Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Trace.Registry.trojan-dropper.win32.inject!E1 entfernen

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Alt 15.08.2012, 11:18   #1
django68
 
Trace.Registry.trojan-dropper.win32.inject!E1 entfernen - Icon16

Trace.Registry.trojan-dropper.win32.inject!E1 entfernen



Hallo,
Emsisoft Malware 6.6 findet nach jedem Scan Trace.Registry.trojan-dropper.win32.inject!E1.
Bitte um Hilfe diesen zu entfernen.

Emsisoft Anti-Malware - Version 6.6
Letztes Update: 15.08.2012 10:44:27

Scan Einstellungen:

Scan Methode: Smart Scan
Objekte: Rootkits, Speicher, Traces, C:\Windows\, C:\Program Files\
Archiv Scan: Aus
ADS Scan: An

Scan Beginn: 15.08.2012 10:45:33

Value: hkey_current_user\software\microsoft\windows\currentversion\run --> upgradechecker gefunden: Trace.Registry.trojan-dropper.win32.inject!E1

Gescannt 481549
Gefunden 1

Scan Ende: 15.08.2012 11:09:23
Scan Zeit: 0:23:50OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 15.08.2012 11:18:58 - Run 1
OTL by OldTimer - Version 3.2.57.0     Folder = C:\Users\Windows666\Downloads
 Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1022,49 Mb Total Physical Memory | 501,03 Mb Available Physical Memory | 49,00% Memory free
2,00 Gb Paging File | 0,50 Gb Available in Paging File | 24,78% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 297,99 Gb Total Space | 78,73 Gb Free Space | 26,42% Space Free | Partition Type: NTFS
Drive D: | 101,94 Mb Total Space | 10,66 Mb Free Space | 10,46% Space Free | Partition Type: NTFS
Drive E: | 186,21 Gb Total Space | 41,39 Gb Free Space | 22,23% Space Free | Partition Type: NTFS
 
Computer Name: WINDOWS666-PC | User Name: Windows666 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Windows666\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Emsisoft Anti-Malware\a2service.exe (Emsisoft GmbH)
PRC - C:\Programme\Emsisoft Anti-Malware\a2guard.exe (Emsisoft GmbH)
PRC - C:\Windows\System32\atieclxx.exe (AMD)
PRC - C:\Windows\System32\atiesrxx.exe (AMD)
PRC - C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Programme\Ashampoo\Ashampoo Anti-Malware\AAMW_Service.exe ()
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\prevhost.exe (Microsoft Corporation)
PRC - C:\Programme\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Programme\Ashampoo\Ashampoo Anti-Malware\AAMW_Guard.exe (Ashampoo Development GmbH & Co. KG)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\f2f8201dd3453250dfd9ed1afce630a0\WindowsFormsIntegration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\a501b7960f6c6e2e39162b83f3303aaa\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e717a230496832656b05b515eb9f3bc5\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\14a87218ea49639f38097e278b98a3da\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\dfd33f59a5803a3c73cf408362e6e0b7\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8e56489276063ededde74e597a121df3\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\ca2eff60beb3ba00a529a2d42dceca22\UIAutomationProvider.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll ()
MOD - C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_de_31bf3856ad364e35\PresentationFramework.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\PresentationCore.resources\3.0.0.0_de_31bf3856ad364e35\PresentationCore.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (a2AntiMalware) -- C:\Programme\Emsisoft Anti-Malware\a2service.exe (Emsisoft GmbH)
SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)
SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (AAMWService) -- C:\Programme\Ashampoo\Ashampoo Anti-Malware\AAMW_Service.exe ()
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (AAMW_WSC_Service_Vista) -- C:\Programme\Ashampoo\Ashampoo Anti-Malware\AAMW_WSC_Service_Vista.exe ()
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (vgwshzyh) -- C:\Windows\system32\drivers\vgwshzyh.sys File not found
DRV - (VGPU) -- System32\drivers\rdvgkmd.sys File not found
DRV - (qhldfvgp) -- C:\Windows\system32\drivers\qhldfvgp.sys File not found
DRV - (nsxrjlyf) -- C:\Windows\system32\drivers\nsxrjlyf.sys File not found
DRV - (lgkkgehq) -- C:\Windows\system32\drivers\lgkkgehq.sys File not found
DRV - (kltoskok) -- C:\Windows\system32\drivers\kltoskok.sys File not found
DRV - (dnoinpnu) -- C:\Windows\system32\drivers\dnoinpnu.sys File not found
DRV - (chgfpqzx) -- C:\Windows\system32\drivers\chgfpqzx.sys File not found
DRV - (ccgqvjgn) -- C:\Windows\system32\drivers\ccgqvjgn.sys File not found
DRV - (a2acc) -- C:\Programme\Emsisoft Anti-Malware\a2accx86.sys (Emsisoft GmbH)
DRV - (a2injectiondriver) -- C:\Programme\Emsisoft Anti-Malware\a2dix86.sys (Emsisoft GmbH)
DRV - (amdkmdag) -- C:\Windows\System32\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV - (amdkmdap) -- C:\Windows\System32\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV - (AtiHDAudioService) -- C:\Windows\System32\drivers\AtihdW73.sys (Advanced Micro Devices)
DRV - (A2DDA) -- C:\Programme\Emsisoft Anti-Malware\a2ddax86.sys (Emsi Software GmbH)
DRV - (RdpVideoMiniport) -- C:\Windows\System32\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation)
DRV - (tsusbhub) -- C:\Windows\System32\drivers\tsusbhub.sys (Microsoft Corporation)
DRV - (Synth3dVsc) -- C:\Windows\System32\drivers\Synth3dVsc.sys (Microsoft Corporation)
DRV - (dmvsc) -- C:\Windows\System32\drivers\dmvsc.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation)
DRV - (TsUsbGD) -- C:\Windows\System32\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV - (terminpt) -- C:\Windows\System32\drivers\terminpt.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation)
DRV - (ASW3Scan) -- C:\Programme\Ashampoo\Ashampoo Anti-Malware\AAMW_IFS32.sys ()
DRV - (a2util) -- C:\Programme\Emsisoft Anti-Malware\a2util32.sys (Emsi Software GmbH)
DRV - (AAMWRegFilter) -- C:\Programme\Ashampoo\Ashampoo Anti-Malware\AAMW_Regfilter32.sys ()
DRV - (FETNDIS) -- C:\Windows\System32\drivers\fetnd6.sys (VIA Technologies, Inc.              )
DRV - (RT2500USB) -- C:\Windows\System32\drivers\rt73.sys (Ralink Technology, Corp.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.ebay.de/
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
 
 
O1 HOSTS File: ([2009.06.10 23:00:28 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [AMD AVT] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Ashampoo Anti-Malware Guard] C:\Program Files\Ashampoo\Ashampoo Anti-Malware\AAMW_Guard.exe (Ashampoo Development GmbH & Co. KG)
O4 - HKLM..\Run: [emsisoft anti-malware] c:\program files\emsisoft anti-malware\a2guard.exe (Emsisoft GmbH)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [UpgradeChecker] C:\Users\Windows666\AppData\Roaming\Google Inc.\{EA1411D0-DAE0-4C16-8584-077A2695FA70}\UpgradeChecker.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O13 - gopher Prefix: missing
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} hxxp://quickscan.bitdefender.com/qsax/qsax.cab (Bitdefender QuickScan Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 10.3.0)
O16 - DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 1.7.0_03)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 1.7.0_03)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{48260C41-67DD-42B2-ABA5-D1FF6DB848BA}: DhcpNameServer = 192.168.2.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - E:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (MACHINE BootExecut)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.08.15 11:15:15 | 000,000,000 | ---D | C] -- C:\Users\Windows666\Desktop\scanbericht
[2012.08.15 10:06:07 | 000,000,000 | ---D | C] -- C:\Users\Windows666\AppData\Roaming\QuickScan
[2012.08.14 21:18:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
[2012.08.14 21:18:03 | 000,000,000 | ---D | C] -- C:\Program Files\Ashampoo
[2012.08.14 16:52:12 | 000,000,000 | ---D | C] -- C:\Users\Windows666\AppData\Local\Ashampoo
[2012.08.14 16:11:41 | 000,000,000 | ---D | C] -- C:\Users\Windows666\AppData\Roaming\Systweak
[2012.08.14 16:11:38 | 000,017,320 | ---- | C] (Systweak Inc., (www.systweak.com)) -- C:\Windows\System32\roboot.exe
[2012.08.13 16:53:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012.08.13 16:53:49 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012.08.13 11:59:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware
[2012.08.13 11:57:55 | 000,000,000 | ---D | C] -- C:\Program Files\Emsisoft Anti-Malware
[2012.08.13 11:57:55 | 000,000,000 | ---D | C] -- C:\Users\Windows666\Documents\Anti-Malware
[2012.07.24 15:02:45 | 000,000,000 | ---D | C] -- C:\Users\Windows666\Desktop\filme
[2012.07.23 14:47:24 | 000,000,000 | ---D | C] -- C:\Users\Windows666\AppData\Roaming\Microsoft Corporation
 
========== Files - Modified Within 30 Days ==========
 
[2012.08.15 10:35:49 | 000,000,193 | ---- | M] () -- C:\Windows\WORDPAD.INI
[2012.08.15 10:35:05 | 000,009,243 | ---- | M] () -- C:\Users\Windows666\Documents\EMSISOFT.rtf
[2012.08.15 10:25:05 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.08.15 10:01:46 | 000,026,352 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.08.15 10:01:45 | 000,026,352 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.08.15 09:51:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.08.15 09:51:48 | 804,118,528 | -HS- | M] () -- C:\hiberfil.sys
[2012.08.15 01:20:55 | 000,007,680 | ---- | M] () -- C:\Windows\13212406.exe
[2012.08.15 01:20:55 | 000,000,004 | ---- | M] () -- C:\Windows\13212406.dat
[2012.08.14 21:18:31 | 000,001,192 | ---- | M] () -- C:\Users\Public\Desktop\Ashampoo Anti-Malware.lnk
[2012.08.14 16:49:55 | 000,000,286 | ---- | M] () -- C:\Users\Windows666\Documents\trojaner.rtf
[2012.08.14 16:32:03 | 000,001,676 | ---- | M] () -- C:\Windows\System32\ASOROSet.bin
[2012.08.14 16:02:58 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012.08.14 16:02:29 | 000,653,928 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.08.14 16:02:29 | 000,615,810 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.08.14 16:02:29 | 000,129,800 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.08.14 16:02:29 | 000,106,190 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.08.13 16:53:57 | 000,000,965 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.08.13 11:59:10 | 000,001,049 | ---- | M] () -- C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
[2012.08.08 14:26:42 | 000,000,815 | ---- | M] () -- C:\Users\Windows666\Documents\Herkules Hosenträger.rtf
[2012.08.06 18:27:10 | 004,503,728 | ---- | M] () -- C:\ProgramData\rat_0ybba.pad
[2012.08.03 11:46:41 | 000,001,749 | ---- | M] () -- C:\Users\Windows666\Documents\Pari Junior Boy S.rtf
[2012.08.03 09:25:25 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012.08.03 09:25:25 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012.08.01 11:24:03 | 000,001,812 | ---- | M] () -- C:\Users\Windows666\Documents\Vase Hutschenreuther.rtf
[2012.07.29 19:49:32 | 000,001,745 | ---- | M] () -- C:\Users\Windows666\Documents\Servier Platte groß.rtf
[2012.07.28 19:08:08 | 000,000,425 | ---- | M] () -- C:\Users\Windows666\Documents\Pierrot und Columbine Fasold & Strauch.rtf
[2012.07.28 18:35:42 | 000,002,801 | ---- | M] () -- C:\Users\Windows666\Documents\Rosenthal  Cattleya.rtf
[2012.07.24 23:33:10 | 000,017,136 | ---- | M] () -- C:\Windows\System32\sasnative32.exe
[2012.07.16 18:36:05 | 000,443,522 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20120802-120030.backup
[2012.07.16 14:25:06 | 000,017,320 | ---- | M] (Systweak Inc., (www.systweak.com)) -- C:\Windows\System32\roboot.exe
 
========== Files Created - No Company Name ==========
 
[2012.08.15 01:20:55 | 000,007,680 | ---- | C] () -- C:\Windows\13212406.exe
[2012.08.15 01:20:55 | 000,000,004 | ---- | C] () -- C:\Windows\13212406.dat
[2012.08.14 21:18:31 | 000,001,192 | ---- | C] () -- C:\Users\Public\Desktop\Ashampoo Anti-Malware.lnk
[2012.08.14 16:49:54 | 000,000,286 | ---- | C] () -- C:\Users\Windows666\Documents\trojaner.rtf
[2012.08.14 16:27:12 | 000,001,676 | ---- | C] () -- C:\Windows\System32\ASOROSet.bin
[2012.08.14 16:12:03 | 000,017,136 | ---- | C] () -- C:\Windows\System32\sasnative32.exe
[2012.08.14 09:51:41 | 000,009,243 | ---- | C] () -- C:\Users\Windows666\Documents\EMSISOFT.rtf
[2012.08.13 16:53:57 | 000,000,965 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.08.13 11:59:10 | 000,001,049 | ---- | C] () -- C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
[2012.08.08 14:26:41 | 000,000,815 | ---- | C] () -- C:\Users\Windows666\Documents\Herkules Hosenträger.rtf
[2012.08.06 18:15:24 | 004,503,728 | ---- | C] () -- C:\ProgramData\rat_0ybba.pad
[2012.08.03 11:46:40 | 000,001,749 | ---- | C] () -- C:\Users\Windows666\Documents\Pari Junior Boy S.rtf
[2012.08.01 11:24:03 | 000,001,812 | ---- | C] () -- C:\Users\Windows666\Documents\Vase Hutschenreuther.rtf
[2012.07.29 19:49:32 | 000,001,745 | ---- | C] () -- C:\Users\Windows666\Documents\Servier Platte groß.rtf
[2012.07.28 19:08:07 | 000,000,425 | ---- | C] () -- C:\Users\Windows666\Documents\Pierrot und Columbine Fasold & Strauch.rtf
[2012.07.28 18:35:41 | 000,002,801 | ---- | C] () -- C:\Users\Windows666\Documents\Rosenthal  Cattleya.rtf
[2012.04.15 18:51:46 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2012.04.07 14:53:37 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.04.07 14:25:26 | 000,000,158 | ---- | C] () -- C:\Windows\pagesuit.ini
[2012.04.07 14:25:25 | 000,023,040 | ---- | C] () -- C:\Windows\System32\irisco32.dll
[2012.04.06 03:21:42 | 000,204,952 | ---- | C] () -- C:\Windows\System32\ativvsvl.dat
[2012.04.06 03:21:42 | 000,157,144 | ---- | C] () -- C:\Windows\System32\ativvsva.dat
[2012.04.05 22:34:22 | 000,159,232 | ---- | C] () -- C:\Windows\System32\clinfo.exe
[2012.03.09 14:06:14 | 000,024,576 | ---- | C] () -- C:\Windows\System32\kdbsdk32.dll
[2012.01.10 23:10:08 | 000,601,728 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2011.09.13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2011.04.12 03:30:05 | 000,653,928 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2011.04.12 03:30:05 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2011.04.12 03:30:05 | 000,129,800 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2011.04.12 03:30:05 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2010.11.20 23:29:34 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2010.11.20 23:29:26 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
 
========== LOP Check ==========
 
[2012.07.12 19:54:46 | 000,000,000 | ---D | M] -- C:\Users\Windows666\AppData\Roaming\Dropbox
[2012.04.07 14:23:44 | 000,000,000 | ---D | M] -- C:\Users\Windows666\AppData\Roaming\Ordner HP Share-to-Web
[2012.08.15 10:06:22 | 000,000,000 | ---D | M] -- C:\Users\Windows666\AppData\Roaming\QuickScan
[2012.08.14 16:42:36 | 000,000,000 | ---D | M] -- C:\Users\Windows666\AppData\Roaming\Systweak
[2012.08.11 20:52:26 | 000,000,000 | ---D | M] -- C:\Users\Windows666\AppData\Roaming\TeamViewer
[2012.07.11 14:26:37 | 000,000,000 | ---D | M] -- C:\Users\Windows666\AppData\Roaming\TuneUp Software
[2012.08.06 06:15:01 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 76 bytes -> C:\Users\Windows666\OpenOffice.org 2.4 (de) Installation Files:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Windows666\Desktop\Rapithsare:Roxio EMC Stream

< End of report >
         
--- --- ---
OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 15.08.2012 11:18:59 - Run 1
OTL by OldTimer - Version 3.2.57.0     Folder = C:\Users\Windows666\Downloads
 Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1022,49 Mb Total Physical Memory | 501,03 Mb Available Physical Memory | 49,00% Memory free
2,00 Gb Paging File | 0,50 Gb Available in Paging File | 24,78% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 297,99 Gb Total Space | 78,73 Gb Free Space | 26,42% Space Free | Partition Type: NTFS
Drive D: | 101,94 Mb Total Space | 10,66 Mb Free Space | 10,46% Space Free | Partition Type: NTFS
Drive E: | 186,21 Gb Total Space | 41,39 Gb Free Space | 22,23% Space Free | Partition Type: NTFS
 
Computer Name: WINDOWS666-PC | User Name: Windows666 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- Reg Error: Value error.
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"TCP Query User{D3BB6726-339E-4673-BAAA-A4F68F0D3D54}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | 
"UDP Query User{654A3EF5-827D-4A50-B357-DA6B7E3DD477}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03D4C700-2BFE-43E0-A0B4-9512B43C5B9F}" = Catalyst Control Center - Branding
"{071E3D6A-79AB-0085-8CCF-EF52AEC6666F}" = AMD Accelerated Video Transcoding
"{19D614EB-D62A-AEE7-2391-E74126601D59}" = CCC Help Italian
"{1C373820-B9C8-0F7F-8F84-FC1B76A85F27}" = CCC Help Portuguese
"{1DA193D3-BEC6-4FEF-89E3-D8F739216BFB}_is1" = Ashampoo Anti-Malware v.1.21
"{26A24AE4-039D-4CA4-87B4-2F83217003FF}" = Java(TM) 7 Update 3
"{2D35BC33-7D08-D529-DF91-8A15FBF2600E}" = CCC Help Polish
"{2FC92BF4-F8BB-755F-755C-D756383C4CF3}" = ccc-utility
"{337788D1-43D1-9A0F-9787-DD00DB512D41}" = Catalyst Control Center Localization All
"{355FBF6C-31EB-C660-F07A-1CC93975A5CA}" = HydraVision
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4725833D-4325-5C34-57D4-1FE23E5AE578}" = CCC Help Chinese Standard
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B271648-43CB-DD31-FF24-E7B06D3EE72A}" = Catalyst Control Center InstallProxy
"{4DC37F33-7AEC-A4CB-56B1-69A402828763}" = CCC Help Japanese
"{5710DAC2-8F2A-503C-CFC2-A973ADE0EA4C}" = CCC Help Czech
"{5C763682-4C40-86DA-9C46-31924D7D2C34}" = CCC Help Thai
"{60E5022D-FA4B-C6A2-1E80-B46EC39096F3}" = CCC Help Chinese Traditional
"{60F34FDF-267C-408F-290E-EC90D841C8CB}" = CCC Help German
"{66B79AE1-C6E2-B958-689C-D0812DE86BAB}" = CCC Help Greek
"{6B39BE0F-0F5E-A8FA-33E4-8481AE39D96C}" = CCC Help Russian
"{8E19F2AF-7145-51DE-E395-7729A9374973}" = Catalyst Control Center Graphics Previews Common
"{91CB5B8B-4EC8-DBA1-A88D-99FD480567B0}" = CCC Help English
"{924FBAC4-60D2-7981-3C3E-979DF9CBB346}" = CCC Help Finnish
"{9BFFB382-0B2C-11D6-AB3E-000102B0F79A}" = Readiris 7.5
"{9DC939DC-B7A4-D0E2-C582-A442DF1B3EBE}" = CCC Help Spanish
"{A1BD938B-F006-6E6D-70B2-47E1DD56F7DE}" = CCC Help Swedish
"{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
"{A57CBC93-A964-3549-7C8F-43EF4C0C4077}" = ATI AVIVO Codecs
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch
"{BABF7852-C2DD-6A8A-9956-101720C715C7}" = CCC Help Turkish
"{BB7C2A56-9706-43B8-5A8C-210AF5816106}" = CCC Help French
"{BC30E5E7-047D-4232-A7E8-F2CB7CC7B2E0}_is1" = Emsisoft Anti-Malware
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240CC}" = WinZip 16.0
"{CE3DF04B-D674-369C-8469-75285614A8C4}" = AMD Catalyst Install Manager
"{CFC2CB60-5654-05A7-4D30-C661800A3A92}" = CCC Help Korean
"{D04CE005-D1D2-80F3-84C8-B3524FCD39C3}" = CCC Help Norwegian
"{D544AE4C-4152-225B-A897-6756C8986B14}" = Catalyst Control Center
"{D81E9069-3CCC-4405-3751-71E4AFEACC52}" = CCC Help Hungarian
"{DD2205B2-ECFA-37C1-198F-BC8B84C2F74C}" = AMD Drag and Drop Transcoding
"{DECE22F4-EEDD-4615-BC56-2F4827FAD64B}" = WiFi Station
"{E93FF166-DF14-2537-8FB4-96BB5810A96C}" = CCC Help Danish
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F335228B-0FFC-F617-08C7-A4E072441FBE}" = AMD Media Foundation Decoders
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FA9827E1-8A8E-C176-4923-0840A67ED4DE}" = CCC Help Dutch
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"CCleaner" = CCleaner
"FLV Player" = FLV Player 2.0 (build 25)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"WinRAR archiver" = WinRAR 4.20 (32-Bit)
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 14.08.2012 15:36:03 | Computer Name = Windows666-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: AAMW_Service.exe, Version: 0.0.0.0,
 Zeitstempel: 0x4c7685e8  Name des fehlerhaften Moduls: engine.dll, Version: 5.0.0.50,
 Zeitstempel: 0x4ca00082  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0001dfc3  ID des fehlerhaften
 Prozesses: 0x2e4  Startzeit der fehlerhaften Anwendung: 0x01cd7a51998ebbd8  Pfad der
 fehlerhaften Anwendung: C:\Program Files\Ashampoo\Ashampoo Anti-Malware\AAMW_Service.exe
Pfad
 des fehlerhaften Moduls: C:\Program Files\Ashampoo\Ashampoo Anti-Malware\engine.dll
Berichtskennung:
 47f5b7c6-e647-11e1-ba09-0008d307a938
 
Error - 14.08.2012 15:42:49 | Computer Name = Windows666-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 15.08.2012 01:31:01 | Computer Name = Windows666-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 15.08.2012 01:42:17 | Computer Name = Windows666-PC | Source = Application Hang | ID = 1002
Description = Programm AAMW_Main.exe, Version 1.0.0.0 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: f04    Startzeit: 
01cd7aa72bddf176    Endzeit: 758    Anwendungspfad: C:\Program Files\Ashampoo\Ashampoo Anti-Malware\AAMW_Main.exe

Berichts-ID:
   
 
Error - 15.08.2012 01:56:14 | Computer Name = Windows666-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 15.08.2012 03:53:35 | Computer Name = Windows666-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 15.08.2012 03:58:58 | Computer Name = Windows666-PC | Source = Application Hang | ID = 1002
Description = Programm iexplore.exe, Version 9.0.8112.16447 kann nicht mehr unter
 Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf 
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
 zu suchen.    Prozess-ID: d3c    Startzeit: 01cd7abb70c6d41e    Endzeit: 36    Anwendungspfad: 
C:\Program Files\Internet Explorer\iexplore.exe    Berichts-ID:   
 
Error - 15.08.2012 04:02:46 | Computer Name = Windows666-PC | Source = Application Hang | ID = 1002
Description = Programm iexplore.exe, Version 9.0.8112.16447 kann nicht mehr unter
 Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf 
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
 zu suchen.    Prozess-ID: 1a0    Startzeit: 01cd7abbe003d779    Endzeit: 51    Anwendungspfad: 
C:\Program Files\Internet Explorer\iexplore.exe    Berichts-ID:   
 
Error - 15.08.2012 04:22:13 | Computer Name = Windows666-PC | Source = System Restore | ID = 8200
Description = 
 
Error - 15.08.2012 04:23:16 | Computer Name = Windows666-PC | Source = System Restore | ID = 8200
Description = 
 
[ System Events ]
Error - 13.08.2012 03:39:50 | Computer Name = Windows666-PC | Source = DCOM | ID = 10005
Description = 
 
Error - 13.08.2012 03:39:50 | Computer Name = Windows666-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht
 gestartet:   %%1053
 
Error - 13.08.2012 03:41:49 | Computer Name = Windows666-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Microsoft .NET Framework NGEN v4.0.30319_X86 erreicht.
 
Error - 14.08.2012 05:26:01 | Computer Name = Windows666-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?14.?08.?2012 um 11:24:36 unerwartet heruntergefahren.
 
Error - 14.08.2012 09:50:42 | Computer Name = Windows666-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?14.?08.?2012 um 15:49:18 unerwartet heruntergefahren.
 
Error - 14.08.2012 10:38:16 | Computer Name = Windows666-PC | Source = Service Control Manager | ID = 7022
Description = Der Dienst "Windows Update" wurde nicht richtig gestartet.
 
Error - 14.08.2012 15:11:40 | Computer Name = Windows666-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "Ashampoo Anti-Malware Service" wurde unerwartet beendet. Dies
 ist bereits 1 Mal passiert.
 
Error - 14.08.2012 15:37:19 | Computer Name = Windows666-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "Ashampoo Anti-Malware Service" wurde unerwartet beendet. Dies
 ist bereits 1 Mal passiert.
 
Error - 15.08.2012 01:54:01 | Computer Name = Windows666-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?15.?08.?2012 um 07:53:06 unerwartet heruntergefahren.
 
Error - 15.08.2012 03:51:56 | Computer Name = Windows666-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?15.?08.?2012 um 09:50:50 unerwartet heruntergefahren.
 
 
< End of report >
         
--- --- ---

 

Themen zu Trace.Registry.trojan-dropper.win32.inject!E1 entfernen
adobe, bho, c:\windows\system32\cmd.exe, defender, desktop, einstellungen, entfernen, error, firefox, flash player, format, google, helper, iexplore.exe, install.exe, installation, logfile, malware, object, plug-in, rundll, scan, security, software, taskhost.exe, traces, udp, vista, windows




Ähnliche Themen: Trace.Registry.trojan-dropper.win32.inject!E1 entfernen


  1. Win 10: Infektion mit Trace.Registry.VirusShield2009!A2 und einigen PUP´s
    Log-Analyse und Auswertung - 20.09.2015 (20)
  2. Kaspersky findet Backdoor.Win32.Zaccess, Trojan-Ransom.Win32.Gimeno, Trojan.Win32.Inject
    Log-Analyse und Auswertung - 01.02.2014 (17)
  3. Windos Vista - Trace.Registry.Trymedia (A)
    Log-Analyse und Auswertung - 30.10.2013 (6)
  4. Groupon Trojaner - Trojan.win32.inject.fexk
    Log-Analyse und Auswertung - 08.03.2013 (3)
  5. Trojan.win32.inject.fbmn als MMS-Anhang im Mailpostfach unter Mac
    Alles rund um Mac OSX & Linux - 21.02.2013 (1)
  6. PWS:Win32/Zbot malware : Trojan.Phex.TGen (File) und Trojan.Agent.IET (Registry Value und File)
    Log-Analyse und Auswertung - 16.01.2013 (15)
  7. Trace.Registry.trojan-dropper.win32.inject!E1
    Plagegeister aller Art und deren Bekämpfung - 28.09.2012 (6)
  8. Verschlüsselungs Trojaner und warscheinlich noch mehr: Trojan.Win32.Inject.efnl
    Log-Analyse und Auswertung - 03.07.2012 (5)
  9. Trojaner 'TR/Inject.eava' [trojan] - wie entfernen?
    Plagegeister aller Art und deren Bekämpfung - 16.05.2012 (8)
  10. Infizierung mit Trojan.Win32.Inject.arpx!A2 - Wie lässt sich dieser Trojaner entfernen
    Plagegeister aller Art und deren Bekämpfung - 25.05.2011 (10)
  11. Mehrere Viren u.a. Trojan-Dropper.Win32.FrauDrop.bdq, Trojan.Win32.Generic
    Log-Analyse und Auswertung - 13.09.2010 (5)
  12. trojan.dropper & malware.trace
    Plagegeister aller Art und deren Bekämpfung - 15.07.2010 (9)
  13. Virus.Win32.Protector.f & Trojan-Dropper.Win32.delf.eu
    Log-Analyse und Auswertung - 19.05.2010 (13)
  14. Facebook trojaner Trojan.Win32.Inject.apdr
    Plagegeister aller Art und deren Bekämpfung - 03.05.2010 (7)
  15. Heur.Invader, Trojan.Win32.Inject.mf oder was ganz anderes?
    Log-Analyse und Auswertung - 15.07.2008 (10)
  16. Trace.Registry.Autumn Waterfalls Screen Saver und Trace.Registry.Heavenly Hibiscus
    Plagegeister aller Art und deren Bekämpfung - 29.01.2008 (7)
  17. Trojan.Banker.VB.0D9D0998 und Trojan-Dropper.Win32.Agent.wd
    Log-Analyse und Auswertung - 04.10.2005 (2)

Zum Thema Trace.Registry.trojan-dropper.win32.inject!E1 entfernen - Hallo, Emsisoft Malware 6.6 findet nach jedem Scan Trace.Registry.trojan-dropper.win32.inject!E1. Bitte um Hilfe diesen zu entfernen. Emsisoft Anti-Malware - Version 6.6 Letztes Update: 15.08.2012 10:44:27 Scan Einstellungen: Scan Methode: Smart Scan - Trace.Registry.trojan-dropper.win32.inject!E1 entfernen...
Archiv
Du betrachtest: Trace.Registry.trojan-dropper.win32.inject!E1 entfernen auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.