| |
| |||||||
Log-Analyse und Auswertung: Sparkassen Trojaner ITAN AbfrageWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
09.06.2011, 21:48
| #1 |
| |  Sparkassen Trojaner ITAN Abfrage Hi, ich habe seit Anfang dieser Woche ebenfalls den Sparkassen Trojaner auf meinem PC. Onlinebanking ist bereits gesperrt - jetzt muss ich das Ding nur noch runterbekommen oder neu aufsetzen. Wäre super, wenn Ihr mir helfen könntet. Folgende Meldung beim Anmelden auf der Sparkassenseite: Sehr geehrter Benutzer, die Laufzeit der iTAN-Liste für Ihr account beträgt 30 Tagen. Bitte bestätigen Sie Ihre gültige iTAN-Liste, damit wir für Sie eine neue Karte vorbereiten könnten. Um Ihre Liste zu bestätigen, füllen Sie die Form unten und drücken Sie die Taste "Anmelden". Hab schon Malwarebytes, OTL, HJTscanlist.zip, CC Cleaner drüber laufen lassen. Hier die Ergebnisse: Code:
ATTFilter Malwarebytes:
Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org
Datenbank Version: 6812
Windows 6.0.6002 Service Pack 2
Internet Explorer 9.0.8112.16421
09.06.2011 07:00:41
mbam-log-2011-06-09 (07-00-41).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|)
Durchsuchte Objekte: 365040
Laufzeit: 2 Stunde(n), 9 Minute(n), 14 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 2
Infizierte Registrierungswerte: 1
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 2
Infizierte Dateien: 4
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Live-Player (Malware.Trace) -> Quarantined and deleted successfully.
Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\0JUC5I2ZXZ6C0Y9AMPWRKP (Trojan.SpyEyes) -> Value: 0JUC5I2ZXZ6C0Y9AMPWRKP -> Quarantined and deleted successfully.
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
c:\Recycle.Bin (Trojan.Spyeyes) -> Quarantined and deleted successfully.
c:\syufahusjif (Trojan.SpyEyes) -> Quarantined and deleted successfully.
Infizierte Dateien:
c:\Users\Marco\AppData\Local\Temp\Rar$EX01.157\ocr\netload.in\asmcaptcha\test.exe (Malware.Packer) -> Quarantined and deleted successfully.
c:\Users\Marco\AppData\Local\Temp\Rar$EX01.157\router\fritz!box\nc.exe (PUP.KeyLogger) -> Quarantined and deleted successfully.
c:\Recycle.Bin\config.bin (Trojan.Spyeyes) -> Quarantined and deleted successfully.
c:\syufahusjif\config.bin (Trojan.SpyEyes) -> Quarantined and deleted successfully.
Code:
ATTFilter OTL OTL logfile created on: 09.06.2011 22:26:19 - Run 1 OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\Marco\Downloads Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 893,42 Mb Total Physical Memory | 207,04 Mb Available Physical Memory | 23,17% Memory free 2,00 Gb Paging File | 0,51 Gb Available in Paging File | 25,29% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 136,46 Gb Total Space | 12,06 Gb Free Space | 8,84% Space Free | Partition Type: NTFS Drive D: | 10,00 Gb Total Space | 6,26 Gb Free Space | 62,61% Space Free | Partition Type: NTFS Computer Name: MARCO-PC | User Name: Marco | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Marco\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Programme\Internet Explorer\iexplore.exe (Microsoft Corporation) PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) PRC - C:\Programme\CCleaner\CCleaner.exe (Piriform Ltd) PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH) PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Windows\System32\Macromed\Flash\FlashUtil10e.exe (Adobe Systems, Inc.) PRC - C:\Programme\CDBurnerXP\NMSAccessU.exe () PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Windows\System32\conime.exe (Microsoft Corporation) PRC - c:\Programme\McAfee\MSC\mcupdmgr.exe (McAfee, Inc.) PRC - C:\Programme\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.) PRC - c:\Programme\Common Files\McAfee\MNA\McNASvc.exe (McAfee, Inc.) PRC - C:\Programme\Windows Mail\WinMail.exe (Microsoft Corporation) PRC - C:\Programme\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.) PRC - C:\Programme\McAfee.com\Agent\mcagent.exe (McAfee, Inc.) PRC - c:\Programme\McAfee\MSC\mcuimgr.exe (McAfee, Inc.) PRC - C:\Programme\Dell\MediaDirect\PCMService.exe (CyberLink Corp.) PRC - C:\Programme\DellSupport\DSAgnt.exe (Gteko Ltd.) PRC - C:\Windows\System32\stacsv.exe (SigmaTel, Inc.) PRC - C:\Windows\sttray.exe (SigmaTel, Inc.) PRC - C:\Programme\Dell\QuickSet\quickset.exe (Dell Inc) PRC - C:\Windows\OEM02Mon.exe (Creative Technology Ltd.) PRC - C:\Programme\McAfee\MPS\mps.exe (McAfee, Inc.) PRC - C:\Programme\Common Files\McAfee\McProxy\McProxy.exe (McAfee, Inc.) PRC - C:\Programme\McAfee\MSK\msksrver.exe (McAfee Inc.) PRC - C:\Programme\McAfee\MSK\mskagent.exe (McAfee Inc.) PRC - C:\Programme\McAfee\VirusScan\mcods.exe (McAfee, Inc.) PRC - C:\Programme\McAfee\MPS\mpsevh.exe (McAfee, Inc.) PRC - C:\Programme\McAfee\MPF\MpfSrv.exe (McAfee, Inc.) PRC - C:\Programme\Common Files\McAfee\RedirSvc\RedirSvc.exe (McAfee, Inc.) PRC - C:\Programme\Common Files\McAfee\HackerWatch\HWAPI.exe (McAfee, Inc.) PRC - C:\Programme\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions) PRC - C:\Programme\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe (Sonic Solutions) PRC - C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation) PRC - C:\Programme\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe (Pinnacle Systems) PRC - C:\Programme\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.) ========== Modules (SafeList) ========== MOD - C:\Users\Marco\Downloads\OTL.exe (OldTimer Tools) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (NMSAccessU) -- C:\Programme\CDBurnerXP\NMSAccessU.exe () SRV - (McNASvc) -- c:\program files\common files\mcafee\mna\mcnasvc.exe (McAfee, Inc.) SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (mcmscsvc) -- C:\Programme\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.) SRV - (DSBrokerService) -- C:\Program Files\DellSupport\brkrsvc.exe () SRV - (STacSV) -- C:\Windows\System32\stacsv.exe (SigmaTel, Inc.) SRV - (McSysmon) -- C:\Programme\McAfee\VirusScan\mcsysmon.exe (McAfee, Inc.) SRV - (MPS9) -- C:\Programme\McAfee\MPS\mps.exe (McAfee, Inc.) SRV - (McProxy) -- C:\Programme\Common Files\McAfee\McProxy\McProxy.exe (McAfee, Inc.) SRV - (MSK80Service) -- C:\Program Files\McAfee\MSK\MskSrver.exe (McAfee Inc.) SRV - (McODS) -- C:\Programme\McAfee\VirusScan\mcods.exe (McAfee, Inc.) SRV - (MpfService) -- C:\Program Files\McAfee\MPF\MPFSrv.exe (McAfee, Inc.) SRV - (McRedirector) -- C:\Programme\Common Files\McAfee\RedirSvc\RedirSvc.exe (McAfee, Inc.) SRV - (Emproxy) -- C:\Programme\Common Files\McAfee\EmProxy\emproxy.exe (McAfee, Inc.) SRV - (McAfee HackerWatch Service) -- C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe (McAfee, Inc.) SRV - (McShield) -- C:\Programme\McAfee\VirusScan\Mcshield.exe (McAfee, Inc.) SRV - (UPnPService) -- C:\Programme\Common Files\MAGIX Shared\UPnPService\UPnPService.exe (Magix AG) SRV - (FirebirdServerMAGIXInstance) -- C:\Programme\MAGIX\Common\Database\bin\fbserver.exe (MAGIX®) SRV - (UleadBurningHelper) -- C:\Programme\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.) ========== Driver Services (SafeList) ========== DRV - (MBAMSwissArmy) -- C:\Windows\System32\drivers\mbamswissarmy.sys (Malwarebytes Corporation) DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation) DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH) DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH) DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (StarOpen) -- C:\Windows\System32\drivers\StarOpen.sys () DRV - (ACEDRV09) -- C:\Windows\System32\drivers\ACEDRV09.sys (Protect Software GmbH) DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.) DRV - (OEM02Dev) -- C:\Windows\System32\drivers\OEM02Dev.sys (Creative Technology Ltd.) DRV - (STHDA) -- C:\Windows\System32\drivers\stwrt.sys (SigmaTel, Inc.) DRV - (OEM02Vfx) -- C:\Windows\System32\drivers\OEM02Vfx.sys (EyePower Games Pte. Ltd.) DRV - (dsunidrv) -- C:\Windows\System32\drivers\dsunidrv.sys (Gteko Ltd.) DRV - (MPFP) -- C:\Windows\System32\drivers\Mpfp.sys (McAfee, Inc.) DRV - (mfesmfk) -- C:\Windows\System32\drivers\mfesmfk.sys (McAfee, Inc.) DRV - (mferkdk) -- C:\Programme\McAfee\VirusScan\mferkdk.sys (McAfee, Inc.) DRV - (bcm4sbxp) -- C:\Windows\System32\drivers\bcm4sbxp.sys (Broadcom Corporation) DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC) DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC) DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC) DRV - (AtiPcie) ATI PCI Express (3GIO) -- C:\Windows\system32\DRIVERS\AtiPcie.sys (ATI Technologies Inc.) DRV - (DSproct) -- C:\Programme\DellSupport\GTAction\triggers\DSproct.sys (Gteko Ltd.) DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.) DRV - (PCLEPCI) -- C:\Windows\System32\drivers\Pclepci.sys (Pinnacle Systems GmbH) DRV - (ASAPIW2k) -- C:\Windows\System32\drivers\asapiW2k.sys (Pinnacle Systems GmbH) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.de/ig/dell?hl=de&client=dell-row&channel=de&ibd=1070729 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ig/dell?hl=de&client=dell-row&channel=de&ibd=1070729 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Google" FF - prefs.js..browser.search.defaulturl: "hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=" FF - prefs.js..browser.search.selectedEngine: "Google" FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2010.02.11 17:30:28 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 1.5.0.7\Extensions\\Components: C:\PROGRA~1\MOZILL~1\COMPON~1\ [2011.04.06 22:09:51 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 1.5.0.7\Extensions\\Plugins: C:\PROGRA~1\MOZILL~1\plugins\ [2009.10.26 23:43:19 | 000,000,000 | ---D | M] [2011.05.21 20:43:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marco\AppData\Roaming\mozilla\Firefox\Profiles\8qcs8lgy.default\extensions [2010.02.11 17:52:54 | 000,000,000 | ---D | M] ("Microsoft .NET Framework Assistant") -- C:\Users\Marco\AppData\Roaming\mozilla\Firefox\Profiles\8qcs8lgy.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010.02.11 17:52:54 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\Marco\AppData\Roaming\mozilla\Firefox\Profiles\8qcs8lgy.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2010.02.11 17:27:27 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2010.02.11 17:27:26 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Programme\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2010.02.11 17:27:25 | 000,000,000 | ---D | M] (Mozilla Firefox distributed by RealNetworks) -- C:\Programme\Mozilla Firefox\extensions\realplayer@partners.mozilla.com [2010.02.11 17:27:26 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} [2010.02.11 17:27:27 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} [2010.02.11 17:27:25 | 000,000,000 | ---D | M] (Mozilla Firefox distributed by RealNetworks) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\REALPLAYER@PARTNERS.MOZILLA.COM [2010.02.11 17:30:28 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAM FILES\REAL\REALPLAYER\BROWSERRECORD [2010.01.15 22:54:30 | 000,060,526 | ---- | M] (Mozilla Foundation) -- C:\Programme\Mozilla Firefox\components\jar50.dll [2010.01.15 22:54:30 | 000,049,256 | ---- | M] (Mozilla Foundation) -- C:\Programme\Mozilla Firefox\components\jsd3250.dll [2010.01.15 22:54:33 | 000,166,000 | ---- | M] (Mozilla Foundation) -- C:\Programme\Mozilla Firefox\components\xpinstal.dll [2010.01.15 22:54:53 | 000,000,680 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazon-de.png [2010.01.15 22:54:53 | 000,000,804 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazon-de.src [2010.01.15 22:54:53 | 000,000,210 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.gif [2010.01.15 22:54:53 | 000,001,075 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.src [2010.01.15 22:54:53 | 000,001,076 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\google-de.gif [2010.01.15 22:54:53 | 000,000,892 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\google-de.src [2010.01.15 22:54:53 | 000,000,232 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.png [2010.01.15 22:54:53 | 000,001,157 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.src [2010.01.15 22:54:53 | 000,000,088 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.gif [2010.01.15 22:54:53 | 000,001,147 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.src O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Programme\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\Programme\McAfee\VirusScan\scriptcl.dll (McAfee, Inc.) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Programme\Google\GoogleToolbar2.dll (Google Germany GmbH) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll (Google Inc.) O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Programme\BAE\BAE.dll (Dell Inc.) O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Programme\Google\GoogleToolbar2.dll (Google Germany GmbH) O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Programme\Google\GoogleToolbar2.dll (Google Germany GmbH) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [BearShare] File not found O4 - HKLM..\Run: [ECenter] c:\DELL\E-Center\EULALauncher.exe ( ) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.) O4 - HKLM..\Run: [MskAgentexe] C:\Programme\McAfee\MSK\mskagent.exe (McAfee Inc.) O4 - HKLM..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe (Creative Technology Ltd.) O4 - HKLM..\Run: [PCMService] C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.) O4 - HKLM..\Run: [PinnacleDriverCheck] C:\Windows\System32\PSDrvCheck.exe () O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions) O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Windows\sttray.exe (SigmaTel, Inc.) O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [TrayServer] C:\Programme\MAGIX\Video_deluxe_2007_2008\Trayserver.exe (MAGIX AG) O4 - HKLM..\Run: [USB2Check] File not found O4 - HKLM..\Run: [USBToolTip] C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe (Pinnacle Systems) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKCU..\Run: [1X8C4VXU8ZZC7V4WOUHQFDNICMPMHW] C:\rgotgktjgbt\rgotgktjgbt.exe (HD1B) O4 - HKCU..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.) O4 - HKCU..\Run: [dydtpfk] File not found O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe () O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe () O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet) O15 - HKCU\..Trusted Domains: microsoft.com ([]* in Trusted sites) O15 - HKCU\..Trusted Domains: microsoft.com ([*.update] * in Trusted sites) O15 - HKCU\..Trusted Domains: microsoft.com ([*.windowsupdate] * in Trusted sites) O15 - HKCU\..Trusted Domains: windowsupdate.com ([]* in Trusted sites) O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} https://asp.photoprintit.de/microsite/defaults/activex/ips/IPSUploader4.cab (IPSUploader4 Control) O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0) O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-internet-signup {A173B69A-1F9B-4823-9FDA-412F641E65D6} - C:\Programme\Tiscali\Tiscali Internet\dlls\tiscalifilter.dll () O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\Marco\Pictures\2010-01-10 Kleinostheim im Schnee\Kleinostheim im Schnee 009.JPG O24 - Desktop BackupWallPaper: C:\Users\Marco\Pictures\2010-01-10 Kleinostheim im Schnee\Kleinostheim im Schnee 009.JPG O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.06.09 21:45:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2011.06.09 21:45:11 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner [2011.06.08 21:31:44 | 000,000,000 | ---D | C] -- C:\Users\Marco\AppData\Roaming\Malwarebytes [2011.06.08 21:31:34 | 000,039,984 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2011.06.08 21:31:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011.06.08 21:31:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011.06.08 21:31:27 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2011.06.08 21:31:27 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware [2011.06.07 20:31:59 | 000,000,000 | ---D | C] -- C:\Users\Marco\AppData\Roaming\Avira [2011.06.07 19:55:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira [2011.06.07 19:54:27 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys [2011.06.07 19:54:25 | 000,137,656 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys [2011.06.07 19:54:25 | 000,061,960 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys [2011.06.07 19:54:21 | 000,000,000 | ---D | C] -- C:\Programme\Avira [2011.06.07 19:54:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2011.06.04 14:21:04 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll [2011.06.04 14:21:04 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll [2011.06.04 14:21:04 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2011.06.04 14:21:03 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2011.06.04 14:21:03 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2011.06.04 14:21:03 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe [2011.06.04 14:21:03 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe [2011.06.04 14:21:03 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll [2011.06.04 14:21:01 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2011.06.04 14:21:00 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat [2011.06.04 14:21:00 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll [2011.06.04 14:21:00 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll [2011.06.04 14:21:00 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll [2011.06.04 14:21:00 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2011.06.04 14:21:00 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2011.06.04 14:20:59 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2011.06.04 14:20:59 | 000,353,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2011.06.04 14:20:59 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2011.06.04 14:20:59 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll [2011.06.04 14:20:59 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2011.06.04 14:20:59 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll [2011.06.04 14:20:58 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2011.06.04 14:20:58 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2011.06.04 14:20:58 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll [2011.06.04 14:20:58 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe [2011.06.04 14:20:58 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe [2011.06.04 14:20:58 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2011.06.04 14:20:58 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll [2011.06.04 14:20:57 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2011.06.04 14:20:57 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll [2011.06.04 14:20:57 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll [2011.06.04 14:20:57 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll [2011.06.04 14:20:57 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll [2011.06.04 14:20:57 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2011.06.04 14:20:57 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll [2011.06.04 14:20:57 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll [2011.06.04 14:20:57 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2011.06.04 14:20:57 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll [2011.06.04 14:20:57 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011.06.09 22:29:05 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011.06.09 21:45:19 | 000,000,806 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2011.06.09 21:15:17 | 000,005,594 | ---- | M] () -- C:\Windows\System32\Config.MPF [2011.06.09 21:14:43 | 000,490,904 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2011.06.09 21:12:54 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011.06.09 21:12:53 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011.06.09 21:12:38 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011.06.09 21:12:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.06.09 21:12:03 | 937,582,592 | -HS- | M] () -- C:\hiberfil.sys [2011.06.08 21:31:34 | 000,000,908 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.06.07 23:15:17 | 000,019,968 | ---- | M] () -- C:\Users\Marco\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.06.07 19:55:12 | 000,001,849 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk [2011.06.06 21:59:27 | 000,628,742 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2011.06.06 21:59:27 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011.06.06 21:59:27 | 000,126,260 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2011.06.06 21:59:27 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011.06.06 20:30:43 | 000,001,973 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2011.06.05 14:28:42 | 000,001,054 | ---- | M] () -- C:\Users\Public\Desktop\CEWE FOTOSCHAU.lnk [2011.06.05 14:28:41 | 000,001,079 | ---- | M] () -- C:\Users\Public\Desktop\Meine CEWE FOTOWELT.lnk [2011.06.04 21:08:54 | 000,002,633 | ---- | M] () -- C:\Users\Marco\Desktop\Microsoft Office Excel 2007.lnk [2011.06.04 14:21:25 | 000,008,798 | ---- | M] () -- C:\Windows\System32\icrav03.rat [2011.06.04 14:21:25 | 000,001,988 | ---- | M] () -- C:\Windows\System32\ticrf.rat [2011.06.04 14:21:04 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll [2011.06.04 14:21:04 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll [2011.06.04 14:21:04 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2011.06.04 14:21:03 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2011.06.04 14:21:03 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2011.06.04 14:21:03 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe [2011.06.04 14:21:03 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe [2011.06.04 14:21:03 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll [2011.06.04 14:21:01 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2011.06.04 14:21:01 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll [2011.06.04 14:21:00 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat [2011.06.04 14:21:00 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll [2011.06.04 14:21:00 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll [2011.06.04 14:21:00 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2011.06.04 14:21:00 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2011.06.04 14:21:00 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf [2011.06.04 14:21:00 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2011.06.04 14:20:59 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2011.06.04 14:20:59 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2011.06.04 14:20:59 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2011.06.04 14:20:59 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll [2011.06.04 14:20:59 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll [2011.06.04 14:20:58 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2011.06.04 14:20:58 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2011.06.04 14:20:58 | 000,420,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll [2011.06.04 14:20:58 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe [2011.06.04 14:20:58 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe [2011.06.04 14:20:58 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2011.06.04 14:20:58 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll [2011.06.04 14:20:57 | 001,797,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2011.06.04 14:20:57 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll [2011.06.04 14:20:57 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll [2011.06.04 14:20:57 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll [2011.06.04 14:20:57 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll [2011.06.04 14:20:57 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2011.06.04 14:20:57 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll [2011.06.04 14:20:57 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll [2011.06.04 14:20:57 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2011.06.04 14:20:57 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll [2011.06.04 14:20:57 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2011.06.04 12:29:00 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job [2011.05.29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2011.05.29 09:11:20 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2011.05.15 13:09:40 | 000,000,382 | ---- | M] () -- C:\Windows\tasks\McDefragTask.job [1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2011.06.09 21:45:19 | 000,000,806 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk [2011.06.08 21:31:34 | 000,000,908 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.06.07 19:55:11 | 000,001,849 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk [2011.06.04 14:21:00 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf [2010.04.05 21:00:31 | 000,019,968 | ---- | C] () -- C:\Users\Marco\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.02.11 22:00:49 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2010.02.11 21:58:29 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2010.02.11 21:58:29 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2010.02.11 18:04:50 | 000,021,532 | ---- | C] () -- C:\Windows\System32\emptyregdb.dat [2010.02.11 17:00:07 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll [2010.02.11 17:00:01 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll [2010.02.11 16:59:44 | 000,006,656 | ---- | C] () -- C:\Windows\System32\stacutil.dll [2010.02.11 16:59:40 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat [2010.02.11 16:59:40 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll [2010.02.11 16:59:40 | 000,143,676 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat [2009.12.24 14:08:26 | 000,007,168 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys [2008.09.13 11:34:27 | 000,001,025 | ---- | C] () -- C:\Windows\System32\sysprs7.dll [2008.09.13 11:34:27 | 000,001,025 | ---- | C] () -- C:\Windows\System32\clauth2.dll [2008.09.13 11:34:27 | 000,001,025 | ---- | C] () -- C:\Windows\System32\clauth1.dll [2008.09.13 11:34:27 | 000,000,205 | ---- | C] () -- C:\Windows\System32\lsprst7.dll [2008.09.13 11:34:27 | 000,000,073 | ---- | C] () -- C:\Windows\System32\ssprs.dll [2008.08.03 21:02:15 | 000,000,016 | -H-- | C] () -- C:\Users\Marco\AppData\Roaming\mxfilerelatedcache.mxc2 [2008.02.16 15:45:09 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2008.02.16 15:41:22 | 000,003,425 | ---- | C] () -- C:\Windows\mozver.dat [2007.08.17 11:58:12 | 000,006,768 | ---- | C] () -- C:\Windows\mgxoschk.ini [2007.08.05 11:05:07 | 000,153,088 | ---- | C] () -- C:\Programme\UNWISE.EXE [2007.08.05 10:51:17 | 000,406,016 | ---- | C] () -- C:\Windows\System32\PSDrvCheck.exe [2007.08.05 10:49:26 | 000,196,096 | ---- | C] () -- C:\Windows\System32\MACD32.DLL [2007.08.05 10:49:26 | 000,138,752 | ---- | C] () -- C:\Windows\System32\MASE32.DLL [2007.08.05 10:49:26 | 000,136,192 | ---- | C] () -- C:\Windows\System32\MAMC32.DLL [2007.08.05 10:49:26 | 000,057,856 | ---- | C] () -- C:\Windows\System32\MASD32.DLL [2007.08.05 10:49:26 | 000,027,648 | ---- | C] () -- C:\Windows\System32\MA32.DLL [2007.08.04 13:46:48 | 000,000,020 | ---- | C] () -- C:\Windows\Ulead32.ini [2007.07.28 19:31:08 | 000,065,536 | ---- | C] () -- C:\Windows\System32\bcmwlrmt.dll [2007.07.28 19:31:05 | 000,024,064 | ---- | C] () -- C:\Windows\System32\WLTRYSVC.EXE [2007.07.28 19:29:56 | 000,000,080 | RHS- | C] () -- C:\Windows\CT4CET.bin [2006.11.07 21:25:58 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini [2006.11.02 17:33:31 | 000,628,742 | ---- | C] () -- C:\Windows\System32\perfh007.dat [2006.11.02 17:33:31 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat [2006.11.02 17:33:31 | 000,126,260 | ---- | C] () -- C:\Windows\System32\perfc007.dat [2006.11.02 17:33:31 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat [2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006.11.02 14:47:37 | 000,490,904 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006.11.02 12:33:01 | 000,595,996 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2006.11.02 12:33:01 | 000,104,070 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2006.09.17 00:36:50 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll [2006.09.17 00:36:50 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll [2004.03.18 07:44:29 | 001,663,068 | ---- | C] () -- C:\Windows\System32\libmmd.dll ========== Alternate Data Streams ========== @Alternate Data Stream - 76 bytes -> C:\Users\Marco\Documents\REZEPTE:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\Marco\Documents\Kinder:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> C:\Users\Marco\Documents\Eigentumswohnung:Roxio EMC Stream < End of report > Code:
ATTFilter OTL Extras logfile created on: 09.06.2011 22:26:19 - Run 1
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\Marco\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
893,42 Mb Total Physical Memory | 207,04 Mb Available Physical Memory | 23,17% Memory free
2,00 Gb Paging File | 0,51 Gb Available in Paging File | 25,29% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 136,46 Gb Total Space | 12,06 Gb Free Space | 8,84% Space Free | Partition Type: NTFS
Drive D: | 10,00 Gb Total Space | 6,26 Gb Free Space | 62,61% Space Free | Partition Type: NTFS
Computer Name: MARCO-PC | User Name: Marco | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [CEWE FOTOSCHAU] -- "C:\Program Files\CeWe Color\Meine CEWE FOTOWELT\CEWE FOTOSCHAU.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Meine CEWE FOTOWELT] -- "C:\Program Files\CeWe Color\Meine CEWE FOTOWELT\Meine CEWE FOTOWELT.exe" "%1" ()
Directory [Meine CEWE FOTOWELT.exe] -- "C:\Program Files\CeWe Color\Meine CEWE FOTOWELT\Meine CEWE FOTOWELT.exe" "%1" ()
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{E977545F-BF0E-4D32-BB98-E0BB95F3AF85}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1F4478E8-C0FE-461F-AB84-1384657C497A}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{2384F3D9-B57B-4A84-9A6A-15717408FADA}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mna\mcnasvc.exe |
"{50FEFB8B-6080-49BA-A536-EFBB7E96FCE6}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{596AF9F9-9B74-40A6-B060-256D7088A7B1}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{5A8ECF6E-9E3A-47D8-8C8F-7D5B53D654DF}" = dir=in | app=c:\program files\dell\mediadirect\kernel\dms\clmsservice.exe |
"{7A626E83-49DD-4653-AAD8-E8CCFBD788F8}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{8B213E6B-A111-44F6-A717-F99167C7E425}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{A03E574B-1428-4C61-88E7-3C79F2A56162}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mna\mcnasvc.exe |
"{A34FD058-3E2D-4123-A8D1-A6A2E0C04B2E}" = dir=in | app=c:\program files\dell\mediadirect\powercinema.exe |
"{AA7429D4-3DE3-4276-8B7F-7E3DFF87692D}" = dir=in | app=c:\program files\dell\mediadirect\kernel\dmp\clbrowserengine.exe |
"{C60165D0-B5A8-4946-819B-67BAA81B90DC}" = dir=in | app=c:\program files\dell\mediadirect\pcmservice.exe |
"{CF206711-771D-4E0E-B1DC-5A0DC47778FC}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{D895AC18-D985-40C9-A3B8-E9C9FF1054BA}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{04830D0F-F980-4EC0-89F1-594F2FD2A1B5}" = ElsterFormular 2008/2009
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{09EFED66-F0B9-4D64-B98E-AE0454636522}" = StarMoney 6.0 S-Edition
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{1ADE23D7-7A1E-4AEC-BA5D-EB8A01BED943}" = DeepBurner v1.8.0.224
"{1D5E29AD-39A9-4D0A-A8B6-46A6FCD8C995}" = Live! Cam Avatar
"{1FBE067B-EDA5-C4DC-1CAE-0A97869668F5}" = CCC Help English
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{233A09B2-5DDD-1D47-41F3-283243CD6E58}" = Catalyst Control Center Localization Finnish
"{26521EB6-D0C1-9AA9-EC73-743A75F5E390}" = CCC Help German
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18
"{28166874-4E4D-AA06-22D5-3FFF80D9DF71}" = CCC Help Norwegian
"{2CCBABCB-6427-4A55-B091-49864623C43F}" = Google Toolbar for Firefox
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6
"{353FE16B-30FE-469A-BF55-B978F4218003}" = iTunes
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D736E48-0BFE-1E36-C3CC-D40027C8D779}" = CCC Help Chinese Traditional
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = URL Assistant
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{3FA54B99-76EA-54D7-E821-3A6D4C58B485}" = Catalyst Control Center Localization Korean
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{42929F0F-CE14-47AF-9FC7-FF297A603021}" = Dell Resource CD
"{47879FA7-BC8F-4D7F-8057-86D0416579FA}" = StarMoney
"{4902AA2F-558B-709F-2EC4-ABCCA5817DE2}" = Catalyst Control Center Localization Chinese Standard
"{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"{4AE661B2-2CA3-689C-7B07-633946D93DBA}" = Catalyst Control Center Localization Spanish
"{4BCDF14A-0140-DAA1-197D-2A0714C304EB}" = CCC Help Dutch
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works
"{4F1DA6BF-3614-48A1-9970-9E90F646789E}" = Ulead VideoStudio 8.0
"{4F5A53E6-3CBE-44D7-91AD-2E535348484F}" = ccc-Branding
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{58B2B6D3-E5FF-4D16-87AC-52CC5717C7C6}" = Tiscali Internet
"{5985DC34-0F90-473E-4B11-79BDD38129EA}" = CCC Help Italian
"{5B5B4253-B83B-970A-BF2A-BE76EB105C17}" = Catalyst Control Center Core Implementation
"{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}" = Benutzerhandbuch
"{5F818EFF-7F69-3E9A-EA3D-78F7C3A6FD61}" = Catalyst Control Center Graphics Light
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler
"{69D4EE67-EE0D-9CC4-1FDF-189B136EE1E5}" = ccc-utility
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74EB8F02-9EA7-5893-93E9-17C473D919EA}" = CCC Help Portuguese
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}" = DellSupport
"{7F0C4457-8E64-491B-8D7B-991504365D1E}" = QuickSet
"{801A52D3-2855-BF00-0F13-8CFE6F79047D}" = Catalyst Control Center Localization Portuguese
"{80A50951-628C-2476-095F-57BABB5B23B6}" = CCC Help Spanish
"{80F05497-9244-9323-44D2-A919DDD7E4CC}" = Catalyst Control Center Localization Dutch
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{853A4763-6643-4604-8D64-28BDD8925F4C}" = Apple Application Support
"{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}" = Roxio Creator BDAV Plugin
"{8A46C2AE-E88F-191E-5EA6-8BDBC37726F9}" = Catalyst Control Center Localization Norwegian
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{916DA72C-457F-E1F6-E121-B15E38F79C0D}" = CCC Help Japanese
"{9306D753-8B36-06D4-0C39-9E6D58441C6C}" = Catalyst Control Center Localization Japanese
"{99713F20-B2FA-5B9F-0775-46378377F905}" = Catalyst Control Center Localization Chinese Traditional
"{9BCA646B-4EDE-5178-9755-4B3860F57111}" = Catalyst Control Center Localization Italian
"{9BD418EE-31DE-1A67-5D3B-C83B0FAEAFBE}" = ccc-core-static
"{9BDEF074-020E-458D-ADC5-8FF68E0C9B56}" = OutlookAddinSetup
"{9C573DB4-847C-44E2-D7EE-CC6640441A27}" = Catalyst Control Center Localization French
"{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}" = MediaDirect
"{9E491AB7-4589-48CA-9CBB-874CB2788391}" = Studio 9
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A5B6B6E2-3460-567B-D269-38E0C99B455B}" = CCC Help Russian
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A70800000002}" = Adobe Reader 7.0.8 - Deutsch
"{B0BC58D2-3B22-6E43-E755-97569B788832}" = Catalyst Control Center Localization German
"{B4F4B5A5-9B6E-15DC-BB9B-7AF45168F1DE}" = Catalyst Control Center Graphics Full Existing
"{B67624DE-75CE-4FAD-9F29-5C115773CE61}" = Studio 9 Content CD/DVD
"{B8C54AB1-7E1A-40E8-B794-EDB6E8921F3A}" = Dell Support Center
"{BB4CC91D-63C5-85F6-D7DE-2FECD29639F6}" = CCC Help Danish
"{C2CBDFC6-D4E0-5747-5EBE-7579611CC562}" = Catalyst Control Center Graphics Full New
"{C2E4B5BD-32DB-4817-A060-341AB17C3F90}" = Bonjour
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C45901E9-F9B0-5F5A-C40E-BA45B115D76B}" = Catalyst Control Center Localization Russian
"{C61664A1-6832-57B6-6189-0CD3F4E25E2F}" = CCC Help French
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{C8AF8F27-F6D1-9193-9F1A-8CFFE2B2A9E6}" = CCC Help Finnish
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator DE
"{C99C0593-3B48-41D9-B42F-6E035B320449}" = Broadcom Management Programs
"{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support
"{CB1C5826-5A8A-1856-BB92-29704009E56F}" = Catalyst Control Center Localization Swedish
"{CC187DB7-98D2-5485-4084-A092F9BB1F84}" = CCC Help Korean
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}" = Full Tilt Poker
"{D639085F-4B6E-4105-9F37-A0DBB023E2FB}" = Roxio MyDVD DE
"{D65FB87A-566D-2457-4775-899C220E048E}" = CCC Help Chinese Standard
"{DBEA1034-5882-4A88-8033-81C4EF0CFA29}" = Google Toolbar for Internet Explorer
"{DD43D652-6932-A54F-D7A5-D6448379E8F9}" = CCC Help Swedish
"{E17047A0-167D-1BA3-983E-CEE6ED87A890}" = Skins
"{E2FB1C9E-00C1-467E-BA75-E3FC6C4ACB3F}" = Pinnacle USB device drivers 2
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{E713653C-8312-4BC6-AFC9-ADE1F2F04AB9}" = ATI PCI Express (3GIO) Filter Driver
"{EF781A5C-58F5-4BFD-87F9-E4F14D382F25}" = Pinnacle Instant DVD Recorder
"{F63A3748-B93D-4360-9AD4-B064481A5C7B}" = Modem-Diagnose-Tool
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F99AFBD3-0276-AF23-C1CC-FBF6A5F2865C}" = Catalyst Control Center Localization Danish
"{FD023F61-65E9-465C-B558-7C64EB2B97E6}" = Assistant zum Anpassen des Dell-Systems
"7-Zip" = 7-Zip 4.65
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Advanced Video FX Engine" = Advanced Video FX Engine
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card
"Bullzip PDF Printer_is1" = Bullzip PDF Printer 6.0.0.744
"CCleaner" = CCleaner
"cmanatau" = Favorit
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F1000F" = Conexant HDA D330 MDC V.92 Modem
"Creative OEM002" = Laptop Integrated Webcam Driver (1.00.10.0320)
"DELL Webcam Center" = DELL Webcam Center
"DELL Webcam Manager" = DELL Webcam Manager
"ElsterFormular 11.1.2.3848" = ElsterFormular
"ElsterFormular für Privatanwender und Unternehmer 12.0.0.5880k" = ElsterFormular für Privatanwender und Unternehmer
"ENTERPRISE" = Microsoft Office Enterprise 2007
"fc-prints" = fc-prints
"Firebird SQL Server D" = Firebird SQL Server - MAGIX Edition 2.0.0.1 (D)
"Google Chrome" = Google Chrome
"Google Desktop" = Google Desktop
"Google Updater" = Google Updater
"GPL Ghostscript Lite_is1" = GPL Ghostscript Lite 8.63
"Hollywood FX 5.5 Additional Effects" = Hollywood FX 5.5 Additional Effects
"Hollywood FX for Studio" = Pinnacle Hollywood FX for Studio
"InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"kazaalite202_is1" = Kazaa Lite 2.6.1
"MAGIX Foto Manager 2007 D" = MAGIX Foto Manager 2007 4.1.1.75 (D)
"MAGIX Goya burnR D" = MAGIX Goya burnR 2.3.1.3 (D)
"MAGIX Music Manager 2007 D" = MAGIX Music Manager 2007 8.1.1.108 (D)
"MAGIX Online Druck Service D" = MAGIX Online Druck Service 2.3.2.0 (D)
"MAGIX Video deluxe 2007 2008 D" = MAGIX Video deluxe 2007 2008 7.0.0.26 (D)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware Version 1.51.0.1200
"Meine CEWE FOTOWELT" = Meine CEWE FOTOWELT
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox (1.5.0.7)" = Mozilla Firefox (1.5.0.7)
"MSC" = McAfee SecurityCenter
"PartyPoker" = PartyPoker
"proDAD-Heroglyph-1.0" = proDAD Heroglyph 1.0
"proDAD-Heroglyph-2.0" = proDAD Heroglyph 2.0
"RealPlayer 6.0" = RealPlayer
"SynTPDeinstKey" = Dell Touchpad
"VLC media player" = VLC media player 0.9.8a
"WinRAR archiver" = WinRAR
"WinZip Self-Extractor" = WinZip Self-Extractor
========== Last 10 Event Log Errors ==========
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report >
Code:
ATTFilter
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
º º
hjtscanlist v2.0
º º
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
Microsoft Windows [Version 6.0.6002]
C:
09.06.2011 21:57 C:\Windows --------- 36864
09.06.2011 21:45 C:\Program Files --------- 28672
C:\hiberfil.sys ---------
C:\pagefile.sys ---------
09.06.2011 01:11 C:\System Volume Information --------- 24576
08.06.2011 21:31 C:\ProgramData --------- 8192
27.06.2010 20:58 C:\31b9cfe29a97b2729a90 --------- 0
04.04.2010 09:50 C:\Downloads --------- 0
28.02.2010 10:51 C:\DELL --------- 8192
11.02.2010 22:37 C:\Boot --------- 4096
11.02.2010 20:13 C:\PerfLogs --------- 0
11.02.2010 17:55 C:\Users --------- 4096
11.02.2010 17:00 C:\BOOTSECT.BAK --------- 8192
11.02.2010 16:30 C:\$WINDOWS.~Q --------- 0
11.02.2010 16:26 C:\$INPLACE.~TR --------- 0
06.02.2010 15:03 C:\06a3b8ad9950d48b78f608366a2e8e --------- 0
03.02.2010 22:46 C:\e245eed4ffe3ae3b158a15 --------- 0
30.01.2010 19:18 C:\e05a182e96d59f1698 --------- 0
30.01.2010 19:06 C:\80f789126b34117fbf --------- 0
11.04.2009 00:36 C:\bootmgr --------- 333257
08.11.2007 19:06 C:\MSOCache --------- 0
08.08.2007 21:33 C:\Programs --------- 0
08.08.2007 20:43 C:\My Shared Folder --------- 0
05.08.2007 11:47 C:\adorage-protocol.txt --------- 403469
01.08.2007 23:14 C:\Programme --------- 0
01.08.2007 23:14 C:\Dokumente und Einstellungen --------- 0
29.07.2007 03:02 C:\dell.sdr --------- 4545
29.07.2007 02:55 C:\Drivers --------- 0
29.07.2007 02:54 C:\doctemp --------- 0
28.07.2007 19:30 C:\Setup.log --------- 174
02.11.2006 15:04 C:\$Recycle.Bin --------- 0
02.11.2006 15:02 C:\Documents and Settings --------- 0
18.09.2006 23:43 C:\config.sys --------- 10
18.09.2006 23:43 C:\autoexec.bat --------- 24
----------------------------------------
C:\Windows
09.06.2011 21:32 C:\Windows\WindowsUpdate.log --------- 1098764
09.06.2011 21:12 C:\Windows\bootstat.dat --------- 67584
11.02.2010 20:26 C:\Windows\WindowsShell.Manifest --------- 749
11.02.2010 19:47 C:\Windows\SPInstall.etl --------- 442368
11.02.2010 14:27 C:\Windows\diagwrn.xml --------- 1887
11.02.2010 14:27 C:\Windows\diagerr.xml --------- 1887
16.08.2009 03:22 C:\Windows\ocsetup_install_NetFx3.etl --------- 50167808
16.08.2009 03:22 C:\Windows\ocsetup_cbs_install_NetFx3.perf --------- 49152
16.08.2009 03:22 C:\Windows\ocsetup_cbs_install_NetFx3.dpx --------- 16384
11.04.2009 00:27 C:\Windows\explorer.exe --------- 2926592
13.09.2008 11:34 C:\Windows\QTFont.qfn --------- 54156
16.02.2008 15:45 C:\Windows\nsreg.dat --------- 0
16.02.2008 15:41 C:\Windows\mozver.dat --------- 3425
19.01.2008 00:33 C:\Windows\regedit.exe --------- 134656
19.01.2008 00:33 C:\Windows\notepad.exe --------- 151040
19.01.2008 00:33 C:\Windows\fveupdate.exe --------- 13312
19.01.2008 00:33 C:\Windows\HelpPane.exe --------- 498176
19.01.2008 00:33 C:\Windows\bfsvc.exe --------- 58880
08.11.2007 19:07 C:\Windows\win.ini --------- 219
17.08.2007 14:11 C:\Windows\mgxoschk.ini --------- 6768
13.08.2007 11:11 C:\Windows\QTFont.for --------- 1409
04.08.2007 13:46 C:\Windows\Ulead32.ini --------- 20
29.07.2007 03:02 C:\Windows\csup.txt --------- 12
28.07.2007 19:29 C:\Windows\CT4CET.bin --------- 80
28.07.2007 19:18 C:\Windows\ocsetup_install_OEMHelpCustomization.etl --------- 6062080
28.07.2007 19:18 C:\Windows\ocsetup_cbs_install_OEMHelpCustomization.perf --------- 49152
28.07.2007 19:18 C:\Windows\ocsetup_cbs_install_OEMHelpCustomization.dpx --------- 16384
09.03.2007 02:19 C:\Windows\OEM002.uns --------- 4539
06.03.2007 13:37 C:\Windows\sttray.exe --------- 303104
02.03.2007 21:30 C:\Windows\CtDrvIns.exe.manifest --------- 670
22.02.2007 04:03 C:\Windows\DELL_VERSION --------- 36
02.02.2007 11:00 C:\Windows\OEM02Mon.exe --------- 36864
02.02.2007 11:00 C:\Windows\OEM02Cfg.exe --------- 28672
06.01.2007 04:21 C:\Windows\atiogl.xml --------- 11441
02.11.2006 14:35 C:\Windows\WMSysPr9.prx --------- 316640
02.11.2006 14:34 C:\Windows\twunk_16.exe --------- 49680
02.11.2006 14:34 C:\Windows\twunk_32.exe --------- 31232
02.11.2006 14:34 C:\Windows\twain_32.dll --------- 50688
02.11.2006 14:34 C:\Windows\twain.dll --------- 94784
02.11.2006 11:45 C:\Windows\winhlp32.exe --------- 9216
02.11.2006 11:45 C:\Windows\hh.exe --------- 14848
02.11.2006 09:46 C:\Windows\mib.bin --------- 43131
02.11.2006 08:46 C:\Windows\WMPrfDeu.prx --------- 33820
19.09.2006 13:41 C:\Windows\HomePremium.xml --------- 8328
18.09.2006 23:46 C:\Windows\system.ini --------- 219
18.09.2006 23:43 C:\Windows\_default.pif --------- 707
18.09.2006 23:43 C:\Windows\winhelp.exe --------- 256192
18.09.2006 23:30 C:\Windows\msdfmap.ini --------- 1405
16.06.2006 21:30 C:\Windows\CtDrvIns.exe --------- 90112
23.03.2004 12:23 C:\Windows\eSellerateEngine.dll --------- 352256
16.03.2003 00:15 C:\Windows\unvise32.exe --------- 90112
16.05.2001 01:49 C:\Windows\wmprfsve.prx --------- 33314
16.05.2001 01:49 C:\Windows\wmprftrk.prx --------- 32022
16.05.2001 01:49 C:\Windows\WMPrfAra.prx --------- 33336
16.05.2001 01:49 C:\Windows\wmprfrus.prx --------- 804
16.05.2001 01:49 C:\Windows\wmprfesp.prx --------- 35590
16.05.2001 01:49 C:\Windows\wmprffin.prx --------- 31764
16.05.2001 01:49 C:\Windows\wmprfslv.prx --------- 33580
16.05.2001 01:49 C:\Windows\wmprfheb.prx --------- 28718
16.05.2001 01:49 C:\Windows\wmprfhun.prx --------- 37014
16.05.2001 01:49 C:\Windows\wmprfita.prx --------- 35680
16.05.2001 01:49 C:\Windows\WMPrfJpn.prx --------- 23304
16.05.2001 01:49 C:\Windows\WMPrfKor.prx --------- 22338
16.05.2001 01:49 C:\Windows\wmprfnld.prx --------- 32964
16.05.2001 01:49 C:\Windows\wmprfnor.prx --------- 32852
16.05.2001 01:49 C:\Windows\wmprfplk.prx --------- 35822
16.05.2001 01:49 C:\Windows\wmprfptb.prx --------- 33694
16.05.2001 01:49 C:\Windows\wmprfptg.prx --------- 35916
16.05.2001 01:49 C:\Windows\wmprffra.prx --------- 37916
16.05.2001 01:48 C:\Windows\wmprfdan.prx --------- 31712
16.05.2001 01:48 C:\Windows\wmprfcsy.prx --------- 35474
16.05.2001 01:48 C:\Windows\WMPrfCHT.prx --------- 132
16.05.2001 01:48 C:\Windows\WMPrfCHS.prx --------- 136
16.05.2001 01:48 C:\Windows\wmprfsky.prx --------- 38232
16.05.2001 01:48 C:\Windows\wmprfell.prx --------- 36594
----------------------------------------
C:\Windows\System
02.11.2006 14:34 C:\Windows\System\mciseq.drv --------- 25264
02.11.2006 14:34 C:\Windows\System\mciwave.drv --------- 28160
02.11.2006 14:34 C:\Windows\System\avifile.dll --------- 109456
02.11.2006 14:34 C:\Windows\System\avicap.dll --------- 69584
02.11.2006 14:34 C:\Windows\System\mciavi.drv --------- 73376
02.11.2006 14:34 C:\Windows\System\msvideo.dll --------- 126912
02.11.2006 09:10 C:\Windows\System\OLESVR.DLL --------- 24064
02.11.2006 09:10 C:\Windows\System\WFWNET.DRV --------- 12704
02.11.2006 09:10 C:\Windows\System\COMMDLG.DLL --------- 32816
02.11.2006 09:10 C:\Windows\System\TIMER.DRV --------- 4048
02.11.2006 09:10 C:\Windows\System\MMSYSTEM.DLL --------- 68992
02.11.2006 09:10 C:\Windows\System\mmtask.tsk --------- 1152
02.11.2006 09:10 C:\Windows\System\mouse.drv --------- 2032
02.11.2006 09:10 C:\Windows\System\vga.drv --------- 2176
02.11.2006 09:10 C:\Windows\System\sound.drv --------- 1744
02.11.2006 09:10 C:\Windows\System\keyboard.drv --------- 2000
02.11.2006 09:10 C:\Windows\System\SHELL.DLL --------- 5120
02.11.2006 09:10 C:\Windows\System\system.drv --------- 3360
18.09.2006 23:43 C:\Windows\System\ver.dll --------- 9008
18.09.2006 23:43 C:\Windows\System\olecli.dll --------- 82944
18.09.2006 23:43 C:\Windows\System\lzexpand.dll --------- 9936
18.09.2006 23:35 C:\Windows\System\stdole.tlb --------- 5532
----------------------------------------
C:\Windows\System32
09.06.2011 21:15 C:\Windows\system32\Config.MPF --------- 5594
09.06.2011 21:14 C:\Windows\system32\FNTCACHE.DAT --------- 490904
09.06.2011 21:12 C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 --------- 3696
09.06.2011 21:12 C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 --------- 3696
09.06.2011 07:03 C:\Windows\system32\drivers --------- 57344
07.06.2011 08:03 C:\Windows\system32\WDI --------- 4096
06.06.2011 21:59 C:\Windows\system32\perfh009.dat --------- 595996
06.06.2011 21:59 C:\Windows\system32\perfc009.dat --------- 104070
06.06.2011 21:59 C:\Windows\system32\perfh007.dat --------- 628742
06.06.2011 21:59 C:\Windows\system32\perfc007.dat --------- 126260
06.06.2011 21:59 C:\Windows\system32\PerfStringBackup.INI --------- 1445116
04.06.2011 14:26 C:\Windows\system32\de-DE --------- 188416
04.06.2011 14:26 C:\Windows\system32\migration --------- 0
04.06.2011 14:26 C:\Windows\system32\wbem --------- 61440
04.06.2011 14:26 C:\Windows\system32\en-US --------- 12288
04.06.2011 14:22 C:\Windows\system32\catroot2 --------- 12288
04.06.2011 14:22 C:\Windows\system32\catroot --------- 0
04.06.2011 14:21 C:\Windows\system32\icrav03.rat --------- 8798
04.06.2011 14:21 C:\Windows\system32\ticrf.rat --------- 1988
04.06.2011 14:21 C:\Windows\system32\msls31.dll --------- 161792
04.06.2011 14:21 C:\Windows\system32\wininet.dll --------- 1126912
04.06.2011 14:21 C:\Windows\system32\jsproxy.dll --------- 65024
04.06.2011 14:21 C:\Windows\system32\iertutil.dll --------- 1785344
04.06.2011 14:21 C:\Windows\system32\msrating.dll --------- 162304
04.06.2011 14:21 C:\Windows\system32\urlmon.dll --------- 1102336
04.06.2011 14:21 C:\Windows\system32\RegisterIEPKEYs.exe --------- 74752
04.06.2011 14:21 C:\Windows\system32\SetIEInstalledDate.exe --------- 76800
04.06.2011 14:21 C:\Windows\system32\mshtmler.dll --------- 48640
04.06.2011 14:21 C:\Windows\system32\iesysprep.dll --------- 86528
04.06.2011 14:21 C:\Windows\system32\ieui.dll --------- 176640
04.06.2011 14:21 C:\Windows\system32\ieframe.dll --------- 9702400
04.06.2011 14:21 C:\Windows\system32\tdc.ocx --------- 63488
04.06.2011 14:21 C:\Windows\system32\html.iec --------- 367104
04.06.2011 14:21 C:\Windows\system32\dxtrans.dll --------- 223232
04.06.2011 14:21 C:\Windows\system32\dxtmsft.dll --------- 353792
04.06.2011 14:21 C:\Windows\system32\ieapfltr.dat --------- 3695416
04.06.2011 14:21 C:\Windows\system32\ieapfltr.dll --------- 434176
04.06.2011 14:21 C:\Windows\system32\icardie.dll --------- 66048
04.06.2011 14:21 C:\Windows\system32\ie4uinit.exe --------- 74240
04.06.2011 14:21 C:\Windows\system32\iernonce.dll --------- 31744
04.06.2011 14:21 C:\Windows\system32\ieuinit.inf --------- 72822
04.06.2011 14:21 C:\Windows\system32\iesetup.dll --------- 74752
04.06.2011 14:20 C:\Windows\system32\url.dll --------- 231936
04.06.2011 14:20 C:\Windows\system32\iedkcs32.dll --------- 353584
04.06.2011 14:20 C:\Windows\system32\inetcpl.cpl --------- 1427456
04.06.2011 14:20 C:\Windows\system32\webcheck.dll --------- 203776
04.06.2011 14:20 C:\Windows\system32\licmgr10.dll --------- 23552
04.06.2011 14:20 C:\Windows\system32\inseng.dll --------- 78848
04.06.2011 14:20 C:\Windows\system32\mshtmled.dll --------- 72704
04.06.2011 14:20 C:\Windows\system32\wextract.exe --------- 152064
04.06.2011 14:20 C:\Windows\system32\iexpress.exe --------- 150528
04.06.2011 14:20 C:\Windows\system32\msfeeds.dll --------- 580608
04.06.2011 14:20 C:\Windows\system32\vbscript.dll --------- 420864
04.06.2011 14:20 C:\Windows\system32\mshtml.dll --------- 12268544
04.06.2011 14:20 C:\Windows\system32\mshtml.tlb --------- 2382848
04.06.2011 14:20 C:\Windows\system32\ieUnatt.exe --------- 142848
04.06.2011 14:20 C:\Windows\system32\occache.dll --------- 123392
04.06.2011 14:20 C:\Windows\system32\pngfilt.dll --------- 54272
04.06.2011 14:20 C:\Windows\system32\mshta.exe --------- 11776
04.06.2011 14:20 C:\Windows\system32\admparse.dll --------- 101888
04.06.2011 14:20 C:\Windows\system32\ieaksie.dll --------- 227840
04.06.2011 14:20 C:\Windows\system32\ieakui.dll --------- 163840
04.06.2011 14:20 C:\Windows\system32\jscript9.dll --------- 1797632
04.06.2011 14:20 C:\Windows\system32\jscript.dll --------- 716800
04.06.2011 14:20 C:\Windows\system32\imgutil.dll --------- 35840
04.06.2011 14:20 C:\Windows\system32\advpack.dll --------- 114176
04.06.2011 14:20 C:\Windows\system32\iepeers.dll --------- 118784
04.06.2011 14:20 C:\Windows\system32\msfeedsbs.dll --------- 41472
04.06.2011 14:20 C:\Windows\system32\msfeedssync.exe --------- 10752
04.06.2011 14:20 C:\Windows\system32\IEAdvpack.dll --------- 110592
04.06.2011 14:20 C:\Windows\system32\ieakeng.dll --------- 130560
12.05.2011 20:20 C:\Windows\system32\mrt.exe --------- 42829768
06.04.2011 22:13 C:\Windows\system32\DRVSTORE --------- 0
06.04.2011 22:08 C:\Windows\system32\Tasks --------- 0
06.04.2011 16:20 C:\Windows\system32\dnssdX.dll --------- 197920
06.04.2011 16:20 C:\Windows\system32\dnssd.dll --------- 91424
06.04.2011 16:20 C:\Windows\system32\dns-sd.exe --------- 107808
06.04.2011 16:20 C:\Windows\system32\jdns_sd.dll --------- 75040
12.03.2011 23:55 C:\Windows\system32\XpsPrint.dll --------- 876032
10.03.2011 19:03 C:\Windows\system32\mfc42u.dll --------- 1162240
10.03.2011 19:03 C:\Windows\system32\mfc42.dll --------- 1136640
03.03.2011 17:42 C:\Windows\system32\inetcomm.dll --------- 739328
03.03.2011 17:40 C:\Windows\system32\Apphlpdm.dll --------- 28672
03.03.2011 15:35 C:\Windows\system32\GameUXLegacyGDFs.dll --------- 4240384
03.03.2011 15:25 C:\Windows\system32\win32k.sys --------- 2041856
02.03.2011 17:44 C:\Windows\system32\dnsrslvr.dll --------- 86528
02.03.2011 17:44 C:\Windows\system32\dnsapi.dll --------- 168448
24.02.2011 14:31 C:\Windows\system32\WindowsPowerShell --------- 0
22.02.2011 16:13 C:\Windows\system32\XpsGdiConverter.dll --------- 288768
22.02.2011 15:33 C:\Windows\system32\DWrite.dll --------- 1068544
22.02.2011 15:33 C:\Windows\system32\FntCache.dll --------- 797696
18.02.2011 16:36 C:\Windows\system32\usbaaplrc.dll --------- 4184352
16.02.2011 18:16 C:\Windows\system32\atmlib.dll --------- 34304
16.02.2011 16:02 C:\Windows\system32\atmfd.dll --------- 292864
02.02.2011 18:11 C:\Windows\system32\MpSigStub.exe --------- 222080
21.01.2011 18:35 C:\Windows\system32\shlwapi.dll --------- 353280
21.01.2011 18:35 C:\Windows\system32\shell32.dll --------- 11586048
20.01.2011 18:08 C:\Windows\system32\dxgi.dll --------- 478720
20.01.2011 18:08 C:\Windows\system32\d3d10core.dll --------- 189952
20.01.2011 18:08 C:\Windows\system32\d3d10_1core.dll --------- 219648
----------------------------------------
C:\Windows\Prefetch
----------------------------------------
C:\Windows\Tasks
09.06.2011 22:29 C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job --------- 1098
09.06.2011 21:12 C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job --------- 1094
09.06.2011 21:12 C:\Windows\Tasks\SA.DAT --------- 6
09.06.2011 07:43 C:\Windows\Tasks\SCHEDLGU.TXT --------- 32578
04.06.2011 12:29 C:\Windows\Tasks\Google Software Updater.job --------- 868
15.05.2011 13:09 C:\Windows\Tasks\McDefragTask.job --------- 382
02.03.2011 23:28 C:\Windows\Tasks\McQcTask.job --------- 368
----------------------------------------
C:\Windows\Temp
----------------------------------------
C:\Users\Marco\AppData\Local\Temp
09.06.2011 22:34 C:\Users\Marco\AppData\Local\Temp\Rar$DI00.507 --------- 0
09.06.2011 22:32 C:\Users\Marco\AppData\Local\Temp\VBE --------- 0
09.06.2011 22:32 C:\Users\Marco\AppData\Local\Temp\4852379.od --------- 134
09.06.2011 22:32 C:\Users\Marco\AppData\Local\Temp\CVRA0F.tmp.cvr --------- 0
09.06.2011 22:23 C:\Users\Marco\AppData\Local\Temp\~DF2780.tmp --------- 569344
09.06.2011 21:56 C:\Users\Marco\AppData\Local\Temp\Low --------- 0
09.06.2011 21:39 C:\Users\Marco\AppData\Local\Temp\~DF930.tmp --------- 16384
09.06.2011 21:30 C:\Users\Marco\AppData\Local\Temp\~DF84E5.tmp --------- 16384
09.06.2011 21:27 C:\Users\Marco\AppData\Local\Temp\~DF2CCD.tmp --------- 16384
09.06.2011 21:17 C:\Users\Marco\AppData\Local\Temp\~DF6BF5.tmp --------- 16384
09.06.2011 21:16 C:\Users\Marco\AppData\Local\Temp\~ROMFN_000008C8 --------- 1020
09.06.2011 07:31 C:\Users\Marco\AppData\Local\Temp\Z@RF46E.tmp --------- 41004
09.06.2011 07:31 C:\Users\Marco\AppData\Local\Temp\Z@SF47F.tmp --------- 1409
09.06.2011 07:31 C:\Users\Marco\AppData\Local\Temp\Z@RF344.tmp --------- 39800
09.06.2011 07:31 C:\Users\Marco\AppData\Local\Temp\Z@SF364.tmp --------- 1409
09.06.2011 07:08 C:\Users\Marco\AppData\Local\Temp\~DFAFD8.tmp --------- 16384
02.11.2006 14:34 C:\Users\Marco\AppData\Local\Temp\ppcrlui_4548_3 --------- 254216
02.11.2006 14:34 C:\Users\Marco\AppData\Local\Temp\ppcrlui_4568_7 --------- 254216
----------------------------------------
C:\Program Files
----------------------------------------
C:\ProgramData\..
Windows
Program Files
hiberfil.sys
pagefile.sys
System Volume Information
ProgramData
31b9cfe29a97b2729a90
Downloads
DELL
Boot
PerfLogs
Users
BOOTSECT.BAK
$WINDOWS.~Q
$INPLACE.~TR
06a3b8ad9950d48b78f608366a2e8e
e245eed4ffe3ae3b158a15
e05a182e96d59f1698
80f789126b34117fbf
bootmgr
MSOCache
Programs
My Shared Folder
adorage-protocol.txt
Programme
Dokumente und Einstellungen
dell.sdr
Drivers
doctemp
Setup.log
$Recycle.Bin
Documents and Settings
config.sys
autoexec.bat
----------------------------------------
C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
----------------------------------------
Abbildname PID Sitzungsname Sitz.-Nr. Speichernutzung
========================= ======== ================ =========== ===============
System Idle Process 0 Services 0 24 K
System 4 Services 0 1.948 K
smss.exe 432 Services 0 124 K
csrss.exe 544 Services 0 1.740 K
wininit.exe 596 Services 0 220 K
csrss.exe 604 Console 1 9.088 K
winlogon.exe 648 Console 1 640 K
services.exe 696 Services 0 2.144 K
lsass.exe 708 Services 0 3.080 K
lsm.exe 716 Services 0 1.008 K
svchost.exe 860 Services 0 2.688 K
svchost.exe 944 Services 0 4.252 K
svchost.exe 992 Services 0 16.228 K
Ati2evxx.exe 1084 Services 0 356 K
Ati2evxx.exe 1112 Console 1 908 K
svchost.exe 1124 Services 0 5.412 K
svchost.exe 1184 Services 0 47.332 K
svchost.exe 1208 Services 0 9.008 K
audiodg.exe 1336 Services 0 8.256 K
svchost.exe 1360 Services 0 684 K
SLsvc.exe 1380 Services 0 168 K
svchost.exe 1412 Services 0 1.932 K
svchost.exe 1572 Services 0 5.852 K
taskeng.exe 1916 Services 0 1.632 K
spoolsv.exe 1996 Services 0 2.212 K
taskeng.exe 2028 Console 1 4.016 K
sched.exe 308 Services 0 844 K
dwm.exe 360 Console 1 41.420 K
explorer.exe 520 Console 1 43.472 K
svchost.exe 592 Services 0 2.768 K
avguard.exe 2116 Services 0 13.280 K
AppleMobileDeviceService. 2136 Services 0 1.792 K
avshadow.exe 2200 Services 0 232 K
mDNSResponder.exe 2312 Services 0 344 K
HWAPI.exe 2448 Services 0 592 K
mcods.exe 2484 Services 0 284 K
McProxy.exe 2520 Services 0 6.892 K
RedirSvc.exe 2544 Services 0 1.684 K
MpfSrv.exe 2780 Services 0 2.952 K
mps.exe 2828 Services 0 2.568 K
msksrver.exe 2880 Services 0 376 K
NMSAccessU.exe 2960 Services 0 168 K
mpsevh.exe 3096 Console 1 1.940 K
svchost.exe 3156 Services 0 216 K
RoxWatch9.exe 3172 Services 0 1.740 K
stacsv.exe 3360 Services 0 612 K
svchost.exe 3380 Services 0 344 K
ULCDRSvr.exe 3448 Services 0 140 K
svchost.exe 3492 Services 0 196 K
WLTRYSVC.EXE 3552 Services 0 104 K
SearchIndexer.exe 3572 Services 0 23.328 K
BCMWLTRY.EXE 3592 Services 0 4.348 K
XAudio.exe 3668 Services 0 256 K
mcmscsvc.exe 1740 Services 0 1.532 K
OEM02Mon.exe 2076 Console 1 1.620 K
USBTip.exe 660 Console 1 1.660 K
realsched.exe 2284 Console 1 464 K
RoxWatchTray9.exe 2248 Console 1 3.472 K
QTTask.exe 1880 Console 1 248 K
PCMService.exe 2932 Console 1 4.584 K
RoxMediaDB9.exe 3124 Services 0 1.768 K
mskagent.exe 2800 Console 1 2.776 K
mcagent.exe 1396 Console 1 2.236 K
GrooveMonitor.exe 2256 Console 1 3.824 K
GoogleDesktop.exe 3028 Console 1 6.600 K
WLTRAY.EXE 2752 Console 1 5.608 K
sttray.exe 3248 Console 1 1.724 K
iTunesHelper.exe 3468 Console 1 2.580 K
avgnt.exe 536 Console 1 3.884 K
mbamgui.exe 4000 Console 1 3.596 K
GoogleToolbarNotifier.exe 2740 Console 1 2.132 K
ehtray.exe 2592 Console 1 1.564 K
DSAgnt.exe 2588 Console 1 5.008 K
DLG.exe 1520 Console 1 296 K
quickset.exe 2268 Console 1 3.496 K
McNASvc.exe 3688 Services 0 6.252 K
WmiPrvSE.exe 2836 Services 0 524 K
ehmsas.exe 3288 Console 1 1.484 K
mcupdmgr.exe 4328 Services 0 2.668 K
svchost.exe 4632 Services 0 484 K
WinMail.exe 4548 Console 1 1.840 K
mcuimgr.exe 4540 Console 1 456 K
CPSHelpRunner.exe 4596 Console 1 1.544 K
iPodService.exe 5220 Services 0 948 K
WUDFHost.exe 5064 Services 0 232 K
iTunes.exe 4792 Console 1 15.072 K
mbamservice.exe 4244 Services 0 21.612 K
AppleMobileDeviceHelper.e 4120 Console 1 2.112 K
distnoted.exe 4164 Console 1 1.684 K
FlashUtil10e.exe 976 Console 1 2.020 K
iexplore.exe 5152 Console 1 12.884 K
iexplore.exe 1448 Console 1 83.540 K
iexplore.exe 4020 Console 1 43.484 K
conime.exe 3400 Console 1 2.248 K
CCleaner.exe 6284 Console 1 18.112 K
OTL.exe 6096 Console 1 19.668 K
WINWORD.EXE 6532 Console 1 56.236 K
WinRAR.exe 6312 Console 1 17.720 K
cmd.exe 6268 Console 1 5.472 K
SearchProtocolHost.exe 6788 Services 0 6.240 K
SearchFilterHost.exe 7904 Services 0 5.076 K
tasklist.exe 2012 Console 1 6.856 K
WmiPrvSE.exe 7772 Services 0 5.884 K
***** Ende des Scans 09.06.2011 um 22:34:53,36 ***
Code:
ATTFilter CC Cleaner
7-Zip 4.65 08.06.2011 3,13MB
Adobe Flash Player 10 ActiveX Adobe Systems Incorporated 08.06.2011 10.0.45.2
Adobe Flash Player 10 Plugin Adobe Systems Incorporated 08.06.2011 10.0.45.2
Adobe Reader 7.0.8 - Deutsch Adobe Systems Incorporated 27.07.2007 7.0.8
Advanced Audio FX Engine 08.06.2011
Advanced Video FX Engine 08.06.2011
Apple Application Support Apple Inc. 18.04.2011 51,0MB 1.5.1
Apple Mobile Device Support Apple Inc. 05.04.2011 21,8MB 3.4.0.25
Apple Software Update Apple Inc. 05.04.2011 2,26MB 2.1.2.120
Assistant zum Anpassen des Dell-Systems Dell Inc. 27.07.2007 1.00.0000
ATI Catalyst Control Center 08.06.2011 24,00KB 1.007.0323.1740
ATI PCI Express (3GIO) Filter Driver AMD 27.07.2007 2,80MB 1.00.0000.
Avira AntiVir Personal - Free Antivirus Avira GmbH 08.06.2011 114,4MB 10.0.0.648
Benutzerhandbuch 08.06.2011 0,82MB
Bonjour Apple Inc. 18.04.2011 1,12MB 2.0.5.0
Broadcom Management Programs Broadcom Corporation 27.07.2007 10.15.03
Bullzip PDF Printer 6.0.0.744 Bullzip 02.03.2009 13,8MB
CCleaner Piriform 08.06.2011 3,68MB 3.07
CDBurnerXP CDBurnerXP 29.03.2010 16,2MB 4.3.0.1991
Conexant HDA D330 MDC V.92 Modem 08.06.2011 0,68MB
DeepBurner v1.8.0.224 08.06.2011 7,54MB
Dell Resource CD Ihr Firmenname 27.02.2010 3,05MB 1.00.0000
Dell Support Center Dell 27.07.2007 1.0.07131
Dell Touchpad Synaptics 08.06.2011 17,2MB 9.1.18.6
DELL Webcam Center 08.06.2011 14,1MB
DELL Webcam Manager 08.06.2011 0,77MB
Dell Wireless WLAN Card Dell Inc. 08.06.2011 85,6MB 4.102.15.61
DellSupport Dell 27.07.2007 6.0.3075
Digital Line Detect BVRP Software, Inc 27.07.2007 0,27MB 1.21
ElsterFormular Landesfinanzdirektion Thüringen 15.01.2011 11.1.2.3848
ElsterFormular 2008/2009 Steuerverwaltung des Bundes und der Länder 06.10.2009 183,3MB 10.3.1.0
ElsterFormular für Privatanwender und Unternehmer Landesfinanzdirektion Thüringen 08.06.2011 10.367MB 12.0.0.5880k
Favorit 08.06.2011
fc-prints HP Silverwire 02.11.2008
Firebird SQL Server - MAGIX Edition 2.0.0.1 (D) MAGIX AG 16.08.2007 6,35MB 2.0.0.1
Full Tilt Poker 23.11.2009 74,7MB 4.22.22.WIN.FullTilt.COM
Google Chrome Google Inc. 14.02.2009 332MB 11.0.696.77
Google Desktop Google 08.06.2011 21,3MB 5.9.1005.12335
Google Earth Google 29.09.2010 85,4MB 5.2.1.1588
Google Toolbar for Firefox Google 15.02.2008 0,96MB 3.0.20070525
Google Toolbar for Internet Explorer 08.06.2011 453MB
Google Updater Google Inc. 08.06.2011 4,45MB 2.4.1487.6512
GPL Ghostscript Lite 8.63 02.03.2009 11,4MB
Hollywood FX 5.5 Additional Effects 08.06.2011 427MB
iTunes Apple Inc. 18.04.2011 143,9MB 10.2.2.12
Java(TM) 6 Update 18 Sun Microsystems, Inc. 01.02.2010 94,5MB 6.0.180
Java(TM) SE Runtime Environment 6 Sun Microsystems, Inc. 27.07.2007 1.6.0.0
Kazaa Lite 2.6.1 08.06.2011 6,80MB 2.6.1
Laptop Integrated Webcam Driver (1.00.10.0320) 11.02.2010
Live! Cam Avatar Creative 27.07.2007 12,4MB 1.0
Live! Cam Avatar Creator Creative 27.07.2007 180,8MB 4.5.2722.1
MAGIX Foto Manager 2007 4.1.1.75 (D) MAGIX AG 16.08.2007 65,5MB 4.1.1.75
MAGIX Goya burnR 2.3.1.3 (D) MAGIX AG 16.08.2007 28,6MB 2.3.1.3
MAGIX Music Manager 2007 8.1.1.108 (D) MAGIX AG 16.08.2007 63,1MB 8.1.1.108
MAGIX Online Druck Service 2.3.2.0 (D) MAGIX AG 16.08.2007 9,35MB 2.3.2.0
MAGIX Video deluxe 2007 2008 7.0.0.26 (D) MAGIX AG 16.08.2007 358MB 7.0.0.26
Malwarebytes' Anti-Malware Version 1.51.0.1200 Malwarebytes Corporation 07.06.2011 7,29MB 1.51.0.1200
McAfee SecurityCenter McAfee, Inc. 08.06.2011 74,0MB
MediaDirect Dell 27.07.2007 64,7MB 4.7
Meine CEWE FOTOWELT 08.06.2011 382MB
Microsoft .NET Framework 3.5 Language Pack SP1 - deu 08.06.2011
Microsoft .NET Framework 4 Client Profile Microsoft Corporation 08.06.2011 120,3MB 4.0.30319
Microsoft .NET Framework 4 Client Profile DEU Language Pack Microsoft Corporation 08.06.2011 24,5MB 4.0.30319
Microsoft Office Enterprise 2007 Microsoft Corporation 08.06.2011 619MB 12.0.4518.1014
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 27.07.2007 0,41MB 8.0.56336
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Corporation 10.02.2010 0,59MB 9.0.30729
Microsoft Works Microsoft Corporation 27.07.2007 08.05.0822
Modem-Diagnose-Tool Dell 27.07.2007 1.0.20.0
Mozilla Firefox (1.5.0.7) Mozilla 08.06.2011 20,7MB 1.5.0.7 (de)
MSXML 4.0 SP2 (KB927978) Microsoft Corporation 27.07.2007 1,25MB 4.20.9841.0
MSXML 4.0 SP2 (KB936181) Microsoft Corporation 15.08.2007 1,27MB 4.20.9848.0
MSXML 4.0 SP2 (KB941833) Microsoft Corporation 10.10.2007 1,27MB 4.20.9849.0
MSXML 4.0 SP2 (KB954430) Microsoft Corporation 14.11.2008 1,29MB 4.20.9870.0
MSXML 4.0 SP2 (KB973688) Microsoft Corporation 24.11.2009 1,35MB 4.20.9876.0
NetWaiting BVRP Software, Inc 27.07.2007 4,77MB 2.5.44
OutlookAddinSetup CyberLink 27.07.2007 0,98MB 1.0.0
PartyPoker PartyGaming 08.06.2011 225MB 136
Pinnacle Hollywood FX for Studio 08.06.2011 427MB
Pinnacle Instant DVD Recorder 08.06.2011 202MB 1.50.046
Pinnacle USB device drivers 2 08.06.2011 6,50MB 1.0.10
proDAD Heroglyph 1.0 08.06.2011 267MB
proDAD Heroglyph 2.0 08.06.2011 57,6MB
QuickSet Dell Inc. 27.07.2007 8.0.11
QuickTime Apple Inc. 05.04.2011 73,7MB 7.69.80.9
RealPlayer RealNetworks 08.06.2011 46,0MB
Roxio Creator Audio Roxio 27.07.2007 3.3.0
Roxio Creator BDAV Plugin Roxio 27.07.2007 3.3.0
Roxio Creator Copy Roxio 27.07.2007 3.3.0
Roxio Creator Data Roxio 27.07.2007 3.3.0
Roxio Creator DE Roxio 27.07.2007 3.3.0
Roxio Creator Tools Roxio 27.07.2007 3.3.0
Roxio Express Labeler Roxio 27.07.2007 2.1.0
Roxio MyDVD DE Roxio, Inc. 27.07.2007 9.0.116
Roxio Update Manager Roxio 27.07.2007 3.0.0
SigmaTel Audio SigmaTel 27.02.2010 23,3MB 5.10.5102.0
SmartSound Quicktracks Plugin SmartSound Software Inc 04.08.2007 7,23MB 3.0.2.4
StarMoney 6.0 S-Edition StarFinanz GmbH 28.11.2007 153,8MB 6.0
Studio 9 Pinnacle Systems 08.06.2011 3.173MB 9.4
Studio 9 Content CD/DVD 08.06.2011 3.173MB 9.30.000
Tiscali Internet Tiscali 27.07.2007 1.0.0.35
Ulead VideoStudio 8.0 Ulead System 08.06.2011 341MB 8.0
URL Assistant 08.06.2011
VLC media player 0.9.8a VideoLAN Team 08.06.2011 60,4MB 0.9.8a
WinRAR 08.06.2011 3,68MB
WinZip Self-Extractor WinZip Computing, S.L. 08.06.2011 7,91MB
|
|
10.06.2011, 10:26
| #2 |
| /// Malware-holic   | Sparkassen Trojaner ITAN Abfrage bitte erstelle und poste ein combofix log.
__________________http://www.bleepingcomputer.com/comb...x-benutzt-wird edit: das erstellen von combofix ist nötig um den spyeye den ich hier noch sehe runter zu putzen um das sichern der daten möglichst gefahrlos zu bewerkstelligen, danach sollten wir daten sichern und neu aufsetzen.
__________________ Geändert von markusg (10.06.2011 um 10:31 Uhr) |
|
10.06.2011, 10:28
| #3 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Sparkassen Trojaner ITAN AbfrageZitat:
Normalerweise empfiehlt man bei sowas eine Neuinstallation von Windows.
__________________ |
|
10.06.2011, 20:58
| #4 |
| | Sparkassen Trojaner ITAN Abfrage Hab den Registry Reviver drüber laufen lassen mit dem Ergebnis das Sage und Schreibe 246 Fehler gefunden wurden. Allerdings repariert das Programm die Fehler nicht auf der Freeware, sondern nur nach der Registrierung. Ist Eurer Meinung nach die Entfernung notwendig oder soll ich den Computer formatieren und neu aufsetzen? Könnt Ihr mir ein paar Tipps zum Neuaufsetzen geben? Danke für Eure Infos |
|
10.06.2011, 22:11
| #5 |
| | Sparkassen Trojaner ITAN Abfrage Die TAN Abfrage ist seit heute Abend weg. Habe nochmal OTL drüber laufen lassen und Daten bereinigt. Gibt es einen sicheren SCAN, ob der Trojaner definitiv von meinem PC ist? Ansonsten setz ich meinen PC neu auf. |
|
10.06.2011, 22:34
| #6 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Sparkassen Trojaner ITAN AbfrageZitat:
__________________ --> Sparkassen Trojaner ITAN Abfrage |
|
10.06.2011, 22:59
| #7 |
| | Sparkassen Trojaner ITAN Abfrage Wenn Ihr mir zu format c ratet - mache ich das. Was würdet Ihr machen? Danke für die Antworten! |
|
10.06.2011, 23:03
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Sparkassen Trojaner ITAN Abfrage Ich würde formatieren wenn du ernste Sache wie Onlinebanking machst.
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
| Themen zu Sparkassen Trojaner ITAN Abfrage |
| 7-zip, alternate, autorun, bonjour, bootmgr, cc cleaner, cdburnerxp, dnsapi.dll, druck, drvstore, ebanking, firefox, home, iexplore.exe, install.exe, itan-liste, logfile, malware.packer, malware.trace, mbamservice.exe, microsoft office word, mpsigstub.exe, notepad.exe, plug-in, pup.keylogger, recycle.bin, rogue.residue, sched.exe, searchplugins, shell32.dll, sparkassen trojaner, starmoney, start menu, sttray.exe, super, trojan.spyeyes, trojaner, twain.dll, twunk_32.exe, win32k.sys, wlan |
Linear-Darstellung
