Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Polizeivirus, Sperrbildschirm, kein abgesicherter Modus

Polizeivirus, Sperrbildschirm, kein abgesicherter Modus


Plagegeister aller Art und deren Bekämpfung: Polizeivirus, Sperrbildschirm, kein abgesicherter Modus

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 29.05.2013, 08:39   #1
LordArcras
 
Polizeivirus, Sperrbildschirm, kein abgesicherter Modus - Standard

Polizeivirus, Sperrbildschirm, kein abgesicherter Modus


Hallo Trojaner-Board!

Am Montag habe ich mir offensichtlich den Polizeivirus eingefangen. Ich habe Windows Vista.
Der Sperrbildschirm lässt sich nicht umgehen, Abgesicherter Modus fährt sofort wieder runter.

Ich habe einen OTLpe-Scan durchgeführt und poste hier den durchgeführten Log.

Für Hilfe wäre ich wirklich dankbar.

Mfg LordArcras


Code:
ATTFilter
OTL logfile created on: 5/29/2013 10:20:12 AM - Run 
OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE
Windows Vista (TM) Home Premium Service Pack 1 (Version = 6.0.6001) - Type = System
Internet Explorer (Version = 8.0.6001.19088)
Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 91.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 124.78 Gb Total Space | 37.21 Gb Free Space | 29.82% Space Free | Partition Type: NTFS
Drive D: | 24.25 Gb Total Space | 14.57 Gb Free Space | 60.08% Space Free | Partition Type: FAT32
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
 
========== Win32 Services (SafeList) ==========
 
SRV - [2012/07/05 00:03:18 | 000,343,024 | ---- | M] () [Auto] -- C:\Program Files\3DataManager\WTGService.exe -- (WTGService)
SRV - [2012/06/11 10:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) [On_Demand] -- C:\Program Files\Microsoft\BingBar\7.1.391.0\SeaPort.EXE -- (BBUpdate)
SRV - [2012/06/11 10:22:16 | 000,193,616 | ---- | M] (Microsoft Corporation.) [Auto] -- C:\Program Files\Microsoft\BingBar\7.1.391.0\BBSvc.EXE -- (BBSvc)
SRV - [2010/07/30 03:24:16 | 000,069,632 | ---- | M] () [Auto] -- C:\Program Files\TP-LINK\TWCU\COMMON\RegistryWriter.exe -- (RalinkRegistryWriter)
SRV - [2009/09/21 04:48:10 | 000,954,368 | ---- | M] (Wireless) [On_Demand] -- C:\Program Files\TP-LINK\QSS\jswpsapi.exe -- (jswpsapi)
SRV - [2009/09/21 04:48:10 | 000,188,416 | ---- | M] (Wireless) [Auto] -- C:\Program Files\TP-LINK\QSS\jswpbapi.exe -- (jswpbapi)
SRV - [2009/07/21 09:34:28 | 000,185,089 | ---- | M] (Avira GmbH) [Auto] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009/05/13 11:48:18 | 000,108,289 | ---- | M] (Avira GmbH) [Auto] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2008/01/19 03:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/01/01 05:39:28 | 000,069,120 | ---- | M] (Google) [On_Demand] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe -- (GoogleDesktopManager)
SRV - [2007/11/02 07:31:08 | 000,040,960 | ---- | M] (Softex Inc.) [Auto] -- C:\Program Files\Softex\OmniPass\OmniServ.exe -- (omniserv)
SRV - [2007/09/11 10:37:58 | 000,118,784 | ---- | M] (Wistron Corp.) [On_Demand] -- C:\Program Files\Launch Manager\WisLMSvc.exe -- (WisLMSvc)
SRV - [2007/07/12 11:36:12 | 000,354,840 | ---- | M] (Intel Corporation) [Auto] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2006/11/10 02:12:30 | 000,099,936 | ---- | M] () [On_Demand] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2005/11/17 10:18:52 | 001,527,900 | ---- | M] (MAGIX®) [On_Demand] -- C:\Program Files\Hofer Foto Service\Common\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand] --  -- (ZTEusbser6k)
DRV - File not found [Kernel | On_Demand] --  -- (ZTEusbnmea)
DRV - File not found [Kernel | On_Demand] --  -- (ZTEusbmdm6k)
DRV - File not found [Kernel | On_Demand] --  -- (USBCCID)
DRV - File not found [Kernel | On_Demand] --  -- (Tosrfusb)
DRV - File not found [Kernel | On_Demand] --  -- (TosRfSnd)
DRV - File not found [Kernel | On_Demand] --  -- (tosrfnds)
DRV - File not found [Kernel | On_Demand] --  -- (Tosrfhid)
DRV - File not found [Kernel | On_Demand] --  -- (Tosrfcom)
DRV - File not found [Kernel | On_Demand] --  -- (tosrfbnp)
DRV - File not found [Kernel | On_Demand] --  -- (tosrfbd)
DRV - File not found [Kernel | On_Demand] --  -- (tosporte)
DRV - File not found [Kernel | On_Demand] --  -- (RtsUIR)
DRV - File not found [Kernel | On_Demand] --  -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand] --  -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand] --  -- (massfilter)
DRV - File not found [Kernel | On_Demand] --  -- (IpInIp)
DRV - File not found [Kernel | On_Demand] --  -- (hwusbdev)
DRV - [2013/04/13 07:00:48 | 000,027,520 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ew_juextctrl.sys -- (huawei_ext_ctrl)
DRV - [2013/04/13 07:00:48 | 000,011,136 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ew_usbenumfilter.sys -- (ew_usbenumfilter)
DRV - [2013/04/13 07:00:47 | 000,199,168 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2013/04/13 07:00:47 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV - [2013/04/13 07:00:47 | 000,095,616 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ew_jucdcacm.sys -- (huawei_cdcacm)
DRV - [2013/04/13 07:00:47 | 000,076,544 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV - [2013/04/13 07:00:47 | 000,067,584 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ew_jucdcecm.sys -- (huawei_cdcecm)
DRV - [2010/07/27 16:52:10 | 001,434,624 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\athur.sys -- (athur)
DRV - [2010/01/01 15:54:47 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009/09/21 04:48:12 | 000,020,384 | ---- | M] (Atheros Communications, Inc.) [Kernel | System] -- C:\Windows\System32\drivers\jswpslwf.sys -- (jswpslwf)
DRV - [2009/06/04 04:45:48 | 000,166,912 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2009/05/11 05:12:20 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/03/30 05:33:03 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2009/02/13 07:35:01 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2007/12/18 06:31:00 | 007,630,368 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2007/08/28 10:47:36 | 000,146,560 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\atswpdrv.sys -- (ATSWPDRV) AuthenTec TruePrint USB Driver (SwipeSensor)
DRV - [2007/08/22 14:50:38 | 001,749,760 | ---- | M] () [Kernel | On_Demand] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2007/07/31 06:58:18 | 000,908,896 | ---- | M] (NXP Semiconductors Germany GmbH) [Kernel | On_Demand] -- C:\Windows\System32\drivers\PhilCap.sys -- (PhilCap)
DRV - [2007/06/26 08:44:22 | 000,131,584 | ---- | M] (Genesys Logic, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\USBGENE.sys -- (DCamUSBGene)
DRV - [2007/06/01 05:29:04 | 000,210,736 | ---- | M] (Silicon Image, Inc) [Kernel | Boot] -- C:\Windows\System32\drivers\Si3531.sys -- (Si3531)
DRV - [2007/05/25 04:41:00 | 000,017,328 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot] -- C:\Windows\System32\drivers\SiWinAcc.sys -- (SiFilter)
DRV - [2007/05/25 04:40:58 | 000,012,464 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot] -- C:\Windows\System32\drivers\SiRemFil.sys -- (SiRemFil)
DRV - [2007/03/05 16:28:00 | 000,076,288 | ---- | M] (Realtek Corporation                                            ) [Kernel | On_Demand] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2006/11/30 10:18:18 | 000,027,416 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\x10ufx2.sys -- (XUIF)
DRV - [2006/11/02 03:41:50 | 000,983,552 | ---- | M] (Agere Systems) [Kernel | On_Demand] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006/11/02 03:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2003/04/28 06:27:06 | 000,009,867 | ---- | M] () [Kernel | System] -- C:\Windows\System32\drivers\HOTKEY.sys -- (Hotkey)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com/
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\Peter_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com/
IE - HKU\Peter_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.telekom.at/suche
IE - HKU\Peter_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.at/
IE - HKU\Peter_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
IE - HKU\Peter_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-at
IE - HKU\Peter_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F0 33 4D 42 C5 04 CC 01  [binary data]
IE - HKU\Peter_ON_C\Software\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\Peter_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Peter_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\quickprint@hp.com: C:\Program Files\Hewlett-Packard\SmartPrint\QPExtension [2011/01/26 09:27:28 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Thunderbird\Extensions\\{0E810812-F4BB-4309-942A-755587587A5E}: C:\Program Files\BullGuard Software\BullGuard\antispam\tbspamfilter
 
 
O1 HOSTS File: ([2006/09/18 17:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (CescrtHlpr Object) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.5\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Babylon IE plugin) - {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.5\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKU\Peter_ON_C\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Babylon Client] C:\Program Files\Babylon\Babylon-Pro\Babylon.exe (Babylon Ltd.)
O4 - HKLM..\Run: [BabylonToolbar] C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.5\BabylonToolbarsrv.exe (Babylon Ltd.)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\HomeCinema\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [Corel Graphics Suite 1117] C:\Program Files\Corel\Corel Graphics 11\Register\registration.exe (Corel Corporation)
O4 - HKLM..\Run: [CtrlVol]  File not found
O4 - HKLM..\Run: [HotkeyApp] C:\Program Files\Launch Manager\HotkeyApp.exe (Wistron)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [jswtrayutil] C:\Program Files\TP-LINK\QSS\jswtrayutil.exe ()
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\HomeCinema\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe ()
O4 - HKLM..\Run: [LMgrOSD] C:\Program Files\Launch Manager\OSD.exe (Wistron Corp.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [OmniPass] C:\Program Files\Softex\OmniPass\scureapp.exe ()
O4 - HKLM..\Run: [OpwareSE4] C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PLFSetL] C:\Windows\PLFSetL.exe (sonix)
O4 - HKLM..\Run: [RemoteControl] C:\Program Files\HomeCinema\PowerDVD\PDVDServ.exe (Cyberlink Corp.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [snp2uvc]  File not found
O4 - HKLM..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [toolbar_eula_launcher] C:\Program Files\GoogleEULA\EULALauncher.exe ( )
O4 - HKLM..\Run: [UCam_Menu] C:\Program Files\HomeCinema\YouCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Wbutton] C:\Program Files\Launch Manager\Wbutton.exe (Wistron)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\LocalService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\NetworkService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\Peter_ON_C..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\Peter_ON_C..\Run: [OnlineFestplatte] C:\Program Files\aon\Onlinefestplatte\OnlineFestplatte.exe (Telekom Austria TA AG)
O4 - HKU\Peter_ON_C..\Run: [TorrentEasy_7c0b10668d1c7de649cfb82968c6d6fc03ccf2dd]  File not found
O4 - Startup: C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Photosmart 5510 series.lnk = X:\I386\SYSTEM32\RUNDLL32.EXE (Microsoft Corporation)
O8 - Extra context menu item: Translate this web page with Babylon - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)
O8 - Extra context menu item: Translate with Babylon - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll (Sun Microsystems, Inc.)
O9 - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\SmartPrint\smartprintsetup.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : SmartPrint - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\SmartPrint\smartprintsetup.exe (Hewlett-Packard)
O9 - Extra Button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)
O9 - Extra 'Tools' menuitem : Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} hxxp://gfx1.hotmail.com/mail/w3/resources/VistaMSNPUpldde-at.cab (MSN Photo Upload Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} hxxp://as.photoprintit.de/ips-opdata/layout/default_cms01/activex/IPSUploader4.cab (IPSUploader4 Control)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.94.78.17 213.94.78.16
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKU\Peter_ON_C Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKU\Peter_ON_C Winlogon: Shell - (C:\Users\Peter\AppData\Roaming\skype.dat) - C:\Users\Peter\AppData\Roaming\skype.dat ()
O24 - Desktop WallPaper: 
O24 - Desktop BackupWallPaper: 
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{385beb93-c234-11e2-92fc-0016d3899b94}\Shell - "" = AutoRun
O33 - MountPoints2\{385beb93-c234-11e2-92fc-0016d3899b94}\Shell\AutoRun\command - "" = F:\StarUSB.exe
O33 - MountPoints2\{38986d84-e5eb-11dc-8649-0015af7a9c4a}\Shell - "" = AutoRun
O33 - MountPoints2\{38986d84-e5eb-11dc-8649-0015af7a9c4a}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{38986e11-e5eb-11dc-8649-0015af7a9c4a}\Shell - "" = AutoRun
O33 - MountPoints2\{38986e11-e5eb-11dc-8649-0015af7a9c4a}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{6853cf71-0fcd-11dd-ae3d-0015af7a9c4a}\Shell - "" = AutoRun
O33 - MountPoints2\{6853cf71-0fcd-11dd-ae3d-0015af7a9c4a}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{74198010-cba0-11dd-b64e-0016d3899b94}\Shell\AutoRun\command - "" = G:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\isew32.exe
O33 - MountPoints2\{74198010-cba0-11dd-b64e-0016d3899b94}\Shell\open\command - "" = G:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\isew32.exe
O33 - MountPoints2\{748fa335-657e-11de-b56f-0015af7a9c4a}\Shell - "" = AutoRun
O33 - MountPoints2\{748fa335-657e-11de-b56f-0015af7a9c4a}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{748fa33e-657e-11de-b56f-0015af7a9c4a}\Shell - "" = AutoRun
O33 - MountPoints2\{748fa33e-657e-11de-b56f-0015af7a9c4a}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{7d555f43-a835-11e2-89b9-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{7d555f43-a835-11e2-89b9-806e6f6e6963}\Shell\AutoRun\command - "" = F:\.\Autorun.exe AUTORUN=1
O33 - MountPoints2\{7eb171ea-9dcb-11e2-818c-0016d3899b94}\Shell - "" = AutoRun
O33 - MountPoints2\{7eb171ea-9dcb-11e2-818c-0016d3899b94}\Shell\AutoRun\command - "" = F:\.\Autorun.exe AUTORUN=1
O33 - MountPoints2\{7eb1729f-9dcb-11e2-818c-0016d3899b94}\Shell - "" = AutoRun
O33 - MountPoints2\{7eb1729f-9dcb-11e2-818c-0016d3899b94}\Shell\AutoRun\command - "" = F:\.\Autorun.exe AUTORUN=1
O33 - MountPoints2\{886e50c3-a42b-11e2-b8f1-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{886e50c3-a42b-11e2-b8f1-806e6f6e6963}\Shell\AutoRun\command - "" = F:\.\Autorun.exe AUTORUN=1
O33 - MountPoints2\{b2065e7e-b074-11df-b166-0015af7a9c4a}\Shell - "" = AutoRun
O33 - MountPoints2\{b2065e7e-b074-11df-b166-0015af7a9c4a}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{e8c89092-74c3-11e0-9bf1-0015af7a9c4a}\Shell - "" = AutoRun
O33 - MountPoints2\{e8c89092-74c3-11e0-9bf1-0015af7a9c4a}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{e8c890b3-74c3-11e0-9bf1-0015af7a9c4a}\Shell - "" = AutoRun
O33 - MountPoints2\{e8c890b3-74c3-11e0-9bf1-0015af7a9c4a}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{e8c890bb-74c3-11e0-9bf1-0016d3899b94}\Shell - "" = AutoRun
O33 - MountPoints2\{e8c890bb-74c3-11e0-9bf1-0016d3899b94}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{e8c890cb-74c3-11e0-9bf1-0016d3899b94}\Shell - "" = AutoRun
O33 - MountPoints2\{e8c890cb-74c3-11e0-9bf1-0016d3899b94}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{ebdde03a-8798-11e0-87eb-0015af7a9c4a}\Shell - "" = AutoRun
O33 - MountPoints2\{ebdde03a-8798-11e0-87eb-0015af7a9c4a}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{ec45ea2e-5e1e-11e1-9cc9-0015af7a9c4a}\Shell - "" = AutoRun
O33 - MountPoints2\{ec45ea2e-5e1e-11e1-9cc9-0015af7a9c4a}\Shell\AutoRun\command - "" = G:\Autorun.exe
O33 - MountPoints2\{f861d2db-3087-11e1-9dc1-0016d3899b94}\Shell - "" = AutoRun
O33 - MountPoints2\{f861d2db-3087-11e1-9dc1-0016d3899b94}\Shell\AutoRun\command - "" = F:\.\Autorun.exe AUTORUN=1
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\.\Autorun.exe AUTORUN=1
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013/05/29 04:44:52 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2013/04/29 13:43:32 | 000,000,000 | ---D | C] -- C:\Direkt Foto System 5
[2007/12/18 10:02:20 | 000,180,224 | ---- | C] ( ) -- C:\Windows\System32\rsnp2uvc.dll
[2007/12/18 10:02:20 | 000,176,128 | ---- | C] ( ) -- C:\Windows\System32\csnp2uvc.dll
 
========== Files - Modified Within 30 Days ==========
 
[2013/05/29 02:29:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/05/29 02:28:43 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2013/05/29 02:28:08 | 000,000,004 | ---- | M] () -- C:\Users\Peter\AppData\Roaming\skype.ini
[2013/05/29 02:28:00 | 000,055,117 | ---- | M] () -- C:\Users\Peter\AppData\Roaming\nvModes.001
[2013/05/29 02:27:38 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/05/29 02:27:34 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/05/29 02:27:34 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/05/29 02:27:22 | 3219,578,880 | -HS- | M] () -- C:\hiberfil.sys
[2013/05/28 09:31:00 | 000,000,680 | ---- | M] () -- C:\Users\Peter\AppData\Local\d3d9caps.dat
[2013/05/28 09:30:21 | 000,001,791 | ---- | M] () -- C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Photosmart 5510 series.lnk
[2013/05/28 09:27:05 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{F10355E0-D7BB-4CB9-B945-CD84D48D1311}.job
[2013/05/27 13:20:11 | 000,628,742 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013/05/27 13:20:11 | 000,349,978 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/05/27 13:20:11 | 000,126,260 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013/05/27 13:20:11 | 000,047,958 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/05/27 13:01:00 | 000,000,256 | ---- | M] () -- C:\Windows\tasks\HP Photo Creations Messager.job
[2013/05/27 12:43:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/05/01 20:06:08 | 000,238,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2013/04/29 13:45:12 | 000,001,460 | ---- | M] () -- C:\Users\Public\Desktop\Direkt Foto System 5.lnk
 
========== Files Created - No Company Name ==========
 
[2013/05/29 02:27:22 | 3219,578,880 | -HS- | C] () -- C:\hiberfil.sys
[2013/05/27 11:36:27 | 000,000,004 | ---- | C] () -- C:\Users\Peter\AppData\Roaming\skype.ini
[2013/04/29 13:45:12 | 000,001,460 | ---- | C] () -- C:\Users\Public\Desktop\Direkt Foto System 5.lnk
[2012/03/19 15:47:54 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2012/02/23 09:27:18 | 000,000,680 | ---- | C] () -- C:\Users\Peter\AppData\Local\d3d9caps.dat
[2011/05/14 03:50:42 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011/05/14 03:50:42 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2011/05/13 14:15:24 | 000,060,928 | ---- | C] () -- C:\Users\Peter\AppData\Roaming\skype.dat
[2011/05/11 14:45:55 | 000,014,051 | ---- | C] () -- C:\Windows\System32\RaCoInst.dat
[2011/05/11 14:45:33 | 000,020,480 | ---- | C] () -- C:\Windows\System32\RAEXTUI.dll
[2010/06/08 09:19:24 | 000,692,224 | ---- | C] () -- C:\Windows\System32\libeay32.dll
[2010/06/08 09:19:24 | 000,151,552 | ---- | C] () -- C:\Windows\System32\ssleay32.dll
[2010/05/09 13:00:21 | 000,004,096 | -H-- | C] () -- C:\Users\Peter\AppData\Local\keyfile3.drm
[2008/11/15 11:03:36 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2008/10/30 16:27:24 | 000,014,336 | ---- | C] () -- C:\Users\Peter\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/10/30 16:02:28 | 000,000,161 | ---- | C] () -- C:\Users\Peter\AppData\default.pls
[2008/05/31 11:32:22 | 000,000,034 | ---- | C] () -- C:\Users\Peter\AppData\Roaming\Default.PLS
[2008/03/08 11:50:06 | 000,000,412 | ---- | C] () -- C:\Windows\MAXLINK.INI
[2008/02/28 13:08:29 | 000,055,117 | ---- | C] () -- C:\Users\Peter\AppData\Roaming\nvModes.001
[2008/02/28 10:42:26 | 000,055,117 | ---- | C] () -- C:\Users\Peter\AppData\Roaming\nvModes.dat
[2008/02/28 08:18:00 | 000,000,394 | ---- | C] () -- C:\Users\Peter\AppData\Roaming\wklnhst.dat
[2007/12/18 10:54:32 | 000,009,867 | ---- | C] () -- C:\Windows\System32\drivers\HOTKEY.sys
[2007/12/18 10:02:20 | 001,749,760 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2007/12/18 10:02:20 | 000,028,160 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys
[2007/12/18 10:02:20 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini
[2007/12/18 10:02:20 | 000,000,036 | ---- | C] () -- C:\Windows\PidList.ini
[2007/12/17 23:55:09 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2007/12/09 13:50:19 | 000,000,000 | ---- | C] () -- C:\Windows\tosOBEX.INI
[2007/12/09 13:18:59 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll
[2007/12/09 13:18:58 | 000,006,768 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2007/12/05 10:30:06 | 000,127,184 | ---- | C] () -- C:\Windows\Unwise.exe
[2007/12/05 07:37:12 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2007/10/18 13:04:09 | 000,515,328 | ---- | C] () -- C:\Windows\System32\drivers\USBGENE1.sys
[2007/10/18 13:04:09 | 000,232,704 | ---- | C] () -- C:\Windows\System32\drivers\USBGENE0.sys
[2007/10/18 13:03:14 | 000,009,824 | ---- | C] () -- C:\Windows\System32\716xCoInstaller.dll
[2006/12/11 00:06:31 | 000,000,000 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2006/11/02 11:33:31 | 000,628,742 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2006/11/02 11:33:31 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2006/11/02 11:33:31 | 000,126,260 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2006/11/02 11:33:31 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2006/11/02 08:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 08:47:37 | 000,476,352 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 08:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 06:33:01 | 000,349,978 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 06:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 06:33:01 | 000,047,958 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 06:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 06:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006/11/02 06:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 04:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 04:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 03:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2003/02/20 12:53:42 | 000,005,702 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI
 
========== LOP Check ==========
 
[2013/05/27 11:42:17 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\3DataManager
[2011/05/03 15:38:58 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\Babylon
[2011/01/19 15:18:00 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\Canon
[2012/12/12 14:28:10 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\DirektFotoSystem3
[2011/05/13 13:53:05 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\mquadr.at
[2008/03/08 11:49:55 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\ScanSoft
[2008/02/28 08:18:43 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\Template
[2013/04/16 12:39:55 | 000,000,000 | ---D | M] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2008/02/28 08:02:20 | 000,000,000 | -HSD | M] -- C:\ProgramData\Anwendungsdaten
[2006/11/02 09:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data
[2013/05/29 02:28:01 | 000,000,000 | ---D | M] -- C:\ProgramData\Babylon
[2008/03/08 11:45:11 | 000,000,000 | -H-D | M] -- C:\ProgramData\CanonBJ
[2011/01/26 07:12:34 | 000,000,000 | ---D | M] -- C:\ProgramData\CanonIJPLM
[2006/11/02 09:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop
[2006/11/02 09:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents
[2008/02/28 08:02:20 | 000,000,000 | -HSD | M] -- C:\ProgramData\Dokumente
[2008/02/28 08:02:20 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favoriten
[2006/11/02 09:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites
[2012/08/23 15:18:45 | 000,000,000 | ---D | M] -- C:\ProgramData\HappyFoto-Designer
[2011/05/13 13:53:05 | 000,000,000 | ---D | M] -- C:\ProgramData\m2backup
[2007/12/09 13:20:53 | 000,000,000 | ---D | M] -- C:\ProgramData\MAGIX
[2012/02/23 09:16:57 | 000,000,000 | ---D | M] -- C:\ProgramData\mquadr.at
[2011/05/11 14:46:56 | 000,000,000 | ---D | M] -- C:\ProgramData\Ralink
[2008/03/08 11:49:52 | 000,000,000 | ---D | M] -- C:\ProgramData\ScanSoft
[2006/11/02 09:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu
[2008/02/28 08:02:20 | 000,000,000 | -HSD | M] -- C:\ProgramData\Startmenü
[2006/11/02 09:02:04 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates
[2011/05/11 14:15:22 | 000,000,000 | ---D | M] -- C:\ProgramData\TP-LINK
[2011/05/11 14:45:54 | 000,000,000 | ---D | M] -- C:\ProgramData\TP-LINK Driver
[2007/12/09 13:13:38 | 000,000,000 | ---D | M] -- C:\ProgramData\Ulead Systems
[2008/02/28 08:02:20 | 000,000,000 | -HSD | M] -- C:\ProgramData\Vorlagen
[2007/12/05 10:31:54 | 000,000,000 | ---D | M] -- C:\ProgramData\X10 Settings
[2012/02/23 09:14:51 | 000,000,000 | -H-D | M] -- C:\ProgramData\{0594BEF1-12CE-4053-A10C-630DD69A5F94}
[2011/05/02 10:14:55 | 000,000,000 | -H-D | M] -- C:\ProgramData\{092C512F-9ECA-47B0-BF89-F0FF91DB1676}
[2011/05/13 13:51:44 | 000,000,000 | -H-D | M] -- C:\ProgramData\{0B1855D9-8D06-4BE1-B93C-7EFA1D0C3E32}
[2011/05/11 14:11:16 | 000,000,000 | -H-D | M] -- C:\ProgramData\{29558F44-C67B-4F2C-99E0-F1CE2AE1F960}
[2011/05/11 14:11:07 | 000,000,000 | -H-D | M] -- C:\ProgramData\{392ECEAB-FD15-485B-8C44-C2C591EDECB5}
[2012/02/23 09:25:49 | 000,000,000 | ---D | M] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2007/12/09 13:42:37 | 000,000,000 | ---D | M] -- C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}
[2011/05/13 13:52:22 | 000,000,000 | -H-D | M] -- C:\ProgramData\{DE1CDDDC-29FB-4BCF-94A4-B8339595BAB7}
[2013/05/29 02:28:43 | 000,032,558 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2013/05/28 09:27:05 | 000,000,418 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{F10355E0-D7BB-4CB9-B945-CD84D48D1311}.job
 
========== Purity Check ==========
 
 
< End of report >

 

Themen zu Polizeivirus, Sperrbildschirm, kein abgesicherter Modus
adobe, antivir, autorun, avira, babylontoolbar, bho, bingbar, bonjour, canon, defender, desktop, explorer, firefox, format, google, home, launch, logfile, microsoft, nvidia, object, pdf, plug-in, realtek, rundll, software, wallpaper, windows, winlogon


« Backdoor.Generic12.CDKZ nach Einschalten einer PPPoE Pass Through-Verbindung im öffentlichen Benutzer-Ordner (Win7/64bit) entdeckt | mow.exe neuer Trojaner/Bot »


Ähnliche Themen: Polizeivirus, Sperrbildschirm, kein abgesicherter Modus


  1. Windows XP: GVU Sperrbildschirm, kein abgesicherter Modus möglich
    Log-Analyse und Auswertung - 27.05.2014 (17)
  2. Windows 7 / Sperrbildschirm / Abgesicherter Modus funktioniert nicht
    Plagegeister aller Art und deren Bekämpfung - 17.03.2014 (5)
  3. Interpol-Sperrbildschirm, Win XP, kein abgesicherter Modus klappt - dauernder Neustart
    Log-Analyse und Auswertung - 02.03.2014 (5)
  4. Sperrbildschirm Bundespolizei - kein abgesicherter Modus möglich!
    Log-Analyse und Auswertung - 11.01.2014 (15)
  5. BKA-Trojaner Sperrbildschirm Windows Vista (32bit) kein abgesicherter Modus
    Log-Analyse und Auswertung - 07.01.2014 (14)
  6. Windows 7 weißer Sperrbildschirm/ Abgesicherter Modus funktioniert nicht / LogFile mit OTLPE erstellt
    Log-Analyse und Auswertung - 04.11.2013 (27)
  7. Windows 7, BKA- GVU-Trojaner, Sperrbildschirm, Abgesicherter Modus geht.
    Log-Analyse und Auswertung - 14.09.2013 (7)
  8. GVU Trojaner mit Sperrbildschirm, Abgesicherter Modus funktioniert
    Plagegeister aller Art und deren Bekämpfung - 07.09.2013 (17)
  9. Vindowa Vista Sperrbildschirm, Ukash 100€, kein Taskmngr, Abgesicherter Modus fährt sofort runter
    Plagegeister aller Art und deren Bekämpfung - 07.09.2013 (7)
  10. Vindowa Vista Sperrbildschirm, Ukash 100€, kein Taskmngr, Abgesicherter Modus fährt sofort runter
    Log-Analyse und Auswertung - 06.09.2013 (1)
  11. GVU Malware, Sperrbildschirm, Abgesicherter Modus streikt
    Plagegeister aller Art und deren Bekämpfung - 03.07.2013 (9)
  12. Sperrbildschirm, Ukash 100€, kein Taskmngr, Abgesicherter Modus fährt sofort runter
    Plagegeister aller Art und deren Bekämpfung - 31.05.2013 (15)
  13. Sperrbildschirm, Ukash 100€, kein Taskmngr, Abgesicherter Modus fährt sofort runter
    Plagegeister aller Art und deren Bekämpfung - 06.04.2013 (12)
  14. Polizeivirus Austira - abgesicherter Modus geht nicht - OLTPE schon installiert
    Plagegeister aller Art und deren Bekämpfung - 04.12.2012 (31)
  15. Polizeivirus once again: abgesicherter modus und kaspersky funktionieren nicht
    Log-Analyse und Auswertung - 28.09.2012 (2)
  16. Polizeivirus Österreich - nur abgesicherter Modus mit Eingabeaufforderung funktioniert
    Plagegeister aller Art und deren Bekämpfung - 04.09.2012 (5)
  17. Polizeivirus (West Yorkshire Police) - kein abgesicherter Modus möglich
    Plagegeister aller Art und deren Bekämpfung - 28.07.2012 (20)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Polizeivirus, Sperrbildschirm, kein abgesicherter Modus - Hallo Trojaner-Board! Am Montag habe ich mir offensichtlich den Polizeivirus eingefangen. Ich habe Windows Vista. Der Sperrbildschirm lässt sich nicht umgehen, Abgesicherter Modus fährt sofort wieder runter. Ich habe einen - Polizeivirus, Sperrbildschirm, kein abgesicherter Modus...
Archiv
Du betrachtest: Polizeivirus, Sperrbildschirm, kein abgesicherter Modus auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27