Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Panda-Onlinescanner findet UNIV-Virus

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Alt 25.08.2010, 22:57   #1
uli_n
 
Panda-Onlinescanner findet UNIV-Virus - Standard

Panda-Onlinescanner findet UNIV-Virus



Hallo der Panda-Onlinescanner findet in einem Untermenue von Panda-SW einen UNIV-Virus.
F-Secure, Malwarebytes und Adaware finden nichts verdächtiges.
Habe ich nun einen Virus ?
Das Sytem ist seit geraumer Zeit sehr langsam und der Mauszeiger läuft unter der Favoritenleiste der Bewegung hinterher.

Hier mein Log und im Anhang weiter Logs.OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 25.08.2010 20:51:29 - Run 1
OTL by OldTimer - Version 3.2.10.0 Folder = C:\Dokumente und Einstellungen\admin\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 42,00% Memory free
3,00 Gb Paging File | 2,00 Gb Available in Paging File | 80,00% Paging File free
Paging file location(s): C:\pagefile.sys 2048 2048 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 145,82 Gb Total Space | 130,54 Gb Free Space | 89,52% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: XXX
Current User Name: admin
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Processes (SafeList) ==========
 
PRC - C:\Dokumente und Einstellungen\admin\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
PRC - C:\Programme\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
PRC - C:\Programme\F-Secure\ORSP Client\fsorsp.exe (F-Secure Corporation)
PRC - C:\Programme\F-Secure\Anti-Virus\fssm32.exe (F-Secure Corporation)
PRC - C:\Programme\F-Secure\Anti-Virus\fsgk32.exe (F-Secure Corporation)
PRC - C:\Programme\F-Secure\Anti-Virus\fsav32.exe (F-Secure Corporation)
PRC - C:\Programme\Panda Security\Panda Cloud Antivirus\PSUNMain.exe (Panda Security, S.L.)
PRC - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Programme\Panda Security\Panda Cloud Antivirus\PSANHost.exe (Panda Security, S.L.)
PRC - C:\Programme\F-Secure\Common\FSM32.EXE (F-Secure Corporation)
PRC - C:\Programme\F-Secure\Common\FSMA32.EXE (F-Secure Corporation)
PRC - C:\Programme\F-Secure\Common\FSHDLL32.EXE (F-Secure Corporation)
PRC - C:\Programme\F-Secure\FWES\program\fsdfwd.exe (F-Secure Corporation)
PRC - C:\Programme\F-Secure\Anti-Virus\fsgk32st.exe (F-Secure Corporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Dell\Media Experience\DMXLauncher.exe ()
PRC - C:\WINDOWS\system32\DLA\DLACTRLW.EXE (Sonic Solutions)
PRC - C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Dokumente und Einstellungen\admin\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Programme\F-Secure\Spam Control\fsscoepl.dll (F-Secure Corporation)
MOD - c:\Programme\F-Secure\HIPS\fshook32.dll (F-Secure Corporation)
MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (HidServ) -- C:\WINDOWS\System32\hidserv.dll File not found
SRV - (AppMgmt) -- C:\WINDOWS\System32\appmgmts.dll File not found
SRV - (Lavasoft Ad-Aware Service) -- C:\Programme\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SRV - (FSORSPClient) -- C:\Programme\F-Secure\ORSP Client\fsorsp.exe (F-Secure Corporation)
SRV - (GoogleDesktopManager-051210-111108) -- C:\Programme\Google\Google Desktop Search\GoogleDesktop.exe (Google)
SRV - (NanoServiceMain) -- C:\Programme\Panda Security\Panda Cloud Antivirus\PSANHost.exe (Panda Security, S.L.)
SRV - (FSMA) -- C:\Programme\F-Secure\Common\FSMA32.EXE (F-Secure Corporation)
SRV - (FSDFWD) -- C:\Programme\F-Secure\FWES\Program\fsdfwd.exe (F-Secure Corporation)
SRV - (F-Secure Gatekeeper Handler Starter) -- C:\Programme\F-Secure\Anti-Virus\fsgk32st.exe (F-Secure Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (PLCMPR5) -- C:\WINDOWS\System32\PLCMPR5.SYS File not found
DRV - (Lavasoft Kernexplorer) -- C:\Programme\Lavasoft\Ad-Aware\kernexplorer.sys ()
DRV - (F-Secure Gatekeeper) -- C:\Programme\F-Secure\Anti-Virus\minifilter\fsgk.sys ()
DRV - (fsbts) -- C:\WINDOWS\system32\Drivers\fsbts.sys ()
DRV - (Lbd) -- C:\WINDOWS\system32\DRIVERS\Lbd.sys (Lavasoft AB)
DRV - (PSINAflt) -- C:\WINDOWS\system32\drivers\PSINAflt.sys (Panda Security, S.L.)
DRV - (PSINProt) -- C:\WINDOWS\system32\drivers\PSINProt.sys (Panda Security, S.L.)
DRV - (PSINKNC) -- C:\WINDOWS\system32\drivers\PSINKNC.sys (Panda Security, S.L.)
DRV - (PSINProc) -- C:\WINDOWS\system32\drivers\PSINProc.sys (Panda Security, S.L.)
DRV - (PSINFile) -- C:\WINDOWS\system32\drivers\PSINFile.sys (Panda Security, S.L.)
DRV - (Tcpip6) -- C:\WINDOWS\system32\drivers\tcpip6.sys (Microsoft Corporation)
DRV - (F-Secure HIPS) -- C:\Programme\F-Secure\HIPS\drivers\fshs.sys (F-Secure Corporation)
DRV - (FSFW) -- C:\WINDOWS\System32\drivers\fsdfw.sys (F-Secure Corporation)
DRV - (F-Secure Filter) -- C:\Programme\F-Secure\Anti-Virus\win2k\fsfilter.sys ()
DRV - (F-Secure Recognizer) -- C:\Programme\F-Secure\Anti-Virus\win2k\fsrec.sys ()
DRV - (nm) -- C:\WINDOWS\system32\drivers\nmnt.sys (Microsoft Corporation)
DRV - (amdagp) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys (Advanced Micro Devices, Inc.)
DRV - (sisagp) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys (Silicon Integrated Systems Corporation)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (STHDA) -- C:\WINDOWS\system32\drivers\sthda.sys (SigmaTel, Inc.)
DRV - (DRVMCDB) -- C:\WINDOWS\System32\Drivers\DRVMCDB.SYS (Sonic Solutions)
DRV - (DLAUDFAM) -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS (Sonic Solutions)
DRV - (DLAUDF_M) -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS (Sonic Solutions)
DRV - (DLAIFS_M) -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS (Sonic Solutions)
DRV - (DLABOIOM) -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS (Sonic Solutions)
DRV - (DLAOPIOM) -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS (Sonic Solutions)
DRV - (DLAPoolM) -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS (Sonic Solutions)
DRV - (DLADResN) -- C:\WINDOWS\system32\DLA\DLADResN.SYS (Sonic Solutions)
DRV - (DLACDBHM) -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS (Sonic Solutions)
DRV - (DLARTL_N) -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS (Sonic Solutions)
DRV - (DRVNDDM) -- C:\WINDOWS\system32\drivers\DRVNDDM.SYS (Sonic Solutions)
DRV - (rt2500usb) DWL-G122(rev.B) -- C:\WINDOWS\system32\drivers\rt2500usb.sys (Ralink Technology Inc.)
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (PLCNDIS5) -- C:\WINDOWS\system32\plcndis5.sys (Intellon, Inc.)
DRV - (CmdIde) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (Sparrow) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys (Adaptec, Inc.)
DRV - (sym_u3) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys (LSI Logic)
DRV - (sym_hi) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys (LSI Logic)
DRV - (symc8xx) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys (LSI Logic)
DRV - (symc810) -- C:\WINDOWS\system32\DRIVERS\symc810.sys (Symbios Logic Inc.)
DRV - (ultra) -- C:\WINDOWS\system32\DRIVERS\ultra.sys (Promise Technology, Inc.)
DRV - (ql12160) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys (QLogic Corporation)
DRV - (ql1080) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys (QLogic Corporation)
DRV - (ql1280) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys (QLogic Corporation)
DRV - (dac2w2k) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys (Mylex Corporation)
DRV - (mraid35x) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys (American Megatrends Inc.)
DRV - (asc) -- C:\WINDOWS\system32\DRIVERS\asc.sys (Advanced System Products, Inc.)
DRV - (asc3550) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys (Advanced System Products, Inc.)
DRV - (AliIde) -- C:\WINDOWS\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.de/ig/dell?hl=de&client=dell-row&channel=de&ibd=4061114
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = www.google.de/ig/dell?hl=de&client=dell-row&channel=de&ibd=4061114
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.de/ig/dell?hl=de&client=dell-row&channel=de&ibd=4061114
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.de/hws/sb/dell-row/de/side.html?channel=de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.de/ig/dell?hl=de&client=dell-row&channel=de&ibd=4061114
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
FF - HKLM\software\mozilla\Firefox\Extensions\\litmus-ff@f-secure.com: C:\Programme\F-Secure\NRS\litmus-ff@f-secure.com [2010.08.23 15:50:17 | 000,000,000 | ---D | M]
 
 
O1 HOSTS File: ([2004.08.04 16:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\DLA\DLASHX_W.DLL (Sonic Solutions)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Programme\Google\GoogleToolbar3.dll (Google Germany GmbH)
O2 - BHO: (Browsing Protection Class) - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Programme\F-Secure\NRS\iescript\baselitmus.dll (F-Secure Corporation)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Programme\BAE\BAE.dll (Dell Inc.)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Programme\Google\GoogleToolbar3.dll (Google Germany GmbH)
O3 - HKLM\..\Toolbar: (Browsing Protection Toolbar) - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Programme\F-Secure\NRS\iescript\baselitmus.dll (F-Secure Corporation)
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programme\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Programme\Google\GoogleToolbar3.dll (Google Germany GmbH)
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [DLA] C:\WINDOWS\system32\DLA\DLACTRLW.EXE (Sonic Solutions)
O4 - HKLM..\Run: [DMXLauncher] C:\Programme\Dell\Media Experience\DMXLauncher.exe ()
O4 - HKLM..\Run: [Easy-PrintToolBox] C:\Programme\Canon\Easy-PrintToolBox\BJPSMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [F-Secure Manager] C:\Programme\F-Secure\Common\FSM32.EXE (F-Secure Corporation)
O4 - HKLM..\Run: [F-Secure TNB] C:\Programme\F-Secure\FSGUI\TNBUtil.exe (F-Secure Corporation)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [PSUNMain] C:\Programme\Panda Security\Panda Cloud Antivirus\PSUNMain.exe (Panda Security, S.L.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Google-Suche - C:\Programme\Google\GoogleToolbar1.dll (Google Inc.)
O8 - Extra context menu item: &Ins Deutsche übersetzen - C:\Programme\Google\GoogleToolbar1.dll (Google Inc.)
O8 - Extra context menu item: Ähnliche Seiten - C:\Programme\Google\GoogleToolbar1.dll (Google Inc.)
O8 - Extra context menu item: Im Cache gespeicherte Seite - C:\Programme\Google\GoogleToolbar1.dll (Google Inc.)
O8 - Extra context menu item: Verweisseiten - C:\Programme\Google\GoogleToolbar1.dll (Google Inc.)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1261148348281 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {B9F79165-A264-4C4A-A211-133A5E8D647F} hxxp://support.f-secure.com/enu/home/onlineservices/fshc/fscax.cab (F-Secure Health Check 1.1)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} hxxp://194.250.69.215/activex/AMC.cab (AxisMediaControlEmb Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004.08.18 15:18:44 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.08.25 20:44:39 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\admin\Anwendungsdaten\Sun
[2010.08.25 20:41:49 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\admin\IECompatCache
[2010.08.25 20:41:02 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\admin\Anwendungsdaten\Adobe
[2010.08.25 20:40:57 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\admin\PrivacIE
[2010.08.25 20:38:40 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\admin\IETldCache
[2010.08.25 20:38:30 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\admin\Anwendungsdaten\Microsoft
[2010.08.25 20:38:30 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\admin\SendTo
[2010.08.25 20:38:30 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\admin\Recent
[2010.08.25 20:38:30 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\admin\Anwendungsdaten
[2010.08.25 20:38:30 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\admin\Startmenü
[2010.08.25 20:38:30 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\admin\Favoriten
[2010.08.25 20:38:30 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\admin\Eigene Dateien\Eigene Musik
[2010.08.25 20:38:30 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\admin\Eigene Dateien
[2010.08.25 20:38:30 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\admin\Eigene Dateien\Eigene Bilder
[2010.08.25 20:38:30 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\admin\Cookies
[2010.08.25 20:38:30 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\admin\Vorlagen
[2010.08.25 20:38:30 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\admin\Netzwerkumgebung
[2010.08.25 20:38:30 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\admin\Lokale Einstellungen
[2010.08.25 20:38:30 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\admin\Druckumgebung
[2010.08.25 20:38:30 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\admin\Anwendungsdaten\Symantec
[2010.08.25 20:38:30 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\admin\Lokale Einstellungen\Anwendungsdaten\Microsoft
[2010.08.25 20:38:30 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\admin\Anwendungsdaten\Macromedia
[2010.08.25 20:38:30 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\admin\Anwendungsdaten\Identities
[2010.08.25 20:38:30 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\admin\Lokale Einstellungen\Anwendungsdaten\Google
[2010.08.25 20:38:30 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\admin\Desktop
[2010.08.25 20:38:30 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\admin\Lokale Einstellungen\Anwendungsdaten\ApplicationHistory
[2010.08.25 20:38:30 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\admin\Lokale Einstellungen\Anwendungsdaten\Adobe
[2010.08.25 20:38:30 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\admin\Lokale Einstellungen\Anwendungsdaten\{3248F0A6-6813-11D6-A77B-00B0D0150060}
[2010.08.25 20:31:55 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\admin\Desktop\OTL.exe
[2010.08.25 16:30:36 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010.08.25 16:30:36 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010.08.25 16:30:36 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010.08.25 10:16:55 | 000,000,000 | ---D | C] -- C:\Programme\Panda Security
[2010.08.25 10:16:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Panda Security
[2010.08.24 14:29:08 | 000,064,288 | ---- | C] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2010.08.24 14:28:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2010.08.24 14:28:48 | 000,095,024 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2010.08.24 14:25:55 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{BD986C1B-72EC-4B82-B47B-6CAC4E6F494E}
[2010.08.24 14:25:14 | 000,000,000 | ---D | C] -- C:\Programme\Lavasoft
[2010.08.24 14:25:14 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Lavasoft
[2010.08.23 16:43:31 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.08.23 16:43:28 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2010.08.23 16:43:26 | 000,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.08.23 16:43:25 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.08.19 11:38:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2010.08.19 11:18:38 | 000,000,000 | ---D | C] -- C:\Programme\Yahoo!
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2010.08.25 20:52:27 | 000,786,432 | -H-- | M] () -- C:\Dokumente und Einstellungen\admin\NTUSER.DAT
[2010.08.25 20:38:38 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.08.25 20:32:21 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\admin\Desktop\OTL.exe
[2010.08.25 19:32:28 | 000,000,434 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{7C20DD39-3F02-4A91-8A26-9ADF4B54D1B8}.job
[2010.08.25 18:14:24 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.08.25 18:14:18 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.08.25 18:14:17 | 1331,843,072 | -HS- | M] () -- C:\hiberfil.sys
[2010.08.25 17:25:50 | 000,000,456 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010.08.25 16:28:45 | 000,001,709 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Adobe Reader 9.lnk
[2010.08.25 16:08:31 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2010.08.25 10:17:24 | 000,000,256 | ---- | M] () -- C:\WINDOWS\System32\PSUNCpl.dat
[2010.08.25 00:04:34 | 000,000,530 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled scanning task.job
[2010.08.24 14:28:45 | 000,095,024 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2010.08.24 14:25:54 | 000,000,847 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Ad-Aware.lnk
[2010.08.23 16:43:35 | 000,000,676 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.08.17 19:11:56 | 000,222,432 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.07.27 08:29:42 | 008,503,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shell32.dll
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2010.08.25 20:38:32 | 000,000,141 | ---- | C] () -- C:\Dokumente und Einstellungen\admin\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2010.08.25 20:38:29 | 000,786,432 | -H-- | C] () -- C:\Dokumente und Einstellungen\admin\NTUSER.DAT
[2010.08.25 20:38:29 | 000,024,576 | -H-- | C] () -- C:\Dokumente und Einstellungen\admin\ntuser.dat.LOG
[2010.08.25 20:38:29 | 000,000,190 | -HS- | C] () -- C:\Dokumente und Einstellungen\admin\ntuser.ini
[2010.08.25 10:17:24 | 000,000,256 | ---- | C] () -- C:\WINDOWS\System32\PSUNCpl.dat
[2010.08.24 14:29:21 | 000,000,456 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010.08.24 14:25:54 | 000,000,847 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Ad-Aware.lnk
[2010.08.23 16:43:35 | 000,000,676 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009.02.13 20:53:10 | 000,041,256 | ---- | C] () -- C:\WINDOWS\System32\drivers\fsbts.sys
[2007.12.26 20:29:26 | 000,000,653 | ---- | C] () -- C:\WINDOWS\{0240BDFB-2995-4A3F-8C96-18D41282B716}_WiseFW.ini
[2006.11.22 20:42:15 | 000,002,828 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2006.11.22 20:42:15 | 000,000,088 | RHS- | C] () -- C:\WINDOWS\System32\972CD41B28.sys
[2006.11.22 19:40:05 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\CNMVS78.DLL
[2006.11.14 23:37:35 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006.11.14 23:31:49 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006.11.14 23:31:03 | 000,712,704 | ---- | C] () -- C:\WINDOWS\System32\DellSystemRestore.dll
[2006.11.14 23:25:50 | 000,000,126 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006.11.14 23:02:08 | 000,000,486 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005.11.10 10:56:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004.08.18 15:26:49 | 000,000,849 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004.08.18 15:15:48 | 000,003,776 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
 
========== LOP Check ==========
 
[2006.11.22 19:39:49 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonBJ
[2009.02.13 20:38:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\F-Secure
[2010.02.07 11:49:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\fssg
[2010.08.25 10:16:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Panda Security
[2007.12.26 20:25:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP
[2010.08.24 14:26:01 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{BD986C1B-72EC-4B82-B47B-6CAC4E6F494E}
[2010.08.25 17:25:50 | 000,000,456 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2010.08.25 00:04:34 | 000,000,530 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled scanning task.job
[2010.08.25 19:32:28 | 000,000,434 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{7C20DD39-3F02-4A91-8A26-9ADF4B54D1B8}.job
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 130 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:BEB71B81
< End of report >
         
--- --- ---
OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 25.08.2010 20:51:29 - Run 1
OTL by OldTimer - Version 3.2.10.0 Folder = C:\Dokumente und Einstellungen\admin\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 42,00% Memory free
3,00 Gb Paging File | 2,00 Gb Available in Paging File | 80,00% Paging File free
Paging file location(s): C:\pagefile.sys 2048 2048 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 145,82 Gb Total Space | 130,54 Gb Free Space | 89,52% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: XXX
Current User Name: admin
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Programme\Microsoft Office\Office10\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Programme\Microsoft Office\Office10\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"10421:UDP" = 10421:UDP:*:Enabled:SingleClick Discovery Protocol
"10426:UDP" = 10426:UDP:*:Enabled:SingleClick ICC
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\Dell Network Assistant\ezi_hnm2.exe" = C:\Programme\Dell Network Assistant\ezi_hnm2.exe:*:Enabled:Dell Network Assistant -- File not found
"C:\Programme\devolo\informer\devinf.exe" = C:\Programme\devolo\informer\devinf.exe:*:Enabled:devolo Informer -- (devolo AG)
"C:\Programme\devolo\easyshare\easyshare.exe" = C:\Programme\devolo\easyshare\easyshare.exe:*:Enabled:devolo EasyShare -- (devolo AG)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{06100048-3E21-46D6-9A91-D927BA08F41D}" = Microsoft Encarta 2006 Enzyklopädie Standard
"{075473F5-846A-448B-BCB3-104AA1760205}" = Roxio RecordNow Data
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Roxio DLA
"{1D3C662A-F6C6-4767-A788-7AA43A9A1317}" = ARTEuro
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java(TM) 6 Update 21
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{3248F0A8-6813-11D6-A77B-00B0D0150090}" = J2SE Runtime Environment 5.0 Update 9
"{3248F0A8-6813-11D6-A77B-00B0D0150100}" = J2SE Runtime Environment 5.0 Update 10
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = URL Assistant
"{43CAC9A1-1993-4F65-9096-7C9AFC2BBF54}" = Dell CinePlayer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}" = Adobe® Photoshop® Album Starter Edition 3.0
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works
"{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool
"{5B6BE547-21E2-49CA-B2E2-6A5F470593B1}" = Sonic Activation Module
"{5D95AD35-368F-47D5-B63A-A082DDF00116}" = Microsoft Foto 2006 Standard Edition Editor
"{691F4068-81BF-49E3-B32E-FE3E16400112}" = Microsoft Foto 2006 Standard Edition Bibliothek
"{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore
"{83ED1E80-A1B7-4236-BCF1-AC4A88151A6B}" = Microsoft AutoRoute 2006
"{83F793B5-8BBF-42FD-A8A6-868CB3E2AAEA}" = Intel(R) PROSet for Wired Connections
"{88B32652-CAE0-4909-A463-5840D2689D93}" = FUJIFILM FinePixViewer S Ver.2.1
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Graphics Media Accelerator Driver
"{90F1DDBF-0C56-44B0-A920-72CC90C51565}" = Microsoft Works Suite-Add-Ins für Microsoft Word
"{911B0407-6000-11D3-8CFE-0050048383C9}" = Microsoft Word 2002
"{93A1B09E-BAFA-4628-A5B6-921CB026955A}" = Corel Paint Shop Pro Photo XI
"{9F7FC79B-3059-4264-9450-39EB368E3225}" = Microsoft Digital Image Library 9 - Blocker
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Roxio RecordNow Audio
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.4 - Deutsch
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Roxio RecordNow Copy
"{B3F1E526-180B-4480-9FEC-3E2DCB8EA9CE}" = F-Secure PSC Prerequisites
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE28E6F5-4A03-4DED-B954-D0779B47FFBF}" = Works Update
"{D2988E9B-C73F-422C-AD4B-A66EBE257120}" = MCU
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{FEB2D0CA-9912-4AA1-8FBE-CFD852F9F1FC}" = Panda Cloud Antivirus
"Ad-Aware" = Ad-Aware
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"AdobeESD" = Adobe Download Manager 2.2 (Nur entfernen)
"AXIS Media Control Embedded" = AXIS Media Control Embedded
"Canon Setup Utility 2.0" = Canon Setup Utility 2.0
"CANONBJ_Deinstall_CNMCP78.DLL" = Canon iP4200
"CCleaner" = CCleaner
"dlanconf" = devolo dLAN-Konfigurationsassistent
"dslmon" = devolo Informer
"easyclean" = devolo EasyClean
"Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint
"Easy-PrintToolBox" = Canon Utilities Easy-PrintToolBox
"easyshare" = devolo EasyShare
"Easy-WebPrint" = Easy-WebPrint
"F-Secure Product 444" = F-Secure Internet Security 2010
"Google Desktop" = Google Desktop
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"Macromedia Shockwave Player" = Macromedia Shockwave Player
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MediaNavigation.CDLabelPrint" = CD-LabelPrint
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Panda Cloud Antivirus" = Panda Cloud Antivirus
"PictureItPrem_v11" = Microsoft Foto 2006 Standard Edition
"PROSet" = Intel(R) PRO Network Connections Drivers
"SearchAssist" = SearchAssist
"Windows XP Service Pack" = Windows XP Service Pack 3
"Works2006Setup" = Setup-Start von Microsoft Works Suite 2006
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 24.08.2010 08:39:27 | Computer Name = XXX | Source = Message from F-Secure Anti-Virus on | ID = 103
Description = 2 2010-08-24 14:37:56+02:00 XXX SYSTEM Message from F-Secure
Anti-Virus on E-Mail scanning initialization failed, reason: MirrorMain::Initialize():
InitMessageLoop() failed.. 
 
Error - 24.08.2010 08:41:07 | Computer Name = XXX | Source = Message from F-Secure Anti-Virus on | ID = 103
Description = 3 2010-08-24 14:40:06+02:00 XXX SYSTEM Message from F-Secure
Anti-Virus on E-Mail scanning is not functioning due to a severe error. If the
problem persists, please contact the system administrator. 
 
Error - 25.08.2010 09:46:29 | Computer Name = XXX | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung iexplore.exe, Version 8.0.6001.18702, fehlgeschlagenes
Modul baselitmus.dll, Version 1.10.5534.0, Fehleradresse 0x000618e0.
 
Error - 25.08.2010 10:00:57 | Computer Name = XXX | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung iexplore.exe, Version 8.0.6001.18702, fehlgeschlagenes
Modul unknown, Version 0.0.0.0, Fehleradresse 0xfdff4029.
 
Error - 25.08.2010 11:23:02 | Computer Name = XXX | Source = Message from F-Secure Anti-Virus on | ID = 103
Description = 1 2010-08-25 17:22:36+02:00 XXX SYSTEM Message from F-Secure
Anti-Virus on E-Mail scanning initialization failed, reason: InitMessageLoop():
DfpRegisterOID() failed.. 
 
Error - 25.08.2010 11:23:14 | Computer Name = XXX | Source = Message from F-Secure Anti-Virus on | ID = 103
Description = 2 2010-08-25 17:23:02+02:00 XXX XXXXX Message
from F-Secure Anti-Virus on E-Mail scanning initialization failed, reason: MirrorMain::Initialize():
InitMessageLoop() failed.. 
 
Error - 25.08.2010 11:23:14 | Computer Name = XXX | Source = Message from F-Secure Anti-Virus on | ID = 103
Description = 3 2010-08-25 17:23:04+02:00 XXX XXX\XXX Message
from F-Secure Anti-Virus on E-Mail scanning is not functioning due to a severe 
error. If the problem persists, please contact the system administrator. 
 
Error - 25.08.2010 11:32:06 | Computer Name = XXX | Source = Message from F-Secure Anti-Virus on | ID = 103
Description = 1 2010-08-25 17:30:58+02:00 XXX XXX\XXX Message
from F-Secure Anti-Virus on E-Mail scanning initialization failed, reason: InitMessageLoop():
DfpRegisterOID() failed.. 
 
Error - 25.08.2010 11:32:07 | Computer Name = XXX | Source = Message from F-Secure Anti-Virus on | ID = 103
Description = 2 2010-08-25 17:32:06+02:00 XXX XXX\XXX Message
from F-Secure Anti-Virus on E-Mail scanning initialization failed, reason: MirrorMain::Initialize():
InitMessageLoop() failed.. 
 
Error - 25.08.2010 11:32:11 | Computer Name = XXX | Source = Message from F-Secure Anti-Virus on | ID = 103
Description = 3 2010-08-25 17:32:06+02:00 XXX XXX\XXX Message
from F-Secure Anti-Virus on E-Mail scanning is not functioning due to a severe 
error. If the problem persists, please contact the system administrator. 
 
[ System Events ]
Error - 11.08.2010 07:18:57 | Computer Name = XXX | Source = DCOM | ID = 10010
Description = Der Server "{0002DF01-0000-0000-C000-000000000046}" konnte innerhalb
des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
 
Error - 11.08.2010 07:28:38 | Computer Name = XXX | Source = F-Secure Gatekeeper | ID = 327681
Description = 
 
Error - 11.08.2010 07:28:45 | Computer Name = XXX | Source = F-Secure Gatekeeper | ID = 327681
Description = 
 
Error - 17.08.2010 13:07:42 | Computer Name = XXX | Source = F-Secure Gatekeeper | ID = 327681
Description = 
 
Error - 17.08.2010 13:09:45 | Computer Name = XXX | Source = F-Secure Gatekeeper | ID = 327681
Description = 
 
Error - 17.08.2010 13:09:45 | Computer Name = XXX | Source = F-Secure Gatekeeper | ID = 327681
Description = 
 
Error - 17.08.2010 13:09:46 | Computer Name = XXX | Source = F-Secure Gatekeeper | ID = 327681
Description = 
 
Error - 17.08.2010 13:09:47 | Computer Name = XXX | Source = F-Secure Gatekeeper | ID = 327681
Description = 
 
Error - 17.08.2010 13:10:10 | Computer Name = XXX | Source = F-Secure Gatekeeper | ID = 327681
Description = 
 
Error - 21.08.2010 14:15:37 | Computer Name = XXX | Source = F-Secure Gatekeeper | ID = 327681
Description = 
 
 
< End of report >
         
--- --- ---

Alt 26.08.2010, 14:08   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Panda-Onlinescanner findet UNIV-Virus - Standard

Panda-Onlinescanner findet UNIV-Virus



Zitat:
Virus erkannt Univ 25.08.2010 19:23:40 Gelöscht Speicherort: C:\Programme\F-Secure\FSAUA\content\aquawin32\1282745438\cran.cvd
Was fällt Dir da auf?
Richtig, wenn ein Virenscanner im Verzeichnis eines anderen Virenscanners was findet, ist das ein Beleg dafür, dass die Signaturdatei des anderen Scanners als Bedrohung erkannt wird. Ist aber keine Bedrohung. Damit die Signaturen überhaupt funktionieren, müssen gewisse Infos über Schädlinge in den Signaturen drin sein. Und genau das wird von manchem parallel installiertem Scanner als Bedrohung eingestuft. Man kann daher vom Parallelbetrieb mehrerer Scanner nur dringend abraten.
__________________

__________________

Alt 26.08.2010, 14:53   #3
uli_n
 
Panda-Onlinescanner findet UNIV-Virus - Standard

Panda-Onlinescanner findet UNIV-Virus



Vielen Dank für die Antwort.
Der doppelte Virenscanner ist grundsätzlich nicht installiert. Durch die die Probleme mit dem PC konnte ich dem Scan von F-Secure nicht glauben. Nach De- und Neuinstallation von F-Secure, IE8 und .Net wurde das System etwas besser, aber grundsätzlich nimmt F-Secure doch erheblich viel Leistung weg.
__________________

Alt 26.08.2010, 15:06   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Panda-Onlinescanner findet UNIV-Virus - Standard

Panda-Onlinescanner findet UNIV-Virus



Alles was sich SecuritySuite oder Internet Security nennt, ist in Wahrheit nur eine üble aber mitunter hübsche Systembremse

Lies einfach mal hier, ich denke dann sollte es etwas klarer werden:

Die Vertrauensbrecher c't Editorial über Internet Security Suites und warum sie idR nichts taugen
Oberthal online: Personal Firewalls: Sinnvoll oder sinnfrei?
personal firewalls ? Wiki ? ubuntuusers.de
NT-Dienste sicher konfigurieren und abschalten (Windows 2000/XP) - www.ntsvcfg.de
microsoft.public.de.security.heimanwender FAQ

Dann wirst Du feststellen, dass es einfach nur unnötig ist, sich das System mit einer weiteren "Schutzkomponente" zu verhunzen...

Malwarebefall vermeiden kannst Du sowieso nur, wenn Du selbst Dein verhalten in den Griff bekommst => Kompromittierung unvermeidbar?
__________________
Logfiles bitte immer in CODE-Tags posten

Antwort

Themen zu Panda-Onlinescanner findet UNIV-Virus
0 bytes, 0x00000001, ad-aware, alternate, antivirus, bho, canon, cloud, components, e-mail, entfernen, error, failed, firefox, flash player, format, helper, home, homepage, host.exe, iexplore.exe, jusched.exe, langsam, location, logfile, mein log, mozilla, oldtimer, otl.exe, plug-in, problem, registry, rundll, saver, security, sehr langsam, server, software, spam, usb, windows internet, windows internet explorer



Ähnliche Themen: Panda-Onlinescanner findet UNIV-Virus


  1. ESET Onlinescanner Fund
    Plagegeister aller Art und deren Bekämpfung - 17.05.2015 (3)
  2. Avast findet Virus und Malwarebytes findet Viren
    Plagegeister aller Art und deren Bekämpfung - 12.03.2014 (7)
  3. Panda findet Hupigon.AZG und Trj/CI.A in diversen Dateien
    Log-Analyse und Auswertung - 17.10.2012 (44)
  4. Panda Cloud AntiVirus PRo findet zwei Exploit CVE-2011-3544 Trojaner
    Log-Analyse und Auswertung - 17.05.2012 (20)
  5. Panda Virus
    Plagegeister aller Art und deren Bekämpfung - 25.04.2012 (28)
  6. Onlinescanner hat angeschlagen, hier das HJT Log
    Log-Analyse und Auswertung - 21.01.2011 (1)
  7. HJT-Logfile und Frage zu Onlinescanner
    Log-Analyse und Auswertung - 15.10.2009 (11)
  8. F-secure OnlineScanner
    Alles rund um Windows - 07.10.2009 (9)
  9. Panda findet bifrose.akl ist er jetzt weg?
    Plagegeister aller Art und deren Bekämpfung - 13.05.2009 (8)
  10. Seltsame Popups von "Windows"... panda findet spyware
    Log-Analyse und Auswertung - 02.08.2006 (4)
  11. Hilfe Panda Online Findet Spyware !!!!
    Log-Analyse und Auswertung - 08.01.2006 (8)
  12. Probleme mit Panda oder findet er als einziger alle Viren etc ?
    Log-Analyse und Auswertung - 31.10.2005 (11)
  13. Avast erkennt Panda als virus !!!
    Plagegeister aller Art und deren Bekämpfung - 06.10.2005 (4)
  14. Avast erkennt Panda als virus !!!
    Mülltonne - 06.10.2005 (1)
  15. Virus in Panda-Titanium??
    Antiviren-, Firewall- und andere Schutzprogramme - 13.01.2004 (5)

Zum Thema Panda-Onlinescanner findet UNIV-Virus - Hallo der Panda-Onlinescanner findet in einem Untermenue von Panda-SW einen UNIV-Virus. F-Secure, Malwarebytes und Adaware finden nichts verdächtiges. Habe ich nun einen Virus ? Das Sytem ist seit geraumer Zeit - Panda-Onlinescanner findet UNIV-Virus...
Archiv
Du betrachtest: Panda-Onlinescanner findet UNIV-Virus auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.