Passwortbedrohung bei GVU Trojaner

Dieses Thema im Forum "Viren, Würmer, Spyware" wurde erstellt von 200sxfan, 28.12.2012.

  1. #1 200sxfan, 28.12.2012
    200sxfan

    200sxfan Neuer Benutzer

    Dabei seit:
    28.12.2012
    Beiträge:
    3
    Zustimmungen:
    0
    Hallo alle miteinander. Ich bin neu hier und werde mich noch Vorstellen. Zuvor aber erstmal eine für mich wichtige Frage.
    Gestern Abend habe ich mir diesen GVU Trojaner eingefangen. Der mit dem Videokammereabild,der den Computer sperrt. Ich konnte im Abgesicherten Modus eine Systemwiederherstellung auf 2 Wochen vorher machen und jetzt läuft meine Rechner wieder normal.
    Jetzt ist meine Frage: Muss ich meine Daten jetzt Sichern und mein Windows 7 trotzdem komplett neu aufsetzen oder gibt es ein Programm was ich drüberlaufen lassen kann und dann ist wieder gut?
    Ich habe eben Angst das der Trojaner meine Passwörter ausspioniert oder sonst noch Schaden anrichten kann? Oder ist mit sowas nicht zu Rechnen? Denn auch wenn der Rechner auf 2 Wochen vorher eingerichtet wurde ist ja der Trojaner sicher noch auf meinem System oder? Ich habe schon mit Spybot, Highjack This die Logfileauswertung gemacht und mit Malwarebytes gescannt. Er findet nichts.
    Danke für eure Hilfe.
     
  2. AdMan

    schau mal hier: Windows-Wartungs-Tool. Viele Probleme lassen sich damit einfach beheben. Oftmals ist der PC dann auch schneller!
    Registrieren bzw. einloggen, um diese und auch andere Anzeigen zu deaktivieren.
  3. #2 xandros, 28.12.2012
    xandros

    xandros IT Consultant, Cisco Registered Partner
    Moderator

    Dabei seit:
    05.07.2007
    Beiträge:
    25.885
    Zustimmungen:
    91
    Ort:
    Umkreis Duisburg, neben Mannheim, hinter Hamburg
    Ist davon auszugehen. Heutige digitale Schaedlinge setzen sich auch in den Wiederherstellungspunkten fest.

    Spybot kannst du dir mittlerweile schenken. Das Programm war mal sehr gut, hat allerdings ziemlich an Erkennungsleistung verloren.
    Malwarebytes und RSIT hingegen (die Logfiles) koennten einen besseren Einblick in die auf deinem System laufenden Prozesse gewaehren. (Bitte auch anhaengen, wenn Malwarebytes nichts gefunden hat.)
     
  4. #3 stockcarpilot, 28.12.2012
    stockcarpilot

    stockcarpilot
    Moderator

    Dabei seit:
    20.06.2008
    Beiträge:
    4.123
    Zustimmungen:
    6
    Ort:
    NRW
    Wenn du mal im Netz nach diesem Trojaner googelst, dann ist er ein sehr hartnäckiger Bursche, der tief im System sitzt. Lies dir das mal durch:

    GVU Trojaner: Webcam-Erpresser entfernen - News - CHIP Online

    Auch in mehreren anderen Foren wird dieser Trojaner behandelt. Ich persönlich würde Daten sichern und den PC neu aufsetzen. In diesem Artikel wird auch beschrieben, wie er auf das System kommt. Also ist hier das System aktuell zu halten, der wichtigste Schritt.

    edit: War mal wieder so langsam, das ich Xandros Post nicht gelesen habe. Würde aber bei diesem Trojaner kurzen Prozess machen und neu installieren.
     
  5. #4 200sxfan, 28.12.2012
    200sxfan

    200sxfan Neuer Benutzer

    Dabei seit:
    28.12.2012
    Beiträge:
    3
    Zustimmungen:
    0
    Also hier mal das RSIt Logfile

    Logfile of random's system information tool 1.09 (written by random/random)
    Run by Thomas at 2012-12-28 16:50:08
    Microsoft Windows 7 Home Premium Service Pack 1
    System drive C: has 364 GB (76%) free of 477 GB
    Total RAM: 3326 MB (53% free)

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 16:50:13, on 28.12.2012
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v9.00 (9.00.8112.16457)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\Steam\Steam.exe
    C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
    C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
    C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
    C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
    C:\Windows\SysWOW64\RunDll32.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
    C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_135.exe
    C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_135.exe
    C:\Users\Thomas\Downloads\RSIT.exe
    C:\Program Files (x86)\trend micro\Thomas.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Dell Official Site - The Power To Do More | Dell
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=userinit.exe,
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
    O4 - HKLM\..\Run: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
    O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
    O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
    O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
    O4 - HKCU\..\Run: [EPSON SX110 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFBE.EXE /FU "C:\Users\Thomas\AppData\Local\Temp\E_S5BA6.tmp" /EF "HKCU"
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [Spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST')
    O4 - Global Startup: Bluetooth.lnk = ?
    O4 - Global Startup: Secunia PSI Tray.lnk = C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
    O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
    O23 - Service: Avira Planer (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
    O23 - Service: Avira Echtzeit Scanner (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: EPSON V5 Service4(01) (EPSON_EB_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
    O23 - Service: EPSON V5 Service4(04) (EPSON_EB_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
    O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
    O23 - Service: EPSON V3 Service4(04) (EPSON_PM_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
    O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
    O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
    O23 - Service: SearchAnonymizer - Unknown owner - C:\Users\Thomas\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe
    O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe
    O23 - Service: Secunia Update Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\sua.exe
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: Spyware Terminator 2012 Realtime Shield Service (ST2012_Svc) - Crawler.com - C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
    O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
    O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    --
    End of file - 10391 bytes

    ======Scheduled tasks folder======

    C:\Windows\tasks\Adobe Flash Player Updater.job

    =========Mozilla firefox=========

    ProfilePath - C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\v5nj3e41.default

    prefs.js - "browser.search.useDBForOrder" - true
    prefs.js - "browser.startup.homepage" - "https://mail.google.com/mail/u/0/?hl=de&shva=1#inbox"
    prefs.js - "keyword.URL" - "http://go.web.de/tb/mff_keyurl_search/?su="

    [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
    "Description"=Adobe® Flash® Player 11.5.502.135 Plugin
    "Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.9.2]
    "Description"=Java™ Deployment Toolkit
    "Path"=C:\Windows\SysWOW64\npDeployJava1.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2]
    "Description"=Oracle® Next Generation Java™ Plug-In
    "Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
    "Description"=Ag Player Plugin
    "Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.4]
    "Description"=VLC Multimedia Plugin
    "Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
    "Description"=Handles PDFs in-place in Firefox
    "Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

    C:\Program Files (x86)\Mozilla Firefox\extensions\
    {972ce4c6-7e08-4474-a285-3208198ce6fd}

    C:\Program Files (x86)\Mozilla Firefox\components\
    binary.manifest
    browsercomps.dll

    C:\Program Files (x86)\Mozilla Firefox\searchplugins\
    amazondotcom-de.xml
    bing.xml
    eBay-de.xml
    google.xml
    leo_ende_de.xml
    wikipedia-de.xml
    yahoo-de.xml

    C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\v5nj3e41.default\extensions\
    software@loadtubes.com
    {b9db16a4-6edc-47ec-a1f4-b86292ed211d}

    C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\v5nj3e41.default\searchplugins\
    11-suche.xml
    englische-ergebnisse.xml
    gmx-suche.xml
    lastminute.xml
    webde-suche.xml

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
    Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
    Spybot-S&D IE Protection - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll [2012-11-13 3214392]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-10-31 449512]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-10-31 155384]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2012-07-18 348664]
    "StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-07-04 641704]
    "AMD AVT"=Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe aml []
    "EEventManager"=C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [2010-10-12 979328]
    "SDTray"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [2012-11-13 3825176]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "Steam"=C:\Program Files (x86)\Steam\Steam.exe [2012-12-03 1354736]
    "TomTomHOME.exe"=C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [2012-08-28 247768]
    "EPSON SX110 Series"=C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFBE.EXE [2008-09-27 223232]
    "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
    "Spybot-S&D Cleaning"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [2012-11-13 3713032]

    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
    Bluetooth.lnk - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe
    Secunia PSI Tray.lnk - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon]
    SDWinLogon.dll []

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
    "notification packages"=scecli
    C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
    "SecurityProviders"=credssp.dll

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "ConsentPromptBehaviorAdmin"=5
    "ConsentPromptBehaviorUser"=3
    "EnableUIADesktopToggle"=0
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoActiveDesktop"=1
    "NoActiveDesktopChanges"=1
    "ForceActiveDesktopOn"=0

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon"
    "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
    "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
    "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
    "vidc.mrle"=msrle32.dll
    "vidc.msvc"=msvidc32.dll
    "msacm.imaadpcm"=imaadp32.acm
    "msacm.msg711"=msg711.acm
    "msacm.msgsm610"=msgsm32.acm
    "msacm.msadpcm"=msadp32.acm
    "midimapper"=midimap.dll
    "wavemapper"=msacm32.drv
    "vidc.uyvy"=msyuv.dll
    "vidc.yuy2"=msyuv.dll
    "vidc.yvyu"=msyuv.dll
    "vidc.iyuv"=iyuv_32.dll
    "vidc.i420"=iyuv_32.dll
    "vidc.yvu9"=tsbyuv.dll
    "msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
    "vidc.cvid"=iccvid.dll
    "wave1"=wdmaud.drv
    "midi1"=wdmaud.drv
    "mixer1"=wdmaud.drv
    "aux1"=wdmaud.drv
    "wave2"=wdmaud.drv
    "midi2"=wdmaud.drv
    "mixer2"=wdmaud.drv
    "aux2"=wdmaud.drv
    "wave3"=wdmaud.drv
    "midi3"=wdmaud.drv
    "mixer3"=wdmaud.drv
    "wave"=wdmaud.drv
    "midi"=wdmaud.drv
    "mixer"=wdmaud.drv
    "aux"=wdmaud.drv
     
  6. #5 200sxfan, 28.12.2012
    200sxfan

    200sxfan Neuer Benutzer

    Dabei seit:
    28.12.2012
    Beiträge:
    3
    Zustimmungen:
    0
    Und da der Rest davon, war wohl zu groß für eine Antwort.

    ======File associations======

    .js - edit - C:\Windows\System32\Notepad.exe %1
    .js - open - C:\Windows\System32\WScript.exe "%1" %*

    ======List of files/folders created in the last 1 month======

    2012-12-28 16:50:08 ----D---- C:\rsit
    2012-12-28 16:50:08 ----D---- C:\Program Files (x86)\trend micro
    2012-12-28 16:31:06 ----D---- C:\Users\Thomas\AppData\Roaming\Malwarebytes
    2012-12-28 16:30:53 ----D---- C:\ProgramData\Malwarebytes
    2012-12-28 16:30:52 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2012-12-27 22:04:55 ----D---- C:\ProgramData\Spybot - Search & Destroy
    2012-12-27 22:04:41 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy 2
    2012-12-27 21:35:27 ----D---- C:\ProgramData\HitmanPro
    2012-12-26 23:51:28 ----A---- C:\Windows\SysWOW64\atmlib.dll
    2012-12-26 23:51:26 ----A---- C:\Windows\SysWOW64\atmfd.dll
    2012-12-13 01:51:26 ----A---- C:\Windows\SysWOW64\vbscript.dll
    2012-12-13 01:51:26 ----A---- C:\Windows\SysWOW64\url.dll
    2012-12-13 01:51:26 ----A---- C:\Windows\SysWOW64\mshtmled.dll
    2012-12-13 01:51:26 ----A---- C:\Windows\SysWOW64\ieUnatt.exe
    2012-12-13 01:51:26 ----A---- C:\Windows\SysWOW64\ieui.dll
    2012-12-13 01:51:25 ----A---- C:\Windows\SysWOW64\urlmon.dll
    2012-12-13 01:51:25 ----A---- C:\Windows\SysWOW64\msfeeds.dll
    2012-12-13 01:51:24 ----A---- C:\Windows\SysWOW64\wininet.dll
    2012-12-13 01:51:24 ----A---- C:\Windows\SysWOW64\jscript9.dll
    2012-12-13 01:51:24 ----A---- C:\Windows\SysWOW64\jscript.dll
    2012-12-13 01:51:23 ----A---- C:\Windows\SysWOW64\jsproxy.dll
    2012-12-13 01:51:23 ----A---- C:\Windows\SysWOW64\iertutil.dll
    2012-12-13 01:51:21 ----A---- C:\Windows\SysWOW64\mshtml.dll
    2012-12-13 01:51:19 ----A---- C:\Windows\SysWOW64\ieframe.dll
    2012-12-13 00:01:23 ----A---- C:\Windows\SysWOW64\tzres.dll
    2012-12-13 00:01:08 ----A---- C:\Windows\SysWOW64\wow32.dll
    2012-12-13 00:01:08 ----A---- C:\Windows\SysWOW64\setup16.exe
    2012-12-13 00:01:08 ----A---- C:\Windows\SysWOW64\ntvdm64.dll
    2012-12-13 00:01:08 ----A---- C:\Windows\SysWOW64\KernelBase.dll
    2012-12-13 00:01:08 ----A---- C:\Windows\SysWOW64\kernel32.dll
    2012-12-13 00:01:07 ----AH---- C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
    2012-12-13 00:01:07 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
    2012-12-13 00:01:07 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
    2012-12-13 00:01:07 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
    2012-12-13 00:01:07 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
    2012-12-13 00:01:07 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
    2012-12-13 00:01:07 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
    2012-12-13 00:01:07 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
    2012-12-13 00:01:07 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
    2012-12-13 00:01:07 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
    2012-12-13 00:01:07 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
    2012-12-13 00:01:07 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
    2012-12-13 00:01:07 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
    2012-12-13 00:01:07 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
    2012-12-13 00:01:07 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
    2012-12-13 00:01:07 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
    2012-12-13 00:01:07 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
    2012-12-13 00:01:07 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
    2012-12-13 00:01:07 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
    2012-12-13 00:01:07 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
    2012-12-13 00:01:07 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
    2012-12-13 00:01:07 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
    2012-12-13 00:01:07 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
    2012-12-13 00:01:07 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
    2012-12-13 00:01:07 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
    2012-12-13 00:01:07 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
    2012-12-13 00:01:07 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
    2012-12-13 00:01:07 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
    2012-12-13 00:01:07 ----A---- C:\Windows\SysWOW64\user.exe
    2012-12-13 00:01:07 ----A---- C:\Windows\SysWOW64\instnm.exe
    2012-12-13 00:00:54 ----A---- C:\Windows\SysWOW64\dpnet.dll
    2012-12-07 15:23:18 ----D---- C:\Program Files (x86)\Mozilla Firefox

    ======List of files/folders modified in the last 1 month======

    2012-12-28 16:50:12 ----D---- C:\Windows\Temp
    2012-12-28 16:50:08 ----RD---- C:\Program Files (x86)
    2012-12-28 16:40:14 ----D---- C:\Program Files (x86)\Steam
    2012-12-28 16:37:27 ----D---- C:\Windows
    2012-12-28 16:35:47 ----HD---- C:\ProgramData
    2012-12-28 01:00:55 ----D---- C:\Users\Thomas\AppData\Roaming\vlc
    2012-12-27 22:05:05 ----D---- C:\Windows\Prefetch
    2012-12-27 22:04:52 ----SD---- C:\ProgramData\Microsoft
    2012-12-27 22:04:45 ----D---- C:\Windows\System32
    2012-12-27 21:36:33 ----RD---- C:\Program Files
    2012-12-27 21:28:28 ----D---- C:\Program Files (x86)\Common Files\Steam
    2012-12-27 21:28:00 ----D---- C:\Windows\winsxs
    2012-12-27 21:27:22 ----D---- C:\Windows\SysWOW64
    2012-12-26 23:51:25 ----SHD---- C:\System Volume Information
    2012-12-26 23:42:04 ----D---- C:\Windows\Tasks
    2012-12-26 23:42:03 ----D---- C:\Windows\inf
    2012-12-26 23:42:03 ----D---- C:\Windows\AppCompat
    2012-12-26 23:42:02 ----D---- C:\Program Files (x86)\Common Files
    2012-12-26 23:42:00 ----D---- C:\Windows\registration
    2012-12-26 23:41:47 ----D---- C:\Program Files (x86)\JDownloader
    2012-12-13 21:37:26 ----D---- C:\Windows\rescache
    2012-12-13 16:02:04 ----D---- C:\Windows\SysWOW64\de-DE
    2012-12-13 16:02:02 ----D---- C:\Windows\SysWOW64\migration
    2012-12-13 16:02:02 ----D---- C:\Windows\AppPatch
    2012-12-13 16:02:02 ----D---- C:\Program Files (x86)\Internet Explorer
    2012-12-13 01:52:55 ----D---- C:\Windows\debug
    2012-12-13 01:51:17 ----SHD---- C:\Windows\Installer
    2012-12-12 00:42:20 ----A---- C:\Windows\SysWOW64\FlashPlayerApp.exe
    2012-12-08 16:06:23 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
    2012-12-03 01:13:51 ----SHD---- C:\$Recycle.Bin

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
    R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys []
    R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys []
    R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys []
    R2 irda;IrDA-Protokoll; C:\Windows\system32\DRIVERS\irda.sys []
    R2 sp_rsdrv2;Spyware Terminator Driver Filter; C:\Windows\system32\DRIVERS\stflt.sys []
    R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys []
    R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys []
    R3 BthEnum;Bluetooth-Anforderungsblocktreiber; C:\Windows\system32\drivers\BthEnum.sys []
    R3 BthPan;Bluetooth-Gerät (PAN); C:\Windows\system32\DRIVERS\bthpan.sys []
    R3 BTHUSB;USB-Treiber für Bluetooth-Funkgerät; C:\Windows\System32\Drivers\BTHUSB.sys []
    R3 btwampfl;btwampfl Bluetooth filter driver; \??\C:\Windows\system32\drivers\btwampfl.sys []
    R3 btwaudio;Bluetooth-Audiogerät; C:\Windows\system32\drivers\btwaudio.sys []
    R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys []
    R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys []
    R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys []
    R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
    R3 irsir;Microsoft Serial Infrared Driver; C:\Windows\system32\DRIVERS\irsir.sys []
    R3 PSI;PSI; C:\Windows\system32\DRIVERS\psi_mf.sys []
    R3 RFCOMM;Bluetooth-Gerät (RFCOMM-Protokoll-TDI); C:\Windows\system32\DRIVERS\rfcomm.sys []
    R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys []
    R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys []
    R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [2011-12-12 11856]
    R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\WmBEnum.sys []
    R3 WmFilter;Logitech Gaming HID Filter Driver; C:\Windows\system32\drivers\WmFilter.sys []
    R3 WmHidLo;Logitech Gaming USB Filter Driver; C:\Windows\system32\drivers\WmHidLo.sys []
    R3 WmVirHid;Logitech Virtual Hid Device Driver; C:\Windows\system32\drivers\WmVirHid.sys []
    R3 WmXlCore;Logitech Translation Layer Driver; C:\Windows\system32\drivers\WmXlCore.sys []
    S3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys []
    S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys []
    S3 BTHPORT;Bluetooth-Porttreiber; C:\Windows\System32\Drivers\BTHport.sys []
    S3 FXDrv32;FXDrv32; \??\D:\FXDrv64.sys []
    S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys []
    S3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver; C:\Windows\system32\DRIVERS\MijXfilt.sys []
    S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\drivers\nusb3hub.sys []
    S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\drivers\nusb3xhc.sys []
    S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys []
    S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys []
    S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys []
    S3 usbscan;USB-Scannertreiber; C:\Windows\system32\DRIVERS\usbscan.sys []
    S3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\Windows\system32\DRIVERS\xusb21.sys []

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-05-14 759048]
    R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
    R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe []
    R2 AntiVirSchedulerService;Avira Planer; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2012-07-18 86224]
    R2 AntiVirService;Avira Echtzeit Scanner; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2012-07-18 110032]
    R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2012-04-01 957216]
    R2 EPSON_EB_RPCV4_01;EPSON V5 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE [2007-12-17 163840]
    R2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04); C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE [2011-01-12 168448]
    R2 EPSON_PM_RPCV4_01;EPSON V3 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE [2007-01-11 126464]
    R2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04); C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [2011-01-12 131072]
    R2 Irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\Windows\system32\svchost.exe [2009-07-14 20992]
    R2 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2012-11-13 1103392]
    R2 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2012-11-13 1369624]
    R2 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2012-11-13 168384]
    R2 SearchAnonymizer;SearchAnonymizer; C:\Users\Thomas\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe [2012-08-19 40960]
    R2 Secunia PSI Agent;Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [2012-07-25 1326176]
    R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [2012-09-07 1148664]
    R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2012-08-28 92632]
    R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2011-12-14 2123584]
    R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2012-12-26 541760]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
    S2 Secunia Update Agent;Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [2012-07-25 681056]
    S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-12 250808]
    S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
    S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-12-07 115168]
    S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
    S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
    S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

    -----------------EOF-----------------
     
Thema: Passwortbedrohung bei GVU Trojaner
Besucher kamen mit folgenden Suchen
  1. hklmsoftwaremicrosoftwindows ntcurrentversionwinlogon otifysdwinlogon

    ,
  2. HKLMSOFTWAREMicrosoftWindows NTCurrentVersionWinLogonNotifySDWinLogon

    ,
  3. hklm software microsoft windows nt currentversion winlogon notify sdwinlogon

    ,
  4. gvu trojaner schaden,
  5. was ist hklmsoftwaremicrosoftwindows ntcurrentversionwinlogon otifysdwinlogon,
  6. kann der bka trojaner meine paßwörter ausspionieren,
  7. gvu trojaner windows 8 registry,
  8. spybot s&d gvu,
  9. @web.de @yahoo.de @gmx.de LTD -fraud-scam,
  10. gvu trojaner c:cmd.exe,
  11. gvu trojaner windows 8,
  12. neue gvu trojaner cmd.exe,
  13. trojaner hkey_current_usersoftwaremicrosoftwindows ntcurrentversionwinlogon] “shell”=”cmd.exe“,
  14. trojaner gvu,
  15. HKLMSOFTWAREMicrosoftWindows NTCurrentVersionWinLogonNotifySDWinLogon7,
  16. gvu trojaner passwörter,
  17. gvu trojaner bedrohung,
  18. hkey_local_machinesoftwaremicrosoftwindows ntcurrentversion gvu trojaner,
  19. gvu virus shell cmd.exe,
  20. gvu trojaner windows 7,
  21. trojaner gvu kann welchen schaden anrichten,
  22. gvu trojaner eingefangen,
  23. msacm.l3acm,
  24. gvu kennwort,
  25. trojaner hklmsoftwaremicrosoftwindows ntcurrentversionwinlogon otifysdwinlogon
Die Seite wird geladen...

Passwortbedrohung bei GVU Trojaner - Ähnliche Themen

  1. Trojaner weg trotz windows.old-Ordner nach Neuinstallation von Windows?

    Trojaner weg trotz windows.old-Ordner nach Neuinstallation von Windows?: Hi, kann ein Trojaner die Neuinstallation von Windows 7 überleben wenn man den Windows.old-Ordner behalten hat? mfg
  2. Spiel Installation - Meldung Trojanisches Pferd

    Spiel Installation - Meldung Trojanisches Pferd: Hallo liebe Community, ich habe mir vor 2 Tagen das Spiel Mafia II von Green Pepper gekauft (neu, 6,99, nicht directors cut). Habe es bereits...
  3. Virus oder Trojaner?

    Virus oder Trojaner?: ich brauche unbedingt hilfe. seit ein paar tagen streikt mein laptop total, sobald er hochgefahren ist öffnen sich fenster. ich wollte daher...
  4. Virus trojaner entfernen

    Virus trojaner entfernen: Hallo Welsches Programm ist gut Für trojaner oder virus zu entferenne? Oder soll ich mit linux die Daten sichern! danke
  5. Virus Drop.Agent Trojaner

    Virus Drop.Agent Trojaner: Hallo! Ich wollte mir aus dem Internet plug-ins runterladen, damit ich flüssiger Nachrichten im Netz schauen kann, da die Filme immer stockten....