| |
| |||||||
Log-Analyse und Auswertung: Bundeskriminalamttrojaner auf dem Rechner - EXP/java.dldr.AWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
| |
23.02.2012, 15:01
| #1 |
 |  Bundeskriminalamttrojaner auf dem Rechner - EXP/java.dldr.A Ich glaube ich drücke mich bissl quer aus...! Ich habe mein PC heute wieder gestartet um im Abgesicherten Modus diverse Programme laufen zu lassen... Ich habe aber vergessen F8 zu drücken und der LapTop ist einfach so hoch gefahren. Dann habe ich sofort den TaskManager geöffnet und alle mir Unbekannten exe Datein geschlossen... Ja und dann, ist nichts passiert... also im Sinne von..Kein BKA Trojaner. Mhhh dann habe ich erstmal Antivier laufen lassen und Malwarebytes, beide habe mir das selbe Ergebnis gebracht : " EXp/java.dldr.A " Ja und so bin ich hier gelandet...! Es funktioniert alles... keine Fehler Meldung mehr...nichts...! Aber ich habe nichts gemacht gehabt.! Soll ich die DDS und Attach noch hier rein stellen und wenn ja, wie kann ich das nachträglich machen... |
|
23.02.2012, 15:03
| #2 | |
| | Bundeskriminalamttrojaner auf dem Rechner - EXP/java.dldr.AZitat:
DDS: Code:
ATTFilter .
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_24
Run by Melly Schulz at 14:53:16 on 2012-02-23
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.49.1031.18.3069.1527 [GMT 1:00]
.
AV: AntiVir Desktop *Enabled/Outdated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AntiVir Desktop *Enabled/Outdated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k HsfXAudioService
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\RocketDock\RocketDock.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\explorer.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://google.de/
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: MyAshampoo Toolbar: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files (x86)\MyAshampoo\prxtbMyAs.dll
mURLSearchHooks: MyAshampoo Toolbar: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files (x86)\MyAshampoo\prxtbMyAs.dll
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll
BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
BHO: DivX HiQ: {593ddec6-7468-4cdd-90e1-42dadaa222e9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
BHO: Windows Live ID-Anmelde-Hilfsprogramm: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: MyAshampoo Toolbar: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files (x86)\MyAshampoo\prxtbMyAs.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: MyAshampoo Toolbar: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files (x86)\MyAshampoo\prxtbMyAs.dll
TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
uRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
uRun: [RocketDock] "C:\Program Files (x86)\RocketDock\RocketDock.exe"
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Add to Google Photos Screensa&ver - C:\Windows\system32\GPhotos.scr/200
IE: Nach Microsoft &Excel exportieren - C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} - hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{EF38288C-2FC6-47E6-B2E6-9D57D17D1AE2} : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{EF38288C-2FC6-47E6-B2E6-9D57D17D1AE2}\D2444525D2354756E67656C6E61647F627 : DhcpNameServer = 192.168.178.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
{18DF081C-E8AD-4283-A596-FA578C2EBDC3}
{30F9B915-B755-4826-820B-08FBA6BD249D}
{326E768D-4182-46FD-9C16-1449A49795F4}
{53707962-6F74-2D53-2644-206D7942484F}
{593DDEC6-7468-4cdd-90E1-42DADAA222E9}
{9030D464-4C02-4ABF-8ECC-5164760863C6}
{9FDDE16B-836F-4806-AB1F-1455CBEFF289}
{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}
{d2ce3e00-f94a-4740-988e-03dc2f38c34f}
{DBC80044-A445-435b-BC74-9C25C1C588A9}
{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}
{30F9B915-B755-4826-820B-08FBA6BD249D}
{8dcb7100-df86-4384-8842-8fa844297b3f}
mRun-x64: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRunOnce-x64: [ Malwarebytes Anti-Malware ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Melly Schulz\AppData\Roaming\Mozilla\Firefox\Profiles\9mpf25v8.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2475029&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.startup.homepage - google.de
FF - component: C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru\components\kavlinkfilter.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Picasa2\npPicasa3.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952]
R2 AntiVirSchedulerService;Avira AntiVir Planer;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2011-7-1 136360]
R2 AntiVirService;Avira AntiVir Guard;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2011-7-1 269480]
R2 avgntflt;avgntflt;C:\Windows\system32\DRIVERS\avgntflt.sys --> C:\Windows\system32\DRIVERS\avgntflt.sys [?]
R2 HsfXAudioService;HsfXAudioService;C:\Windows\system32\svchost.exe -k HsfXAudioService [2009-7-14 20992]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-2-23 652360]
R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-4-29 2218600]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2011-4-29 1153368]
R3 CAXHWAZL;CAXHWAZL;C:\Windows\system32\DRIVERS\CAXHWAZL.sys --> C:\Windows\system32\DRIVERS\CAXHWAZL.sys [?]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-1-31 158856]
S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-4-1 183560]
S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-5-13 1492840]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominiport.sys --> C:\Windows\system32\drivers\rdpvideominiport.sys [?]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS --> C:\Windows\system32\DRIVERS\VSTAZL6.SYS [?]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS --> C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2012-02-23 10:36:16 -------- d-----w- C:\Users\Melly Schulz\AppData\Roaming\Malwarebytes
2012-02-23 10:36:03 -------- d-----w- C:\ProgramData\Malwarebytes
2012-02-23 10:35:59 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-02-23 10:35:59 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-02-23 10:33:48 8643640 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{6EDFD83D-656E-4CBB-B5C7-112D1592B953}\mpengine.dll
2012-02-23 09:44:45 -------- d-----w- C:\Users\Melly Schulz\AppData\Roaming\Avira
2012-02-23 09:42:30 -------- d-----w- C:\Users\Melly Schulz\AppData\Local\{E0A4CE82-644C-4E7A-B91A-4E74169BBCDA}
2012-02-21 14:24:40 -------- d---a-w- C:\Kaspersky Rescue Disk 10.0
2012-02-21 05:57:23 -------- d-----w- C:\Users\Melly Schulz\AppData\Local\{67B841EA-AFDE-471B-9D4B-E8F59BBDA3E5}
2012-02-21 05:57:01 -------- d-----w- C:\Users\Melly Schulz\AppData\Local\{09C31F26-E6D9-40D7-83B9-179BF91462D9}
2012-02-20 17:56:35 -------- d-----w- C:\Users\Melly Schulz\AppData\Local\{9C370476-74A7-4A6D-A20F-970400747BE5}
2012-02-20 17:56:22 -------- d-----w- C:\Users\Melly Schulz\AppData\Local\{40ECD04A-60C1-4005-8A04-88DAC0293BD0}
2012-02-20 05:41:56 -------- d-----w- C:\Users\Melly Schulz\AppData\Local\{75752E13-01F8-457D-85C1-7EF82DE3BA64}
2012-02-20 05:41:39 -------- d-----w- C:\Users\Melly Schulz\AppData\Local\{9CCCD3A0-1C7D-4E81-8A0A-EABCA3AFB565}
2012-02-19 07:14:33 -------- d-----w- C:\Users\Melly Schulz\AppData\Local\{331651DF-FE89-44E7-865D-482C209EFCAB}
2012-02-19 07:14:20 -------- d-----w- C:\Users\Melly Schulz\AppData\Local\{03C78A8C-AE78-4A4B-BFE2-B2BD1C5FE4A0}
2012-02-18 19:13:48 -------- d-----w- C:\Users\Melly Schulz\AppData\Local\{F2B64C9D-403B-43CF-8DB4-0976AF655FE2}
2012-02-18 19:13:26 -------- d-----w- C:\Users\Melly Schulz\AppData\Local\{F1BB877F-F635-4648-818A-2CDFB26DD108}
2012-02-18 07:12:58 -------- d-----w- C:\Users\Melly Schulz\AppData\Local\{877FD7CC-1AD9-41C3-8B18-7BC27E6087C2}
2012-02-18 07:12:33 -------- d-----w- C:\Users\Melly Schulz\AppData\Local\{A3A389B4-1F07-42F6-B454-C352344C4057}
2012-02-17 19:11:49 -------- d-----w- C:\Users\Melly Schulz\AppData\Local\{25019F1A-5007-47E0-A53D-958544D1FBFA}
2012-02-17 19:11:29 -------- d-----w- C:\Users\Melly Schulz\AppData\Local\{A97ECA4C-014C-43D3-8124-CD5E820E015D}
2012-02-17 06:21:15 -------- d-----w- C:\Users\Melly Schulz\AppData\Local\{50509A4F-48DE-4A8C-A7BD-965BED94E35B}
2012-02-17 06:20:52 -------- d-----w- C:\Users\Melly Schulz\AppData\Local\{56255C04-A495-475B-87D4-FCE8614EBF93}
2012-02-16 18:19:14 -------- d-----w- C:\Users\Melly Schulz\AppData\Local\{D99F1BC7-F923-409F-B42C-0C6C53CA4C9D}
2012-02-16 18:19:01 -------- d-----w- C:\Users\Melly Schulz\AppData\Local\{03D26D72-C77A-4348-8063-520083468433}
2012-02-16 05:23:15 -------- d-----w- C:\Users\Melly Schulz\AppData\Local\{13D7989B-9C91-4433-ACF2-13092C4AB26C}
2012-02-16 05:23:02 -------- d-----w- C:\Users\Melly Schulz\AppData\Local\{17605753-059F-4225-9F95-B3B73E98D12C}
2012-02-15 07:32:52 -------- d-----w- C:\Users\Melly Schulz\AppData\Local\{363914B3-7DDA-4E97-B5BC-552F2E5432CA}
2012-02-15 07:32:30 -------- d-----w- C:\Users\Melly Schulz\AppData\Local\{22B8FB6C-D250-410D-BA1A-4E4CBBCF5D09}
2012-02-15 05:33:23 509952 ----a-w- C:\Windows\System32\ntshrui.dll
2012-02-15 05:33:23 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll
2012-02-15 05:33:21 515584 ----a-w- C:\Windows\System32\timedate.cpl
2012-02-15 05:33:21 478720 ----a-w- C:\Windows\SysWow64\timedate.cpl
2012-02-15 05:33:19 498688 ----a-w- C:\Windows\System32\drivers\afd.sys
2012-02-15 05:33:19 3145728 ----a-w- C:\Windows\System32\win32k.sys
2012-02-15 05:33:15 690688 ----a-w- C:\Windows\SysWow64\msvcrt.dll
2012-02-15 05:33:15 634880 ----a-w- C:\Windows\System32\msvcrt.dll
2012-02-14 19:00:39 -------- d-----w- C:\Users\Melly Schulz\AppData\Local\{E6BD3058-EBC7-4104-B293-FA6896CE269F}
2012-02-14 19:00:11 -------- d-----w- C:\Users\Melly Schulz\AppData\Local\{7B800ABF-A15C-45FC-A3F7-177DBDBD09AC}
2012-02-14 05:18:28 -------- d-----w- C:\Users\Melly Schulz\AppData\Local\{11780F96-0A24-453A-849E-235C909543EB}
2012-02-14 05:18:05 -------- d-----w- C:\Users\Melly Schulz\AppData\Local\{E7A5F5DF-12C0-4306-931C-F9F5CD3D088E}
2012-02-13 12:01:50 -------- d-----w- C:\Users\Melly Schulz\AppData\Local\{1B7ADD8F-E7F9-4592-8E7E-B8CCB2AA15D5}
2012-02-13 12:01:38 -------- d-----w- C:\Users\Melly Schulz\AppData\Local\{02D75284-EC5B-4DAD-BA8C-0AC23EEB4AB2}
2012-02-12 21:13:48 -------- d-----w- C:\Users\Melly Schulz\AppData\Local\{CEC131C4-0199-4E3A-9543-4415764F297D}
2012-02-12 21:13:25 -------- d-----w- C:\Users\Melly Schulz\AppData\Local\{36F2B80D-0102-45A2-846E-393D0CB9A9F5}
2012-02-12 09:12:45 -------- d-----w- C:\Users\Melly Schulz\AppData\Local\{63D7F300-EBA7-49AE-8B92-4423F99038CE}
2012-02-12 09:12:32 -------- d-----w- C:\Users\Melly Schulz\AppData\Local\{D9004609-E035-4F3E-B902-D1F5D177FC8D}
2012-02-11 18:33:31 -------- d-----w- C:\Users\Melly Schulz\AppData\Local\{E3ADEB0F-F338-4007-B9D3-191B1F8345DD}
2012-02-11 18:33:19 -------- d-----w- C:\Users\Melly Schulz\AppData\Local\{AFA6AF86-509F-473F-9AA0-F4C710440251}
2012-02-11 18:33:19 -------- d-----w- C:\Users\Melly Schulz\AppData\Local\{8594F631-EA07-4688-BD1B-30B55A353B11}
2012-02-10 18:03:57 -------- d-----w- C:\Users\Melly Schulz\AppData\Local\{FD8225DA-1000-483A-BA69-DB5F5F12347A}
2012-02-10 18:03:35 -------- d-----w- C:\Users\Melly Schulz\AppData\Local\{5E1E3BA7-6B46-44BA-B0E8-6F04AB7E8938}
2012-02-10 06:03:05 -------- d-----w- C:\Users\Melly Schulz\AppData\Local\{DD29878F-E03E-440A-AC3C-EDFFDF1BBBC5}
2012-02-10 06:02:53 -------- d-----w- C:\Users\Melly Schulz\AppData\Local\{ED452105-AC03-4F02-8AAA-13A56FEFD2E2}
2012-02-09 09:00:09 -------- d-----w- C:\Users\Melly Schulz\AppData\Local\{6C413819-65B6-44C7-BE6D-061F29B71409}
2012-02-09 08:59:58 -------- d-----w- C:\Users\Melly Schulz\AppData\Local\{6FC044B4-9029-4AE4-8E4A-E5DCB8C09742}
2012-02-08 21:15:19 -------- d-sh--w- C:\Windows\SysWow64\%APPDATA%
2012-02-08 20:59:29 -------- d-----w- C:\Users\Melly Schulz\AppData\Local\{B24FF372-F436-479F-A973-43677CF67CD5}
2012-02-08 20:59:07 -------- d-----w- C:\Users\Melly Schulz\AppData\Local\{88828542-E43B-4F89-8321-6892C8B3D063}
2012-02-08 11:28:54 -------- d-----r- C:\Program Files (x86)\Skype
2012-02-08 08:58:10 -------- d-----w- C:\Users\Melly Schulz\AppData\Local\{03BD65C4-134A-4DD4-B3C4-12C78F79EC70}
2012-02-08 08:57:58 -------- d-----w- C:\Users\Melly Schulz\AppData\Local\{5460F2D1-A8EA-46F7-BE42-871B7629E091}
2012-02-08 08:51:52 -------- d-----w- C:\Users\Melly Schulz\AppData\Local\{69290E09-F639-4479-AE7F-FCADE042F96F}
2012-02-08 07:49:24 -------- d-----w- C:\Users\Melly Schulz\AppData\Local\{D9078D90-D873-4854-8A6C-8875F75FDC87}
2012-02-07 20:53:28 -------- d-----w- C:\Users\Melly Schulz\Tracing
2012-02-07 20:41:51 -------- d-----w- C:\Windows\de
2012-02-07 20:36:54 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2012-02-07 20:33:21 48488 ----a-w- C:\Windows\System32\drivers\fssfltr.sys
2012-02-07 20:31:28 -------- d-----w- C:\Program Files (x86)\Microsoft
2012-02-07 20:31:23 69464 ----a-w- C:\Windows\SysWow64\XAPOFX1_3.dll
2012-02-07 20:31:23 515416 ----a-w- C:\Windows\SysWow64\XAudio2_5.dll
2012-02-07 20:31:22 523088 ----a-w- C:\Windows\System32\d3dx10_42.dll
2012-02-07 20:31:22 453456 ----a-w- C:\Windows\SysWow64\d3dx10_42.dll
2012-02-07 20:31:08 7450888 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\6aac39821cce5d705\bingbarsetup.exe
2012-02-07 20:31:03 4398360 ----a-w- C:\Windows\System32\d3dx9_32.dll
2012-02-07 20:31:03 3426072 ----a-w- C:\Windows\SysWow64\d3dx9_32.dll
2012-02-07 20:30:48 15712 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\6057a0b21cce5d704\MeshBetaRemover.exe
2012-02-07 20:30:31 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\55e6775e1cce5d703\DSETUP.dll
2012-02-07 20:30:31 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\55e6775e1cce5d703\DXSETUP.exe
2012-02-07 20:30:31 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\55e6775e1cce5d703\dsetup32.dll
2012-02-07 20:30:24 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\515a76781cce5d702\DSETUP.dll
2012-02-07 20:30:24 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\515a76781cce5d702\DXSETUP.exe
2012-02-07 20:30:24 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\515a76781cce5d702\dsetup32.dll
2012-02-07 20:30:14 6260088 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\4b1f9c811cce5d701\Silverlight.4.0.exe
2012-02-07 20:29:45 -------- d-----w- C:\Users\Melly Schulz\AppData\Local\Windows Live
2012-02-07 20:29:44 -------- d-----w- C:\Program Files (x86)\Common Files\Windows Live
.
==================== Find3M ====================
.
2012-01-29 04:10:42 279656 ------w- C:\Windows\System32\MpSigStub.exe
2011-12-14 07:11:03 2308096 ----a-w- C:\Windows\System32\jscript9.dll
2011-12-14 07:04:30 1390080 ----a-w- C:\Windows\System32\wininet.dll
2011-12-14 07:03:38 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl
2011-12-14 06:57:28 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2011-12-14 03:04:54 1798656 ----a-w- C:\Windows\SysWow64\jscript9.dll
2011-12-14 02:57:18 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll
2011-12-14 02:56:58 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2011-12-14 02:50:04 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
.
============= FINISH: 14:54:21,05 ===============
Code:
ATTFilter . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Ultimate Boot Device: \Device\HarddiskVolume1 Install Date: 29.04.2011 21:23:52 System Uptime: 23.02.2012 12:21:35 (2 hours ago) . Motherboard: Wistron | | 3616 Processor: Intel(R) Core(TM)2 Duo CPU T5800 @ 2.00GHz | CPU | 2000/800mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 51 GiB total, 20,093 GiB free. E: is CDROM () F: is Removable . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP222: 23.02.2012 11:32:44 - Windows Update . ==== Installed Programs ====================== . Adobe Flash Player 10 ActiveX Adobe Flash Player 10 Plugin Adobe Reader X (10.1.1) - Deutsch Apple Application Support Apple Software Update Aquamarin Haushaltsbuch 2.9.2 b Ashampoo Photo Commander 9 v.9.2.1 Avira AntiVir Personal - Free Antivirus Bing Bar CloneDVD2 Compatibility Pack für 2007 Office System Conduit Engine D3DX10 DivX-Setup High-Definition Video Playback 10 Java Auto Updater Java(TM) 6 Update 24 Junk Mail filter update LG PC Suite III LG USB Modem Drivers LightScribe System Software Malwarebytes Anti-Malware Version 1.60.1.1000 Mesh Runtime Messenger Companion Microsoft Office Outlook Connector Microsoft Office Professional Edition 2003 Microsoft Primary Interoperability Assemblies 2005 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Mozilla Firefox 10.0.2 (x86 de) MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MyAshampoo Toolbar Nero 10 Menu TemplatePack Basic Nero 10 Movie ThemePack Basic Nero Burning ROM 10 Nero BurnRights 10 Nero Control Center 10 Nero Core Components 10 Nero Dolby Files 10 Nero Express 10 Nero Multimedia Suite 10 Nero StartSmart 10 NVIDIA 3D Vision Controller Driver NVIDIA PhysX Picasa 3 QuickTime RocketDock 1.3.5 Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Skype™ 5.8 Spybot - Search & Destroy System Requirements Lab Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) VC80CRTRedist - 8.0.50727.4053 Windows Live Communications Platform Windows Live Essentials Windows Live Fotogalerie Windows Live Installer Windows Live Mail Windows Live Mesh Windows Live Mesh ActiveX control for remote connections Windows Live Messenger Windows Live Messenger Companion Core Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources WinRAR Archivierer . ==== End Of File =========================== |
|
| Themen zu Bundeskriminalamttrojaner auf dem Rechner - EXP/java.dldr.A |
| .dll, administratorrechte, antivir, avg, daten retten, desktop, exe, explorer, geliefert, heuristiks/extra, heuristiks/shuriken, internet, löschen, maleware, malwarebytes, microsoft, modul, namen, neustart, nt.dll, problem, programm, prozesse, registry, sekunden, starten, task-manager, thomas, trojaner, verweise, virus, windows |
Hybrid-Darstellung
