| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: BKA Trojaner - kein Abgesicherter Modus - kein InternetWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
27.03.2013, 14:12
| #1 |
| |  BKA Trojaner - kein Abgesicherter Modus - kein Internet Hallo, mein Bruder brachte mir seinen Rechner mit den Worten, da ist der BKA Trojaner drauf. Nun soll ich das Problem beseitigen. Normaler Systemstart: Weißer Screen im Vordergrund, man kommt nicht an den Desktop ran. Abgesicherter Modus: Sofortiger Systemneustart nach Bootvorgang HitmanPro: Bootet, findet dann kein Internet, obwohl Netzwerkkabel angeschlossen ist. Eventuell könnt ihr mir ja helfen. Habe hier mal mit der OTLPENet.exe einen Scan erstellt. OTL Logfile: Code:
ATTFilter OTL logfile created on: 3/27/2013 3:22:05 PM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Windows 7 Home Premium Service Pack 1 (Version = 6.1.7601) - Type = System
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 89.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 97.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = E: | %SystemRoot% = E:\Windows | %ProgramFiles% = E:\Program Files
Drive C: | 100.00 Mb Total Space | 65.85 Mb Free Space | 65.85% Space Free | Partition Type: NTFS
Drive E: | 900.41 Gb Total Space | 652.39 Gb Free Space | 72.45% Space Free | Partition Type: NTFS
Drive F: | 30.00 Gb Total Space | 19.17 Gb Free Space | 63.88% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
========== Win32 Services (SafeList) ==========
SRV - File not found [On_Demand] -- -- (Winmgmt)
SRV - File not found [Disabled] -- -- (Browser Manager)
SRV - [2013/03/27 08:09:04 | 000,106,280 | ---- | M] (SurfRight B.V.) [Auto] -- E:\Program Files\HitmanPro\hmpsched.exe -- (HitmanProScheduler)
SRV - [2013/03/13 01:04:31 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- E:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/11/15 18:34:30 | 005,814,904 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto] -- E:\Program Files\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012/10/22 08:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto] -- E:\Program Files\AVG\AVG2013\avgwdsvc.exe -- (avgwd)
SRV - [2012/01/18 08:38:28 | 000,155,320 | ---- | M] (Avanquest Software) [On_Demand] -- E:\Program Files\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2011/06/08 07:02:00 | 000,633,856 | ---- | M] (Nokia) [On_Demand] -- E:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011/02/18 07:08:18 | 001,517,376 | ---- | M] (TuneUp Software) [Auto] -- E:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2011/02/18 07:05:52 | 000,029,504 | ---- | M] (TuneUp Software) [Auto] -- E:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
SRV - [2010/01/08 09:23:58 | 000,303,104 | ---- | M] (Wistron Corporation) [Auto] -- E:\Program Files\RemoteKeySrv\RemoteKeySrv.exe -- (RemoteKeySrv)
SRV - [2009/12/09 13:02:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto] -- E:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2009/11/06 22:46:52 | 000,020,480 | ---- | M] (X10) [Auto] -- E:\Program Files\Common Files\X10\Common\X10nets.exe -- (x10nets)
SRV - [2009/07/13 21:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand] -- E:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 21:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto] -- E:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/07/01 13:03:12 | 000,582,944 | ---- | M] (Broadcom Corporation.) [Auto] -- E:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2009/02/03 09:53:00 | 001,155,072 | ---- | M] (MAGIX AG) [Disabled] -- E:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2008/08/07 05:10:02 | 003,276,800 | ---- | M] (MAGIX®) [Disabled] -- E:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2007/07/24 06:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto] -- E:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand] -- -- (lgbusenum)
DRV - [2013/03/27 08:38:41 | 000,030,616 | ---- | M] () [Kernel | On_Demand] -- E:\Windows\System32\drivers\hitmanpro37.sys -- (hitmanpro37)
DRV - [2012/11/15 18:33:26 | 000,094,048 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot] -- E:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2012/10/22 08:02:46 | 000,179,936 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System] -- E:\Windows\System32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2012/10/14 22:48:52 | 000,055,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot] -- E:\Windows\System32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2012/10/01 22:30:38 | 000,159,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- E:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2012/09/20 22:46:06 | 000,164,832 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- E:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2012/09/20 22:46:00 | 000,177,376 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot] -- E:\Windows\System32\drivers\avglogx.sys -- (Avglogx)
DRV - [2012/09/20 22:45:54 | 000,019,936 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System] -- E:\Windows\System32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2012/09/13 22:05:20 | 000,035,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot] -- E:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/05/18 04:12:38 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand] -- E:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2011/05/18 04:12:36 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand] -- E:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2011/05/18 04:12:32 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand] -- E:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2011/05/18 04:12:28 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand] -- E:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010/12/23 12:35:02 | 000,025,088 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand] -- E:\Windows\System32\drivers\lgandmodem.sys -- (ANDModem)
DRV - [2010/12/23 12:35:00 | 000,020,736 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand] -- E:\Windows\System32\drivers\lganddiag.sys -- (AndDiag)
DRV - [2010/12/23 12:35:00 | 000,020,096 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand] -- E:\Windows\System32\drivers\lgandgps.sys -- (AndGps)
DRV - [2010/12/23 12:35:00 | 000,014,336 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand] -- E:\Windows\System32\drivers\lgandbus.sys -- (Andbus)
DRV - [2010/11/29 13:27:40 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand] -- E:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2010/11/20 06:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 05:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/01/07 04:05:26 | 000,182,304 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- E:\Windows\System32\Drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2009/12/22 08:43:16 | 001,558,368 | ---- | M] (NXP Semiconductors Germany GmbH) [Kernel | On_Demand] -- E:\Windows\System32\drivers\NxpCap.sys -- (NxpCap)
DRV - [2009/12/16 05:14:14 | 000,991,776 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand] -- E:\Windows\System32\drivers\rtl8192se.sys -- (rtl8192se)
DRV - [2009/12/03 06:26:22 | 009,941,512 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009/10/29 06:20:40 | 000,010,360 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand] -- E:\Windows\system32\DRIVERS\hidkmdf.sys -- (hidkmdf)
DRV - [2009/10/29 06:20:38 | 000,022,392 | ---- | M] () [Kernel | On_Demand] -- E:\Windows\system32\DRIVERS\NW1950.sys -- (NW1950)
DRV - [2009/10/13 08:03:28 | 000,067,688 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2009/10/05 05:08:42 | 000,065,584 | ---- | M] (Citrix Systems, Inc.) [Kernel | System] -- E:\Windows\System32\drivers\ctxusbm.sys -- (ctxusbm)
DRV - [2009/07/01 07:46:20 | 000,043,944 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand] -- E:\Windows\System32\drivers\btusbflt.sys -- (btusbflt)
DRV - [2009/05/13 07:47:30 | 000,027,160 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand] -- E:\Windows\System32\Drivers\x10ufx2.sys -- (XUIF)
DRV - [2009/05/13 07:26:26 | 000,013,720 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand] -- E:\Windows\System32\Drivers\x10hid.sys -- (X10Hid)
DRV - [2008/08/26 04:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand] -- E:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007/02/15 20:57:04 | 000,034,760 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand] -- E:\Windows\System32\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV - [2005/12/08 09:33:40 | 000,004,096 | ---- | M] (Wistron) [Kernel | On_Demand] -- E:\Program Files\RemoteKeySrv\GENPORT.sys -- (genport)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com/?crg=3.1010000&st=18&barid={0CFFAE64-DC8A-11E0-999D-1C4BD60BB893}
IE - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - E:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - E:\Program Files\softonic-de3\tbsoft.dll (Conduit Ltd.)
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: E:\Windows\System32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: E:\Windows\System32\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: E:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: E:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: E:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: E:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: E:\Program Files\Virtual Earth 3D\ [2010/01/08 06:06:16 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: E:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00: E:\Program Files\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: E:\Program Files\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: E:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: E:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: E:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2011/09/11 12:04:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011/09/11 12:04:17 | 000,000,000 | ---D | M]
[2012/11/03 15:00:49 | 000,000,000 | ---D | M] (No name found) -- E:\Program Files\Mozilla Firefox\extensions
[2010/09/28 12:14:06 | 000,002,040 | ---- | M] () -- E:\Program Files\mozilla firefox\searchplugins\fcmdSrchstonicde.xml
O1 HOSTS File: ([2009/06/10 17:39:37 | 000,000,824 | ---- | M]) - E:\Windows\System32\drivers\etc\hosts
O2 - BHO: (IE7Pro BHO) - {00011268-E188-40DF-A514-835FCD78B1BF} - E:\Program Files\IEPro\IEPro.dll (IE7Pro.com)
O2 - BHO: (Claro LTD Helper Object) - {000F18F2-09EB-4A59-82B2-5AE4184C39C3} - E:\Program Files\Claro LTD\claro\1.8.3.10\bh\claro.dll (Montera Technologeis LTD)
O2 - BHO: (Savings Sidekick) - {11111111-1111-1111-1111-110011501160} - E:\Program Files\Savings Sidekick\Savings Sidekick.dll (215 Apps)
O2 - BHO: (HistoryTriggerBHO Class) - {21A88CB9-84D2-4020-A2D1-B25A21034884} - E:\Program Files\LG Electronics\LG PC Suite IV\LinkAir\LinkAirBrowserHelper.dll (LG Electronics)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - E:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - E:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - E:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
O2 - BHO: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - E:\Program Files\softonic-de3\tbsoft.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - E:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - E:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - E:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Claro LTD Toolbar) - {9E131A93-EED7-4BEB-B015-A0ADB30B5646} - E:\Program Files\Claro LTD\claro\1.8.3.10\claroTlbr.dll (Montera Technologeis LTD)
O3 - HKLM\..\Toolbar: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - E:\Program Files\IEPro\IEProRecorder.dll ()
O3 - HKLM\..\Toolbar: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - E:\Program Files\softonic-de3\tbsoft.dll (Conduit Ltd.)
O4 - HKLM..\Run: [AgentMonitor] E:\Program Files\VTech\DownloadManager\System\AgentMonitor.exe ()
O4 - HKLM..\Run: [AVG_UI] E:\Program Files\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [CloneCDTray] E:\Program Files\SlySoft\CloneCD\CloneCDTray.exe (SlySoft, Inc.)
O4 - HKLM..\Run: [ConnectionCenter] E:\Program Files\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] E:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [RtHDVBg] E:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Sweetpacks Communicator] E:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [WinampAgent] E:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKLM..\Run: [WireLessKeyboard] File not found
O4 - HKLM..\Run: [WireLessMouse] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - E:\Program Files\IEPro\IEPro.dll (IE7Pro.com)
O9 - Extra 'Tools' menuitem : IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - E:\Program Files\IEPro\IEPro.dll (IE7Pro.com)
O9 - Extra Button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - E:\Program Files\IEPro\IEPro.dll (IE7Pro.com)
O9 - Extra 'Tools' menuitem : IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - E:\Program Files\IEPro\IEPro.dll (IE7Pro.com)
O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - File not found
O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - File not found
O9 - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - E:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - E:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O13 - gopher Prefix: missing
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - Reg Error: Key error. File not found
O18 - Protocol\Filter\application/x-ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - E:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - E:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O20 - AppInit_DLLs: (c:\progra~2\browse~1\24897~1.175\{61d8b~1\browse~1.dll) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - E:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - E:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O24 - Desktop WallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O27 - HKLM IFEO\youpaint.exe: Debugger - "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" (TuneUp Software)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 17:42:20 | 000,000,024 | ---- | M] () - E:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2013/03/27 08:09:03 | 000,000,000 | ---D | C] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
[2013/03/27 08:09:03 | 000,000,000 | ---D | C] -- E:\Program Files\HitmanPro
[2013/03/27 08:06:31 | 000,000,000 | ---D | C] -- E:\ProgramData\HitmanPro
[2013/03/25 05:03:32 | 000,000,000 | ---D | C] -- E:\Program Files\Klett
[2013/03/20 15:46:11 | 000,015,872 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\drivers\usb8023.sys
[2013/03/14 17:37:31 | 002,382,848 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\mshtml.tlb
[2013/03/14 17:37:31 | 000,420,864 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\vbscript.dll
[2013/03/14 17:37:30 | 000,607,744 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\msfeeds.dll
[2013/03/14 17:37:30 | 000,176,640 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\ieui.dll
[2013/03/14 17:37:30 | 000,142,848 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\ieUnatt.exe
[2013/03/14 17:37:30 | 000,065,024 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\jsproxy.dll
[2013/03/14 17:37:29 | 001,800,704 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\jscript9.dll
[2013/03/14 17:37:29 | 000,717,824 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\jscript.dll
[2013/03/14 17:37:29 | 000,231,936 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\url.dll
[2013/03/14 17:37:28 | 001,427,968 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\inetcpl.cpl
[2013/03/08 03:49:00 | 000,000,000 | ---D | C] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2013/02/27 02:03:33 | 000,187,392 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\UIAnimation.dll
[2013/02/27 02:03:31 | 000,417,792 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\WMPhoto.dll
[2013/02/27 02:03:30 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/02/27 02:03:30 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/02/27 02:03:30 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/02/27 02:03:29 | 002,284,544 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\msmpeg2vdec.dll
[2013/02/27 02:03:29 | 001,988,096 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\d3d10warp.dll
[2013/02/27 02:03:29 | 000,364,544 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\XpsGdiConverter.dll
[2013/02/27 02:03:29 | 000,293,376 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\dxgi.dll
[2013/02/27 02:03:29 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/02/27 02:03:29 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/02/27 02:03:29 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/02/27 02:03:29 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/02/27 02:03:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
[2013/02/27 02:03:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/02/27 02:03:28 | 001,504,768 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\d3d11.dll
[2013/02/27 02:03:28 | 001,247,744 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\DWrite.dll
[2013/02/27 02:03:28 | 001,158,144 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\XpsPrint.dll
[2013/02/27 02:03:28 | 001,080,832 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\d3d10.dll
[2013/02/27 02:03:28 | 000,604,160 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\d3d10level9.dll
[2013/02/27 02:03:28 | 000,249,856 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\d3d10_1core.dll
[2013/02/27 02:03:28 | 000,220,160 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\d3d10core.dll
[2013/02/27 02:03:28 | 000,207,872 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\WindowsCodecsExt.dll
[2013/02/27 02:03:28 | 000,161,792 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\d3d10_1.dll
[2013/02/27 02:03:27 | 003,419,136 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\d2d1.dll
========== Files - Modified Within 30 Days ==========
[2013/03/27 08:48:37 | 000,067,584 | --S- | M] () -- E:\Windows\bootstat.dat
[2013/03/27 08:44:41 | 000,001,112 | ---- | M] () -- E:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/03/27 08:40:38 | 000,009,696 | ---- | M] () -- E:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/03/27 08:40:38 | 000,009,696 | ---- | M] () -- E:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/03/27 08:38:41 | 000,030,616 | ---- | M] () -- E:\Windows\System32\drivers\hitmanpro37.sys
[2013/03/27 08:33:28 | 2414,432,256 | -HS- | M] () -- E:\hiberfil.sys
[2013/03/27 08:28:11 | 354,688,689 | ---- | M] () -- E:\Windows\MEMORY.DMP
[2013/03/27 08:16:42 | 000,001,913 | ---- | M] () -- E:\Users\Public\Desktop\HitmanPro.lnk
[2013/03/27 08:09:04 | 000,000,000 | ---D | M] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
[2013/03/27 08:04:16 | 000,000,884 | ---- | M] () -- E:\Windows\tasks\Adobe Flash Player Updater.job
[2013/03/27 08:04:11 | 000,001,160 | ---- | M] () -- E:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3929648755-4095274106-2058949298-1000UA.job
[2013/03/27 05:14:00 | 000,001,116 | ---- | M] () -- E:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/03/25 05:04:45 | 000,001,053 | ---- | M] () -- E:\Users\Public\Desktop\Kunterbunt 1.lnk
[2013/03/23 02:04:00 | 000,001,108 | ---- | M] () -- E:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3929648755-4095274106-2058949298-1000Core.job
[2013/03/22 08:49:35 | 000,000,900 | -HS- | M] () -- E:\ProgramData\KGyGaAvL.sys
[2013/03/14 17:38:39 | 000,000,000 | ---D | M] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013/03/13 01:04:16 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- E:\Windows\System32\FlashPlayerApp.exe
[2013/03/13 01:04:15 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- E:\Windows\System32\FlashPlayerCPLApp.cpl
[2013/03/08 03:49:00 | 000,000,955 | ---- | M] () -- E:\Users\Public\Desktop\AVG 2013.lnk
[2013/03/08 03:49:00 | 000,000,000 | ---D | M] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
========== Files Created - No Company Name ==========
[2013/03/27 08:38:41 | 000,030,616 | ---- | C] () -- E:\Windows\System32\drivers\hitmanpro37.sys
[2013/03/27 08:09:04 | 000,001,913 | ---- | C] () -- E:\Users\Public\Desktop\HitmanPro.lnk
[2013/03/27 08:08:17 | 354,688,689 | ---- | C] () -- E:\Windows\MEMORY.DMP
[2013/03/25 05:04:45 | 000,001,053 | ---- | C] () -- E:\Users\Public\Desktop\Kunterbunt 1.lnk
[2012/12/22 19:29:53 | 095,023,320 | ---- | C] () -- E:\ProgramData\dsgsdgdsgdsgw.pad
[2012/12/08 10:34:27 | 000,000,041 | -HS- | C] () -- E:\ProgramData\.zreglib
[2012/08/16 18:34:59 | 004,503,728 | ---- | C] () -- E:\ProgramData\23lldnur.pad
[2012/08/16 18:18:41 | 004,503,728 | ---- | C] () -- E:\ProgramData\ism_0_llatsni.pad
[2011/07/03 04:13:49 | 000,252,928 | ---- | C] () -- E:\Windows\System32\DShowRdpFilter.dll
[2010/11/28 11:14:11 | 000,000,900 | -HS- | C] () -- E:\ProgramData\KGyGaAvL.sys
[2010/11/28 11:05:13 | 000,087,040 | ---- | C] () -- E:\Windows\System32\TrayIcon12.dll
[2010/11/28 11:05:13 | 000,061,952 | ---- | C] () -- E:\Windows\System32\ajnetmask.dll
[2010/10/04 19:59:32 | 000,005,632 | ---- | C] () -- E:\Windows\System32\StarOpen.sys
[2010/01/09 11:00:58 | 000,120,200 | ---- | C] () -- E:\Windows\System32\DLLDEV32i.dll
[2010/01/08 04:39:19 | 000,451,072 | ---- | C] () -- E:\Windows\System32\ISSRemoveSP.exe
[2010/01/08 04:05:02 | 000,149,504 | ---- | C] () -- E:\Windows\unwise32_setup.exe
[2010/01/08 04:05:02 | 000,127,184 | ---- | C] () -- E:\Windows\Unwise.exe
[2010/01/08 04:04:11 | 000,073,728 | ---- | C] () -- E:\Windows\System32\RtNicProp32.dll
[2010/01/08 03:57:53 | 000,013,224 | ---- | C] () -- E:\Windows\System32\drivers\RtPCEE3.DAT
[2010/01/07 04:22:31 | 000,007,648 | ---- | C] () -- E:\Windows\System32\716xCoInstaller.dll
[2010/01/07 04:22:31 | 000,000,480 | ---- | C] () -- E:\Windows\11317231_001416BE_ca.bin
[2010/01/07 04:22:31 | 000,000,480 | ---- | C] () -- E:\Windows\11317231_001316BE_ca.bin
[2010/01/07 04:22:31 | 000,000,480 | ---- | C] () -- E:\Windows\11317231_001216BE_ca.bin
[2009/12/02 18:50:04 | 000,041,808 | ---- | C] () -- E:\Windows\System32\nvcoproc.bin
[2009/12/02 18:50:00 | 000,330,344 | ---- | C] () -- E:\Windows\System32\easyUpdatusAPIU.dll
[2009/10/29 06:20:42 | 008,824,824 | ---- | C] () -- E:\Windows\System32\drivers\NWTransLib.sys
[2009/10/29 06:20:38 | 000,022,392 | ---- | C] () -- E:\Windows\System32\drivers\NW1950.sys
[2009/08/03 10:07:42 | 000,403,816 | ---- | C] () -- E:\Windows\System32\OGACheckControl.dll
[2009/08/03 10:07:42 | 000,230,768 | ---- | C] () -- E:\Windows\System32\OGAEXEC.exe
[2009/07/14 04:47:43 | 000,654,150 | ---- | C] () -- E:\Windows\System32\perfh007.dat
[2009/07/14 04:47:43 | 000,295,922 | ---- | C] () -- E:\Windows\System32\perfi007.dat
[2009/07/14 04:47:43 | 000,130,022 | ---- | C] () -- E:\Windows\System32\perfc007.dat
[2009/07/14 04:47:43 | 000,038,104 | ---- | C] () -- E:\Windows\System32\perfd007.dat
[2009/07/14 00:57:37 | 000,067,584 | --S- | C] () -- E:\Windows\bootstat.dat
[2009/07/14 00:33:53 | 000,384,936 | ---- | C] () -- E:\Windows\System32\FNTCACHE.DAT
[2009/07/13 22:05:48 | 000,616,032 | ---- | C] () -- E:\Windows\System32\perfh009.dat
[2009/07/13 22:05:48 | 000,291,294 | ---- | C] () -- E:\Windows\System32\perfi009.dat
[2009/07/13 22:05:48 | 000,106,412 | ---- | C] () -- E:\Windows\System32\perfc009.dat
[2009/07/13 22:05:48 | 000,031,548 | ---- | C] () -- E:\Windows\System32\perfd009.dat
[2009/07/13 22:05:05 | 000,000,741 | ---- | C] () -- E:\Windows\System32\NOISE.DAT
[2009/07/13 22:04:11 | 000,215,943 | ---- | C] () -- E:\Windows\System32\dssec.dat
[2009/07/13 19:55:01 | 000,043,131 | ---- | C] () -- E:\Windows\mib.bin
[2009/07/13 19:51:43 | 000,073,728 | ---- | C] () -- E:\Windows\System32\BthpanContextHandler.dll
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- E:\Windows\System32\BWContextHandler.dll
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- E:\Windows\System32\mlang.dat
========== LOP Check ==========
[2010/01/09 11:01:15 | 000,000,000 | ---D | M] -- E:\ProgramData\ALDI Foto Service
[2010/01/09 11:02:04 | 000,000,000 | ---D | M] -- E:\ProgramData\ALDI Nord Foto Service
[2010/01/09 11:03:21 | 000,000,000 | ---D | M] -- E:\ProgramData\Aldi Nord Fotoservice
[2010/11/28 09:08:29 | 000,000,000 | -HSD | M] -- E:\ProgramData\Anwendungsdaten
[2009/07/14 00:53:55 | 000,000,000 | -HSD | M] -- E:\ProgramData\Application Data
[2010/01/08 06:06:25 | 000,000,000 | ---D | M] -- E:\ProgramData\Applications
[2011/10/25 04:40:46 | 000,000,000 | ---D | M] -- E:\ProgramData\Ask
[2013/01/19 12:19:40 | 000,000,000 | ---D | M] -- E:\ProgramData\AVG2013
[2012/11/03 15:00:37 | 000,000,000 | ---D | M] -- E:\ProgramData\Babylon
[2010/11/28 10:03:44 | 000,000,000 | -H-D | M] -- E:\ProgramData\CanonBJ
[2010/12/07 05:41:47 | 000,000,000 | -H-D | M] -- E:\ProgramData\CanonIJScan
[2011/02/17 08:55:25 | 000,000,000 | ---D | M] -- E:\ProgramData\Citrix
[2012/05/04 11:56:25 | 000,000,000 | -H-D | M] -- E:\ProgramData\Common Files
[2009/07/14 00:53:55 | 000,000,000 | -HSD | M] -- E:\ProgramData\Desktop
[2009/07/14 00:53:55 | 000,000,000 | -HSD | M] -- E:\ProgramData\Documents
[2010/11/28 09:08:29 | 000,000,000 | -HSD | M] -- E:\ProgramData\Dokumente
[2011/09/11 10:34:25 | 000,000,000 | ---D | M] -- E:\ProgramData\DriverBoost
[2010/11/28 09:08:29 | 000,000,000 | -HSD | M] -- E:\ProgramData\Favoriten
[2009/07/14 00:53:55 | 000,000,000 | -HSD | M] -- E:\ProgramData\Favorites
[2013/03/27 08:38:41 | 000,000,000 | ---D | M] -- E:\ProgramData\HitmanPro
[2012/11/03 15:00:36 | 000,000,000 | ---D | M] -- E:\ProgramData\IBUpdaterService
[2011/08/28 06:15:33 | 000,000,000 | ---D | M] -- E:\ProgramData\IM
[2011/08/28 06:14:36 | 000,000,000 | ---D | M] -- E:\ProgramData\IncrediMail
[2011/09/11 08:59:06 | 000,000,000 | ---D | M] -- E:\ProgramData\Installations
[2010/09/28 03:44:35 | 000,000,000 | ---D | M] -- E:\ProgramData\MAGIX
[2013/03/27 05:02:39 | 000,000,000 | ---D | M] -- E:\ProgramData\MFAData
[2011/09/11 12:02:37 | 000,000,000 | ---D | M] -- E:\ProgramData\NokiaInstallerCache
[2011/09/11 09:12:52 | 000,000,000 | ---D | M] -- E:\ProgramData\PC Suite
[2012/09/06 10:45:27 | 000,000,000 | ---D | M] -- E:\ProgramData\RavensburgerTipToi
[2012/12/25 09:21:01 | 000,000,000 | ---D | M] -- E:\ProgramData\Sony
[2009/07/14 00:53:55 | 000,000,000 | -HSD | M] -- E:\ProgramData\Start Menu
[2010/11/28 09:08:29 | 000,000,000 | -HSD | M] -- E:\ProgramData\Startmenü
[2012/06/10 04:20:38 | 000,000,000 | ---D | M] -- E:\ProgramData\SweetIM
[2012/10/31 10:06:45 | 000,000,000 | ---D | M] -- E:\ProgramData\Temp
[2009/07/14 00:53:55 | 000,000,000 | -HSD | M] -- E:\ProgramData\Templates
[2012/04/06 05:37:54 | 000,000,000 | ---D | M] -- E:\ProgramData\TuneUp Software
[2010/11/28 09:08:29 | 000,000,000 | -HSD | M] -- E:\ProgramData\Vorlagen
[2012/07/14 10:12:28 | 000,000,000 | ---D | M] -- E:\ProgramData\VTech
[2010/12/18 05:55:22 | 000,000,000 | ---D | M] -- E:\ProgramData\WinZip
[2011/11/16 13:09:57 | 000,000,000 | ---D | M] -- E:\ProgramData\X10 Settings
[2012/04/06 05:32:03 | 000,000,000 | -HSD | M] -- E:\ProgramData\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
[2012/03/16 15:32:58 | 000,000,000 | -HSD | M] -- E:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2010/01/08 06:40:20 | 000,000,000 | ---D | M] -- E:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}
[2012/03/16 15:19:19 | 000,000,000 | ---D | M] -- E:\ProgramData\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}
[2013/01/19 07:42:46 | 000,000,000 | -HSD | M] -- E:\ProgramData\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}
[2012/11/06 00:57:52 | 000,000,000 | ---D | M] -- E:\ProgramData\~Browser Manager
[2013/03/02 02:41:31 | 000,032,632 | ---- | M] () -- E:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 24 bytes -> E:\Windows:71471DA5CCD27382
@Alternate Data Stream - 133 bytes -> E:\ProgramData\Temp:0B4227B4
< End of report >
Geändert von Retrogamer (27.03.2013 um 14:24 Uhr) |
| Themen zu BKA Trojaner - kein Abgesicherter Modus - kein Internet |
| autorun, avg, bho, browser, browser manager, defender, desktop, downloader, ebay, error, firefox, flash player, format, helper, home, internet, kein internet, logfile, monitor, monitor.exe, object, plug-in, preferences, problem, realtek, registry, scan, software, sweetpacks, trojaner |
Baum-Darstellung