Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Bundeskriminalamt Virus

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 07.08.2011, 03:46   #1
Vogel0815
 
Bundeskriminalamt Virus - Standard

Bundeskriminalamt Virus



Ich hab mir heute ebenfalls diesen Bundeskriminalamt-Trojaner eingefangen. Ich habe relativ wenig Ahnung von der ganzen Materie, bin aber durch einige tipps in diesem Forum zumindest wieder in der Lage Windows normal zu starten. Der OTLPE-Scan hat folgendes ergeben:

Code:
ATTFilter
OTL logfile created on: 07.08.2011 03:24:12 - Run 1
OTL by OldTimer - Version 3.2.26.1     Folder = C:\Users\Vogel\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19088)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 0,92 Gb Available Physical Memory | 46,10% Memory free
4,23 Gb Paging File | 2,80 Gb Available in Paging File | 66,17% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 221,19 Gb Total Space | 10,69 Gb Free Space | 4,83% Space Free | Partition Type: NTFS
Drive D: | 11,70 Gb Total Space | 2,17 Gb Free Space | 18,56% Space Free | Partition Type: NTFS
 
Computer Name: ****-PC | User Name: **** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011.08.07 03:23:44 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\****\Downloads\OTL.exe
PRC - [2011.07.31 00:43:12 | 001,093,211 | ---- | M] (modified by Miranda Fusion Team) -- C:\Programme\MirandaFusion\miranda32.exe
PRC - [2011.07.04 22:28:18 | 000,040,960 | ---- | M] () -- C:\Users\****\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe
PRC - [2011.06.16 06:32:36 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2011.04.08 07:14:00 | 002,218,600 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011.04.07 22:43:20 | 000,373,864 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\Display\nvtray.exe
PRC - [2011.04.07 22:43:04 | 000,841,832 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\Display\NvXDSync.exe
PRC - [2011.03.28 21:22:58 | 000,967,508 | ---- | M] (Miranda Fusion Team) -- C:\Programme\MirandaFusion\fusiontools\mfstart.exe
PRC - [2011.03.22 20:37:06 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Programme\Winamp\winampa.exe
PRC - [2010.09.21 15:03:14 | 001,710,464 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2010.09.21 15:03:14 | 000,193,408 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2009.11.13 11:59:49 | 000,323,392 | ---- | M] (BitTorrent, Inc.) -- C:\Users\Vogel\Program Files\DNA\btdna.exe
PRC - [2009.07.21 15:34:28 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2009.05.13 17:48:18 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.04.11 08:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2009.03.02 14:08:43 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2008.07.20 17:45:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008.07.20 17:45:06 | 000,182,808 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2008.05.21 01:04:46 | 000,185,896 | ---- | M] (RealNetworks, Inc.) -- C:\Programme\Common Files\Real\Update_OB\realsched.exe
PRC - [2008.01.19 09:38:38 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Defender\MSASCui.exe
PRC - [2007.09.15 10:29:10 | 000,102,400 | ---- | M] (Synaptics, Inc.) -- C:\Programme\Synaptics\SynTP\SynTPStart.exe
PRC - [2007.08.17 15:27:00 | 004,702,208 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007.01.17 15:34:18 | 000,634,880 | ---- | M] (Motorola Inc.) -- C:\Programme\Motorola\SMSERIAL\sm56hlpr.exe
 
 
========== Modules (SafeList) ==========
 
MOD - [2011.08.07 03:23:44 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\****\Downloads\OTL.exe
MOD - [2010.08.31 17:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2011.07.04 22:28:18 | 000,040,960 | ---- | M] () [Auto | Running] -- C:\Users\****\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe -- (SearchAnonymizer)
SRV - [2011.04.08 07:14:00 | 002,218,600 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Programme\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2009.07.21 15:34:28 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009.05.13 17:48:18 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2008.08.08 06:35:42 | 001,622,016 | ---- | M] (南京纳加软件有限公司) [Auto | Stopped] -- C:\Windows\System32\Nagasoft\vjocx.dll -- (vvdsvc)
SRV - [2008.07.20 17:45:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2008.01.19 09:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.03.05 11:30:06 | 000,110,592 | ---- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand | Stopped] -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe -- (Com4Qlb)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2011.07.06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2011.04.08 07:14:00 | 010,690,024 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009.12.08 08:42:19 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009.05.11 11:12:20 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.03.30 11:33:03 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2009.02.13 13:35:01 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2009.01.12 16:50:04 | 000,087,536 | ---- | M] (CyberLink Corp.) [2009/04/10 20:23:35] [Kernel | Auto | Running] -- C:\Programme\Hp\QuickPlay\000.fcl -- ({22D78859-9CE9-4B77-BF18-AC83E81A9263})
DRV - [2007.09.18 01:17:36 | 000,098,816 | ---- | M] (Realtek Corporation                                            ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2007.07.11 11:30:22 | 000,007,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqRemHid.sys -- (HpqRemHid)
DRV - [2007.06.28 17:09:56 | 002,222,080 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Intel(R)
DRV - [2007.06.18 18:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2007.03.21 23:02:04 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007.02.24 15:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007.01.23 17:40:20 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2007.01.17 15:38:52 | 000,983,936 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=81&bd=Pavilion&pf=laptop
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=81&bd=Pavilion&pf=laptop
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.ask.com/?o=101764&l=dis
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.nba.com"
FF - prefs.js..extensions.enabledItems: {d5bc46d8-67c7-11dc-8c1d-0097498c2b7a}:1.0.0.1
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.071301000019
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.46: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.46: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.46: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@veetle.com/vbp;version=0.9.17: C:\Program Files\Veetle\VLCBroadcast\npvbp.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKCU\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Users\Vogel\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player:  File not found
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.07.04 19:31:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.03.29 00:57:48 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{d5bc46d8-67c7-11dc-8c1d-0097498c2b7a}: C:\Users\Vogel\Program Files\DNA [2011.08.07 03:08:44 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\finder@meingutscheincode.de: C:\Program Files\Mein Gutscheincode Finder\Firefox [2011.07.04 22:28:28 | 000,000,000 | ---D | M]
 
[2008.12.09 10:29:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Vogel\AppData\Roaming\mozilla\Extensions
[2011.07.19 12:24:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Vogel\AppData\Roaming\mozilla\Firefox\Profiles\x034cku2.default\extensions
[2010.06.24 17:36:24 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Vogel\AppData\Roaming\mozilla\Firefox\Profiles\x034cku2.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.07.19 12:24:35 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Vogel\AppData\Roaming\mozilla\Firefox\Profiles\x034cku2.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2009.06.01 22:27:11 | 000,000,000 | ---D | M] (Move Media Player) -- C:\Users\Vogel\AppData\Roaming\mozilla\Firefox\Profiles\x034cku2.default\extensions\moveplayer@movenetworks.com
[2011.02.24 02:35:22 | 000,000,000 | ---D | M] (vShare) -- C:\Users\Vogel\AppData\Roaming\mozilla\Firefox\Profiles\x034cku2.default\extensions\vshare@toolbar
[2011.07.04 22:28:26 | 000,001,080 | ---- | M] () -- C:\Users\Vogel\AppData\Roaming\Mozilla\Firefox\Profiles\x034cku2.default\searchplugins\ask.xml
[2011.07.04 22:28:26 | 000,002,785 | ---- | M] () -- C:\Users\Vogel\AppData\Roaming\Mozilla\Firefox\Profiles\x034cku2.default\searchplugins\askcom.xml
[2011.07.04 22:28:26 | 000,002,655 | ---- | M] () -- C:\Users\Vogel\AppData\Roaming\Mozilla\Firefox\Profiles\x034cku2.default\searchplugins\forestle-de.xml
[2011.07.04 22:28:26 | 000,002,182 | ---- | M] () -- C:\Users\Vogel\AppData\Roaming\Mozilla\Firefox\Profiles\x034cku2.default\searchplugins\{1C93ACC6-1044-4901-9B15-AE67BA2E70B9}.xml
[2011.07.04 22:28:26 | 000,001,864 | ---- | M] () -- C:\Users\Vogel\AppData\Roaming\Mozilla\Firefox\Profiles\x034cku2.default\searchplugins\{EC4F756E-961A-46D6-9C91-C6E8954A1793}.xml
[2011.07.04 22:28:26 | 000,002,071 | ---- | M] () -- C:\Users\Vogel\AppData\Roaming\Mozilla\Firefox\Profiles\x034cku2.default\searchplugins\{F0938D24-4918-426C-9D66-6C0C43B2A9DE}.xml
[2011.07.12 22:21:47 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2011.02.06 03:02:12 | 000,000,000 | ---D | M] (Skype extension) -- C:\Programme\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010.08.19 13:42:26 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2011.04.27 06:18:47 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011.07.12 22:21:47 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
File not found (No name found) -- 
[2011.07.04 22:28:28 | 000,000,000 | ---D | M] (preisspion.de) -- C:\PROGRAM FILES\MEIN GUTSCHEINCODE FINDER\FIREFOX
[2009.09.30 00:28:50 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
[2009.12.15 08:56:09 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
[2010.04.05 19:07:32 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
[2010.08.19 13:42:26 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2011.04.27 06:18:47 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011.07.12 22:21:47 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011.06.16 06:32:37 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2008.09.04 02:11:24 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\mozilla firefox\plugins\npbittorrent.dll
[2011.05.04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011.03.22 20:38:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2011.07.04 22:28:26 | 000,001,678 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.07.04 22:28:26 | 000,001,929 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011.07.04 22:28:26 | 000,001,265 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011.07.04 22:28:26 | 000,007,045 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.07.04 22:28:26 | 000,001,272 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.07.04 22:28:26 | 000,001,164 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Mein Gutscheincode Finder zeigt automatisch Shopping-Gutscheine an mit denen Sie beim Online-Einkauf sparen können.) - {1ED16E0A-E8C4-40A0-8BC2-79485D21F796} - C:\Programme\Mein Gutscheincode Finder\Internet Explorer\x86\ConversionOneIE.dll (Conversion One GmbH)
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No CLSID value found.
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Programme\Free Download Manager\iefdm2.dll ()
O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Programme\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Ocs_SM] C:\Users\Vogel\AppData\Roaming\OCS\SM\SearchAnonymizer.exe (OCS)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SMSERIAL] C:\Programme\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
O4 - HKLM..\Run: [SynTPStart] C:\Programme\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [BitTorrent DNA] C:\Users\Vogel\Program Files\DNA\btdna.exe (BitTorrent, Inc.)
O4 - HKCU..\Run: [Miranda Fusion] C:\Programme\MirandaFusion\fusiontools\mfstart.exe (Miranda Fusion Team)
O8 - Extra context menu item: Alles mit FDM herunterladen - C:\Program Files\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Auswahl mit FDM herunterladen - C:\Program Files\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: Datei mit FDM herunterladen - C:\Program Files\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Vogel\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Videos mit FDM herunterladen - C:\Program Files\Free Download Manager\dlfvideo.htm ()
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: PartyCasino - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} -  File not found
O9 - Extra 'Tools' menuitem : PartyCasino - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} -  File not found
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} -  File not found
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} -  File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} hxxp://dl.tvunetworks.com/TVUAx.cab (CTVUAxCtrl Object)
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} hxxp://static.pe.studivz.net/photouploader/ImageUploader5.cab?nocache=1222253279 (Image Uploader Control)
O16 - DPF: {5EC7C511-CD0F-42E6-830C-1BD9882F3458} hxxp://download.ppstream.com/bin/powerplayer.cab (PowerPlayer Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {9CA74596-B5BB-4634-971C-F0224115A15F} hxxp://nba.tom.com/video/tcastV1.cab (tcast control)
O16 - DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} hxxp://static.pe.studivz.net/photouploader/ImageUploader5.cab?nocache=1216850842 (Image Uploader Control)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Vogel\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Vogel\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2005.09.11 17:18:54 | 000,000,340 | -HS- | M] () - D:\AUTOMODE -- [ NTFS ]
O33 - MountPoints2\{f27d5463-6d54-11df-b84f-001e6830b51b}\Shell\AutoRun\command - "" = F:\Menu.exe
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.08.07 02:56:17 | 000,000,000 | ---D | C] -- C:\Users\Vogel\Desktop\Antivirus
[2011.08.07 02:36:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2011.08.07 02:35:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2011.08.07 02:35:54 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2011.08.07 02:21:27 | 000,000,000 | ---D | C] -- C:\Users\Vogel\AppData\Roaming\Malwarebytes
[2011.08.07 02:20:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.08.07 02:20:57 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011.08.07 02:20:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.08.07 02:20:52 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.08.07 02:20:51 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011.08.06 22:43:37 | 000,000,000 | ---D | C] -- C:\Kaspersky Rescue Disk 10.0
[2011.07.26 01:08:45 | 000,000,000 | ---D | C] -- C:\Users\Vogel\AppData\Local\{AAFDE01A-25A9-43F4-A7BD-01E42995D887}
[2011.07.23 14:01:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free M4a to MP3 Converter
[2011.07.23 14:01:52 | 000,000,000 | ---D | C] -- C:\Program Files\Free M4a to MP3 Converter
[2011.07.23 13:56:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Canneverbe Limited
[2011.07.23 13:56:17 | 000,000,000 | ---D | C] -- C:\Users\Vogel\AppData\Roaming\Canneverbe Limited
[2011.07.23 13:54:53 | 000,000,000 | ---D | C] -- C:\Program Files\CDBurnerXP
[2011.07.19 12:24:51 | 000,000,000 | ---D | C] -- C:\Users\Vogel\AppData\Roaming\DVDVideoSoft
[2011.07.19 12:24:34 | 000,000,000 | ---D | C] -- C:\Users\Vogel\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.07.19 12:24:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
[2011.07.19 12:24:20 | 000,000,000 | ---D | C] -- C:\Users\Vogel\Documents\DVDVideoSoft
[2011.07.19 12:24:20 | 000,000,000 | ---D | C] -- C:\Program Files\DVDVideoSoft
[2011.07.19 12:24:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DVDVideoSoft
[2011.07.13 22:21:24 | 002,043,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011.07.13 22:21:20 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2011.07.13 22:21:20 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2011.07.12 22:21:45 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2011.07.12 22:21:45 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2011.07.12 22:21:45 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2008.07.14 00:35:08 | 003,063,561 | ---- | C] (Macromedia, Inc.) -- C:\ProgramData\MobileTV.exe
[2008.07.14 00:35:08 | 002,989,660 | ---- | C] (Macromedia, Inc.) -- C:\ProgramData\DVD.exe
[2008.07.14 00:35:08 | 002,864,396 | ---- | C] (Macromedia, Inc.) -- C:\ProgramData\MPV.exe
[2008.07.14 00:35:08 | 002,331,174 | ---- | C] (Macromedia, Inc.) -- C:\ProgramData\Karaoke.exe
[2008.07.14 00:35:07 | 002,231,606 | ---- | C] (Macromedia, Inc.) -- C:\ProgramData\Games.exe
 
========== Files - Modified Within 30 Days ==========
 
[2011.08.07 03:22:16 | 000,000,000 | ---- | M] () -- C:\Users\Vogel\defogger_reenable
[2011.08.07 02:58:30 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.08.07 02:58:30 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.08.07 02:58:22 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.08.07 02:58:20 | 2145,837,056 | -HS- | M] () -- C:\hiberfil.sys
[2011.07.31 22:29:16 | 000,037,376 | ---- | M] () -- C:\Users\Vogel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.07.26 01:04:32 | 291,820,709 | ---- | M] () -- C:\Users\Vogel\Desktop\video-2011-07-26-01-01-47.mp4
[2011.07.26 00:57:14 | 000,094,291 | ---- | M] () -- C:\Users\Vogel\Desktop\bild.jpg
[2011.07.23 13:54:55 | 000,001,734 | ---- | M] () -- C:\Users\Public\Desktop\CDBurnerXP.lnk
[2011.07.19 12:24:31 | 000,001,191 | ---- | M] () -- C:\Users\Vogel\Desktop\Free YouTube to MP3 Converter.lnk
[2011.07.14 17:43:47 | 000,324,816 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
 
========== Files Created - No Company Name ==========
 
[2011.08.07 03:22:16 | 000,000,000 | ---- | C] () -- C:\Users\Vogel\defogger_reenable
[2011.08.07 01:29:15 | 2145,837,056 | -HS- | C] () -- C:\hiberfil.sys
[2011.07.26 01:05:46 | 291,820,709 | ---- | C] () -- C:\Users\Vogel\Desktop\video-2011-07-26-01-01-47.mp4
[2011.07.26 00:57:14 | 000,094,291 | ---- | C] () -- C:\Users\Vogel\Desktop\bild.jpg
[2011.07.23 13:54:55 | 000,001,734 | ---- | C] () -- C:\Users\Public\Desktop\CDBurnerXP.lnk
[2011.07.23 13:54:55 | 000,001,684 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
[2011.07.19 12:24:31 | 000,001,191 | ---- | C] () -- C:\Users\Vogel\Desktop\Free YouTube to MP3 Converter.lnk
[2011.02.06 03:04:41 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.06.01 15:43:15 | 000,000,032 | ---- | C] () -- C:\Windows\Menu.INI
[2010.05.25 10:54:42 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2009.12.04 20:49:51 | 000,180,503 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009.12.04 20:49:14 | 000,180,503 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009.09.24 00:37:23 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.09.24 00:37:23 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009.07.04 18:45:59 | 000,819,200 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2009.07.04 18:45:59 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2009.03.24 22:07:07 | 000,000,082 | ---- | C] () -- C:\Windows\odbc_merge.INI
[2008.09.03 21:35:58 | 000,006,144 | ---- | C] () -- C:\Windows\System32\winssl.dll
[2008.08.31 04:53:46 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008.07.23 18:05:51 | 000,014,940 | ---- | C] () -- C:\Windows\desctemp.dat
[2008.07.14 00:34:44 | 000,000,778 | ---- | C] () -- C:\ProgramData\hpqp.ini
[2008.07.12 23:53:33 | 000,000,680 | ---- | C] () -- C:\Users\Vogel\AppData\Local\d3d9caps.dat
[2008.05.20 00:36:29 | 000,037,376 | ---- | C] () -- C:\Users\Vogel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.05.19 21:48:31 | 000,140,687 | ---- | C] () -- C:\Users\Vogel\AppData\Roaming\nvModes.001
[2008.05.19 21:44:33 | 000,140,687 | ---- | C] () -- C:\Users\Vogel\AppData\Roaming\nvModes.dat
[2008.03.18 10:58:38 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ1.dat
[2008.03.18 10:58:38 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ0.dat
[2008.03.18 10:58:09 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2007.11.26 22:18:49 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2007.11.26 22:18:49 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2007.11.26 22:18:48 | 000,628,742 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2007.11.26 22:18:48 | 000,126,260 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:47:37 | 000,324,816 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:33:01 | 000,595,996 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,104,070 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 12:25:21 | 000,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006.03.10 00:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2005.05.08 18:56:44 | 000,055,808 | ---- | C] () -- C:\Windows\System32\zlib1.dll

< End of report >
         

Geändert von Vogel0815 (07.08.2011 um 03:53 Uhr)

Alt 09.08.2011, 13:51   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Bundeskriminalamt Virus - Standard

Bundeskriminalamt Virus



Zitat:
bin aber durch einige tipps in diesem Forum zumindest wieder in der Lage Windows normal zu starten.
Was genau wurde getan? Vor oder nach der Erstellung des Logs mit OTLPE?
__________________

__________________

Antwort

Themen zu Bundeskriminalamt Virus
antivir, autorun, avira, bho, bonjour, converter, defender, desktop, error, excel.exe, explorer, firefox, format, free download, home, intranet, kaspersky, kaspersky rescue, launch, logfile, mozilla, mp3, nvlddmkm.sys, object, realtek, registry, senden, software, start menu, studio, version=1.0, virus, vista, wenig ahnung, windows



Ähnliche Themen: Bundeskriminalamt Virus


  1. Bundeskriminalamt Virus
    Log-Analyse und Auswertung - 19.03.2014 (8)
  2. Bundeskriminalamt Virus eingefangen... Wie enfernen?
    Plagegeister aller Art und deren Bekämpfung - 30.03.2013 (1)
  3. Riesiges Problem Bundeskriminalamt virus & Gvu Virus
    Log-Analyse und Auswertung - 05.02.2013 (44)
  4. 100 Euro - Virus - Bundeskriminalamt
    Plagegeister aller Art und deren Bekämpfung - 14.07.2012 (3)
  5. Bundeskriminalamt - Virus
    Plagegeister aller Art und deren Bekämpfung - 20.12.2011 (6)
  6. Bundeskriminalamt Trojaner/Virus //// Datenrettung
    Plagegeister aller Art und deren Bekämpfung - 24.11.2011 (37)
  7. Bundeskriminalamt virus
    Plagegeister aller Art und deren Bekämpfung - 17.11.2011 (29)
  8. BKA-Virus! Bundeskriminalamt hat PC lahmgelegt.
    Log-Analyse und Auswertung - 09.09.2011 (25)
  9. Bundeskriminalamt Virus
    Log-Analyse und Auswertung - 31.08.2011 (25)
  10. Bundeskriminalamt Virus
    Log-Analyse und Auswertung - 22.08.2011 (32)
  11. Bundeskriminalamt Virus
    Plagegeister aller Art und deren Bekämpfung - 13.08.2011 (6)
  12. Bundeskriminalamt Virus
    Log-Analyse und Auswertung - 11.08.2011 (1)
  13. Bundeskriminalamt Virus [mögliche Lösung]
    Diskussionsforum - 08.08.2011 (32)
  14. Bundeskriminalamt Virus
    Plagegeister aller Art und deren Bekämpfung - 23.06.2011 (11)
  15. Bundeskriminalamt - Virus
    Log-Analyse und Auswertung - 16.06.2011 (24)
  16. Bundeskriminalamt Virus otl.txt
    Log-Analyse und Auswertung - 28.05.2011 (3)
  17. (bundeskriminalamt) virus
    Log-Analyse und Auswertung - 13.04.2011 (16)

Zum Thema Bundeskriminalamt Virus - Ich hab mir heute ebenfalls diesen Bundeskriminalamt-Trojaner eingefangen. Ich habe relativ wenig Ahnung von der ganzen Materie, bin aber durch einige tipps in diesem Forum zumindest wieder in der Lage - Bundeskriminalamt Virus...
Archiv
Du betrachtest: Bundeskriminalamt Virus auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.