Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
GVU Trojaner Windows 7 32 bit

GVU Trojaner Windows 7 32 bit


Log-Analyse und Auswertung: GVU Trojaner Windows 7 32 bit

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 17.06.2013, 20:48   #1
tpfkarb
 
GVU Trojaner Windows 7 32 bit - Standard

GVU Trojaner Windows 7 32 bit


Hallo zusammen,

habe mich eben erst angemeldet und schon ein wenig gelesen.......zuerst einmal bin ich sehr positiv überrascht....hier sind Könner am Werk

Habe hier den Rechner meiner Schwester, den ich eigentlich neu aufsetzen könnte, aber ich brauche dringend erst ein paar Ordner gesichert(Onlinebanking, .pst usw.)
Habe nun die otl.txt erstellt:


Code:
ATTFilter
OTL logfile created on: 6/17/2013 10:34:45 PM - Run 
OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE
Windows 7 Ultimate Service Pack 1 (Version = 6.1.7601) - Type = System
Internet Explorer (Version = 9.10.9200.16614)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 90.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = D: | %SystemRoot% = D:\Windows | %ProgramFiles% = D:\Program Files
Drive C: | 100.00 Mb Total Space | 74.05 Mb Free Space | 74.05% Space Free | Partition Type: NTFS
Drive D: | 488.18 Gb Total Space | 433.99 Gb Free Space | 88.90% Space Free | Partition Type: NTFS
Drive E: | 488.28 Gb Total Space | 483.76 Gb Free Space | 99.08% Space Free | Partition Type: NTFS
Drive F: | 420.70 Gb Total Space | 411.01 Gb Free Space | 97.70% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [Auto] --  -- (TuneUp.UtilitiesSvc)
SRV - [2013/06/11 15:49:27 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- D:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/12/21 08:48:10 | 000,699,680 | ---- | M] (Star Finanz - Software Entwicklung und Vertriebs GmbH) [Auto] -- D:\Program Files\StarMoney 8.0\ouservice\StarMoneyOnlineUpdate.exe -- (StarMoney 8.0 OnlineUpdate)
SRV - [2011/12/13 04:29:16 | 000,029,504 | ---- | M] (TuneUp Software) [Auto] -- D:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
SRV - [2011/07/22 02:49:26 | 000,511,920 | ---- | M] (REINER SCT) [Auto] -- D:\Windows\System32\cjpcsc.exe -- (cjpcsc)
SRV - [2011/05/05 11:30:46 | 000,549,384 | ---- | M] (Star Finanz - Software Entwicklung und Vertriebs GmbH) [Auto] -- D:\Program Files\StarMoney 7.0\ouservice\StarMoneyOnlineUpdate.exe -- (StarMoney 7.0 OnlineUpdate)
SRV - [2011/04/16 20:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Auto] -- D:\Program Files\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe -- (NIS)
SRV - [2010/04/06 11:30:38 | 000,031,272 | ---- | M] () [On_Demand] -- D:\Windows\System32\AppleChargerSrv.exe -- (AppleChargerSrv)
SRV - [2010/01/18 22:31:26 | 000,072,304 | R--- | M] () [Auto] -- D:\Windows\System32\XSrvSetup.exe -- (JMB36X)
SRV - [2009/08/24 09:38:06 | 000,068,136 | ---- | M] () [Disabled] -- D:\Program Files\Gigabyte\EasySaver\ESSVR.EXE -- (ES lite Service)
SRV - [2009/08/04 12:29:54 | 000,219,360 | ---- | M] (DeviceVM, Inc.) [Auto] -- D:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe -- (BCUService)
SRV - [2009/07/20 07:28:10 | 000,121,360 | ---- | M] (Logitech, Inc.) [On_Demand] -- D:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2009/07/13 21:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 21:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand] --  -- (VGPU)
DRV - File not found [Kernel | On_Demand] --  -- (TuneUpUtilitiesDrv)
DRV - File not found [Kernel | On_Demand] --  -- (tsusbhub)
DRV - File not found [Kernel | On_Demand] --  -- (Synth3dVsc)
DRV - [2013/06/01 15:20:16 | 001,611,992 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- D:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20130614.023\NAVEX15.SYS -- (NAVEX15)
DRV - [2013/06/01 15:20:16 | 000,093,272 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- D:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20130614.023\NAVENG.SYS -- (NAVENG)
DRV - [2013/05/31 12:58:19 | 001,002,072 | ---- | M] (Symantec Corporation) [Kernel | System] -- D:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\BASHDefs\20130531.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2013/05/31 09:46:32 | 000,386,720 | ---- | M] (Symantec Corporation) [Kernel | System] -- D:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\IPSDefs\20130614.001\IDSvix86.sys -- (IDSVix86)
DRV - [2013/03/29 04:27:11 | 000,106,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- D:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2013/02/03 04:13:19 | 000,017,488 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand] -- D:\Windows\gdrv.sys -- (gdrv)
DRV - [2012/08/23 10:44:32 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2012/08/23 10:40:25 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2012/08/18 02:49:55 | 000,376,480 | ---- | M] (Symantec Corporation) [Kernel | System] -- D:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2011/05/16 12:47:27 | 000,126,584 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2011/04/20 21:37:49 | 000,299,640 | ---- | M] (Symantec Corporation) [Kernel | System] -- D:\Windows\System32\Drivers\NIS\1207020.003\SYMNETS.SYS -- (SymNetS)
DRV - [2011/03/30 23:00:09 | 000,516,216 | ---- | M] (Symantec Corporation) [File_System | On_Demand] -- D:\Windows\System32\Drivers\NIS\1207020.003\SRTSP.SYS -- (SRTSP)
DRV - [2011/03/30 23:00:09 | 000,050,168 | ---- | M] (Symantec Corporation) [Kernel | System] -- D:\Windows\system32\drivers\NIS\1207020.003\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2011/03/29 06:08:08 | 000,028,144 | ---- | M] (REINER SCT) [Kernel | On_Demand] -- D:\Windows\System32\drivers\cjusb.sys -- (cjusb)
DRV - [2011/03/14 22:31:23 | 000,744,568 | ---- | M] (Symantec Corporation) [File_System | Boot] -- D:\Windows\System32\drivers\NIS\1207020.003\symefa.sys -- (SymEFA)
DRV - [2011/01/27 02:47:10 | 000,340,088 | ---- | M] (Symantec Corporation) [Kernel | Boot] -- D:\Windows\System32\drivers\NIS\1207020.003\symds.sys -- (SymDS)
DRV - [2011/01/27 01:07:05 | 000,136,312 | ---- | M] (Symantec Corporation) [Kernel | System] -- D:\Windows\system32\drivers\NIS\1207020.003\Ironx86.SYS -- (SymIRON)
DRV - [2011/01/09 13:02:01 | 000,281,760 | ---- | M] () [Kernel | Auto] -- D:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2011/01/09 13:02:01 | 000,025,888 | ---- | M] () [Kernel | Auto] -- D:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2010/11/20 08:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- D:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 08:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- D:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 08:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\system32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 05:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 05:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\system32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 05:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\system32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010/04/06 11:30:24 | 000,018,984 | ---- | M] () [Kernel | System] -- D:\Windows\System32\drivers\AppleCharger.sys -- (AppleCharger)
DRV - [2010/01/27 04:58:32 | 000,098,928 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot] -- D:\Windows\System32\drivers\jraid.sys -- (JRAID)
DRV - [2009/12/21 21:26:36 | 000,030,392 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand] -- D:\Windows\System32\drivers\usbfilter.sys -- (usbfilter)
DRV - [2009/11/20 07:15:18 | 000,137,728 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV - [2009/11/20 07:15:16 | 000,058,880 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\nusb3hub.sys -- (nusb3hub)
DRV - [2009/09/30 21:22:08 | 000,049,904 | R--- | M] (Avanquest Software) [Kernel | On_Demand] -- D:\Windows\System32\drivers\BVRPMPR5.SYS -- (BVRPMPR5)
DRV - [2009/07/13 20:18:07 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV - [2009/07/13 18:09:17 | 004,194,816 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- D:\Windows\system32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009/06/17 12:56:32 | 000,028,560 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2009/06/17 12:56:16 | 000,037,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2009/06/17 12:56:06 | 000,035,472 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2009/06/17 12:55:18 | 000,020,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\L8042Kbd.sys -- (L8042Kbd)
DRV - [2009/05/04 21:00:28 | 000,014,392 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot] -- D:\Windows\System32\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV - [2007/05/31 02:38:16 | 000,014,949 | ---- | M] (franson.biz) [Kernel | System] -- D:\Windows\System32\drivers\bizVSerialNT.sys -- (bizVSerial)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\franke_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKU\franke_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\franke_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\franke_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\franke_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 
 
 
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0:  File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: D:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX OVS Helper,version=1.0.0: D:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: D:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: D:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: D:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: D:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: D:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: D:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: D:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: D:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader:  File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: D:\Users\franke\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: D:\Users\franke\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\IPSFFPlgn\ [2013/03/28 15:32:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\coFFPlgn_2011_7_13_2 [2013/06/17 15:01:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011/01/30 12:00:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011/01/30 12:00:03 | 000,000,000 | ---D | M]
 
 
O1 HOSTS File: ([2009/06/10 17:39:37 | 000,000,824 | ---- | M]) - D:\Windows\System32\drivers\etc\hosts
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - D:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - D:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - D:\Program Files\Norton Internet Security\Engine\18.7.2.3\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - D:\Program Files\Norton Internet Security\Engine\18.7.2.3\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - D:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - D:\Program Files\Norton Internet Security\Engine\18.7.2.3\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - D:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKU\franke_ON_D\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - D:\Program Files\Norton Internet Security\Engine\18.7.2.3\coieplg.dll (Symantec Corporation)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [BCU] D:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe (DeviceVM, Inc.)
O4 - HKLM..\Run: [JMB36X IDE Setup] D:\Windows\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] D:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [Sweetpacks Communicator] D:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.)
O4 - HKU\franke_ON_D..\Run: [qcgce2mrvjq91kk1e7pnbb19m52fx] D:\Users\franke\AppData\Local\Temp\ofi3jZF.exe (Mozilla Foundation)
O4 - HKU\LocalService_ON_D..\RunOnce: [mctadmin] D:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\NetworkService_ON_D..\RunOnce: [mctadmin] D:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - D:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} hxxp://office.microsoft.com/sites/production/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab (DivXBrowserPlugin Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {BAE1D8DF-0B35-47E3-A1E7-EEB3FF2ECD19} hxxp://games.bigfishgames.com/de_dinerdashfloontheg/online/ddfotg.1.0.0.33.cab (CPlayFirstddfotgControl Object)
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} hxxp://game.zylom.com/activex/zylomgamesplayer.cab (Zylom Games Player)
O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: Microsoft XML Parser for Java file:///C:/Windows/Java/classes/xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - D:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - D:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKU\franke_ON_D Winlogon: Shell - (cmd.exe) - D:\Windows\System32\cmd.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll - D:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O27 - HKLM IFEO\eslite.exe: Debugger - "D:\Program Files\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\hpcustpartic.exe: Debugger - "D:\Program Files\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\photoproduct.exe: Debugger - "D:\Program Files\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\uninst.exe: Debugger - "D:\Program Files\TUAutoReactivator32.exe" File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013/06/12 14:31:41 | 002,706,432 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mshtml.tlb
[2013/06/12 14:31:41 | 000,391,168 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ieui.dll
[2013/06/12 14:26:35 | 000,690,688 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\jscript.dll
[2013/06/12 14:26:33 | 002,877,440 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\jscript9.dll
[2013/06/12 14:26:33 | 000,061,440 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\iesetup.dll
[2013/06/12 14:26:33 | 000,039,424 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\jsproxy.dll
[2013/06/12 14:26:32 | 000,493,056 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msfeeds.dll
[2013/06/12 14:26:32 | 000,109,056 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\iesysprep.dll
[2013/06/12 14:26:32 | 000,071,680 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\RegisterIEPKEYs.exe
[2013/06/12 14:26:32 | 000,042,496 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ie4uinit.exe
[2013/06/12 14:26:32 | 000,033,280 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\iernonce.dll
[2013/06/12 10:26:42 | 001,505,280 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3d11.dll
[2013/06/12 10:26:28 | 000,024,576 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\cryptdlg.dll
[2013/06/12 10:26:25 | 000,492,544 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\win32spl.dll
[2013/06/12 10:26:24 | 000,903,168 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\certutil.exe
[2013/06/12 10:26:24 | 000,043,008 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\certenc.dll
[2013/06/12 10:20:11 | 003,968,872 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ntkrnlpa.exe
[2013/06/12 10:20:11 | 003,913,576 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ntoskrnl.exe
[1 D:\Windows\*.tmp files -> D:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013/06/17 15:18:19 | 000,067,584 | --S- | M] () -- D:\Windows\bootstat.dat
[2013/06/17 15:07:05 | 000,014,192 | -H-- | M] () -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/06/17 15:07:05 | 000,014,192 | -H-- | M] () -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/06/17 15:06:01 | 000,668,692 | ---- | M] () -- D:\Windows\System32\perfh007.dat
[2013/06/17 15:06:01 | 000,620,284 | ---- | M] () -- D:\Windows\System32\perfh009.dat
[2013/06/17 15:06:01 | 000,134,540 | ---- | M] () -- D:\Windows\System32\perfc007.dat
[2013/06/17 15:06:01 | 000,110,472 | ---- | M] () -- D:\Windows\System32\perfc009.dat
[2013/06/17 15:01:46 | 000,001,094 | ---- | M] () -- D:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/06/17 15:00:59 | 2614,517,760 | -HS- | M] () -- D:\hiberfil.sys
[2013/06/17 14:50:58 | 000,000,000 | -H-- | M] () -- D:\Windows\System32\drivers\Msft_Kernel_LUsbFilt_01005.Wdf
[2013/06/15 04:47:00 | 000,000,884 | ---- | M] () -- D:\Windows\tasks\Adobe Flash Player Updater.job
[2013/06/15 04:37:00 | 000,001,098 | ---- | M] () -- D:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/06/15 00:19:58 | 000,163,055 | ---- | M] () -- D:\Users\franke\AppData\Roaming\2433f433
[2013/06/15 00:19:58 | 000,163,048 | ---- | M] () -- D:\Users\franke\AppData\Local\2433f433
[2013/06/15 00:19:58 | 000,163,006 | ---- | M] () -- D:\ProgramData\2433f433
[2013/06/11 15:49:26 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- D:\Windows\System32\FlashPlayerApp.exe
[2013/06/11 15:49:26 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- D:\Windows\System32\FlashPlayerCPLApp.cpl
[2013/06/08 07:40:02 | 000,391,168 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\ieui.dll
[2013/06/08 07:13:19 | 002,706,432 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\mshtml.tlb
[1 D:\Windows\*.tmp files -> D:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013/06/17 14:50:58 | 000,000,000 | -H-- | C] () -- D:\Windows\System32\drivers\Msft_Kernel_LUsbFilt_01005.Wdf
[2013/06/15 00:19:58 | 000,163,055 | ---- | C] () -- D:\Users\franke\AppData\Roaming\2433f433
[2013/06/15 00:19:58 | 000,163,048 | ---- | C] () -- D:\Users\franke\AppData\Local\2433f433
[2013/06/15 00:19:58 | 000,163,006 | ---- | C] () -- D:\ProgramData\2433f433
[2011/12/02 14:14:17 | 000,036,892 | ---- | C] () -- D:\Windows\System32\bassmod.dll
[2011/07/17 10:37:11 | 000,000,934 | ---- | C] () -- D:\Windows\wiso.ini
[2011/04/25 11:10:46 | 000,001,360 | ---- | C] () -- D:\Windows\hpwmdl20.dat.temp
[2011/04/25 09:49:27 | 000,080,896 | ---- | C] () -- D:\Windows\System32\RDVGHelper.exe
[2011/04/25 09:49:14 | 000,252,928 | ---- | C] () -- D:\Windows\System32\DShowRdpFilter.dll
[2011/04/25 09:48:34 | 000,066,048 | ---- | C] () -- D:\Windows\System32\PrintBrmUi.exe
[2011/03/19 10:42:20 | 000,006,550 | ---- | C] () -- D:\Windows\jautoexp.dat
[2011/01/18 14:08:55 | 000,001,940 | ---- | C] () -- D:\Users\franke\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2011/01/09 12:37:33 | 000,281,760 | ---- | C] () -- D:\Windows\System32\drivers\atksgt.sys
[2011/01/09 12:37:32 | 000,025,888 | ---- | C] () -- D:\Windows\System32\drivers\lirsgt.sys
[2010/11/12 16:07:52 | 000,000,573 | ---- | C] () -- D:\Windows\hbcikrnl.ini
[2010/11/12 16:07:38 | 000,167,936 | ---- | C] () -- D:\Windows\System32\SerialXP.dll
[2010/11/12 16:07:38 | 000,027,648 | ---- | C] () -- D:\Windows\System32\win32com.dll
[2010/11/10 16:52:05 | 000,007,641 | ---- | C] () -- D:\Users\franke\AppData\Local\resmon.resmoncfg
[2010/11/10 15:40:51 | 000,031,272 | ---- | C] () -- D:\Windows\System32\AppleChargerSrv.exe
[2010/11/10 15:40:51 | 000,018,984 | ---- | C] () -- D:\Windows\System32\drivers\AppleCharger.sys
[2010/11/10 15:39:31 | 000,072,304 | R--- | C] () -- D:\Windows\System32\XSrvSetup.exe
[2010/11/10 15:38:51 | 000,080,416 | ---- | C] () -- D:\Windows\System32\RtNicProp32.dll
[2010/11/10 15:32:07 | 000,000,010 | ---- | C] () -- D:\Windows\GSetup.ini
[2010/11/10 15:17:29 | 000,000,000 | ---- | C] () -- D:\Windows\ativpsrm.bin
[2010/11/10 15:17:29 | 000,000,000 | ---- | C] () -- D:\Windows\System32\atiicdxx.dat
[2009/09/30 06:05:48 | 000,290,816 | ---- | C] () -- D:\Windows\System32\nsldap32v60.dll
[2009/08/27 03:04:12 | 000,207,400 | R--- | C] () -- D:\Windows\GSetup.exe
[2009/07/14 04:47:43 | 000,668,692 | ---- | C] () -- D:\Windows\System32\perfh007.dat
[2009/07/14 04:47:43 | 000,295,922 | ---- | C] () -- D:\Windows\System32\perfi007.dat
[2009/07/14 04:47:43 | 000,134,540 | ---- | C] () -- D:\Windows\System32\perfc007.dat
[2009/07/14 04:47:43 | 000,038,104 | ---- | C] () -- D:\Windows\System32\perfd007.dat
[2009/07/14 00:57:37 | 000,067,584 | --S- | C] () -- D:\Windows\bootstat.dat
[2009/07/14 00:33:53 | 000,413,056 | ---- | C] () -- D:\Windows\System32\FNTCACHE.DAT
[2009/07/13 22:05:48 | 000,620,284 | ---- | C] () -- D:\Windows\System32\perfh009.dat
[2009/07/13 22:05:48 | 000,291,294 | ---- | C] () -- D:\Windows\System32\perfi009.dat
[2009/07/13 22:05:48 | 000,110,472 | ---- | C] () -- D:\Windows\System32\perfc009.dat
[2009/07/13 22:05:48 | 000,031,548 | ---- | C] () -- D:\Windows\System32\perfd009.dat
[2009/07/13 22:05:05 | 000,000,741 | ---- | C] () -- D:\Windows\System32\NOISE.DAT
[2009/07/13 22:04:11 | 000,215,943 | ---- | C] () -- D:\Windows\System32\dssec.dat
[2009/07/13 19:55:01 | 000,043,131 | ---- | C] () -- D:\Windows\mib.bin
[2009/07/13 19:51:43 | 000,073,728 | ---- | C] () -- D:\Windows\System32\BthpanContextHandler.dll
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- D:\Windows\System32\BWContextHandler.dll
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- D:\Windows\System32\mlang.dat
[2008/10/30 12:00:22 | 000,048,640 | ---- | C] () -- D:\Windows\System32\nsldapssl32v60.dll
[2008/10/30 11:59:24 | 000,025,088 | ---- | C] () -- D:\Windows\System32\nsldappr32v60.dll
[2004/12/14 11:55:22 | 000,000,019 | ---- | C] () -- D:\Windows\System32\nsldapssl32v50.dll
[2004/12/14 11:55:22 | 000,000,019 | ---- | C] () -- D:\Windows\System32\nsldappr32v50.dll
[2004/12/14 11:55:22 | 000,000,019 | ---- | C] () -- D:\Windows\System32\nsldap32v50.dll
 
========== LOP Check ==========
 
[2011/10/08 08:42:38 | 000,000,000 | ---D | M] -- D:\ProgramData\Alawar
[2011/01/01 17:00:46 | 000,000,000 | ---D | M] -- D:\ProgramData\AlawarSouthpoint
[2011/07/16 18:02:56 | 000,000,000 | ---D | M] -- D:\ProgramData\aliasworlds
[2010/11/10 15:22:11 | 000,000,000 | -HSD | M] -- D:\ProgramData\Anwendungsdaten
[2011/09/02 16:16:24 | 000,000,000 | ---D | M] -- D:\ProgramData\Big Fish Games
[2013/06/01 15:36:56 | 000,000,000 | ---D | M] -- D:\ProgramData\Buhl Data Service GmbH
[2011/03/26 17:25:47 | 000,000,000 | ---D | M] -- D:\ProgramData\CannyGames
[2011/09/18 13:44:35 | 000,000,000 | ---D | M] -- D:\ProgramData\Cateia Games
[2011/02/05 14:19:33 | 000,000,000 | ---D | M] -- D:\ProgramData\CrioGames
[2011/07/31 14:21:30 | 000,000,000 | ---D | M] -- D:\ProgramData\CropBusters
[2010/11/10 15:22:11 | 000,000,000 | -HSD | M] -- D:\ProgramData\Desktop
[2011/11/05 19:10:28 | 000,000,000 | ---D | M] -- D:\ProgramData\Desktop Gaming
[2010/11/10 15:22:11 | 000,000,000 | -HSD | M] -- D:\ProgramData\Dokumente
[2011/09/14 17:31:30 | 000,000,000 | ---D | M] -- D:\ProgramData\Far Mills
[2010/11/21 14:48:36 | 000,000,000 | ---D | M] -- D:\ProgramData\Farm Fishes
[2011/02/26 13:19:50 | 000,000,000 | ---D | M] -- D:\ProgramData\FarmFrenzy_Rome
[2011/09/22 18:30:26 | 000,000,000 | ---D | M] -- D:\ProgramData\FarmFrenzy_Vikings
[2010/11/10 15:22:11 | 000,000,000 | -HSD | M] -- D:\ProgramData\Favoriten
[2011/09/09 12:13:34 | 000,000,000 | ---D | M] -- D:\ProgramData\Fugazo
[2011/02/15 17:04:11 | 000,000,000 | ---D | M] -- D:\ProgramData\Funny Bear Studio
[2010/11/12 19:54:20 | 000,000,000 | ---D | M] -- D:\ProgramData\GameHouse
[2011/02/24 17:53:52 | 000,000,000 | ---D | M] -- D:\ProgramData\GamePlastic
[2011/09/08 17:28:44 | 000,000,000 | ---D | M] -- D:\ProgramData\Green Clover Games
[2011/12/11 14:19:22 | 000,000,000 | ---D | M] -- D:\ProgramData\Grey Alien Games
[2011/08/07 14:52:36 | 000,000,000 | ---D | M] -- D:\ProgramData\HipSoft
[2011/03/26 16:19:17 | 000,000,000 | ---D | M] -- D:\ProgramData\Kingdom
[2011/03/22 15:34:29 | 000,000,000 | ---D | M] -- D:\ProgramData\MumboJumbo
[2011/02/05 11:27:32 | 000,000,000 | ---D | M] -- D:\ProgramData\Nevosoft-Breeze
[2011/01/08 18:04:32 | 000,000,000 | ---D | M] -- D:\ProgramData\Oberon Media
[2011/03/11 17:28:51 | 000,000,000 | ---D | M] -- D:\ProgramData\Particles
[2011/09/18 15:06:38 | 000,000,000 | ---D | M] -- D:\ProgramData\PlayFirst
[2011/11/19 18:46:37 | 000,000,000 | ---D | M] -- D:\ProgramData\PlayfulAge
[2011/12/12 13:10:29 | 000,000,000 | ---D | M] -- D:\ProgramData\Playrix Entertainment
[2011/09/10 15:33:46 | 000,000,000 | ---D | M] -- D:\ProgramData\PopCap Games
[2010/11/12 16:07:38 | 000,000,000 | ---D | M] -- D:\ProgramData\REINER SCT
[2011/10/19 17:05:34 | 000,000,000 | ---D | M] -- D:\ProgramData\RescueFrenzy
[2011/07/30 12:48:02 | 000,000,000 | ---D | M] -- D:\ProgramData\rionix
[2010/12/07 16:46:24 | 000,000,000 | ---D | M] -- D:\ProgramData\Rumbic Studio
[2011/11/23 19:33:34 | 000,000,000 | ---D | M] -- D:\ProgramData\Solidshield
[2010/11/11 16:57:27 | 000,000,000 | ---D | M] -- D:\ProgramData\StarMoney 7.0
[2012/04/01 11:58:33 | 000,000,000 | ---D | M] -- D:\ProgramData\StarMoney 8.0
[2010/11/10 15:22:11 | 000,000,000 | -HSD | M] -- D:\ProgramData\Startmenü
[2013/01/13 12:35:26 | 000,000,000 | ---D | M] -- D:\ProgramData\SweetIM
[2013/06/14 18:06:58 | 000,000,000 | ---D | M] -- D:\ProgramData\TEMP
[2011/01/09 11:42:13 | 000,000,000 | ---D | M] -- D:\ProgramData\TuneUp Software
[2011/10/19 07:50:55 | 000,000,000 | ---D | M] -- D:\ProgramData\VirtualFarm2
[2011/11/06 19:30:30 | 000,000,000 | ---D | M] -- D:\ProgramData\Visan
[2010/11/10 15:22:11 | 000,000,000 | -HSD | M] -- D:\ProgramData\Vorlagen
[2011/01/09 11:40:28 | 000,000,000 | -HSD | M] -- D:\ProgramData\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
[2010/11/12 17:10:57 | 000,000,000 | ---D | M] -- D:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2013/04/26 10:40:21 | 000,032,632 | ---- | M] () -- D:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 236 bytes -> D:\ProgramData\TEMP:99AC3203
@Alternate Data Stream - 236 bytes -> D:\ProgramData\TEMP:38FF076E
@Alternate Data Stream - 233 bytes -> D:\ProgramData\TEMP:DD95E6D9
@Alternate Data Stream - 218 bytes -> D:\ProgramData\TEMP:29C0641D
@Alternate Data Stream - 213 bytes -> D:\ProgramData\TEMP:6C049F97
@Alternate Data Stream - 212 bytes -> D:\ProgramData\TEMP:E5BA9ADD
@Alternate Data Stream - 199 bytes -> D:\ProgramData\TEMP:1A4BF204
@Alternate Data Stream - 190 bytes -> D:\ProgramData\TEMP:8247A199
@Alternate Data Stream - 18 bytes -> D:\Users\franke:zylomtr{00013KEU-UKQE-K6V0-2PHI-2B2UA19M6VV4}
@Alternate Data Stream - 16 bytes -> D:\Users\franke:zylomtr{000HQ7FF-AD7A-3FG2-LKCU-2AJQPJA4AVHE}
@Alternate Data Stream - 149 bytes -> D:\ProgramData\TEMP:884C7316
@Alternate Data Stream - 149 bytes -> D:\ProgramData\TEMP:2D3CB929
@Alternate Data Stream - 148 bytes -> D:\ProgramData\TEMP:FD38E906
@Alternate Data Stream - 148 bytes -> D:\ProgramData\TEMP:3B07E6F4
@Alternate Data Stream - 148 bytes -> D:\ProgramData\TEMP:10873493
@Alternate Data Stream - 147 bytes -> D:\ProgramData\TEMP:D882BE37
@Alternate Data Stream - 147 bytes -> D:\ProgramData\TEMP:2ABB51D4
@Alternate Data Stream - 147 bytes -> D:\ProgramData\TEMP:140AD176
@Alternate Data Stream - 146 bytes -> D:\ProgramData\TEMP:E6B1AD87
@Alternate Data Stream - 146 bytes -> D:\ProgramData\TEMP:8DD36B71
@Alternate Data Stream - 145 bytes -> D:\ProgramData\TEMP:A5CD91DF
@Alternate Data Stream - 145 bytes -> D:\ProgramData\TEMP:14D29229
@Alternate Data Stream - 143 bytes -> D:\ProgramData\TEMP:7EABF26C
@Alternate Data Stream - 143 bytes -> D:\ProgramData\TEMP:193CB03B
@Alternate Data Stream - 142 bytes -> D:\ProgramData\TEMP:701B92FB
@Alternate Data Stream - 142 bytes -> D:\ProgramData\TEMP:4B244549
@Alternate Data Stream - 141 bytes -> D:\ProgramData\TEMP:C43C957E
@Alternate Data Stream - 141 bytes -> D:\ProgramData\TEMP:160ADF0B
@Alternate Data Stream - 140 bytes -> D:\ProgramData\TEMP:9CF728A6
@Alternate Data Stream - 140 bytes -> D:\ProgramData\TEMP:6EA64886
@Alternate Data Stream - 140 bytes -> D:\ProgramData\TEMP:03D08225
@Alternate Data Stream - 139 bytes -> D:\ProgramData\TEMP:751D6870
@Alternate Data Stream - 139 bytes -> D:\ProgramData\TEMP:07C99568
@Alternate Data Stream - 139 bytes -> D:\ProgramData\TEMP:073139EC
@Alternate Data Stream - 138 bytes -> D:\ProgramData\TEMP:F3591DDB
@Alternate Data Stream - 138 bytes -> D:\ProgramData\TEMP:20EB6823
@Alternate Data Stream - 138 bytes -> D:\ProgramData\TEMP:0988A428
@Alternate Data Stream - 137 bytes -> D:\ProgramData\TEMP:7425C891
@Alternate Data Stream - 137 bytes -> D:\ProgramData\TEMP:5C0940F1
@Alternate Data Stream - 137 bytes -> D:\ProgramData\TEMP:2E9900EE
@Alternate Data Stream - 137 bytes -> D:\ProgramData\TEMP:0915A718
@Alternate Data Stream - 136 bytes -> D:\ProgramData\TEMP:92D91D7E
@Alternate Data Stream - 135 bytes -> D:\ProgramData\TEMP:C3D26A8A
@Alternate Data Stream - 135 bytes -> D:\ProgramData\TEMP:4149A170
@Alternate Data Stream - 135 bytes -> D:\ProgramData\TEMP:00AA4B31
@Alternate Data Stream - 134 bytes -> D:\ProgramData\TEMP:EE7AAC75
@Alternate Data Stream - 133 bytes -> D:\ProgramData\TEMP:E21433CE
@Alternate Data Stream - 133 bytes -> D:\ProgramData\TEMP:B722BCE5
@Alternate Data Stream - 131 bytes -> D:\ProgramData\TEMP:A01F3A87
@Alternate Data Stream - 131 bytes -> D:\ProgramData\TEMP:93226FE3
@Alternate Data Stream - 130 bytes -> D:\ProgramData\TEMP:6423D635
@Alternate Data Stream - 129 bytes -> D:\ProgramData\TEMP:D01ACC06
@Alternate Data Stream - 129 bytes -> D:\ProgramData\TEMP:9D03192E
@Alternate Data Stream - 128 bytes -> D:\ProgramData\TEMP:C946EBB2
@Alternate Data Stream - 128 bytes -> D:\ProgramData\TEMP:BC1F7CAE
@Alternate Data Stream - 127 bytes -> D:\ProgramData\TEMP:D576A536
@Alternate Data Stream - 127 bytes -> D:\ProgramData\TEMP:16A4620C
@Alternate Data Stream - 126 bytes -> D:\ProgramData\TEMP:9DB67071
@Alternate Data Stream - 126 bytes -> D:\ProgramData\TEMP:2D1AE3BE
@Alternate Data Stream - 126 bytes -> D:\ProgramData\TEMP:1B3549F2
@Alternate Data Stream - 125 bytes -> D:\ProgramData\TEMP:CD6DF7CC
@Alternate Data Stream - 125 bytes -> D:\ProgramData\TEMP:C3AD9507
@Alternate Data Stream - 125 bytes -> D:\ProgramData\TEMP:56C66609
@Alternate Data Stream - 125 bytes -> D:\ProgramData\TEMP:00811B66
@Alternate Data Stream - 124 bytes -> D:\ProgramData\TEMP:F1F936DF
@Alternate Data Stream - 124 bytes -> D:\ProgramData\TEMP:BD8010FE
@Alternate Data Stream - 124 bytes -> D:\ProgramData\TEMP:063969F8
@Alternate Data Stream - 123 bytes -> D:\ProgramData\TEMP:CFF6B3FF
@Alternate Data Stream - 123 bytes -> D:\ProgramData\TEMP:9290C91C
@Alternate Data Stream - 122 bytes -> D:\ProgramData\TEMP:A7B70C4E
@Alternate Data Stream - 122 bytes -> D:\ProgramData\TEMP:6C031E3E
@Alternate Data Stream - 122 bytes -> D:\ProgramData\TEMP:4A966CC2
@Alternate Data Stream - 122 bytes -> D:\ProgramData\TEMP:2216A431
@Alternate Data Stream - 121 bytes -> D:\ProgramData\TEMP:E99D1D3C
@Alternate Data Stream - 121 bytes -> D:\ProgramData\TEMP:A1023D41
@Alternate Data Stream - 120 bytes -> D:\ProgramData\TEMP:B285A50E
@Alternate Data Stream - 120 bytes -> D:\ProgramData\TEMP:AE9351E0
@Alternate Data Stream - 120 bytes -> D:\ProgramData\TEMP:149327FE
@Alternate Data Stream - 120 bytes -> D:\ProgramData\TEMP:00258EE7
@Alternate Data Stream - 119 bytes -> D:\ProgramData\TEMP:104A718B
@Alternate Data Stream - 118 bytes -> D:\ProgramData\TEMP:46A2F27B
@Alternate Data Stream - 118 bytes -> D:\ProgramData\TEMP:2ADF9928
@Alternate Data Stream - 118 bytes -> D:\ProgramData\TEMP:169E7AC5
@Alternate Data Stream - 104 bytes -> D:\ProgramData\TEMP:1A8BB29B
< End of report >
Vielen Dank im Voraus

Gruss tpfkarb

 

Themen zu GVU Trojaner Windows 7 32 bit
32 bit, adobe, adobe flash player, autorun, bho, bonjour, browser, dringend, ebanking, error, explorer, firefox, flash player, format, gvu trojaner windows 7, helper, logfile, neu, object, ordner, plug-in, registry, scan, security, software, starmoney, sweetpacks, symantec, temp, trojaner, windows, windows 7 32 bit


« versuch mit OTL trojaner PUM.UserWLoad und Trojan.Agent zu entfernen.. hoffe habe alles richtig gemacht | Virtumonde.dll/sci/sdn und Spybot »


Ähnliche Themen: GVU Trojaner Windows 7 32 bit


  1. Windows 7 SP 1 mit Trojaner infiziert - Windows Update Fehlercode 8007002
    Log-Analyse und Auswertung - 11.09.2015 (60)
  2. Windows 7: Trojaner - Windows Updates, Firewall defekt
    Log-Analyse und Auswertung - 20.03.2015 (24)
  3. Windows 7: Nach BKA Trojaner Fehlermeldung beim Starten, Windows Sicherheitscenter kann nicht gestartet werden
    Log-Analyse und Auswertung - 18.11.2014 (9)
  4. Windows-Verschlüsselungs-Trojaner unter Windows 7 auf einem MAC
    Log-Analyse und Auswertung - 14.06.2012 (3)
  5. windows verschlüsselungs Flirtfever-Trojaner, Windows XP
    Log-Analyse und Auswertung - 13.06.2012 (1)
  6. Nach BKA Trojaner, Windows Firewall deaktiviert sich (Windows XP)
    Plagegeister aller Art und deren Bekämpfung - 10.06.2012 (1)
  7. Willkomen bei Windows Update, Sie haben sich mit einen Windows-Verschlüsselungs Trojaner infiziert.
    Log-Analyse und Auswertung - 06.06.2012 (1)
  8. UKash Windows Secure Trojaner mit Windows XP eingefangen
    Plagegeister aller Art und deren Bekämpfung - 05.06.2012 (1)
  9. Windows Notfall Sicherheits Update Center - Windows XP Trojaner
    Log-Analyse und Auswertung - 21.05.2012 (2)
  10. Windows-Verschlüsselungs-Trojaner unter Windows XP
    Log-Analyse und Auswertung - 16.05.2012 (9)
  11. Windows 7 (64bit) Virus/Trojaner (evtl. Windows Verschlüsselungs Trojaner)
    Plagegeister aller Art und deren Bekämpfung - 07.05.2012 (19)
  12. Windows-Verschlüsselungs Trojaner Windows 7 Starter
    Plagegeister aller Art und deren Bekämpfung - 06.05.2012 (10)
  13. Infiziert mit Windows-Verschlüsselungs Trojaner -Mail mit Telefonrechnung - windows vista
    Plagegeister aller Art und deren Bekämpfung - 06.05.2012 (12)
  14. "Willkommen bei Windows Update Sie haben sich mit einen Windows-Verschlüsselungs Trojaner infiziert.
    Log-Analyse und Auswertung - 27.04.2012 (3)
  15. 'Windows Security Center' Trojaner - Windows-Benutzer gesperrt !
    Log-Analyse und Auswertung - 16.03.2012 (5)
  16. Windows Vista Home Premium 32-Bit Trojaner Windows gesperrt 50€ zahlen.
    Log-Analyse und Auswertung - 23.01.2012 (1)
  17. Trojaner Fake.AV c:\Users\Sexgott\AppData\Roaming\microsoft\Windows\start menu\Programs\windows reco
    Mülltonne - 28.04.2011 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema GVU Trojaner Windows 7 32 bit - Hallo zusammen, habe mich eben erst angemeldet und schon ein wenig gelesen.......zuerst einmal bin ich sehr positiv überrascht....hier sind Könner am Werk Habe hier den Rechner meiner Schwester, den ich - GVU Trojaner Windows 7 32 bit...
Archiv
Du betrachtest: GVU Trojaner Windows 7 32 bit auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131