Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
BKA UCASH Sperre

BKA UCASH Sperre


Plagegeister aller Art und deren Bekämpfung: BKA UCASH Sperre

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 28.04.2011, 15:05   #1
Redshape
 
BKA UCASH Sperre - Standard

BKA UCASH Sperre


Hi,
mich hat's auch erwischt. Hier die OTL:

Code:
ATTFilter
OTL logfile created on: 4/28/2011 4:49:39 PM - Run 
OTLPE by OldTimer - Version 3.1.46.0 Folder = X:\Programs\OTLPE
Windows 7 Professional (Version = 6.1.7600) - Type = System
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 87.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 97.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = D: | %SystemRoot% = D:\Windows | %ProgramFiles% = D:\Program Files
Drive C: | 100.00 Mb Total Space | 75.86 Mb Free Space | 75.87% Space Free | Partition Type: NTFS
Drive D: | 148.95 Gb Total Space | 75.34 Gb Free Space | 50.58% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
 
========== Win32 Services (SafeList) ==========
 
SRV - [2011/03/18 20:11:44 | 000,057,640 | ---- | M] () [On_Demand] -- D:\Program Files\Hotspot Shield\bin\HssTrayService.exe -- (HssTrayService)
SRV - [2011/03/18 20:09:44 | 000,285,232 | ---- | M] () [Auto] -- D:\Program Files\Hotspot Shield\bin\openvpnas.exe -- (HotspotShieldService)
SRV - [2011/03/18 19:59:18 | 000,352,304 | ---- | M] (AnchorFree Inc.) [Auto] -- D:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe -- (HssSrv)
SRV - [2011/03/18 19:59:18 | 000,326,704 | ---- | M] () [Auto] -- D:\Program Files\Hotspot Shield\bin\hsswd.exe -- (HssWd)
SRV - [2010/03/28 10:47:30 | 000,246,520 | ---- | M] () [Auto] -- D:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2009/07/21 08:34:28 | 000,185,089 | ---- | M] (Avira GmbH) [Auto] -- D:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009/07/13 21:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009/07/13 21:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 21:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/13 21:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/05/13 10:48:18 | 000,108,289 | ---- | M] (Avira GmbH) [Auto] -- D:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2010/09/22 15:19:02 | 000,037,376 | ---- | M] (AnchorFree Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\HssDrv.sys -- (HssDrv)
DRV - [2010/09/22 15:19:02 | 000,032,768 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand] -- D:\Windows\System32\drivers\taphss.sys -- (taphss)
DRV - [2010/02/24 19:02:30 | 000,015,544 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand] -- D:\Windows\System32\drivers\CPQBttn.sys -- (HBtnKey)
DRV - [2009/12/25 09:57:48 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto] -- D:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009/07/13 21:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)
DRV - [2009/07/13 21:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- D:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2009/07/13 21:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)
DRV - [2009/07/13 19:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009/07/13 19:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)
DRV - [2009/07/13 19:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)
DRV - [2009/07/13 18:13:48 | 001,035,776 | ---- | M] (LSI Corp) [Kernel | On_Demand] -- D:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2009/07/13 18:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\netw5v32.sys -- (netw5v32) Intel(R)
DRV - [2009/07/13 18:02:50 | 000,211,456 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel(R)
DRV - [2009/05/11 04:12:20 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System] -- D:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/03/30 04:33:03 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System] -- D:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2009/02/13 06:35:01 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System] -- D:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
IE - HKU\mauzi_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/
IE - HKU\mauzi_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\mauzi_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\mauzi_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D7 B3 81 89 A0 84 CA 01 [binary data]
IE - HKU\mauzi_ON_D\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\mauzi_ON_D\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - D:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\mauzi_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\NetworkService_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "hxxp://start.icq.com/"
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:2.0.0.4
FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.4&q="
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/04/19 16:27:37 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/03/23 13:22:47 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.18\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/04/19 16:27:37 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.18\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/03/23 13:22:47 | 000,000,000 | ---D | M]
 
[2009/12/24 10:01:47 | 000,000,000 | ---D | M] (No name found) -- D:\Users\mauzi\AppData\Roaming\Mozilla\Extensions
[2011/04/23 07:38:02 | 000,000,000 | ---D | M] (No name found) -- D:\Users\mauzi\AppData\Roaming\Mozilla\Firefox\Profiles\5c3g0eup.default\extensions
[2010/06/24 15:11:02 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- D:\Users\mauzi\AppData\Roaming\Mozilla\Firefox\Profiles\5c3g0eup.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010/09/30 15:51:00 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- D:\Users\mauzi\AppData\Roaming\Mozilla\Firefox\Profiles\5c3g0eup.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011/01/17 09:22:29 | 000,000,000 | ---D | M] (No name found) -- D:\Users\mauzi\AppData\Roaming\Mozilla\Firefox\Profiles\5c3g0eup.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}
[2011/01/17 09:22:28 | 000,000,000 | ---D | M] (No name found) -- D:\Users\mauzi\AppData\Roaming\Mozilla\Firefox\Profiles\5c3g0eup.default\extensions\engine@conduit.com
[2011/04/23 07:24:48 | 000,000,961 | ---- | M] () -- D:\Users\mauzi\AppData\Roaming\Mozilla\Firefox\Profiles\5c3g0eup.default\searchplugins\icqplugin-1.xml
[2010/11/12 20:31:14 | 000,000,961 | ---- | M] () -- D:\Users\mauzi\AppData\Roaming\Mozilla\Firefox\Profiles\5c3g0eup.default\searchplugins\icqplugin-2.xml
[2010/12/13 12:45:51 | 000,000,961 | ---- | M] () -- D:\Users\mauzi\AppData\Roaming\Mozilla\Firefox\Profiles\5c3g0eup.default\searchplugins\icqplugin-3.xml
[2011/03/02 18:22:19 | 000,000,961 | ---- | M] () -- D:\Users\mauzi\AppData\Roaming\Mozilla\Firefox\Profiles\5c3g0eup.default\searchplugins\icqplugin-4.xml
[2011/03/23 13:23:32 | 000,000,961 | ---- | M] () -- D:\Users\mauzi\AppData\Roaming\Mozilla\Firefox\Profiles\5c3g0eup.default\searchplugins\icqplugin-5.xml
[2010/06/24 15:11:02 | 000,000,168 | ---- | M] () -- D:\Users\mauzi\AppData\Roaming\Mozilla\Firefox\Profiles\5c3g0eup.default\searchplugins\icqplugin.gif
[2010/06/24 15:11:02 | 000,000,618 | ---- | M] () -- D:\Users\mauzi\AppData\Roaming\Mozilla\Firefox\Profiles\5c3g0eup.default\searchplugins\icqplugin.src
[2010/07/18 18:18:22 | 000,001,069 | ---- | M] () -- D:\Users\mauzi\AppData\Roaming\Mozilla\Firefox\Profiles\5c3g0eup.default\searchplugins\icqplugin.xml
[2011/04/23 07:38:02 | 000,000,000 | ---D | M] (No name found) -- D:\Program Files\Mozilla Firefox\extensions
[2010/06/10 11:50:29 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- D:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
File not found (No name found) -- C:\USERS\MAUZI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5C3G0EUP.DEFAULT\EXTENSIONS\{800B5000-A755-47E1-992B-48A1C1357F07}
File not found (No name found) -- C:\USERS\MAUZI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5C3G0EUP.DEFAULT\EXTENSIONS\{ACAA314B-EEBA-48E4-AD47-84E31C44796C}
[2010/11/12 20:30:54 | 000,001,392 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010/11/12 20:30:54 | 000,002,344 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\eBay-de.xml
[2010/11/12 20:30:54 | 000,006,805 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010/11/12 20:30:54 | 000,001,178 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010/11/12 20:30:54 | 000,000,801 | ---- | M] () -- D:\Program Files\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009/06/10 17:39:37 | 000,000,824 | ---- | M]) - D:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - D:\Program Files\Hotspot Shield\HssIE\HssIE.dll (AnchorFree Inc.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - D:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O4 - HKLM..\Run: [avgnt] D:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKU\mauzi_ON_D..\Run: [osidfjklsdw.exe] File not found
O4 - HKU\LocalService_ON_D..\RunOnce: [mctadmin] D:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\mauzi_ON_D..\RunOnce: [FlashPlayerUpdate] D:\Windows\System32\Macromed\Flash\FlashUtil10o_Plugin.exe (Adobe Systems, Inc.)
O4 - HKU\NetworkService_ON_D..\RunOnce: [mctadmin] D:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: D:\Users\mauzi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ()
O4 - Startup: D:\Users\mauzi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8 - Extra context menu item: Free YouTube to Mp3 Converter - D:\Users\mauzi\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - D:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - D:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - D:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - D:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKU\mauzi_ON_D Winlogon: Shell - (C:\Users\mauzi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HHXDX8RW\readme[1].exe) - D:\Users\mauzi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HHXDX8RW\readme[1].exe (UKMWHHTXSXVZLCAKW)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 17:42:20 | 000,000,024 | ---- | M] () - D:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{7cea6dc0-7849-11df-acc3-0021866d81fd}\Shell - "" = AutoRun
O33 - MountPoints2\{7cea6dc0-7849-11df-acc3-0021866d81fd}\Shell\AutoRun\command - "" = E:\LaunchU3.exe
O33 - MountPoints2\{d3323608-67de-11df-9e7e-0021866d81fd}\Shell - "" = AutoRun
O33 - MountPoints2\{d3323608-67de-11df-9e7e-0021866d81fd}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011/04/28 09:49:17 | 000,000,000 | ---D | C] -- D:\Kaspersky Rescue Disk 10.0
[2011/04/15 05:08:56 | 000,000,000 | ---D | C] -- D:\Users\mauzi\Desktop\Allgemeine Unterlagen Katrin
[2011/04/15 04:58:51 | 000,000,000 | ---D | C] -- D:\Users\mauzi\Desktop\Modul 1.8 Gerontoligie
[2011/04/14 18:39:59 | 000,716,800 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\jscript.dll
[2011/04/14 18:39:59 | 000,428,032 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\vbscript.dll
[2011/04/14 18:39:56 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- D:\Windows\System32\atmfd.dll
[2011/04/14 18:39:56 | 000,034,304 | ---- | C] (Adobe Systems) -- D:\Windows\System32\atmlib.dll
[2011/04/14 18:39:54 | 000,028,672 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\dnscacheugc.exe
[2011/04/14 18:39:47 | 000,606,208 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mstime.dll
[2011/04/14 18:39:47 | 000,599,040 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msfeeds.dll
[2011/04/14 18:39:47 | 000,386,048 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\html.iec
[2011/04/14 18:39:47 | 000,381,440 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\iedkcs32.dll
[2011/04/14 18:39:47 | 000,185,856 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\iepeers.dll
[2011/04/14 18:39:47 | 000,176,640 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ieui.dll
[2011/04/14 18:39:47 | 000,064,512 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msfeedsbs.dll
[2011/04/14 18:39:47 | 000,048,128 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\jsproxy.dll
[2011/04/14 18:39:47 | 000,044,544 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\licmgr10.dll
[2011/04/14 18:39:47 | 000,012,800 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msfeedssync.exe
[2011/04/14 18:39:46 | 001,638,912 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mshtml.tlb
[2011/04/14 18:39:15 | 002,331,136 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\win32k.sys
[2011/04/14 18:39:08 | 000,191,488 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\FXSCOVER.exe
[2011/04/14 18:39:05 | 000,288,256 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\XpsGdiConverter.dll
[2011/04/14 18:38:59 | 001,164,288 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mfc42u.dll
[2011/04/14 18:38:59 | 001,137,664 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mfc42.dll
[2011/04/01 03:42:48 | 000,000,000 | ---D | C] -- D:\Program Files\SecureW2
[2011/04/01 03:42:47 | 000,000,000 | ---D | C] -- D:\Users\mauzi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SecureW2
[2011/04/01 03:42:47 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\SecureW2
[2011/04/01 03:42:35 | 000,000,000 | ---D | C] -- D:\Users\mauzi\AppData\Local\TempDIR
 
========== Files - Modified Within 30 Days ==========
 
[2011/04/28 09:31:40 | 000,067,584 | --S- | M] () -- D:\Windows\bootstat.dat
[2011/04/28 09:30:25 | 000,001,094 | ---- | M] () -- D:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/04/28 09:22:14 | 000,013,440 | -H-- | M] () -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/04/28 09:22:14 | 000,013,440 | -H-- | M] () -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/04/28 09:19:07 | 000,618,912 | ---- | M] () -- D:\Windows\System32\perfh009.dat
[2011/04/28 09:19:07 | 000,107,232 | ---- | M] () -- D:\Windows\System32\perfc009.dat
[2011/04/28 09:15:03 | 000,001,090 | ---- | M] () -- D:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/04/28 09:14:44 | 1603,772,416 | -HS- | M] () -- D:\hiberfil.sys
[2011/04/24 05:29:30 | 000,107,466 | ---- | M] () -- D:\Users\mauzi\Desktop\zoobesuch.jpg
[2011/04/19 11:46:19 | 000,402,385 | ---- | M] () -- D:\Users\mauzi\Desktop\Wissensmangement Handout_13.04.11.pdf
[2011/04/19 11:41:20 | 000,622,249 | ---- | M] () -- D:\Users\mauzi\Desktop\Modulplan_Gerontologie_2011.pdf
[2011/04/19 11:40:30 | 000,278,140 | ---- | M] () -- D:\Users\mauzi\Desktop\Frailty_Gerontologie.pdf
[2011/04/19 11:40:00 | 000,168,589 | ---- | M] () -- D:\Users\mauzi\Desktop\Fries_Gerontologie.pdf
[2011/04/18 04:45:59 | 000,031,061 | ---- | M] () -- D:\Users\mauzi\Desktop\Assessmentinstrument in der Gerontologie.pdf
[2011/04/18 04:45:02 | 000,580,341 | ---- | M] () -- D:\Users\mauzi\Desktop\Methodik_DEMENZ.pdf
[2011/04/15 03:02:44 | 000,412,744 | ---- | M] () -- D:\Windows\System32\FNTCACHE.DAT
[2011/04/08 04:44:43 | 003,510,400 | ---- | M] () -- D:\Users\mauzi\Documents\Alle wissen alles - keiner weiß Bescheid.mp3
[2011/04/08 04:41:32 | 000,000,000 | ---D | M] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
[2011/04/08 04:41:18 | 000,001,360 | ---- | M] () -- D:\Users\mauzi\Desktop\Free YouTube to MP3 Converter.lnk
[2011/04/07 17:27:57 | 000,000,000 | ---- | M] () -- D:\Windows\System32\cd.dat
[2011/04/07 17:27:44 | 167,120,344 | ---- | M] () -- D:\Windows\MEMORY.DMP
[2011/04/01 03:42:48 | 000,000,000 | ---D | M] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\SecureW2
[2011/03/31 06:15:23 | 000,002,290 | ---- | M] () -- D:\Users\Public\Desktop\Google Chrome.lnk
 
========== Files Created - No Company Name ==========
 
[2011/04/24 05:29:28 | 000,107,466 | ---- | C] () -- D:\Users\mauzi\Desktop\zoobesuch.jpg
[2011/04/19 11:46:18 | 000,402,385 | ---- | C] () -- D:\Users\mauzi\Desktop\Wissensmangement Handout_13.04.11.pdf
[2011/04/19 11:41:19 | 000,622,249 | ---- | C] () -- D:\Users\mauzi\Desktop\Modulplan_Gerontologie_2011.pdf
[2011/04/19 11:40:30 | 000,278,140 | ---- | C] () -- D:\Users\mauzi\Desktop\Frailty_Gerontologie.pdf
[2011/04/19 11:40:00 | 000,168,589 | ---- | C] () -- D:\Users\mauzi\Desktop\Fries_Gerontologie.pdf
[2011/04/18 04:45:59 | 000,031,061 | ---- | C] () -- D:\Users\mauzi\Desktop\Assessmentinstrument in der Gerontologie.pdf
[2011/04/18 04:45:02 | 000,580,341 | ---- | C] () -- D:\Users\mauzi\Desktop\Methodik_DEMENZ.pdf
[2011/04/08 04:45:33 | 003,510,400 | ---- | C] () -- D:\Users\mauzi\Documents\Alle wissen alles - keiner weiß Bescheid.mp3
[2011/04/08 04:41:18 | 000,001,360 | ---- | C] () -- D:\Users\mauzi\Desktop\Free YouTube to MP3 Converter.lnk
[2011/04/07 17:27:57 | 000,000,000 | ---- | C] () -- D:\Windows\System32\cd.dat
[2011/01/11 15:59:07 | 000,028,672 | ---- | C] () -- D:\Windows\System32\NlsMexicons000f.dll
[2010/12/16 13:11:50 | 000,000,056 | -H-- | C] () -- D:\Windows\System32\ezsidmv.dat
[2010/08/15 16:58:20 | 000,140,288 | ---- | C] () -- D:\Windows\System32\igfxtvcx.dll
[2009/09/23 13:16:08 | 002,050,952 | ---- | C] () -- D:\Windows\System32\igkrng400.bin
[2009/07/14 00:57:37 | 000,067,584 | --S- | C] () -- D:\Windows\bootstat.dat
[2009/07/14 00:33:53 | 000,412,744 | ---- | C] () -- D:\Windows\System32\FNTCACHE.DAT
[2009/07/13 22:05:48 | 000,618,912 | ---- | C] () -- D:\Windows\System32\perfh009.dat
[2009/07/13 22:05:48 | 000,291,294 | ---- | C] () -- D:\Windows\System32\perfi009.dat
[2009/07/13 22:05:48 | 000,107,232 | ---- | C] () -- D:\Windows\System32\perfc009.dat
[2009/07/13 22:05:48 | 000,031,548 | ---- | C] () -- D:\Windows\System32\perfd009.dat
[2009/07/13 22:05:05 | 000,000,741 | ---- | C] () -- D:\Windows\System32\NOISE.DAT
[2009/07/13 22:04:11 | 000,215,943 | ---- | C] () -- D:\Windows\System32\dssec.dat
[2009/07/13 20:19:49 | 000,066,048 | ---- | C] () -- D:\Windows\System32\PrintBrmUi.exe
[2009/07/13 20:02:54 | 000,245,248 | ---- | C] () -- D:\Windows\System32\DShowRdpFilter.dll
[2009/07/13 19:55:01 | 000,043,131 | ---- | C] () -- D:\Windows\mib.bin
[2009/07/13 19:51:43 | 000,073,728 | ---- | C] () -- D:\Windows\System32\BthpanContextHandler.dll
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- D:\Windows\System32\BWContextHandler.dll
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- D:\Windows\System32\mlang.dat
 
========== LOP Check ==========
 
[2009/07/14 00:53:55 | 000,000,000 | -HSD | M] -- D:\ProgramData\Application Data
[2009/07/14 00:53:55 | 000,000,000 | -HSD | M] -- D:\ProgramData\Desktop
[2009/07/14 00:53:55 | 000,000,000 | -HSD | M] -- D:\ProgramData\Documents
[2009/07/14 00:53:55 | 000,000,000 | -HSD | M] -- D:\ProgramData\Favorites
[2010/06/24 15:11:07 | 000,000,000 | ---D | M] -- D:\ProgramData\ICQ
[2009/07/14 00:53:55 | 000,000,000 | -HSD | M] -- D:\ProgramData\Start Menu
[2009/07/14 00:53:55 | 000,000,000 | -HSD | M] -- D:\ProgramData\Templates
[2011/04/01 11:31:35 | 000,032,608 | ---- | M] () -- D:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
< End of report >
Bitte um Hilfe. Vielen Dank im voraus.
Mfg

 

Themen zu BKA UCASH Sperre
adobe, antivir, autorun, avgntflt.sys, avira, bho, converter, defender, desktop, error, explorer, explorer.exe, firefox, format, hotspot, hotspot shield, icq, kaspersky, kaspersky rescue, langs, location, logfile, microsoft, modul, mozilla, mp3, object, oldtimer, reatogo, registry, scan, sched.exe, searchplugins, software, start menu, ucash, webcheck, winlogon


« TR/kazy.mekml.1 | Update Antivir, Systemwiederherstellung und Download von Maleware-Programmen funktioniert nicht »


Ähnliche Themen: BKA UCASH Sperre


  1. Win7 GVU Sperre
    Log-Analyse und Auswertung - 19.02.2013 (10)
  2. Ucash entfernen
    Log-Analyse und Auswertung - 18.12.2012 (13)
  3. Ucash Virus
    Plagegeister aller Art und deren Bekämpfung - 28.10.2012 (9)
  4. Ucash Bundestrojaner
    Plagegeister aller Art und deren Bekämpfung - 28.09.2012 (17)
  5. BKA Trojaner - UCash 100€
    Log-Analyse und Auswertung - 25.09.2012 (23)
  6. BKA Trojaner/Ucash
    Log-Analyse und Auswertung - 09.08.2012 (6)
  7. Gvu Trojaner Ucash 100€
    Plagegeister aller Art und deren Bekämpfung - 02.08.2012 (4)
  8. UCASH Verschlüsselung
    Mülltonne - 27.07.2012 (1)
  9. UCash-Trojaner
    Plagegeister aller Art und deren Bekämpfung - 19.07.2012 (3)
  10. AKM Virus,PC-Sperre
    Plagegeister aller Art und deren Bekämpfung - 08.05.2012 (3)
  11. Ucash - Trojaner
    Log-Analyse und Auswertung - 02.05.2012 (9)
  12. bundespolizeitrojaner/ucash
    Plagegeister aller Art und deren Bekämpfung - 29.03.2012 (1)
  13. 50€ ucash Virus
    Log-Analyse und Auswertung - 03.02.2012 (11)
  14. BKA Computersperre UCASH
    Plagegeister aller Art und deren Bekämpfung - 29.04.2011 (17)
  15. BKA Trojaner mit Ucash
    Plagegeister aller Art und deren Bekämpfung - 20.04.2011 (1)
  16. 0193-Sperre
    Antiviren-, Firewall- und andere Schutzprogramme - 20.10.2003 (5)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema BKA UCASH Sperre - Hi, mich hat's auch erwischt. Hier die OTL: Code: Alles auswählen Aufklappen ATTFilter OTL logfile created on: 4/28/2011 4:49:39 PM - Run OTLPE by OldTimer - Version 3.1.46.0 Folder = - BKA UCASH Sperre...
Archiv
Du betrachtest: BKA UCASH Sperre auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131