ---D | M] () -- C:\Users\erix\AppData\Roaming\Mozilla\Firefox\Profiles\539gp8u2.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}
[2010/10/13 06:06:27 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- C:\Users\erix\AppData\Roaming\Mozilla\Firefox\Profiles\539gp8u2.default\extensions\battlefieldheroespatcher@ea.com
[2011/04/11 08:38:42 | 000,000,000 | ---D | M] (Battlefield Play4Free) -- C:\Users\erix\AppData\Roaming\Mozilla\Firefox\Profiles\539gp8u2.default\extensions\battlefieldplay4free@ea.com
[2011/05/02 04:18:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/07/30 06:54:29 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2011/01/02 07:58:36 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
File not found (No name found) -- 
[2010/04/01 08:29:34 | 000,000,000 | ---D | M] (Bytemobile Optimization Client) -- C:\PROGRAM FILES\CONGSTAR\INTERNETMANAGER\BIN\ADDON
[2011/05/02 18:31:59 | 000,000,000 | ---D | M] (XULRunner) -- C:\USERS\ERIX\APPDATA\LOCAL\{5AD2E184-68D2-4B21-AF0A-688E0E7680E4}
() (No name found) -- C:\USERS\ERIX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\539GP8U2.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2011/04/14 12:40:03 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2008/06/19 05:16:24 | 000,118,784 | ---- | M] (CANON INC.) -- C:\Program Files\Mozilla Firefox\plugins\MyCamera.dll
[2008/06/19 05:16:24 | 000,053,248 | ---- | M] (CANON INC.) -- C:\Program Files\Mozilla Firefox\plugins\NPCIG.dll
[2010/11/12 13:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/01/01 04:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010/01/01 04:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml
[2010/01/01 04:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-de.xml
[2010/01/01 04:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010/01/01 04:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010/01/01 04:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-de.xml
 
Hosts file not found
O3 - HKLM\..\Toolbar: (TerraTec Home Cinema) - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\Program Files\TerraTec\TerraTec Home Cinema\ThcDeskBand.dll (TerraTec Electronic GmbH)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4 - HKLM..\Run: [VitaKeyPdtWzd] C:\Program Files\Acer Bio Protection\PdtWzd.exe (Egis Technology Inc.)
O4 - HKU\erix_ON_C..\Run: [4E3E0230AEBB4E96]  File not found
O4 - HKU\erix_ON_C..\Run: [AdobeBridge]  File not found
O4 - HKU\erix_ON_C..\Run: [msnmsgr]  File not found
O4 - HKU\LocalService_ON_C..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\NetworkService_ON_C..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\erix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\erix_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer Bio Protection\PwdBank.exe (Egis Technology Inc.)
O9 - Extra 'Tools' menuitem : Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer Bio Protection\PwdBank.exe (Egis Technology Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKU\.DEFAULT Winlogon: Shell - (C:\Windows\TEMP\0.7420111087137579.exe) - C:\Windows\Temp\0.7420111087137579.exe (BitDefender)
O20 - HKU\erix_ON_C Winlogon: Shell - (C:\Users\erix\AppData\Local\Temp\43F6.tmp) - C:\Users\erix\AppData\Local\Temp\43F6.tmp (BitDefender)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/04/18 05:45:45 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2009/06/10 17:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{19369e0d-d143-11df-ad61-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{19369e0d-d143-11df-ad61-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Setup.exe
O33 - MountPoints2\{9303e798-c703-11df-8b58-001f16bdede9}\Shell - "" = AutoRun
O33 - MountPoints2\{9303e798-c703-11df-8b58-001f16bdede9}\Shell\AutoRun\command - "" = E:\Startme.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\Data\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011/06/09 18:54:39 | 000,000,000 | ---D | C] -- C:\Users\erix\AppData\Roaming\Fuupzy
[2011/06/09 18:54:39 | 000,000,000 | ---D | C] -- C:\Users\erix\AppData\Roaming\Emabk
[2011/06/09 12:06:06 | 000,200,704 | ---- | C] (ICSharpCode.net) -- C:\Users\erix\Desktop\ICSharpCode.SharpZipLib.dll
[2011/06/09 11:58:55 | 000,000,000 | ---D | C] -- C:\Users\erix\AppData\Roaming\styler2go
[2011/06/09 11:58:29 | 001,403,904 | ---- | C] (Geek Defense Foundation) -- C:\Users\erix\Desktop\LoLLanguageChanger.exe
[2011/06/08 17:32:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
[2011/06/08 17:32:35 | 000,000,000 | ---D | C] -- C:\Program Files\TeamSpeak 3 Client
[2011/06/07 12:09:02 | 000,000,000 | ---D | C] -- C:\Users\erix\Documents\Trials 2
[2011/06/07 12:08:57 | 000,000,000 | ---D | C] -- C:\Users\erix\AppData\Local\Redlynx
[2011/06/06 09:14:23 | 000,000,000 | ---D | C] -- C:\Users\erix\AppData\Roaming\Cobra Mobile
[2011/06/06 09:14:22 | 000,444,952 | ---- | C] (Creative Labs) -- C:\Windows\System32\wrap_oal.dll
[2011/06/06 09:14:22 | 000,109,080 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\System32\OpenAL32.dll
[2011/06/06 09:14:22 | 000,000,000 | ---D | C] -- C:\Program Files\OpenAL
[2011/05/31 07:12:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Steam
[2011/05/30 04:14:18 | 000,724,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bmutil.dll
[2011/05/30 04:14:18 | 000,480,384 | ---- | C] (Bytemobile, Inc.) -- C:\Windows\System32\bmnet.dll
[2011/05/30 04:14:18 | 000,308,352 | ---- | C] (Bytemobile, Inc.) -- C:\Windows\System32\bminstall.dll
[2011/05/30 04:14:18 | 000,132,224 | ---- | C] (Bytemobile, Inc.) -- C:\Windows\System32\bmdumpd.bin
[2011/05/30 04:14:18 | 000,024,192 | ---- | C] (Bytemobile, Inc.) -- C:\Windows\System32\drivers\tcpipBM.sys
[2011/05/30 04:14:18 | 000,013,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sporder.dll
[2011/05/30 04:14:18 | 000,013,184 | ---- | C] (Bytemobile, Inc.) -- C:\Windows\System32\drivers\BMLoad.sys
[2011/05/30 04:14:03 | 000,106,880 | ---- | C] (HSPADataCard Incorporated) -- C:\Windows\System32\drivers\HSPADataCardusbser.sys
[2011/05/30 04:14:03 | 000,010,240 | ---- | C] (ZTE Incorporated) -- C:\Windows\System32\drivers\massfilter.sys
[2011/05/30 04:14:02 | 000,106,880 | ---- | C] (HSPADataCard Incorporated) -- C:\Windows\System32\drivers\HSPADataCardusbnmea.sys
[2011/05/30 04:14:02 | 000,106,880 | ---- | C] (HSPADataCard Incorporated) -- C:\Windows\System32\drivers\HSPADataCardusbmdm.sys
[2011/05/30 04:13:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\congstar Internet-Manager
[2011/05/30 04:13:38 | 000,000,000 | ---D | C] -- C:\Program Files\congstar
[2011/05/28 14:52:03 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011/05/24 21:25:08 | 000,027,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys
[2011/05/24 05:35:59 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\poqexec.exe
[2011/05/19 06:41:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011/05/19 06:41:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2011/05/17 09:42:24 | 000,000,000 | ---D | C] -- C:\Users\erix\Desktop\EXPORT
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011/06/12 06:41:16 | 000,705,906 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011/06/12 06:41:16 | 000,651,590 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/06/12 06:41:16 | 000,149,448 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011/06/12 06:41:16 | 000,122,528 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/06/12 06:37:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/06/12 06:36:54 | 2411,847,680 | -HS- | M] () -- C:\hiberfil.sys
[2011/06/12 06:06:25 | 000,014,752 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/06/12 06:06:25 | 000,014,752 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/06/09 18:54:28 | 000,043,008 | ---- | M] () -- C:\Users\erix0.09308119520092684.exe
[2011/06/09 18:47:57 | 000,007,605 | ---- | M] () -- C:\Users\erix\AppData\Local\Resmon.ResmonCfg
[2011/06/09 12:06:08 | 000,200,704 | ---- | M] (ICSharpCode.net) -- C:\Users\erix\Desktop\ICSharpCode.SharpZipLib.dll
[2011/06/09 11:58:30 | 001,403,904 | ---- | M] (Geek Defense Foundation) -- C:\Users\erix\Desktop\LoLLanguageChanger.exe
[2011/06/09 10:51:10 | 000,047,616 | ---- | M] () -- C:\Users\erix0.03520997508100909.exe
[2011/06/08 17:32:44 | 000,001,124 | ---- | M] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2011/06/08 17:32:43 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
[2011/06/06 09:14:22 | 000,444,952 | ---- | M] (Creative Labs) -- C:\Windows\System32\wrap_oal.dll
[2011/06/06 09:14:22 | 000,109,080 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\System32\OpenAL32.dll
[2011/06/05 08:18:10 | 008,720,695 | ---- | M] () -- C:\Users\erix\Desktop\07-tosca-boss_on_the_boat-elu.mp3
[2011/06/02 11:16:56 | 300,236,736 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/06/01 11:39:39 | 000,000,215 | ---- | M] () -- C:\Users\erix\Desktop\Frozen Synapse.url
[2011/05/30 04:13:59 | 000,002,174 | ---- | M] () -- C:\Users\Public\Desktop\congstar Internet-Manager.lnk
[2011/05/30 04:13:59 | 000,002,155 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MCtlSvc.lnk
[2011/05/30 04:13:59 | 000,000,000 | R--D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
[2011/05/30 04:13:59 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\congstar Internet-Manager
[2011/05/28 14:52:03 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011/05/26 07:35:13 | 000,001,017 | ---- | M] () -- C:\Users\erix\Desktop\Dropbox.lnk
[2011/05/26 07:35:13 | 000,000,997 | ---- | M] () -- C:\Users\erix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2011/05/19 06:41:58 | 000,002,503 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2011/05/19 06:41:58 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011/05/17 22:11:09 | 000,000,216 | ---- | M] () -- C:\Users\erix\Desktop\Terraria.url
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011/06/09 18:54:28 | 000,043,008 | ---- | C] () -- C:\Users\erix0.09308119520092684.exe
[2011/06/09 18:47:57 | 000,007,605 | ---- | C] () -- C:\Users\erix\AppData\Local\Resmon.ResmonCfg
[2011/06/09 10:51:09 | 000,047,616 | ---- | C] () -- C:\Users\erix0.03520997508100909.exe
[2011/06/08 17:32:44 | 000,001,124 | ---- | C] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2011/06/05 08:13:52 | 008,720,695 | ---- | C] () -- C:\Users\erix\Desktop\07-tosca-boss_on_the_boat-elu.mp3
[2011/06/01 11:38:34 | 000,000,215 | ---- | C] () -- C:\Users\erix\Desktop\Frozen Synapse.url
[2011/05/30 04:13:59 | 000,002,174 | ---- | C] () -- C:\Users\Public\Desktop\congstar Internet-Manager.lnk
[2011/05/30 04:13:59 | 000,002,155 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MCtlSvc.lnk
[2011/05/26 07:33:23 | 000,000,997 | ---- | C] () -- C:\Users\erix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2011/05/19 06:41:58 | 000,002,503 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2011/05/17 22:11:09 | 000,000,216 | ---- | C] () -- C:\Users\erix\Desktop\Terraria.url
[2011/05/10 06:42:57 | 002,463,976 | ---- | C] () -- C:\Windows\System32\NPSWF32.dll
[2011/05/03 09:28:35 | 000,252,928 | ---- | C] () -- C:\Windows\System32\DShowRdpFilter.dll
[2011/05/03 09:27:01 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011/05/02 18:32:00 | 000,000,120 | ---- | C] () -- C:\Users\erix\AppData\Local\Cfovimafey.dat
[2011/05/02 18:32:00 | 000,000,000 | ---- | C] () -- C:\Users\erix\AppData\Local\Ohogomizih.bin
[2011/04/11 09:06:25 | 000,138,264 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2011/04/11 09:05:53 | 000,234,768 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2011/04/11 09:05:51 | 000,075,136 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2011/01/11 12:54:38 | 000,021,504 | ---- | C] () -- C:\Windows\jestertb.dll
[2010/12/29 14:53:47 | 000,000,000 | ---- | C] () -- C:\Windows\System32\Access.dat
[2010/10/13 06:23:38 | 000,138,056 | ---- | C] () -- C:\Users\erix\AppData\Roaming\PnkBstrK.sys
[2010/10/07 09:34:46 | 000,019,456 | ---- | C] () -- C:\Users\erix\AppData\Local\WebpageIcons.db
[2010/07/29 12:07:39 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010/07/29 11:16:38 | 000,200,704 | ---- | C] () -- C:\Windows\sel3110.exe
[2010/07/29 11:16:38 | 000,040,960 | ---- | C] () -- C:\Windows\CleanDev.exe
[2010/07/29 11:16:38 | 000,032,528 | ---- | C] () -- C:\Windows\amcap.exe
[2010/07/28 13:16:40 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2010/07/28 08:20:03 | 000,231,056 | ---- | C] () -- C:\Windows\System32\drivers\RTConvEQ.dat
[2010/07/28 08:20:03 | 000,001,352 | ---- | C] () -- C:\Windows\System32\drivers\RtHdatEx.dat
[2010/07/28 08:20:03 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX2.dat
[2010/07/28 08:20:03 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX1.dat
[2010/07/28 08:20:03 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX0.dat
[2010/07/28 08:20:03 | 000,000,008 | ---- | C] () -- C:\Windows\System32\drivers\rtkhdaud.dat
[2010/07/28 08:15:39 | 000,200,704 | ---- | C] () -- C:\Windows\PLFSetI.exe
[2010/07/28 08:15:39 | 000,106,496 | ---- | C] () -- C:\Windows\FixUVC.exe
[2010/07/28 08:15:39 | 000,000,074 | ---- | C] () -- C:\Windows\PidList.ini
[2010/07/28 08:08:52 | 000,097,792 | ---- | C] () -- C:\Windows\System32\INT15_64.dll
[2010/07/28 08:08:52 | 000,069,632 | ---- | C] () -- C:\Windows\System32\drivers\int15.sys
[2010/07/28 08:08:52 | 000,015,656 | ---- | C] () -- C:\Windows\System32\drivers\int15_64.sys
[2010/07/28 08:08:51 | 000,081,920 | ---- | C] () -- C:\Windows\System32\INT15.dll
[2010/03/23 07:26:48 | 000,201,512 | ---- | C] () -- C:\Windows\System32\vpnapi.dll
[2009/07/14 04:47:43 | 000,705,906 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2009/07/14 04:47:43 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2009/07/14 04:47:43 | 000,149,448 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2009/07/14 04:47:43 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2009/07/14 00:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 00:33:53 | 002,215,720 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/13 22:05:48 | 000,651,590 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009/07/13 22:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009/07/13 22:05:48 | 000,122,528 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009/07/13 22:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009/07/13 22:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009/07/13 22:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009/07/13 19:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 19:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2002/01/02 20:09:18 | 000,000,356 | ---- | C] () -- C:\Windows\System32\AF15IrTbl.bin
 
========== LOP Check ==========
 
[2011/04/20 15:38:35 | 000,000,000 | ---D | M] -- C:\Users\erix\AppData\Roaming\.minecraft
[2011/05/10 07:11:12 | 000,000,000 | ---D | M] -- C:\Users\erix\AppData\Roaming\Ansca
[2010/07/30 09:44:42 | 000,000,000 | ---D | M] -- C:\Users\erix\AppData\Roaming\Canon
[2011/06/06 09:14:23 | 000,000,000 | ---D | M] -- C:\Users\erix\AppData\Roaming\Cobra Mobile
[2010/10/06 08:15:46 | 000,000,000 | ---D | M] -- C:\Users\erix\AppData\Roaming\DAEMON Tools Pro
[2011/06/09 16:05:20 | 000,000,000 | ---D | M] -- C:\Users\erix\AppData\Roaming\Dropbox
[2011/05/10 13:11:50 | 000,000,000 | ---D | M] -- C:\Users\erix\AppData\Roaming\Dwarfs
[2010/11/25 12:53:39 | 000,000,000 | ---D | M] -- C:\Users\erix\AppData\Roaming\Dyyno
[2011/06/09 18:54:39 | 000,000,000 | ---D | M] -- C:\Users\erix\AppData\Roaming\Emabk
[2010/11/25 14:42:32 | 000,000,000 | ---D | M] -- C:\Users\erix\AppData\Roaming\ExitReality
[2011/06/09 18:54:39 | 000,000,000 | ---D | M] -- C:\Users\erix\AppData\Roaming\Fuupzy
[2011/04/10 10:20:42 | 000,000,000 | ---D | M] -- C:\Users\erix\AppData\Roaming\gtk-2.0
[2011/01/03 15:25:35 | 000,000,000 | ---D | M] -- C:\Users\erix\AppData\Roaming\Internetmanager
[2010/07/28 10:08:08 | 000,000,000 | ---D | M] -- C:\Users\erix\AppData\Roaming\LolClient
[2010/08/04 04:00:04 | 000,000,000 | ---D | M] -- C:\Users\erix\AppData\Roaming\OpenOffice.org
[2010/11/29 08:51:10 | 000,000,000 | ---D | M] -- C:\Users\erix\AppData\Roaming\runic games
[2011/06/09 13:44:39 | 000,000,000 | ---D | M] -- C:\Users\erix\AppData\Roaming\styler2go
[2010/10/13 08:14:27 | 000,000,000 | ---D | M] -- C:\Users\erix\AppData\Roaming\Teeworlds
[2011/01/25 08:48:57 | 000,000,000 | ---D | M] -- C:\Users\erix\AppData\Roaming\TerraTec
[2010/07/29 12:07:38 | 000,000,000 | ---D | M] -- C:\Users\erix\AppData\Roaming\Thunderbird
[2011/06/08 17:51:01 | 000,000,000 | ---D | M] -- C:\Users\erix\AppData\Roaming\TS3Client
[2010/12/29 15:13:30 | 000,000,000 | ---D | M] -- C:\Users\erix\AppData\Roaming\Tunngle
[2010/07/28 07:43:25 | 000,000,000 | -HSD | M] -- C:\ProgramData\Anwendungsdaten
[2009/07/14 00:53:55 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data
[2011/05/03 03:20:05 | 000,000,000 | ---D | M] -- C:\ProgramData\bL02400OaPgK02400
[2010/12/06 07:27:28 | 000,000,000 | -H-D | M] -- C:\ProgramData\CanonBJ
[2010/12/06 07:27:48 | 000,000,000 | ---D | M] -- C:\ProgramData\CanonIJMSetup
[2010/12/06 08:55:03 | 000,000,000 | -H-D | M] -- C:\ProgramData\CanonIJMyPrinter
[2011/05/16 10:20:25 | 000,000,000 | ---D | M] -- C:\ProgramData\CanonIJPLM
[2010/10/06 08:11:22 | 000,000,000 | ---D | M] -- C:\ProgramData\DAEMON Tools Pro
[2009/07/14 00:53:55 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop
[2009/07/14 00:53:55 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents
[2010/07/28 07:43:25 | 000,000,000 | -HSD | M] -- C:\ProgramData\Dokumente
[2010/07/28 07:57:02 | 000,000,000 | ---D | M] -- C:\ProgramData\Driver Whiz
[2010/07/28 07:43:25 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favoriten
[2009/07/14 00:53:55 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites
[2011/04/07 14:28:02 | 000,000,000 | ---D | M] -- C:\ProgramData\id Software
[2010/07/28 07:50:53 | 000,000,000 | ---D | M] -- C:\ProgramData\PC Drivers HeadQuarters
[2011/06/09 18:29:05 | 000,000,000 | ---D | M] -- C:\ProgramData\PMB Files
[2011/06/06 16:57:38 | 000,000,000 | ---D | M] -- C:\ProgramData\PopCap Games
[2009/07/14 00:53:55 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu
[2010/07/28 07:43:25 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu
[2011/06/06 16:57:46 | 000,000,000 | ---D | M] -- C:\ProgramData\Steam
[2009/07/14 00:53:55 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates
[2011/01/25 08:50:08 | 000,000,000 | ---D | M] -- C:\ProgramData\TerraTec
[2010/12/29 15:32:43 | 000,000,000 | ---D | M] -- C:\ProgramData\Tunngle
[2010/07/28 07:43:25 | 000,000,000 | -HSD | M] -- C:\ProgramData\Vorlagen
[2010/12/05 10:30:15 | 000,000,000 | ---D | M] -- C:\ProgramData\WinZip
[2010/08/18 06:55:46 | 000,000,000 | ---D | M] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011/06/09 16:03:17 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
< End of report >
--- --- ---


Was muss ich nun machen um den virus wegzubekommen? bitte um hilfe!
Geändert von erix (12.06.2011 um 12:17 Uhr)

 

Themen zu bka virus +logfiles
bka virus, canon, doppelklick, entweder, gefunde, launch, logfile, logfiles, mozilla thunderbird, nvlddmkm.sys, oldtimer, otlpe, plug-in, reatogo, sched.exe, searchplugins, sptd.sys, start menu, virus, webcheck, windows


« Windows Vista wieder sauber nach entfernen von Vista Recovery? | Mehrere Trojaner - Automatische WIN XP Updates deaktiviert - Sicherheitscenter-Warnung »


Ähnliche Themen: bka virus +logfiles


  1. BKA Virus auf Windows XP SP3 (Logfiles vorhanden)
    Log-Analyse und Auswertung - 08.08.2014 (14)
  2. Interpol Virus und dessen Bekämpfung (Logfiles)
    Log-Analyse und Auswertung - 27.05.2014 (3)
  3. Google-Redirect-Virus? - Logfiles inside
    Plagegeister aller Art und deren Bekämpfung - 29.11.2012 (13)
  4. My Security Shield Virus vollständig entfernt? OTL Logfiles
    Log-Analyse und Auswertung - 23.04.2012 (8)
  5. Windows Live Messanger [Virus] Logfiles
    Log-Analyse und Auswertung - 16.04.2012 (1)
  6. BKA-Virus..logfiles OTLPENet.exe
    Log-Analyse und Auswertung - 09.03.2012 (9)
  7. 50-€ Virus Logfiles von OTL
    Log-Analyse und Auswertung - 04.03.2012 (3)
  8. AKM Virus 50€ Logfiles
    Log-Analyse und Auswertung - 04.03.2012 (1)
  9. BKA Virus / Was tun um das Problem zu fixen / Logfiles angehaengt
    Log-Analyse und Auswertung - 25.07.2011 (2)
  10. BKA Virus :( OTL logfiles erstellt
    Log-Analyse und Auswertung - 13.06.2011 (18)
  11. Explorer.exe funkt nicht richtig (variant.kazy Virus) mit Logfiles
    Log-Analyse und Auswertung - 19.05.2011 (2)
  12. PC Probleme Virus oder Malware Logfiles sind ausgewertet
    Log-Analyse und Auswertung - 10.09.2010 (16)
  13. msn picture link virus - logfiles
    Log-Analyse und Auswertung - 21.03.2010 (1)
  14. Bitte um Kontrolle meines LogFiles wegen Verdacht auf Virus befall
    Log-Analyse und Auswertung - 02.08.2009 (15)
  15. Bitte Logfiles Prüfen! VIRUS???
    Log-Analyse und Auswertung - 30.01.2008 (0)
  16. Virus Java-Virus JAVA/Dldr.Agent.C gefunden; Bitte um Prüfung des Hijack Logfiles
    Log-Analyse und Auswertung - 24.07.2007 (3)
  17. Virus Warnung von AntiVir beim Speichern eines hijackthis logfiles!
    Log-Analyse und Auswertung - 13.12.2004 (7)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema bka virus +logfiles - habe den schon oft genannten bka virus, habe mit reatogo cd den befallenen pc gestarted. hier die logfiles: OTL Logfile: Code: Alles auswählen Aufklappen ATTFilter OTL logfile created on: 6/12/2011 - bka virus +logfiles...
Archiv
Du betrachtest: bka virus +logfiles auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131