| |
| |||||||
Log-Analyse und Auswertung: e.ligatus.com 34088 PoppupWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
26.04.2013, 16:02
| #1 |
 |  e.ligatus.com 34088 Poppup Hallo zusammen, ich habe folgendes Problem, ähnlich wie in diesem Thread: Code:
ATTFilter http://www.trojaner-board.de/132879-...com-virus.html Öffnet mein Firefox immer diesen Link: er poppt alle paar stunden mal auf... hxxp://e.ligatus.com/LigatusFallback.gif?ids=34088 Mein Virenpogramm (AVAST) hat nichts gefunden, und ich kriege diesen fehler einach nicht weg. Ich habe bereits wie in dem anderen Thread beschrieben, adwcleaner und TFC.exe ausgeführt. Die Logs hänge ich genauso wie die von Malwarebytes an. Malwarebytes_LOG: Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.04.26.04 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16540 Fabio :: Fabio-PC [Administrator] 26.04.2013 16:58:26 mbam-log-2013-04-26 (16-58-26).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 241379 Laufzeit: 3 Minute(n), 28 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) adwcleaner.txt: Code:
ATTFilter # AdwCleaner v2.202 - Datei am 26/04/2013 um 16:35:06 erstellt
# Aktualisiert am 23/04/2013 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzer : Fabio - Fabio-PC
# Bootmodus : Normal
# Ausgeführt unter : D:\Users\Fabio\Desktop\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Ordner Gelöscht : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Ordner Gelöscht : C:\Users\Fabio\AppData\Local\PackageAware
Ordner Gelöscht : C:\Users\Fabio\AppData\Local\Temp\OCS
Ordner Gelöscht : C:\Users\Fabio\AppData\Roaming\dvdvideosoftiehelpers
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\SocialBit
Schlüssel Gelöscht : HKCU\Software\Softonic
***** [Internet Browser] *****
-\\ Internet Explorer v10.0.9200.16537
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Mozilla Firefox v19.0.2 (de)
Datei : C:\Users\Fabio\AppData\Roaming\Mozilla\Firefox\Profiles\kk4m4oj0.default\prefs.js
[OK] Die Datei ist sauber.
*************************
AdwCleaner[S1].txt - [1118 octets] - [26/04/2013 16:35:06]
########## EOF - C:\AdwCleaner[S1].txt - [1178 octets] ##########
DDS Logfile: Code:
ATTFilter DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16537
Run by Fabio at 16:43:52 on 2013-04-26
Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.4094.2347 [GMT 2:00]
.
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Bigfoot Networks\Killer Network Manager\BFNService.exe
C:\Windows\Explorer.EXE
C:\Program Files\Logitech Gaming Software\LCore.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
C:\Program Files\Bigfoot Networks\Killer Network Manager\KillerNetManager.exe
C:\Users\Fabio\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
C:\Program Files\Logitech Gaming Software\Applets\LCDPop3.exe
C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Last.fm\Last.fm Scrobbler.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - LocalServer32 - <no file>
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
uRun: [Socialbit_Winamp_Server] C:\Program Files (x86)\WifiAmp\WifiAmp Server.exe
uRun: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
uRun: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
uRun: [com.apple.dav.bookmarks.daemon] C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
StartupFolder: C:\Users\Fabio\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ADOBEG~1.LNK - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
StartupFolder: C:\Users\Fabio\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Fabio\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\Users\Fabio\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BIGFOO~1.LNK - C:\Program Files\Bigfoot Networks\Killer Network Manager\KillerNetManager.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoDrives = dword:0
uPolicies-Explorer: NoSimpleNetIDList = dword:1
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: Free YouTube Download - C:\Users\Fabio\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - C:\Users\Fabio\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft &Excel exportieren - C:\PROGRA~2\MICROS~1\Office10\EXCEL.EXE/3000
IE: Nach Microsoft E&xel exportieren - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
LSP: %SYSTEMROOT%\system32\BfLLR.dll
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
TCP: NameServer = 192.168.2.1
TCP: Interfaces\{263943DD-DE6E-4994-98AC-11C32EE23874} : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{56E8CED0-DE40-415E-8091-50C263AE7E0C} : DHCPNameServer = 10.74.210.210 10.74.210.211
TCP: Interfaces\{926A6B0C-7261-43C1-BF31-DF85B98F7A60} : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{C8F8BD4F-F2F8-4C29-B8BF-9C94CDB3C96A} : DHCPNameServer = 10.74.210.210 10.74.210.211
TCP: Interfaces\{CD0C5808-A2B0-4D2C-B200-0A8ACFC42349} : DHCPNameServer = 192.168.2.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Fabio\AppData\Roaming\Mozilla\Firefox\Profiles\kk4m4oj0.default\
FF - prefs.js: browser.startup.homepage - hxxp://go.microsoft.com/fwlink/?LinkId=69157
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\ProtectDisc\License Helper\NPPDLicenseHelper.dll
FF - plugin: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll
FF - plugin: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypchub.dll
FF - plugin: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2013-03-10 23:55; wrc@avast.com; C:\Program Files\AVAST Software\Avast\WebRep\FF
FF - ExtSQL: 2013-03-15 21:02; {1280606b-2510-4fe0-97ef-9b5a22eafe30}; C:\Users\Fabio\AppData\Roaming\Mozilla\Firefox\Profiles\kk4m4oj0.default\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi
FF - ExtSQL: 2013-03-15 21:02; {0b457cAA-602d-484a-8fe7-c1d894a011ba}; C:\Users\Fabio\AppData\Roaming\Mozilla\Firefox\Profiles\kk4m4oj0.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}
FF - ExtSQL: 2013-03-19 19:30; tabutils@ithinc.cn; C:\Users\Fabio\AppData\Roaming\Mozilla\Firefox\Profiles\kk4m4oj0.default\extensions\tabutils@ithinc.cn.xpi
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;aswRvrt;C:\Windows\System32\drivers\aswRvrt.sys [2013-3-3 65336]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2012-8-7 1025808]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2012-8-7 377920]
R2 acedrv11;acedrv11;C:\Windows\System32\drivers\acedrv11.sys [2010-1-20 332688]
R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2012-8-7 33400]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2012-8-7 80816]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-3-11 45248]
R2 Bigfoot Networks Killer Service;Bigfoot Networks Killer Service;C:\Program Files\Bigfoot Networks\Killer Network Manager\BFNService.exe [2012-2-22 492032]
R2 Netzmanager Service;Netzmanager Infrastruktur Informationssystem Dienst;C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2012-7-20 2635776]
R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-8-13 3064000]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-2-9 383264]
R2 TeamViewer8;TeamViewer 8;C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-3-22 3560288]
R3 BfEdge7x64;Bigfoot Networks Killer Ethernet Service;C:\Windows\System32\drivers\Edge7x64.sys [2012-2-22 31336]
R3 BFN7x64;Bigfoot Networks Killer Gaming Service;C:\Windows\System32\drivers\Xeno7x64.sys [2012-2-22 157288]
R3 LADF_CaptureOnly;LADF Capture Filter Driver;C:\Windows\System32\drivers\ladfGSCamd64.sys [2011-4-11 410184]
R3 LADF_RenderOnly;LADF Render Filter Driver;C:\Windows\System32\drivers\ladfGSRamd64.sys [2011-4-11 341832]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;C:\Windows\System32\drivers\LGBusEnum.sys [2009-11-24 22408]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;C:\Windows\System32\drivers\LGVirHid.sys [2009-11-24 16008]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-2-7 161384]
S3 aswVmm;aswVmm;C:\Windows\System32\drivers\aswVmm.sys [2013-3-3 178624]
S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\System32\drivers\netaapl64.sys [2012-3-26 22528]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-11-19 19456]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2009-3-1 187392]
S3 StorSvc;Speicherdienst;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
S3 TelekomNM6;Telekom Netzmanager Packet Filter Driver;C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [2010-9-16 45664]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-11-19 57856]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 vncserver;VNC Server;C:\Program Files\RealVNC\VNC Server\vncserver.exe [2013-3-23 4774208]
S3 vpcuxd;USB-Virtualisierungsstubdienst;C:\Windows\System32\drivers\vpcuxd.sys [2013-1-28 16384]
.
=============== File Associations ===============
.
FileExt: .txt: Applications\notepad++.exe="C:\Program Files (x86)\Notepad++\notepad++.exe" "%1" [UserChoice]
.
=============== Created Last 30 ================
.
2013-04-25 03:06:18 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2013-04-23 22:42:51 9317456 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A522BD56-B487-4871-B072-64488F198E5F}\mpengine.dll
2013-04-23 10:41:18 -------- d-----w- C:\Program Files (x86)\Common Files\Adobe Systems Shared
2013-04-23 10:38:47 -------- d-----w- C:\PS2
2013-04-23 01:57:43 -------- d-----w- C:\Program Files\iConvert
2013-04-23 01:45:55 151552 ----a-w- C:\Windows\SysWow64\nvRegDev.dll
2013-04-23 01:45:46 61440 ----a-w- C:\Windows\SysWow64\nvPhotoshopUtil.dll
2013-04-23 01:45:46 40960 ----a-w- C:\Windows\SysWow64\nvISWOW64.dll
2013-04-23 01:45:45 729088 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iKernel.dll
2013-04-23 01:45:45 69715 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\ctor.dll
2013-04-23 01:45:45 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\DotNetInstaller.exe
2013-04-23 01:45:45 266240 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iscript.dll
2013-04-23 01:45:45 192512 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iuser.dll
2013-04-23 01:45:45 188548 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iGdi.dll
2013-04-23 01:45:44 311428 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\setup.dll
2013-04-23 01:39:37 -------- d-----w- C:\Users\Fabio\AppData\Local\fontconfig
2013-04-23 01:39:33 -------- d-----w- C:\Users\Fabio\AppData\Local\gegl-0.2
2013-04-23 01:39:33 -------- d-----w- C:\Users\Fabio\.gimp-2.8
2013-04-23 01:37:24 -------- d-----w- C:\Program Files\GIMP 2
2013-04-15 19:29:15 -------- d-sh--w- C:\Windows\ftpcache
2013-04-15 19:11:41 -------- d-----w- C:\Program Files (x86)\Activision
2013-04-09 17:57:38 3153408 ----a-w- C:\Windows\System32\win32k.sys
2013-04-09 17:56:12 223752 ----a-w- C:\Windows\System32\drivers\fvevol.sys
2013-04-09 17:56:06 5550424 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-04-09 17:56:04 3913560 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-04-09 17:56:03 3968856 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-04-09 17:56:02 112640 ----a-w- C:\Windows\System32\smss.exe
2013-04-09 17:56:01 6656 ----a-w- C:\Windows\SysWow64\apisetschema.dll
2013-04-09 17:56:01 43520 ----a-w- C:\Windows\System32\csrsrv.dll
2013-03-31 00:58:09 -------- d-sh--w- C:\$RECYCLE.BIN
2013-03-30 22:14:46 -------- d-----w- C:\Users\Fabio\AppData\Roaming\Malwarebytes
2013-03-30 22:14:26 -------- d-----w- C:\ProgramData\Malwarebytes
2013-03-29 17:51:03 -------- d-----w- C:\Program Files (x86)\Microsoft WSE
2013-03-29 17:50:49 -------- d-----w- C:\ProgramData\Netzmanager
2013-03-29 17:50:49 -------- d-----w- C:\Program Files\Netzmanager
2013-03-29 17:50:42 -------- dc-h--w- C:\ProgramData\{87B61FE8-334F-4066-B7AA-68DC81782D4D}
2013-03-29 17:23:24 -------- d-----w- C:\Users\Fabio\AppData\Local\5C9A4F87-84AC-4ECC-BE17-B801B617E8D0.aplzod
.
==================== Find3M ====================
.
2013-04-24 23:37:16 214520 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2013-04-24 23:37:16 214520 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2013-04-24 20:15:27 214520 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2013-04-12 17:37:32 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-04-12 17:37:32 691592 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-03-13 21:52:11 16486616 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2013-03-11 23:10:56 282744 ------w- C:\Windows\System32\MpSigStub.exe
2013-03-06 23:33:21 70992 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2013-03-06 23:33:21 65336 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2013-03-06 23:33:21 178624 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2013-03-06 23:33:21 1025808 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2013-03-06 23:33:20 80816 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2013-03-06 23:32:51 41664 ----a-w- C:\Windows\avastSS.scr
2013-03-06 18:26:54 861088 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2013-03-06 18:26:54 782240 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2013-03-04 11:55:04 37704 ----a-w- C:\Windows\System32\VNCpm.dll
2013-03-04 11:55:00 4608 ----a-w- C:\Windows\System32\drivers\vncmirror.sys
2013-03-04 11:55:00 26112 ----a-w- C:\Windows\System32\vncmirror.dll
2013-02-25 23:32:38 1814304 ----a-w- C:\Windows\System32\nvdispco64.dll
2013-02-25 23:32:32 1510176 ----a-w- C:\Windows\System32\nvdispgenco64.dll
2013-02-21 10:30:16 1766912 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-02-21 10:29:39 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-02-21 10:29:37 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2013-02-21 10:29:37 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2013-02-21 10:15:07 2240512 ----a-w- C:\Windows\System32\wininet.dll
2013-02-21 10:14:09 3958784 ----a-w- C:\Windows\System32\jscript9.dll
2013-02-21 10:14:05 67072 ----a-w- C:\Windows\System32\iesetup.dll
2013-02-21 10:14:05 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2013-02-19 12:01:03 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-02-19 11:42:14 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2013-02-19 11:10:53 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-02-19 10:51:18 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2013-02-12 05:45:24 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2013-02-12 05:45:22 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2013-02-12 05:45:22 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll
2013-02-12 05:45:22 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll
2013-02-12 04:48:31 474112 ----a-w- C:\Windows\apppatch\AcSpecfc.dll
2013-02-12 04:48:26 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll
2013-02-12 04:12:05 19968 ----a-w- C:\Windows\System32\drivers\usb8023.sys
2013-02-10 01:04:31 6393120 ----a-w- C:\Windows\System32\nvcpl.dll
2013-02-10 01:04:31 3472672 ----a-w- C:\Windows\System32\nvsvc64.dll
2013-02-10 01:04:29 877856 ----a-w- C:\Windows\System32\nvvsvc.exe
2013-02-10 01:04:29 63776 ----a-w- C:\Windows\System32\nvshext.dll
2013-02-10 01:04:29 2555680 ----a-w- C:\Windows\System32\nvsvcr.dll
2013-02-10 01:04:29 237856 ----a-w- C:\Windows\System32\nvmctray.dll
2013-02-09 17:43:52 555808 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
2013-02-09 13:25:36 3035306 ----a-w- C:\Windows\System32\nvcoproc.bin
.
============= FINISH: 16:44:28,73 ===============
attach.txt Code:
ATTFilter .
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 06.08.2012 20:38:57
System Uptime: 26.04.2013 16:36:55 (0 hours ago)
.
Motherboard: Gigabyte Technology Co., Ltd. | | P41T-D3
Processor: Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz | Socket 775 | 2400/266mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 400 GiB total, 292,677 GiB free.
D: is FIXED (NTFS) - 531 GiB total, 230,098 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e969-e325-11ce-bfc1-08002be10318}
Description: Standard-Diskettenlaufwerkcontroller
Device ID: ACPI\PNP0700\4&226211B3&0
Manufacturer: (Standard-Diskettenlaufwerkcontroller)
Name: Standard-Diskettenlaufwerkcontroller
PNP Device ID: ACPI\PNP0700\4&226211B3&0
Service: fdc
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Realtek RTL8168C(P)/8111C(P) Family PCI-E Gigabit Ethernet NIC (NDIS 6.20)
Device ID: PCI\VEN_10EC&DEV_8168&SUBSYS_E0001458&REV_02\4&15E70C52&0&00E1
Manufacturer: Realtek
Name: Realtek RTL8168C(P)/8111C(P) Family PCI-E Gigabit Ethernet NIC (NDIS 6.20)
PNP Device ID: PCI\VEN_10EC&DEV_8168&SUBSYS_E0001458&REV_02\4&15E70C52&0&00E1
Service: RTL8167
.
==== System Restore Points ===================
.
RP106: 22.03.2013 20:12:29 - Windows Update
RP107: 26.04.2013 16:28:32 - TuneUp Utilities 2013 wird entfernt
RP108: 26.04.2013 16:29:23 - TuneUp Utilities Language Pack (de-DE) wird entfernt
RP109: 26.04.2013 16:30:58 - Removed Java 7 Update 17
.
==== Installed Programs ======================
.
Adobe Bridge 1.0
Adobe Common File Installer
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Help Center 1.0
Adobe Photoshop CS2
Adobe Reader X (10.1.6) - Deutsch
Adobe Stock Photos 1.0
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Ashampoo Burning Studio 6 FREE v.6.83
Audacity 2.0.2
avast! Free Antivirus
Bigfoot Networks Killer Network Manager
Bonjour
Call of Duty(R) 2
Call of Duty(R) 2 Patch 1.3
Canon Inkjet Printer Driver Add-On Module V2.00
Canon MP Navigator EX 1.0
Canon MX310 series
Counter-Strike: Global Offensive
Counter-Strike: Source
Dropbox
Free YouTube Download version 3.2.1.320
Free YouTube to MP3 Converter version 3.12.0.128
iCloud
ICQ7M
IrfanView (remove only)
iTunes
LAME v3.99.3 (for Windows)
Last.fm Scrobbler 2.1.35
Logitech Gaming Software
Logitech Gaming Software 8.30
ManiaPlanet
Mediencenter 3.6.0.1202
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile DEU Language Pack
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (German) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (German) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (German) 2007
Microsoft Office InfoPath MUI (German) 2007
Microsoft Office Live Add-in 1.5
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (German) 2007
Microsoft Office Outlook MUI (German) 2007
Microsoft Office PowerPoint MUI (German) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (German) 2007
Microsoft Office Proof (Italian) 2007
Microsoft Office Proofing (German) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (German) 2007
Microsoft Office Shared 64-bit MUI (German) 2007
Microsoft Office Shared MUI (German) 2007
Microsoft Office Word MUI (German) 2007
Microsoft Silverlight
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft WSE 3.0 Runtime
Mozilla Firefox 19.0.2 (x86 de)
Mozilla Maintenance Service
Mozilla Thunderbird 17.0.5 (x86 de)
MSI PLC Utility
Need for Speed™ Most Wanted
Netzmanager
Notepad++
NVIDIA 3D Vision Controller-Treiber 314.07
NVIDIA 3D Vision Treiber 314.07
NVIDIA Grafiktreiber 314.07
NVIDIA HD-Audiotreiber 1.3.23.1
NVIDIA Install Application
NVIDIA Photoshop Plug-ins
NVIDIA PhysX
NVIDIA PhysX-Systemsoftware 9.12.1031
NVIDIA Stereoscopic 3D Driver
NVIDIA Systemsteuerung 314.07
NVIDIA Update 1.12.12
NVIDIA Update Components
Origin
Paint.NET v3.5.10
PDF-Viewer
Protect Disc License Helper 1.0.118
ProtectDisc Driver, Version 11
PunkBuster Services
QuickTime
Safari
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition
Skype Click to Call
Skype™ 6.2
Steam
TeamSpeak 3 Client
TeamViewer 8
TmUnitedForever Update 2010-03-15
Tom Clancy's Ghost Recon Future Soldier
TrackMania United 0.2.0.8
Update für Microsoft Office Excel 2007 Help (KB963678)
Update für Microsoft Office Outlook 2007 Help (KB963677)
Update für Microsoft Office Powerpoint 2007 Help (KB963669)
Update für Microsoft Office Word 2007 Help (KB963665)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2768021) 32-Bit Edition
Uplay
VLC media player 2.0.6
VNC Mirror Driver 1.8.0
VNC Printer Driver 1.8.0
VNC Server 5.0.5
VNC Viewer 5.0.5
WifiAmp Version 2.0.0
Winamp
Winamp Erkennungs-Plug-in
Windows XP Mode
WinPcap 4.1.2
WinRAR 4.20 (64-Bit)
WinSCP 4.3.9
XAMPP 1.8.0
ZERO-G
.
==== End Of File ===========================
Mfg Aloukat |
| Themen zu e.ligatus.com 34088 Poppup |
| 4d36e972-e325-11ce-bfc1-08002be10318, administrator, adobe, antivirus, aswrvrt.sys, avast, bonjour, browser, converter, cpu, defender, desktop, device driver, email, excel, explorer, fehler, firefox, flash player, hook, internet browser, mozilla, mp3, nodrives, office 2007, problem, realtek, registrierungsdatenbank, software, svchost.exe, temp, tracker, updates |
Baum-Darstellung