Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Gema Virus dauerhaft entfernen? OTL Logfile

Gema Virus dauerhaft entfernen? OTL Logfile


Log-Analyse und Auswertung: Gema Virus dauerhaft entfernen? OTL Logfile

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 18.03.2012, 20:08   #1
iced
 
Gema Virus dauerhaft entfernen? OTL Logfile - Standard

Gema Virus dauerhaft entfernen? OTL Logfile


Hallo,

auch ich habe den Gema Virus eingefangen. Zuerst kam der BKA Virus, den konnte ich im Abgesicherten Modus entfernen. Ein Tag später wurde ich von Gema Virus befallen, mittels Systemwiederherstellung war auch dieser verschwunden. Ich habe Malwarebytes durchlaufen lassen und einen Virenscan durchgeführt. Heute trat der Gema Virus wieder auf.
Kann man sich irgendwie dauerhaft davor schützen oder ihn komplett entfernen?

Danke schon mal in vorraus.

Code:
ATTFilter
OTL logfile created on: 18.03.2012 19:36:48 - Run 1
OTL by OldTimer - Version 3.2.39.1     Folder = C:\Users\Maxim\Downloads\Apps
64bit- Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
5,99 Gb Total Physical Memory | 3,99 Gb Available Physical Memory | 66,55% Memory free
11,98 Gb Paging File | 9,68 Gb Available in Paging File | 80,80% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 147,23 Gb Total Space | 29,92 Gb Free Space | 20,32% Space Free | Partition Type: NTFS
Drive D: | 784,18 Gb Total Space | 253,50 Gb Free Space | 32,33% Space Free | Partition Type: NTFS
Unable to calculate disk information.
Drive F: | 100,00 Mb Total Space | 69,23 Mb Free Space | 69,23% Space Free | Partition Type: NTFS
 
Computer Name: MAXIM-PC | User Name: Maxim | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Maxim\Downloads\Apps\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
PRC - C:\Users\Maxim\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Program Files (x86)\Opera 11.10 beta\opera.exe (Opera Software)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
PRC - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
PRC - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe (Logitech Inc.)
PRC - C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe ()
PRC - C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
PRC - C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe ()
PRC - C:\Program Files (x86)\Lexmark S300-S400 Series\lxeamon.exe ()
PRC - C:\Programme\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
PRC - C:\Windows\tsnpstd3.exe ()
PRC - C:\Windows\vsnpstd3.exe ()
PRC - C:\Windows\SysWOW64\IoctlSvc.exe (Prolific Technology Inc.)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\45f56e5749f43eeb24b2094fd761a9d3\System.Management.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\87bb94208da627ef82f1baf7565429fb\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\a6529c9ffc0303d1eee4282d18c7d7f3\System.Xaml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\7eb4a3ea2a40992aee2c4bbd12e03e92\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\ae40bbaf5a559e09ab86abb4a0e3b82a\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\389da1e0e62a532f956f05709447e8aa\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\9bf91363906fc418ea34b30d7bf825b9\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\da0fc8ce9b2fb592b7d8065481ef5d42\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\b09b3c662a1d39ed782f8c54c62a4067\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\6b80af748bbb01fead3aefa778d2a30a\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\15e071596162d504ead0394ec971ad3b\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\26430b84dfd15f788b0e39dce71ef5d1\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\fe6b346d83857a3f02bda63332e66642\mscorlib.ni.dll ()
MOD - C:\Users\Maxim\AppData\Local\Temp\ae201572-4813-4010-9ed2-ee29ddec066a\CliSecureRT.dll ()
MOD - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
MOD - C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll ()
MOD - C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe ()
MOD - C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe ()
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
MOD - C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll ()
MOD - C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll ()
MOD - C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll ()
MOD - C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll ()
MOD - C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll ()
MOD - C:\Program Files (x86)\Lexmark S300-S400 Series\lxeamon.exe ()
MOD - C:\Program Files (x86)\Lexmark S300-S400 Series\lxeaDRS.dll ()
MOD - C:\Program Files (x86)\Lexmark S300-S400 Series\lxeascw.dll ()
MOD - C:\Windows\tsnpstd3.exe ()
MOD - C:\Program Files (x86)\Lexmark S300-S400 Series\lxeadatr.dll ()
MOD - C:\Windows\SysWOW64\LXEAsmr.dll ()
MOD - C:\Program Files (x86)\Lexmark S300-S400 Series\lxeacaps.dll ()
MOD - C:\Windows\SysWOW64\LXEAsm.dll ()
MOD - C:\Windows\vsnpstd3.exe ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (lxea_device) -- C:\Windows\SysNative\lxeacoms.exe ( )
SRV:64bit: - (lxeaCATSCustConnectService) -- C:\Windows\SysNative\spool\DRIVERS\x64\3\\lxeaserv.exe ()
SRV:64bit: - (UxTuneUp) -- C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (Hamachi2Svc) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (TeamViewer7) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (UMVPFSrv) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe (Logitech Inc.)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (lxeaCATSCustConnectService) -- C:\Windows\system32\spool\DRIVERS\x64\3\\lxeaserv.exe ()
SRV - (lxea_device) -- C:\Windows\SysWOW64\lxeacoms.exe ( )
SRV - (FLEXnet Licensing Service 64) -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Acresso Software Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (TuneUp.Defrag) @C:\Program Files (x86) -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe (TuneUp Software)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\Windows\SysWOW64\uxtuneup.dll (TuneUp Software)
SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (PLFlash DeviceIoControl Service) -- C:\Windows\SysWOW64\IoctlSvc.exe (Prolific Technology Inc.)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH)
DRV:64bit: - (MotioninJoyXFilter) -- C:\Windows\SysNative\drivers\MijXfilt.sys (MotioninJoy)
DRV:64bit: - (ssudmdm) SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.) -- C:\Windows\SysNative\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (dg_ssudbus) SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.) -- C:\Windows\SysNative\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (LVUVC64) Logitech HD Webcam C270(UVC) -- C:\Windows\SysNative\drivers\lvuvc64.sys (Logitech Inc.)
DRV:64bit: - (LVRS64) -- C:\Windows\SysNative\drivers\lvrs64.sys (Logitech Inc.)
DRV:64bit: - (EuMusDesignVirtualAudioCableWdm) Virtual Audio Cable (WDM) -- C:\Windows\SysNative\drivers\vrtaucbl.sys (Eugene V. Muzychenko)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (xusb21) -- C:\Windows\SysNative\drivers\xusb21.sys (Microsoft Corporation)
DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
DRV:64bit: - (SNPSTD3) USB PC Camera (SNPSTD3) -- C:\Windows\SysNative\drivers\snpstd3.sys (Sonix Co. Ltd.)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek Corporation                                            )
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (Ext2fs) -- C:\Windows\SysNative\drivers\ext2fs.sys (Stephan Schreiber)
DRV:64bit: - (IfsMount) -- C:\Windows\SysNative\drivers\ifsmount.sys (Stephan Schreiber)
DRV:64bit: - (adfs) -- C:\Windows\SysNative\drivers\adfs.sys (Adobe Systems, Inc.)
DRV:64bit: - (ManyCam) -- C:\Windows\SysNative\drivers\ManyCam_x64.sys (ManyCam LLC.)
DRV:64bit: - (Ext2Fsd) -- C:\Windows\SysNative\drivers\ext2fsd.sys (www.ext2fsd.com)
DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ASACPI.sys ()
DRV - (SNPSTD3) USB PC Camera (SNPSTD3) -- C:\Windows\SysWOW64\drivers\snpstd3.sys (Sonix Co. Ltd.)
DRV - (TuneUpUtilitiesDrv) -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys (TuneUp Software)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (UltraMonUtility) -- C:\Program Files (x86)\Common Files\Realtime Soft\UltraMonMirrorDrv\x64\UltraMonUtility.sys (Realtime Soft Ltd)
DRV - (adfs) -- C:\Windows\SysWow64\drivers\adfs.sys (Adobe Systems, Inc.)
DRV - (MSKSSRV) -- C:\Windows\SysWOW64\drivers\mskssrv.sys (Microsoft Corporation)
DRV - (MSPCLOCK) -- C:\Windows\SysWOW64\drivers\mspclock.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 18 DB F2 EF DA 3B CB 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{AEBC34FD-804C-4FD6-8763-380C46D50E9F}: "URL" = hxxp://www.google.de/search?q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
========== FireFox ==========
 
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@logitech.com/HarmonyRemote,version=1.0.0: C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll (Logitech Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2011.04.28 22:09:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.12.11 14:27:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{F6BBF8BD-1BB8-455E-A3C9-CCF1536AA687}: C:\Users\Maxim\AppData\Local\{F6BBF8BD-1BB8-455E-A3C9-CCF1536AA687} [2010.10.07 21:52:24 | 000,000,000 | ---D | M]
 
[2011.12.11 14:27:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Maxim\AppData\Roaming\mozilla\Extensions
[2012.02.28 17:08:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Maxim\AppData\Roaming\mozilla\Firefox\Profiles\avfjvgk7.default\extensions
[2012.01.22 17:33:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.01.22 17:33:13 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}
() (No name found) -- C:\USERS\MAXIM\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AVFJVGK7.DEFAULT\EXTENSIONS\STEALTHYEXTENSION@GMAIL.COM.XPI
[2011.11.21 05:21:43 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.11.21 02:17:49 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.11.21 02:09:48 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011.11.21 02:17:49 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011.11.21 02:17:49 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.11.21 02:17:49 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.11.21 02:17:49 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2011.01.12 19:25:59 | 000,001,132 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 im.adtech.de
O1 - Hosts: 127.0.0.1 adserver.adtech.de
O1 - Hosts: 127.0.0.1 adtech.de
O1 - Hosts: 127.0.0.1 ar.atwola.com
O1 - Hosts: 127.0.0.1 atwola.com
O1 - Hosts: 127.0.0.1 adserver.71i.de
O1 - Hosts: 127.0.0.1 adicqserver.71i.de
O1 - Hosts: 127.0.0.1 71i.de
O1 - Hosts: 192.168.1.51	developerservices.windowsphone.com
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4:64bit: - HKLM..\Run: [EzPrint] C:\Program Files (x86)\Lexmark S300-S400 Series\ezprint.exe ()
O4:64bit: - HKLM..\Run: [lxeamon.exe] C:\Program Files (x86)\Lexmark S300-S400 Series\lxeamon.exe ()
O4:64bit: - HKLM..\Run: [snpstd3] C:\Windows\vsnpstd3.exe ()
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Lexmark S300-S400 Series] C:\Program Files (x86)\Lexmark S300-S400 Series\fm3032.exe ()
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [snpstd3] C:\Windows\vsnpstd3.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [tsnpstd3] C:\Windows\tsnpstd3.exe ()
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe (Samsung)
O4 - HKCU..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKCU..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - Startup: C:\Users\Maxim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Maxim\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8:64bit: - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{791C6DC1-3BA8-48C2-A290-B0158D9A3E85}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKCU Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{19bd2230-640a-11df-a138-0026189f734c}\Shell - "" = AutoRun
O33 - MountPoints2\{19bd2230-640a-11df-a138-0026189f734c}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O33 - MountPoints2\{c06fe959-0f89-11df-80b3-0026189f734c}\Shell - "" = AutoRun
O33 - MountPoints2\{c06fe959-0f89-11df-80b3-0026189f734c}\Shell\AutoRun\command - "" = V:\start.exe
O33 - MountPoints2\{c8d7fbcd-b762-11df-827f-0026189f734c}\Shell - "" = AutoRun
O33 - MountPoints2\{c8d7fbcd-b762-11df-827f-0026189f734c}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.03.18 19:20:40 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012.03.17 16:37:06 | 000,000,000 | ---D | C] -- C:\Users\Maxim\AppData\Roaming\Avira
[2012.03.17 16:32:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2012.03.17 16:32:11 | 000,132,320 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys
[2012.03.17 16:32:11 | 000,097,312 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2012.03.17 16:32:11 | 000,027,760 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2012.03.17 16:32:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2012.03.17 16:32:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2012.03.17 15:35:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.03.17 15:35:58 | 000,023,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.03.17 15:35:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.03.09 20:36:32 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2012.03.09 20:36:32 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2012.02.29 18:42:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2012.02.29 18:42:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
[2012.02.21 21:16:02 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2012.02.21 21:16:02 | 002,308,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.02.21 21:16:02 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.02.21 21:16:02 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.02.21 21:16:02 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.02.21 21:16:02 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2012.02.21 21:16:02 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2012.02.21 21:16:02 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2012.02.21 21:16:02 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.02.21 21:16:02 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.02.21 21:16:02 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2012.02.21 21:16:02 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2012.02.21 21:16:02 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2012.02.21 21:16:02 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.02.21 21:16:02 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.02.21 21:16:02 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2012.02.21 21:16:02 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2012.02.21 21:16:02 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2012.02.21 21:16:02 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2012.02.21 21:16:02 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2012.02.21 21:16:02 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2012.02.21 21:16:02 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2012.02.21 21:16:02 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2012.02.21 21:16:02 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.02.21 21:16:02 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2012.02.21 21:16:02 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2012.02.21 21:16:02 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2012.02.21 21:16:02 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2012.02.21 21:16:02 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2012.02.21 21:16:02 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2012.02.21 21:16:02 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2012.02.21 21:16:02 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2012.02.21 21:16:02 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2012.02.21 21:16:02 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2012.02.21 21:16:02 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2012.02.21 21:16:02 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2012.02.21 21:16:02 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2012.02.21 21:16:02 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2012.02.21 21:16:02 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2012.02.21 21:16:02 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2012.02.21 21:16:02 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.02.21 21:16:02 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2012.02.21 21:16:02 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2012.02.21 21:16:02 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2012.02.21 21:16:02 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2012.02.21 21:16:02 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2012.02.21 21:16:02 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2012.02.21 21:16:02 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2012.02.21 21:16:02 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2012.02.21 21:16:02 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2012.02.21 21:16:02 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2012.02.21 21:16:02 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2012.02.21 21:16:02 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2012.02.21 21:16:01 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2012.02.21 21:16:01 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.02.21 21:16:01 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012.02.21 21:16:01 | 000,603,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012.02.21 21:16:01 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2012.02.21 21:16:01 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2012.02.21 21:16:01 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2012.02.21 21:16:01 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2012.02.21 21:16:01 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.02.21 21:16:01 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2012.02.21 21:16:01 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2012.02.21 21:16:01 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2012.02.21 21:16:01 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.02.21 21:16:01 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2012.02.21 21:16:01 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2012.02.21 21:16:01 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2012.02.21 21:16:01 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2012.02.21 21:16:01 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2012.02.21 21:16:01 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[28 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.03.18 19:23:32 | 000,024,304 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.03.18 19:23:32 | 000,024,304 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.03.18 19:15:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.03.17 16:32:24 | 000,001,999 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012.03.17 15:36:01 | 000,001,118 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.03.14 21:53:55 | 014,505,168 | ---- | M] () -- C:\Users\Maxim\Desktop\So.wirds.gemacht.Band.138.BMW.3ER.REIHE.rar.part
[2012.03.12 21:31:22 | 000,001,456 | ---- | M] () -- C:\Users\Maxim\AppData\Local\Adobe Für Web speichern 12.0 Prefs
[2012.03.12 21:19:42 | 000,000,132 | ---- | M] () -- C:\Users\Maxim\AppData\Roaming\Adobe GIF Format CS5 Prefs
[2012.03.09 10:02:17 | 001,613,340 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.03.09 10:02:17 | 000,696,832 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.03.09 10:02:17 | 000,652,150 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.03.09 10:02:17 | 000,148,128 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.03.09 10:02:17 | 000,121,082 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.03.09 10:02:04 | 000,000,984 | ---- | M] () -- C:\Users\Maxim\Desktop\Dropbox.lnk
[2012.03.09 10:02:04 | 000,000,964 | ---- | M] () -- C:\Users\Maxim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2012.02.28 18:54:53 | 001,590,298 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.02.21 21:16:02 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2012.02.21 21:16:02 | 002,308,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.02.21 21:16:02 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.02.21 21:16:02 | 000,818,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.02.21 21:16:02 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.02.21 21:16:02 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2012.02.21 21:16:02 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2012.02.21 21:16:02 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2012.02.21 21:16:02 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.02.21 21:16:02 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.02.21 21:16:02 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2012.02.21 21:16:02 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2012.02.21 21:16:02 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2012.02.21 21:16:02 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.02.21 21:16:02 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.02.21 21:16:02 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2012.02.21 21:16:02 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2012.02.21 21:16:02 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2012.02.21 21:16:02 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2012.02.21 21:16:02 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2012.02.21 21:16:02 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2012.02.21 21:16:02 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2012.02.21 21:16:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2012.02.21 21:16:02 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.02.21 21:16:02 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2012.02.21 21:16:02 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2012.02.21 21:16:02 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2012.02.21 21:16:02 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2012.02.21 21:16:02 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2012.02.21 21:16:02 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2012.02.21 21:16:02 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2012.02.21 21:16:02 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2012.02.21 21:16:02 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2012.02.21 21:16:02 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2012.02.21 21:16:02 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2012.02.21 21:16:02 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2012.02.21 21:16:02 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2012.02.21 21:16:02 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2012.02.21 21:16:02 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2012.02.21 21:16:02 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2012.02.21 21:16:02 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2012.02.21 21:16:02 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.02.21 21:16:02 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2012.02.21 21:16:02 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2012.02.21 21:16:02 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2012.02.21 21:16:02 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2012.02.21 21:16:02 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2012.02.21 21:16:02 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2012.02.21 21:16:02 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2012.02.21 21:16:02 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2012.02.21 21:16:02 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2012.02.21 21:16:02 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2012.02.21 21:16:02 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2012.02.21 21:16:02 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2012.02.21 21:16:01 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2012.02.21 21:16:01 | 001,493,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.02.21 21:16:01 | 000,697,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012.02.21 21:16:01 | 000,603,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012.02.21 21:16:01 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2012.02.21 21:16:01 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2012.02.21 21:16:01 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2012.02.21 21:16:01 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2012.02.21 21:16:01 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.02.21 21:16:01 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2012.02.21 21:16:01 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2012.02.21 21:16:01 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2012.02.21 21:16:01 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.02.21 21:16:01 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2012.02.21 21:16:01 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2012.02.21 21:16:01 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2012.02.21 21:16:01 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2012.02.21 21:16:01 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2012.02.21 21:16:01 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2012.02.21 21:16:01 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[28 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.03.17 16:32:24 | 000,001,999 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012.03.17 15:36:01 | 000,001,118 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.03.14 21:22:55 | 014,505,168 | ---- | C] () -- C:\Users\Maxim\Desktop\So.wirds.gemacht.Band.138.BMW.3ER.REIHE.rar.part
[2012.03.12 21:19:42 | 000,000,132 | ---- | C] () -- C:\Users\Maxim\AppData\Roaming\Adobe GIF Format CS5 Prefs
[2012.02.21 21:16:02 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2012.02.21 21:16:01 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2011.12.05 22:04:00 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll
[2011.12.05 22:03:52 | 000,054,784 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011.11.10 03:36:06 | 000,204,960 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2011.11.10 03:36:06 | 000,157,152 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2011.11.07 18:32:28 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2011.10.25 21:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder.dll
[2011.09.12 23:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011.08.19 10:26:20 | 010,898,456 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2011.08.19 10:26:20 | 000,336,408 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
[2011.08.19 10:26:20 | 000,104,472 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe
[2011.06.21 19:57:43 | 000,000,132 | ---- | C] () -- C:\Users\Maxim\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2011.04.27 13:19:32 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2011.04.27 13:19:30 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2011.04.27 13:19:30 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2011.04.27 13:19:30 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2011.04.27 13:19:30 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2011.04.09 17:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.03.08 09:21:54 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011.02.06 16:26:22 | 000,000,600 | ---- | C] () -- C:\Users\Maxim\AppData\Roaming\winscp.rnd
[2011.01.12 19:02:06 | 001,590,298 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.11.23 19:46:04 | 001,048,576 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeaserv.dll
[2010.11.23 19:46:04 | 000,847,872 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeausb1.dll
[2010.11.23 19:46:04 | 000,802,816 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeacomc.dll
[2010.11.23 19:46:04 | 000,688,128 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeahbn3.dll
[2010.11.23 19:46:04 | 000,643,072 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeapmui.dll
[2010.11.23 19:46:04 | 000,598,696 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeacoms.exe
[2010.11.23 19:46:04 | 000,577,536 | ---- | C] ( ) -- C:\Windows\SysWow64\lxealmpm.dll
[2010.11.23 19:46:04 | 000,373,416 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeacfg.exe
[2010.11.23 19:46:04 | 000,372,736 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeacomm.dll
[2010.11.23 19:46:04 | 000,364,544 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeainpa.dll
[2010.11.23 19:46:04 | 000,344,064 | ---- | C] () -- C:\Windows\SysWow64\lxeacomx.dll
[2010.11.23 19:46:04 | 000,344,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeaiesc.dll
[2010.11.23 19:46:04 | 000,324,264 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeaih.exe
[2010.11.23 19:46:04 | 000,323,584 | ---- | C] () -- C:\Windows\SysWow64\lxeains.dll
[2010.11.23 19:46:04 | 000,262,144 | ---- | C] () -- C:\Windows\SysWow64\lxeainsb.dll
[2010.11.23 19:46:04 | 000,253,952 | ---- | C] () -- C:\Windows\SysWow64\lxeacu.dll
[2010.11.23 19:46:04 | 000,114,688 | ---- | C] () -- C:\Windows\SysWow64\lxeainsr.dll
[2010.11.23 19:46:04 | 000,090,112 | ---- | C] () -- C:\Windows\SysWow64\lxeacub.dll
[2010.11.23 19:46:04 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\lxeajswr.dll
[2010.11.23 19:46:04 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\lxeacur.dll
[2010.11.23 19:40:08 | 000,299,008 | ---- | C] () -- C:\Windows\SysWow64\LXEAsm.dll
[2010.11.23 19:40:08 | 000,024,064 | ---- | C] () -- C:\Windows\SysWow64\LXEAsmr.dll
[2010.10.07 21:52:25 | 000,000,120 | ---- | C] () -- C:\Users\Maxim\AppData\Local\Nbafukururu.dat
[2010.10.07 21:52:25 | 000,000,000 | ---- | C] () -- C:\Users\Maxim\AppData\Local\Uroki.bin
[2010.10.07 21:50:40 | 000,000,020 | ---- | C] () -- C:\Users\Maxim\AppData\Roaming\cnmkat.dat
[2010.10.06 21:16:31 | 000,001,456 | ---- | C] () -- C:\Users\Maxim\AppData\Local\Adobe Für Web speichern 12.0 Prefs
[2010.09.06 22:21:09 | 000,032,608 | ---- | C] () -- C:\Windows\king-uninstall.exe
[2010.08.26 22:21:19 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\Access.dat
[2010.06.08 22:19:46 | 000,000,088 | RHS- | C] () -- C:\ProgramData\E5720D9075.sys
[2010.06.08 22:19:45 | 000,005,018 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2010.05.26 17:36:50 | 000,020,480 | ---- | C] () -- C:\Windows\FixCamera.exe
[2010.05.26 17:36:48 | 000,835,584 | ---- | C] () -- C:\Windows\vsnpstd3.exe
[2010.05.26 17:36:48 | 000,356,352 | ---- | C] () -- C:\Windows\tsnpstd3.exe
[2010.05.26 17:36:48 | 000,015,498 | ---- | C] () -- C:\Windows\snpstd3.ini
[2010.05.26 17:36:46 | 000,163,840 | ---- | C] ( ) -- C:\Windows\SysWow64\rsnpstd3.dll
[2010.05.26 17:36:46 | 000,061,440 | ---- | C] ( ) -- C:\Windows\SysWow64\vsnpstd3.dll
[2010.05.26 17:36:46 | 000,053,248 | ---- | C] ( ) -- C:\Windows\csnpstd3.dll
[2010.05.26 14:10:32 | 000,221,184 | ---- | C] () -- C:\Windows\SysWow64\Dualunis.exe
[2010.04.06 14:15:03 | 000,007,168 | ---- | C] () -- C:\Users\Maxim\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
========== LOP Check ==========
 
[2011.10.26 21:59:09 | 000,000,000 | ---D | M] -- C:\Users\Maxim\AppData\Roaming\.minecraft
[2011.01.17 18:23:31 | 000,000,000 | ---D | M] -- C:\Users\Maxim\AppData\Roaming\Bavi
[2010.03.16 19:23:32 | 000,000,000 | ---D | M] -- C:\Users\Maxim\AppData\Roaming\Bioshock2
[2011.04.06 20:01:55 | 000,000,000 | ---D | M] -- C:\Users\Maxim\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011.05.02 21:10:58 | 000,000,000 | ---D | M] -- C:\Users\Maxim\AppData\Roaming\com.adobe.ExMan
[2010.03.11 22:54:31 | 000,000,000 | ---D | M] -- C:\Users\Maxim\AppData\Roaming\CoSoSys
[2010.02.02 00:32:57 | 000,000,000 | ---D | M] -- C:\Users\Maxim\AppData\Roaming\DAEMON Tools Lite
[2010.02.02 00:17:38 | 000,000,000 | ---D | M] -- C:\Users\Maxim\AppData\Roaming\DAEMON Tools Pro
[2011.07.05 21:31:44 | 000,000,000 | ---D | M] -- C:\Users\Maxim\AppData\Roaming\Day 1 Studios
[2012.03.18 19:16:44 | 000,000,000 | ---D | M] -- C:\Users\Maxim\AppData\Roaming\Dropbox
[2012.03.18 19:14:22 | 000,000,000 | ---D | M] -- C:\Users\Maxim\AppData\Roaming\foobar2000
[2011.10.07 23:06:53 | 000,000,000 | ---D | M] -- C:\Users\Maxim\AppData\Roaming\Granet
[2012.03.08 20:18:12 | 000,000,000 | ---D | M] -- C:\Users\Maxim\AppData\Roaming\ICQ
[2011.09.05 00:22:14 | 000,000,000 | ---D | M] -- C:\Users\Maxim\AppData\Roaming\KYL
[2011.08.07 12:35:30 | 000,000,000 | ---D | M] -- C:\Users\Maxim\AppData\Roaming\Leadertech
[2011.11.28 20:16:54 | 000,000,000 | ---D | M] -- C:\Users\Maxim\AppData\Roaming\ManyCam
[2011.09.05 00:22:13 | 000,000,000 | ---D | M] -- C:\Users\Maxim\AppData\Roaming\MicroST
[2011.09.19 19:11:21 | 000,000,000 | ---D | M] -- C:\Users\Maxim\AppData\Roaming\MotioninJoy
[2010.06.06 01:21:19 | 000,000,000 | ---D | M] -- C:\Users\Maxim\AppData\Roaming\mp3DirectCut
[2012.01.17 01:32:51 | 000,000,000 | ---D | M] -- C:\Users\Maxim\AppData\Roaming\NexusFont
[2010.02.04 21:13:14 | 000,000,000 | ---D | M] -- C:\Users\Maxim\AppData\Roaming\OCS
[2011.12.27 13:42:27 | 000,000,000 | ---D | M] -- C:\Users\Maxim\AppData\Roaming\onOne Software
[2010.03.31 10:39:45 | 000,000,000 | ---D | M] -- C:\Users\Maxim\AppData\Roaming\OpenOffice.org
[2011.05.24 18:27:44 | 000,000,000 | ---D | M] -- C:\Users\Maxim\AppData\Roaming\Opera
[2010.12.07 21:19:22 | 000,000,000 | ---D | M] -- C:\Users\Maxim\AppData\Roaming\Otseov
[2011.01.17 17:33:45 | 000,000,000 | ---D | M] -- C:\Users\Maxim\AppData\Roaming\Publish Providers
[2011.03.02 20:21:47 | 000,000,000 | ---D | M] -- C:\Users\Maxim\AppData\Roaming\S300-S400 Series
[2011.05.31 20:45:38 | 000,000,000 | ---D | M] -- C:\Users\Maxim\AppData\Roaming\Samsung
[2011.10.24 20:32:53 | 000,000,000 | ---D | M] -- C:\Users\Maxim\AppData\Roaming\Skip-Bo
[2011.02.23 19:08:04 | 000,000,000 | ---D | M] -- C:\Users\Maxim\AppData\Roaming\Sony
[2011.01.19 20:43:15 | 000,000,000 | ---D | M] -- C:\Users\Maxim\AppData\Roaming\Sony Creative Software Inc
[2010.10.06 20:50:07 | 000,000,000 | ---D | M] -- C:\Users\Maxim\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012.01.07 17:05:37 | 000,000,000 | ---D | M] -- C:\Users\Maxim\AppData\Roaming\TeamViewer
[2010.06.09 23:00:26 | 000,000,000 | ---D | M] -- C:\Users\Maxim\AppData\Roaming\Trillian
[2010.02.02 00:37:25 | 000,000,000 | ---D | M] -- C:\Users\Maxim\AppData\Roaming\TuneUp Software
[2010.09.03 20:24:42 | 000,000,000 | ---D | M] -- C:\Users\Maxim\AppData\Roaming\Tunngle
[2010.08.10 13:55:32 | 000,000,000 | ---D | M] -- C:\Users\Maxim\AppData\Roaming\Udsiow
[2010.07.29 22:05:48 | 000,000,000 | ---D | M] -- C:\Users\Maxim\AppData\Roaming\Warsow 0.5
[2010.11.09 23:43:01 | 000,000,000 | ---D | M] -- C:\Users\Maxim\AppData\Roaming\XMedia Recode
[2011.05.02 17:45:25 | 000,000,000 | ---D | M] -- C:\Users\Maxim\AppData\Roaming\Ylpyg
[2011.10.24 20:32:51 | 000,000,000 | ---D | M] -- C:\Users\Maxim\AppData\Roaming\Zylom
[2011.12.21 22:26:26 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:9D1B94FD

< End of report >

 

Themen zu Gema Virus dauerhaft entfernen? OTL Logfile
adobe, alternate, antivir, autorun, avg, avira, bho, browser, desktop, device driver, entfernen, error, explorer, firefox, format, hängen, komplett entfernen, langs, logfile, lws.exe, mbamservice.exe, opera, plug-in, programme, realtek, registry, scan, searchscopes, software, temp, usb, version=1.0, virus, windows


« BKA Trojaner 3.04 | Gema Trojaner »


Ähnliche Themen: Gema Virus dauerhaft entfernen? OTL Logfile


  1. Download Protect 2.2.5 (Add-on) lässt sich nicht dauerhaft aus Firefox entfernen
    Log-Analyse und Auswertung - 01.10.2014 (29)
  2. Download Protect 2.2.1 aus Firefox dauerhaft entfernen!
    Plagegeister aller Art und deren Bekämpfung - 07.07.2014 (5)
  3. vbs dldr agent.H dauerhaft entfernen
    Plagegeister aller Art und deren Bekämpfung - 19.06.2014 (4)
  4. Download Protect in Firefox läßt sich nicht dauerhaft entfernen - Windows 8.1
    Log-Analyse und Auswertung - 16.06.2014 (11)
  5. Download Protect in Firefox läßt sich nicht dauerhaft entfernen
    Plagegeister aller Art und deren Bekämpfung - 05.05.2014 (27)
  6. Windows 7 (64bit) - hyperaktive timeserver.exe - Malwarebytes kann Befall nicht dauerhaft entfernen
    Log-Analyse und Auswertung - 15.08.2013 (5)
  7. Virus lässt sich nicht dauerhaft entfernen trotz Malware Progr. - HKCU/Software/VB an VBA Program settings/SrvID
    Plagegeister aller Art und deren Bekämpfung - 20.01.2013 (20)
  8. GEMA Virus entfernen
    Plagegeister aller Art und deren Bekämpfung - 01.11.2012 (10)
  9. GEMA-Trojaner 2.08, bereits OTLPE-Logfile erstellt
    Log-Analyse und Auswertung - 26.10.2012 (2)
  10. Infizierte Datei lässt sich nicht dauerhaft entfernen
    Plagegeister aller Art und deren Bekämpfung - 14.09.2012 (23)
  11. Incredibar-Toolbar dauerhaft entfernen
    Log-Analyse und Auswertung - 06.08.2012 (1)
  12. GEMA Virus entfernen ohne Admin-Rechte
    Plagegeister aller Art und deren Bekämpfung - 24.06.2012 (1)
  13. GEMA Virus // Logfile fix
    Log-Analyse und Auswertung - 27.04.2012 (24)
  14. Gema Virus - Logfile
    Log-Analyse und Auswertung - 01.04.2012 (3)
  15. GEMA VIRUS / Trojaner entfernen. Systemwiederherstellung unmöglich!
    Log-Analyse und Auswertung - 27.03.2012 (4)
  16. Wie TR/Spy.Mormail.1 dauerhaft entfernen?
    Plagegeister aller Art und deren Bekämpfung - 23.08.2006 (5)
  17. Trojan-PSW.WIN32.Agent.am lässt sich nicht dauerhaft entfernen
    Plagegeister aller Art und deren Bekämpfung - 09.06.2005 (2)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Gema Virus dauerhaft entfernen? OTL Logfile - Hallo, auch ich habe den Gema Virus eingefangen. Zuerst kam der BKA Virus, den konnte ich im Abgesicherten Modus entfernen. Ein Tag später wurde ich von Gema Virus befallen, mittels - Gema Virus dauerhaft entfernen? OTL Logfile...
Archiv
Du betrachtest: Gema Virus dauerhaft entfernen? OTL Logfile auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58