Ukash Bundespolizei OTLPE Datei

nische78

Hallo,

ich habe hier einen PC mit den Trojaner Ukash. Habe mich bereits ausführlich im Internet erkundigt, was ich tun muss. Jedoch hilft nichts.

Habe bereits die Kaspersky Rescue (WindowsUnlocker) gebrannt. Jedoch bootet der PC nicht von der CD. Dann habe ich das ganze über USB versucht, versucht der PC zu booten, jedoch bekomme ich einen Boot Error.

Jetzt habe ich in einen Forenbeitrag gelesen man soll OTLPE herunterladen. Was ich nun gemacht habe. Ich habe jedoch nur eine OTL.txt Datei bekommen, keine Extra.Txt.

Hier die OTL.txt-Datei. Ich hoffe mir kann jemand helfen. Ach ja, ich bin ein Laie, deshalb nicht so komliziert werden.

OTL logfile created on: 9/22/2011 10:22:40 PM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

1,022.00 Mb Total Physical Memory | 818.00 Mb Available Physical Memory | 80.00% Memory free
906.00 Mb Paging File | 847.00 Mb Available in Paging File | 93.00% Paging File free
Paging file location(s): c:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 232.88 Gb Total Space | 197.43 Gb Free Space | 84.78% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001

========== Win32 Services (SafeList) ==========

SRV - [2011/03/20 08:30:58 | 000,135,336 | ---- | M] (Avira GmbH) [Auto] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011/03/20 08:30:57 | 000,269,480 | ---- | M] (Avira GmbH) [Auto] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2008/06/15 10:34:20 | 000,071,096 | ---- | M] () [Auto] -- C:\Programme\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU)
SRV - [2005/08/23 21:29:52 | 000,118,272 | ---- | M] (TuneUp Software GmbH) [On_Demand] -- C:\Programme\TuneUp Utilities 2006\WinStylerThemeSvc.exe -- (TUWinStylerThemeSvc)
SRV - [2005/08/10 08:26:14 | 001,527,900 | ---- | M] (The Firebird Project) [On_Demand] -- C:\MAGIX\Common\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2001/11/12 08:31:48 | 000,020,480 | ---- | M] (X10) [Auto] -- C:\Programme\Common Files\X10\Common\X10nets.exe -- (x10nets)
SRV - [2001/02/23 05:07:30 | 000,270,336 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe -- (MDM)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (wanatw) WAN Miniport (ATW)
DRV - File not found [Kernel | On_Demand] -- -- (rtl8139) NT-Treiber für Realtek RTL8139(A/B/C)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (i2omgmt)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - [2011/03/20 08:30:58 | 000,137,656 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2011/03/20 08:30:58 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009/10/22 06:54:18 | 000,037,392 | ---- | M] (Kaspersky Lab) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\83230432.sys -- (83230432)
DRV - [2009/10/09 16:31:10 | 000,315,408 | ---- | M] (Kaspersky Lab) [File_System | System] -- C:\WINDOWS\system32\drivers\8323043.sys -- (de_cleaner_kasperskydrv)
DRV - [2009/09/25 10:59:42 | 000,128,016 | ---- | M] (Kaspersky Lab) [Kernel | System] -- C:\WINDOWS\system32\drivers\83230431.sys -- (83230431)
DRV - [2009/05/11 04:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/02/13 06:35:01 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008/04/13 14:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2008/04/13 14:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mpe.sys -- (MPE)
DRV - [2007/03/19 12:49:14 | 000,081,408 | ---- | M] () [Kernel | System] -- C:\WINDOWS\system32\drivers\SSHDRV86.sys -- (SSHDRV86)
DRV - [2006/09/12 14:27:00 | 004,381,184 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006/07/11 15:31:02 | 000,084,096 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2006/06/18 18:38:18 | 000,043,520 | R--- | M] (Advanced Micro Devices) [Kernel | System] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2006/04/28 11:34:24 | 000,882,688 | R--- | M] (Philips Semiconductors GmbH) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\3xHybrid.sys -- (3xHybrid)
DRV - [2005/11/28 05:45:16 | 000,007,040 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\x10hid.sys -- (X10Hid)
DRV - [2005/08/18 11:52:06 | 000,093,568 | ---- | M] (NVIDIA Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\nvatabus.sys -- (nvatabus)
DRV - [2005/05/19 10:52:58 | 000,017,792 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\x10ufx2.sys -- (XUIF)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.yahoo.com/fsc/
IE - HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Fotos_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.yahoo.com/fsc/
IE - HKU\Fotos_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Gabi_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKU\Gabi_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\Gabi_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKU\Gabi_ON_C\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKU\Gabi_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKU\Gabi_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0




FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Oracle)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.647: C:\Programme\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.647: C:\Programme\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.660: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.660: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.660: C:\Programme\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Programme\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/08/04 08:33:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Components: C:\Programme\Mozilla Firefox\components [2011/08/04 08:33:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2011/08/04 08:33:54 | 000,000,000 | ---D | M]

[2010/11/04 13:43:13 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2011/05/08 15:57:42 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011/05/08 15:57:42 | 000,002,344 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2011/05/08 15:57:42 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2011/05/08 15:57:42 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2011/05/08 15:57:42 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2004/08/10 08:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (EWPBrowseObject Class) - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Programme\Canon\Easy-WebPrint\EWPBrowseLoader.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programme\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [TkBellExe] C:\programme\real\realplayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKU\Administrator_ON_C..\Run: [AOLMIcon] C:\ISP\AOL\AolMIcon.exe (AOL Deutschland)
O4 - HKU\Fotos_ON_C..\Run: [AOLMIcon] C:\ISP\AOL\AolMIcon.exe (AOL Deutschland)
O4 - Startup: C:\Dokumente und Einstellungen\Gabi\Startmenü\Programme\Autostart\de_cleaner_kaspersky.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Fotos_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Gabi_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1301327400937 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1288895138921 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (C:\Dokumente und Einstellungen\Gabi\Anwendungsdaten\jashla.exe) - C:\Dokumente und Einstellungen\Gabi\Anwendungsdaten\jashla.exe ()
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper:
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Programme\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/11/27 17:57:58 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (sprestrt) - C:\WINDOWS\System32\sprestrt.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (sprestrt) - C:\WINDOWS\System32\sprestrt.exe (Microsoft Corporation)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/08/25 17:45:04 | 000,315,408 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\8323043.sys
[2011/08/25 17:45:04 | 000,128,016 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\83230431.sys
[2011/08/25 17:45:04 | 000,037,392 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\83230432.sys
[2011/08/25 17:45:03 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Gabi\Desktop\DE-Cleaner powered by Kaspersky
[2008/10/26 11:12:55 | 023,510,720 | ---- | C] (Microsoft Corporation) -- C:\Programme\dotnetfx.exe
[2008/10/26 11:03:22 | 003,169,808 | ---- | C] (Canneverbe Limited ) -- C:\Programme\cdbxp_setup_4.2.2.1012.exe
[201 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/09/22 15:11:53 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/09/22 14:50:44 | 1072,222,208 | -HS- | M] () -- C:\hiberfil.sys
[2011/09/22 05:47:23 | 000,012,620 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/08/26 00:21:05 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/08/25 17:47:24 | 000,002,189 | ---- | M] () -- C:\Dokumente und Einstellungen\Gabi\Startmenü\Programme\Autostart\de_cleaner_kaspersky.lnk
[201 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/08/25 17:47:24 | 000,002,189 | ---- | C] () -- C:\Dokumente und Einstellungen\Gabi\Startmenü\Programme\Autostart\de_cleaner_kaspersky.lnk
[2011/08/23 12:27:33 | 000,192,512 | ---- | C] () -- C:\Dokumente und Einstellungen\Gabi\Anwendungsdaten\jashla.exe
[2011/03/28 14:25:10 | 000,000,787 | ---- | C] () -- C:\Dokumente und Einstellungen\Gabi\Anwendungsdaten\Launch Internet Explorer Browser.lnk
[2010/11/04 13:12:17 | 000,240,592 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2010/11/04 13:12:12 | 000,240,592 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2010/11/04 13:12:12 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2010/11/04 13:11:59 | 002,293,194 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2010/07/15 17:29:49 | 000,000,184 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2010/06/14 16:51:26 | 000,000,012 | ---- | C] () -- C:\Dokumente und Einstellungen\Gabi\Anwendungsdaten\qcopjv.dat
[2010/02/19 13:26:10 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/10/11 13:10:45 | 034,119,048 | ---- | C] () -- C:\Programme\avira_antivir_personal_de.exe
[2008/11/18 10:08:34 | 000,084,889 | ---- | C] () -- C:\Programme\BT-MR 353 mit Werstattbindung.pdf
[2008/11/18 10:08:18 | 000,085,017 | ---- | C] () -- C:\Programme\BT-MM 700 mit Werkstattbindung.pdf
[2008/05/26 16:23:36 | 000,016,834 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2008/05/26 16:23:34 | 000,024,188 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2008/05/26 16:23:32 | 000,016,568 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2008/05/26 15:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008/05/26 15:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2008/01/03 05:14:37 | 000,003,584 | ---- | C] () -- C:\Dokumente und Einstellungen\Fotos\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/01/02 12:33:18 | 000,000,101 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2007/11/27 17:09:34 | 000,000,146 | ---- | C] () -- C:\Dokumente und Einstellungen\Fotos\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2007/11/04 10:08:18 | 000,000,116 | ---- | C] () -- C:\WINDOWS\homeDVD-Fotos4_5.INI
[2007/03/21 11:15:27 | 000,320,687 | ---- | C] () -- C:\Dokumente und Einstellungen\Gabi\Teddy als Welpe[1].jpg
[2007/03/19 12:49:14 | 000,081,408 | ---- | C] () -- C:\WINDOWS\System32\drivers\SSHDRV86.sys
[2007/02/26 18:09:28 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2007/02/26 17:49:31 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2007/02/12 06:05:57 | 000,025,088 | ---- | C] () -- C:\Dokumente und Einstellungen\Gabi\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/01/21 12:07:07 | 000,000,305 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\addr_file.html
[2006/12/30 10:17:07 | 000,000,211 | ---- | C] () -- C:\WINDOWS\uno.ini
[2006/12/30 10:17:01 | 000,287,744 | ---- | C] () -- C:\WINDOWS\uno364mi.dll
[2006/12/30 10:17:01 | 000,109,568 | ---- | C] () -- C:\WINDOWS\vos364mi.dll
[2006/12/30 10:17:01 | 000,091,648 | ---- | C] () -- C:\WINDOWS\osl364mi.dll
[2006/12/30 07:19:16 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/12/30 06:55:46 | 000,048,731 | ---- | C] () -- C:\WINDOWS\System32\compare.dat
[2006/12/30 06:55:27 | 000,000,137 | ---- | C] () -- C:\Dokumente und Einstellungen\Gabi\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2006/11/27 19:23:52 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/11/27 18:59:49 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2006/11/27 18:59:49 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2006/11/27 18:59:49 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2006/11/27 18:59:49 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2006/11/27 18:59:49 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2006/11/27 18:59:49 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2006/11/27 18:58:05 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2006/11/27 18:56:09 | 000,002,856 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini
[2006/11/27 18:55:32 | 000,000,180 | ---- | C] () -- C:\WINDOWS\Option.ini
[2006/11/27 18:54:35 | 000,127,184 | ---- | C] () -- C:\WINDOWS\Unwise.exe
[2006/11/27 18:03:23 | 000,000,146 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2006/11/27 18:01:14 | 000,000,816 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2006/11/27 17:59:49 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2006/11/27 17:55:12 | 000,034,540 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2006/11/27 17:54:12 | 000,003,776 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2006/11/27 17:50:27 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2006/11/27 17:49:47 | 000,218,448 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2006/11/27 03:49:42 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006/11/27 03:49:42 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\34CoInstaller.dll
[2006/11/27 03:49:41 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006/11/27 03:49:41 | 001,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006/11/27 03:49:41 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006/11/27 03:49:40 | 001,519,616 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2006/11/27 03:49:39 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2006/11/27 03:49:39 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2006/11/27 03:49:39 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2006/11/27 03:46:04 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\property.dll
[2006/11/27 03:45:57 | 000,531,480 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat
[2006/11/27 03:45:57 | 000,107,206 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat
[2006/11/27 03:45:44 | 000,484,568 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2006/11/27 03:45:44 | 000,081,378 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2006/11/27 03:45:43 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2006/07/16 20:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2006/07/16 20:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2006/07/16 20:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2006/07/16 20:00:00 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat
[2006/07/16 20:00:00 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2006/07/16 20:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2006/07/16 20:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2006/07/16 20:00:00 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat
[2006/07/16 20:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2006/07/16 20:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006/07/16 20:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2006/07/16 20:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2001/03/30 16:58:36 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\Property.dll

========== LOP Check ==========

[2006/11/27 19:00:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\X10 Commander
[2006/11/27 19:21:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\InterVideo
[2006/11/27 19:21:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Fotos\Anwendungsdaten\InterVideo
[2008/01/03 05:13:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Fotos\Anwendungsdaten\T-Online
[2008/10/26 12:28:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Gabi\Anwendungsdaten\Canneverbe_Limited
[2007/02/07 12:36:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Gabi\Anwendungsdaten\Canon
[2007/02/07 12:28:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Gabi\Anwendungsdaten\capella-software
[2007/03/19 12:45:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Gabi\Anwendungsdaten\DATA BECKER
[2006/11/27 19:21:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Gabi\Anwendungsdaten\InterVideo
[2008/06/25 14:24:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Gabi\Anwendungsdaten\MAGIX
[2010/11/24 15:14:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Gabi\Anwendungsdaten\Netviewer
[2006/12/30 10:17:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Gabi\Anwendungsdaten\T-Online
[2007/06/26 07:40:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Gabi\Anwendungsdaten\Template
[2011/03/19 16:20:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Gabi\Anwendungsdaten\TuneUp Software
[2007/06/22 11:02:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Gabi\Anwendungsdaten\Ulead Systems
[2009/09/01 05:14:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Gabi\Anwendungsdaten\Viewpoint
[2011/03/29 16:00:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Gabi\Anwendungsdaten\Windows Desktop Search
[2011/04/01 03:58:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Gabi\Anwendungsdaten\Windows Search
[2007/02/04 10:14:18 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonBJ
[2006/11/27 18:58:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MAGIX
[2006/11/27 18:54:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Pinnacle
[2006/12/30 10:16:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\T-Online
[2011/03/19 16:22:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software
[2007/09/05 06:30:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ulead Systems
[2007/02/26 17:50:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Viewpoint
[2006/11/27 18:55:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\X10 Settings
[2011/08/19 11:15:54 | 000,000,394 | ---- | M] () -- C:\WINDOWS\Tasks\1-Klick-Wartung.job

========== Purity Check ==========


< End of report >


Vielen Dank