| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Habe mir einiges eingefangen (Trojaner/Viren)Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
26.09.2012, 13:19
| #1 |
 |  Habe mir einiges eingefangen (Trojaner/Viren) Hallo Zusammen, ich habe Malware auf meinem PC gefunden. Möchte sie gerne beseitigt haben. Ein weiteres Problem ist, dass sich seit geraumer Zeit, die Facebook Seite bei mir nicht mehr vollständig aufbaut bzw. läd. Dieses Problem besteht beim IE, Opera und Firefox! Ansonsten funktionieren meine Browser, ohne weitere Schwierigkeiten. Ich hoffe ihr könnt mir weiterhelfen. Gruß Ich habe Malwarebytes durchlaufen lassen. Es gab einen Fund. Diesen konnte ich aber nicht in Quarantäne verschieben. Daher habe ich ihn jetzt entfernen lassen. Screenshot vom Fund habe ich hochgeladen. OTL Scan folgt... Malwarebytes Anti-Malware (Test) 1.65.0.1400 Malwarebytes : Free Anti-Malware download Datenbank Version: v2012.09.26.02 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Olli :: OLLI-PC [Administrator] Schutz: Deaktiviert 26.09.2012 12:46:17 mbam-log-2012-09-26 (14-25-29).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|E:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 373557 Laufzeit: 1 Stunde(n), 17 Minute(n), 36 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 1 C:\Users\Olli\Desktop\BMRadio\voiceswitch_setup.exe (Adware.Onlinegames) -> Keine Aktion durchgeführt. (Ende) |
|
26.09.2012, 13:31
| #2 |
| | Habe mir einiges eingefangen (Trojaner/Viren) Screenshot vom Fund durch den Malwarebytes Scan.. |
|
26.09.2012, 13:37
| #3 |
| /// the machine /// TB-Ausbilder    | Habe mir einiges eingefangen (Trojaner/Viren) Hi,
__________________Poste nochmal ein frisches OTL logfile.
__________________ |
|
26.09.2012, 13:42
| #4 |
| | Habe mir einiges eingefangen (Trojaner/Viren) OTL Scan log im Anhang... |
|
26.09.2012, 13:45
| #5 |
| /// the machine /// TB-Ausbilder | Habe mir einiges eingefangen (Trojaner/Viren) Logs bitte im Thread posten, nicht anhängen  Downloade dir bitte Windows Repair (All In One) von hier.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
26.09.2012, 20:21
| #6 |
| | Habe mir einiges eingefangen (Trojaner/Viren) Habe alle Schritte vollzogen. Gibt es eine Log File irgendwo? Gruß UPDATE: Habe soeben Facebook getestet! Es ging auf anhieb )))))))))) - ich hoffe das bleibt jetzt so. |
|
26.09.2012, 20:23
| #7 |
| /// the machine /// TB-Ausbilder | Habe mir einiges eingefangen (Trojaner/Viren) Nee. Was macht der Rechner?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
26.09.2012, 20:38
| #8 |
| | Habe mir einiges eingefangen (Trojaner/Viren) Also wie gesagt, Rechner läuft stabil...und Facebook wurde soeben auf anhieb wieder ganz normal angezeigt Ich beobachte das ganze jetzt die nächsten Tage und melde mich nochmal. Soll ich nochmal einen Scan machen? Möchtest du gerne nochmal eine Log File haben? Gruß |
|
27.09.2012, 06:22
| #9 |
| /// the machine /// TB-Ausbilder | Habe mir einiges eingefangen (Trojaner/Viren) Genau, teste mal ein paar Tage und melde dich mit einem frischen OTL logfile
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
01.10.2012, 18:50
| #10 |
| | Habe mir einiges eingefangen (Trojaner/Viren) Hallo Schrauber, erstmal möchte ich Dir vielmals danken, dafür das du dir die Zeit für mich und meinem Trojaner- bzw. Facebook-Problem genommen hast. Ich finde es echt erstaunlich, dass es noch Leute wie Dich gibt, die sowas ehrenamtlich in ihrer Freizeit auf sich nehmen. Dafür nochmals Danke. Das Problem, scheint nun endgültig beseitigt zu sein. Es gab die letzten Tage, keine weiteren Probleme bzw. Auffälligkeiten.  Ich poste gleich eine frische OTL-Log File. Vielen Dank und hoffentlich nicht so schnell auf ein Wiederhören ;-) Gruß Olli OTL Logfile: Code:
ATTFilter OTL logfile created on: 01.10.2012 19:50:34 - Run 4 OTL by OldTimer - Version 3.2.61.5 Folder = C:\Users\Olli\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 6,00 Gb Total Physical Memory | 4,00 Gb Available Physical Memory | 66,61% Memory free 12,00 Gb Paging File | 9,45 Gb Available in Paging File | 78,76% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 297,99 Gb Total Space | 187,22 Gb Free Space | 62,83% Space Free | Partition Type: NTFS Drive E: | 465,76 Gb Total Space | 344,41 Gb Free Space | 73,95% Space Free | Partition Type: NTFS Computer Name: OLLI-PC | User Name: Olli | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.09.16 10:44:38 | 000,600,064 | ---- | M] (OldTimer Tools) -- C:\Users\Olli\Desktop\OTL.exe PRC - [2012.09.07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe PRC - [2012.09.06 03:24:58 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2012.09.05 16:51:44 | 001,807,560 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe PRC - [2012.04.03 07:15:44 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2012.02.19 22:26:04 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe PRC - [2012.01.18 08:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe PRC - [2011.11.11 15:08:06 | 000,205,336 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe PRC - [2010.10.28 12:14:44 | 000,618,496 | ---- | M] () -- C:\Windows\Samsung\PanelMgr\SSMMgr.exe PRC - [2010.05.05 19:56:42 | 000,025,600 | ---- | M] (Creative Technology Ltd) -- C:\Windows\SysWOW64\Ctxfihlp.exe PRC - [2010.05.05 19:51:56 | 001,212,928 | ---- | M] (Creative Technology Ltd) -- C:\Windows\SysWOW64\CTxfispi.exe PRC - [2009.12.07 15:38:02 | 001,128,008 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\Common Files\G DATA\AVKProxy\AVKProxy.exe PRC - [2009.11.26 13:50:52 | 000,302,152 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\Common Files\G DATA\GDScan\GDScan.exe PRC - [2009.09.24 10:50:56 | 001,124,424 | ---- | M] (G DATA Software AG) -- C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe PRC - [2009.09.18 15:49:08 | 000,924,232 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe PRC - [2009.08.08 12:33:28 | 000,397,896 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe PRC - [2009.03.20 02:03:00 | 001,904,640 | R--- | M] (AVM Berlin) -- C:\Program Files (x86)\avmwlanstick\WLanGUI.exe PRC - [2009.03.20 02:03:00 | 000,368,640 | R--- | M] (AVM Berlin) -- C:\Program Files (x86)\avmwlanstick\WLanNetService.exe PRC - [2009.02.23 11:43:54 | 000,307,200 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe ========== Modules (No Company Name) ========== MOD - [2012.09.06 03:25:12 | 002,244,064 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll MOD - [2012.09.05 16:51:44 | 009,813,704 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll MOD - [2012.04.03 07:15:22 | 000,368,448 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll MOD - [2011.09.27 08:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2011.09.27 08:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2011.08.12 13:18:56 | 000,342,552 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTXml4.dll MOD - [2011.08.12 13:18:56 | 000,128,536 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\ImageFormats\QJpeg4.dll MOD - [2011.08.12 13:18:56 | 000,029,208 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\ImageFormats\QGif4.dll MOD - [2011.08.12 13:18:54 | 007,956,504 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTGui4.dll MOD - [2011.08.12 13:18:54 | 002,145,304 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTCore4.dll MOD - [2010.10.28 12:14:44 | 000,618,496 | ---- | M] () -- C:\Windows\Samsung\PanelMgr\SSMMgr.exe MOD - [2009.03.26 14:46:42 | 000,148,480 | ---- | M] () -- C:\Windows\SysWOW64\APOMngr.DLL MOD - [2006.06.09 15:20:04 | 000,003,072 | ---- | M] () -- C:\Windows\SysWOW64\CTXFIGER.DLL ========== Services (SafeList) ========== SRV:64bit: - [2011.11.10 05:11:32 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV - [2012.09.07 17:04:46 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012.09.07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler) SRV - [2012.09.06 03:25:06 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012.04.03 19:18:00 | 001,262,912 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2012.04.03 07:15:44 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2012.02.19 22:26:04 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2012.01.18 08:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv) SRV - [2011.04.02 11:34:17 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service) SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009.12.07 15:38:02 | 001,128,008 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\G DATA\AVKProxy\AVKProxy.exe -- (AVKProxy) SRV - [2009.11.26 13:50:52 | 000,302,152 | ---- | M] (G Data Software AG) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\G DATA\GDScan\GDScan.exe -- (GDScan) SRV - [2009.11.25 03:07:32 | 001,731,504 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlX64.exe -- (AVKWCtl) SRV - [2009.11.25 03:05:05 | 001,664,560 | ---- | M] (G Data Software AG) [On_Demand | Running] -- C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe -- (GDFwSvc) SRV - [2009.08.08 12:33:28 | 000,397,896 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe -- (AVKService) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009.03.20 02:03:00 | 000,368,640 | R--- | M] (AVM Berlin) [Auto | Running] -- C:\Program Files (x86)\avmwlanstick\WLanNetService.exe -- (AVM WLAN Connection Service) SRV - [2009.02.23 11:43:54 | 000,307,200 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService) ========== Driver Services (SafeList) ========== DRV:64bit: - File not found [Kernel | Auto | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys -- (AODDriver4.01) DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys -- (AODDriver4.0) DRV:64bit: - [2012.09.07 17:04:46 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012.02.15 12:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2012.01.24 09:47:56 | 000,052,160 | ---- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SaiBus.sys -- (SaiNtBus) DRV:64bit: - [2012.01.24 09:47:56 | 000,024,640 | ---- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SaiMini.sys -- (SaiMini) DRV:64bit: - [2012.01.18 08:44:36 | 004,865,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64) DRV:64bit: - [2012.01.18 08:44:28 | 000,351,136 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64) DRV:64bit: - [2012.01.17 14:45:56 | 000,188,224 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA) DRV:64bit: - [2011.11.10 05:45:30 | 010,567,680 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:64bit: - [2011.11.10 04:12:44 | 000,325,632 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2011.10.17 19:40:50 | 000,093,712 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService) DRV:64bit: - [2011.06.10 07:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2011.04.02 11:27:43 | 000,057,288 | ---- | M] (G DATA Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PktIcpt.sys -- (GDPkIcpt) DRV:64bit: - [2011.04.02 11:27:35 | 000,074,184 | ---- | M] (G Data Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MiniIcpt.sys -- (GDMnIcpt) DRV:64bit: - [2011.04.02 11:26:02 | 000,048,584 | ---- | M] (G DATA Software AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\gdwfpcd64.sys -- (gdwfpcd) DRV:64bit: - [2011.04.02 11:25:55 | 000,034,760 | ---- | M] (G Data Software AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\GDBehave.sys -- (GDBehave) DRV:64bit: - [2011.04.02 11:11:31 | 000,042,952 | ---- | M] (G Data Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HookCentre.sys -- (HookCentre) DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.05.05 21:30:52 | 001,561,688 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ha20x2k.sys -- (ha20x2k) DRV:64bit: - [2010.05.05 21:30:42 | 000,118,360 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\emupia2k.sys -- (emupia) DRV:64bit: - [2010.05.05 21:30:34 | 000,213,080 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctsfm2k.sys -- (ctsfm2k) DRV:64bit: - [2010.05.05 21:30:26 | 000,015,960 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctprxy2k.sys -- (ctprxy2k) DRV:64bit: - [2010.05.05 21:30:18 | 000,179,288 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctoss2k.sys -- (ossrv) DRV:64bit: - [2010.05.05 21:30:10 | 000,684,376 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctaud2k.sys -- (ctaud2k) DRV:64bit: - [2010.05.05 21:30:02 | 000,580,696 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctac32k.sys -- (ctac32k) DRV:64bit: - [2010.05.05 21:29:52 | 001,417,304 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CTEXFIFX.sys -- (CTEXFIFX.SYS) DRV:64bit: - [2010.05.05 21:29:52 | 001,417,304 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CTEXFIFX.sys -- (CTEXFIFX) DRV:64bit: - [2010.05.05 21:29:42 | 000,094,808 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CTHWIUT.sys -- (CTHWIUT.SYS) DRV:64bit: - [2010.05.05 21:29:42 | 000,094,808 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CTHWIUT.sys -- (CTHWIUT) DRV:64bit: - [2010.05.05 21:29:34 | 000,202,840 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CT20XUT.sys -- (CT20XUT.SYS) DRV:64bit: - [2010.05.05 21:29:34 | 000,202,840 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CT20XUT.sys -- (CT20XUT) DRV:64bit: - [2010.02.18 09:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64) DRV:64bit: - [2009.11.17 02:16:43 | 000,011,576 | R--- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\SSPORT.sys -- (SSPORT) DRV:64bit: - [2009.08.13 22:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.07.14 02:01:09 | 000,679,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xnacc.sys -- (xnacc) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.05.18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GearAspiWDM) DRV:64bit: - [2009.03.20 02:03:00 | 000,460,800 | ---- | M] (AVM GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\fwlanusb.sys -- (FWLANUSB) DRV:64bit: - [2009.03.20 02:03:00 | 000,014,120 | R--- | M] (AVM Berlin) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\avmeject.sys -- (avmeject) DRV - [2012.10.01 08:34:30 | 000,106,224 | ---- | M] (G Data Software) [Kernel | System | Stopped] -- C:\Windows\SysWOW64\drivers\GRD.sys -- (GRD) DRV - [2009.10.28 07:09:33 | 000,011,576 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\SysWOW64\drivers\SSPORT.SYS -- (SSPORT) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE:64bit: - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 83 68 66 0D FC 25 CC 01 [binary data] IE - HKCU\..\SearchScopes,DefaultScope = {2016611B-8A4B-42C2-9469-F95EE3477331} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{2016611B-8A4B-42C2-9469-F95EE3477331}: "URL" = hxxp://de.search.yahoo.com/search?fr=mcafee&p={SearchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "www.spiegel.de" FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_265.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Sun Microsystems, Inc.) FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.102.0: C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll File not found FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.104.0: C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll File not found FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.116.0: C:\Program Files (x86)\Battlelog Web Plugins\1.116.0\npesnlaunch.dll File not found FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.122.0: C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.132.0: C:\Program Files (x86)\Battlelog Web Plugins\1.132.0\npesnlaunch.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.09.25 19:52:38 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.04.02 17:18:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Olli\AppData\Roaming\mozilla\Extensions [2011.04.02 17:18:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Olli\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2012.09.25 19:52:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2011.04.02 11:27:06 | 000,000,000 | ---D | M] (G Data WebFilter) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170633FE} [2012.07.15 22:26:25 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2012.09.05 17:26:13 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2012.09.06 03:26:03 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012.09.06 04:07:37 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.09.06 04:07:37 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012.09.06 04:07:37 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2012.09.06 04:07:37 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012.09.05 17:21:39 | 000,002,027 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\McSiteAdvisor.xml [2012.09.06 04:07:37 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2012.09.06 04:07:37 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2012.09.26 21:15:24 | 000,000,855 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2:64bit: - BHO: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\InternetSecurity\Webfilter\AVKWebIEx64.dll (G Data Software AG) O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\InternetSecurity\Webfilter\AVKWebIE.dll (G Data Software AG) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O3:64bit: - HKLM\..\Toolbar: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\InternetSecurity\Webfilter\AVKWebIEx64.dll (G Data Software AG) O3 - HKLM\..\Toolbar: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\InternetSecurity\Webfilter\AVKWebIE.dll (G Data Software AG) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [AVMWlanClient] C:\Program Files (x86)\avmwlanstick\WLanGUI.exe (AVM Berlin) O4 - HKLM..\Run: [CTxfiHlp] C:\Windows\SysWow64\Ctxfihlp.exe (Creative Technology Ltd) O4 - HKLM..\Run: [G DATA AntiVirus Trayapplication] C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe (G Data Software AG) O4 - HKLM..\Run: [GDFirewallTray] C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe (G DATA Software AG) O4 - HKLM..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.) O4 - HKLM..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\ssmmgr.exe () O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Olli\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm () O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Olli\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Free YouTube Download - C:\Users\Olli\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm () O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Olli\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab (Creative Software AutoUpdate Support Package 2) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15116/CTPID.cab (Creative Software AutoUpdate Support Package 1) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{75A3CA0E-161F-4AE2-85AE-3D6100F4961F}: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F0A71D75-3B44-4A9E-B0A2-A5FADD0C1D2A}: DhcpNameServer = 192.168.178.1 O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012.10.01 14:41:43 | 000,000,000 | ---D | C] -- C:\Users\Olli\Desktop\VERKAUFEEEEEEEEN [2012.09.26 21:17:12 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2012.09.26 21:12:02 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\subinacl.exe [2012.09.26 15:08:27 | 000,181,064 | ---- | C] (Sysinternals) -- C:\Windows\PSEXESVC.EXE [2012.09.26 15:07:29 | 000,000,000 | ---D | C] -- C:\Tweaking.com_Windows_Repair_Logs [2012.09.26 15:07:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com [2012.09.26 15:07:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tweaking.com [2012.09.26 08:57:26 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OxpsConverter.exe [2012.09.25 21:41:58 | 000,000,000 | ---D | C] -- C:\Users\Olli\Desktop\XAVAS - Gespaltene Persönlichkeit (2012) [2012.09.25 19:52:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service [2012.09.25 19:49:52 | 000,000,000 | ---D | C] -- C:\Users\Olli\Desktop\Miguel - Kaleidoscope Dream (Album) [2012.09.24 16:36:46 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2012.09.24 16:36:46 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2012.09.24 16:36:45 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2012.09.24 16:36:45 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2012.09.24 16:36:45 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2012.09.24 16:36:45 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2012.09.24 16:36:45 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2012.09.24 16:36:45 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2012.09.24 16:36:44 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2012.09.24 16:36:44 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2012.09.24 16:36:44 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2012.09.24 16:36:44 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2012.09.24 16:36:43 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2012.09.24 16:36:43 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2012.09.24 16:36:42 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2012.09.24 16:23:56 | 000,000,000 | ---D | C] -- C:\Users\Olli\Desktop\Bücher Verkauf [2012.09.17 23:25:35 | 000,000,000 | ---D | C] -- C:\Users\Olli\Desktop\Auto Stick Songz [2012.09.17 22:34:03 | 000,000,000 | ---D | C] -- C:\_OTL [2012.09.16 20:28:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET [2012.09.16 20:21:52 | 000,000,000 | ---D | C] -- C:\Users\Olli\AppData\Roaming\Malwarebytes [2012.09.16 20:21:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.09.16 20:21:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.09.16 20:21:34 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012.09.16 20:21:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012.09.16 20:12:57 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN [2012.09.16 14:07:59 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2012.09.16 14:07:59 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2012.09.16 14:07:59 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2012.09.16 14:07:53 | 000,000,000 | ---D | C] -- C:\Qoobox [2012.09.16 14:07:41 | 000,000,000 | ---D | C] -- C:\Windows\erdnt [2012.09.16 13:25:54 | 000,000,000 | -HSD | C] -- C:\ProgramData\DSS [2012.09.16 13:25:46 | 000,000,000 | ---D | C] -- C:\Users\Olli\Documents\FIFA 13 [2012.09.16 13:25:06 | 000,000,000 | ---D | C] -- C:\Users\Olli\Documents\FIFA 13 Demo [2012.09.16 13:14:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 13 Demo [2012.09.16 13:14:29 | 000,000,000 | ---D | C] -- C:\Config.Msi [2012.09.16 10:44:37 | 000,600,064 | ---- | C] (OldTimer Tools) -- C:\Users\Olli\Desktop\OTL.exe [2012.09.13 09:04:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos [2012.09.13 09:04:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sophos [2012.09.12 20:13:27 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys [2012.09.12 20:13:25 | 000,574,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll [2012.09.12 20:13:25 | 000,376,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys [2012.09.12 20:13:24 | 000,288,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS [2012.09.11 22:12:38 | 000,000,000 | ---D | C] -- C:\Users\Olli\Desktop\Daddy_Yankee-Prestige-2012 [2012.09.10 22:24:13 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Olli\Desktop\HiJackThis204.exe [2012.09.10 22:17:31 | 000,000,000 | ---D | C] -- C:\Users\Olli\AppData\Roaming\YourFileDownloader [2012.09.10 19:32:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Fighters [2012.09.10 12:21:42 | 000,000,000 | ---D | C] -- C:\Users\Olli\AppData\Roaming\TrojanHunter [2012.09.10 09:51:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TrojanHunter 5.5 [2012.09.10 09:40:40 | 000,289,768 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe [2012.09.10 09:40:32 | 000,189,416 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe [2012.09.10 09:40:32 | 000,188,904 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe [2012.09.10 09:40:32 | 000,108,008 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll [2012.09.10 09:40:20 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2012.09.10 09:35:22 | 000,000,000 | ---D | C] -- C:\Users\Olli\Desktop\Miguel - Kaleidoscope Dream The Air Preview - EP BMF [2012.09.10 09:28:33 | 000,000,000 | ---D | C] -- C:\Users\Olli\AppData\Roaming\QuickScan [2012.09.05 23:46:49 | 000,000,000 | ---D | C] -- C:\Users\Olli\Desktop\Nas-Life_is_Good-2012-NOiR [2012.09.05 23:42:46 | 000,000,000 | ---D | C] -- C:\Users\Olli\Desktop\DJ Khaled Kiss The Ring (Deluxe Edition) 2012-CR [2012.09.05 23:25:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars 2 [2012.09.05 23:25:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Guild Wars 2 [2012.09.05 23:24:40 | 000,000,000 | ---D | C] -- C:\Users\Olli\Documents\Guild Wars 2 [2012.09.05 23:02:42 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP [2012.09.05 22:56:16 | 000,000,000 | ---D | C] -- C:\Users\Olli\Desktop\Talib Kweli Z-Trip - Attack The Block [2012.09.05 17:26:11 | 000,157,680 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe [2012.09.05 17:26:10 | 000,149,488 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe [2012.09.05 17:26:10 | 000,149,488 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe [2012.09.05 16:47:44 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll [2012.09.05 16:47:41 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll [2012.09.05 16:47:41 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll [2012.09.05 16:47:41 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe [2012.09.05 16:47:38 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll [2012.09.05 16:47:38 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll [2012.09.05 16:47:38 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll [2012.09.05 16:47:36 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll ========== Files - Modified Within 30 Days ========== [2012.10.01 17:54:39 | 001,498,742 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.10.01 17:54:39 | 000,654,150 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.10.01 17:54:39 | 000,616,032 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.10.01 17:54:39 | 000,130,022 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.10.01 17:54:39 | 000,106,412 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.10.01 17:54:22 | 000,013,760 | ---- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.10.01 17:54:22 | 000,013,760 | ---- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.10.01 17:49:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.10.01 17:49:09 | 536,223,743 | -HS- | M] () -- C:\hiberfil.sys [2012.10.01 16:20:23 | 000,061,344 | ---- | M] () -- C:\Windows\SysNative\BMXStateBkp-{00000003-00000000-00000007-00001102-00000005-00211102}.rfx [2012.10.01 16:20:23 | 000,061,344 | ---- | M] () -- C:\Windows\SysNative\BMXState-{00000003-00000000-00000007-00001102-00000005-00211102}.rfx [2012.10.01 16:20:23 | 000,000,788 | ---- | M] () -- C:\Windows\SysNative\DVCState-{00000003-00000000-00000007-00001102-00000005-00211102}.rfx [2012.10.01 08:34:30 | 000,106,224 | ---- | M] (G Data Software) -- C:\Windows\SysWow64\drivers\GRD.sys [2012.09.26 21:28:26 | 000,029,680 | ---- | M] () -- C:\Users\Olli\Desktop\vdv23.jpg [2012.09.26 21:17:41 | 000,181,064 | ---- | M] (Sysinternals) -- C:\Windows\PSEXESVC.EXE [2012.09.26 21:15:24 | 000,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2012.09.26 15:12:02 | 000,003,288 | ---- | M] () -- C:\bootsqm.dat [2012.09.26 15:07:25 | 000,002,247 | ---- | M] () -- C:\Users\Public\Desktop\Tweaking.com - Windows Repair (All in One).lnk [2012.09.25 22:08:50 | 000,281,520 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr [2012.09.25 22:08:50 | 000,281,520 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe [2012.09.25 22:08:39 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0 [2012.09.25 19:39:37 | 000,053,880 | ---- | M] () -- C:\Users\Olli\bookmarks-2012-09-25.json [2012.09.25 19:33:09 | 002,700,544 | ---- | M] () -- C:\Users\Olli\Desktop\Swimming Pools (Remix) Feat. August.mp3 [2012.09.25 19:31:32 | 004,844,902 | ---- | M] () -- C:\Users\Olli\Desktop\Swiss Francs (Remix) Feat. Booba.mp3 [2012.09.25 19:09:05 | 003,976,869 | ---- | M] () -- C:\Users\Olli\Desktop\Ludacris feat Kelly Rowland - Representin' BMF.mp3 [2012.09.19 21:08:35 | 005,969,488 | ---- | M] () -- C:\Users\Olli\Desktop\Hamilton Park feat Meek Mill - Suicide BMF.mp3 [2012.09.18 21:32:23 | 004,711,029 | ---- | M] () -- C:\Users\Olli\Desktop\Fat Joe feat Trey Songz, Pusha T, Ashanti & Miguel - Pride N Joy (Remix) BMF.mp3 [2012.09.18 20:53:36 | 000,053,880 | ---- | M] () -- C:\Users\Olli\bookmarks-2012-09-18.json [2012.09.17 20:58:45 | 000,163,441 | ---- | M] () -- C:\Users\Olli\fblaednichtvollstaendig.jpg [2012.09.16 20:21:37 | 000,001,069 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.09.16 20:12:50 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts_bak_536 [2012.09.16 13:14:39 | 000,000,838 | ---- | M] () -- C:\Users\Public\Desktop\FIFA 13 Demo.lnk [2012.09.16 10:44:38 | 000,600,064 | ---- | M] (OldTimer Tools) -- C:\Users\Olli\Desktop\OTL.exe [2012.09.16 10:39:36 | 000,002,097 | ---- | M] () -- C:\Users\Olli\Desktop\hjtscanlist.zip [2012.09.12 22:41:24 | 003,825,977 | ---- | M] () -- C:\Users\Olli\Desktop\Aaliyah featuring Drake - Enough Said.mp3 [2012.09.12 22:28:20 | 003,119,814 | ---- | M] () -- C:\Users\Olli\Desktop\Casper - Halbe Mille (HD Video).mp3 [2012.09.12 21:26:54 | 003,986,583 | ---- | M] () -- C:\Users\Olli\Desktop\Jonesmann feat Manuellsen Wo wär ich.mp3 [2012.09.12 21:24:22 | 004,787,559 | ---- | M] () -- C:\Users\Olli\Desktop\Samson Jones __ _Bis ans Meer_.mp3 [2012.09.12 21:21:32 | 003,757,029 | ---- | M] () -- C:\Users\Olli\Desktop\Jonesmann - So Viel (Thug Life).mp3 [2012.09.12 21:19:00 | 002,847,047 | ---- | M] () -- C:\Users\Olli\Desktop\Samson Jones - Wir bleiben zusammen [HD].mp3 [2012.09.12 21:13:24 | 003,745,134 | ---- | M] () -- C:\Users\Olli\Desktop\First To Last.mp3 [2012.09.12 20:13:58 | 013,759,737 | ---- | M] () -- C:\Users\Olli\Desktop\Matt Struve Fitness - Ultimate 6-Pack Abs Exercise.mp4 [2012.09.11 22:28:29 | 002,291,552 | ---- | M] () -- C:\Users\Olli\Desktop\Foto.JPG [2012.09.11 14:29:00 | 007,223,973 | ---- | M] () -- C:\Users\Olli\Desktop\19 Fuck U Bitch.mp3 [2012.09.11 14:28:50 | 008,071,465 | ---- | M] () -- C:\Users\Olli\Desktop\20 Love That Bitch (Feat. Jannyce).mp3 [2012.09.10 22:51:57 | 008,812,564 | ---- | M] () -- C:\Users\Olli\Desktop\Avicii feat. Mike Posner - Stay With You (OverLine Edit).mp3 [2012.09.10 22:50:21 | 013,885,765 | ---- | M] () -- C:\Users\Olli\Desktop\Avicii - Silhouettes (Avicii Exclusive Ralph Lauren Denim & Supply Remix) [www.MARVIN-VIBEZ.to].mp3 [2012.09.10 22:48:42 | 015,930,629 | ---- | M] () -- C:\Users\Olli\Desktop\Avicii - Silhouettes (Lazy Rich Remix) [www.MARVIN-VIBEZ.to].mp3 [2012.09.10 22:24:14 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Olli\Desktop\HiJackThis204.exe [2012.09.10 22:05:58 | 014,287,351 | ---- | M] () -- C:\Users\Olli\Desktop\Calvin Harris Ft. Florence Welch - Sweet Nothing (Extended Mix).mp3 [2012.09.10 22:00:56 | 007,723,216 | ---- | M] () -- C:\Users\Olli\Desktop\Daddy Yankee Ft. Nicky Jam - El Party Me Llama.mp3 [2012.09.10 21:57:40 | 009,719,280 | ---- | M] () -- C:\Users\Olli\Desktop\R.J. ft. Pitbull - Live 4 Die 4 (David May Extended Mix).mp3 [2012.09.10 12:21:34 | 000,228,375 | ---- | M] () -- C:\Users\Olli\trojaner.jpg [2012.09.10 09:51:35 | 000,059,392 | R--- | M] () -- C:\Windows\SysWow64\streamhlp.dll [2012.09.10 09:40:25 | 000,108,008 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll [2012.09.10 09:40:23 | 000,289,768 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe [2012.09.10 09:40:23 | 000,189,416 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe [2012.09.10 09:40:23 | 000,188,904 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe [2012.09.10 09:40:22 | 001,034,216 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\npdeployJava1.dll [2012.09.10 09:40:22 | 000,916,456 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll [2012.09.07 17:04:46 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012.09.05 23:36:34 | 012,945,033 | ---- | M] () -- C:\Users\Olli\Desktop\Swedish House Mafia Feat. John Martin - Don't You Worry Child (Extended Mix) www.FreeNutka.pl .mp3 [2012.09.05 23:29:53 | 006,280,213 | ---- | M] () -- C:\Users\Olli\Desktop\Ryan Leslie feat. Fabolous - Beautiful Lie (Final Version).mp3 [2012.09.05 23:28:44 | 004,595,331 | ---- | M] () -- C:\Users\Olli\Desktop\Ryan Leslie - _Winning.mp3 [2012.09.05 23:28:11 | 005,346,387 | ---- | M] () -- C:\Users\Olli\Desktop\Jackie Boyz - Talk To Me (Prod. by Covea Jiles) [www.ILoveRNBMusic.com].mp3 [2012.09.05 23:27:25 | 009,178,758 | ---- | M] () -- C:\Users\Olli\Desktop\T-Town ft. Mike Hough - Here With Me (Produced by T-Town).mp3 [2012.09.05 23:25:04 | 000,000,892 | ---- | M] () -- C:\Users\Public\Desktop\Guild Wars 2.lnk [2012.09.05 23:10:16 | 007,704,956 | ---- | M] () -- C:\Users\Olli\Desktop\Alicia Keys feat. Nicki Minaj - Girl On Fire (Inferno Version) [www.ILoveRNBMusic.com].mp3 [2012.09.05 23:09:36 | 006,253,436 | ---- | M] () -- C:\Users\Olli\Desktop\Alicia Keys - Girl on Fire (Blue Light Version) [www.ILoveRNBMusic.com].mp3 [2012.09.05 23:07:58 | 003,606,108 | ---- | M] () -- C:\Users\Olli\Desktop\Lemar - The First Time [www.ILoveRNBMusic.com].mp3 [2012.09.05 23:07:46 | 004,491,347 | ---- | M] () -- C:\Users\Olli\Desktop\A$AP Rocky - Cockiness (Remix).mp3 [2012.09.05 22:59:15 | 000,001,584 | ---- | M] () -- C:\Users\Public\Desktop\Logitech Webcam Software .lnk [2012.09.05 17:15:41 | 000,293,560 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012.09.05 16:57:14 | 004,599,541 | ---- | M] () -- C:\Users\Olli\Desktop\Adorn (Remix) Feat. Wiz Khalifa.mp3 [2012.09.05 16:51:44 | 000,696,520 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012.09.05 16:51:44 | 000,073,416 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl ========== Files Created - No Company Name ========== [2012.09.26 21:28:25 | 000,029,680 | ---- | C] () -- C:\Users\Olli\Desktop\vdv23.jpg [2012.09.26 21:13:04 | 000,303,616 | ---- | C] ( ) -- C:\SetACL.exe [2012.09.26 15:12:02 | 000,003,288 | ---- | C] () -- C:\bootsqm.dat [2012.09.26 15:07:25 | 000,002,247 | ---- | C] () -- C:\Users\Public\Desktop\Tweaking.com - Windows Repair (All in One).lnk [2012.09.25 19:52:40 | 000,001,102 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2012.09.25 19:39:37 | 000,053,880 | ---- | C] () -- C:\Users\Olli\bookmarks-2012-09-25.json [2012.09.25 19:33:07 | 002,700,544 | ---- | C] () -- C:\Users\Olli\Desktop\Swimming Pools (Remix) Feat. August.mp3 [2012.09.25 19:31:29 | 004,844,902 | ---- | C] () -- C:\Users\Olli\Desktop\Swiss Francs (Remix) Feat. Booba.mp3 [2012.09.25 19:09:02 | 003,976,869 | ---- | C] () -- C:\Users\Olli\Desktop\Ludacris feat Kelly Rowland - Representin' BMF.mp3 [2012.09.19 21:08:32 | 005,969,488 | ---- | C] () -- C:\Users\Olli\Desktop\Hamilton Park feat Meek Mill - Suicide BMF.mp3 [2012.09.18 21:32:18 | 004,711,029 | ---- | C] () -- C:\Users\Olli\Desktop\Fat Joe feat Trey Songz, Pusha T, Ashanti & Miguel - Pride N Joy (Remix) BMF.mp3 [2012.09.18 20:53:36 | 000,053,880 | ---- | C] () -- C:\Users\Olli\bookmarks-2012-09-18.json [2012.09.17 20:58:45 | 000,163,441 | ---- | C] () -- C:\Users\Olli\fblaednichtvollstaendig.jpg [2012.09.16 20:21:37 | 000,001,069 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.09.16 14:07:59 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2012.09.16 14:07:59 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2012.09.16 14:07:59 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2012.09.16 14:07:59 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2012.09.16 14:07:59 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2012.09.16 13:14:39 | 000,000,838 | ---- | C] () -- C:\Users\Public\Desktop\FIFA 13 Demo.lnk [2012.09.16 10:39:35 | 000,002,097 | ---- | C] () -- C:\Users\Olli\Desktop\hjtscanlist.zip [2012.09.12 22:41:23 | 003,825,977 | ---- | C] () -- C:\Users\Olli\Desktop\Aaliyah featuring Drake - Enough Said.mp3 [2012.09.12 22:28:09 | 003,119,814 | ---- | C] () -- C:\Users\Olli\Desktop\Casper - Halbe Mille (HD Video).mp3 [2012.09.12 21:26:38 | 003,986,583 | ---- | C] () -- C:\Users\Olli\Desktop\Jonesmann feat Manuellsen Wo wär ich.mp3 [2012.09.12 21:24:05 | 004,787,559 | ---- | C] () -- C:\Users\Olli\Desktop\Samson Jones __ _Bis ans Meer_.mp3 [2012.09.12 21:21:17 | 003,757,029 | ---- | C] () -- C:\Users\Olli\Desktop\Jonesmann - So Viel (Thug Life).mp3 [2012.09.12 21:18:46 | 002,847,047 | ---- | C] () -- C:\Users\Olli\Desktop\Samson Jones - Wir bleiben zusammen [HD].mp3 [2012.09.12 21:13:21 | 003,745,134 | ---- | C] () -- C:\Users\Olli\Desktop\First To Last.mp3 [2012.09.12 21:09:41 | 008,071,465 | ---- | C] () -- C:\Users\Olli\Desktop\20 Love That Bitch (Feat. Jannyce).mp3 [2012.09.12 21:09:39 | 007,223,973 | ---- | C] () -- C:\Users\Olli\Desktop\19 Fuck U Bitch.mp3 [2012.09.12 20:13:50 | 013,759,737 | ---- | C] () -- C:\Users\Olli\Desktop\Matt Struve Fitness - Ultimate 6-Pack Abs Exercise.mp4 [2012.09.10 22:54:51 | 002,291,552 | ---- | C] () -- C:\Users\Olli\Desktop\Foto.JPG [2012.09.10 22:51:52 | 008,812,564 | ---- | C] () -- C:\Users\Olli\Desktop\Avicii feat. Mike Posner - Stay With You (OverLine Edit).mp3 [2012.09.10 22:47:34 | 013,885,765 | ---- | C] () -- C:\Users\Olli\Desktop\Avicii - Silhouettes (Avicii Exclusive Ralph Lauren Denim & Supply Remix) [www.MARVIN-VIBEZ.to].mp3 [2012.09.10 22:45:44 | 015,930,629 | ---- | C] () -- C:\Users\Olli\Desktop\Avicii - Silhouettes (Lazy Rich Remix) [www.MARVIN-VIBEZ.to].mp3 [2012.09.10 22:03:24 | 014,287,351 | ---- | C] () -- C:\Users\Olli\Desktop\Calvin Harris Ft. Florence Welch - Sweet Nothing (Extended Mix).mp3 [2012.09.10 21:59:33 | 007,723,216 | ---- | C] () -- C:\Users\Olli\Desktop\Daddy Yankee Ft. Nicky Jam - El Party Me Llama.mp3 [2012.09.10 21:55:56 | 009,719,280 | ---- | C] () -- C:\Users\Olli\Desktop\R.J. ft. Pitbull - Live 4 Die 4 (David May Extended Mix).mp3 [2012.09.10 12:21:33 | 000,228,375 | ---- | C] () -- C:\Users\Olli\trojaner.jpg [2012.09.10 09:51:19 | 000,059,392 | R--- | C] () -- C:\Windows\SysWow64\streamhlp.dll [2012.09.05 23:36:22 | 012,945,033 | ---- | C] () -- C:\Users\Olli\Desktop\Swedish House Mafia Feat. John Martin - Don't You Worry Child (Extended Mix) www.FreeNutka.pl .mp3 [2012.09.05 23:28:45 | 006,280,213 | ---- | C] () -- C:\Users\Olli\Desktop\Ryan Leslie feat. Fabolous - Beautiful Lie (Final Version).mp3 [2012.09.05 23:27:54 | 004,595,331 | ---- | C] () -- C:\Users\Olli\Desktop\Ryan Leslie - _Winning.mp3 [2012.09.05 23:27:13 | 005,346,387 | ---- | C] () -- C:\Users\Olli\Desktop\Jackie Boyz - Talk To Me (Prod. by Covea Jiles) [www.ILoveRNBMusic.com].mp3 [2012.09.05 23:25:46 | 009,178,758 | ---- | C] () -- C:\Users\Olli\Desktop\T-Town ft. Mike Hough - Here With Me (Produced by T-Town).mp3 [2012.09.05 23:25:04 | 000,000,892 | ---- | C] () -- C:\Users\Public\Desktop\Guild Wars 2.lnk [2012.09.05 23:08:53 | 007,704,956 | ---- | C] () -- C:\Users\Olli\Desktop\Alicia Keys feat. Nicki Minaj - Girl On Fire (Inferno Version) [www.ILoveRNBMusic.com].mp3 [2012.09.05 23:08:29 | 006,253,436 | ---- | C] () -- C:\Users\Olli\Desktop\Alicia Keys - Girl on Fire (Blue Light Version) [www.ILoveRNBMusic.com].mp3 [2012.09.05 23:07:19 | 003,606,108 | ---- | C] () -- C:\Users\Olli\Desktop\Lemar - The First Time [www.ILoveRNBMusic.com].mp3 [2012.09.05 23:06:58 | 004,491,347 | ---- | C] () -- C:\Users\Olli\Desktop\A$AP Rocky - Cockiness (Remix).mp3 [2012.09.05 22:59:15 | 000,001,584 | ---- | C] () -- C:\Users\Public\Desktop\Logitech Webcam Software .lnk [2012.09.05 16:57:11 | 004,599,541 | ---- | C] () -- C:\Users\Olli\Desktop\Adorn (Remix) Feat. Wiz Khalifa.mp3 [2012.07.05 12:22:59 | 000,127,215 | ---- | C] () -- C:\Users\Olli\ichhabneuenikes.png [2012.06.18 21:03:49 | 001,682,393 | ---- | C] () -- C:\Users\Olli\Foto(2).JPG [2012.06.18 20:55:33 | 001,594,647 | ---- | C] () -- C:\Users\Olli\Foto(1).JPG [2012.05.28 22:39:54 | 000,015,335 | ---- | C] () -- C:\Users\Olli\monitor.jpg [2012.05.24 14:54:23 | 000,452,742 | ---- | C] () -- C:\Users\Olli\20LNC2.JPG [2012.05.24 14:54:23 | 000,448,036 | ---- | C] () -- C:\Users\Olli\20LNC1.JPG [2012.05.19 10:34:43 | 003,387,997 | ---- | C] () -- C:\Users\Olli\wallpaper020-1920x1080.jpg [2012.05.13 23:15:01 | 000,442,359 | ---- | C] () -- C:\Users\Olli\image.jpg [2012.05.01 20:49:22 | 000,274,762 | ---- | C] () -- C:\Users\Olli\464735_292791490805610_211542765597150_705372_237206692_o.jpg [2012.04.16 12:02:49 | 000,027,629 | ---- | C] () -- C:\Users\Olli\studiengangc9c75d1e-3620-47af-8452-676792999cb2.pdf [2012.04.16 11:45:01 | 000,010,908 | ---- | C] () -- C:\Users\Olli\Reporteaa90062-9519-4457-b052-5e6d24ef86c7.pdf [2012.04.15 13:55:25 | 000,224,313 | ---- | C] () -- C:\Users\Olli\Header adidas Trikot neu.jpg [2012.04.03 07:16:04 | 000,423,744 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe [2012.04.01 18:13:29 | 000,559,125 | ---- | C] () -- C:\Users\Olli\457319_3176029072535_1019833424_32975851_559300883_o.jpg [2012.04.01 12:22:02 | 000,139,656 | ---- | C] () -- C:\Users\Olli\pA_fh_30032012_010.jpg [2012.04.01 12:20:07 | 000,210,371 | ---- | C] () -- C:\Users\Olli\pA_fh_30032012_095.jpg [2012.03.26 21:05:12 | 000,118,430 | ---- | C] () -- C:\Users\Olli\plugin-formelsammlung_Kompatibilitaetsmodus_.pdf [2012.03.20 20:37:41 | 000,037,690 | ---- | C] () -- C:\Users\Olli\408466_294213293984199_100001865927236_732412_1911041712_n.jpg [2012.03.19 16:32:58 | 000,759,641 | ---- | C] () -- C:\Users\Olli\VM_120319_00001.pdf [2012.03.16 12:15:50 | 000,038,044 | ---- | C] () -- C:\Users\Olli\Hausratversicherung_Angebot_Oliver Müller.pdf [2012.03.16 01:28:24 | 000,050,898 | ---- | C] () -- C:\Users\Olli\bookmarks-2012-03-16.json [2012.03.13 21:10:22 | 002,000,256 | ---- | C] () -- C:\Users\Olli\Foto.JPG [2012.03.09 11:14:10 | 002,022,949 | ---- | C] () -- C:\Users\Olli\Antrag PHV Single.pdf [2012.03.09 01:22:35 | 000,061,275 | ---- | C] () -- C:\Users\Olli\roter von rio.jpg [2012.03.03 15:18:29 | 000,052,788 | ---- | C] () -- C:\Users\Olli\arena.jpg [2012.02.23 23:28:53 | 000,249,704 | ---- | C] () -- C:\Users\Olli\BMW_X6.jpg [2012.02.23 23:13:27 | 000,268,584 | ---- | C] () -- C:\Users\Olli\audiA8Seite.jpg [2012.02.21 12:12:26 | 000,010,908 | R--- | C] () -- C:\Users\Olli\StudibescheinigungSS12.PDF [2012.02.05 10:36:54 | 000,199,564 | ---- | C] () -- C:\Users\Olli\SALAA.jpg [2012.01.27 22:49:54 | 000,289,874 | ---- | C] () -- C:\Users\Olli\Picture of me 1.png [2012.01.18 08:44:00 | 010,920,984 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll [2012.01.18 08:44:00 | 000,336,408 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll [2012.01.18 08:44:00 | 000,104,472 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe [2011.12.17 11:42:37 | 000,457,385 | ---- | C] () -- C:\Users\Olli\2. Seite Haftpflichtversicherungsrechnung 001.jpg [2011.12.17 11:42:32 | 000,338,840 | ---- | C] () -- C:\Users\Olli\1. Seite Haftpflichtversicherungsrechnung 001.jpg [2011.12.15 19:13:31 | 000,099,211 | ---- | C] () -- C:\Users\Olli\holstentor.jpg [2011.12.15 17:00:14 | 021,294,420 | ---- | C] () -- C:\Users\Olli\Bauchmuskeltraining 8 Minuten Deutsch.mp4 [2011.12.07 20:00:48 | 000,167,187 | ---- | C] () -- C:\Users\Olli\stier2.png [2011.12.07 19:58:58 | 000,267,296 | ---- | C] () -- C:\Users\Olli\stier.png [2011.12.04 19:48:53 | 000,096,111 | ---- | C] () -- C:\Users\Olli\toere800-1323015415.jpg [2011.12.01 16:52:25 | 001,406,612 | ---- | C] () -- C:\Users\Olli\Schimmel 1.JPG [2011.12.01 16:52:02 | 001,096,324 | ---- | C] () -- C:\Users\Olli\Schimmel 2.JPG [2011.11.20 17:49:35 | 000,093,166 | ---- | C] () -- C:\Users\Olli\Mueller, Oliver - 2010 Steuer.pdf [2011.11.20 17:49:30 | 000,175,794 | ---- | C] () -- C:\Users\Olli\Müller, Oliver - 2009 Steuer.pdf [2011.11.17 16:44:38 | 000,463,480 | ---- | C] () -- C:\Users\Olli\drizzy.jpg [2011.11.13 22:06:24 | 000,065,862 | ---- | C] () -- C:\Users\Olli\389951_291343820896138_100000615686743_889845_603073080_n.jpg [2011.11.10 04:36:06 | 000,204,960 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat [2011.11.10 04:36:06 | 000,157,152 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat [2011.11.09 23:39:44 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll [2011.11.09 23:39:32 | 000,054,784 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll [2011.11.04 17:15:06 | 000,482,408 | ---- | C] () -- C:\Windows\ssndii.exe [2011.11.04 17:14:21 | 000,113,768 | ---- | C] () -- C:\Windows\Wiainst.exe [2011.10.25 22:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder.dll [2011.10.03 19:08:02 | 000,035,052 | ---- | C] () -- C:\Users\Olli\foodprocessing.jpg [2011.09.27 23:37:31 | 000,096,337 | ---- | C] () -- C:\Users\Olli\tumblr_lmuuycsF2T1qk8ks2o1_500.jpg [2011.09.27 23:37:00 | 000,042,707 | ---- | C] () -- C:\Users\Olli\tumblr_lnof9adIeE1qjt5kqo1_400.jpg [2011.09.27 23:33:19 | 000,067,250 | ---- | C] () -- C:\Users\Olli\tumblr_lpmvc8Rt971qhhun0o1_500.jpg [2011.09.27 23:32:23 | 000,029,801 | ---- | C] () -- C:\Users\Olli\tumblr_lrtqjeGkwI1qc1mlvo1_500.jpg [2011.09.21 21:44:37 | 000,047,789 | ---- | C] () -- C:\Users\Olli\16440-i-love-house-music-house-music-symbol.jpg [2011.09.21 21:43:20 | 000,164,995 | ---- | C] () -- C:\Users\Olli\i_love_housemusic.jpg [2011.09.13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2011.08.31 19:24:11 | 001,864,407 | ---- | C] () -- C:\Users\Olli\DSC01699.JPG [2011.08.31 19:23:41 | 002,554,778 | ---- | C] () -- C:\Users\Olli\DSC01693.JPG [2011.08.31 17:02:12 | 002,650,681 | ---- | C] () -- C:\Users\Olli\DSC01623.JPG [2011.05.11 17:55:08 | 000,000,056 | ---- | C] () -- C:\ProgramData\ezsidmv.dat [2011.04.04 19:01:00 | 000,281,520 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2011.04.03 12:47:05 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe [2011.04.03 12:47:05 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2011.04.02 11:40:15 | 000,001,065 | ---- | C] () -- C:\Windows\winamp.ini [2011.04.02 11:33:26 | 000,148,480 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL [2011.04.02 11:33:26 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL [2011.04.02 11:32:47 | 000,003,072 | ---- | C] () -- C:\Windows\SysWow64\CTXFIGER.DLL [2011.04.02 10:55:54 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin ========== LOP Check ========== [2011.12.04 16:30:29 | 000,000,000 | ---D | M] -- C:\Users\Olli\AppData\Roaming\DVDVideoSoft [2011.11.08 17:39:41 | 000,000,000 | ---D | M] -- C:\Users\Olli\AppData\Roaming\DVDVideoSoftIEHelpers [2011.04.06 20:35:22 | 000,000,000 | ---D | M] -- C:\Users\Olli\AppData\Roaming\Foxit Software [2012.04.29 14:45:55 | 000,000,000 | ---D | M] -- C:\Users\Olli\AppData\Roaming\FreeAudioPack [2012.01.27 20:38:00 | 000,000,000 | ---D | M] -- C:\Users\Olli\AppData\Roaming\Leadertech [2011.06.09 19:37:49 | 000,000,000 | ---D | M] -- C:\Users\Olli\AppData\Roaming\LolClient [2012.03.30 16:11:09 | 000,000,000 | ---D | M] -- C:\Users\Olli\AppData\Roaming\OpenOffice.org [2012.03.16 01:31:22 | 000,000,000 | ---D | M] -- C:\Users\Olli\AppData\Roaming\Opera [2012.09.15 20:35:41 | 000,000,000 | ---D | M] -- C:\Users\Olli\AppData\Roaming\Origin [2011.04.15 17:15:26 | 000,000,000 | ---D | M] -- C:\Users\Olli\AppData\Roaming\PunkBuster [2012.09.10 09:47:56 | 000,000,000 | ---D | M] -- C:\Users\Olli\AppData\Roaming\QuickScan [2012.05.07 11:14:07 | 000,000,000 | ---D | M] -- C:\Users\Olli\AppData\Roaming\TeamViewer [2011.04.02 17:18:12 | 000,000,000 | ---D | M] -- C:\Users\Olli\AppData\Roaming\Thunderbird [2012.09.10 12:21:42 | 000,000,000 | ---D | M] -- C:\Users\Olli\AppData\Roaming\TrojanHunter [2009.09.18 21:03:18 | 000,000,000 | ---D | M] -- C:\Users\Olli\AppData\Roaming\TS3Client [2011.07.21 20:07:43 | 000,000,000 | ---D | M] -- C:\Users\Olli\AppData\Roaming\TubeBox [2012.09.10 22:17:31 | 000,000,000 | ---D | M] -- C:\Users\Olli\AppData\Roaming\YourFileDownloader [2012.06.24 10:45:03 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:47F1DFAC < End of report > |
|
01.10.2012, 19:12
| #11 |
| /// the machine /// TB-Ausbilder | Habe mir einiges eingefangen (Trojaner/Viren) Windows-Taste+R > Combofix /Uninstall > Enter drücken OTL öffnen > Button Bereinigung drücken Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
01.10.2012, 19:30
| #12 |
| | Habe mir einiges eingefangen (Trojaner/Viren) Ehm, ich glaube ich spinne -.- als ich soeben Combofix deinstalliert habe und auf Facebook gehe, ist das Problem wieder da, das die Seite wieder nicht richtig läd .... |
|
01.10.2012, 19:31
| #13 |
| /// the machine /// TB-Ausbilder | Habe mir einiges eingefangen (Trojaner/Viren) Du willst mich ärgern stimmts?  Poste mal ein frisches OTL logfile.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
01.10.2012, 19:37
| #14 |
| | Habe mir einiges eingefangen (Trojaner/Viren) Nachdem ich OTL "Bereinigen" getätigt habe, war ein Neustart erforderlich. Jetzt ist OTL verschwunden...Habe es soeben neu geladen, allerdings erhalte ich jetzt eine Fehlermeldung des Programms, sobald ich auf "Scan" klicke. Oh man... |
|
01.10.2012, 19:38
| #15 |
| /// the machine /// TB-Ausbilder | Habe mir einiges eingefangen (Trojaner/Viren) was für eine?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Habe mir einiges eingefangen (Trojaner/Viren) |
| aufbau, beseitigt, browser, eingefangen, facebook, firefox, funktionieren, gefangen, gefunde, gen, hallo zusammen, hoffe, malware, nicht mehr, opera, problem, seite, troja, vollständig, weiteres, zusammen |
Linear-Darstellung
