| |
| |||||||
Log-Analyse und Auswertung: Windows Verschlüsselungs Trojaner -.-Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
02.05.2012, 18:35
| #1 |
 |  Windows Verschlüsselungs Trojaner -.- Hi, so also nachdem meine Mutter diese dubiose E-Mail erhalten hat, musste Sie natürlich auch den Anhang direkt öffnen. Bekannt ist ja was nun geschieht beim starten kommt diese Meldund von wegen man müsste das Geld bezahlen um weiter zukommen. Ich habe die OTLP Cd gebrannt und grade schonmal auf Ihrem Laptop zum laufen bekommen und hoffe derweil das es alles gut geht. I.eine Idee wie lange der Durchlauf ungefähr braucht ? Der hängt derzeit bei: Manual File Scan - Getting folder structure Und wenn ich die OTLP exe starte fragt er mich nur nach  o you wish to load remote user profile(s) for scanning und die Frage nach: Do you wish to load the remote registry fällt weg.Wenn ich danach den Hacken bei Automatically Load All Remaining Users wegmache, muss ich ja trzdm eines von mir 4 angezeigten Profilen nehmen oder ? ---------------------------- So Edit:  und übrigens super Forum und nette Hilfe alleine wäre ich kein bisschen weiter gekommen mit dem Trojaner  habe alles hinbekommen und nachdem ich jz einfach nichts in die Textbox geschrieben habe is der Scan erfolgreich gewesen. Nun bekomme ich folgende log Datei:OTL Logfile: Code:
ATTFilter OTL logfile created on: 5/2/2012 8:46:23 PM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Windows Vista (TM) Home Premium Service Pack 1 (Version = 6.0.6001) - Type = System
Internet Explorer (Version = 8.0.6001.19088)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 86.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 96.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 278.32 Gb Total Space | 112.42 Gb Free Space | 40.39% Space Free | Partition Type: NTFS
Drive E: | 19.76 Gb Total Space | 6.69 Gb Free Space | 33.88% Space Free | Partition Type: FAT32
Drive F: | 3.73 Gb Total Space | 3.58 Gb Free Space | 95.82% Space Free | Partition Type: FAT32
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
========== Win32 Services (SafeList) ==========
SRV - [2012/04/25 04:48:58 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/03/12 13:02:26 | 000,918,880 | ---- | M] () [Auto] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe -- (vToolbarUpdater10.2.0)
SRV - [2012/02/10 05:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) [On_Demand] -- C:\Program Files\Microsoft\BingBar\7.1.361.0\SeaPort.EXE -- (BBUpdate)
SRV - [2012/02/10 05:28:06 | 000,193,816 | ---- | M] (Microsoft Corporation.) [Auto] -- C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.EXE -- (BBSvc)
SRV - [2012/02/09 06:59:08 | 001,529,152 | ---- | M] (TuneUp Software) [Auto] -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2009/05/15 15:36:50 | 000,251,184 | R--- | M] (BUFFALO INC.) [Auto] -- C:\Program Files\BUFFALO\NASNAVI\nassvc.exe -- (NasPmService)
SRV - [2009/03/23 06:09:26 | 000,603,904 | ---- | M] (TuneUp Software GmbH) [Auto] -- C:\Windows\System32\TUProgSt.exe -- (TuneUp.ProgramStatisticsSvc)
SRV - [2009/03/23 06:09:21 | 000,362,752 | ---- | M] (TuneUp Software GmbH) [On_Demand] -- C:\Windows\System32\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2008/11/07 06:37:38 | 000,027,904 | ---- | M] (TuneUp Software GmbH) [Auto] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
SRV - [2008/09/02 08:24:44 | 000,069,120 | ---- | M] (Google) [On_Demand] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe -- (GoogleDesktopManager)
SRV - [2008/08/29 14:11:38 | 002,180,392 | ---- | M] () [Auto] -- C:\Program Files\EgisTec\VITAKEY\BASVC.exe -- (IGBASVC)
SRV - [2008/08/04 10:45:56 | 000,304,688 | ---- | M] () [Auto] -- C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe -- (MWLService)
SRV - [2008/02/28 12:07:14 | 001,801,216 | ---- | M] (Buhl Data Service GmbH) [Auto] -- C:\Program Files\Sceneo\AbsolutTV\Services\PVR\pvrservice.exe -- (srvcPVR)
SRV - [2008/01/20 22:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/06/05 07:20:32 | 000,177,704 | ---- | M] () [Auto] -- C:\Windows\System32\PSIService.exe -- (ProtexisLicensing)
SRV - [2001/11/12 07:31:48 | 000,020,480 | ---- | M] (X10) [Auto] -- C:\Program Files\Common Files\X10\Common\X10nets.exe -- (x10nets)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand] -- -- (WtSmpFlt)
DRV - File not found [Kernel | On_Demand] -- -- (wtsmpadap)
DRV - File not found [Kernel | On_Demand] -- -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand] -- -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand] -- -- (KUSBusByTCPMasterBus)
DRV - File not found [Kernel | On_Demand] -- -- (IpInIp)
DRV - [2012/02/09 06:48:24 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand] -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2008/08/28 08:27:57 | 000,066,856 | ---- | M] () [Kernel | Boot] -- C:\Windows\System32\drivers\FPWinIo.sys -- (FPWinIo)
DRV - [2008/08/28 08:27:45 | 000,026,920 | ---- | M] (LTT) [Kernel | Auto] -- C:\Windows\System32\drivers\FPSensor.sys -- (FPSensor) LTT-Corp Fingerprint Reader Driver (FPSensor.sys)
DRV - [2008/08/07 22:15:00 | 007,555,136 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008/08/06 10:26:08 | 000,124,928 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2008/08/05 18:59:26 | 000,044,576 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2008/08/04 10:46:06 | 000,059,952 | ---- | M] (Egis Incorporated.) [Kernel | Auto] -- C:\Windows\System32\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV - [2008/08/04 10:46:04 | 000,019,504 | ---- | M] (Egis Incorporated.) [File_System | Auto] -- C:\Windows\System32\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV - [2008/08/04 10:46:04 | 000,016,432 | ---- | M] (Egis Incorporated.) [Kernel | Auto] -- C:\Windows\System32\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV - [2008/07/10 05:12:56 | 001,753,984 | ---- | M] () [Kernel | On_Demand] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2008/06/18 11:04:34 | 000,026,760 | R--- | M] () [Kernel | On_Demand] -- C:\Windows\System32\drivers\swmsflt.sys -- (swmsflt)
DRV - [2008/04/28 00:29:26 | 003,658,752 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel(R)
DRV - [2008/03/17 05:05:30 | 000,101,632 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2007/07/31 05:58:18 | 000,908,896 | ---- | M] (NXP Semiconductors Germany GmbH) [Kernel | On_Demand] -- C:\Windows\System32\drivers\PhilCap.sys -- (PhilCap)
DRV - [2007/03/09 21:33:50 | 000,882,432 | ---- | M] () [Kernel | On_Demand] -- C:\Windows\System32\drivers\mosuport.sys -- (mosuport)
DRV - [2006/11/30 09:18:18 | 000,027,416 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\x10ufx2.sys -- (XUIF)
DRV - [2006/11/17 04:31:04 | 000,013,976 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\x10hid.sys -- (X10Hid)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Welcome to ALDI
IE - HKLM\..\URLSearchHook: {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Program Files\Softonic_Deutsch\tbSoft.dll (Conduit Ltd.)
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\dagmar_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Welcome to ALDI
IE - HKU\dagmar_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://isearch.avg.com/?cid={7F78FFAE-8F3D-4E7C-BD38-57542C0788A8}&mid=0ad1e0af5fe847d1a9b264b9e522cff8-244949e3879da9d0fd68234c09e98073b34560dc&lang=de&ds=tt015&pr=sa&d=2012-03-09 12:20:46&v=8.0.0.34&sap=hp
IE - HKU\dagmar_ON_C\Software\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\dagmar_ON_C\..\URLSearchHook: {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Program Files\Softonic_Deutsch\tbSoft.dll (Conduit Ltd.)
IE - HKU\dagmar_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\dagmar_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\System32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\System32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/04/25 04:48:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/11/03 20:52:38 | 000,000,000 | ---D | M]
[2008/11/17 17:31:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\dagmar\AppData\Roaming\Mozilla\Extensions
[2012/05/02 11:37:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\dagmar\AppData\Roaming\Mozilla\Firefox\Profiles\r3o3ieey.default\extensions
[2012/05/02 11:37:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\dagmar\AppData\Roaming\Mozilla\Firefox\Profiles\r3o3ieey.default\extensions\avg@toolbar
[2011/05/28 07:04:03 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\dagmar\AppData\Roaming\Mozilla\Firefox\Profiles\r3o3ieey.default\extensions\engine@conduit.com
[2011/11/12 10:46:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) --
[2008/12/11 11:25:57 | 000,000,000 | ---D | M] (PDFCreator Toolbar) -- C:\PROGRAM FILES\PDFCREATOR TOOLBAR\V3.3.0.1\FIREFOX
File not found (No name found) -- C:\USERS\DAGMAR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\R3O3IEEY.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2012/04/25 04:48:58 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/05/03 22:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012/02/24 10:47:04 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012/03/12 13:02:22 | 000,003,768 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
[2012/02/24 10:47:04 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/02/24 10:47:04 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012/02/24 10:47:04 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012/02/24 10:47:04 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012/02/24 10:47:04 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2006/09/18 17:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Bing Bar Helper) - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Softonic Deutsch Toolbar) - {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Program Files\Softonic_Deutsch\tbSoft.dll (Conduit Ltd.)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O2 - BHO: (PDFCreator Toolbar Helper) - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll ()
O3 - HKLM\..\Toolbar: (PDFCreator Toolbar) - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll ()
O3 - HKLM\..\Toolbar: (Softonic Deutsch Toolbar) - {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Program Files\Softonic_Deutsch\tbSoft.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (Bing Bar) - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O3 - HKU\dagmar_ON_C\..\Toolbar\WebBrowser: (PDFCreator Toolbar) - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll ()
O3 - HKU\dagmar_ON_C\..\Toolbar\WebBrowser: (Softonic Deutsch Toolbar) - {8DBB6D8E-E4A6-4E3B-9753-AF78B226441C} - C:\Program Files\Softonic_Deutsch\tbSoft.dll (Conduit Ltd.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [iTunesHelper] File not found
O4 - HKLM..\Run: [mwlDaemon] C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (EgisTec Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [VitaKeyPdtWzd] C:\Program Files\EgisTec\VITAKEY\PdtWzd.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
O4 - HKU\dagmar_ON_C..\Run: [B2971A31] C:\Users\dagmar\AppData\Roaming\Nmtgqpxlyn\321BFD41B2971A315607.exe ()
O4 - HKU\dagmar_ON_C..\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.)
O4 - HKU\LocalService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\NetworkService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - File not found
O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - File not found
O9 - Extra Button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\EgisTec\VITAKEY\PwdBank.exe (Egis Technology Inc.)
O9 - Extra 'Tools' menuitem : Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\EgisTec\VITAKEY\PwdBank.exe (Egis Technology Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {44C1E3A2-B594-401C-B27A-D1B4476E4797} https://juwelvpn.dyndns.org/XTSAC.cab (XTSAC Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\10.2.0\ViProtocol.dll ()
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper:
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2008/08/21 11:50:32 | 000,000,672 | RH-- | M] () - E:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{046213fa-6c74-11de-aa7f-0016ead6b5d6}\Shell - "" = AutoRun
O33 - MountPoints2\{046213fa-6c74-11de-aa7f-0016ead6b5d6}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{0462140a-6c74-11de-aa7f-0016ead6b5d6}\Shell - "" = AutoRun
O33 - MountPoints2\{0462140a-6c74-11de-aa7f-0016ead6b5d6}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{04621416-6c74-11de-aa7f-00ade1ac1c1a}\Shell - "" = AutoRun
O33 - MountPoints2\{04621416-6c74-11de-aa7f-00ade1ac1c1a}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{0462143c-6c74-11de-aa7f-00ade1ac1c1a}\Shell - "" = AutoRun
O33 - MountPoints2\{0462143c-6c74-11de-aa7f-00ade1ac1c1a}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{091292ec-75e8-11de-929e-001f1609bb94}\Shell - "" = AutoRun
O33 - MountPoints2\{091292ec-75e8-11de-929e-001f1609bb94}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{09129313-75e8-11de-929e-001f1609bb94}\Shell - "" = AutoRun
O33 - MountPoints2\{09129313-75e8-11de-929e-001f1609bb94}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{247c9e8a-75e6-11de-b01a-001f1609bb94}\Shell - "" = AutoRun
O33 - MountPoints2\{247c9e8a-75e6-11de-b01a-001f1609bb94}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{247c9e8c-75e6-11de-b01a-001f1609bb94}\Shell - "" = AutoRun
O33 - MountPoints2\{247c9e8c-75e6-11de-b01a-001f1609bb94}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{24ac7b4b-2351-11de-8f4c-001f1609bb94}\Shell - "" = AutoRun
O33 - MountPoints2\{24ac7b4b-2351-11de-8f4c-001f1609bb94}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{24ac7b71-2351-11de-8f4c-001f1609bb94}\Shell - "" = AutoRun
O33 - MountPoints2\{24ac7b71-2351-11de-8f4c-001f1609bb94}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{24ac7b76-2351-11de-8f4c-001f1609bb94}\Shell - "" = AutoRun
O33 - MountPoints2\{24ac7b76-2351-11de-8f4c-001f1609bb94}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{24ac7b79-2351-11de-8f4c-001f1609bb94}\Shell - "" = AutoRun
O33 - MountPoints2\{24ac7b79-2351-11de-8f4c-001f1609bb94}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{24ac7ba2-2351-11de-8f4c-001f1609bb94}\Shell - "" = AutoRun
O33 - MountPoints2\{24ac7ba2-2351-11de-8f4c-001f1609bb94}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{4924f045-004e-11de-a894-001f1609bb94}\Shell - "" = AutoRun
O33 - MountPoints2\{4924f045-004e-11de-a894-001f1609bb94}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{4924f06b-004e-11de-a894-001f1609bb94}\Shell - "" = AutoRun
O33 - MountPoints2\{4924f06b-004e-11de-a894-001f1609bb94}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{544d06c8-76bd-11de-97ed-001f1609bb94}\Shell - "" = AutoRun
O33 - MountPoints2\{544d06c8-76bd-11de-97ed-001f1609bb94}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{8cd78866-7697-11de-ad7c-001f1609bb94}\Shell - "" = AutoRun
O33 - MountPoints2\{8cd78866-7697-11de-ad7c-001f1609bb94}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{90ed5b6d-00d2-11de-9db9-001f1609bb94}\Shell - "" = AutoRun
O33 - MountPoints2\{90ed5b6d-00d2-11de-9db9-001f1609bb94}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{a6b28f87-f289-11dd-8b3d-001f1609bb94}\Shell\AutoRun\command - "" = G:\Autorun.exe /run
O33 - MountPoints2\{a6b28f87-f289-11dd-8b3d-001f1609bb94}\Shell\Shell00\Command - "" = G:\Autorun.exe /run
O33 - MountPoints2\{a6b28f87-f289-11dd-8b3d-001f1609bb94}\Shell\Shell01\Command - "" = G:\Autorun.exe /action
O33 - MountPoints2\{a6b28f87-f289-11dd-8b3d-001f1609bb94}\Shell\Shell02\Command - "" = G:\Autorun.exe /uninstall
O33 - MountPoints2\{c8fda64f-75da-11de-870d-001f1609bb94}\Shell - "" = AutoRun
O33 - MountPoints2\{c8fda64f-75da-11de-870d-001f1609bb94}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{c8fda653-75da-11de-870d-8cd2572bbcd9}\Shell - "" = AutoRun
O33 - MountPoints2\{c8fda653-75da-11de-870d-8cd2572bbcd9}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{d3b5bed2-004b-11de-968b-001f1609bb94}\Shell - "" = AutoRun
O33 - MountPoints2\{d3b5bed2-004b-11de-968b-001f1609bb94}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{d3b5bf0e-004b-11de-968b-001f1609bb94}\Shell - "" = AutoRun
O33 - MountPoints2\{d3b5bf0e-004b-11de-968b-001f1609bb94}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2012/05/02 20:00:21 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/05/02 11:23:30 | 000,000,000 | ---D | C] -- C:\Users\dagmar\AppData\Roaming\Nmtgqpxlyn
[2012/04/30 13:10:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/04/30 13:09:53 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/04/30 13:08:46 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/04/30 10:41:13 | 000,000,000 | ---D | C] -- C:\Program Files\ABUS Security-Center
[2012/04/30 10:40:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABUS Security-Center
[2012/04/25 04:49:00 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2008/08/28 05:58:13 | 000,180,224 | ---- | C] ( ) -- C:\Windows\System32\rsnp2uvc.dll
[2008/08/28 05:58:13 | 000,176,128 | ---- | C] ( ) -- C:\Windows\System32\csnp2uvc.dll
========== Files - Modified Within 30 Days ==========
[2012/05/02 14:17:36 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/05/02 14:17:36 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/05/02 13:18:25 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/05/02 13:18:24 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012/05/02 13:17:57 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/05/02 13:17:56 | 000,000,502 | ---- | M] () -- C:\Windows\tasks\1-Klick-Wartung.job
[2012/05/02 12:15:00 | 000,000,438 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{103B65BD-4798-4CA0-9487-EB211B637804}.job
[2012/05/02 12:06:51 | 000,628,730 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012/05/02 12:06:51 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/05/02 12:06:51 | 000,126,454 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012/05/02 12:06:51 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/05/02 11:39:12 | 000,268,427 | ---- | M] () -- C:\Users\dagmar\Documents\locked-Scan0001.pdf.xdrz
[2012/05/02 11:38:39 | 000,253,774 | ---- | M] () -- C:\Users\dagmar\Documents\locked-Dennis Kruse2.jpg.dtfz
[2012/05/02 11:38:33 | 000,306,345 | ---- | M] () -- C:\Users\dagmar\Documents\locked-Bewerbung Rosalie Resl.pdf.kfyc
[2012/05/02 11:38:33 | 000,234,096 | ---- | M] () -- C:\Users\dagmar\Documents\locked-Anfahrt.jpg.onjs
[2012/05/02 11:32:56 | 000,000,153 | ---- | M] () -- C:\Users\dagmar\AppData\locked-default.pls.slzs
[2012/05/02 11:12:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/04/30 13:14:19 | 000,001,854 | ---- | M] () -- C:\Users\Public\Desktop\Safari.lnk
[2012/04/30 13:14:19 | 000,001,854 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Safari.lnk
[2012/04/30 13:14:19 | 000,001,854 | ---- | M] () -- C:\Users\dagmar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[2012/04/30 13:10:41 | 000,001,409 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/04/30 13:10:41 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/04/30 13:01:50 | 309,324,901 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/04/30 10:41:14 | 000,001,990 | ---- | M] () -- C:\Users\Public\Desktop\Installationsassistent2.lnk
[2012/04/30 10:41:13 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABUS Security-Center
[2012/04/30 10:40:37 | 000,000,637 | ---- | M] () -- C:\Users\Public\Desktop\ABUS IP-Installer.lnk
========== Files Created - No Company Name ==========
[2012/04/30 13:14:19 | 000,001,854 | ---- | C] () -- C:\Users\Public\Desktop\Safari.lnk
[2012/04/30 13:10:41 | 000,001,409 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/04/30 10:41:14 | 000,001,990 | ---- | C] () -- C:\Users\Public\Desktop\Installationsassistent2.lnk
[2012/04/30 10:40:37 | 000,000,637 | ---- | C] () -- C:\Users\Public\Desktop\ABUS IP-Installer.lnk
[2012/04/18 04:31:27 | 309,324,901 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011/10/14 12:34:17 | 000,882,432 | ---- | C] () -- C:\Windows\System32\drivers\mosuport.sys
[2011/10/14 12:34:17 | 000,278,528 | ---- | C] () -- C:\Windows\System32\MosUsbSerial.exe
[2011/10/14 12:34:17 | 000,262,144 | ---- | C] () -- C:\Windows\System32\MosUnst.exe
[2011/10/14 12:34:17 | 000,225,280 | ---- | C] () -- C:\Windows\System32\MosUSBParallel.exe
[2011/10/14 12:34:17 | 000,057,344 | ---- | C] () -- C:\Windows\System32\MosUSBSerPropPage.dll
[2011/10/14 12:34:17 | 000,053,248 | ---- | C] () -- C:\Windows\System32\MosUSBParPropPage.dll
[2011/10/14 12:34:17 | 000,028,672 | ---- | C] () -- C:\Windows\System32\dbgmsgcfg.dll
[2011/09/08 17:03:59 | 000,000,000 | ---- | C] () -- C:\Users\dagmar\AppData\Local\{8FAF1DC2-324B-4AF2-82C5-CF35492BC72C}
[2011/09/08 17:01:58 | 000,000,000 | ---- | C] () -- C:\Users\dagmar\AppData\Local\{1BF95C17-1E8B-437A-856E-3638C7E6FAEE}
[2011/09/08 06:20:28 | 000,000,153 | ---- | C] () -- C:\Users\dagmar\AppData\locked-default.pls.slzs
[2011/07/13 01:47:36 | 000,000,000 | ---- | C] () -- C:\Users\dagmar\AppData\Local\{E474D4A3-F08A-4D4E-8AD6-CFC429808E2E}
[2011/07/13 01:40:20 | 000,000,000 | ---- | C] () -- C:\Users\dagmar\AppData\Local\{0DA4FE39-CAAF-4DA3-ABDE-EAFB9154A010}
[2010/05/07 18:12:06 | 000,015,022 | ---- | C] () -- C:\Windows\UN060501.INI
[2010/03/15 14:45:06 | 000,285,216 | ---- | C] () -- C:\Windows\System32\drivers\Onsio.sys
[2009/10/19 14:36:48 | 000,004,366 | ---- | C] () -- C:\Windows\UN090928.INI
[2009/06/18 01:50:02 | 000,000,680 | ---- | C] () -- C:\Users\dagmar\AppData\Local\d3d9caps.dat
[2009/02/13 12:59:56 | 000,026,624 | ---- | C] () -- C:\Users\dagmar\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/02/10 12:39:55 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2009/02/04 03:05:26 | 000,004,592 | ---- | C] () -- C:\Users\dagmar\AppData\Roaming\wklnhst.dat
[2008/12/11 11:25:53 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2008/11/17 17:18:35 | 000,000,035 | ---- | C] () -- C:\Windows\Ulead32.INI
[2008/11/17 17:16:12 | 000,007,680 | ---- | C] () -- C:\Windows\System32\drivers\Onsreged.sys
[2008/09/02 07:45:19 | 000,127,184 | ---- | C] () -- C:\Windows\Unwise.exe
[2008/08/28 11:46:27 | 000,036,864 | ---- | C] () -- C:\Windows\System32\Hooks.dll
[2008/08/28 08:27:57 | 000,066,856 | ---- | C] () -- C:\Windows\System32\drivers\FPWinIo.sys
[2008/08/28 08:15:44 | 000,628,730 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008/08/28 08:15:44 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008/08/28 08:15:44 | 000,126,454 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008/08/28 08:15:44 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2008/08/28 08:02:32 | 000,299,008 | ---- | C] () -- C:\Windows\System32\midas.dll
[2008/08/28 08:02:32 | 000,120,320 | ---- | C] () -- C:\Windows\System32\UnzDll.dll
[2008/08/28 06:33:16 | 000,000,381 | ---- | C] () -- C:\Windows\WISO.INI
[2008/08/28 05:58:13 | 001,753,984 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2008/08/28 05:58:13 | 000,233,472 | ---- | C] () -- C:\Windows\tsnp2uvc.exe
[2008/08/28 05:58:13 | 000,028,672 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys
[2008/08/28 05:58:13 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini
[2008/08/28 05:35:46 | 000,119,296 | ---- | C] () -- C:\Windows\System32\VMC3KAPI.dll
[2008/08/28 04:31:15 | 000,002,828 | -HS- | C] () -- C:\Windows\System32\KGyGaAvL.sys
[2008/08/28 04:31:15 | 000,000,008 | RHS- | C] () -- C:\Windows\System32\29563E424B.sys
[2008/08/28 00:25:39 | 000,000,143 | ---- | C] () -- C:\Windows\RtDefLvl.ini
[2008/08/27 22:21:34 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2008/08/27 21:43:57 | 000,009,824 | ---- | C] () -- C:\Windows\System32\716xCoInstaller.dll
[2008/06/18 11:04:34 | 000,026,760 | R--- | C] () -- C:\Windows\System32\drivers\swmsflt.sys
[2008/01/20 22:24:14 | 000,100,043 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2007/06/05 07:20:32 | 000,177,704 | ---- | C] () -- C:\Windows\System32\PSIService.exe
[2006/11/02 08:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 08:47:37 | 000,430,176 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 08:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 06:33:01 | 000,595,996 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 06:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 06:33:01 | 000,104,070 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 06:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 06:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 04:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 04:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 03:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/11/02 03:22:43 | 000,018,271 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2003/02/20 12:53:42 | 000,005,702 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI
========== LOP Check ==========
[2008/11/13 06:58:41 | 000,000,000 | ---D | M] -- C:\Users\dagmar\AppData\Roaming\Buhl Data Service GmbH
[2012/03/12 19:11:28 | 000,000,000 | ---D | M] -- C:\Users\dagmar\AppData\Roaming\DataDesign
[2011/08/31 14:46:47 | 000,000,000 | ---D | M] -- C:\Users\dagmar\AppData\Roaming\NASNaviator2
[2012/05/02 11:23:30 | 000,000,000 | ---D | M] -- C:\Users\dagmar\AppData\Roaming\Nmtgqpxlyn
[2010/06/10 15:47:55 | 000,000,000 | ---D | M] -- C:\Users\dagmar\AppData\Roaming\OpenOffice.org
[2009/04/07 07:35:25 | 000,000,000 | ---D | M] -- C:\Users\dagmar\AppData\Roaming\Sierra Wireless
[2009/02/04 03:06:47 | 000,000,000 | ---D | M] -- C:\Users\dagmar\AppData\Roaming\Template
[2012/05/02 11:37:59 | 000,000,000 | ---D | M] -- C:\Users\dagmar\AppData\Roaming\TuneAid
[2012/03/09 07:19:54 | 000,000,000 | ---D | M] -- C:\Users\dagmar\AppData\Roaming\TuneUp Software
[2012/05/02 11:38:01 | 000,000,000 | ---D | M] -- C:\Users\dagmar\AppData\Roaming\UseNeXT
[2009/03/05 13:07:46 | 000,000,000 | ---D | M] -- C:\Users\dagmar\AppData\Roaming\WebCompiler2
[2011/08/10 06:53:46 | 000,000,000 | ---D | M] -- C:\Users\dagmar\AppData\Roaming\WindSolutions
[2012/05/02 13:17:56 | 000,000,502 | ---- | M] () -- C:\Windows\Tasks\1-Klick-Wartung.job
[2012/05/02 13:18:25 | 000,032,534 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012/05/02 12:15:00 | 000,000,438 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{103B65BD-4798-4CA0-9487-EB211B637804}.job
========== Purity Check ==========
< End of report >
Geändert von Sayri (02.05.2012 um 18:52 Uhr) |
| Themen zu Windows Verschlüsselungs Trojaner -.- |
| anhang, arten, avg secure search, avg security toolbar, beim starten, bezahlen, bingbar, brauch, conduit, direkt, dubiose, durchlauf, e-mail, erhalte, erhalten, geld, geschieht, hoffe, lange, laptop, laufen, locker, mywinlocker, natürlich, plug-in, remote user, schonmal, secure search, sierra, softonic, softonic deutsch toolbar, starte, starten, super, troja, trojaner, verschlüsselungs, version=1.0, vtoolbarupdater, windows |
Baum-Darstellung