Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Seit 2 Monaten am verzweifeln - api hook - generic usb - verbindungen

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Alt 27.01.2012, 12:45   #1
2811addicted
 
Seit 2 Monaten am verzweifeln - api hook - generic usb - verbindungen - Standard

Seit 2 Monaten am verzweifeln - api hook - generic usb - verbindungen



Keine Ahnung wo ich anfangen soll, habe ein ganzes Buch über die Hooks Links und Virenscanner geschrieben. Hatte ein Laptop, der wurde infiziert als ich win neu aufsetzen musste (remote halt). Jetz hab ich ein DestopPC und es fängt schon wieder an.. ich weiss nicht wie sowas gehen soll.. ich hatte bei einer DslLite Leitung ein I/O Durchsatz von 40MB/s über Infrarot oder Wlan-Bündelung oder meine Festplatte wurde gequält. Hatte auf jeden Fall ne Menge Sachen die ich nicht haben sollte. Nun zum Thema. Es ist ein Generic USB Ding, das sich bei jedem Kontakt einfach nur weiterverbreiten will. Steckst ein USB ein kannst ihn wegschmeissen. Kriegs auch nicht runter weil es sich immer in dem Laufwerk aufhält das man für die Installation von Windows braucht. Das heisst installiere ich irgend ein OS(Zufall) ist es automatisch infiziert. Löschen unmöglich. Außerdem erstellt es virtuelle Laufwerke und lagert dort laut EmisoftAntivirus irgendwelche Onlinepokerdienste. Ich finde diese aber auch nicht. Wirklich Schaden wird ja nicht angerichtet, aber jedes Fenster das man öffnet, der Gegenüber hat dann sofort die gleichen Rechte am Objekt. Manchmal kann das schon unangenehm werden. Die Datei heißt apiav32dll so in der Art. Ich finde Auch mit einem PortableCD Tool ein Api Hook und kann ihn auch entfernen, bis ich das Programm beende oder es beendet wird. Ich poste mal ganz vorsichtig die OTL drunter.


OTL logfile created on: 21.09.2011 09:57:06 - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\mayo\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

7,72 Gb Total Physical Memory | 6,18 Gb Available Physical Memory | 80,01% Memory free
15,44 Gb Paging File | 14,00 Gb Available in Paging File | 90,68% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 29,72 Gb Total Space | 5,99 Gb Free Space | 20,17% Space Free | Partition Type: NTFS

Computer Name: RRRR-PC | User Name: rrrr | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011.09.21 09:54:31 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\mayo\Desktop\OTL.exe
PRC - [2011.04.17 02:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe
PRC - [2011.02.22 13:14:40 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011.02.22 13:14:34 | 000,326,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe


========== Modules (No Company Name) ==========


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2011.04.17 02:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe -- (NIS)
SRV - [2011.02.22 13:14:40 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2011.02.22 13:14:34 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2010.11.21 05:24:51 | 000,397,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2010.11.21 05:24:51 | 000,397,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2010.11.21 05:24:51 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011.09.21 08:53:52 | 000,042,496 | ---- | M] (secr9tos) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\oem-drv64.sys -- (oem-drv64) OEM-SLP2.1 Driver (HPD64)
DRV:64bit: - [2011.09.21 03:40:41 | 000,174,200 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2011.05.20 10:53:44 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011.05.09 21:42:14 | 000,425,000 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink (TM)
DRV:64bit: - [2011.04.15 05:08:26 | 012,228,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011.03.31 05:04:12 | 000,043,640 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SymIMV.sys -- (SymIM)
DRV:64bit: - [2011.03.31 05:00:09 | 000,744,568 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2011.03.31 05:00:09 | 000,040,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\srtspx64.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV:64bit: - [2011.03.22 02:39:49 | 000,382,584 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\symnets.sys -- (SymNetS)
DRV:64bit: - [2011.03.15 04:31:23 | 000,912,504 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\symefa64.sys -- (SymEFA)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.02.08 13:03:24 | 002,374,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2011.01.27 08:47:10 | 000,450,680 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\symds64.sys -- (SymDS)
DRV:64bit: - [2011.01.27 07:07:06 | 000,171,128 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\ironx64.sys -- (SymIRON)
DRV:64bit: - [2010.11.21 05:24:43 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 05:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:64bit: - [2010.11.21 05:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2010.11.21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010.11.21 05:23:48 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.10.19 17:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel(R)
DRV:64bit: - [2010.10.14 19:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R)
DRV:64bit: - [2009.11.18 01:12:00 | 000,032,344 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBfilt64.sys -- (MBfilt)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2012.01.26 04:30:42 | 000,488,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20120126.003\IDSviA64.sys -- (IDSVia64)
DRV - [2012.01.21 02:27:16 | 001,157,240 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20120121.002\BHDrvx64.sys -- (BHDrvx64)
DRV - [2011.09.21 05:18:13 | 002,048,632 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20120126.018_66d\ex64.sys -- (NAVEX15)
DRV - [2011.09.21 05:18:13 | 000,117,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20120126.018_66d\eng64.sys -- (NAVENG)
DRV - [2011.09.21 03:40:32 | 000,482,936 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2011.09.21 03:40:32 | 000,138,360 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========



FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\IPSFFPlgn\ [2011.09.21 08:53:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\coFFPlgn_2011_7_0_8 [2011.09.21 08:54:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Programme\Mozilla\components [2011.09.21 05:45:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Programme\Mozilla\plugins

[2011.09.21 05:46:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\rrrr\AppData\Roaming\mozilla\Extensions
[2011.09.21 08:53:59 | 000,000,000 | ---D | M] (Symantec Intrusion Prevention) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\IPSFFPLGN

O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\IPS\IPSBHO.DLL (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5438465A-0171-47F0-B137-A99016D3CCDF}: DhcpNameServer = 192.168.1.1
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\UserInit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} -
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)


CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012.01.27 09:44:27 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2012.01.27 09:34:46 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2012.01.27 09:15:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intel
[2012.01.27 09:15:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel
[2012.01.27 09:15:15 | 000,004,096 | ---- | C] ( ) -- C:\Windows\SysNative\IGFXDEVLib.dll
[2012.01.27 09:13:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\postureAgent
[2012.01.27 09:05:21 | 000,000,000 | ---D | C] -- C:\Users\rrrr\AppData\Roaming\InstallShield
[2012.01.27 09:04:59 | 000,000,000 | ---D | C] -- C:\Program Files\Broadcom
[2012.01.27 09:03:16 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2012.01.27 09:03:16 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2012.01.27 09:03:13 | 002,601,816 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll
[2012.01.27 09:03:13 | 002,197,264 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll
[2012.01.27 09:03:13 | 002,085,440 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2012.01.27 09:03:13 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2012.01.27 09:03:13 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2012.01.27 09:03:13 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2012.01.27 09:03:13 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2012.01.27 09:03:13 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2012.01.27 09:03:13 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2012.01.27 09:03:13 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2012.01.27 09:03:13 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2012.01.27 09:03:13 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2012.01.27 09:03:13 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2012.01.27 09:03:13 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2012.01.27 09:03:12 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2012.01.27 09:03:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2012.01.27 09:03:08 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp
[2012.01.27 09:03:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2012.01.27 09:00:56 | 000,053,248 | R--- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll
[2012.01.27 09:00:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2012.01.27 09:00:46 | 000,000,000 | ---D | C] -- C:\Intel
[2012.01.27 08:30:11 | 000,000,000 | ---D | C] -- C:\Users\rrrr\AppData\Local\Adobe
[2012.01.27 08:30:07 | 000,000,000 | ---D | C] -- C:\Users\rrrr\AppData\Roaming\Macromedia
[2012.01.27 08:30:07 | 000,000,000 | ---D | C] -- C:\Users\rrrr\AppData\Roaming\Adobe
[2012.01.27 08:30:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2012.01.27 08:25:35 | 000,000,000 | R--D | C] -- C:\Users\rrrr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012.01.27 08:25:35 | 000,000,000 | R--D | C] -- C:\Users\rrrr\Searches
[2012.01.27 08:25:35 | 000,000,000 | R--D | C] -- C:\Users\rrrr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012.01.27 08:25:29 | 000,000,000 | ---D | C] -- C:\Users\rrrr\AppData\Roaming\Identities
[2012.01.27 08:25:28 | 000,000,000 | R--D | C] -- C:\Users\rrrr\Contacts
[2012.01.27 08:24:38 | 000,000,000 | ---D | C] -- C:\Users\rrrr\AppData\Local\VirtualStore
[2012.01.27 08:24:35 | 000,000,000 | --SD | C] -- C:\Users\rrrr\AppData\Roaming\Microsoft
[2012.01.27 08:24:35 | 000,000,000 | R--D | C] -- C:\Users\rrrr\Videos
[2012.01.27 08:24:35 | 000,000,000 | R--D | C] -- C:\Users\rrrr\Saved Games
[2012.01.27 08:24:35 | 000,000,000 | R--D | C] -- C:\Users\rrrr\Pictures
[2012.01.27 08:24:35 | 000,000,000 | R--D | C] -- C:\Users\rrrr\Music
[2012.01.27 08:24:35 | 000,000,000 | R--D | C] -- C:\Users\rrrr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012.01.27 08:24:35 | 000,000,000 | R--D | C] -- C:\Users\rrrr\Links
[2012.01.27 08:24:35 | 000,000,000 | R--D | C] -- C:\Users\rrrr\Favorites
[2012.01.27 08:24:35 | 000,000,000 | R--D | C] -- C:\Users\rrrr\Downloads
[2012.01.27 08:24:35 | 000,000,000 | R--D | C] -- C:\Users\rrrr\Documents
[2012.01.27 08:24:35 | 000,000,000 | R--D | C] -- C:\Users\rrrr\Desktop
[2012.01.27 08:24:35 | 000,000,000 | R--D | C] -- C:\Users\rrrr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012.01.27 08:24:35 | 000,000,000 | -HSD | C] -- C:\Users\rrrr\Vorlagen
[2012.01.27 08:24:35 | 000,000,000 | -HSD | C] -- C:\Users\rrrr\AppData\Local\Verlauf
[2012.01.27 08:24:35 | 000,000,000 | -HSD | C] -- C:\Users\rrrr\AppData\Local\Temporary Internet Files
[2012.01.27 08:24:35 | 000,000,000 | -HSD | C] -- C:\Users\rrrr\Startmenü
[2012.01.27 08:24:35 | 000,000,000 | -HSD | C] -- C:\Users\rrrr\SendTo
[2012.01.27 08:24:35 | 000,000,000 | -HSD | C] -- C:\Users\rrrr\Recent
[2012.01.27 08:24:35 | 000,000,000 | -HSD | C] -- C:\Users\rrrr\Netzwerkumgebung
[2012.01.27 08:24:35 | 000,000,000 | -HSD | C] -- C:\Users\rrrr\Lokale Einstellungen
[2012.01.27 08:24:35 | 000,000,000 | -HSD | C] -- C:\Users\rrrr\Documents\Eigene Videos
[2012.01.27 08:24:35 | 000,000,000 | -HSD | C] -- C:\Users\rrrr\Documents\Eigene Musik
[2012.01.27 08:24:35 | 000,000,000 | -HSD | C] -- C:\Users\rrrr\Eigene Dateien
[2012.01.27 08:24:35 | 000,000,000 | -HSD | C] -- C:\Users\rrrr\Documents\Eigene Bilder
[2012.01.27 08:24:35 | 000,000,000 | -HSD | C] -- C:\Users\rrrr\Druckumgebung
[2012.01.27 08:24:35 | 000,000,000 | -HSD | C] -- C:\Users\rrrr\Cookies
[2012.01.27 08:24:35 | 000,000,000 | -HSD | C] -- C:\Users\rrrr\AppData\Local\Anwendungsdaten
[2012.01.27 08:24:35 | 000,000,000 | -HSD | C] -- C:\Users\rrrr\Anwendungsdaten
[2012.01.27 08:24:35 | 000,000,000 | -H-D | C] -- C:\Users\rrrr\AppData
[2012.01.27 08:24:35 | 000,000,000 | ---D | C] -- C:\Users\rrrr\AppData\Local\Temp
[2012.01.27 08:24:35 | 000,000,000 | ---D | C] -- C:\Users\rrrr\AppData\Local\Microsoft
[2012.01.27 08:24:35 | 000,000,000 | ---D | C] -- C:\Users\rrrr\AppData\Roaming\Media Center Programs
[2012.01.27 08:24:20 | 000,042,496 | ---- | C] (secr9tos) -- C:\Windows\SysNative\drivers\oem-drv64.sys
[2012.01.27 08:24:07 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2012.01.27 08:24:07 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2012.01.27 08:24:07 | 000,000,000 | -HSD | C] -- C:\Recovery
[2012.01.27 08:24:07 | 000,000,000 | -HSD | C] -- C:\Programme
[2012.01.27 08:24:07 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien
[2012.01.27 08:24:07 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2012.01.27 08:24:07 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2012.01.27 08:24:07 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2012.01.27 08:24:07 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2012.01.27 08:24:07 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2012.01.27 08:24:07 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2012.01.27 08:24:07 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2012.01.27 08:24:05 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012.01.27 08:17:07 | 000,000,000 | ---D | C] -- C:\Windows\CSC
[2012.01.27 08:17:01 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2011.09.21 08:18:02 | 000,000,000 | ---D | C] -- C:\Users\rrrr\AppData\Roaming\Malwarebytes
[2011.09.21 08:17:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.09.21 08:03:42 | 000,000,000 | ---D | C] -- C:\Users\rrrr\AppData\Roaming\Tific
[2011.09.21 06:10:11 | 000,000,000 | ---D | C] -- C:\Users\rrrr\AppData\Local\CrashDumps
[2011.09.21 06:09:11 | 000,000,000 | ---D | C] -- C:\Programs
[2011.09.21 05:57:46 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011.09.21 05:57:46 | 000,000,000 | ---D | C] -- C:\Users\rrrr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2011.09.21 05:46:28 | 000,000,000 | ---D | C] -- C:\Users\rrrr\AppData\Roaming\Mozilla
[2011.09.21 05:46:28 | 000,000,000 | ---D | C] -- C:\Users\rrrr\AppData\Local\Mozilla
[2011.09.21 05:45:09 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla
[2011.09.21 04:40:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\BestPractices
[2011.09.21 04:40:01 | 000,000,000 | ---D | C] -- C:\inetpub
[2011.09.21 04:40:01 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\BestPractices
[2011.09.21 04:16:43 | 000,000,000 | ---D | C] -- C:\Users\rrrr\AppData\Local\cFos
[2011.09.21 04:16:13 | 000,000,000 | ---D | C] -- C:\ProgramData\cFos
[2011.09.21 03:44:12 | 000,043,640 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SymIMV.sys
[2011.09.21 03:40:39 | 000,912,504 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\symefa64.sys
[2011.09.21 03:40:39 | 000,744,568 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\srtsp64.sys
[2011.09.21 03:40:39 | 000,450,680 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\symds64.sys
[2011.09.21 03:40:39 | 000,382,584 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\symnets.sys
[2011.09.21 03:40:39 | 000,171,128 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\ironx64.sys
[2011.09.21 03:40:39 | 000,040,568 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\srtspx64.sys
[2011.09.21 03:40:36 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NISx64\1206000.01D
[2011.09.21 01:57:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared
[2011.09.21 01:56:51 | 000,174,200 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2011.09.21 01:56:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2011.09.21 01:56:51 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2011.09.21 01:56:38 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NISx64
[2011.09.21 01:56:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
[2011.09.21 01:56:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Internet Security
[2011.09.21 01:56:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2011.09.21 01:48:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller

========== Files - Modified Within 30 Days ==========

[2012.01.27 09:28:56 | 000,000,057 | ---- | M] () -- C:\Windows\SysWow64\mapisvc.inf
[2012.01.27 08:18:06 | 000,161,548 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2012.01.27 08:18:06 | 000,161,548 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2011.09.21 09:39:01 | 000,000,000 | ---- | M] () -- C:\Users\rrrr\defogger_reenable
[2011.09.21 09:02:41 | 000,026,544 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.09.21 09:02:41 | 000,026,544 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.09.21 08:58:19 | 001,487,940 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.09.21 08:58:19 | 000,650,836 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.09.21 08:58:19 | 000,608,574 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.09.21 08:58:19 | 000,131,038 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.09.21 08:58:19 | 000,105,774 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.09.21 08:53:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.09.21 08:53:54 | 1924,644,863 | -HS- | M] () -- C:\hiberfil.sys
[2011.09.21 08:53:52 | 000,042,496 | ---- | M] (secr9tos) -- C:\Windows\SysNative\drivers\oem-drv64.sys
[2011.09.21 08:37:03 | 000,002,015 | ---- | M] () -- C:\Users\rrrr\Desktop\Entfernen des Avira DE-Cleaners.lnk
[2011.09.21 08:37:03 | 000,001,944 | ---- | M] () -- C:\Users\rrrr\Desktop\Avira DE-Cleaner.lnk
[2011.09.21 05:57:46 | 000,002,957 | ---- | M] () -- C:\Users\rrrr\Desktop\HiJackThis.lnk
[2011.09.21 05:45:22 | 000,000,789 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011.09.21 04:21:31 | 001,296,306 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\Cat.DB
[2011.09.21 04:21:29 | 000,002,489 | ---- | M] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk
[2011.09.21 04:16:44 | 000,000,003 | ---- | M] () -- C:\Users\rrrr\AppData\Local\user_data.ini
[2011.09.21 03:40:41 | 000,174,200 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2011.09.21 03:40:41 | 000,007,488 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2011.09.21 03:40:41 | 000,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF

========== Files Created - No Company Name ==========

[2012.01.27 09:15:15 | 013,359,616 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2012.01.27 09:15:15 | 001,981,696 | ---- | C] () -- C:\Windows\SysNative\iglhxa64.cpa
[2012.01.27 09:15:15 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2012.01.27 09:15:15 | 000,963,116 | ---- | C] () -- C:\Windows\SysNative\igkrng600.bin
[2012.01.27 09:15:15 | 000,218,304 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2012.01.27 09:15:15 | 000,218,304 | ---- | C] () -- C:\Windows\SysNative\igfcg600m.bin
[2012.01.27 09:15:15 | 000,211,082 | ---- | C] () -- C:\Windows\SysNative\Gfxres.th-TH.resources
[2012.01.27 09:15:15 | 000,197,902 | ---- | C] () -- C:\Windows\SysNative\Gfxres.el-GR.resources
[2012.01.27 09:15:15 | 000,182,514 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ru-RU.resources
[2012.01.27 09:15:15 | 000,179,992 | ---- | C] () -- C:\Windows\SysNative\difx64.exe
[2012.01.27 09:15:15 | 000,156,057 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ar-SA.resources
[2012.01.27 09:15:15 | 000,152,994 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ja-JP.resources
[2012.01.27 09:15:15 | 000,148,846 | ---- | C] () -- C:\Windows\SysNative\Gfxres.he-IL.resources
[2012.01.27 09:15:15 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2012.01.27 09:15:15 | 000,145,804 | ---- | C] () -- C:\Windows\SysNative\igcompkrng600.bin
[2012.01.27 09:15:15 | 000,140,077 | ---- | C] () -- C:\Windows\SysNative\Gfxres.it-IT.resources
[2012.01.27 09:15:15 | 000,138,572 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ko-KR.resources
[2012.01.27 09:15:15 | 000,137,705 | ---- | C] () -- C:\Windows\SysNative\Gfxres.de-DE.resources
[2012.01.27 09:15:15 | 000,137,506 | ---- | C] () -- C:\Windows\SysNative\Gfxres.es-ES.resources
[2012.01.27 09:15:15 | 000,136,449 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ro-RO.resources
[2012.01.27 09:15:15 | 000,135,519 | ---- | C] () -- C:\Windows\SysNative\Gfxres.fr-FR.resources
[2012.01.27 09:15:15 | 000,135,222 | ---- | C] () -- C:\Windows\SysNative\Gfxres.tr-TR.resources
[2012.01.27 09:15:15 | 000,134,686 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pt-BR.resources
[2012.01.27 09:15:15 | 000,134,272 | ---- | C] () -- C:\Windows\SysNative\Gfxres.nl-NL.resources
[2012.01.27 09:15:15 | 000,134,238 | ---- | C] () -- C:\Windows\SysNative\Gfxres.hu-HU.resources
[2012.01.27 09:15:15 | 000,133,706 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sv-SE.resources
[2012.01.27 09:15:15 | 000,133,548 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pt-PT.resources
[2012.01.27 09:15:15 | 000,133,246 | ---- | C] () -- C:\Windows\SysNative\Gfxres.cs-CZ.resources
[2012.01.27 09:15:15 | 000,133,014 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pl-PL.resources
[2012.01.27 09:15:15 | 000,132,752 | ---- | C] () -- C:\Windows\SysNative\Gfxres.fi-FI.resources
[2012.01.27 09:15:15 | 000,132,650 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sk-SK.resources
[2012.01.27 09:15:15 | 000,131,705 | ---- | C] () -- C:\Windows\SysNative\Gfxres.hr-HR.resources
[2012.01.27 09:15:15 | 000,128,863 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sl-SI.resources
[2012.01.27 09:15:15 | 000,128,667 | ---- | C] () -- C:\Windows\SysNative\Gfxres.nb-NO.resources
[2012.01.27 09:15:15 | 000,128,407 | ---- | C] () -- C:\Windows\SysNative\Gfxres.da-DK.resources
[2012.01.27 09:15:15 | 000,123,921 | ---- | C] () -- C:\Windows\SysNative\Gfxres.en-US.resources
[2012.01.27 09:15:15 | 000,117,522 | ---- | C] () -- C:\Windows\SysNative\Gfxres.zh-TW.resources
[2012.01.27 09:15:15 | 000,116,233 | ---- | C] () -- C:\Windows\SysNative\Gfxres.zh-CN.resources
[2012.01.27 09:15:15 | 000,094,208 | ---- | C] () -- C:\Windows\SysNative\IccLibDll_x64.dll
[2012.01.27 09:15:15 | 000,075,776 | ---- | C] () -- C:\Windows\SysNative\igdde64.dll
[2012.01.27 09:15:15 | 000,059,243 | ---- | C] () -- C:\Windows\SysNative\iglhxo64.vp
[2012.01.27 09:15:15 | 000,059,174 | ---- | C] () -- C:\Windows\SysNative\iglhxg64.vp
[2012.01.27 09:15:15 | 000,059,062 | ---- | C] () -- C:\Windows\SysNative\iglhxc64.vp
[2012.01.27 09:15:15 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012.01.27 09:15:15 | 000,017,220 | ---- | C] () -- C:\Windows\SysNative\iglhxs64.vp
[2012.01.27 09:15:15 | 000,000,151 | ---- | C] () -- C:\Windows\SysNative\GfxUI.exe.config
[2012.01.27 09:13:20 | 000,008,192 | ---- | C] () -- C:\Windows\SysNative\drivers\IntelMEFWVer.dll
[2012.01.27 09:03:13 | 002,261,764 | ---- | C] () -- C:\Windows\SysNative\drivers\rtvienna.dat
[2012.01.27 08:17:01 | 1924,644,863 | -HS- | C] () -- C:\hiberfil.sys
[2011.09.21 09:39:01 | 000,000,000 | ---- | C] () -- C:\Users\rrrr\defogger_reenable
[2011.09.21 08:37:03 | 000,002,015 | ---- | C] () -- C:\Users\rrrr\Desktop\Entfernen des Avira DE-Cleaners.lnk
[2011.09.21 08:37:03 | 000,001,944 | ---- | C] () -- C:\Users\rrrr\Desktop\Avira DE-Cleaner.lnk
[2011.09.21 05:57:46 | 000,002,957 | ---- | C] () -- C:\Users\rrrr\Desktop\HiJackThis.lnk
[2011.09.21 05:45:22 | 000,000,789 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011.09.21 05:19:46 | 000,001,439 | ---- | C] () -- C:\Users\rrrr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011.09.21 05:19:46 | 000,001,405 | ---- | C] () -- C:\Users\rrrr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2011.09.21 04:21:20 | 001,296,306 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\Cat.DB
[2011.09.21 04:16:44 | 000,000,003 | ---- | C] () -- C:\Users\rrrr\AppData\Local\user_data.ini
[2011.09.21 03:40:39 | 000,007,492 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\iron.cat
[2011.09.21 03:40:39 | 000,007,462 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\srtspx64.cat
[2011.09.21 03:40:39 | 000,007,460 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\symefa64.cat
[2011.09.21 03:40:39 | 000,007,458 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\symnet64.cat
[2011.09.21 03:40:39 | 000,007,458 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\srtsp64.cat
[2011.09.21 03:40:39 | 000,003,373 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\symefa.inf
[2011.09.21 03:40:39 | 000,002,792 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\symds.inf
[2011.09.21 03:40:39 | 000,001,446 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\symnet.inf
[2011.09.21 03:40:39 | 000,001,438 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\srtsp64.inf
[2011.09.21 03:40:39 | 000,001,422 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\srtspx64.inf
[2011.09.21 03:40:39 | 000,000,772 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\iron.inf
[2011.09.21 03:40:37 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\symds64.cat
[2011.09.21 03:40:36 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\isolate.ini
[2011.09.21 01:56:51 | 000,007,488 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2011.09.21 01:56:51 | 000,000,855 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2011.09.21 01:56:50 | 000,002,489 | ---- | C] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk
[2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:59:36 | 000,982,196 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2009.07.13 23:59:36 | 000,139,824 | ---- | C] () -- C:\Windows\SysWow64\igfcg500.bin
[2009.07.13 23:59:36 | 000,097,448 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin
[2009.07.13 23:59:35 | 000,417,344 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

========== LOP Check ==========

[2011.09.21 08:03:42 | 000,000,000 | ---D | M] -- C:\Users\rrrr\AppData\Roaming\Tific
[2009.07.14 07:08:49 | 000,006,174 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*. >
[2012.01.27 10:22:54 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2009.07.14 07:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2012.01.27 08:24:07 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2011.09.21 04:40:01 | 000,000,000 | ---D | M] -- C:\inetpub
[2012.01.27 09:14:50 | 000,000,000 | ---D | M] -- C:\Intel
[2009.07.14 05:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2011.09.21 08:53:53 | 000,000,000 | R--D | M] -- C:\Program Files
[2011.09.21 05:44:41 | 000,000,000 | R--D | M] -- C:\Program Files (x86)
[2011.09.21 08:17:55 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2012.01.27 08:24:07 | 000,000,000 | -HSD | M] -- C:\Programme
[2011.09.21 06:09:11 | 000,000,000 | ---D | M] -- C:\Programs
[2012.01.27 08:24:07 | 000,000,000 | -HSD | M] -- C:\Recovery
[2011.09.21 09:57:41 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2012.01.27 10:22:53 | 000,000,000 | R--D | M] -- C:\Users
[2011.09.21 04:40:06 | 000,000,000 | ---D | M] -- C:\Windows

< %PROGRAMFILES%\*.exe >

< %LOCALAPPDATA%\*.exe >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.manifest /3 >


< MD5 for: AFD.SYS >
[2010.11.21 05:24:08 | 000,499,712 | ---- | M] (Microsoft Corporation) MD5=D31DC7A16DEA4A9BAF179F3D6FBDB38C -- C:\Windows\SysNative\drivers\afd.sys
[2010.11.21 05:24:08 | 000,499,712 | ---- | M] (Microsoft Corporation) MD5=D31DC7A16DEA4A9BAF179F3D6FBDB38C -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17514_none_360e4801750ca991\afd.sys

< MD5 for: EXPLORER.EXE >
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.21 05:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.21 05:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: REGEDIT.EXE >
[2009.07.14 03:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=2E2C937846A0B8789E5E91739284D17A -- C:\Windows\winsxs\amd64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5023a70bf589ad3e\regedit.exe
[2009.07.14 03:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\regedit.exe
[2009.07.14 03:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\SysWOW64\regedit.exe
[2009.07.14 03:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\winsxs\wow64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5a78515e29ea6f39\regedit.exe

< MD5 for: USERINIT.EXE >
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WININIT.EXE >
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

< >

< End of report >

 

Themen zu Seit 2 Monaten am verzweifeln - api hook - generic usb - verbindungen
64-bit, antivirus, autorun, avira, bho, entfernen, explorer, festplatte, firefox, format, hijack, infiziert., installation, intrusion prevention, logfile, mozilla, neu aufsetzen, programm, realtek, registry, required, rundll, scan, security, software, symantec, usb, webcheck, windows, windows xp, öffnet




Ähnliche Themen: Seit 2 Monaten am verzweifeln - api hook - generic usb - verbindungen


  1. Langsames Internet/hoher Ping seit kurzer Zeit (zu viele TCP Verbindungen?)
    Plagegeister aller Art und deren Bekämpfung - 09.09.2015 (5)
  2. Seit 18 Monaten ungepatcht: Schwere Sicherheitslücke in FireEye-Hardware
    Nachrichten - 07.09.2015 (0)
  3. Aviva-Hacker zu 18 Monaten Haft verurteilt
    Nachrichten - 26.08.2015 (1)
  4. Blianz aus sechs Monaten heise Security Consulter
    Nachrichten - 01.12.2014 (0)
  5. EEE PC 1225B wird extrem heiß seit ca. 6 Monaten
    Netzwerk und Hardware - 07.10.2014 (1)
  6. Windows 7: Internet seit fast 2 Monaten sehr langsam
    Log-Analyse und Auswertung - 15.09.2014 (18)
  7. mac OSX <keineantwortadresse@web.de> Spammailhallo zusammen, seit einigen monaten bekomme ich folgende mails: keineantwortadresse@web.de B
    Plagegeister aller Art und deren Bekämpfung - 18.07.2014 (13)
  8. Spionage-Botnet nutzte Heartbleed-Lücke schon vor Monaten aus
    Nachrichten - 11.04.2014 (0)
  9. Ausspähen der Miss Teen USA mit 18 Monaten Haft bestraft
    Nachrichten - 19.03.2014 (0)
  10. Internet Probleme seit einigen Monaten
    Plagegeister aller Art und deren Bekämpfung - 24.08.2012 (21)
  11. Probleme seit Installation von Firefox 4 (Generic Host, unerwünschte Seitenaufrufe)
    Log-Analyse und Auswertung - 27.01.2011 (24)
  12. Generic, Dropper.Generic, Downloader.Generic gefunden
    Plagegeister aller Art und deren Bekämpfung - 09.08.2010 (21)
  13. Schwachstelle in Mac OS X seit Monaten ungepatcht
    Nachrichten - 12.01.2010 (0)
  14. Internetgeschwindikeit seit Monaten sehr langsam
    Alles rund um Windows - 11.10.2009 (18)
  15. RootKit Hook Analyzer zeigt Hook an
    Plagegeister aller Art und deren Bekämpfung - 04.02.2009 (3)
  16. ESist wieder soweit nach 6 monaten bitte mal schauen
    Mülltonne - 25.08.2006 (2)
  17. bin seit tagen am verzweifeln
    Log-Analyse und Auswertung - 12.04.2005 (10)

Zum Thema Seit 2 Monaten am verzweifeln - api hook - generic usb - verbindungen - Keine Ahnung wo ich anfangen soll, habe ein ganzes Buch über die Hooks Links und Virenscanner geschrieben. Hatte ein Laptop, der wurde infiziert als ich win neu aufsetzen musste (remote - Seit 2 Monaten am verzweifeln - api hook - generic usb - verbindungen...
Archiv
Du betrachtest: Seit 2 Monaten am verzweifeln - api hook - generic usb - verbindungen auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.