Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Bundespolizei Trojaner (Klappe die tausendste)

Bundespolizei Trojaner (Klappe die tausendste)


Plagegeister aller Art und deren Bekämpfung: Bundespolizei Trojaner (Klappe die tausendste)

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 07.01.2012, 09:03   #1
babsiiiii
 
Bundespolizei Trojaner (Klappe die tausendste) - Standard

Bundespolizei Trojaner (Klappe die tausendste)


hier zu 4.
Code:
ATTFilter
SUPERAntiSpyware Scann-Protokoll
hxxp://www.superantispyware.com

Generiert 01/06/2012 bei 06:07 AM

Version der Applikation : 5.0.1142

Version der Kern-Datenbank : 8104
Version der Spur-Datenbank : 5916

Scan Art       : kompletter Scann
Totale Scann-Zeit : 01:31:24

Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User

Gescannte Speicherelemente  : 584
Erfasste Speicher-Bedrohungen  : 0
Gescannte Register-Elemente  : 72031
Erfasste Register-Bedrohungen  : 0
Gescannte Datei-Elemente     : 51087
Erfasste Datei-Elemente   : 0
5. und 6. hab ich auch so gemacht und es wurde nix gefunden!

7. OTL.txt: OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 07.01.2012 08:29:55 - Run 2
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Barbara\Desktop
64bit-Windows XP  Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,75 Gb Total Physical Memory | 0,74 Gb Available Physical Memory | 42,34% Memory free
3,50 Gb Paging File | 1,70 Gb Available in Paging File | 48,57% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 74,52 Gb Total Space | 17,64 Gb Free Space | 23,67% Space Free | Partition Type: NTFS
Drive D: | 74,13 Gb Total Space | 67,60 Gb Free Space | 91,19% Space Free | Partition Type: NTFS
Drive E: | 143,74 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: UDF
 
Computer Name: BARBARA-TOSH | User Name: Barbara | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.01.04 05:44:33 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011.12.24 02:19:48 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Barbara\Desktop\OTL.exe
PRC - [2011.08.31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011.07.01 12:26:08 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.04.27 11:10:06 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2010.11.20 13:17:56 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
PRC - [2010.11.02 12:22:29 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2009.07.14 18:10:30 | 000,042,368 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
PRC - [2009.04.28 16:12:21 | 000,139,944 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro200-S500 Series\ezprint.exe
PRC - [2009.04.28 16:12:16 | 000,766,632 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebmon.exe
PRC - [2009.03.10 17:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.01.05 17:24:40 | 008,527,008 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
MOD - [2012.01.04 05:44:32 | 002,124,760 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2009.04.28 16:12:21 | 000,139,944 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro200-S500 Series\ezprint.exe
MOD - [2009.04.28 16:12:16 | 000,766,632 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebmon.exe
MOD - [2009.04.24 19:01:15 | 001,159,168 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebDRS.dll
MOD - [2009.04.24 18:59:37 | 000,389,120 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebscw.dll
MOD - [2009.04.22 04:44:32 | 000,102,400 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro200-S500 Series\EPOEMDll.dll
MOD - [2009.04.22 04:43:56 | 000,045,056 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro200-S500 Series\epstring.dll
MOD - [2009.04.22 04:42:41 | 002,203,648 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro200-S500 Series\EPWizRes.dll
MOD - [2009.04.08 02:10:12 | 000,024,064 | ---- | M] () -- C:\Windows\SysWOW64\LXEBsmr.dll
MOD - [2009.04.03 15:18:46 | 000,409,600 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro200-S500 Series\iptk.dll
MOD - [2009.03.30 13:37:28 | 000,708,608 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro200-S500 Series\Epwizard.DLL
MOD - [2009.03.30 13:35:40 | 000,159,744 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro200-S500 Series\customui.dll
MOD - [2009.03.30 13:35:22 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro200-S500 Series\Epfunct.DLL
MOD - [2009.03.30 13:35:17 | 000,118,784 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro200-S500 Series\Eputil.DLL
MOD - [2009.03.30 13:35:05 | 000,139,264 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro200-S500 Series\Imagutil.DLL
MOD - [2009.03.25 16:10:12 | 000,192,512 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebdatr.dll
MOD - [2009.03.10 06:43:49 | 000,155,648 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebcaps.dll
MOD - [2009.03.02 15:25:47 | 000,151,552 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebptp.dll
MOD - [2009.02.20 09:48:03 | 000,299,008 | ---- | M] () -- C:\Windows\SysWOW64\LXEBsm.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2011.08.12 00:38:04 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV:64bit: - [2009.08.05 13:20:12 | 000,488,800 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV:64bit: - [2009.08.03 17:17:56 | 000,137,560 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV:64bit: - [2009.07.29 22:54:22 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.07.28 14:48:06 | 000,140,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV:64bit: - [2009.04.24 20:53:51 | 001,032,360 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxebcoms.exe -- (lxeb_device)
SRV:64bit: - [2009.04.24 20:53:45 | 000,033,960 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysNative\spool\DRIVERS\x64\3\\lxebserv.exe -- (lxebCATSCustConnectService)
SRV - [2011.08.31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011.07.01 12:26:08 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.04.27 11:10:06 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.08.17 09:48:42 | 000,051,512 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2009.08.10 18:55:58 | 000,248,688 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe -- (cfWiMAXService)
SRV - [2009.08.06 15:02:50 | 000,116,104 | ---- | M] (Toshiba Europe GmbH) [Auto | Running] -- C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe -- (TemproMonitoringService) Notebook Performance Tuning Service (TEMPRO)
SRV - [2009.07.14 18:10:30 | 000,042,368 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe -- (ConfigFree Gadget Service)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.05.22 19:02:20 | 000,250,616 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2009.04.24 20:53:36 | 000,602,792 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWow64\lxebcoms.exe -- (lxeb_device)
SRV - [2009.03.10 17:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2011.08.31 17:00:50 | 000,025,416 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011.07.01 12:26:09 | 000,123,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2011.07.01 12:26:09 | 000,088,288 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2009.08.13 07:18:46 | 000,439,808 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RTL8187Se.sys -- (RTL8187Se)
DRV:64bit: - [2009.07.30 19:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV:64bit: - [2009.07.30 16:46:22 | 000,222,208 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2009.07.30 11:07:12 | 006,037,504 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009.07.24 14:57:08 | 000,482,384 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tos_sps64.sys -- (tos_sps64)
DRV:64bit: - [2009.07.20 16:48:32 | 000,274,480 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009.07.14 14:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.02 13:55:38 | 000,044,912 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\LPCFilter.sys -- (LPCFilter)
DRV:64bit: - [2009.06.22 16:06:38 | 000,035,008 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PGEffect.sys -- (PGEffect)
DRV:64bit: - [2009.06.10 22:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.22 21:52:30 | 000,215,040 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009.05.20 17:04:56 | 000,202,016 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2009.05.04 23:30:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV - [2011.10.02 18:37:52 | 000,011,376 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysWOW64\drivers\SECDRV.SYS -- (SecDrv)
DRV - [2011.07.22 17:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV - [2011.07.12 22:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSEH&bmod=TSEH
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=TSEH&bmod=TSEH
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "youtube.de"
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:2
FF - prefs.js..keyword.URL: "hxxp://www.google.com/search?sourceid=navclient&hl=de&q="
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Barbara\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.01.04 05:44:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.05.08 20:04:11 | 000,000,000 | ---D | M]
 
[2010.01.04 00:26:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Barbara\AppData\Roaming\mozilla\Extensions
[2011.12.25 19:03:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Barbara\AppData\Roaming\mozilla\Firefox\Profiles\3k442n2x.default\extensions
[2011.12.19 17:55:22 | 000,002,457 | ---- | M] () -- C:\Users\Barbara\AppData\Roaming\Mozilla\Firefox\Profiles\3k442n2x.default\searchplugins\lastminute.xml
[2010.01.27 17:09:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2010.01.27 17:09:31 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files (x86)\mozilla firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
() (No name found) -- C:\USERS\BARBARA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3K442N2X.DEFAULT\EXTENSIONS\TOOLBAR@WEB.DE.XPI
[2012.01.04 05:44:33 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.10.31 11:24:47 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.10.31 11:24:47 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011.10.31 11:24:47 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.10.31 11:24:47 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll ()
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (Lexmark ) - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Programme\Lexmark Printable Web\bho.dll ()
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll File not found
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll ()
O4:64bit: - HKLM..\Run: [00TCrdMain] C:\Programme\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [EzPrint] C:\Program Files (x86)\Lexmark Pro200-S500 Series\ezprint.exe ()
O4:64bit: - HKLM..\Run: [lxebmon.exe] C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebmon.exe ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Programme\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SmartFaceVWatcher] C:\Programme\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [SmoothView] C:\Programme\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [Toshiba Registration] C:\Programme\TOSHIBA\Registration\ToshibaReminder.exe (Toshiba Europe GmbH)
O4:64bit: - HKLM..\Run: [Toshiba TEMPRO] C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe (Toshiba Europe GmbH)
O4:64bit: - HKLM..\Run: [TosNC] C:\Programme\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosReelTimeMonitor] C:\Programme\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosSENotify] C:\Programme\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TPwrMain] C:\Programme\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Programme\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files (x86)\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files (x86)\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4B2F5BE6-E297-41AD-BF10-4D6B1DB6A9E7}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9A7B635D-59D0-4338-A593-19A564B8B09D}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.01.06 10:15:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2012.01.05 18:30:09 | 000,000,000 | ---D | C] -- C:\Users\Barbara\AppData\Roaming\SUPERAntiSpyware.com
[2012.01.05 18:28:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2012.01.05 18:28:54 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2012.01.05 18:28:54 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2012.01.05 18:25:05 | 013,847,520 | ---- | C] (SUPERAntiSpyware.com) -- C:\Users\Barbara\Desktop\SUPERAntiSpyware.exe
[2012.01.05 18:17:54 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.01.05 18:14:54 | 000,525,544 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\deployJava1.dll
[2012.01.05 18:14:54 | 000,190,752 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaws.exe
[2012.01.05 18:14:54 | 000,172,320 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaw.exe
[2012.01.05 18:14:54 | 000,172,320 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\java.exe
[2012.01.05 18:14:07 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012.01.05 17:24:38 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2012.01.04 05:37:01 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2012.01.03 14:55:28 | 000,000,000 | ---D | C] -- C:\Users\Barbara\Desktop\backups
[2011.12.25 19:18:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2011.12.25 19:18:43 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011.12.25 19:17:03 | 003,562,624 | ---- | C] (Piriform Ltd) -- C:\Users\Barbara\Desktop\ccsetup314.exe
[2011.12.25 19:09:21 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Barbara\Desktop\HiJackThis204.exe
[2011.12.24 02:19:45 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Barbara\Desktop\OTL.exe
[2011.12.23 02:46:24 | 000,000,000 | ---D | C] -- C:\Users\Barbara\AppData\Roaming\Malwarebytes
[2011.12.23 02:46:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.12.23 02:46:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.12.23 02:46:15 | 000,025,416 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011.12.23 02:46:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011.12.16 04:04:52 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011.12.16 04:04:51 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011.12.16 04:04:42 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2011.12.16 04:04:42 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011.12.16 04:04:39 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011.12.16 04:04:38 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011.12.16 04:04:30 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2011.12.16 04:04:29 | 002,309,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2011.12.16 04:04:29 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2011.12.16 04:04:26 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011.12.16 04:04:23 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011.12.15 16:08:29 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2011.12.15 16:08:19 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2011.12.15 16:08:18 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2011.10.26 16:02:22 | 000,368,640 | ---- | C] ( ) -- C:\Windows\SysWow64\lxebinpa.dll
[2011.10.26 16:02:22 | 000,348,160 | ---- | C] ( ) -- C:\Windows\SysWow64\lxebiesc.dll
[2011.10.26 16:02:20 | 000,651,264 | ---- | C] ( ) -- C:\Windows\SysWow64\lxebpmui.dll
[2011.10.26 16:02:18 | 001,056,768 | ---- | C] ( ) -- C:\Windows\SysWow64\lxebserv.dll
[2011.10.26 16:02:18 | 000,851,968 | ---- | C] ( ) -- C:\Windows\SysWow64\lxebusb1.dll
[2011.10.26 16:02:17 | 000,581,632 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeblmpm.dll
[2011.10.26 16:02:17 | 000,328,360 | ---- | C] ( ) -- C:\Windows\SysWow64\lxebih.exe
[2011.10.26 16:02:16 | 000,688,128 | ---- | C] ( ) -- C:\Windows\SysWow64\lxebhbn3.dll
[2011.10.26 16:02:15 | 000,802,816 | ---- | C] ( ) -- C:\Windows\SysWow64\lxebcomc.dll
[2011.10.26 16:02:15 | 000,602,792 | ---- | C] ( ) -- C:\Windows\SysWow64\lxebcoms.exe
[2011.10.26 16:02:15 | 000,376,832 | ---- | C] ( ) -- C:\Windows\SysWow64\lxebcomm.dll
[2011.10.26 16:02:14 | 000,369,320 | ---- | C] ( ) -- C:\Windows\SysWow64\lxebcfg.exe
 
========== Files - Modified Within 30 Days ==========
 
[2012.01.07 08:35:04 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2611812462-125833362-1426737072-1000UA.job
[2012.01.07 03:49:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.01.06 04:45:24 | 000,016,080 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.01.06 04:45:24 | 000,016,080 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.01.06 04:33:18 | 1408,045,056 | -HS- | M] () -- C:\hiberfil.sys
[2012.01.05 18:28:57 | 000,001,815 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012.01.05 18:26:23 | 013,847,520 | ---- | M] (SUPERAntiSpyware.com) -- C:\Users\Barbara\Desktop\SUPERAntiSpyware.exe
[2012.01.05 18:14:11 | 000,190,752 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaws.exe
[2012.01.05 18:14:11 | 000,172,320 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaw.exe
[2012.01.05 18:14:10 | 000,525,544 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\deployJava1.dll
[2012.01.05 18:14:10 | 000,172,320 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\java.exe
[2012.01.05 17:24:40 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.01.04 17:04:42 | 000,166,834 | ---- | M] () -- C:\Users\Barbara\Documents\cc_20120104_170425.reg
[2012.01.04 16:19:43 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.01.04 16:19:43 | 000,654,188 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.01.04 16:19:43 | 000,616,030 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.01.04 16:19:43 | 000,130,028 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.01.04 16:19:43 | 000,106,410 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.12.25 19:18:45 | 000,000,829 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.12.25 19:17:09 | 003,562,624 | ---- | M] (Piriform Ltd) -- C:\Users\Barbara\Desktop\ccsetup314.exe
[2011.12.25 19:09:24 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Barbara\Desktop\HiJackThis204.exe
[2011.12.25 19:07:27 | 001,402,880 | ---- | M] () -- C:\Users\Barbara\Desktop\HiJackThis.msi
[2011.12.24 02:30:27 | 000,000,000 | ---- | M] () -- C:\Windows\ToDisc.INI
[2011.12.24 02:19:48 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Barbara\Desktop\OTL.exe
[2011.12.23 02:46:19 | 000,001,116 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.12.19 20:44:39 | 000,426,520 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
 
========== Files Created - No Company Name ==========
 
[2012.01.05 18:28:57 | 000,001,815 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012.01.04 17:04:33 | 000,166,834 | ---- | C] () -- C:\Users\Barbara\Documents\cc_20120104_170425.reg
[2011.12.25 19:18:45 | 000,000,829 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.12.25 19:07:22 | 001,402,880 | ---- | C] () -- C:\Users\Barbara\Desktop\HiJackThis.msi
[2011.12.24 02:30:27 | 000,000,000 | ---- | C] () -- C:\Windows\ToDisc.INI
[2011.12.23 02:46:19 | 000,001,116 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.10.26 16:02:24 | 000,385,024 | ---- | C] () -- C:\Windows\SysWow64\LXEBinst.dll
[2011.10.26 16:02:23 | 000,344,064 | ---- | C] () -- C:\Windows\SysWow64\lxebcomx.dll
[2011.10.26 16:02:22 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\lxebjswr.dll
[2011.10.26 16:02:21 | 000,114,688 | ---- | C] () -- C:\Windows\SysWow64\lxebinsr.dll
[2011.10.26 16:02:21 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\lxebcur.dll
[2011.10.26 16:02:19 | 000,323,584 | ---- | C] () -- C:\Windows\SysWow64\lxebins.dll
[2011.10.26 16:02:19 | 000,262,144 | ---- | C] () -- C:\Windows\SysWow64\lxebinsb.dll
[2011.10.26 16:02:19 | 000,253,952 | ---- | C] () -- C:\Windows\SysWow64\lxebcu.dll
[2011.10.26 16:02:19 | 000,090,112 | ---- | C] () -- C:\Windows\SysWow64\lxebcub.dll
[2011.10.26 16:00:52 | 000,024,064 | ---- | C] () -- C:\Windows\SysWow64\LXEBsmr.dll
[2011.10.26 16:00:51 | 000,299,008 | ---- | C] () -- C:\Windows\SysWow64\LXEBsm.dll
[2011.10.02 18:37:53 | 000,011,376 | ---- | C] () -- C:\Windows\SysWow64\drivers\SECDRV.SYS
[2011.01.05 00:07:19 | 000,000,632 | ---- | C] () -- C:\Windows\Thps3.INI
[2010.05.21 21:32:52 | 000,005,120 | ---- | C] () -- C:\Users\Barbara\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.03.13 18:23:48 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE
[2010.02.18 16:33:01 | 000,000,958 | ---- | C] () -- C:\Windows\eReg.dat
[2010.01.22 15:37:04 | 000,021,840 | ---- | C] () -- C:\Windows\SysWow64\SIntfNT.dll
[2010.01.22 15:37:04 | 000,017,212 | ---- | C] () -- C:\Windows\SysWow64\SIntf32.dll
[2010.01.22 15:37:04 | 000,012,067 | ---- | C] () -- C:\Windows\SysWow64\SIntf16.dll
[2010.01.22 15:31:23 | 000,000,025 | ---- | C] () -- C:\Windows\SIERRA.INI
[2009.12.25 16:19:02 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009.12.11 19:07:15 | 000,001,046 | ---- | C] () -- C:\Users\Barbara\AppData\Roaming\wklnhst.dat
[2009.09.11 08:37:31 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009.04.28 03:37:00 | 000,028,672 | ---- | C] () -- C:\Windows\SysWow64\SPCtl.dll
[2008.09.17 11:36:22 | 000,921,600 | ---- | C] () -- C:\Windows\SysWow64\vorbisenc.dll
[2008.09.17 11:36:20 | 000,237,568 | ---- | C] () -- C:\Windows\SysWow64\OggDS.dll
[2008.09.17 11:36:20 | 000,188,416 | ---- | C] () -- C:\Windows\SysWow64\vorbis.dll
[2008.09.17 11:36:20 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\Ogg.dll
[1997.06.14 09:56:08 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\iyvu9_32.dll
 
========== LOP Check ==========
 
[2011.01.05 15:35:51 | 000,000,000 | ---D | M] -- C:\Users\Barbara\AppData\Roaming\GetRightToGo
[2011.09.04 20:49:22 | 000,000,000 | ---D | M] -- C:\Users\Barbara\AppData\Roaming\ICQ
[2010.03.04 16:06:03 | 000,000,000 | ---D | M] -- C:\Users\Barbara\AppData\Roaming\Template
[2010.01.16 18:47:55 | 000,000,000 | ---D | M] -- C:\Users\Barbara\AppData\Roaming\Toshiba
[2010.08.16 15:58:53 | 000,000,000 | ---D | M] -- C:\Users\Barbara\AppData\Roaming\WildTangent
[2012.01.07 08:35:04 | 000,000,936 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2611812462-125833362-1426737072-1000UA.job
[2010.06.24 21:30:48 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >
--- --- ---
ein Extra.txt öffnet sich aber nicht und das Extra.txt auf meinem Desktop ist noch das alte.

Antwort

Themen zu Bundespolizei Trojaner (Klappe die tausendste)
.dll, anti-malware, appdata, bundespolizei, code, dateien, eset, explorer, folge, forum, laptop, link, link geklickt, logfile, malwarebytes, microsoft, netzwerk, pcs, recycle.bin, service, sperrt, starten, trojan.zbot.cbcgen, trojaner, trotz, version, windows, windows 7, wpbt0.dll


« HILFE!!! Remote Administration Tool(RAT) + USB Spread | Ich brauche dringend eure hilfe »


Ähnliche Themen: Bundespolizei Trojaner (Klappe die tausendste)


  1. PC friert ein, teilweise nur 10 Sekunden, manchmal komplett, Klappe die zweite
    Alles rund um Windows - 18.01.2014 (17)
  2. Again: Bundespolizei Trojaner
    Plagegeister aller Art und deren Bekämpfung - 03.01.2014 (4)
  3. Bundespolizei Trojaner
    Plagegeister aller Art und deren Bekämpfung - 17.11.2013 (2)
  4. GVU Bundespolizei Trojaner
    Log-Analyse und Auswertung - 21.05.2013 (30)
  5. Bundespolizei-Trojaner
    Plagegeister aller Art und deren Bekämpfung - 05.10.2012 (36)
  6. Bundespolizei Trojaner
    Plagegeister aller Art und deren Bekämpfung - 28.08.2012 (13)
  7. Bundespolizei-Trojaner
    Plagegeister aller Art und deren Bekämpfung - 31.07.2012 (30)
  8. Bundestrojaner Klappe die 10000ste .. :-(
    Plagegeister aller Art und deren Bekämpfung - 30.07.2012 (1)
  9. Bundespolizei Trojaner Win 7 64 Bit
    Plagegeister aller Art und deren Bekämpfung - 30.04.2012 (3)
  10. Bundestrojaner, Klappe die 439.
    Plagegeister aller Art und deren Bekämpfung - 12.04.2012 (27)
  11. System-Check die Tausendste...
    Log-Analyse und Auswertung - 30.03.2012 (13)
  12. 50€-Virus, die tausendste
    Plagegeister aller Art und deren Bekämpfung - 15.03.2012 (5)
  13. Bundespolizei Trojaner!
    Plagegeister aller Art und deren Bekämpfung - 29.12.2011 (5)
  14. Trojaner Bundespolizei
    Log-Analyse und Auswertung - 21.12.2011 (16)
  15. Bundespolizei-Trojaner
    Log-Analyse und Auswertung - 12.07.2011 (1)
  16. Kazy.mekml.1 - Klappe die zehnte
    Log-Analyse und Auswertung - 08.05.2011 (7)
  17. TR/Lager.AQ.1 ...Klappe, die 2te
    Plagegeister aller Art und deren Bekämpfung - 28.03.2006 (14)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Bundespolizei Trojaner (Klappe die tausendste) - hier zu 4. Code: Alles auswählen Aufklappen ATTFilter SUPERAntiSpyware Scann-Protokoll hxxp://www.superantispyware.com Generiert 01/06/2012 bei 06:07 AM Version der Applikation : 5.0.1142 Version der Kern-Datenbank : 8104 Version der Spur-Datenbank : - Bundespolizei Trojaner (Klappe die tausendste)...
Archiv
Du betrachtest: Bundespolizei Trojaner (Klappe die tausendste) auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131