| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: TR/Fraudload.xzail , TR/PSW.Karagany.A.73 und TR/Crypt.XPACK.Gen8Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
06.02.2012, 17:32
| #1 |
 |  TR/Fraudload.xzail , TR/PSW.Karagany.A.73 und TR/Crypt.XPACK.Gen8 Hi, ich habe heute auf einmal von Avira angezeigt bekommen, dass TR/Fraudload.xzail, TR/PSW.Karagany.A.73 und TR/Crypt.XPACK.Gen8 auf meinem Rechner sind. Kurz darauf verschwanden so ziemlich alle Objekte auf dem Desktop und den Festplatten. Nachdem ich im Forum gelesen habe, hat sich herausgestellt, dass die Dateien alle versteckt waren. Es wurde angezeigt, dass die Festplatte ihre Geschwindigkeit um 20% verringert hätte und dass der RAM gefährdet sei. Außerdem kommen alle paar Minuten etwa 20 Meldungen mit dem Text: Failed to save all components for the file\\System 32\\0000370d. The file is corrupted or unreadable. This Error may be caused by a PC hardware Problem. Es gibt auch schon ein Thema zu diesem Fall, allerdings waren da nicht genau die gleichen TR Dateien gefunden worden. Da in den Anmerkungen stand, dass man nicht einfach so die Lösungen von anderen Fällen übernehmen solle, bitte ich hier um Hilfe. Schöne Grüße Adr Hier die Logs: Defogger Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 17:00 on 06/02/2012 (Adrian)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Code:
ATTFilter .
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_22
Run by Adrian at 17:06:31 on 2012-02-06
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.8103.6707 [GMT 1:00]
.
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\Adrian\AppData\Roaming\Ahbyr\ybqaw.exe
C:\ProgramData\wgjpPXjtqGl.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\KORG\KORG USB-MIDI Driver\EsHelper2.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\ProgramData\lfbStD43kaDn05.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uInternet Settings,ProxyOverride = *.local
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [{E38098EF-E2F2-AD40-C33F-8B97E93FA88A}] C:\Users\Adrian\AppData\Roaming\Ahbyr\ybqaw.exe
uRun: [wgjpPXjtqGl.exe] C:\ProgramData\wgjpPXjtqGl.exe
mRun: [BiosNotice] C:\Program Files (x86)\BIOSTAR\BiosNotice\BiosNotice.exe
mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [KORG USB-MIDI Driver] C:\Program Files (x86)\KORG\KORG USB-MIDI Driver\EsHelper2.exe /s
mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\Users\Adrian\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{122D0350-F90F-4E26-BD0E-C8CE5D95FBC3} : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{12C6DED5-F0C3-40B0-9A13-7FD0F3BF0750} : DhcpNameServer = 192.168.0.1
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
{18DF081C-E8AD-4283-A596-FA578C2EBDC3}
{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
{DBC80044-A445-435b-BC74-9C25C1C588A9}
mRun-x64: [BiosNotice] C:\Program Files (x86)\BIOSTAR\BiosNotice\BiosNotice.exe
mRun-x64: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [KORG USB-MIDI Driver] C:\Program Files (x86)\KORG\KORG USB-MIDI Driver\EsHelper2.exe /s
mRun-x64: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\pkv48olp.default\
FF - prefs.js: browser.startup.homepage - www.bing.de
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
---- FIREFOX POLICIES ----
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.
============= SERVICES / DRIVERS ===============
.
R1 avkmgr;avkmgr;C:\Windows\system32\DRIVERS\avkmgr.sys --> C:\Windows\system32\DRIVERS\avkmgr.sys [?]
R1 BIOS;BIOS;C:\Windows\System32\drivers\BIOS64.sys [2011-7-26 14136]
R1 BS_I2cIo;BS_I2cIo;\??\C:\Windows\system32\drivers\BS_I2c64.sys --> C:\Windows\system32\drivers\BS_I2c64.sys [?]
R1 Ma10.sys;Service for ESI 1010 EWDM;C:\Windows\system32\DRIVERS\Ma10.sys --> C:\Windows\system32\DRIVERS\Ma10.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]
R2 AntiVirSchedulerService;Avira Planer;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2011-10-29 86224]
R2 AntiVirService;Avira Echtzeit Scanner;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2011-10-29 110032]
R2 avgntflt;avgntflt;C:\Windows\system32\DRIVERS\avgntflt.sys --> C:\Windows\system32\DRIVERS\avgntflt.sys [?]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-7-26 2655768]
R3 BCMH43XX;Treiber für Broadcom 802.11-USB-Netzwerkadapter;C:\Windows\system32\DRIVERS\bcmwlhigh664.sys --> C:\Windows\system32\DRIVERS\bcmwlhigh664.sys [?]
R3 IntcDAud;Intel(R) Display-Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
R3 Ma10WDM.sys;Service for ESI 1010 WDM;C:\Windows\system32\DRIVERS\Ma10WDM.sys --> C:\Windows\system32\DRIVERS\Ma10WDM.sys [?]
R3 MEIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys --> C:\Windows\system32\DRIVERS\nusb3hub.sys [?]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys --> C:\Windows\system32\DRIVERS\nusb3xhc.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 synusb64;eLicenser;C:\Windows\system32\DRIVERS\synusb64.sys --> C:\Windows\system32\DRIVERS\synusb64.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 KORGUMDS;KORG USB-MIDI Driver for Windows;C:\Windows\system32\Drivers\KORGUM64.SYS --> C:\Windows\system32\Drivers\KORGUM64.SYS [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
.
=============== Created Last 30 ================
.
2012-02-06 14:21:01 349696 ---ha-w- C:\ProgramData\lfbStD43kaDn05.exe
2012-02-06 14:18:27 441856 --sha-w- C:\ProgramData\wgjpPXjtqGl.exe
2012-02-06 14:16:44 -------- d--h--w- C:\Users\Adrian\AppData\Roaming\Oqkyi
2012-02-06 14:16:44 -------- d--h--w- C:\Users\Adrian\AppData\Roaming\Ahbyr
2012-02-06 11:46:11 -------- d--h--w- C:\Users\Adrian\AppData\Roaming\OpenOffice.org
2012-02-06 11:43:44 -------- d-----w- C:\Program Files (x86)\OpenOffice.org 3
2012-02-06 11:43:01 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-02-06 11:43:01 472808 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
2012-02-01 21:41:13 26472 ----a-w- C:\Windows\System32\drivers\BS_I2cIo.sys
2012-01-27 17:52:55 -------- d-----w- C:\Program Files\iTunes
2012-01-27 17:52:55 -------- d-----w- C:\Program Files\iPod
2012-01-23 21:44:05 626688 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcr80.dll
2012-01-23 21:44:05 548864 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcp80.dll
2012-01-23 21:44:05 479232 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcm80.dll
2012-01-23 21:44:05 45016 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozutils.dll
2012-01-23 21:28:59 -------- d--h--w- C:\Users\Adrian\AppData\Local\AOL
2012-01-23 21:28:59 -------- d--h--w- C:\Users\Adrian\AppData\Local\AIM
2012-01-23 21:28:53 -------- d--h--w- C:\ProgramData\AIM
2012-01-23 21:28:52 -------- d-----w- C:\Program Files (x86)\Common Files\Software Update Utility
2012-01-23 21:28:52 -------- d-----w- C:\Program Files (x86)\AIM
2012-01-23 21:28:51 -------- d-----w- C:\Program Files (x86)\Common Files\AOL
2012-01-13 08:29:13 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll
2012-01-13 08:29:13 366592 ----a-w- C:\Windows\System32\qdvd.dll
2012-01-13 08:29:13 1572864 ----a-w- C:\Windows\System32\quartz.dll
2012-01-13 08:29:13 1328128 ----a-w- C:\Windows\SysWow64\quartz.dll
2012-01-13 08:29:12 1731920 ----a-w- C:\Windows\System32\ntdll.dll
2012-01-13 08:29:12 1292080 ----a-w- C:\Windows\SysWow64\ntdll.dll
2012-01-13 08:29:10 77312 ----a-w- C:\Windows\System32\packager.dll
2012-01-13 08:29:10 67072 ----a-w- C:\Windows\SysWow64\packager.dll
2012-01-10 17:52:48 -------- d--h--w- C:\Users\Adrian\AppData\Local\Diagnostics
2012-01-08 00:12:15 -------- d--h--w- C:\Users\Adrian\AppData\Local\Apple Computer
2012-01-08 00:12:08 34152 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys
2012-01-08 00:12:08 126312 ----a-w- C:\Windows\System32\GEARAspi64.dll
2012-01-08 00:12:08 107368 ----a-w- C:\Windows\SysWow64\GEARAspi.dll
2012-01-08 00:11:53 -------- d-----w- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
2012-01-08 00:11:53 -------- d-----w- C:\Program Files (x86)\iTunes
2012-01-08 00:11:26 -------- d--h--w- C:\Users\Adrian\AppData\Local\Apple
2012-01-08 00:10:57 -------- d-----w- C:\Program Files\Bonjour
2012-01-08 00:10:57 -------- d-----w- C:\Program Files (x86)\Bonjour
2012-01-07 21:54:04 -------- d-----w- C:\Program Files (x86)\ASM104xUSB3
2012-01-07 17:50:48 -------- d--h--r- C:\Users\Adrian\Dropbox
2012-01-07 17:49:01 -------- d--h--w- C:\Users\Adrian\AppData\Roaming\Dropbox
2012-01-07 17:35:12 95472 ----a-w- C:\Windows\System32\bcmwlcoi.dll
2012-01-07 17:35:12 838136 ----a-w- C:\Windows\System32\drivers\bcmwlhigh664.sys
2012-01-07 17:35:11 3888128 ----a-w- C:\Windows\System32\bcmihvsrv64.dll
2012-01-07 17:35:11 3552768 ----a-w- C:\Windows\System32\bcmihvui64.dll
2012-01-07 17:35:10 96784 ----a-w- C:\Windows\SysWow64\Packet.dll
2012-01-07 17:35:10 53299 ----a-w- C:\Windows\SysWow64\pthreadVC.dll
2012-01-07 17:35:10 47632 ----a-w- C:\Windows\System32\drivers\npf.sys
2012-01-07 17:35:10 281104 ----a-w- C:\Windows\SysWow64\wpcap.dll
2012-01-07 17:35:10 1436920 ----a-w- C:\Windows\System32\WdfCoInstaller01009.dll
.
==================== Find3M ====================
.
2011-12-28 16:48:59 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-11-24 04:52:09 3145216 ----a-w- C:\Windows\System32\win32k.sys
2011-11-17 06:49:14 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2011-11-17 06:49:14 152432 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2011-11-17 06:44:43 459232 ----a-w- C:\Windows\System32\drivers\cng.sys
2011-11-17 06:35:28 395776 ----a-w- C:\Windows\System32\webio.dll
2011-11-17 06:35:26 29184 ----a-w- C:\Windows\System32\sspisrv.dll
2011-11-17 06:35:26 136192 ----a-w- C:\Windows\System32\sspicli.dll
2011-11-17 06:35:25 340992 ----a-w- C:\Windows\System32\schannel.dll
2011-11-17 06:35:25 28160 ----a-w- C:\Windows\System32\secur32.dll
2011-11-17 06:35:19 1447936 ----a-w- C:\Windows\System32\lsasrv.dll
2011-11-17 06:33:55 31232 ----a-w- C:\Windows\System32\lsass.exe
2011-11-17 05:35:02 314880 ----a-w- C:\Windows\SysWow64\webio.dll
2011-11-17 05:34:52 224768 ----a-w- C:\Windows\SysWow64\schannel.dll
2011-11-17 05:34:52 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2011-11-17 05:28:48 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2011-09-14 16:33:10 33354056 ----a-w- C:\Program Files (x86)\Kontakt 5.dll
2011-09-14 16:22:14 565760 ----a-w- C:\Program Files (x86)\Kontakt 5 16out.dll
2011-09-14 16:22:01 565760 ----a-w- C:\Program Files (x86)\Kontakt 5 8out.dll
.
============= FINISH: 17:06:46,27 ===============
Code:
ATTFilter .
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 26.07.2011 18:05:06
System Uptime: 06.02.2012 15:25:15 (2 hours ago)
.
Motherboard: BIOSTAR Group | | TH67+
Processor: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz | SOCKET 0 | 3301/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 195 GiB total, 123,766 GiB free.
D: is FIXED (NTFS) - 586 GiB total, 458,955 GiB free.
E: is FIXED (NTFS) - 293 GiB total, 169,895 GiB free.
F: is FIXED (NTFS) - 78 GiB total, 75,863 GiB free.
G: is FIXED (NTFS) - 78 GiB total, 77,996 GiB free.
H: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP57: 24.01.2012 20:23:39 - Windows Update
RP58: 02.02.2012 21:01:54 - Windows-Sicherung
RP59: 05.02.2012 19:00:08 - Windows-Sicherung
RP60: 06.02.2012 12:42:43 - Installed Java(TM) 6 Update 22
RP61: 06.02.2012 12:43:14 - OpenOffice.org 3.3 wird installiert
.
==== Installed Programs ======================
.
Adobe AIR
Adobe Reader X (10.1.2) - Deutsch
AIM 7
Apple Application Support
Apple Software Update
Asmedia ASM104x USB 3.0 Host Controller Driver
Avira Free Antivirus
BiosNotice
Camel Audio Alchemy64
Camel Audio CamelCrusher64
Download Updater (AOL LLC)
Dropbox
eLicenser Control
Intel(R) Control Center
Intel(R) Management Engine Components
Intel(R) Processor Graphics
Java Auto Updater
Java(TM) 6 Update 22
KORG KONTROL Editor
KORG USB-MIDI Driver Tools for Windows
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Mozilla Firefox 10.0 (x86 de)
Native Instruments Kontakt 5
Native Instruments Kontakt Factory Selection
Native Instruments Service Center
OpenOffice.org 3.3
PSP PianoVerb 1.0
PSP VintageMeter 1.0
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Renesas Electronics USB 3.0 Host Controller Driver
Scup
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile DEU Language Pack (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile DEU Language Pack (KB2518870)
Skype Click to Call
Skype™ 5.5
Steinberg Drum Loop Expansion 01
Steinberg Groove Agent ONE Content
Steinberg Groove Agent ONE Vintage Beatboxes
Steinberg HALion Sonic SE Content
Steinberg HALion Symphonic Orchestra VST Sound Instrument Set
Steinberg HALionOne Additional Content Set 01
Steinberg HALionOne Expression Set
Steinberg HALionOne GM Drum Set
Steinberg HALionOne GM Set
Steinberg HALionOne Pro Set
Steinberg HALionOne Studio Drum Set
Steinberg HALionOne Studio Set
Steinberg LoopMash Content
Steinberg LoopMash Content 2
Steinberg REVerence Content 01
Steinberg VST Amp Rack Content 01
T-Utility Green Power Utility II
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
.
==== End Of File ===========================
Geändert von Adr (06.02.2012 um 17:42 Uhr) |
| Themen zu TR/Fraudload.xzail , TR/PSW.Karagany.A.73 und TR/Crypt.XPACK.Gen8 |
| acrobat update, adobe, antivir, avira, bios, bonjour, cpu, defender, desktop, explorer, festplatte, firefox, generic, home, mozilla, notification, pdf, plug-in, realtek, scan, secure, software, studio, svchost.exe, system, tr/crypt.xpack.ge, tr/crypt.xpack.gen, tr/crypt.xpack.gen8, usb, usb 3.0, windows, windows 7 home, windows 7 home premium, wmp |
Baum-Darstellung