Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Exploit:HTML/IframeRef.Z wird immer wieder aufs neue gefunden

Exploit:HTML/IframeRef.Z wird immer wieder aufs neue gefunden


Log-Analyse und Auswertung: Exploit:HTML/IframeRef.Z wird immer wieder aufs neue gefunden

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 06.12.2011, 00:25   #1
Gnorf
 
Exploit:HTML/IframeRef.Z wird immer wieder aufs neue gefunden - Standard

Exploit:HTML/IframeRef.Z wird immer wieder aufs neue gefunden


Erst mal vorab, ich finde es toll, dass es Leute wie euch gibt die einem bei Sicherheitsproblemen helfen!

Mein Problem besteht darin, dass mein Virenscenner (Microsoft Security Essentials) nunmehr innerhalb von einer Woche zum dritten Mal folgendes Schadprogramm gefunden hat:

Exploit:HTML/IframeRef.Z

Der Fundort war jeweils:

file:C:\Users\Borion\AppData\Local\Mozilla\Firefox\Profiles\a8iofrr6.default\Cache\E\A5\927D3d01

Lt. meinem Virenscenner wurde das Schadprogramm jeweils entfernt. Zusätzlich habe ich anschließend noch den CCleaner zwecks Löschung des Cache angewendet und meinen Rechner noch über einen Internet-Onlinescanner (Eset) überprüft (ohne Fund). Ich finde es allerdings langsam etwas beunruhigend, dass innerhalb so kurzer Zeit immer wieder das gleiche Schadprogramm an der gleichen Stelle auftaucht. Mich würde daher mal eure Expertenmeinung interessieren.

Ich habe versucht eure Hinweise für Hilfesuchende zu befolgen.

Bei Schritt 1 (defogger) habe ich nach dem Scan die Meldung "Finished" mit OK bestätigt. Es folgte dann jedoch keine Aufforderung zum Neustart?! Ich habe dann selbst einen Neustart veranlasst. In dem defogger disable Log steht folgendes:

defogger_disable by jpshortstuff (23.02.10.1)
Log created at 22:55 on 05/12/2011 (Borion)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-

Bei Schritt 3 (Gmer) brach der Scan jeweils nach ca. 2 Minuten mit folgendem Hinweis ab:

"35exvmse.exe funktioniert nicht mehr. Das Programm wird aufgrund eines Problems nicht richtig ausgeführt. Das Programm wird geschlossen und sie werden benachrichtigt, wenn eine Lösung vorhanden ist."

Eure Hinweise habe ich alle beachtet, also Verbindung zum Internet unterbrochen, Virenscanner und Antilogger ausgeschaltet und alle anderen Programme vorher beendet. Ich habe auch ein 32 Bit System.

Bei Schritt 2 (OTL) gabs keine Probleme. Hier die OTL.txt

OTL logfile created on: 05.12.2011 23:03:50 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Borion\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,25 Gb Total Physical Memory | 2,30 Gb Available Physical Memory | 70,86% Memory free
6,68 Gb Paging File | 5,77 Gb Available in Paging File | 86,26% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 581,09 Gb Total Space | 466,67 Gb Free Space | 80,31% Space Free | Partition Type: NTFS
Drive D: | 15,00 Gb Total Space | 8,99 Gb Free Space | 59,92% Space Free | Partition Type: NTFS

Computer Name: BORION-PC | User Name: Borion | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011.12.05 22:52:12 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Borion\Desktop\OTL.exe
PRC - [2011.11.20 09:50:05 | 000,107,000 | ---- | M] (Siber Systems) -- C:\Programme\Siber Systems\AI RoboForm\robotaskbaricon.exe
PRC - [2011.07.02 08:00:17 | 002,856,392 | ---- | M] (Zemana Ltd.) -- C:\Programme\AntiLogger\AntiLogger.exe
PRC - [2011.06.15 14:16:48 | 000,997,920 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Security Client\msseces.exe
PRC - [2011.06.06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.04.27 14:39:26 | 000,208,944 | ---- | M] (Microsoft Corporation) -- c:\Programme\Microsoft Security Client\Antimalware\NisSrv.exe
PRC - [2011.04.27 14:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) -- c:\Programme\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2009.04.11 07:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe
PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.12.18 12:05:28 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Programme\Dell\DellDock\DockLogin.exe
PRC - [2008.12.04 15:03:00 | 000,226,640 | ---- | M] (Microsoft Corp.) -- C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2008.07.18 13:42:10 | 006,246,400 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008.07.18 13:42:08 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTSrv.exe
PRC - [2008.01.21 03:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2008.01.21 03:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe
PRC - [2007.03.02 16:48:00 | 000,098,304 | ---- | M] (Brother Industries, Ltd.) -- C:\Programme\Brother\Brmfcmon\BrMfcMon.exe


========== Modules (No Company Name) ==========

MOD - [2011.10.16 07:21:45 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\6d2f689baff5da3df134fdec0742a13c\System.Runtime.Remoting.ni.dll
MOD - [2011.10.16 07:21:42 | 011,804,672 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\e00630ec1e225a2376fdd430645e20f7\System.Web.ni.dll
MOD - [2011.10.16 07:21:31 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\40da9084d0863e07d7ce55953833b8b0\System.Configuration.ni.dll
MOD - [2011.10.16 07:20:04 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\c1c06a392871267db27f7cbc40e1c4fb\System.Xml.ni.dll
MOD - [2011.10.16 07:19:49 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1363115565fff5a641243a48f396f107\System.Windows.Forms.ni.dll
MOD - [2011.10.16 07:19:41 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\367c4043efc2f32d843cb588b0dc97fc\System.Drawing.ni.dll
MOD - [2011.10.16 07:18:38 | 007,950,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\f9c36ea806e77872dce891c77b68fac3\System.ni.dll
MOD - [2011.10.16 07:18:31 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b6632a8b2f276a8e31f5b0f6b2006cd1\mscorlib.ni.dll
MOD - [2009.06.12 17:52:46 | 001,679,360 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3021.38476__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dl l
MOD - [2009.06.12 17:52:46 | 000,253,952 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3021.38434__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2009.06.12 17:52:46 | 000,196,608 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3021.38488__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2009.06.12 17:52:46 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3021.38664__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2009.06.12 17:52:46 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3021.38629__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2009.06.12 17:52:46 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3021.38468__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2009.06.12 17:52:46 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3021.38587__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dl l
MOD - [2009.06.12 17:52:46 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3021.38455__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime. dll
MOD - [2009.06.12 17:52:45 | 000,483,328 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3021.38696__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2009.06.12 17:52:38 | 000,442,368 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Dashboard\2.0.3021.38720__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Dashboard.dll
MOD - [2009.06.12 17:52:38 | 000,348,160 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3021.38636__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2009.06.12 17:52:38 | 000,135,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3021.38702__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2009.06.12 17:52:38 | 000,090,112 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3021.38643__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2009.06.12 17:52:38 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3021.38448__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2009.06.12 17:52:38 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Runtime\2.0.3021.38719__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Runtime.dll
MOD - [2009.06.12 17:52:38 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3021.38636__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2009.06.12 17:52:38 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3021.38695__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll
MOD - [2009.06.12 17:52:37 | 000,802,816 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3021.38595__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2009.06.12 17:52:37 | 000,585,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3021.38501__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashbo ard.dll
MOD - [2009.06.12 17:52:37 | 000,479,232 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3021.38588__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2009.06.12 17:52:37 | 000,446,464 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3021.38581__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MOD - [2009.06.12 17:52:37 | 000,438,272 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3021.38456__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashbo ard.dll
MOD - [2009.06.12 17:52:37 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3021.38656__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2009.06.12 17:52:37 | 000,217,088 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3021.38495__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2009.06.12 17:52:37 | 000,118,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3021.38608__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashbo ard.dll
MOD - [2009.06.12 17:52:37 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3021.38595__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2009.06.12 17:52:37 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3021.38587__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2009.06.12 17:52:37 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3021.38507__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime. dll
MOD - [2009.06.12 17:52:37 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3021.38594__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2009.06.12 17:52:37 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3021.38608__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime. dll
MOD - [2009.06.12 17:52:37 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3021.38622__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2009.06.12 17:52:37 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3005.17490__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2009.06.12 17:52:37 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3005.17473__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2009.06.12 17:52:37 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3005.17516__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll
MOD - [2009.06.12 17:52:36 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Shared\2.0.3005.17553__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Shared.dll
MOD - [2009.06.12 17:52:36 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3005.17468__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2009.06.12 17:52:36 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3005.17493__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2009.06.12 17:52:36 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3005.17540__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2009.06.12 17:52:36 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2009.06.12 17:52:36 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3005.17556__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2009.06.12 17:52:36 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3005.17465__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2009.06.12 17:52:36 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3005.17466__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2009.06.12 17:52:36 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3005.17608__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2009.06.12 17:52:36 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.3005.17556__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll
MOD - [2009.06.12 17:52:36 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3005.17518__90ba9c70f846762e\DEM.OS.I0602.dll
MOD - [2009.06.12 17:52:36 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0703\2.0.2651.18802__90ba9c70f846762e\DEM.Graphics.I0703.dll
MOD - [2009.06.12 17:52:36 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3005.17496__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2009.06.12 17:52:36 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3005.17491__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2009.06.12 17:52:36 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3005.17479__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2009.06.12 17:52:36 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3005.17510__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2009.06.12 17:52:36 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.3005.17517__90ba9c70f846762e\DEM.OS.dll
MOD - [2009.06.12 17:52:36 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2009.06.12 17:52:36 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3005.17519__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2009.06.12 17:52:36 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2009.06.12 17:52:36 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3005.17488__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2009.06.12 17:52:36 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3005.17530__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2009.06.12 17:52:36 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3005.17521__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2009.06.12 17:52:36 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3005.17562__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2009.06.12 17:52:36 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3005.17512__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2009.06.12 17:52:36 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3005.17563__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2009.06.12 17:52:36 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2009.06.12 17:52:35 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3005.17541__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2009.06.12 17:52:35 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3005.17535__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2009.06.12 17:52:35 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3005.17536__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2009.06.12 17:52:35 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3005.17535__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2009.06.12 17:52:35 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3005.17539__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2009.06.12 17:52:35 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3005.17506__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2009.06.12 17:52:35 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3005.17531__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dl l
MOD - [2009.06.12 17:52:35 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3005.17521__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2009.06.12 17:52:35 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3005.17537__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dl l
MOD - [2009.06.12 17:52:35 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3005.17514__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2009.06.12 17:52:35 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MOD - [2009.06.12 17:52:35 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3005.17522__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dl l
MOD - [2009.06.12 17:52:35 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3005.17511__90ba9c70f846762e\APM.Foundation.dll
MOD - [2009.06.12 17:52:35 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3005.17489__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2009.06.12 17:52:33 | 000,102,400 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3021.38687__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2009.06.12 17:52:33 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3021.38712__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2009.06.12 17:52:33 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3005.17484__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2009.06.12 17:52:33 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Private\2.0.3005.17481__90ba9c70f846762e\LOCALIZATION.Foundation.Private.dll
MOD - [2009.06.12 17:52:33 | 000,011,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Implementation\2.0.3021.38723__90ba9c70f846762e\LOCALIZATION.Foundation.Implementation.dll
MOD - [2009.06.12 17:52:33 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3021.38426__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2009.06.12 17:52:33 | 000,005,120 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray.resources\2.0.3021.38678_de_90ba9c70f846762e\CLI.Component.Systemtray.resources.dll
MOD - [2009.06.12 17:52:32 | 001,511,424 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3021.38442__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2009.06.12 17:52:32 | 000,491,520 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3021.38463__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2009.06.12 17:52:32 | 000,417,792 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3021.38678__90ba9c70f846762e\CLI.Component.Systemtray.dll
MOD - [2009.06.12 17:52:32 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.3021.38426__90ba9c70f846762e\ATIDEMOS.dll
MOD - [2009.06.12 17:52:32 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3021.38686__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2009.06.12 17:52:32 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3021.38426__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2009.06.12 17:52:32 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3021.38424__90ba9c70f846762e\APM.Server.dll
MOD - [2009.06.12 17:52:32 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3005.17514__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2009.06.12 17:52:32 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3021.38425__90ba9c70f846762e\AEM.Server.dll
MOD - [2009.06.12 17:52:32 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3005.17475__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2009.06.12 17:52:32 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3005.17499__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2009.06.12 17:52:32 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3021.38686__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2009.06.12 17:52:32 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2009.06.12 17:52:32 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3005.17513__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2009.06.12 17:52:32 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3005.17511__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2009.06.12 17:52:32 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3005.17508__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2009.06.12 17:52:32 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3005.17542__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2009.03.30 05:42:12 | 000,434,176 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2009.03.30 05:42:12 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll
MOD - [2009.03.30 05:42:11 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2008.05.21 07:11:06 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll


========== Win32 Services (SafeList) ==========

SRV - [2011.06.06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.04.27 14:39:26 | 000,208,944 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV - [2011.04.27 14:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2009.06.12 17:57:34 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2008.12.18 12:05:28 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Programme\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV - [2008.07.18 13:42:08 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AERTSrv.exe -- (AERTFilters)
SRV - [2008.01.21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - [2011.12.05 23:01:19 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E7EA4327-1B9B-4163-896F-4E0277FF5FAD}\MpKslaf1f9c59.sys -- (MpKslaf1f9c59)
DRV - [2011.07.02 08:00:26 | 000,121,560 | ---- | M] (Zemana Ltd.) [Kernel | System | Running] -- C:\Programme\AntiLogger\AntiLog32.sys -- (AntiLog32)
DRV - [2011.04.27 14:25:24 | 000,065,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2011.04.18 12:18:50 | 000,043,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2010.06.23 09:21:32 | 000,259,176 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2009.06.30 09:37:16 | 000,028,552 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\Windows\system32\drivers\pavboot.sys -- (pavboot)
DRV - [2008.07.21 12:18:20 | 000,027,648 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\RtNdPt60.sys -- (RtNdPt60)
DRV - [2008.05.21 07:11:00 | 003,591,168 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2008.05.21 07:11:00 | 003,591,168 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008.01.21 03:23:25 | 000,251,904 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTBS23.SYS -- (VSTHWBS2)
DRV - [2008.01.21 03:23:25 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel(R)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USCON/8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://news.google.de/nwshp?hl=de&tab=wn
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "hxxp://www.finanztreff.de/"
FF - prefs.js..extensions.enabledItems: de-DE@dictionaries.addons.mozilla.org:2.0.2
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6
FF - prefs.js..extensions.enabledItems: {22119944-ED35-4ab1-910B-E619EA06A115}:6.10.1
FF - prefs.js..extensions.enabledItems: {d40f5e7b-d2cf-4856-b441-cc613eeffbe3}:1.50
FF - prefs.js..extensions.enabledItems: {e001c731-5e37-4538-a5cb-8168736a2360}:0.9.9.91
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandasecurity.com/activescan: C:\Program Files\Panda Security\ActiveScan 2.0\npwrapper.dll (Panda Security, S.L.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Borion\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{22119944-ED35-4ab1-910B-E619EA06A115}: C:\Program Files\Siber Systems\AI RoboForm\Firefox [2011.11.20 09:50:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.11.11 21:08:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.11.24 19:23:09 | 000,000,000 | ---D | M]

[2010.11.13 16:06:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Borion\AppData\Roaming\mozilla\Extensions
[2011.09.28 16:16:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Borion\AppData\Roaming\mozilla\Firefox\Profiles\a8iofrr6.default\extensions
[2011.07.30 06:58:19 | 000,000,000 | ---D | M] (BitDefender QuickScan) -- C:\Users\Borion\AppData\Roaming\mozilla\Firefox\Profiles\a8iofrr6.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
[2011.02.21 19:14:52 | 000,000,000 | ---D | M] (German Dictionary) -- C:\Users\Borion\AppData\Roaming\mozilla\Firefox\Profiles\a8iofrr6.default\extensions\de-DE@dictionaries.addons.mozilla.org
[2011.09.18 15:52:37 | 000,001,565 | ---- | M] () -- C:\Users\Borion\AppData\Roaming\Mozilla\Firefox\Profiles\a8iofrr6.default\searchplugins\web-search.xml
[2011.11.24 19:18:47 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2011.11.24 19:18:47 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
() (No name found) -- C:\USERS\BORION\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A8IOFRR6.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\BORION\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A8IOFRR6.DEFAULT\EXTENSIONS\{D40F5E7B-D2CF-4856-B441-CC613EEFFBE3}.XPI
[2010.11.14 23:17:13 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2011.11.11 21:08:45 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.11.24 19:18:35 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010.01.01 09:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.01.01 09:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2010.01.01 09:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2010.01.01 09:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.01.01 09:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.01.01 09:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
O2 - BHO: (Reg Error: Value error.) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Programme\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&RoboForm) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Programme\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&RoboForm) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Programme\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O4 - HKLM..\Run: [AntiLogger] C:\Program Files\AntiLogger\AntiLogger.exe (Zemana Ltd.)
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [dellsupportcenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter File not found
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [RoboForm] C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (Siber Systems)
O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O8 - Extra context menu item: RF - Formular ausfüllen - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8 - Extra context menu item: RF - Formular speichern - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O8 - Extra context menu item: RF - Menü anpassen - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8 - Extra context menu item: RF - RoboForm-Leiste ein/aus - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Ausfüllen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra 'Tools' menuitem : RF - Formular ausfüllen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra Button: Speichern - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra 'Tools' menuitem : RF - Formular speichern - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra Button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra 'Tools' menuitem : RF - RoboForm-Leiste ein/aus - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} hxxp://quickscan.bitdefender.com/qsax/qsax.cab (BitDefender QuickScan Control)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} hxxp://acs.pandasoftware.com/activescan/cabs/as2stubie.cab (ActiveScan 2.0 Installer Class)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C931C944-28BF-46FF-848D-1318EEFC5443}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll) - C:\Programme\Citrix\GoToAssist\514\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\1600x1200_blue.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\1600x1200_blue.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011.12.05 22:52:09 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Borion\Desktop\OTL.exe
[2011.12.05 20:08:26 | 000,000,000 | ---D | C] -- C:\Users\Borion\AppData\Roaming\Malwarebytes
[2011.12.05 20:08:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.12.05 20:08:10 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011.11.24 19:20:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2011.11.24 19:18:30 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2011.11.20 09:50:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RoboForm
[2011.11.17 19:24:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth

========== Files - Modified Within 30 Days ==========

[2011.12.05 23:01:22 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.12.05 23:01:22 | 000,000,276 | ---- | M] () -- C:\Windows\tasks\RtlNICDiagVistaStart.job
[2011.12.05 23:01:20 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.12.05 23:01:20 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.12.05 23:01:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.12.05 23:01:12 | 3486,740,480 | -HS- | M] () -- C:\hiberfil.sys
[2011.12.05 22:52:12 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Borion\Desktop\OTL.exe
[2011.12.05 22:40:04 | 000,000,000 | ---- | M] () -- C:\Users\Borion\defogger_reenable
[2011.12.05 22:39:00 | 000,050,477 | ---- | M] () -- C:\Users\Borion\Desktop\Defogger.exe
[2011.12.05 22:23:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.12.05 22:14:44 | 000,000,506 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2011.12.04 19:39:34 | 000,017,408 | ---- | M] () -- C:\Users\Borion\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.12.04 19:39:09 | 000,630,604 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.12.04 19:39:09 | 000,597,898 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.12.04 19:39:09 | 000,127,248 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.12.04 19:39:09 | 000,104,872 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.11.22 21:25:14 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job

========== Files Created - No Company Name ==========

[2011.12.05 22:40:04 | 000,000,000 | ---- | C] () -- C:\Users\Borion\defogger_reenable
[2011.12.05 22:38:59 | 000,050,477 | ---- | C] () -- C:\Users\Borion\Desktop\Defogger.exe
[2011.07.24 18:54:17 | 000,276,966 | ---- | C] () -- C:\Users\Borion\AppData\Local\census.cache
[2011.07.24 18:54:12 | 000,172,097 | ---- | C] () -- C:\Users\Borion\AppData\Local\ars.cache
[2011.07.24 18:48:29 | 000,000,036 | ---- | C] () -- C:\Users\Borion\AppData\Local\housecall.guid.cache
[2011.05.30 18:55:21 | 000,034,704 | ---- | C] () -- C:\Windows\syscall.dat
[2011.03.06 09:54:38 | 000,000,680 | ---- | C] () -- C:\Users\Borion\AppData\Local\d3d9caps.dat
[2011.01.23 16:54:18 | 000,000,101 | ---- | C] () -- C:\Windows\SAWReg.ini
[2010.12.25 12:51:19 | 000,017,408 | ---- | C] () -- C:\Users\Borion\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.11.15 21:34:54 | 000,000,526 | ---- | C] () -- C:\Users\Borion\AppData\Roaming\wklnhst.dat
[2010.11.15 19:47:31 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2010.11.15 19:47:31 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2010.11.13 17:21:34 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2010.11.13 17:21:34 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2010.11.13 16:58:47 | 000,000,050 | ---- | C] () -- C:\Windows\System32\bridf07a.dat
[2010.11.13 16:55:40 | 000,031,664 | ---- | C] () -- C:\Windows\maxlink.ini
[2009.12.03 09:27:30 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2009.06.13 03:32:11 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2009.06.13 03:32:11 | 000,168,883 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2009.06.13 03:32:11 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2009.06.13 03:32:11 | 000,090,112 | ---- | C] () -- C:\Windows\System32\atibrtmon.exe
[2009.06.13 03:32:11 | 000,081,920 | ---- | C] () -- C:\Windows\System32\ATIODE.exe
[2009.06.13 03:32:11 | 000,040,960 | ---- | C] () -- C:\Windows\System32\ATIODCLI.exe
[2009.06.13 03:28:50 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009.06.12 19:37:40 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2008.01.21 08:15:58 | 000,630,604 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008.01.21 08:15:58 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008.01.21 08:15:58 | 000,127,248 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008.01.21 08:15:58 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2006.11.02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 13:47:37 | 000,381,400 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 11:33:01 | 000,597,898 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 11:33:01 | 000,104,872 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat

========== LOP Check ==========

[2011.01.23 16:55:13 | 000,000,000 | ---D | M] -- C:\Users\Borion\AppData\Roaming\apm
[2011.08.12 13:21:39 | 000,000,000 | ---D | M] -- C:\Users\Borion\AppData\Roaming\ASCOMP Software
[2011.03.20 08:33:46 | 000,000,000 | ---D | M] -- C:\Users\Borion\AppData\Roaming\f-secure
[2011.08.12 14:07:43 | 000,000,000 | ---D | M] -- C:\Users\Borion\AppData\Roaming\JAM Software
[2011.01.29 13:03:44 | 000,000,000 | ---D | M] -- C:\Users\Borion\AppData\Roaming\Octoshape
[2010.12.03 17:23:03 | 000,000,000 | ---D | M] -- C:\Users\Borion\AppData\Roaming\Opera
[2011.03.02 20:18:30 | 000,000,000 | ---D | M] -- C:\Users\Borion\AppData\Roaming\PCDr
[2011.01.16 18:21:05 | 000,000,000 | ---D | M] -- C:\Users\Borion\AppData\Roaming\Philipp Winterberg
[2011.09.18 18:19:22 | 000,000,000 | ---D | M] -- C:\Users\Borion\AppData\Roaming\QuickScan
[2011.03.04 15:48:16 | 000,000,000 | ---D | M] -- C:\Users\Borion\AppData\Roaming\S.A.D
[2011.02.21 19:15:00 | 000,000,000 | ---D | M] -- C:\Users\Borion\AppData\Roaming\SoftGrid Client
[2011.02.21 19:15:00 | 000,000,000 | ---D | M] -- C:\Users\Borion\AppData\Roaming\Template
[2010.11.16 19:30:04 | 000,000,000 | ---D | M] -- C:\Users\Borion\AppData\Roaming\TP
[2011.11.22 21:25:14 | 000,000,564 | ---- | M] () -- C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
[2011.12.05 23:01:22 | 000,000,276 | ---- | M] () -- C:\Windows\Tasks\RtlNICDiagVistaStart.job
[2011.12.05 22:59:16 | 000,032,530 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011.12.05 22:14:44 | 000,000,506 | ---- | M] () -- C:\Windows\Tasks\SystemToolsDailyTest.job

========== Purity Check ==========



========== Custom Scans ==========


< defogger_disable by jpshortstuff (23.02.10.1) >

< Log created at 22:55 on 05/12/2011 (Borion) >
Invalid Switch: 2011 (Borion)


< >

< Checking for autostart values... >

< HKCU\~\Run values retrieved. >

< HKLM\~\Run values retrieved. >

< >

< Checking for services/drivers... >
Invalid Switch: drivers...


< >

< >

< -=E.O.F=- >

< End of report >

 

Themen zu Exploit:HTML/IframeRef.Z wird immer wieder aufs neue gefunden
32 bit, adobe, autorun, bho, defender, error, escan, explorer, firefox, format, google earth, helper, home, langsam, log, logfile, microsoft security, microsoft security essentials, mozilla, neustart, plug-in, programme, realtek, registry, security, senden, software, updates, version=1.0, vista, wmp, zemana


« Bundespolizei Trojaner auf Laptop Windows 7 | "Aus Sicherheitsgründen wurde Ihr Windows-System blockiert" »


Ähnliche Themen: Exploit:HTML/IframeRef.Z wird immer wieder aufs neue gefunden


  1. pop.optinal.globalupdate.a wird von malewarebytes gefunden, aber erscheint immer wieder
    Plagegeister aller Art und deren Bekämpfung - 13.08.2014 (15)
  2. Avira findet immer wieder HTML/Crypted.Gen
    Plagegeister aller Art und deren Bekämpfung - 19.05.2014 (3)
  3. Internet wird immer wieder gebremst ? Backdoor.Agent.DCGen gefunden
    Log-Analyse und Auswertung - 04.02.2013 (15)
  4. Exploit:HTML/IframeRef.gen
    Plagegeister aller Art und deren Bekämpfung - 22.11.2012 (1)
  5. Immer wieder neue Trojaner?
    Plagegeister aller Art und deren Bekämpfung - 04.09.2012 (3)
  6. Exploit: HTML/IframeRef.Z
    Plagegeister aller Art und deren Bekämpfung - 21.02.2012 (2)
  7. HTML/Fraud.BD.Gen trojan wird 34 mal gefunden
    Plagegeister aller Art und deren Bekämpfung - 04.12.2011 (2)
  8. TR/Spy.59392.133 wird immer und immer wieder gefunden...
    Plagegeister aller Art und deren Bekämpfung - 30.10.2011 (11)
  9. Laptop wird immer langsamer, es treten immer neue Probleme auf
    Plagegeister aller Art und deren Bekämpfung - 05.05.2011 (17)
  10. immer wieder HEUR/HTML.Malware
    Plagegeister aller Art und deren Bekämpfung - 12.09.2009 (3)
  11. Immer wieder neue Webseiten
    Log-Analyse und Auswertung - 28.12.2008 (0)
  12. gefunden: schädliches Programm Exploit.HTML.IESlice.aj Skript:
    Mülltonne - 16.01.2008 (0)
  13. Antivir Update funktioniert nicht (HTML/IFrame.Age.tih & HEUR/Exploit.HTML gefunden)
    Plagegeister aller Art und deren Bekämpfung - 05.12.2007 (1)
  14. Immer wieder 'se.dll/sp.html'
    Archiv - 25.09.2005 (1)
  15. Immer wieder 'se.dll/sp.html'
    Archiv - 05.05.2005 (91)
  16. Trojaner SPY.VB.EH.3 wird immer wieder gefunden !
    Log-Analyse und Auswertung - 30.04.2005 (2)
  17. 'Geplänkel' zum Thread: Immer wieder 'se.dll/sp.html'
    Log-Analyse und Auswertung - 15.04.2005 (29)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Exploit:HTML/IframeRef.Z wird immer wieder aufs neue gefunden - Erst mal vorab, ich finde es toll, dass es Leute wie euch gibt die einem bei Sicherheitsproblemen helfen! Mein Problem besteht darin, dass mein Virenscenner (Microsoft Security Essentials) nunmehr innerhalb - Exploit:HTML/IframeRef.Z wird immer wieder aufs neue gefunden...
Archiv
Du betrachtest: Exploit:HTML/IframeRef.Z wird immer wieder aufs neue gefunden auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131