Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
FakeAlert!grb eingefangen

FakeAlert!grb eingefangen


Log-Analyse und Auswertung: FakeAlert!grb eingefangen

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 19.05.2011, 19:14   #1
moitrich
 
FakeAlert!grb eingefangen - Standard

FakeAlert!grb eingefangen


Hallo,
ich benötige Eure Hilfe.
Habe mir vor 2 Tagen einen Trojaner eingefangen.
McAfee sagt:
"McAfee hat auf ihrem Computer eine Bedrohung (Trojaner) entdeckt und etfernt. Es sind keine weiteren Maßnahmen notwendig."
Unter "Details" steht:
FakeAlert!grb
C\ProgramData\33218296

Leider ist er nicht weg.
Folgende Symptome habe ich:
- Desktopsymbole weg
- Ordner angeblich leer
- Fehlermeldung von Windows Vista Recovery ständig am Desktop
- Festplatte angeblich beschädigt
- RAM Temperatur angeblich zu hoch etc.

Was ich bisher gemacht haber:
- Windows mit Sichern und Wiederherstellen um eine Woche zurückgesetzt, brachte keine Lösung


Hier das Malwarebytes Logfiles:

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 6618

Windows 6.0.6002 Service Pack 2
Internet Explorer 9.0.8112.16421

19.05.2011 19:56:58
mbam-log-2011-05-19 (19-56-58).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 161390
Laufzeit: 15 Minute(n), 44 Sekunde(n)

Infizierte Speicherprozesse: 1
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 2
Infizierte Dateien: 4

Infizierte Speicherprozesse:
c:\programdata\33218296.exe (Trojan.FakeAlert.Gen) -> 2720 -> Unloaded process successfully.

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
c:\Recycle.Bin (Trojan.Spyeyes) -> Quarantined and deleted successfully.
c:\blyadstvoeb (Trojan.Spyeyes) -> Quarantined and deleted successfully.

Infizierte Dateien:
c:\Users\alex und ramona\AppData\Local\Temp\adobe_flash_player.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\programdata\33218296.exe (Trojan.FakeAlert.Gen) -> Quarantined and deleted successfully.
c:\Recycle.Bin\config.bin (Trojan.Spyeyes) -> Quarantined and deleted successfully.
c:\blyadstvoeb\config.bin (Trojan.Spyeyes) -> Quarantined and deleted successfully.




Hier das OTL logfile:OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 19.05.2011 20:00:03 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Alex und Ramona\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 36,00% Memory free
4,00 Gb Paging File | 2,00 Gb Available in Paging File | 57,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 269,41 Gb Total Space | 75,42 Gb Free Space | 28,00% Space Free | Partition Type: NTFS
Drive D: | 28,67 Gb Total Space | 20,52 Gb Free Space | 71,60% Space Free | Partition Type: FAT32
Drive E: | 596,17 Gb Total Space | 292,30 Gb Free Space | 49,03% Space Free | Partition Type: NTFS
 
Computer Name: MEDION-MD8822 | User Name: Alex und Ramona | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Alex und Ramona\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Windows\System32\Macromed\Flash\FlashUtil10q_ActiveX.exe (Adobe Systems, Inc.)
PRC - C:\Programme\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Programme\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.)
PRC - C:\Programme\Common Files\McAfee\SystemCore\mcshield.exe (McAfee, Inc.)
PRC - C:\Programme\Common Files\McAfee\SystemCore\mfevtps.exe (McAfee, Inc.)
PRC - C:\Programme\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Programme\McAfee Online Backup\MOBKbackup.exe (McAfee, Inc.)
PRC - C:\Programme\WinZip\WZQKPICK.EXE (WinZip Computing, S.L.)
PRC - C:\Programme\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
PRC - C:\Programme\Canon\MyPrinter\BJMYPRT.EXE (CANON INC.)
PRC - C:\Programme\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
PRC - C:\Programme\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe (CANON INC.)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation)
PRC - C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Live\Toolbar\wltuser.exe (Microsoft Corporation)
PRC - C:\Programme\McAfee\SiteAdvisor\McSACore.exe ()
PRC - C:\Programme\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
PRC - C:\Programme\Common Files\Logishrd\KHAL2\KHALMNPR.exe (Logitech, Inc.)
PRC - C:\Programme\CyberLink\Shared Files\brs.exe (cyberlink)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\Programme\Sceneo\Bonavista\Services\ODSBC\ODSBCApp.exe (ODSoft multimedia)
PRC - C:\Programme\Sceneo\Bonavista\Services\PVR\pvrservice.exe (Buhl Data Service GmbH)
PRC - C:\Programme\Home Cinema\TV Enhance\Kernel\TV\TVECapSvc.exe ()
PRC - C:\Programme\Home Cinema\TV Enhance\Kernel\TV\TVESched.exe ()
PRC - C:\Programme\Home Cinema\TV Enhance\TVEService.exe (CyberLink Corp.)
PRC - C:\Programme\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
PRC - C:\Programme\Common Files\Ahead\Lib\NMIndexStoreSvr.exe (Nero AG)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Programme\Home Cinema\PowerDVD\PDVDServ.exe (Cyberlink Corp.)
PRC - C:\Programme\Common Files\X10\Common\X10nets.exe (X10)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Alex und Ramona\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation)
MOD - C:\Programme\McAfee\SiteAdvisor\sahook.dll ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.)
SRV - (McShield) -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe ()
SRV - (mfevtp) -- C:\Programme\Common Files\McAfee\SystemCore\mfevtps.exe (McAfee, Inc.)
SRV - (McODS) -- C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SRV - (MOBKbackup) -- C:\Program Files\McAfee Online Backup\MOBKbackup.exe (McAfee, Inc.)
SRV - (MSK80Service) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McProxy) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McNASvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McNaiAnn) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (mcmscsvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McMPFSvc) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McAfee SiteAdvisor Service) -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe ()
SRV - (LBTServ) -- C:\Programme\Common Files\Logitech\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (srvcPVR) -- C:\Programme\Sceneo\Bonavista\Services\PVR\pvrservice.exe (Buhl Data Service GmbH)
SRV - (TVECapSvc) TVEnhance Background Capture Service (TBCS) -- C:\Program Files\Home Cinema\TV Enhance\Kernel\TV\TVECapSvc.exe ()
SRV - (TVESched) TVEnhance Task Scheduler (TTS)) -- C:\Program Files\Home Cinema\TV Enhance\Kernel\TV\TVESched.exe ()
SRV - (x10nets) -- C:\Programme\Common Files\X10\Common\X10nets.exe (X10)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (mfehidk) -- C:\Windows\system32\drivers\mfehidk.sys (McAfee, Inc.)
DRV - (mfefirek) -- C:\Windows\System32\drivers\mfefirek.sys (McAfee, Inc.)
DRV - (mfewfpk) -- C:\Windows\System32\drivers\mfewfpk.sys (McAfee, Inc.)
DRV - (mfeavfk) -- C:\Windows\System32\drivers\mfeavfk.sys (McAfee, Inc.)
DRV - (mfeapfk) -- C:\Windows\System32\drivers\mfeapfk.sys (McAfee, Inc.)
DRV - (mferkdet) -- C:\Windows\System32\drivers\mferkdet.sys (McAfee, Inc.)
DRV - (mfenlfk) -- C:\Windows\System32\drivers\mfenlfk.sys (McAfee, Inc.)
DRV - (cfwids) -- C:\Windows\System32\drivers\cfwids.sys (McAfee, Inc.)
DRV - (mfebopk) -- C:\Windows\System32\drivers\mfebopk.sys (McAfee, Inc.)
DRV - (MOBKFilter) -- C:\Windows\System32\drivers\MOBK.sys (Mozy, Inc.)
DRV - (ggsemc) -- C:\Windows\System32\drivers\ggsemc.sys (Sony Ericsson Mobile Communications)
DRV - (ggflt) -- C:\Windows\System32\drivers\ggflt.sys (Sony Ericsson Mobile Communications)
DRV - (mfesmfk) -- C:\Windows\System32\drivers\mfesmfk.sys (McAfee, Inc.)
DRV - (mferkdk) -- C:\Windows\System32\drivers\mferkdk.sys (McAfee, Inc.)
DRV - (s1029unic) Sony Ericsson Device 1029 USB Ethernet Emulation (WDM) -- C:\Windows\System32\drivers\s1029unic.sys (MCCI Corporation)
DRV - (s1029mdm) -- C:\Windows\System32\drivers\s1029mdm.sys (MCCI Corporation)
DRV - (s1029bus) Sony Ericsson Device 1029 driver (WDM) -- C:\Windows\System32\drivers\s1029bus.sys (MCCI Corporation)
DRV - (s1029mdfl) -- C:\Windows\System32\drivers\s1029mdfl.sys (MCCI Corporation)
DRV - (s1029mgmt) Sony Ericsson Device 1029 USB WMC Device Management Drivers (WDM) -- C:\Windows\System32\drivers\s1029mgmt.sys (MCCI Corporation)
DRV - (s1029obex) -- C:\Windows\System32\drivers\s1029obex.sys (MCCI Corporation)
DRV - (s1029nd5) Sony Ericsson Device 1029 USB Ethernet Emulation (NDIS) -- C:\Windows\System32\drivers\s1029nd5.sys (MCCI Corporation)
DRV - (LMouFilt) -- C:\Windows\System32\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV - (LHidFilt) -- C:\Windows\System32\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (s117obex) -- C:\Windows\System32\drivers\s117obex.sys (MCCI Corporation)
DRV - (s117mdm) -- C:\Windows\System32\drivers\s117mdm.sys (MCCI Corporation)
DRV - (s117mgmt) Sony Ericsson Device 117 USB WMC Device Management Drivers (WDM) -- C:\Windows\System32\drivers\s117mgmt.sys (MCCI Corporation)
DRV - (s117unic) Sony Ericsson Device 117 USB Ethernet Emulation SEMC117 (WDM) -- C:\Windows\System32\drivers\s117unic.sys (MCCI Corporation)
DRV - (s117nd5) Sony Ericsson Device 117 USB Ethernet Emulation SEMC117 (NDIS) -- C:\Windows\System32\drivers\s117nd5.sys (MCCI Corporation)
DRV - (s117mdfl) -- C:\Windows\System32\drivers\s117mdfl.sys (MCCI Corporation)
DRV - (s117bus) Sony Ericsson Device 117 driver (WDM) -- C:\Windows\System32\drivers\s117bus.sys (MCCI Corporation)
DRV - (s816mdm) -- C:\Windows\System32\drivers\s816mdm.sys (MCCI Corporation)
DRV - (s816mgmt) Sony Ericsson Device 816 USB WMC Device Management Drivers (WDM) -- C:\Windows\System32\drivers\s816mgmt.sys (MCCI Corporation)
DRV - (s816unic) Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (WDM) -- C:\Windows\System32\drivers\s816unic.sys (MCCI)
DRV - (s816obex) -- C:\Windows\System32\drivers\s816obex.sys (MCCI Corporation)
DRV - (s816nd5) Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (NDIS) -- C:\Windows\System32\drivers\s816nd5.sys (MCCI Corporation)
DRV - (s816mdfl) -- C:\Windows\System32\drivers\s816mdfl.sys (MCCI Corporation)
DRV - (s816bus) Sony Ericsson Device 816 driver (WDM) -- C:\Windows\System32\drivers\s816bus.sys (MCCI Corporation)
DRV - (netr73) -- C:\Windows\System32\drivers\netr73.sys (Ralink Technology Corp.)
DRV - (Ph3xIB32) -- C:\Windows\System32\drivers\Ph3xIB32.sys (Philips Semiconductors GmbH)
DRV - (3xHybrid) -- C:\Windows\System32\drivers\3xHybrid.sys (Philips Semiconductors GmbH)
DRV - (XUIF) -- C:\Windows\System32\drivers\x10ufx2.sys (X10 Wireless Technology, Inc.)
DRV - (X10Hid) -- C:\Windows\System32\drivers\x10hid.sys (X10 Wireless Technology, Inc.)
DRV - (R300) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (xfilt) -- C:\Windows\system32\DRIVERS\xfilt.sys (VIA Technologies,Inc)
DRV - (videX32) -- C:\Windows\system32\DRIVERS\videX32.sys (VIA Technologies, Inc.)
DRV - (LBeepKE) -- C:\Windows\System32\drivers\LBeepKE.sys (Logitech, Inc.)
DRV - (LHidKe) -- C:\Windows\System32\drivers\LHidKE.Sys (Logitech, Inc.)
DRV - (LMouKE) -- C:\Windows\System32\drivers\LMOUKE.sys (Logitech, Inc.)
DRV - (L8042Kbd) -- C:\Windows\System32\drivers\L8042Kbd.SYS (Logitech, Inc.)
DRV - (k750bus) Sony Ericsson 750 driver (WDM) -- C:\Windows\System32\drivers\k750bus.sys (MCCI)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.web.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:2.8
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2010.03.03 13:15:52 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.17\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.05.12 19:45:49 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.17\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.12.08 19:15:30 | 000,000,000 | ---D | M]
 
[2009.01.10 04:30:51 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Alex und Ramona\AppData\Roaming\mozilla\Extensions
[2010.01.13 01:38:13 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Alex und Ramona\AppData\Roaming\mozilla\Firefox\Profiles\167hx8in.default\extensions
[2011.02.22 01:18:36 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2010.04.26 00:06:13 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.08.23 17:21:25 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.11.08 00:09:08 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010.12.25 14:04:09 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011.02.22 01:18:37 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2010.03.03 13:15:52 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES\MCAFEE\SITEADVISOR
[2009.05.05 20:41:30 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
[2009.01.11 22:05:38 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
[2009.03.27 00:02:24 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009.08.30 18:47:45 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
[2009.10.21 18:11:29 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
[2009.11.17 17:41:18 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
[2010.04.26 00:06:13 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.08.23 17:21:25 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.11.08 00:09:08 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.04.14 14:01:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Programme\Mozilla Firefox\components\Scriptff.dll
[2011.02.02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
[2009.02.27 02:16:06 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2009.02.27 02:16:06 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2009.02.27 02:16:06 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2009.02.27 02:16:06 | 000,000,986 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2009.02.27 02:16:06 | 000,000,801 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Programme\McAfee\MSK\mskapbho.dll ()
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Programme\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Programme\Common Files\McAfee\SystemCore\ScriptSn.20110512194549.dll (McAfee, Inc.)
O2 - BHO: (Windows Live ID-Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll ()
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll ()
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Programme\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Programme\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4 - HKLM..\Run: [BDRegion] C:\Programme\CyberLink\Shared Files\brs.exe (cyberlink)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [IJNetworkScanUtility] C:\Programme\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe (CANON INC.)
O4 - HKLM..\Run: [InstantOn] C:\Program Files\CyberLink\PowerCinema Linux\ion_install.exe ()
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Programme\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [RemoteControl] C:\Program Files\Home Cinema\PowerDVD\PDVDServ.exe (Cyberlink Corp.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [toolbar_eula_launcher] C:\Programme\GoogleEULA\EULALauncher.exe ( )
O4 - HKLM..\Run: [TVBroadcast] C:\Programme\Sceneo\Bonavista\Services\ODSBC\ODSBCApp.exe (ODSoft multimedia)
O4 - HKLM..\Run: [TVEService] C:\Program Files\Home Cinema\TV Enhance\TVEService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKCU..\Run: [fJhJIqofiBapKso] File not found
O4 - HKCU..\Run: [LDM] C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe (Logitech)
O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Users\Alex und Ramona\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - File not found
O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - File not found
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: kba.de ([www] * in Vertrauenswürdige Sites)
O15 - HKCU\..Trusted Domains: sachvip-argetp21.de ([www] * in Vertrauenswürdige Sites)
O15 - HKCU\..Trusted Domains: tuev-dekra.de ([sachvip-rili1] http in Vertrauenswürdige Sites)
O15 - HKCU\..Trusted Domains: tuev-dekra.de ([www] * in Vertrauenswürdige Sites)
O15 - HKCU\..Trusted Domains: tuev-sued.de ([as-info] https in Vertrauenswürdige Sites)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} hxxp://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-27-0.cab (EPUImageControl Class)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.109.123.197 213.191.74.19
O18 - Protocol\Handler\bw+0 {6e0c4909-2d5f-49a4-9e4e-41f09409f5f9} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw+0s {6e0c4909-2d5f-49a4-9e4e-41f09409f5f9} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw-0 {6e0c4909-2d5f-49a4-9e4e-41f09409f5f9} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw00 {6e0c4909-2d5f-49a4-9e4e-41f09409f5f9} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw00s {6e0c4909-2d5f-49a4-9e4e-41f09409f5f9} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw-0s {6e0c4909-2d5f-49a4-9e4e-41f09409f5f9} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw10 {6e0c4909-2d5f-49a4-9e4e-41f09409f5f9} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw10s {6e0c4909-2d5f-49a4-9e4e-41f09409f5f9} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw20 {6e0c4909-2d5f-49a4-9e4e-41f09409f5f9} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw20s {6e0c4909-2d5f-49a4-9e4e-41f09409f5f9} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw30 {6e0c4909-2d5f-49a4-9e4e-41f09409f5f9} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw30s {6e0c4909-2d5f-49a4-9e4e-41f09409f5f9} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw40 {6e0c4909-2d5f-49a4-9e4e-41f09409f5f9} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw40s {6e0c4909-2d5f-49a4-9e4e-41f09409f5f9} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw50 {6e0c4909-2d5f-49a4-9e4e-41f09409f5f9} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw50s {6e0c4909-2d5f-49a4-9e4e-41f09409f5f9} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw60 {6e0c4909-2d5f-49a4-9e4e-41f09409f5f9} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw60s {6e0c4909-2d5f-49a4-9e4e-41f09409f5f9} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw70 {6e0c4909-2d5f-49a4-9e4e-41f09409f5f9} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw70s {6e0c4909-2d5f-49a4-9e4e-41f09409f5f9} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw80 {6e0c4909-2d5f-49a4-9e4e-41f09409f5f9} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw80s {6e0c4909-2d5f-49a4-9e4e-41f09409f5f9} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw90 {6e0c4909-2d5f-49a4-9e4e-41f09409f5f9} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw90s {6e0c4909-2d5f-49a4-9e4e-41f09409f5f9} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwa0 {6e0c4909-2d5f-49a4-9e4e-41f09409f5f9} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwa0s {6e0c4909-2d5f-49a4-9e4e-41f09409f5f9} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwb0 {6e0c4909-2d5f-49a4-9e4e-41f09409f5f9} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwb0s {6e0c4909-2d5f-49a4-9e4e-41f09409f5f9} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwc0 {6e0c4909-2d5f-49a4-9e4e-41f09409f5f9} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwc0s {6e0c4909-2d5f-49a4-9e4e-41f09409f5f9} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwd0 {6e0c4909-2d5f-49a4-9e4e-41f09409f5f9} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwd0s {6e0c4909-2d5f-49a4-9e4e-41f09409f5f9} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwe0 {6e0c4909-2d5f-49a4-9e4e-41f09409f5f9} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwe0s {6e0c4909-2d5f-49a4-9e4e-41f09409f5f9} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwf0 {6e0c4909-2d5f-49a4-9e4e-41f09409f5f9} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwf0s {6e0c4909-2d5f-49a4-9e4e-41f09409f5f9} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwg0 {6e0c4909-2d5f-49a4-9e4e-41f09409f5f9} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwg0s {6e0c4909-2d5f-49a4-9e4e-41f09409f5f9} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwh0 {6e0c4909-2d5f-49a4-9e4e-41f09409f5f9} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwh0s {6e0c4909-2d5f-49a4-9e4e-41f09409f5f9} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwi0 {6e0c4909-2d5f-49a4-9e4e-41f09409f5f9} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwi0s {6e0c4909-2d5f-49a4-9e4e-41f09409f5f9} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwj0 {6e0c4909-2d5f-49a4-9e4e-41f09409f5f9} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwj0s {6e0c4909-2d5f-49a4-9e4e-41f09409f5f9} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwk0 {6e0c4909-2d5f-49a4-9e4e-41f09409f5f9} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwk0s {6e0c4909-2d5f-49a4-9e4e-41f09409f5f9} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwl0 {6e0c4909-2d5f-49a4-9e4e-41f09409f5f9} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwl0s {6e0c4909-2d5f-49a4-9e4e-41f09409f5f9} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwm0 {6e0c4909-2d5f-49a4-9e4e-41f09409f5f9} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwm0s {6e0c4909-2d5f-49a4-9e4e-41f09409f5f9} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwn0 {6e0c4909-2d5f-49a4-9e4e-41f09409f5f9} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwn0s {6e0c4909-2d5f-49a4-9e4e-41f09409f5f9} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwo0 {6e0c4909-2d5f-49a4-9e4e-41f09409f5f9} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwo0s {6e0c4909-2d5f-49a4-9e4e-41f09409f5f9} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwp0 {6e0c4909-2d5f-49a4-9e4e-41f09409f5f9} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwp0s {6e0c4909-2d5f-49a4-9e4e-41f09409f5f9} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwq0 {6e0c4909-2d5f-49a4-9e4e-41f09409f5f9} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwq0s {6e0c4909-2d5f-49a4-9e4e-41f09409f5f9} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwr0 {6e0c4909-2d5f-49a4-9e4e-41f09409f5f9} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwr0s {6e0c4909-2d5f-49a4-9e4e-41f09409f5f9} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bws0 {6e0c4909-2d5f-49a4-9e4e-41f09409f5f9} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bws0s {6e0c4909-2d5f-49a4-9e4e-41f09409f5f9} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwt0 {6e0c4909-2d5f-49a4-9e4e-41f09409f5f9} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwt0s {6e0c4909-2d5f-49a4-9e4e-41f09409f5f9} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwu0 {6e0c4909-2d5f-49a4-9e4e-41f09409f5f9} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwu0s {6e0c4909-2d5f-49a4-9e4e-41f09409f5f9} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwv0 {6e0c4909-2d5f-49a4-9e4e-41f09409f5f9} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwv0s {6e0c4909-2d5f-49a4-9e4e-41f09409f5f9} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bww0 {6e0c4909-2d5f-49a4-9e4e-41f09409f5f9} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bww0s {6e0c4909-2d5f-49a4-9e4e-41f09409f5f9} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwx0 {6e0c4909-2d5f-49a4-9e4e-41f09409f5f9} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwx0s {6e0c4909-2d5f-49a4-9e4e-41f09409f5f9} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwy0 {6e0c4909-2d5f-49a4-9e4e-41f09409f5f9} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwy0s {6e0c4909-2d5f-49a4-9e4e-41f09409f5f9} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwz0 {6e0c4909-2d5f-49a4-9e4e-41f09409f5f9} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwz0s {6e0c4909-2d5f-49a4-9e4e-41f09409f5f9} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\offline-8876480 {6E0C4909-2D5F-49A4-9E4E-41F09409F5F9} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll ()
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/xhtml+xml {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Programme\Design Science\MathPlayer\MathMLMimer.dll (Design Science, Inc.)
O18 - Protocol\Filter\application/xhtml+xml; charset=iso-8859-1 {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Programme\Design Science\MathPlayer\MathMLMimer.dll (Design Science, Inc.)
O18 - Protocol\Filter\application/xhtml+xml; charset=utf-8 {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Programme\Design Science\MathPlayer\MathMLMimer.dll (Design Science, Inc.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml; charset=iso-8859-1 {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Programme\Design Science\MathPlayer\MathMLMimer.dll (Design Science, Inc.)
O18 - Protocol\Filter\text/xml; charset=utf-8 {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Programme\Design Science\MathPlayer\MathMLMimer.dll (Design Science, Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Alex und Ramona\Pictures\Alex\Diverses\IMOT\HD_2.jpg
O24 - Desktop BackupWallPaper: C:\Users\Alex und Ramona\Pictures\Alex\Diverses\IMOT\HD_2.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{0228f194-efd2-11df-8366-0019db5bbb46}\Shell - "" = AutoRun
O33 - MountPoints2\{0228f194-efd2-11df-8366-0019db5bbb46}\Shell\AutoRun\command - "" = K:\Startme.exe
O33 - MountPoints2\{93a8c3ed-3de3-11de-8980-0019db5bbb46}\Shell\AutoRun\command - "" = K:\pstart.exe
O33 - MountPoints2\{93a8c3ed-3de3-11de-8980-0019db5bbb46}\Shell\open\command - "" = K:\pstart.exe
O33 - MountPoints2\{b45d55cb-de4f-11dd-b976-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{b45d55cb-de4f-11dd-b976-806e6f6e6963}\Shell\AutoRun\command - "" = G:\Start.exe
O33 - MountPoints2\{daf968c7-3944-11de-be22-0019db5bbb46}\Shell\AutoRun\command - "" = K:\pstart.exe
O33 - MountPoints2\{daf968c7-3944-11de-be22-0019db5bbb46}\Shell\open\command - "" = K:\pstart.exe
O33 - MountPoints2\{e8aae153-310f-11df-b84b-0019db5bbb46}\Shell\AutoRun\command - "" = pbudsara.exe
O33 - MountPoints2\{e8aae153-310f-11df-b84b-0019db5bbb46}\Shell\open\Command - "" = pbudsara.exe
O33 - MountPoints2\{efb1555f-37c4-11de-98b0-0019db5bbb46}\Shell\AutoRun\command - "" = K:\PStart.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.05.19 19:51:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2011.05.19 19:51:14 | 000,000,000 | ---D | C] -- C:\Programme\7-Zip
[2011.05.19 19:27:54 | 000,580,608 | -H-- | C] (OldTimer Tools) -- C:\Users\Alex und Ramona\Desktop\OTL.exe
[2011.05.19 19:22:56 | 000,000,000 | -H-D | C] -- C:\Users\Alex und Ramona\AppData\Roaming\Malwarebytes
[2011.05.19 19:22:45 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011.05.19 19:22:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.05.19 19:22:43 | 000,000,000 | -H-D | C] -- C:\ProgramData\Malwarebytes
[2011.05.19 19:22:40 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.05.19 19:22:39 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2011.05.19 19:13:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2011.05.18 00:07:28 | 000,000,000 | -H-D | C] -- C:\Users\Alex und Ramona\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Vista Recovery
[2011.05.13 11:26:03 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011.05.12 19:21:51 | 000,000,000 | -H-D | C] -- C:\Users\Alex und Ramona\AppData\Local\WinZip
[2011.04.27 21:38:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011.04.27 21:37:29 | 000,000,000 | ---D | C] -- C:\Programme\iPod
[2011.04.27 21:33:37 | 000,000,000 | ---D | C] -- C:\Programme\Bonjour
[2011.04.27 02:11:48 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2011.04.27 02:11:48 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2011.04.27 02:11:42 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2011.04.25 21:42:29 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2011.04.25 21:42:28 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2011.04.25 21:42:28 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011.04.25 21:42:26 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011.04.25 21:42:26 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011.04.25 21:42:26 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2011.04.25 21:42:26 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2011.04.25 21:42:26 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2011.04.25 21:42:23 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2011.04.25 21:42:23 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2011.04.25 21:42:23 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011.04.25 21:42:23 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2011.04.25 21:42:23 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2011.04.25 21:42:22 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011.04.25 21:42:22 | 000,353,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011.04.25 21:42:22 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011.04.25 21:42:22 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011.04.25 21:42:22 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011.04.25 21:42:22 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011.04.25 21:42:22 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011.04.25 21:42:21 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2011.04.25 21:42:20 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011.04.25 21:42:20 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2011.04.25 21:42:20 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2011.04.25 21:42:19 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2011.04.25 21:42:17 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011.04.25 21:42:16 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011.04.25 21:42:16 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2011.04.25 21:42:15 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2011.04.25 21:42:15 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2011.04.25 21:42:14 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2011.04.25 21:42:14 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2011.04.25 21:42:13 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2011.04.25 21:42:13 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011.04.25 21:42:13 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2011.04.25 21:42:13 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011.04.25 21:42:13 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2011.04.25 21:42:13 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011.04.25 21:42:12 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
 
========== Files - Modified Within 30 Days ==========
 
[2011.05.19 19:58:06 | 000,054,016 | ---- | M] () -- C:\Windows\System32\drivers\skwg.sys
[2011.05.19 19:27:58 | 000,580,608 | -H-- | M] (OldTimer Tools) -- C:\Users\Alex und Ramona\Desktop\OTL.exe
[2011.05.19 19:22:46 | 000,000,910 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.05.19 19:13:22 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.05.19 19:13:22 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.05.19 19:13:21 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.05.19 19:13:16 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.05.19 19:13:11 | 2145,902,592 | -HS- | M] () -- C:\hiberfil.sys
[2011.05.19 19:07:18 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.05.18 18:45:23 | 000,665,870 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.05.18 18:45:23 | 000,627,296 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.05.18 18:45:23 | 000,141,146 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.05.18 18:45:23 | 000,116,120 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.05.18 00:26:10 | 000,000,016 | -H-- | M] () -- C:\ProgramData\~33218296
[2011.05.18 00:07:29 | 000,000,599 | -H-- | M] () -- C:\Users\Alex und Ramona\Desktop\Windows Vista Recovery.lnk
[2011.05.17 16:33:33 | 000,007,052 | -H-- | M] () -- C:\Users\Alex und Ramona\AppData\Local\d3d9caps.dat
[2011.05.13 11:26:04 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011.04.27 21:40:04 | 000,000,629 | ---- | M] () -- C:\Windows\System32\mapisvc.inf
[2011.04.25 21:42:42 | 000,008,798 | ---- | M] () -- C:\Windows\System32\icrav03.rat
[2011.04.25 21:42:42 | 000,001,988 | ---- | M] () -- C:\Windows\System32\ticrf.rat
[2011.04.25 21:42:29 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2011.04.25 21:42:28 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2011.04.25 21:42:28 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011.04.25 21:42:26 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011.04.25 21:42:26 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011.04.25 21:42:26 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2011.04.25 21:42:26 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2011.04.25 21:42:26 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2011.04.25 21:42:24 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011.04.25 21:42:23 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2011.04.25 21:42:23 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2011.04.25 21:42:23 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2011.04.25 21:42:23 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2011.04.25 21:42:23 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011.04.25 21:42:22 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011.04.25 21:42:22 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011.04.25 21:42:22 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011.04.25 21:42:22 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011.04.25 21:42:22 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2011.04.25 21:42:22 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011.04.25 21:42:22 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011.04.25 21:42:21 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2011.04.25 21:42:20 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011.04.25 21:42:20 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2011.04.25 21:42:20 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2011.04.25 21:42:19 | 000,420,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2011.04.25 21:42:17 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011.04.25 21:42:17 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011.04.25 21:42:16 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2011.04.25 21:42:15 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2011.04.25 21:42:15 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2011.04.25 21:42:14 | 001,797,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2011.04.25 21:42:14 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2011.04.25 21:42:14 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2011.04.25 21:42:13 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011.04.25 21:42:13 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2011.04.25 21:42:13 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011.04.25 21:42:13 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2011.04.25 21:42:13 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011.04.25 21:42:12 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
 
========== Files Created - No Company Name ==========
 
[2011.05.19 19:58:06 | 000,054,016 | ---- | C] () -- C:\Windows\System32\drivers\skwg.sys
[2011.05.19 19:22:46 | 000,000,910 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.05.18 00:07:29 | 000,000,599 | -H-- | C] () -- C:\Users\Alex und Ramona\Desktop\Windows Vista Recovery.lnk
[2011.05.18 00:07:29 | 000,000,016 | -H-- | C] () -- C:\ProgramData\~33218296
[2011.04.27 01:17:47 | 000,002,071 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk
[2011.04.27 01:17:47 | 000,001,837 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logitech SetPoint.lnk
[2011.04.27 01:17:47 | 000,001,792 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
[2011.04.27 01:17:47 | 000,001,161 | -H-- | C] () -- C:\Users\Alex und Ramona\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
[2011.04.25 21:42:22 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2010.05.31 11:33:54 | 000,000,699 | ---- | C] () -- C:\Windows\wiso.ini
[2009.09.24 14:01:20 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.09.24 14:01:20 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009.08.03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009.08.03 15:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009.02.17 23:10:14 | 000,000,116 | -H-- | C] () -- C:\Users\Alex und Ramona\AppData\Roaming\wklnhst.dat
[2009.01.18 21:02:33 | 000,000,188 | -H-- | C] () -- C:\Users\Alex und Ramona\AppData\Roaming\Default.PLS
[2009.01.09 23:28:57 | 000,118,784 | R--- | C] () -- C:\Windows\bwUnin-7.2.0.137-8876480SL.exe
[2009.01.09 22:27:03 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009.01.09 22:25:42 | 000,126,464 | -H-- | C] () -- C:\Users\Alex und Ramona\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.01.09 15:56:41 | 000,007,052 | -H-- | C] () -- C:\Users\Alex und Ramona\AppData\Local\d3d9caps.dat
[2007.02.26 18:14:35 | 000,299,008 | ---- | C] () -- C:\Windows\System32\midas.dll
[2007.02.26 18:14:35 | 000,120,320 | ---- | C] () -- C:\Windows\System32\UnzDll.dll
[2007.02.10 17:17:37 | 000,006,642 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2007.02.09 16:43:52 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2007.02.09 15:32:51 | 000,127,184 | ---- | C] () -- C:\Windows\Unwise.exe
[2007.02.09 15:12:31 | 000,003,072 | ---- | C] () -- C:\Windows\System32\34CoInstaller.dll
[2006.12.11 06:06:31 | 000,000,000 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2006.11.02 17:33:31 | 000,665,870 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2006.11.02 17:33:31 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2006.11.02 17:33:31 | 000,141,146 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2006.11.02 17:33:31 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:47:37 | 000,406,304 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:33:01 | 000,627,296 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,116,120 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 12:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006.09.20 08:34:10 | 000,000,000 | -H-- | C] () -- C:\Windows\Buhl.ini
[2002.03.13 14:15:06 | 000,057,344 | ---- | C] () -- C:\Windows\System32\mupkernps11.dll
 
========== LOP Check ==========
 
[2010.05.31 11:42:39 | 000,000,000 | -H-D | M] -- C:\Users\Alex und Ramona\AppData\Roaming\Buhl Data Service
[2011.01.04 21:19:45 | 000,000,000 | -H-D | M] -- C:\Users\Alex und Ramona\AppData\Roaming\Canon
[2011.02.09 01:13:49 | 000,000,000 | -H-D | M] -- C:\Users\Alex und Ramona\AppData\Roaming\MyPhoneExplorer
[2009.05.05 20:46:33 | 000,000,000 | -H-D | M] -- C:\Users\Alex und Ramona\AppData\Roaming\OpenOffice.org
[2009.02.17 23:10:16 | 000,000,000 | -H-D | M] -- C:\Users\Alex und Ramona\AppData\Roaming\Template
[2011.05.19 19:11:56 | 000,032,538 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 229 bytes -> C:\ProgramData\Temp:8FF81EB0
 
< End of report >
--- --- ---
 

Themen zu FakeAlert!grb eingefangen
adobe, alternate, autorun, bho, bonjour, canon, computer, defender, error, excel.exe, fehlermeldung, festplatte, firefox, format, home, iexplore.exe, install.exe, maßnahme, mozilla, nvlddmkm.sys, object, oldtimer, phishing, plug-in, realtek, recycle.bin, registry, searchplugins, senden, siteadvisor, software, start menu, trojaner, usb, vista, vista recovery, windows


« Rechner langsam nach behebung von Google-Werbungsweiterleitungen | Weiterleitung auf Epoclick, Google analytics, etc in Windows XP »


Ähnliche Themen: FakeAlert!grb eingefangen


  1. Problem mit Fakealert
    Plagegeister aller Art und deren Bekämpfung - 21.05.2013 (12)
  2. Verschlüsselungstrojaner eingefangen: (Spyware.Zbot)(Trojan.FakeAlert)
    Plagegeister aller Art und deren Bekämpfung - 20.08.2012 (17)
  3. TR/Fakealert.grb.225 und TR/Alureon.FE.2
    Log-Analyse und Auswertung - 03.07.2012 (20)
  4. HTML/FakeAlert.AP
    Plagegeister aller Art und deren Bekämpfung - 11.04.2012 (15)
  5. FakeAlert eingefangen - und jetzt
    Plagegeister aller Art und deren Bekämpfung - 05.04.2012 (21)
  6. HTML/FakeAlert.AP
    Log-Analyse und Auswertung - 03.04.2012 (7)
  7. html FakeAlert AP
    Plagegeister aller Art und deren Bekämpfung - 30.03.2012 (3)
  8. tr/fakealert.grb.440
    Log-Analyse und Auswertung - 19.02.2012 (2)
  9. Fakealert.tz eingefangen
    Plagegeister aller Art und deren Bekämpfung - 30.10.2011 (29)
  10. FakeAlert!grb
    Log-Analyse und Auswertung - 29.10.2011 (8)
  11. FakeAlert!fakealert-REP in C:\Windows\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe
    Plagegeister aller Art und deren Bekämpfung - 02.09.2011 (45)
  12. FakeAlert!grb eingefangen
    Log-Analyse und Auswertung - 06.08.2011 (11)
  13. FakeAlert!fakealert-REP virus
    Plagegeister aller Art und deren Bekämpfung - 06.06.2011 (22)
  14. FakeAlert!grb - Problem
    Plagegeister aller Art und deren Bekämpfung - 18.04.2011 (20)
  15. DR/FakeAlert.SE' [dropper] - Wer ist das?
    Plagegeister aller Art und deren Bekämpfung - 23.08.2009 (17)
  16. R/Fakealert.QE aufm pc
    Plagegeister aller Art und deren Bekämpfung - 19.10.2008 (21)
  17. TR/Fakealert.AAF
    Mülltonne - 22.09.2008 (0)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema FakeAlert!grb eingefangen - Hallo, ich benötige Eure Hilfe. Habe mir vor 2 Tagen einen Trojaner eingefangen. McAfee sagt: "McAfee hat auf ihrem Computer eine Bedrohung (Trojaner) entdeckt und etfernt. Es sind keine weiteren - FakeAlert!grb eingefangen...
Archiv
Du betrachtest: FakeAlert!grb eingefangen auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131