Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Mülltonne (https://www.trojaner-board.de/muelltonne/)
-   -   doppelt (https://www.trojaner-board.de/102175-doppelt.html)

yeezy51 07.08.2011 22:10
doppelt
 
Habe mir den Trojaner eingefangen, ich konnte jedoch in ein paar anderen Themen lesen, was ich halbwegs dagegen machen konnte.
Hier erstmal die OTL.txt Datei.

Bitte um weiter Hilfe
Danke!OTL Logfile:
Code:
OTL logfile created on: 8/6/2011 4:14:57 PM - Run
OTLPE by OldTimer - Version 3.1.48.0    Folder = X:\Programs\OTLPE
Windows Vista (TM) Home Premium Service Pack 1 (Version = 6.0.6001) - Type = System
Internet Explorer (Version = 8.0.6001.19088)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 91.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 43.95 Gb Total Space | 1.91 Gb Free Space | 4.34% Space Free | Partition Type: NTFS
Drive E: | 181.13 Gb Total Space | 162.17 Gb Free Space | 89.54% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
 
========== Win32 Services (SafeList) ==========
 
SRV - [2011/02/16 10:58:52 | 000,040,960 | ---- | M] () [Auto] -- C:\Users\mähschaf\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe -- (SearchAnonymizer)
SRV - [2010/03/28 11:47:30 | 000,246,520 | ---- | M] () [Auto] -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2009/07/21 08:34:28 | 000,185,089 | ---- | M] (Avira GmbH) [Auto] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009/05/13 10:48:18 | 000,108,289 | ---- | M] (Avira GmbH) [Auto] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2008/02/22 02:45:40 | 000,159,744 | ---- | M] () [Auto] -- C:\Program Files\System Control Manager\MSIService.exe -- (Micro Star SCM)
SRV - [2008/01/20 22:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand] --  -- (Tosrfusb)
DRV - File not found [Kernel | On_Demand] --  -- (TosRfSnd)
DRV - File not found [Kernel | On_Demand] --  -- (tosrfnds)
DRV - File not found [Kernel | On_Demand] --  -- (Tosrfhid)
DRV - File not found [Kernel | On_Demand] --  -- (Tosrfcom)
DRV - File not found [Kernel | On_Demand] --  -- (tosrfbnp)
DRV - File not found [Kernel | On_Demand] --  -- (tosrfbd)
DRV - File not found [Kernel | On_Demand] --  -- (tosporte)
DRV - File not found [Kernel | On_Demand] --  -- (SymIMMP)
DRV - File not found [Kernel | On_Demand] --  -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand] --  -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand] --  -- (IpInIp)
DRV - File not found [Kernel | On_Demand] --  -- (EverestDriver)
DRV - [2009/12/08 15:35:03 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009/05/11 04:12:20 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/03/30 04:33:03 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2009/02/13 06:35:01 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008/04/28 10:29:26 | 003,658,752 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel(R)
DRV - [2008/04/01 18:59:22 | 000,285,184 | ---- | M] (Realtek Semiconductor Corporation                          ) [Kernel | On_Demand] -- C:\Windows\System32\drivers\RTL8187Se.sys -- (RTL8187Se)
DRV - [2008/04/01 05:40:22 | 001,333,152 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\athw.sys -- (AR5416)
DRV - [2008/03/26 17:48:10 | 000,766,464 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008/01/25 04:46:40 | 000,106,496 | ---- | M] (Realtek Corporation                                            ) [Kernel | On_Demand] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2007/03/19 10:00:14 | 000,031,616 | ---- | M] () [Kernel | On_Demand] -- C:\Windows\System32\drivers\RLVrtAuCbl.sys -- (ReallusionVirtualAudio)
DRV - [2007/01/17 02:38:52 | 000,983,936 | ---- | M] (Motorola Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)
DRV - [2006/11/28 18:11:00 | 001,161,888 | ---- | M] (Agere Systems) [Kernel | On_Demand] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.msi.com.tw
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com
IE - HKLM\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\1102061721\ICQToolBar.dll (ICQ)
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
IE - HKU\mähschaf_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.msi.com.tw
IE - HKU\mähschaf_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\mähschaf_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.facebook.com/
IE - HKU\mähschaf_ON_C\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKU\mähschaf_ON_C\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\1102061721\ICQToolBar.dll (ICQ)
IE - HKU\mähschaf_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\mähschaf_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 
 
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: 
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
 
 
 
O1 HOSTS File: ([2006/09/18 17:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O1 - Hosts: ::1            localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (PriceGongBHO Class) - {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files\PriceGong\2.1.0\PriceGongIE.dll (PriceGong)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\1102061721\ICQToolBar.dll (ICQ)
O3 - HKU\mähschaf_ON_C\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKU\mähschaf_ON_C\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [MGSysCtrl] C:\Program Files\System Control Manager\MGSysCtrl.exe (Mirco-Star International  CO., LTD.)
O4 - HKLM..\Run: [Ocs_SM] C:\Users\mähschaf\AppData\Roaming\OCS\SM\SearchAnonymizer.exe (OCS)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\LocalService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\mähschaf_ON_C..\Run: [avupdate] C:\Users\mähschaf\AppData\Roaming\jashla.exe (Sheila Marcus Labrador Calvary Damon Gregor)
O4 - HKU\mähschaf_ON_C..\Run: [EA Core]  File not found
O4 - HKU\mähschaf_ON_C..\Run: [ICQ] C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O4 - HKU\mähschaf_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\NetworkService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - Startup: Error locating startup folders.
O7 - HKU\mähschaf_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} -  File not found
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} -  File not found
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -  File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Reg Error: Key error.)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011/08/04 16:58:28 | 000,155,136 | ---- | C] (Sheila Marcus Labrador Calvary Damon Gregor) -- C:\Users\mähschaf\AppData\Roaming\jashla.exe
[2011/07/13 13:39:01 | 002,042,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011/07/13 13:38:54 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2011/07/13 13:38:54 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2010/08/25 13:59:08 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011/08/06 09:02:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/08/05 16:22:05 | 000,039,424 | ---- | M] () -- C:\Users\mähschaf\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/08/05 15:51:45 | 000,000,428 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{A01D3B86-3B44-4E69-B22D-114DAF4DD7A0}.job
[2011/08/05 15:50:33 | 000,007,052 | ---- | M] () -- C:\Users\mähschaf\AppData\Local\d3d9caps.dat
[2011/08/05 15:49:56 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/08/05 15:49:55 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/08/05 15:49:55 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/08/04 16:58:28 | 000,155,136 | ---- | M] (Sheila Marcus Labrador Calvary Damon Gregor) -- C:\Users\mähschaf\AppData\Roaming\jashla.exe
[2011/08/04 16:25:01 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/07/14 11:12:25 | 000,305,680 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/07/09 09:49:58 | 000,628,730 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011/07/09 09:49:58 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/07/09 09:49:58 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/07/09 09:49:57 | 000,126,454 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2010/12/29 13:17:46 | 000,000,740 | ---- | C] () -- C:\Program Files\PhotoScape.lnk
[2010/10/23 19:18:09 | 000,007,680 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2010/10/12 16:05:23 | 000,007,052 | ---- | C] () -- C:\Users\mähschaf\AppData\Local\d3d9caps.dat
[2010/08/25 14:30:02 | 000,439,308 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin
[2010/08/25 14:30:00 | 000,982,240 | ---- | C] () -- C:\Windows\System32\igkrng500.bin
[2010/08/25 14:30:00 | 000,092,356 | ---- | C] () -- C:\Windows\System32\igfcg500m.bin
[2010/08/25 13:57:00 | 000,000,151 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config
[2010/08/25 13:52:00 | 000,208,896 | ---- | C] () -- C:\Windows\System32\iglhsip32.dll
[2010/08/25 13:52:00 | 000,143,360 | ---- | C] () -- C:\Windows\System32\iglhcp32.dll
[2010/08/05 12:27:13 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE
[2010/07/03 14:12:49 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/08/22 07:13:38 | 000,039,424 | ---- | C] () -- C:\Users\mähschaf\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/08/18 17:33:35 | 000,031,616 | ---- | C] () -- C:\Windows\System32\drivers\RLVrtAuCbl.sys
[2008/09/27 17:02:29 | 000,000,000 | ---- | C] () -- C:\Windows\tosOBEX.INI
[2008/09/27 15:00:23 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2008/09/27 15:00:23 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/09/27 14:20:10 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1489.dll
[2008/09/27 14:20:10 | 000,146,596 | ---- | C] () -- C:\Windows\System32\igfcg550.bin
[2008/06/19 22:27:34 | 000,628,730 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008/06/19 22:27:34 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008/06/19 22:27:34 | 000,126,454 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008/06/19 22:27:34 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2006/11/02 08:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 08:47:37 | 000,305,680 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 08:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 06:33:01 | 000,595,996 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 06:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 06:33:01 | 000,104,070 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 06:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 06:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 04:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 04:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 03:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
 
========== LOP Check ==========
 
[2010/09/25 06:46:54 | 000,000,000 | ---D | M] -- C:\Users\mähschaf\AppData\Roaming\DVDVideoSoftIEHelpers
[2011/01/08 14:58:26 | 000,000,000 | ---D | M] -- C:\Users\mähschaf\AppData\Roaming\gtk-2.0
[2011/08/03 10:51:11 | 000,000,000 | ---D | M] -- C:\Users\mähschaf\AppData\Roaming\ICQ
[2011/01/01 18:23:54 | 000,000,000 | ---D | M] -- C:\Users\mähschaf\AppData\Roaming\ICQ-Tools.de
[2010/01/24 18:31:27 | 000,000,000 | ---D | M] -- C:\Users\mähschaf\AppData\Roaming\IMVUClient
[2011/01/01 18:14:48 | 000,000,000 | ---D | M] -- C:\Users\mähschaf\AppData\Roaming\OCS
[2011/01/01 18:15:03 | 000,000,000 | ---D | M] -- C:\Users\mähschaf\AppData\Roaming\Opera
[2010/09/01 13:27:06 | 000,000,000 | ---D | M] -- C:\Users\mähschaf\AppData\Roaming\PhotoScape
[2010/11/05 09:59:49 | 000,000,000 | ---D | M] -- C:\Users\mähschaf\AppData\Roaming\TeamViewer
[2010/01/06 09:11:43 | 000,000,000 | ---D | M] -- C:\Users\mähschaf\AppData\Roaming\Ulead Systems
[2010/01/24 18:17:06 | 000,000,000 | ---D | M] -- C:\Users\mähschaf\AppData\Roaming\Vivox
[2006/11/02 09:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data
[2006/11/02 09:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop
[2006/11/02 09:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents
[2010/08/02 11:05:29 | 000,000,000 | ---D | M] -- C:\ProgramData\Electronic Arts
[2011/03/31 15:13:53 | 000,000,000 | ---D | M] -- C:\ProgramData\eSellerate
[2006/11/02 09:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites
[2011/02/06 12:21:33 | 000,000,000 | ---D | M] -- C:\ProgramData\ICQ
[2010/10/23 18:59:04 | 000,000,000 | ---D | M] -- C:\ProgramData\Pinnacle
[2011/04/16 16:12:47 | 000,000,000 | ---D | M] -- C:\ProgramData\SmartSound Software Inc
[2006/11/02 09:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu
[2011/03/31 15:04:53 | 000,000,000 | ---D | M] -- C:\ProgramData\Temp
[2006/11/02 09:02:04 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates
[2010/01/06 09:15:03 | 000,000,000 | ---D | M] -- C:\ProgramData\Ulead Systems
[2009/09/20 06:42:16 | 000,000,000 | ---D | M] -- C:\ProgramData\Zylom
[2010/06/13 10:31:16 | 000,000,000 | ---D | M] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/12/24 17:35:48 | 000,000,000 | ---D | M] -- C:\ProgramData\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2011/08/04 13:58:31 | 000,032,534 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011/08/05 15:51:45 | 000,000,428 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{A01D3B86-3B44-4E69-B22D-114DAF4DD7A0}.job
 
========== Purity Check ==========
 
 
< End of report >
--- --- ---

cosinus 09.08.2011 14:13
DOPPELT!!

http://www.trojaner-board.de/102094-...-trojaner.html


Alle Zeitangaben in WEZ +1. Es ist jetzt 13:03 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131