Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Bundespolizzei Trojaner (https://www.trojaner-board.de/104897-bundespolizzei-trojaner.html)

Sleinback 07.11.2011 19:57
Bundespolizzei Trojaner
 
Hallo,

habe mir den Trojaner von der "Bundespolizei" geholt.

Habe bereits eine OTL.txt erstellt und hoffe auf eure Hilfe.

Vielen Dank im Voraus.

Code:
OTL logfile created on: 11/7/2011 7:42:25 PM - Run
OTLPE by OldTimer - Version 3.1.48.0    Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 86.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 96.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 69.65 Gb Total Space | 34.66 Gb Free Space | 49.76% Space Free | Partition Type: NTFS
Drive D: | 963.70 Mb Total Space | 927.02 Mb Free Space | 96.19% Space Free | Partition Type: FAT
Drive E: | 69.64 Gb Total Space | 69.01 Gb Free Space | 99.09% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet003
 
========== Win32 Services (SafeList) ==========
 
SRV - [2011/10/09 09:02:32 | 000,055,144 | ---- | M] (Apple Inc.) [Auto] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/09/06 11:56:38 | 000,247,096 | ---- | M] () [Auto] -- C:\Programme\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2009/04/30 06:23:26 | 000,090,112 | ---- | M] () [Auto] -- C:\Programme\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe -- (OMSI download service)
SRV - [2008/11/03 18:06:28 | 000,441,712 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2008/10/25 02:21:28 | 000,068,865 | ---- | M] (Avira GmbH) [Auto] -- C:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe -- (AntiVirScheduler)
SRV - [2008/10/25 02:21:24 | 000,151,297 | ---- | M] (Avira GmbH) [Auto] -- C:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe -- (AntiVirService)
SRV - [2008/10/16 13:35:26 | 000,116,032 | ---- | M] (LogMeIn, Inc.) [Auto] -- C:\Programme\LogMeIn\x86\RaMaint.exe -- (LMIMaint)
SRV - [2008/07/24 11:46:10 | 000,063,040 | ---- | M] (LogMeIn, Inc.) [Auto] -- C:\Programme\LogMeIn\x86\LogMeIn.exe -- (LogMeIn)
SRV - [2007/02/12 10:43:44 | 000,065,536 | ---- | M] (O2Micro International) [Auto] -- C:\Programme\O2Micro Oz128 Driver\o2flash.exe -- (o2flash)
SRV - [2007/01/17 05:20:10 | 000,061,440 | ---- | M] (Hewlett-Packard Company) [Auto] -- C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2006/10/26 08:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] --  -- (PDCOMP)
DRV - File not found [Kernel | System] --  -- (PCIDump)
DRV - File not found [Kernel | System] --  -- (lbrtfdc)
DRV - File not found [Kernel | System] --  -- (i2omgmt)
DRV - File not found [Kernel | System] --  -- (Changer)
DRV - [2009/05/27 15:30:14 | 000,075,096 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2009/05/27 15:30:08 | 000,052,056 | ---- | M] (Avira GmbH) [File_System | On_Demand] -- C:\Programme\Avira\AntiVir PersonalEdition Classic\avgntflt.sys -- (avgntflt)
DRV - [2009/05/27 15:30:06 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Programme\Avira\AntiVir PersonalEdition Classic\avgio.sys -- (avgio)
DRV - [2008/10/16 13:35:58 | 000,083,288 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled] -- C:\WINDOWS\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2008/07/24 11:46:12 | 000,012,856 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto] -- C:\Programme\LogMeIn\x86\rainfo.sys -- (LMIInfo)
DRV - [2008/07/24 11:46:10 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto] -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2008/04/19 21:21:30 | 000,021,248 | ---- | M] (AVIRA GmbH) [Kernel | System] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2008/04/13 14:19:42 | 000,075,264 | ---- | M] () [Kernel | System] -- C:\WINDOWS\system32\drivers\ipsec.sys -- (IPSec)
DRV - [2008/01/09 06:28:34 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\seehcri.sys -- (seehcri)
DRV - [2007/11/02 08:22:38 | 000,105,896 | ---- | M] (MCCI) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s217unic.sys -- (s217unic) Sony Ericsson Device 217 USB Ethernet Emulation SEMC217 (WDM)
DRV - [2007/11/02 08:22:38 | 000,103,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s217mgmt.sys -- (s217mgmt) Sony Ericsson Device 217 USB WMC Device Management Drivers (WDM)
DRV - [2007/11/02 08:22:38 | 000,100,008 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s217obex.sys -- (s217obex)
DRV - [2007/11/02 08:22:38 | 000,024,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s217nd5.sys -- (s217nd5) Sony Ericsson Device 217 USB Ethernet Emulation SEMC217 (NDIS)
DRV - [2007/11/02 08:22:36 | 000,109,992 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s217mdm.sys -- (s217mdm)
DRV - [2007/11/02 08:22:36 | 000,083,496 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s217bus.sys -- (s217bus) Sony Ericsson Device 217 driver (WDM)
DRV - [2007/11/02 08:22:36 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s217mdfl.sys -- (s217mdfl)
DRV - [2007/04/30 15:37:20 | 002,206,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\NETw4x32.sys -- (NETw4x32) Intel(R)
DRV - [2007/04/23 05:12:28 | 004,402,176 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007/03/31 22:02:42 | 000,876,384 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2007/03/31 22:02:40 | 000,055,352 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\btwhid.sys -- (btwhid)
DRV - [2007/03/23 19:50:42 | 000,067,960 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2007/03/23 19:50:24 | 000,149,123 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2007/03/23 19:50:08 | 000,037,424 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2007/03/23 19:49:54 | 000,539,072 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2007/02/16 09:46:00 | 000,160,256 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2007/01/24 23:44:06 | 000,290,304 | ---- | M] (Texas Instruments) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2006/11/02 10:51:58 | 000,013,560 | ---- | M] (Cyberlink Corp.) [Kernel | Auto] -- C:\Programme\CyberLink\PowerDVD\000.fcl -- ({95808DC4-FA4A-4c74-92FE-5B863F82066B})
DRV - [2006/08/04 19:39:10 | 000,008,192 | R--- | M] (Conexant Systems, Inc.) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\XAudio.sys -- (XAudio)
DRV - [2005/11/17 09:36:34 | 000,008,064 | ---- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\flash.sys -- (flash)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\Tobi_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/
IE - HKU\Tobi_ON_C\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKU\Tobi_ON_C\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\Tobi_ON_C\..\URLSearchHook: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Programme\DVDVideoSoft\prxtbDVD0.dll (Conduit Ltd.)
IE - HKU\Tobi_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Tobi_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: 
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\myspacefftb@myspace.com: C:\Programme\MySpace\Toolbar\1.0.72.0\ [2010/04/12 10:17:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{184AA5E6-741D-464a-820E-94B3ABC2F3B4}: C:\WINDOWS\system32\5037 [2011/10/28 00:25:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Programme\Mozilla Firefox\components [2011/10/19 13:55:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2011/06/06 13:23:32 | 000,000,000 | ---D | M]
 
[2011/06/06 13:23:34 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2009/07/18 10:09:17 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011/10/19 13:55:50 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2011/10/19 13:55:46 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011/10/19 13:55:46 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2011/10/19 13:55:46 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2011/10/19 13:55:46 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2011/10/19 13:55:46 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2011/10/19 13:55:46 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
 
Hosts file not found
O2 - BHO: (XTTBPos00 Class) - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\Programme\ICQToolbar\toolbaru.dll (ICQ Inc.)
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (MySpace Toolbar) - {28AED1AF-B164-44CD-B435-CF04AA955015} - C:\Programme\MySpace\Toolbar\1.0.72.0\MySpaceToolbar.dll ()
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader Link Helper) - {C689C99E-3A8C-4c87-A79C-C80DC9C81632} - C:\WINDOWS\system32\AcroIEHelpe.dll (Adobe Systems, Incorporated)
O2 - BHO: (DVDVideoSoftTB Toolbar) - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Programme\DVDVideoSoft\prxtbDVD0.dll (Conduit Ltd.)
O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Programme\Yontoo Layers Runtime\YontooIEClient.dll (Yontoo LLC)
O3 - HKLM\..\Toolbar: (MySpace Toolbar) - {28AED1AF-B164-44CD-B435-CF04AA955015} - C:\Programme\MySpace\Toolbar\1.0.72.0\MySpaceToolbar.dll ()
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Programme\DVDVideoSoft\prxtbDVD0.dll (Conduit Ltd.)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {E9911EC6-1BCC-40B0-9993-E0EEA7F6953F} - C:\Programme\DVDVideoSoft\prxtbDVD0.dll (Conduit Ltd.)
O3 - HKU\Tobi_ON_C\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKU\Tobi_ON_C\..\Toolbar\WebBrowser: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKU\Tobi_ON_C\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {E9911EC6-1BCC-40B0-9993-E0EEA7F6953F} - C:\Programme\DVDVideoSoft\prxtbDVD0.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Alcmtr]  File not found
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [AzMixerSel]  File not found
O4 - HKLM..\Run: [LanguageShortcut] C:\Programme\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [LogMeIn GUI] C:\Programme\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [SynTPStart] C:\Programme\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)
O4 - HKU\.DEFAULT..\Run: [MySpaceIM] C:\Programme\MySpace\IM\MySpaceIM.exe ()
O4 - HKU\Tobi_ON_C..\Run: [{19205AAF-943E-491A-CCA8-06894A2F6069}] C:\Dokumente und Einstellungen\Tobi\Anwendungsdaten\Voinoq\cehaiwd.exe ()
O4 - HKU\Tobi_ON_C..\Run: [ICQ]  File not found
O4 - HKU\Tobi_ON_C..\Run: [Microsoft® Windows Update] C:\Dokumente und Einstellungen\Tobi\M-1-52-5782-8752-5245\winsvc.exe (  )
O4 - HKU\Tobi_ON_C..\Run: [MySpaceIM] C:\Programme\MySpace\IM\MySpaceIM.exe ()
O4 - HKU\Tobi_ON_C..\Run: [Sony Ericsson PC Suite] C:\Programme\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe (Sony Ericsson Mobile Communications AB)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\BTTray.lnk = C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Tobi_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Senden an &Bluetooth-Gerät... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra Button: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Dokumente und Einstellungen\Tobi\Startmenü\Programme\Absolute Poker\Absolute Poker.lnk ()
O9 - Extra 'Tools' menuitem : Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Dokumente und Einstellungen\Tobi\Startmenü\Programme\Absolute Poker\Absolute Poker.lnk ()
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programme\PartyGaming\PartyPoker\RunApp.exe ()
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programme\PartyGaming\PartyPoker\RunApp.exe ()
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Programme\PokerStars.NET\PokerStarsUpdate.exe (PokerStars)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 -  File not found
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1201272500265 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} hxxp://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab (Oberon Flash Game Host)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Alcatel Microelectronics)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\appconf32.exe) - C:\WINDOWS\system32\appconf32.exe ()
O20 - Winlogon\Notify\LMIinit: DllName - LMIinit.dll - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper:
O27 - HKLM IFEO\chrome.exe: Debugger - C:\Programme\Internet Explorer\iexplore.exe (Microsoft Corporation)
O27 - HKLM IFEO\navigator.exe: Debugger - C:\Programme\Internet Explorer\iexplore.exe (Microsoft Corporation)
O27 - HKLM IFEO\opera.exe: Debugger - C:\Programme\Internet Explorer\iexplore.exe (Microsoft Corporation)
O27 - HKLM IFEO\safari.exe: Debugger - C:\Programme\Internet Explorer\iexplore.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/01/25 07:41:44 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{4b89d4e6-cb43-11dc-ae89-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{4b89d4e6-cb43-11dc-ae89-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{4b89d4e6-cb43-11dc-ae89-806d6172696f}\Shell\AutoRun\command - "" = E:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011/11/07 12:06:36 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2011/10/28 00:36:43 | 000,169,472 | ---- | C] (Alcatel Microelectronics) -- C:\WINDOWS\System32\0.5472803417021713.exe
[2011/10/28 00:25:48 | 000,277,456 | ---- | C] (Adobe Systems, Incorporated) -- C:\WINDOWS\System32\AcroIEHelpe.dll
[2011/10/28 00:25:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\5037
[2011/10/28 00:23:54 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tobi\Startmenü\Programme\CyberLink PowerDVD
[2011/10/27 12:13:18 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\Conduit
[2011/10/27 12:13:17 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\DVDVideoSoft
[2011/10/27 12:13:14 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\MySpace
[2011/10/27 12:13:14 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\ConduitEngine
[2011/10/27 12:13:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\UAs
[2011/10/27 12:13:09 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\LocalService\Favoriten
[2011/10/27 12:06:07 | 000,000,000 | ---D | C] -- C:\Programme\Yontoo Layers Runtime
[2011/10/27 12:04:16 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\Adobe
[2011/10/27 12:03:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xmldm
[2011/10/27 12:03:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\kock
[2011/10/27 12:03:15 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Tarma Installer
[2011/10/27 12:02:05 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\Sun
[2011/10/27 11:52:18 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\Adobe
[2011/10/27 00:37:38 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\Macromedia
[2011/10/27 00:37:37 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\Adobe
[2011/10/26 00:21:11 | 000,000,000 | -HSD | C] -- C:\WINDOWS\assembly
[2011/10/26 00:20:54 | 000,000,000 | RHSD | C] -- C:\Dokumente und Einstellungen\Tobi\M-1-52-5782-8752-5245
[2011/10/20 00:38:58 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tobi\Lokale Einstellungen\Anwendungsdaten\Identities
[2011/10/20 00:38:37 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tobi\Anwendungsdaten\Voinoq
[2011/10/20 00:38:37 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Tobi\Anwendungsdaten\Gia
[2011/10/19 14:09:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\iTunes
[2011/10/19 14:08:23 | 000,000,000 | ---D | C] -- C:\Programme\iPod
[2011/10/19 14:08:07 | 000,000,000 | ---D | C] -- C:\Programme\iTunes
[2011/10/19 14:04:36 | 000,000,000 | ---D | C] -- C:\Programme\Bonjour
[2009/11/07 03:19:59 | 000,148,736 | ---- | C] (Avanquest Software) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\hpeAF5.dll
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011/11/07 13:00:50 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/11/07 13:00:02 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/11/07 12:25:09 | 000,320,104 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2011/11/07 12:25:09 | 000,314,508 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/11/07 12:25:09 | 000,049,166 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2011/11/07 12:25:09 | 000,040,836 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/10/28 00:40:30 | 000,000,268 | -H-- | M] () -- C:\sqmdata04.sqm
[2011/10/28 00:40:29 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt04.sqm
[2011/10/28 00:36:46 | 000,000,008 | ---- | M] () -- C:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\j2hhp90fi1lpc3ie.dat
[2011/10/28 00:36:45 | 000,169,472 | ---- | M] (Alcatel Microelectronics) -- C:\WINDOWS\System32\0.5472803417021713.exe
[2011/10/28 00:25:48 | 000,277,456 | ---- | M] (Adobe Systems, Incorporated) -- C:\WINDOWS\System32\AcroIEHelpe.dll
[2011/10/27 12:15:15 | 000,000,268 | -H-- | M] () -- C:\sqmdata03.sqm
[2011/10/27 12:15:15 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt03.sqm
[2011/10/27 12:10:18 | 000,000,352 | ---- | M] () -- C:\WINDOWS\tasks\At40.job
[2011/10/27 12:09:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At39.job
[2011/10/27 00:38:46 | 000,000,268 | -H-- | M] () -- C:\sqmdata02.sqm
[2011/10/27 00:38:46 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt02.sqm
[2011/10/27 00:38:01 | 000,175,104 | ---- | M] () -- C:\WINDOWS\System32\2enhUC.com_
[2011/10/27 00:38:01 | 000,175,104 | ---- | M] () -- C:\WINDOWS\System32\2enhUC.com
[2011/10/27 00:38:01 | 000,000,112 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\573158h4.dat
[2011/10/27 00:35:49 | 000,000,352 | ---- | M] () -- C:\WINDOWS\tasks\At8.job
[2011/10/27 00:35:49 | 000,000,352 | ---- | M] () -- C:\WINDOWS\tasks\At6.job
[2011/10/27 00:35:49 | 000,000,352 | ---- | M] () -- C:\WINDOWS\tasks\At48.job
[2011/10/27 00:35:49 | 000,000,352 | ---- | M] () -- C:\WINDOWS\tasks\At46.job
[2011/10/27 00:35:49 | 000,000,352 | ---- | M] () -- C:\WINDOWS\tasks\At44.job
[2011/10/27 00:35:49 | 000,000,352 | ---- | M] () -- C:\WINDOWS\tasks\At42.job
[2011/10/27 00:35:49 | 000,000,352 | ---- | M] () -- C:\WINDOWS\tasks\At4.job
[2011/10/27 00:35:49 | 000,000,352 | ---- | M] () -- C:\WINDOWS\tasks\At38.job
[2011/10/27 00:35:49 | 000,000,352 | ---- | M] () -- C:\WINDOWS\tasks\At36.job
[2011/10/27 00:35:49 | 000,000,352 | ---- | M] () -- C:\WINDOWS\tasks\At34.job
[2011/10/27 00:35:49 | 000,000,352 | ---- | M] () -- C:\WINDOWS\tasks\At32.job
[2011/10/27 00:35:49 | 000,000,352 | ---- | M] () -- C:\WINDOWS\tasks\At30.job
[2011/10/27 00:35:49 | 000,000,352 | ---- | M] () -- C:\WINDOWS\tasks\At28.job
[2011/10/27 00:35:49 | 000,000,352 | ---- | M] () -- C:\WINDOWS\tasks\At26.job
[2011/10/27 00:35:49 | 000,000,352 | ---- | M] () -- C:\WINDOWS\tasks\At24.job
[2011/10/27 00:35:49 | 000,000,352 | ---- | M] () -- C:\WINDOWS\tasks\At22.job
[2011/10/27 00:35:49 | 000,000,352 | ---- | M] () -- C:\WINDOWS\tasks\At20.job
[2011/10/27 00:35:49 | 000,000,352 | ---- | M] () -- C:\WINDOWS\tasks\At2.job
[2011/10/27 00:35:49 | 000,000,352 | ---- | M] () -- C:\WINDOWS\tasks\At18.job
[2011/10/27 00:35:49 | 000,000,352 | ---- | M] () -- C:\WINDOWS\tasks\At16.job
[2011/10/27 00:35:49 | 000,000,352 | ---- | M] () -- C:\WINDOWS\tasks\At14.job
[2011/10/27 00:35:49 | 000,000,352 | ---- | M] () -- C:\WINDOWS\tasks\At12.job
[2011/10/27 00:35:49 | 000,000,352 | ---- | M] () -- C:\WINDOWS\tasks\At10.job
[2011/10/27 00:35:49 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At9.job
[2011/10/27 00:35:49 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At7.job
[2011/10/27 00:35:49 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At5.job
[2011/10/27 00:35:49 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At47.job
[2011/10/27 00:35:49 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At45.job
[2011/10/27 00:35:49 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At43.job
[2011/10/27 00:35:49 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At41.job
[2011/10/27 00:35:49 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At37.job
[2011/10/27 00:35:49 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At35.job
[2011/10/27 00:35:49 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At33.job
[2011/10/27 00:35:49 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At31.job
[2011/10/27 00:35:49 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At3.job
[2011/10/27 00:35:49 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At29.job
[2011/10/27 00:35:49 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At27.job
[2011/10/27 00:35:49 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At25.job
[2011/10/27 00:35:49 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At23.job
[2011/10/27 00:35:49 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At21.job
[2011/10/27 00:35:49 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At19.job
[2011/10/27 00:35:49 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At17.job
[2011/10/27 00:35:49 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At15.job
[2011/10/27 00:35:49 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At13.job
[2011/10/27 00:35:49 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At11.job
[2011/10/27 00:35:49 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2011/10/26 00:30:47 | 000,000,268 | -H-- | M] () -- C:\sqmdata01.sqm
[2011/10/26 00:30:47 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt01.sqm
[2011/10/21 00:31:14 | 000,000,268 | -H-- | M] () -- C:\sqmdata00.sqm
[2011/10/21 00:31:14 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt00.sqm
[2011/10/20 14:08:01 | 000,000,268 | -H-- | M] () -- C:\sqmdata19.sqm
[2011/10/20 14:08:00 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt19.sqm
[2011/10/20 00:41:51 | 000,000,268 | -H-- | M] () -- C:\sqmdata18.sqm
[2011/10/20 00:41:51 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt18.sqm
[2011/10/19 16:35:04 | 000,000,268 | -H-- | M] () -- C:\sqmdata17.sqm
[2011/10/19 16:35:04 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt17.sqm
[2011/10/19 16:04:34 | 000,000,268 | -H-- | M] () -- C:\sqmdata16.sqm
[2011/10/19 16:04:34 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt16.sqm
[2011/10/19 14:09:33 | 000,001,528 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\iTunes.lnk
[2011/10/19 14:09:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\iTunes
[2011/10/16 06:51:36 | 000,000,268 | -H-- | M] () -- C:\sqmdata15.sqm
[2011/10/16 06:51:36 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt15.sqm
[2011/10/16 02:56:03 | 000,264,616 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/10/15 13:22:02 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/10/15 13:18:12 | 000,000,268 | -H-- | M] () -- C:\sqmdata14.sqm
[2011/10/15 13:18:12 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt14.sqm
[2011/10/15 09:19:00 | 000,000,310 | ---- | M] () -- C:\WINDOWS\tasks\WebReg Deskjet F4100 series.job
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011/10/28 00:36:46 | 000,000,008 | ---- | C] () -- C:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\j2hhp90fi1lpc3ie.dat
[2011/10/27 12:09:02 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\2enhUC.com
[2011/10/27 00:35:50 | 000,000,112 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\573158h4.dat
[2011/10/27 00:35:49 | 000,000,352 | ---- | C] () -- C:\WINDOWS\tasks\At48.job
[2011/10/27 00:35:49 | 000,000,352 | ---- | C] () -- C:\WINDOWS\tasks\At46.job
[2011/10/27 00:35:49 | 000,000,352 | ---- | C] () -- C:\WINDOWS\tasks\At44.job
[2011/10/27 00:35:49 | 000,000,352 | ---- | C] () -- C:\WINDOWS\tasks\At42.job
[2011/10/27 00:35:49 | 000,000,352 | ---- | C] () -- C:\WINDOWS\tasks\At40.job
[2011/10/27 00:35:49 | 000,000,352 | ---- | C] () -- C:\WINDOWS\tasks\At38.job
[2011/10/27 00:35:49 | 000,000,352 | ---- | C] () -- C:\WINDOWS\tasks\At36.job
[2011/10/27 00:35:49 | 000,000,352 | ---- | C] () -- C:\WINDOWS\tasks\At34.job
[2011/10/27 00:35:49 | 000,000,352 | ---- | C] () -- C:\WINDOWS\tasks\At32.job
[2011/10/27 00:35:49 | 000,000,352 | ---- | C] () -- C:\WINDOWS\tasks\At30.job
[2011/10/27 00:35:49 | 000,000,352 | ---- | C] () -- C:\WINDOWS\tasks\At28.job
[2011/10/27 00:35:49 | 000,000,352 | ---- | C] () -- C:\WINDOWS\tasks\At26.job
[2011/10/27 00:35:49 | 000,000,352 | ---- | C] () -- C:\WINDOWS\tasks\At24.job
[2011/10/27 00:35:49 | 000,000,352 | ---- | C] () -- C:\WINDOWS\tasks\At22.job
[2011/10/27 00:35:49 | 000,000,352 | ---- | C] () -- C:\WINDOWS\tasks\At20.job
[2011/10/27 00:35:49 | 000,000,352 | ---- | C] () -- C:\WINDOWS\tasks\At18.job
[2011/10/27 00:35:49 | 000,000,352 | ---- | C] () -- C:\WINDOWS\tasks\At16.job
[2011/10/27 00:35:49 | 000,000,352 | ---- | C] () -- C:\WINDOWS\tasks\At14.job
[2011/10/27 00:35:49 | 000,000,350 | ---- | C] () -- C:\WINDOWS\tasks\At47.job
[2011/10/27 00:35:49 | 000,000,350 | ---- | C] () -- C:\WINDOWS\tasks\At45.job
[2011/10/27 00:35:49 | 000,000,350 | ---- | C] () -- C:\WINDOWS\tasks\At43.job
[2011/10/27 00:35:49 | 000,000,350 | ---- | C] () -- C:\WINDOWS\tasks\At41.job
[2011/10/27 00:35:49 | 000,000,350 | ---- | C] () -- C:\WINDOWS\tasks\At39.job
[2011/10/27 00:35:49 | 000,000,350 | ---- | C] () -- C:\WINDOWS\tasks\At37.job
[2011/10/27 00:35:49 | 000,000,350 | ---- | C] () -- C:\WINDOWS\tasks\At35.job
[2011/10/27 00:35:49 | 000,000,350 | ---- | C] () -- C:\WINDOWS\tasks\At33.job
[2011/10/27 00:35:49 | 000,000,350 | ---- | C] () -- C:\WINDOWS\tasks\At31.job
[2011/10/27 00:35:49 | 000,000,350 | ---- | C] () -- C:\WINDOWS\tasks\At29.job
[2011/10/27 00:35:49 | 000,000,350 | ---- | C] () -- C:\WINDOWS\tasks\At27.job
[2011/10/27 00:35:49 | 000,000,350 | ---- | C] () -- C:\WINDOWS\tasks\At25.job
[2011/10/27 00:35:49 | 000,000,350 | ---- | C] () -- C:\WINDOWS\tasks\At23.job
[2011/10/27 00:35:49 | 000,000,350 | ---- | C] () -- C:\WINDOWS\tasks\At21.job
[2011/10/27 00:35:49 | 000,000,350 | ---- | C] () -- C:\WINDOWS\tasks\At19.job
[2011/10/27 00:35:49 | 000,000,350 | ---- | C] () -- C:\WINDOWS\tasks\At17.job
[2011/10/27 00:35:49 | 000,000,350 | ---- | C] () -- C:\WINDOWS\tasks\At15.job
[2011/10/27 00:35:49 | 000,000,350 | ---- | C] () -- C:\WINDOWS\tasks\At13.job
[2011/10/27 00:35:48 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\2enhUC.com_
[2011/10/27 00:35:48 | 000,000,352 | ---- | C] () -- C:\WINDOWS\tasks\At8.job
[2011/10/27 00:35:48 | 000,000,352 | ---- | C] () -- C:\WINDOWS\tasks\At6.job
[2011/10/27 00:35:48 | 000,000,352 | ---- | C] () -- C:\WINDOWS\tasks\At4.job
[2011/10/27 00:35:48 | 000,000,352 | ---- | C] () -- C:\WINDOWS\tasks\At2.job
[2011/10/27 00:35:48 | 000,000,352 | ---- | C] () -- C:\WINDOWS\tasks\At12.job
[2011/10/27 00:35:48 | 000,000,352 | ---- | C] () -- C:\WINDOWS\tasks\At10.job
[2011/10/27 00:35:48 | 000,000,350 | ---- | C] () -- C:\WINDOWS\tasks\At9.job
[2011/10/27 00:35:48 | 000,000,350 | ---- | C] () -- C:\WINDOWS\tasks\At7.job
[2011/10/27 00:35:48 | 000,000,350 | ---- | C] () -- C:\WINDOWS\tasks\At5.job
[2011/10/27 00:35:48 | 000,000,350 | ---- | C] () -- C:\WINDOWS\tasks\At3.job
[2011/10/27 00:35:48 | 000,000,350 | ---- | C] () -- C:\WINDOWS\tasks\At11.job
[2011/10/27 00:35:48 | 000,000,350 | ---- | C] () -- C:\WINDOWS\tasks\At1.job
[2011/10/19 14:09:33 | 000,001,528 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\iTunes.lnk
[2011/07/04 10:18:13 | 000,056,004 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/10/18 13:19:52 | 000,081,332 | ---- | C] () -- C:\WINDOWS\System32\bass.dll
[2008/12/25 08:05:45 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2008/12/09 10:23:13 | 000,052,000 | RHS- | C] () -- C:\WINDOWS\System32\appconf32.exe
[2008/07/04 08:03:57 | 000,010,240 | ---- | C] () -- C:\Dokumente und Einstellungen\Tobi\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/01/29 09:53:43 | 000,147,894 | ---- | C] () -- C:\WINDOWS\hpoins12.dat
[2008/01/29 09:53:43 | 000,001,470 | ---- | C] () -- C:\WINDOWS\hpomdl12.dat
[2008/01/26 04:51:01 | 000,000,305 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\addr_file.html
[2008/01/26 03:12:18 | 000,008,064 | ---- | C] () -- C:\WINDOWS\System32\drivers\flash.sys
[2008/01/25 11:26:23 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4864.dll
[2008/01/25 11:26:23 | 000,104,636 | ---- | C] () -- C:\WINDOWS\System32\igmedcompkrn.dll
[2008/01/25 09:44:13 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIBUN4.dll
[2008/01/25 09:43:55 | 000,013,952 | ---- | C] () -- C:\WINDOWS\System32\drivers\UBHelper.sys
[2008/01/25 09:43:03 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMPEG2.dll
[2008/01/25 09:43:03 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMP3.dll
[2008/01/25 09:43:03 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTICDMK7.dll
[2008/01/25 09:28:09 | 000,204,800 | R--- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4820.dll
[2008/01/25 09:28:08 | 001,174,000 | ---- | C] () -- C:\WINDOWS\System32\igmedkrn.dll
[2008/01/25 08:32:54 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2008/01/25 07:44:13 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2008/01/25 07:38:34 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/01/25 06:54:51 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008/01/25 06:53:38 | 000,264,616 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2007/04/01 03:00:28 | 002,842,624 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll
[2007/04/01 02:41:52 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll
[2004/08/04 07:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/04 07:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/04 07:00:00 | 000,320,104 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat
[2004/08/04 07:00:00 | 000,314,508 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/04 07:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/04 07:00:00 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat
[2004/08/04 07:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/04 07:00:00 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\drivers\ipsec.sys
[2004/08/04 07:00:00 | 000,049,166 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat
[2004/08/04 07:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/04 07:00:00 | 000,040,836 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/04 07:00:00 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat
[2004/08/04 07:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/04 07:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/04 07:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/04 07:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/04 07:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2001/12/26 09:12:30 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\multiplex_vcd.dll
[2001/11/14 07:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
[2001/09/03 16:46:38 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\Hmpg12.dll
[2001/07/30 09:33:56 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\HMPV2_ENC.dll
[2001/07/23 15:04:36 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\HMPV2_ENC_MMX.dll
 
========== LOP Check ==========
 
[2011/10/26 00:27:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Tobi\Anwendungsdaten\Gia
[2011/03/30 07:50:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Tobi\Anwendungsdaten\ICQ
[2008/03/17 04:27:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Tobi\Anwendungsdaten\ICQ Toolbar
[2008/10/13 11:56:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Tobi\Anwendungsdaten\Image Zone Express
[2008/09/09 14:33:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Tobi\Anwendungsdaten\MSNInstaller
[2011/07/16 09:21:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Tobi\Anwendungsdaten\PriceGong
[2008/10/13 11:52:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Tobi\Anwendungsdaten\Printer Info Cache
[2011/10/20 00:38:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Tobi\Anwendungsdaten\Voinoq
[2011/06/18 08:59:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avanquest
[2009/05/09 04:59:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\BVRP Software
[2011/03/30 07:18:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ICQ
[2008/10/03 08:01:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\LogMeIn
[2011/10/27 12:06:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Tarma Installer
[2011/01/13 13:30:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011/10/27 00:35:49 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At1.job
[2011/10/27 00:35:49 | 000,000,352 | ---- | M] () -- C:\WINDOWS\Tasks\At10.job
[2011/10/27 00:35:49 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At11.job
[2011/10/27 00:35:49 | 000,000,352 | ---- | M] () -- C:\WINDOWS\Tasks\At12.job
[2011/10/27 00:35:49 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At13.job
[2011/10/27 00:35:49 | 000,000,352 | ---- | M] () -- C:\WINDOWS\Tasks\At14.job
[2011/10/27 00:35:49 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At15.job
[2011/10/27 00:35:49 | 000,000,352 | ---- | M] () -- C:\WINDOWS\Tasks\At16.job
[2011/10/27 00:35:49 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At17.job
[2011/10/27 00:35:49 | 000,000,352 | ---- | M] () -- C:\WINDOWS\Tasks\At18.job
[2011/10/27 00:35:49 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At19.job
[2011/10/27 00:35:49 | 000,000,352 | ---- | M] () -- C:\WINDOWS\Tasks\At2.job
[2011/10/27 00:35:49 | 000,000,352 | ---- | M] () -- C:\WINDOWS\Tasks\At20.job
[2011/10/27 00:35:49 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At21.job
[2011/10/27 00:35:49 | 000,000,352 | ---- | M] () -- C:\WINDOWS\Tasks\At22.job
[2011/10/27 00:35:49 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At23.job
[2011/10/27 00:35:49 | 000,000,352 | ---- | M] () -- C:\WINDOWS\Tasks\At24.job
[2011/10/27 00:35:49 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At25.job
[2011/10/27 00:35:49 | 000,000,352 | ---- | M] () -- C:\WINDOWS\Tasks\At26.job
[2011/10/27 00:35:49 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At27.job
[2011/10/27 00:35:49 | 000,000,352 | ---- | M] () -- C:\WINDOWS\Tasks\At28.job
[2011/10/27 00:35:49 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At29.job
[2011/10/27 00:35:49 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At3.job
[2011/10/27 00:35:49 | 000,000,352 | ---- | M] () -- C:\WINDOWS\Tasks\At30.job
[2011/10/27 00:35:49 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At31.job
[2011/10/27 00:35:49 | 000,000,352 | ---- | M] () -- C:\WINDOWS\Tasks\At32.job
[2011/10/27 00:35:49 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At33.job
[2011/10/27 00:35:49 | 000,000,352 | ---- | M] () -- C:\WINDOWS\Tasks\At34.job
[2011/10/27 00:35:49 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At35.job
[2011/10/27 00:35:49 | 000,000,352 | ---- | M] () -- C:\WINDOWS\Tasks\At36.job
[2011/10/27 00:35:49 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At37.job
[2011/10/27 00:35:49 | 000,000,352 | ---- | M] () -- C:\WINDOWS\Tasks\At38.job
[2011/10/27 12:09:00 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At39.job
[2011/10/27 00:35:49 | 000,000,352 | ---- | M] () -- C:\WINDOWS\Tasks\At4.job
[2011/10/27 12:10:18 | 000,000,352 | ---- | M] () -- C:\WINDOWS\Tasks\At40.job
[2011/10/27 00:35:49 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At41.job
[2011/10/27 00:35:49 | 000,000,352 | ---- | M] () -- C:\WINDOWS\Tasks\At42.job
[2011/10/27 00:35:49 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At43.job
[2011/10/27 00:35:49 | 000,000,352 | ---- | M] () -- C:\WINDOWS\Tasks\At44.job
[2011/10/27 00:35:49 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At45.job
[2011/10/27 00:35:49 | 000,000,352 | ---- | M] () -- C:\WINDOWS\Tasks\At46.job
[2011/10/27 00:35:49 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At47.job
[2011/10/27 00:35:49 | 000,000,352 | ---- | M] () -- C:\WINDOWS\Tasks\At48.job
[2011/10/27 00:35:49 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At5.job
[2011/10/27 00:35:49 | 000,000,352 | ---- | M] () -- C:\WINDOWS\Tasks\At6.job
[2011/10/27 00:35:49 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At7.job
[2011/10/27 00:35:49 | 000,000,352 | ---- | M] () -- C:\WINDOWS\Tasks\At8.job
[2011/10/27 00:35:49 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\At9.job
 
========== Purity Check ==========
 
 
< End of report >

markusg 07.11.2011 20:04
hi
folgende anleitung lesen, und das programm combofix auf nen usb stick.
combofix:
Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich
ziehen und eine Bereinigung der Infektion noch erschweren.

Bitte downloade dir Combofix.exe und speichere es unbedingt auf deinem Desktop.
  • Besuche folgende Seite für Downloadlinks und Anweisungen für dieses
    Tool

    Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Hinweis:
    Gehe sicher das all deine Anti Virus und Anti Malware Programme abgeschalten sind, damit diese Combofix nicht bei der Arbeit stören.
  • Poste bitte die C:\Combofix.txt in deiner nächsten Antwort.

dann starte den pc mal neu, und zwar in den abgesicherten modus mit eingabeaufforderung.
dies erreichst du bei pc start mit f8 und dann abges. modus mit eingabeaufforderung wählen.
schließe den stick an
jetzt wird eine eingabebox aufgehen und wir müssen den usb stick finden.
tippe
d:\combofix.exe
enter
falls combofix nicht startet weiter mit
e:\combofix.exe
usw.
der pc wird neustarten denke ich, lass ihn das tun, und zwar in den normalen modus, dort dann combofix.txt posten

Sleinback 07.11.2011 21:34
Danke für deine schnelle Antwort.

Habe versucht combofix.exe durchlaufen zu lassen. Beim erstem Mal fragte das Programm, ob es Antivir, welches im Hintergrund läuft schließen soll, damit es die Prüfung nicht beeinträchtigen kann. Anschließend liefen einigen Balken durch, aber dann veränderte sich der Bildschirm für über eine halbe Stunde nicht. Nach einem Neustart versuchte ich den pc "nomal" zu starten. Immernoch der Hinweis auf den "Bundestrojaner".
also wollte ich nochmal im abgesicherten modus den combofix durchlaufen lassen. nach dem start bleibt nun aber der bildschirm schwarz. nur in den ecken steht nur noch "abgesicherter modus".

ps. ich hatte vorhin vergessen zu erwähnen, dass ich den laptop nichtmal im abgesichteren modus starten kann. bei dem abgesichteren modus mit eingabeaufforderung ist nur das schwarze fenster da.

sorry, aber ich bin nicht sehr geschickt in solchen dingen.

markusg 07.11.2011 22:08
also geht das fenster nicht mehr auf wo du combofix.exe per befehl starten kannst?
kannst du den taskmanager öffnen und von dort combofix starten?
neuer task und dann wieder d:\combofix.exe

Sleinback 07.11.2011 22:11
doch, ich kann es öffnen, er fängt auch an. aber nachdem er das programm gestartet hat, muss ich bestätigen, dass er antivir abstellen darf. dann bleibt der bildschirm unverändert schwarz mit den schriftzügen abgesicherter modus in den ecken.

hast du noch einen tipp für mich?

markusg 07.11.2011 22:19
ja, lösche mal deine combofix version.
dann lad es erneut runter, diesmal aber auf den download link, mit rechtsklick,dann öffnet sich ein menü, dort ziehl speichern unter.
bei dateiname steht,
combofix.exe
dass komplett raus löschen
4567.com
reinschreiben, abspeichern
auf stick speichern.
und noch mal versuchen zu starten, diesmal
d:\4567.com
bzw den buchstaben fürs laufwerk anpassen


Alle Zeitangaben in WEZ +1. Es ist jetzt 00:22 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131