| |
| |||||||
Log-Analyse und Auswertung: GVU Ihr Computer ist gesperrt Trojane Windows 7Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
21.04.2013, 14:28
| #1 |
| |  GVU Ihr Computer ist gesperrt Trojane Windows 7 Hallo, ich habe folgendes Problem, der PC eines Freundes weist seit einigen Tagen genanntes Fehlverhalten (GVU Ihr Computer ist gesperrt) auf! Windows startet erst ordnungsgemäß, der Desktop erscheint und dann kommt dieses Fenster ohne die Möglichkeit, dieses über bekannte Funktionen wie ALT+F$ oder STRG+TAB usw zu wechseln oder schließen! Habe nun hier im Board schon den Lösungsansatz gefunden, Reatogo-X-PE zu nutzen und das Log über OTLPE zu erzeugen. Leider werde ich selber dort NICHT fündig!? Nachfolgend mal das Log. Kann mir jemand vielleicht auch sagen, welches script ich dann nutzen muss, um das System zu reinigen? Bin um jeden Hinweis dankbar. Vielen Dank vorab OTL Logfile: Code:
ATTFilter OTL logfile created on: 4/21/2013 3:56:09 PM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Windows 7 Home Premium (Version = 6.1.7600) - Type = System
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 87.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 97.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = E: | %SystemRoot% = E:\Windows | %ProgramFiles% = E:\Program Files
Drive C: | 100.00 Mb Total Space | 75.86 Mb Free Space | 75.87% Space Free | Partition Type: NTFS
Drive D: | 998.00 Mb Total Space | 828.63 Mb Free Space | 83.03% Space Free | Partition Type: FAT32
Drive E: | 465.66 Gb Total Space | 422.87 Gb Free Space | 90.81% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
========== Win32 Services (SafeList) ==========
SRV - [2012/07/27 16:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto] -- E:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/04/20 01:59:04 | 000,092,592 | ---- | M] (TomTom) [Auto] -- E:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2011/06/29 08:32:05 | 000,269,480 | ---- | M] (Avira GmbH) [Auto] -- E:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/04/29 09:14:09 | 000,136,360 | ---- | M] (Avira GmbH) [Auto] -- E:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2009/07/13 21:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand] -- E:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 21:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto] -- E:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/05/01 20:42:06 | 000,121,360 | ---- | M] (Logitech, Inc.) [On_Demand] -- E:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
========== Driver Services (SafeList) ==========
DRV - [2011/06/29 08:32:05 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System] -- E:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011/06/29 08:32:05 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto] -- E:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010/06/17 09:27:02 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System] -- E:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/07/13 19:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009/07/13 18:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD)
DRV - [2009/06/10 17:19:48 | 009,853,248 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- E:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008/02/28 21:13:24 | 000,036,880 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand] -- E:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2008/02/28 21:13:16 | 000,035,344 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand] -- E:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2007/12/18 20:00:00 | 000,401,920 | ---- | M] (AVM GmbH) [Kernel | On_Demand] -- E:\Windows\System32\drivers\fwlanusbn.sys -- (fwlanusbn)
DRV - [2007/11/06 21:00:00 | 000,004,352 | ---- | M] (AVM Berlin) [Kernel | On_Demand] -- E:\Windows\System32\drivers\avmeject.sys -- (avmeject)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Anwender_ON_E\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/
IE - HKU\Anwender_ON_E\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\Anwender_ON_E\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\Anwender_ON_E\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 60 D8 68 F2 F1 6C CA 01 [binary data]
IE - HKU\Anwender_ON_E\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\Anwender_ON_E\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - E:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\Anwender_ON_E\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Anwender_ON_E\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = fritz.box;192.168.178.1;192.168.178.254;169.254.1.1;*.local
========== FireFox ==========
FF - prefs.js..extensions.enabledItems: MapShare-status@tomtom.com:1.7.1
FF - prefs.js..extensions.enabledItems: baseTheme@tomtom.com:1.0.2
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: E:\Windows\System32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: E:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: E:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: E:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: E:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: E:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: E:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/12/13 15:28:44 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/12/13 15:28:44 | 000,000,000 | ---D | M]
[2012/06/06 12:08:23 | 000,000,000 | ---D | M] (No name found) -- E:\Users\Anwender\AppData\Roaming\Mozilla\Extensions
[2012/06/06 12:08:23 | 000,000,000 | ---D | M] (No name found) -- E:\Users\Anwender\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com
[2012/06/06 12:08:10 | 000,000,000 | ---D | M] (Map status indicator) -- E:\PROGRAM FILES\TOMTOM HOME 2\XUL\EXTENSIONS\MAPSHARE-STATUS@TOMTOM.COM
O1 HOSTS File: ([2009/06/10 17:39:37 | 000,000,824 | ---- | M]) - E:\Windows\System32\drivers\etc\hosts
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - E:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O4 - HKLM..\Run: [APSDaemon] E:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] E:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [AVMWlanClient] E:\Program Files\avmwlanstick\FRITZWLANMini.exe (AVM Berlin)
O4 - HKLM..\Run: [CanonMyPrinter] E:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenuEx] E:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] E:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKU\Anwender_ON_E..\Run: [EADM] E:\Program Files\Origin\Origin.exe (Electronic Arts)
O4 - HKU\Anwender_ON_E..\Run: [TomTomHOME.exe] E:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - HKU\LocalService_ON_E..\RunOnce: [mctadmin] E:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\NetworkService_ON_E..\RunOnce: [mctadmin] E:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: E:\Users\Anwender\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\runctf.lnk ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - E:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://javadl-esd.oracle.com/update/1.6.0/jinstall-6u29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 80.69.103.78 192.168.0.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - E:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - E:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll - E:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 17:42:20 | 000,000,024 | ---- | M] () - E:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{ef3020fc-db46-11de-83b1-00241da4cf5c}\Shell - "" = AutoRun
O33 - MountPoints2\{ef3020fc-db46-11de-83b1-00241da4cf5c}\Shell\AutoRun\command - "" = E:\pushinst.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2013/04/21 15:14:43 | 002,237,440 | R--- | C] (OldTimer Tools) -- E:\OTLPE.exe
[2013/04/21 15:14:43 | 000,000,000 | ---D | C] -- E:\_OTL
[2013/04/21 07:39:07 | 000,000,000 | ---D | C] -- E:\System-Sicherheit_MJ
[2013/04/02 12:43:05 | 000,015,872 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\drivers\usb8023.sys
[2013/03/13 07:39:51 | 002,382,848 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\mshtml.tlb
[2013/03/13 07:39:50 | 000,420,864 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\vbscript.dll
[2013/03/13 07:39:49 | 000,065,024 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\jsproxy.dll
[2013/03/13 07:39:45 | 000,607,744 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\msfeeds.dll
[2013/03/13 07:39:45 | 000,176,640 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\ieui.dll
[2013/03/13 07:39:45 | 000,142,848 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\ieUnatt.exe
[2013/03/13 07:39:44 | 001,800,704 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\jscript9.dll
[2013/03/13 07:39:44 | 000,717,824 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\jscript.dll
[2013/03/13 07:39:44 | 000,231,936 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\url.dll
[2013/03/13 07:39:43 | 001,427,968 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\inetcpl.cpl
[2013/02/14 06:32:43 | 002,345,984 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\win32k.sys
[2013/02/14 06:32:41 | 003,957,608 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\ntkrnlpa.exe
[2013/02/14 06:32:41 | 003,902,312 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\ntoskrnl.exe
[2013/02/14 06:32:38 | 000,187,240 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\drivers\FWPKCLNT.SYS
[2013/02/14 06:32:33 | 000,271,360 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\conhost.exe
[2013/02/14 06:32:33 | 000,169,984 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\winsrv.dll
[2013/02/14 06:32:33 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
[2013/02/14 06:32:33 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2013/02/14 06:32:33 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2013/02/14 06:32:33 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2013/02/14 06:32:33 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2013/02/14 06:32:33 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2013/02/14 06:32:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2013/02/14 06:32:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2013/02/14 06:32:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2013/02/14 06:32:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/02/14 06:32:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2013/02/14 06:32:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2013/02/14 06:32:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
[2013/02/14 06:32:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013/02/14 06:32:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2013/02/14 06:32:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
[2013/02/14 06:32:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2013/02/14 06:32:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2013/02/14 06:32:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2013/02/14 06:32:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2013/02/14 06:32:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2013/02/14 06:32:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2013/02/14 06:32:32 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
[2013/02/14 06:32:32 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2013/02/14 06:32:32 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2013/02/14 06:32:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2013/02/14 06:32:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
[2013/02/14 06:32:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
[2013/01/09 07:55:43 | 000,492,032 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\win32spl.dll
[2013/01/09 07:54:16 | 000,308,736 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\Wpc.dll
[2013/01/09 07:54:16 | 000,046,592 | ---- | C] (Microsoft) -- E:\Windows\System32\fpb.rs
[2013/01/09 07:54:16 | 000,045,568 | ---- | C] (Microsoft) -- E:\Windows\System32\oflc-nz.rs
[2013/01/09 07:54:16 | 000,044,544 | ---- | C] (Microsoft) -- E:\Windows\System32\pegibbfc.rs
[2013/01/09 07:54:16 | 000,043,520 | ---- | C] (Microsoft) -- E:\Windows\System32\csrr.rs
[2013/01/09 07:54:16 | 000,040,960 | ---- | C] (Microsoft) -- E:\Windows\System32\cob-au.rs
[2013/01/09 07:54:16 | 000,030,720 | ---- | C] (Microsoft) -- E:\Windows\System32\usk.rs
[2013/01/09 07:54:16 | 000,021,504 | ---- | C] (Microsoft) -- E:\Windows\System32\grb.rs
[2013/01/09 07:54:16 | 000,020,480 | ---- | C] (Microsoft) -- E:\Windows\System32\pegi-pt.rs
[2013/01/09 07:54:16 | 000,020,480 | ---- | C] (Microsoft) -- E:\Windows\System32\pegi.rs
[2013/01/09 07:54:16 | 000,015,360 | ---- | C] (Microsoft) -- E:\Windows\System32\djctq.rs
[2013/01/09 07:54:15 | 002,576,384 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\gameux.dll
[2013/01/09 07:54:14 | 000,055,296 | ---- | C] (Microsoft) -- E:\Windows\System32\cero.rs
[2013/01/09 07:54:14 | 000,051,712 | ---- | C] (Microsoft) -- E:\Windows\System32\esrb.rs
[2013/01/09 07:54:14 | 000,023,552 | ---- | C] (Microsoft) -- E:\Windows\System32\oflc.rs
[2013/01/09 07:54:14 | 000,020,480 | ---- | C] (Microsoft) -- E:\Windows\System32\pegi-fi.rs
[2013/01/09 07:53:56 | 000,219,136 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\ncrypt.dll
[2012/12/22 06:34:33 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- E:\Windows\System32\atmfd.dll
[2012/12/22 06:34:33 | 000,034,304 | ---- | C] (Adobe Systems) -- E:\Windows\System32\atmlib.dll
[2012/12/13 11:36:58 | 000,376,832 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\dpnet.dll
[2012/12/13 11:36:51 | 000,002,048 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\tzres.dll
[2012/11/16 11:04:20 | 000,047,720 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\drivers\WdfLdr.sys
[2012/11/16 11:04:20 | 000,009,728 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\Wdfres.dll
[2012/11/16 11:04:03 | 000,613,888 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\WUDFx.dll
[2012/11/16 11:04:03 | 000,172,032 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\WUDFPlatform.dll
[2012/11/16 11:04:03 | 000,038,912 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\WUDFCoinstaller.dll
[2012/11/16 10:59:58 | 000,078,336 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\synceng.dll
[2012/10/24 15:17:20 | 000,000,000 | ---D | C] -- E:\Windows\System32\DRVSTORE
[2012/10/24 12:19:27 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- E:\Windows\System32\deployJava1.dll
[2012/10/24 12:19:27 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- E:\Windows\System32\javaws.exe
[2012/10/24 12:19:27 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- E:\Windows\System32\javaw.exe
[2012/10/24 12:19:27 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- E:\Windows\System32\java.exe
========== Files - Modified Within 30 Days ==========
[2013/04/21 09:44:14 | 095,023,320 | ---- | M] () -- E:\ProgramData\5696557.pad
[2013/04/21 09:43:59 | 000,001,098 | ---- | M] () -- E:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/04/21 09:43:52 | 000,067,584 | --S- | M] () -- E:\Windows\bootstat.dat
[2013/04/21 09:43:49 | 1559,928,832 | -HS- | M] () -- E:\hiberfil.sys
[2013/04/21 07:50:01 | 000,014,800 | -H-- | M] () -- E:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/04/21 07:50:01 | 000,014,800 | -H-- | M] () -- E:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/04/21 06:45:50 | 000,002,129 | ---- | M] () -- E:\Users\Public\Desktop\Google Chrome.lnk
[2013/04/02 11:55:00 | 000,001,102 | ---- | M] () -- E:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/03/14 04:41:40 | 000,654,150 | ---- | M] () -- E:\Windows\System32\perfh007.dat
[2013/03/14 04:41:40 | 000,616,032 | ---- | M] () -- E:\Windows\System32\perfh009.dat
[2013/03/14 04:41:40 | 000,130,022 | ---- | M] () -- E:\Windows\System32\perfc007.dat
[2013/03/14 04:41:40 | 000,106,412 | ---- | M] () -- E:\Windows\System32\perfc009.dat
[2013/03/13 16:45:17 | 000,001,039 | ---- | M] () -- E:\Users\Anwender\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\runctf.lnk
[2013/02/14 07:13:07 | 000,269,712 | ---- | M] () -- E:\Windows\System32\FNTCACHE.DAT
[2013/02/12 09:51:24 | 000,015,872 | ---- | M] (Microsoft Corporation) -- E:\Windows\System32\drivers\usb8023.sys
[2013/02/01 23:38:35 | 001,800,704 | ---- | M] (Microsoft Corporation) -- E:\Windows\System32\jscript9.dll
[2013/02/01 23:30:32 | 001,427,968 | ---- | M] (Microsoft Corporation) -- E:\Windows\System32\inetcpl.cpl
[2013/02/01 23:29:22 | 000,231,936 | ---- | M] (Microsoft Corporation) -- E:\Windows\System32\url.dll
[2013/02/01 23:27:56 | 000,065,024 | ---- | M] (Microsoft Corporation) -- E:\Windows\System32\jsproxy.dll
[2013/02/01 23:26:47 | 000,142,848 | ---- | M] (Microsoft Corporation) -- E:\Windows\System32\ieUnatt.exe
[2013/02/01 23:26:45 | 000,717,824 | ---- | M] (Microsoft Corporation) -- E:\Windows\System32\jscript.dll
[2013/02/01 23:26:21 | 000,420,864 | ---- | M] (Microsoft Corporation) -- E:\Windows\System32\vbscript.dll
[2013/02/01 23:25:16 | 000,607,744 | ---- | M] (Microsoft Corporation) -- E:\Windows\System32\msfeeds.dll
[2013/02/01 23:23:28 | 002,382,848 | ---- | M] (Microsoft Corporation) -- E:\Windows\System32\mshtml.tlb
[2013/02/01 23:20:00 | 000,176,640 | ---- | M] (Microsoft Corporation) -- E:\Windows\System32\ieui.dll
[2013/01/16 20:28:58 | 000,232,336 | ---- | M] (Microsoft Corporation) -- E:\Windows\System32\MpSigStub.exe
[2013/01/14 05:20:55 | 000,002,225 | ---- | M] () -- E:\Users\Anwender\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/01/05 01:02:17 | 003,957,608 | ---- | M] (Microsoft Corporation) -- E:\Windows\System32\ntkrnlpa.exe
[2013/01/05 01:02:17 | 003,902,312 | ---- | M] (Microsoft Corporation) -- E:\Windows\System32\ntoskrnl.exe
[2013/01/04 00:55:09 | 000,187,240 | ---- | M] (Microsoft Corporation) -- E:\Windows\System32\drivers\FWPKCLNT.SYS
[2013/01/04 00:50:40 | 000,169,984 | ---- | M] (Microsoft Corporation) -- E:\Windows\System32\winsrv.dll
[2013/01/04 00:43:54 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2013/01/04 00:43:54 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2013/01/04 00:43:54 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2013/01/04 00:43:54 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2013/01/04 00:43:54 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2013/01/04 00:43:54 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
[2013/01/04 00:43:54 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013/01/04 00:43:54 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2013/01/04 00:43:53 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2013/01/04 00:43:53 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2013/01/04 00:43:53 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2013/01/04 00:43:53 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2013/01/04 00:43:53 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/04 00:43:53 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2013/01/04 00:43:53 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2013/01/04 00:43:53 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
[2013/01/04 00:43:53 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2013/01/04 00:43:52 | 000,005,120 | -H-- | M] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
[2013/01/04 00:43:52 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2013/01/04 00:43:52 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2013/01/04 00:43:52 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2013/01/04 00:43:52 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2013/01/04 00:43:52 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2013/01/04 00:43:52 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
[2013/01/03 23:00:30 | 002,345,984 | ---- | M] (Microsoft Corporation) -- E:\Windows\System32\win32k.sys
[2013/01/03 22:59:29 | 000,271,360 | ---- | M] (Microsoft Corporation) -- E:\Windows\System32\conhost.exe
[2013/01/03 22:43:35 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2013/01/03 22:43:34 | 000,006,144 | -H-- | M] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
[2013/01/03 22:43:34 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2013/01/03 22:43:34 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- E:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
[2012/12/16 10:25:27 | 000,295,424 | ---- | M] (Adobe Systems Incorporated) -- E:\Windows\System32\atmfd.dll
[2012/12/16 10:25:19 | 000,034,304 | ---- | M] (Adobe Systems) -- E:\Windows\System32\atmlib.dll
[2012/12/07 01:04:20 | 000,308,736 | ---- | M] (Microsoft Corporation) -- E:\Windows\System32\Wpc.dll
[2012/12/07 00:57:38 | 002,576,384 | ---- | M] (Microsoft Corporation) -- E:\Windows\System32\gameux.dll
[2012/12/06 23:21:08 | 000,045,568 | ---- | M] (Microsoft) -- E:\Windows\System32\oflc-nz.rs
[2012/12/06 23:21:08 | 000,044,544 | ---- | M] (Microsoft) -- E:\Windows\System32\pegibbfc.rs
[2012/12/06 23:21:08 | 000,043,520 | ---- | M] (Microsoft) -- E:\Windows\System32\csrr.rs
[2012/12/06 23:21:08 | 000,030,720 | ---- | M] (Microsoft) -- E:\Windows\System32\usk.rs
[2012/12/06 23:21:08 | 000,023,552 | ---- | M] (Microsoft) -- E:\Windows\System32\oflc.rs
[2012/12/06 23:21:07 | 000,020,480 | ---- | M] (Microsoft) -- E:\Windows\System32\pegi-pt.rs
[2012/12/06 23:21:06 | 000,020,480 | ---- | M] (Microsoft) -- E:\Windows\System32\pegi-fi.rs
[2012/12/06 23:21:06 | 000,020,480 | ---- | M] (Microsoft) -- E:\Windows\System32\pegi.rs
[2012/12/06 23:21:05 | 000,055,296 | ---- | M] (Microsoft) -- E:\Windows\System32\cero.rs
[2012/12/06 23:21:05 | 000,051,712 | ---- | M] (Microsoft) -- E:\Windows\System32\esrb.rs
[2012/12/06 23:21:05 | 000,046,592 | ---- | M] (Microsoft) -- E:\Windows\System32\fpb.rs
[2012/12/06 23:21:05 | 000,021,504 | ---- | M] (Microsoft) -- E:\Windows\System32\grb.rs
[2012/12/06 23:21:04 | 000,040,960 | ---- | M] (Microsoft) -- E:\Windows\System32\cob-au.rs
[2012/12/06 23:21:04 | 000,015,360 | ---- | M] (Microsoft) -- E:\Windows\System32\djctq.rs
[2012/11/20 01:10:07 | 000,219,136 | ---- | M] (Microsoft Corporation) -- E:\Windows\System32\ncrypt.dll
[2012/11/09 00:49:55 | 000,492,032 | ---- | M] (Microsoft Corporation) -- E:\Windows\System32\win32spl.dll
[2012/11/09 00:49:37 | 000,002,048 | ---- | M] (Microsoft Corporation) -- E:\Windows\System32\tzres.dll
[2012/11/08 09:12:25 | 000,002,699 | ---- | M] () -- E:\Users\Public\Desktop\Playway 4 CD-ROM.lnk
[2012/11/02 00:48:28 | 000,376,832 | ---- | M] (Microsoft Corporation) -- E:\Windows\System32\dpnet.dll
[2012/10/24 15:17:25 | 000,001,753 | ---- | M] () -- E:\Users\Public\Desktop\iTunes.lnk
[2012/10/24 12:19:16 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- E:\Windows\System32\deployJava1.dll
[2012/10/24 12:19:16 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- E:\Windows\System32\javaws.exe
[2012/10/24 12:19:16 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- E:\Windows\System32\javaw.exe
[2012/10/24 12:19:16 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- E:\Windows\System32\java.exe
========== Files Created - No Company Name ==========
[2013/03/13 16:45:17 | 000,001,039 | ---- | C] () -- E:\Users\Anwender\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\runctf.lnk
[2013/03/13 16:45:16 | 095,023,320 | ---- | C] () -- E:\ProgramData\5696557.pad
[2012/11/16 11:04:21 | 000,000,003 | ---- | C] () -- E:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012/11/16 11:04:03 | 000,000,003 | ---- | C] () -- E:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012/11/08 09:12:25 | 000,002,699 | ---- | C] () -- E:\Users\Public\Desktop\Playway 4 CD-ROM.lnk
[2012/10/24 15:17:25 | 000,001,753 | ---- | C] () -- E:\Users\Public\Desktop\iTunes.lnk
[2010/12/13 15:22:17 | 000,241,383 | ---- | C] () -- E:\Windows\hpwins28.dat
[2010/08/08 08:09:34 | 000,765,952 | ---- | C] () -- E:\Windows\System32\xvidcore.dll
[2010/08/08 08:09:34 | 000,180,224 | ---- | C] () -- E:\Windows\System32\xvidvfw.dll
[2010/08/08 08:09:34 | 000,008,704 | ---- | C] () -- E:\Windows\System32\vidccleaner.exe
[2010/05/30 04:56:09 | 000,000,760 | ---- | C] () -- E:\Users\Anwender\AppData\Roaming\setup_ldm.iss
[2009/11/27 14:38:44 | 000,015,573 | ---- | C] () -- E:\Windows\System32\drivers\fwlanusbn.bin
[2009/08/18 03:18:40 | 000,000,418 | ---- | C] () -- E:\Windows\hpwmdl28.dat
[2009/07/14 04:47:43 | 000,654,150 | ---- | C] () -- E:\Windows\System32\perfh007.dat
[2009/07/14 04:47:43 | 000,295,922 | ---- | C] () -- E:\Windows\System32\perfi007.dat
[2009/07/14 04:47:43 | 000,130,022 | ---- | C] () -- E:\Windows\System32\perfc007.dat
[2009/07/14 04:47:43 | 000,038,104 | ---- | C] () -- E:\Windows\System32\perfd007.dat
[2009/07/14 00:57:37 | 000,067,584 | --S- | C] () -- E:\Windows\bootstat.dat
[2009/07/14 00:33:53 | 000,269,712 | ---- | C] () -- E:\Windows\System32\FNTCACHE.DAT
[2009/07/13 22:05:48 | 000,616,032 | ---- | C] () -- E:\Windows\System32\perfh009.dat
[2009/07/13 22:05:48 | 000,291,294 | ---- | C] () -- E:\Windows\System32\perfi009.dat
[2009/07/13 22:05:48 | 000,106,412 | ---- | C] () -- E:\Windows\System32\perfc009.dat
[2009/07/13 22:05:48 | 000,031,548 | ---- | C] () -- E:\Windows\System32\perfd009.dat
[2009/07/13 22:05:05 | 000,000,741 | ---- | C] () -- E:\Windows\System32\NOISE.DAT
[2009/07/13 22:04:11 | 000,215,943 | ---- | C] () -- E:\Windows\System32\dssec.dat
[2009/07/13 20:02:54 | 000,245,248 | ---- | C] () -- E:\Windows\System32\DShowRdpFilter.dll
[2009/07/13 19:55:01 | 000,043,131 | ---- | C] () -- E:\Windows\mib.bin
[2009/07/13 19:51:43 | 000,073,728 | ---- | C] () -- E:\Windows\System32\BthpanContextHandler.dll
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- E:\Windows\System32\BWContextHandler.dll
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- E:\Windows\System32\mlang.dat
========== LOP Check ==========
[2012/10/24 15:17:18 | 000,000,000 | ---D | M] -- E:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2009/11/24 06:34:52 | 000,000,000 | -HSD | M] -- E:\ProgramData\Anwendungsdaten
[2009/07/14 00:53:55 | 000,000,000 | -HSD | M] -- E:\ProgramData\Application Data
[2010/12/15 11:49:42 | 000,000,000 | -H-D | M] -- E:\ProgramData\CanonBJ
[2010/12/15 11:58:16 | 000,000,000 | -H-D | M] -- E:\ProgramData\CanonEPP
[2010/12/15 12:12:08 | 000,000,000 | -H-D | M] -- E:\ProgramData\CanonIJEGV
[2010/12/15 11:58:16 | 000,000,000 | -H-D | M] -- E:\ProgramData\CanonIJEPPEX2
[2010/12/15 11:53:23 | 000,000,000 | ---D | M] -- E:\ProgramData\CanonIJMSetup
[2010/12/15 12:05:22 | 000,000,000 | -H-D | M] -- E:\ProgramData\CanonIJScan
[2010/12/15 11:51:20 | 000,000,000 | ---D | M] -- E:\ProgramData\CanonIJWSpt
[2009/07/14 00:53:55 | 000,000,000 | -HSD | M] -- E:\ProgramData\Desktop
[2009/07/14 00:53:55 | 000,000,000 | -HSD | M] -- E:\ProgramData\Documents
[2009/11/24 06:34:52 | 000,000,000 | -HSD | M] -- E:\ProgramData\Dokumente
[2013/01/18 13:02:12 | 000,000,000 | ---D | M] -- E:\ProgramData\Electronic Arts
[2009/11/24 06:34:52 | 000,000,000 | -HSD | M] -- E:\ProgramData\Favoriten
[2009/07/14 00:53:55 | 000,000,000 | -HSD | M] -- E:\ProgramData\Favorites
[2010/05/17 15:31:01 | 000,000,000 | ---D | M] -- E:\ProgramData\ICQ
[2013/01/18 13:07:25 | 000,000,000 | ---D | M] -- E:\ProgramData\Origin
[2009/07/14 00:53:55 | 000,000,000 | -HSD | M] -- E:\ProgramData\Start Menu
[2009/11/24 06:34:52 | 000,000,000 | -HSD | M] -- E:\ProgramData\Startmenü
[2009/07/14 00:53:55 | 000,000,000 | -HSD | M] -- E:\ProgramData\Templates
[2012/06/06 12:09:36 | 000,000,000 | ---D | M] -- E:\ProgramData\TomTom
[2009/11/24 06:34:52 | 000,000,000 | -HSD | M] -- E:\ProgramData\Vorlagen
[2013/01/24 10:57:56 | 000,032,632 | ---- | M] () -- E:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report >
Hoffe auf schnelle Hilfe LG Michael |
| Themen zu GVU Ihr Computer ist gesperrt Trojane Windows 7 |
| adobe, antivir, autorun, avira, bho, bonjour, computer, defender, desktop, error, explorer, firefox, format, gesperrt, home, launch, logfile, nvidia, origin, plug-in, problem, registry, scan, schließen, software, stick, system, windows |
Baum-Darstellung