| |
| |||||||
Log-Analyse und Auswertung: Windows XP: GUV Trojaner - abgesicherter Modus startet nichtWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
25.11.2013, 20:45
| #1 |
| |  Windows XP: GUV Trojaner - abgesicherter Modus startet nicht Hallo Trojaner-Board-Team, ich habe mir einen GVU-Trojaner eingefangen. Kann den PC nicht im abgesicherter Modus starten. Wenn ich den abgesicherten Modus auswähle, startet er wie beim regulären Neustart. Windows normal starten bringt sofort den GVU-Screen. Gemäß der bisherigen Beiträge (GVU Trojaner - Abgesicherter Modus geht nicht) habe ich einen OTLPE Scan durchgeführt und poste hier die OTL.Txt. Was kann ich tun und wie geht es weiter? Vielen Dank im Voraus für die Hilfe  OTL Logfile: Code:
ATTFilter OTL logfile created on: 11/25/2013 8:25:10 PM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1,022.00 Mb Total Physical Memory | 771.00 Mb Available Physical Memory | 75.00% Memory free
906.00 Mb Paging File | 837.00 Mb Available in Paging File | 92.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 80.63 Gb Total Space | 36.06 Gb Free Space | 44.72% Space Free | Partition Type: NTFS
Drive D: | 26.52 Gb Total Space | 6.97 Gb Free Space | 26.29% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto] -- -- (LVPrcSrv)
SRV - File not found [Disabled] -- -- (HidServ)
SRV - File not found [On_Demand] -- -- (AppMgmt)
SRV - File not found [Auto] -- -- (APNMCP)
SRV - [2013/09/05 13:04:31 | 000,084,024 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013/09/05 13:04:16 | 000,815,160 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- C:\Programme\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService)
SRV - [2013/09/05 13:04:13 | 000,108,088 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012/11/13 08:07:24 | 000,168,384 | ---- | M] (Safer-Networking Ltd.) [Auto] -- C:\Programme\Spybot - Search & Destroy 2\SDWSCSvc.exe -- (SDWSCService)
SRV - [2012/11/13 08:07:20 | 001,369,624 | ---- | M] (Safer-Networking Ltd.) [Auto] -- C:\Programme\Spybot - Search & Destroy 2\SDUpdSvc.exe -- (SDUpdateService)
SRV - [2012/11/13 08:07:16 | 001,103,392 | ---- | M] (Safer-Networking Ltd.) [Auto] -- C:\Programme\Spybot - Search & Destroy 2\SDFSSvc.exe -- (SDScannerService)
SRV - [2012/07/13 06:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011/07/19 23:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2010/10/15 18:40:40 | 000,037,664 | ---- | M] (Apple Inc.) [Auto] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/09/06 11:56:38 | 000,247,096 | ---- | M] () [Auto] -- C:\Programme\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2010/01/09 14:37:50 | 004,640,000 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2010/01/09 14:18:00 | 000,149,352 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2009/01/13 04:28:46 | 001,528,608 | ---- | M] (Cisco Systems, Inc.) [Auto] -- C:\Programme\Cisco Systems\VPN Client\cvpnd.exe -- (CVPND)
SRV - [2008/10/24 09:35:44 | 000,128,296 | ---- | M] () [Auto] -- C:\Programme\AAVUpdateManager\aavus.exe -- (AAV UpdateService)
SRV - [2007/04/26 03:21:28 | 001,234,480 | ---- | M] (Sunbelt Software) [Auto] -- C:\Programme\Sunbelt Software\Personal Firewall\kpf4ss.exe -- (SPF4)
SRV - [2007/02/06 10:47:12 | 000,105,248 | ---- | M] (Logitech Inc.) [Auto] -- C:\Programme\Gemeinsame Dateien\Logitech\SrvLnch\SrvLnch.exe -- (LVSrvLauncher)
SRV - [2006/10/02 09:24:10 | 000,024,072 | ---- | M] (TuneUp Software GmbH) [Auto] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp)
SRV - [2006/09/21 19:35:08 | 000,226,192 | ---- | M] (Acronis) [Auto] -- C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2006/08/03 12:50:46 | 000,380,928 | ---- | M] (Dell Inc.) [Auto] -- C:\Programme\Dell\QuickSet\NicConfigSvc.exe -- (NICCONFIGSVC)
SRV - [2006/05/01 03:34:00 | 000,262,217 | ---- | M] (Intel(R) Corporation) [Auto] -- C:\Programme\Intel\Wireless\Bin\WLKEEPER.exe -- (WLANKEEPER) Intel(R)
SRV - [2006/03/03 15:03:10 | 000,069,632 | ---- | M] (HP) [On_Demand] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2003/06/19 16:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (RTCore32)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand] -- -- (LVPr2Mon)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (InCDRm)
DRV - File not found [Kernel | System] -- -- (InCDPass)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - [2013/11/24 13:40:29 | 000,022,528 | ---- | M] (pBUS-167 Software - hxxp://www.pbus-167.com) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nhcDriver.sys -- (nhcDriverDevice)
DRV - [2013/09/05 13:04:34 | 000,136,672 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2013/09/05 13:04:34 | 000,088,840 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2013/08/05 13:24:45 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2013/08/05 13:24:45 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/09/28 07:30:20 | 000,102,528 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2009/09/28 07:30:20 | 000,100,736 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ewusbdev.sys -- (hwusbdev)
DRV - [2009/04/03 01:45:25 | 000,082,380 | ---- | M] (Oak Technology Inc.) [Kernel | System] -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K)
DRV - [2009/01/13 04:27:38 | 000,306,811 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\CVPNDRVA.sys -- (CVPNDRVA)
DRV - [2008/08/28 10:17:38 | 000,131,856 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\dne2000.sys -- (DNE)
DRV - [2008/04/13 13:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mpe.sys -- (MPE)
DRV - [2007/11/14 11:05:16 | 000,394,952 | ---- | M] (Zone Labs, LLC) [Kernel | On_Demand] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant)
DRV - [2007/04/26 03:21:34 | 000,072,624 | ---- | M] (Sunbelt Software) [Kernel | System] -- C:\WINDOWS\system32\drivers\khips.sys -- (khips)
DRV - [2007/04/26 03:21:30 | 000,302,000 | ---- | M] (Sunbelt Software) [Kernel | System] -- C:\WINDOWS\system32\drivers\fwdrv.sys -- (fwdrv)
DRV - [2007/03/20 08:13:38 | 000,300,544 | ---- | M] (AfaTech ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\AF15BDA.sys -- (AF15BDA)
DRV - [2007/02/06 10:44:36 | 001,964,064 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\LVMVdrv.sys -- (LVMVDrv)
DRV - [2007/02/06 10:42:40 | 001,691,808 | ---- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Lvckap.sys -- (LVcKap)
DRV - [2007/02/03 03:32:36 | 000,041,504 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2007/02/03 03:27:28 | 000,938,272 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\LV302V32.SYS -- (PID_PEPI) Logitech QuickCam IM(PID_PEPI)
DRV - [2007/02/03 03:27:16 | 000,014,240 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\lv302af.sys -- (pepifilter)
DRV - [2007/01/18 12:28:02 | 000,005,275 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\CVirtA.sys -- (CVirtA)
DRV - [2006/11/25 11:16:46 | 000,397,296 | ---- | M] (Acronis) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\timntr.sys -- (timounter)
DRV - [2006/11/25 11:16:46 | 000,033,488 | ---- | M] (Acronis) [File_System | Auto] -- C:\WINDOWS\system32\drivers\tifsfilt.sys -- (tifsfilter)
DRV - [2006/11/25 11:16:40 | 000,107,056 | ---- | M] (Acronis) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\snapman.sys -- (snapman)
DRV - [2006/08/25 01:23:08 | 000,044,544 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2006/05/24 11:07:18 | 000,328,237 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2006/05/24 11:05:26 | 000,023,271 | ---- | M] (Broadcom Corporation.) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\btserial.sys -- (BTSERIAL)
DRV - [2006/05/24 11:04:04 | 000,851,434 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2006/05/24 11:01:34 | 000,030,427 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2006/05/24 11:01:22 | 000,030,285 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\btwmodem.sys -- (btwmodem)
DRV - [2006/05/24 11:00:50 | 000,066,488 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2006/05/24 10:58:18 | 000,148,900 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2006/05/24 10:57:00 | 000,045,683 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\btwhid.sys -- (btwhid)
DRV - [2006/05/01 03:52:02 | 000,013,568 | ---- | M] (Intel Corporation) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2006/04/26 17:13:04 | 001,429,632 | ---- | M] (Intel® Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\w39n51.sys -- (w39n51) Intel(R)
DRV - [2006/03/24 17:34:30 | 001,156,648 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2006/01/12 16:29:38 | 000,013,568 | ---- | M] (SingleClick Systems) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\wsp_pkt.sys -- (wsppkt)
DRV - [2006/01/12 16:27:16 | 000,013,696 | ---- | M] (SingleClick Systems) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\hnm_wrls_pkt.sys -- (hnmwrlspkt)
DRV - [2006/01/12 16:26:10 | 000,013,312 | ---- | M] (SingleClick Systems) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\packet.sys -- (Packet)
DRV - [2006/01/10 06:07:58 | 000,004,864 | ---- | M] (GTek Technologies Ltd.) [Kernel | On_Demand] -- C:\Programme\Dell Support\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2005/08/12 11:50:46 | 000,016,128 | ---- | M] (Dell Inc) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS -- (APPDRV)
DRV - [2005/07/14 17:58:14 | 000,028,544 | ---- | M] (REDC) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2005/07/14 16:28:38 | 000,307,968 | ---- | M] (REDC) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2005/07/12 18:00:30 | 000,051,328 | ---- | M] (REDC) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2005/06/15 09:55:53 | 000,004,096 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Boot] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2004/04/30 02:37:02 | 000,160,640 | ---- | M] ( ) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\a347bus.sys -- (a347bus)
DRV - [2004/04/30 02:33:00 | 000,005,248 | ---- | M] ( ) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\a347scsi.sys -- (a347scsi)
DRV - [2004/02/13 10:46:00 | 000,017,153 | ---- | M] (Dell Inc) [Kernel | System] -- C:\WINDOWS\system32\drivers\omci.sys -- (omci)
DRV - [2002/09/16 11:14:32 | 000,004,228 | ---- | M] (PowerQuest Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\PQNTDRV.sys -- (PQNTDrv)
DRV - [1996/04/03 14:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot] -- C:\WINDOWS\system32\giveio.sys -- (giveio)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.de/ig/dell?hl=de&client=dell-row&channel=de&ibd=5061017
IE - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKLM\Software\Microsoft\Internet Explorer\Search,Start Page = www.google.de/ig/dell?hl=de&client=dell-row&channel=de&ibd=5061017
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.de/ig/dell?hl=de&client=dell-row&channel=de&ibd=5061017
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.de/ig/dell?hl=de&client=dell-row&channel=de&ibd=5061017
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://www1.euro.dell.com/content/default.aspx?c=de&l=de&s=gen
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.de/hws/sb/dell-row/de/side.html?channel=de
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.de/ig/dell?hl=de&client=dell-row&channel=de&ibd=5061017
IE - HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Julian_Becker_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.de/ig/dell?hl=de&client=dell-row&channel=de&ibd=5061017
IE - HKU\Julian_Becker_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\Julian_Becker_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\Julian_Becker_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\Julian_Becker_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.de/ig/dell?hl=de&client=dell-row&channel=de&ibd=5061017
IE - HKU\Julian_Becker_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKU\Julian_Becker_ON_C\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\Julian_Becker_ON_C\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\Julian_Becker_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Programme\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Programme\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\Programme\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Programme\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{8AA36F4F-6DC7-4c06-77AF-5035170634FE}: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Swiss Academic Software\Citavi Picker\Firefox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}: C:\Programme\Gemeinsame Dateien\DVDVideoSoft\plugins\ff\ [2013/01/01 08:58:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012/02/21 05:29:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2011/10/18 14:38:27 | 000,000,000 | ---D | M]
[2011/09/22 05:03:46 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012/02/21 05:29:24 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2011/10/03 04:14:54 | 000,083,456 | ---- | M] (vShare.tv ) -- C:\Programme\mozilla firefox\plugins\npvsharetvplg.dll
[2011/10/24 03:22:08 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011/10/24 03:22:08 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2011/10/24 03:22:08 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2011/10/24 03:22:08 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2011/10/24 03:22:08 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2011/10/24 03:22:08 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2009/09/16 12:03:29 | 000,332,813 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.123topsearch.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 www.132.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 www.136136.net
O1 - Hosts: 127.0.0.1 136136.net
O1 - Hosts: 127.0.0.1 www.163ns.com
O1 - Hosts: 127.0.0.1 163ns.com
O1 - Hosts: 11396 more lines...
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Avira SearchFree Toolbar) - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Programme\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (IE5BarLauncherBHO Class) - {78F3A323-798E-4AEA-9A57-88F4B05FD5DD} - C:\Programme\vShare.tv plugin\BarLcher.dll (VShare Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Programme\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (no name) - {CF070CB8-F02F-4af4-A7B7-8D45CAD4BB54} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar) - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Programme\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
O3 - HKLM\..\Toolbar: (VShareToolBar) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Programme\vShare.tv plugin\BarLcher.dll (VShare Inc.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKU\Administrator_ON_C\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\Julian_Becker_ON_C\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar) - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Programme\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
O3 - HKU\Julian_Becker_ON_C\..\Toolbar\WebBrowser: (VShareToolBar) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Programme\vShare.tv plugin\BarLcher.dll (VShare Inc.)
O3 - HKU\Julian_Becker_ON_C\..\Toolbar\WebBrowser: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O4 - HKLM..\Run: [ApnTBMon] File not found
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [CTSVolFE.exe] C:\Programme\Creative\Mixer\CTSVolFE.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [IntelWireless] C:\Programme\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Programme\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [LVCOMSX] C:\Programme\Gemeinsame Dateien\Logitech\LComMgr\LVComSX.exe (Logitech Inc.)
O4 - HKLM..\Run: [NotebookHardwareControl] C:\Programme\Notebook Hardware Control\nhc.exe (hxxp://www.pbus-167.com)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [SDTray] C:\Programme\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKU\Administrator_ON_C..\Run: [DellSupport] C:\Programme\Dell Support\DSAgnt.exe (Gteko Ltd.)
O4 - HKU\Administrator_ON_C..\Run: [ModemOnHold] C:\Programme\NetWaiting\netwaiting.exe ()
O4 - HKU\.DEFAULT..\RunOnce: [WUAppSetup] File not found
O4 - HKU\Administrator_ON_C..\RunOnce: [NeroHomeFirstStart] C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMFirstStart.exe (Nero AG)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\BTTray.lnk = C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\hpoddt01.exe.lnk = C:\Programme\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe (Hewlett-Packard)
O4 - Startup: C:\Dokumente und Einstellungen\Julian Becker\Startmenü\Programme\Autostart\9hglfl9.lnk = X:\I386\SYSTEM32\RUNDLL32.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Julian_Becker_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Senden an &Bluetooth-Gerät... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\NPJPI150_06.dll (Sun Microsystems, Inc.)
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : PDF Download - Options - {AD9E6088-E00B-42f9-9F0C-8480525D234E} - Reg Error: Key error. File not found
O9 - Extra Button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - File not found
O9 - Extra 'Tools' menuitem : ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - File not found
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O9 - Extra Button: PDFill PDF Editor - {FB858B22-55E2-413f-87F5-30ADC5552151} - C:\Programme\PlotSoft\PDFill\DownloadPDF.exe (PlotSoft LLC)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Java Plug-in 1.5.0_06)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - SDWinLogon.dll - File not found
O20 - Winlogon\Notify\WgaLogon: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp
O30 - LSA: Authentication Packages - (relog_ap) - C:\WINDOWS\System32\relog_ap.dll (Acronis)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/18 07:18:44 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/10/24 13:57:41 | 000,000,100 | ---- | M] () - D:\AUTORUN.INF -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2013/11/18 16:09:47 | 000,200,704 | ---- | C] (Корпорация Майкрософт) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\9lflgh9.dss
[2013/11/18 13:15:43 | 000,000,000 | ---D | C] -- C:\Kaspersky Rescue Disk 10.0
[2013/11/12 14:31:57 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Gtek
[2013/11/12 14:31:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Corel
[2013/11/12 14:31:56 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft
[2013/11/12 14:31:56 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten
[2013/11/12 14:31:56 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Administrator\Favoriten
[2013/11/12 14:31:56 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Eigene Musik
[2013/11/12 14:31:56 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien
[2013/11/12 14:31:56 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Eigene Bilder
[2013/11/12 14:31:56 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Administrator\Cookies
[2013/11/12 14:31:56 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Administrator\Druckumgebung
[2013/11/12 14:31:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Symantec
[2013/11/12 14:31:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\My Music
[2013/11/12 14:31:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Microsoft
[2013/11/12 14:31:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Macromedia
[2013/11/12 14:31:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Intel
[2013/11/12 14:31:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Identities
[2013/11/12 14:31:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Google
[2013/11/12 14:31:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Desktop
[2013/11/12 14:31:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\BVRP Software
[2013/11/12 14:31:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Bluetooth-Exchange-Ordner
[2013/11/12 14:31:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Bluetooth Software
[2013/11/12 14:31:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\ApplicationHistory
[2013/11/12 14:31:55 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Administrator\SendTo
[2013/11/12 14:31:55 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Administrator\Recent
[2013/11/12 14:31:55 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Zubehör
[2013/11/12 14:31:55 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Administrator\Startmenü
[2013/11/12 14:31:55 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Autostart
[2013/11/12 14:31:55 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Administrator\Vorlagen
[2013/11/12 14:31:55 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Administrator\Netzwerkumgebung
[2013/11/12 14:31:55 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen
[2013/11/12 14:31:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Microsoft Help
[2013/11/12 14:31:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Dell
[2013/11/12 14:31:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\{3248F0A6-6813-11D6-A77B-00B0D0150060}
[2013/11/12 13:18:09 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Julian Becker\Lokale Einstellungen\Anwendungsdaten\AskPartnerNetwork
[2013/11/12 12:02:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Julian Becker\Desktop\Bali 2013
[2007/05/21 07:05:41 | 023,510,720 | ---- | C] (Microsoft Corporation) -- C:\Programme\Microsoft Framework.exe
[2007/01/26 11:31:18 | 014,994,392 | ---- | C] (Macrovision Corporation) -- C:\Programme\GoogleEarth.exe
[2007/01/10 17:02:20 | 019,666,504 | ---- | C] (Apple Computer, Inc.) -- C:\Programme\QuickTimeInstaller.exe
[2006/11/16 11:03:13 | 036,808,256 | ---- | C] (Apple Computer, Inc.) -- C:\Programme\iTunesSetup.exe
[2006/10/23 14:30:05 | 000,160,640 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\a347bus.sys
[2006/10/23 14:30:05 | 000,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\a347scsi.sys
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013/11/24 14:18:37 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/11/24 13:40:29 | 000,022,528 | ---- | M] (pBUS-167 Software - hxxp://www.pbus-167.com) -- C:\WINDOWS\System32\drivers\nhcDriver.sys
[2013/11/24 13:40:21 | 095,025,368 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\9hglfl9.bxx
[2013/11/24 13:40:10 | 000,000,000 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\9hglfl9.fvv
[2013/11/24 13:39:55 | 000,083,429 | ---- | M] () -- C:\WINDOWS\System32\nvModes.001
[2013/11/24 13:39:55 | 000,051,048 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2013/11/24 13:39:22 | 000,001,086 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/11/24 13:39:21 | 000,000,612 | ---- | M] () -- C:\WINDOWS\tasks\Check for updates (Spybot - Search & Destroy).job
[2013/11/24 13:39:20 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/11/24 13:39:13 | 1072,103,424 | -HS- | M] () -- C:\hiberfil.sys
[2013/11/21 12:57:18 | 000,533,535 | ---- | M] () -- C:\WINDOWS\System32\drivers\fwdrv.err
[2013/11/18 16:10:00 | 000,000,800 | ---- | M] () -- C:\Dokumente und Einstellungen\Julian Becker\Startmenü\Programme\Autostart\9hglfl9.lnk
[2013/11/18 16:09:47 | 000,200,704 | ---- | M] (Корпорация Майкрософт) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\9lflgh9.dss
[2013/11/18 15:57:10 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/11/18 15:38:15 | 000,000,984 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2013/11/18 12:10:26 | 095,025,368 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\lctfrf89.bxx
[2013/11/18 12:10:18 | 000,000,000 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\lctfrf89.fvv
[2013/11/13 13:11:34 | 000,083,429 | ---- | M] () -- C:\WINDOWS\System32\nvModes.dat
[2013/11/12 13:18:01 | 000,000,393 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\lctfrf89.reg
[2013/11/12 11:49:11 | 000,464,856 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2013/11/12 11:49:11 | 000,446,152 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/11/12 11:49:11 | 000,087,060 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2013/11/12 11:49:11 | 000,073,358 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013/11/18 16:10:00 | 000,000,800 | ---- | C] () -- C:\Dokumente und Einstellungen\Julian Becker\Startmenü\Programme\Autostart\9hglfl9.lnk
[2013/11/18 16:09:56 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\9hglfl9.fvv
[2013/11/18 16:09:48 | 095,025,368 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\9hglfl9.bxx
[2013/11/12 15:31:41 | 1072,103,424 | -HS- | C] () -- C:\hiberfil.sys
[2013/11/12 14:32:03 | 000,001,806 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\Corel Paint Shop Pro X.lnk
[2013/11/12 14:32:03 | 000,000,079 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\Desktop anzeigen.scf
[2013/11/12 14:32:01 | 000,000,663 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\Internet Explorer Browser starten.lnk
[2013/11/12 14:31:58 | 000,000,141 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2013/11/12 14:31:57 | 000,001,503 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Remoteunterstützung.lnk
[2013/11/12 14:31:57 | 000,000,651 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Internet Explorer.lnk
[2013/11/12 14:31:57 | 000,000,622 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Outlook Express.lnk
[2013/11/12 13:15:45 | 000,000,393 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\lctfrf89.reg
[2013/11/12 13:14:45 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\lctfrf89.fvv
[2013/11/12 13:14:42 | 095,025,368 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\lctfrf89.bxx
[2012/02/16 02:24:50 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011/03/15 08:47:01 | 000,071,262 | ---- | C] () -- C:\WINDOWS\Huawei ModemsUninstall.exe
[2010/09/02 03:32:19 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/05/13 09:34:49 | 000,001,044 | ---- | C] () -- C:\WINDOWS\saplogon.ini
[2010/02/13 10:31:00 | 000,121,236 | ---- | C] () -- C:\WINDOWS\hpoins11.dat
[2010/02/13 10:30:48 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll
[2010/02/13 10:30:41 | 000,006,947 | ---- | C] () -- C:\WINDOWS\hpomdl11.dat
[2009/06/04 05:29:15 | 000,000,252 | ---- | C] () -- C:\WINDOWS\Tenor.ini
[2009/04/24 10:07:56 | 000,009,340 | ---- | C] () -- C:\Dokumente und Einstellungen\Julian Becker\Anwendungsdaten\Kommagetrennte Werte (DOS).EML
[2009/04/03 01:39:23 | 000,020,369 | ---- | C] () -- C:\WINDOWS\hpoins01.dat
[2009/04/03 01:39:23 | 000,016,622 | ---- | C] () -- C:\WINDOWS\hpomdl01.dat
[2009/03/08 10:06:57 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2009/01/13 04:29:00 | 000,197,408 | ---- | C] () -- C:\WINDOWS\System32\vpnapi.dll
[2009/01/13 04:28:44 | 000,193,312 | ---- | C] () -- C:\WINDOWS\System32\CSGina.dll
[2008/12/09 14:26:50 | 000,038,471 | ---- | C] () -- C:\Dokumente und Einstellungen\Julian Becker\Anwendungsdaten\Microsoft Excel.ADR
[2007/11/30 08:13:37 | 000,000,082 | ---- | C] () -- C:\WINDOWS\mafosav.INI
[2007/07/06 11:24:08 | 000,050,127 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2007/06/10 10:35:58 | 000,000,196 | ---- | C] () -- C:\WINDOWS\System32\af15irtbl.bin
[2007/06/08 09:18:17 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2007/04/16 13:01:19 | 000,001,125 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2007/02/06 10:42:40 | 001,691,808 | ---- | C] () -- C:\WINDOWS\System32\drivers\Lvckap.sys
[2006/12/16 11:33:14 | 001,642,610 | ---- | C] () -- C:\Programme\SchnapperPlus_install.exe
[2006/12/04 07:53:00 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006/12/04 07:49:52 | 000,033,280 | ---- | C] () -- C:\Dokumente und Einstellungen\Julian Becker\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/11/16 11:20:35 | 006,508,544 | ---- | C] () -- C:\Programme\icq5_1.exe
[2006/10/26 08:04:07 | 000,000,305 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\addr_file.html
[2006/10/23 13:47:53 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\adistres.dll
[2006/10/23 13:36:14 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/10/23 13:18:18 | 000,001,890 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2006/10/23 02:49:10 | 000,000,146 | ---- | C] () -- C:\Dokumente und Einstellungen\Julian Becker\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2006/10/17 16:02:46 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/10/17 15:59:17 | 000,000,855 | ---- | C] () -- C:\WINDOWS\{0240BDFB-2995-4A3F-8C96-18D41282B716}_WiseFW.ini
[2006/10/17 15:57:05 | 000,712,704 | ---- | C] () -- C:\WINDOWS\System32\DellSystemRestore.dll
[2006/10/17 15:49:46 | 000,000,984 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/10/17 15:45:32 | 000,000,004 | -H-- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\QSLLPSVCShare
[2006/10/17 15:28:23 | 000,083,429 | ---- | C] () -- C:\WINDOWS\System32\nvModes.dat
[2006/10/17 15:19:38 | 000,049,152 | ---- | C] () -- C:\WINDOWS\setpwrcg.exe
[2006/10/17 15:19:20 | 000,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll
[2006/10/17 15:19:16 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006/10/17 15:19:16 | 001,519,616 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2006/10/17 15:19:16 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006/10/17 15:19:16 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006/10/17 15:19:14 | 001,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006/10/17 15:19:14 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2006/10/17 15:19:12 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2006/10/17 15:19:12 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2006/10/17 15:19:12 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2006/10/17 15:19:08 | 000,000,484 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2006/05/24 11:16:22 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll
[2005/04/09 11:04:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/09/16 11:02:15 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\CPUINFO2.DLL
[2004/08/18 07:26:49 | 000,000,849 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/18 07:22:05 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/08/18 07:16:54 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/18 07:15:48 | 000,003,776 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/18 07:12:14 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/18 07:11:35 | 000,330,688 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/08/18 07:05:50 | 000,464,856 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat
[2004/08/18 07:05:50 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat
[2004/08/18 07:05:50 | 000,087,060 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat
[2004/08/18 07:05:50 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat
[2004/08/18 07:05:37 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/18 07:05:35 | 000,446,152 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/18 07:05:35 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/18 07:05:35 | 000,073,358 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/18 07:05:35 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/18 07:05:33 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/18 07:05:33 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/18 07:05:31 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/08/18 07:05:25 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/18 07:05:25 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/18 07:05:18 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/18 07:05:07 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2003/03/08 23:31:04 | 000,561,152 | ---- | C] () -- C:\WINDOWS\System32\hpotscl.dll
[2001/11/14 06:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
[1996/04/03 14:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys
========== LOP Check ==========
[2013/08/05 14:13:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\Opera
[2012/03/11 09:36:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Julian Becker\Anwendungsdaten\Duden
[2013/01/01 08:58:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Julian Becker\Anwendungsdaten\DVDVideoSoft
[2011/09/04 07:42:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Julian Becker\Anwendungsdaten\DVDVideoSoftIEHelpers
[2011/09/26 06:18:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Julian Becker\Anwendungsdaten\ICQ
[2008/01/28 07:17:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Julian Becker\Anwendungsdaten\ICQ Toolbar
[2006/11/16 13:55:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Julian Becker\Anwendungsdaten\ICQLite
[2006/10/23 13:43:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Julian Becker\Anwendungsdaten\InterTrust
[2006/10/23 13:00:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Julian Becker\Anwendungsdaten\Leadertech
[2011/05/23 11:41:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Julian Becker\Anwendungsdaten\Opera
[2011/10/28 03:06:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Julian Becker\Anwendungsdaten\Swiss Academic Software
[2006/10/23 14:00:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Julian Becker\Anwendungsdaten\TuneUp Software
[2010/06/30 01:59:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Julian Becker\Anwendungsdaten\TVcentral-Core
[2006/10/29 10:24:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Julian Becker\Anwendungsdaten\WebCompiler3
[2012/12/28 09:01:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AAV
[2006/11/25 11:20:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Acronis
[2013/08/05 13:38:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\APN
[2013/08/05 13:39:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AskPartnerNetwork
[2011/09/22 05:13:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Birdstep Technology
[2012/03/11 09:35:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Duden
[2011/10/20 14:56:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Gibraltar
[2009/07/01 03:13:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ICQ
[2009/03/16 14:06:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MSScanAppDataDir
[2010/08/23 14:09:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PlotSoft
[2011/09/15 09:36:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Swiss Academic Software
[2011/09/05 11:20:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\tmp
[2006/10/23 14:09:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software
[2010/04/15 03:57:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/02/03 14:23:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2013/09/13 10:28:17 | 000,000,412 | ---- | M] () -- C:\WINDOWS\Tasks\1-Klick-Wartung.job
[2013/11/24 13:39:21 | 000,000,612 | ---- | M] () -- C:\WINDOWS\Tasks\Check for updates (Spybot - Search & Destroy).job
[2009/07/10 08:43:11 | 000,000,362 | ---- | M] () -- C:\WINDOWS\Tasks\FRU Task #Hewlett-Packard#hp officejet 6100 series#1238766126.job
[2013/09/06 01:46:00 | 000,000,398 | ---- | M] () -- C:\WINDOWS\Tasks\FRU Task #Hewlett-Packard#hp psc 2100 series#1238741129.job
[2013/03/29 10:54:12 | 000,000,608 | ---- | M] () -- C:\WINDOWS\Tasks\Refresh immunization (Spybot - Search & Destroy).job
[2013/03/29 10:54:12 | 000,000,438 | ---- | M] () -- C:\WINDOWS\Tasks\Scan the system (Spybot - Search & Destroy).job
========== Purity Check ==========
========== Files - Unicode (All) ==========
[2013/11/12 11:51:50 | 103,967,092 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\裻䄷囤7
[2013/11/12 11:51:50 | 103,967,092 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\裻䄷囤7
< End of report >
|
| Themen zu Windows XP: GUV Trojaner - abgesicherter Modus startet nicht |
| abgesicherten, abgesicherten modus, abgesicherter, abgesicherter modus, abgesicherter modus geht nicht, avira searchfree toolbar, becker, beiträge, bisherigen, durchgeführt, geht nicht, guv trojaner, gvu trojaner, gvu-trojaner, modus, officejet, otlpe, plug-in, poste, refresh, scan, sofort, starte, starten., startet, startet nicht, troja, trojaner, windows, windows xp |
Baum-Darstellung