| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Sehr hoher Ubload bis ans Maximum der LeitungWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
10.11.2011, 08:47
| #1 |
| |  Sehr hoher Ubload bis ans Maximum der Leitung Hi Leute, ich habe das Problem, dass mein Upload teilweise bis an das Maximum ansteigt. Ich habe auch das Gefühl, dass er ansteigt wenn ich Programme öffne oder schließe. Bei Downloads (z.B Windows Ubdates) steigt er auf das maximal mögliche an fällt aber nach Beenden des Downloads nicht mehr ab. Selbst wenn ich augenscheinlich nichts im Internet mache habe ich dauerhaft eine Netzwerkauslastung von 0.1 bis 1%. G-Data Antivir hat bei komplett scan nichts gefunden. Ich nutze Windows 7 64 bit. Habe auch schon Malewarebytes laufen lassen allerdings ohne Erfolg. Defogger hat auch nichts gemeldet. OTL Log: PHP-Code: Bin über jede Hilfe Dankbar. M.f.g Duffman |
|
10.11.2011, 16:45
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Sehr hoher Ubload bis ans Maximum der Leitung Die Logs bitte NICHT in PHP-Tags posten! Verwende CODE-Tags!
__________________Und bitte alle Logs von Malwarebytes posten.
__________________ |
|
10.11.2011, 17:00
| #3 |
| | Sehr hoher Ubload bis ans Maximum der Leitung Was meinst du mit alle Logs? Ich habe glaube ich nur diesen:
__________________Code:
ATTFilter Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org
Datenbank Version: 8127
Windows 6.1.7601 Service Pack 1
Internet Explorer 8.0.7601.17514
09.11.2011 21:07:42
mbam-log-2011-11-09 (21-07-42).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|G:\|)
Durchsuchte Objekte: 339426
Laufzeit: 1 Stunde(n), 10 Minute(n), 29 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
Hier nochmal der OLT Log: Code:
ATTFilter OTL logfile created on: 10.11.2011 08:22:38 - Run 2 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Daniel\Desktop 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 2,58 Gb Available Physical Memory | 64,62% Memory free 8,00 Gb Paging File | 6,24 Gb Available in Paging File | 77,99% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 931,41 Gb Total Space | 741,99 Gb Free Space | 79,66% Space Free | Partition Type: NTFS Drive F: | 1,88 Gb Total Space | 1,51 Gb Free Space | 80,62% Space Free | Partition Type: FAT32 Computer Name: DANIELS-PC | User Name: Daniel | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011.11.10 08:06:44 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Daniel\Desktop\OTL.exe PRC - [2011.11.05 07:24:24 | 003,077,528 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe PRC - [2011.08.31 17:00:48 | 001,047,208 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe PRC - [2011.08.31 17:00:48 | 000,449,608 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2011.08.31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2011.06.06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011.04.01 11:16:44 | 000,353,288 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe PRC - [2011.04.01 11:16:02 | 000,409,608 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKService.exe PRC - [2011.04.01 11:15:58 | 001,430,024 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe PRC - [2011.04.01 11:14:34 | 000,922,120 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\AntiVirus\AVKTray\AVKTray.exe PRC - [2011.01.20 17:51:12 | 000,378,984 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2010.01.22 11:29:40 | 000,106,496 | ---- | M] (NEC Electronics Corporation) -- C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe PRC - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe PRC - [2007.06.28 15:33:30 | 000,380,928 | ---- | M] () -- C:\Program Files (x86)\TouchKit\xTouchMon.exe ========== Modules (No Company Name) ========== MOD - [2011.11.05 07:24:24 | 003,077,528 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe MOD - [2007.07.03 15:20:38 | 001,966,080 | ---- | M] () -- C:\Program Files (x86)\TouchKit\xtkutility.dll MOD - [2007.06.28 15:33:30 | 000,380,928 | ---- | M] () -- C:\Program Files (x86)\TouchKit\xTouchMon.exe ========== Win32 Services (SafeList) ========== SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2011.08.31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2011.06.06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2011.04.01 11:16:44 | 000,353,288 | ---- | M] (G Data Software AG) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe -- (GDScan) SRV - [2011.04.01 11:16:02 | 000,409,608 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKService.exe -- (AVKService) SRV - [2011.04.01 11:15:58 | 001,430,024 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe -- (AVKProxy) SRV - [2011.04.01 03:29:34 | 001,923,800 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKWCtlX64.exe -- (AVKWCtl) SRV - [2011.01.20 17:51:12 | 000,378,984 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2011.11.08 17:04:17 | 000,106,488 | ---- | M] (G Data Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\GRD.sys -- (GRD) DRV:64bit: - [2011.11.08 17:01:01 | 000,058,584 | ---- | M] (G Data Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PktIcpt.sys -- (GDPkIcpt) DRV:64bit: - [2011.11.08 17:00:37 | 000,050,904 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\HookCentre.sys -- (HookCentre) DRV:64bit: - [2011.11.08 17:00:36 | 000,102,616 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\MiniIcpt.sys -- (GDMnIcpt) DRV:64bit: - [2011.11.08 17:00:36 | 000,046,296 | ---- | M] (G Data Software AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\GDBehave.sys -- (GDBehave) DRV:64bit: - [2011.11.08 17:00:35 | 000,031,448 | ---- | M] (G Data Software AG) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GdNetMon64.sys -- (GdNetMon) DRV:64bit: - [2011.11.08 17:00:31 | 000,063,704 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\gdwfpcd64.sys -- (gdwfpcd) DRV:64bit: - [2011.08.31 17:00:50 | 000,025,416 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:64bit: - [2011.07.13 20:49:42 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV:64bit: - [2011.07.02 23:02:43 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt) DRV:64bit: - [2011.07.02 23:02:43 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt) DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.20 14:32:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010.11.20 14:32:46 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.11.12 00:10:50 | 000,155,752 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA) DRV:64bit: - [2010.03.04 14:43:00 | 000,346,144 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2010.01.22 11:22:22 | 000,180,224 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc) DRV:64bit: - [2010.01.22 11:22:18 | 000,077,824 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub) DRV:64bit: - [2010.01.05 18:23:18 | 001,847,296 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athurx.sys -- (athur) DRV:64bit: - [2009.12.22 01:26:36 | 000,038,456 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter) DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.05.05 02:00:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO) DRV:64bit: - [2007.02.27 09:27:00 | 000,110,592 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\EGXFilter.sys -- (EGXFilter) DRV:64bit: - [2007.02.05 14:35:24 | 000,103,424 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\xTouch.sys -- (xTouch) DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = AE D3 9A 35 7C 78 CC 01 [binary data] IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.10.14 08:23:59 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.09.21 17:43:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Daniel\AppData\Roaming\mozilla\Extensions [2011.11.08 17:00:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2011.11.08 17:00:40 | 000,000,000 | ---D | M] (G Data WebFilter) -- C:\Program Files (x86)\mozilla firefox\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170633FE} [2011.11.06 10:56:32 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} [2011.10.14 08:23:59 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2011.10.14 08:23:57 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2011.10.14 08:23:57 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2011.10.14 08:23:57 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2011.10.14 08:23:57 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2011.10.14 08:23:57 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2011.10.14 08:23:57 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\AntiVirus\WebFilter\AVKWebIEx64.dll (G Data Software AG) O2 - BHO: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\AntiVirus\WebFilter\AVKWebIE.dll (G Data Software AG) O2 - BHO: (BHO) - {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} - C:\Program Files (x86)\Common Files\G DATA\AVKProxy\BanksafeBHO.dll (G Data Software AG) O3:64bit: - HKLM\..\Toolbar: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\AntiVirus\WebFilter\AVKWebIEx64.dll (G Data Software AG) O3 - HKLM\..\Toolbar: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\AntiVirus\WebFilter\AVKWebIE.dll (G Data Software AG) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [ClearTKHandle] C:\Program Files (x86)\TouchKit\ClearTKHandle.exe () O4 - HKLM..\Run: [G Data AntiVirus Tray Application] C:\Program Files (x86)\G Data\AntiVirus\AVKTray\AVKTray.exe (G Data Software AG) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation) O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe () O4 - HKCU..\Run: [RGSC] C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C4F0248A-0E88-4E6E-8155-5A0A937EBDF3}: DhcpNameServer = 192.168.178.1 O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{b7f5bd16-ad7c-11e0-bb31-002522ae14ab}\Shell - "" = AutoRun O33 - MountPoints2\{b7f5bd16-ad7c-11e0-bb31-002522ae14ab}\Shell\AutoRun\command - "" = G:\Autorun.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) MsConfig:64bit - StartUpReg: DAEMON Tools Lite - hkey= - key= - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) MsConfig:64bit - StartUpReg: RGSC - hkey= - key= - File not found CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2011.11.10 08:09:34 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Daniel\Desktop\OTL.exe [2011.11.09 18:49:14 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview [2011.11.09 18:48:29 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders [2011.11.09 18:45:48 | 000,116,224 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysNative\fms.dll [2011.11.09 18:45:30 | 000,093,696 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysWow64\fms.dll [2011.11.08 21:34:59 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\Malwarebytes [2011.11.08 21:34:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011.11.08 21:34:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011.11.08 21:34:06 | 000,025,416 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2011.11.08 21:34:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2011.11.08 21:32:53 | 009,852,544 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Daniel\Desktop\mbam-setup-1.51.2.1300.exe [2011.11.08 20:17:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2011.11.08 20:17:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy [2011.11.08 19:52:30 | 016,409,960 | ---- | C] (Safer Networking Limited ) -- C:\Users\Daniel\Desktop\spybotsd162.exe [2011.11.08 17:04:17 | 000,106,488 | ---- | C] (G Data Software) -- C:\Windows\SysNative\drivers\GRD.sys [2011.11.08 17:01:01 | 000,058,584 | ---- | C] (G Data Software AG) -- C:\Windows\SysNative\drivers\PktIcpt.sys [2011.11.08 17:00:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G Data AntiVirus 2012 [2011.11.08 17:00:37 | 000,050,904 | ---- | C] (G Data Software AG) -- C:\Windows\SysNative\drivers\HookCentre.sys [2011.11.08 17:00:36 | 000,102,616 | ---- | C] (G Data Software AG) -- C:\Windows\SysNative\drivers\MiniIcpt.sys [2011.11.08 17:00:36 | 000,046,296 | ---- | C] (G Data Software AG) -- C:\Windows\SysNative\drivers\GDBehave.sys [2011.11.08 17:00:35 | 000,031,448 | ---- | C] (G Data Software AG) -- C:\Windows\SysNative\drivers\GdNetMon64.sys [2011.11.08 17:00:31 | 000,063,704 | ---- | C] (G Data Software AG) -- C:\Windows\SysNative\drivers\gdwfpcd64.sys [2011.11.08 17:00:14 | 000,000,000 | ---D | C] -- C:\ProgramData\G DATA [2011.11.08 17:00:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\G Data [2011.11.08 17:00:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\G Data [2011.11.06 10:57:03 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GeoGebra 4 [2011.11.06 10:56:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2011.11.06 10:56:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2011.11.06 10:56:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java [2011.11.05 09:19:55 | 000,000,000 | ---D | C] -- C:\Users\Daniel\riotsGamesLogs [2011.11.05 09:19:18 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\LolClient [2011.11.05 08:52:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games [2011.11.05 08:52:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Riot Games [2011.11.05 07:26:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LeagueofLegends [2011.11.05 07:24:28 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\PMB Files [2011.11.05 07:24:27 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files [2011.11.05 07:24:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pando Networks [2011.11.01 12:24:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Oblivion Improved [2011.11.01 12:04:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bethesda Softworks [2011.11.01 12:03:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bethesda Softworks [2011.10.22 09:51:24 | 000,000,000 | ---D | C] -- C:\Users\Daniel\Documents\ANNO 2070 Closed Beta [2011.10.22 09:32:20 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\Chromium [2011.10.22 09:29:27 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\Ubisoft Game Launcher [2011.10.22 09:01:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ubisoft [2011.10.14 12:39:02 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\mIRC [2011.10.14 12:39:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\mIRC [2011.10.13 08:38:50 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed [2011.10.13 08:31:28 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\ICQ [2007.08.13 16:46:00 | 000,102,912 | ---- | C] (Albert L Faber) -- C:\Users\Daniel\AppData\Local\CDRip.dll [2007.01.18 20:09:54 | 000,623,616 | ---- | C] (Ivan Bischof ©2003 - 2005) -- C:\Users\Daniel\AppData\Local\No23 Recorder.exe [2006.12.11 18:13:14 | 000,013,872 | ---- | C] (Un4seen Developments) -- C:\Users\Daniel\AppData\Local\basscd.dll [2006.12.11 18:13:12 | 000,097,336 | ---- | C] (Un4seen Developments) -- C:\Users\Daniel\AppData\Local\bass.dll [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011.11.10 08:08:40 | 000,000,000 | ---- | M] () -- C:\Users\Daniel\defogger_reenable [2011.11.10 08:08:16 | 001,472,002 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011.11.10 08:08:16 | 000,643,628 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2011.11.10 08:08:16 | 000,606,992 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011.11.10 08:08:16 | 000,126,188 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2011.11.10 08:08:16 | 000,103,370 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011.11.10 08:06:44 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Daniel\Desktop\OTL.exe [2011.11.10 08:05:42 | 000,050,477 | ---- | M] () -- C:\Users\Daniel\Desktop\Defogger.exe [2011.11.10 07:44:16 | 000,016,272 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011.11.10 07:44:16 | 000,016,272 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011.11.10 07:36:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.11.10 07:36:41 | 3220,627,456 | -HS- | M] () -- C:\hiberfil.sys [2011.11.09 21:15:21 | 000,449,309 | ---- | M] () -- C:\Windows\SysWow64\sig.bin [2011.11.09 21:15:21 | 000,033,976 | ---- | M] () -- C:\Windows\SysWow64\nmp.map [2011.11.09 19:57:01 | 000,007,609 | ---- | M] () -- C:\Users\Daniel\AppData\Local\Resmon.ResmonCfg [2011.11.09 19:11:31 | 000,305,328 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2011.11.08 21:34:09 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.11.08 21:32:08 | 009,852,544 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Daniel\Desktop\mbam-setup-1.51.2.1300.exe [2011.11.08 19:45:14 | 016,409,960 | ---- | M] (Safer Networking Limited ) -- C:\Users\Daniel\Desktop\spybotsd162.exe [2011.11.08 17:04:17 | 000,106,488 | ---- | M] (G Data Software) -- C:\Windows\SysNative\drivers\GRD.sys [2011.11.08 17:01:01 | 000,058,584 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\PktIcpt.sys [2011.11.08 17:00:37 | 000,050,904 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\HookCentre.sys [2011.11.08 17:00:36 | 000,102,616 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\MiniIcpt.sys [2011.11.08 17:00:36 | 000,046,296 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\GDBehave.sys [2011.11.08 17:00:35 | 000,031,448 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\GdNetMon64.sys [2011.11.08 17:00:31 | 000,063,704 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\gdwfpcd64.sys [2011.11.08 17:00:21 | 000,002,085 | ---- | M] () -- C:\Users\Public\Desktop\G Data AntiVirus.lnk [2011.11.06 10:57:03 | 000,002,051 | ---- | M] () -- C:\Users\Daniel\Desktop\GeoGebra 4.lnk [2011.11.05 08:54:59 | 000,002,167 | ---- | M] () -- C:\Users\Public\Desktop\League of Legends spielen .lnk [2011.11.03 07:39:47 | 000,001,428 | ---- | M] () -- C:\Users\Daniel\AppData\Local\RecConfig.xml [2011.11.01 12:12:11 | 000,001,262 | ---- | M] () -- C:\Users\Daniel\Desktop\Oblivion Mod Manager.lnk [2011.10.20 08:48:35 | 000,001,657 | ---- | M] () -- C:\Users\Daniel\Desktop\Launch_DLV_ext - Verknüpfung.lnk [2011.10.14 12:39:03 | 000,000,955 | ---- | M] () -- C:\Users\Public\Desktop\mIRC.lnk [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2011.11.10 08:08:40 | 000,000,000 | ---- | C] () -- C:\Users\Daniel\defogger_reenable [2011.11.10 08:07:13 | 000,050,477 | ---- | C] () -- C:\Users\Daniel\Desktop\Defogger.exe [2011.11.09 21:15:20 | 000,449,309 | ---- | C] () -- C:\Windows\SysWow64\sig.bin [2011.11.09 21:15:20 | 000,033,976 | ---- | C] () -- C:\Windows\SysWow64\nmp.map [2011.11.09 18:46:31 | 000,347,904 | ---- | C] () -- C:\Windows\SysNative\systemsf.ebd [2011.11.09 18:45:19 | 000,010,429 | ---- | C] () -- C:\Windows\SysNative\ScavengeSpace.xml [2011.11.09 18:45:12 | 000,105,559 | ---- | C] () -- C:\Windows\SysWow64\RacRules.xml [2011.11.09 18:45:12 | 000,105,559 | ---- | C] () -- C:\Windows\SysNative\RacRules.xml [2011.11.09 18:45:00 | 000,146,389 | ---- | C] () -- C:\Windows\SysWow64\printmanagement.msc [2011.11.09 18:45:00 | 000,001,041 | ---- | C] () -- C:\Windows\SysWow64\tcpbidi.xml [2011.11.08 21:34:09 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.11.08 17:00:21 | 000,002,085 | ---- | C] () -- C:\Users\Public\Desktop\G Data AntiVirus.lnk [2011.11.06 10:57:03 | 000,002,051 | ---- | C] () -- C:\Users\Daniel\Desktop\GeoGebra 4.lnk [2011.11.05 08:54:58 | 000,002,167 | ---- | C] () -- C:\Users\Public\Desktop\League of Legends spielen .lnk [2011.11.01 12:12:11 | 000,001,262 | ---- | C] () -- C:\Users\Daniel\Desktop\Oblivion Mod Manager.lnk [2011.10.20 08:48:35 | 000,001,657 | ---- | C] () -- C:\Users\Daniel\Desktop\Launch_DLV_ext - Verknüpfung.lnk [2011.10.14 12:39:02 | 000,000,955 | ---- | C] () -- C:\Users\Public\Desktop\mIRC.lnk [2011.09.21 21:43:48 | 000,001,428 | ---- | C] () -- C:\Users\Daniel\AppData\Local\RecConfig.xml [2011.09.14 15:22:49 | 000,001,154 | ---- | C] () -- C:\Windows\SysWow64\Touchkit_reg.ini [2011.07.04 20:03:20 | 000,681,980 | ---- | C] () -- C:\Windows\unins000.exe [2011.07.04 20:03:20 | 000,051,261 | ---- | C] () -- C:\Windows\unins000.dat [2011.07.03 14:27:33 | 000,007,609 | ---- | C] () -- C:\Users\Daniel\AppData\Local\Resmon.ResmonCfg [2010.01.23 20:01:40 | 000,671,744 | ---- | C] () -- C:\Windows\SysWow64\spk.dll [2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [2008.10.22 04:29:06 | 000,173,550 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2007.08.13 16:46:00 | 000,155,136 | ---- | C] () -- C:\Users\Daniel\AppData\Local\lame_enc.dll [2006.10.26 00:06:48 | 000,064,000 | ---- | C] () -- C:\Users\Daniel\AppData\Local\vorbisenc.dll [2006.10.26 00:06:48 | 000,019,456 | ---- | C] () -- C:\Users\Daniel\AppData\Local\vorbisfile.dll [2006.10.26 00:06:46 | 000,143,872 | ---- | C] () -- C:\Users\Daniel\AppData\Local\vorbis.dll [2006.10.26 00:06:36 | 000,015,872 | ---- | C] () -- C:\Users\Daniel\AppData\Local\ogg.dll [2005.08.23 21:34:06 | 000,029,184 | ---- | C] () -- C:\Users\Daniel\AppData\Local\no23xwrapper.dll ========== LOP Check ========== [2011.09.27 16:37:53 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\.minecraft [2011.07.15 12:43:26 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\DAEMON Tools Lite [2011.10.13 11:44:51 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\ICQ [2011.11.05 09:19:18 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\LolClient [2011.10.22 09:29:21 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Ubisoft [2011.11.03 07:04:30 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*. > [2011.09.21 17:53:02 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin [2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings [2011.07.02 21:15:53 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen [2011.07.12 17:42:59 | 000,000,000 | RH-D | M] -- C:\MSOCache [2009.07.14 04:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs [2011.11.08 16:52:17 | 000,000,000 | R--D | M] -- C:\Program Files [2011.11.08 21:34:05 | 000,000,000 | R--D | M] -- C:\Program Files (x86) [2011.11.08 21:34:09 | 000,000,000 | -H-D | M] -- C:\ProgramData [2011.07.02 21:15:53 | 000,000,000 | -HSD | M] -- C:\Programme [2011.07.02 21:15:53 | 000,000,000 | -HSD | M] -- C:\Recovery [2011.11.10 08:23:31 | 000,000,000 | -HSD | M] -- C:\System Volume Information [2011.07.30 18:59:58 | 000,000,000 | ---D | M] -- C:\temp [2011.07.02 21:15:57 | 000,000,000 | R--D | M] -- C:\Users [2011.11.09 19:12:41 | 000,000,000 | ---D | M] -- C:\Windows < %PROGRAMFILES%\*.exe > < %LOCALAPPDATA%\*.exe > [2007.01.18 20:09:54 | 000,623,616 | ---- | M] (Ivan Bischof ©2003 - 2005) -- C:\Users\Daniel\AppData\Local\No23 Recorder.exe < %systemroot%\*. /mp /s > < %systemroot%\system32\*.manifest /3 > < MD5 for: EXPLORER.EXE > [2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe [2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe [2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\SysWOW64\explorer.exe [2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe [2009.08.03 07:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe [2009.10.31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe [2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe [2010.11.20 14:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\explorer.exe [2010.11.20 14:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe [2009.10.31 07:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe [2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe [2009.07.14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe [2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe [2009.08.03 07:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe < MD5 for: REGEDIT.EXE > [2009.07.14 02:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=2E2C937846A0B8789E5E91739284D17A -- C:\Windows\winsxs\amd64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5023a70bf589ad3e\regedit.exe [2009.07.14 02:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\regedit.exe [2009.07.14 02:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\SysWOW64\regedit.exe [2009.07.14 02:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\winsxs\wow64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5a78515e29ea6f39\regedit.exe < MD5 for: USERINIT.EXE > [2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe [2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe [2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe [2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe [2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe [2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe < MD5 for: WININIT.EXE > [2009.07.14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe [2009.07.14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe [2009.07.14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe [2009.07.14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe < MD5 for: WINLOGON.EXE > [2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe [2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe [2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe [2009.10.28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe [2009.10.28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU > < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs > < End of report > |
|
10.11.2011, 21:33
| #4 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Sehr hoher Ubload bis ans Maximum der LeitungZitat:
 sieh doch einfach im Reiter Logdateien nach. Da werden alle MBAM-Logs aufgelistet
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
11.11.2011, 16:19
| #5 |
| | Sehr hoher Ubload bis ans Maximum der Leitung Mhm der eine war halt nur ein Quickscan: Code:
ATTFilter Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org
Datenbank Version: 8118
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
08.11.2011 21:36:40
mbam-log-2011-11-08 (21-36-40).txt
Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 166275
Laufzeit: 1 Minute(n), 0 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
Code:
ATTFilter Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org
Datenbank Version: 8126
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
09.11.2011 18:04:29
mbam-log-2011-11-09 (18-04-29).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|G:\|)
Durchsuchte Objekte: 357
Laufzeit: 9 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
|
|
11.11.2011, 18:34
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Sehr hoher Ubload bis ans Maximum der Leitung Führ bitte auch ESET aus, danach sehen wir weiter: ESET Online Scanner
__________________ --> Sehr hoher Ubload bis ans Maximum der Leitung |
|
11.11.2011, 19:41
| #7 |
| | Sehr hoher Ubload bis ans Maximum der Leitung So hier ist der Eset Scan: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=d30354d8bfd1344e9dc19d08107316a6
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-11-11 06:31:54
# local_time=2011-11-11 07:31:54 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=4096 16777215 100 0 269107 269107 0 0
# compatibility_mode=5893 16776573 100 94 13340 72663371 0 0
# compatibility_mode=8192 67108863 100 0 3759 3759 0 0
# scanned=180241
# found=0
# cleaned=0
# scan_time=2792
Dafür hat mir Malwarebytes das hier angezeigt: Code:
ATTFilter 16:10:08 Daniel MESSAGE Protection started successfully
16:10:12 Daniel MESSAGE IP Protection started successfully
19:07:24 Daniel IP-BLOCK 83.128.128.153 (Type: outgoing, Port: 51064, Process: pmb.exe)
19:27:32 Daniel IP-BLOCK 83.128.128.153 (Type: incoming, Port: 57255, Process: pmb.exe)
19:27:40 Daniel IP-BLOCK 83.128.128.153 (Type: incoming, Port: 57255, Process: pmb.exe)
19:27:48 Daniel IP-BLOCK 83.128.128.153 (Type: incoming, Port: 57255, Process: pmb.exe)
M.f.g Daniel |
|
11.11.2011, 20:13
| #8 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Sehr hoher Ubload bis ans Maximum der LeitungZitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
12.11.2011, 09:08
| #9 |
| | Sehr hoher Ubload bis ans Maximum der Leitung Sieht gut aus läuft alles wieder normal! Dickes Dankeschön an dich. Hätte aber noch eine Frage was zum Teufel war das für ein Programm? Hab mal en bisschen gegoogelt aber überall wird es als harmlos eingestuft. http://www.trojaner-board.de/78589-p...faehrlich.html Aber warum lädt ein harmloses Programm hunderte von mb von meinen Rechner ins Netz? Grüßle Daniel |
|
| Themen zu Sehr hoher Ubload bis ans Maximum der Leitung |
| adobe, antivir, antivirus, autorun, bho, c:\windows\system32\rundll32.exe, explorer, firefox, format, g-data, internet, langs, league of legends, log, logfile, maximal, netzwerkauslastung, nvidia, object, pando media booster, plug-in, problem, programme, realtek, registry, rundll, safer networking, senden, software, spielen, usb, usb 3.0, webcheck, windows, winlogon.exe |
Linear-Darstellung
