Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
OTL.txt Datei erstellt

OTL.txt Datei erstellt


Log-Analyse und Auswertung: OTL.txt Datei erstellt

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 12.06.2012, 17:35   #1
pefe
 
OTL.txt Datei erstellt - Standard

OTL.txt Datei erstellt


Hi !

leider habe ich mir auch diesen Virus eingefangen. Hab jetzt, nach den Anweisungen hier, die OTL.txt erstellt:

BITTE UM WEITERE HILFE:OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 6/12/2012 7:15:39 PM - Run 
OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000407 | Country: Germany | Language: DEU | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 92.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 73.24 Gb Total Space | 59.96 Gb Free Space | 81.87% Space Free | Partition Type: NTFS
Drive D: | 159.64 Gb Total Space | 158.44 Gb Free Space | 99.25% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [Disabled] --  -- (HidServ)
SRV - [2012/06/12 04:49:06 | 000,257,224 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/06/05 09:17:44 | 000,160,944 | R--- | M] (Skype Technologies) [Auto] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011/08/16 15:07:00 | 000,148,520 | ---- | M] (McAfee, Inc.) [Auto] -- C:\WINDOWS\System32\mfevtps.exe -- (mfevtp)
SRV - [2011/05/19 11:05:00 | 000,120,128 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\McAfee\Common Framework\FrameworkService.exe -- (McAfeeFramework)
SRV - [2011/02/04 14:07:00 | 000,147,984 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe -- (McShield)
SRV - [2011/02/04 14:07:00 | 000,066,880 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe -- (McTaskManager)
SRV - [2011/02/04 14:07:00 | 000,022,816 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\McAfee\VirusScan Enterprise\EngineServer.exe -- (McAfeeEngineService)
SRV - [2010/02/16 08:14:52 | 001,498,224 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\McAfee\Host Intrusion Prevention\FireSvc.exe -- (enterceptAgent)
SRV - [2010/01/10 06:01:26 | 000,060,928 | ---- | M] () [Auto] -- C:\Program Files\STMicroelectronics\AccelerometerP11\InstallFilterService.exe -- (InstallFilterService)
SRV - [2009/12/17 04:45:18 | 000,812,448 | ---- | M] (Broadcom Corporation) [Auto] -- C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe -- (Credential Vault Host Control Service)
SRV - [2009/12/17 04:45:18 | 000,027,040 | ---- | M] (Broadcom Corporation) [Auto] -- C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe -- (Credential Vault Host Storage)
SRV - [2009/12/10 05:07:10 | 000,700,928 | R--- | M] () [Auto] -- C:\Program Files\Dell\Dell WWAN\WMCore\WMCore.exe -- (WMCoreService)
SRV - [2009/12/03 06:30:42 | 000,229,461 | ---- | M] (IDT, Inc.) [Auto] -- C:\Program Files\IDT\WDM\stacsv.exe -- (STacSV)
SRV - [2009/11/23 11:34:02 | 000,035,696 | ---- | M] (McAfee, Inc.) [Auto] -- C:\Program Files\McAfee\Host Intrusion Prevention\HIPSCore\HIPSvc.exe -- (hips)
SRV - [2008/07/04 06:52:18 | 000,014,336 | ---- | M] (Vodafone) [Auto] -- C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe -- (VMCService)
SRV - [2007/06/11 04:37:24 | 000,379,320 | ---- | M] (F5 Networks, Inc.) [Auto] -- C:\WINDOWS\system32\F5InstallerService.exe -- (F5 Networks Component Installer)
SRV - [2007/04/03 06:49:44 | 000,118,784 | ---- | M] (Bytemobile, Inc.) [Auto] -- C:\WINDOWS\System32\bmwebcfg.exe -- (bmwebcfg)
SRV - [2006/03/27 05:40:10 | 000,032,872 | ---- | M] (Marimba, Inc.) [Auto] -- C:\Program Files\MarimbaProdClient\Castanet Tuner\Tuner.exe -- (MarimbaProductionClient)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] --  -- (PDCOMP)
DRV - File not found [Kernel | System] --  -- (PCIDump)
DRV - File not found [Kernel | System] --  -- (mferkdk)
DRV - File not found [Kernel | On_Demand] --  -- (massfilter)
DRV - File not found [Kernel | System] --  -- (lbrtfdc)
DRV - File not found [Kernel | System] --  -- (i2omgmt)
DRV - File not found [Kernel | System] --  -- (Changer)
DRV - [2011/11/24 16:53:24 | 000,035,448 | ---- | M] (F5 Networks, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\covpndrv.sys -- (urvpndrv)
DRV - [2011/11/24 16:53:08 | 000,010,744 | ---- | M] (F5 Networks, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\urfltw2k.sys -- (f5ipfw)
DRV - [2011/08/16 15:07:00 | 000,461,864 | ---- | M] (McAfee, Inc.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2011/08/16 15:07:00 | 000,180,072 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2011/08/16 15:07:00 | 000,119,808 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2011/08/16 15:07:00 | 000,089,624 | ---- | M] (McAfee, Inc.) [Kernel | System] -- C:\WINDOWS\system32\drivers\mfetdi2k.sys -- (mfetdi2k)
DRV - [2011/08/16 15:07:00 | 000,087,808 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mferkdet.sys -- (mferkdet)
DRV - [2011/08/16 15:07:00 | 000,059,288 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2011/02/04 14:07:00 | 000,065,960 | ---- | M] (McAfee, Inc.) [Kernel | Disabled] -- C:\WINDOWS\system32\drivers\mfetdik.sys -- (mfetdik)
DRV - [2010/02/16 08:13:10 | 000,030,952 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\firelm01.sys -- (firelm01)
DRV - [2010/02/16 08:13:06 | 000,145,616 | ---- | M] (McAfee, Inc.) [Kernel | System] -- C:\WINDOWS\system32\drivers\FireTDI.sys -- (FireTDI)
DRV - [2010/02/16 08:13:00 | 000,138,528 | ---- | M] (McAfee, Inc.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\FirePM.sys -- (FirePM)
DRV - [2010/01/18 01:56:26 | 000,042,672 | ---- | M] (ST Microelectronics) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Accelern.sys -- (Acceler)
DRV - [2010/01/18 01:56:26 | 000,017,072 | ---- | M] (ST Microelectronics) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\stdfltn.sys -- (stdflt)
DRV - [2010/01/11 04:46:40 | 000,909,736 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2010/01/11 04:46:40 | 000,556,200 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2010/01/11 04:46:40 | 000,118,440 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2010/01/11 04:46:40 | 000,047,656 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2010/01/11 04:46:40 | 000,037,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2010/01/06 23:32:26 | 000,132,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Impcd.sys -- (Impcd)
DRV - [2009/12/09 08:17:02 | 000,082,984 | R--- | M] (Ericsson AB) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\d554gps.sys -- (d554gps)
DRV - [2009/12/03 06:30:42 | 001,656,246 | ---- | M] (IDT, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2009/11/29 22:31:00 | 002,649,216 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2009/11/27 07:16:48 | 000,215,040 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\IntcDAud.sys -- (IntcDAud) Intel(R)
DRV - [2009/11/23 11:33:42 | 000,035,584 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HIPQK.sys -- (HIPQK)
DRV - [2009/11/23 11:33:26 | 000,038,680 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HIPPSK.sys -- (HIPPSK)
DRV - [2009/11/23 11:33:10 | 000,107,896 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HIPK.sys -- (HIPK)
DRV - [2009/11/05 11:32:54 | 000,166,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\e1k5132.sys -- (e1kexpress) Intel(R)
DRV - [2009/11/03 10:40:42 | 000,033,832 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\cvusbdrv.sys -- (cvusbdrv)
DRV - [2009/10/28 11:55:00 | 000,047,616 | ---- | M] (REDC) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\risdpe86.sys -- (risdpcie)
DRV - [2009/10/23 06:42:44 | 000,130,560 | R--- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\d554unic.sys -- (d554unic) Dell Wireless 5540 HSPA Mini-Card Network Adapter (WDM)
DRV - [2009/10/23 06:42:44 | 000,123,904 | R--- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\d554mdm.sys -- (d554mdm)
DRV - [2009/10/23 06:42:44 | 000,117,888 | R--- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\d554mgmt.sys -- (d554mgmt) DellWireless5540 HSPA Mini-Card Device Management Drivers (WDM)
DRV - [2009/10/23 06:42:44 | 000,025,216 | R--- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\d554nd5.sys -- (d554nd5) Dell Wireless 5540 HSPA Mini-Card Network Adapter (NDIS)
DRV - [2009/10/23 06:42:44 | 000,014,976 | R--- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\d554mdfl.sys -- (d554mdfl)
DRV - [2009/10/23 06:42:42 | 000,098,560 | R--- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\d554bus.sys -- (d554bus) Dell Wireless 5540 HSPA Mini-Card Device driver (WDM)
DRV - [2009/10/13 10:15:48 | 000,047,744 | R--- | M] (Ericsson AB) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\d554scard.sys -- (d554scard)
DRV - [2009/09/10 08:55:52 | 000,102,528 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2009/07/24 12:33:24 | 000,100,736 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ewusbdev.sys -- (hwusbdev)
DRV - [2009/05/21 05:48:10 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbccid.sys -- (USBCCID)
DRV - [2009/04/21 16:13:34 | 000,113,664 | ---- | M] (Andrea Electronics Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\AESTAud.sys -- (AESTAud)
DRV - [2008/10/17 08:26:24 | 000,044,680 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\firehk.sys -- (FirehkMP)
DRV - [2008/10/17 08:26:24 | 000,044,680 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\firehk.sys -- (Firehk)
DRV - [2008/06/04 07:14:00 | 000,026,608 | ---- | M] (Dell Inc) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\PBADRV.sys -- (PBADRV)
DRV - [2007/04/03 06:46:08 | 000,018,816 | ---- | M] (Bytemobile, Inc.) [Kernel | System] -- C:\WINDOWS\System32\drivers\tcpipBM.sys -- (tcpipBM)
DRV - [2006/11/22 04:01:48 | 000,693,760 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\hardlock.sys -- (Hardlock)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://compass.oce.net/
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://compass.oce.net/
IE - HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = hxxp://intranet.ocede.oce.net/oce/proxy.pac
 
IE - HKU\LocalService_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://compass.oce.net/
IE - HKU\LocalService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\NetworkService_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://compass.oce.net/
IE - HKU\NetworkService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = hxxp://intranet.ocede.oce.net/oce/proxy.pac
 
IE - HKU\nt8831_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://compass.oce.net/
IE - HKU\nt8831_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\nt8831_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = hxxp://intranet.ocede.oce.net/oce/proxy.pac
 
IE - HKU\Oceinventory_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://compass.oce.net/
IE - HKU\Oceinventory_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = hxxp://intranet.ocede.oce.net/oce/proxy.pac
 
IE - HKU\ODE-DiscoverySRV_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://compass.oce.net/
IE - HKU\ODE-DiscoverySRV_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = hxxp://intranet.ocede.oce.net/oce/proxy.pac
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_257.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.28\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/03/28 01:54:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.28\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/04/16 00:05:33 | 000,000,000 | ---D | M]
 
[2012/06/11 04:00:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/08/26 06:55:12 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/12/06 08:17:11 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/01/08 04:02:13 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/03/03 18:12:39 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/06/08 11:58:45 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2012/03/05 03:51:58 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
[2010/07/29 08:52:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\defaults\profile\extensions
[2010/07/29 08:52:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\defaults\profile\Profiles.default\extensions
[2009/09/15 08:36:54 | 000,035,840 | ---- | M] () -- C:\Program Files\mozilla firefox\components\IntComXP.dll
[2011/02/04 14:07:00 | 000,023,864 | ---- | M] (McAfee, Inc.) -- C:\Program Files\mozilla firefox\components\Scriptff.dll
[2012/03/05 03:51:41 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010/08/04 07:15:20 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010/08/04 07:15:20 | 000,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2010/08/04 07:15:20 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2010/08/04 07:15:21 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2010/08/04 07:15:21 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2012/06/12 02:52:17 | 000,000,732 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (ReseptIeClient Object) - {B40D0B13-9A70-4394-8F21-E2E4AE3A9BC4} - C:\Program Files\Resept\ReseptIeClient.dll (Trustalert B.V)
O4 - HKLM..\Run: [AESTFltr] C:\WINDOWS\System32\AESTFltr.exe (Andrea Electronics Corporation)
O4 - HKLM..\Run: [McAfee Host Intrusion Prevention Tray] C:\Program Files\McAfee\Host Intrusion Prevention\FireTray.exe (McAfee, Inc.)
O4 - HKLM..\Run: [McAfeeUpdaterUI] C:\Program Files\McAfee\Common Framework\udaterui.exe (McAfee, Inc.)
O4 - HKLM..\Run: [MobileConnect] C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe (Vodafone)
O4 - HKLM..\Run: [SetOceUserForRemoteAccess] C:\Program Files\Resept\Tools\SetOceUser.exe (Oce)
O4 - HKLM..\Run: [ShStatEXE] C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE (McAfee, Inc.)
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoAutoTrayNotify = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSimpleStartMenu = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegedit = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoAutoTrayNotify = 1
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoAutoTrayNotify = 1
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoAutoTrayNotify = 1
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoAutoTrayNotify = 1
O7 - HKU\nt8831_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\nt8831_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoAutoTrayNotify = 1
O7 - HKU\nt8831_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O7 - HKU\nt8831_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegedit = 1
O7 - HKU\nt8831_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKU\Oceinventory_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Oceinventory_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoAutoTrayNotify = 1
O7 - HKU\ODE-DiscoverySRV_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\ODE-DiscoverySRV_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoAutoTrayNotify = 1
O8 - Extra context menu item: Senden an &Bluetooth-Gerät... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Senden an Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe (PokerStars)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 -  File not found
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {2BCDB465-81F9-41CB-832C-8037A4064446} C:\WINDOWS\TEMP\f5tmp\urxvpn.cab (F5 Networks VPN Manager)
O16 - DPF: {41EF3CD2-D8CC-4438-84B1-280BB4E77C8E} C:\WINDOWS\TEMP\f5tmp\f5tunsrv.cab (F5 Networks Dynamic Application Tunnel Control)
O16 - DPF: {45B69029-F3AB-4204-92DE-D5140C3E8E74} C:\WINDOWS\TEMP\f5tmp\InstallerControl.cab (F5 Networks Auto Update)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1325144133671 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CC85ACDF-B277-486F-8C70-2C9B2ED2A4E7} C:\WINDOWS\TEMP\f5tmp\urxshost.cab (F5 Networks SuperHost Class)
O16 - DPF: {E0FF21FA-B857-45C5-8621-F120A0C17FF2} C:\WINDOWS\TEMP\f5tmp\urxhost.cab (F5 Networks Host Control)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = ocede.oce.net
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop BackupWallPaper: 
O27 - HKLM IFEO\msconfig.exe: Debugger - P9KDMF.EXE File not found
O27 - HKLM IFEO\regedit.exe: Debugger - P9KDMF.EXE File not found
O27 - HKLM IFEO\taskmgr.exe: Debugger - P9KDMF.EXE File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/07/28 22:32:34 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{9e565942-9ac8-11df-9bdc-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{9e565942-9ac8-11df-9bdc-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{9e565942-9ac8-11df-9bdc-806d6172696f}\Shell\AutoRun\command - "" = Z:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012/06/12 12:02:34 | 000,040,328 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\HIPIS0e011b3.dll
[2012/06/12 07:31:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nt8831\Application Data\Ulgffd
[2012/06/12 07:31:32 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2012/06/11 16:54:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nt8831\Application Data\Skype
[2012/06/11 16:54:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2012/06/11 16:54:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Skype
[2012/06/11 16:54:21 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2012/06/11 16:54:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Skype
[2012/06/05 04:01:52 | 000,000,000 | R--D | C] -- D:\Eigene Dateien\Dropbox
[2012/06/05 03:59:07 | 000,000,000 | ---D | C] -- C:\Program Files\Dropbox
[2012/06/05 03:58:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\nt8831\Application Data\Dropbox
[2010/07/28 23:10:31 | 000,004,096 | ---- | C] ( ) -- C:\WINDOWS\System32\IGFXDEVLib.dll
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012/06/12 12:03:48 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/06/12 10:00:46 | 000,496,790 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/06/12 10:00:46 | 000,085,274 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/06/12 09:58:54 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/06/12 07:31:57 | 000,076,288 | ---- | M] () -- C:\Documents and Settings\nt8831\Application Data\Ulgffd\nnlirrhljbt.exe
[2012/06/12 06:09:01 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/06/12 04:49:05 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012/06/12 04:49:05 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012/06/12 04:47:13 | 000,011,036 | ---- | M] () -- C:\Documents and Settings\All Users\VfjsLLdxsETttQdOofs
[2012/06/11 16:54:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Skype
[2012/06/11 09:50:48 | 000,017,920 | ---- | M] () -- C:\Documents and Settings\nt8831\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/06/11 03:32:33 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/06/09 04:23:05 | 000,002,495 | ---- | M] () -- C:\Documents and Settings\nt8831\Desktop\Microsoft Office Excel 2003.lnk
[2012/06/06 10:54:03 | 000,002,299 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Oce Produktkonfigurator.lnk
[2012/06/06 10:46:53 | 001,278,379 | ---- | M] () -- C:\Documents and Settings\nt8831\Desktop\levjOqVqujUEUEfqfAx
[2012/06/05 04:01:52 | 000,000,999 | ---- | M] () -- C:\Documents and Settings\nt8831\Desktop\Dropbox.lnk
[2012/05/31 19:14:43 | 000,002,497 | ---- | M] () -- C:\Documents and Settings\nt8831\Desktop\Microsoft Office Word 2003.lnk
[2012/05/22 07:21:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Silverlight
[2012/05/14 09:35:22 | 000,054,784 | ---- | M] () -- C:\Documents and Settings\nt8831\Desktop\olApeedxruQsgUJG
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012/06/05 04:01:52 | 000,000,999 | ---- | C] () -- C:\Documents and Settings\nt8831\Desktop\Dropbox.lnk
[2012/03/13 07:27:39 | 000,085,464 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2012/02/16 10:03:14 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011/07/16 06:03:59 | 000,000,000 | ---- | C] () -- C:\WINDOWS\f5unistall.INI
[2011/05/18 09:51:07 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/09/03 05:59:54 | 000,017,920 | ---- | C] () -- C:\Documents and Settings\nt8831\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/08/10 06:56:45 | 000,155,623 | ---- | C] () -- C:\WINDOWS\hpoins27.dat
[2010/08/10 06:56:45 | 000,000,932 | ---- | C] () -- C:\WINDOWS\hpomdl27.dat
[2010/07/29 00:22:06 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010/07/29 00:20:42 | 000,140,440 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/07/28 23:32:09 | 000,308,624 | ---- | C] () -- C:\WINDOWS\System32\brcmbsp.dll
[2010/07/28 23:32:09 | 000,206,216 | ---- | C] () -- C:\WINDOWS\System32\bipbsp.dll
[2010/07/28 23:27:52 | 000,080,368 | ---- | C] () -- C:\WINDOWS\System32\pbadrvdll.dll
[2010/07/28 23:24:04 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll
[2010/07/28 23:24:04 | 000,025,088 | ---- | C] () -- C:\WINDOWS\System32\WLTRYSVC.EXE
[2010/07/28 23:24:03 | 000,757,760 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
[2010/07/28 23:10:31 | 000,874,032 | ---- | C] () -- C:\WINDOWS\System32\igkrng575.bin
[2010/07/28 23:10:31 | 000,127,896 | ---- | C] () -- C:\WINDOWS\System32\igcompkrng575.bin
[2010/07/28 23:10:30 | 000,000,151 | ---- | C] () -- C:\WINDOWS\System32\GfxUI.exe.config
[2010/07/28 22:44:51 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010/07/28 22:35:57 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010/07/28 22:28:33 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/11/20 09:55:52 | 002,860,384 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll
[2009/01/20 06:32:04 | 000,024,056 | ---- | C] () -- C:\WINDOWS\System32\providers.bin
[2008/06/23 07:02:02 | 000,097,410 | R--- | C] () -- C:\Documents and Settings\All Users\Application Data\DeviceManager.xml.rc4
[2008/05/23 11:48:50 | 000,020,270 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\DeviceInstaller.xml
[2008/04/28 07:26:24 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\CallSimReader.dll
[2008/04/28 07:26:20 | 000,055,808 | ---- | C] () -- C:\WINDOWS\System32\SimReader.dll
[2008/04/13 23:55:28 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2006/12/31 02:57:08 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006/12/13 09:45:14 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2006/12/13 09:43:20 | 000,843,776 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2006/06/30 06:58:44 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\bioapi_mds300.dll
[2006/06/30 06:58:44 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\bioapi100.dll
[2006/04/06 11:59:36 | 000,125,234 | ---- | C] () -- C:\WINDOWS\System32\reboot.exe
[2005/09/06 11:06:20 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\hlduinst.exe
[2003/03/31 08:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2003/03/31 08:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2003/03/31 08:00:00 | 000,496,790 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2003/03/31 08:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2003/03/31 08:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2003/03/31 08:00:00 | 000,085,274 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2003/03/31 08:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2003/03/31 08:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2003/03/31 08:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2003/03/31 08:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2003/01/07 09:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001/11/14 06:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
[1601/02/13 04:28:18 | 000,005,718 | ---- | C] () -- C:\Documents and Settings\nt8831\LfxdjxgDdtEJAurLQqtfJ
 
========== LOP Check ==========
 
[2010/07/29 09:21:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Vodafone
[2010/07/29 08:59:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\TrustAlert
[2010/07/29 09:21:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Bytemobile
[2010/07/29 09:16:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Vodafone
[2010/07/29 09:16:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nt8831\Application Data\Bytemobile
[2012/06/06 05:17:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nt8831\Application Data\Dropbox
[2011/07/28 16:22:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nt8831\Application Data\DVDVideoSoft
[2011/07/28 16:22:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nt8831\Application Data\DVDVideoSoftIEHelpers
[2010/07/29 09:08:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nt8831\Application Data\TrustAlert
[2012/06/12 07:31:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nt8831\Application Data\Ulgffd
[2010/07/29 09:22:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nt8831\Application Data\Vodafone
[2010/07/28 23:31:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Broadcom
[2011/07/16 06:03:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\F5 Networks
[2012/01/10 06:49:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GroupPolicy
[2010/07/29 08:40:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Marimba
[2010/07/29 09:22:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Vodafone
 
========== Purity Check ==========
 
 
< End of report >
--- --- ---
Geändert von pefe (12.06.2012 um 18:10 Uhr)

 

Themen zu OTL.txt Datei erstellt
.dll, administrator, adobe, alert, bho, desktop, device driver, disabletaskmgr, error, excel, explorer, firefox, flash player, fontcache, format, helper, homepage, logfile, microsoft office word, object, plug-in, registry, scan, senden, software, sttray.exe, temp, tunnel, version=1.0, virus, vodafone, windows, windows xp


« Virusbefall TR/ATRAPS.Gen2 | Verschlüsselungs-Trojaner Trojan.Ransomlock.P durch Anhang einer Email-Mahnung »


Ähnliche Themen: OTL.txt Datei erstellt


  1. Windows 7:GVU Trojaner mit Sperrschirm frst datei erstellt und wie geht es weiter
    Log-Analyse und Auswertung - 07.03.2015 (14)
  2. Mahnung von www.wahlbusch.de zip-Datei und darin enthaltene Datei geöffnet
    Log-Analyse und Auswertung - 18.04.2013 (7)
  3. Photshop datei von Adebo geladen und TROJ_GEN.RC1H1AV in der Datei gefunden
    Log-Analyse und Auswertung - 11.02.2013 (1)
  4. hijackthis editor datei erstellt, was nun?
    Plagegeister aller Art und deren Bekämpfung - 10.02.2013 (33)
  5. Avira findet TR/ATRAPS.gen kann die Datei aber nicht löschen. Wie bekomme ich die Datei vom System?
    Plagegeister aller Art und deren Bekämpfung - 25.06.2012 (1)
  6. Glaube Verschlüsslungstrojaner(vor Datei locked nach datei pffp und andere änderungen)
    Plagegeister aller Art und deren Bekämpfung - 10.06.2012 (1)
  7. 50Euro Virus - Win7 / 64 - OTL Logfile erstellt nach Anleitung erstellt
    Plagegeister aller Art und deren Bekämpfung - 06.01.2012 (2)
  8. BKA Trojaner - habe mit OTLpe txt Datei erstellt - benötige nun eine "FIX-Datei"?
    Log-Analyse und Auswertung - 11.10.2011 (1)
  9. Zieldatei wird von BAT-Datei nicht erstellt und DOS Shell bleibt offen
    Alles rund um Windows - 27.08.2010 (2)
  10. Datei dhcpcsvc.dll erstellt sich selbst neu nach entfernung von Security Essentials 2010
    Plagegeister aller Art und deren Bekämpfung - 03.07.2010 (7)
  11. Datei wird immer wieder erstellt - wer war es?
    Plagegeister aller Art und deren Bekämpfung - 08.03.2010 (3)
  12. Trojaner in .rar Datei! Bitte um Analyse dieser Datei!!!
    Plagegeister aller Art und deren Bekämpfung - 23.08.2009 (12)
  13. Eine gelöschte Infizierte Datei erstellt sich nach Neustart wieder
    Plagegeister aller Art und deren Bekämpfung - 01.10.2008 (31)
  14. SPYBOT LOG DATEI mysteriös. bitte um auswertung der HIJACKTHIS LOG DATEI
    Log-Analyse und Auswertung - 29.01.2008 (0)
  15. Doofe Datei erstellt...
    Alles rund um Windows - 14.06.2005 (3)
  16. Trojaner in datei gefunden (datei aber nicht vorhanden)
    Plagegeister aller Art und deren Bekämpfung - 29.11.2004 (2)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema OTL.txt Datei erstellt - Hi ! leider habe ich mir auch diesen Virus eingefangen. Hab jetzt, nach den Anweisungen hier, die OTL.txt erstellt: BITTE UM WEITERE HILFE:OTL Logfile: Code: Alles auswählen Aufklappen ATTFilter OTL - OTL.txt Datei erstellt...
Archiv
Du betrachtest: OTL.txt Datei erstellt auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131