|
Plagegeister aller Art und deren Bekämpfung: fremder zugriff auf mein MSNWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
29.11.2011, 13:17 | #16 |
| fremder zugriff auf mein MSN 13:22:24.0988 2088 TDSS rootkit removing tool 2.6.21.0 Nov 24 2011 12:32:44 13:22:25.0533 2088 ============================================================ 13:22:25.0534 2088 Current date / time: 2011/11/29 13:22:25.0533 13:22:25.0534 2088 SystemInfo: 13:22:25.0534 2088 13:22:25.0534 2088 OS Version: 6.0.6002 ServicePack: 2.0 13:22:25.0534 2088 Product type: Workstation 13:22:25.0534 2088 ComputerName: PIZZARO-PC 13:22:25.0535 2088 UserName: Pizzaro 13:22:25.0535 2088 Windows directory: C:\Windows 13:22:25.0535 2088 System windows directory: C:\Windows 13:22:25.0535 2088 Processor architecture: Intel x86 13:22:25.0535 2088 Number of processors: 4 13:22:25.0535 2088 Page size: 0x1000 13:22:25.0535 2088 Boot type: Normal boot 13:22:25.0535 2088 ============================================================ 13:22:26.0247 2088 Initialize success 13:22:31.0685 2604 ============================================================ 13:22:31.0685 2604 Scan started 13:22:31.0685 2604 Mode: Manual; SigCheck; TDLFS; 13:22:31.0685 2604 ============================================================ 13:22:31.0884 2604 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys 13:22:32.0059 2604 ACPI - ok 13:22:32.0114 2604 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys 13:22:32.0168 2604 adp94xx - ok 13:22:32.0211 2604 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys 13:22:32.0257 2604 adpahci - ok 13:22:32.0278 2604 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys 13:22:32.0323 2604 adpu160m - ok 13:22:32.0346 2604 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys 13:22:32.0399 2604 adpu320 - ok 13:22:32.0443 2604 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys 13:22:32.0514 2604 AFD - ok 13:22:32.0526 2604 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys 13:22:32.0569 2604 aic78xx - ok 13:22:32.0594 2604 aliide (496eda16a127ac9a38bb285bef17dbb5) C:\Windows\system32\drivers\aliide.sys 13:22:32.0620 2604 aliide - ok 13:22:32.0641 2604 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys 13:22:32.0676 2604 amdagp - ok 13:22:32.0694 2604 amdide (6f65f4147c54398d7280b18cebbed215) C:\Windows\system32\drivers\amdide.sys 13:22:32.0720 2604 amdide - ok 13:22:32.0733 2604 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys 13:22:32.0828 2604 AmdK7 - ok 13:22:32.0845 2604 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys 13:22:32.0946 2604 AmdK8 - ok 13:22:32.0968 2604 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys 13:22:33.0008 2604 arc - ok 13:22:33.0022 2604 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys 13:22:33.0062 2604 arcsas - ok 13:22:33.0107 2604 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys 13:22:33.0171 2604 AsyncMac - ok 13:22:33.0207 2604 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys 13:22:33.0241 2604 atapi - ok 13:22:33.0289 2604 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys 13:22:33.0335 2604 Beep - ok 13:22:33.0354 2604 blbdrive - ok 13:22:33.0387 2604 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys 13:22:33.0435 2604 bowser - ok 13:22:33.0452 2604 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys 13:22:33.0508 2604 BrFiltLo - ok 13:22:33.0521 2604 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys 13:22:33.0556 2604 BrFiltUp - ok 13:22:33.0580 2604 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys 13:22:33.0704 2604 Brserid - ok 13:22:33.0719 2604 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys 13:22:33.0826 2604 BrSerWdm - ok 13:22:33.0845 2604 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys 13:22:33.0915 2604 BrUsbMdm - ok 13:22:33.0924 2604 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys 13:22:33.0993 2604 BrUsbSer - ok 13:22:34.0013 2604 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys 13:22:34.0082 2604 BTHMODEM - ok 13:22:34.0115 2604 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys 13:22:34.0164 2604 cdfs - ok 13:22:34.0200 2604 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys 13:22:34.0248 2604 cdrom - ok 13:22:34.0265 2604 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys 13:22:34.0332 2604 circlass - ok 13:22:34.0366 2604 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys 13:22:34.0424 2604 CLFS - ok 13:22:34.0458 2604 cmdide (59172a0724f2ab769f31d61b0571d75b) C:\Windows\system32\drivers\cmdide.sys 13:22:34.0489 2604 cmdide - ok 13:22:34.0499 2604 Compbatt (82b8c91d327cfecf76cb58716f7d4997) C:\Windows\system32\drivers\compbatt.sys 13:22:34.0534 2604 Compbatt - ok 13:22:34.0560 2604 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys 13:22:34.0592 2604 crcdisk - ok 13:22:34.0610 2604 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys 13:22:34.0713 2604 Crusoe - ok 13:22:34.0758 2604 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys 13:22:34.0795 2604 DfsC - ok 13:22:34.0842 2604 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys 13:22:34.0880 2604 disk - ok 13:22:34.0937 2604 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys 13:22:34.0958 2604 drmkaud - ok 13:22:35.0011 2604 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys 13:22:35.0086 2604 DXGKrnl - ok 13:22:35.0103 2604 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys 13:22:35.0261 2604 E1G60 - ok 13:22:35.0286 2604 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys 13:22:35.0346 2604 Ecache - ok 13:22:35.0381 2604 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys 13:22:35.0425 2604 elxstor - ok 13:22:35.0481 2604 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys 13:22:35.0532 2604 exfat - ok 13:22:35.0574 2604 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys 13:22:35.0635 2604 fastfat - ok 13:22:35.0654 2604 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys 13:22:35.0757 2604 fdc - ok 13:22:35.0780 2604 FETNDIS (b2b2c38e916184ff8523c7439ddd417f) C:\Windows\system32\DRIVERS\fetnd5.sys 13:22:35.0900 2604 FETNDIS - ok 13:22:35.0934 2604 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys 13:22:35.0982 2604 FileInfo - ok 13:22:36.0006 2604 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys 13:22:36.0072 2604 Filetrace - ok 13:22:36.0090 2604 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys 13:22:36.0189 2604 flpydisk - ok 13:22:36.0224 2604 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys 13:22:36.0287 2604 FltMgr - ok 13:22:36.0360 2604 fssfltr (d909075fa72c090f27aa926c32cb4612) C:\Windows\system32\DRIVERS\fssfltr.sys 13:22:36.0401 2604 fssfltr - ok 13:22:36.0422 2604 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys 13:22:36.0472 2604 Fs_Rec - ok 13:22:36.0489 2604 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys 13:22:36.0535 2604 gagp30kx - ok 13:22:36.0554 2604 gdrv - ok 13:22:36.0607 2604 HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys 13:22:36.0660 2604 HdAudAddService - ok 13:22:36.0693 2604 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys 13:22:36.0811 2604 HDAudBus - ok 13:22:36.0835 2604 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys 13:22:36.0940 2604 HidBth - ok 13:22:36.0951 2604 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys 13:22:37.0049 2604 HidIr - ok 13:22:37.0090 2604 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys 13:22:37.0141 2604 HidUsb - ok 13:22:37.0170 2604 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys 13:22:37.0208 2604 HpCISSs - ok 13:22:37.0247 2604 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys 13:22:37.0345 2604 HTTP - ok 13:22:37.0374 2604 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys 13:22:37.0407 2604 i2omp - ok 13:22:37.0460 2604 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys 13:22:37.0518 2604 i8042prt - ok 13:22:37.0536 2604 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys 13:22:37.0599 2604 iaStorV - ok 13:22:37.0621 2604 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys 13:22:37.0661 2604 iirsp - ok 13:22:37.0809 2604 IntcAzAudAddService (f42f2f88017a2e2b6f783acef6c2c149) C:\Windows\system32\drivers\RTKVHDA.sys 13:22:38.0034 2604 IntcAzAudAddService - ok 13:22:38.0067 2604 intelide (e5ea1c17da5065032e346591ff64f3af) C:\Windows\system32\drivers\intelide.sys 13:22:38.0098 2604 intelide - ok 13:22:38.0116 2604 intelppm (ce44cc04262f28216dd4341e9e36a16f) C:\Windows\system32\DRIVERS\intelppm.sys 13:22:38.0221 2604 intelppm - ok 13:22:38.0260 2604 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys 13:22:38.0312 2604 IpFilterDriver - ok 13:22:38.0325 2604 IpInIp - ok 13:22:38.0348 2604 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys 13:22:38.0439 2604 IPMIDRV - ok 13:22:38.0462 2604 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys 13:22:38.0517 2604 IPNAT - ok 13:22:38.0543 2604 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys 13:22:38.0588 2604 IRENUM - ok 13:22:38.0603 2604 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys 13:22:38.0629 2604 isapnp - ok 13:22:38.0668 2604 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys 13:22:38.0704 2604 iScsiPrt - ok 13:22:38.0719 2604 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys 13:22:38.0750 2604 iteatapi - ok 13:22:38.0765 2604 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys 13:22:38.0796 2604 iteraid - ok 13:22:38.0824 2604 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys 13:22:38.0859 2604 kbdclass - ok 13:22:38.0897 2604 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys 13:22:38.0937 2604 kbdhid - ok 13:22:38.0969 2604 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys 13:22:39.0031 2604 KSecDD - ok 13:22:39.0066 2604 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys 13:22:39.0116 2604 lltdio - ok 13:22:39.0139 2604 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys 13:22:39.0170 2604 LSI_FC - ok 13:22:39.0190 2604 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys 13:22:39.0216 2604 LSI_SAS - ok 13:22:39.0238 2604 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys 13:22:39.0269 2604 LSI_SCSI - ok 13:22:39.0280 2604 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys 13:22:39.0350 2604 luafv - ok 13:22:39.0385 2604 LVPr2Mon (1a7db7a00a4b0d8da24cd691a4547291) C:\Windows\system32\DRIVERS\LVPr2Mon.sys 13:22:39.0420 2604 LVPr2Mon - ok 13:22:39.0454 2604 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys 13:22:39.0483 2604 megasas - ok 13:22:39.0511 2604 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys 13:22:39.0571 2604 Modem - ok 13:22:39.0600 2604 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys 13:22:39.0666 2604 monitor - ok 13:22:39.0706 2604 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys 13:22:39.0746 2604 mouclass - ok 13:22:39.0760 2604 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys 13:22:39.0824 2604 mouhid - ok 13:22:39.0846 2604 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys 13:22:39.0882 2604 MountMgr - ok 13:22:39.0911 2604 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\Windows\system32\DRIVERS\MpFilter.sys 13:22:39.0965 2604 MpFilter - ok 13:22:39.0992 2604 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys 13:22:40.0016 2604 mpio - ok 13:22:40.0098 2604 MpKsl68467d7a (5f53edfead46fa7adb78eee9ecce8fdf) C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{57E5E858-A79F-4684-97DC-32B9A264A279}\MpKsl68467d7a.sys 13:22:40.0135 2604 MpKsl68467d7a - ok 13:22:40.0140 2604 MpKsla7066217 - ok 13:22:40.0146 2604 MpKslb6ab3838 - ok 13:22:40.0161 2604 MpNWMon (2c3489660d4a8d514c123c3f0d67df46) C:\Windows\system32\DRIVERS\MpNWMon.sys 13:22:40.0205 2604 MpNWMon - ok 13:22:40.0219 2604 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys 13:22:40.0265 2604 mpsdrv - ok 13:22:40.0295 2604 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys 13:22:40.0331 2604 Mraid35x - ok 13:22:40.0358 2604 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys 13:22:40.0413 2604 MRxDAV - ok 13:22:40.0436 2604 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys 13:22:40.0501 2604 mrxsmb - ok 13:22:40.0532 2604 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys 13:22:40.0596 2604 mrxsmb10 - ok 13:22:40.0612 2604 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 13:22:40.0659 2604 mrxsmb20 - ok 13:22:40.0692 2604 msahci (86068b8b54a5eb092f51657f00b2222a) C:\Windows\system32\drivers\msahci.sys 13:22:40.0725 2604 msahci - ok 13:22:40.0747 2604 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys 13:22:40.0789 2604 msdsm - ok 13:22:40.0819 2604 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys 13:22:40.0884 2604 Msfs - ok 13:22:40.0916 2604 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys 13:22:40.0948 2604 msisadrv - ok 13:22:40.0998 2604 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys 13:22:41.0045 2604 MSKSSRV - ok 13:22:41.0086 2604 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys 13:22:41.0132 2604 MSPCLOCK - ok 13:22:41.0142 2604 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys 13:22:41.0189 2604 MSPQM - ok 13:22:41.0228 2604 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys 13:22:41.0271 2604 MsRPC - ok 13:22:41.0287 2604 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys 13:22:41.0330 2604 mssmbios - ok 13:22:41.0341 2604 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys 13:22:41.0389 2604 MSTEE - ok 13:22:41.0413 2604 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys 13:22:41.0450 2604 Mup - ok 13:22:41.0485 2604 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys 13:22:41.0534 2604 NativeWifiP - ok 13:22:41.0579 2604 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys 13:22:41.0657 2604 NDIS - ok 13:22:41.0694 2604 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys 13:22:41.0744 2604 NdisTapi - ok 13:22:41.0770 2604 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys 13:22:41.0826 2604 Ndisuio - ok 13:22:41.0841 2604 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys 13:22:41.0894 2604 NdisWan - ok 13:22:41.0921 2604 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys 13:22:41.0981 2604 NDProxy - ok 13:22:41.0992 2604 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys 13:22:42.0046 2604 NetBIOS - ok 13:22:42.0090 2604 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys 13:22:42.0190 2604 netbt - ok 13:22:42.0255 2604 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys 13:22:42.0292 2604 nfrd960 - ok 13:22:42.0314 2604 NisDrv (7b01c6172cfd0b10116175e09200d4b4) C:\Windows\system32\DRIVERS\NisDrvWFP.sys 13:22:42.0393 2604 NisDrv - ok 13:22:42.0439 2604 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys 13:22:42.0499 2604 Npfs - ok 13:22:42.0525 2604 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys 13:22:42.0590 2604 nsiproxy - ok 13:22:42.0656 2604 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys 13:22:42.0921 2604 Ntfs - ok 13:22:42.0933 2604 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys 13:22:43.0044 2604 ntrigdigi - ok 13:22:43.0073 2604 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys 13:22:43.0119 2604 Null - ok 13:22:43.0157 2604 NVENETFD (1657f3fbd9061526c14ff37e79306f98) C:\Windows\system32\DRIVERS\nvm60x32.sys 13:22:43.0274 2604 NVENETFD - ok 13:22:43.0334 2604 NVNET (1efec38a852ab35883bfff3427b92b3f) C:\Windows\system32\DRIVERS\nvmfdx32.sys 13:22:43.0387 2604 NVNET - ok 13:22:43.0403 2604 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys 13:22:43.0445 2604 nvraid - ok 13:22:43.0476 2604 nvstor (4a5fcab82d9bf6af8a023a66802fe9e9) C:\Windows\system32\drivers\nvstor.sys 13:22:43.0518 2604 nvstor - ok 13:22:43.0537 2604 nvstor32 (dc5f166422beebf195e3e4bb8ab4ee22) C:\Windows\system32\DRIVERS\nvstor32.sys 13:22:43.0578 2604 nvstor32 - ok 13:22:43.0600 2604 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys 13:22:43.0656 2604 nv_agp - ok 13:22:43.0666 2604 NwlnkFlt - ok 13:22:43.0680 2604 NwlnkFwd - ok 13:22:43.0711 2604 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\DRIVERS\ohci1394.sys 13:22:43.0846 2604 ohci1394 - ok 13:22:43.0889 2604 Parport (8a79fdf04a73428597e2caf9d0d67850) C:\Windows\system32\DRIVERS\parport.sys 13:22:43.0944 2604 Parport - ok 13:22:43.0985 2604 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys 13:22:44.0025 2604 partmgr - ok 13:22:44.0037 2604 Parvdm (6c580025c81caf3ae9e3617c22cad00e) C:\Windows\system32\DRIVERS\parvdm.sys 13:22:44.0078 2604 Parvdm - ok 13:22:44.0118 2604 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys 13:22:44.0160 2604 pci - ok 13:22:44.0178 2604 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys 13:22:44.0204 2604 pciide - ok 13:22:44.0222 2604 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys 13:22:44.0267 2604 pcmcia - ok 13:22:44.0320 2604 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys 13:22:44.0465 2604 PEAUTH - ok 13:22:44.0599 2604 PID_PEPI (dd184d9adfe2a8a21741dbdfe9e22f5c) C:\Windows\system32\DRIVERS\LV302V32.SYS 13:22:44.0808 2604 PID_PEPI - ok 13:22:44.0853 2604 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys 13:22:44.0920 2604 PptpMiniport - ok 13:22:44.0958 2604 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\DRIVERS\processr.sys 13:22:45.0025 2604 Processor - ok 13:22:45.0073 2604 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys 13:22:45.0137 2604 PSched - ok 13:22:45.0187 2604 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys 13:22:45.0272 2604 ql2300 - ok 13:22:45.0291 2604 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys 13:22:45.0346 2604 ql40xx - ok 13:22:45.0370 2604 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys 13:22:45.0417 2604 QWAVEdrv - ok 13:22:45.0501 2604 R300 (9afa62db7f553a0f1f52c70b738b0064) C:\Windows\system32\DRIVERS\atikmdag.sys 13:22:45.0648 2604 R300 - ok 13:22:45.0681 2604 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys 13:22:45.0728 2604 RasAcd - ok 13:22:45.0748 2604 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys 13:22:45.0817 2604 Rasl2tp - ok 13:22:45.0856 2604 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys 13:22:45.0901 2604 RasPppoe - ok 13:22:45.0925 2604 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys 13:22:45.0960 2604 RasSstp - ok 13:22:45.0991 2604 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys 13:22:46.0091 2604 rdbss - ok 13:22:46.0109 2604 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys 13:22:46.0156 2604 RDPCDD - ok 13:22:46.0182 2604 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys 13:22:46.0274 2604 rdpdr - ok 13:22:46.0286 2604 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys 13:22:46.0321 2604 RDPENCDD - ok 13:22:46.0349 2604 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys 13:22:46.0402 2604 RDPWD - ok 13:22:46.0433 2604 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys 13:22:46.0484 2604 rspndr - ok 13:22:46.0508 2604 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys 13:22:46.0540 2604 sbp2port - ok 13:22:46.0567 2604 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 13:22:46.0665 2604 secdrv - ok 13:22:46.0685 2604 Serenum (ce9ec966638ef0b10b864ddedf62a099) C:\Windows\system32\DRIVERS\serenum.sys 13:22:46.0749 2604 Serenum - ok 13:22:46.0780 2604 Serial (6d663022db3e7058907784ae14b69898) C:\Windows\system32\DRIVERS\serial.sys 13:22:46.0901 2604 Serial - ok 13:22:46.0933 2604 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys 13:22:46.0991 2604 sermouse - ok 13:22:47.0020 2604 sffdisk (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys 13:22:47.0112 2604 sffdisk - ok 13:22:47.0130 2604 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys 13:22:47.0188 2604 sffp_mmc - ok 13:22:47.0202 2604 sffp_sd (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys 13:22:47.0296 2604 sffp_sd - ok 13:22:47.0306 2604 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys 13:22:47.0366 2604 sfloppy - ok 13:22:47.0386 2604 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys 13:22:47.0412 2604 SiSRaid2 - ok 13:22:47.0434 2604 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys 13:22:47.0459 2604 SiSRaid4 - ok 13:22:47.0510 2604 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys 13:22:47.0564 2604 Smb - ok 13:22:47.0586 2604 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys 13:22:47.0614 2604 spldr - ok 13:22:47.0654 2604 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys 13:22:47.0718 2604 srv - ok 13:22:47.0743 2604 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys 13:22:47.0797 2604 srv2 - ok 13:22:47.0821 2604 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys 13:22:47.0884 2604 srvnet - ok 13:22:47.0925 2604 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys 13:22:47.0961 2604 swenum - ok 13:22:47.0987 2604 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys 13:22:48.0026 2604 Symc8xx - ok 13:22:48.0047 2604 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys 13:22:48.0083 2604 Sym_hi - ok 13:22:48.0105 2604 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys 13:22:48.0143 2604 Sym_u3 - ok 13:22:48.0220 2604 Tcpip (16731b631f28f63cd9f4cb60940e7ddd) C:\Windows\system32\drivers\tcpip.sys 13:22:48.0318 2604 Tcpip - ok 13:22:48.0369 2604 Tcpip6 (16731b631f28f63cd9f4cb60940e7ddd) C:\Windows\system32\DRIVERS\tcpip.sys 13:22:48.0466 2604 Tcpip6 - ok 13:22:48.0506 2604 tcpipreg (3fc13f09af9be487c7b4fac4070a036c) C:\Windows\system32\drivers\tcpipreg.sys 13:22:48.0548 2604 tcpipreg - ok 13:22:48.0580 2604 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys 13:22:48.0644 2604 TDPIPE - ok 13:22:48.0658 2604 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys 13:22:48.0722 2604 TDTCP - ok 13:22:48.0759 2604 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys 13:22:48.0827 2604 tdx - ok 13:22:48.0865 2604 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys 13:22:48.0912 2604 TermDD - ok 13:22:48.0954 2604 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys 13:22:49.0018 2604 tssecsrv - ok 13:22:49.0048 2604 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys 13:22:49.0088 2604 tunmp - ok 13:22:49.0108 2604 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys 13:22:49.0148 2604 tunnel - ok 13:22:49.0163 2604 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\DRIVERS\uagp35.sys 13:22:49.0211 2604 uagp35 - ok 13:22:49.0239 2604 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys 13:22:49.0304 2604 udfs - ok 13:22:49.0341 2604 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys 13:22:49.0391 2604 uliagpkx - ok 13:22:49.0416 2604 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys 13:22:49.0451 2604 uliahci - ok 13:22:49.0469 2604 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys 13:22:49.0503 2604 UlSata - ok 13:22:49.0520 2604 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys 13:22:49.0560 2604 ulsata2 - ok 13:22:49.0596 2604 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys 13:22:49.0654 2604 umbus - ok 13:22:49.0697 2604 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys 13:22:49.0803 2604 usbaudio - ok 13:22:49.0835 2604 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys 13:22:49.0889 2604 usbccgp - ok 13:22:49.0907 2604 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys 13:22:50.0004 2604 usbcir - ok 13:22:50.0044 2604 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys 13:22:50.0089 2604 usbehci - ok 13:22:50.0110 2604 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys 13:22:50.0169 2604 usbhub - ok 13:22:50.0183 2604 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys 13:22:50.0218 2604 usbohci - ok 13:22:50.0252 2604 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys 13:22:50.0302 2604 usbprint - ok 13:22:50.0325 2604 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys 13:22:50.0369 2604 usbscan - ok 13:22:50.0383 2604 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS 13:22:50.0430 2604 USBSTOR - ok 13:22:50.0447 2604 usbuhci (325dbbacb8a36af9988ccf40eac228cc) C:\Windows\system32\DRIVERS\usbuhci.sys 13:22:50.0542 2604 usbuhci - ok 13:22:50.0579 2604 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys 13:22:50.0662 2604 vga - ok 13:22:50.0682 2604 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys 13:22:50.0745 2604 VgaSave - ok 13:22:50.0763 2604 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys 13:22:50.0809 2604 viaagp - ok 13:22:50.0823 2604 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys 13:22:50.0926 2604 ViaC7 - ok 13:22:50.0963 2604 viaide (7aa7ec9a08dc2c39649c413b1a26e298) C:\Windows\system32\drivers\viaide.sys 13:22:50.0988 2604 viaide - ok 13:22:51.0026 2604 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys 13:22:51.0059 2604 volmgr - ok 13:22:51.0103 2604 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys 13:22:51.0153 2604 volmgrx - ok 13:22:51.0196 2604 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys 13:22:51.0240 2604 volsnap - ok 13:22:51.0264 2604 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys 13:22:51.0298 2604 vsmraid - ok 13:22:51.0321 2604 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys 13:22:51.0427 2604 WacomPen - ok 13:22:51.0460 2604 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 13:22:51.0525 2604 Wanarp - ok 13:22:51.0531 2604 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 13:22:51.0596 2604 Wanarpv6 - ok 13:22:51.0625 2604 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys 13:22:51.0660 2604 Wd - ok 13:22:51.0691 2604 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys 13:22:51.0762 2604 Wdf01000 - ok 13:22:51.0864 2604 WmiAcpi (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys 13:22:51.0963 2604 WmiAcpi - ok 13:22:52.0021 2604 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys 13:22:52.0084 2604 ws2ifsl - ok 13:22:52.0123 2604 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys 13:22:52.0254 2604 WUDFRd - ok 13:22:52.0279 2604 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0 13:22:52.0349 2604 \Device\Harddisk0\DR0 - ok 13:22:52.0357 2604 MBR (0x1B8) (739b36f7a373fc81121d831231b6d311) \Device\Harddisk6\DR6 13:22:52.0805 2604 \Device\Harddisk6\DR6 - ok 13:22:52.0811 2604 Boot (0x1200) (c37b61aa1745ab95cd19680153653b2e) \Device\Harddisk0\DR0\Partition0 13:22:52.0812 2604 \Device\Harddisk0\DR0\Partition0 - ok 13:22:52.0839 2604 Boot (0x1200) (c96353d6f99f8499968a08216450c5a6) \Device\Harddisk0\DR0\Partition1 13:22:52.0840 2604 \Device\Harddisk0\DR0\Partition1 - ok 13:22:52.0846 2604 Boot (0x1200) (b85718e2880dd778dc96f01d7ff1ea4a) \Device\Harddisk6\DR6\Partition0 13:22:52.0848 2604 \Device\Harddisk6\DR6\Partition0 - ok 13:22:52.0850 2604 ============================================================ 13:22:52.0850 2604 Scan finished 13:22:52.0850 2604 ============================================================ 13:22:52.0868 0840 Detected object count: 0 13:22:52.0868 0840 Actual detected object count: 0 Geändert von PinaColada (29.11.2011 um 13:23 Uhr) |
29.11.2011, 13:42 | #17 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | fremder zugriff auf mein MSN Dann bitte jetzt CF ausführen:
__________________ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ |
29.11.2011, 15:17 | #18 |
| fremder zugriff auf mein MSN So ComboFix hab ich dann auch fertig
__________________Combofix Logfile: Code:
ATTFilter ComboFix 11-11-29.04 - Pizzaro 29.11.2011 14:19:06.1.4 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.49.1031.18.2046.1062 [GMT 1:00] ausgeführt von:: c:\users\Pizzaro\Desktop\ComboFix.exe AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160} SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((((( Weitere Löschungen )))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\Pizzaro\AppData\Roaming\Microsoft\Windows\Recent\uweleue_21msn.pif c:\windows\TEMP\logishrd\LVPrcInj01.dll F:\Autorun.inf F:\Setup.exe . . ((((((((((((((((((((((( Dateien erstellt von 2011-10-28 bis 2011-11-29 )))))))))))))))))))))))))))))) . . 2011-11-29 13:25 . 2011-11-29 13:25 56200 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{57E5E858-A79F-4684-97DC-32B9A264A279}\offreg.dll 2011-11-28 19:24 . 2011-10-07 03:48 6668624 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{57E5E858-A79F-4684-97DC-32B9A264A279}\mpengine.dll 2011-11-28 19:02 . 2011-11-28 19:02 -------- d-----w- C:\_OTL 2011-11-28 13:22 . 2011-11-28 13:22 -------- d-----w- c:\users\Pizzaro\AppData\Roaming\Malwarebytes 2011-11-28 13:22 . 2011-11-28 13:22 -------- d-----w- c:\programdata\Malwarebytes 2011-11-28 13:22 . 2011-08-31 16:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-11-28 13:22 . 2011-11-28 13:22 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-11-22 15:51 . 2011-11-22 15:51 -------- d-----w- c:\windows\system32\drivers\NSS 2011-11-22 15:51 . 2011-11-22 15:51 -------- d-----w- c:\program files\Norton Security Scan 2011-11-09 08:19 . 2011-10-17 11:41 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat 2011-11-09 08:19 . 2011-09-20 21:02 913280 ----a-w- c:\windows\system32\drivers\tcpip.sys 2011-11-09 08:19 . 2011-09-20 13:44 31232 ----a-w- c:\windows\system32\drivers\tcpipreg.sys 2011-11-09 08:19 . 2011-09-30 15:57 707584 ----a-w- c:\program files\Common Files\System\wab32.dll . . . (((((((((((((((((((((((((((((((((((( Find3M Bericht )))))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-10-11 17:37 . 2011-10-11 17:38 703824 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{525440BA-699B-43DB-AE9E-E29403028E68}\gapaengine.dll 2011-10-07 03:48 . 2011-08-17 17:39 6668624 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2011-10-03 03:06 . 2011-02-28 22:06 472808 ----a-w- c:\windows\system32\deployJava1.dll 2011-09-06 13:30 . 2011-10-12 08:09 2043392 ----a-w- c:\windows\system32\win32k.sys 2011-09-01 02:35 . 2011-10-12 09:24 1798144 ----a-w- c:\windows\system32\jscript9.dll 2011-09-01 02:28 . 2011-10-12 09:24 1126912 ----a-w- c:\windows\system32\wininet.dll 2011-09-01 02:22 . 2011-10-12 09:24 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2011-11-11 06:52 . 2011-05-07 19:30 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . (((((((((((((((((((((((((((( Autostartpunkte der Registrierung )))))))))))))))))))))))))))))))))))))))) . . *Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Logitech Vid"="c:\program files\Logitech\Logitech Vid\vid.exe" [2009-07-16 5458704] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-10-13 17351304] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-04-30 9210400] "LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" [2009-10-14 2793304] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920] "PlusService"="c:\program files\Yuna Software\Messenger Plus!\PlusService.exe" [2011-09-20 801792] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696] . c:\users\Pizzaro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OpenOffice.org 3.3.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar] 2009-04-11 06:28 1233920 ----a-w- c:\program files\Windows Sidebar\sidebar.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG] 2008-01-19 07:33 202240 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe . R1 MpKsla7066217;MpKsla7066217;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{0E3B51B6-9FA0-46FE-8C15-216601980F80}\MpKsla7066217.sys [x] R1 MpKslb6ab3838;MpKslb6ab3838;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{FD9AAC6C-F5BF-4732-96A9-DFD2A3609BD0}\MpKslb6ab3838.sys [x] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 43392] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-27 65024] R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 208944] R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952] . . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . Inhalt des "geplante Tasks" Ordners . 2011-11-28 c:\windows\Tasks\Norton Security Scan for Pizzaro.job - c:\progra~1\NORTON~2\Engine\351~1.8\Nss.exe [2011-11-22 13:59] . . ------- Zusätzlicher Suchlauf ------- . uStart Page = IE: Free YouTube Download - c:\users\Pizzaro\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm TCP: DhcpNameServer = 192.168.2.1 FF - ProfilePath - c:\users\Pizzaro\AppData\Roaming\Mozilla\Firefox\Profiles\vj33xm3l.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms} FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - Google . - - - - Entfernte verwaiste Registrierungseinträge - - - - . WebBrowser-{3D684CA7-5D30-4A7E-9768-E17DF98DF80F} - (no file) WebBrowser-{872B5B88-9DB5-4310-BDD0-AC189557E5F5} - (no file) HKCU-Run-EA Core - c:\program files\Electronic Arts\EADM\Core.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2011-11-29 14:26 Windows 6.0.6002 Service Pack 2 NTFS . Scanne versteckte Prozesse... . Scanne versteckte Autostarteinträge... . Scanne versteckte Dateien... . Scan erfolgreich abgeschlossen versteckte Dateien: 0 . ************************************************************************** . ------------------------ Weitere laufende Prozesse ------------------------ . c:\program files\Microsoft Security Client\Antimalware\MsMpEng.exe c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe c:\windows\system32\WUDFHost.exe c:\windows\system32\conime.exe c:\program files\OpenOffice.org 3\program\soffice.exe c:\program files\OpenOffice.org 3\program\soffice.bin c:\program files\Windows Media Player\wmpnetwk.exe c:\program files\Common Files\Logishrd\LQCVFX\COCIManager.exe c:\\?\c:\windows\system32\wbem\WMIADAP.EXE . ************************************************************************** . Zeit der Fertigstellung: 2011-11-29 14:31:17 - PC wurde neu gestartet ComboFix-quarantined-files.txt 2011-11-29 13:31 . Vor Suchlauf: 7 Verzeichnis(se), 184.327.450.624 Bytes frei Nach Suchlauf: 11 Verzeichnis(se), 184.246.767.616 Bytes frei . - - End Of File - - 5D1954A527C5EF11664D8E357C683AF3 |
29.11.2011, 15:31 | #19 |
/// Winkelfunktion /// TB-Süch-Tiger™ | fremder zugriff auf mein MSN Ok. Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).
__________________ Logfiles bitte immer in CODE-Tags posten |
29.11.2011, 16:25 | #20 |
| fremder zugriff auf mein MSN GMER Logfile: Code:
ATTFilter GMER 1.0.15.15641 - GMER - Rootkit Detector and Remover Rootkit scan 2011-11-29 16:24:40 Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\00000052 WDC_WD50 rev.12.0 Running: pfq22tqk.exe; Driver: C:\Users\Pizzaro\AppData\Local\Temp\uftiyfow.sys ---- Kernel code sections - GMER 1.0.15 ---- ? C:\Users\Pizzaro\AppData\Local\Temp\catchme.sys Das System kann die angegebene Datei nicht finden. ! ? C:\Windows\system32\Drivers\PROCEXP113.SYS Das System kann die angegebene Datei nicht finden. ! ---- Registry - GMER 1.0.15 ---- Reg HKCU\Software\Microsoft\Windows Live\Companion\melanie.161079@hotmail.de@27db1dcc51f38e1c94d613d0ab941b29\r\n 0xC6 0x87 0x9E 0x0A ... ---- EOF - GMER 1.0.15 ---- |
29.11.2011, 16:56 | #21 |
| fremder zugriff auf mein MSN OSAM Logfile: Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 Online Solutions. Complex Protection for Information Systems Saved at 16:54:37 on 29.11.2011 OS: Windows Vista Home Premium Edition Service Pack 2 (Build 6002), 32-bit Default Browser: Mozilla Corporation Firefox 8.0 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [Common] -----( %SystemRoot%\Tasks )----- "Norton Security Scan for Pizzaro.job" - "Symantec Corporation" - C:\PROGRA~1\NORTON~2\Engine\351~1.8\Nss.exe [Control Panel Objects] -----( %SystemRoot%\system32 )----- "FlashPlayerCPLApp.cpl" - "Adobe Systems Incorporated" - C:\Windows\system32\FlashPlayerCPLApp.cpl [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "catchme" (catchme) - ? - C:\Users\Pizzaro\AppData\Local\Temp\catchme.sys (File not found) "FssFltr" (fssfltr) - "Microsoft Corporation" - C:\Windows\System32\DRIVERS\fssfltr.sys "gdrv" (gdrv) - ? - C:\Windows\gdrv.sys (File not found) "IP in IP Tunnel Driver" (IpInIp) - ? - C:\Windows\System32\DRIVERS\ipinip.sys (File not found) "IPX Traffic Filter Driver" (NwlnkFlt) - ? - C:\Windows\System32\DRIVERS\nwlnkflt.sys (File not found) "IPX Traffic Forwarder Driver" (NwlnkFwd) - ? - C:\Windows\System32\DRIVERS\nwlnkfwd.sys (File not found) "mbr" (mbr) - ? - C:\Users\Pizzaro\AppData\Local\Temp\mbr.sys (Hidden registry entry, rootkit activity | File not found) "MpKsla7066217" (MpKsla7066217) - ? - c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0E3B51B6-9FA0-46FE-8C15-216601980F80}\MpKsla7066217.sys (File not found) "MpKslb6ab3838" (MpKslb6ab3838) - ? - c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FD9AAC6C-F5BF-4732-96A9-DFD2A3609BD0}\MpKslb6ab3838.sys (File not found) "MpKslc22dae8a" (MpKslc22dae8a) - "Microsoft Corporation" - C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{AED283E7-80E5-45C7-B175-413F6A4B8F71}\MpKslc22dae8a.sys "uftiyfow" (uftiyfow) - ? - C:\Users\Pizzaro\AppData\Local\Temp\uftiyfow.sys (Hidden registry entry, rootkit activity | File not found) [Explorer] -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll -----( HKLM\Software\Classes\Protocols\Handler )----- {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} "Album Download IE Asynchronous Pluggable Protocol Interface" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll {828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\Program Files\Windows Live\Messenger\msgrapp.dll {828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Messenger\msgrapp.dll {91774881-D725-4E58-B298-07617B9B86A8} "Skype IE add-on Pluggable Protocol" - "Skype Technologies S.A." - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll {03C514A3-1EFB-4856-9F99-10D7BE1653C0} "Windows Live Mail HTML Asynchronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\Program Files\Windows Live\Mail\mailcomm.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {911051fa-c21c-4246-b470-070cd8df6dc4} ".cab or .zip files" - ? - (File not found | COM-object registry key not found) {1b24a030-9b20-49bc-97ac-1be4426f9e59} "ActiveDirectory Folder" - ? - (File not found | COM-object registry key not found) {34449847-FD14-4fc8-A75A-7432F5181EFB} "ActiveDirectory Folder" - ? - (File not found | COM-object registry key not found) {0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48} "Contacts folder" - ? - (File not found | COM-object registry key not found) {94586423-855F-4EB2-9F6A-D9DA5658DBE3} "Context menu" - ? - D:\PROGRA~1\FREEM4~1\m4a_menu.dll (File found, but it contains no detailed information) {09A47860-11B0-4DA5-AFA5-26D86198A780} "EPP" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\shellext.dll {2C2577C2-63A7-40e3-9B7F-586602617ECB} "Explorer Query Band" - ? - (File not found | COM-object registry key not found) {FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist" - ? - (File not found | COM-object registry key not found) {00020d75-0000-0000-c000-000000000046} "lnkfile" - ? - (File not found | COM-object registry key not found) {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "OpenOffice.org Column Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {087B3AE3-E237-4467-B8DB-5A38AB959AC9} "OpenOffice.org Infotip Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {AE424E85-F6DF-4910-A6A9-438797986431} "OpenOffice.org Property Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\propertyhdl.dll {63542C48-9552-494A-84F7-73AA6A7C99C1} "OpenOffice.org Property Sheet Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {3B092F0C-7696-40E3-A80F-68D74DA84210} "OpenOffice.org Thumbnail Viewer" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {C8494E42-ACDD-4739-B0FB-217361E4894F} "Sam Account Folder" - ? - (File not found | COM-object registry key not found) {E29F9716-5C08-4FCD-955A-119FDB5A522D} "Sam Account Folder" - ? - (File not found | COM-object registry key not found) {2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} "Windows Live Photo Gallery Autoplay Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} "Windows Live Photo Gallery Editor Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} "Windows Live Photo Gallery Editor Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F30F90-3E96-453B-AFCD-D71989ECC2C7} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F33137-EE26-412F-8D71-F84E4C2C6625} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F374B7-B390-4884-B372-2FC349F2172B} "Windows Live Photo Gallery Viewer Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F346CB-35A4-465B-8B8F-65A29DBAB1F6} "Windows Live Photo Gallery Viewer Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll {da67b8ad-e81b-4c70-9b91b417b5e33527} "Windows Search Shell Service" - ? - (File not found | COM-object registry key not found) {B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - "Alexander Roshal" - C:\Program Files\WinRAR\rarext.dll {0563DB41-F538-4B37-A92D-4659049B7766} "WLMD Message Handler" - ? - (File not found | COM-object registry key not found) {06A2568A-CED6-4187-BB20-400B8C02BE5A} "{06A2568A-CED6-4187-BB20-400B8C02BE5A}" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe [Internet Explorer] -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found) <binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_29" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} "Java Plug-in 1.6.0_29" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_29" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\npjpi160_29.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab {E2883E8F-472F-4FB0-9522-AC9BF37916A7} "{E2883E8F-472F-4FB0-9522-AC9BF37916A7}" - ? - (File not found | COM-object registry key not found) / hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} "@C:\Program Files\Windows Live\Companion\companionlang.dll,-600" - "Microsoft Corporation" - C:\Program Files\Windows Live\Companion\companioncore.dll {5F7B1267-94A9-47F5-98DB-E99415F33AEC} "@C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004" - "Microsoft Corporation" - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll {898EA8C8-E7FF-479B-8935-AEC46303B9E5} "Skype Click to Call" - "Skype Technologies S.A." - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )----- {9421DD08-935F-4701-A9CA-22DF90AC4EA6} "Easy Photo Print" - "SEIKO EPSON CORPORATION / CyCom Technology Corp." - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll {9421DD08-935F-4701-A9CA-22DF90AC4EA6} "Easy Photo Print" - "SEIKO EPSON CORPORATION / CyCom Technology Corp." - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2ssv.dll {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} "Skype Browser Helper" - "Skype Technologies S.A." - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll {9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live ID Sign-in Helper" - "Microsoft Corp." - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll {9FDDE16B-836F-4806-AB1F-1455CBEFF289} "Windows Live Messenger Companion Helper" - "Microsoft Corporation" - C:\Program Files\Windows Live\Companion\companioncore.dll [Logon] -----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\Users\Pizzaro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini "OpenOffice.org 3.3.lnk" - ? - C:\Program Files\OpenOffice.org 3\program\quickstart.exe (Shortcut exists | File found, but it contains no detailed information | File exists) -----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )----- "Logitech Vid" - "Logitech Inc." - "C:\Program Files\Logitech\Logitech Vid\vid.exe" -bootmode "Skype" - "Skype Technologies S.A." - "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized -----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )----- "StartupPrograms" - ? - rdpclip (File not found) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "Adobe ARM" - "Adobe Systems Incorporated" - "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "LogitechQuickCamRibbon" - "Logitech Inc." - "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide "MSC" - "Microsoft Corporation" - "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey "PlusService" - "Yuna Software" - C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe "SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "@C:\Program Files\Microsoft Security Client\Antimalware\MpAsDesc.dll,-243" (NisSrv) - "Microsoft Corporation" - C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe "@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100" (WPFFontCache_v0400) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe "Adobe Acrobat Update Service" (AdobeARMservice) - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe "ASP.NET-Zustandsdienst" (aspnet_state) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe "Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe "Microsoft Antimalware Service" (MsMpSvc) - "Microsoft Corporation" - C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe "Process Monitor" (LVPrcSrv) - "Logitech Inc." - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe "Windows Live Family Safety Service" (fsssvc) - "Microsoft Corporation" - C:\Program Files\Windows Live\Family Safety\fsssvc.exe "Windows Live ID Sign-in Assistant" (wlidsvc) - "Microsoft Corp." - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit Online Solutions :: Index |
29.11.2011, 17:12 | #22 |
| fremder zugriff auf mein MSN So ich hoffe ich hab das auch richtig gemacht aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software Run date: 2011-11-29 16:56:41 ----------------------------- 16:56:41.333 OS Version: Windows 6.0.6002 Service Pack 2 16:56:41.334 Number of processors: 4 586 0x202 16:56:41.335 ComputerName: PIZZARO-PC UserName: Pizzaro 16:56:43.122 Initialize success 17:04:17.831 AVAST engine defs: 11112901 17:11:58.776 The log file has been saved successfully to "C:\Users\Pizzaro\Desktop\aswMBR.txt" |
29.11.2011, 17:32 | #23 |
/// Winkelfunktion /// TB-Süch-Tiger™ | fremder zugriff auf mein MSN Bei aswMBR ist dir ein Fehler unterlaufen. Bitte wiederholen, beachte die Anleitung dazu und setze sie genau um
__________________ Logfiles bitte immer in CODE-Tags posten |
29.11.2011, 17:50 | #24 |
| fremder zugriff auf mein MSN ok danke..werd ich machen |
29.11.2011, 18:41 | #25 |
| fremder zugriff auf mein MSN So da bin ich wieder aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software Run date: 2011-11-29 16:56:41 ----------------------------- 16:56:41.333 OS Version: Windows 6.0.6002 Service Pack 2 16:56:41.334 Number of processors: 4 586 0x202 16:56:41.335 ComputerName: PIZZARO-PC UserName: Pizzaro 16:56:43.122 Initialize success 17:04:17.831 AVAST engine defs: 11112901 17:11:58.776 The log file has been saved successfully to "C:\Users\Pizzaro\Desktop\aswMBR.txt" aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software Run date: 2011-11-29 17:51:37 ----------------------------- 17:51:37.803 OS Version: Windows 6.0.6002 Service Pack 2 17:51:37.804 Number of processors: 4 586 0x202 17:51:37.805 ComputerName: PIZZARO-PC UserName: Pizzaro 17:51:39.138 Initialize success 17:51:49.412 AVAST engine defs: 11112901 17:52:19.503 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000052 17:52:19.507 Disk 0 Vendor: WDC_WD50 12.0 Size: 476940MB BusType: 6 17:52:21.798 Disk 0 MBR read successfully 17:52:21.802 Disk 0 MBR scan 17:52:21.832 Disk 0 Windows VISTA default MBR code 17:52:21.976 Disk 0 scanning sectors +976771072 17:52:22.857 Disk 0 scanning C:\Windows\system32\drivers 17:54:46.835 Service scanning 17:54:47.375 Service MpKsl2de8a378 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FF741A6B-0857-41E7-9AB7-3D447B1257FE}\MpKsl2de8a378.sys **LOCKED** 32 17:54:47.383 Service MpNWMon C:\Windows\system32\DRIVERS\MpNWMon.sys **LOCKED** 32 17:54:48.009 Modules scanning 17:57:42.282 Disk 0 trace - called modules: 17:57:42.404 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll storport.sys nvstor32.sys 17:57:42.757 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86224240] 17:57:42.768 3 CLASSPNP.SYS[82fb38b3] -> nt!IofCallDriver -> [0x85079e00] 17:57:42.778 5 acpi.sys[806166bc] -> nt!IofCallDriver -> \Device\00000052[0x850f47f0] 17:57:43.966 AVAST engine scan C:\Windows 18:02:28.755 AVAST engine scan C:\Windows\system32 18:10:09.663 AVAST engine scan C:\Windows\system32\drivers 18:10:28.981 AVAST engine scan C:\Users\Pizzaro 18:26:02.508 AVAST engine scan C:\ProgramData 18:27:55.984 Scan finished successfully 18:39:03.016 Disk 0 MBR has been saved successfully to "C:\Users\Pizzaro\Desktop\MBR.dat" 18:39:03.023 The log file has been saved successfully to "C:\Users\Pizzaro\Desktop\aswMBR.txt" |
29.11.2011, 18:59 | #26 |
/// Winkelfunktion /// TB-Süch-Tiger™ | fremder zugriff auf mein MSN Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!! Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt: ESET Online Scanner
__________________ Logfiles bitte immer in CODE-Tags posten |
29.11.2011, 19:04 | #27 |
| fremder zugriff auf mein MSN Klingt supi dann werd ich das mal eben machen |
29.11.2011, 19:39 | #28 |
| fremder zugriff auf mein MSN Malwarebytes' Anti-Malware 1.51.2.1300 Malwarebytes : Free anti-malware, anti-virus and spyware removal download Datenbank Version: 8256 Windows 6.0.6002 Service Pack 2 Internet Explorer 9.0.8112.16421 29.11.2011 19:34:56 mbam-log-2011-11-29 (19-34-56).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|F:\|) Durchsuchte Objekte: 252415 Laufzeit: 25 Minute(n), 43 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) |
29.11.2011, 21:00 | #29 |
| fremder zugriff auf mein MSN ESETSmartInstaller@High as downloader log: all ok # version=7 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6528 # api_version=3.0.2 # EOSSerial=6b6407d8b2da6049882ff9e02852892a # end=finished # remove_checked=true # archives_checked=true # unwanted_checked=true # unsafe_checked=true # antistealth_checked=true # utc_time=2011-10-23 12:27:13 # local_time=2011-10-23 02:27:13 (+0100, Mitteleuropäische Sommerzeit) # country="Germany" # lang=1031 # osver=6.0.6002 NT Service Pack 2 # compatibility_mode=5892 16776574 100 100 20505992 156856816 0 0 # compatibility_mode=8192 67108863 100 0 89 89 0 0 # scanned=112779 # found=0 # cleaned=0 # scan_time=5545 ESETSmartInstaller@High as downloader log: all ok # version=7 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=6b6407d8b2da6049882ff9e02852892a # end=finished # remove_checked=true # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2011-11-27 08:01:55 # local_time=2011-11-27 09:01:55 (+0100, Mitteleuropäische Zeit) # country="Germany" # lang=1031 # osver=6.0.6002 NT Service Pack 2 # compatibility_mode=5892 16776574 100 100 23598770 159949594 0 0 # compatibility_mode=8192 67108863 100 0 3092867 3092867 0 0 # scanned=190938 # found=0 # cleaned=0 # scan_time=7248 ESETSmartInstaller@High as downloader log: all ok # version=7 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=6b6407d8b2da6049882ff9e02852892a # end=stopped # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2011-11-28 01:32:22 # local_time=2011-11-28 02:32:22 (+0100, Mitteleuropäische Zeit) # country="Germany" # lang=1033 # osver=6.0.6002 NT Service Pack 2 # compatibility_mode=5892 16776574 100 100 23668052 160018876 0 0 # compatibility_mode=8192 67108863 100 0 3162149 3162149 0 0 # scanned=10212 # found=0 # cleaned=0 # scan_time=994 ESETSmartInstaller@High as downloader log: all ok # version=7 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=6b6407d8b2da6049882ff9e02852892a # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2011-11-28 03:47:57 # local_time=2011-11-28 04:47:57 (+0100, Mitteleuropäische Zeit) # country="Germany" # lang=1033 # osver=6.0.6002 NT Service Pack 2 # compatibility_mode=5892 16776574 100 100 23672174 160022998 0 0 # compatibility_mode=8192 67108863 100 0 3166271 3166271 0 0 # scanned=192840 # found=0 # cleaned=0 # scan_time=5006 ESETSmartInstaller@High as downloader log: all ok # version=7 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=6b6407d8b2da6049882ff9e02852892a # end=finished # remove_checked=true # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2011-11-29 07:55:22 # local_time=2011-11-29 08:55:22 (+0100, Mitteleuropäische Zeit) # country="Germany" # lang=1033 # osver=6.0.6002 NT Service Pack 2 # compatibility_mode=5892 16776574 100 100 23774393 160125217 0 0 # compatibility_mode=8192 67108863 100 0 3268490 3268490 0 0 # scanned=115537 # found=0 # cleaned=0 # scan_time=4033 |
29.11.2011, 21:06 | #30 |
| fremder zugriff auf mein MSN Irgendwie gehr das mit dem SUPERAntiSpyware nicht werd es weiter versuchen... aber ich hab noch eine frage Das meine IP adresse ich glaube einmal am tag (nachts) ändert das weiß ich aber es ist komisch das ich öfters am tag einen IP wechsel habe normalerweise fängt meine mit 79.238...... und wechselt immer zu 91.38......... |
Themen zu fremder zugriff auf mein MSN |
account, anderen, anmelden, daten, erneut, fix, frage, freunde, geknackt, geändert, gleichzeitig, hacker angriff, hotmail, konten, konto, mail, melde, melden, msn, online, passwörter, schonmal, verhindern, überall, zugang, zugriff |