| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: BKA-Trojaner - Eilig Abschlussarbeit in Gefahr - OTLPE geht nichtWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
| |
15.06.2011, 11:01
| #1 |
| /// Malware-holic   |  BKA-Trojaner - Eilig Abschlussarbeit in Gefahr - OTLPE geht nicht hi, du musst den ordner c: oder f: nehmen, wobei ich denke es ist f: dann dort zum ordner windows, und drauf klicken, dann gehts los.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
15.06.2011, 11:24
| #2 | |
 | BKA-Trojaner - Eilig Abschlussarbeit in Gefahr - OTLPE geht nichtZitat:
Danke für diese unheimlich schnelle Antwort Okay falls du es schon mal irgendwo gepostet hast dann sorry für die dumme frage. Nebenbei....Es war C:  So dann mal zu meiner OTL.txtOTL Logfile: Code:
ATTFilter OTL logfile created on: 6/15/2011 1:06:53 PM - Run
OTLPE by OldTimer - Version 3.1.46.0 Folder = X:\Programs\OTLPE
(Version = .) - Type =
Internet Explorer (Version = )
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 92.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 142.54 Gb Total Space | 41.68 Gb Free Space | 29.24% Space Free | Partition Type: NTFS
Drive F: | 139.00 Gb Total Space | 138.91 Gb Free Space | 99.94% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet002
========== Win32 Services (SafeList) ==========
SRV - [2011/05/06 11:33:00 | 000,393,112 | ---- | M] (Spigot, Inc.) [Auto] -- C:\Program Files\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2011/04/27 21:32:38 | 000,136,360 | ---- | M] (Avira GmbH) [Auto] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011/03/16 15:47:27 | 000,269,480 | ---- | M] (Avira GmbH) [Auto] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010/08/16 14:16:06 | 000,592,120 | ---- | M] (Cisco Systems, Inc.) [Auto] -- C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe -- (vpnagent)
SRV - [2010/08/02 06:40:56 | 000,199,600 | ---- | M] (Telefónica I+D) [Auto] -- C:\Program Files\o2\Mobile Connection Manager\ImpWiFiSvc.exe -- (TGCM_ImportWiFiSvc)
SRV - [2010/04/12 17:56:48 | 000,246,520 | ---- | M] () [Auto] -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2010/03/25 04:25:22 | 030,969,208 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2010/01/26 06:41:08 | 000,652,800 | ---- | M] (Nokia) [On_Demand] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2009/11/15 14:31:08 | 000,049,152 | ---- | M] () [Auto] -- C:\Program Files\ShrewSoft\VPN Client\dtpd.exe -- (dtpd)
SRV - [2009/11/15 14:29:10 | 000,716,800 | ---- | M] () [Auto] -- C:\Program Files\ShrewSoft\VPN Client\iked.exe -- (iked)
SRV - [2009/11/15 14:26:42 | 000,536,576 | ---- | M] () [Auto] -- C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe -- (ipsecd)
SRV - [2009/10/02 14:28:09 | 002,969,600 | ---- | M] (ANSYS, Inc.) [Auto] -- C:\Program Files\ANSYS Inc\Shared Files\Licensing\win32\ansysli_server.exe -- (ANSYS, Inc. License Manager)
SRV - [2009/04/16 10:56:36 | 000,075,048 | ---- | M] () [Auto] -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe -- (CLHNService)
SRV - [2008/10/01 06:43:56 | 000,024,576 | ---- | M] () [Auto] -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe -- (ETService)
SRV - [2008/07/29 12:53:00 | 000,500,784 | ---- | M] (Egis Incorporated) [Auto] -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe -- (eDataSecurity Service)
SRV - [2008/07/19 10:13:44 | 000,233,472 | ---- | M] (Acer Incorporated) [Auto] -- C:\Program Files\Acer\Acer VCM\RS_Service.exe -- (RS_Service)
SRV - [2008/01/20 22:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/12/06 11:15:28 | 000,110,592 | ---- | M] () [Auto] -- C:\Acer\Mobility Center\MobilityService.exe -- (MobilityService)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand] -- -- (upperdev)
DRV - File not found [Kernel | On_Demand] -- -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand] -- -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand] -- -- (IpInIp)
DRV - [2011/03/16 15:47:27 | 000,137,656 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2010/11/23 08:48:03 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010/08/16 14:02:49 | 000,019,680 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\vpnva.sys -- (vpnva)
DRV - [2010/05/22 16:50:58 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2010/04/09 03:24:12 | 000,063,616 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV - [2010/03/24 22:08:38 | 000,105,984 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2010/03/19 23:56:04 | 000,101,504 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV - [2010/03/19 22:28:12 | 000,116,736 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ewusbnet.sys -- (ewusbnet)
DRV - [2009/11/18 20:06:18 | 000,017,408 | ---- | M] (Shrew Soft Inc) [Kernel | System] -- C:\Windows\System32\drivers\vfilter.sys -- (vflt)
DRV - [2009/11/18 20:06:16 | 000,009,728 | ---- | M] (Shrew Soft Inc) [Kernel | On_Demand] -- C:\Windows\System32\drivers\virtualnet.sys -- (vnet)
DRV - [2009/09/16 04:22:48 | 000,214,664 | ---- | M] (McAfee, Inc.) [Kernel | System] -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2009/09/16 04:22:48 | 000,079,816 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2009/09/16 04:22:48 | 000,040,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\mfesmfk.sys -- (mfesmfk)
DRV - [2009/09/16 04:22:48 | 000,035,272 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2009/09/16 04:22:14 | 000,034,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\mferkdk.sys -- (mferkdk)
DRV - [2009/09/05 06:25:50 | 000,081,408 | ---- | M] () [Kernel | System] -- C:\Windows\System32\drivers\SSHDRV86.sys -- (SSHDRV86)
DRV - [2009/05/11 05:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/02/13 06:35:01 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2009/01/01 13:25:00 | 007,542,720 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008/11/23 23:49:38 | 000,048,128 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\L1E60x86.sys -- (L1E)
DRV - [2008/11/19 05:33:50 | 000,057,856 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\enecir.sys -- (enecir)
DRV - [2008/11/03 06:31:40 | 000,107,360 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\jmcr.sys -- (JMCR)
DRV - [2008/10/01 05:04:16 | 000,012,832 | ---- | M] (Acer, Inc.) [Kernel | Auto] -- C:\Windows\System32\drivers\int15.sys -- (int15)
DRV - [2008/09/24 04:09:48 | 000,045,600 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2008/08/29 02:48:46 | 003,664,384 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel(R)
DRV - [2008/08/26 03:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007/10/19 09:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2006/11/02 09:27:36 | 000,020,112 | ---- | M] (Dritek System Inc.) [Kernel | System] -- C:\Program Files\Launch Manager\DPortIO.sys -- (DritekPortIO)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
[2011/05/21 19:24:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/01/12 18:17:33 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Program Files\Mozilla Firefox\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/06/07 20:18:19 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/06/07 20:17:54 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/07/05 03:52:11 | 000,001,392 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010/07/05 03:52:11 | 000,002,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-de.xml
[2010/12/13 08:36:54 | 000,002,035 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fcmdSrchddr.xml
[2010/07/05 03:52:12 | 000,006,805 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010/07/05 03:52:12 | 000,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010/07/05 03:52:12 | 000,001,105 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2006/09/18 17:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O13 - ftp Prefix: missing
O13 - gopher Prefix: missing
O13 - home Prefix: missing
O13 - mosaic Prefix: missing
O13 - www Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O20 - HKLM Winlogon: Shell - ( ) - (Registry key not found)
O20 - HKLM Winlogon: UserInit - ( ) - (Registry key not found)
O24 - Desktop WallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O37 - HKLM\...com [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
O37 - HKLM\...exe [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
========== Files/Folders - Created Within 30 Days ==========
[2011/06/08 00:57:08 | 000,000,000 | ---D | C] -- C:\Program Files\ICQ7.5
[2011/05/21 19:24:31 | 000,000,000 | ---D | C] -- C:\Program Files\Application Updater
[2011/05/21 19:24:30 | 000,000,000 | ---D | C] -- C:\Program Files\pdfforge Toolbar
[2011/05/18 20:08:59 | 000,000,000 | ---D | C] -- C:\Program Files\ConduitEngine
[2011/05/18 20:07:42 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011/05/16 14:21:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2009/01/12 08:48:15 | 000,049,152 | ---- | C] ( ) -- C:\Windows\Interop.IWshRuntimeLibrary.dll
========== Files - Modified Within 30 Days ==========
[2011/06/15 05:01:16 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/06/15 05:01:14 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/06/15 05:01:13 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/06/15 05:01:13 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011/06/14 16:28:36 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml
[2011/06/14 13:26:13 | 000,628,742 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011/06/14 13:26:13 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/06/14 13:26:13 | 000,126,454 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011/06/14 13:26:13 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/06/07 15:56:33 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
========== Files Created - No Company Name ==========
[2011/03/09 10:49:29 | 000,001,052 | R--- | C] () -- \reatogoMenu.ini
[2011/03/09 10:41:06 | 000,000,000 | R--- | C] () -- \WIN51IP.SP2
[2011/03/09 10:41:05 | 000,000,000 | R--- | C] () -- \WIN51IP
[2010/11/16 04:30:44 | 000,819,200 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2010/11/16 04:30:44 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2010/03/20 14:10:27 | 000,000,162 | ---- | C] () -- C:\Windows\ODBC.INI
[2010/03/19 07:24:42 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2010/03/08 20:40:54 | 000,000,783 | ---- | C] () -- C:\Windows\NTIWVEDT.INI
[2010/01/12 18:18:11 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010/01/01 15:08:31 | 000,147,939 | ---- | C] () -- C:\Windows\hpoins12.dat
[2009/11/21 08:41:11 | 000,000,231 | ---- | C] () -- C:\Windows\POWERPNT.INI
[2009/11/21 08:40:59 | 000,000,064 | ---- | C] () -- C:\Windows\exchng32.ini
[2009/11/21 08:40:59 | 000,000,026 | ---- | C] () -- C:\Windows\datalink.ini
[2009/11/21 08:40:41 | 000,000,032 | ---- | C] () -- C:\Windows\GRAPH5.INI
[2009/11/21 08:40:38 | 000,000,000 | ---- | C] () -- C:\Windows\WINHELP.INI
[2009/11/21 08:39:07 | 000,000,969 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2009/11/08 14:55:50 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2009/09/11 20:03:09 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/09/11 20:01:19 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/09/06 17:57:08 | 000,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2009/09/05 08:46:11 | 000,043,520 | ---- | C] () -- C:\Windows\System32\CmdLineExt03.dll
[2009/09/05 07:40:13 | 000,000,535 | ---- | C] () -- C:\Windows\eReg.dat
[2009/09/05 06:25:50 | 000,081,408 | ---- | C] () -- C:\Windows\System32\drivers\SSHDRV86.sys
[2009/08/03 10:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 10:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009/03/04 15:28:02 | 000,626,688 | ---- | C] () -- C:\Windows\Image.dll
[2009/03/04 15:28:02 | 000,200,704 | ---- | C] () -- C:\Windows\PLFSetI.exe
[2009/03/04 15:28:02 | 000,020,480 | ---- | C] () -- C:\Windows\USB_VIDEO_REG.exe
[2009/03/04 15:28:02 | 000,000,036 | ---- | C] () -- C:\Windows\PidList.ini
[2009/01/12 02:23:18 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIOFM4.dll
[2009/01/12 02:23:18 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN5.dll
[2009/01/12 01:50:53 | 000,487,424 | ---- | C] () -- C:\Windows\System32\INT15.dll
[2009/01/12 01:27:12 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX2.dat
[2009/01/12 01:27:12 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX1.dat
[2009/01/12 01:27:12 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX0.dat
[2009/01/12 01:27:12 | 000,000,008 | ---- | C] () -- C:\Windows\System32\drivers\rtkhdaud.dat
[2009/01/12 00:31:08 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/01/21 03:15:58 | 000,628,742 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008/01/21 03:15:58 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008/01/21 03:15:58 | 000,126,454 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008/01/21 03:15:58 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2007/01/22 12:05:38 | 000,001,470 | ---- | C] () -- C:\Windows\hpomdl12.dat
[2006/11/02 08:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 08:47:37 | 000,408,904 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 08:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 06:33:01 | 000,595,996 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 06:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 06:33:01 | 000,104,070 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 06:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 06:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 04:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 04:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 03:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/03/24 07:06:41 | 000,000,053 | R--- | C] () -- \AUTORUN.INF
[2005/07/16 17:36:50 | 000,240,128 | R--- | C] () -- \reatogoMenu.exe
[2003/09/23 08:14:42 | 001,099,264 | ---- | C] () -- C:\Windows\System32\cygxml2-2.dll
[2003/08/10 10:59:20 | 000,980,992 | ---- | C] () -- C:\Windows\System32\cygiconv-2.dll
[2003/08/08 20:28:16 | 000,061,440 | ---- | C] () -- C:\Windows\System32\cygz.dll
[2001/12/26 11:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001/11/14 08:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll
[2001/09/03 18:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001/07/30 11:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001/07/23 17:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll
[1997/06/14 08:26:08 | 000,056,832 | ---- | C] () -- C:\Windows\System32\iyvu9_32.dll
[1995/08/09 19:00:00 | 000,913,952 | ---- | C] () -- C:\Windows\System32\WWINTL32.DLL
[1995/08/09 19:00:00 | 000,107,008 | ---- | C] () -- C:\Windows\System32\TTEMB32.DLL
[1995/08/09 19:00:00 | 000,068,096 | ---- | C] () -- C:\Windows\System32\MSROUTE.DLL
[1995/08/09 19:00:00 | 000,052,736 | ---- | C] () -- C:\Windows\System32\OPENDEU.DLL
[1995/08/09 19:00:00 | 000,010,512 | ---- | C] () -- C:\Windows\System32\VBADE32.DLL
[1995/08/09 19:00:00 | 000,006,352 | ---- | C] () -- C:\Windows\System32\VISXUTIL.DLL
[1995/08/09 19:00:00 | 000,002,041 | ---- | C] () -- C:\Windows\MSFNTMAP.INI
[1995/08/09 19:00:00 | 000,000,586 | ---- | C] () -- C:\Windows\MSTXTCNV.INI
[1995/08/09 19:00:00 | 000,000,280 | ---- | C] () -- C:\Windows\TTEMBED.INI
========== LOP Check ==========
[2011/03/09 10:53:54 | 000,000,000 | R--D | M] -- \I386
[2011/03/09 10:41:19 | 000,000,000 | R--D | M] -- \PROGRAMS
[2011/03/09 10:50:53 | 000,000,000 | R--D | M] -- \SFX
[2011/06/15 05:01:13 | 000,032,536 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report >
Reicht dir das? Vielen Vielen Dank |
|
| Themen zu BKA-Trojaner - Eilig Abschlussarbeit in Gefahr - OTLPE geht nicht |
| acer, anleitung, bka trojaner, data, ergebnis, gefahr, geladen, gesuch, gesucht, hallo zusammen, karte, laptop, laufwerke, log, otl problem, poste, ramdisk, reatogo-x-pe, shared, starte, starten, troja, trojaner, ukash-betrug, versucht, vista, windows, wirklich, zusammen |
Hybrid-Darstellung
