Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
GVU Trojaner auch in meinem Rechner !

GVU Trojaner auch in meinem Rechner !


Log-Analyse und Auswertung: GVU Trojaner auch in meinem Rechner !

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 28.02.2013, 15:25   #1
joez
 
GVU Trojaner auch in meinem Rechner ! - Standard

GVU Trojaner auch in meinem Rechner !


An das TB Team und alle anderen, die hier freundlicherweise helfen,

ich habe den GVU Trojaner und habe mich schon ein bisschen reingelesen.

Hier die OTL.txt * die extra.txt hat das System leider auch bei mir nicht ausgespuckt.

Koennt ihr m ir helfen das @Ding@ wieder loszuwerden.

Viele Gruss

Joez

OTL logfile created on: 2/28/2013 2:38:28 PM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Windows Vista (TM) Home Premium Service Pack 2 (Version = 6.0.6002) - Type = System
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 88.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 97.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 144.04 Gb Total Space | 45.93 Gb Free Space | 31.89% Space Free | Partition Type: NTFS
Drive D: | 139.50 Gb Total Space | 17.29 Gb Free Space | 12.40% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001

========== Win32 Services (SafeList) ==========

SRV - [2013/02/27 04:06:48 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/02/25 14:05:57 | 000,143,360 | ---- | M] () [Auto] -- C:\Users\joez\3299357.dll -- (Winmgmt)
SRV - [2013/02/22 07:19:05 | 000,096,768 | ---- | M] () [Auto] -- C:\Windows\System32\GFilterSvc.exe -- (GFilterSvc)
SRV - [2013/02/22 07:19:04 | 000,067,584 | ---- | M] () [Auto] -- C:\Windows\System32\mfc100lor.exe -- (dfrgifcd)
SRV - [2013/02/20 02:31:16 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/01/08 09:19:46 | 000,161,536 | R--- | M] (Skype Technologies) [Auto] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/12/18 09:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/11/16 17:33:34 | 000,380,096 | ---- | M] () [Auto] -- C:\Program Files\Zarafa\Zarafa Outlook Client\ZarafaUpdaterService.exe -- (ZarafaUpdaterService.exe)
SRV - [2011/11/08 05:54:25 | 000,554,160 | ---- | M] (Star Finanz - Software Entwicklung und Vertriebs GmbH) [Auto] -- C:\Program Files\StarMoney 7.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe -- (StarMoney 7.0 OnlineUpdate)
SRV - [2011/08/25 04:50:50 | 000,270,672 | ---- | M] () [Auto] -- C:\Program Files\1&1 Surf-Stick\AssistantServices.exe -- (UI Assistant Service)
SRV - [2011/03/29 15:51:30 | 000,681,488 | ---- | M] (Trend Micro Inc.) [On_Demand] -- C:\Program Files\Trend Micro\Security Agent\tmlisten.exe -- (TmListen)
SRV - [2011/01/21 04:11:54 | 000,196,320 | ---- | M] (Trend Micro Inc.) [Auto] -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe -- (Amsp)
SRV - [2009/07/08 05:41:17 | 003,520,512 | ---- | M] () [Auto] -- C:\Program Files\Acer\Acer Bio Protection\BASVC.exe -- (IGBASVC)
SRV - [2009/05/20 13:18:32 | 000,075,048 | ---- | M] () [Auto] -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe -- (CLHNService)
SRV - [2009/04/08 13:49:30 | 000,344,064 | ---- | M] (AVerMedia) [Auto] -- C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe -- (AVerRemote)
SRV - [2008/12/09 20:01:50 | 000,405,504 | ---- | M] () [Auto] -- C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe -- (AVerScheduleService)
SRV - [2008/07/29 10:53:00 | 000,500,784 | ---- | M] (Egis Incorporated) [Auto] -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe -- (eDataSecurity Service)
SRV - [2008/07/20 10:45:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2008/06/02 02:25:40 | 000,024,576 | ---- | M] () [On_Demand] -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe -- (ETService)
SRV - [2008/05/25 22:43:58 | 000,599,344 | ---- | M] (Validity Sensors, Inc.) [Auto] -- C:\Windows\System32\vfsFPService.exe -- (vfsFPService)
SRV - [2008/04/30 13:41:12 | 000,815,104 | ---- | M] (Intel(R) Corporation) [Auto] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2008/04/30 13:10:10 | 000,466,944 | ---- | M] (Intel(R) Corporation) [Auto] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2008/01/20 21:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/01/10 10:03:00 | 000,233,472 | ---- | M] (Acer Incorporated) [Auto] -- C:\Program Files\Acer\Acer VCM\RS_Service.exe -- (RS_Service)
SRV - [2007/12/10 22:15:04 | 000,012,800 | ---- | M] (Agere Systems) [Auto] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2007/12/06 10:15:28 | 000,110,592 | ---- | M] () [Auto] -- C:\Acer\Mobility Center\MobilityService.exe -- (MobilityService)
SRV - [2000/05/24 08:20:36 | 000,015,360 | ---- | M] (Adobe Systems Incorporated) [Disabled] -- C:\Windows\System32\ATMsrvc.exe -- (ATMsrvc)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand] -- -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand] -- -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand] -- -- (IpInIp)
DRV - File not found [Kernel | On_Demand] -- -- (hwusbdev)
DRV - File not found [Kernel | On_Demand] -- -- (hwdatacard)
DRV - [2011/06/20 23:09:00 | 000,200,976 | ---- | M] (Trend Micro Inc.) [Kernel | Auto] -- C:\Windows\System32\drivers\tmcomm.sys -- (tmcomm)
DRV - [2011/03/26 04:37:12 | 000,107,776 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV - [2011/03/26 04:37:12 | 000,107,776 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV - [2011/03/26 04:37:12 | 000,107,776 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV - [2011/03/26 04:37:12 | 000,009,216 | ---- | M] (MBB Incorporated) [Kernel | On_Demand] -- C:\Windows\System32\drivers\massfilter.sys -- (massfilter)
DRV - [2011/02/25 07:10:00 | 000,081,168 | ---- | M] (Trend Micro Inc.) [Kernel | Auto] -- C:\Windows\System32\drivers\tmactmon.sys -- (tmactmon)
DRV - [2011/02/25 07:09:00 | 000,065,296 | ---- | M] (Trend Micro Inc.) [Kernel | Auto] -- C:\Windows\System32\drivers\tmevtmgr.sys -- (tmevtmgr)
DRV - [2011/02/22 20:05:02 | 000,028,032 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\lgandnetmodem.sys -- (ANDNetModem)
DRV - [2011/02/22 20:05:02 | 000,023,168 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\lgandnetdiag.sys -- (AndNetDiag)
DRV - [2011/02/13 19:42:36 | 000,020,864 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2011/02/13 19:42:34 | 000,025,216 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2011/02/13 19:42:32 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2011/01/20 06:07:15 | 000,099,216 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\jmcr.sys -- (JMCR)
DRV - [2010/12/07 07:23:00 | 000,025,088 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\lgandmodem.sys -- (ANDModem)
DRV - [2010/12/07 07:23:00 | 000,020,736 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\lganddiag.sys -- (AndDiag)
DRV - [2010/12/07 07:23:00 | 000,020,096 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\lgandgps.sys -- (AndGps)
DRV - [2010/12/07 07:22:58 | 000,014,336 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\lgandbus.sys -- (Andbus)
DRV - [2010/09/30 16:59:16 | 000,092,112 | ---- | M] (Trend Micro Inc.) [Kernel | System] -- C:\Windows\System32\drivers\tmtdi.sys -- (tmtdi)
DRV - [2009/07/08 05:41:13 | 000,043,184 | ---- | M] (Alfa Corporation) [File_System | Boot] -- C:\Windows\System32\drivers\AlfaFF.sys -- (AlfaFF)
DRV - [2009/01/05 01:47:18 | 000,487,168 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\AVerAF15DMBTH.sys -- (AVerAF15DMBTH)
DRV - [2008/12/05 12:24:00 | 007,538,560 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008/09/24 23:39:48 | 000,045,600 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2008/06/02 02:20:12 | 000,015,392 | ---- | M] (Acer, Inc.) [Kernel | Auto] -- C:\Windows\System32\drivers\int15.sys -- (int15)
DRV - [2008/05/25 22:44:14 | 000,040,752 | ---- | M] (Validity Sensors, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\vfs101x.sys -- (vfs101x)
DRV - [2008/05/19 11:23:00 | 000,047,104 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\L1E60x86.sys -- (L1E)
DRV - [2008/04/27 17:29:26 | 003,658,752 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel(R)
DRV - [2008/02/29 02:13:38 | 001,202,560 | ---- | M] (Agere Systems) [Kernel | On_Demand] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2007/12/18 10:12:12 | 000,054,784 | ---- | M] (ITE Tech. Inc. ) [Kernel | On_Demand] -- C:\Windows\System32\drivers\itecir.sys -- (itecir)
DRV - [2006/11/02 08:27:34 | 000,020,112 | ---- | M] (Dritek System Inc.) [Kernel | System] -- C:\Program Files\Launch Manager\DPortIO.sys -- (DritekPortIO)
DRV - [2006/07/24 10:05:00 | 000,005,632 | ---- | M] () [File_System | System] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2006/04/07 10:06:38 | 000,038,496 | ---- | M] (OLYMPUS IMAGING CORP.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\VNUSB.sys -- (VNUSB)
DRV - [2005/03/02 03:13:50 | 000,053,344 | ---- | M] (Warp Nine Engineering) [Kernel | Auto] -- C:\Program Files\Cutting Master 2 1.60\Program\Par1284.sys -- (Par1284)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=0&o=vp32&d=0709&m=aspire_8930
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=0&o=vp32&d=0709&m=aspire_8930


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\joez_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=0&o=vp32&d=0709&m=aspire_8930
IE - HKU\joez_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com [binary data]
IE - HKU\joez_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\joez_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\joez_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/
IE - HKU\joez_ON_C\Software\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\joez_ON_C\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\joez_ON_C\..\URLSearchHook: {a51a36e6-31e7-4838-9ff7-76298b527ec0} - Reg Error: Key error. File not found
IE - HKU\joez_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\joez_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local




========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Sichere Suche"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.freenet.de"
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.3.1
FF - prefs.js..keyword.URL: "hxxp://de.search.yahoo.com/search?fr=mcafee&p="

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.5: File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101721.dll (Amazon.com, Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{22C7F6C6-8D67-4534-92B5-529A0EC09405}: C:\Program Files\Trend Micro\AMSP\Module\20004\1.6.1165\6.6.1081\firefoxextension\ [2012/09/26 15:18:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fmconverter@gmail.com: C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ [2012/12/31 09:33:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/02/20 02:31:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/02/21 08:23:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.3\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2013/01/12 09:24:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.3\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\firejump@firejump.net: C:\Users\joez\AppData\Roaming\Mozilla\Firefox\Profiles\6ndri23y.default\extensions\firejump@firejump.net
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/02/20 02:31:17 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/02/21 08:23:23 | 000,000,000 | ---D | M]

[2010/08/31 15:13:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\joez\AppData\Roaming\Mozilla\Extensions
[2010/08/31 15:13:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\joez\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2013/02/25 12:46:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\joez\AppData\Roaming\Mozilla\Firefox\Profiles\6ndri23y.default\extensions
[2011/03/24 11:39:42 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\joez\AppData\Roaming\Mozilla\Firefox\Profiles\6ndri23y.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/08/25 10:52:04 | 000,000,000 | ---D | M] (Microsoft Default Manager) -- C:\Users\joez\AppData\Roaming\Mozilla\Firefox\Profiles\6ndri23y.default\extensions\DefaultManager@Microsoft
[2013/01/18 07:52:57 | 000,000,911 | ---- | M] () -- C:\Users\joez\AppData\Roaming\Mozilla\Firefox\Profiles\6ndri23y.default\searchplugins\11-suche.xml
[2013/01/18 07:52:57 | 000,002,273 | ---- | M] () -- C:\Users\joez\AppData\Roaming\Mozilla\Firefox\Profiles\6ndri23y.default\searchplugins\englische-ergebnisse.xml
[2013/01/18 07:52:57 | 000,010,563 | ---- | M] () -- C:\Users\joez\AppData\Roaming\Mozilla\Firefox\Profiles\6ndri23y.default\searchplugins\gmx-suche.xml
[2013/01/18 07:52:57 | 000,002,432 | ---- | M] () -- C:\Users\joez\AppData\Roaming\Mozilla\Firefox\Profiles\6ndri23y.default\searchplugins\lastminute.xml
[2013/01/18 07:52:57 | 000,005,545 | ---- | M] () -- C:\Users\joez\AppData\Roaming\Mozilla\Firefox\Profiles\6ndri23y.default\searchplugins\webde-suche.xml
[2013/02/20 02:31:04 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) --
[2013/02/20 02:31:17 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/04/14 07:01:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files\mozilla firefox\components\Scriptff.dll
[2011/12/22 10:45:23 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012/06/08 01:35:36 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012/08/30 01:35:57 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/06/08 01:35:36 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012/06/08 01:35:36 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011/09/27 07:28:14 | 000,002,027 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml
[2012/06/08 01:35:36 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012/06/08 01:35:36 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2006/09/18 16:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.6.1165\6.6.1081\TmIEPlg.dll (Trend Micro Inc.)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - File not found
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (Egis)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKU\joez_ON_C\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\joez_ON_C\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [eRecoveryService] File not found
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [Trend Micro Client Framework] C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe (Trend Micro Inc.)
O4 - HKU\LocalService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\NetworkService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - Startup: C:\Users\joez\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\runctf.lnk = X:\I386\SYSTEM32\RUNDLL32.EXE (Microsoft Corporation)
O8 - Extra context menu item: An OneNote s&enden - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe ()
O9 - Extra 'Tools' menuitem : Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe ()
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll (Apple Inc.)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {00134F72-5284-44F7-95A8-52A619F70752} https://192.168.3.3:4343/officescan/console/ClientInstall/WinNTChk.cab (ObjWinNTCheck Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {9BBB3919-F518-4D06-8209-299FC243FC44} https://server:4343/SMB/console/html/root/AtxEnc.cab (Encrypt Class)
O16 - DPF: {9DCD8EB7-E925-45C9-9321-8CA843FBEDCC} https://server:4343/SMB/console/html/root/AtxConsole.cab (Security Server Management-Konsole)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.6.1165\6.6.1081\TmIEPlg.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmtbim {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Security Agent\UIFrameWork\ProToolbarIMRatingActiveX.dll (Trend Micro Inc.)
O20 - AppInit_DLLs: (C:\PROGRA~1\Zarafa\ZARAFA~1\zcompat.dll) - C:\Program Files\Zarafa\Zarafa Outlook Client\zcompat.dll ()
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AWinNotifyVitaKey MC3000: DllName - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll (Arachnoid Biometrics Identification Group Corp.)
O24 - Desktop WallPaper: D:\Pictures\Emma\MichelFest 008.jpg
O24 - Desktop BackupWallPaper: D:\Pictures\Emma\MichelFest 008.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{5086fd02-7a34-11df-8906-8f9d36f19ea4}\Shell - "" = AutoRun
O33 - MountPoints2\{5086fd02-7a34-11df-8906-8f9d36f19ea4}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{73ff45f8-6dac-11df-a034-89e5b4d34daa}\Shell - "" = AutoRun
O33 - MountPoints2\{73ff45f8-6dac-11df-a034-89e5b4d34daa}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{73ff4605-6dac-11df-a034-89e5b4d34daa}\Shell - "" = AutoRun
O33 - MountPoints2\{73ff4605-6dac-11df-a034-89e5b4d34daa}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{9495d176-6e7a-11df-90da-daec55eb3e77}\Shell - "" = AutoRun
O33 - MountPoints2\{9495d176-6e7a-11df-90da-daec55eb3e77}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{a98ffe14-b914-11e1-9b0f-a73389e28aa6}\Shell - "" = AutoRun
O33 - MountPoints2\{a98ffe14-b914-11e1-9b0f-a73389e28aa6}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (MACHINE BootExecut) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2013/02/26 12:38:28 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2013/02/25 08:14:39 | 000,000,000 | ---D | C] -- C:\Users\joez\Documents\Amazon MP3
[2013/02/25 08:14:39 | 000,000,000 | ---D | C] -- C:\Users\joez\AppData\Roaming\Amazon
[2013/02/25 08:14:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amazon
[2013/02/25 08:14:13 | 000,000,000 | ---D | C] -- C:\Program Files\Amazon
[2013/02/20 02:31:03 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/02/18 06:28:19 | 000,000,000 | ---D | C] -- C:\Users\joez\Desktop\Puschenalarm
[2013/02/13 15:40:21 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013/02/13 15:40:20 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2013/02/13 15:40:20 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013/02/13 15:40:20 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013/02/13 15:40:20 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013/02/13 15:40:19 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2013/02/13 15:40:19 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013/02/13 15:40:18 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013/02/13 15:40:18 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013/02/13 15:40:17 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013/02/13 15:15:51 | 002,048,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013/02/13 15:15:50 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2013/02/13 15:15:46 | 003,602,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2013/02/13 15:15:46 | 003,550,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2013/02/06 04:40:04 | 000,655,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcr90.dll
[2013/02/06 04:40:04 | 000,568,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcp90.dll
[2013/02/06 04:40:04 | 000,224,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcm90.dll
[2013/02/05 12:58:05 | 000,000,000 | ---D | C] -- C:\Windows\BUVC_AP
[2013/02/03 05:59:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013/02/03 05:59:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2013/02/03 05:59:09 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2011/08/12 07:50:49 | 000,034,816 | ---- | C] ( ) -- C:\Windows\System32\RC00C140.dll
[2008/07/22 03:01:25 | 000,049,152 | ---- | C] ( ) -- C:\Windows\Interop.IWshRuntimeLibrary.dll

========== Files - Modified Within 30 Days ==========

[2013/02/28 04:44:07 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/02/28 04:43:47 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2013/02/28 04:43:02 | 000,033,106 | ---- | M] () -- C:\ProgramData\nvModes.001
[2013/02/28 04:43:00 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/02/28 04:43:00 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/02/28 04:42:53 | 3218,046,976 | -HS- | M] () -- C:\hiberfil.sys
[2013/02/28 03:35:31 | 000,948,708 | ---- | M] () -- C:\ProgramData\7539923.pad
[2013/02/28 03:35:13 | 000,033,106 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2013/02/28 03:34:46 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/02/27 12:23:18 | 000,000,882 | ---- | M] () -- C:\Users\joez\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\runctf.lnk
[2013/02/27 11:04:37 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/02/27 06:48:16 | 000,331,339 | ---- | M] () -- C:\Users\joez\AppData\Local\census.cache
[2013/02/27 06:47:05 | 000,229,260 | ---- | M] () -- C:\Users\joez\AppData\Local\ars.cache
[2013/02/27 06:46:05 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/02/27 06:22:03 | 000,000,036 | ---- | M] () -- C:\Users\joez\AppData\Local\housecall.guid.cache
[2013/02/27 04:05:02 | 000,691,568 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013/02/27 04:05:02 | 000,071,024 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013/02/26 12:47:12 | 000,000,000 | R--D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
[2013/02/26 06:53:26 | 000,004,680 | ---- | M] () -- C:\Windows\ULEAD32.INI
[2013/02/26 01:52:55 | 000,000,366 | ---- | M] () -- C:\Windows\DCEBOOT.RST
[2013/02/25 14:11:18 | 000,022,064 | ---- | M] () -- C:\Windows\DCEBoot.exe
[2013/02/25 08:14:16 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amazon
[2013/02/25 06:40:31 | 002,680,685 | ---- | M] () -- C:\Users\joez\Desktop\Die Ärzte ELKE.mp3
[2013/02/25 05:49:37 | 003,695,177 | ---- | M] () -- C:\Users\joez\Desktop\Snow Patrol Chasing Cars.mp3
[2013/02/25 04:56:51 | 002,922,423 | ---- | M] () -- C:\Users\joez\Desktop\EMF unbelievable.mp3
[2013/02/25 04:46:29 | 002,569,508 | ---- | M] () -- C:\Users\joez\Desktop\Labrassbanda Nackert.mp3
[2013/02/25 04:41:55 | 003,878,765 | ---- | M] () -- C:\Users\joez\Desktop\Labrassbanda Bauersbua.mp3
[2013/02/25 04:36:31 | 002,972,891 | ---- | M] () -- C:\Users\joez\Desktop\unbekannter Sender, 25-02-2013, 10 Uhr 32.mp3
[2013/02/25 04:30:38 | 003,217,920 | ---- | M] () -- C:\Users\joez\Desktop\Jet Are you gonna be my girl.mp3
[2013/02/25 04:20:41 | 003,170,011 | ---- | M] () -- C:\Users\joez\Desktop\Seven Nation Army The White Stripes .mp3
[2013/02/22 07:19:05 | 000,096,768 | ---- | M] () -- C:\Windows\System32\GFilterSvc.exe
[2013/02/22 07:19:04 | 000,067,584 | ---- | M] () -- C:\Windows\System32\mfc100lor.exe
[2013/02/22 07:18:54 | 000,001,468 | ---- | M] () -- C:\Users\joez\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Amazon.lnk
[2013/02/22 02:04:10 | 000,002,641 | ---- | M] () -- C:\Users\joez\Desktop\CorelDRAW X4.lnk
[2013/02/20 08:26:57 | 021,684,038 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013/02/20 08:26:57 | 007,327,736 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/02/20 08:26:57 | 006,548,952 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/02/20 08:26:53 | 007,173,390 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013/02/17 15:40:03 | 000,000,354 | ---- | M] () -- C:\Windows\tasks\Driver Robot.job
[2013/02/14 08:22:04 | 000,062,170 | ---- | M] () -- C:\Users\joez\Desktop\Lieferschein Ponchos.pdf
[2013/02/13 15:56:21 | 000,445,312 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/02/12 07:17:15 | 000,406,120 | ---- | M] () -- C:\Users\joez\Desktop\Minties Muster orange.psd
[2013/02/07 04:17:46 | 000,038,173 | ---- | M] () -- C:\Users\joez\Desktop\ks207.jpg
[2013/02/06 04:41:06 | 000,002,413 | ---- | M] () -- C:\Windows\System32\lgAxconfig.ini
[2013/02/06 04:40:37 | 000,000,783 | ---- | M] () -- C:\Users\joez\Desktop\LGMobile Support Tool.lnk
[2013/02/06 04:40:37 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LGMobile Support Tool
[2013/02/05 13:54:35 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
[2013/02/03 05:59:10 | 000,001,880 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2013/02/03 05:59:10 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

========== Files Created - No Company Name ==========

[2013/02/27 12:23:18 | 000,000,882 | ---- | C] () -- C:\Users\joez\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\runctf.lnk
[2013/02/27 07:20:18 | 3218,046,976 | -HS- | C] () -- C:\hiberfil.sys
[2013/02/27 06:48:16 | 000,331,339 | ---- | C] () -- C:\Users\joez\AppData\Local\census.cache
[2013/02/27 06:47:05 | 000,229,260 | ---- | C] () -- C:\Users\joez\AppData\Local\ars.cache
[2013/02/27 06:21:03 | 000,000,036 | ---- | C] () -- C:\Users\joez\AppData\Local\housecall.guid.cache
[2013/02/26 02:01:57 | 000,948,708 | ---- | C] () -- C:\ProgramData\7539923.pad
[2013/02/26 01:52:55 | 000,000,366 | ---- | C] () -- C:\Windows\DCEBOOT.RST
[2013/02/25 14:11:18 | 000,022,064 | ---- | C] () -- C:\Windows\DCEBoot.exe
[2013/02/25 06:37:14 | 002,680,685 | ---- | C] () -- C:\Users\joez\Desktop\Die Ärzte ELKE.mp3
[2013/02/25 05:45:11 | 003,695,177 | ---- | C] () -- C:\Users\joez\Desktop\Snow Patrol Chasing Cars.mp3
[2013/02/25 04:53:21 | 002,922,423 | ---- | C] () -- C:\Users\joez\Desktop\EMF unbelievable.mp3
[2013/02/25 04:43:24 | 002,569,508 | ---- | C] () -- C:\Users\joez\Desktop\Labrassbanda Nackert.mp3
[2013/02/25 04:37:17 | 003,878,765 | ---- | C] () -- C:\Users\joez\Desktop\Labrassbanda Bauersbua.mp3
[2013/02/25 04:32:57 | 002,972,891 | ---- | C] () -- C:\Users\joez\Desktop\unbekannter Sender, 25-02-2013, 10 Uhr 32.mp3
[2013/02/25 04:26:47 | 003,217,920 | ---- | C] () -- C:\Users\joez\Desktop\Jet Are you gonna be my girl.mp3
[2013/02/25 04:16:49 | 003,170,011 | ---- | C] () -- C:\Users\joez\Desktop\Seven Nation Army The White Stripes .mp3
[2013/02/22 07:19:05 | 000,096,768 | ---- | C] () -- C:\Windows\System32\GFilterSvc.exe
[2013/02/22 07:19:04 | 000,067,584 | ---- | C] () -- C:\Windows\System32\mfc100lor.exe
[2013/02/22 07:18:54 | 000,001,468 | ---- | C] () -- C:\Users\joez\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Amazon.lnk
[2013/02/14 08:22:02 | 000,062,170 | ---- | C] () -- C:\Users\joez\Desktop\Lieferschein Ponchos.pdf
[2013/02/12 07:17:15 | 000,406,120 | ---- | C] () -- C:\Users\joez\Desktop\Minties Muster orange.psd
[2013/02/07 04:17:46 | 000,038,173 | ---- | C] () -- C:\Users\joez\Desktop\ks207.jpg
[2013/02/03 05:59:10 | 000,001,880 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2012/12/25 09:17:53 | 000,000,551 | ---- | C] () -- C:\Users\joez\AppData\Roaming\AutoGK.ini
[2012/10/23 12:02:02 | 000,000,084 | ---- | C] () -- C:\Windows\winlemm.ini
[2012/10/23 11:01:38 | 000,338,432 | ---- | C] () -- C:\Windows\System32\sqlite36_engine.dll
[2012/04/27 08:52:12 | 000,114,688 | ---- | C] () -- C:\Windows\System32\OdiOlDVR.dll
[2012/04/27 08:52:12 | 000,053,248 | ---- | C] () -- C:\Windows\System32\OdiAPI.dll
[2012/03/14 12:29:41 | 002,207,744 | ---- | C] () -- C:\Windows\System32\EPILOGUIDLLLIT.dll
[2012/01/11 05:51:00 | 000,000,600 | ---- | C] () -- C:\Users\joez\AppData\Local\PUTTY.RND
[2011/12/22 11:18:05 | 000,021,903 | ---- | C] () -- C:\Users\joez\AppData\Roaming\Tabulatorgetrennte Werte (Windows).ADR
[2011/12/22 11:08:54 | 000,029,224 | ---- | C] () -- C:\Users\joez\AppData\Roaming\Kommagetrennte Werte (Windows).ADR
[2011/10/31 10:36:33 | 000,274,093 | ---- | C] () -- C:\Windows\hpwins05.dat.temp
[2011/10/31 10:36:33 | 000,003,111 | ---- | C] () -- C:\Windows\hpwmdl05.dat.temp
[2011/09/27 05:17:26 | 000,198,144 | ---- | C] () -- C:\Windows\System32\LXPrnUtil10.dll
[2011/09/27 05:16:20 | 000,304,128 | ---- | C] () -- C:\Windows\System32\LxDNT100.dll
[2011/09/27 05:14:14 | 000,133,120 | ---- | C] () -- C:\Windows\System32\LxDNTvmc100.dll
[2011/09/27 05:13:58 | 000,069,120 | ---- | C] () -- C:\Windows\System32\LxDNTvm100.dll
[2011/08/28 11:24:15 | 000,000,025 | ---- | C] () -- C:\Windows\CDED92Euro.ini
[2011/08/12 07:50:58 | 000,000,148 | ---- | C] () -- C:\Windows\ricdb.ini
[2011/08/12 07:50:49 | 000,958,550 | ---- | C] () -- C:\Windows\System32\RCDAD140.DLL
[2011/08/12 07:49:19 | 000,000,000 | ---- | C] () -- C:\Windows\System32\RPCS.ini
[2011/06/14 06:03:24 | 000,053,248 | ---- | C] () -- C:\Windows\System32\CommonDL.dll
[2011/06/14 06:03:24 | 000,002,413 | ---- | C] () -- C:\Windows\System32\lgAxconfig.ini
[2011/02/14 03:43:27 | 000,000,030 | ---- | C] () -- C:\Windows\Iedit.INI
[2010/11/24 05:48:21 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt
[2010/11/24 05:44:13 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2010/07/27 02:13:05 | 000,015,326 | ---- | C] () -- C:\Users\joez\AppData\Local\internal.grp
[2010/07/27 02:09:45 | 000,040,960 | ---- | C] () -- C:\Windows\System32\wh2robo.dll
[2010/07/27 02:02:08 | 000,004,680 | ---- | C] () -- C:\Windows\ULEAD32.INI
[2010/06/06 13:15:22 | 000,000,064 | ---- | C] () -- C:\Windows\AVerText.ini
[2010/03/24 13:45:09 | 000,049,152 | ---- | C] () -- C:\Windows\System32\AVerIO.dll
[2010/03/24 13:45:09 | 000,003,456 | ---- | C] () -- C:\Windows\System32\AVerIO.sys
[2010/03/24 13:45:01 | 000,290,816 | ---- | C] () -- C:\Windows\System32\sptlib22.dll
[2010/03/24 13:45:00 | 000,598,016 | ---- | C] () -- C:\Windows\System32\sptlib21.dll
[2010/03/24 13:45:00 | 000,294,912 | ---- | C] () -- C:\Windows\System32\sptlib11.dll
[2010/03/24 13:45:00 | 000,249,856 | ---- | C] () -- C:\Windows\System32\sptlib03.dll
[2010/03/24 13:45:00 | 000,249,856 | ---- | C] () -- C:\Windows\System32\sptlib01.dll
[2010/03/24 13:45:00 | 000,225,280 | ---- | C] () -- C:\Windows\System32\sptlib02.dll
[2010/03/24 13:45:00 | 000,135,168 | ---- | C] () -- C:\Windows\System32\sptlib12.dll
[2010/02/03 10:28:46 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/10/18 05:31:37 | 000,000,212 | ---- | C] () -- C:\Windows\ODBC.INI
[2009/09/24 01:56:31 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/09/24 01:56:30 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/09/03 13:58:43 | 000,024,206 | ---- | C] () -- C:\Users\joez\AppData\Roaming\UserTile.png
[2009/08/26 04:42:20 | 000,010,849 | ---- | C] () -- C:\Windows\cdplayer.ini
[2009/08/10 12:54:50 | 000,033,106 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009/08/10 02:34:58 | 000,033,106 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009/08/07 04:19:06 | 000,000,025 | ---- | C] () -- C:\Windows\CDE SX200DEFGIPS.ini
[2009/07/25 01:29:29 | 000,002,299 | ---- | C] () -- C:\Users\joez\AppData\Roaming\acervcmtmp.ini
[2009/07/24 02:27:22 | 000,445,312 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/23 14:42:05 | 000,007,592 | ---- | C] () -- C:\Users\joez\AppData\Local\d3d9caps.dat
[2009/07/22 02:53:24 | 000,111,932 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat
[2009/07/22 02:53:24 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat
[2009/07/22 02:53:24 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat
[2009/07/22 02:53:24 | 000,026,154 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat
[2009/07/22 02:53:24 | 000,024,903 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat
[2009/07/22 02:53:24 | 000,021,390 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat
[2009/07/22 02:53:24 | 000,020,148 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat
[2009/07/22 02:53:24 | 000,011,811 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat
[2009/07/22 02:53:24 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat
[2009/07/22 02:53:24 | 000,001,146 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_DU.dat
[2009/07/22 02:53:24 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat
[2009/07/22 02:53:24 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat
[2009/07/22 02:53:24 | 000,001,136 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat
[2009/07/22 02:53:24 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat
[2009/07/22 02:53:24 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat
[2009/07/22 02:53:24 | 000,001,120 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_IT.dat
[2009/07/22 02:53:24 | 000,001,107 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_GE.dat
[2009/07/22 02:53:24 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat
[2009/07/22 02:53:24 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2009/07/22 02:30:19 | 000,000,025 | ---- | C] () -- C:\Windows\CDE D88PLUS.ini
[2009/07/21 17:40:51 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2009/07/20 15:03:46 | 000,113,664 | ---- | C] () -- C:\Users\joez\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/07/20 14:07:24 | 000,000,350 | ---- | C] () -- C:\Windows\System32\AP6RMHV.BIN
[2009/07/20 14:07:24 | 000,000,252 | ---- | C] () -- C:\Windows\System32\AP6RMJX.BIN
[2009/07/20 14:07:24 | 000,000,252 | ---- | C] () -- C:\Windows\System32\AP6RMJH.BIN
[2009/07/20 14:07:24 | 000,000,238 | ---- | C] () -- C:\Windows\System32\AP6RMFP.BIN
[2009/07/20 14:07:24 | 000,000,189 | ---- | C] () -- C:\Windows\System32\AP6RMKS.BIN
[2009/07/20 14:07:24 | 000,000,126 | ---- | C] () -- C:\Windows\System32\AP6RMHR.BIN
[2009/07/20 10:00:52 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2009/07/20 09:33:57 | 000,000,000 | ---- | C] () -- C:\Users\joez\AppData\Roaming\wklnhst.dat
[2009/07/20 09:16:21 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009/07/08 05:44:56 | 000,626,688 | ---- | C] () -- C:\Windows\Image.dll
[2009/07/08 05:44:56 | 000,200,704 | ---- | C] () -- C:\Windows\PLFSetI.exe
[2009/07/08 05:44:56 | 000,009,216 | ---- | C] () -- C:\Windows\usbvideo_reg.exe
[2009/07/08 05:44:56 | 000,000,036 | ---- | C] () -- C:\Windows\PidList.ini
[2009/07/08 05:41:38 | 000,118,784 | ---- | C] () -- C:\Windows\System32\VMC3KAPI.dll
[2009/01/25 16:10:48 | 000,179,200 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2009/01/08 18:01:22 | 000,629,760 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2008/01/21 02:15:58 | 021,684,038 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008/01/21 02:15:58 | 007,173,390 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008/01/21 02:15:58 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008/01/21 02:15:58 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2007/11/14 09:17:34 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CogentBioSDK.dll
[2007/08/16 08:17:50 | 000,143,360 | ---- | C] () -- C:\Windows\System32\nsldap32v50.dll
[2007/04/24 11:32:56 | 000,389,120 | ---- | C] () -- C:\Windows\System32\btwhidcs.dll
[2006/11/02 07:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 07:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 05:33:01 | 007,327,736 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 05:33:01 | 006,548,952 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 05:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 05:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 05:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 03:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 03:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 02:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2005/12/21 09:57:04 | 000,024,576 | ---- | C] () -- C:\Windows\System32\nsldappr32v50.dll
[2005/12/21 09:54:34 | 000,040,960 | ---- | C] () -- C:\Windows\System32\nsldapssl32v50.dll
[2002/10/15 17:54:04 | 000,153,088 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2001/12/26 09:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001/11/14 06:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll
[2001/09/03 16:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001/07/30 09:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001/07/23 15:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll
[2001/01/08 17:32:31 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2001/01/08 09:47:34 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIOFM4.dll
[2001/01/08 09:47:34 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN5.dll
[2001/01/08 09:28:40 | 000,204,800 | ---- | C] () -- C:\Windows\System32\SysHook.dll
[2001/01/08 09:24:55 | 000,487,424 | ---- | C] () -- C:\Windows\System32\INT15.dll
[2001/01/08 09:20:57 | 000,001,694 | ---- | C] () -- C:\Windows\RtDefLvl.ini
[2001/01/08 09:20:57 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX1.dat
[2001/01/08 09:20:57 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX0.dat
[2001/01/08 09:19:03 | 000,000,008 | ---- | C] () -- C:\Windows\System32\drivers\rtkhdaud.dat

========== LOP Check ==========

[2013/01/02 07:52:34 | 000,000,000 | -HSD | M] -- C:\Users\joez\AppData\Roaming\.#
[2009/09/27 15:10:17 | 000,000,000 | ---D | M] -- C:\Users\joez\AppData\Roaming\Acer
[2001/01/08 09:45:51 | 000,000,000 | ---D | M] -- C:\Users\joez\AppData\Roaming\Acer GameZone Console
[2013/02/25 08:14:39 | 000,000,000 | ---D | M] -- C:\Users\joez\AppData\Roaming\Amazon
[2011/07/18 06:54:26 | 000,000,000 | ---D | M] -- C:\Users\joez\AppData\Roaming\de.myphotobook.creator.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1
[2009/10/16 10:35:20 | 000,000,000 | ---D | M] -- C:\Users\joez\AppData\Roaming\Desktopicon
[2013/02/22 07:18:53 | 000,000,000 | ---D | M] -- C:\Users\joez\AppData\Roaming\DesktopIconForAmazon
[2009/10/16 08:55:45 | 000,000,000 | ---D | M] -- C:\Users\joez\AppData\Roaming\EPSON
[2009/07/20 13:37:04 | 000,000,000 | ---D | M] -- C:\Users\joez\AppData\Roaming\eSobi
[2013/02/20 08:02:43 | 000,000,000 | ---D | M] -- C:\Users\joez\AppData\Roaming\FileZilla
[2012/09/24 07:31:53 | 000,000,000 | ---D | M] -- C:\Users\joez\AppData\Roaming\ICQ
[2012/07/09 03:07:28 | 000,000,000 | ---D | M] -- C:\Users\joez\AppData\Roaming\Lexware
[2012/09/20 03:54:07 | 000,000,000 | ---D | M] -- C:\Users\joez\AppData\Roaming\Nvu
[2009/09/03 13:58:42 | 000,000,000 | ---D | M] -- C:\Users\joez\AppData\Roaming\PeerNetworking
[2012/07/16 14:45:32 | 000,000,000 | ---D | M] -- C:\Users\joez\AppData\Roaming\phonostar-Player
[2010/08/31 09:22:47 | 000,000,000 | ---D | M] -- C:\Users\joez\AppData\Roaming\PowerCinema
[2012/09/27 01:53:19 | 000,000,000 | ---D | M] -- C:\Users\joez\AppData\Roaming\Priotecs
[2012/04/01 05:30:15 | 000,000,000 | ---D | M] -- C:\Users\joez\AppData\Roaming\Samsung
[2009/07/22 04:13:06 | 000,000,000 | ---D | M] -- C:\Users\joez\AppData\Roaming\ShadowProtect
[2010/08/04 13:59:13 | 000,000,000 | ---D | M] -- C:\Users\joez\AppData\Roaming\SoftDMA
[2012/07/05 08:27:25 | 000,000,000 | ---D | M] -- C:\Users\joez\AppData\Roaming\TeamViewer
[2010/10/27 08:24:10 | 000,000,000 | ---D | M] -- C:\Users\joez\AppData\Roaming\Temp
[2010/08/27 04:23:18 | 000,000,000 | ---D | M] -- C:\Users\joez\AppData\Roaming\Template
[2010/08/31 15:13:09 | 000,000,000 | ---D | M] -- C:\Users\joez\AppData\Roaming\Thunderbird
[2012/01/02 08:28:30 | 000,000,000 | ---D | M] -- C:\Users\joez\AppData\Roaming\TightVNC
[2009/08/26 03:15:35 | 000,000,000 | ---D | M] -- C:\Users\joez\AppData\Roaming\Toolbars
[2009/07/20 08:26:49 | 000,000,000 | ---D | M] -- C:\Users\joez\AppData\Roaming\Validity
[2001/01/08 09:45:51 | 000,000,000 | ---D | M] -- C:\ProgramData\Acer GameZone Console
[2010/07/26 14:17:57 | 000,000,000 | ---D | M] -- C:\ProgramData\Alwil Software
[2009/07/20 08:22:21 | 000,000,000 | -HSD | M] -- C:\ProgramData\Anwendungsdaten
[2006/11/02 08:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data
[2013/02/14 14:39:27 | 000,000,000 | ---D | M] -- C:\ProgramData\AVerTV
[2006/11/02 08:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop
[2006/11/02 08:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents
[2009/07/20 08:22:21 | 000,000,000 | -HSD | M] -- C:\ProgramData\Dokumente
[2009/11/01 03:10:03 | 000,000,000 | ---D | M] -- C:\ProgramData\Eastman Kodak Company
[2010/09/16 03:11:02 | 000,000,000 | ---D | M] -- C:\ProgramData\eBay
[2011/08/28 11:23:27 | 000,000,000 | ---D | M] -- C:\ProgramData\EPSON
[2010/08/23 07:04:20 | 000,000,000 | ---D | M] -- C:\ProgramData\eSobi
[2009/07/20 08:22:21 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favoriten
[2006/11/02 08:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites
[2011/12/22 11:43:01 | 000,000,000 | ---D | M] -- C:\ProgramData\firebird
[2001/01/08 09:36:18 | 000,000,000 | ---D | M] -- C:\ProgramData\FloodLightGames
[2012/12/31 09:34:20 | 000,000,000 | ---D | M] -- C:\ProgramData\Freemake
[2012/05/21 06:45:42 | 000,000,000 | ---D | M] -- C:\ProgramData\Great Notions
[2011/02/22 07:51:05 | 000,000,000 | ---D | M] -- C:\ProgramData\ICQ
[2013/01/02 07:52:53 | 000,000,000 | ---D | M] -- C:\ProgramData\JollyBear
[2010/09/01 10:41:14 | 000,000,000 | ---D | M] -- C:\ProgramData\jtl-software
[2009/11/01 06:19:38 | 000,000,000 | ---D | M] -- C:\ProgramData\kds_kodak
[2012/10/05 04:10:43 | 000,000,000 | ---D | M] -- C:\ProgramData\Lexware
[2013/02/06 04:41:09 | 000,000,000 | ---D | M] -- C:\ProgramData\LGMOBILEAX
[2001/01/08 09:23:29 | 000,000,000 | ---D | M] -- C:\ProgramData\Roaming
[2010/10/27 08:31:27 | 000,000,000 | ---D | M] -- C:\ProgramData\SpinTop Games
[2011/12/22 10:54:42 | 000,000,000 | ---D | M] -- C:\ProgramData\SQL Anywhere 11
[2009/07/23 08:23:13 | 000,000,000 | ---D | M] -- C:\ProgramData\StarMoney 7.0
[2006/11/02 08:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu
[2009/07/20 08:22:21 | 000,000,000 | -HSD | M] -- C:\ProgramData\Startmenü
[2013/01/07 07:16:55 | 000,000,000 | ---D | M] -- C:\ProgramData\Temp
[2006/11/02 08:02:04 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates
[2013/02/26 12:47:59 | 000,000,000 | ---D | M] -- C:\ProgramData\tmp
[2009/08/07 04:31:56 | 000,000,000 | ---D | M] -- C:\ProgramData\UDL
[2009/07/20 08:22:21 | 000,000,000 | -HSD | M] -- C:\ProgramData\Vorlagen
[2010/02/23 10:43:54 | 000,000,000 | ---D | M] -- C:\ProgramData\WindowsSearch
[2010/10/27 08:34:17 | 000,000,000 | ---D | M] -- C:\ProgramData\WinZip
[2011/10/03 06:22:59 | 000,000,000 | ---D | M] -- C:\ProgramData\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2013/02/17 15:40:03 | 000,000,354 | ---- | M] () -- C:\Windows\Tasks\Driver Robot.job
[2013/02/28 04:43:47 | 000,032,558 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:9E22BBE8
@Alternate Data Stream - 114 bytes -> C:\ProgramData\Temp:9453D700
@Alternate Data Stream - 107 bytes -> C:\ProgramData\Temp:793F316E
< End of report >

 

Themen zu GVU Trojaner auch in meinem Rechner !
adobe, autorun, bho, bonjour, defender, desktop, encrypt, error, explorer, firefox, flash player, format, gfiltersvc.exe, google, home, launch, logfile, mozilla, olympus, phishing, plug-in, registry, rundll, scan, security, services.exe, software, starmoney, system, trojaner, vista


« GVU Trojaner... | Österreichische Version BKA-Trojaner »


Ähnliche Themen: GVU Trojaner auch in meinem Rechner !


  1. Trojaner vom BKA auf meinem rechner
    Log-Analyse und Auswertung - 03.07.2015 (1)
  2. Trojaner auf meinem Rechner
    Plagegeister aller Art und deren Bekämpfung - 08.02.2014 (30)
  3. BKA Trojaner auf meinem Rechner
    Log-Analyse und Auswertung - 27.09.2013 (3)
  4. GVU Trojaner auf meinem Rechner
    Log-Analyse und Auswertung - 11.04.2013 (13)
  5. more for you-trojaner auf meinem rechner
    Plagegeister aller Art und deren Bekämpfung - 30.10.2012 (4)
  6. Hermes_V01 :: Auch auf meinem Rechner?
    Log-Analyse und Auswertung - 09.09.2012 (8)
  7. XP REchner: kann nicht erkennen, ob ich immer noch Trojaner auf meinem Rechner habe
    Plagegeister aller Art und deren Bekämpfung - 13.09.2011 (43)
  8. TR/Kazy.mekml.1 - jetzt auch auf meinem Rechner! :(
    Log-Analyse und Auswertung - 20.05.2011 (2)
  9. BKA-Trojaner auf meinem Rechner
    Plagegeister aller Art und deren Bekämpfung - 20.04.2011 (48)
  10. TR/AG cfx - Trojaner auf meinem Rechner was nun?
    Plagegeister aller Art und deren Bekämpfung - 30.11.2010 (30)
  11. 100 Tan Trojaner auf meinem Rechner Windows 7
    Plagegeister aller Art und deren Bekämpfung - 08.09.2010 (19)
  12. Diverse Trojaner auf meinem Rechner
    Plagegeister aller Art und deren Bekämpfung - 27.07.2009 (2)
  13. Trojaner TR/Patched.CK.56 auf meinem Rechner
    Log-Analyse und Auswertung - 18.01.2009 (14)
  14. Ich habe Trojaner auf meinem Rechner
    Log-Analyse und Auswertung - 11.11.2008 (1)
  15. Trojaner TR/Dropper.Gen auf meinem Rechner
    Plagegeister aller Art und deren Bekämpfung - 23.07.2008 (1)
  16. W32.Myzor.FK@yf auch auf meinem Rechner!!
    Log-Analyse und Auswertung - 22.10.2007 (1)
  17. trojaner/wurm/spyware, was auch immer, es is aufm meinem pc
    Plagegeister aller Art und deren Bekämpfung - 14.11.2005 (3)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema GVU Trojaner auch in meinem Rechner ! - An das TB Team und alle anderen, die hier freundlicherweise helfen, ich habe den GVU Trojaner und habe mich schon ein bisschen reingelesen. Hier die OTL.txt * die extra.txt hat - GVU Trojaner auch in meinem Rechner !...

Alle Zeitangaben in WEZ +1. Es ist jetzt 11:00 Uhr.

Kontakt - Trojaner-Board - Archiv - Datenschutzerklärung - Nach oben

Copyright ©2000-2025, Trojaner-Board
Archiv
Du betrachtest: GVU Trojaner auch in meinem Rechner ! auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131