Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Trojan.Script.23483 (Engine A)

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 30.05.2010, 19:58   #1
Kaubo
 
Trojan.Script.23483 (Engine A) - Standard

Trojan.Script.23483 (Engine A)



Hallo zusammen,

meine G Data Internet Security hat soeben bei einem Scan einen Trojaner entdeckt. Es handelt sich um den Trojan.Script.23483 (Engine A), der sich in der Datei Segment2.cmf im Verzeichnis C:\Windows\rescache\rc0004 befindet.
G Data ist leider nicht in der Lage den Trojaner zu löschen, zu isolieren oder in Quarantäne zu schicken.

Beim Googlen habe ich nicht wirklich hilfreiche Informationen gefunden. Ich hoffe, dass mir hier jemand weiterhelfen kann. Weiss leider nicht, was der Trojaner bewirkt und wie ich ihn mir wieder vom Hals schaffen kann.
Wäre für Hilfe sehr dankbar.

Gruß Kai

Alt 30.05.2010, 21:30   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Trojan.Script.23483 (Engine A) - Standard

Trojan.Script.23483 (Engine A)



Hallo und

bitte nen Vollscan mit Malwarebytes machen und Log posten. Danach OTL:

Systemscan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles hier in den Thread.
__________________

__________________

Alt 30.05.2010, 23:26   #3
Kaubo
 
Trojan.Script.23483 (Engine A) - Standard

Trojan.Script.23483 (Engine A)



Hallo Arne,

danke schon mal für das Willkommen und die schnelle Antwort.

Hier schon mal der erste Teil, die Logdatei malwarebytes. Komischerweise hat die nichts gefunden!

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 4156

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

31.05.2010 00:22:38
mbam-log-2010-05-31 (00-22-38).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Durchsuchte Objekte: 228606
Laufzeit: 31 Minute(n), 31 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)


Gruß Kai
__________________

Alt 30.05.2010, 23:34   #4
Kaubo
 
Trojan.Script.23483 (Engine A) - Standard

Trojan.Script.23483 (Engine A)



@cosinus
Habe mir gerade die Logfiles von OTL angeschaut. Darin werden alle meine Programme und Dateien mit Namen gezeigt. Will diese nicht so gerne hier ins Fourm reinkopieren. Wärst du damit einverstanden, wenn ich dir diese per Nachricht schicke?

Gruß Kai

Alt 31.05.2010, 09:40   #5
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Trojan.Script.23483 (Engine A) - Standard

Trojan.Script.23483 (Engine A)



Mach die Namen mit einem *** oder so unkenntlich.

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 31.05.2010, 10:14   #6
Kaubo
 
Trojan.Script.23483 (Engine A) - Standard

Trojan.Script.23483 (Engine A)



Das komische ist, dass ich meinen PC auch mit den Programmen Malwarebytes, Ad-Aware und Trojan Remover gescannt habe und nichts gefunden wurde. Nur G Data findet diesesn Trojaner in der besagten Datei.

Hier die Logfiles:

OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 31.05.2010 10:56:07 - Run 2
OTL by OldTimer - Version 3.2.5.1     Folder = C:\Users\***\Desktop
 An unknown product  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 62,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 74,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 97,56 Gb Total Space | 61,27 Gb Free Space | 62,81% Space Free | Partition Type: NTFS
Drive D: | 195,31 Gb Total Space | 170,09 Gb Free Space | 87,08% Space Free | Partition Type: NTFS
Drive E: | 195,31 Gb Total Space | 194,11 Gb Free Space | 99,38% Space Free | Partition Type: NTFS
Drive F: | 443,23 Gb Total Space | 359,80 Gb Free Space | 81,18% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
Drive I: | 58,82 Gb Total Space | 58,73 Gb Free Space | 99,85% Space Free | Partition Type: NTFS
Drive J: | 49,53 Gb Total Space | 45,03 Gb Free Space | 90,91% Space Free | Partition Type: NTFS
Drive K: | 40,69 Gb Total Space | 30,45 Gb Free Space | 74,84% Space Free | Partition Type: NTFS
Drive L: | 100,00 Mb Total Space | 70,36 Mb Free Space | 70,37% Space Free | Partition Type: NTFS
 
Computer Name: ***
Current User Name: ***
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Kaubo\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
PRC - C:\Programme\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
PRC - C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe (TuneUp Software)
PRC - C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp Software)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Common Files\G DATA\AVKProxy\AVKProxy.exe (G Data Software AG)
PRC - C:\Programme\Common Files\G DATA\GDScan\GDScan.exe (G Data Software AG)
PRC - C:\Programme\G Data\InternetSecurity\AVK\AVKWCtl.exe (G Data Software AG)
PRC - D:\Program Files\***
PRC - D:\Program Files\***
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\***
PRC - C:\Programme\***
PRC - C:\Programme\PC Connectivity Solution\Transports\NclRSSrv.exe (Nokia)
PRC - D:\Program Files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)
PRC - C:\Windows\System32\atieclxx.exe (AMD)
PRC - C:\Windows\System32\atiesrxx.exe (AMD)
PRC - C:\Programme\G Data\InternetSecurity\AVKTray\AVKTray.exe (G Data Software AG)
PRC - C:\Programme\G Data\InternetSecurity\AVK\AVKService.exe (G Data Software AG)
PRC - C:\Programme\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Programme\Common Files\Logishrd\KHAL2\KHALMNPR.exe (Logitech, Inc.)
PRC - C:\Windows\System32\Ctxfihlp.exe (Creative Technology Ltd)
PRC - C:\Windows\System32\CTxfispi.exe (Creative Technology Ltd)
PRC - d:\Program Files\***
PRC - C:\Windows\DAODx.exe ()
PRC - C:\Programme\***
PRC - D:\Program Files\***
PRC - C:\Windows\CTHELPER.EXE (Creative Technology Ltd)
PRC - C:\Programme\Logitech\G-series Software\LGDCore.exe (Logitech Inc.)
PRC - C:\Programme\Logitech\G-series Software\Applets\LCDPop3\LCDPOP3.exe (Logitech Inc.)
PRC - C:\Programme\Logitech\G-series Software\Applets\LCDCountdown\LCDCountdown.exe (Logitech Inc.)
PRC - C:\Programme\Logitech\G-series Software\Applets\LCDClock.exe (Logitech Inc.)
PRC - C:\Programme\Logitech\G-series Software\Applets\LCDMedia.exe (Logitech Inc.)
PRC - C:\Programme\Logitech\G-series Software\LCDMon.exe (Logitech Inc.)
PRC - C:\Programme\Common Files\ACD Systems\DE\DevDetect.exe (ACD Systems, Ltd.)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Kaubo\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\System32\sspicli.dll (Microsoft Corporation)
MOD - C:\Windows\System32\sechost.dll (Microsoft Corporation)
MOD - C:\Windows\System32\samcli.dll (Microsoft Corporation)
MOD - C:\Windows\System32\profapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\netutils.dll (Microsoft Corporation)
MOD - C:\Windows\System32\KernelBase.dll (Microsoft Corporation)
MOD - C:\Windows\System32\dwmapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\devobj.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cryptbase.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cfgmgr32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (Lavasoft Ad-Aware Service) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SRV - (TuneUp.Defrag) -- C:\Programme\TuneUp Utilities 2010\TuneUpDefragService.exe (TuneUp Software)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\Windows\System32\uxtuneup.dll (TuneUp Software)
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (AVKProxy) -- C:\Program Files\Common Files\G DATA\AVKProxy\AVKProxy.exe (G Data Software AG)
SRV - (GDScan) -- C:\Program Files\Common Files\G DATA\GDScan\GDScan.exe (G Data Software AG)
SRV - (AVKWCtl) -- C:\Programme\G Data\InternetSecurity\AVK\AVKWCtl.exe (G Data Software AG)
SRV - (ServiceLayer) -- C:\Program Files\***
SRV - (Creative Audio Engine Licensing Service) -- C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe (Creative Labs)
SRV - (AdobeActiveFileMonitor8.0) -- D:\Program Files\Adobe\***
SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)
SRV - (getPlusHelper) getPlus(R) -- C:\Programme\NOS\bin\getPlus_Helper.dll (NOS Microsystems Ltd.)
SRV - (AVKService) -- C:\Programme\G Data\InternetSecurity\AVK\AVKService.exe (G Data Software AG)
SRV - (LBTServ) -- C:\Programme\Common Files\Logitech\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (WwanSvc) -- C:\Windows\System32\wwansvc.dll (Microsoft Corporation)
SRV - (WbioSrvc) -- C:\Windows\System32\wbiosrvc.dll (Microsoft Corporation)
SRV - (Power) -- C:\Windows\System32\umpo.dll (Microsoft Corporation)
SRV - (Themes) -- C:\Windows\System32\themeservice.dll (Microsoft Corporation)
SRV - (sppuinotify) -- C:\Windows\System32\sppuinotify.dll (Microsoft Corporation)
SRV - (StorSvc) -- C:\Windows\System32\StorSvc.dll (Microsoft Corporation)
SRV - (RpcEptMapper) -- C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (PNRPsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (p2pimsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (HomeGroupProvider) -- C:\Windows\System32\provsvc.dll (Microsoft Corporation)
SRV - (PNRPAutoReg) -- C:\Windows\System32\pnrpauto.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (HomeGroupListener) -- C:\Windows\System32\ListSvc.dll (Microsoft Corporation)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (Dhcp) -- C:\Windows\System32\dhcpcore.dll (Microsoft Corporation)
SRV - (defragsvc) -- C:\Windows\System32\defragsvc.dll (Microsoft Corporation)
SRV - (BDESVC) -- C:\Windows\System32\bdesvc.dll (Microsoft Corporation)
SRV - (AxInstSV) ActiveX-Installer (AxInstSV) -- C:\Windows\System32\AxInstSv.dll (Microsoft Corporation)
SRV - (AppIDSvc) -- C:\Windows\System32\appidsvc.dll (Microsoft Corporation)
SRV - (sppsvc) -- C:\Windows\System32\sppsvc.exe (Microsoft Corporation)
SRV - (OMSI download service) -- d:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe ()
SRV - (CTAudSvcService) -- C:\Programme\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (gdwfpcd) -- C:\Windows\System32\drivers\gdwfpcd32.sys (G DATA Software AG)
DRV - (GDBehave) -- C:\Windows\system32\drivers\GDBehave.sys (G Data Software AG)
DRV - (seehcri) -- C:\Windows\System32\drivers\seehcri.sys (Sony Ericsson Mobile Communications)
DRV - (ggsemc) -- C:\Windows\System32\drivers\ggsemc.sys (Sony Ericsson Mobile Communications)
DRV - (ggflt) -- C:\Windows\System32\drivers\ggflt.sys (Sony Ericsson Mobile Communications)
DRV - (Lbd) -- C:\Windows\system32\DRIVERS\Lbd.sys (Lavasoft AB)
DRV - (KSecPkg) -- C:\Windows\System32\Drivers\ksecpkg.sys (Microsoft Corporation)
DRV - (GRD) -- C:\Windows\System32\drivers\GRD.sys (G Data Software)
DRV - (GDMnIcpt) -- C:\Windows\System32\drivers\MiniIcpt.sys (G Data Software AG)
DRV - (HookCentre) -- C:\Windows\System32\drivers\HookCentre.sys (G Data Software AG)
DRV - (TuneUpUtilitiesDrv) -- C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys (TuneUp Software)
DRV - (AtiHdmiService) -- C:\Windows\System32\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (cmdide) -- C:\Windows\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (adpahci) -- C:\Windows\system32\DRIVERS\adpahci.sys (Adaptec, Inc.)
DRV - (adp94xx) -- C:\Windows\system32\DRIVERS\adp94xx.sys (Adaptec, Inc.)
DRV - (amdsbs) -- C:\Windows\system32\DRIVERS\amdsbs.sys (AMD Technologies Inc.)
DRV - (adpu320) -- C:\Windows\system32\DRIVERS\adpu320.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\DRIVERS\arcsas.sys (Adaptec, Inc.)
DRV - (amdsata) -- C:\Windows\system32\DRIVERS\amdsata.sys (Advanced Micro Devices)
DRV - (arc) -- C:\Windows\system32\DRIVERS\arc.sys (Adaptec, Inc.)
DRV - (amdxata) -- C:\Windows\system32\DRIVERS\amdxata.sys (Advanced Micro Devices)
DRV - (aliide) -- C:\Windows\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (nvstor) -- C:\Windows\system32\DRIVERS\nvstor.sys (NVIDIA Corporation)
DRV - (nvraid) -- C:\Windows\system32\DRIVERS\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\DRIVERS\nfrd960.sys (IBM Corporation)
DRV - (LSI_SAS) -- C:\Windows\system32\DRIVERS\lsi_sas.sys (LSI Corporation)
DRV - (iaStorV) -- C:\Windows\system32\DRIVERS\iaStorV.sys (Intel Corporation)
DRV - (MegaSR) -- C:\Windows\system32\DRIVERS\MegaSR.sys (LSI Corporation, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\DRIVERS\lsi_scsi.sys (LSI Corporation)
DRV - (LSI_FC) -- C:\Windows\system32\DRIVERS\lsi_fc.sys (LSI Corporation)
DRV - (LSI_SAS2) -- C:\Windows\system32\DRIVERS\lsi_sas2.sys (LSI Corporation)
DRV - (iirsp) -- C:\Windows\system32\DRIVERS\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (megasas) -- C:\Windows\system32\DRIVERS\megasas.sys (LSI Corporation)
DRV - (hwpolicy) -- C:\Windows\System32\drivers\hwpolicy.sys (Microsoft Corporation)
DRV - (elxstor) -- C:\Windows\system32\DRIVERS\elxstor.sys (Emulex)
DRV - (aic78xx) -- C:\Windows\system32\DRIVERS\djsvs.sys (Adaptec, Inc.)
DRV - (HpSAMD) -- C:\Windows\system32\DRIVERS\HpSAMD.sys (Hewlett-Packard Company)
DRV - (FsDepends) -- C:\Windows\System32\drivers\fsdepends.sys (Microsoft Corporation)
DRV - (vsmraid) -- C:\Windows\system32\DRIVERS\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (vmbus) -- C:\Windows\system32\DRIVERS\vmbus.sys (Microsoft Corporation)
DRV - (vhdmp) -- C:\Windows\system32\DRIVERS\vhdmp.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\system32\DRIVERS\vmstorfl.sys (Microsoft Corporation)
DRV - (vdrvroot) -- C:\Windows\system32\DRIVERS\vdrvroot.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\system32\DRIVERS\storvsc.sys (Microsoft Corporation)
DRV - (WIMMount) -- C:\Windows\System32\drivers\wimmount.sys (Microsoft Corporation)
DRV - (viaide) -- C:\Windows\system32\DRIVERS\viaide.sys (VIA Technologies, Inc.)
DRV - (ql2300) -- C:\Windows\system32\DRIVERS\ql2300.sys (QLogic Corporation)
DRV - (rdyboost) -- C:\Windows\System32\drivers\rdyboost.sys (Microsoft Corporation)
DRV - (ql40xx) -- C:\Windows\system32\DRIVERS\ql40xx.sys (QLogic Corporation)
DRV - (SiSRaid4) -- C:\Windows\system32\DRIVERS\sisraid4.sys (Silicon Integrated Systems)
DRV - (pcw) -- C:\Windows\System32\drivers\pcw.sys (Microsoft Corporation)
DRV - (SiSRaid2) -- C:\Windows\system32\DRIVERS\SiSRaid2.sys (Silicon Integrated Systems Corp.)
DRV - (stexstor) -- C:\Windows\system32\DRIVERS\stexstor.sys (Promise Technology)
DRV - (CNG) -- C:\Windows\System32\Drivers\cng.sys (Microsoft Corporation)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\System32\Drivers\Brserid.sys (Brother Industries Ltd.)
DRV - (rdpbus) -- C:\Windows\System32\drivers\rdpbus.sys (Microsoft Corporation)
DRV - (RDPREFMP) -- C:\Windows\System32\drivers\RDPREFMP.sys (Microsoft Corporation)
DRV - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\System32\drivers\agilevpn.sys (Microsoft Corporation)
DRV - (WfpLwf) -- C:\Windows\System32\drivers\wfplwf.sys (Microsoft Corporation)
DRV - (NdisCap) -- C:\Windows\System32\drivers\ndiscap.sys (Microsoft Corporation)
DRV - (vwifibus) -- C:\Windows\System32\drivers\vwifibus.sys (Microsoft Corporation)
DRV - (1394ohci) -- C:\Windows\System32\drivers\1394ohci.sys (Microsoft Corporation)
DRV - (UmPass) -- C:\Windows\system32\DRIVERS\umpass.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (mshidkmdf) -- C:\Windows\System32\drivers\mshidkmdf.sys (Microsoft Corporation)
DRV - (MTConfig) -- C:\Windows\system32\DRIVERS\MTConfig.sys (Microsoft Corporation)
DRV - (CompositeBus) -- C:\Windows\System32\drivers\CompositeBus.sys (Microsoft Corporation)
DRV - (AppID) -- C:\Windows\system32\drivers\appid.sys (Microsoft Corporation)
DRV - (scfilter) -- C:\Windows\System32\drivers\scfilter.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\system32\DRIVERS\vms3cap.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\system32\DRIVERS\VMBusHID.sys (Microsoft Corporation)
DRV - (discache) -- C:\Windows\System32\drivers\discache.sys (Microsoft Corporation)
DRV - (HidBatt) -- C:\Windows\system32\DRIVERS\HidBatt.sys (Microsoft Corporation)
DRV - (AcpiPmi) -- C:\Windows\system32\DRIVERS\acpipmi.sys (Microsoft Corporation)
DRV - (AmdPPM) -- C:\Windows\System32\drivers\amdppm.sys (Microsoft Corporation)
DRV - (hcw85cir) -- C:\Windows\system32\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (BrUsbMdm) -- C:\Windows\System32\Drivers\BrUsbMdm.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\System32\Drivers\BrUsbSer.sys (Brother Industries Ltd.)
DRV - (BrSerWdm) -- C:\Windows\System32\Drivers\BrSerWdm.sys (Brother Industries Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\DRIVERS\BrFiltLo.sys (Brother Industries, Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\DRIVERS\BrFiltUp.sys (Brother Industries, Ltd.)
DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation)
DRV - (ebdrv) -- C:\Windows\system32\DRIVERS\evbdx.sys (Broadcom Corporation)
DRV - (b06bdrv) -- C:\Windows\system32\DRIVERS\bxvbdx.sys (Broadcom Corporation)
DRV - (L1E) NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20) -- C:\Windows\System32\drivers\L1E62x86.sys (Atheros Communications, Inc.)
DRV - (LMouFilt) -- C:\Windows\System32\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV - (LHidFilt) -- C:\Windows\System32\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV - (ha20x2k) -- C:\Windows\System32\drivers\ha20x2k.sys (Creative Technology Ltd)
DRV - (emupia) -- C:\Windows\System32\drivers\emupia2k.sys (Creative Technology Ltd)
DRV - (ctsfm2k) -- C:\Windows\System32\drivers\ctsfm2k.sys (Creative Technology Ltd)
DRV - (ctprxy2k) -- C:\Windows\System32\drivers\ctprxy2k.sys (Creative Technology Ltd)
DRV - (ossrv) -- C:\Windows\System32\drivers\ctoss2k.sys (Creative Technology Ltd.)
DRV - (ctdvda2k) -- C:\Windows\System32\drivers\ctdvda2k.sys (Creative Technology Ltd)
DRV - (ctaud2k) Creative Audio Driver (WDM) -- C:\Windows\System32\drivers\ctaud2k.sys (Creative Technology Ltd)
DRV - (ctac32k) -- C:\Windows\System32\drivers\ctac32k.sys (Creative Technology Ltd)
DRV - (CTEXFIFX.SYS) -- C:\Windows\System32\drivers\CTEXFIFX.SYS (Creative Technology Ltd.)
DRV - (CTEXFIFX) -- C:\Windows\System32\drivers\CTEXFIFX.sys (Creative Technology Ltd.)
DRV - (CTHWIUT.SYS) -- C:\Windows\System32\drivers\CTHWIUT.SYS (Creative Technology Ltd.)
DRV - (CTHWIUT) -- C:\Windows\System32\drivers\CTHWIUT.sys (Creative Technology Ltd.)
DRV - (CT20XUT.SYS) -- C:\Windows\System32\drivers\CT20XUT.SYS (Creative Technology Ltd.)
DRV - (CT20XUT) -- C:\Windows\System32\drivers\CT20XUT.sys (Creative Technology Ltd.)
DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
DRV - (adfs) -- C:\Windows\System32\drivers\adfs.sys (Adobe Systems, Inc.)
DRV - (L8042Kbd) -- C:\Windows\System32\drivers\L8042Kbd.sys (Logitech Inc.)
DRV - (MTsensor) -- C:\Windows\System32\drivers\ASACPI.sys ()
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://gamersunion.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = C7 A6 37 FF 58 4F CA 01  [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "hxxp://www.gamersunion.de/"
FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170633FE}:20.1.0.4
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.04.03 15:05:43 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.04.22 10:45:22 | 000,000,000 | ---D | M]
 
[2010.01.15 21:49:36 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Extensions
[2010.01.15 21:49:36 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\nvw9o5fi.default\extensions
[2010.04.21 15:21:38 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2010.04.21 15:21:38 | 000,000,000 | ---D | M] (G Data WebFilter) -- C:\Programme\Mozilla Firefox\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170633FE}
[2010.03.13 23:15:20 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.03.13 23:15:20 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.03.13 23:15:20 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.03.13 23:15:20 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.03.13 23:15:20 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2010.04.28 17:46:44 | 000,001,306 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1		activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com 
O2 - BHO: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Programme\G Data\InternetSecurity\Webfilter\AVKWebIE.dll (G Data Software AG)
O2 - BHO: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Programme\Dealio Toolbar\DealioToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Programme\G Data\InternetSecurity\Webfilter\AVKWebIE.dll (G Data Software AG)
O3 - HKLM\..\Toolbar: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Programme\Dealio Toolbar\DealioToolbarIE.dll (Spigot, Inc.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [CTCheck] D:\Program Files\Creative\***
O4 - HKLM..\Run: [CTHelper] C:\Windows\CTHELPER.EXE (Creative Technology Ltd)
O4 - HKLM..\Run: [CTxfiHlp] C:\Windows\System32\Ctxfihlp.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [DevconDefaultDB] C:\Windows\READREG.exe (Creative Technology Limited)
O4 - HKLM..\Run: [Device Detector]  File not found
O4 - HKLM..\Run: [G DATA AntiVirus Trayapplication] C:\Programme\G Data\InternetSecurity\AVKTray\AVKTray.exe (G Data Software AG)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [Launch LCDMon] C:\Program Files\Logitech\G-series Software\LCDMon.exe (Logitech Inc.)
O4 - HKLM..\Run: [Launch LGDCore] C:\Program Files\Logitech\G-series Software\LGDCore.exe (Logitech Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TrojanScanner] D:\Program Files\Trojan Remover\Trjscan.exe (Simply Super Software)
O4 - HKCU..\Run: [CTSyncU.exe] C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe ()
O4 - HKCU..\Run: [PC Suite Tray] D:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - HKCU..\Run: [Sony Ericsson PC Suite] D:\Program Files\Sony Ericsson***
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Mit dem LeechGet Wizard laden - D:\Program Files\LeechGet 2007\Wizard.html ()
O8 - Extra context menu item: Mit LeechGet herunterladen - D:\Program Files\LeechGet 2007\AddUrl.html ()
O8 - Extra context menu item: Mit LeechGet parsen - D:\Program Files\LeechGet 2007\Parser.html ()
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Programme\PokerStars.NET\PokerStarsUpdate.exe (PokerStars)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15109/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\common files\logitech\bluetooth\LBTWlgn.dll - c:\Programme\Common Files\Logitech\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.05.30 23:51:34 | 000,571,392 | ---- | C] (OldTimer Tools) -- C:\Users\Kaubo\Desktop\OTL.exe
[2010.05.30 23:45:19 | 000,000,000 | ---D | C] -- C:\Users\Kaubo\AppData\Roaming\Malwarebytes
[2010.05.30 23:45:01 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.05.30 23:44:59 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.05.30 23:44:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.05.30 23:43:24 | 006,153,648 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Users\Kaubo\Desktop\mbam-setup.exe
[2010.05.30 21:30:49 | 000,064,288 | ---- | C] (Lavasoft AB) -- C:\Windows\System32\drivers\Lbd.sys
[2010.05.30 21:30:47 | 000,095,024 | ---- | C] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys
[2010.05.30 21:27:46 | 000,000,000 | -H-D | C] -- C:\ProgramData\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
[2010.05.30 21:27:37 | 000,000,000 | ---D | C] -- C:\Programme\Lavasoft
[2010.05.30 21:27:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2010.05.30 21:21:23 | 097,364,760 | ---- | C] (Lavasoft                                                                                                                                                                                                                                                                                                    ) -- C:\Users\Kaubo\Desktop\Ad-AwareInstaller.exe
[2010.05.30 21:07:47 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ztvcabinet.dll
[2010.05.30 21:07:45 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\Simply Super Software
[2010.05.30 21:07:45 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Simply Super Software
[2010.05.30 21:07:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Simply Super Software
[2010.05.30 21:06:07 | 008,689,096 | ---- | C] (Simply Super Software                                       ) -- C:\Users\***\Desktop\trjsetup681.exe
[2010.05.29 17:46:01 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\Ebay-400D
[2010.05.29 17:29:42 | 000,000,000 | ---D | C] -- C:\ProgramData\ZoomBrowser
[2010.05.26 16:21:28 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\Kinderwagen
[2010.05.26 08:51:22 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010.05.07 18:30:39 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\PX Storage Engine
[2010.05.03 08:53:52 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\UltraTAGLteDe
[2009.06.04 00:57:38 | 000,060,928 | ---- | C] ( ) -- C:\Windows\System32\a3d.dll
 
========== Files - Modified Within 30 Days ==========
 
[2010.05.31 10:55:47 | 002,883,584 | ---- | M] () -- C:\Users\Kaubo\NTUSER.DAT
[2010.05.31 08:45:26 | 000,014,624 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.05.31 08:45:26 | 000,014,624 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.05.31 08:38:19 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.05.31 08:38:16 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.05.31 08:38:11 | 2615,812,096 | -HS- | M] () -- C:\hiberfil.sys
[2010.05.31 00:37:17 | 000,054,568 | ---- | M] () -- C:\Windows\System32\BMXStateBkp-{00000004-00000000-00000005-00001102-00000005-00211102}.rfx
[2010.05.31 00:37:17 | 000,054,568 | ---- | M] () -- C:\Windows\System32\BMXState-{00000004-00000000-00000005-00001102-00000005-00211102}.rfx
[2010.05.31 00:37:17 | 000,000,788 | ---- | M] () -- C:\Windows\System32\DVCState-{00000004-00000000-00000005-00001102-00000005-00211102}.rfx
[2010.05.31 00:36:58 | 079,275,638 | -H-- | M] () -- C:\Users\***\AppData\Local\IconCache.db
[2010.05.30 23:51:36 | 000,571,392 | ---- | M] (OldTimer Tools) -- C:\Users\Kaubo\Desktop\OTL.exe
[2010.05.30 23:45:03 | 000,000,677 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.05.30 23:43:42 | 006,153,648 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Users\Kaubo\Desktop\mbam-setup.exe
[2010.05.30 21:30:47 | 000,095,024 | ---- | M] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys
[2010.05.30 21:27:45 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware.lnk
[2010.05.30 21:26:14 | 001,472,002 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.05.30 21:26:14 | 000,643,628 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.05.30 21:26:14 | 000,606,992 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.05.30 21:26:14 | 000,126,188 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.05.30 21:26:14 | 000,103,370 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.05.30 21:25:56 | 097,364,760 | ---- | M] (Lavasoft                                                                                                                                                                                                                                                                                                    ) -- C:\Users\Kaubo\Desktop\Ad-AwareInstaller.exe
[2010.05.30 21:07:49 | 000,000,811 | ---- | M] () -- C:\Users\Public\Desktop\Trojan Remover.lnk
[2010.05.30 21:06:44 | 008,689,096 | ---- | M] (Simply Super Software                                       ) -- C:\Users\Kaubo\Desktop\trjsetup681.exe
[2010.05.30 19:02:11 | 000,054,472 | ---- | M] () -- C:\Windows\System32\BMXStateBkp-{00000003-00000000-00000005-00001102-00000005-00211102}.rfx
[2010.05.30 19:02:11 | 000,054,472 | ---- | M] () -- C:\Windows\System32\BMXState-{00000003-00000000-00000005-00001102-00000005-00211102}.rfx
[2010.05.30 19:02:11 | 000,000,788 | ---- | M] () -- C:\Windows\System32\DVCState-{00000003-00000000-00000005-00001102-00000005-00211102}.rfx
[2010.05.29 17:18:31 | 000,002,162 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
[2010.05.29 17:18:31 | 000,002,120 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities.lnk
[2010.05.29 17:15:53 | 000,002,548 | -H-- | M] () -- C:\Users\***\Desktop\ZbThumbnail.info
[2010.05.28 19:43:41 | 000,240,511 | ---- | M] () -- C:\Users\***\Desktop\MoniundPina.jpg
[2010.05.28 19:39:57 | 000,295,424 | ---- | M] () -- C:\Users\***\Desktop\Roemerbruecke.jpg
[2010.05.28 19:39:57 | 000,226,587 | ---- | M] () -- C:\Users\***\Desktop\MonteBaldo+.jpg
[2010.05.27 16:12:00 | 000,001,099 | ---- | M] () -- C:\Users\***\AppData\Roaming\ShiftN.ini
[2010.05.12 11:21:16 | 000,221,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010.05.07 18:35:45 | 000,174,432 | ---- | M] () -- C:\Users\***\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.05.07 18:35:07 | 002,578,344 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.05.07 18:32:31 | 000,000,901 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Photoshop Elements 8.0.lnk
[2010.05.07 16:40:58 | 000,030,536 | ---- | M] (TuneUp Software) -- C:\Windows\System32\TURegOpt.exe
[2010.05.07 16:34:46 | 000,021,320 | ---- | M] (TuneUp Software) -- C:\Windows\System32\authuitu.dll
[2010.05.07 16:34:32 | 000,030,024 | ---- | M] (TuneUp Software) -- C:\Windows\System32\uxtuneup.dll
[2010.05.03 08:53:22 | 000,038,134 | ---- | M] () -- C:\Users\***\Desktop\UltraTAGLteDe.zip
 
========== Files Created - No Company Name ==========
 
[2010.05.30 23:45:03 | 000,000,677 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.05.30 21:27:45 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Ad-Aware.lnk
[2010.05.30 21:07:49 | 000,000,811 | ---- | C] () -- C:\Users\Public\Desktop\Trojan Remover.lnk
[2010.05.30 21:07:47 | 000,162,304 | ---- | C] () -- C:\Windows\System32\ztvunrar36.dll
[2010.05.30 21:07:47 | 000,153,088 | ---- | C] () -- C:\Windows\System32\UNRAR3.dll
[2010.05.30 21:07:47 | 000,077,312 | ---- | C] () -- C:\Windows\System32\ztvunace26.dll
[2010.05.29 17:18:31 | 000,002,162 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
[2010.05.29 17:18:31 | 000,002,120 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Utilities.lnk
[2010.05.28 19:43:32 | 000,240,511 | ---- | C] () -- C:\Users\***\Desktop
[2010.05.28 19:39:57 | 000,226,587 | ---- | C] () -- C:\Users\***\Desktop
[2010.05.25 21:38:37 | 000,295,424 | ---- | C] () -- C:\Users\***\Desktop
[2010.05.07 18:32:31 | 000,000,901 | ---- | C] () -- C:\Users\Public\Desktop\
[2010.05.03 08:53:21 | 000,038,134 | ---- | C] () -- C:\Users\***\Desktop
[2010.04.02 17:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\System32
[2010.01.10 16:56:23 | 000,022,328 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2009.12.13 12:06:14 | 000,782,336 | ---- | C] () -- C:\Windows\System32\IlmImf.dll
[2009.12.13 12:06:14 | 000,353,280 | ---- | C] () -- C:\Windows\System32\pmtf2.dll
[2009.12.13 12:06:14 | 000,269,824 | ---- | C] () -- C:\Windows\System32\PhotomatixLib.dll
[2009.12.13 12:06:14 | 000,229,376 | ---- | C] () -- C:\Windows\System32\PhotomatixLib2.dll
[2009.12.13 12:06:14 | 000,216,064 | ---- | C] () -- C:\Windows\System32\pmjp.dll
[2009.12.13 12:06:14 | 000,205,824 | ---- | C] () -- C:\Windows\System32\pmtf1.dll
[2009.12.13 12:06:14 | 000,204,288 | ---- | C] () -- C:\Windows\System32\pmtf3.dll
[2009.12.13 12:06:14 | 000,112,128 | ---- | C] () -- C:\Windows\System32\PhotomatixLib3.dll
[2009.12.13 12:06:14 | 000,053,248 | ---- | C] () -- C:\Windows\System32\pmexr.dll
[2009.12.13 12:06:14 | 000,011,776 | ---- | C] () -- C:\Windows\System32\pmbm.dll
[2009.10.21 16:56:01 | 000,148,480 | ---- | C] () -- C:\Windows\System32\APOMngr.DLL
[2009.10.21 16:56:01 | 000,073,728 | ---- | C] () -- C:\Windows\System32\CmdRtr.DLL
[2009.10.21 16:31:34 | 000,003,072 | ---- | C] () -- C:\Windows\CTXFIGER.DLL
[2009.10.19 10:31:02 | 000,524,288 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2009.10.19 10:31:02 | 000,139,264 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2009.10.19 10:00:51 | 000,000,110 | ---- | C] () -- C:\Windows\ULEAD32.INI
[2009.10.18 20:44:30 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2009.10.18 19:30:36 | 000,003,906 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009.06.04 01:37:08 | 000,021,093 | ---- | C] () -- C:\Windows\System32\instwdm.ini
[2009.06.04 01:37:06 | 000,000,054 | ---- | C] () -- C:\Windows\System32\ctzapxx.ini
[2009.06.04 00:55:20 | 000,002,560 | ---- | C] () -- C:\Windows\System32\CtxfiRes.dll
[2007.12.28 09:22:02 | 000,010,296 | ---- | C] () -- C:\Windows\System32\drivers\ASUSHWIO.SYS
[2007.07.23 09:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2007.07.23 09:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2007.07.23 09:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2007.07.23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2007.07.23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2007.07.23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2007.07.23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2007.07.23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2007.07.23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2006.09.27 16:47:40 | 000,000,285 | ---- | C] () -- C:\Windows\System32\kill.ini
[2006.08.17 11:33:54 | 000,037,888 | ---- | C] () -- C:\Windows\System32\CTBURST.DLL
[2005.06.07 21:10:50 | 000,070,656 | ---- | C] () -- C:\Windows\System32\CTMMACTL.DLL
[2004.08.13 09:56:20 | 000,005,810 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys
[2003.02.20 17:53:42 | 000,005,702 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI
[2002.03.21 16:39:02 | 000,073,728 | ---- | C] () -- C:\Windows\System32\UNACEV2.DLL
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:A5B56640
< End of report >
         
--- --- ---

Alt 31.05.2010, 10:24   #7
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Trojan.Script.23483 (Engine A) - Standard

Trojan.Script.23483 (Engine A)



Zitat:
PRC - D:\Program Files\***
PRC - D:\Program Files\***
PRC - C:\Programme\***
PRC - C:\Programme\***
Du hast jetzt aber nicht zuviel editiert oder?
Bitte wirklich nur den Namen unkenntlich machen, aber sonst nichts verändern!
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 31.05.2010, 10:30   #8
Kaubo
 
Trojan.Script.23483 (Engine A) - Standard

Trojan.Script.23483 (Engine A)



Eigentlich nicht, habe nur die Name gelöscht und mit *** ersetzt.
Brauchst du noch die 2. Logfile? Da bin ich ja bis morgen dran, die Namen zu ersetzen
Wenn du sie brauchst, poste ich sie natürlich hier rein.

Gruß Kai

Alt 31.05.2010, 11:23   #9
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Trojan.Script.23483 (Engine A) - Standard

Trojan.Script.23483 (Engine A)



Zitat:
Eigentlich nicht, habe nur die Name gelöscht und mit *** ersetzt.
Sieht aber aus, als hättest Du was nach dem Namen kommt abgeschnitten. Oder hast Du Dateien direkt in C:\Programme dinr gehabt? Ich würde eher sowas erwarten:

PRC - D:\Program Files\***\hieristdasVerzeichnisvomProgramm\datei.exe
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 31.05.2010, 11:30   #10
Kaubo
 
Trojan.Script.23483 (Engine A) - Standard

Trojan.Script.23483 (Engine A)



ok, hier unzensiert....

OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 31.05.2010 10:56:07 - Run 2
OTL by OldTimer - Version 3.2.5.1     Folder = C:\Users\Kaubo\Desktop
 An unknown product  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 62,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 74,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 97,56 Gb Total Space | 61,27 Gb Free Space | 62,81% Space Free | Partition Type: NTFS
Drive D: | 195,31 Gb Total Space | 170,09 Gb Free Space | 87,08% Space Free | Partition Type: NTFS
Drive E: | 195,31 Gb Total Space | 194,11 Gb Free Space | 99,38% Space Free | Partition Type: NTFS
Drive F: | 443,23 Gb Total Space | 359,80 Gb Free Space | 81,18% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
Drive I: | 58,82 Gb Total Space | 58,73 Gb Free Space | 99,85% Space Free | Partition Type: NTFS
Drive J: | 49,53 Gb Total Space | 45,03 Gb Free Space | 90,91% Space Free | Partition Type: NTFS
Drive K: | 40,69 Gb Total Space | 30,45 Gb Free Space | 74,84% Space Free | Partition Type: NTFS
Drive L: | 100,00 Mb Total Space | 70,36 Mb Free Space | 70,37% Space Free | Partition Type: NTFS
 
Computer Name: KAUBO01
Current User Name: Kaubo
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Kaubo\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
PRC - C:\Programme\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
PRC - C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe (TuneUp Software)
PRC - C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp Software)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Common Files\G DATA\AVKProxy\AVKProxy.exe (G Data Software AG)
PRC - C:\Programme\Common Files\G DATA\GDScan\GDScan.exe (G Data Software AG)
PRC - C:\Programme\G Data\InternetSecurity\AVK\AVKWCtl.exe (G Data Software AG)
PRC - D:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe (Sony Ericsson Mobile Communications AB)
PRC - D:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\PC Connectivity Solution\ServiceLayer.exe (Nokia)
PRC - C:\Programme\PC Connectivity Solution\Transports\NclUSBSrv.exe (Nokia)
PRC - C:\Programme\PC Connectivity Solution\Transports\NclRSSrv.exe (Nokia)
PRC - D:\Program Files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)
PRC - C:\Windows\System32\atieclxx.exe (AMD)
PRC - C:\Windows\System32\atiesrxx.exe (AMD)
PRC - C:\Programme\G Data\InternetSecurity\AVKTray\AVKTray.exe (G Data Software AG)
PRC - C:\Programme\G Data\InternetSecurity\AVK\AVKService.exe (G Data Software AG)
PRC - C:\Programme\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Programme\Common Files\Logishrd\KHAL2\KHALMNPR.exe (Logitech, Inc.)
PRC - C:\Windows\System32\Ctxfihlp.exe (Creative Technology Ltd)
PRC - C:\Windows\System32\CTxfispi.exe (Creative Technology Ltd)
PRC - d:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe ()
PRC - C:\Windows\DAODx.exe ()
PRC - C:\Programme\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
PRC - D:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe (Creative Technology Ltd)
PRC - C:\Windows\CTHELPER.EXE (Creative Technology Ltd)
PRC - C:\Programme\Logitech\G-series Software\LGDCore.exe (Logitech Inc.)
PRC - C:\Programme\Logitech\G-series Software\Applets\LCDPop3\LCDPOP3.exe (Logitech Inc.)
PRC - C:\Programme\Logitech\G-series Software\Applets\LCDCountdown\LCDCountdown.exe (Logitech Inc.)
PRC - C:\Programme\Logitech\G-series Software\Applets\LCDClock.exe (Logitech Inc.)
PRC - C:\Programme\Logitech\G-series Software\Applets\LCDMedia.exe (Logitech Inc.)
PRC - C:\Programme\Logitech\G-series Software\LCDMon.exe (Logitech Inc.)
PRC - C:\Programme\Common Files\ACD Systems\DE\DevDetect.exe (ACD Systems, Ltd.)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Kaubo\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\System32\sspicli.dll (Microsoft Corporation)
MOD - C:\Windows\System32\sechost.dll (Microsoft Corporation)
MOD - C:\Windows\System32\samcli.dll (Microsoft Corporation)
MOD - C:\Windows\System32\profapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\netutils.dll (Microsoft Corporation)
MOD - C:\Windows\System32\KernelBase.dll (Microsoft Corporation)
MOD - C:\Windows\System32\dwmapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\devobj.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cryptbase.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cfgmgr32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (Lavasoft Ad-Aware Service) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SRV - (TuneUp.Defrag) -- C:\Programme\TuneUp Utilities 2010\TuneUpDefragService.exe (TuneUp Software)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\Windows\System32\uxtuneup.dll (TuneUp Software)
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (AVKProxy) -- C:\Program Files\Common Files\G DATA\AVKProxy\AVKProxy.exe (G Data Software AG)
SRV - (GDScan) -- C:\Program Files\Common Files\G DATA\GDScan\GDScan.exe (G Data Software AG)
SRV - (AVKWCtl) -- C:\Programme\G Data\InternetSecurity\AVK\AVKWCtl.exe (G Data Software AG)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (Creative Audio Engine Licensing Service) -- C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe (Creative Labs)
SRV - (AdobeActiveFileMonitor8.0) -- D:\Program Files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)
SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)
SRV - (getPlusHelper) getPlus(R) -- C:\Programme\NOS\bin\getPlus_Helper.dll (NOS Microsystems Ltd.)
SRV - (AVKService) -- C:\Programme\G Data\InternetSecurity\AVK\AVKService.exe (G Data Software AG)
SRV - (LBTServ) -- C:\Programme\Common Files\Logitech\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (WwanSvc) -- C:\Windows\System32\wwansvc.dll (Microsoft Corporation)
SRV - (WbioSrvc) -- C:\Windows\System32\wbiosrvc.dll (Microsoft Corporation)
SRV - (Power) -- C:\Windows\System32\umpo.dll (Microsoft Corporation)
SRV - (Themes) -- C:\Windows\System32\themeservice.dll (Microsoft Corporation)
SRV - (sppuinotify) -- C:\Windows\System32\sppuinotify.dll (Microsoft Corporation)
SRV - (StorSvc) -- C:\Windows\System32\StorSvc.dll (Microsoft Corporation)
SRV - (RpcEptMapper) -- C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (PNRPsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (p2pimsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (HomeGroupProvider) -- C:\Windows\System32\provsvc.dll (Microsoft Corporation)
SRV - (PNRPAutoReg) -- C:\Windows\System32\pnrpauto.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (HomeGroupListener) -- C:\Windows\System32\ListSvc.dll (Microsoft Corporation)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (Dhcp) -- C:\Windows\System32\dhcpcore.dll (Microsoft Corporation)
SRV - (defragsvc) -- C:\Windows\System32\defragsvc.dll (Microsoft Corporation)
SRV - (BDESVC) -- C:\Windows\System32\bdesvc.dll (Microsoft Corporation)
SRV - (AxInstSV) ActiveX-Installer (AxInstSV) -- C:\Windows\System32\AxInstSv.dll (Microsoft Corporation)
SRV - (AppIDSvc) -- C:\Windows\System32\appidsvc.dll (Microsoft Corporation)
SRV - (sppsvc) -- C:\Windows\System32\sppsvc.exe (Microsoft Corporation)
SRV - (OMSI download service) -- d:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe ()
SRV - (CTAudSvcService) -- C:\Programme\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (gdwfpcd) -- C:\Windows\System32\drivers\gdwfpcd32.sys (G DATA Software AG)
DRV - (GDBehave) -- C:\Windows\system32\drivers\GDBehave.sys (G Data Software AG)
DRV - (seehcri) -- C:\Windows\System32\drivers\seehcri.sys (Sony Ericsson Mobile Communications)
DRV - (ggsemc) -- C:\Windows\System32\drivers\ggsemc.sys (Sony Ericsson Mobile Communications)
DRV - (ggflt) -- C:\Windows\System32\drivers\ggflt.sys (Sony Ericsson Mobile Communications)
DRV - (Lbd) -- C:\Windows\system32\DRIVERS\Lbd.sys (Lavasoft AB)
DRV - (KSecPkg) -- C:\Windows\System32\Drivers\ksecpkg.sys (Microsoft Corporation)
DRV - (GRD) -- C:\Windows\System32\drivers\GRD.sys (G Data Software)
DRV - (GDMnIcpt) -- C:\Windows\System32\drivers\MiniIcpt.sys (G Data Software AG)
DRV - (HookCentre) -- C:\Windows\System32\drivers\HookCentre.sys (G Data Software AG)
DRV - (TuneUpUtilitiesDrv) -- C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys (TuneUp Software)
DRV - (AtiHdmiService) -- C:\Windows\System32\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (cmdide) -- C:\Windows\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (adpahci) -- C:\Windows\system32\DRIVERS\adpahci.sys (Adaptec, Inc.)
DRV - (adp94xx) -- C:\Windows\system32\DRIVERS\adp94xx.sys (Adaptec, Inc.)
DRV - (amdsbs) -- C:\Windows\system32\DRIVERS\amdsbs.sys (AMD Technologies Inc.)
DRV - (adpu320) -- C:\Windows\system32\DRIVERS\adpu320.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\DRIVERS\arcsas.sys (Adaptec, Inc.)
DRV - (amdsata) -- C:\Windows\system32\DRIVERS\amdsata.sys (Advanced Micro Devices)
DRV - (arc) -- C:\Windows\system32\DRIVERS\arc.sys (Adaptec, Inc.)
DRV - (amdxata) -- C:\Windows\system32\DRIVERS\amdxata.sys (Advanced Micro Devices)
DRV - (aliide) -- C:\Windows\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (nvstor) -- C:\Windows\system32\DRIVERS\nvstor.sys (NVIDIA Corporation)
DRV - (nvraid) -- C:\Windows\system32\DRIVERS\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\DRIVERS\nfrd960.sys (IBM Corporation)
DRV - (LSI_SAS) -- C:\Windows\system32\DRIVERS\lsi_sas.sys (LSI Corporation)
DRV - (iaStorV) -- C:\Windows\system32\DRIVERS\iaStorV.sys (Intel Corporation)
DRV - (MegaSR) -- C:\Windows\system32\DRIVERS\MegaSR.sys (LSI Corporation, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\DRIVERS\lsi_scsi.sys (LSI Corporation)
DRV - (LSI_FC) -- C:\Windows\system32\DRIVERS\lsi_fc.sys (LSI Corporation)
DRV - (LSI_SAS2) -- C:\Windows\system32\DRIVERS\lsi_sas2.sys (LSI Corporation)
DRV - (iirsp) -- C:\Windows\system32\DRIVERS\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (megasas) -- C:\Windows\system32\DRIVERS\megasas.sys (LSI Corporation)
DRV - (hwpolicy) -- C:\Windows\System32\drivers\hwpolicy.sys (Microsoft Corporation)
DRV - (elxstor) -- C:\Windows\system32\DRIVERS\elxstor.sys (Emulex)
DRV - (aic78xx) -- C:\Windows\system32\DRIVERS\djsvs.sys (Adaptec, Inc.)
DRV - (HpSAMD) -- C:\Windows\system32\DRIVERS\HpSAMD.sys (Hewlett-Packard Company)
DRV - (FsDepends) -- C:\Windows\System32\drivers\fsdepends.sys (Microsoft Corporation)
DRV - (vsmraid) -- C:\Windows\system32\DRIVERS\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (vmbus) -- C:\Windows\system32\DRIVERS\vmbus.sys (Microsoft Corporation)
DRV - (vhdmp) -- C:\Windows\system32\DRIVERS\vhdmp.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\system32\DRIVERS\vmstorfl.sys (Microsoft Corporation)
DRV - (vdrvroot) -- C:\Windows\system32\DRIVERS\vdrvroot.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\system32\DRIVERS\storvsc.sys (Microsoft Corporation)
DRV - (WIMMount) -- C:\Windows\System32\drivers\wimmount.sys (Microsoft Corporation)
DRV - (viaide) -- C:\Windows\system32\DRIVERS\viaide.sys (VIA Technologies, Inc.)
DRV - (ql2300) -- C:\Windows\system32\DRIVERS\ql2300.sys (QLogic Corporation)
DRV - (rdyboost) -- C:\Windows\System32\drivers\rdyboost.sys (Microsoft Corporation)
DRV - (ql40xx) -- C:\Windows\system32\DRIVERS\ql40xx.sys (QLogic Corporation)
DRV - (SiSRaid4) -- C:\Windows\system32\DRIVERS\sisraid4.sys (Silicon Integrated Systems)
DRV - (pcw) -- C:\Windows\System32\drivers\pcw.sys (Microsoft Corporation)
DRV - (SiSRaid2) -- C:\Windows\system32\DRIVERS\SiSRaid2.sys (Silicon Integrated Systems Corp.)
DRV - (stexstor) -- C:\Windows\system32\DRIVERS\stexstor.sys (Promise Technology)
DRV - (CNG) -- C:\Windows\System32\Drivers\cng.sys (Microsoft Corporation)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\System32\Drivers\Brserid.sys (Brother Industries Ltd.)
DRV - (rdpbus) -- C:\Windows\System32\drivers\rdpbus.sys (Microsoft Corporation)
DRV - (RDPREFMP) -- C:\Windows\System32\drivers\RDPREFMP.sys (Microsoft Corporation)
DRV - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\System32\drivers\agilevpn.sys (Microsoft Corporation)
DRV - (WfpLwf) -- C:\Windows\System32\drivers\wfplwf.sys (Microsoft Corporation)
DRV - (NdisCap) -- C:\Windows\System32\drivers\ndiscap.sys (Microsoft Corporation)
DRV - (vwifibus) -- C:\Windows\System32\drivers\vwifibus.sys (Microsoft Corporation)
DRV - (1394ohci) -- C:\Windows\System32\drivers\1394ohci.sys (Microsoft Corporation)
DRV - (UmPass) -- C:\Windows\system32\DRIVERS\umpass.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (mshidkmdf) -- C:\Windows\System32\drivers\mshidkmdf.sys (Microsoft Corporation)
DRV - (MTConfig) -- C:\Windows\system32\DRIVERS\MTConfig.sys (Microsoft Corporation)
DRV - (CompositeBus) -- C:\Windows\System32\drivers\CompositeBus.sys (Microsoft Corporation)
DRV - (AppID) -- C:\Windows\system32\drivers\appid.sys (Microsoft Corporation)
DRV - (scfilter) -- C:\Windows\System32\drivers\scfilter.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\system32\DRIVERS\vms3cap.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\system32\DRIVERS\VMBusHID.sys (Microsoft Corporation)
DRV - (discache) -- C:\Windows\System32\drivers\discache.sys (Microsoft Corporation)
DRV - (HidBatt) -- C:\Windows\system32\DRIVERS\HidBatt.sys (Microsoft Corporation)
DRV - (AcpiPmi) -- C:\Windows\system32\DRIVERS\acpipmi.sys (Microsoft Corporation)
DRV - (AmdPPM) -- C:\Windows\System32\drivers\amdppm.sys (Microsoft Corporation)
DRV - (hcw85cir) -- C:\Windows\system32\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (BrUsbMdm) -- C:\Windows\System32\Drivers\BrUsbMdm.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\System32\Drivers\BrUsbSer.sys (Brother Industries Ltd.)
DRV - (BrSerWdm) -- C:\Windows\System32\Drivers\BrSerWdm.sys (Brother Industries Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\DRIVERS\BrFiltLo.sys (Brother Industries, Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\DRIVERS\BrFiltUp.sys (Brother Industries, Ltd.)
DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation)
DRV - (ebdrv) -- C:\Windows\system32\DRIVERS\evbdx.sys (Broadcom Corporation)
DRV - (b06bdrv) -- C:\Windows\system32\DRIVERS\bxvbdx.sys (Broadcom Corporation)
DRV - (L1E) NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20) -- C:\Windows\System32\drivers\L1E62x86.sys (Atheros Communications, Inc.)
DRV - (LMouFilt) -- C:\Windows\System32\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV - (LHidFilt) -- C:\Windows\System32\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV - (ha20x2k) -- C:\Windows\System32\drivers\ha20x2k.sys (Creative Technology Ltd)
DRV - (emupia) -- C:\Windows\System32\drivers\emupia2k.sys (Creative Technology Ltd)
DRV - (ctsfm2k) -- C:\Windows\System32\drivers\ctsfm2k.sys (Creative Technology Ltd)
DRV - (ctprxy2k) -- C:\Windows\System32\drivers\ctprxy2k.sys (Creative Technology Ltd)
DRV - (ossrv) -- C:\Windows\System32\drivers\ctoss2k.sys (Creative Technology Ltd.)
DRV - (ctdvda2k) -- C:\Windows\System32\drivers\ctdvda2k.sys (Creative Technology Ltd)
DRV - (ctaud2k) Creative Audio Driver (WDM) -- C:\Windows\System32\drivers\ctaud2k.sys (Creative Technology Ltd)
DRV - (ctac32k) -- C:\Windows\System32\drivers\ctac32k.sys (Creative Technology Ltd)
DRV - (CTEXFIFX.SYS) -- C:\Windows\System32\drivers\CTEXFIFX.SYS (Creative Technology Ltd.)
DRV - (CTEXFIFX) -- C:\Windows\System32\drivers\CTEXFIFX.sys (Creative Technology Ltd.)
DRV - (CTHWIUT.SYS) -- C:\Windows\System32\drivers\CTHWIUT.SYS (Creative Technology Ltd.)
DRV - (CTHWIUT) -- C:\Windows\System32\drivers\CTHWIUT.sys (Creative Technology Ltd.)
DRV - (CT20XUT.SYS) -- C:\Windows\System32\drivers\CT20XUT.SYS (Creative Technology Ltd.)
DRV - (CT20XUT) -- C:\Windows\System32\drivers\CT20XUT.sys (Creative Technology Ltd.)
DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
DRV - (adfs) -- C:\Windows\System32\drivers\adfs.sys (Adobe Systems, Inc.)
DRV - (L8042Kbd) -- C:\Windows\System32\drivers\L8042Kbd.sys (Logitech Inc.)
DRV - (MTsensor) -- C:\Windows\System32\drivers\ASACPI.sys ()
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://gamersunion.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = C7 A6 37 FF 58 4F CA 01  [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "hxxp://www.gamersunion.de/"
FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170633FE}:20.1.0.4
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.04.03 15:05:43 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.04.22 10:45:22 | 000,000,000 | ---D | M]
 
[2010.01.15 21:49:36 | 000,000,000 | ---D | M] -- C:\Users\Kaubo\AppData\Roaming\mozilla\Extensions
[2010.01.15 21:49:36 | 000,000,000 | ---D | M] -- C:\Users\Kaubo\AppData\Roaming\mozilla\Firefox\Profiles\nvw9o5fi.default\extensions
[2010.04.21 15:21:38 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2010.04.21 15:21:38 | 000,000,000 | ---D | M] (G Data WebFilter) -- C:\Programme\Mozilla Firefox\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170633FE}
[2010.03.13 23:15:20 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.03.13 23:15:20 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.03.13 23:15:20 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.03.13 23:15:20 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.03.13 23:15:20 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2010.04.28 17:46:44 | 000,001,306 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1		activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com 
O2 - BHO: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Programme\G Data\InternetSecurity\Webfilter\AVKWebIE.dll (G Data Software AG)
O2 - BHO: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Programme\Dealio Toolbar\DealioToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Programme\G Data\InternetSecurity\Webfilter\AVKWebIE.dll (G Data Software AG)
O3 - HKLM\..\Toolbar: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Programme\Dealio Toolbar\DealioToolbarIE.dll (Spigot, Inc.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [CTCheck] D:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [CTHelper] C:\Windows\CTHELPER.EXE (Creative Technology Ltd)
O4 - HKLM..\Run: [CTxfiHlp] C:\Windows\System32\Ctxfihlp.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [DevconDefaultDB] C:\Windows\READREG.exe (Creative Technology Limited)
O4 - HKLM..\Run: [Device Detector]  File not found
O4 - HKLM..\Run: [G DATA AntiVirus Trayapplication] C:\Programme\G Data\InternetSecurity\AVKTray\AVKTray.exe (G Data Software AG)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [Launch LCDMon] C:\Program Files\Logitech\G-series Software\LCDMon.exe (Logitech Inc.)
O4 - HKLM..\Run: [Launch LGDCore] C:\Program Files\Logitech\G-series Software\LGDCore.exe (Logitech Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TrojanScanner] D:\Program Files\Trojan Remover\Trjscan.exe (Simply Super Software)
O4 - HKCU..\Run: [CTSyncU.exe] C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe ()
O4 - HKCU..\Run: [PC Suite Tray] D:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - HKCU..\Run: [Sony Ericsson PC Suite] D:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe (Sony Ericsson Mobile Communications AB)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Mit dem LeechGet Wizard laden - D:\Program Files\LeechGet 2007\Wizard.html ()
O8 - Extra context menu item: Mit LeechGet herunterladen - D:\Program Files\LeechGet 2007\AddUrl.html ()
O8 - Extra context menu item: Mit LeechGet parsen - D:\Program Files\LeechGet 2007\Parser.html ()
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Programme\PokerStars.NET\PokerStarsUpdate.exe (PokerStars)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15109/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\common files\logitech\bluetooth\LBTWlgn.dll - c:\Programme\Common Files\Logitech\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.05.30 23:51:34 | 000,571,392 | ---- | C] (OldTimer Tools) -- C:\Users\Kaubo\Desktop\OTL.exe
[2010.05.30 23:45:19 | 000,000,000 | ---D | C] -- C:\Users\Kaubo\AppData\Roaming\Malwarebytes
[2010.05.30 23:45:01 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.05.30 23:44:59 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.05.30 23:44:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.05.30 23:43:24 | 006,153,648 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Users\Kaubo\Desktop\mbam-setup.exe
[2010.05.30 21:30:49 | 000,064,288 | ---- | C] (Lavasoft AB) -- C:\Windows\System32\drivers\Lbd.sys
[2010.05.30 21:30:47 | 000,095,024 | ---- | C] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys
[2010.05.30 21:27:46 | 000,000,000 | -H-D | C] -- C:\ProgramData\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
[2010.05.30 21:27:37 | 000,000,000 | ---D | C] -- C:\Programme\Lavasoft
[2010.05.30 21:27:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2010.05.30 21:21:23 | 097,364,760 | ---- | C] (Lavasoft                                                                                                                                                                                                                                                                                                    ) -- C:\Users\Kaubo\Desktop\Ad-AwareInstaller.exe
[2010.05.30 21:07:47 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ztvcabinet.dll
[2010.05.30 21:07:45 | 000,000,000 | ---D | C] -- C:\Users\Kaubo\Documents\Simply Super Software
[2010.05.30 21:07:45 | 000,000,000 | ---D | C] -- C:\Users\Kaubo\AppData\Roaming\Simply Super Software
[2010.05.30 21:07:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Simply Super Software
[2010.05.30 21:06:07 | 008,689,096 | ---- | C] (Simply Super Software                                       ) -- C:\Users\Kaubo\Desktop\trjsetup681.exe
[2010.05.29 17:46:01 | 000,000,000 | ---D | C] -- C:\Users\Kaubo\Desktop\Ebay-400D
[2010.05.29 17:29:42 | 000,000,000 | ---D | C] -- C:\ProgramData\ZoomBrowser
[2010.05.26 16:21:28 | 000,000,000 | ---D | C] -- C:\Users\Kaubo\Desktop\Kinderwagen
[2010.05.26 08:51:22 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010.05.07 18:30:39 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\PX Storage Engine
[2010.05.03 08:53:52 | 000,000,000 | ---D | C] -- C:\Users\Kaubo\Desktop\UltraTAGLteDe
[2009.06.04 00:57:38 | 000,060,928 | ---- | C] ( ) -- C:\Windows\System32\a3d.dll
 
========== Files - Modified Within 30 Days ==========
 
[2010.05.31 10:55:47 | 002,883,584 | ---- | M] () -- C:\Users\Kaubo\NTUSER.DAT
[2010.05.31 08:45:26 | 000,014,624 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.05.31 08:45:26 | 000,014,624 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.05.31 08:38:19 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.05.31 08:38:16 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.05.31 08:38:11 | 2615,812,096 | -HS- | M] () -- C:\hiberfil.sys
[2010.05.31 00:37:17 | 000,054,568 | ---- | M] () -- C:\Windows\System32\BMXStateBkp-{00000004-00000000-00000005-00001102-00000005-00211102}.rfx
[2010.05.31 00:37:17 | 000,054,568 | ---- | M] () -- C:\Windows\System32\BMXState-{00000004-00000000-00000005-00001102-00000005-00211102}.rfx
[2010.05.31 00:37:17 | 000,000,788 | ---- | M] () -- C:\Windows\System32\DVCState-{00000004-00000000-00000005-00001102-00000005-00211102}.rfx
[2010.05.31 00:36:58 | 079,275,638 | -H-- | M] () -- C:\Users\Kaubo\AppData\Local\IconCache.db
[2010.05.30 23:51:36 | 000,571,392 | ---- | M] (OldTimer Tools) -- C:\Users\Kaubo\Desktop\OTL.exe
[2010.05.30 23:45:03 | 000,000,677 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.05.30 23:43:42 | 006,153,648 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Users\Kaubo\Desktop\mbam-setup.exe
[2010.05.30 21:30:47 | 000,095,024 | ---- | M] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys
[2010.05.30 21:27:45 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware.lnk
[2010.05.30 21:26:14 | 001,472,002 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.05.30 21:26:14 | 000,643,628 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.05.30 21:26:14 | 000,606,992 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.05.30 21:26:14 | 000,126,188 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.05.30 21:26:14 | 000,103,370 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.05.30 21:25:56 | 097,364,760 | ---- | M] (Lavasoft                                                                                                                                                                                                                                                                                                    ) -- C:\Users\Kaubo\Desktop\Ad-AwareInstaller.exe
[2010.05.30 21:07:49 | 000,000,811 | ---- | M] () -- C:\Users\Public\Desktop\Trojan Remover.lnk
[2010.05.30 21:06:44 | 008,689,096 | ---- | M] (Simply Super Software                                       ) -- C:\Users\Kaubo\Desktop\trjsetup681.exe
[2010.05.30 19:02:11 | 000,054,472 | ---- | M] () -- C:\Windows\System32\BMXStateBkp-{00000003-00000000-00000005-00001102-00000005-00211102}.rfx
[2010.05.30 19:02:11 | 000,054,472 | ---- | M] () -- C:\Windows\System32\BMXState-{00000003-00000000-00000005-00001102-00000005-00211102}.rfx
[2010.05.30 19:02:11 | 000,000,788 | ---- | M] () -- C:\Windows\System32\DVCState-{00000003-00000000-00000005-00001102-00000005-00211102}.rfx
[2010.05.29 17:18:31 | 000,002,162 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
[2010.05.29 17:18:31 | 000,002,120 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities.lnk
[2010.05.29 17:15:53 | 000,002,548 | -H-- | M] () -- C:\Users\Kaubo\Desktop\ZbThumbnail.info
[2010.05.28 19:43:41 | 000,240,511 | ---- | M] () -- C:\Users\Kaubo\Desktop\MoniundPina.jpg
[2010.05.28 19:39:57 | 000,295,424 | ---- | M] () -- C:\Users\Kaubo\Desktop\Roemerbruecke.jpg
[2010.05.28 19:39:57 | 000,226,587 | ---- | M] () -- C:\Users\Kaubo\Desktop\MonteBaldo+.jpg
[2010.05.27 16:12:00 | 000,001,099 | ---- | M] () -- C:\Users\Kaubo\AppData\Roaming\ShiftN.ini
[2010.05.12 11:21:16 | 000,221,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010.05.07 18:35:45 | 000,174,432 | ---- | M] () -- C:\Users\Kaubo\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.05.07 18:35:07 | 002,578,344 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.05.07 18:32:31 | 000,000,901 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Photoshop Elements 8.0.lnk
[2010.05.07 16:40:58 | 000,030,536 | ---- | M] (TuneUp Software) -- C:\Windows\System32\TURegOpt.exe
[2010.05.07 16:34:46 | 000,021,320 | ---- | M] (TuneUp Software) -- C:\Windows\System32\authuitu.dll
[2010.05.07 16:34:32 | 000,030,024 | ---- | M] (TuneUp Software) -- C:\Windows\System32\uxtuneup.dll
[2010.05.03 08:53:22 | 000,038,134 | ---- | M] () -- C:\Users\Kaubo\Desktop\UltraTAGLteDe.zip
 
========== Files Created - No Company Name ==========
 
[2010.05.30 23:45:03 | 000,000,677 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.05.30 21:27:45 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Ad-Aware.lnk
[2010.05.30 21:07:49 | 000,000,811 | ---- | C] () -- C:\Users\Public\Desktop\Trojan Remover.lnk
[2010.05.30 21:07:47 | 000,162,304 | ---- | C] () -- C:\Windows\System32\ztvunrar36.dll
[2010.05.30 21:07:47 | 000,153,088 | ---- | C] () -- C:\Windows\System32\UNRAR3.dll
[2010.05.30 21:07:47 | 000,077,312 | ---- | C] () -- C:\Windows\System32\ztvunace26.dll
[2010.05.29 17:18:31 | 000,002,162 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
[2010.05.29 17:18:31 | 000,002,120 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Utilities.lnk
[2010.05.28 19:43:32 | 000,240,511 | ---- | C] () -- C:\Users\Kaubo\Desktop\MoniundPina.jpg
[2010.05.28 19:39:57 | 000,226,587 | ---- | C] () -- C:\Users\Kaubo\Desktop\MonteBaldo+.jpg
[2010.05.25 21:38:37 | 000,295,424 | ---- | C] () -- C:\Users\Kaubo\Desktop\Roemerbruecke.jpg
[2010.05.07 18:32:31 | 000,000,901 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Photoshop Elements 8.0.lnk
[2010.05.03 08:53:21 | 000,038,134 | ---- | C] () -- C:\Users\Kaubo\Desktop\UltraTAGLteDe.zip
[2010.04.02 17:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2010.01.10 16:56:23 | 000,022,328 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2009.12.13 12:06:14 | 000,782,336 | ---- | C] () -- C:\Windows\System32\IlmImf.dll
[2009.12.13 12:06:14 | 000,353,280 | ---- | C] () -- C:\Windows\System32\pmtf2.dll
[2009.12.13 12:06:14 | 000,269,824 | ---- | C] () -- C:\Windows\System32\PhotomatixLib.dll
[2009.12.13 12:06:14 | 000,229,376 | ---- | C] () -- C:\Windows\System32\PhotomatixLib2.dll
[2009.12.13 12:06:14 | 000,216,064 | ---- | C] () -- C:\Windows\System32\pmjp.dll
[2009.12.13 12:06:14 | 000,205,824 | ---- | C] () -- C:\Windows\System32\pmtf1.dll
[2009.12.13 12:06:14 | 000,204,288 | ---- | C] () -- C:\Windows\System32\pmtf3.dll
[2009.12.13 12:06:14 | 000,112,128 | ---- | C] () -- C:\Windows\System32\PhotomatixLib3.dll
[2009.12.13 12:06:14 | 000,053,248 | ---- | C] () -- C:\Windows\System32\pmexr.dll
[2009.12.13 12:06:14 | 000,011,776 | ---- | C] () -- C:\Windows\System32\pmbm.dll
[2009.10.21 16:56:01 | 000,148,480 | ---- | C] () -- C:\Windows\System32\APOMngr.DLL
[2009.10.21 16:56:01 | 000,073,728 | ---- | C] () -- C:\Windows\System32\CmdRtr.DLL
[2009.10.21 16:31:34 | 000,003,072 | ---- | C] () -- C:\Windows\CTXFIGER.DLL
[2009.10.19 10:31:02 | 000,524,288 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2009.10.19 10:31:02 | 000,139,264 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2009.10.19 10:00:51 | 000,000,110 | ---- | C] () -- C:\Windows\ULEAD32.INI
[2009.10.18 20:44:30 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2009.10.18 19:30:36 | 000,003,906 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009.06.04 01:37:08 | 000,021,093 | ---- | C] () -- C:\Windows\System32\instwdm.ini
[2009.06.04 01:37:06 | 000,000,054 | ---- | C] () -- C:\Windows\System32\ctzapxx.ini
[2009.06.04 00:55:20 | 000,002,560 | ---- | C] () -- C:\Windows\System32\CtxfiRes.dll
[2007.12.28 09:22:02 | 000,010,296 | ---- | C] () -- C:\Windows\System32\drivers\ASUSHWIO.SYS
[2007.07.23 09:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2007.07.23 09:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2007.07.23 09:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2007.07.23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2007.07.23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2007.07.23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2007.07.23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2007.07.23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2007.07.23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2006.09.27 16:47:40 | 000,000,285 | ---- | C] () -- C:\Windows\System32\kill.ini
[2006.08.17 11:33:54 | 000,037,888 | ---- | C] () -- C:\Windows\System32\CTBURST.DLL
[2005.06.07 21:10:50 | 000,070,656 | ---- | C] () -- C:\Windows\System32\CTMMACTL.DLL
[2004.08.13 09:56:20 | 000,005,810 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys
[2003.02.20 17:53:42 | 000,005,702 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI
[2002.03.21 16:39:02 | 000,073,728 | ---- | C] () -- C:\Windows\System32\UNACEV2.DLL
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:A5B56640
< End of report >
         
--- --- ---

Alt 31.05.2010, 11:48   #11
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Trojan.Script.23483 (Engine A) - Standard

Trojan.Script.23483 (Engine A)



Sieht unauffällig aus. Noch Probleme? Gabs in der Zwischenzeit weitere Funde?
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 31.05.2010, 12:00   #12
Kaubo
 
Trojan.Script.23483 (Engine A) - Standard

Trojan.Script.23483 (Engine A)



Ja, jedesmal, wenn ich die Datei mit G Data scanne, findet er den Trojaner, kann ihn aber weder löschen noch in Quarantäne schicken. Gestern hat sich G Data auch mal zwischendruch gemeldet und mich auf den Trojaner in der besagten Datein hingewiesen. Mit den anderen Programmen wurde er nicht gefunden....

Alt 31.05.2010, 12:26   #13
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Trojan.Script.23483 (Engine A) - Standard

Trojan.Script.23483 (Engine A)



Ich vermute da eher einen Fehlalarm...
Werte die angemeckerte Datei doch mal bei Virustotal aus.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 31.05.2010, 14:05   #14
Kaubo
 
Trojan.Script.23483 (Engine A) - Standard

Trojan.Script.23483 (Engine A)



Hi Cosinus,
erst mal vielen Dank für deine Hilfe, bin jetzt ein wenig beruhigter und werde die Datei mal intensiver scannen. Kannst du dann mal bitte die Logfiles, die ich eingestellt habe "entschärfen". Kann leider meine eigenen Beiträge nicht mehr editieren?

Gruß Kai

Alt 31.05.2010, 14:58   #15
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Trojan.Script.23483 (Engine A) - Standard

Trojan.Script.23483 (Engine A)



Ich kann nichts editieren, melde Deinen Beitrag oder wende Dich an die Admins Da Guru oder Sunny.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Antwort

Themen zu Trojan.Script.23483 (Engine A)
bewirkt, c:\windows, data, datei, engine, entdeck, g data, google, hallo zusammen, hilfreiche, hoffe, informationen, interne, internet, löschen, quarantäne, scan, security, troja, trojaner, verzeichnis, weiterhelfen, windows, wirklich, zusammen



Ähnliche Themen: Trojan.Script.23483 (Engine A)


  1. Wie entferne ich "Script.Adware.DealPly.G (Engine B)" unter Windows7?
    Log-Analyse und Auswertung - 06.10.2015 (20)
  2. G Data meldet Junkware (PUP): Script.Adware.DealPly.G (Engine B)
    Log-Analyse und Auswertung - 01.08.2015 (18)
  3. Seit heute morgen, folgende Meldung:Script.Trojan-Ransom.Browlock.E (Engine B)
    Plagegeister aller Art und deren Bekämpfung - 02.07.2015 (1)
  4. Virus: Script.Adware.DealPly.G (Engine B)
    Log-Analyse und Auswertung - 21.04.2015 (17)
  5. WIN7 Meldung Script.Adware.DealPly.G (Engine B)
    Log-Analyse und Auswertung - 23.03.2015 (11)
  6. Win7 Virenalarm mit Virus Script.Adware.DealPly.G (Engine B)
    Log-Analyse und Auswertung - 23.02.2015 (17)
  7. W 8.1,Trojaner kann von mir nicht entfernt werden.Virus: Trojan.GenericKD.1673711 (Engine A),Virus: Win32.Trojan.Pirpi.A (Engine B)
    Plagegeister aller Art und deren Bekämpfung - 21.08.2014 (3)
  8. win32.Trojan-spy.VIS.A, Script. Trojan-Spy.VIS.B (engineB) - Bankpassworttrojaner gefunden!
    Plagegeister aller Art und deren Bekämpfung - 31.03.2014 (19)
  9. [Win XP] botnet: ntp-muliplier; desinfect: Trojan.Script.Iframer, Trojan.Heur.TP, Win.Trojan.Iniduoh, Win.Trojan.Ramnit
    Log-Analyse und Auswertung - 08.02.2014 (16)
  10. G-Data ständig Virenalarm bei Prüfung von Webinhalten-Trojan.Script.161581 (Engine A)
    Log-Analyse und Auswertung - 17.01.2014 (3)
  11. Win32:Malware-gen [Engine B] und Trojan.GenericKDZ.18343 [Engine A] u.a.
    Log-Analyse und Auswertung - 01.11.2013 (24)
  12. Infizierte Webseite: Trojan.JS.Agent.EUZ (Engine A), HTML:ImgHack-A [Trj] (Engine B)
    Log-Analyse und Auswertung - 31.01.2012 (1)
  13. Trojan.Generic.IS.541395 und Trojan.Script.190190
    Plagegeister aller Art und deren Bekämpfung - 29.03.2010 (17)
  14. Trojan.FakeAv.KSP (Engine A)
    Antiviren-, Firewall- und andere Schutzprogramme - 03.03.2010 (3)
  15. trojan.Win32.Tdss.why (Engine A)
    Plagegeister aller Art und deren Bekämpfung - 30.04.2009 (7)
  16. Win32: Trojan-Gen Delphi Engine B
    Plagegeister aller Art und deren Bekämpfung - 23.10.2008 (2)
  17. Trojan-Spy.Win32.Goldun.oz[KAV-Engine]
    Plagegeister aller Art und deren Bekämpfung - 24.04.2007 (7)

Zum Thema Trojan.Script.23483 (Engine A) - Hallo zusammen, meine G Data Internet Security hat soeben bei einem Scan einen Trojaner entdeckt. Es handelt sich um den Trojan.Script.23483 (Engine A) , der sich in der Datei Segment2.cmf - Trojan.Script.23483 (Engine A)...
Archiv
Du betrachtest: Trojan.Script.23483 (Engine A) auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.