Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Virus EXP/CVE 2012-1723FO

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Alt 23.02.2013, 10:46   #1
Karl1k
 
Virus EXP/CVE 2012-1723FO - Standard

Virus EXP/CVE 2012-1723FO



Hallo ich habe folgendes Problem:

Kann den Computer nur noch im abgesicherten Modus starten. Habe Virenscanner von Avira genutzt und dieser hat 4 Viren erkannt. Leider habe ich diese sofort löschen lassen. Habe schon die rescue cd (rescue-system common-en) von Avira benutzt und das System zurückgesetzt auf einen Zeitpunkt vor der Virenerkennung. Habe auch schon CC Cleaner eingesetzt. Alles hat nicht zu einer Verbesserung geführt.

Habe jetzt OTL Analyseprogramm gestartet. Bring nur die OTLtxt als Auswertung. Die Extras.txt habe ich nicht angezeigt bekommen. Bin jetzt kurz davor in meiner Verzweiflung Combofix einzusetzen und wollte nochmal rückfragen. Ist das der richtige Weg? (dies wird auf eurem Seiteneintrag mit der Virusangabe empfohlen 27.8.2012)

Herzliche Grüße
Karl1K

Hier die OTL Datei

[OTL logfile created on: 23.02.2013 09:09:27 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = D:\
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

2,00 Gb Total Physical Memory | 1,35 Gb Available Physical Memory | 67,67% Memory free
4,23 Gb Paging File | 3,84 Gb Available in Paging File | 90,93% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 212,88 Gb Total Space | 105,93 Gb Free Space | 49,76% Space Free | Partition Type: NTFS
Drive D: | 20,00 Gb Total Space | 10,43 Gb Free Space | 52,16% Space Free | Partition Type: FAT32
Drive G: | 1,86 Gb Total Space | 1,57 Gb Free Space | 84,29% Space Free | Partition Type: FAT

Computer Name: SABINEKRAUß-PC | User Name: Karl1k | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - D:\OTL.exe (OldTimer Tools)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\OpenOffice.org 2.4\program\soffice.bin (OpenOffice.org)
PRC - C:\Programme\OpenOffice.org 2.4\program\soffice.exe (OpenOffice.org)
PRC - C:\Windows\HelpPane.exe (Microsoft Corporation)


========== Modules (No Company Name) ==========

MOD - C:\Programme\OpenOffice.org 2.4\program\nsldap32v50.dll ()
MOD - C:\Programme\OpenOffice.org 2.4\program\libxslt.dll ()
MOD - C:\Programme\OpenOffice.org 2.4\program\libxml2.dll ()


========== Services (SafeList) ==========

SRV - (Nero BackItUp Scheduler 3) -- C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe File not found
SRV - (BsMailProxy) -- C:\Program Files\BullGuard Software\BullGuard\BsMailProxy.dll File not found
SRV - (BsFileScan) -- C:\Program Files\BullGuard Software\BullGuard\BsFileScan.dll File not found
SRV - (BgMainSvc) -- C:\Program Files\BullGuard Software\BullGuard\BsMain.dll File not found
SRV - (BGLiveSvc) -- C:\Program Files\BullGuard Software\BullGuard\BullGuardUpdate.exe File not found
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (RealNetworks Downloader Resolver Service) -- C:\Programme\RealNetworks\RealDownloader\rndlresolversvc.exe ()
SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirWebService) -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirMailService) -- C:\Programme\Avira\AntiVir Desktop\avmailc.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirFirewallService) -- C:\Programme\Avira\AntiVir Desktop\avfwsvc.exe (Avira Operations GmbH & Co. KG)
SRV - (odserv) -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (srvcPVR) -- C:\Programme\Sceneo\AbsolutTV\Services\PVR\pvrservice.exe (Buhl Data Service GmbH)
SRV - (IAANTMON) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (GnabService) -- c:\Programme\Common Files\Gnab\Service\ServiceController.exe (Empolis GmbH)
SRV - (TOSHIBA Bluetooth Service) -- C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (FirebirdServerMAGIXInstance) -- C:\Programme\ALDI Sued Foto Service\Common\Database\bin\fbserver.exe (MAGIX®)
SRV - (x10nets) -- C:\Programme\Common Files\X10\Common\X10nets.exe (X10)


========== Driver Services (SafeList) ==========

DRV - (Reconn) -- C:\Program Files\BullGuard Software\BullGuard\reconn.sys File not found
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (blbdrive) -- C:\Windows\system32\drivers\blbdrive.sys File not found
DRV - (avfwot) -- C:\Windows\System32\drivers\avfwot.sys (Avira GmbH)
DRV - (avfwim) -- C:\Windows\System32\drivers\avfwim.sys (Avira GmbH)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira GmbH)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (Uim_IM) -- C:\Windows\System32\drivers\Uim_IM.sys (Paragon)
DRV - (Uim_Vim) -- C:\Windows\System32\drivers\Uim_Vim.sys (Paragon)
DRV - (UimBus) -- C:\Windows\System32\drivers\UimBus.sys (Windows (R) 2000 DDK provider)
DRV - (acedrv11) -- C:\Windows\System32\drivers\ACEDRV11.sys (Protect Software GmbH)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (PhilCap) -- C:\Windows\System32\drivers\PhilCap.sys (NXP Semiconductors Germany GmbH)
DRV - (BdFileSpy) -- C:\Windows\System32\drivers\BdFileSpy.sys (BullGuard Ltd.)
DRV - (DCamUSBGene) -- C:\Windows\System32\drivers\USBGENE.sys (Genesys Logic, Inc.)
DRV - (Tosrfusb) -- C:\Windows\System32\drivers\tosrfusb.sys (TOSHIBA CORPORATION)
DRV - (Tosrfcom) -- C:\Windows\System32\drivers\tosrfcom.sys (TOSHIBA Corporation)
DRV - (tosrfbd) -- C:\Windows\System32\drivers\tosrfbd.sys (TOSHIBA CORPORATION)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation )
DRV - (Tosrfhid) -- C:\Windows\System32\drivers\Tosrfhid.sys (TOSHIBA Corporation.)
DRV - (TosRfSnd) -- C:\Windows\System32\drivers\TosRfSnd.sys (TOSHIBA Corporation)
DRV - (XUIF) -- C:\Windows\System32\drivers\x10ufx2.sys (X10 Wireless Technology, Inc.)
DRV - (tosrfbnp) -- C:\Windows\System32\drivers\tosrfbnp.sys (TOSHIBA Corporation)
DRV - (X10Hid) -- C:\Windows\System32\drivers\x10hid.sys (X10 Wireless Technology, Inc.)
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems)
DRV - (R300) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (tosporte) -- C:\Windows\System32\drivers\tosporte.sys (TOSHIBA Corporation)
DRV - (tosrfnds) -- C:\Windows\System32\drivers\tosrfnds.sys (TOSHIBA Corporation.)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com/
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDA

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.mannheim.de/
IE - HKCU\..\SearchScopes,DefaultScope = {5624F8E7-B524-4488-ABAB-AE802DF33EA3}
IE - HKCU\..\SearchScopes\{5624F8E7-B524-4488-ABAB-AE802DF33EA3}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDA
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: {97E22097-9A2F-45b1-8DAF-36AD648C7EF4}:15.0.4
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_149.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.0.282: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.0.282: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: c:\Program Files\Sony\Media Go\npmediago.dll (Sony Creative Software Inc)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@doubletwist.com/NPPodcast: C:\Program Files\Common Files\doubleTwist\NPPodcast.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{34712C68-7391-4c47-94F3-8F88D49AD632}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2012.12.23 20:26:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.12.23 20:25:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.12.23 20:25:47 | 000,000,000 | ---D | M]

[2010.03.14 17:00:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Karl1k\AppData\Roaming\mozilla\Extensions
[2012.10.26 21:49:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Karl1k\AppData\Roaming\mozilla\Firefox\Profiles\pgrujmdh.default\extensions
[2012.08.14 20:57:45 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Karl1k\AppData\Roaming\mozilla\Firefox\Profiles\pgrujmdh.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.10.02 06:29:48 | 000,005,325 | ---- | M] () -- C:\Users\Karl1k\AppData\Roaming\mozilla\firefox\profiles\pgrujmdh.default\searchplugins\t-online.xml
[2010.10.02 06:29:35 | 000,005,426 | ---- | M] () -- C:\Users\Karl1k\AppData\Roaming\mozilla\firefox\profiles\pgrujmdh.default\searchplugins\yahoo.xml
[2011.07.28 18:57:09 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2011.07.28 18:57:09 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011.07.28 18:57:09 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT
File not found (No name found) -- C:\USERS\SABINE KRAUß\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PGRUJMDH.DEFAULT\EXTENSIONS\{20A82645-C095-46ED-80E3-08825760534B}
[2011.05.04 03:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012.12.23 20:25:05 | 000,124,056 | ---- | M] (RealPlayer) -- C:\Program Files\mozilla firefox\plugins\nprpplugin.dll
[2010.01.16 02:15:29 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.01.16 02:15:29 | 000,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2010.01.16 02:15:29 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.01.16 02:15:29 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.01.16 02:15:29 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml

========== Chrome ==========

CHR - homepage: hxxp://www.google.com
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{googleriginalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFiel dTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: hxxp://www.google.com
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\19.0.1084.56\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = c:\program files\real\realplayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = c:\program files\real\realplayer\Netscape6\nprpjplug.dll
CHR - plugin: Chrome NaCl (Enabled) = C:\Program Files\Google\Chrome\Application\19.0.1084.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\19.0.1084.56\pdf.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Updater (Enabled) = C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Media Go Detector (Enabled) = c:\Program Files\Sony\Media Go\npmediago.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = c:\program files\real\realplayer\Netscape6\nprjplug.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: RealDownloader = C:\Users\Karl1k\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.0_0\

O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Programme\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Programme\Google\GoogleToolbar1.dll (Google Germany GmbH)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Programme\Google\GoogleToolbar1.dll (Google Germany GmbH)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Programme\Google\GoogleToolbar1.dll (Google Germany GmbH)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\HomeCinema\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [DataLayer] C:\Programme\Common Files\PCSuite\DataLayer\DataLayer.exe (Nokia Mobile Phones Ltd.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\HomeCinema\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe (Nokia)
O4 - HKLM..\Run: [RemoteControl] C:\Program Files\HomeCinema\PowerDVD\PDVDServ.exe (Cyberlink Corp.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [TkBellExe] c:\program files\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [toolbar_eula_launcher] C:\Programme\GoogleEULA\EULALauncher.exe ( )
O4 - HKLM..\Run: [UCam_Menu] C:\Program Files\HomeCinema\YouCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe File not found
O4 - HKCU..\Run: [NWB_steuerXpert] C:\Program Files\NWB\SteuerXpert\IPview.exe (SHI Elektronische Medien GmbH)
O4 - HKCU..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe (Time Information Services Ltd.)
O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Karl1k\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O4 - Startup: C:\Users\Karl1k\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 2.4.lnk = C:\Programme\OpenOffice.org 2.4\program\quickstart.exe ()
O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-25/4 File not found
O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-25/4 File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Programme\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Programme\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: friadent-gmbh.de ([hermes] https in Trusted sites)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1196839374280 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BC007ABC-3C0C-49A3-B143-4E67BF6BCA89}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Public\Pictures\Sample Pictures\Forest.jpg
O24 - Desktop BackupWallPaper: C:\Users\Public\Pictures\Sample Pictures\Forest.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013.02.23 08:00:45 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013.02.22 11:33:29 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013.02.22 11:33:29 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013.02.22 11:33:29 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013.02.22 11:33:15 | 000,000,000 | --SD | C] -- C:\ComboFix
[2013.02.22 11:16:56 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.02.22 11:16:27 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2011.04.11 19:23:59 | 003,050,664 | ---- | C] (Piriform Ltd) -- C:\Program Files\ccsetup305_1409.exe
[2008.08.03 20:28:03 | 003,167,496 | ---- | C] (DataDesign AG) -- C:\Users\Karl1k\DDBAC.EXE

========== Files - Modified Within 30 Days ==========

[2013.02.23 08:33:12 | 000,680,454 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.02.23 08:33:12 | 000,639,842 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.02.23 08:33:12 | 000,148,200 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.02.23 08:33:12 | 000,121,830 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.02.23 07:56:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.02.23 07:55:56 | 000,381,640 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.02.18 20:58:00 | 000,000,680 | ---- | M] () -- C:\Users\Karl1k\AppData\Local\d3d9caps.dat
[2013.02.17 18:48:58 | 000,028,504 | ---- | M] () -- C:\Users\Karl1k\AppData\Roaming\nvModes.001
[2013.02.17 18:47:43 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.02.17 18:47:38 | 000,003,168 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013.02.17 18:47:37 | 000,003,168 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013.02.16 22:59:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.02.16 22:29:31 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.01.29 06:56:38 | 000,028,504 | ---- | M] () -- C:\Users\Karl1k\AppData\Roaming\nvModes.dat
[2013.01.27 23:14:29 | 000,001,266 | ---- | M] () -- C:\Windows\WISO.INI
[2013.01.25 08:07:34 | 000,001,022 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job

========== Files Created - No Company Name ==========

[2013.02.22 11:33:29 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013.02.22 11:33:29 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013.02.22 11:33:29 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013.02.22 11:33:29 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013.02.22 11:33:29 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013.02.18 20:58:00 | 000,000,680 | ---- | C] () -- C:\Users\Karl1k\AppData\Local\d3d9caps.dat
[2012.11.10 12:31:45 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2012.11.10 12:29:40 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011.10.22 20:10:15 | 000,170,413 | ---- | C] () -- C:\Users\Karl1k\productEditor.jsf.htm
[2011.09.18 11:45:56 | 000,057,344 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2011.08.10 18:22:35 | 000,000,000 | ---- | C] () -- C:\Windows\buhl.ini
[2011.08.10 18:21:38 | 000,016,183 | ---- | C] () -- C:\Windows\System32\SELF32.INI
[2011.08.10 18:21:26 | 000,182,304 | ---- | C] () -- C:\Windows\System32\BpShellEx.dll
[2010.09.19 21:58:07 | 000,044,253 | ---- | C] () -- C:\Users\Karl1k\part.mcf
[2010.09.17 22:39:28 | 000,044,978 | ---- | C] () -- C:\Users\Karl1k\Mein Kalender 2011.mcf
[2010.09.17 22:39:28 | 000,044,973 | ---- | C] () -- C:\Users\Karl1k\Mein Kalender 2011.mcf~
[2009.11.30 21:27:48 | 000,000,056 | ---- | C] () -- C:\ProgramData\ezsidmv.dat
[2009.03.08 21:36:13 | 000,000,268 | R--- | C] () -- C:\ProgramData\Sci-Fi
[2009.03.08 21:36:13 | 000,000,268 | R--- | C] () -- C:\Users\Karl1k\AppData\Roaming\Sample Delay
[2009.03.08 21:36:13 | 000,000,020 | ---- | C] () -- C:\ProgramData\PKP_DLdu.DAT
[2009.03.08 21:36:13 | 000,000,012 | R--- | C] () -- C:\ProgramData\Smooth Strings
[2008.09.20 15:10:48 | 000,028,504 | ---- | C] () -- C:\Users\Karl1k\AppData\Roaming\nvModes.001
[2008.09.20 15:10:47 | 000,028,504 | ---- | C] () -- C:\Users\Karl1k\AppData\Roaming\nvModes.dat
[2008.04.08 20:18:34 | 000,000,052 | ---- | C] () -- C:\Users\Karl1k\AppData\Roaming\Default.PLS
[2008.01.23 21:34:17 | 000,032,256 | ---- | C] () -- C:\Users\Karl1k\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.01.23 20:51:10 | 000,000,100 | ---- | C] () -- C:\Users\Karl1k\AppData\Local\fusioncache.dat

========== ZeroAccess Check ==========

[2006.11.02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.10 23:28:20 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.10 23:28:26 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2011.01.16 17:54:24 | 000,000,000 | ---D | M] -- C:\Users\Karl1k\AppData\Roaming\Buhl
[2008.04.24 19:56:20 | 000,000,000 | ---D | M] -- C:\Users\Karl1k\AppData\Roaming\Buhl Data Service
[2011.09.18 11:26:06 | 000,000,000 | ---D | M] -- C:\Users\Karl1k\AppData\Roaming\Buhl Data Service GmbH
[2012.01.31 22:24:10 | 000,000,000 | ---D | M] -- C:\Users\Karl1k\AppData\Roaming\ChessBase
[2008.08.03 20:30:42 | 000,000,000 | ---D | M] -- C:\Users\Karl1k\AppData\Roaming\DataDesign
[2012.05.07 21:27:23 | 000,000,000 | ---D | M] -- C:\Users\Karl1k\AppData\Roaming\DataLayer
[2008.04.14 19:16:06 | 000,000,000 | ---D | M] -- C:\Users\Karl1k\AppData\Roaming\eurowin
[2008.09.20 15:10:38 | 000,000,000 | ---D | M] -- C:\Users\Karl1k\AppData\Roaming\KIDDINX
[2011.12.04 19:33:38 | 000,000,000 | ---D | M] -- C:\Users\Karl1k\AppData\Roaming\LetsTrade
[2008.04.12 17:41:02 | 000,000,000 | ---D | M] -- C:\Users\Karl1k\AppData\Roaming\MAGIX
[2010.04.06 20:35:05 | 000,000,000 | ---D | M] -- C:\Users\Karl1k\AppData\Roaming\Nikon
[2012.05.07 21:22:57 | 000,000,000 | ---D | M] -- C:\Users\Karl1k\AppData\Roaming\Nokia
[2012.05.07 21:42:53 | 000,000,000 | ---D | M] -- C:\Users\Karl1k\AppData\Roaming\Nokia Multimedia Player
[2011.07.24 12:24:55 | 000,000,000 | ---D | M] -- C:\Users\Karl1k\AppData\Roaming\NWB
[2011.09.18 11:43:28 | 000,000,000 | ---D | M] -- C:\Users\Karl1k\AppData\Roaming\OpenCandy
[2009.08.12 20:51:17 | 000,000,000 | ---D | M] -- C:\Users\Karl1k\AppData\Roaming\PC Suite
[2013.01.20 18:18:51 | 000,000,000 | ---D | M] -- C:\Users\Karl1k\AppData\Roaming\redsn0w
[2008.04.24 20:53:43 | 000,000,000 | ---D | M] -- C:\Users\Karl1k\AppData\Roaming\Sonavis
[2010.01.09 19:24:29 | 000,000,000 | ---D | M] -- C:\Users\Karl1k\AppData\Roaming\Sony
[2010.01.09 19:15:40 | 000,000,000 | ---D | M] -- C:\Users\Karl1k\AppData\Roaming\Sony Setup
[2012.09.14 22:11:33 | 000,000,000 | ---D | M] -- C:\Users\Karl1k\AppData\Roaming\TuneUp Software
[2008.09.07 11:01:04 | 000,000,000 | ---D | M] -- C:\Users\Karl1k\AppData\Roaming\TVcentral-Core
[2009.07.02 17:35:33 | 000,000,000 | ---D | M] -- C:\Users\Karl1k\AppData\Roaming\VMedia

========== Purity Check ==========



< End of report >
]

 

Themen zu Virus EXP/CVE 2012-1723FO
abgesicherter modus, autorun, avira, bho, bonjour, cc cleaner, ccsetup, combofix, computer, defender, desktop, downloader, error, firefox, flash player, format, home, homepage, logfile, object, plug-in, problem, realtek, registry, scan, senden, software, virus, virus exp/cve, vista




Ähnliche Themen: Virus EXP/CVE 2012-1723FO


  1. Skype-Virus vom 29.09.2012
    Log-Analyse und Auswertung - 01.10.2012 (1)
  2. Polizeieinheit 5.2 Virus am 9.8.2012
    Log-Analyse und Auswertung - 09.09.2012 (6)
  3. BKA Virus 09.08.2012
    Log-Analyse und Auswertung - 09.09.2012 (8)
  4. Virus EXP/CVE-2012-1723.A.110
    Plagegeister aller Art und deren Bekämpfung - 30.08.2012 (7)
  5. Polizei Virus Österreich, am 31.07.2012
    Log-Analyse und Auswertung - 21.08.2012 (10)
  6. EXP/2012-0507.cr Virus von Avira gefunden – Wie entfernen?
    Log-Analyse und Auswertung - 06.08.2012 (14)
  7. Polizei Virus Österreich vom 23. Juli 2012
    Plagegeister aller Art und deren Bekämpfung - 26.07.2012 (23)
  8. EXP/2012-0507.CR Virus gefunden!
    Log-Analyse und Auswertung - 18.07.2012 (6)
  9. Virus Löschen SMART FORTRESS 2012
    Plagegeister aller Art und deren Bekämpfung - 11.05.2012 (1)
  10. Virus/Malware 'EXP/CVE-2012-0507' gefunden - was tun?
    Log-Analyse und Auswertung - 18.04.2012 (1)
  11. (2x) Trojanerproblem nach Smart Fortress 2012 Virus
    Mülltonne - 09.04.2012 (1)
  12. (2x) Java Virus? EXP/CVE-2012-0507.A und weitere
    Mülltonne - 25.03.2012 (1)
  13. AKM-Virus 2012
    Plagegeister aller Art und deren Bekämpfung - 06.03.2012 (6)
  14. Windows 7 Home Security 2012 Virus loswerden?
    Plagegeister aller Art und deren Bekämpfung - 03.01.2012 (2)
  15. xp Security 2012 Virus entfernen
    Plagegeister aller Art und deren Bekämpfung - 13.07.2011 (3)
  16. Windows XP 2012 Security virus entfernen!
    Plagegeister aller Art und deren Bekämpfung - 30.06.2011 (6)
  17. Win 7 Antispyware 2012, Vista Antivirus 2012, XP Security 2012 entfernen
    Anleitungen, FAQs & Links - 07.06.2011 (2)

Zum Thema Virus EXP/CVE 2012-1723FO - Hallo ich habe folgendes Problem: Kann den Computer nur noch im abgesicherten Modus starten. Habe Virenscanner von Avira genutzt und dieser hat 4 Viren erkannt. Leider habe ich diese sofort - Virus EXP/CVE 2012-1723FO...
Archiv
Du betrachtest: Virus EXP/CVE 2012-1723FO auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.