Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Icq Virus 'Schau dir das Bild mal an :D'

Icq Virus 'Schau dir das Bild mal an :D'


Log-Analyse und Auswertung: Icq Virus 'Schau dir das Bild mal an :D'

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 24.06.2010, 13:13   #1
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Icq Virus 'Schau dir das Bild mal an :D' - Standard

Icq Virus 'Schau dir das Bild mal an :D'


Zitat:
Datenbank Version: 4077
Du hast Malwarebytes vorher nicht aktualisiert. Bitte updaten und den Vollscan wiederholen.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 24.06.2010, 13:20   #2
Randi
 
Icq Virus 'Schau dir das Bild mal an :D' - Standard

Icq Virus 'Schau dir das Bild mal an :D'


Zitat:
Zitat von cosinus Beitrag anzeigen
Du hast Malwarebytes vorher nicht aktualisiert. Bitte updaten und den Vollscan wiederholen.
Alles klar.
Soeben neues update auf '4232'.

Vollscan gestartet und LogFiles werden in kürze neu gepostet!
__________________
Alt 24.06.2010, 14:04   #3
Randi
 
Icq Virus 'Schau dir das Bild mal an :D' - Standard

Icq Virus 'Schau dir das Bild mal an :D'


So hier meine neuen
malwarebytes logfiles:

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 4232

Windows 6.0.6000
Internet Explorer 7.0.6000.17037

24.06.2010 15:02:46
mbam-log-2010-06-24 (15-02-46).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|G:\|H:\|I:\|K:\|)
Durchsuchte Objekte: 220130
Laufzeit: 42 Minute(n), 26 Sekunde(n)

Infizierte Speicherprozesse: 1
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 3
Infizierte Registrierungswerte: 1
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 4

Infizierte Speicherprozesse:
C:\Users\Public\winvsrnc.exe (Trojan.IRCBrute) -> No action taken.

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_CURRENT_USER\SOFTWARE\V71IQL7HI7 (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> No action taken.

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\windows system updates (Trojan.IRCBrute) -> No action taken.

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
C:\Users\Public\winvsrnc.exe (Trojan.IRCBrute) -> No action taken.
C:\Users\sushikiste\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1TZR9IA1\install.52074[1].exe (Trojan.Downloader) -> No action taken.
C:\Users\sushikiste\AppData\Local\Temp\sshnas21.dll (Trojan.Downloader) -> No action taken.
C:\Windows\Tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job (Trojan.Downloader) -> No action taken.

1. OTL LogFile
OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 24.06.2010 15:05:05 - Run 2
OTL by OldTimer - Version 3.2.7.0     Folder = C:\Users\sushikiste\Desktop
Windows Vista Home Premium Edition  (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.17037)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 43,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 69,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 288,04 Gb Total Space | 141,27 Gb Free Space | 49,05% Space Free | Partition Type: NTFS
Drive D: | 10,00 Gb Total Space | 5,83 Gb Free Space | 58,30% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: SUSHIKISTE-PC
Current User Name: sushikiste
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
 
========== Processes (SafeList) ==========
 
PRC - [2010.06.24 14:04:56 | 000,176,128 | ---- | M] () -- C:\Users\SUSHIK~1\AppData\Local\Temp\Yfr.exe
PRC - [2010.06.24 12:44:47 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Users\sushikiste\Desktop\OTL.exe
PRC - [2010.06.23 19:33:05 | 000,070,656 | RHS- | M] () -- C:\Users\Public\winvsrnc.exe
PRC - [2010.05.13 16:40:02 | 000,040,960 | ---- | M] () -- C:\Users\sushikiste\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe
PRC - [2010.04.29 15:39:32 | 001,090,952 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2010.04.21 01:05:35 | 001,006,264 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2010.04.21 00:34:24 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.04.01 13:33:15 | 000,267,432 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2010.03.19 10:49:20 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010.03.18 01:43:38 | 000,835,952 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2010.03.02 11:28:23 | 000,282,792 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.02.24 10:28:01 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2010.02.18 12:49:40 | 000,357,448 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe
PRC - [2010.02.18 12:47:34 | 003,203,144 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
PRC - [2010.02.18 12:25:20 | 000,498,760 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\GamePanel Software\Applets\LCDRSS.exe
PRC - [2010.02.18 12:25:10 | 000,477,768 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\GamePanel Software\Applets\LCDPop3.exe
PRC - [2010.02.18 12:24:42 | 001,573,448 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
PRC - [2010.02.18 12:24:32 | 000,522,824 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe
PRC - [2010.02.18 12:24:22 | 000,523,848 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\GamePanel Software\Applets\LCDCountdown.exe
PRC - [2010.02.18 12:24:12 | 000,676,424 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\GamePanel Software\Applets\LCDClock.exe
PRC - [2010.01.14 22:10:53 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2010.01.03 17:07:48 | 000,246,520 | ---- | M] () -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe
PRC - [2007.09.04 19:25:44 | 000,131,072 | ---- | M] (NVIDIA) -- C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
PRC - [2007.03.01 15:38:48 | 004,390,912 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2006.05.29 20:29:46 | 001,708,032 | ---- | M] () -- C:\Program Files\NETGEAR\WG111v3\WG111v3.exe
 
 
========== Modules (SafeList) ==========
 
MOD - [2010.06.24 12:44:47 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Users\sushikiste\Desktop\OTL.exe
MOD - [2006.11.02 11:44:49 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
MOD - [2006.11.02 11:38:57 | 001,648,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2010.05.13 16:40:02 | 000,040,960 | ---- | M] () [Auto | Running] -- C:\Users\sushikiste\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe -- (SearchAnonymizer)
SRV - [2010.04.21 01:05:35 | 000,265,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2010.04.01 13:33:15 | 000,267,432 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010.03.19 10:49:20 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010.02.24 10:28:01 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010.01.03 17:07:48 | 000,246,520 | ---- | M] () [Auto | Running] -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2007.09.04 19:25:44 | 000,131,072 | ---- | M] (NVIDIA) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe -- (nTuneService)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2010.05.29 22:14:49 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010.04.29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2010.04.21 18:50:41 | 000,002,368 | ---- | M] (AntiCracking) [Kernel | Auto | Running] -- C:\Windows\System32\SVKP.sys -- (SVKP)
DRV - [2010.03.01 10:05:19 | 000,124,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2010.02.16 14:24:01 | 000,060,936 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009.11.23 17:37:18 | 000,014,856 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LGVirHid.sys -- (LGVirHid)
DRV - [2009.11.23 17:37:08 | 000,019,720 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV - [2009.05.11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2008.05.16 06:33:14 | 000,115,752 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016unic.sys -- (s0016unic) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM)
DRV - [2008.05.16 06:33:14 | 000,025,512 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016nd5.sys -- (s0016nd5) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS)
DRV - [2008.05.16 06:33:14 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016mdfl.sys -- (s0016mdfl)
DRV - [2008.05.16 06:33:12 | 000,120,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016mdm.sys -- (s0016mdm)
DRV - [2008.05.16 06:33:12 | 000,114,216 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016mgmt.sys -- (s0016mgmt) Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM)
DRV - [2008.05.16 06:33:12 | 000,110,632 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016obex.sys -- (s0016obex)
DRV - [2008.05.16 06:33:12 | 000,089,256 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016bus.sys -- (s0016bus) Sony Ericsson Device 0016 driver (WDM)
DRV - [2007.09.17 00:07:00 | 007,624,192 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2007.09.04 19:26:32 | 000,029,696 | ---- | M] (NVidia Corp.) [Kernel | On_Demand | Running] -- C:\Windows\nvoclock.sys -- (NVR0Dev)
DRV - [2007.08.27 13:20:34 | 001,062,048 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2007.04.23 14:19:24 | 000,227,328 | ---- | M] (NETGEAR Inc.                           ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wg111v3.sys -- (RTL8187B)
DRV - [2007.03.01 16:21:10 | 001,744,928 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007.02.22 03:55:35 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2007.02.22 03:55:35 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007.02.22 03:55:34 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2007.01.06 07:59:42 | 000,035,920 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2007.01.06 07:59:34 | 000,086,096 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid) NVIDIA nForce(tm)
DRV - [2006.11.02 11:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006.11.02 11:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006.11.02 11:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006.11.02 11:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006.11.02 11:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006.11.02 11:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006.11.02 11:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006.11.02 11:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006.11.02 11:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006.11.02 11:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006.11.02 11:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006.11.02 11:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006.11.02 11:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006.11.02 11:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006.11.02 11:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006.11.02 11:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006.11.02 11:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006.11.02 11:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006.11.02 11:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006.11.02 11:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006.11.02 11:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006.11.02 11:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006.11.02 11:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006.11.02 11:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006.11.02 11:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006.11.02 11:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006.11.02 11:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006.11.02 11:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006.11.02 11:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006.11.02 10:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006.11.02 10:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006.11.02 10:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006.11.02 10:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006.11.02 10:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006.11.02 10:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006.11.02 09:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006.11.02 09:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2006.11.02 09:30:53 | 000,464,384 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BCMWL6.SYS -- (BCM43XV)
DRV - [2006.09.24 15:28:46 | 000,005,248 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Boot | Running] -- C:\Windows\system32\speedfan.sys -- (speedfan)
DRV - [1996.04.03 21:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\system32\giveio.sys -- (giveio)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\tbDVDV.dll (Conduit Ltd.)
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\..\URLSearchHook: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\tbDVDV.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (DVDVideoSoft Toolbar) - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\tbDVDV.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (DVDVideoSoft Toolbar) - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\tbDVDV.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoft Toolbar) - {E9911EC6-1BCC-40B0-9993-E0EEA7F6953F} - C:\Program Files\DVDVideoSoft\tbDVDV.dll (Conduit Ltd.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Launch LCDMon] C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe (Logitech Inc.)
O4 - HKLM..\Run: [Launch LGDCore] C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe (Logitech Inc.)
O4 - HKLM..\Run: [Launch LgDeviceAgent] C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe (Logitech Inc.)
O4 - HKLM..\Run: [ Malwarebytes Anti-Malware  (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [Ocs_SM] C:\Users\sushikiste\AppData\Roaming\OCS\SM\SearchAnonymizer.exe (OCS)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [EBUNWVLUMV] C:\Users\SUSHIK~1\AppData\Local\Temp\Yfr.exe ()
O4 - HKCU..\Run: [Halo2] C:\Benutzer\sushikiste\AppData\Local\Temp\sshnas21.dll File not found
O4 - HKCU..\Run: [ICQ] C:\Program Files\ICQ7.1\ICQ.exe (ICQ, LLC.)
O4 - HKCU..\Run: [NVIDIA nTune] C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe (NVIDIA)
O4 - HKCU..\Run: [Sony Ericsson PC Suite] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe (Sony Ericsson Mobile Communications AB)
O4 - HKCU..\Run: [Windows System Updates] C:\Users\Public\winvsrnc.exe ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\sushikiste\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {6678BE91-1E04-4A4A-9C32-63145EA79C2A} hxxp://fifa-online.easports.com/fo3-theme/addons/EAFO3AXLauncher.cab (EAFO3AXLauncher Control)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\sushikiste\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\sushikiste\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{ab8be8b0-6b5f-11df-a6db-001aa0594040}\Shell - "" = AutoRun
O33 - MountPoints2\{ab8be8b0-6b5f-11df-a6db-001aa0594040}\Shell\AutoRun\command - "" = K:\Launch.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.06.24 12:44:47 | 000,574,464 | ---- | C] (OldTimer Tools) -- C:\Users\sushikiste\Desktop\OTL.exe
[2010.06.23 19:50:29 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010.06.23 19:49:52 | 000,812,344 | ---- | C] (Trend Micro Inc.) -- C:\Users\sushikiste\Desktop\HJTInstall.exe
[2010.06.13 18:57:57 | 000,000,000 | ---D | C] -- C:\Users\sushikiste\Desktop\ertert_data
[2010.06.13 18:57:29 | 000,000,000 | ---D | C] -- C:\Program Files\Audacity
[2010.06.13 18:57:12 | 002,228,534 | ---- | C] (                                                            ) -- C:\Users\sushikiste\Desktop\audacity-win-1.2.6.exe
[2010.06.13 18:53:40 | 000,000,000 | ---D | C] -- C:\Users\sushikiste\AppData\Local\PunkBuster
[2010.06.13 18:53:30 | 000,000,000 | ---D | C] -- C:\Users\sushikiste\Documents\EA SPORTS(TM) FIFA Online
[2010.06.13 18:35:25 | 000,000,000 | ---D | C] -- C:\Program Files\EA Sports
[2010.06.13 18:31:29 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\FIFAOnlineSetup
[2010.06.13 18:31:00 | 005,866,600 | ---- | C] (Electronic Arts) -- C:\Users\sushikiste\Desktop\FIFAOnlineSetup.exe
[2010.06.06 17:01:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Blizzard Entertainment
[2010.06.06 15:58:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2010.06.06 15:57:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard
[2010.06.06 15:46:33 | 000,000,000 | ---D | C] -- C:\Users\sushikiste\Desktop\World of Warcraft
[2010.06.06 15:44:35 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Blizzard Entertainment
[2010.06.04 19:18:03 | 000,000,000 | ---D | C] -- C:\Program Files\DVDVideoSoftTB
[2010.06.04 19:18:01 | 000,000,000 | ---D | C] -- C:\Users\sushikiste\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.05.29 22:26:25 | 000,000,000 | ---D | C] -- C:\Program Files\SEGA
[2010.05.29 22:17:53 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Toolbar
[2010.05.29 22:14:26 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2010.05.29 22:14:19 | 000,000,000 | ---D | C] -- C:\Users\sushikiste\AppData\Roaming\DAEMON Tools Lite
[2010.05.29 22:14:17 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2010.05.29 21:53:09 | 000,000,000 | ---D | C] -- C:\Users\sushikiste\Desktop\Medieval II - Total War
[2010.05.27 23:58:12 | 000,000,000 | ---D | C] -- C:\Program Files\Audio Recorder Pro
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2010.06.24 15:06:39 | 002,097,152 | -HS- | M] () -- C:\Users\sushikiste\ntuser.dat
[2010.06.24 15:05:01 | 000,000,302 | -H-- | M] () -- C:\Windows\tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job
[2010.06.24 14:44:36 | 000,000,302 | -H-- | M] () -- C:\Windows\tasks\{62C40AA6-4406-467a-A5A5-DFDF1B559B7A}.job
[2010.06.24 14:31:12 | 000,003,680 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.06.24 14:31:12 | 000,003,680 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.06.24 13:36:50 | 000,641,106 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.06.24 13:36:50 | 000,609,944 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.06.24 13:36:50 | 000,103,726 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.06.24 13:36:49 | 001,461,736 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.06.24 13:36:49 | 000,116,500 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.06.24 13:31:14 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.06.24 13:31:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.06.24 13:29:43 | 002,773,612 | -H-- | M] () -- C:\Users\sushikiste\AppData\Local\IconCache.db
[2010.06.24 12:44:47 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Users\sushikiste\Desktop\OTL.exe
[2010.06.23 19:50:29 | 000,001,834 | ---- | M] () -- C:\Users\sushikiste\Desktop\HijackThis.lnk
[2010.06.23 19:49:52 | 000,812,344 | ---- | M] (Trend Micro Inc.) -- C:\Users\sushikiste\Desktop\HJTInstall.exe
[2010.06.21 17:54:42 | 000,384,160 | ---- | M] () -- C:\Users\sushikiste\Desktop\Hip hop  Beat in Fl studio 8 (Free MP3 Download).sfk
[2010.06.21 17:54:40 | 006,879,088 | ---- | M] () -- C:\Users\sushikiste\Desktop\beathiphoplol.mp3
[2010.06.21 17:47:04 | 000,025,194 | ---- | M] () -- C:\Users\sushikiste\Desktop\saftig.jpg
[2010.06.20 22:50:04 | 000,023,976 | ---- | M] () -- C:\Users\sushikiste\Documents\Wow 2010-06-20 22-41-12-53.avi.sfk
[2010.06.20 22:41:46 | 000,037,888 | ---- | M] () -- C:\Users\sushikiste\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.06.20 22:41:28 | 447,565,544 | ---- | M] () -- C:\Users\sushikiste\Documents\Wow 2010-06-20 22-41-12-53.avi
[2010.06.18 14:07:22 | 000,000,600 | ---- | M] () -- C:\Users\sushikiste\Documents\Standard.sfvidcap
[2010.06.16 23:24:22 | 000,022,496 | ---- | M] () -- C:\Users\sushikiste\Desktop\lolol.sfk
[2010.06.16 23:22:25 | 002,871,340 | ---- | M] () -- C:\Users\sushikiste\Desktop\lolol.wav
[2010.06.16 23:10:25 | 006,341,539 | ---- | M] () -- C:\Users\sushikiste\Desktop\joshasascha.wmv
[2010.06.16 20:51:06 | 001,177,289 | ---- | M] () -- C:\Users\sushikiste\Desktop\peaceisalie.mp3
[2010.06.16 17:26:15 | 038,965,292 | ---- | M] () -- C:\Users\sushikiste\Desktop\Inner Circle - Sweat [A la la la la long] (Instrumental).wav
[2010.06.16 16:54:15 | 049,164,332 | ---- | M] () -- C:\Users\sushikiste\Desktop\Hip hop  Beat in Fl studio 8 (Free MP3 Download).wav
[2010.06.15 00:04:41 | 002,042,465 | ---- | M] () -- C:\Users\sushikiste\Desktop\epictest.mp3
[2010.06.14 16:09:03 | 000,138,968 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010.06.14 16:08:55 | 000,214,592 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr
[2010.06.13 18:57:30 | 000,000,712 | ---- | M] () -- C:\Users\sushikiste\Desktop\Audacity.lnk
[2010.06.13 18:57:13 | 002,228,534 | ---- | M] (                                                            ) -- C:\Users\sushikiste\Desktop\audacity-win-1.2.6.exe
[2010.06.13 18:35:09 | 000,139,152 | ---- | M] () -- C:\Users\sushikiste\AppData\Roaming\PnkBstrK.sys
[2010.06.13 18:34:52 | 000,794,408 | ---- | M] () -- C:\Windows\System32\pbsvc.exe
[2010.06.13 18:31:09 | 005,866,600 | ---- | M] (Electronic Arts) -- C:\Users\sushikiste\Desktop\FIFAOnlineSetup.exe
[2010.06.11 22:32:51 | 000,000,606 | ---- | M] () -- C:\Users\sushikiste\Desktop\Wow - Verknüpfung.lnk
[2010.06.10 21:39:16 | 005,293,527 | ---- | M] () -- C:\Users\sushikiste\Desktop\LoLRoflcopteR.wmv
[2010.06.10 21:36:38 | 000,345,603 | ---- | M] () -- C:\Users\sushikiste\Desktop\LolRofl.wma
[2010.06.04 19:17:58 | 000,001,032 | ---- | M] () -- C:\Users\sushikiste\Desktop\DVDVideoSoft Free Studio.lnk
[2010.06.04 19:10:33 | 000,198,520 | ---- | M] () -- C:\Users\sushikiste\Documents\League of Legends 2010-06-04 19-02-08-95.avi.sfk
[2010.06.04 19:04:21 | 2935,082,064 | ---- | M] () -- C:\Users\sushikiste\Documents\League of Legends 2010-06-04 19-02-08-95.avi
[2010.06.02 21:16:08 | 000,000,959 | ---- | M] () -- C:\Users\sushikiste\Desktop\TeamSpeak 3 Client.lnk
[2010.06.01 22:10:57 | 868,713,536 | ---- | M] () -- C:\Users\sushikiste\Documents\League of Legends 2010-06-01 22-10-16-74.avi
[2010.06.01 00:19:08 | 3102,811,456 | ---- | M] () -- C:\Users\sushikiste\Documents\League of Legends 2010-06-01 00-17-03-84.avi
[2010.06.01 00:13:46 | 3414,904,832 | ---- | M] () -- C:\Users\sushikiste\Documents\League of Legends 2010-06-01 00-11-20-69.avi
[2010.06.01 00:10:39 | 682,331,048 | ---- | M] () -- C:\Users\sushikiste\Documents\League of Legends 2010-06-01 00-10-11-06.avi
[2010.05.30 18:43:39 | 000,396,280 | ---- | M] () -- C:\Users\sushikiste\Documents\medieval2 2010-05-30 07-15-45-84.avi.sfk
[2010.05.30 07:43:01 | 3355,544,680 | ---- | M] () -- C:\Users\sushikiste\Documents\medieval2 2010-05-30 07-40-48-81.avi
[2010.05.30 07:40:48 | 4195,460,336 | ---- | M] () -- C:\Users\sushikiste\Documents\medieval2 2010-05-30 07-37-39-94.avi
[2010.05.30 07:25:51 | 391,843,272 | ---- | M] () -- C:\Users\sushikiste\Documents\medieval2 2010-05-30 07-25-14-96.avi
[2010.05.30 07:25:15 | 4195,222,904 | ---- | M] () -- C:\Users\sushikiste\Documents\medieval2 2010-05-30 07-20-33-37.avi
[2010.05.30 07:20:33 | 4195,088,192 | ---- | M] () -- C:\Users\sushikiste\Documents\medieval2 2010-05-30 07-15-45-84.avi
[2010.05.30 04:33:54 | 615,926,080 | ---- | M] () -- C:\Users\sushikiste\Documents\medieval2 2010-05-30 04-33-00-22.avi
[2010.05.29 22:41:24 | 000,001,899 | ---- | M] () -- C:\Users\Public\Desktop\Medieval II Total War.lnk
[2010.05.29 22:17:52 | 000,001,735 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2010.05.29 22:14:49 | 000,691,696 | ---- | M] () -- C:\Windows\System32\drivers\sptd.sys
[2010.05.29 13:18:24 | 000,059,856 | ---- | M] () -- C:\Users\sushikiste\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.05.29 13:17:40 | 000,265,024 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.05.28 00:01:01 | 000,012,520 | ---- | M] () -- C:\Users\sushikiste\Documents\lol.mp3.sfk
[2010.05.27 23:58:52 | 000,145,030 | ---- | M] () -- C:\Users\sushikiste\Documents\lol.mp3
[2010.05.27 23:58:13 | 000,000,802 | ---- | M] () -- C:\Users\sushikiste\Desktop\Audio Recorder Pro.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2010.06.24 13:32:27 | 000,000,302 | -H-- | C] () -- C:\Windows\tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job
[2010.06.24 13:32:24 | 000,000,302 | -H-- | C] () -- C:\Windows\tasks\{62C40AA6-4406-467a-A5A5-DFDF1B559B7A}.job
[2010.06.23 19:50:29 | 000,001,834 | ---- | C] () -- C:\Users\sushikiste\Desktop\HijackThis.lnk
[2010.06.21 17:54:37 | 006,879,088 | ---- | C] () -- C:\Users\sushikiste\Desktop\beathiphoplol.mp3
[2010.06.21 17:53:53 | 000,384,160 | ---- | C] () -- C:\Users\sushikiste\Desktop\Hip hop  Beat in Fl studio 8 (Free MP3 Download).sfk
[2010.06.21 17:47:04 | 000,025,194 | ---- | C] () -- C:\Users\sushikiste\Desktop\saftig.jpg
[2010.06.20 22:42:19 | 000,023,976 | ---- | C] () -- C:\Users\sushikiste\Documents\Wow 2010-06-20 22-41-12-53.avi.sfk
[2010.06.20 22:41:12 | 447,565,544 | ---- | C] () -- C:\Users\sushikiste\Documents\Wow 2010-06-20 22-41-12-53.avi
[2010.06.18 14:07:22 | 000,000,600 | ---- | C] () -- C:\Users\sushikiste\Documents\Standard.sfvidcap
[2010.06.16 23:22:37 | 000,022,496 | ---- | C] () -- C:\Users\sushikiste\Desktop\lolol.sfk
[2010.06.16 23:22:25 | 002,871,340 | ---- | C] () -- C:\Users\sushikiste\Desktop\lolol.wav
[2010.06.16 23:09:15 | 006,341,539 | ---- | C] () -- C:\Users\sushikiste\Desktop\joshasascha.wmv
[2010.06.16 20:51:05 | 001,177,289 | ---- | C] () -- C:\Users\sushikiste\Desktop\peaceisalie.mp3
[2010.06.16 17:26:13 | 038,965,292 | ---- | C] () -- C:\Users\sushikiste\Desktop\Inner Circle - Sweat [A la la la la long] (Instrumental).wav
[2010.06.16 16:54:13 | 049,164,332 | ---- | C] () -- C:\Users\sushikiste\Desktop\Hip hop  Beat in Fl studio 8 (Free MP3 Download).wav
[2010.06.15 00:04:38 | 002,042,465 | ---- | C] () -- C:\Users\sushikiste\Desktop\epictest.mp3
[2010.06.13 18:57:30 | 000,000,712 | ---- | C] () -- C:\Users\sushikiste\Desktop\Audacity.lnk
[2010.06.13 18:53:43 | 000,214,592 | ---- | C] () -- C:\Windows\System32\PnkBstrB.xtr
[2010.06.13 18:35:10 | 000,138,968 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010.06.13 18:35:09 | 000,139,152 | ---- | C] () -- C:\Users\sushikiste\AppData\Roaming\PnkBstrK.sys
[2010.06.13 18:34:54 | 000,214,592 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2010.06.13 18:34:52 | 000,794,408 | ---- | C] () -- C:\Windows\System32\pbsvc.exe
[2010.06.13 18:34:52 | 000,075,064 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2010.06.11 22:32:51 | 000,000,606 | ---- | C] () -- C:\Users\sushikiste\Desktop\Wow - Verknüpfung.lnk
[2010.06.10 21:37:55 | 005,293,527 | ---- | C] () -- C:\Users\sushikiste\Desktop\LoLRoflcopteR.wmv
[2010.06.10 21:36:38 | 000,345,603 | ---- | C] () -- C:\Users\sushikiste\Desktop\LolRofl.wma
[2010.06.04 19:17:58 | 000,001,032 | ---- | C] () -- C:\Users\sushikiste\Desktop\DVDVideoSoft Free Studio.lnk
[2010.06.04 19:10:29 | 000,198,520 | ---- | C] () -- C:\Users\sushikiste\Documents\League of Legends 2010-06-04 19-02-08-95.avi.sfk
[2010.06.04 19:02:08 | 2935,082,064 | ---- | C] () -- C:\Users\sushikiste\Documents\League of Legends 2010-06-04 19-02-08-95.avi
[2010.06.01 22:10:16 | 868,713,536 | ---- | C] () -- C:\Users\sushikiste\Documents\League of Legends 2010-06-01 22-10-16-74.avi
[2010.06.01 00:17:03 | 3102,811,456 | ---- | C] () -- C:\Users\sushikiste\Documents\League of Legends 2010-06-01 00-17-03-84.avi
[2010.06.01 00:11:20 | 3414,904,832 | ---- | C] () -- C:\Users\sushikiste\Documents\League of Legends 2010-06-01 00-11-20-69.avi
[2010.06.01 00:10:11 | 682,331,048 | ---- | C] () -- C:\Users\sushikiste\Documents\League of Legends 2010-06-01 00-10-11-06.avi
[2010.05.30 18:43:01 | 000,396,280 | ---- | C] () -- C:\Users\sushikiste\Documents\medieval2 2010-05-30 07-15-45-84.avi.sfk
[2010.05.30 07:40:48 | 3355,544,680 | ---- | C] () -- C:\Users\sushikiste\Documents\medieval2 2010-05-30 07-40-48-81.avi
[2010.05.30 07:37:39 | 4195,460,336 | ---- | C] () -- C:\Users\sushikiste\Documents\medieval2 2010-05-30 07-37-39-94.avi
[2010.05.30 07:25:14 | 391,843,272 | ---- | C] () -- C:\Users\sushikiste\Documents\medieval2 2010-05-30 07-25-14-96.avi
[2010.05.30 07:20:33 | 4195,222,904 | ---- | C] () -- C:\Users\sushikiste\Documents\medieval2 2010-05-30 07-20-33-37.avi
[2010.05.30 07:15:45 | 4195,088,192 | ---- | C] () -- C:\Users\sushikiste\Documents\medieval2 2010-05-30 07-15-45-84.avi
[2010.05.30 04:33:00 | 615,926,080 | ---- | C] () -- C:\Users\sushikiste\Documents\medieval2 2010-05-30 04-33-00-22.avi
[2010.05.29 22:41:24 | 000,001,899 | ---- | C] () -- C:\Users\Public\Desktop\Medieval II Total War.lnk
[2010.05.29 22:17:52 | 000,001,735 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2010.05.29 22:14:49 | 000,691,696 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2010.05.27 23:59:39 | 000,012,520 | ---- | C] () -- C:\Users\sushikiste\Documents\lol.mp3.sfk
[2010.05.27 23:58:42 | 000,145,030 | ---- | C] () -- C:\Users\sushikiste\Documents\lol.mp3
[2010.05.27 23:58:13 | 000,000,802 | ---- | C] () -- C:\Users\sushikiste\Desktop\Audio Recorder Pro.lnk
[2010.04.22 10:48:53 | 000,000,000 | ---- | C] () -- C:\Windows\I531_1013.INI
[2007.03.12 12:01:30 | 000,217,088 | ---- | C] () -- C:\Windows\NVGfxOgl.dll
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[1996.04.03 21:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 76 bytes -> C:\Users\sushikiste\Desktop\Zeug:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\sushikiste\Desktop\Videos:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\sushikiste\Desktop\Musik:Roxio EMC Stream
< End of report >
--- --- ---
__________________
Geändert von Randi (24.06.2010 um 14:10 Uhr)

Antwort

Themen zu Icq Virus 'Schau dir das Bild mal an :D'
adobe, antivir, antivir guard, ask toolbar, ask.com, avg, avira, bho, bonjour, defender, desktop, explorer, hijack, hijackthis, internet, internet explorer, launch, netgear, object, problem, rundll, senden, software, system, updates, virus, vista, windows, windows system


« Hab ich einen Hack? | Bezüglich Topic: Icq Virus 'Schau dir das Bild mal an :D' »


Ähnliche Themen: Icq Virus 'Schau dir das Bild mal an :D'


  1. BKA/GVU Virus der mit Cam ein Bild macht
    Log-Analyse und Auswertung - 01.07.2013 (15)
  2. Schlangenlinien im Bild,Virus?
    Plagegeister aller Art und deren Bekämpfung - 20.04.2013 (2)
  3. lost+found: Schau mal, wer das schnüffelt, Phantom-Jagd und Link-Phishing
    Nachrichten - 31.08.2012 (0)
  4. studivz virus hey bist du das auf dem bild
    Plagegeister aller Art und deren Bekämpfung - 07.02.2011 (9)
  5. Icq virus / wie findest du das bild... usw
    Plagegeister aller Art und deren Bekämpfung - 09.11.2010 (16)
  6. Skype-Facebook-Bild-Virus
    Plagegeister aller Art und deren Bekämpfung - 17.10.2010 (1)
  7. ICQ-Virus (Schau dir mal das Foto an...) - Problem
    Log-Analyse und Auswertung - 19.08.2010 (1)
  8. ICQ Virus "Schau dir mal das Foto an :D"
    Plagegeister aller Art und deren Bekämpfung - 22.07.2010 (20)
  9. ICQ Virus - "Schau dir mal das Foto an :D "
    Plagegeister aller Art und deren Bekämpfung - 15.07.2010 (13)
  10. schau dir mal das foto an icq virus?
    Plagegeister aller Art und deren Bekämpfung - 12.07.2010 (1)
  11. ICQ-Virus 'Schau dir das Bild mal an :D'
    Log-Analyse und Auswertung - 28.06.2010 (4)
  12. Bezüglich Topic: Icq Virus 'Schau dir das Bild mal an :D'
    Log-Analyse und Auswertung - 28.06.2010 (2)
  13. Icq-Bild-Virus
    Mülltonne - 10.06.2010 (21)
  14. Auch ich habe den Bild Virus von ICQ
    Plagegeister aller Art und deren Bekämpfung - 09.06.2010 (3)
  15. Msn virus durch bild ... :(
    Plagegeister aller Art und deren Bekämpfung - 21.05.2010 (1)
  16. wurm..wohl übers netzwerk???Blöd schau
    Plagegeister aller Art und deren Bekämpfung - 12.09.2007 (1)
  17. Bitte schau sich mal jemand schnell meine Log an
    Log-Analyse und Auswertung - 09.10.2004 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Icq Virus 'Schau dir das Bild mal an :D' - Zitat: Datenbank Version: 4077 Du hast Malwarebytes vorher nicht aktualisiert. Bitte updaten und den Vollscan wiederholen. - Icq Virus 'Schau dir das Bild mal an :D'...
Archiv
Du betrachtest: Icq Virus 'Schau dir das Bild mal an :D' auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132