| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Nach Neuaufsetzen Spyware/Toolbars u.a. Win32/Adware.Toolbar.Dealio ... wie schlimm?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
11.03.2012, 12:40
| #1 |
 |  Nach Neuaufsetzen Spyware/Toolbars u.a. Win32/Adware.Toolbar.Dealio ... wie schlimm? Hallo liebe Trojaner Board Helfer! ich hatte neulich nach dem Fund des 50 Euro/Bka Trojaners mein Rechner neu aufgesetzt. Nach dem einrichten (inkl wiedereinspielen einiger Daten von der externen Platte) hab ich sicherheitshalber nochmal Malwarebytes und Eset drüber laufen lassen. Die Scans sind nun einige Tage her, da ich unterwegs war. Mein Rechner stand seitdem aber still (abgesehen von 2-3 Surfen in der Sandbox und E-Mails abrufen). Wäre lieb, wenn ihr euch die Scans mal anseht und sagt, was ich wegen den Toolbars machen soll. Die sind ja nicht im Browser o.ä. installiert, kriege eigentlich davon nix mit, außer dass die Scans mir deren Existenz verraten. Was machen die genau? Würde mich über eure Hilfe sehr freuen. Also, los gehts. DDS: Code:
ATTFilter .
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_20
Run by Tosiro at 12:24:39 on 2012-03-11
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.4094.2867 [GMT 1:00]
.
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: COMODO Defense+ *Disabled/Updated* {CE351521-78FA-2048-BB22-B68A4A5CA7EC}
FW: COMODO Firewall *Disabled* {4D6F75E0-14AF-2E9E-AACD-24CDCF08AA2A}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Sandboxie\SbieSvc.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsMobileCS.exe
C:\Windows\system32\svchost.exe -k HsfXAudioService
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsHelpCS.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
uRun: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
uRunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe
mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun: [BtTray] "C:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe"
mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun: [COMODO] C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLA.exe
mRun: [CPA] C:\Program Files\COMODO\COMODO GeekBuddy\VALA.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\WDDMST~1.LNK - C:\Program Files (x86)\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\WDSMAR~1.LNK - C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{13A9DFF8-AE44-402C-9BB4-17E91B8C5EAE} : NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{13A9DFF8-AE44-402C-9BB4-17E91B8C5EAE} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{13A9DFF8-AE44-402C-9BB4-17E91B8C5EAE}\16E697 : NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{13A9DFF8-AE44-402C-9BB4-17E91B8C5EAE}\16E697 : DhcpNameServer = 194.25.0.68
TCP: Interfaces\{13A9DFF8-AE44-402C-9BB4-17E91B8C5EAE}\379627F6 : NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{13A9DFF8-AE44-402C-9BB4-17E91B8C5EAE}\379627F6 : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{13A9DFF8-AE44-402C-9BB4-17E91B8C5EAE}\3796D647 : NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{13A9DFF8-AE44-402C-9BB4-17E91B8C5EAE}\3796D647 : DhcpNameServer = 10.1.255.246
TCP: Interfaces\{13A9DFF8-AE44-402C-9BB4-17E91B8C5EAE}\75C414E4D2030303243324444334546354 : NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{13A9DFF8-AE44-402C-9BB4-17E91B8C5EAE}\75C414E4D2030303243324444334546354 : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{13A9DFF8-AE44-402C-9BB4-17E91B8C5EAE}\84453402E6564777F627B6 : NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{13A9DFF8-AE44-402C-9BB4-17E91B8C5EAE}\84453402E6564777F627B6 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{4D528082-FD42-4EB1-936B-6B01AB073AC3} : NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{67A84B5E-4213-4EB3-AF5D-56FA895C825A} : NameServer = 8.26.56.26,156.154.70.22
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
AppInit_DLLs: C:\Windows\SysWOW64\guard32.dll
{18DF081C-E8AD-4283-A596-FA578C2EBDC3}
{326E768D-4182-46FD-9C16-1449A49795F4}
{53707962-6F74-2D53-2644-206D7942484F}
{DBC80044-A445-435b-BC74-9C25C1C588A9}
mRun-x64: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
mRun-x64: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun-x64: [BtTray] "C:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe"
mRun-x64: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun-x64: [COMODO] C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLA.exe
mRun-x64: [CPA] C:\Program Files\COMODO\COMODO GeekBuddy\VALA.exe
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRunOnce-x64: [ Malwarebytes Anti-Malware ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
AppInit_DLLs-X64: C:\Windows\SysWOW64\guard32.dll
.
================= FIREFOX ===================
.
FF - ProfilePath -
.
============= SERVICES / DRIVERS ===============
.
R0 BtHidBus;Bluetooth HID Bus Service;C:\Windows\system32\Drivers\BtHidBus.sys --> C:\Windows\system32\Drivers\BtHidBus.sys [?]
R1 avkmgr;avkmgr;C:\Windows\system32\DRIVERS\avkmgr.sys --> C:\Windows\system32\DRIVERS\avkmgr.sys [?]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;C:\Windows\system32\DRIVERS\cmdguard.sys --> C:\Windows\system32\DRIVERS\cmdguard.sys [?]
R1 cmdHlp;COMODO Internet Security Helper Driver;C:\Windows\system32\DRIVERS\cmdhlp.sys --> C:\Windows\system32\DRIVERS\cmdhlp.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]
R2 AntiVirSchedulerService;Avira Planer;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2012-2-22 86224]
R2 AntiVirService;Avira Echtzeit Scanner;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2012-2-22 110032]
R2 avgntflt;avgntflt;C:\Windows\system32\DRIVERS\avgntflt.sys --> C:\Windows\system32\DRIVERS\avgntflt.sys [?]
R2 BsMobileCS;BsMobileCS;C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsMobileCS.exe [2009-5-21 143467]
R2 CLPSLS;COMODO livePCsupport Service;C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe [2011-11-23 1267000]
R2 HsfXAudioService;HsfXAudioService;C:\Windows\system32\svchost.exe -k HsfXAudioService [2009-7-14 20992]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-2-25 652360]
R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2012-2-23 2253120]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2012-2-23 1153368]
R2 WDDMService;WD SmartWare Drive Manager Service;C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2009-11-13 129536]
R2 WDSmartWareBackgroundService;WD SmartWare Background Service;C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [2009-6-16 20480]
R3 btnetBUs;Bluetooth PAN Bus Service;C:\Windows\system32\Drivers\btnetBus.sys --> C:\Windows\system32\Drivers\btnetBus.sys [?]
R3 CAXHWAZL;CAXHWAZL;C:\Windows\system32\DRIVERS\CAXHWAZL.sys --> C:\Windows\system32\DRIVERS\CAXHWAZL.sys [?]
R3 IvtBtBUs;IVT Bluetooth Bus Service;C:\Windows\system32\Drivers\IvtBtBus.sys --> C:\Windows\system32\Drivers\IvtBtBus.sys [?]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 NETwLv64; Intel(R) Wireless WiFi Link der Serie 5000 Adaptertreiber für Windows Vista 64-Bit;C:\Windows\system32\DRIVERS\NETwLv64.sys --> C:\Windows\system32\DRIVERS\NETwLv64.sys [?]
R3 nuvotoncir;Nuvoton IR Transceiver;C:\Windows\system32\DRIVERS\nuvotoncir.sys --> C:\Windows\system32\DRIVERS\nuvotoncir.sys [?]
R3 SbieDrv;SbieDrv;C:\Program Files\Sandboxie\SbieDrv.sys [2012-2-6 161432]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-2-15 158856]
S3 ivusb;Initio Driver for USB Default Controller;C:\Windows\system32\DRIVERS\ivusb.sys --> C:\Windows\system32\DRIVERS\ivusb.sys [?]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series - Adaptertreiber für Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\netw5v64.sys --> C:\Windows\system32\DRIVERS\netw5v64.sys [?]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS --> C:\Windows\system32\DRIVERS\VSTAZL6.SYS [?]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS --> C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\system32\DRIVERS\wdcsam64.sys --> C:\Windows\system32\DRIVERS\wdcsam64.sys [?]
S3 winbondcir;Winbond IR Transceiver;C:\Windows\system32\DRIVERS\winbondcir.sys --> C:\Windows\system32\DRIVERS\winbondcir.sys [?]
.
=============== Created Last 30 ================
.
2012-03-02 09:13:50 411368 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-03-02 09:13:50 411368 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
2012-03-02 09:12:57 -------- d-----w- C:\Program Files (x86)\XMind
2012-02-26 14:15:28 -------- d-----w- C:\Users\Tosiro\AppData\Local\ElevatedDiagnostics
2012-02-26 13:47:04 -------- d-----w- C:\Windows\PCHEALTH
2012-02-26 13:44:11 -------- d-----w- C:\Users\Tosiro\AppData\Local\Microsoft Help
2012-02-25 12:11:22 -------- d-----w- C:\Program Files (x86)\ESET
2012-02-25 10:21:59 73544 ----a-w- C:\Windows\System32\XAPOFX1_3.dll
2012-02-25 00:23:31 -------- d-----w- C:\Users\Tosiro\AppData\Local\Western Digital
2012-02-25 00:20:22 -------- d-----w- C:\Users\Tosiro\AppData\Roaming\Malwarebytes
2012-02-25 00:20:14 -------- d-----w- C:\ProgramData\Malwarebytes
2012-02-25 00:20:13 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-02-25 00:20:13 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-02-24 22:29:06 902656 ----a-w- C:\Windows\System32\d2d1.dll
2012-02-24 22:29:06 1139200 ----a-w- C:\Windows\System32\FntCache.dll
2012-02-24 22:29:06 1076736 ----a-w- C:\Windows\SysWow64\DWrite.dll
2012-02-24 22:29:05 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll
2012-02-24 22:29:05 1544192 ----a-w- C:\Windows\System32\DWrite.dll
2012-02-24 21:33:42 -------- d-----w- C:\Windows\System32\SPReview
2012-02-24 21:32:52 -------- d-----w- C:\Windows\System32\EventProviders
2012-02-24 21:13:59 297808 ----a-w- C:\Windows\SysWow64\mscoree.dll
2012-02-24 21:12:59 458752 ----a-w- C:\Windows\SysWow64\WSDApi.dll
2012-02-24 21:11:59 95232 ----a-w- C:\Windows\SysWow64\logagent.exe
2012-02-24 21:10:50 606208 ----a-w- C:\Windows\SysWow64\wbem\fastprox.dll
2012-02-24 21:10:50 363008 ----a-w- C:\Windows\SysWow64\wbemcomn.dll
2012-02-24 21:10:50 189952 ----a-w- C:\Program Files (x86)\Windows Portable Devices\sqmapi.dll
2012-02-24 21:09:07 529408 ----a-w- C:\Windows\System32\wbemcomn.dll
2012-02-24 21:09:07 244736 ----a-w- C:\Program Files\Windows Portable Devices\sqmapi.dll
2012-02-24 21:08:57 244736 ----a-w- C:\Windows\System32\sqmapi.dll
2012-02-24 20:31:53 8643640 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9D811A52-1093-4FF2-A20B-356AF021FFB5}\mpengine.dll
2012-02-24 20:13:28 -------- d-----w- C:\ProgramData\CPA_VA
2012-02-23 22:53:39 -------- d-----r- C:\Sandbox
2012-02-23 22:43:37 87040 ----a-w- C:\Windows\System32\pdfcmnnt.dll
2012-02-23 22:43:37 662288 ----a-w- C:\Windows\SysWow64\MSCOMCT2.OCX
2012-02-23 22:43:37 137000 ----a-w- C:\Windows\SysWow64\MSMAPI32.OCX
2012-02-23 22:43:37 1071088 ----a-w- C:\Windows\SysWow64\MSCOMCTL.OCX
2012-02-23 22:43:35 64512 ----a-w- C:\Windows\SysWow64\MSCC2DE.DLL
2012-02-23 22:43:35 23552 ----a-w- C:\Windows\SysWow64\MSMPIDE.DLL
2012-02-23 22:43:35 158208 ----a-w- C:\Windows\SysWow64\MSCMCDE.DLL
2012-02-23 22:43:35 125712 ----a-w- C:\Windows\SysWow64\VB6DE.DLL
2012-02-23 22:43:35 -------- d-----w- C:\Program Files (x86)\PDFCreator
2012-02-23 22:13:38 -------- d-----w- C:\Program Files\Sandboxie
2012-02-23 22:02:34 -------- d-----w- C:\ProgramData\Comodo
2012-02-23 22:02:32 -------- d-----w- C:\Program Files\COMODO
2012-02-23 22:02:28 -------- d-----w- C:\Program Files (x86)\Comodo
2012-02-23 22:02:27 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll
2012-02-23 22:02:27 1700352 ----a-w- C:\Windows\SysWow64\gdiplus.dll
2012-02-23 22:02:27 1060864 ----a-w- C:\Windows\SysWow64\mfc71.dll
2012-02-23 21:53:00 -------- d-----w- C:\ProgramData\Shark007
2012-02-23 21:52:57 580096 ----a-w- C:\Windows\System32\ac3filter64.acm
2012-02-23 21:52:57 580096 ----a-w- C:\Windows\System32\ac3filter.acm
2012-02-23 21:52:57 548864 ----a-w- C:\Windows\System32\lameacm.acm
2012-02-23 21:52:57 53760 ----a-w- C:\Windows\System32\ff_acm.acm
2012-02-23 21:52:57 4608000 ----a-w- C:\Windows\System32\x264vfw.dll
2012-02-23 21:52:57 360960 ----a-w- C:\Windows\System32\aacacm.acm
2012-02-23 21:52:57 205824 ----a-w- C:\Windows\System32\unrar.dll
2012-02-23 21:52:57 180224 ----a-w- C:\Windows\System32\ac3acm.acm
2012-02-23 21:52:57 124909 ----a-w- C:\Windows\System32\pthreadGC2.dll
2012-02-23 21:52:57 -------- d-----w- C:\Program Files\Shark007
2012-02-23 21:50:20 -------- d-----w- C:\Windows\SysWow64\C2MP
2012-02-23 21:29:42 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2012-02-23 21:29:42 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2012-02-23 21:26:55 -------- d-----w- C:\Program Files (x86)\Common Files\PX Storage Engine
2012-02-23 21:26:41 -------- d-----w- C:\Program Files\DivX
2012-02-23 21:26:32 -------- d-----w- C:\Program Files (x86)\Common Files\DivX Shared
2012-02-23 21:25:44 -------- d-----w- C:\Program Files (x86)\DivX
2012-02-23 21:25:06 -------- d-----w- C:\ProgramData\DivX
2012-02-23 21:23:32 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-02-23 21:21:38 -------- d-----w- C:\Program Files\CCleaner
2012-02-23 21:08:15 -------- d-----r- C:\Program Files (x86)\Skype
2012-02-23 21:02:19 -------- d-----w- C:\Program Files (x86)\VideoLAN
2012-02-23 21:00:42 -------- d-----w- C:\ProgramData\Elaborate Bytes
2012-02-23 20:53:02 -------- d-----w- C:\Program Files (x86)\IVT Corporation
2012-02-23 20:52:34 66560 ----a-w- C:\Windows\System32\nmwcdclsx64.dll
2012-02-23 20:52:33 -------- d-----w- C:\Program Files (x86)\Nokia
2012-02-23 20:52:28 25600 ----a-w- C:\Windows\System32\drivers\pccsmcfdx64.sys
2012-02-23 20:52:18 -------- d-----w- C:\Program Files (x86)\PC Connectivity Solution
2012-02-23 20:51:25 -------- d-----w- C:\Program Files (x86)\Nuvoton Technology Corporation
2012-02-23 20:49:59 728680 ----a-w- C:\Windows\System32\DTSBassEnhancementDLL64.dll
2012-02-23 20:43:05 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation
2012-02-23 20:42:28 539456 ----a-w- C:\Windows\System32\nvhotkey.dll
2012-02-23 20:42:28 5067584 ----a-w- C:\Windows\System32\nvsvc64.dll
2012-02-23 20:42:28 137536 ----a-w- C:\Windows\System32\nvshext.dll
2012-02-23 20:42:27 837952 ----a-w- C:\Windows\System32\easyupdatusapiu64.dll
2012-02-23 20:42:27 3074368 ----a-w- C:\Windows\System32\nvsvcr.dll
2012-02-23 20:42:27 222528 ----a-w- C:\Windows\System32\nvmctray.dll
2012-02-23 20:42:27 1640768 ----a-w- C:\Windows\System32\nvvsvc.exe
2012-02-23 20:42:27 10406208 ----a-w- C:\Windows\System32\nvcpl.dll
2012-02-23 20:42:07 -------- d-----w- C:\ProgramData\NVIDIA Corporation
2012-02-23 20:30:18 -------- d-----w- C:\NVIDIA
2012-02-23 20:29:32 114688 ----a-w- C:\Windows\SysWow64\RicohMediadriverVer.dll
2012-02-23 20:08:35 -------- d-----w- C:\Program Files (x86)\Elaborate Bytes
2012-02-23 20:06:35 -------- d-----w- C:\Program Files (x86)\SlySoft
2012-02-23 19:56:51 -------- d-----w- C:\Program Files\Synaptics
2012-02-23 19:48:06 -------- d-----w- C:\Program Files (x86)\Common Files\Steam
2012-02-23 19:48:05 -------- d-----w- C:\Program Files (x86)\Steam
2012-02-23 19:40:43 -------- d-----w- C:\ProgramData\WD_SmartWareCommon
2012-02-23 19:37:16 -------- d-----w- C:\ProgramData\Western Digital
2012-02-23 19:36:58 -------- d-----w- C:\Program Files\Western Digital
2012-02-23 19:36:57 -------- d-----w- C:\Program Files (x86)\Western Digital
2012-02-23 19:27:05 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2012-02-23 19:27:05 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2012-02-23 19:27:05 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys
2012-02-23 19:27:04 98816 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2012-02-23 19:27:04 7936 ----a-w- C:\Windows\System32\drivers\usbd.sys
2012-02-23 19:27:04 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
2012-02-23 19:27:04 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2012-02-23 19:27:03 80384 ----a-w- C:\Windows\System32\drivers\BTHUSB.SYS
2012-02-23 19:27:03 552960 ----a-w- C:\Windows\System32\drivers\bthport.sys
2012-02-23 19:27:03 229376 ----a-w- C:\Windows\System32\fsquirt.exe
2012-02-23 19:27:00 2565632 ----a-w- C:\Windows\System32\esent.dll
2012-02-23 19:27:00 1659776 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2012-02-23 19:26:59 1699328 ----a-w- C:\Windows\SysWow64\esent.dll
2012-02-23 19:26:59 166272 ----a-w- C:\Windows\System32\drivers\nvstor.sys
2012-02-23 19:26:59 148352 ----a-w- C:\Windows\System32\drivers\nvraid.sys
2012-02-23 19:26:59 107904 ----a-w- C:\Windows\System32\drivers\amdsata.sys
2012-02-23 19:26:58 96768 ----a-w- C:\Windows\System32\fsutil.exe
2012-02-23 19:26:58 74240 ----a-w- C:\Windows\SysWow64\fsutil.exe
2012-02-23 19:26:58 410496 ----a-w- C:\Windows\System32\drivers\iaStorV.sys
2012-02-23 19:26:58 27008 ----a-w- C:\Windows\System32\drivers\amdxata.sys
2012-02-23 19:26:58 189824 ----a-w- C:\Windows\System32\drivers\storport.sys
2012-02-23 19:16:19 -------- d-----w- C:\Windows\SysWow64\wbem\en-US
2012-02-23 19:16:15 -------- d-----w- C:\Windows\System32\wbem\en-US
2012-02-23 05:53:10 294912 ----a-w- C:\Windows\System32\browserchoice.exe
2012-02-22 20:11:07 53248 ----a-w- C:\Windows\SysWow64\CSVer.dll
2012-02-22 20:10:59 -------- d-----w- C:\Intel
2012-02-22 20:07:21 -------- d-----w- C:\Program Files\CONEXANT
2012-02-22 20:07:19 740864 ----a-w- C:\Windows\System32\drivers\CAX_CNXT.sys
2012-02-22 20:07:19 292864 ----a-w- C:\Windows\System32\drivers\CAXHWAZL.sys
2012-02-22 20:07:19 1485824 ----a-w- C:\Windows\System32\drivers\CAX_DPV.sys
2012-02-22 19:48:59 850944 ----a-w- C:\Windows\SysWow64\sbe.dll
2012-02-22 19:48:59 199680 ----a-w- C:\Windows\SysWow64\mpg2splt.ax
2012-02-22 19:48:56 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll
2012-02-22 19:48:56 366592 ----a-w- C:\Windows\System32\qdvd.dll
2012-02-22 19:48:56 1572864 ----a-w- C:\Windows\System32\quartz.dll
2012-02-22 19:48:56 1328128 ----a-w- C:\Windows\SysWow64\quartz.dll
2012-02-22 19:46:29 43520 ----a-w- C:\Windows\System32\csrsrv.dll
2012-02-22 19:46:26 476160 ----a-w- C:\Windows\System32\XpsGdiConverter.dll
2012-02-22 19:46:26 288256 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll
2012-02-22 19:46:25 515584 ----a-w- C:\Windows\System32\timedate.cpl
2012-02-22 19:46:25 478720 ----a-w- C:\Windows\SysWow64\timedate.cpl
2012-02-22 19:46:19 288640 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
2012-02-22 19:46:19 1923952 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-02-22 19:46:07 -------- d-----w- C:\Program Files (x86)\Driver-Soft
2012-02-22 19:43:47 421888 ----a-w- C:\Windows\System32\KernelBase.dll
2012-02-22 19:42:56 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2012-02-22 19:42:56 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-02-22 19:42:47 1731920 ----a-w- C:\Windows\System32\ntdll.dll
2012-02-22 19:42:47 1292080 ----a-w- C:\Windows\SysWow64\ntdll.dll
2012-02-22 19:42:43 5561216 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-02-22 19:42:41 3967872 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-02-22 19:42:41 3912576 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-02-22 19:36:56 77312 ----a-w- C:\Windows\System32\packager.dll
2012-02-22 19:36:56 67072 ----a-w- C:\Windows\SysWow64\packager.dll
2012-02-22 19:31:17 8643640 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2012-02-22 19:30:09 279656 ------w- C:\Windows\System32\MpSigStub.exe
2012-02-22 18:53:47 90112 ----a-w- C:\Windows\System32\snymsico.dll
2012-02-22 18:53:47 67584 ----a-w- C:\Windows\System32\drivers\rimmpx64.sys
2012-02-22 18:53:47 57856 ----a-w- C:\Windows\System32\drivers\rixdpx64.sys
2012-02-22 18:53:47 55296 ----a-w- C:\Windows\System32\drivers\rimspx64.sys
2012-02-22 18:53:47 172032 ----a-w- C:\Windows\System32\rixdicon.dll
2012-02-22 18:53:08 -------- d-----w- C:\Program Files (x86)\Launch Manager
2012-02-22 18:41:04 1490656 ----a-w- C:\Windows\System32\WdfCoInstaller01007.dll
2012-02-22 18:41:03 274480 ----a-w- C:\Windows\System32\drivers\SynTP.sys
2012-02-22 18:41:03 204072 ----a-w- C:\Windows\System32\SynTPAPI.dll
2012-02-22 18:41:03 147752 ----a-w- C:\Windows\System32\SynTPCo4.dll
2012-02-22 18:41:03 107816 ----a-w- C:\Windows\SysWow64\SynTPCOM.dll
2012-02-22 18:41:02 395048 ----a-w- C:\Windows\System32\SynCOM.dll
2012-02-22 18:41:02 261416 ----a-w- C:\Windows\System32\SynCtrl.dll
2012-02-22 18:41:02 206120 ----a-w- C:\Windows\SysWow64\SynCtrl.dll
2012-02-22 18:41:02 169256 ----a-w- C:\Windows\SysWow64\SynCOM.dll
2012-02-21 23:00:19 97312 ----a-w- C:\Windows\System32\drivers\avgntflt.sys
2012-02-21 23:00:19 27760 ----a-w- C:\Windows\System32\drivers\avkmgr.sys
2012-02-21 23:00:18 -------- d-----w- C:\ProgramData\Avira
2012-02-21 23:00:18 -------- d-----w- C:\Program Files (x86)\Avira
2012-02-21 22:59:19 -------- d-sh--w- C:\Windows\Installer
2012-02-21 18:29:16 -------- d-sh--we C:\Programme
2012-02-21 18:29:16 -------- d-sh--we C:\ProgramData\Vorlagen
2012-02-21 18:29:16 -------- d-sh--we C:\ProgramData\Startmenü
2012-02-21 18:29:16 -------- d-sh--we C:\ProgramData\Favoriten
2012-02-21 18:29:16 -------- d-sh--we C:\ProgramData\Dokumente
2012-02-21 18:29:16 -------- d-sh--we C:\ProgramData\Anwendungsdaten
2012-02-21 18:29:16 -------- d-sh--we C:\Program Files\Gemeinsame Dateien
2012-02-21 18:29:16 -------- d-sh--we C:\Dokumente und Einstellungen
2012-02-21 18:29:16 -------- d-sh--w- C:\Recovery
2012-02-21 17:35:10 -------- d-----w- C:\Windows\Panther
2012-02-15 12:09:40 1574400 ----a-w- C:\Windows\System32\VSFilter.dll
2012-02-15 12:08:52 1288192 ----a-w- C:\Windows\SysWow64\VSFilter.dll
2012-02-13 22:26:46 4207616 ----a-w- C:\Windows\System32\ffdshow.ax
2012-02-13 22:26:30 3350528 ----a-w- C:\Windows\SysWow64\ffdshow.ax
2012-02-13 22:26:08 4491776 ----a-w- C:\Windows\System32\ffmpeg.dll
2012-02-13 22:24:56 4407808 ----a-w- C:\Windows\SysWow64\ffmpeg.dll
2012-02-12 14:21:02 553984 ----a-w- C:\Windows\System32\LAVSplitter.ax
2012-02-12 14:21:00 717312 ----a-w- C:\Windows\System32\LAVVideo.ax
2012-02-12 14:20:56 246272 ----a-w- C:\Windows\System32\LAVAudio.ax
2012-02-12 14:20:54 202240 ----a-w- C:\Windows\System32\libbluray.dll
2012-02-12 14:20:46 461824 ----a-w- C:\Windows\SysWow64\LAVSplitter.ax
2012-02-12 14:20:42 562176 ----a-w- C:\Windows\SysWow64\LAVVideo.ax
2012-02-12 14:20:38 215040 ----a-w- C:\Windows\SysWow64\LAVAudio.ax
2012-02-12 14:20:36 172032 ----a-w- C:\Windows\SysWow64\libbluray.dll
2012-02-12 12:35:38 6600253 ----a-w- C:\Windows\System32\avcodec-lav-53.dll
2012-02-12 12:35:38 386864 ----a-w- C:\Windows\System32\swscale-lav-2.dll
2012-02-12 12:35:38 209331 ----a-w- C:\Windows\System32\avutil-lav-51.dll
2012-02-12 12:35:38 126340 ----a-w- C:\Windows\System32\avfilter-lav-2.dll
2012-02-12 12:35:38 1023331 ----a-w- C:\Windows\System32\avformat-lav-53.dll
2012-02-12 12:33:30 360729 ----a-w- C:\Windows\SysWow64\swscale-lav-2.dll
2012-02-12 12:33:30 203818 ----a-w- C:\Windows\SysWow64\avutil-lav-51.dll
2012-02-12 12:33:30 1143059 ----a-w- C:\Windows\SysWow64\avformat-lav-53.dll
2012-02-12 12:33:28 6414616 ----a-w- C:\Windows\SysWow64\avcodec-lav-53.dll
2012-02-12 12:33:28 138774 ----a-w- C:\Windows\SysWow64\avfilter-lav-2.dll
2012-02-12 12:17:06 181760 ----a-w- C:\Windows\System32\IntelQuickSyncDecoder.dll
2012-02-12 12:16:48 147456 ----a-w- C:\Windows\SysWow64\IntelQuickSyncDecoder.dll
.
==================== Find3M ====================
.
2012-02-24 21:43:20 175616 ----a-w- C:\Windows\System32\msclmd.dll
2012-02-24 21:43:20 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
2012-02-22 20:03:13 436736 ----a-w- C:\Windows\SysWow64\XAudio64.dll
2012-02-22 20:03:13 10240 ----a-w- C:\Windows\System32\drivers\XAudio64.sys
2012-02-22 20:03:06 394752 ----a-w- C:\Windows\System32\UCI64M41.dll
2012-02-22 20:03:00 17024 ----a-w- C:\Windows\System32\drivers\mdmxsdk.sys
2012-02-22 20:02:59 94208 ----a-w- C:\Windows\SysWow64\mdmxsdk.dll
2012-02-22 19:04:01 170496 ----a-w- C:\Windows\System32\nvcod1510.dll
2012-02-08 22:55:46 474624 ----a-w- C:\Windows\System32\ff_kernelDeint.dll
2012-02-08 22:54:58 631296 ----a-w- C:\Windows\System32\TomsMoComp_ff.dll
2012-02-08 22:54:28 183808 ----a-w- C:\Windows\System32\ff_unrar.dll
2012-02-08 22:54:28 114688 ----a-w- C:\Windows\System32\ff_wmv9.dll
2012-02-08 22:54:26 359424 ----a-w- C:\Windows\System32\ff_libfaad2.dll
2012-02-08 22:54:26 156672 ----a-w- C:\Windows\System32\ff_libmad.dll
2012-02-08 22:54:24 1532928 ----a-w- C:\Windows\System32\ff_samplerate.dll
2012-02-08 22:54:24 116224 ----a-w- C:\Windows\System32\ff_liba52.dll
2012-02-08 22:54:22 222720 ----a-w- C:\Windows\System32\ff_libdts.dll
2012-02-08 22:54:20 190464 ----a-w- C:\Windows\System32\libmpeg2_ff.dll
2012-02-08 22:53:06 79360 ----a-w- C:\Windows\SysWow64\ff_vfw.dll
2012-02-08 22:52:02 260608 ----a-w- C:\Windows\SysWow64\TomsMoComp_ff.dll
2012-02-08 22:51:54 99840 ----a-w- C:\Windows\SysWow64\ff_wmv9.dll
2012-02-08 22:51:54 158720 ----a-w- C:\Windows\SysWow64\ff_unrar.dll
2012-02-08 22:51:52 1525248 ----a-w- C:\Windows\SysWow64\ff_samplerate.dll
2012-02-08 22:51:52 146944 ----a-w- C:\Windows\SysWow64\ff_libmad.dll
2012-02-08 22:51:50 212480 ----a-w- C:\Windows\SysWow64\ff_libdts.dll
2012-02-08 22:51:50 115200 ----a-w- C:\Windows\SysWow64\ff_liba52.dll
2012-02-08 22:51:48 328704 ----a-w- C:\Windows\SysWow64\ff_libfaad2.dll
2012-02-08 22:51:48 137728 ----a-w- C:\Windows\SysWow64\libmpeg2_ff.dll
2012-02-01 09:14:14 92160 ----a-w- C:\Windows\System32\ff_vfw.dll
2012-01-30 22:30:22 424960 ----a-w- C:\Windows\System32\cdxareader.ax
2012-01-30 22:30:08 500224 ----a-w- C:\Windows\System32\FLVSplitter.ax
2012-01-30 22:29:24 381440 ----a-w- C:\Windows\SysWow64\cdxareader.ax
2012-01-30 22:29:08 445440 ----a-w- C:\Windows\SysWow64\FLVSplitter.ax
2012-01-29 20:23:01 138360 ----a-w- C:\Windows\SysWow64\drivers\AnyDVD.sys
2012-01-29 20:23:01 138360 ----a-w- C:\Windows\System32\drivers\AnyDVD.sys
2012-01-14 04:06:27 3145728 ----a-w- C:\Windows\System32\win32k.sys
2012-01-04 10:44:20 509952 ----a-w- C:\Windows\System32\ntshrui.dll
2012-01-04 08:58:41 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll
2012-01-04 00:48:42 354176 ----a-w- C:\Windows\SysWow64\DivXControlPanelApplet.cpl
2011-12-28 03:59:24 498688 ----a-w- C:\Windows\System32\drivers\afd.sys
2011-12-19 17:59:18 577824 ----a-w- C:\Windows\System32\drivers\cmdGuard.sys
2011-12-19 17:59:18 43248 ----a-w- C:\Windows\System32\drivers\cmdhlp.sys
2011-12-19 17:59:16 22696 ----a-w- C:\Windows\System32\drivers\cmderd.sys
2011-12-19 17:58:58 41200 ----a-w- C:\Windows\System32\cmdcsr.dll
2011-12-19 17:58:56 389840 ----a-w- C:\Windows\System32\guard64.dll
2011-12-19 17:58:56 301224 ----a-w- C:\Windows\SysWow64\guard32.dll
2011-12-16 08:46:06 634880 ----a-w- C:\Windows\System32\msvcrt.dll
2011-12-16 07:52:58 690688 ----a-w- C:\Windows\SysWow64\msvcrt.dll
2011-12-13 17:27:30 4718952 ----a-w- C:\Windows\System32\drivers\RTKVHD64.sys
2011-12-13 15:58:20 1560168 ----a-w- C:\Windows\System32\RTSnMg64.cpl
2011-12-13 10:01:00 1698408 ----a-w- C:\Windows\RtlExUpd.dll
2011-12-12 16:20:18 100456 ----a-w- C:\Windows\System32\RCoInstII64.dll
.
============= FINISH: 12:25:48,15 ===============
Code:
ATTFilter Malwarebytes Anti-Malware (Trial) 1.60.1.1000 www.malwarebytes.org Database version: v2012.02.25.01 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Tobasco :: XOGO [limited] Protection: Enabled 25.02.2012 09:18:36 mbam-log-2012-02-25 (09-18-36).txt Scan type: Full scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 347785 Time elapsed: 1 hour(s), 40 minute(s), 19 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=d5d602c530b9304b9efaf95f92074892
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-02-25 01:41:50
# local_time=2012-02-25 02:41:50 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1792 16777215 100 0 310570 310570 0 0
# compatibility_mode=3073 16777213 80 71 141200 7683202 0 0
# compatibility_mode=5893 16776574 100 94 3773 81802038 0 0
# compatibility_mode=8192 67108863 100 0 3906 3906 0 0
# scanned=211654
# found=5
# cleaned=0
# scan_time=5122
C:\Program Files (x86)\PDFCreator\Toolbar\pdfforge Toolbar_setup.exe Win32/Adware.Toolbar.Dealio application (unable to clean) 00000000000000000000000000000000 I
C:\Users\Tobasco\Downloads\PDFCreator-1_2_3_setup.exe Win32/Adware.Toolbar.Dealio application (unable to clean) 00000000000000000000000000000000 I
C:\Users\Tobasco\Downloads\windows.7.codec.pack.v4.0.0.setup.exe probably a variant of Win32/Toolbar.Widgi application (unable to clean) 00000000000000000000000000000000 I
D:\progs\PDFCreator-1_2_3_setup.exe Win32/Adware.Toolbar.Dealio application (unable to clean) 00000000000000000000000000000000 I
D:\progs\windows.7.codec.pack.v4.0.0.setup.exe probably a variant of Win32/Toolbar.Widgi application (unable to clean) 00000000000000000000000000000000 I
|
|
12.03.2012, 16:12
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Nach Neuaufsetzen Spyware/Toolbars u.a. Win32/Adware.Toolbar.Dealio ... wie schlimm? Das ist der übliche Müll, der in fast allen Setups heute steckt. Einfach beim Installieren aufpassen, immer die benutzerdefinierte Methode beim Setup auswählen, damit Toolbars und anderer Schrott abgewählt werden kann
__________________
__________________ |
|
13.03.2012, 23:37
| #3 |
| | Nach Neuaufsetzen Spyware/Toolbars u.a. Win32/Adware.Toolbar.Dealio ... wie schlimm? Ok.
__________________Sollte ich die Programme nochmal deinstallieren um die weg zu kriegen? Oder wie kriegt ich die spyware einzeln weg? Vielen Dank für Deine Hilfe. |
|
| Themen zu Nach Neuaufsetzen Spyware/Toolbars u.a. Win32/Adware.Toolbar.Dealio ... wie schlimm? |
| 64-bit, acrobat update, adobe, antivir, avira, browser, defender, desktop, downloader, explorer, firefox, firewall, home, mozilla, nvidia, nvidia update, pdf, pdfforge toolbar, plug-in, realtek, registry, schlimm?, security, shark, spielen, svchost.exe, system, trojaner, trojaner board, vista, win32/adware.toolbar.dealio, win32/toolbar.widgi, windows, windows 7 home, windows 7 home premium |
