Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: GVU/BKA Trojaner-Problem

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Alt 20.06.2014, 21:36   #1
wok
 
GVU/BKA Trojaner-Problem - Standard

GVU/BKA Trojaner-Problem



Guten Abend!

Ich habe mir leider auch einen Virus eingefangen, GVU/BKA Version Österreich.
Mein System ist xp, 32 Bit. Kein Start möglich, auch micht im abdesicherten Modus, da
startet der PC wieder von selbst.
Ich habe, wie von euch angegeben den OTLpe-Scan durchgeführt und die beiden txt
erstellt. Ich hoffe ich habe alles richtig durchgeführt, sollte noch etwas fehlen oder von mir fehlerhaft gemacht worden, bitte um kurze mitteilung.
Hier jetze die logfiles:

Vielen Dank im voraus für eure Bemühungen, Wolfgang

OTL
Code:
ATTFilter
OTL logfile created on: 6/17/2014 12:47:39 PM - Run 
OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 89.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 97.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 139.73 Gb Total Space | 19.29 Gb Free Space | 13.80% Space Free | Partition Type: NTFS
Drive D: | 3.76 Gb Total Space | 1.59 Gb Free Space | 42.39% Space Free | Partition Type: FAT32
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet002
 
========== Win32 Services (SafeList) ==========
 
SRV - [2014/06/08 10:11:07 | 000,164,725 | ---- | M] (Microsoft Corporation) [Auto] -- C:\DOKUME~1\ALLUSE~1\ANWEND~1\7EA166D0527A2965CEFC40F8DD94EBBB\fljzbnfl.cpp -- (winmgmt)
SRV - [2014/05/20 03:27:13 | 000,430,160 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2014/05/20 03:26:47 | 000,430,160 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2014/05/09 15:06:13 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/01/09 01:17:38 | 000,770,432 | ---- | M] (Enigma Software Group USA, LLC.) [Auto] -- C:\Programme\Enigma Software Group\SpyHunter\SH4Service.exe -- (SpyHunter 4 Service)
SRV - [2013/09/05 05:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/07/02 03:49:42 | 000,057,136 | ---- | M] (iS3, Inc.) [Auto] -- C:\Programme\STOPzilla!\SZServer.exe -- (szserver)
SRV - [2013/06/25 09:36:46 | 000,182,184 | ---- | M] (Oracle Corporation) [Auto] -- C:\Programme\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013/05/02 11:22:34 | 003,673,696 | ---- | M] (ETU Software GmbH) [Auto] -- C:\Programme\HSETU\ApplicationService\ApplicationService.exe -- (HSETUApplicationService)
SRV - [2012/01/26 08:16:52 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011/11/25 11:32:36 | 000,687,400 | ---- | M] (Nero AG) [Auto] -- C:\Programme\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2010/04/15 05:51:02 | 000,261,256 | ---- | M] (NovaStor) [Auto] -- C:\Programme\NovaStor\NovaStor NovaBACKUP\nsService.exe -- (nsService)
SRV - [2010/03/10 08:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto] -- C:\Programme\Gemeinsame Dateien\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2009/05/15 06:36:50 | 000,251,184 | R--- | M] (BUFFALO INC.) [Auto] -- C:\Programme\BUFFALO\NASNAVI\nassvc.exe -- (NasPmService)
SRV - [2007/01/22 07:30:18 | 000,108,064 | ---- | M] (EMC Corporation) [Auto] -- C:\Programme\Retrospect\Retrospect Express HD 2.0\retrorun.exe -- (RetroExpLauncher)
SRV - [2006/10/26 14:49:34 | 000,441,136 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2006/10/26 09:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand] --  -- (WDICA)
DRV - File not found [File_System | Auto] --  -- (StarOpen)
DRV - File not found [Kernel | On_Demand] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] --  -- (PDCOMP)
DRV - File not found [Kernel | System] --  -- (PCIDump)
DRV - File not found [Kernel | System] --  -- (lbrtfdc)
DRV - File not found [Kernel | System] --  -- (i2omgmt)
DRV - File not found [Kernel | System] --  -- (Changer)
DRV - [2014/05/20 03:26:47 | 000,136,216 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2014/05/20 03:26:47 | 000,093,528 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2014/01/06 21:48:42 | 000,012,288 | ---- | M] () [Kernel | On_Demand] -- C:\Programme\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
DRV - [2013/11/25 13:31:54 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2013/07/02 03:40:54 | 000,073,488 | R--- | M] (iS3, Inc.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\SZKGFS.sys -- (szkgfs)
DRV - [2013/07/02 03:40:54 | 000,061,328 | R--- | M] (iS3 Inc.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\SZKG.sys -- (szkg5)
DRV - [2013/07/02 03:40:54 | 000,061,328 | R--- | M] (iS3 Inc.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\is3srv.sys -- (is3srv)
DRV - [2013/02/05 12:52:46 | 000,020,032 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\dgderdrv.sys -- (dgderdrv)
DRV - [2012/08/27 09:50:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2012/06/22 05:01:32 | 000,019,984 | ---- | M] () [File_System | On_Demand] -- C:\WINDOWS\system32\drivers\EsgScanner.sys -- (EsgScanner)
DRV - [2010/11/23 10:52:31 | 006,188,648 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2010/11/23 10:52:30 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2010/11/23 10:52:29 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2007/10/24 05:47:26 | 000,023,288 | ---- | M] (SIA Syncrosoft) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\synasUSB.sys -- (SynasUSB)
DRV - [2006/01/11 08:21:36 | 000,019,200 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2005/05/03 11:34:02 | 000,027,392 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV - [2005/04/12 04:41:20 | 000,004,608 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ElbyDelay.sys -- (ElbyDelay)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = hxxp://www.google.com
IE - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\admin_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
IE - HKU\admin_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\admin_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
 
IE - HKU\systemprofile_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.search.order.1: "Google"
FF - prefs.js..browser.search.useDBForOrder: "false"
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..keyword.URL: "hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q="
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\WINDOWS\system32\npdeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Programme\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: C:\Programme\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.2: C:\Programme\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Programme\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Components: C:\Programme\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.5.0\extensions\\Components: C:\Programme\Mozilla Thunderbird\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.5.0\extensions\\Plugins: C:\Programme\Mozilla Thunderbird\plugins
 
[2012/01/21 11:30:40 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\admin\Anwendungsdaten\mozilla\Extensions
[2014/06/08 03:25:58 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\admin\Anwendungsdaten\mozilla\Firefox\Profiles\x21eybur.default-1373009657781\extensions
[2014/03/28 11:27:36 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Dokumente und Einstellungen\admin\Anwendungsdaten\mozilla\Firefox\Profiles\x21eybur.default-1373009657781\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2014/05/09 15:06:07 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2014/05/09 15:06:07 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2014/05/09 15:06:06 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\browser\extensions
[2014/05/09 15:06:14 | 000,000,000 | ---D | M] (Default) -- C:\Programme\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
File not found (No name found) -- 
() (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\ADMIN\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\X21EYBUR.DEFAULT-1373009657781\EXTENSIONS\ADBLOCKPOPUPS@JESSEHAKANEN.NET.XPI
 
O1 HOSTS File: ([2008/04/14 08:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\admin_ON_C\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Programme\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [bgsmsnd.exe] C:\WINDOWS\system32\bgsmsnd.exe (Broadgun Software)
O4 - HKLM..\Run: [ControlCenter3] C:\Programme\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Programme\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [MultiScreen] C:\Programme\MultiScreen\MultiScreen.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Programme\NVIDIA Corporation\nview\nwiz.exe ()
O4 - HKLM..\Run: [RetroExpress] C:\Programme\Retrospect\Retrospect Express HD 2.0\RetroExpress.exe (EMC Corporation)
O4 - HKLM..\Run: [SpyHunter Security Suite] C:\Programme\Enigma Software Group\SpyHunter\SpyHunter4.exe (Enigma Software Group USA, LLC.)
O4 - HKLM..\Run: [SSBkgdUpdate] C:\Programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Oracle Corporation)
O4 - HKU\admin_ON_C..\Run: [] C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKU\admin_ON_C..\Run: [DIMUpdate wird heruntergeladen...1338924290338] C:\Programme\Corel\CorelDRAW Graphics Suite X6\Draw\DIM.exe (Corel Corporation)
O4 - HKU\admin_ON_C..\Run: [Greenshot] C:\Programme\Greenshot\Greenshot.exe ()
O4 - HKU\admin_ON_C..\Run: [KiesPreload] C:\Programme\Samsung\Kies\Kies.exe (Samsung)
O4 - Startup: C:\Dokumente und Einstellungen\admin\Startmenü\Programme\Autostart\BUFFALO NAS Navigator2.lnk = C:\Programme\BUFFALO\NASNAVI\NasNavi.exe (BUFFALO INC.)
O4 - Startup: C:\Dokumente und Einstellungen\admin\Startmenü\Programme\Autostart\Dropbox.lnk = C:\Dokumente und Einstellungen\admin\Anwendungsdaten\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\admin\Startmenü\Programme\Autostart\explorer.lnk = X:\I386\SYSTEM32\RUNDLL32.EXE (Microsoft Corporation)
O4 - Startup: C:\Dokumente und Einstellungen\admin\Startmenü\Programme\Autostart\NAS Scheduler.lnk = C:\Programme\BUFFALO\NASNAVI\nassche.exe (BUFFALO INC.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\NovaBACKUP Tray Control.lnk = C:\Programme\NovaStor\NovaStor NovaBACKUP\nsCtrl.exe (NovaStor)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\admin_ON_C\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\admin_ON_C\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\admin_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Administrator_ON_C\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\Administrator_ON_C\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\LocalService_ON_C\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\NetworkService_ON_C\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\systemprofile_ON_C\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\systemprofile_ON_C\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\systemprofile_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1327151404531 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 10.25.2)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 10.25.2)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (acaptuser32.dll) - C:\WINDOWS\System32\acaptuser32.dll (Adobe Systems, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\TPSvc: DllName - TPSvc.dll -  File not found
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: 
O24 - Desktop BackupWallPaper: 
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/01/21 08:57:07 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{ca855da4-bd62-11e2-a7c8-00304895642c}\Shell - "" = AutoRun
O33 - MountPoints2\{ca855da4-bd62-11e2-a7c8-00304895642c}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{ca855da4-bd62-11e2-a7c8-00304895642c}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O33 - MountPoints2\L\Shell - "" = AutoRun
O33 - MountPoints2\L\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\L\Shell\AutoRun\command - "" = L:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/06/09 00:54:37 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft
[2014/06/09 00:54:37 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Administrator\SendTo
[2014/06/09 00:54:37 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten
[2014/06/09 00:54:37 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Zubehör
[2014/06/09 00:54:37 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Administrator\Startmenü
[2014/06/09 00:54:37 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Autostart
[2014/06/09 00:54:37 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Administrator\Cookies
[2014/06/09 00:54:37 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Administrator\Vorlagen
[2014/06/09 00:54:37 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Administrator\Recent
[2014/06/09 00:54:37 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Administrator\Netzwerkumgebung
[2014/06/09 00:54:37 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen
[2014/06/09 00:54:37 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Administrator\Druckumgebung
[2014/06/09 00:54:37 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Microsoft
[2014/06/09 00:54:37 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Macromedia
[2014/06/09 00:54:37 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Favoriten
[2014/06/09 00:54:37 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Desktop
[2014/06/09 00:51:34 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2014/06/08 10:19:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\admin\Startmenü\Programme\SpyHunter
[2014/06/08 10:19:49 | 000,000,000 | ---D | C] -- C:\sh4ldr
[2014/06/08 10:11:07 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\7EA166D0527A2965CEFC40F8DD94EBBB
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014/06/15 13:13:54 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/06/15 12:52:15 | 000,001,084 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/06/15 12:52:15 | 000,000,222 | ---- | M] () -- C:\WINDOWS\tasks\Ende des Supports für Microsoft Windows XP –  Benachrichtigung – Anmeldung.job
[2014/06/15 12:52:09 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2014/06/09 09:12:00 | 000,001,088 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/06/08 10:19:50 | 000,001,953 | ---- | M] () -- C:\Dokumente und Einstellungen\admin\Desktop\SpyHunter.lnk
[2014/06/08 10:13:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Silverlight
[2014/06/08 10:11:07 | 000,000,818 | ---- | M] () -- C:\Dokumente und Einstellungen\admin\Startmenü\Programme\Autostart\explorer.lnk
[2014/06/08 10:09:09 | 000,000,216 | ---- | M] () -- C:\WINDOWS\tasks\Ende des Supports für Microsoft Windows XP – Monatliche Benachrichtigung.job
[2014/06/07 06:00:00 | 000,000,484 | ---- | M] () -- C:\WINDOWS\tasks\One-Click Tweak.job
[2014/06/01 03:44:14 | 000,001,034 | ---- | M] () -- C:\Dokumente und Einstellungen\admin\Startmenü\Programme\Autostart\Dropbox.lnk
[2014/06/01 03:43:52 | 000,001,026 | ---- | M] () -- C:\Dokumente und Einstellungen\admin\Desktop\Dropbox.lnk
[2014/06/01 03:42:23 | 000,692,400 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2014/06/01 03:42:23 | 000,070,832 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2014/05/20 03:26:47 | 000,136,216 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2014/05/20 03:26:47 | 000,093,528 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014/06/09 00:54:37 | 000,001,599 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Remoteunterstützung.lnk
[2014/06/09 00:54:37 | 000,000,772 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Windows Media Player.lnk
[2014/06/08 10:19:50 | 000,001,953 | ---- | C] () -- C:\Dokumente und Einstellungen\admin\Desktop\SpyHunter.lnk
[2014/06/08 10:11:07 | 000,000,818 | ---- | C] () -- C:\Dokumente und Einstellungen\admin\Startmenü\Programme\Autostart\explorer.lnk
[2013/09/01 02:06:57 | 003,795,696 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/07/17 09:08:24 | 000,000,091 | ---- | C] () -- C:\WINDOWS\Brfaxrx.ini
[2013/07/17 09:08:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\brdfxspd.dat
[2013/07/17 08:56:38 | 000,000,060 | R--- | C] () -- C:\Programme\BRINST.INI
[2013/07/04 14:11:48 | 000,066,344 | R--- | C] () -- C:\WINDOWS\System32\drivers\sbapifs.sys
[2013/07/04 14:11:48 | 000,044,424 | R--- | C] () -- C:\WINDOWS\System32\SBBD.EXE
[2013/07/04 14:11:48 | 000,022,064 | R--- | C] () -- C:\WINDOWS\System32\drivers\sbaphd.sys
[2013/02/28 08:06:44 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\cdTextCtl.dll
[2013/02/01 13:16:13 | 001,074,560 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2013/02/01 13:16:13 | 001,074,560 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2013/02/01 13:16:13 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2013/02/01 13:16:04 | 002,284,064 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2012/11/08 12:43:11 | 000,000,000 | -H-- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\rifmasterlic.lic
[2012/06/26 10:17:23 | 000,000,052 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\isufjmwzrxpdvgu
[2012/06/22 05:01:32 | 000,019,984 | ---- | C] () -- C:\WINDOWS\System32\ESGScanner.sys
[2012/06/22 05:01:32 | 000,019,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\EsgScanner.sys
[2012/06/18 11:40:39 | 000,017,408 | ---- | C] () -- C:\Dokumente und Einstellungen\admin\Lokale Einstellungen\Anwendungsdaten\WebpageIcons.db
[2012/06/15 18:35:35 | 004,111,466 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-S-1-5-21-1957994488-1604221776-682003330-1003-0.dat
[2012/06/15 18:35:35 | 000,549,250 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-System.dat
[2012/05/24 13:09:21 | 000,001,568 | ---- | C] () -- C:\Dokumente und Einstellungen\admin\.recently-used.xbel
[2012/02/28 08:52:08 | 000,011,570 | ---- | C] () -- C:\WINDOWS\hpdj5600.ini
[2012/02/28 07:54:06 | 000,011,035 | ---- | C] () -- C:\WINDOWS\hpdj6122.ini
[2012/02/16 12:55:36 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/02/08 05:40:57 | 000,000,236 | ---- | C] () -- C:\WINDOWS\Brpfx04a.ini
[2012/02/08 05:40:57 | 000,000,093 | ---- | C] () -- C:\WINDOWS\brpcfx.ini
[2012/02/08 05:40:49 | 000,000,050 | ---- | C] () -- C:\WINDOWS\System32\bridf08a.dat
[2012/02/08 05:40:43 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\BrMuSNMP.dll
[2012/02/08 05:39:13 | 000,031,664 | ---- | C] () -- C:\WINDOWS\maxlink.ini
[2012/01/27 07:57:27 | 000,002,528 | ---- | C] () -- C:\Dokumente und Einstellungen\admin\Anwendungsdaten\$_hpcst$.hpc
[2012/01/27 06:20:26 | 000,017,408 | ---- | C] () -- C:\Dokumente und Einstellungen\admin\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/01/25 06:35:14 | 000,074,120 | ---- | C] () -- C:\WINDOWS\System32\bgsresen.dll
[2012/01/25 06:35:14 | 000,070,024 | ---- | C] () -- C:\WINDOWS\System32\bgsresfr.dll
[2012/01/25 06:35:14 | 000,070,024 | ---- | C] () -- C:\WINDOWS\System32\bgsreses.dll
[2012/01/25 06:35:14 | 000,070,024 | ---- | C] () -- C:\WINDOWS\System32\bgsresde.dll
[2012/01/25 06:35:14 | 000,057,736 | ---- | C] () -- C:\WINDOWS\System32\bgspmnt.dll
[2012/01/25 06:34:55 | 000,222,720 | ---- | C] () -- C:\WINDOWS\System32\cnk2000.dll
[2012/01/25 06:10:09 | 000,000,571 | ---- | C] () -- C:\WINDOWS\System32\FeMakro.ini
[2012/01/25 06:10:09 | 000,000,497 | ---- | C] () -- C:\WINDOWS\System32\FeAnim.ini
[2012/01/23 13:55:53 | 000,000,197 | ---- | C] () -- C:\WINDOWS\MaterialsDlg.ini
[2012/01/21 11:33:56 | 000,000,027 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2012/01/21 11:33:50 | 000,000,425 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2012/01/21 09:14:59 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2012/01/21 08:58:21 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012/01/21 08:55:17 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2012/01/21 08:50:39 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011/11/29 10:38:18 | 000,030,568 | ---- | C] () -- C:\WINDOWS\MusiccityDownload.exe
[2011/11/29 10:38:12 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll
[2011/11/29 10:38:12 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
[2011/11/29 10:38:12 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
[2011/11/29 10:38:12 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll
[2010/05/07 18:12:06 | 000,015,022 | ---- | C] () -- C:\WINDOWS\UN060501.INI
[2009/10/06 03:16:02 | 000,819,200 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009/05/07 12:15:04 | 000,004,366 | ---- | C] () -- C:\WINDOWS\UN090415.INI
[2008/04/14 08:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2008/04/14 08:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2008/04/14 08:00:00 | 000,554,104 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat
[2008/04/14 08:00:00 | 000,523,566 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2008/04/14 08:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2008/04/14 08:00:00 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat
[2008/04/14 08:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2008/04/14 08:00:00 | 000,116,686 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat
[2008/04/14 08:00:00 | 000,095,462 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2008/04/14 08:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2008/04/14 08:00:00 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat
[2008/04/14 08:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2008/04/14 08:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2008/04/14 08:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2008/04/14 08:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2008/04/14 08:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2007/04/27 04:43:58 | 000,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll
 
========== LOP Check ==========
 
[2012/09/04 10:13:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\TuneUp Software
[2012/12/22 06:38:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\admin\Anwendungsdaten\Avery
[2013/09/18 08:16:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\admin\Anwendungsdaten\Babylon
[2012/08/28 13:37:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\admin\Anwendungsdaten\calibre
[2012/11/13 06:24:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\admin\Anwendungsdaten\Canneverbe Limited
[2012/11/13 06:21:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\admin\Anwendungsdaten\DeepBurner Pro
[2014/06/09 05:55:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\admin\Anwendungsdaten\Dropbox
[2014/06/09 05:55:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\admin\Anwendungsdaten\DropboxMaster
[2013/01/12 07:23:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\admin\Anwendungsdaten\FileZilla
[2013/06/15 12:34:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\admin\Anwendungsdaten\foobar2000
[2013/04/23 12:48:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\admin\Anwendungsdaten\GARMIN
[2012/01/25 08:14:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\admin\Anwendungsdaten\Greenshot
[2013/02/13 07:54:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\admin\Anwendungsdaten\gtk-2.0
[2013/01/11 08:39:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\admin\Anwendungsdaten\HDRLightStudio
[2012/07/22 14:43:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\admin\Anwendungsdaten\HSETU
[2012/01/21 13:43:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\admin\Anwendungsdaten\IMSI
[2012/01/21 13:43:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\admin\Anwendungsdaten\IMSIDesign
[2013/06/06 11:36:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\admin\Anwendungsdaten\Informatix
[2012/01/27 06:12:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\admin\Anwendungsdaten\IrfanView
[2012/01/25 07:10:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\admin\Anwendungsdaten\Leadertech
[2012/05/14 05:31:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\admin\Anwendungsdaten\MAGIX
[2012/01/21 11:25:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\admin\Anwendungsdaten\NASNaviator2
[2013/09/18 08:16:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\admin\Anwendungsdaten\OpenCandy
[2013/02/18 04:19:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\admin\Anwendungsdaten\Samsung
[2012/02/29 05:56:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\admin\Anwendungsdaten\ScanSoft
[2012/03/04 08:16:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\admin\Anwendungsdaten\StarOffice
[2012/03/04 14:51:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\admin\Anwendungsdaten\StarOffice8
[2013/11/25 13:46:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\admin\Anwendungsdaten\TeamViewer
[2012/06/18 05:53:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\admin\Anwendungsdaten\Temp
[2012/01/21 11:30:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\admin\Anwendungsdaten\Thunderbird
[2012/08/08 05:01:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\admin\Anwendungsdaten\TuneUp Software
[2014/01/25 11:22:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\admin\Anwendungsdaten\uTorrent
[2012/08/11 05:02:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\TuneUp Software
[2014/06/08 10:11:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\7EA166D0527A2965CEFC40F8DD94EBBB
[2013/01/17 07:29:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ASGVIS
[2012/12/22 06:37:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avery
[2013/09/18 08:16:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Babylon
[2012/11/13 06:24:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Canneverbe Limited
[2012/06/26 10:17:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ccuuimdifndyjwg
[2012/08/08 05:00:40 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Common Files
[2013/01/03 06:39:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Downloaded Installations
[2013/04/23 13:20:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\GARMIN
[2014/03/25 13:06:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\HSETU
[2012/01/21 13:42:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\IMSIDesign
[2013/06/06 11:36:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Informatix
[2012/01/30 06:08:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\LightScribe
[2012/05/14 05:31:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MAGIX
[2013/09/18 03:26:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NovaStor
[2012/01/23 09:30:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\regid.1986-12.com.adobe
[2014/06/15 12:53:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RetroExp
[2012/11/08 12:43:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RiffMasterPro
[2013/02/18 04:07:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Samsung
[2013/07/18 07:40:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ScanSoft
[2014/06/15 13:06:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\STOPzilla!
[2012/01/22 12:04:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Syncrosoft
[2014/05/07 12:46:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP
[2013/02/01 12:54:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software
[2012/08/09 04:16:48 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
[2014/06/15 12:52:15 | 000,000,222 | ---- | M] () -- C:\WINDOWS\Tasks\Ende des Supports für Microsoft Windows XP –  Benachrichtigung – Anmeldung.job
[2014/06/08 10:09:09 | 000,000,216 | ---- | M] () -- C:\WINDOWS\Tasks\Ende des Supports für Microsoft Windows XP – Monatliche Benachrichtigung.job
[2014/06/07 06:00:00 | 000,000,484 | ---- | M] () -- C:\WINDOWS\Tasks\One-Click Tweak.job
 
========== Purity Check ==========
 
 
 
========== Files - Unicode (All) ==========
[2013/11/11 12:31:19 | 103,716,811 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\痾鋵嚔6
[2013/11/03 06:30:44 | 103,716,811 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\痾鋵嚔6
[2013/11/02 12:30:44 | 104,684,788 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\൅ւ嚔6
[2013/11/01 06:31:26 | 104,684,788 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\൅ւ嚔6
[2013/10/15 19:43:20 | 101,288,804 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\⯘嚔6
[2013/10/14 13:43:19 | 101,288,804 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\⯘嚔6
[2013/10/14 07:43:19 | 100,857,291 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\놄豭嚔6
[2013/10/11 01:43:19 | 100,857,291 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\놄豭嚔6
[2013/10/09 13:34:36 | 100,163,860 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\�붫嚔6
[2013/10/04 01:34:39 | 100,163,860 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\�붫嚔6
[2013/09/29 13:29:30 | 098,466,785 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\�ᕢ嚔6
[2013/09/16 13:28:31 | 098,466,785 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\�ᕢ嚔6
[2013/09/16 07:28:38 | 097,757,658 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\ᯂ෴嚔6
[2013/09/14 13:28:30 | 097,757,658 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\ᯂ෴嚔6
[2013/09/08 07:25:35 | 096,559,285 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\鄹럅嚔6
[2013/09/05 01:25:44 | 096,559,285 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\鄹럅嚔6
[2013/08/30 22:19:20 | 095,070,807 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\풅챇嚔6
[2013/08/26 04:19:31 | 095,070,807 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\풅챇嚔6
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 158 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:4ADAD6C6
@Alternate Data Stream - 145 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:F34493AA
< End of report >
         
Extras
Code:
ATTFilter
OTL Extras logfile created on: 6/17/2014 12:47:39 PM - Run 
OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 89.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 97.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 139.73 Gb Total Space | 19.29 Gb Free Space | 13.80% Space Free | Partition Type: NTFS
Drive D: | 3.76 Gb Total Space | 1.59 Gb Free Space | 42.39% Space Free | Partition Type: FAT32
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet002
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htafile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"5985:TCP" = 5985:TCP:*:Disabled:Windows-Remoteverwaltung 
"80:TCP" = 80:TCP:*:Disabled:Windows-Remoteverwaltung - Kompatibilitätsmodus (HTTP eingehend) 
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\Google\Google SketchUp 8\SketchUp.exe" = C:\Programme\Google\Google SketchUp 8\SketchUp.exe:*:Enabled:SketchUp Application -- (Trimble Navigation Limited)
"C:\Programme\Google\Google SketchUp 8\Plugins\SU_Podium_V2\programs\OOPR.exe" = C:\Programme\Google\Google SketchUp 8\Plugins\SU_Podium_V2\programs\OOPR.exe:*:Enabled:OOPR -- ()
"C:\Programme\uTorrent\uTorrent.exe" = C:\Programme\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent Inc.)
"C:\Programme\Iomega\Discovery Tool Home\Discovery Tool Home\Discovery Home.exe" = C:\Programme\Iomega\Discovery Tool Home\Discovery Tool Home\Discovery Home.exe:*:Enabled:Discovery Home -- ()
"C:\WINDOWS\system32\muzapp.exe" = C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player -- (Musiccity Co.Ltd.)
"C:\Programme\BUFFALO\NASNAVI\NasNavi.exe" = C:\Programme\BUFFALO\NASNAVI\NasNavi.exe:*:Enabled:BUFFALO NASNavigator2 -- (BUFFALO INC.)
"C:\Programme\Next Limit\Maxwell 2\maxwell.exe" = C:\Programme\Next Limit\Maxwell 2\maxwell.exe:*:Enabled:maxwell
"C:\Programme\Google\Google SketchUp 8\LayOut\LayOut.exe" = C:\Programme\Google\Google SketchUp 8\LayOut\LayOut.exe:*:Enabled:LayOut -- (Trimble Navigation Limited)
"C:\Programme\Java\jre7\bin\javaw.exe" = C:\Programme\Java\jre7\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Oracle Corporation)
"C:\Programme\Java\jre7\bin\java.exe" = C:\Programme\Java\jre7\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Oracle Corporation)
"C:\Programme\PANDORA.TV\PanService\KMPProcess.exe" = C:\Programme\PANDORA.TV\PanService\KMPProcess.exe:*:Enabled:KMPProcess
"C:\Programme\PANDORA.TV\PanService\PandoraService.exe" = C:\Programme\PANDORA.TV\PanService\PandoraService.exe:*:Enabled:PandoraService
"G:\Stick-Verein\99_Tools\TeamViewer\Version4\TeamViewer.exe" = G:\Stick-Verein\99_Tools\TeamViewer\Version4\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application
"C:\Dokumente und Einstellungen\admin\Anwendungsdaten\Dropbox\bin\Dropbox.exe" = C:\Dokumente und Einstellungen\admin\Anwendungsdaten\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox -- (Dropbox, Inc.)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{511DE7EA-AA68-4D7A-A2E3-0E7B5186B822}" = CorelDRAW Graphics Suite X6
"_{B92076C0-C5FE-4DB1-AA8D-855430CDF098}" = Corel Graphics - Windows Shell Extension
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{0084B0C3-F376-42E3-804A-885D249282BD}" = CorelDRAW Graphics Suite X6 - IPM
"{01B4AC8E-6D83-44B3-958D-2AFE57BE54DB}" = Brother MFL-Pro Suite MFC-6490CW
"{01E9B2FF-DAF4-4529-9CC9-2101625517C7}" = nero.prerequisites.msi
"{028ED9C4-25EE-4DEE-9CF4-91034BC89B18}" = Microsoft SQL Server 2005 Express Edition (RELAXEXPRESS)
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{034DCAF9-96E7-4936-9A07-712F80B5181E}" = Nero RescueAgent 11
"{04E7BAD6-4E65-428D-AB70-DD73978BEEA5}" = DWGExport
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{07629207-FAA0-4F1A-8092-BF5085BE511F}" = Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)
"{088348F9-1E7B-4269-A6A2-621FEC00DBB7}" = Iomega Discovery Tool Home
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0DD140D3-9563-481E-AA75-BA457CBDAEF2}" = PC Inspector File Recovery
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{0F547B3D-8347-4262-AB2C-2F49BB716DA8}" = NovaBACKUP
"{0F608795-320D-40A8-9D29-7ECFF34E6CD2}" = COSOBA AVA.relax
"{11D3EF85-63E1-4AE4-A7C1-9241BDB16B51}" = Nero ControlCenter 11
"{169ADA4A-8079-4CD8-8E20-030B1A54E552}" = CorelDRAW Graphics Suite X6 - DE
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1D1D8ADC-BF08-4E61-9393-5FA305B16864}" = Microsoft SQL Server Native Client
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{25D69CEE-3EE2-47FD-9A0E-5013240EC953}" = CorelDRAW Graphics Suite X6 - Common
"{26A24AE4-039D-4CA4-87B4-2F83216035FF}" = Java(TM) 6 Update 35
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
"{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime
"{2BC2781A-F7F6-452E-95EB-018A522F1B2C}" = PaperPort Image Printer
"{318FF3D7-0C40-483B-AF92-AF36416B0AC6}" = CorelDRAW Graphics Suite X6 - Writing Tools
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E8A20E1-223F-11E2-9116-B8AC6F98CCE3}" = Google Earth
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.9
"{511DE7EA-AA68-4D7A-A2E3-0E7B5186B822}" = CorelDRAW Graphics Suite X6 - Setup Files
"{53F7746A-96AA-49A5-86B8-59989680DAC5}" = Nero Burning ROM 11 Help (CHM)
"{57597E5C-C2BB-4244-873A-BE4FA51A98FC}" = TurboCAD Professional 18
"{579CA850-B2C3-43F3-A3F6-3A0AE42E8225}" = CorelDRAW Graphics Suite X6 - FontNav
"{5B079F85-A24D-4642-BF1A-32D5A6B3A003}" = calibre
"{5C759B74-34F4-43C6-A5D9-039CB754C5E9}" = Microsoft SQL Server VSS Writer
"{5D652EC3-8AC0-41E7-B337-162BC7B01148}" = Retrospect Express HD 2.0
"{603C6570-2BA1-4FC6-8735-7EFA6D1F6F61}" = CorelDRAW Graphics Suite X6 - Custom Data
"{62BEC144-7029-4BF4-B3F2-FA231FB9F84B}" = CorelDRAW Graphics Suite X6 - Redist
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{65AD9BEA-0BDE-4B88-97B1-49D1D7BF0C08}" = HSETU Gebäudeprofi Plus 3D
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{65F9E1F3-A2C1-4AA9-9F33-A3AEB0255F0E}" = Garmin USB Drivers
"{69B6B9E1-A5DF-3177-2B1D-3B672F29EF86}" = Adobe Captivate Quiz Results Analyzer
"{6D0B1882-C8D3-4BE3-ADD4-A5F208E24AE4}" = Renditioner Pro 2
"{6F53FB68-6620-423E-B7CD-B8205655B421}" = CorelDRAW Graphics Suite X6 - PHOTO-PAINT
"{71401465-5DAD-4E95-BCFC-B13DFDD9771E}" = Garmin City Navigator Europe NT 2012.30 Update
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74FA94F1-9566-4252-9372-E7EAFFEFE209}" = CorelDRAW Graphics Suite X6 - Capture
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{76DAEC83-AF7B-333C-8A53-83D7C7D39199}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime Language Pack - DEU
"{771891C5-F95C-457F-B733-01E7DA938A5C}" = MAGIX Web Designer 7 Premium
"{7A2FF332-E4F6-4D87-9EBD-EDFF1216490F}" = CorelDRAW Graphics Suite X6 - Filters
"{7A8FF745-BBC5-482B-88E4-18D3178249A9}" = ScanSoft PaperPort 11
"{7CCD75BD-5528-4FE1-90D2-392D661A2BF1}" = CorelDRAW Graphics Suite X6 - VSTA
"{7F9F6864-8CAB-440C-AF44-030D0135666D}" = CorelDRAW Graphics Suite X6
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8432FFD1-6F4D-F9B8-D641-5932E60359A2}" = Adobe Captivate Reviewer
"{877C2D3D-91A7-462A-8607-C1C6B65BC5D2}}_is1" = Raylectron version 2.65 / 32bit
"{879E2460-18F9-48F2-B736-4E814A699504}" = CorelDRAW Graphics Suite X6 - VBA
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C9B6B1F-0A8E-402A-A60C-110BBB38D67E}" = Intel(R) Network Connections 15.7.176.0
"{8E87B944-4815-3C5E-947F-5035C9F64362}" = Microsoft Visual Studio Tools for Applications 2.0 Language Pack - DEU
"{8F61AD44-0FCC-40FF-8C6D-AB6A3700EBFE}" = Piranesi
"{90120000-0010-0407-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders  (German) 12
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-0070-0000-0000-4000000FF1CE}" = Microsoft Visual Basic for Applications 7.1 (x86)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{909B62B0-8ACA-4061-A83B-09CAEF609619}" = MSXML 6.0 Parser
"{90FF23FE-0E1B-40DF-A22E-B4C0372E5936}" = Iomega Product Registration
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{99052DB7-9592-4522-A558-5417BBAD48EE}" = Microsoft ActiveSync
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9EF200A3-1CAC-462E-990B-EC902279BAAA}" = Microsoft Visual Basic for Applications 7.1 (x86) German
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A3553CAE-9AB6-4700-8289-516367D01B83}" = NAS Data Recovery
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{AC76BA86-1033-F400-7761-000000000004}" = Adobe Acrobat 9 Pro Extended - English, Français, Deutsch
"{AC76BA86-1033-F400-7761-000000000004}{AC76BA86-1033-F400-7761-000000000004}" = Adobe Acrobat 9 Pro Extended - English, Français, Deutsch
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.02) - Deutsch
"{AF549236-6258-4AC6-A043-5B5B89C6EB61}" = SpyHunter
"{AFBAB9A0-DDE8-49AE-8C17-A01B61BEE64B}" = Garmin MapSource
"{B165F04F-91B6-45C8-B58C-974EF0C162F6}" = HSETU Gebäudeprofi 2012
"{B1846721-A8E6-46C7-83B6-0DCF7ADB4267}" = Nero Burning ROM 11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 310.90
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 310.90
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 136.53
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 310.90
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{B92076C0-C5FE-4DB1-AA8D-855430CDF098}" = Corel Graphics - Windows Shell Extension
"{BBAAAD82-6242-420F-86D4-BD72BB5E6C86}" = Tools für Microsoft SQL Server 2005 Express Edition
"{BCC57687-98A2-4C4C-B0F8-BC6B6F52D4E3}" = Retrospect Express HD 2.5
"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components 11
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2C284D2-6BD7-3B34-B0C5-B2CAED168DF7}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU
"{C314CE45-3392-3B73-B4E1-139CD41CA933}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU
"{C5262276-0075-498B-B80F-7D997482E4DB}" = CorelDRAW Graphics Suite X6 - Draw
"{C5E4D0D0-EACC-4013-B48D-C3F104F21DCD}" = StarOffice 9
"{CADE1721-0AE3-4FE9-B37F-CF98CA42A14F}" = Borland Database Engine
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D01CE99A-8802-483C-A79F-298B691EB432}" = Nero RescueAgent 11 Help (CHM)
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D4A17D31-2F7B-4682-AD57-467021452909}" = CorelDRAW Graphics Suite X6 - Photozoom Plugin
"{D4D66270-9147-4BDF-9946-FCA2B303AA8F}" = Nero ControlCenter 11 Help (CHM)
"{D4EFC6B7-3DA5-400D-9682-9BE287A5440E}" = CorelDRAW Graphics Suite X6 - Connect
"{D6FC1D0B-791D-466E-B723-0F86938EFB4B}" = SketchUp Pro 8
"{D710B44F-D466-4934-9901-E09B7BAF11FF}" = ArCon Eleco +2009
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DDFEB503-D662-4224-82C9-37A5698FDC25}" = CorelDRAW Graphics Suite X6 - VideoBrowser
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E3526223-E4B1-444D-8139-8A3D4499B8DF}" = Piranesi 2010 Pro
"{E36E864B-BFB6-440A-9A23-2B0BEDE59A92}" = MultiScreen
"{E672B535-F7CF-4F67-B5F9-A7D21465FD62}" = HSETU Gebäudeprofi 2012
"{EFE4AB7D-4E94-441B-9A86-98E69E37567B}" = Nero Burning ROM 11
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F82C6574-AD88-4B40-A432-970BC77F1BD2}" = DesignPro 5
"49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (06/03/2009 2.3.0.0)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 13 Plugin
"AdobeCaptivateReviewer2.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1" = Adobe Captivate Reviewer
"AnyDVD" = AnyDVD
"Avira AntiVir Desktop" = Avira Free Antivirus
"B991B020-2968-11D8-AF23-444553540000_is1" = FreeMind
"BroadGun pdfMachine" = BroadGun pdfMachine
"CCleaner" = CCleaner
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"Click'N Design 3D for AfterBurner(tm) (V5)" = Click'N Design 3D for AfterBurner(tm) (V5)
"CloneCD" = CloneCD
"CloneDVD2" = CloneDVD2
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Digital Editions" = Adobe Digital Editions
"ECOTECH-Bauteilrechner" = ECOTECH-Bauteilrechner
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FileZilla Client" = FileZilla Client 3.5.3
"foobar2000" = foobar2000 v1.1.15
"Greenshot_is1" = Greenshot
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{8F61AD44-0FCC-40FF-8C6D-AB6A3700EBFE}" = Piranesi 4
"InstallShield_{F82C6574-AD88-4B40-A432-970BC77F1BD2}" = DesignPro 5
"IrfanView" = IrfanView (remove only)
"IsoBuster_is1" = IsoBuster 2.7
"MAGIX_MSI_Web_Designer_7_Premium" = MAGIX Web Designer 7 Premium
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox 29.0.1 (x86 de)" = Mozilla Firefox 29.0.1 (x86 de)
"Mozilla Thunderbird 24.5.0 (x86 de)" = Mozilla Thunderbird 24.5.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NovaBACKUP" = NovaBACKUP
"QuizResultsAnalyzer.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1" = Adobe Captivate Quiz Results Analyzer
"Recuva" = Recuva
"SU Podium V2_is1" = SU Podium V2 2.7
"Syncrosoft License Control" = Syncrosoft Lizenz Kontrolle
"The KMPlayer" = The KMPlayer (remove only)
"UN060501" = BUFFALO NAS Navigator2
"UN090415" = BUFFALO LinkStation(LS-CHL) Setup Guide
"uTorrent" = µTorrent
"VLC media player" = VLC media player 2.1.3
"WET7Cable" = Windows-EasyTransfer
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows Mobile Device Handbook" = Windows Mobile®-Gerätehandbuch
"WinGimp-2.0_is1" = GIMP 2.6.12
"WinRAR archiver" = WinRAR 4.00 beta 7 (32-bit)
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\admin_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"MyFreeCodec" = MyFreeCodec
 
< End of report >
         

Alt 20.06.2014, 23:32   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
GVU/BKA Trojaner-Problem - Standard

GVU/BKA Trojaner-Problem



Hallo und

Lesestoff:
Windows XP

Auf deinem Rechner läuft noch Windows XP. Microsoft hat dieses Betriebssystem bereits 2001 veröffentlicht und stellt den Support endgültig ab April 2014 ein, d.h. ab Mai 2014 gibt es keine weiteren Updates mehr und danach gefundene Lücken werden nicht mehr durch Updates/Hotfixes geschlossen werden können.

Mit Windows XP nach April 2014 zu surfen wird damit ein großes Sicherheitsrisiko. Du solltest dir jetzt unbedingt Gedanken machen, möglichst schnell auf ein aktuelleres Betriebssystem umzusteigen.
__________________

__________________

Alt 23.06.2014, 16:40   #3
wok
 
GVU/BKA Trojaner-Problem - Standard

GVU/BKA Trojaner-Problem



Ja ist mir bewußt sobald ich meinen Rechner wieder benutzen kann, wird alles gesichert und
auf neues Betriebssystem umgestellt.
Mfg.
Wolfgang
__________________

Alt 24.06.2014, 08:08   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
GVU/BKA Trojaner-Problem - Standard

GVU/BKA Trojaner-Problem



Hi,

wenn es nur ums Datensichern geht: die kannst du auch über OTLPE oder einem anderen Live-System sichern. Über OTLPE könntest du zB Drivesnapshot ausführen, ein Abbild der gesamten Platte erstellen und somit nichts an Daten vergessen.
__________________
Logfiles bitte immer in CODE-Tags posten

Antwort

Themen zu GVU/BKA Trojaner-Problem
.dll, antivir, avira, bho, desktop, einstellungen, error, esgscanner.sys, excel, explorer, firefox, flash player, format, hängen, mozilla, realtek, recuva, registry, rundll, security, sketchup, software, system, tcp, udp, virus, windows, windows xp



Ähnliche Themen: GVU/BKA Trojaner-Problem


  1. Trojaner-Warnung/PC-Problem: Liegt es an der Hardware oder an einem Trojaner-Problem?
    Plagegeister aller Art und deren Bekämpfung - 17.03.2015 (7)
  2. BKA-Trojaner Problem!
    Plagegeister aller Art und deren Bekämpfung - 11.09.2011 (5)
  3. gleiches Problem wie http://www.trojaner-board.de/99057-das-system-hat-ein-problem-mit-einem-oder-me
    Plagegeister aller Art und deren Bekämpfung - 26.05.2011 (1)
  4. Firefox problem, Anti-banner problem, Flashplayer problem, Viren problem?
    Plagegeister aller Art und deren Bekämpfung - 03.10.2010 (11)
  5. Trojaner-Problem
    Plagegeister aller Art und deren Bekämpfung - 01.02.2010 (2)
  6. Trojaner Problem
    Log-Analyse und Auswertung - 10.01.2010 (3)
  7. Trojaner Problem
    Log-Analyse und Auswertung - 03.11.2008 (30)
  8. Trojaner Problem
    Log-Analyse und Auswertung - 17.10.2008 (35)
  9. Trojaner Problem
    Plagegeister aller Art und deren Bekämpfung - 03.03.2008 (4)
  10. trojaner problem
    Plagegeister aller Art und deren Bekämpfung - 02.01.2008 (14)
  11. Problem mit Trojaner?!
    Plagegeister aller Art und deren Bekämpfung - 11.12.2007 (0)
  12. Problem mit Trojaner?!
    Log-Analyse und Auswertung - 28.04.2006 (12)
  13. Problem - > Trojaner ? :/
    Plagegeister aller Art und deren Bekämpfung - 24.04.2006 (1)
  14. Trojaner Problem
    Log-Analyse und Auswertung - 21.12.2005 (1)
  15. Problem mit Trojaner
    Plagegeister aller Art und deren Bekämpfung - 19.12.2005 (10)
  16. trojaner problem
    Plagegeister aller Art und deren Bekämpfung - 07.02.2005 (8)
  17. Problem mit Trojaner
    Plagegeister aller Art und deren Bekämpfung - 28.06.2004 (4)

Zum Thema GVU/BKA Trojaner-Problem - Guten Abend! Ich habe mir leider auch einen Virus eingefangen, GVU/BKA Version Österreich. Mein System ist xp, 32 Bit. Kein Start möglich, auch micht im abdesicherten Modus, da startet der - GVU/BKA Trojaner-Problem...
Archiv
Du betrachtest: GVU/BKA Trojaner-Problem auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.