Trojaner-Board
Seite 2 von 3 1 2 3
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Win7 Security 2011 Center, Action Center (https://www.trojaner-board.de/100043-win7-security-2011-center-action-center.html)

madd 14.06.2011 09:38
nein. sorry... man muss mir alles sagen. bin kein Programmierer. Danke.

cosinus 14.06.2011 10:11
Hat nichts mit Programmieren zu tun. Sollte auch klar sein, wenn ich etwas unkenntliche mache verändere ich etwas und das muss natürlich rückgängig gemacht werden.

=> http://www.trojaner-board.de/69886-a...-beachten.html


Hinweis:
Bitte macht dies nur dann, wenn die Logfiles wirklich euren Namen zeigen. Es erschwert den Helfern das schreiben von Skripten und ihr müsst diese wieder selbstständig einfügen.
Mit erfundenen Profilnamen ( z.B. Larusso ) kann niemand was anfangen.

madd 18.06.2011 14:28
sorry, hat n bissl gedauert.
Nächster Versuch:
OTL

OTL Logfile:
Code:
OTL logfile created on: 13.06.2011 16:58:33 - Run 4
OTL by OldTimer - Version 3.2.23.0    Folder = C:\Users\+++\Desktop
64bit- An unknown product  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,25 Gb Total Physical Memory | 1,78 Gb Available Physical Memory | 54,68% Memory free
6,49 Gb Paging File | 4,72 Gb Available in Paging File | 72,70% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 195,21 Gb Total Space | 139,87 Gb Free Space | 71,65% Space Free | Partition Type: NTFS
Drive D: | 503,32 Gb Total Space | 420,03 Gb Free Space | 83,45% Space Free | Partition Type: NTFS
Drive F: | 7,63 Gb Total Space | 0,04 Gb Free Space | 0,58% Space Free | Partition Type: FAT32
Drive H: | 972,39 Mb Total Space | 938,14 Mb Free Space | 96,48% Space Free | Partition Type: FAT
Drive L: | 931,31 Gb Total Space | 664,50 Gb Free Space | 71,35% Space Free | Partition Type: NTFS
 
Computer Name: BLACKBIRD | User Name: +++ | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011.06.07 00:02:20 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\+++\Desktop\OTL.exe
PRC - [2011.05.29 09:11:28 | 000,449,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011.05.29 09:11:28 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011.04.22 20:08:54 | 002,008,576 | ---- | M] () -- C:\Program Files (x86)\foobar2000\foobar2000.exe
PRC - [2011.04.15 03:11:14 | 012,594,352 | ---- | M] (Mozilla Messaging) -- C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
PRC - [2011.04.14 18:40:02 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2010.07.07 16:00:22 | 007,667,970 | ---- | M] () -- C:\Program Files (x86)\Datacolor\Spyder3Elite\Utility\Spyder3Utility.exe
 
 
========== Modules (SafeList) ==========
 
MOD - [2011.06.07 00:02:20 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\+++\Desktop\OTL.exe
MOD - [2010.08.21 07:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2010.11.11 14:36:38 | 000,282,616 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2010.11.11 14:36:38 | 000,012,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2007.09.13 14:45:42 | 000,119,296 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\stacsv64.exe -- (STacSV)
SRV - [2011.05.29 09:11:28 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011.05.17 17:32:22 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010.06.14 15:07:14 | 000,615,936 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\Nokia\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2011.05.29 09:11:20 | 000,025,912 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011.05.18 13:04:19 | 000,046,112 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tbhsd.sys -- (tbhsd)
DRV:64bit: - [2010.10.24 21:25:38 | 000,072,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2010.07.30 14:18:04 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:64bit: - [2010.07.30 14:18:02 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2010.07.30 14:18:00 | 000,026,624 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2010.07.30 14:17:56 | 000,019,456 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2010.07.12 20:36:10 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010.03.30 22:27:42 | 000,015,360 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Spyder3.sys -- (Spyder3)
DRV:64bit: - [2009.07.14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.07.14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:06:32 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2009.07.14 01:31:10 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2009.06.10 23:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009.06.10 23:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009.06.10 23:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009.06.10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009.06.10 22:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel(R)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.01 00:55:56 | 002,755,096 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LV302V64.SYS -- (PID_PEPI) Logitech QuickCam IM(PID_PEPI)
DRV:64bit: - [2008.08.28 12:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2007.09.13 14:46:06 | 000,392,192 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2007.03.26 19:48:24 | 000,055,808 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rixdpx64.sys -- (rismxdp)
DRV:64bit: - [2007.03.19 12:09:36 | 000,055,808 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimmpx64.sys -- (rimmptsk)
DRV:64bit: - [2007.02.27 16:10:38 | 000,053,760 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimspx64.sys -- (rimsptsk)
DRV:64bit: - [2006.11.01 07:33:34 | 000,022,832 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SiWinAcc.sys -- (SiFilter)
DRV:64bit: - [2006.11.01 07:33:24 | 000,017,200 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SiRemFil.sys -- (SiRemFil)
DRV:64bit: - [2006.11.01 07:33:00 | 000,109,872 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SI3132.sys -- (SI3132)
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
 
========== FireFox ==========
 
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}: C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2011.05.17 16:05:27 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011.05.18 09:58:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011.05.18 09:58:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.05.18 08:05:05 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.05.18 15:53:27 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.10\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011.05.18 08:05:05 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.10\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2011.05.18 09:58:17 | 000,000,000 | ---D | M]
 
[2011.06.10 16:48:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\+++\AppData\Roaming\mozilla\Extensions
[2011.06.10 16:48:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\+++\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011.05.24 15:39:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2011.05.18 15:53:28 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
File not found (No name found) --
[2011.05.17 16:05:27 | 000,000,000 | ---D | M] (Adobe Contribute Toolbar) -- C:\PROGRAM FILES (X86)\ADOBE\ADOBE CONTRIBUTE CS5\PLUGINS\FIREFOXPLUGIN\{01A8CA0A-4C96-465B-A49B-65C46FAD54F9}
[2011.04.14 18:40:03 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.05.18 15:53:16 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4:64bit: - HKLM..\Run: [SigmatelSysTrayApp] C:\Programme\SigmaTel\C-Major Audio\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.06.10 16:48:43 | 000,000,000 | ---D | C] -- C:\Users\+++\AppData\Roaming\Thunderbird
[2011.06.10 16:48:43 | 000,000,000 | ---D | C] -- C:\Users\+++\AppData\Local\Thunderbird
[2011.06.10 16:48:33 | 000,000,000 | ---D | C] -- C:\Users\+++\AppData\Roaming\Mozilla
[2011.06.10 16:48:33 | 000,000,000 | ---D | C] -- C:\Users\+++\AppData\Local\Mozilla
[2011.06.10 16:47:50 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Users\+++\Desktop\OTL.exe
[2011.06.10 12:21:30 | 000,000,000 | ---D | C] -- C:\Users\+++\AppData\Roaming\Malwarebytes
[2011.06.10 12:21:13 | 000,039,984 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011.06.10 12:21:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.06.08 16:21:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrossFont
[2011.06.08 16:21:24 | 000,000,000 | ---D | C] -- C:\Users\+++\AppData\Local\CrossFnt
[2011.06.08 16:21:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CrossFnt
[2011.06.08 14:29:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rainbow Folders
[2011.06.08 14:29:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Rainbow Folders
[2011.06.07 14:37:01 | 000,000,000 | ---D | C] -- C:\Users\+++\AppData\Local\Datacolor
[2011.06.07 14:36:59 | 000,000,000 | ---D | C] -- C:\Users\+++\AppData\Roaming\Duplicati
[2011.06.07 14:36:59 | 000,000,000 | ---D | C] -- C:\Users\+++\AppData\Roaming\Adobe
[2011.06.07 14:36:47 | 000,000,000 | R--D | C] -- C:\Users\+++\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011.06.07 14:36:47 | 000,000,000 | R--D | C] -- C:\Users\+++\Searches
[2011.06.07 14:36:47 | 000,000,000 | R--D | C] -- C:\Users\+++\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011.06.07 14:36:39 | 000,000,000 | ---D | C] -- C:\Users\+++\AppData\Roaming\Identities
[2011.06.07 14:36:37 | 000,000,000 | R--D | C] -- C:\Users\+++\Contacts
[2011.06.07 14:36:23 | 000,000,000 | ---D | C] -- C:\Users\+++\AppData\Local\VirtualStore
[2011.06.07 14:36:18 | 000,000,000 | --SD | C] -- C:\Users\+++\AppData\Roaming\Microsoft
[2011.06.07 14:36:18 | 000,000,000 | R--D | C] -- C:\Users\+++\Music
[2011.06.07 14:36:18 | 000,000,000 | R--D | C] -- C:\Users\+++\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2011.06.07 14:36:18 | 000,000,000 | R--D | C] -- C:\Users\+++\Links
[2011.06.07 14:36:18 | 000,000,000 | R--D | C] -- C:\Users\+++\Favorites
[2011.06.07 14:36:18 | 000,000,000 | R--D | C] -- C:\Users\+++\Downloads
[2011.06.07 14:36:18 | 000,000,000 | R--D | C] -- C:\Users\+++\Documents
[2011.06.07 14:36:18 | 000,000,000 | R--D | C] -- C:\Users\+++\Desktop
[2011.06.07 14:36:18 | 000,000,000 | R--D | C] -- C:\Users\+++\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011.06.07 14:36:18 | 000,000,000 | -HSD | C] -- C:\Users\+++\Vorlagen
[2011.06.07 14:36:18 | 000,000,000 | -HSD | C] -- C:\Users\+++\AppData\Local\Verlauf
[2011.06.07 14:36:18 | 000,000,000 | -HSD | C] -- C:\Users\+++\AppData\Local\Temporary Internet Files
[2011.06.07 14:36:18 | 000,000,000 | -HSD | C] -- C:\Users\+++\Startmenü
[2011.06.07 14:36:18 | 000,000,000 | -HSD | C] -- C:\Users\+++\SendTo
[2011.06.07 14:36:18 | 000,000,000 | -HSD | C] -- C:\Users\+++\Recent
[2011.06.07 14:36:18 | 000,000,000 | -HSD | C] -- C:\Users\+++\Netzwerkumgebung
[2011.06.07 14:36:18 | 000,000,000 | -HSD | C] -- C:\Users\+++\Lokale Einstellungen
[2011.06.07 14:36:18 | 000,000,000 | -HSD | C] -- C:\Users\+++\Documents\Eigene Videos
[2011.06.07 14:36:18 | 000,000,000 | -HSD | C] -- C:\Users\+++\Documents\Eigene Musik
[2011.06.07 14:36:18 | 000,000,000 | -HSD | C] -- C:\Users\+++\Eigene Dateien
[2011.06.07 14:36:18 | 000,000,000 | -HSD | C] -- C:\Users\+++\Documents\Eigene Bilder
[2011.06.07 14:36:18 | 000,000,000 | -HSD | C] -- C:\Users\+++\Druckumgebung
[2011.06.07 14:36:18 | 000,000,000 | -HSD | C] -- C:\Users\+++\Cookies
[2011.06.07 14:36:18 | 000,000,000 | -HSD | C] -- C:\Users\+++\AppData\Local\Anwendungsdaten
[2011.06.07 14:36:18 | 000,000,000 | -HSD | C] -- C:\Users\+++\Anwendungsdaten
[2011.06.07 14:36:18 | 000,000,000 | -H-D | C] -- C:\Users\+++\AppData
[2011.06.07 14:36:18 | 000,000,000 | ---D | C] -- C:\Users\+++\AppData\Local\Temp
[2011.06.07 14:36:18 | 000,000,000 | ---D | C] -- C:\Users\+++\AppData\Local\Microsoft
[2011.06.07 14:36:18 | 000,000,000 | ---D | C] -- C:\Users\+++\AppData\Roaming\Media Center Programs
[2011.06.07 14:36:18 | 000,000,000 | ---D | C] -- C:\Users\+++\AppData\Roaming\Macromedia
[2011.06.07 14:36:17 | 000,000,000 | R--D | C] -- C:\Users\+++\Videos
[2011.06.07 14:36:17 | 000,000,000 | R--D | C] -- C:\Users\+++\Saved Games
[2011.06.07 14:36:17 | 000,000,000 | R--D | C] -- C:\Users\+++\Pictures
[2011.06.07 11:13:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011.06.07 09:46:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2011.06.07 09:46:33 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Security Client
[2011.06.07 07:54:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.06.07 07:54:15 | 000,025,912 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011.06.07 06:25:39 | 000,000,000 | ---D | C] -- C:\.Trash-999
[2011.06.01 12:58:47 | 000,090,112 | ---- | C] (MindVision Software) -- C:\Windows\unvise32.exe
[2011.06.01 12:58:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Datacolor
[2011.06.01 12:57:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Datacolor
[2011.05.31 19:40:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\foobar2000
[2011.05.27 07:28:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011.05.27 07:28:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2011.05.27 07:28:40 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2011.05.25 10:26:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Camtasia Studio 7
[2011.05.25 10:26:57 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\QuickTime
[2011.05.25 10:26:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\TechSmith Shared
[2011.05.25 10:26:23 | 000,000,000 | ---D | C] -- C:\ProgramData\TechSmith
[2011.05.25 10:26:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TechSmith
[2011.05.25 07:50:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audials TV
[2011.05.25 07:49:22 | 000,000,000 | ---D | C] -- C:\ProgramData\RapidSolution
[2011.05.25 07:49:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RapidSolution
[2011.05.25 07:49:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audials 8
[2011.05.24 15:19:48 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.3
[2011.05.24 15:17:25 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2011.05.23 13:49:06 | 000,000,000 | ---D | C] -- C:\Programme\Hewlett-Packard
[2011.05.23 13:48:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Hewlett-Packard
[2011.05.23 09:44:06 | 000,321,536 | ---- | C] (Hewlett Packard Corporation) -- C:\Windows\SysWow64\hpcc3112.dll
[2011.05.23 07:20:12 | 000,000,000 | ---D | C] -- C:\Programme\Duplicati
[2011.05.23 07:20:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Duplicati
[2011.05.21 08:02:07 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Suite
[2011.05.21 07:59:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia
[2011.05.21 07:59:03 | 000,000,000 | ---D | C] -- C:\ProgramData\NokiaMusic
[2011.05.21 07:58:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nokia
[2011.05.21 07:57:47 | 000,000,000 | ---D | C] -- C:\Programme\DIFX
[2011.05.21 07:57:45 | 000,025,600 | ---- | C] (Nokia) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys
[2011.05.21 07:52:14 | 000,057,856 | ---- | C] (Nokia) -- C:\Windows\SysNative\nmwcdclsX64.dll
[2011.05.21 07:52:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nokia
[2011.05.19 07:36:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blender Foundation
[2011.05.19 07:36:02 | 000,000,000 | ---D | C] -- C:\Programme\Blender Foundation
[2011.05.18 19:50:32 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2011.05.18 16:52:52 | 001,560,576 | ---- | C] (Brother Industries, Ltd.) -- C:\Windows\SysNative\BrWia09b.dll
[2011.05.18 16:52:52 | 000,050,176 | ---- | C] (Brother Industries, Ltd.) -- C:\Windows\SysNative\BrUsi09a.dll
[2011.05.18 16:52:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Brother
[2011.05.18 16:51:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Brother
[2011.05.18 15:59:31 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2011.05.18 15:54:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenOffice.org 3
[2011.05.18 15:53:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2011.05.18 15:53:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2011.05.18 15:53:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2011.05.18 13:04:19 | 000,046,112 | ---- | C] (RapidSolution Software AG) -- C:\Windows\SysNative\drivers\tbhsd.sys
[2011.05.18 10:39:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype Extras
[2011.05.18 10:38:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2011.05.18 10:24:01 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\logishrd
[2011.05.18 09:57:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus
[2011.05.18 09:57:11 | 000,000,000 | ---D | C] -- C:\Programme\DivX
[2011.05.18 09:57:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared
[2011.05.18 09:55:26 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2011.05.18 09:47:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
[2011.05.18 09:47:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX
[2011.05.18 09:42:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revolver
[2011.05.18 09:41:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Revolver Solo
[2011.05.18 08:18:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2011.05.18 08:18:23 | 000,000,000 | ---D | C] -- C:\Programme\7-Zip
[2011.05.18 08:04:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2011.05.18 08:04:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2011.05.18 08:04:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2011.05.18 08:03:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2011.05.18 08:03:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2011.05.18 07:59:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2011.05.18 07:19:46 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2011.05.18 06:47:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
[2011.05.18 06:47:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FileZilla FTP Client
[2011.05.18 06:24:19 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2011.05.17 17:50:55 | 000,000,000 | ---D | C] -- C:\ProgramData\FLEXnet
[2011.05.17 17:32:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Macrovision Shared
[2011.05.17 17:23:58 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2011.05.17 17:23:21 | 000,067,176 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2011.05.17 17:23:21 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2011.05.17 17:22:49 | 000,000,000 | ---D | C] -- C:\Programme\NVIDIA Corporation
[2011.05.17 17:21:29 | 000,000,000 | ---D | C] -- C:\ProgramData\PACE Anti-Piracy
[2011.05.17 16:57:48 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe
[2011.05.17 16:36:28 | 000,000,000 | ---D | C] -- C:\ProgramData\ALM
[2011.05.17 16:21:18 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Adobe
[2011.05.17 15:47:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe Media Player
[2011.05.17 15:47:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
[2011.05.17 15:46:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2011.05.17 15:46:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Sonic Shared
[2011.05.17 15:46:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\My Company Name
[2011.05.17 15:43:19 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Adobe
[2011.05.17 15:43:17 | 000,000,000 | ---D | C] -- C:\Programme\Adobe
[2011.05.17 15:42:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS5
[2011.05.17 15:42:16 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2011.05.17 15:42:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2011.05.17 15:42:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2011.05.17 15:39:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2011.05.17 15:36:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2011.05.17 15:29:33 | 000,109,872 | ---- | C] (Silicon Image, Inc.) -- C:\Windows\SysNative\drivers\SI3132.sys
[2011.05.17 15:29:33 | 000,022,832 | ---- | C] (Silicon Image, Inc.) -- C:\Windows\SysNative\drivers\SiWinAcc.sys
[2011.05.17 15:29:33 | 000,017,200 | ---- | C] (Silicon Image, Inc.) -- C:\Windows\SysNative\drivers\SiRemFil.sys
[2011.05.17 15:24:44 | 005,083,648 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\stacui64.cpl
[2011.05.17 15:24:44 | 000,119,296 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\stacsv64.exe
[2011.05.17 15:24:19 | 000,000,000 | ---D | C] -- C:\Programme\SigmaTel
[2011.05.17 15:24:18 | 000,654,848 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\stapo64.dll
[2011.05.17 15:24:18 | 000,392,192 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\drivers\stwrt64.sys
[2011.05.17 15:24:18 | 000,365,056 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\stapi64.dll
[2011.05.17 15:24:18 | 000,347,648 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\stcplx64.dll
[2011.05.17 15:24:18 | 000,177,664 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\st645614.dll
[2011.05.17 15:24:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SigmaTel
[2011.05.17 15:21:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2011.05.17 15:20:15 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2011.05.17 14:56:45 | 000,055,808 | ---- | C] (REDC) -- C:\Windows\SysNative\drivers\rixdpx64.sys
[2011.05.17 14:56:45 | 000,055,808 | ---- | C] (REDC) -- C:\Windows\SysNative\drivers\rimmpx64.sys
[2011.05.17 14:56:45 | 000,053,760 | ---- | C] (REDC) -- C:\Windows\SysNative\drivers\rimspx64.sys
[2011.05.17 14:56:45 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2011.05.17 14:56:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2011.05.17 14:56:24 | 000,000,000 | ---D | C] -- C:\dell
[2011.05.17 14:31:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2011.05.17 14:20:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird
[2011.05.17 14:20:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
[2011.05.17 13:24:49 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2011.05.17 13:13:00 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2011.05.17 12:43:01 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2011.05.17 12:43:01 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2011.05.17 12:43:01 | 000,000,000 | -HSD | C] -- C:\Recovery
[2011.05.17 12:43:01 | 000,000,000 | -HSD | C] -- C:\Programme
[2011.05.17 12:43:01 | 000,000,000 | -HSD | C] -- C:\Programme\Gemeinsame Dateien
[2011.05.17 12:43:01 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2011.05.17 12:43:01 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2011.05.17 12:43:01 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2011.05.17 12:43:01 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2011.05.17 12:43:01 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2011.05.17 12:43:01 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2011.05.17 12:43:01 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2011.05.17 12:28:26 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2011.05.17 12:25:32 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2011.05.17 12:25:14 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011.06.13 13:28:29 | 000,014,832 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.06.13 13:28:29 | 000,014,832 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.06.13 13:19:23 | 002,123,416 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.06.13 13:19:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.06.13 13:18:58 | 2615,783,424 | -HS- | M] () -- C:\hiberfil.sys
[2011.06.10 16:43:27 | 001,502,580 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.06.10 16:43:27 | 000,654,292 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.06.10 16:43:27 | 000,617,616 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.06.10 16:43:27 | 000,130,784 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.06.10 16:43:27 | 000,107,958 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.06.10 12:21:14 | 000,001,119 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.06.07 09:47:11 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif
[2011.06.07 09:46:50 | 001,524,494 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.06.07 08:23:28 | 000,012,122 | -HS- | M] () -- C:\ProgramData\w750dc15gj4lahb7v3a
[2011.06.07 00:02:20 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\+++\Desktop\OTL.exe
[2011.06.01 13:03:41 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_Spyder3_01001.Wdf
[2011.06.01 12:58:42 | 000,001,353 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Spyder3Utility.lnk
[2011.05.29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011.05.29 09:11:20 | 000,025,912 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011.05.23 13:48:58 | 000,000,000 | ---- | M] () -- C:\Windows\HPMProp.INI
[2011.05.23 07:20:18 | 000,001,909 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Duplicati.lnk
[2011.05.21 07:53:27 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2011.05.21 07:52:57 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ccdcmbx64_01009.Wdf
[2011.05.18 16:53:41 | 000,000,050 | ---- | M] () -- C:\Windows\SysNative\bridf07a.dat
[2011.05.18 16:53:39 | 000,000,425 | ---- | M] () -- C:\Windows\BRWMARK.INI
[2011.05.18 16:53:39 | 000,000,027 | ---- | M] () -- C:\Windows\BRPP2KA.INI
[2011.05.18 13:04:19 | 000,046,112 | ---- | M] (RapidSolution Software AG) -- C:\Windows\SysNative\drivers\tbhsd.sys
[2011.05.18 10:39:58 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat
[2011.05.18 05:45:02 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2011.05.18 05:44:57 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2011.05.17 13:57:11 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2011.05.17 12:31:06 | 000,054,699 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2011.05.17 12:31:06 | 000,054,699 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2011.05.17 12:30:07 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WUDFUsbccidDriver_01_09_00.Wdf
[2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011.06.10 12:21:14 | 000,001,119 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.06.07 14:36:55 | 000,001,415 | ---- | C] () -- C:\Users\+++\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2011.06.07 14:36:48 | 000,001,449 | ---- | C] () -- C:\Users\+++\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011.06.07 14:12:38 | 000,001,909 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Duplicati.lnk
[2011.06.07 14:12:38 | 000,001,353 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Spyder3Utility.lnk
[2011.06.07 09:46:38 | 000,001,903 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2011.06.06 08:00:31 | 000,012,122 | -HS- | C] () -- C:\ProgramData\w750dc15gj4lahb7v3a
[2011.06.01 13:03:41 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_Spyder3_01001.Wdf
[2011.05.31 19:40:23 | 000,001,123 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\foobar2000.lnk
[2011.05.25 07:50:02 | 000,002,159 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\audials TV.lnk
[2011.05.23 14:17:11 | 000,018,224 | ---- | C] () -- C:\Windows\SysNative\hpceac06.hpi
[2011.05.23 13:48:58 | 000,000,000 | ---- | C] () -- C:\Windows\HPMProp.INI
[2011.05.21 07:53:27 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2011.05.21 07:52:57 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ccdcmbx64_01009.Wdf
[2011.05.18 16:53:41 | 000,000,050 | ---- | C] () -- C:\Windows\SysNative\bridf07a.dat
[2011.05.18 16:53:39 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2011.05.18 16:53:39 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2011.05.18 10:39:58 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011.05.18 07:59:51 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2011.05.18 05:45:02 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2011.05.18 05:44:57 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2011.05.17 17:31:24 | 000,002,453 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat 9 Pro.lnk
[2011.05.17 17:31:24 | 000,002,177 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle Designer ES 8.2.lnk
[2011.05.17 17:31:23 | 000,002,465 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Distiller 9.lnk
[2011.05.17 17:23:19 | 000,007,771 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2011.05.17 15:42:12 | 000,001,003 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
[2011.05.17 14:56:45 | 000,016,480 | ---- | C] () -- C:\Windows\SysNative\rixdicon.dll
[2011.05.17 14:31:13 | 000,001,160 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011.05.17 13:57:11 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2011.05.17 13:13:47 | 000,001,912 | ---- | C] () -- C:\Windows\epplauncher.mif
[2011.05.17 13:13:22 | 001,524,494 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.05.17 12:30:56 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2011.05.17 12:30:26 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2011.05.17 12:30:07 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WUDFUsbccidDriver_01_09_00.Wdf
[2011.05.17 12:25:14 | 2615,783,424 | -HS- | C] () -- C:\hiberfil.sys
[2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2008.11.06 18:37:32 | 003,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll
 
========== LOP Check ==========
 
[2011.06.07 14:37:02 | 000,000,000 | ---D | M] -- C:\Users\+++\AppData\Roaming\Duplicati
[2011.06.10 16:48:45 | 000,000,000 | ---D | M] -- C:\Users\+++\AppData\Roaming\Thunderbird
[2009.07.14 07:08:49 | 000,018,774 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >
--- --- ---

[/CODE]




und dann das log






Code:
========== OTL ==========
Prefs.js: 2 removed from network.proxy.ftp_port
Prefs.js: "" removed from network.proxy.gopher
Prefs.js: 2 removed from network.proxy.gopher_port
Prefs.js: 2 removed from network.proxy.http_port
Prefs.js: 2 removed from network.proxy.socks_port
Prefs.js: 2 removed from network.proxy.ssl_port
Prefs.js: 0 removed from network.proxy.type
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ not found.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f1427393-806f-11e0-9230-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f1427393-806f-11e0-9230-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f1427393-806f-11e0-9230-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f1427393-806f-11e0-9230-806e6f6e6963}\ not found.
File E:\tools\shelexec.exe html\index.htm not found.
Folder C:\.Trash-999\ not found.
File C:\Users\***\AppData\Local\w750dc15gj4lahb7v3a not found.
File C:\ProgramData\w750dc15gj4lahb7v3a not found.
Unable to delete ADS C:\Users\***\AppData\Local\Temp:nNF3EDZrQSPBkb9nzPZ4pM35Pd .
Unable to delete ADS C:\Users\***\AppData\Local\Temp:Ra1kaFVeGPUC0ldmyObOuy0P .
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.23.0 log created on 06182011_151805

Ich habe den fix dann für alle Benutzernamen laufen lassen, war das richtig? Ergebnis war zumindst immer das selbe.

Danke, schonmal für die Geduld

cosinus 20.06.2011 08:05
Bitte nun dieses Tool von Kaspersky ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html

Das Tool so einstellen wie unten im Bild angegeben - also beide Haken setzen, auf Start scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.

http://www.trojaner-board.de/attachm...rnen-start.png


Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, Verknüpfungen auf dem Desktop oder im Startmenü unter "alle Programme" fehlen, bitte unhide ausführen:
Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop.
Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )
http://www.trojaner-board.de/images/icons/icon4.gif Windows-Vista und Windows-7-User müssen das Tool per Rechtsklick als Administrator ausführen! http://www.trojaner-board.de/images/icons/icon4.gif

madd 20.06.2011 08:55
Code:
2011/06/20 09:53:14.0686 4424        TDSS rootkit removing tool 2.5.5.0 Jun 16 2011 15:25:15
2011/06/20 09:53:14.0732 4424        ================================================================================
2011/06/20 09:53:14.0732 4424        SystemInfo:
2011/06/20 09:53:14.0732 4424       
2011/06/20 09:53:14.0732 4424        OS Version: 6.1.7600 ServicePack: 0.0
2011/06/20 09:53:14.0732 4424        Product type: Workstation
2011/06/20 09:53:14.0732 4424        ComputerName: ***
2011/06/20 09:53:14.0732 4424        UserName: ***
2011/06/20 09:53:14.0732 4424        Windows directory: C:\Windows
2011/06/20 09:53:14.0732 4424        System windows directory: C:\Windows
2011/06/20 09:53:14.0732 4424        Running under WOW64
2011/06/20 09:53:14.0732 4424        Processor architecture: Intel x64
2011/06/20 09:53:14.0732 4424        Number of processors: 2
2011/06/20 09:53:14.0732 4424        Page size: 0x1000
2011/06/20 09:53:14.0732 4424        Boot type: Normal boot
2011/06/20 09:53:14.0732 4424        ================================================================================
2011/06/20 09:53:17.0962 4424        Initialize success
2011/06/20 09:53:20.0459 4244        ================================================================================
2011/06/20 09:53:20.0459 4244        Scan started
2011/06/20 09:53:20.0459 4244        Mode: Manual;
2011/06/20 09:53:20.0459 4244        ================================================================================
2011/06/20 09:53:21.0379 4244        1394ohci        (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
2011/06/20 09:53:21.0426 4244        ACPI            (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
2011/06/20 09:53:21.0519 4244        AcpiPmi        (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
2011/06/20 09:53:21.0582 4244        adp94xx        (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
2011/06/20 09:53:21.0675 4244        adpahci        (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
2011/06/20 09:53:21.0722 4244        adpu320        (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
2011/06/20 09:53:21.0800 4244        AFD            (6ef20ddf3172e97d69f596fb90602f29) C:\Windows\system32\drivers\afd.sys
2011/06/20 09:53:21.0894 4244        agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
2011/06/20 09:53:21.0941 4244        aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
2011/06/20 09:53:22.0019 4244        amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
2011/06/20 09:53:22.0065 4244        AmdK8          (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
2011/06/20 09:53:22.0097 4244        AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
2011/06/20 09:53:22.0175 4244        amdsata        (7a4b413614c055935567cf88a9734d38) C:\Windows\system32\DRIVERS\amdsata.sys
2011/06/20 09:53:22.0221 4244        amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
2011/06/20 09:53:22.0253 4244        amdxata        (b4ad0cacbab298671dd6f6ef7e20679d) C:\Windows\system32\DRIVERS\amdxata.sys
2011/06/20 09:53:22.0331 4244        AppID          (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
2011/06/20 09:53:22.0549 4244        arc            (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
2011/06/20 09:53:22.0627 4244        arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
2011/06/20 09:53:22.0689 4244        AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/06/20 09:53:22.0721 4244        atapi          (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
2011/06/20 09:53:22.0845 4244        b06bdrv        (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
2011/06/20 09:53:22.0923 4244        b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
2011/06/20 09:53:23.0017 4244        Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
2011/06/20 09:53:23.0142 4244        blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
2011/06/20 09:53:23.0204 4244        bowser          (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
2011/06/20 09:53:23.0282 4244        BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
2011/06/20 09:53:23.0313 4244        BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
2011/06/20 09:53:23.0360 4244        Brserid        (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
2011/06/20 09:53:23.0438 4244        BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
2011/06/20 09:53:23.0485 4244        BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
2011/06/20 09:53:23.0501 4244        BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
2011/06/20 09:53:23.0547 4244        BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
2011/06/20 09:53:23.0641 4244        cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/06/20 09:53:23.0703 4244        cdrom          (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
2011/06/20 09:53:23.0813 4244        circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
2011/06/20 09:53:23.0859 4244        CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
2011/06/20 09:53:23.0984 4244        CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/06/20 09:53:24.0015 4244        cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
2011/06/20 09:53:24.0062 4244        CNG            (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
2011/06/20 09:53:24.0156 4244        Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
2011/06/20 09:53:24.0203 4244        CompositeBus    (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
2011/06/20 09:53:24.0281 4244        crcdisk        (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
2011/06/20 09:53:24.0359 4244        CSC            (4a6173c2279b498cd8f57cae504564cb) C:\Windows\system32\drivers\csc.sys
2011/06/20 09:53:24.0499 4244        DfsC            (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
2011/06/20 09:53:24.0561 4244        discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
2011/06/20 09:53:24.0639 4244        Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
2011/06/20 09:53:24.0733 4244        Dot4            (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
2011/06/20 09:53:24.0795 4244        Dot4Print      (85135ad27e79b689335c08167d917cde) C:\Windows\system32\DRIVERS\Dot4Prt.sys
2011/06/20 09:53:24.0858 4244        dot4usb        (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
2011/06/20 09:53:24.0967 4244        drmkaud        (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
2011/06/20 09:53:25.0076 4244        DXGKrnl        (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
2011/06/20 09:53:25.0263 4244        ebdrv          (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
2011/06/20 09:53:25.0419 4244        elxstor        (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
2011/06/20 09:53:25.0451 4244        ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
2011/06/20 09:53:25.0529 4244        exfat          (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
2011/06/20 09:53:25.0591 4244        fastfat        (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
2011/06/20 09:53:25.0653 4244        fdc            (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
2011/06/20 09:53:25.0747 4244        FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
2011/06/20 09:53:25.0794 4244        Filetrace      (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
2011/06/20 09:53:25.0872 4244        flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/06/20 09:53:25.0934 4244        FltMgr          (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
2011/06/20 09:53:26.0028 4244        FsDepends      (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
2011/06/20 09:53:26.0075 4244        Fs_Rec          (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
2011/06/20 09:53:26.0121 4244        fvevol          (b8b2a6e1558f8f5de5ce431c5b2c7b09) C:\Windows\system32\DRIVERS\fvevol.sys
2011/06/20 09:53:26.0184 4244        gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
2011/06/20 09:53:26.0231 4244        hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
2011/06/20 09:53:26.0293 4244        HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
2011/06/20 09:53:26.0387 4244        HDAudBus        (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/06/20 09:53:26.0433 4244        HidBatt        (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
2011/06/20 09:53:26.0465 4244        HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
2011/06/20 09:53:26.0543 4244        HidIr          (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
2011/06/20 09:53:26.0621 4244        HidUsb          (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
2011/06/20 09:53:26.0730 4244        HpSAMD          (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
2011/06/20 09:53:26.0792 4244        HTTP            (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
2011/06/20 09:53:26.0870 4244        hwpolicy        (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
2011/06/20 09:53:26.0933 4244        i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/06/20 09:53:27.0011 4244        iaStorV        (d83efb6fd45df9d55e9a1afc63640d50) C:\Windows\system32\DRIVERS\iaStorV.sys
2011/06/20 09:53:27.0089 4244        iirsp          (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
2011/06/20 09:53:27.0151 4244        intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
2011/06/20 09:53:27.0198 4244        intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
2011/06/20 09:53:27.0276 4244        IpFilterDriver  (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/06/20 09:53:27.0338 4244        IPMIDRV        (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
2011/06/20 09:53:27.0369 4244        IPNAT          (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
2011/06/20 09:53:27.0447 4244        IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
2011/06/20 09:53:27.0494 4244        isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
2011/06/20 09:53:27.0557 4244        iScsiPrt        (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/06/20 09:53:27.0869 4244        kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/06/20 09:53:27.0947 4244        kbdhid          (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/06/20 09:53:28.0009 4244        KSecDD          (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
2011/06/20 09:53:28.0071 4244        KSecPkg        (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys
2011/06/20 09:53:28.0166 4244        ksthunk        (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
2011/06/20 09:53:28.0275 4244        lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
2011/06/20 09:53:28.0400 4244        LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
2011/06/20 09:53:28.0447 4244        LSI_SAS        (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
2011/06/20 09:53:28.0540 4244        LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
2011/06/20 09:53:28.0587 4244        LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
2011/06/20 09:53:28.0696 4244        luafv          (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
2011/06/20 09:53:28.0774 4244        MBAMProtector  (ed49fd1373de93617a1f6d128d98fe4d) C:\Windows\system32\drivers\mbam.sys
2011/06/20 09:53:28.0884 4244        megasas        (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
2011/06/20 09:53:28.0930 4244        MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
2011/06/20 09:53:28.0993 4244        Modem          (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
2011/06/20 09:53:29.0102 4244        monitor        (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
2011/06/20 09:53:29.0149 4244        mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
2011/06/20 09:53:29.0227 4244        mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
2011/06/20 09:53:29.0274 4244        mountmgr        (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
2011/06/20 09:53:29.0383 4244        MpFilter        (e6ba8e5a4a871899e23d64573ef58ee9) C:\Windows\system32\DRIVERS\MpFilter.sys
2011/06/20 09:53:29.0430 4244        mpio            (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
2011/06/20 09:53:29.0539 4244        MpNWMon        (98b09a4f2c462441030b83a80a3f6fb3) C:\Windows\system32\DRIVERS\MpNWMon.sys
2011/06/20 09:53:29.0586 4244        mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
2011/06/20 09:53:29.0632 4244        MRxDAV          (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
2011/06/20 09:53:29.0726 4244        mrxsmb          (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/06/20 09:53:29.0788 4244        mrxsmb10        (a8c2d7673c8a010569390c826a0efaf4) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/06/20 09:53:29.0882 4244        mrxsmb20        (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/06/20 09:53:29.0929 4244        msahci          (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
2011/06/20 09:53:29.0976 4244        msdsm          (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
2011/06/20 09:53:30.0069 4244        Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
2011/06/20 09:53:30.0116 4244        mshidkmdf      (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
2011/06/20 09:53:30.0147 4244        msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
2011/06/20 09:53:30.0256 4244        MSKSSRV        (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
2011/06/20 09:53:30.0366 4244        MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/06/20 09:53:30.0397 4244        MSPQM          (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
2011/06/20 09:53:30.0444 4244        MsRPC          (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
2011/06/20 09:53:30.0537 4244        mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/06/20 09:53:30.0584 4244        MSTEE          (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
2011/06/20 09:53:30.0662 4244        MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
2011/06/20 09:53:30.0724 4244        Mup            (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
2011/06/20 09:53:30.0834 4244        NativeWifiP    (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
2011/06/20 09:53:30.0896 4244        NDIS            (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
2011/06/20 09:53:31.0021 4244        NdisCap        (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
2011/06/20 09:53:31.0083 4244        NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/06/20 09:53:31.0161 4244        Ndisuio        (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/06/20 09:53:31.0192 4244        NdisWan        (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/06/20 09:53:31.0239 4244        NDProxy        (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
2011/06/20 09:53:31.0348 4244        NetBIOS        (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
2011/06/20 09:53:31.0395 4244        NetBT          (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
2011/06/20 09:53:31.0676 4244        netw5v64        (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys
2011/06/20 09:53:31.0926 4244        nfrd960        (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
2011/06/20 09:53:31.0957 4244        NisDrv          (3713e8452b88d3e0be095e06b6fbc776) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
2011/06/20 09:53:32.0082 4244        nmwcd          (985a3f046dfcd58e26d3a95283bb8f1d) C:\Windows\system32\drivers\ccdcmbx64.sys
2011/06/20 09:53:32.0128 4244        nmwcdc          (5eb41a9656388dc21119ccc33f0ee22a) C:\Windows\system32\drivers\ccdcmbox64.sys
2011/06/20 09:53:32.0175 4244        Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
2011/06/20 09:53:32.0238 4244        nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
2011/06/20 09:53:32.0331 4244        Ntfs            (356698a13c4630d5b31c37378d469196) C:\Windows\system32\drivers\Ntfs.sys
2011/06/20 09:53:32.0456 4244        Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
2011/06/20 09:53:32.0815 4244        nvlddmkm        (a09b1bff90e436cd38bc080e2d74add6) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2011/06/20 09:53:33.0174 4244        nvraid          (3e38712941e9bb4ddbee00affe3fed3d) C:\Windows\system32\DRIVERS\nvraid.sys
2011/06/20 09:53:33.0205 4244        nvstor          (477dc4d6deb99be37084c9ac6d013da1) C:\Windows\system32\DRIVERS\nvstor.sys
2011/06/20 09:53:33.0330 4244        nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
2011/06/20 09:53:33.0361 4244        ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/06/20 09:53:33.0486 4244        Parport        (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
2011/06/20 09:53:33.0517 4244        partmgr        (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
2011/06/20 09:53:33.0595 4244        pccsmcfd        (bc0018c2d29f655188a0ed3fa94fdb24) C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
2011/06/20 09:53:33.0673 4244        pci            (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
2011/06/20 09:53:33.0720 4244        pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
2011/06/20 09:53:33.0766 4244        pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
2011/06/20 09:53:33.0829 4244        pcw            (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
2011/06/20 09:53:33.0891 4244        PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
2011/06/20 09:53:34.0125 4244        PID_PEPI        (ae0b94363da0f60d42b9d05b352f61ed) C:\Windows\system32\DRIVERS\LV302V64.SYS
2011/06/20 09:53:34.0344 4244        PptpMiniport    (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
2011/06/20 09:53:34.0390 4244        Processor      (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
2011/06/20 09:53:34.0500 4244        Psched          (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
2011/06/20 09:53:34.0546 4244        PxHlpa64        (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
2011/06/20 09:53:34.0656 4244        ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
2011/06/20 09:53:34.0780 4244        ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
2011/06/20 09:53:34.0812 4244        QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
2011/06/20 09:53:34.0936 4244        RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
2011/06/20 09:53:34.0999 4244        RasAgileVpn    (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
2011/06/20 09:53:35.0092 4244        Rasl2tp        (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/06/20 09:53:35.0170 4244        RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/06/20 09:53:35.0217 4244        RasSstp        (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
2011/06/20 09:53:35.0295 4244        rdbss          (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
2011/06/20 09:53:35.0342 4244        rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
2011/06/20 09:53:35.0389 4244        RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/06/20 09:53:35.0467 4244        RDPDR          (9706b84dbabfc4b4ca46c5a82b14dfa3) C:\Windows\system32\drivers\rdpdr.sys
2011/06/20 09:53:35.0529 4244        RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
2011/06/20 09:53:35.0576 4244        RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
2011/06/20 09:53:35.0638 4244        RDPWD          (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
2011/06/20 09:53:35.0701 4244        rdyboost        (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
2011/06/20 09:53:35.0810 4244        rimmptsk        (e31960692cbb3a8bcdf300bc1d889e1f) C:\Windows\system32\DRIVERS\rimmpx64.sys
2011/06/20 09:53:35.0857 4244        rimsptsk        (82356915157ab59064a24993ae5be8aa) C:\Windows\system32\DRIVERS\rimspx64.sys
2011/06/20 09:53:35.0950 4244        rismxdp        (c01a92a546854a3e34103b642f0f94a1) C:\Windows\system32\DRIVERS\rixdpx64.sys
2011/06/20 09:53:36.0060 4244        RRNetCap        (2abd2b3ba2ef0c3ba82284c2a5e28675) C:\Windows\system32\DRIVERS\rrnetcap.sys
2011/06/20 09:53:36.0106 4244        RRNetCapMP      (2abd2b3ba2ef0c3ba82284c2a5e28675) C:\Windows\system32\DRIVERS\rrnetcap.sys
2011/06/20 09:53:36.0200 4244        rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
2011/06/20 09:53:36.0262 4244        s3cap          (88af6e02ab19df7fd07ecdf9c91e9af6) C:\Windows\system32\DRIVERS\vms3cap.sys
2011/06/20 09:53:36.0309 4244        sbp2port        (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
2011/06/20 09:53:36.0387 4244        scfilter        (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
2011/06/20 09:53:36.0481 4244        sdbus          (54e47ad086782d3ae9417c155cdceb9b) C:\Windows\system32\DRIVERS\sdbus.sys
2011/06/20 09:53:36.0574 4244        secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
2011/06/20 09:53:36.0652 4244        Serenum        (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
2011/06/20 09:53:36.0684 4244        Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
2011/06/20 09:53:36.0715 4244        sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
2011/06/20 09:53:36.0793 4244        sffdisk        (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
2011/06/20 09:53:36.0840 4244        sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
2011/06/20 09:53:36.0918 4244        sffp_sd        (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys
2011/06/20 09:53:36.0980 4244        sfloppy        (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
2011/06/20 09:53:37.0058 4244        SI3132          (349ff5b7bab48c550f9081480fd841ce) C:\Windows\system32\DRIVERS\SI3132.sys
2011/06/20 09:53:37.0120 4244        SiFilter        (3bb028ed08cf31b9d5bd3c6a583dc37b) C:\Windows\system32\DRIVERS\SiWinAcc.sys
2011/06/20 09:53:37.0167 4244        SiRemFil        (20200d934b590213959e7e10857d02d2) C:\Windows\system32\DRIVERS\SiRemFil.sys
2011/06/20 09:53:37.0214 4244        SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
2011/06/20 09:53:37.0276 4244        SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
2011/06/20 09:53:37.0323 4244        Smb            (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
2011/06/20 09:53:37.0386 4244        spldr          (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
2011/06/20 09:53:37.0495 4244        Spyder3        (d8b882c520fc83547e22014ff5ec66d7) C:\Windows\system32\DRIVERS\Spyder3.sys
2011/06/20 09:53:37.0557 4244        srv            (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
2011/06/20 09:53:37.0635 4244        srv2            (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
2011/06/20 09:53:37.0698 4244        SrvHsfHDA      (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
2011/06/20 09:53:37.0807 4244        SrvHsfV92      (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
2011/06/20 09:53:37.0932 4244        SrvHsfWinac    (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
2011/06/20 09:53:37.0994 4244        srvnet          (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
2011/06/20 09:53:38.0119 4244        stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
2011/06/20 09:53:38.0181 4244        STHDA          (8435ed937f36ab0715e217c382c96a2b) C:\Windows\system32\drivers\stwrt64.sys
2011/06/20 09:53:38.0275 4244        storflt        (ffd7a6f15b14234b5b0e5d49e7961895) C:\Windows\system32\DRIVERS\vmstorfl.sys
2011/06/20 09:53:38.0337 4244        storvsc        (8fccbefc5c440b3c23454656e551b09a) C:\Windows\system32\DRIVERS\storvsc.sys
2011/06/20 09:53:38.0384 4244        swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
2011/06/20 09:53:38.0509 4244        tbhsd          (93f0f5ef8a4ca261372df98b31b2bd05) C:\Windows\system32\drivers\tbhsd.sys
2011/06/20 09:53:38.0602 4244        Tcpip          (61dc720bb065d607d5823f13d2a64321) C:\Windows\system32\drivers\tcpip.sys
2011/06/20 09:53:38.0790 4244        TCPIP6          (61dc720bb065d607d5823f13d2a64321) C:\Windows\system32\DRIVERS\tcpip.sys
2011/06/20 09:53:38.0946 4244        tcpipreg        (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
2011/06/20 09:53:38.0992 4244        TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
2011/06/20 09:53:39.0024 4244        TDTCP          (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
2011/06/20 09:53:39.0070 4244        tdx            (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
2011/06/20 09:53:39.0148 4244        TermDD          (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
2011/06/20 09:53:39.0273 4244        tssecsrv        (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/06/20 09:53:39.0367 4244        tunnel          (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
2011/06/20 09:53:39.0414 4244        uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
2011/06/20 09:53:39.0460 4244        udfs            (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
2011/06/20 09:53:39.0570 4244        uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
2011/06/20 09:53:39.0632 4244        umbus          (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
2011/06/20 09:53:39.0648 4244        UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
2011/06/20 09:53:39.0757 4244        upperdev        (afa3a0937b7044a8322d8bc91722c53b) C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
2011/06/20 09:53:39.0850 4244        usbaudio        (77b01bc848298223a95d4ec23e1785a1) C:\Windows\system32\drivers\usbaudio.sys
2011/06/20 09:53:39.0944 4244        usbccgp        (b26afb54a534d634523c4fb66765b026) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/06/20 09:53:40.0006 4244        usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
2011/06/20 09:53:40.0084 4244        usbehci        (2ea4aff7be7eb4632e3aa8595b0803b5) C:\Windows\system32\DRIVERS\usbehci.sys
2011/06/20 09:53:40.0162 4244        usbhub          (4c9042b8df86c1e8e6240c218b99b39b) C:\Windows\system32\DRIVERS\usbhub.sys
2011/06/20 09:53:40.0240 4244        usbohci        (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
2011/06/20 09:53:40.0272 4244        usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
2011/06/20 09:53:40.0334 4244        usbscan        (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
2011/06/20 09:53:40.0428 4244        usbser          (0f0c72a657c622286013788b886968ad) C:\Windows\system32\drivers\usbser.sys
2011/06/20 09:53:40.0490 4244        UsbserFilt      (b826f3ff5a1975cc9096b4caadde77b6) C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys
2011/06/20 09:53:40.0521 4244        USBSTOR        (080d3820da6c046be82fc8b45a893e83) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/06/20 09:53:40.0599 4244        usbuhci        (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/06/20 09:53:40.0693 4244        vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
2011/06/20 09:53:40.0771 4244        vga            (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/06/20 09:53:40.0818 4244        VgaSave        (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
2011/06/20 09:53:40.0880 4244        vhdmp          (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
2011/06/20 09:53:40.0942 4244        viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
2011/06/20 09:53:41.0005 4244        vmbus          (1501699d7eda984abc4155a7da5738d1) C:\Windows\system32\DRIVERS\vmbus.sys
2011/06/20 09:53:41.0052 4244        VMBusHID        (ae10c35761889e65a6f7176937c5592c) C:\Windows\system32\DRIVERS\VMBusHID.sys
2011/06/20 09:53:41.0098 4244        volmgr          (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
2011/06/20 09:53:41.0161 4244        volmgrx        (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
2011/06/20 09:53:41.0223 4244        volsnap        (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
2011/06/20 09:53:41.0270 4244        vsmraid        (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
2011/06/20 09:53:41.0348 4244        vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
2011/06/20 09:53:41.0410 4244        WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
2011/06/20 09:53:41.0473 4244        WANARP          (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
2011/06/20 09:53:41.0504 4244        Wanarpv6        (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
2011/06/20 09:53:41.0598 4244        Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
2011/06/20 09:53:41.0676 4244        Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
2011/06/20 09:53:41.0847 4244        WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
2011/06/20 09:53:41.0878 4244        WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
2011/06/20 09:53:42.0050 4244        WinUsb          (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUSB.sys
2011/06/20 09:53:42.0112 4244        WmiAcpi        (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
2011/06/20 09:53:42.0237 4244        ws2ifsl        (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
2011/06/20 09:53:42.0315 4244        WudfPf          (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
2011/06/20 09:53:42.0346 4244        WUDFRd          (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/06/20 09:53:43.0017 4244        MBR (0x1B8)    (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR1
2011/06/20 09:53:43.0033 4244        MBR (0x1B8)    (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
2011/06/20 09:53:43.0064 4244        MBR (0x1B8)    (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk2\DR2
2011/06/20 09:53:43.0111 4244        MBR (0x1B8)    (8f558eb6672622401da993e1e865c861) \Device\Harddisk4\DR4
2011/06/20 09:53:43.0142 4244        MBR (0x1B8)    (8f558eb6672622401da993e1e865c861) \Device\Harddisk6\DR6
2011/06/20 09:53:44.0764 4244        ================================================================================
2011/06/20 09:53:44.0764 4244        Scan finished
2011/06/20 09:53:44.0764 4244        ================================================================================
2011/06/20 09:53:44.0780 4360        Detected object count: 0
2011/06/20 09:53:44.0780 4360        Actual detected object count: 0
Er sagt "Nichts gefunden"

Ich kann auch auf alle Ordner zugreifen. Kein Problem.

cosinus 20.06.2011 09:39
Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Lade dir ComboFix hier herunter auf deinen Desktop. Benenne es beim Runterladen um in cofi.exe.
http://saved.im/mtm0nzyzmzd5/cofi.jpg
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte cofi.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

madd 20.06.2011 10:33
Auch wenn ich den Echtzeitschutz von Windows deaktiviere (firewall, MS Essentials) bekome ich von "cofix" immer die Fehlermeldung, dass MSE noch aktiviert wäre. Was tun? trotzdem starten? Übrigens ist ein abbrechen nciht möglich, wenn ich auf das X-Fenster schließen klicke reagiert das PRogramm wie bei einem OK mit einer weiteren Warnung.
"Benutzer abmelden" scheint hingegen zu funktionieren.
:confused:

Nachtrag: Auch eine Desinstallation der MSE füherte zu dem selben Ergebnis (Warnmeldung). Eventuell stören meine jetzt unterschiedlcihen User-Accounts?

cosinus 20.06.2011 12:00
Dann ist das ein Bug, du kannst CF aber starten wenn es der Virenscannernicht aktiv ist.

madd 20.06.2011 12:38
okay.
Interessant, das log motzt aber die MES trotzdem... der echtzeitschutzwar aber definitiv deaktiviert.

cosinus 20.06.2011 12:48
Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SASW und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!


Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt:


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


madd 23.06.2011 09:14
Puh der sucht sich ja n Wolf.

SuperAntiSpy:

Code:
SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com

Generated 06/22/2011 at 10:10 AM

Application Version : 4.54.1000

Core Rules Database Version : 7291
Trace Rules Database Version: 5103

Scan type      : Complete Scan
Total Scan Time : 11:31:32

Memory items scanned      : 589
Memory threats detected  : 0
Registry items scanned    : 12663
Registry threats detected : 0
File items scanned        : 479621
File threats detected    : 1

Adware.Vundo/Variant-MSFake
        I:\LIBRARY\PROGRAMS\_PORTABLE_APPS\APP\PORTABLECORNICE\CORNICE\SUPPORT\SHLWAPI.DLL
MBAM

Code:
Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org

Datenbank Version: 6901

Windows 6.1.7600
Internet Explorer 9.0.8112.16421

20.06.2011 17:27:56
mbam-log-2011-06-20 (17-27-56).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|I:\|J:\|K:\|L:\|M:\|)
Durchsuchte Objekte: 648970
Laufzeit: 1 Stunde(n), 35 Minute(n), 15 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
und est ist fündig geworden

Code:
C:\Users\***\AppData\Local\LocalLow\Sun\Java\Deployment\cache\6.0\62\2bc3143e-4d1dcf99        a variant of Java/TrojanDownloader.OpenStream.NCE trojan
C:\Users\***\AppData\Local\LocalLow\Sun\Java\Deployment\cache\6.0\62\2bc3143e-6e6387c9        a variant of Java/TrojanDownloader.OpenStream.NCE trojan

cosinus 23.06.2011 09:21
Zitat:
Datenbank Version: 6901
Du hast Malwarebytes vorher nicht aktualisiert. Bitte updaten und einen Vollscan machen.

madd 23.06.2011 18:01
ja, das war das ergebins von vor n paar Tagen, hat gedauert bis ich alles durch hatte. hier ist das neue

Code:
Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org

Datenbank Version: 6924

Windows 6.1.7600
Internet Explorer 9.0.8112.16421

23.06.2011 17:14:07
mbam-log-2011-06-23 (17-14-07).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|I:\|J:\|K:\|L:\|M:\|)
Durchsuchte Objekte: 654946
Laufzeit: 3 Stunde(n), 16 Minute(n), 22 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
Also sieht doch alles soweit gut aus... was mache ich mit dem Ergebnis vom est-Scan?

cosinus 23.06.2011 20:37
Das sind nur Überreste im Javachache, können weg.
Rechner wieder im Lot?

madd 24.06.2011 07:06
Ja, scheint zum Glück alles ok. Wie bekomme ich denn die Überrest noch weg? onlinescanner nochmal mit "bereinigen" laufen lassen? Von Hand löschen?

Danke für die Hilfe!

hxxp://www.trojaner-board.de/images/smilies/dankeschoen.gif


Alle Zeitangaben in WEZ +1. Es ist jetzt 17:59 Uhr.
Seite 2 von 3 1 2 3
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131