| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: GVU TrojanerWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
23.06.2013, 12:06
| #1 |
 |  GVU Trojaner Hallo und guten Tag! Leider hat der Trojaner wieder mal zugeschlagen. Dieses mal bei meinem Neffen. Habe schon Reatogo auf dem Rechner installiert und mit OTL gescant. Dabei erhielt ich die OTL.txt Datei (im Anhang) Würde mich sehr freuen, wenn ihr mir wieder so toll helfen könntet wie letztes mal. Sabine Code:
ATTFilter OTL logfile created on: 6/23/2013 1:23:14 PM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 86.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 96.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 125.00 Gb Total Space | 35.80 Gb Free Space | 28.64% Space Free | Partition Type: NTFS
Drive D: | 24.04 Gb Total Space | 23.82 Gb Free Space | 99.08% Space Free | Partition Type: NTFS
Drive J: | 15.05 Gb Total Space | 15.05 Gb Free Space | 99.99% Space Free | Partition Type: FAT32
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto] -- -- (nvsvc)
SRV - File not found [On_Demand] -- -- (AppMgmt)
SRV - [2013/06/19 08:12:39 | 000,148,992 | ---- | M] (Microsoft Corporation) [Auto] -- C:\DOKUME~1\ALLUSE~1\ANWEND~1\rifocor.dat -- (winmgmt)
SRV - [2013/06/12 13:36:38 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/04/12 10:20:12 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/03/06 19:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto] -- C:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2009/07/14 08:36:00 | 000,066,056 | ---- | M] (NOS Microsystems Ltd.) [On_Demand] -- C:\Programme\NOS\bin\getPlus_HelperSvc.exe -- (getPlus(R) Helper) getPlus(R)
SRV - [2009/05/29 07:41:26 | 000,144,712 | ---- | M] (Apple Inc.) [Auto] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2006/06/27 08:02:06 | 000,573,486 | ---- | M] (Cherry, Auerbach Germany, www.cherry.de) [On_Demand] -- C:\Programme\Cherry\CDI\cdi.exe -- (Cherry Device Interface)
SRV - [2005/11/13 20:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2004/09/29 06:14:36 | 000,069,632 | ---- | M] (HP) [Auto] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (i2omgmt)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - [2012/03/06 19:03:51 | 000,612,184 | ---- | M] (AVAST Software) [File_System | System] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/03/06 19:03:38 | 000,337,880 | ---- | M] (AVAST Software) [Kernel | System] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/03/06 19:02:00 | 000,035,672 | ---- | M] (AVAST Software) [Kernel | System] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2012/03/06 19:01:53 | 000,053,848 | ---- | M] (AVAST Software) [Kernel | System] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/03/06 19:01:39 | 000,095,704 | ---- | M] (AVAST Software) [File_System | Auto] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012/03/06 19:01:30 | 000,020,696 | ---- | M] (AVAST Software) [File_System | Auto] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012/03/06 18:58:29 | 000,024,920 | ---- | M] (AVAST Software) [Kernel | System] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/03/04 09:42:18 | 000,278,728 | ---- | M] () [Kernel | Auto] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2011/03/04 09:41:49 | 000,025,416 | ---- | M] () [Kernel | Auto] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2009/06/20 06:14:16 | 000,015,883 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\IIUSBISP.SYS -- (IIUSBISP)
DRV - [2007/05/02 05:11:18 | 000,109,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ss_mdm.sys -- (ss_mdm)
DRV - [2007/05/02 05:11:18 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ss_mdfl.sys -- (ss_mdfl)
DRV - [2007/05/02 05:11:16 | 000,083,592 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ss_bus.sys -- (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM)
DRV - [2007/02/08 09:45:14 | 000,029,184 | R--- | M] (Thesycon GmbH, Germany) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\dsiarhwprog.sys -- (dsiarhwprog)
DRV - [2006/06/29 11:18:10 | 000,167,566 | R--- | M] (Cherry GmbH) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Ch2kUSB.sys -- (Ch2kUSB)
DRV - [2006/04/28 02:59:10 | 000,072,149 | ---- | M] (Cherry GmbH) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Ch2kUSBm.sys -- (Ch2kUSBM)
DRV - [2006/03/01 13:51:15 | 000,051,200 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2006/02/14 10:48:36 | 000,006,656 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2005/11/03 10:40:07 | 000,063,488 | ---- | M] (Protection Technology) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sfvfs02.sys -- (sfvfs02) StarForce Protection VFS Driver (version 2.x)
DRV - [2005/08/10 10:06:28 | 000,019,968 | ---- | M] (Protection Technology) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x)
DRV - [2005/05/19 11:52:58 | 000,017,792 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\x10ufx2.sys -- (XUIF)
DRV - [2003/08/07 09:36:48 | 000,362,688 | ---- | M] (Intersil Americas Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\PRISMA00.sys -- (PRISM_A00)
DRV - [2003/05/22 11:44:44 | 000,670,203 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ctxs51.sys -- (Intels51)
DRV - [2003/02/12 21:22:31 | 000,031,744 | ---- | M] () [Kernel | On_Demand] -- C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Temp\idrmkl.sys -- (idrmkl)
DRV - [2002/07/29 07:15:00 | 000,024,288 | ---- | M] (Philips Semiconductors) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\PhTVTune.sys -- (PhTVTune)
DRV - [2002/07/29 07:14:00 | 000,424,704 | ---- | M] (Philips Semiconductors) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Cap7134.sys -- (Cap7134) MEDION (7134)
DRV - [2001/08/17 09:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)
DRV - [2001/05/07 06:56:02 | 000,019,805 | R--- | M] (Thesycon GmbH, Germany) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbio.sys -- (USBIO) USBIO Driver (usbio.sys)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Dennis_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/
IE - HKU\Dennis_ON_C\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\Dennis_ON_C\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKU\Dennis_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Dennis_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\LocalService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\NetworkService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Programme\Real Alternative\Browser\Plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Programme\Real Alternative\Browser\Plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=0.9.9: C:\Programme\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\wrc@avast.com: C:\Programme\AVAST Software\Avast\WebRep\FF [2012/06/26 06:33:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}: C:\Programme\Gemeinsame Dateien\DVDVideoSoft\plugins\ff\ [2013/03/17 07:03:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Programme\Mozilla Firefox\components [2013/04/12 10:20:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2013/06/19 07:13:14 | 000,000,000 | ---D | M]
[2013/04/12 10:19:56 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2013/04/12 10:19:56 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2013/04/12 10:19:56 | 000,000,000 | ---D | M] (Anti-Banner) -- C:\Programme\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak2
[2013/04/12 10:19:56 | 000,000,000 | ---D | M] (Modul zur Link-Untersuchung) -- C:\Programme\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak2
[2013/04/12 10:20:13 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2010/07/16 23:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\mozilla firefox\plugins\npdeployJava1.dll
[2006/09/26 07:03:14 | 000,098,304 | ---- | M] (Zylom) -- C:\Programme\mozilla firefox\plugins\npzylomgamesplayer.dll
[2013/04/07 10:53:04 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013/04/07 10:53:04 | 000,002,465 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2013/04/07 10:53:04 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2013/04/07 10:53:04 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2013/04/07 10:53:04 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2013/04/07 10:53:04 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2003/04/02 08:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (DVDVideoSoft WebPageAdjuster Class) - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Programme\Gemeinsame Dateien\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\Dennis_ON_C\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Programme\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [avast] C:\Programme\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CherryKeyMan] C:\Programme\Cherry\KeyMan\KeyMan.exe (Cherry GmbH)
O4 - HKLM..\Run: [Cmaudio] File not found
O4 - HKLM..\Run: [Dit] C:\WINDOWS\Dit.exe ()
O4 - HKLM..\Run: [Google Quick Search Box] C:\Programme\Google\Quick Search Box\GoogleQuickSearchBox.exe (Google Inc.)
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe (HP)
O4 - HKLM..\Run: [PRISMSTA.EXE] C:\WINDOWS\System32\PRISMSTA.exe (Intersil Americas Inc.)
O4 - HKLM..\Run: [QuickTime Task] C:\Programme\QuickTime Alternative\qttask.exe (Apple Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKU\Administrator_ON_C..\Run: [ctfmon32.exe] File not found
O4 - HKU\Dennis_ON_C..\Run: [ctfmon32.exe] File not found
O4 - HKU\Dennis_ON_C..\Run: [EA Core] File not found
O4 - HKU\Dennis_ON_C..\RunOnce: [Shockwave Updater] File not found
O4 - Startup: C:\Dokumente und Einstellungen\Dennis\Startmenü\Programme\Autostart\regmonstd.lnk = X:\I386\SYSTEM32\RUNDLL32.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Dennis_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Programme\Gemeinsame Dateien\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
O9 - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Programme\Gemeinsame Dateien\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1368449075359 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} hxxp://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-27-0.cab (EPUImageControl Class)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/20 05:26:47 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2013/06/19 08:12:39 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\rifocor.dat
[2013/06/19 08:12:38 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\rundll32.exe
[2013/06/19 07:11:18 | 000,000,000 | ---D | C] -- C:\Programme\Adobe
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013/06/22 11:07:26 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/06/22 11:07:00 | 000,000,228 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2013/06/22 10:45:03 | 095,023,320 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\rocofir.pad
[2013/06/22 10:44:02 | 000,001,086 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/06/22 10:30:00 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/06/22 08:36:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/06/20 10:30:32 | 000,003,123 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\rocofir.js
[2013/06/20 10:22:07 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/06/19 08:13:54 | 000,000,804 | ---- | M] () -- C:\Dokumente und Einstellungen\Dennis\Startmenü\Programme\Autostart\regmonstd.lnk
[2013/06/19 08:12:39 | 000,148,992 | ---- | M] (Microsoft Corporation) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\rifocor.dat
[2013/06/19 08:12:38 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\rundll32.exe
[2013/06/19 07:13:14 | 000,002,347 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Adobe Reader XI.lnk
[2013/06/19 07:11:43 | 000,001,720 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Adobe Reader XI.lnk
[2013/06/19 07:09:55 | 000,599,220 | ---- | M] () -- C:\Dokumente und Einstellungen\Dennis\Desktop\Bild.jpg
[2013/06/14 14:35:36 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013/06/13 05:18:55 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013/06/12 13:36:38 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013/06/12 13:36:37 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013/06/03 09:36:35 | 000,000,543 | ---- | M] () -- C:\WINDOWS\System\CmiCnfg.ini
[2013/06/02 11:30:20 | 000,604,672 | ---- | M] () -- C:\Dokumente und Einstellungen\Dennis\c5bntk7x31cy9.exe
[2013/06/02 11:29:52 | 000,843,776 | ---- | M] () -- C:\Dokumente und Einstellungen\Dennis\1lf3732b6zz3f.exe
[2013/06/02 11:29:46 | 000,030,720 | ---- | M] () -- C:\Dokumente und Einstellungen\Dennis\3cz3hlu7nizss.exe
[2013/06/02 11:29:45 | 000,600,379 | ---- | M] () -- C:\Dokumente und Einstellungen\Dennis\drpvem78g61b2.exe
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013/06/20 10:30:32 | 000,003,123 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\rocofir.js
[2013/06/19 08:13:54 | 000,000,804 | ---- | C] () -- C:\Dokumente und Einstellungen\Dennis\Startmenü\Programme\Autostart\regmonstd.lnk
[2013/06/19 08:13:03 | 095,023,320 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\rocofir.pad
[2013/06/19 07:11:43 | 000,002,347 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Adobe Reader XI.lnk
[2013/06/19 07:11:43 | 000,001,720 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Adobe Reader XI.lnk
[2013/06/19 06:42:30 | 000,599,220 | ---- | C] () -- C:\Dokumente und Einstellungen\Dennis\Desktop\Bild.jpg
[2013/06/02 11:30:20 | 000,604,672 | ---- | C] () -- C:\Dokumente und Einstellungen\Dennis\c5bntk7x31cy9.exe
[2013/06/02 11:29:51 | 000,843,776 | ---- | C] () -- C:\Dokumente und Einstellungen\Dennis\1lf3732b6zz3f.exe
[2013/06/02 11:29:46 | 000,030,720 | ---- | C] () -- C:\Dokumente und Einstellungen\Dennis\3cz3hlu7nizss.exe
[2013/06/02 11:29:45 | 000,600,379 | ---- | C] () -- C:\Dokumente und Einstellungen\Dennis\drpvem78g61b2.exe
[2013/04/14 02:06:53 | 001,072,544 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2013/04/14 02:06:53 | 001,072,544 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2013/04/14 02:06:53 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2013/03/08 02:16:28 | 000,000,127 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2013/02/07 23:03:08 | 002,816,504 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2012/10/07 09:21:31 | 000,103,424 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\mpdxgldj.exe
[2012/10/07 09:21:24 | 000,076,340 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\usbehvxatjmxpmv
[2012/10/02 10:38:21 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/06/25 10:35:47 | 000,197,120 | ---- | C] () -- C:\WINDOWS\patchw32.dll
[2012/06/25 03:10:17 | 000,000,280 | ---- | C] () -- C:\WINDOWS\game.ini
[2012/02/16 09:49:29 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/02/08 08:44:15 | 000,000,227 | ---- | C] () -- C:\WINDOWS\HP_CounterReport_Update_HPSU.ini
[2012/02/08 08:44:06 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini
[2012/02/08 08:43:02 | 000,000,221 | ---- | C] () -- C:\WINDOWS\HP_RedboxHprblog_HPSU.ini
[2011/07/02 08:50:11 | 000,017,408 | ---- | C] () -- C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Anwendungsdaten\WebpageIcons.db
[2011/03/04 09:42:18 | 000,278,728 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2011/03/04 09:41:49 | 000,025,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2009/09/27 10:37:46 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\apache.dll
[2009/07/28 11:18:12 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2009/07/09 07:42:00 | 000,000,761 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2009/07/09 07:26:50 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\xmltok.dll
[2009/07/09 07:26:50 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\xmlparse.dll
[2009/07/02 08:38:39 | 004,250,656 | -HS- | C] () -- C:\WINDOWS\System32\drivers\fidbox.dat
[2009/07/02 08:38:39 | 001,081,376 | -HS- | C] () -- C:\WINDOWS\System32\drivers\fidbox2.dat
[2009/07/02 03:47:23 | 000,007,168 | ---- | C] () -- C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/06/26 06:48:18 | 000,000,139 | ---- | C] () -- C:\Dokumente und Einstellungen\Dennis\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2009/06/25 07:52:22 | 000,139,584 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009/06/25 07:52:22 | 000,022,328 | ---- | C] () -- C:\Dokumente und Einstellungen\Dennis\Anwendungsdaten\PnkBstrK.sys
[2009/06/25 07:52:06 | 000,189,104 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2009/06/25 07:52:05 | 000,682,280 | ---- | C] () -- C:\WINDOWS\System32\pbsvc.exe
[2009/06/25 07:52:05 | 000,075,064 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2009/06/24 07:07:45 | 000,113,900 | ---- | C] () -- C:\WINDOWS\hpoins07.dat
[2009/06/24 07:07:45 | 000,021,124 | ---- | C] () -- C:\WINDOWS\hpomdl07.dat
[2009/06/23 09:01:59 | 000,003,972 | ---- | C] () -- C:\WINDOWS\System32\drivers\PciBus.sys
[2009/06/23 08:16:21 | 000,008,632 | ---- | C] () -- C:\WINDOWS\PRISMDOM.ini
[2009/06/23 08:09:11 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/06/23 03:03:50 | 000,010,752 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009/06/22 04:27:55 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2009/06/20 06:18:18 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009/06/20 06:17:19 | 000,119,744 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/06/20 06:14:34 | 000,061,440 | R--- | C] () -- C:\WINDOWS\System32\vuins32.dll
[2009/06/20 06:12:39 | 000,073,728 | ---- | C] () -- C:\WINDOWS\Dit.exe
[2009/06/20 06:12:39 | 000,065,536 | ---- | C] () -- C:\WINDOWS\DitExp.exe
[2009/06/20 06:12:39 | 000,065,536 | ---- | C] () -- C:\WINDOWS\Dit.DLL
[2009/06/20 06:12:39 | 000,000,208 | ---- | C] () -- C:\WINDOWS\Dit.INI
[2009/06/20 06:11:03 | 000,000,092 | ---- | C] () -- C:\WINDOWS\CMISETUP.INI
[2009/06/20 06:11:02 | 000,000,026 | ---- | C] () -- C:\WINDOWS\CMCDPLAY.INI
[2009/06/20 06:11:01 | 000,000,061 | ---- | C] () -- C:\WINDOWS\Wininit.ini
[2009/06/20 06:11:00 | 000,266,240 | ---- | C] () -- C:\WINDOWS\CMIUninstall.exe
[2009/06/20 06:11:00 | 000,233,472 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.exe
[2009/06/20 06:11:00 | 000,225,280 | ---- | C] () -- C:\WINDOWS\CmiRmRedundDir.exe
[2009/06/20 06:11:00 | 000,134,699 | ---- | C] () -- C:\WINDOWS\Cmuda.ini
[2009/06/20 06:11:00 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.dll
[2009/06/20 06:11:00 | 000,028,672 | ---- | C] () -- C:\WINDOWS\CMIRmDriver.dll
[2009/06/20 05:28:17 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009/06/20 05:24:41 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/06/10 12:33:00 | 001,580,550 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2007/04/20 01:57:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2007/04/20 01:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2007/04/20 01:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2007/04/20 01:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2007/04/20 01:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2007/04/20 01:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2007/04/20 01:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2007/04/20 01:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2007/04/20 01:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2003/04/02 08:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2003/04/02 08:00:00 | 000,458,904 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat
[2003/04/02 08:00:00 | 000,441,112 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2003/04/02 08:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2003/04/02 08:00:00 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat
[2003/04/02 08:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2003/04/02 08:00:00 | 000,084,746 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat
[2003/04/02 08:00:00 | 000,071,430 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2003/04/02 08:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2003/04/02 08:00:00 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat
[2003/04/02 08:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2003/04/02 08:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2003/04/02 08:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2001/09/04 09:12:28 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001/09/04 09:10:20 | 000,004,518 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001/07/06 09:30:00 | 000,003,254 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI
========== LOP Check ==========
[2013/03/08 12:18:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dennis\Anwendungsdaten\Amazon
[2009/06/23 03:04:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dennis\Anwendungsdaten\Ashampoo
[2012/06/26 08:19:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dennis\Anwendungsdaten\Atari
[2009/06/23 11:45:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dennis\Anwendungsdaten\Cherry
[2013/03/17 07:02:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dennis\Anwendungsdaten\DVDVideoSoft
[2013/03/17 07:03:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dennis\Anwendungsdaten\DVDVideoSoftIEHelpers
[2009/12/06 11:53:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dennis\Anwendungsdaten\Gearbox Software
[2011/02/01 12:43:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dennis\Anwendungsdaten\ICQ
[2012/05/09 07:43:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dennis\Anwendungsdaten\Image Zone Express
[2009/12/24 14:26:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dennis\Anwendungsdaten\Leadertech
[2009/06/23 03:07:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dennis\Anwendungsdaten\OpenOffice.org
[2009/09/27 11:39:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dennis\Anwendungsdaten\Ubisoft
[2010/10/10 08:55:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dennis\Anwendungsdaten\Zylom
[2009/06/23 03:04:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ashampoo
[2012/06/26 06:32:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVAST Software
[2009/12/24 15:59:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Electronic Arts
[2010/10/29 08:00:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ICQ
[2012/10/07 09:21:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\pcbxukvplazwuzd
[2009/06/23 03:10:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Prism
[2010/10/10 08:56:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Sandlot Games
[2009/09/27 11:38:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ubisoft
[2010/10/10 08:54:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Zylom
[2009/06/24 08:10:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2013/06/22 11:07:00 | 000,000,228 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
========== Purity Check ==========
< End of report >
|
| Themen zu GVU Trojaner |
| administrator, adobe, antivirus, askbar, avast, bho, bonjour, browser, desktop, dvdvideosoft ltd., einstellungen, error, explorer, firefox, flash player, format, logfile, modul, mozilla, object, plug-in, registry, rundll, software, temp, trojaner, windows, windows xp |
Baum-Darstellung