Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Windows Vista GVU Trojaner

Windows Vista GVU Trojaner


Plagegeister aller Art und deren Bekämpfung: Windows Vista GVU Trojaner

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 13.05.2012, 20:41   #1
help120513
 
Windows Vista GVU Trojaner - Standard

Windows Vista GVU Trojaner


Hallo,

hab mir leider den GVU-Trojaner eingefangen.
Hab Windows Vista. Abgesicherter Modus geht leider auch nicht, nur noch weisser Bildschirm.

Anbei das OLT-Protokoll (reinkopiert, da Anhang nicht moeglich).

Vielen Dank schon mal.

Gruss

==================================================
OTL logfile created on: 5/13/2012 10:29:30 PM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Windows Vista (TM) Home Premium Service Pack 2 (Version = 6.0.6002) - Type = System
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 86.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 97.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092?:\pagefile.sys [binary data]

%SystemDrive% = E: | %SystemRoot% = E:\Windows | %ProgramFiles% = E:\Program Files
Drive C: | 36.62 Gb Total Space | 30.22 Gb Free Space | 82.52% Space Free | Partition Type: NTFS
Drive E: | 37.26 Gb Total Space | 5.68 Gb Free Space | 15.25% Space Free | Partition Type: NTFS
Drive F: | 45.26 Gb Total Space | 15.12 Gb Free Space | 33.41% Space Free | Partition Type: NTFS
Drive G: | 37.57 Gb Total Space | 25.79 Gb Free Space | 68.63% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet002

========== Win32 Services (SafeList) ==========

SRV - File not found [Auto] -- -- (RichVideo) Cyberlink RichVideo Service(CRVS)
SRV - [2012/05/10 15:28:20 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand] -- E:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2010/07/08 09:28:56 | 000,815,704 | ---- | M] (GlavSoft LLC.) [Auto] -- E:\Program Files\TightVNC\tvnserver.exe -- (tvnserver)
SRV - [2009/07/21 09:34:28 | 000,185,089 | ---- | M] (Avira GmbH) [Auto] -- E:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009/05/13 11:48:18 | 000,108,289 | ---- | M] (Avira GmbH) [Auto] -- E:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2009/05/04 07:15:26 | 000,279,960 | ---- | M] (Eastman Kodak Company) [Auto] -- E:\Program Files\Kodak\AiO\Center\EKDiscovery.exe -- (Kodak AiO Network Discovery Service)
SRV - [2009/04/17 07:08:26 | 000,032,768 | ---- | M] (Eastman Kodak Company) [Auto] -- E:\Program Files\Kodak\AiO\center\KodakSvc.exe -- (KodakSvc)
SRV - [2008/01/18 18:38:26 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto] -- E:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/06/08 04:31:06 | 000,110,592 | ---- | M] (Digital Everywhere) [Auto] -- E:\Program Files\FireDTV\FireDTV MCE Plugin\FDTvCISvc.exe -- (FDTvCISvc)
SRV - [2005/09/07 12:18:34 | 000,049,336 | ---- | M] (Microsoft Corporation) [Auto] -- E:\Program Files\Media Center Diagnostic Kit\Tests\Bin\ehMonitor.exe -- (ehMonitor)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand] -- -- (VMnetAdapter)
DRV - File not found [Kernel | Boot] -- -- (VClone)
DRV - File not found [Kernel | On_Demand] -- -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand] -- -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand] -- -- (IpInIp)
DRV - [2010/01/08 19:42:40 | 000,032,768 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand] -- E:\Windows\System32\drivers\taphss.sys -- (taphss)
DRV - [2009/12/08 16:08:08 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto] -- E:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009/05/11 05:12:20 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System] -- E:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/03/30 05:33:03 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System] -- E:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2009/02/13 07:35:01 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System] -- E:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008/10/02 06:32:26 | 000,014,848 | ---- | M] (Silicon Laboratories) [Kernel | On_Demand] -- E:\Windows\System32\drivers\SiUSBXp.sys -- (SIUSBXP)
DRV - [2008/01/18 16:53:28 | 000,014,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\avcstrm.sys -- (AVCSTRM)
DRV - [2007/11/02 09:40:42 | 000,061,440 | ---- | M] (Silicon Laboratories) [Kernel | On_Demand] -- E:\Windows\System32\drivers\silabser.sys -- (silabser)
DRV - [2007/11/02 09:40:42 | 000,017,920 | ---- | M] (Silicon Laboratories, Inc.) [Kernel | On_Demand] -- E:\Windows\System32\drivers\silabenm.sys -- (silabenm)
DRV - [2007/09/07 08:24:42 | 000,033,664 | ---- | M] (Digital Everywhere) [Kernel | On_Demand] -- E:\Windows\System32\drivers\FireDTV_BDA_DVBS2.sys -- (FireDTV_DVBS2)
DRV - [2007/08/21 22:08:30 | 003,076,608 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- E:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2007/08/21 22:08:30 | 003,076,608 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- E:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2007/07/06 03:32:00 | 000,046,976 | ---- | M] (Digital Everywhere) [Kernel | On_Demand] -- E:\Windows\System32\drivers\FireDTV_BDA_DVBS_MCE.sys -- (Firesat_Dvbs)
DRV - [2007/06/17 07:43:50 | 000,186,592 | ---- | M] (Jungo) [Kernel | On_Demand] -- E:\Windows\System32\drivers\windrvr6.sys -- (WinDriver6)
DRV - [2007/05/17 05:41:12 | 000,055,040 | ---- | M] (SUNIX GROUP) [Kernel | On_Demand] -- E:\Windows\System32\drivers\golport.sys -- (GOLPORT)
DRV - [2007/05/17 05:41:00 | 000,016,512 | ---- | M] (SUNIX GROUP) [Kernel | On_Demand] -- E:\Windows\System32\drivers\golcard.sys -- (GOLCARD)
DRV - [2007/02/15 20:57:04 | 000,034,760 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand] -- E:\Windows\System32\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV - [2007/01/08 04:37:58 | 000,174,592 | ---- | M] (Hauppauge Computer Works, Inc.) [23|25|26]xxx) [Kernel | On_Demand] -- E:\Windows\System32\drivers\hcwPP2.sys -- (hcwPP2)
DRV - [2006/11/02 03:30:56 | 000,429,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\nvm60x32.sys -- (NVENETFD)
DRV - [2006/03/17 22:18:58 | 000,392,960 | R--- | M] (Sensaura) [Kernel | On_Demand] -- E:\Windows\System32\drivers\senfilt.sys -- (SenFiltService)
DRV - [2005/12/23 06:22:18 | 000,005,685 | R--- | M] () [Kernel | System] -- E:\Windows\System32\drivers\AsIO.sys -- (AsIO)
DRV - [2004/12/16 12:41:30 | 000,089,808 | ---- | M] (MCCI) [Kernel | On_Demand] -- E:\Windows\System32\drivers\slabser.sys -- (slabser)
DRV - [2004/12/16 12:40:04 | 000,055,312 | ---- | M] (MCCI) [Kernel | On_Demand] -- E:\Windows\System32\drivers\slabbus.sys -- (slabbus) CP210x USB Composite Device driver (WDM)
DRV - [2004/11/26 05:15:06 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\ncfvsbus.sys -- (ncfvsbus)
DRV - [2004/11/08 12:44:16 | 000,039,284 | R--- | M] (TechnoTrend AG) [Kernel | On_Demand] -- E:\Windows\System32\drivers\ttloophe.sys -- (TTLOOPHE)
DRV - [2004/09/13 04:13:20 | 000,065,840 | R--- | M] (TechnoTrend AG) [Kernel | On_Demand] -- E:\Windows\System32\drivers\saa7146n.sys -- (SAA7146n) TT DVB-PCI driver (SAA7146n)
DRV - [2004/08/13 14:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand] -- E:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2002/07/17 10:20:32 | 000,084,832 | ---- | M] (Adaptec) [Kernel | On_Demand] -- E:\Windows\System32\drivers\ASPI32.SYS -- (ASPI)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\db2admin_ON_E\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


IE - HKU\Markus_ON_E\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\Markus_ON_E\Software\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\Markus_ON_E\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Markus_ON_E\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\Markus_ON_E\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 130.92.70.251:3124

IE - HKU\NetworkService_ON_E\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.google.de/"
FF - prefs.js..extensions.enabledItems: pdfforge@mybrowserbar.com:1.1.2
FF - prefs.js..extensions.enabledItems: searchsettings@spigot.com:1.2.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..network.proxy.backup.ftp: "192.33.90.196"
FF - prefs.js..network.proxy.backup.ftp_port: 3128
FF - prefs.js..network.proxy.backup.gopher: "192.33.90.196"
FF - prefs.js..network.proxy.backup.gopher_port: 3128
FF - prefs.js..network.proxy.backup.socks: "192.33.90.196"
FF - prefs.js..network.proxy.backup.socks_port: 3128
FF - prefs.js..network.proxy.backup.ssl: "192.33.90.196"
FF - prefs.js..network.proxy.backup.ssl_port: 3128
FF - prefs.js..network.proxy.ftp: "81.63.140.37"
FF - prefs.js..network.proxy.ftp_port: 3128
FF - prefs.js..network.proxy.gopher: "81.63.140.37"
FF - prefs.js..network.proxy.gopher_port: 3128
FF - prefs.js..network.proxy.http: "81.63.140.37"
FF - prefs.js..network.proxy.http_port: 3128
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "81.63.140.37"
FF - prefs.js..network.proxy.socks_port: 3128
FF - prefs.js..network.proxy.ssl: "81.63.140.37"
FF - prefs.js..network.proxy.ssl_port: 3128


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: E:\Windows\System32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: E:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: E:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0: E:\Program Files\DivX\DivX Content Uploader\npUpload.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: E:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: E:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: E:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2571: E:\Program Files\VistaCodecPack\rm\Browser\Plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/npracplug;version=1.0.0.0: E:\Program Files\Real\RealArcade\Plugins\Mozilla\npracplug.dll (RealNetworks)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.2629: E:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1739: E:\Program Files\VistaCodecPack\rm\Browser\Plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2012/05/10 15:28:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins [2011/06/05 11:30:08 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 1.5.0.10\Extensions\\Components: D:\PROGRA~1\Mozilla Thunderbird\components\ [2007/04/19 12:11:04 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 1.5.0.10\Extensions\\Plugins: D:\PROGRA~1\Mozilla Thunderbird\plugins\ [2007/04/19 12:11:05 | 000,000,000 | ---D | M]

[2008/12/25 09:14:01 | 000,000,000 | ---D | M] (No name found) -- E:\Users\Markus\AppData\Roaming\Mozilla\Extensions
[2008/12/25 09:14:01 | 000,000,000 | ---D | M] (No name found) -- E:\Users\Markus\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com
[2011/05/28 04:30:39 | 000,000,000 | ---D | M] (No name found) -- E:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\sk1wyf9h.default\extensions
[2010/12/10 16:40:56 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- E:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\sk1wyf9h.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2007/01/14 13:20:55 | 000,002,382 | ---- | M] () -- E:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\sk1wyf9h.default\searchplugins\dp-suche.xml
[2012/01/28 13:40:12 | 000,000,000 | ---D | M] (No name found) -- E:\Program Files\Mozilla Firefox\extensions
File not found (No name found) --
[2012/05/10 15:28:19 | 000,097,208 | ---- | M] (Mozilla Foundation) -- E:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/02/02 16:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- E:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2007/01/27 15:15:27 | 000,024,576 | ---- | M] (RealNetworks) -- E:\Program Files\mozilla firefox\plugins\npgcplug.dll
[2005/04/27 16:10:49 | 000,102,400 | ---- | M] (RealNetworks) -- E:\Program Files\mozilla firefox\plugins\npracplug.dll
[2012/04/07 05:45:44 | 000,001,392 | ---- | M] () -- E:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012/04/07 05:45:44 | 000,002,252 | ---- | M] () -- E:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/04/07 05:45:44 | 000,001,153 | ---- | M] () -- E:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012/04/07 05:45:44 | 000,006,805 | ---- | M] () -- E:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012/04/07 05:45:44 | 000,001,178 | ---- | M] () -- E:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012/04/07 05:45:44 | 000,001,105 | ---- | M] () -- E:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2010/02/09 14:37:35 | 000,000,784 | ---- | M]) - E:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: :78.42.207.129 cooper
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (FlashFXP Helper for Internet Explorer) - {E5A1691B-D188-4419-AD02-90002030B8EE} - E:\Program Files\FlashFXP\IEFlash.dll (IniCom Networks, Inc.)
O4 - HKLM..\Run: [A2F0dnfEgERcY31] E:\Users\Markus\AppData\Roaming\spoolsrv.exe ()
O4 - HKLM..\Run: [APSDaemon] E:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] E:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [CloneCDTray] E:\Program Files\SlySoft\CloneCD\CloneCDTray.exe (SlySoft, Inc.)
O4 - HKLM..\Run: [Conime] E:\Windows\System32\conime.exe (Microsoft Corporation)
O4 - HKLM..\Run: [EKIJ5000StatusMonitor] E:\Windows\System32\spool\drivers\w32x86\3\EKIJ5000MUI.exe (Eastman Kodak Company)
O4 - HKLM..\Run: [NBKeyScan] File not found
O4 - HKLM..\Run: [TkBellExe] File not found
O4 - HKLM..\Run: [tvncontrol] E:\Program Files\TightVNC\tvnserver.exe (GlavSoft LLC.)
O4 - HKLM..\Run: [Windows Defender] E:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\db2admin_ON_E..\Run: [A2F0dnfEgERcY31] E:\Users\db2admin\AppData\Roaming\spoolsrv.exe ()
O4 - HKU\db2admin_ON_E..\Run: [WindowsWelcomeCenter] E:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\LocalService_ON_E..\Run: [WindowsWelcomeCenter] E:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\Markus_ON_E..\Run: [A2F0dnfEgERcY31] E:\Users\Markus\AppData\Roaming\spoolsrv.exe ()
O4 - HKU\Markus_ON_E..\Run: [Eraser] E:\Program Files\Eraser\eraser.exe (Heidi Computers Ltd)
O4 - HKU\Markus_ON_E..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] File not found
O4 - HKU\Markus_ON_E..\Run: [TomTomHOME.exe] File not found
O4 - HKU\Markus_ON_E..\Run: [UpgradeChecker] File not found
O4 - HKU\NetworkService_ON_E..\Run: [WindowsWelcomeCenter] E:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - Startup: E:\Users\Markus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Nokia Connectivity Framework Lite.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = D:\WINDOWS\Resources\Themes\Royale.theme
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = D:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O7 - HKU\Markus_ON_E\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Markus_ON_E\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 1
O7 - HKU\Markus_ON_E\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKU\Markus_ON_E\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - E:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1175332830343 (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab (Java Plug-in 1.5.0_10)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O20 - HKLM Winlogon: Shell - (D:\Users\Markus\AppData\Roaming\spoolsrv.exe) - E:\Users\Markus\AppData\Roaming\spoolsrv.exe ()
O20 - HKLM Winlogon: UserInit - (D:\Users\Markus\AppData\Roaming\spoolsrv.exe) - E:\Users\Markus\AppData\Roaming\spoolsrv.exe ()
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\System32\userinit.exe) - File not found
O20 - HKU\db2admin_ON_E Winlogon: Shell - (D:\Users\db2admin\AppData\Roaming\spoolsrv.exe) - E:\Users\db2admin\AppData\Roaming\spoolsrv.exe ()
O20 - HKU\db2admin_ON_E Winlogon: UserInit - (D:\Users\db2admin\AppData\Roaming\spoolsrv.exe) - E:\Users\db2admin\AppData\Roaming\spoolsrv.exe ()
O20 - HKU\db2admin_ON_E Winlogon: UserInit - (C:\WINDOWS\System32\userinit.exe) - File not found
O20 - HKU\Markus_ON_E Winlogon: Shell - (D:\Users\Markus\AppData\Roaming\spoolsrv.exe) - E:\Users\Markus\AppData\Roaming\spoolsrv.exe ()
O20 - HKU\Markus_ON_E Winlogon: UserInit - (D:\Users\Markus\AppData\Roaming\spoolsrv.exe) - E:\Users\Markus\AppData\Roaming\spoolsrv.exe ()
O20 - HKU\Markus_ON_E Winlogon: UserInit - (C:\WINDOWS\System32\userinit.exe) - File not found
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/01/27 14:17:17 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - E:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{3010ef7e-1599-11df-bfcd-005056c00008}\Shell\AutoRun\command - "" = G:\InstallTomTomHOME.exe
O33 - MountPoints2\{a5057468-4a9a-11dd-b5b6-0018f39c64d5}\Shell\AutoRun\command - "" = J:\setupSNK.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\monsetup.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/05/13 21:51:24 | 002,237,440 | R--- | C] (OldTimer Tools) -- E:\OTLPE.exe
[2012/05/13 21:51:22 | 000,000,000 | ---D | C] -- E:\_OTL
[2012/05/13 21:18:39 | 000,000,000 | -HSD | C] -- E:\RECYCLER
[2012/05/11 14:47:27 | 001,172,480 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\d3d10warp.dll
[2012/05/11 14:47:27 | 001,069,056 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\DWrite.dll
[2012/05/11 14:47:27 | 000,683,008 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\d2d1.dll
[2012/05/11 14:47:27 | 000,219,648 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\d3d10_1core.dll
[2012/05/11 14:47:27 | 000,160,768 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\d3d10_1.dll
[2012/05/11 14:46:08 | 003,602,816 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\ntkrnlpa.exe
[2012/05/11 14:46:08 | 003,550,080 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\ntoskrnl.exe
[2012/05/11 14:46:08 | 002,044,928 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\win32k.sys
[2012/05/10 15:28:23 | 000,000,000 | ---D | C] -- E:\Program Files\Mozilla Maintenance Service
[2012/05/10 15:28:23 | 000,000,000 | ---D | C] -- E:\ProgramData\Mozilla
[2012/04/14 09:14:59 | 002,382,848 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\mshtml.tlb
[2012/04/14 09:14:58 | 001,799,168 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\jscript9.dll
[2012/04/14 09:14:58 | 000,716,800 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\jscript.dll
[2012/04/14 09:14:57 | 000,231,936 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\url.dll
[2012/04/14 09:14:57 | 000,176,640 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\ieui.dll
[2012/04/14 09:14:57 | 000,065,024 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\jsproxy.dll
[2012/04/14 09:14:56 | 001,427,456 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\inetcpl.cpl
[2007/01/27 15:15:29 | 000,774,144 | ---- | C] (RealNetworks, Inc.) -- E:\Program Files\RngInterstitial.dll

========== Files - Modified Within 30 Days ==========

[2012/05/13 15:27:00 | 000,262,232 | ---- | M] () -- E:\Windows\System32\FNTCACHE.DAT
[2012/05/13 15:18:18 | 000,000,736 | -H-- | M] () -- E:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/05/13 15:18:18 | 000,000,736 | -H-- | M] () -- E:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/05/13 15:18:14 | 000,067,584 | --S- | M] () -- E:\Windows\bootstat.dat
[2012/05/13 11:38:48 | 000,642,298 | ---- | M] () -- E:\Windows\System32\perfh007.dat
[2012/05/13 11:38:48 | 000,607,332 | ---- | M] () -- E:\Windows\System32\perfh009.dat
[2012/05/13 11:38:48 | 000,133,220 | ---- | M] () -- E:\Windows\System32\perfc007.dat
[2012/05/13 11:38:48 | 000,109,810 | ---- | M] () -- E:\Windows\System32\perfc009.dat
[2012/05/13 10:39:16 | 000,290,304 | ---- | M] () -- E:\Users\Markus\AppData\Roaming\spoolsrv.exe
[2012/05/11 14:56:07 | 000,084,900 | ---- | M] () -- E:\Users\Markus\Desktop\hd-plus-0139523820121.pdf
[2012/05/10 14:33:30 | 000,419,488 | ---- | M] (Adobe Systems Incorporated) -- E:\Windows\System32\FlashPlayerApp.exe
[2012/05/10 14:33:30 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- E:\Windows\System32\FlashPlayerCPLApp.cpl

========== Files Created - No Company Name ==========

[2012/05/13 17:16:29 | 000,000,736 | -H-- | C] () -- E:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/05/13 17:16:29 | 000,000,736 | -H-- | C] () -- E:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/05/13 10:39:20 | 000,290,304 | ---- | C] () -- E:\Users\Markus\AppData\Roaming\spoolsrv.exe
[2012/05/11 14:56:06 | 000,084,900 | ---- | C] () -- E:\Users\Markus\Desktop\hd-plus-0139523820121.pdf
[2011/09/16 16:25:03 | 000,000,041 | -HS- | C] () -- E:\ProgramData\.zreglib
[2010/12/29 14:09:28 | 000,000,000 | ---- | C] () -- E:\Windows\Irremote.ini
[2010/02/14 13:05:55 | 000,000,000 | ---- | C] () -- E:\Windows\System32\cd.dat
[2009/12/30 16:51:47 | 000,012,800 | ---- | C] () -- E:\Windows\System32\EKDeviceServices.dll
[2009/10/30 13:26:46 | 000,097,716 | -H-- | C] () -- E:\Windows\System32\mlfcache.dat
[2009/08/21 12:11:06 | 000,117,248 | ---- | C] () -- E:\Windows\System32\EhStorAuthn.dll
[2009/08/21 12:11:06 | 000,107,612 | ---- | C] () -- E:\Windows\System32\StructuredQuerySchema.bin
[2009/07/04 12:31:22 | 000,000,000 | ---- | C] () -- E:\Windows\CatClient.INI
[2008/12/19 14:09:34 | 000,000,090 | ---- | C] () -- E:\Windows\AlphaCrypt.ini
[2008/11/16 08:59:02 | 000,000,035 | ---- | C] () -- E:\Windows\wcx_ftp.ini
[2008/11/16 08:58:25 | 000,000,280 | ---- | C] () -- E:\Windows\WINCMD.INI
[2008/10/04 05:34:34 | 000,000,069 | ---- | C] () -- E:\Windows\NeroDigital.ini
[2008/08/02 05:45:35 | 000,018,904 | ---- | C] () -- E:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/05/26 13:01:38 | 000,152,576 | ---- | C] () -- E:\Windows\System32\ProfOnFo.dll
[2008/05/26 13:01:38 | 000,149,504 | ---- | C] () -- E:\Windows\System32\Profmeas.dll
[2008/05/26 13:01:38 | 000,018,432 | ---- | C] () -- E:\Windows\System32\Profcali.dll
[2008/05/26 13:01:38 | 000,016,384 | ---- | C] () -- E:\Windows\System32\ProDVer.dll
[2008/03/22 14:17:32 | 000,001,723 | ---- | C] () -- E:\Windows\wiso.ini
[2007/12/13 15:01:54 | 000,000,306 | RHS- | C] () -- E:\ProgramData\ntuser.pol
[2007/09/26 18:07:02 | 000,007,680 | ---- | C] () -- E:\Windows\System32\ff_vfw.dll
[2007/08/21 21:29:09 | 003,107,788 | ---- | C] () -- E:\Windows\System32\atiumdva.dat
[2007/08/05 05:35:03 | 000,000,305 | ---- | C] () -- E:\ProgramData\addr_file.html
[2007/07/16 11:37:39 | 000,154,206 | ---- | C] () -- E:\Windows\System32\atiicdxx.dat
[2007/05/31 12:44:37 | 000,012,288 | ---- | C] () -- E:\Windows\System32\drivers\ncfvcom.sys
[2007/04/22 05:36:37 | 000,000,094 | ---- | C] () -- E:\Users\Markus\AppData\Local\fusioncache.dat
[2007/04/22 05:33:48 | 000,019,456 | ---- | C] () -- E:\Users\Markus\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/04/19 12:24:58 | 000,033,676 | ---- | C] () -- E:\Windows\System32\emptyregdb.dat
[2007/04/19 12:02:51 | 000,066,048 | R--- | C] () -- E:\Windows\System32\hcwXDS.dll
[2007/04/19 12:02:28 | 000,005,810 | R--- | C] () -- E:\Windows\System32\drivers\ASACPI.sys
[2007/03/25 05:57:17 | 000,016,354 | ---- | C] () -- E:\Windows\Ascd_log.ini
[2007/03/25 05:56:13 | 000,024,576 | R--- | C] () -- E:\Windows\System32\AsIO.dll
[2007/03/25 05:56:13 | 000,005,685 | R--- | C] () -- E:\Windows\System32\drivers\AsIO.sys
[2007/03/25 05:55:42 | 000,016,316 | ---- | C] () -- E:\Windows\Ascd_tmp.ini
[2007/03/25 05:55:33 | 000,005,824 | ---- | C] () -- E:\Windows\System32\drivers\ASUSHWIO.SYS
[2007/03/24 17:14:19 | 000,006,064 | ---- | C] () -- E:\Windows\System32\d3d9caps.dat
[2007/03/19 13:27:47 | 000,000,403 | ---- | C] () -- E:\Windows\ODBC.INI
[2007/03/15 14:26:20 | 000,000,957 | ---- | C] () -- E:\Windows\PVAStrumento.ini
[2007/03/10 07:51:48 | 000,282,624 | ---- | C] () -- E:\Windows\System32\xvidvfw.dll
[2007/02/05 20:05:26 | 000,000,038 | ---- | C] () -- E:\Windows\AviSplitter.INI
[2007/01/27 06:08:03 | 000,003,303 | ---- | C] () -- E:\Windows\tm.ini
[2007/01/27 05:09:18 | 000,000,244 | ---- | C] () -- E:\Windows\BUHL.INI
[2007/01/12 05:30:09 | 000,520,192 | ---- | C] () -- E:\Windows\System32\ati2sgag.exe
[2007/01/12 05:05:21 | 000,006,344 | ---- | C] () -- E:\Windows\HCWPNP.INI
[2007/01/12 04:56:23 | 000,000,082 | ---- | C] () -- E:\Windows\RelictEPG.INI
[2007/01/12 04:34:28 | 000,000,050 | ---- | C] () -- E:\Windows\Winamp.ini
[2007/01/11 18:12:30 | 000,004,619 | ---- | C] () -- E:\Windows\mozver.dat
[2007/01/11 18:04:46 | 000,000,000 | ---- | C] () -- E:\Windows\nsreg.dat
[2007/01/11 17:30:37 | 000,004,161 | ---- | C] () -- E:\Windows\ODBCINST.INI
[2006/11/02 11:33:31 | 000,642,298 | ---- | C] () -- E:\Windows\System32\perfh007.dat
[2006/11/02 11:33:31 | 000,290,748 | ---- | C] () -- E:\Windows\System32\perfi007.dat
[2006/11/02 11:33:31 | 000,133,220 | ---- | C] () -- E:\Windows\System32\perfc007.dat
[2006/11/02 11:33:31 | 000,036,916 | ---- | C] () -- E:\Windows\System32\perfd007.dat
[2006/11/02 08:57:28 | 000,067,584 | --S- | C] () -- E:\Windows\bootstat.dat
[2006/11/02 08:47:37 | 000,262,232 | ---- | C] () -- E:\Windows\System32\FNTCACHE.DAT
[2006/11/02 08:35:32 | 000,005,632 | ---- | C] () -- E:\Windows\System32\sysprepMCE.dll
[2006/11/02 06:33:01 | 000,607,332 | ---- | C] () -- E:\Windows\System32\perfh009.dat
[2006/11/02 06:33:01 | 000,287,440 | ---- | C] () -- E:\Windows\System32\perfi009.dat
[2006/11/02 06:33:01 | 000,109,810 | ---- | C] () -- E:\Windows\System32\perfc009.dat
[2006/11/02 06:33:01 | 000,030,674 | ---- | C] () -- E:\Windows\System32\perfd009.dat
[2006/11/02 06:25:44 | 000,159,744 | ---- | C] () -- E:\Windows\System32\atitmmxx.dll
[2006/11/02 06:23:21 | 000,215,943 | ---- | C] () -- E:\Windows\System32\dssec.dat
[2006/11/02 04:58:30 | 000,043,131 | ---- | C] () -- E:\Windows\mib.bin
[2006/11/02 04:19:00 | 000,000,741 | ---- | C] () -- E:\Windows\System32\NOISE.DAT
[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- E:\Windows\System32\pacerprf.ini
[2006/11/02 03:25:31 | 000,673,088 | ---- | C] () -- E:\Windows\System32\mlang.dat
[2006/02/25 14:09:38 | 000,774,144 | ---- | C] () -- E:\Windows\System32\xvidcore.dll
[2001/10/28 12:42:30 | 000,116,224 | ---- | C] () -- E:\Windows\System32\pdfcmnnt.dll

========== LOP Check ==========

[2007/04/19 12:07:34 | 000,000,000 | ---D | M] -- E:\ProgramData\Acronis
[2007/04/19 12:33:05 | 000,000,000 | -HSD | M] -- E:\ProgramData\Anwendungsdaten
[2006/11/02 09:02:03 | 000,000,000 | -HSD | M] -- E:\ProgramData\Application Data
[2009/07/11 05:48:56 | 000,000,000 | ---D | M] -- E:\ProgramData\AutomatedQA
[2008/03/22 14:18:06 | 000,000,000 | ---D | M] -- E:\ProgramData\Buhl Data Service GmbH
[2007/09/29 09:42:21 | 000,000,000 | ---D | M] -- E:\ProgramData\CMUV
[2008/04/05 17:03:19 | 000,000,000 | ---D | M] -- E:\ProgramData\CodeGear
[2006/11/02 09:02:03 | 000,000,000 | -HSD | M] -- E:\ProgramData\Desktop
[2006/11/02 09:02:03 | 000,000,000 | -HSD | M] -- E:\ProgramData\Documents
[2007/04/19 12:33:05 | 000,000,000 | -HSD | M] -- E:\ProgramData\Dokumente
[2007/04/19 12:08:39 | 000,000,000 | -HSD | M] -- E:\ProgramData\DRM
[2007/09/29 12:07:07 | 000,000,000 | ---D | M] -- E:\ProgramData\DVBViewer GE
[2009/12/30 16:52:25 | 000,000,000 | ---D | M] -- E:\ProgramData\Eastman Kodak Company
[2010/03/09 14:11:24 | 000,000,000 | ---D | M] -- E:\ProgramData\Embarcadero
[2007/04/19 12:33:05 | 000,000,000 | -HSD | M] -- E:\ProgramData\Favoriten
[2006/11/02 09:02:03 | 000,000,000 | -HSD | M] -- E:\ProgramData\Favorites
[2008/05/12 13:55:14 | 000,000,000 | ---D | M] -- E:\ProgramData\FlashFXP
[2007/04/19 12:07:35 | 000,000,000 | ---D | M] -- E:\ProgramData\fun communications
[2009/01/10 10:41:39 | 000,000,000 | ---D | M] -- E:\ProgramData\Graboid Inc
[2011/07/27 14:37:17 | 000,000,000 | ---D | M] -- E:\ProgramData\IBM
[2009/01/10 12:25:01 | 000,000,000 | ---D | M] -- E:\ProgramData\Launcher
[2006/11/02 09:02:03 | 000,000,000 | -HSD | M] -- E:\ProgramData\Start Menu
[2007/04/19 12:33:05 | 000,000,000 | -HSD | M] -- E:\ProgramData\Startmenü
[2008/06/06 08:23:33 | 000,000,000 | ---D | M] -- E:\ProgramData\T-Online
[2007/04/19 12:07:36 | 000,000,000 | ---D | M] -- E:\ProgramData\tax
[2006/11/02 09:02:04 | 000,000,000 | -HSD | M] -- E:\ProgramData\Templates
[2010/02/09 12:40:28 | 000,000,000 | ---D | M] -- E:\ProgramData\TomTom
[2007/04/19 12:33:05 | 000,000,000 | -HSD | M] -- E:\ProgramData\Vorlagen
[2012/04/07 07:57:46 | 000,000,000 | ---D | M] -- E:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/09/19 03:29:52 | 000,000,000 | ---D | M] -- E:\ProgramData\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2008/09/14 06:01:59 | 000,000,000 | -H-D | M] -- E:\ProgramData\{7A0BDD12-2C4E-4120-BFFF-7B14DA13BE27}
[2008/04/05 16:59:05 | 000,000,000 | ---D | M] -- E:\ProgramData\{AB3EC276-D261-4943-A921-1CC1C6799AED}
[2008/04/05 17:10:17 | 000,000,000 | -H-D | M] -- E:\ProgramData\{B59CE2E6-B15A-4F23-BD0E-72BF2ADDC3C7}
[2008/04/05 16:59:25 | 000,000,000 | -H-D | M] -- E:\ProgramData\{BB9698C8-6CDB-4A48-90AB-23351A9EB3D0}
[2007/12/22 08:00:01 | 000,000,000 | -H-D | M] -- E:\ProgramData\{F8A40727-EACF-4A3C-98D4-35C3FE65C306}
[2007/05/17 13:50:58 | 000,000,000 | ---D | M] -- E:\ProgramData\~0
[2009/07/04 11:23:40 | 000,000,000 | -H-D | M] -- E:\ProgramData\~1
[2009/07/04 11:23:41 | 000,000,000 | -H-D | M] -- E:\ProgramData\~2
[2010/03/13 05:29:24 | 000,000,000 | -H-D | M] -- E:\ProgramData\~3
[2010/03/13 05:29:24 | 000,000,000 | -H-D | M] -- E:\ProgramData\~4
[2007/05/12 14:08:57 | 000,000,470 | ---- | M] () -- E:\Windows\Tasks\ProgDVB_StartRecord_ATV+_Notting_Hill_12052007_00_57.job
[2007/05/12 14:08:57 | 000,000,356 | ---- | M] () -- E:\Windows\Tasks\ProgDVB_StopRecord_ATV+_Notting_Hill_12052007_05_34.job
[2006/11/02 09:09:53 | 000,000,484 | ---- | M] () -- E:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 24 bytes -> E:\Windows:5BEE7793EAE2AF26
< End of report >

 

Themen zu Windows Vista GVU Trojaner
adapter, alternate, antivir, avira, bho, bonjour, defender, desktop, device driver, disabletaskmgr, eraser, error, explorer, firefox, format, home, logfile, microsoft, mozilla, nvidia, plug-in, registry, scan, server.exe, software, trojane, trojaner, ups, version=1.0, vista, windows, winlogon


« Verschlüsselungs Trojaner Problem | WinVista Problem :( »


Ähnliche Themen: Windows Vista GVU Trojaner


  1. GVU Trojaner auf Windows Vista
    Log-Analyse und Auswertung - 19.04.2014 (12)
  2. GVU - Trojaner in Windows Vista
    Plagegeister aller Art und deren Bekämpfung - 09.12.2013 (2)
  3. Windows Vista Trojaner
    Log-Analyse und Auswertung - 09.10.2013 (17)
  4. GVU Trojaner auf windows vista
    Plagegeister aller Art und deren Bekämpfung - 02.09.2013 (1)
  5. Windows Vista GVU-Trojaner
    Plagegeister aller Art und deren Bekämpfung - 25.08.2013 (1)
  6. gvu trojaner windows vista
    Plagegeister aller Art und deren Bekämpfung - 21.08.2013 (23)
  7. GVU Trojaner Windows Vista
    Log-Analyse und Auswertung - 22.07.2013 (1)
  8. GVU/Trojaner Windows Vista
    Plagegeister aller Art und deren Bekämpfung - 09.05.2013 (5)
  9. GVU-Trojaner auf Windows Vista
    Plagegeister aller Art und deren Bekämpfung - 27.03.2013 (1)
  10. GVU- Trojaner Windows Vista
    Log-Analyse und Auswertung - 20.01.2013 (7)
  11. GVU Trojaner , Windows Vista
    Plagegeister aller Art und deren Bekämpfung - 13.01.2013 (23)
  12. GVU Trojaner 2.07 auf Windows Vista
    Log-Analyse und Auswertung - 28.10.2012 (24)
  13. BKA Trojaner 1.15 (Windows Vista)
    Log-Analyse und Auswertung - 05.10.2012 (37)
  14. GUV Trojaner Windows Vista
    Log-Analyse und Auswertung - 01.08.2012 (3)
  15. Infiziert mit Windows-Verschlüsselungs Trojaner -Mail mit Telefonrechnung - windows vista
    Plagegeister aller Art und deren Bekämpfung - 06.05.2012 (12)
  16. BKA-Trojaner Windows Vista
    Plagegeister aller Art und deren Bekämpfung - 25.03.2012 (1)
  17. Windows Vista Home Premium 32-Bit Trojaner Windows gesperrt 50€ zahlen.
    Log-Analyse und Auswertung - 23.01.2012 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Windows Vista GVU Trojaner - Hallo, hab mir leider den GVU-Trojaner eingefangen. Hab Windows Vista. Abgesicherter Modus geht leider auch nicht, nur noch weisser Bildschirm. Anbei das OLT-Protokoll (reinkopiert, da Anhang nicht moeglich). Vielen Dank - Windows Vista GVU Trojaner...
Archiv
Du betrachtest: Windows Vista GVU Trojaner auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131