| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: MyStart Search Toolbar im Firefox BrowserWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
21.12.2012, 09:04
| #5 |
| |  MyStart Search Toolbar im Firefox Browser Entschuldige bitte meine Frage, ich werde versuchen solche Fragen in den nächsten Schritten zu vermeiden! Danke! # AdwCleaner v2.101 - Datei am 20/12/2012 um 12:04:44 erstellt # Aktualisiert am 16/12/2012 von Xplode # Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits) # Benutzer : 21031988 - 21031988-PC # Bootmodus : Normal # Ausgeführt unter : C:\Users\21031988\Downloads\adwcleaner.exe # Option [Löschen] **** [Dienste] **** ***** [Dateien / Ordner] ***** Datei Gelöscht : C:\user.js Datei Gelöscht : C:\Users\21031988\AppData\Roaming\Mozilla\Firefox\Profiles\5hvnsvbo.default\searchplugins\MyStart Search.xml Ordner Gelöscht : C:\ProgramData\Trymedia ***** [Registrierungsdatenbank] ***** Schlüssel Gelöscht : HKCU\Software\IM Schlüssel Gelöscht : HKCU\Software\ImInstaller Schlüssel Gelöscht : HKCU\Software\Softonic Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\S Schlüssel Gelöscht : HKLM\Software\IB Updater Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_installer_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_installer_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}] ***** [Internet Browser] ***** -\\ Internet Explorer v9.0.8112.16457 Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://mystart.incredibar.com/mb201?a=6R8Oc9SVp7&i=26 --> hxxp://www.google.com -\\ Mozilla Firefox v17.0.1 (de) Profilname : default Datei : C:\Users\21031988\AppData\Roaming\Mozilla\Firefox\Profiles\5hvnsvbo.default\prefs.js C:\Users\21031988\AppData\Roaming\Mozilla\Firefox\Profiles\5hvnsvbo.default\user.js ... Gelöscht ! Gelöscht : user_pref("browser.newtab.url", "hxxp://mystart.incredibar.com/mb201?a=6R8Oc9SVp7&i=26"); Gelöscht : user_pref("browser.search.defaultenginename", "MyStart Search"); Gelöscht : user_pref("browser.search.selectedEngine", "MyStart Search"); Gelöscht : user_pref("extensions.incredibar_i.aflt", "orgnl"); Gelöscht : user_pref("extensions.incredibar_i.dfltLng", ""); Gelöscht : user_pref("extensions.incredibar_i.did", "10643"); Gelöscht : user_pref("extensions.incredibar_i.excTlbr", false); Gelöscht : user_pref("extensions.incredibar_i.id", "d03bf62400000000000050465d8e30a0"); Gelöscht : user_pref("extensions.incredibar_i.installerproductid", "26"); Gelöscht : user_pref("extensions.incredibar_i.instlDay", "15688"); Gelöscht : user_pref("extensions.incredibar_i.instlRef", ""); Gelöscht : user_pref("extensions.incredibar_i.ms_url_id", ""); Gelöscht : user_pref("extensions.incredibar_i.newTab", false); Gelöscht : user_pref("extensions.incredibar_i.ppd", ""); Gelöscht : user_pref("extensions.incredibar_i.prdct", "incredibar"); Gelöscht : user_pref("extensions.incredibar_i.productid", "26"); Gelöscht : user_pref("extensions.incredibar_i.prtnrId", "Incredibar"); Gelöscht : user_pref("extensions.incredibar_i.smplGrp", "none"); Gelöscht : user_pref("extensions.incredibar_i.tlbrId", "base"); Gelöscht : user_pref("extensions.incredibar_i.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6R8Oc9SVp7&loc=IB[...] Gelöscht : user_pref("extensions.incredibar_i.upn2", "6R8Oc9SVp7"); Gelöscht : user_pref("extensions.incredibar_i.upn2n", "92825568941881049"); Gelöscht : user_pref("extensions.incredibar_i.vrsn", "1.5.11.14"); Gelöscht : user_pref("extensions.incredibar_i.vrsnTs", "1.5.11.149:31:31"); Gelöscht : user_pref("extensions.incredibar_i.vrsni", "1.5.11.14"); Gelöscht : user_pref("keyword.URL", "hxxp://mystart.incredibar.com/mb201/?loc=IB_DS&a=6R8Oc9SVp7&&i=26&search="[...] ************************* AdwCleaner[R1].txt - [4371 octets] - [20/12/2012 12:03:47] AdwCleaner[R2].txt - [4431 octets] - [20/12/2012 12:04:21] AdwCleaner[S1].txt - [4250 octets] - [20/12/2012 12:04:44] ########## EOF - C:\AdwCleaner[S1].txt - [4310 octets] ##########DDS Logfile: Code:
ATTFilter DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.9.2
Run by 21031988 at 8:58:03 on 2012-12-21
Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.8126.6784 [GMT 1:00]
.
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\viakaraokesrv.exe
C:\Program Files (x86)\Thunder Master\THPanel.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files (x86)\Brother\ControlCenter3\brccMCtl.exe
C:\Windows\sysWOW64\wbem\wmiprvse.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Browny02\BrYNSvc.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
mWinlogon: Userinit = userinit.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRun: [THPanel] "C:\Program Files (x86)\Thunder Master\THPanel.exe" /A
mRun: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun
mRun: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
StartupFolder: C:\Users\21031988\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 192.168.2.1
TCP: Interfaces\{DD174FAE-8C18-4058-B584-71F69FEAED48} : DHCPNameServer = 192.168.2.1
SSODL: WebCheck - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\21031988\AppData\Roaming\Mozilla\Firefox\Profiles\5hvnsvbo.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;C:\Windows\System32\drivers\iusb3hcs.sys [2012-11-29 19264]
R1 avkmgr;avkmgr;C:\Windows\System32\drivers\avkmgr.sys [2012-11-29 27800]
R2 AntiVirSchedulerService;Avira Planer;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2012-11-29 85280]
R2 AntiVirService;Avira Echtzeit-Scanner;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2012-11-29 109344]
R2 avgntflt;avgntflt;C:\Windows\System32\drivers\avgntflt.sys [2012-11-29 99912]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-6-19 634632]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2012-11-29 166720]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-19 399432]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-2 382824]
R2 VIAKaraokeService;VIA Karaoke digital mixer Service;C:\Windows\System32\ViakaraokeSrv.exe [2012-11-29 27760]
R3 BrYNSvc;BrYNSvc;C:\Program Files (x86)\Browny02\BrYNSvc.exe [2012-11-30 245760]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;C:\Windows\System32\drivers\iusb3xhc.sys [2012-11-29 789824]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-11-29 726160]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\System32\drivers\viahduaa.sys [2012-11-29 2182768]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-11-29 13592]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-19 676936]
S2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-11-29 365376]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
S3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2012-12-19 25928]
S3 StorSvc;Speicherdienst;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
.
=============== Created Last 30 ================
.
2012-12-19 13:11:09 -------- d-----w- C:\Users\21031988\AppData\Roaming\Malwarebytes
2012-12-19 13:10:53 -------- d-----w- C:\ProgramData\Malwarebytes
2012-12-19 13:10:52 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-12-19 13:10:52 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-12-14 09:35:56 -------- d-----w- C:\Program Files\Plants vs Zombies Game Of The Year Edition
2012-12-14 08:33:07 -------- d-----w- C:\ProgramData\PopCap Games
2012-12-13 18:52:17 -------- d-----w- C:\ProgramData\Bluefish Media
2012-12-13 18:51:41 -------- d-----w- C:\Program Files (x86)\Bluefish Games
2012-12-12 07:12:16 3149824 ----a-w- C:\Windows\System32\win32k.sys
2012-12-12 07:11:24 478208 ----a-w- C:\Windows\System32\dpnet.dll
2012-12-12 07:11:24 376832 ----a-w- C:\Windows\SysWow64\dpnet.dll
2012-12-11 15:21:30 -------- d-----w- C:\Users\21031988\AppData\Local\Adobe
2012-12-07 11:24:49 -------- d-----w- C:\Users\21031988\AppData\Local\PokerStars.EU
2012-12-07 11:24:42 -------- d-----w- C:\Program Files (x86)\PokerStars.EU
2012-11-30 17:42:26 -------- d-----w- C:\Users\21031988\AppData\Roaming\OpenOffice.org
2012-11-30 17:39:59 -------- d-----w- C:\Program Files (x86)\OpenOffice.org 3
2012-11-30 17:05:43 -------- d-----w- C:\Program Files (x86)\Browny02
2012-11-30 17:05:35 61440 ----a-w- C:\Windows\SysWow64\brprtink.dll
2012-11-30 17:05:33 73728 ------w- C:\Windows\SysWow64\BrDctF2.dll
2012-11-30 17:05:33 5632 ------w- C:\Windows\SysWow64\BrDctF2L.dll
2012-11-30 17:05:33 3072 ------w- C:\Windows\SysWow64\BrDctF2S.dll
2012-11-30 17:05:33 217088 ------w- C:\Windows\SysWow64\NSSearch.dll
2012-11-30 17:05:33 -------- d-----w- C:\Program Files (x86)\Brother
2012-11-30 17:05:32 180224 ------w- C:\Windows\SysWow64\BroSNMP.dll
2012-11-30 17:05:04 -------- d-----w- C:\ProgramData\Brother
2012-11-30 15:43:18 821736 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2012-11-30 15:43:18 746984 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-11-30 15:43:14 95208 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2012-11-30 07:51:10 -------- d-----w- C:\Windows\SysWow64\wbem\en-US
2012-11-30 07:50:54 -------- d-----w- C:\Windows\System32\wbem\en-US
2012-11-29 18:03:31 9728 ----a-w- C:\Windows\System32\Wdfres.dll
2012-11-29 18:03:31 785512 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys
2012-11-29 18:03:31 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys
2012-11-29 18:03:31 2560 ----a-w- C:\Windows\System32\drivers\de-DE\wdf01000.sys.mui
2012-11-29 17:56:24 294912 ----a-w- C:\Windows\System32\browserchoice.exe
2012-11-29 17:50:47 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
2012-11-29 17:50:47 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll
2012-11-29 17:50:47 744448 ----a-w- C:\Windows\System32\WUDFx.dll
2012-11-29 17:50:47 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll
2012-11-29 17:50:47 229888 ----a-w- C:\Windows\System32\WUDFHost.exe
2012-11-29 17:50:47 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
2012-11-29 17:50:47 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll
2012-11-29 17:48:20 81408 ----a-w- C:\Windows\System32\imagehlp.dll
2012-11-29 17:48:20 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2012-11-29 17:48:20 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2012-11-29 17:48:19 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2012-11-29 17:48:19 5120 ----a-w- C:\Windows\System32\wmi.dll
2012-11-29 17:05:31 -------- d-----w- C:\Users\21031988\AppData\Local\Macromedia
2012-11-29 14:02:53 -------- d-----w- C:\Users\21031988\AppData\Roaming\Avira
2012-11-29 13:57:35 99912 ----a-w- C:\Windows\System32\drivers\avgntflt.sys
2012-11-29 13:57:35 27800 ----a-w- C:\Windows\System32\drivers\avkmgr.sys
2012-11-29 13:57:35 -------- d-----w- C:\ProgramData\Avira
2012-11-29 13:57:35 -------- d-----w- C:\Program Files (x86)\Avira
2012-11-29 13:54:48 75776 ----a-w- C:\Windows\SysWow64\psisrndr.ax
2012-11-29 13:49:48 1731920 ----a-w- C:\Windows\System32\ntdll.dll
2012-11-29 13:49:48 1292080 ----a-w- C:\Windows\SysWow64\ntdll.dll
2012-11-29 13:46:39 -------- d-----w- C:\Users\21031988\AppData\Local\Mozilla
2012-11-29 13:46:27 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service
2012-11-29 13:46:00 751104 ----a-w- C:\Windows\System32\win32spl.dll
2012-11-29 13:46:00 559104 ----a-w- C:\Windows\System32\spoolsv.exe
2012-11-29 13:46:00 492032 ----a-w- C:\Windows\SysWow64\win32spl.dll
2012-11-29 13:45:59 67072 ----a-w- C:\Windows\splwow64.exe
2012-11-29 13:45:58 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2012-11-29 13:45:58 1464320 ----a-w- C:\Windows\System32\crypt32.dll
2012-11-29 13:45:58 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2012-11-29 13:45:58 140288 ----a-w- C:\Windows\System32\cryptnet.dll
2012-11-29 13:45:58 1159680 ----a-w- C:\Windows\SysWow64\crypt32.dll
2012-11-29 13:45:58 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2012-11-29 13:45:49 77312 ----a-w- C:\Windows\System32\packager.dll
2012-11-29 13:45:49 67072 ----a-w- C:\Windows\SysWow64\packager.dll
2012-11-29 13:40:17 891240 ----a-w- C:\Windows\System32\nvvsvc.exe
2012-11-29 13:40:17 63336 ----a-w- C:\Windows\System32\nvshext.dll
2012-11-29 13:40:17 6200680 ----a-w- C:\Windows\System32\nvcpl.dll
2012-11-29 13:40:17 3536817 ----a-w- C:\Windows\System32\nvcoproc.bin
2012-11-29 13:40:17 3293544 ----a-w- C:\Windows\System32\nvsvc64.dll
2012-11-29 13:40:17 2557800 ----a-w- C:\Windows\System32\nvsvcr.dll
2012-11-29 13:40:17 118120 ----a-w- C:\Windows\System32\nvmctray.dll
2012-11-29 13:40:09 68928 ----a-w- C:\Windows\System32\OpenCL.dll
2012-11-29 13:40:09 61248 ----a-w- C:\Windows\SysWow64\OpenCL.dll
2012-11-29 13:40:07 -------- d-----w- C:\ProgramData\NVIDIA Corporation
2012-11-29 13:40:05 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation
2012-11-29 13:38:51 -------- d-----w- C:\Program Files\NVIDIA Corporation
2012-11-29 13:38:12 -------- d-----w- C:\NVIDIA
2012-11-29 13:33:42 8199504 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2012-11-29 13:33:39 9125352 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{0069F304-F841-4688-B307-63327400C803}\mpengine.dll
2012-11-29 13:32:40 -------- d-----w- C:\Program Files (x86)\Thunder Master
2012-11-29 13:27:22 15168 ----a-r- C:\Windows\System32\drivers\IntelMEFWVer.dll
2012-11-29 13:26:40 -------- d-----w- C:\Program Files (x86)\Common Files\postureAgent
2012-11-29 13:21:21 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2012-11-29 13:21:21 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2012-11-29 13:21:21 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2012-11-29 13:14:40 19264 ----a-w- C:\Windows\System32\drivers\iusb3hcs.sys
2012-11-29 13:14:32 789824 ----a-w- C:\Windows\System32\drivers\iusb3xhc.sys
2012-11-29 13:13:31 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2012-11-29 13:13:28 99840 ----a-w- C:\Windows\System32\wudriver.dll
2012-11-29 13:13:21 36864 ----a-w- C:\Windows\System32\wuapp.exe
2012-11-29 13:13:21 186752 ----a-w- C:\Windows\System32\wuwebv.dll
2012-11-29 13:12:10 -------- d-----w- C:\Program Files (x86)\Common Files\Intel Corporation
2012-11-29 13:11:43 74344 ----a-w- C:\Windows\System32\RtNicProp64.dll
2012-11-29 13:11:43 726160 ----a-w- C:\Windows\System32\drivers\Rt64win7.sys
2012-11-29 13:11:42 107552 ----a-w- C:\Windows\System32\RTNUninst64.dll
2012-11-29 13:11:38 -------- d-----w- C:\Program Files (x86)\Realtek
2012-11-29 13:11:13 -------- d-----w- C:\Users\21031988\AppData\Roaming\Intel Corporation
2012-11-29 13:07:15 568600 ----a-w- C:\Windows\System32\drivers\iaStor.sys
2012-11-29 13:04:59 91760 ----a-w- C:\Windows\System32\Dts2PropPageExt.dll
2012-11-29 13:04:59 90224 ----a-w- C:\Windows\System32\ViaMicArrayPropPageExt.dll
2012-11-29 13:04:59 85504 ----a-w- C:\Windows\System32\nQPropPageExt.dll
2012-11-29 13:04:59 83968 ----a-w- C:\Windows\System32\nQAPO.dll
2012-11-29 13:04:59 675952 ----a-w- C:\Windows\System32\VIASysFx.dll
2012-11-29 13:04:59 2915440 ----a-w- C:\Windows\System32\VIAPropPageExt.dll
2012-11-29 13:04:59 27760 ----a-w- C:\Windows\System32\ViakaraokeSrv.exe
2012-11-29 13:04:59 2182768 ----a-w- C:\Windows\System32\drivers\viahduaa.sys
2012-11-29 13:04:59 202864 ----a-w- C:\Windows\System32\ViaMicArrayAPO.dll
2012-11-29 13:04:59 116848 ----a-w- C:\Windows\System32\ViaKaraokePropPageExt.dll
2012-11-29 13:04:59 1161328 ----a-w- C:\Windows\System32\ViaKaraokeApo.dll
2012-11-29 13:03:18 414632 ------w- C:\Windows\difxapi.dll
2012-11-29 13:03:17 -------- d-----w- C:\Program Files (x86)\VIA
2012-11-29 13:00:15 53248 ----a-r- C:\Windows\SysWow64\CSVer.dll
2012-11-29 12:59:43 -------- d-----w- C:\Intel
2012-11-29 12:58:05 -------- d-sh--w- C:\Windows\Installer
2012-11-29 12:57:01 -------- d-----w- C:\Windows\Chipset
2012-11-29 12:57:00 16896 ----a-w- C:\Windows\AsTaskSched.dll
2012-11-29 12:56:47 296320 ----a-w- C:\Windows\System32\drivers\volsnap.sys
2012-11-29 12:42:55 -------- d-----w- C:\Windows\Panther
.
==================== Find3M ====================
.
2012-12-12 15:30:42 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-12-12 15:30:42 697272 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-11-14 06:11:44 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2012-11-14 06:04:11 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-11-14 06:02:49 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-11-14 05:57:46 599040 ----a-w- C:\Windows\System32\vbscript.dll
2012-11-14 05:57:35 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-11-14 05:52:40 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-11-14 02:09:22 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-11-14 01:58:15 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-11-14 01:57:37 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-11-14 01:49:25 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-11-14 01:48:27 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2012-11-14 01:44:42 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-11-09 05:45:09 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-11-09 04:42:49 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2012-11-05 21:35:16 46080 ----a-w- C:\Windows\System32\atmlib.dll
2012-11-05 20:41:32 367616 ----a-w- C:\Windows\System32\atmfd.dll
2012-11-05 20:32:16 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
2012-11-05 20:32:09 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2012-10-18 10:24:48 50688 ----a-w- C:\Windows\System32\BrUsi09c.dll
2012-10-18 10:24:48 1560576 ----a-w- C:\Windows\System32\BrWi209c.dll
2012-10-16 08:38:37 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38:34 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39:52 561664 ----a-w- C:\Windows\apppatch\AcLayers.dll
2012-10-10 20:22:54 2428776 ----a-w- C:\Windows\SysWow64\nvapi.dll
2012-10-10 20:22:52 26331496 ----a-w- C:\Windows\System32\nvoglv64.dll
2012-10-10 20:22:52 1760104 ----a-w- C:\Windows\System32\nvdispco64.dll
2012-10-10 20:22:32 15309160 ----a-w- C:\Windows\SysWow64\nvd3dum.dll
2012-10-10 20:22:26 2747240 ----a-w- C:\Windows\System32\nvcuvid.dll
2012-10-10 20:22:24 19906920 ----a-w- C:\Windows\SysWow64\nvoglv32.dll
2012-10-10 20:22:18 13443944 ----a-w- C:\Windows\System32\drivers\nvlddmkm.sys
2012-10-10 20:22:14 17559912 ----a-w- C:\Windows\SysWow64\nvcompiler.dll
2012-10-09 18:17:13 55296 ----a-w- C:\Windows\System32\dhcpcsvc6.dll
2012-10-09 18:17:13 226816 ----a-w- C:\Windows\System32\dhcpcore6.dll
2012-10-09 17:40:31 44032 ----a-w- C:\Windows\SysWow64\dhcpcsvc6.dll
2012-10-09 17:40:31 193536 ----a-w- C:\Windows\SysWow64\dhcpcore6.dll
2012-10-04 17:46:16 362496 ----a-w- C:\Windows\System32\wow64win.dll
2012-10-04 17:46:15 243200 ----a-w- C:\Windows\System32\wow64.dll
2012-10-04 17:46:15 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2012-10-04 17:45:55 215040 ----a-w- C:\Windows\System32\winsrv.dll
2012-10-04 17:43:28 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2012-10-04 17:41:16 424960 ----a-w- C:\Windows\System32\KernelBase.dll
2012-10-04 16:47:41 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2012-10-04 16:47:41 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2012-10-04 15:21:55 338432 ----a-w- C:\Windows\System32\conhost.exe
2012-10-04 14:46:46 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2012-10-04 14:46:46 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2012-10-04 14:46:44 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2012-10-04 14:46:43 2048 ----a-w- C:\Windows\SysWow64\user.exe
2012-10-04 14:41:50 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-10-04 14:41:50 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-10-04 14:41:50 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2012-10-04 14:41:50 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2012-10-03 17:56:54 1914248 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-10-03 17:44:21 70656 ----a-w- C:\Windows\System32\nlaapi.dll
2012-10-03 17:44:21 303104 ----a-w- C:\Windows\System32\nlasvc.dll
2012-10-03 17:44:17 246272 ----a-w- C:\Windows\System32\netcorehc.dll
2012-10-03 17:44:17 18944 ----a-w- C:\Windows\System32\netevent.dll
2012-10-03 17:44:16 216576 ----a-w- C:\Windows\System32\ncsi.dll
2012-10-03 17:42:16 569344 ----a-w- C:\Windows\System32\iphlpsvc.dll
2012-10-03 16:42:24 18944 ----a-w- C:\Windows\SysWow64\netevent.dll
2012-10-03 16:42:24 175104 ----a-w- C:\Windows\SysWow64\netcorehc.dll
2012-10-03 16:42:23 156672 ----a-w- C:\Windows\SysWow64\ncsi.dll
2012-10-03 16:07:26 45568 ----a-w- C:\Windows\System32\drivers\tcpipreg.sys
2012-10-02 12:15:52 430952 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
2012-09-25 22:47:43 78336 ----a-w- C:\Windows\SysWow64\synceng.dll
2012-09-25 22:46:17 95744 ----a-w- C:\Windows\System32\synceng.dll
.
============= FINISH: 8:58:31,47 ===============
. UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Professional Boot Device: \Device\HarddiskVolume1 Install Date: 29.11.2012 13:52:03 System Uptime: 21.12.2012 08:56:07 (0 hours ago) . Motherboard: ASUSTeK COMPUTER INC. | | P8B75-M LX Processor: Intel(R) Pentium(R) CPU G645 @ 2.90GHz | LGA1155 | 2900/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 466 GiB total, 422,884 GiB free. D: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP12: 30.11.2012 16:42:59 - Installed Java 7 Update 9 RP13: 30.11.2012 18:05:20 - Installiert Brother Software Suite RP14: 30.11.2012 18:19:33 - Windows Update RP15: 30.11.2012 18:39:46 - OpenOffice.org 3.4.1 wird installiert RP16: 10.12.2012 15:36:27 - Geplanter Prüfpunkt RP17: 12.12.2012 09:21:27 - Windows Update . ==== Installed Programs ====================== . Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader XI - Deutsch Avira Free Antivirus Brother MFL-Pro Suite DCP-J125 Intel(R) Management Engine Components Intel(R) Rapid Storage Technology Intel(R) USB 3.0 eXtensible Host Controller Driver Intel® Trusted Connect Service Client Java 7 Update 9 Java Auto Updater Malwarebytes Anti-Malware Version 1.65.1.1000 Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Client Profile DEU Language Pack Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Mozilla Firefox 17.0.1 (x86 de) Mozilla Maintenance Service NVIDIA 3D Vision Controller-Treiber 301.42 NVIDIA 3D Vision Treiber 306.97 NVIDIA Grafiktreiber 306.97 NVIDIA HD-Audiotreiber 1.3.16.0 NVIDIA Install Application NVIDIA PhysX NVIDIA PhysX-Systemsoftware 9.12.0213 NVIDIA Stereoscopic 3D Driver NVIDIA Systemsteuerung 306.97 NVIDIA Update 1.10.8 NVIDIA Update Components OpenOffice.org 3.4.1 Platform Realtek Ethernet Controller Driver Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Thunder Master v1.3 Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) VIA Plattform-Geräte-Manager WinZip 16.5 . ==== End Of File =========================== |
| Themen zu MyStart Search Toolbar im Firefox Browser |
| addon, bereits, browser, chip.de, deinstalliert, entferne, entfernt, firefox, folge, folgendes, geholfen, mystart, problem, runtergeladen, search, toolbar, windows, windows 7 |
Baum-Darstellung