Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Trojan.Agent/Gen-Kryptik

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 27.08.2012, 17:31   #1
Friedi
 
Trojan.Agent/Gen-Kryptik - Standard

Trojan.Agent/Gen-Kryptik



Hallo zusammen,

ich bin total unwissen, was Computer angeht, hatte vor einigen Jahren aber bereits mal einen Trojaner auf dem Laptop und hier wurde mir total super geholfen!
Nun ist es leider wieder soweit, ich habe wieder einen Trojaner mit dem Namen "Trojan.Agent/Gen-Kryptik" auf dem PC.
Ich habe heute bereits einmal SUPERAntiSpyware durchlaufen lassen und es wurden 352 Datein gefunden und natürlich auch gelöscht. Seitdem funktionieren einige Programme nicht mehr richtig.
Ich habe den Trojaner-Name bereits gegoggelt und auch hier gesucht, aber nichts gefunden, vielleicht kann mir jemand von euch helfen!?
Muss ich den Laptop nun erneut aufsetzen? Oder gibt es eine Alternative?

Danke im Voraus,

Friedi
Angehängte Dateien
Dateityp: log defogger_disable.log (576 Bytes, 121x aufgerufen)

Alt 27.08.2012, 17:53   #2
Friedi
 
Trojan.Agent/Gen-Kryptik - Standard

Trojan.Agent/Gen-Kryptik



OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 27.08.2012 18:37:01 - Run 1
OTL by OldTimer - Version 3.2.59.1     Folder = C:\Users\***\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,91 Gb Total Physical Memory | 2,22 Gb Available Physical Memory | 56,86% Memory free
7,81 Gb Paging File | 6,03 Gb Available in Paging File | 77,22% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119,24 Gb Total Space | 47,21 Gb Free Space | 39,60% Space Free | Partition Type: NTFS
Drive D: | 153,85 Gb Total Space | 84,15 Gb Free Space | 54,69% Space Free | Partition Type: NTFS
 
Computer Name: FRIEDI | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.08.27 18:33:02 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Users\***\Downloads\OTL.exe
PRC - [2012.08.09 10:27:05 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.05.02 01:42:28 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2012.05.02 00:34:34 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.04.01 09:42:44 | 003,058,304 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
PRC - [2011.12.18 21:08:42 | 002,420,616 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
PRC - [2011.12.18 21:04:24 | 000,073,360 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
PRC - [2011.10.04 00:17:40 | 000,166,528 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2011.09.08 23:48:32 | 000,100,992 | ---- | M] (ASUS) -- C:\Program Files (x86)\Common Files\InstantOn\InsOnWMI.exe
PRC - [2011.09.08 23:48:30 | 000,092,800 | ---- | M] (ASUS) -- C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe
PRC - [2011.07.22 00:49:10 | 005,716,608 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2009.12.15 19:39:38 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
PRC - [2009.06.19 19:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
PRC - [2009.06.19 19:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
PRC - [2009.06.16 02:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
PRC - [2008.12.23 02:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
PRC - [2008.08.14 06:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
 
 
========== Modules (No Company Name) ==========
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - File not found [On_Demand | Stopped] -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe -- (Amsp)
SRV:64bit: - [2012.06.20 18:12:04 | 001,038,088 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2012.01.06 17:32:34 | 000,827,520 | ---- | M] (Check Point Software Technologies) [Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe -- (IswSvc)
SRV:64bit: - [2011.09.27 16:04:18 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011.08.12 01:38:04 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV:64bit: - [2011.03.04 01:57:58 | 000,379,520 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)
SRV:64bit: - [2010.09.23 03:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010.09.17 10:32:56 | 000,241,488 | ---- | M] (Trend Micro Inc.) [Disabled | Stopped] -- C:\Program Files\Trend Micro\Titanium\TiMiniService.exe -- (TiMiniService)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2012.08.15 19:15:22 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.07.19 22:36:54 | 000,113,120 | ---- | M] (Mozilla Foundation) [Disabled | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.06.07 19:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.05.02 01:42:28 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.05.02 00:34:34 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.04.09 11:20:30 | 003,063,968 | ---- | M] (Skype Technologies S.A.) [Disabled | Stopped] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2011.12.18 21:08:42 | 002,420,616 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe -- (vsmon)
SRV - [2011.09.08 23:48:30 | 000,092,800 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe -- (ASUS InstantOn)
SRV - [2010.10.06 06:04:12 | 002,655,768 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010.10.06 06:04:08 | 000,325,656 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010.03.18 22:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.12.15 19:39:38 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2009.06.16 02:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.08.21 17:32:39 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012.07.14 23:16:51 | 000,325,376 | ---- | M] (AfaTech                  ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AF15BDA.sys -- (AF15BDA)
DRV:64bit: - [2012.05.02 15:24:12 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2012.04.27 10:20:04 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012.04.25 00:32:27 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.01.09 18:59:32 | 000,485,680 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)
DRV:64bit: - [2012.01.09 18:59:30 | 000,460,888 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (KL1)
DRV:64bit: - [2012.01.09 18:59:30 | 000,011,864 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kl2.sys -- (kl2)
DRV:64bit: - [2012.01.06 17:32:12 | 000,033,672 | ---- | M] (Check Point Software Technologies) [Kernel | Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys -- (ISWKL)
DRV:64bit: - [2011.10.19 04:56:00 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.10.19 04:56:00 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.10.04 08:49:32 | 002,770,944 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2011.09.27 16:56:52 | 010,207,232 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011.09.27 15:25:08 | 000,317,952 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011.08.23 15:57:24 | 000,565,352 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.08.09 02:32:02 | 012,289,472 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdpmd64.sys -- (intelkmd)
DRV:64bit: - [2011.08.02 01:47:30 | 000,391,144 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2011.08.02 01:47:30 | 000,129,000 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2011.07.22 18:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS -- (SASDIFSV)
DRV:64bit: - [2011.07.20 18:47:56 | 000,143,144 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2011.07.12 23:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS -- (SASKUTIL)
DRV:64bit: - [2011.05.14 00:37:54 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2011.05.07 17:51:32 | 000,454,232 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vsdatant.sys -- (Vsdatant)
DRV:64bit: - [2011.04.26 05:07:36 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011.03.15 12:09:16 | 000,311,400 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtsuvstor.sys -- (RSUSBVSTOR)
DRV:64bit: - [2010.11.20 15:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:07:06 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 13:07:06 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.10.19 23:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010.10.14 19:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010.09.17 10:52:28 | 000,144,464 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmcomm.sys -- (tmcomm)
DRV:64bit: - [2010.09.17 10:52:28 | 000,105,552 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tmtdi.sys -- (tmtdi)
DRV:64bit: - [2010.09.17 10:52:28 | 000,090,704 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmactmon.sys -- (tmactmon)
DRV:64bit: - [2010.09.17 10:52:28 | 000,067,664 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmevtmgr.sys -- (tmevtmgr)
DRV:64bit: - [2009.07.20 11:29:40 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 01:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2009.06.10 22:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:34:18 | 000,057,344 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008.06.27 07:51:10 | 000,088,632 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\adfs.sys -- (adfs)
DRV:64bit: - [2008.05.24 02:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2011.09.07 18:55:04 | 000,017,536 | ---- | M] (ASUS) [Kernel | System | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys -- (ATKWMIACPIIO)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009.07.03 02:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com
IE - HKCU\..\URLSearchHook: {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{D09183A7-49A5-4DD6-B0CB-7ABD887A321E}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-3&o=APN10395&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=^ABT&apn_dtid=^YYYYYY^YY^DE&apn_uid=4ed313c9-9552-4345-8f7c-921905686324&apn_sauid=B4CE62CB-51FF-4BEE-BBDB-D9EA36A283A0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Amazon.de"
FF - prefs.js..browser.startup.homepage: "about:home|https://www.mozilla.org/de/plugincheck/"
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_271.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\ZEON/PDF,version=2.0: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
 
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\PROGRAM FILES\CHECKPOINT\ZAFORCEFIELD\TRUSTCHECKER [2012.06.14 18:33:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{22C7F6C6-8D67-4534-92B5-529A0EC09405}: C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\firefoxextension\ [2011.10.19 06:36:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker [2012.06.14 15:43:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.07.19 22:36:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012.08.27 17:06:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
 
[2012.05.24 17:49:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions
[2012.06.14 14:56:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\pid0gfu5.default\extensions
[2012.05.28 16:56:08 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\pid0gfu5.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.05.28 23:12:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.05.24 17:57:54 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.07.19 22:36:55 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.06.16 18:22:54 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.06.16 18:22:54 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.06.16 18:22:54 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.16 18:22:54 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.16 18:22:54 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.16 18:22:54 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - homepage: hxxp://www.google.com/
CHR - homepage: hxxp://www.google.com/
CHR - Extension: YouTube = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\
CHR - Extension: Google-Suche = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\
CHR - Extension: Google Mail = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\
 
O1 HOSTS File: ([2012.06.21 16:06:51 | 000,002,296 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 hl2rcv.adobe.com
O1 - Hosts: 127.0.0.1 adobeereg.com
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 3dns.adobe.com
O1 - Hosts: 127.0.0.1 3dns-1.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-4.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-1.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-4.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-5.adobe.com
O1 - Hosts: 127.0.0.1 hh-software.com
O1 - Hosts: 127.0.0.1 www.hh-software.com
O1 - Hosts: 127.0.0.1 activate.adobe.de
O1 - Hosts: 24 more lines...
O2:64bit: - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg.dll (Trend Micro Inc.)
O2:64bit: - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2:64bit: - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe64.dll (Trend Micro Inc.)
O2 - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll (Trend Micro Inc.)
O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll (Trend Micro Inc.)
O3:64bit: - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {FC2B76FC-2132-4D80-A9A3-1F5C6E49066B} - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Trend Micro Client Framework] C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ZoneAlarm] C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD)
O4 - HKCU..\Run: [AdobeBridge]  File not found
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 80.69.100.230 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E3EDF04F-088F-4B9F-8F54-31A0480AB1B9}: DhcpNameServer = 80.69.100.230 192.168.0.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe64.dll (Trend Micro Inc.)
O18:64bit: - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg.dll (Trend Micro Inc.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll (Trend Micro Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{c8f8ff0e-eb5e-11e1-9da1-c860004f336f}\Shell - "" = AutoRun
O33 - MountPoints2\{c8f8ff0e-eb5e-11e1-9da1-c860004f336f}\Shell\AutoRun\command - "" = G:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.08.26 21:45:55 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012.08.26 16:33:26 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\Bachelor-Modell
[2012.08.26 16:32:51 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\Abschiedsparty
[2012.08.25 00:33:47 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\Party
[2012.08.23 02:51:16 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\BTSS_12_***_***
[2012.08.21 20:49:05 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\21Aug2012
[2012.08.21 18:35:24 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\Rendering
[2012.08.21 17:32:39 | 000,283,200 | ---- | C] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2012.08.21 17:32:36 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\DAEMON Tools Pro
[2012.08.21 17:32:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Pro
[2012.08.21 17:32:04 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Pro
[2012.08.21 17:29:41 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2012.08.21 09:09:15 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\Bachelor
[2012.08.14 00:27:28 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\tex
[2012.08.13 19:39:51 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\illum
[2012.08.09 10:28:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
 
========== Files - Modified Within 30 Days ==========
 
[2012.08.27 18:33:02 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
[2012.08.27 18:26:49 | 000,000,178 | ---- | M] () -- C:\Users\***\defogger_reenable
[2012.08.27 18:25:21 | 000,050,477 | ---- | M] () -- C:\Users\***\Desktop\Defogger.exe
[2012.08.27 18:16:11 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.08.27 18:07:15 | 000,001,132 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.08.27 18:06:10 | 000,000,670 | ---- | M] () -- C:\Windows\tasks\WebContent AutoUpdate 2011.job
[2012.08.27 17:38:53 | 001,643,448 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.08.27 17:38:53 | 000,708,282 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.08.27 17:38:53 | 000,663,560 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.08.27 17:38:53 | 000,151,886 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.08.27 17:38:53 | 000,124,832 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.08.27 17:05:51 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.08.27 17:05:51 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.08.27 16:57:29 | 000,001,128 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.08.27 16:57:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.08.27 16:57:21 | 3145,764,864 | -HS- | M] () -- C:\hiberfil.sys
[2012.08.27 00:54:04 | 049,721,419 | ---- | M] () -- C:\Users\***\Desktop\Abgabe 24.08.2012_Plan 4_Innenhof_12_.pdf
[2012.08.27 00:48:32 | 049,721,418 | ---- | M] () -- C:\Users\***\Desktop\Abgabe 24.08.2012_Plan 4_Innenhof_12.pdf
[2012.08.27 00:35:21 | 009,160,509 | ---- | M] () -- C:\Users\***\Desktop\Bachelorthesis_Hof-Wiederhergestellt2.jpg
[2012.08.27 00:10:49 | 003,807,620 | ---- | M] () -- C:\Users\***\Desktop\Unbenannt-1.jpg
[2012.08.27 00:06:29 | 005,549,883 | ---- | M] () -- C:\Users\***\Desktop\Bachelorthesis_innen_Mauer.jpg
[2012.08.27 00:04:04 | 022,182,283 | ---- | M] () -- C:\Users\***\Desktop\Renderung_Hof_1.jpg
[2012.08.26 23:42:52 | 001,556,445 | ---- | M] () -- C:\Users\***\Desktop\Bachelorthesis_innen4_2.jpg
[2012.08.26 23:42:12 | 001,568,968 | ---- | M] () -- C:\Users\***\Desktop\Bachelorthesis_innen4_.jpg
[2012.08.26 23:37:46 | 216,454,235 | ---- | M] () -- C:\Users\***\Desktop\Bachelorthesis_innen4.psd
[2012.08.26 23:03:11 | 008,910,145 | ---- | M] () -- C:\Users\***\Desktop\Bachelorthesis_Hof-Wiederhergestellt.jpg
[2012.08.26 23:02:28 | 332,779,024 | ---- | M] () -- C:\Users\***\Desktop\Bachelorthesis_Hof-Wiederhergestellt.psd
[2012.08.26 16:45:40 | 000,856,627 | ---- | M] () -- C:\Users\***\Desktop\DSCF0995.jpg
[2012.08.25 00:06:46 | 004,018,581 | ---- | M] () -- C:\Users\***\Desktop\Bachelorthesis_innen4.jpg
[2012.08.25 00:04:19 | 004,028,360 | ---- | M] () -- C:\Users\***\Desktop\Bachelorthesis_innen3.jpg
[2012.08.24 09:58:32 | 000,104,977 | ---- | M] () -- C:\Users\***\Desktop\Version 2.pdf
[2012.08.24 01:10:45 | 006,692,095 | ---- | M] () -- C:\Users\***\Desktop\Bachelorthesis_Hof.jpg
[2012.08.23 21:48:36 | 000,015,574 | ---- | M] () -- C:\Users\***\Desktop\Innenverkleidung.c4d
[2012.08.23 02:38:20 | 000,035,171 | ---- | M] () -- C:\Users\***\Desktop\Modellschilder.pdf
[2012.08.23 01:59:20 | 005,061,722 | ---- | M] () -- C:\Users\***\Desktop\Unbenannt-3.pdf
[2012.08.23 01:50:03 | 016,308,738 | ---- | M] () -- C:\Users\***\Desktop\Unbenannt-3.jpg
[2012.08.23 01:45:18 | 000,042,304 | ---- | M] () -- C:\Users\***\Desktop\Unbenannt-2.pdf
[2012.08.23 01:17:20 | 005,061,764 | ---- | M] () -- C:\Users\***\Desktop\Unbenannt-1.pdf
[2012.08.23 01:13:05 | 037,166,648 | ---- | M] () -- C:\Users\***\Desktop\Foto_Außenperspektive_bearbeit_neu2.jpg
[2012.08.23 00:52:11 | 085,555,958 | ---- | M] () -- C:\Users\***\Desktop\Foto_Außenperspektive_bearbeit_neu.psd
[2012.08.23 00:38:52 | 004,224,827 | ---- | M] () -- C:\Users\***\Desktop\Foto_Außenperspektive_bearbeit_neu.jpg
[2012.08.23 00:37:26 | 085,584,271 | ---- | M] () -- C:\Users\***\Desktop\Foto_Außenperspektive_bearbeitet.psd
[2012.08.22 08:24:07 | 000,000,524 | ---- | M] () -- C:\Windows\tasks\Allplan AutoUpdate 2011-1.job
[2012.08.22 01:08:14 | 015,036,565 | ---- | M] () -- C:\Users\***\Desktop\Innenraumperspektive.jpg
[2012.08.22 01:05:19 | 027,817,920 | ---- | M] () -- C:\Users\***\Desktop\Bachelorthesis.c4d
[2012.08.22 00:46:40 | 013,494,831 | ---- | M] () -- C:\Users\***\Desktop\Außenperspektive_Plan.jpg
[2012.08.22 00:42:47 | 005,415,313 | ---- | M] () -- C:\Users\***\Desktop\thesis-bearbeitet.jpg
[2012.08.22 00:42:12 | 138,943,011 | ---- | M] () -- C:\Users\***\Desktop\thesis.psd
[2012.08.22 00:42:02 | 006,175,472 | ---- | M] () -- C:\Users\***\Desktop\thesis_1.jpg
[2012.08.22 00:19:10 | 000,848,841 | ---- | M] () -- C:\Users\***\Desktop\wiese_meadow003.jpg
[2012.08.21 23:33:44 | 001,817,470 | ---- | M] () -- C:\Users\***\Desktop\Außenperspektive_bearbeitet.jpg
[2012.08.21 23:32:19 | 002,369,236 | ---- | M] () -- C:\Users\***\Desktop\Außenperspektive..jpg
[2012.08.21 22:44:26 | 003,519,096 | ---- | M] () -- C:\Users\***\Desktop\thesis.jpg
[2012.08.21 22:43:40 | 003,519,096 | ---- | M] () -- C:\Users\***\Desktop\123.jpg
[2012.08.21 22:22:31 | 003,516,380 | ---- | M] () -- C:\Users\***\Desktop\123
[2012.08.21 20:12:28 | 002,337,334 | ---- | M] () -- C:\Users\***\Desktop\Rendering_Bachelorthesis_außen.jpg
[2012.08.21 19:33:31 | 000,014,793 | ---- | M] () -- C:\Users\***\Desktop\Tisch.c4d
[2012.08.21 18:58:55 | 000,002,254 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2012.08.21 17:32:39 | 000,283,200 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2012.08.21 16:54:39 | 000,311,721 | ---- | M] () -- C:\Users\***\Desktop\Innenwände OG.c4d
[2012.08.21 15:14:05 | 005,157,761 | ---- | M] () -- C:\Users\***\Desktop\Foto_Außenperspektive_bearbeitet.jpg
[2012.08.16 09:21:17 | 004,923,112 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.08.14 21:17:44 | 000,000,132 | ---- | M] () -- C:\Users\***\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
[2012.08.08 18:36:37 | 000,100,972 | ---- | M] () -- C:\Users\***\Desktop\D51dtexture_schmal5.jpg
[2012.08.08 18:35:36 | 000,103,187 | ---- | M] () -- C:\Users\***\Desktop\D51dtexture_schmal4.jpg
[2012.08.08 18:34:24 | 000,107,007 | ---- | M] () -- C:\Users\***\Desktop\D51dtexture_schmal3.jpg
[2012.08.08 18:33:00 | 000,104,522 | ---- | M] () -- C:\Users\***\Desktop\D51dtexture_schmal2.jpg
[2012.08.08 18:25:53 | 000,123,421 | ---- | M] () -- C:\Users\***\Desktop\D51dtexture_schmal.jpg
[2012.08.08 17:45:19 | 002,412,785 | ---- | M] () -- C:\Users\***\Desktop\D51dtexture.jpg
 
========== Files Created - No Company Name ==========
 
[2012.08.27 18:26:49 | 000,000,178 | ---- | C] () -- C:\Users\***\defogger_reenable
[2012.08.27 18:25:15 | 000,050,477 | ---- | C] () -- C:\Users\***\Desktop\Defogger.exe
[2012.08.27 00:53:49 | 049,721,419 | ---- | C] () -- C:\Users\***\Desktop\Abgabe 24.08.2012_Plan 4_Innenhof_12_.pdf
[2012.08.27 00:48:32 | 049,721,418 | ---- | C] () -- C:\Users\***\Desktop\Abgabe 24.08.2012_Plan 4_Innenhof_12.pdf
[2012.08.27 00:35:18 | 009,160,509 | ---- | C] () -- C:\Users\***\Desktop\Bachelorthesis_Hof-Wiederhergestellt2.jpg
[2012.08.27 00:10:42 | 003,807,620 | ---- | C] () -- C:\Users\***\Desktop\Unbenannt-1.jpg
[2012.08.27 00:06:28 | 005,549,883 | ---- | C] () -- C:\Users\***\Desktop\Bachelorthesis_innen_Mauer.jpg
[2012.08.27 00:03:43 | 022,182,283 | ---- | C] () -- C:\Users\***\Desktop\Renderung_Hof_1.jpg
[2012.08.26 23:42:48 | 001,556,445 | ---- | C] () -- C:\Users\***\Desktop\Bachelorthesis_innen4_2.jpg
[2012.08.26 23:42:07 | 001,568,968 | ---- | C] () -- C:\Users\***\Desktop\Bachelorthesis_innen4_.jpg
[2012.08.26 23:31:12 | 216,454,235 | ---- | C] () -- C:\Users\***\Desktop\Bachelorthesis_innen4.psd
[2012.08.26 23:03:06 | 008,910,145 | ---- | C] () -- C:\Users\***\Desktop\Bachelorthesis_Hof-Wiederhergestellt.jpg
[2012.08.26 22:54:36 | 332,779,024 | ---- | C] () -- C:\Users\***\Desktop\Bachelorthesis_Hof-Wiederhergestellt.psd
[2012.08.26 16:45:32 | 000,856,627 | ---- | C] () -- C:\Users\***\Desktop\DSCF0995.jpg
[2012.08.25 00:06:46 | 004,018,581 | ---- | C] () -- C:\Users\***\Desktop\Bachelorthesis_innen4.jpg
[2012.08.25 00:04:08 | 004,028,360 | ---- | C] () -- C:\Users\***\Desktop\Bachelorthesis_innen3.jpg
[2012.08.24 09:58:32 | 000,104,977 | ---- | C] () -- C:\Users\***\Desktop\Version 2.pdf
[2012.08.24 01:10:45 | 006,692,095 | ---- | C] () -- C:\Users\***\Desktop\Bachelorthesis_Hof.jpg
[2012.08.23 21:36:15 | 000,015,574 | ---- | C] () -- C:\Users\***\Desktop\Innenverkleidung.c4d
[2012.08.23 02:38:18 | 000,035,171 | ---- | C] () -- C:\Users\***\Desktop\Modellschilder.pdf
[2012.08.23 01:58:29 | 005,061,722 | ---- | C] () -- C:\Users\***\Desktop\Unbenannt-3.pdf
[2012.08.23 01:49:57 | 016,308,738 | ---- | C] () -- C:\Users\***\Desktop\Unbenannt-3.jpg
[2012.08.23 01:45:16 | 000,042,304 | ---- | C] () -- C:\Users\***\Desktop\Unbenannt-2.pdf
[2012.08.23 01:12:32 | 005,061,764 | ---- | C] () -- C:\Users\***\Desktop\Unbenannt-1.pdf
[2012.08.23 00:53:22 | 037,166,648 | ---- | C] () -- C:\Users\***\Desktop\Foto_Außenperspektive_bearbeit_neu2.jpg
[2012.08.23 00:52:09 | 085,555,958 | ---- | C] () -- C:\Users\***\Desktop\Foto_Außenperspektive_bearbeit_neu.psd
[2012.08.23 00:38:50 | 004,224,827 | ---- | C] () -- C:\Users\***\Desktop\Foto_Außenperspektive_bearbeit_neu.jpg
[2012.08.23 00:31:10 | 085,584,271 | ---- | C] () -- C:\Users\***\Desktop\Foto_Außenperspektive_bearbeitet.psd
[2012.08.22 01:08:09 | 015,036,565 | ---- | C] () -- C:\Users\***\Desktop\Innenraumperspektive.jpg
[2012.08.22 00:46:30 | 013,494,831 | ---- | C] () -- C:\Users\***\Desktop\Außenperspektive_Plan.jpg
[2012.08.22 00:42:44 | 005,415,313 | ---- | C] () -- C:\Users\***\Desktop\thesis-bearbeitet.jpg
[2012.08.22 00:42:05 | 138,943,011 | ---- | C] () -- C:\Users\***\Desktop\thesis.psd
[2012.08.22 00:36:53 | 006,175,472 | ---- | C] () -- C:\Users\***\Desktop\thesis_1.jpg
[2012.08.22 00:19:02 | 000,848,841 | ---- | C] () -- C:\Users\***\Desktop\wiese_meadow003.jpg
[2012.08.21 23:33:42 | 001,817,470 | ---- | C] () -- C:\Users\***\Desktop\Außenperspektive_bearbeitet.jpg
[2012.08.21 23:32:17 | 002,369,236 | ---- | C] () -- C:\Users\***\Desktop\Außenperspektive..jpg
[2012.08.21 22:44:26 | 003,519,096 | ---- | C] () -- C:\Users\***\Desktop\thesis.jpg
[2012.08.21 22:43:39 | 003,519,096 | ---- | C] () -- C:\Users\***\Desktop\123.jpg
[2012.08.21 22:22:30 | 003,516,380 | ---- | C] () -- C:\Users\***\Desktop\123
[2012.08.21 20:12:26 | 002,337,334 | ---- | C] () -- C:\Users\***\Desktop\Rendering_Bachelorthesis_außen.jpg
[2012.08.21 19:33:29 | 000,014,793 | ---- | C] () -- C:\Users\***\Desktop\Tisch.c4d
[2012.08.21 16:54:38 | 000,311,721 | ---- | C] () -- C:\Users\***\Desktop\Innenwände OG.c4d
[2012.08.21 15:14:02 | 005,157,761 | ---- | C] () -- C:\Users\***\Desktop\Foto_Außenperspektive_bearbeitet.jpg
[2012.08.13 15:56:49 | 027,817,920 | ---- | C] () -- C:\Users\***\Desktop\Bachelorthesis.c4d
[2012.08.08 18:36:36 | 000,100,972 | ---- | C] () -- C:\Users\***\Desktop\D51dtexture_schmal5.jpg
[2012.08.08 18:35:35 | 000,103,187 | ---- | C] () -- C:\Users\***\Desktop\D51dtexture_schmal4.jpg
[2012.08.08 18:34:24 | 000,107,007 | ---- | C] () -- C:\Users\***\Desktop\D51dtexture_schmal3.jpg
[2012.08.08 18:32:58 | 000,104,522 | ---- | C] () -- C:\Users\***\Desktop\D51dtexture_schmal2.jpg
[2012.08.08 18:25:52 | 000,123,421 | ---- | C] () -- C:\Users\***\Desktop\D51dtexture_schmal.jpg
[2012.08.08 17:45:17 | 002,412,785 | ---- | C] () -- C:\Users\***\Desktop\D51dtexture.jpg
[2012.07.14 23:17:59 | 000,000,196 | ---- | C] () -- C:\Windows\SysWow64\AF15IRTBL.bin
[2012.06.23 23:05:41 | 000,000,132 | ---- | C] () -- C:\Users\***\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
[2012.05.24 23:49:30 | 000,018,944 | ---- | C] ( ) -- C:\Windows\SysWow64\implode.dll
[2012.04.01 09:38:50 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.04.01 09:36:09 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat
[2012.04.01 09:34:56 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2012.04.01 09:34:56 | 000,216,000 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2012.04.01 09:34:56 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012.04.01 09:34:55 | 013,903,872 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2012.04.01 09:34:55 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2012.04.01 09:34:55 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2012.04.01 09:34:41 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\drivers\IntelMEFWVer.dll
[2011.10.19 06:26:32 | 000,131,984 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2011.10.19 06:11:04 | 009,130,280 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
 
========== LOP Check ==========
 
[2012.05.24 18:11:49 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\ASUS WebStorage
[2012.05.25 21:49:16 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\CheckPoint
[2012.08.24 01:42:55 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\DAEMON Tools Pro
[2012.06.01 19:07:02 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\DVDVideoSoft
[2012.05.28 16:56:07 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.08.21 17:59:22 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\MAXON
[2012.06.24 14:28:27 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Nemetschek
[2012.05.24 17:50:08 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Nuance
[2012.05.28 17:03:07 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\OpenOffice.org
[2012.06.21 16:46:18 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012.05.24 18:19:46 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Thunderbird
[2012.05.24 18:17:21 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Windows Live Writer
[2012.05.24 17:50:05 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Zeon
[2012.08.22 08:24:07 | 000,000,524 | ---- | M] () -- C:\Windows\Tasks\Allplan AutoUpdate 2011-1.job
[2012.08.27 00:21:42 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.08.27 18:06:10 | 000,000,670 | ---- | M] () -- C:\Windows\Tasks\WebContent AutoUpdate 2011.job
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:5D458568

< End of report >
         
--- --- ---
__________________


Alt 27.08.2012, 18:11   #3
Friedi
 
Trojan.Agent/Gen-Kryptik - Standard

Trojan.Agent/Gen-Kryptik



Ich hoffe, ich hab alles richtig gemacht!
__________________

Alt 28.08.2012, 15:34   #4
t'john
/// Helfer-Team
 
Trojan.Agent/Gen-Kryptik - Standard

Trojan.Agent/Gen-Kryptik



http://www.trojaner-board.de/122865-...n-kryptik.html

Zitat:
Ich habe heute bereits einmal SUPERAntiSpyware durchlaufen lassen und es wurden 352 Datein gefunden und natürlich auch gelöscht.
Wo ist das Log?

Wo ist Malwarebytes Log?
__________________
Mfg, t'john
Das TB unterstützen

Alt 13.10.2012, 00:14   #5
t'john
/// Helfer-Team
 
Trojan.Agent/Gen-Kryptik - Standard

Trojan.Agent/Gen-Kryptik



Fehlende Rückmeldung

Gibt es Probleme beim Abarbeiten obiger Anleitung?

Um Kapazitäten für andere Hilfesuchende freizumachen, lösche ich dieses Thema aus meinen Benachrichtigungen.

Solltest Du weitermachen wollen, schreibe mir eine PN oder eröffne ein neues Thema.
http://www.trojaner-board.de/69886-a...-beachten.html


Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner sauber ist.

__________________
Mfg, t'john
Das TB unterstützen

Antwort

Themen zu Trojan.Agent/Gen-Kryptik
alter, alternative, aufsetzen, computer, datei, datein, erneut, funktionieren, gesuch, gesucht, hallo zusammen, heute, jahre, laptop, namen, natürlich, nicht mehr, nichts, programme, super, superantispyware, total, troja, trojan.agent/gen-kryptik, trojaner, wissen, zusammen



Ähnliche Themen: Trojan.Agent/Gen-Kryptik


  1. Windows Vista, Trojanerbefall Win32/Kryptik.BXAT trojan Antivirenprogramm kann nicht mehr gestartet werden
    Log-Analyse und Auswertung - 28.03.2014 (19)
  2. trojan.agent/Gen-frauder und trojan.agent/Gen-Reputation gefunden
    Log-Analyse und Auswertung - 02.11.2013 (10)
  3. WinXp Trojan.Agent/Gen-Reputation Stolen.Data Trojan.Agent/Gen-DunDun Win32/Spy.Banker.YPK trojan
    Log-Analyse und Auswertung - 29.10.2013 (7)
  4. Win32/Kryptik.BDQK trojan entdeckt
    Log-Analyse und Auswertung - 30.06.2013 (8)
  5. Win.Trojan.Agent-228583, Win.Trojan.Expiro-1161 und Win.Trojan.Agent-232649
    Plagegeister aller Art und deren Bekämpfung - 13.03.2013 (8)
  6. Trojan.Fakesmoke, Trojan.Agent-128337, Trojan.Agent-128287 bei Desinfect 2012 (Clam AV)
    Log-Analyse und Auswertung - 06.02.2013 (17)
  7. Trojaner gefunden: Win 32:Patcher [Trj], Win.Trojan.Agent-36124, Win.Trojan.Agent-44393
    Log-Analyse und Auswertung - 02.02.2013 (7)
  8. TR/Dldr.Kryptik.J und BDS/ZeroAccess.Gen und TR/Agent.KL.25088 mit Avira gefunden
    Plagegeister aller Art und deren Bekämpfung - 01.01.2013 (13)
  9. Win32/Kryptik.AOOB trojan / Win32/Ponmocup.AA trojan entfernen ?
    Plagegeister aller Art und deren Bekämpfung - 27.11.2012 (7)
  10. Trojan.Downloader, Trojan.Agent.VGENX, Trojan.Agent, PUP.Pantsoff.PasswordFinder, TR/spy.banker.gen5
    Log-Analyse und Auswertung - 27.10.2012 (1)
  11. Trojan.Agent/Gen-Kryptik
    Log-Analyse und Auswertung - 28.08.2012 (3)
  12. Trojan.Agent, Backdoor.Agent, Trojan.Banker > 10 Trojaner auf einem PC
    Log-Analyse und Auswertung - 22.07.2012 (0)
  13. Trojan.Proxy und TR Kryptik.jec gefunden - Online Banking gesperrt
    Plagegeister aller Art und deren Bekämpfung - 17.07.2012 (2)
  14. TR/Kryptik.gyh.3 , TR/Trash.Gen' [trojan] eingefangen .
    Log-Analyse und Auswertung - 19.02.2012 (24)
  15. syspck32.exe Win32/Rootkit.Kryptik.AF trojan
    Log-Analyse und Auswertung - 05.10.2010 (19)
  16. Win32/Kryptik.BDR trojan
    Plagegeister aller Art und deren Bekämpfung - 17.12.2009 (9)
  17. TR/Kryptik.PD und TR/Agent.ciqb
    Log-Analyse und Auswertung - 26.05.2009 (0)

Zum Thema Trojan.Agent/Gen-Kryptik - Hallo zusammen, ich bin total unwissen, was Computer angeht, hatte vor einigen Jahren aber bereits mal einen Trojaner auf dem Laptop und hier wurde mir total super geholfen! Nun ist - Trojan.Agent/Gen-Kryptik...
Archiv
Du betrachtest: Trojan.Agent/Gen-Kryptik auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.