| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Firefox-Tabs öffnen sich von selbst / Hinweis auf avuzatracking-MalwareWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
22.06.2013, 02:21
| #7 |
 |  Firefox-Tabs öffnen sich von selbst / Hinweis auf avuzatracking-Malware Hier die entsprechenden Logs: AdwCleaner[S2].txt: Code:
ATTFilter # AdwCleaner v2.303 - Datei am 22/06/2013 um 02:46:27 erstellt
# Aktualisiert am 08/06/2013 von Xplode
# Betriebssystem : Microsoft Windows XP Service Pack 3 (32 bits)
# Benutzer : *** - ***
# Bootmodus : Normal
# Ausgeführt unter : C:\Dokumente und Einstellungen\***\Desktop\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
***** [Registrierungsdatenbank] *****
***** [Internet Browser] *****
-\\ Internet Explorer v8.0.6001.18702
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Mozilla Firefox v21.0 (de)
Datei : C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dsxdtpr8.default\prefs.js
[OK] Die Datei ist sauber.
*************************
AdwCleaner[S1].txt - [22949 octets] - [20/06/2013 15:00:46]
AdwCleaner[S2].txt - [849 octets] - [22/06/2013 02:46:27]
########## EOF - C:\AdwCleaner[S2].txt - [908 octets] ##########
JRT.txt: Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Microsoft Windows XP x86
Ran by *** on 22.06.2013 at 2:58:24,78
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 22.06.2013 at 3:01:08,87
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST.txt: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 20-06-2013
Ran by *** (administrator) on 22-06-2013 03:07:14
Running from C:\Dokumente und Einstellungen\***\Desktop
Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(ATI Technologies Inc.) C:\WINDOWS\system32\Ati2evxx.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\Ati2evxx.exe
(Matsushita Electric Industrial Co., Ltd.) C:\WINDOWS\System32\DVDRAMSV.exe
(Garmin Ltd or its subsidiaries) C:\Programme\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(Oracle Corporation) C:\Programme\Java\jre7\bin\jqs.exe
(Hewlett-Packard Company) C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
(Logitech Inc.) C:\Programme\Gemeinsame Dateien\LogiShrd\LVMVFM\LVPrcSrv.exe
(Symantec Corporation) C:\Programme\Norton 360\Engine\20.4.0.40\ccSvcHst.exe
(Skype Technologies S.A.) C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Microsoft Corporation) C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Symantec Corporation) C:\Programme\Norton 360\Engine\20.4.0.40\ccSvcHst.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\SOUNDMAN.EXE
(Microsoft Corporation) C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Renesas Electronics Corporation) C:\Programme\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(RealNetworks, Inc.) C:\program files\real\realplayer\update\realsched.exe
(Oracle Corporation) C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
(Hewlett-Packard Company) C:\Programme\Gemeinsame Dateien\LightScribe\LightScribeControlPanel.exe
(Advanced Micro Devices Inc.) C:\Programme\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Matsushita Electric Industrial Co., Ltd.) C:\WINDOWS\system32\RAMAsst.exe
(ATI Technologies Inc.) C:\Programme\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Google Inc.) C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SoundMan] SOUNDMAN.EXE [x]
HKLM\...\Run: [SW24] C:\WINDOWS\system32\sw24.exe [69632 2006-12-08] ()
HKLM\...\Run: [Adobe Photo Downloader] "C:\Programme\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [57344 2005-06-23] (Adobe Systems Incorporated)
HKLM\...\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime [413696 2008-09-06] (Apple Inc.)
HKLM\...\Run: [BCSSync] "D:\Programme\Microsoft Office\Office14\BCSSync.exe" /DelayServices [x]
HKLM\...\Run: [CanonMyPrinter] C:\Programme\Canon\MyPrinter\BJMyPrt.exe /logon [1983816 2009-10-19] (CANON INC.)
HKLM\...\Run: [CanonSolutionMenu] C:\Programme\Canon\SolutionMenu\CNSLMAIN.exe /logon [767312 2009-09-04] (CANON INC.)
HKLM\...\Run: [Adobe ARM] "C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [amd_dc_opt] C:\Programme\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM\...\Run: [NUSB3MON] "C:\Programme\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [113288 2011-04-14] (Renesas Electronics Corporation)
HKLM\...\Run: [TkBellExe] "C:\program files\real\realplayer\update\realsched.exe" -osboot [296056 2012-05-25] (RealNetworks, Inc.)
HKLM\...\Run: [LogitechQuickCamRibbon] "C:\Programme\Logitech\Logitech WebCam Software\LWS.exe" /hide [2793304 2009-10-14] ()
HKLM\...\Run: [StartCCC] "C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [98304 2012-07-27] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] "C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Run: [NeroFilterCheck] C:\Programme\Gemeinsame Dateien\Nero\Lib\NeroCheck.exe [153136 2007-03-01] (Nero AG)
Winlogon\Notify\AtiExtEvent: Ati2evxx.dll (ATI Technologies Inc.)
Winlogon\Notify\WgaLogon: WgaLogon.dll (Microsoft Corporation)
HKCU\...\Run: [swg] "C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2009-01-05] (Google Inc.)
HKCU\...\Run: [LightScribe Control Panel] C:\Programme\Gemeinsame Dateien\LightScribe\LightScribeControlPanel.exe -hidden [455968 2007-09-19] (Hewlett-Packard Company)
HKCU\...\Run: [GarminExpressTrayApp] "C:\Programme\Garmin\Express Tray\ExpressTray.exe" [1098072 2013-03-27] (Garmin Ltd or its subsidiaries)
HKCU\...\Run: [Messenger (Yahoo!)] "C:\PROGRA~1\Yahoo!\Messenger\YahooMessenger.exe" -quiet [5252408 2010-06-01] (Yahoo! Inc.)
HKCU\...\Policies\system: [DisableRegistryTools] 0
HKCU\...\Policies\system: [DisableTaskMgr] 0
==================== Internet (Whitelisted) ====================
ProxyServer: proxy.rrze.uni-erlangen.de:80
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
BHO: No Name - {0124123D-61B4-456f-AF86-78C53A0790C5} - No File
BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Programme\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Programme\Norton 360\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
BHO: No Name - {60BF5EE3-0105-4858-AD98-17C19F86B042} - No File
BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Programme\Norton 360\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: ICQ Sparberater - {FE163F11-1919-4257-A280-FF5AF8DAEECB} - C:\Programme\icq\Internet Explorer\icq.dll (solute gmbh)
Toolbar: HKLM - No Name - {55FAF0F2-44D4-425F-B5F5-6B275B621EAB} - No File
Toolbar: HKLM - No Name - {0124123D-61B4-456f-AF86-78C53A0790C5} - No File
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Programme\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programme\Norton 360\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU -&Adresse - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\Windows\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU -No Name - {55FAF0F2-44D4-425F-B5F5-6B275B621EAB} - No File
Toolbar: HKCU -Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU -&Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
Toolbar: HKCU -Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Programme\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1168716560669
DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} hxxp://static.ak.studivz.net/photouploader/ImageUploader4.cab
DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
DPF: {7527E129-A524-434A-A337-8C19F6F25C91} https://shop.aldisued-fotos-druck.de/shop/activex/aldi_sued_express_upload.cab
DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} hxxp://liveupdate.msi.com.tw/autobios/LOnline/RELEASECAB/install.cab
DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} hxxp://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: ipp - No CLSID Value -
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
Handler: msdaipp - No CLSID Value -
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dsxdtpr8.default
FF SearchEngine: Google
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @garmin.com/GpsControl - C:\Programme\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @logitech.com/HarmonyRemote,version=1.0.0 - C:\Programme\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll (Logitech Inc.)
FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Programme\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Programme\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - D:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - D:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Programme\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=15.0.4.53 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=15.0.4.53 - c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=15.0.4.53 - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=15.0.4.53 - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Programme\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Programme\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Print pages to PDF - C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dsxdtpr8.default\Extensions\printPages2Pdf@reinhold.ripper
FF Extension: Microsoft .NET Framework Assistant - C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\dsxdtpr8.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}
========================== Services (Whitelisted) =================
R2 DVD-RAM_Service; C:\Windows\System32\DVDRAMSV.exe [110592 2006-09-04] (Matsushita Electric Industrial Co., Ltd.)
R2 Garmin Core Update Service; C:\Programme\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [185688 2013-03-27] (Garmin Ltd or its subsidiaries)
S2 gupdate1ca29892ecd2e5c; C:\Programme\Google\Update\GoogleUpdate.exe [133104 2009-08-30] (Google Inc.)
S3 gupdatem; C:\Programme\Google\Update\GoogleUpdate.exe [133104 2009-08-30] (Google Inc.)
S3 gusvc; C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe [194032 2012-08-21] (Google)
S3 IDriverT; C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation)
R2 LightScribeService; C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe [79136 2007-09-25] (Hewlett-Packard Company)
R2 LVPrcSrv; C:\Programme\Gemeinsame Dateien\LogiShrd\LVMVFM\LVPrcSrv.exe [154136 2009-10-07] (Logitech Inc.)
S3 Microsoft SharePoint Workspace Audit Service; D:\Programme\Microsoft Office\Office14\GROOVE.EXE [30785672 2012-09-20] (Microsoft Corporation)
S3 MozillaMaintenance; C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe [117144 2013-05-18] (Mozilla Foundation)
R2 N360; C:\Programme\Norton 360\Engine\20.4.0.40\diMaster.dll [556336 2013-05-30] (Symantec Corporation)
S3 NMIndexingService; C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe [382248 2007-10-15] (Nero AG)
S3 ose; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE [149352 2010-01-09] (Microsoft Corporation)
S3 osppsvc; C:\Programme\Gemeinsame Dateien\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [4640000 2010-01-09] (Microsoft Corporation)
R2 Skype C2C Service; C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000 2012-10-02] (Skype Technologies S.A.)
S2 SkypeUpdate; C:\Programme\Skype\Updater\Updater.exe [161384 2013-02-28] (Skype Technologies)
R2 wlidsvc; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WLIDSVC.EXE [1529728 2009-08-18] (Microsoft Corporation)
S3 WMPNetworkSvc; C:\Programme\Windows Media Player\WMPNetwk.exe [920576 2006-11-03] (Microsoft Corporation)
S4 YahooAUService; C:\Programme\Yahoo!\SoftwareUpdate\YahooAUService.exe [602392 2008-11-09] (Yahoo! Inc.)
R2 JavaQuickStarterService; "C:\Programme\Java\jre7\bin\jqs.exe" -service -config "C:\Programme\Java\jre7\lib\deploy\jqs\jqs.conf" [x]
==================== Drivers (Whitelisted) ====================
R3 ALCXWDM; C:\Windows\System32\drivers\ALCXWDM.SYS [3972736 2006-06-22] (Realtek Semiconductor Corp.)
R1 AmdK8; C:\Windows\System32\DRIVERS\AmdK8.sys [43520 2006-07-01] (Advanced Micro Devices)
R3 AmdLLD; C:\Windows\System32\DRIVERS\AmdLLD.sys [34304 2007-06-29] (AMD, Inc.)
R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [108480 2010-09-14] (SlySoft, Inc.)
R3 ati2mtag; C:\Windows\System32\DRIVERS\ati2mtag.sys [6646784 2012-07-28] (ATI Technologies Inc.)
R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdXP3.sys [103040 2012-05-14] (Advanced Micro Devices)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [165376 2007-02-22] ()
S3 azvusb; C:\Windows\System32\DRIVERS\azvusb.sys [44544 2009-08-24] (AzureWave Technologies, Inc.)
R1 BHDrvx86; C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130531.001\BHDrvx86.sys [1002072 2013-05-31] (Symantec Corporation)
S3 CCDECODE; C:\Windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360\1404000.028\ccSetx86.sys [134744 2013-04-16] (Symantec Corporation)
R3 Eacfilt; C:\Windows\System32\DRIVERS\eacfilt.sys [26137 2006-04-27] (Nortel Networks)
R1 eeCtrl; C:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\eeCtrl.sys [376480 2013-04-05] (Symantec Corporation)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [30888 2010-11-30] (Elaborate Bytes AG)
S3 ENTECH; C:\WINDOWS\system32\DRIVERS\ENTECH.sys [21664 2004-10-25] (EnTech Taiwan)
S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [13192 2011-07-29] ()
R3 EraserUtilRebootDrv; C:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [106656 2013-04-05] (Symantec Corporation)
S3 EuGdiDrv; C:\WINDOWS\system32\EuGdiDrv.sys [8456 2011-07-29] ()
S3 grmnusb; C:\Windows\System32\drivers\grmnusb.sys [15720 2012-04-18] (GARMIN Corp.)
R3 HDAudBus; C:\Windows\System32\DRIVERS\HDAudBus.sys [144384 2008-04-13] (Windows (R) Server 2003 DDK provider)
R3 IDSxpx86; C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130620.001\IDSxpx86.sys [373728 2013-02-14] (Symantec Corporation)
S3 IPSECEXT; C:\Windows\System32\DRIVERS\ipsecw2k.sys [155152 2006-04-27] (Nortel Networks NA, Inc.)
R3 IPSECSHM; C:\Windows\System32\DRIVERS\ipsecw2k.sys [155152 2006-04-27] (Nortel Networks NA, Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [18048 2007-02-22] ()
S3 Ltn_stk7070P; C:\Windows\System32\DRIVERS\Ltn_stk7070P.sys [466048 2007-06-14] (LITEON)
S3 Ltn_stkrc; C:\Windows\System32\DRIVERS\Ltn_stkrc.sys [13440 2007-06-13] (LITEON)
R3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2Mon.sys [25752 2009-10-07] ()
S3 LVUSBSta; C:\Windows\System32\drivers\lvusbsta.sys [22016 2005-05-27] (Logitech Inc.)
R1 meiudf; C:\Windows\System32\Drivers\meiudf.sys [117744 2006-12-01] (Matsushita Electric Industrial Co.,Ltd.)
S3 MPE; C:\Windows\System32\DRIVERS\MPE.sys [15232 2008-04-13] (Microsoft Corporation)
S3 MSI_MSIBIOS_010507; C:\PROGRA~2\MSI\MSIWDev\msibios32_100507.sys [25912 2010-05-10] (Your Corporation)
S3 NABTSFEC; C:\Windows\System32\DRIVERS\NABTSFEC.sys [85248 2008-04-13] (Microsoft Corporation)
S3 NAVENG; C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130620.023\NAVENG.SYS [93272 2013-05-22] (Symantec Corporation)
S3 NAVEX15; C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130620.023\NAVEX15.SYS [1611992 2013-05-22] (Symantec Corporation)
S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
S3 NTIOLib_1_0_8; C:\PROGRA~2\MSI\MSIWDev\NTIOLib.sys [7680 2011-01-27] (MSI)
R3 nusb3hub; C:\Windows\System32\DRIVERS\nusb3hub.sys [69504 2011-06-10] (Renesas Electronics Corporation)
R3 nusb3xhc; C:\Windows\System32\DRIVERS\nusb3xhc.sys [161664 2011-06-10] (Renesas Electronics Corporation)
R3 NVENETFD; C:\Windows\System32\DRIVERS\NVENETFD.sys [33536 2005-04-05] (NVIDIA Corporation)
R3 nvnetbus; C:\Windows\System32\DRIVERS\nvnetbus.sys [12928 2005-04-05] (NVIDIA Corporation)
S3 pepifilter; C:\Windows\System32\DRIVERS\lv302af.sys [7136 2005-05-27] (Logitech Inc.)
S3 PID_08A0; C:\Windows\System32\DRIVERS\LV302AV.SYS [913280 2005-05-27] (Logitech Inc.)
R0 psecbdr; C:\Windows\System32\Drivers\psecbdr.sys [17024 2006-09-06] (Panasonic Shikoku Electronics Co., Ltd.)
S3 QCMerced; C:\Windows\System32\DRIVERS\LVCM.sys [1317152 2005-05-27] ()
S3 SipIMNDI; C:\Windows\System32\DRIVERS\SipIMNDI.sys [24352 2009-10-15] (T-Systems International GmbH)
S3 SLIP; C:\Windows\System32\DRIVERS\SLIP.sys [11136 2008-04-13] (Microsoft Corporation)
S3 SRTSP; C:\Windows\System32\Drivers\N360\1404000.028\SRTSP.SYS [603224 2013-05-16] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360\1404000.028\SRTSPX.SYS [32344 2013-03-05] (Symantec Corporation)
S3 streamip; C:\Windows\System32\DRIVERS\StreamIP.sys [15232 2008-04-13] (Microsoft Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360\1404000.028\SYMDS.SYS [367704 2013-05-21] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360\1404000.028\SYMEFA.SYS [934488 2013-05-23] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT.SYS [142496 2013-06-19] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360\1404000.028\Ironx86.SYS [175264 2013-03-05] (Symantec Corporation)
R1 SYMTDI; C:\Windows\System32\Drivers\N360\1404000.028\SYMTDI.SYS [396760 2013-04-25] (Symantec Corporation)
S3 WSTCODEC; C:\Windows\System32\DRIVERS\WSTCODEC.SYS [19200 2008-04-13] (Microsoft Corporation)
S4 Abiosdsk; No ImagePath
S4 abp480n5; No ImagePath
S4 adpu160m; No ImagePath
S4 Aha154x; No ImagePath
S4 aic78u2; No ImagePath
S4 aic78xx; No ImagePath
S4 AliIde; No ImagePath
S1 AmdPPM; system32\DRIVERS\AmdPPM.sys [x]
S4 amsint; No ImagePath
S4 asc; No ImagePath
S4 asc3350p; No ImagePath
S4 asc3550; No ImagePath
S4 Atdisk; No ImagePath
S3 BOCDRIVE; \??\C:\Programme\Comodo\CBOClean\BOCDRIVE.sys [x]
S3 catchme; \??\D:\Temp\catchme.sys [x]
S4 cd20xrnt; No ImagePath
S1 Changer; No ImagePath
S4 CmdIde; No ImagePath
S4 Cpqarray; No ImagePath
S3 cpuz130; \??\D:\Temp\cpuz130\cpuz_x32.sys [x]
U4 dac2w2k; No ImagePath
S4 dac960nt; No ImagePath
S4 dpti2o; No ImagePath
S3 FLASHSYS; \??\C:\Programme\MSI\Live Update 4\LU4\FLASHSYS.sys [x]
S3 GMSIPCI; \??\G:\INSTALL\GMSIPCI.SYS [x]
S4 hpn; No ImagePath
S1 i2omgmt; No ImagePath
S4 i2omp; No ImagePath
S4 ini910u; No ImagePath
S4 IntelIde; No ImagePath
S1 lbrtfdc; No ImagePath
S3 Memctl; \??\C:\Programme\U-ABIT\FlashMenu\Memctl.sys [x]
S4 mraid35x; No ImagePath
S3 MSICDSetup; \??\G:\CDriver.sys [x]
S1 ntiomin; No ImagePath
S1 PCIDump; No ImagePath
S3 PDCOMP; No ImagePath
S3 PDFRAME; No ImagePath
S3 PDRELI; No ImagePath
S3 PDRFRAME; No ImagePath
S4 perc2; No ImagePath
S4 perc2hib; No ImagePath
S4 ql1080; No ImagePath
S4 Ql10wnt; No ImagePath
S4 ql12160; No ImagePath
S4 ql1240; No ImagePath
S4 ql1280; No ImagePath
S4 Simbad; No ImagePath
S4 Sparrow; No ImagePath
S4 symc810; No ImagePath
S4 symc8xx; No ImagePath
S4 sym_hi; No ImagePath
S4 sym_u3; No ImagePath
S4 TosIde; No ImagePath
S4 ultra; No ImagePath
S4 ViaIde; No ImagePath
S3 WDICA; No ImagePath
S3 WINFLASH; \??\C:\Programme\U-ABIT\FlashMenu\WinFlash.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-06-22 02:46 - 2013-06-22 02:46 - 00000976 ___AC C:\AdwCleaner[S2].txt
2013-06-21 02:31 - 2013-06-21 02:31 - 00021193 ___AC C:\ComboFix.txt
2013-06-21 02:13 - 2013-06-21 02:13 - 00000000 RASHDC C:\cmdcons
2013-06-21 02:13 - 2013-06-19 14:41 - 00000224 ___AC C:\Boot.bak
2013-06-21 02:13 - 2004-08-03 23:00 - 00262448 RASHC C:\cmldr
2013-06-21 02:10 - 2013-06-21 02:31 - 00000000 __ADC C:\Qoobox
2013-06-21 02:10 - 2011-06-26 08:45 - 00256000 ___AC C:\Windows\PEV.exe
2013-06-21 02:10 - 2010-11-07 19:20 - 00208896 ___AC C:\Windows\MBR.exe
2013-06-21 02:10 - 2009-04-20 06:56 - 00060416 ___AC (NirSoft) C:\Windows\NIRCMD.exe
2013-06-21 02:10 - 2000-08-31 02:00 - 00518144 ___AC (SteelWerX) C:\Windows\SWREG.exe
2013-06-21 02:10 - 2000-08-31 02:00 - 00406528 ___AC (SteelWerX) C:\Windows\SWSC.exe
2013-06-21 02:10 - 2000-08-31 02:00 - 00212480 ___AC (SteelWerX) C:\Windows\SWXCACLS.exe
2013-06-21 02:10 - 2000-08-31 02:00 - 00098816 ___AC C:\Windows\sed.exe
2013-06-21 02:10 - 2000-08-31 02:00 - 00080412 ___AC C:\Windows\grep.exe
2013-06-21 02:10 - 2000-08-31 02:00 - 00068096 ___AC C:\Windows\zip.exe
2013-06-21 02:09 - 2013-06-21 02:29 - 00000000 ___DC C:\Windows\erdnt
2013-06-20 15:33 - 2013-06-20 15:33 - 00000000 ___DC C:\FRST
2013-06-20 15:15 - 2013-06-22 02:58 - 00000000 ___DC C:\JRT
2013-06-20 15:15 - 2013-06-20 15:15 - 00000000 ___DC C:\Windows\ERUNT
2013-06-20 15:00 - 2013-06-20 15:00 - 00022949 ___AC C:\AdwCleaner[S1].txt
2013-06-19 14:31 - 2013-06-19 14:31 - 00000000 __HDC C:\Windows\$NtUninstallKB2839229$
2013-06-19 14:27 - 2013-06-19 14:27 - 00000000 ___AC C:\Windows\setuperr.log
2013-06-19 14:26 - 2013-06-19 14:27 - 00011889 ___AC C:\Windows\KB2838727-IE8.log
2013-06-19 14:11 - 2013-06-19 14:32 - 00015387 ___AC C:\Windows\KB2839229.log
2013-06-19 14:08 - 2013-06-19 14:08 - 00004895 ___AC C:\Windows\System32\jupdate-1.7.0_25-b16.log
2013-06-19 14:08 - 2013-06-12 21:48 - 00094632 ___AC (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge.dll
2013-06-19 14:08 - 2013-06-12 21:43 - 00263592 ___AC (Oracle Corporation) C:\Windows\System32\javaws.exe
2013-06-19 14:08 - 2013-06-12 21:43 - 00175016 ___AC (Oracle Corporation) C:\Windows\System32\javaw.exe
2013-06-19 14:08 - 2013-06-12 21:43 - 00175016 ___AC (Oracle Corporation) C:\Windows\System32\java.exe
2013-06-19 14:08 - 2013-06-12 21:35 - 00144896 ___AC (Oracle Corporation) C:\Windows\System32\javacpl.cpl
2013-06-13 20:12 - 2013-06-13 20:12 - 09089416 ___AC (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerInstaller.exe
==================== One Month Modified Files and Folders ========
2013-06-22 02:58 - 2013-06-20 15:15 - 00000000 ___DC C:\JRT
2013-06-22 02:51 - 2007-01-13 21:07 - 01922407 ___AC C:\Windows\WindowsUpdate.log
2013-06-22 02:50 - 2007-01-14 01:41 - 00000040 ___AC C:\biosinfo
2013-06-22 02:50 - 2004-08-04 14:00 - 00012598 ___AC C:\Windows\System32\wpa.dbl
2013-06-22 02:49 - 2007-01-13 20:47 - 00000159 ___AC C:\Windows\wiadebug.log
2013-06-22 02:49 - 2007-01-13 20:47 - 00000050 ___AC C:\Windows\wiaservc.log
2013-06-22 02:48 - 2011-06-23 08:18 - 00000284 ___AC C:\Windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1409082233-1035525444-839522115-1003.job
2013-06-22 02:48 - 2009-08-30 17:54 - 00001086 ___AC C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-06-22 02:48 - 2007-01-13 21:17 - 00000006 __AHC C:\Windows\Tasks\SA.DAT
2013-06-22 02:47 - 2011-06-01 15:16 - 00262144 ___AC C:\Windows\System32\config\ACEEvent.evt
2013-06-22 02:47 - 2007-01-13 21:17 - 00032576 ____A C:\Windows\SchedLgU.Txt
2013-06-22 02:46 - 2013-06-22 02:46 - 00000976 ___AC C:\AdwCleaner[S2].txt
2013-06-21 16:17 - 2009-08-30 17:54 - 00001090 ___AC C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-06-21 16:12 - 2012-04-18 18:22 - 00000884 ___AC C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-06-21 02:31 - 2013-06-21 02:31 - 00021193 ___AC C:\ComboFix.txt
2013-06-21 02:31 - 2013-06-21 02:10 - 00000000 __ADC C:\Qoobox
2013-06-21 02:29 - 2013-06-21 02:09 - 00000000 ___DC C:\Windows\erdnt
2013-06-21 02:28 - 2004-08-04 14:00 - 00000227 ___AC C:\Windows\system.ini
2013-06-21 02:13 - 2013-06-21 02:13 - 00000000 RASHDC C:\cmdcons
2013-06-21 02:13 - 2007-01-13 20:35 - 00000340 RASHC C:\boot.ini
2013-06-20 22:13 - 2013-05-18 13:33 - 00426377 ___AC C:\Windows\setupapi.log
2013-06-20 15:33 - 2013-06-20 15:33 - 00000000 ___DC C:\FRST
2013-06-20 15:16 - 2007-01-13 20:45 - 00000000 __RDC C:\Programme
2013-06-20 15:15 - 2013-06-20 15:15 - 00000000 ___DC C:\Windows\ERUNT
2013-06-20 15:00 - 2013-06-20 15:00 - 00022949 ___AC C:\AdwCleaner[S1].txt
2013-06-19 14:41 - 2013-06-21 02:13 - 00000224 ___AC C:\Boot.bak
2013-06-19 14:41 - 2004-08-04 14:00 - 00000777 ___AC C:\Windows\win.ini
2013-06-19 14:40 - 2010-05-22 14:00 - 00000000 ___DC C:\Windows\System32\Drivers\N360
2013-06-19 14:32 - 2013-06-19 14:11 - 00015387 ___AC C:\Windows\KB2839229.log
2013-06-19 14:32 - 2011-06-15 22:12 - 00738081 ___AC C:\Windows\iis6.log
2013-06-19 14:32 - 2011-06-15 22:12 - 00680159 ___AC C:\Windows\FaxSetup.log
2013-06-19 14:32 - 2011-06-15 22:12 - 00325160 ___AC C:\Windows\ocgen.log
2013-06-19 14:32 - 2011-06-15 22:12 - 00310316 ___AC C:\Windows\tsoc.log
2013-06-19 14:32 - 2011-06-15 22:12 - 00227049 ___AC C:\Windows\comsetup.log
2013-06-19 14:32 - 2011-06-15 22:12 - 00208698 ___AC C:\Windows\msmqinst.log
2013-06-19 14:32 - 2011-06-15 22:12 - 00137238 ___AC C:\Windows\ntdtcsetup.log
2013-06-19 14:32 - 2011-06-15 22:12 - 00119130 ___AC C:\Windows\netfxocm.log
2013-06-19 14:32 - 2011-06-15 22:12 - 00046750 ___AC C:\Windows\MedCtrOC.log
2013-06-19 14:32 - 2011-06-15 22:12 - 00037620 ___AC C:\Windows\ocmsn.log
2013-06-19 14:32 - 2011-06-15 22:12 - 00034210 ___AC C:\Windows\tabletoc.log
2013-06-19 14:32 - 2011-06-15 22:12 - 00033990 ___AC C:\Windows\msgsocm.log
2013-06-19 14:32 - 2011-06-15 22:12 - 00001374 ___AC C:\Windows\imsins.log
2013-06-19 14:31 - 2013-06-19 14:31 - 00000000 __HDC C:\Windows\$NtUninstallKB2839229$
2013-06-19 14:28 - 2007-01-13 22:59 - 73381792 ___AC (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-19 14:27 - 2013-06-19 14:27 - 00000000 ___AC C:\Windows\setuperr.log
2013-06-19 14:27 - 2013-06-19 14:26 - 00011889 ___AC C:\Windows\KB2838727-IE8.log
2013-06-19 14:27 - 2011-06-15 22:12 - 00147536 ___AC C:\Windows\updspapi.log
2013-06-19 14:27 - 2011-06-15 22:12 - 00001374 ___AC C:\Windows\imsins.BAK
2013-06-19 14:27 - 2009-05-02 12:26 - 00000000 ___DC C:\Windows\ie8updates
2013-06-19 14:08 - 2013-06-19 14:08 - 00004895 ___AC C:\Windows\System32\jupdate-1.7.0_25-b16.log
2013-06-19 13:39 - 2010-05-22 14:01 - 00142496 ____A (Symantec Corporation) C:\Windows\System32\Drivers\SYMEVENT.SYS
2013-06-19 13:39 - 2010-05-22 14:01 - 00007611 ____A C:\Windows\System32\Drivers\SYMEVENT.CAT
2013-06-18 03:37 - 2010-11-24 18:19 - 00131072 ____A C:\Windows\System32\config\OAlerts.evt
2013-06-13 20:13 - 2012-04-18 18:22 - 00692104 ___AC (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2013-06-13 20:13 - 2011-06-08 18:48 - 00071048 ___AC (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2013-06-13 20:12 - 2013-06-13 20:12 - 09089416 ___AC (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerInstaller.exe
2013-06-12 21:48 - 2013-06-19 14:08 - 00094632 ___AC (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge.dll
2013-06-12 21:48 - 2012-09-01 20:51 - 00867240 ___AC (Oracle Corporation) C:\Windows\System32\npdeployJava1.dll
2013-06-12 21:48 - 2010-05-22 13:19 - 00789416 ___AC (Oracle Corporation) C:\Windows\System32\deployJava1.dll
2013-06-12 21:43 - 2013-06-19 14:08 - 00263592 ___AC (Oracle Corporation) C:\Windows\System32\javaws.exe
2013-06-12 21:43 - 2013-06-19 14:08 - 00175016 ___AC (Oracle Corporation) C:\Windows\System32\javaw.exe
2013-06-12 21:43 - 2013-06-19 14:08 - 00175016 ___AC (Oracle Corporation) C:\Windows\System32\java.exe
2013-06-12 21:35 - 2013-06-19 14:08 - 00144896 ___AC (Oracle Corporation) C:\Windows\System32\javacpl.cpl
2013-06-10 02:38 - 2011-06-23 08:18 - 00000292 ___AC C:\Windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1409082233-1035525444-839522115-1003.job
2013-06-02 11:53 - 2011-06-15 22:12 - 00001507 ___AC C:\Windows\setupact.log
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe
[2004-08-04 14:00] - [2008-04-14 04:22] - 1036800 ____A (Microsoft Corporation) 418045a93cd87a352098ab7dabe1b53e
C:\Windows\System32\winlogon.exe
[2004-08-04 14:00] - [2008-04-14 04:23] - 0513024 ____A (Microsoft Corporation) f09a527b422e25c478e38caa0e44417a
C:\Windows\System32\svchost.exe
[2004-08-04 14:00] - [2008-04-14 04:23] - 0014336 ____A (Microsoft Corporation) 4fbc75b74479c7a6f829e0ca19df3366
C:\Windows\System32\services.exe
[2004-08-04 14:00] - [2009-02-09 13:21] - 0111104 ____A (Microsoft Corporation) a3edbe9053889fb24ab22492472b39dc
C:\Windows\System32\User32.dll
[2004-08-04 14:00] - [2008-04-14 04:22] - 0580096 ____A (Microsoft Corporation) b0050cc5340e3a0760dd8b417ff7aebd
C:\Windows\System32\userinit.exe
[2004-08-04 14:00] - [2008-04-14 04:23] - 0026624 ___AC (Microsoft Corporation) 788f95312e26389d596c0fa55834e106
C:\Windows\System32\Drivers\volsnap.sys
[2004-08-04 14:00] - [2008-04-14 03:52] - 0053760 ___AC (Microsoft Corporation) a5a712f4e880874a477af790b5186e1d
==================== End Of Log ============================
FRST hatte mich diesmal beim Start darauf hingewiesen, dass meine Version (die ich am 20.6. heruntergeladen habe) nicht mehr aktuell sei. Zunächst habe ich einem Update zugestimmt, habe jedoch eine Fehlermeldung bekommen und kein Auto-Update hat stattgefunden. Ich bin nur auf www.bleepingcomputer.com herausgekommen. Aus Zeitgründen ging ich der Sache nicht weiter nach, habe FRST neu gestartet und einfach nochmal mit meiner (gerade mal 2 Tage) alten Version gescannt. Sollte FRST ein Update zwingend benötigen, kann ich mich noch einmal daran versuchen. |
| Themen zu Firefox-Tabs öffnen sich von selbst / Hinweis auf avuzatracking-Malware |
| 7-zip, alert, bho, canon, downloader, einstellungen, error, firefox, flash player, format, free download, helper, logfile, lws.exe, malware, mozilla, msiinstaller, neue tabs, object, plug-in, problem, realtek, registry, robot, rundll, scan, security, senden, symantec, tabs öffnen, udp, usb, visual studio, werbung, windows internet |
Baum-Darstellung