Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
wie werde ich gvutrojaner endgültig los

wie werde ich gvutrojaner endgültig los


Log-Analyse und Auswertung: wie werde ich gvutrojaner endgültig los

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 24.07.2012, 14:36   #1
marlenmausi
 
wie werde ich gvutrojaner endgültig los - Standard

wie werde ich gvutrojaner endgültig los


hallo, ich habe den gvu-trojaner auf meinem pc, habe ihn jetzt 2mal wegbekommen (so das der pc wieder zu nutzen war) jedoch nicht endgültig, habe desshalb Malwarebytes Anti-Malware runtergeladen und den vollständigen suchlauf gestartet( so wie es auf euer seite bei trojanern empfohlen wird). ich bekomme die funde jedoch nicht in quarantäne und löschen soll man die anscheind nicht und so weiß ich jetzt nicht weiter.
die anweisungen aus dem netz so unterschiedlich und wiedersprüchlich das ich mich an euch wende
was kann ich tun um die funde endgültig loszuwerden ?
hier die funde:
3 mal trojan.agent.sz
1 mal trojan. ransom.gen

Malwarebytes Anti-Malware (Test) 1.62.0.1300
Malwarebytes : Free Anti-Malware download

Datenbank Version: v2012.07.24.04

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Toshiba :: TOSHIBA-PC [Administrator]

Schutz: Aktiviert

24.07.2012 00:35:24
mbam-log-2012-07-24 (02-57-21).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 285747
Laufzeit: 1 Stunde(n), 10 Minute(n), 27 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 5
C:\Users\Toshiba\AppData\Local\Temp\fest0r_ot.exe (Spyware.Zbot.DG) -> Keine Aktion durchgeführt.
C:\Users\Toshiba\AppData\Roaming\YBIcZ.exe (Trojan.Agent.SZ) -> Keine Aktion durchgeführt.
C:\Users\Toshiba\AppData\Roaming\Owze\elne.exe (Trojan.Agent.SZ) -> Keine Aktion durchgeführt.
C:\Users\Toshiba\AppData\Roaming\Umdau\koikb.exe (Trojan.Agent.SZ) -> Keine Aktion durchgeführt.
C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk (Trojan.Ransom.Gen) -> Keine Aktion durchgeführt.

(Ende)

OTL Funddatei:OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 24.07.2012 05:20:48 - Run 1
OTL by OldTimer - Version 3.2.54.1     Folder = C:\Users\Toshiba\Downloads
 Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Alemanha | Language: DEU | Date Format: dd.MM.yyyy
 
1,99 Gb Total Physical Memory | 0,63 Gb Available Physical Memory | 31,51% Memory free
3,98 Gb Paging File | 2,17 Gb Available in Paging File | 54,49% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 297,99 Gb Total Space | 171,29 Gb Free Space | 57,48% Space Free | Partition Type: NTFS
 
Computer Name: TOSHIBA-PC | User Name: Toshiba | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Toshiba\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Program Files\12Voip.com\12Voip\12voip.exe (12Voip)
PRC - C:\Program Files\VoipCheapCom.com\VoipCheapCom\voipcheapcom.exe (VoipCheapCom)
PRC - C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe ()
PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - c:\program files\avira\antivir desktop\avscan.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\ProgramData\DatacardService\HWDeviceService.exe ()
PRC - C:\ProgramData\DatacardService\DCSHelper.exe (Huawei Technologies Co., Ltd.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Toshiba TEMPRO\TemproTray.exe (Toshiba Europe GmbH)
PRC - C:\Program Files\Toshiba TEMPRO\TemproSvc.exe (Toshiba Europe GmbH)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Program Files\My Connection\BackgroundService\ModemListener.exe ()
PRC - C:\Program Files\My Connection\BackgroundService\ServiceManager.exe ()
PRC - C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
PRC - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe (TOSHIBA Corporation)
PRC - C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe (TOSHIBA CORPORATION)
PRC - C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
PRC - C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe (TOSHIBA CORPORATION)
PRC - C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe (TOSHIBA CORPORATION)
PRC - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
PRC - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
PRC - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Windows\ATK0100\HControl.exe ()
PRC - C:\Windows\ATK0100\ATKOSD.exe ()
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\6c59a14a23f734093e80d6093e25302a\Microsoft.VisualBasic.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\69ca4a43ba14b66689715ad62aed70e6\System.ServiceProcess.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\14a87218ea49639f38097e278b98a3da\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll ()
MOD - C:\Program Files\WinRAR\rarext.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files\My Connection\BackgroundService\ModemListener.exe ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnZ.dll ()
MOD - C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll ()
MOD - C:\Program Files\Toshiba\PCDiag\NotifyPCD.dll ()
MOD - C:\Windows\ATK0100\HControl.exe ()
MOD - C:\Windows\ATK0100\ATKOSD.exe ()
MOD - C:\Windows\ATK0100\CMSSC.dll ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (SBSDWSCService) -- C:\Program Files\Spybot File not found
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (Mobile Partner. RunOuc) -- C:\Program Files\Mobile Partner\UpdateDog\ouc.exe ()
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (HWDeviceService.exe) -- C:\ProgramData\DatacardService\HWDeviceService.exe ()
SRV - (TemproMonitoringService) -- C:\Program Files\Toshiba TEMPRO\TemproSvc.exe (Toshiba Europe GmbH)
SRV - (Alcatel Wave Modem Device Helper) -- C:\Program Files\My Connection\BackgroundService\ServiceManager.exe ()
SRV - (TosCoSrv) -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe (TOSHIBA Corporation)
SRV - (cfWiMAXService) -- C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe (TOSHIBA CORPORATION)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (ConfigFree Service) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (VGPU) -- System32\drivers\rdvgkmd.sys File not found
DRV - (hdbtqmlh) -- C:\Windows\system32\drivers\hdbtqmlh.sys File not found
DRV - (hcgrnfgs) -- C:\Windows\system32\drivers\hcgrnfgs.sys File not found
DRV - (gvcjpwat) -- C:\Windows\system32\drivers\gvcjpwat.sys File not found
DRV - (ewusbnet) -- system32\DRIVERS\ewusbnet.sys File not found
DRV - (ehydgusw) -- C:\Windows\system32\drivers\ehydgusw.sys File not found
DRV - (byxtwcco) -- C:\Windows\system32\drivers\byxtwcco.sys File not found
DRV - (afrxbtno) -- C:\Windows\system32\drivers\afrxbtno.sys File not found
DRV - (MBAMSwissArmy) -- C:\Windows\System32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (ewusbmbb) -- C:\Windows\System32\drivers\ewusbwwan.sys (Huawei Technologies Co., Ltd.)
DRV - (ew_hwusbdev) -- C:\Windows\System32\drivers\ew_hwusbdev.sys (Huawei Technologies Co., Ltd.)
DRV - (huawei_cdcacm) -- C:\Windows\System32\drivers\ew_jucdcacm.sys (Huawei Technologies Co., Ltd.)
DRV - (huawei_enumerator) -- C:\Windows\System32\drivers\ew_jubusenum.sys (Huawei Technologies Co., Ltd.)
DRV - (hwdatacard) -- C:\Windows\System32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira GmbH)
DRV - (RdpVideoMiniport) -- C:\Windows\System32\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation)
DRV - (tsusbhub) -- C:\Windows\System32\drivers\tsusbhub.sys (Microsoft Corporation)
DRV - (Synth3dVsc) -- C:\Windows\System32\drivers\Synth3dVsc.sys (Microsoft Corporation)
DRV - (dmvsc) -- C:\Windows\System32\drivers\dmvsc.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation)
DRV - (terminpt) -- C:\Windows\System32\drivers\terminpt.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (TsUsbGD) -- C:\Windows\System32\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV - (qcusbser) -- C:\Windows\System32\drivers\qcusbser.sys (TCT International Mobile Ltd)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (LSI Corp)
DRV - (RTL8187B) -- C:\Windows\System32\drivers\RTL8187B.sys (Realtek Semiconductor Corporation                           )
DRV - (RTL8023xp) -- C:\Windows\System32\drivers\Rtnicxp.sys (Realtek Semiconductor Corporation                           )
DRV - (MTsensor) -- C:\Windows\System32\drivers\ATKACPI.sys ()
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{758B870D-DF78-4A6A-9955-DEDDCACF94DC}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
IE - HKCU\..\SearchScopes\{758B870D-DF78-4A6A-9955-DEDDCACF94DC}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_265.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.07.23 07:22:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
 
[2012.07.23 07:23:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Toshiba\AppData\Roaming\mozilla\Extensions
[2012.07.23 07:41:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Toshiba\AppData\Roaming\mozilla\Firefox\Profiles\f84j3o2o.default\extensions
[2012.07.23 07:22:30 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2012.07.14 13:15:45 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.07.14 13:45:08 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.07.14 13:45:08 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.07.14 13:45:08 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.07.14 13:45:08 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.07.14 13:45:08 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.07.14 13:45:07 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: Google
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Toshiba\AppData\Local\Google\Chrome\Application\17.0.963.12\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_160.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Toshiba\AppData\Local\Google\Chrome\Application\17.0.963.12\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Toshiba\AppData\Local\Google\Chrome\Application\17.0.963.12\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java(TM) Platform SE 7 U2 (Enabled) = C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.3_0\
CHR - Extension: Google-Suche = C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\
CHR - Extension: Google Mail = C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2009.06.11 10:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Alcatel Wave ModemListener] C:\Program Files\My Connection\BackgroundService\ModemListener.exe ()
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [HControl] C:\Windows\ATK0100\HControl.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [SmoothView] C:\Program Files\Toshiba\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Toshiba TEMPRO] C:\Program Files\Toshiba TEMPRO\TemproTray.exe (Toshiba Europe GmbH)
O4 - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE (TOSHIBA Corporation)
O4 - HKCU..\Run: [12Voip] C:\Program Files\12Voip.com\12Voip\12voip.exe (12Voip)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [VoipCheapCom] C:\Program Files\VoipCheapCom.com\VoipCheapCom\voipcheapcom.exe (VoipCheapCom)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 10.2.0)
O16 - DPF: {CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 1.7.0_02)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 1.7.0_02)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3A586A4E-99EE-4D5F-83B2-69A26B7185BB}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7D14B121-EC73-4963-BFE3-A37D4EB6B5C5}: NameServer = 193.189.244.225 193.189.244.206
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{83099098-A9CB-40BB-8BAE-72CA576737C9}: NameServer = 193.189.244.225 193.189.244.206
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9E374959-AEBC-494C-BDC4-809687D7B5AA}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O22 - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\System32\DreamScene.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.11 10:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{26ecfcaa-a674-11e1-b547-001e8cfe129e}\Shell - "" = AutoRun
O33 - MountPoints2\{26ecfcaa-a674-11e1-b547-001e8cfe129e}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{26ecfcde-a674-11e1-b547-001e8cfe129e}\Shell - "" = AutoRun
O33 - MountPoints2\{26ecfcde-a674-11e1-b547-001e8cfe129e}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{ee762ba8-a7f7-11e1-b90f-001e8cfe129e}\Shell - "" = AutoRun
O33 - MountPoints2\{ee762ba8-a7f7-11e1-b90f-001e8cfe129e}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{f8971507-3877-11e1-bc1a-00164499a2d0}\Shell - "" = AutoRun
O33 - MountPoints2\{f8971507-3877-11e1-bc1a-00164499a2d0}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{f8971524-3877-11e1-bc1a-00164499a2d0}\Shell - "" = AutoRun
O33 - MountPoints2\{f8971524-3877-11e1-bc1a-00164499a2d0}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.07.24 00:32:58 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2012.07.23 07:45:59 | 000,000,000 | ---D | C] -- C:\papas kram
[2012.07.23 07:24:50 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\Macromedia
[2012.07.23 07:22:45 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Roaming\Mozilla
[2012.07.23 07:22:45 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\Mozilla
[2012.07.23 07:22:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012.07.23 07:22:32 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012.07.23 07:22:29 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012.07.23 05:43:12 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012.07.23 05:43:06 | 000,000,000 | ---D | C] -- C:\Windows\System32\appmgmt
[2012.07.22 12:15:21 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\Desktop\Terry_Pratchett__Der_fuenfte_Elefant
[2012.07.22 12:15:06 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\Desktop\Terry_Pratchett__Die_volle_Wahrheit
[2012.07.22 09:11:53 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Roaming\Malwarebytes
[2012.07.22 09:11:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.07.22 09:11:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.07.22 09:11:39 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.07.22 09:11:39 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.07.22 03:18:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2012.07.22 03:18:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012.07.22 03:18:03 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2012.07.22 03:15:24 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Roaming\Avira
[2012.07.22 03:12:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2012.07.22 03:12:42 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2012.07.22 03:12:39 | 000,137,928 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2012.07.22 03:12:39 | 000,083,392 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2012.07.22 03:12:39 | 000,036,000 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avkmgr.sys
[2012.07.22 03:12:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2012.07.22 03:12:37 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2012.07.11 19:24:33 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012.07.11 19:24:31 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012.07.11 19:24:30 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012.07.11 19:24:30 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012.07.11 19:24:28 | 001,800,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012.07.11 19:24:27 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012.07.11 19:24:26 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012.07.11 19:21:55 | 002,345,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012.07.11 19:00:07 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2012.07.11 19:00:03 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll
[2012.07.11 19:00:01 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdosys.dll
[2012.07.04 03:53:28 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.07.24 05:15:36 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.07.24 05:15:33 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.07.24 03:04:28 | 000,679,342 | ---- | M] () -- C:\Windows\System32\prfh0816.dat
[2012.07.24 03:04:28 | 000,654,166 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.07.24 03:04:28 | 000,616,008 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.07.24 03:04:28 | 000,133,752 | ---- | M] () -- C:\Windows\System32\prfc0816.dat
[2012.07.24 03:04:28 | 000,130,006 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.07.24 03:04:28 | 000,106,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.07.24 00:38:30 | 000,017,472 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.07.24 00:38:30 | 000,017,472 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.07.24 00:35:04 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2012.07.24 00:30:29 | 1603,723,264 | -HS- | M] () -- C:\hiberfil.sys
[2012.07.23 07:22:36 | 000,001,092 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.07.23 06:04:06 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012.07.23 05:01:40 | 000,308,224 | ---- | M] (Dacey Emyle Corkstown) -- C:\Users\Toshiba\AppData\Roaming\YBIcZ.exe
[2012.07.23 05:01:39 | 000,300,032 | ---- | M] (Giustina Douglass Coletta) -- C:\Users\Toshiba\AppData\Roaming\zSOJS.exe
[2012.07.23 05:01:38 | 000,001,891 | ---- | M] () -- C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk
[2012.07.22 09:11:41 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.07.22 03:18:37 | 000,001,220 | ---- | M] () -- C:\Users\Toshiba\Desktop\Spybot - Search & Destroy.lnk
[2012.07.22 03:12:57 | 000,002,016 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012.07.22 02:29:21 | 004,503,728 | ---- | M] () -- C:\ProgramData\to_r0tsef.pad
[2012.07.12 21:07:14 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012.07.12 21:07:14 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012.07.11 23:47:34 | 000,265,640 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.07.11 18:53:03 | 199,041,106 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012.07.08 20:06:21 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012.07.03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.06.28 02:47:07 | 004,503,728 | ---- | M] () -- C:\ProgramData\l_0_00_re.pad
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.07.23 07:22:36 | 000,001,104 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012.07.23 07:22:36 | 000,001,092 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.07.23 05:01:40 | 000,308,224 | ---- | C] () -- C:\Users\Toshiba\AppData\Roaming\YBIcZ.exe
[2012.07.23 05:01:39 | 000,300,032 | ---- | C] () -- C:\Users\Toshiba\AppData\Roaming\zSOJS.exe
[2012.07.23 05:01:38 | 000,001,891 | ---- | C] () -- C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk
[2012.07.22 09:11:41 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.07.22 03:18:37 | 000,001,220 | ---- | C] () -- C:\Users\Toshiba\Desktop\Spybot - Search & Destroy.lnk
[2012.07.22 03:12:57 | 000,002,016 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012.07.16 08:39:44 | 004,503,728 | ---- | C] () -- C:\ProgramData\to_r0tsef.pad
[2012.07.08 20:06:21 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012.06.28 02:27:11 | 004,503,728 | ---- | C] () -- C:\ProgramData\l_0_00_re.pad
[2012.02.11 01:45:00 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2012.01.05 23:37:42 | 000,175,616 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2012.01.05 23:37:35 | 004,078,592 | ---- | C] () -- C:\Windows\System32\x264vfw.dll
[2012.01.05 23:37:35 | 000,216,064 | ---- | C] ( ) -- C:\Windows\System32\lagarith.dll
[2012.01.05 23:37:34 | 000,650,752 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2012.01.05 23:37:34 | 000,243,200 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2012.01.05 23:37:33 | 000,079,360 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2012.01.05 08:12:58 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2012.01.05 03:59:46 | 000,654,166 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2012.01.05 03:59:46 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2012.01.05 03:59:46 | 000,130,006 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2012.01.05 03:59:46 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2011.03.14 16:04:42 | 000,001,491 | ---- | C] () -- C:\Windows\System32\RTSLCS.dll
[2011.01.17 20:20:41 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2011.01.17 20:20:39 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe

< End of report >
--- --- ---

 

Themen zu wie werde ich gvutrojaner endgültig los
alcatel, anti-malware, cftmon.lnk, ctfmon.lnk, gestartet, go_0molg.pad, gvu trojaner, gvu trojaner 2.07, gvu trojaner entfernen, gvu trojaner mit webcam, gvu-trojaner, gvutrojaner, gvutrojaner/endgültig loswerden, index, malwarebytes, malwarebytes anti-malware, picasa, plug-in, quarantäne, reveton.c, safer networking, searchscopes, seite, taskhost.exe, trojanern, unterschiedlich, vollständige, webcam gvu trojaner, webcamfenster


« BKA Trojaner OTL.txt und EXTRA.txt vorhanden | Trojaner (Generic_r.BAT,Agent_.BLB,Generic_r.bat) »


Ähnliche Themen: wie werde ich gvutrojaner endgültig los


  1. Webbrowser: Endgültig Schluss mit RC4
    Nachrichten - 04.09.2015 (0)
  2. GVU Trojaner endgültig entfernen
    Log-Analyse und Auswertung - 24.07.2013 (12)
  3. gvu trojaner endgültig entfernt ?
    Plagegeister aller Art und deren Bekämpfung - 16.06.2013 (14)
  4. Trojaner endgültig entfernen
    Plagegeister aller Art und deren Bekämpfung - 23.01.2013 (9)
  5. Bundestrojaner endgültig entfernen?
    Log-Analyse und Auswertung - 19.01.2013 (6)
  6. gvuTrojaner Windows 7
    Log-Analyse und Auswertung - 16.01.2013 (2)
  7. MyStart Endgültig Löschen
    Plagegeister aller Art und deren Bekämpfung - 23.12.2012 (15)
  8. Adware.Trymedia Trojaner! Wie werde ich ihn endgültig los?
    Plagegeister aller Art und deren Bekämpfung - 21.11.2012 (6)
  9. GVU Trojaner 2.04 endgültig entfernen?
    Plagegeister aller Art und deren Bekämpfung - 26.06.2012 (1)
  10. BKA - Virus endgültig entfernen - Wie?
    Log-Analyse und Auswertung - 12.04.2012 (11)
  11. Laptop endgültig kaputt?
    Alles rund um Windows - 08.02.2012 (7)
  12. Trojanisches Pferd endgültig weg?
    Plagegeister aller Art und deren Bekämpfung - 12.06.2010 (7)
  13. TR/Dropper.Gen - Wie werde ich den Trojaner endgültig los?
    Plagegeister aller Art und deren Bekämpfung - 22.11.2009 (5)
  14. Trojaner endgültig entfernt?
    Log-Analyse und Auswertung - 24.03.2009 (2)
  15. MyWebSearch endgültig Weg?
    Plagegeister aller Art und deren Bekämpfung - 24.10.2008 (0)
  16. Virusprotect endgültig erledigen
    Log-Analyse und Auswertung - 08.02.2008 (1)
  17. Wie werde ich meine Viren, Trojaner endgültig los
    Mülltonne - 08.12.2007 (0)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema wie werde ich gvutrojaner endgültig los - hallo, ich habe den gvu-trojaner auf meinem pc, habe ihn jetzt 2mal wegbekommen (so das der pc wieder zu nutzen war) jedoch nicht endgültig, habe desshalb Malwarebytes Anti-Malware runtergeladen und - wie werde ich gvutrojaner endgültig los...
Archiv
Du betrachtest: wie werde ich gvutrojaner endgültig los auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131