| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Google-Redirect-Virus? - Logfiles insideWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
27.11.2012, 21:57
| #5 |
| |  Google-Redirect-Virus? - Logfiles inside Erst einmal VIELEN, VIELEN DANK für Deine Hilfe! Schritt 1 Done! Log-File Code:
ATTFilter All processes killed
========== OTL ==========
Registry value HKEY_USERS\S-1-5-21-2466345535-821970722-3681732590-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Rhjxpjws deleted successfully.
C:\Users\Schimanski\AppData\Roaming\slmgrw.dll moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
User: Schimanski
->Temp folder emptied: 345067578 bytes
->Temporary Internet Files folder emptied: 38277068 bytes
->FireFox cache emptied: 69109906 bytes
->Google Chrome cache emptied: 19729887 bytes
->Flash cache emptied: 20676 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 237259728 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 53187 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 677,00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 11272012_213914
Files\Folders moved on Reboot...
C:\Users\Schimanski\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
Done! = Hat funktioniert. Schritt 3 Done! Log-Files: 1. [CODE]. UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT .DDS Logfile: Code:
ATTFilter DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 21.08.2012 22:48:25 System Uptime: 27.11.2012 21:49:03 (0 hours ago) . Motherboard: LENOVO | | Inagua Processor: AMD E-450 APU with Radeon(tm) HD Graphics | Socket FT1 | 1650/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 254 GiB total, 223,619 GiB free. D: is FIXED (NTFS) - 29 GiB total, 26,846 GiB free. F: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP33: 23.08.2012 20:22:25 - Windows Update RP34: 06.09.2012 20:28:39 - Windows Update RP35: 15.09.2012 13:43:47 - Windows Update RP36: 25.09.2012 09:56:23 - Windows Update RP37: 29.09.2012 17:18:01 - Windows Update RP38: 14.10.2012 21:01:37 - Windows Update RP39: 17.11.2012 16:23:03 - Windows Update RP40: 27.11.2012 18:54:06 - Windows Update . ==== Installed Programs ====================== . Adobe Flash Player 11 Plugin Adobe Reader 9.5.2 - Deutsch AMD APP SDK Runtime AMD Fuel AMD Media Foundation Decoders AMD VISION Engine Control Center Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver ATI AVIVO64 Codecs ATI Catalyst Install Manager Avira Free Antivirus Benutzerhandbuch Catalyst Control Center - Branding Catalyst Control Center Graphics Previews Common Catalyst Control Center InstallProxy Catalyst Control Center Localization All Catalyst Control Center Profiles Mobile ccc-utility64 CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish Conexant HD Audio D3DX10 Energy Management Fotogalerie Handbuch Reha- und Vorsorge-Einrichtungen 5.1 Junk Mail filter update Lenovo EasyCamera Lenovo EE Boot Optimizer Lenovo Games Console Lenovo OneKey Recovery Lenovo YouCam Lenovo_Wireless_Driver Malwarebytes Anti-Malware Version 1.65.1.1000 Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Client Profile DEU Language Pack Microsoft .NET Framework 4 Extended Microsoft .NET Framework 4 Extended DEU Language Pack Microsoft Application Error Reporting Microsoft Office 2010 Microsoft Office Klick-und-Los 2010 Microsoft Office Starter 2010 - Deutsch Microsoft Silverlight Microsoft SkyDrive Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Movie Maker Mozilla Firefox 16.0.2 (x86 de) Mozilla Maintenance Service MSVCRT MSVCRT_amd64 MSVCRT110 MSVCRT110_amd64 Photo Common Photo Gallery Power2Go PowerXpressHybrid Realtek USB 2.0 Reader Driver Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Synaptics Pointing Device Driver Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) UserGuide VeriFace Windows-Treiberpaket - Lenovo (ACPIVPC) System (12/02/2010 6.1.0.1) Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Mail Windows Live Messenger Windows Live MIME IFilter Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources . ==== End Of File =========================== Code:
ATTFilter DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16455
Run by Schimanski at 21:52:16 on 2012-11-27
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.1643.662 [GMT 1:00]
.
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\atieclxx.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe
C:\windows\System32\spoolsv.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\USB Camera\VM331_STI.EXE
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\windows\system32\taskeng.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\SearchIndexer.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\SearchProtocolHost.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\windows\system32\SearchFilterHost.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe
C:\windows\system32\sppsvc.exe
C:\windows\System32\svchost.exe -k secsvcs
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\System32\svchost.exe -k WerSvcGroup
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=LENN&bmod=LENN
uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=LENN&bmod=LENN
mStart Page = hxxp://lenovo.msn.com
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
mWinlogon: Userinit = userinit.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Microsoft-Konto-Anmelde-Hilfsprogramm: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
mRun: [331BigDog] C:\Program Files (x86)\USB Camera\VM331_STI.EXE
mRun: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
mRun: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
mRun: [UpdatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
TCP: NameServer = 192.168.2.1
TCP: Interfaces\{46FA5A0A-31A2-4A20-A5C3-C4CAC13625DC} : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{46FA5A0A-31A2-4A20-A5C3-C4CAC13625DC}\64259445A51224F6870264F6E60275C414E40273137303 : DHCPNameServer = 192.168.178.1
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
x64-mStart Page = hxxp://lenovo.msn.com
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Schimanski\AppData\Roaming\Mozilla\Firefox\Profiles\jbkhn70p.default\
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\McAfee\SiteAdvisor\NPMcFFPlg32.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\windows\System32\drivers\amd_sata.sys [2012-2-20 73856]
R0 amd_xata;amd_xata;C:\windows\System32\drivers\amd_xata.sys [2012-2-20 28800]
R0 fbfmon;fbfmon;C:\windows\System32\drivers\fbfmon.sys [2012-2-20 57952]
R0 LHDmgr;LHDmgr;C:\windows\System32\drivers\LhdX64.sys [2012-2-20 39008]
R1 avkmgr;avkmgr;C:\windows\System32\drivers\avkmgr.sys [2012-8-22 27760]
R1 BPntDrv;BPntDrv;C:\windows\System32\drivers\BPntDrv.sys [2012-2-20 13408]
R2 AMD External Events Utility;AMD External Events Utility;C:\windows\System32\atiesrxx.exe [2012-2-20 204288]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-8-10 365568]
R2 AntiVirSchedulerService;Avira Planer;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2012-8-22 86224]
R2 AntiVirService;Avira Echtzeit Scanner;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2012-8-22 110032]
R2 avgntflt;avgntflt;C:\windows\System32\drivers\avgntflt.sys [2012-8-22 98848]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver;C:\windows\System32\drivers\AcpiVpc.sys [2010-10-25 29792]
R3 amdiox64;AMD IO Driver;C:\windows\System32\drivers\amdiox64.sys [2012-2-20 46136]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\windows\System32\drivers\clwvd.sys [2011-1-29 31088]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\windows\System32\drivers\L1C62x64.sys [2012-2-20 76912]
R3 MBAMProtector;MBAMProtector;C:\windows\System32\drivers\mbam.sys [2012-11-27 25928]
R3 Sftfs;Sftfs;C:\windows\System32\drivers\Sftfslh.sys [2011-10-1 764264]
R3 Sftplay;Sftplay;C:\windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648]
R3 Sftredir;Sftredir;C:\windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960]
R3 Sftvol;Sftvol;C:\windows\System32\drivers\Sftvollh.sys [2011-10-1 22376]
R3 usbfilter;AMD USB Filter Driver;C:\windows\System32\drivers\usbfilter.sys [2012-2-20 44672]
R3 vm331avs;Digital Camera 1;C:\windows\System32\drivers\vm331avs.sys [2012-2-20 228224]
R3 vmuvcflt;Vimicro USB Camera Filter;C:\windows\System32\drivers\vmuvcflt.sys [2012-2-20 8320]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 fssfltr;fssfltr;C:\windows\System32\drivers\fssfltr.sys [2012-8-22 57280]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\windows\System32\drivers\rtsuvstor.sys [2012-2-20 299520]
S3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2009-6-10 187392]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 wsvd;wsvd;C:\windows\System32\drivers\wsvd.sys [2009-7-21 121840]
.
=============== Created Last 30 ================
.
2012-11-27 20:39:14 -------- d-----w- C:\_OTL
2012-11-27 19:07:59 -------- d-----w- C:\Users\Schimanski\AppData\Roaming\Malwarebytes
2012-11-27 19:07:37 -------- d-----w- C:\ProgramData\Malwarebytes
2012-11-27 19:07:35 25928 ----a-w- C:\windows\System32\drivers\mbam.sys
2012-11-27 19:07:35 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-11-27 17:55:15 8199504 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2012-11-27 17:55:04 9125352 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{AA68BE0F-A686-452E-BC3C-559B5CD8A44B}\mpengine.dll
2012-11-27 15:53:58 -------- d-----w- C:\Users\Schimanski\AppData\Local\Norman Malware Cleaner
2012-11-21 13:47:50 -------- d-----w- C:\Program Files (x86)\Audiograbber
2012-11-17 15:51:30 2560 ----a-w- C:\windows\System32\drivers\de-DE\wdf01000.sys.mui
2012-11-17 15:51:29 9728 ----a-w- C:\windows\System32\Wdfres.dll
2012-11-17 15:51:29 785512 ----a-w- C:\windows\System32\drivers\Wdf01000.sys
2012-11-17 15:51:29 54376 ----a-w- C:\windows\System32\drivers\WdfLdr.sys
2012-11-17 15:51:29 2560 ----a-w- C:\windows\System32\drivers\en-US\wdf01000.sys.mui
2012-11-17 15:33:01 2382848 ----a-w- C:\windows\SysWow64\mshtml.tlb
2012-11-17 15:33:01 2382848 ----a-w- C:\windows\System32\mshtml.tlb
2012-11-17 15:29:47 87040 ----a-w- C:\windows\System32\drivers\WUDFPf.sys
2012-11-17 15:29:47 198656 ----a-w- C:\windows\System32\drivers\WUDFRd.sys
2012-11-17 15:29:46 84992 ----a-w- C:\windows\System32\WUDFSvc.dll
2012-11-17 15:29:46 194048 ----a-w- C:\windows\System32\WUDFPlatform.dll
2012-11-17 15:29:41 45056 ----a-w- C:\windows\System32\WUDFCoinstaller.dll
2012-11-17 15:29:40 744448 ----a-w- C:\windows\System32\WUDFx.dll
2012-11-17 15:29:40 229888 ----a-w- C:\windows\System32\WUDFHost.exe
2012-11-15 14:16:42 226816 ----a-w- C:\windows\System32\dhcpcore6.dll
2012-11-15 14:16:40 55296 ----a-w- C:\windows\System32\dhcpcsvc6.dll
2012-11-15 14:16:40 193536 ----a-w- C:\windows\SysWow64\dhcpcore6.dll
2012-11-15 14:16:38 44032 ----a-w- C:\windows\SysWow64\dhcpcsvc6.dll
2012-11-15 14:16:05 3149824 ----a-w- C:\windows\System32\win32k.sys
2012-11-15 14:15:56 1914248 ----a-w- C:\windows\System32\drivers\tcpip.sys
2012-11-15 14:15:55 216576 ----a-w- C:\windows\System32\ncsi.dll
2012-11-15 14:15:53 156672 ----a-w- C:\windows\SysWow64\ncsi.dll
2012-11-15 14:15:52 569344 ----a-w- C:\windows\System32\iphlpsvc.dll
2012-11-15 14:15:52 303104 ----a-w- C:\windows\System32\nlasvc.dll
2012-11-15 14:15:52 246272 ----a-w- C:\windows\System32\netcorehc.dll
2012-11-15 14:15:50 175104 ----a-w- C:\windows\SysWow64\netcorehc.dll
2012-11-15 14:15:45 52224 ----a-w- C:\windows\SysWow64\nlaapi.dll
2012-11-15 14:15:42 70656 ----a-w- C:\windows\System32\nlaapi.dll
2012-11-15 14:15:42 45568 ----a-w- C:\windows\System32\drivers\tcpipreg.sys
2012-11-15 14:15:37 18944 ----a-w- C:\windows\SysWow64\netevent.dll
2012-11-15 14:15:36 18944 ----a-w- C:\windows\System32\netevent.dll
2012-11-15 14:14:20 95744 ----a-w- C:\windows\System32\synceng.dll
2012-11-15 14:14:18 78336 ----a-w- C:\windows\SysWow64\synceng.dll
.
==================== Find3M ====================
.
2012-10-08 11:31:03 2312704 ----a-w- C:\windows\System32\jscript9.dll
2012-10-08 11:23:52 1392128 ----a-w- C:\windows\System32\wininet.dll
2012-10-08 11:22:55 1494528 ----a-w- C:\windows\System32\inetcpl.cpl
2012-10-08 11:18:22 173056 ----a-w- C:\windows\System32\ieUnatt.exe
2012-10-08 11:17:35 599040 ----a-w- C:\windows\System32\vbscript.dll
2012-10-08 07:56:24 1800704 ----a-w- C:\windows\SysWow64\jscript9.dll
2012-10-08 07:48:03 1129472 ----a-w- C:\windows\SysWow64\wininet.dll
2012-10-08 07:47:44 1427968 ----a-w- C:\windows\SysWow64\inetcpl.cpl
2012-10-08 07:44:05 142848 ----a-w- C:\windows\SysWow64\ieUnatt.exe
2012-10-08 07:43:21 420864 ----a-w- C:\windows\SysWow64\vbscript.dll
2012-09-14 19:19:29 2048 ----a-w- C:\windows\System32\tzres.dll
2012-09-14 18:28:53 2048 ----a-w- C:\windows\SysWow64\tzres.dll
2012-08-31 18:19:35 1659760 ----a-w- C:\windows\System32\drivers\ntfs.sys
2012-08-30 18:03:45 5559664 ----a-w- C:\windows\System32\ntoskrnl.exe
2012-08-30 17:12:02 3968880 ----a-w- C:\windows\SysWow64\ntkrnlpa.exe
2012-08-30 17:12:02 3914096 ----a-w- C:\windows\SysWow64\ntoskrnl.exe
.
============= FINISH: 21:54:45,83 ===============
 |
| Themen zu Google-Redirect-Virus? - Logfiles inside |
| adobe, antivir, autorun, avira, bho, explorer, firefox, format, helper, hijack, home, homepage, install.exe, kaspersky, lenovo, logfile, microsoft, microsoft office starter 2010, mozilla, msvcrt, norman, opera, plug-in, programme, realtek, registry, siteadvisor, usb, usb 2.0, windows |
Baum-Darstellung