Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
'HTML/Infected.WebPage.Gen2

'HTML/Infected.WebPage.Gen2


Log-Analyse und Auswertung: 'HTML/Infected.WebPage.Gen2

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 14.03.2012, 18:58   #1
Lucky80
 
'HTML/Infected.WebPage.Gen2 - Unglücklich

'HTML/Infected.WebPage.Gen2


Hallo,
Keine Ahnung was ich damit anfangen soll, bin Frau und habe wirklich 0 Play von dem was da steht!!
Aber seit dem ich diesen Virus habe, kann nicht mehr auf mein Facebook Konto zurückgreifen!!!
Wer kann mir schreiben wie ich dieses olle Ding wieder los werde????

Gruß
Lucky80

OTL logfile created on: 14.03.2012 18:05:45 - Run 1
OTL by OldTimer - Version 3.2.36.3 Folder = C:\Users\Miststück\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

4,00 Gb Total Physical Memory | 2,67 Gb Available Physical Memory | 66,66% Memory free
7,99 Gb Paging File | 6,50 Gb Available in Paging File | 81,34% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 452,97 Gb Total Space | 408,53 Gb Free Space | 90,19% Space Free | Partition Type: NTFS

Computer Name: MISTSTÜCK-PC | User Name: Miststück | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012.03.13 21:37:44 | 000,594,944 | ---- | M] (OldTimer Tools) -- C:\Users\Miststück\Downloads\OTL.exe
PRC - [2012.01.27 11:57:10 | 000,441,016 | ---- | M] (Sony) -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
PRC - [2012.01.13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.01.13 14:53:18 | 000,460,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012.01.11 09:39:28 | 000,071,680 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
PRC - [2012.01.04 20:20:50 | 001,391,272 | ---- | M] (Ask) -- C:\Program Files (x86)\Ask.com\Updater\Updater.exe
PRC - [2011.12.09 12:40:05 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2011.12.09 12:39:56 | 000,463,824 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
PRC - [2011.12.09 12:39:54 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011.12.09 12:39:54 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.03.28 11:21:16 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2010.08.11 02:06:16 | 000,975,952 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2010.08.11 02:06:16 | 000,321,104 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe
PRC - [2010.08.11 02:06:16 | 000,305,744 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe
PRC - [2010.06.28 23:23:24 | 000,263,936 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe
PRC - [2010.06.28 23:23:06 | 000,255,744 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe
PRC - [2010.01.29 00:27:36 | 000,243,232 | ---- | M] (Acer Group) -- C:\Programme\Packard Bell\Packard Bell Updater\UpdaterService.exe
PRC - [2010.01.08 14:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
PRC - [2008.02.09 10:00:30 | 002,255,360 | ---- | M] (Mirko Böer) -- C:\Program Files (x86)\SSS\SimpleScreenshot.exe


========== Modules (No Company Name) ==========

MOD - [2012.01.20 06:35:35 | 000,411,120 | ---- | M] () -- C:\Users\Miststück\AppData\Local\Google\Chrome\Application\16.0.912.77\ppGoogleNaClPluginChrome.dll
MOD - [2012.01.20 06:35:34 | 003,767,792 | ---- | M] () -- C:\Users\Miststück\AppData\Local\Google\Chrome\Application\16.0.912.77\pdf.dll
MOD - [2012.01.20 06:34:10 | 000,122,880 | ---- | M] () -- C:\Users\Miststück\AppData\Local\Google\Chrome\Application\16.0.912.77\avutil-51.dll
MOD - [2012.01.20 06:34:09 | 000,222,208 | ---- | M] () -- C:\Users\Miststück\AppData\Local\Google\Chrome\Application\16.0.912.77\avformat-53.dll
MOD - [2012.01.20 06:34:07 | 001,746,432 | ---- | M] () -- C:\Users\Miststück\AppData\Local\Google\Chrome\Application\16.0.912.77\avcodec-53.dll
MOD - [2012.01.20 03:14:40 | 008,593,056 | ---- | M] () -- C:\Users\Miststück\AppData\Local\Google\Chrome\Application\16.0.912.77\gcswf32.dll
MOD - [2012.01.20 03:14:40 | 008,593,056 | ---- | M] () -- C:\Users\MISTST~1\AppData\Local\Google\Chrome\APPLIC~1\160912~1.77\gcswf32.dll
MOD - [2012.01.11 09:39:28 | 000,071,680 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
MOD - [2011.11.23 17:38:58 | 000,205,824 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\MExplorer.dll
MOD - [2010.12.13 09:58:50 | 000,047,616 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\TMonitorAPI.dll
MOD - [2010.06.28 23:20:54 | 000,465,576 | ---- | M] () -- C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\sqlite3.dll
MOD - [2009.05.20 23:02:04 | 000,072,200 | ---- | M] () -- C:\Program Files (x86)\Launch Manager\CdDirIo.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010.10.28 20:38:14 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010.09.22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2012.01.18 13:38:28 | 000,155,320 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2012.01.13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011.12.18 16:40:40 | 000,867,080 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011.12.09 12:40:05 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.12.09 12:39:56 | 000,463,824 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService)
SRV - [2011.12.09 12:39:54 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.04.01 11:14:30 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011.03.28 11:21:16 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2010.11.20 13:21:36 | 000,351,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2010.08.11 02:06:16 | 000,321,104 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2010.06.28 23:23:06 | 000,255,744 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2010.06.11 14:27:26 | 000,868,896 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Programme\Packard Bell\Packard Bell Power Management\ePowerSvc.exe -- (ePowerSvc)
SRV - [2010.06.01 23:31:28 | 002,804,568 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
SRV - [2010.04.04 00:01:24 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Packard Bell Games\Packard Bell Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.01.29 00:27:36 | 000,243,232 | ---- | M] (Acer Group) [Auto | Running] -- C:\Programme\Packard Bell\Packard Bell Updater\UpdaterService.exe -- (Updater Service)
SRV - [2010.01.08 14:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe -- (GREGService)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007.12.17 04:00:00 | 000,163,840 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE -- (EPSON_EB_RPCV4_01) EPSON V5 Service4(01)
SRV - [2007.01.11 04:02:00 | 000,126,464 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE -- (EPSON_PM_RPCV4_01) EPSON V3 Service4(01)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012.02.23 07:24:48 | 000,027,176 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggsemc.sys -- (ggsemc)
DRV:64bit: - [2012.02.23 07:24:48 | 000,013,352 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggflt.sys -- (ggflt)
DRV:64bit: - [2012.02.15 14:25:34 | 000,132,320 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2011.12.10 15:24:08 | 000,023,152 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011.12.09 12:40:20 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2011.12.09 12:40:19 | 000,097,312 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2011.05.13 15:37:54 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.10.28 21:11:44 | 007,877,120 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010.10.28 20:03:38 | 000,285,696 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010.09.24 17:46:32 | 000,116,752 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2010.06.17 14:15:36 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie64.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV:64bit: - [2010.06.08 04:36:18 | 000,406,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink (TM)
DRV:64bit: - [2010.05.12 03:11:38 | 002,229,608 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010.04.29 14:43:20 | 000,038,528 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2009.09.18 05:12:06 | 000,292,912 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.20 03:09:57 | 000,054,272 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L1E62x64.sys -- (L1E) NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20)
DRV:64bit: - [2009.06.10 21:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009.06.10 21:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.06 00:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2009.05.06 00:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://packardbell.msn.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://packardbell.msn.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=APBTDF&pc=MAPB&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://packardbell.msn.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bigseekpro.com/hypercam/{E063CE1B-5BB5-4230-B2F3-0D698D0D1AAC}
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=APBTDF&pc=MAPB&src=IE-SearchBox

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://packardbell.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bigseekpro.com/hypercam/{E063CE1B-5BB5-4230-B2F3-0D698D0D1AAC}
IE - HKCU\..\URLSearchHook: {CA3EB689-8F09-4026-AA10-B9534C691CE0} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
IE - HKCU\..\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}: "URL" = hxxp://www.bigseekpro.com/search/browser/hypercam/{E063CE1B-5BB5-4230-B2F3-0D698D0D1AAC}?q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.03.10 16:02:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2011.12.18 18:14:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Miststück\AppData\Roaming\mozilla\Extensions
[2012.03.11 19:05:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Miststück\AppData\Roaming\mozilla\Firefox\Profiles\46eksehq.default\extensions
[2012.02.11 18:27:36 | 000,000,000 | ---D | M] (DealBulldog Toolbar) -- C:\Users\Miststück\AppData\Roaming\mozilla\Firefox\Profiles\46eksehq.default\extensions\{75656794-AB59-4712-BFBC-5D816D56F3BC}
[2012.01.25 18:05:15 | 000,000,000 | ---D | M] (Avira SearchFree Toolbar plus Web Protection) -- C:\Users\Miststück\AppData\Roaming\mozilla\Firefox\Profiles\46eksehq.default\extensions\toolbar@ask.com
[2012.01.22 01:57:01 | 000,000,933 | ---- | M] () -- C:\Users\Miststück\AppData\Roaming\Mozilla\Firefox\Profiles\46eksehq.default\searchplugins\11-suche.xml
[2012.01.22 01:57:01 | 000,002,419 | ---- | M] () -- C:\Users\Miststück\AppData\Roaming\Mozilla\Firefox\Profiles\46eksehq.default\searchplugins\englische-ergebnisse.xml
[2012.01.22 01:57:00 | 000,010,525 | ---- | M] () -- C:\Users\Miststück\AppData\Roaming\Mozilla\Firefox\Profiles\46eksehq.default\searchplugins\gmx-suche.xml
[2012.01.22 01:57:01 | 000,002,457 | ---- | M] () -- C:\Users\Miststück\AppData\Roaming\Mozilla\Firefox\Profiles\46eksehq.default\searchplugins\lastminute.xml
[2012.01.22 01:57:00 | 000,005,508 | ---- | M] () -- C:\Users\Miststück\AppData\Roaming\Mozilla\Firefox\Profiles\46eksehq.default\searchplugins\webde-suche.xml
[2012.03.10 16:02:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
File not found (No name found) -- C:\USERS\MISTSTüCK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\46EKSEHQ.DEFAULT\EXTENSIONS\ICH@MALTEGOETZ.DE.XPI
File not found (No name found) -- C:\USERS\MISTSTüCK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\46EKSEHQ.DEFAULT\EXTENSIONS\INQUIRY@SHARELOVESTORY.COM.XPI
File not found (No name found) -- C:\USERS\MISTSTüCK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\46EKSEHQ.DEFAULT\EXTENSIONS\TOOLBAR@GMX.NET.XPI
[2012.03.10 16:02:08 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.03.10 16:02:05 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.03.10 16:02:05 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.03.10 16:02:05 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.03.10 16:02:05 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.03.10 16:02:05 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.03.10 16:02:05 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{googleriginalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFiel dTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Mistst\u00FCck\AppData\Local\Google\Chrome\Application\16.0.912.77\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Mistst\u00FCck\AppData\Local\Google\Chrome\Application\16.0.912.77\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Mistst\u00FCck\AppData\Local\Google\Chrome\Application\16.0.912.77\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Enabled) = c:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\Miststück\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Users\Miststück\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\
CHR - Extension: Google Mail = C:\Users\Miststück\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
O2:64bit: - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
O2 - BHO: (SMTTB2009 Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\DealBulldog Toolbar\tbcore3.dll ()
O3:64bit: - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (DealBulldog Toolbar) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files (x86)\DealBulldog Toolbar\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (DealBulldog Toolbar) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files (x86)\DealBulldog Toolbar\tbcore3.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Programme\Packard Bell\Packard Bell Power Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)
O4 - HKLM..\Run: [SimpleScreenshot] C:\PROGRA~2\SSS\SIMPLESCREENSHOT.EXE (Mirko Böer)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [EPSON BX300F Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIEJE.EXE /FU "C:\Windows\TEMP\E_SF729.tmp" /EF "HKCU" File not found
O4 - HKCU..\Run: [Sony PC Companion] C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe (Sony)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000015 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D5A50977-E573-4378-9CDA-3D464FAD771B}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012.03.14 14:11:24 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{E0F67BAE-5199-4A65-A3A1-469694927E2B}
[2012.03.14 14:11:10 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{FBB75911-2A32-4407-A69A-07675E1D1C15}
[2012.03.13 19:18:31 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{B4E1A90E-B74F-47F4-B75B-D966206A90B6}
[2012.03.13 19:18:16 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{82D6C2CE-283D-466D-8703-8C8C4C3FC4D7}
[2012.03.13 18:28:42 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Roaming\Malwarebytes
[2012.03.13 18:28:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.03.13 18:28:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.03.13 18:28:35 | 000,023,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.03.13 18:28:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.03.13 07:17:39 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{784F0A28-FC95-434B-BE6E-1751456A4798}
[2012.03.13 07:17:27 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{91590189-32B9-4A7C-8384-1219D640FFC5}
[2012.03.12 12:53:04 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{187A7F48-7034-4628-9CAC-8E1C2F5AD058}
[2012.03.12 12:52:50 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{0B64F9DE-861A-4858-A3CB-DE12640372DF}
[2012.03.12 00:52:17 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{60A21EAC-5033-4782-9508-0BDCEC5D47F8}
[2012.03.12 00:52:06 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{DF7CF19E-7A15-49B3-9CA8-B5143C063B53}
[2012.03.11 12:51:35 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{ADD3B409-CE75-4577-A4DF-09B96D2963B8}
[2012.03.11 12:51:18 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{11653320-357C-420D-8FA5-CC698FDCD76F}
[2012.03.10 13:56:42 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{C285182E-B6A3-4D7F-98B6-494BC09E5F0D}
[2012.03.10 13:56:30 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{25559BD0-3B13-49C2-8CC7-758A71CC33B9}
[2012.03.09 23:39:24 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{6972323F-14B8-4EA2-BF00-BDD44FE2FEC2}
[2012.03.09 23:39:13 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{E5A630A9-A751-4F2C-88FB-5D0B26C94D86}
[2012.03.09 11:39:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
[2012.03.09 11:38:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony
[2012.03.09 11:38:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony
[2012.03.09 11:38:47 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{FBBCB276-9F97-4664-859B-FCE20B6B38F2}
[2012.03.09 11:38:32 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{9A5F37B1-5799-42D1-A9C8-99B24423A702}
[2012.03.08 23:36:33 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{98788972-22CB-4215-B920-DD7598EDC2F7}
[2012.03.08 23:36:22 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{982EE8BF-5E73-42F7-8388-B27CDD002941}
[2012.03.08 11:36:05 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{6353DD9B-1F86-4F55-8949-6D8CAE6DE9B6}
[2012.03.08 11:35:52 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{3FEE53D5-2BE5-438F-8D07-6CD2042ACF9F}
[2012.03.07 22:59:17 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{D33FAC03-3A4C-4B36-9959-96A8014EF651}
[2012.03.07 22:59:05 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{0DFF29F5-E4F4-493B-A702-D0291B37AA53}
[2012.03.07 10:58:50 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{1726A013-1665-40FA-AADD-C879EB085F1C}
[2012.03.07 10:58:38 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{B6F94018-800C-4DC2-BA3B-DED42D15DBD1}
[2012.03.06 14:44:34 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{D4D10984-0BA1-4077-9621-7D7A3ED47EAB}
[2012.03.06 14:44:21 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{F32610C2-9F97-489C-8299-31C38CAB943C}
[2012.03.06 00:05:12 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{CE072805-01AB-4276-AC37-36C469241C83}
[2012.03.06 00:05:00 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{3BEAE10A-7CA6-4AF0-8707-2CDFEB0DF3C0}
[2012.03.05 12:04:33 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{C3BA39FB-88D9-4EF0-9345-EDD68F070702}
[2012.03.05 12:04:21 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{2EAC111A-CC08-4C5F-ACE2-C5F3DB58552A}
[2012.03.05 00:03:54 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{69B78E9D-9D17-463F-A257-D05FF9BDAA55}
[2012.03.05 00:03:43 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{D06FFC44-4F6F-4A12-92AA-ECF34CFA36DE}
[2012.03.04 12:03:15 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{40FD1ECB-270C-48BC-8833-EBCA9CAE8257}
[2012.03.04 12:02:59 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{65F99EC8-42FF-4B64-B5AA-9B952DE078BC}
[2012.03.03 14:06:39 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{12F9ABE3-CCF1-4474-A845-D4388A222EE9}
[2012.03.03 14:06:23 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{70E8D795-3641-4244-942B-6407F4D41DF3}
[2012.03.02 19:27:52 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{E7393602-7C17-4143-8639-D4D6AB6ABFBD}
[2012.03.02 19:27:41 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{9447F1BD-6ED5-492C-B60E-82BD1CA67088}
[2012.03.02 07:27:13 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{1F315161-7E3D-41AC-8623-6A40185E1069}
[2012.03.02 07:27:00 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{3A574762-372D-4EFE-BE2E-55B1F06C094C}
[2012.03.01 14:30:03 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{548081B3-E7EF-4D8E-B04C-1D095FE52453}
[2012.03.01 14:29:49 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{16E77473-1CB4-4506-BAF0-7D235B2CD2BD}
[2012.03.01 02:07:09 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{A228BA4A-E35D-42D0-87EE-0C42994DD5A6}
[2012.02.29 14:06:42 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{FAD939B6-7CD8-45B2-BD53-C505CF7C8FA3}
[2012.02.29 14:06:30 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{2986442E-DF8E-4F4B-A3F4-7B0B33EFC175}
[2012.02.29 01:56:01 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{90D819D6-B118-4512-9612-A2900221EE0F}
[2012.02.29 01:55:50 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{B0A5D4A1-10B0-4D07-B00C-ED44F8B92419}
[2012.02.28 13:55:21 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{0B2634DD-3F7B-4327-8C3E-640A4A5E583F}
[2012.02.28 13:55:08 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{FDBE4DAB-008A-4B11-9BFC-7D8FB45F6757}
[2012.02.28 13:55:07 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2012.02.27 10:31:36 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{1F37556F-3FEC-440D-8EC9-9C6FD8C17E55}
[2012.02.27 10:31:24 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{AE650769-F6CE-4767-AD27-036C0B59977F}
[2012.02.26 13:39:26 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{CBADB641-8045-4B42-81C8-20CCE79D7FD0}
[2012.02.26 13:39:14 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{A6B5D053-6559-4EB8-9A08-848355F2F75B}
[2012.02.25 14:41:48 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{5DD28677-1FF3-49D8-A1E0-459A5A389F27}
[2012.02.25 14:41:36 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{9D543F6E-6458-4CD6-A418-FA2F16FD4E2A}
[2012.02.25 02:41:08 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{99542655-0B64-4B2B-8A57-C7703A84B83E}
[2012.02.25 02:40:56 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{714503F7-9782-4A3A-AA35-FC4D5BDAABCF}
[2012.02.24 14:40:28 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{6F687302-39C1-4404-A2D1-EAE6615926B5}
[2012.02.24 14:40:14 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{8FD01774-62CA-4D3C-9396-05C42E15F337}
[2012.02.24 00:29:21 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{0C8017A0-E880-4886-80A5-0090C2A94075}
[2012.02.24 00:29:09 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{41CD0DCE-0AB2-41B2-A119-51F28937BEE3}
[2012.02.23 12:28:40 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{3038D639-2CFF-4ADE-9699-313E7A28CBEC}
[2012.02.23 12:28:25 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{948D25AC-7ACE-4C3B-9FDA-ABF1292CFBF8}
[2012.02.23 07:24:48 | 001,490,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WdfCoInstaller01007.dll
[2012.02.23 07:24:48 | 000,027,176 | ---- | C] (Sony Ericsson Mobile Communications) -- C:\Windows\SysNative\drivers\ggsemc.sys
[2012.02.23 07:24:48 | 000,013,352 | ---- | C] (Sony Ericsson Mobile Communications) -- C:\Windows\SysNative\drivers\ggflt.sys
[2012.02.23 07:21:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony Ericsson
[2012.02.23 07:21:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony Ericsson
[2012.02.23 00:27:55 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{FCC0F88E-9175-4FDA-BCBB-4FBE005DA211}
[2012.02.23 00:27:43 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{CC966B09-3CFB-4389-B2B5-9A50F84C02EF}
[2012.02.22 08:05:12 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{33288F31-C779-40B8-8F4C-299AC80F682A}
[2012.02.22 08:04:57 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{62655992-495E-4029-A036-20CC471E4A9E}
[2012.02.21 11:40:38 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{3FD74C3E-A415-4313-A0BA-813305146D98}
[2012.02.21 11:40:26 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{3BFE3943-F028-4F63-9862-22E9D7B73CD6}
[2012.02.20 20:53:34 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{95837237-4019-4D5F-90C4-B9C6317E2BEA}
[2012.02.20 20:53:23 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{14A3ED32-7FB5-44EB-9AB4-618F6E285B8A}
[2012.02.20 08:53:09 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{CB4A5C10-C869-4A17-9136-644354D01A32}
[2012.02.20 08:52:58 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{5163683D-2678-48B7-AE39-5FF870C921EA}
[2012.02.19 20:52:43 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{A56ADA0A-0FE0-423F-BB66-0C4C68DE0818}
[2012.02.19 20:52:31 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{521A9896-3FDE-4F8D-ADE6-48D6FF6AF6FB}
[2012.02.19 08:27:10 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{62332F06-174B-4E16-8973-AD2235FF827C}
[2012.02.19 08:26:57 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{CCB5D671-968F-47AC-89FE-D65EB9689A7A}
[2012.02.18 22:58:44 | 000,000,000 | ---D | C] -- C:\Users\Miststück\Documents\GINA
[2012.02.18 15:22:40 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{01C7AACD-D544-4D80-846D-7B93FBE928F6}
[2012.02.18 15:22:29 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{3761CBA6-DE75-411E-915F-316C63ABACEE}
[2012.02.18 03:22:01 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{F68D7AE5-D0C6-45EE-AF65-21904C088D63}
[2012.02.18 03:21:49 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{9614DEBF-B2C4-467F-9D3F-04DA4237F906}
[2012.02.17 15:21:34 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{B82A76D0-3605-4E58-87A2-5A611DDEF324}
[2012.02.17 15:21:22 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{79B16715-F890-4202-A6C0-3716D2B008AC}
[2012.02.17 03:20:54 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{01A0A7B5-7747-4B75-8CA0-E9AB5B6EAE57}
[2012.02.17 03:20:43 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{FA223645-FF38-4DB0-8E79-31FE346F58EB}
[2012.02.16 14:44:51 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{3B88A4D5-74C2-489A-AD71-1060403A87C5}
[2012.02.16 14:44:38 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{89D7FC57-E074-42C1-B218-A8C6A8155827}
[2012.02.16 13:26:34 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll
[2012.02.16 13:26:28 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
[2012.02.16 13:26:28 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2012.02.16 13:26:22 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2012.02.16 13:26:05 | 000,702,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012.02.16 13:26:05 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.02.16 13:26:05 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.02.16 13:26:04 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.02.16 13:26:04 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.02.16 13:26:04 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.02.16 13:26:03 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.02.16 02:11:37 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{A4B22B49-3F4B-4D12-9017-0D082AA81ECF}
[2012.02.16 02:11:25 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{1C7799EE-9089-4121-99DD-72BED46BDF31}
[2012.02.15 14:10:58 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{3CB01841-AFD5-4A3E-B6D2-ED7030FA2010}
[2012.02.15 14:10:47 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{CF140CDA-745B-4500-8D2A-66236897D5FB}
[2012.02.15 02:10:20 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{AFE3AFCE-DCB8-4304-9853-90E1BE8E5ACE}
[2012.02.15 02:10:08 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{5C12331B-E807-4938-B5C5-5528766680AD}
[2012.02.14 14:09:42 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{36EFC8E0-BA44-4520-8514-53D6A3912091}
[2012.02.14 14:09:30 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{FF2A8A91-520B-4B53-9D53-993C0356E984}
[2012.02.14 02:09:04 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{AEA505A7-7C9C-4679-8315-5B95F6A72714}
[2012.02.14 02:08:53 | 000,000,000 | ---D | C] -- C:\Users\Miststück\AppData\Local\{826BCE7B-DF4B-4D67-8A8A-E707F5644A38}

========== Files - Modified Within 30 Days ==========

[2012.03.14 18:09:20 | 001,572,864 | ---- | M] () -- C:\Users\Miststück\NTUSER.DAT
[2012.03.14 17:22:00 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.03.14 14:16:56 | 000,017,376 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.03.14 14:16:56 | 000,017,376 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.03.14 14:10:43 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.03.14 14:10:43 | 000,000,334 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
[2012.03.14 14:09:05 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2012.03.14 14:09:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.03.14 14:08:55 | 3219,787,776 | -HS- | M] () -- C:\hiberfil.sys
[2012.03.13 23:23:46 | 002,245,238 | -H-- | M] () -- C:\Users\Miststück\AppData\Local\IconCache.db
[2012.03.13 18:28:37 | 000,001,125 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.03.13 08:19:14 | 000,524,288 | -HS- | M] () -- C:\Users\Miststück\NTUSER.DAT{05dc14d8-6cd4-11e1-b9f4-206a8a316c58}.TMContainer00000000000000000002.regtrans-ms
[2012.03.13 08:19:14 | 000,524,288 | -HS- | M] () -- C:\Users\Miststück\NTUSER.DAT{05dc14d8-6cd4-11e1-b9f4-206a8a316c58}.TMContainer00000000000000000001.regtrans-ms
[2012.03.13 08:19:14 | 000,065,536 | -HS- | M] () -- C:\Users\Miststück\NTUSER.DAT{05dc14d8-6cd4-11e1-b9f4-206a8a316c58}.TM.blf
[2012.03.13 08:08:06 | 001,572,864 | ---- | M] () -- C:\Users\Miststück\NTUSER.DAT.gbck
[2012.03.09 11:39:20 | 000,002,038 | ---- | M] () -- C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
[2012.03.07 17:38:31 | 000,327,698 | ---- | M] () -- C:\Users\Miststück\Documents\BUG Fehler in den gates.jpg
[2012.03.04 15:53:13 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.03.04 15:53:13 | 000,654,166 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.03.04 15:53:13 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.03.04 15:53:13 | 000,130,006 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.03.04 15:53:13 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.03.04 02:40:49 | 000,301,323 | ---- | M] () -- C:\Users\Miststück\Documents\Chat DO.jpg
[2012.03.02 14:55:37 | 000,299,298 | ---- | M] () -- C:\Users\Miststück\Documents\screen TT-Blizz betreff Killa-TT.jpg
[2012.02.28 13:55:10 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.02.25 18:46:13 | 000,004,608 | ---- | M] () -- C:\Users\Miststück\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.02.23 07:26:26 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ggsemc_01007.Wdf
[2012.02.23 07:26:26 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ggflt_01007.Wdf
[2012.02.23 07:24:48 | 001,490,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WdfCoInstaller01007.dll
[2012.02.23 07:24:48 | 000,027,176 | ---- | M] (Sony Ericsson Mobile Communications) -- C:\Windows\SysNative\drivers\ggsemc.sys
[2012.02.23 07:24:48 | 000,013,352 | ---- | M] (Sony Ericsson Mobile Communications) -- C:\Windows\SysNative\drivers\ggflt.sys
[2012.02.20 14:25:08 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2012.02.19 01:50:16 | 000,302,506 | ---- | M] () -- C:\Users\Miststück\Documents\darkorbit payment.jpg
[2012.02.17 03:27:24 | 000,271,120 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.02.15 14:25:34 | 000,132,320 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys

========== Files Created - No Company Name ==========

[2012.03.13 18:28:37 | 000,001,125 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.03.13 08:08:51 | 000,524,288 | -HS- | C] () -- C:\Users\Miststück\NTUSER.DAT{05dc14d8-6cd4-11e1-b9f4-206a8a316c58}.TMContainer00000000000000000002.regtrans-ms
[2012.03.13 08:08:51 | 000,524,288 | -HS- | C] () -- C:\Users\Miststück\NTUSER.DAT{05dc14d8-6cd4-11e1-b9f4-206a8a316c58}.TMContainer00000000000000000001.regtrans-ms
[2012.03.13 08:08:51 | 000,065,536 | -HS- | C] () -- C:\Users\Miststück\NTUSER.DAT{05dc14d8-6cd4-11e1-b9f4-206a8a316c58}.TM.blf
[2012.03.09 11:39:20 | 000,002,038 | ---- | C] () -- C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
[2012.03.07 17:38:31 | 000,327,698 | ---- | C] () -- C:\Users\Miststück\Documents\BUG Fehler in den gates.jpg
[2012.03.04 02:39:44 | 000,301,323 | ---- | C] () -- C:\Users\Miststück\Documents\Chat DO.jpg
[2012.03.02 14:55:37 | 000,299,298 | ---- | C] () -- C:\Users\Miststück\Documents\screen TT-Blizz betreff Killa-TT.jpg
[2012.02.23 07:26:26 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ggsemc_01007.Wdf
[2012.02.23 07:26:26 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ggflt_01007.Wdf
[2012.02.11 19:20:55 | 000,004,608 | ---- | C] () -- C:\Users\Miststück\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.01.19 18:24:30 | 000,026,903 | ---- | C] () -- C:\Users\Miststück\AppData\Roaming\UserTile.png
[2012.01.14 14:13:19 | 000,000,132 | ---- | C] () -- C:\Windows\24 CTU Display 3 (Widescreen).ini
[2012.01.14 14:13:19 | 000,000,093 | ---- | C] () -- C:\Windows\FSaver.ini
[2011.12.19 01:34:17 | 002,245,238 | -H-- | C] () -- C:\Users\Miststück\AppData\Local\IconCache.db
[2011.12.19 01:03:43 | 000,000,267 | ---- | C] () -- C:\Windows\LaunApp.ini
[2011.12.19 00:56:00 | 000,002,857 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011.12.19 00:55:04 | 000,001,550 | ---- | C] () -- C:\Windows\WPatchProgress.ini
[2011.12.18 16:54:57 | 000,058,640 | ---- | C] () -- C:\Users\Miststück\AppData\Local\GDIPFONTCACHEV1.DAT
[2011.12.18 16:22:46 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010.09.09 03:33:18 | 000,000,325 | ---- | C] () -- C:\Windows\Prelaunch.ini
[2010.09.09 03:33:18 | 000,000,271 | ---- | C] () -- C:\Windows\WisPriority.ini
[2010.09.09 03:33:18 | 000,000,168 | ---- | C] () -- C:\Windows\WisLangCode.ini

========== LOP Check ==========

[2012.01.14 14:03:17 | 000,000,000 | ---D | M] -- C:\Users\Miststück\AppData\Roaming\Canneverbe Limited
[2012.01.18 17:19:40 | 000,000,000 | ---D | M] -- C:\Users\Miststück\AppData\Roaming\GlarySoft
[2012.01.28 15:15:34 | 000,000,000 | ---D | M] -- C:\Users\Miststück\AppData\Roaming\SimpleScreenshot
[2012.01.18 22:32:30 | 000,000,000 | ---D | M] -- C:\Users\Miststück\AppData\Roaming\SNS
[2012.02.11 19:20:55 | 000,000,000 | ---D | M] -- C:\Users\Miststück\AppData\Roaming\Solveig Multimedia
[2011.12.18 17:00:33 | 000,000,000 | ---D | M] -- C:\Users\Miststück\AppData\Roaming\Telefónica
[2012.01.27 21:10:57 | 000,000,000 | ---D | M] -- C:\Users\Miststück\AppData\Roaming\WEB.DE
[2012.02.02 15:31:23 | 000,000,000 | ---D | M] -- C:\Users\Miststück\AppData\Roaming\Windows Live Writer
[2012.03.14 14:10:43 | 000,000,334 | ---- | M] () -- C:\Windows\Tasks\GlaryInitialize.job
[2012.02.19 18:47:09 | 000,032,568 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >

Alt 14.03.2012, 19:26   #2
markusg
/// Malware-holic
 
'HTML/Infected.WebPage.Gen2 - Standard

'HTML/Infected.WebPage.Gen2


hi,
wie sollen wir dir vernünftig helfen, du gibst uns ja auch keine vernünftigen anhaltspunkte
zb, facebook get nicht, aha, und warum nicht, was genau passiert.
dann gibst du uns nen trojaner namen, ohne fundmeldung.
damit können wir nicht arbeiten.
poste also fundmeldungen, zumindest einige davon.
__________________

__________________
Antwort

Themen zu 'HTML/Infected.WebPage.Gen2
'html/infected.webpage.gen2, antivir, autorun, avg, avira, avira searchfree toolbar, bho, bingbar, desktop, explorer, fehler, firefox, format, google, home, launch, logfile, malwarebytes, microsoft, opera, packard bell, plug-in, programme, realtek, registry, scan, searchscopes, software, symantec, temp, version=1.0, virus, virus auf lappi, windows


« Windows Security Center - 100€ ukash paysafe Trojaner | Für Virus 50 Euro zahlen »


Ähnliche Themen: 'HTML/Infected.WebPage.Gen2


  1. HTML/Infected.WebPage.Gen2
    Plagegeister aller Art und deren Bekämpfung - 07.10.2013 (5)
  2. HTML/Infected.WebPage.Gen2
    Plagegeister aller Art und deren Bekämpfung - 22.03.2013 (16)
  3. HTML/Infected.WebPage.Gen2 - removal
    Log-Analyse und Auswertung - 07.05.2012 (7)
  4. html/infected.webpage.gen2
    Log-Analyse und Auswertung - 30.04.2012 (3)
  5. HTML/Infected.WebPage.Gen2 Wie entfernen?
    Plagegeister aller Art und deren Bekämpfung - 21.03.2012 (45)
  6. HTML/Infected.WebPage.Gen2
    Plagegeister aller Art und deren Bekämpfung - 20.03.2012 (4)
  7. HTML/Infected.WebPage.Gen2
    Plagegeister aller Art und deren Bekämpfung - 25.02.2012 (8)
  8. Win XP: HTML/Infected.WebPage.Gen2
    Plagegeister aller Art und deren Bekämpfung - 19.02.2012 (1)
  9. 4 Funde u.a. HTML/Infected.WebPage.Gen2
    Plagegeister aller Art und deren Bekämpfung - 08.02.2012 (23)
  10. Virus HTML/Infected.WebPage.Gen2
    Plagegeister aller Art und deren Bekämpfung - 31.01.2012 (40)
  11. HTML/Infected.WebPage.Gen2
    Log-Analyse und Auswertung - 02.01.2012 (1)
  12. Virus HTML/Infected.WebPage.Gen2
    Log-Analyse und Auswertung - 30.06.2011 (13)
  13. Avira HTML/Infected.WebPage.Gen2
    Plagegeister aller Art und deren Bekämpfung - 04.05.2011 (3)
  14. HTML/Infected.WebPage.Gen2
    Plagegeister aller Art und deren Bekämpfung - 02.05.2011 (5)
  15. HTML/Infected.WebPage.Gen2
    Plagegeister aller Art und deren Bekämpfung - 30.10.2010 (7)
  16. Virenusbefall ? HTML/Rce.Gen und HTML/Infected.WebPage.Gen2
    Plagegeister aller Art und deren Bekämpfung - 22.09.2010 (4)
  17. HTML/Infected.WebPage.Gen2
    Plagegeister aller Art und deren Bekämpfung - 23.08.2010 (7)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema 'HTML/Infected.WebPage.Gen2 - Hallo, Keine Ahnung was ich damit anfangen soll, bin Frau und habe wirklich 0 Play von dem was da steht!! Aber seit dem ich diesen Virus habe, kann nicht mehr - 'HTML/Infected.WebPage.Gen2...
Archiv
Du betrachtest: 'HTML/Infected.WebPage.Gen2 auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55