Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Javavirus? Ich bin mir nicht sicher!

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 08.04.2011, 20:39   #1
SaDe
 
Javavirus? Ich bin mir nicht sicher! - Standard

Javavirus? Ich bin mir nicht sicher!



Guten Abend liebe Leute,

folgendes Problem:


warebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 5044

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

08.04.2011 21:24:27
mbam-log-2011-04-08 (21-24-27).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 225175
Laufzeit: 23 Minute(n), 19 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 1
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 2

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\{11899d98-ac90-da3c-7d6b-d9068c9702c3} (Trojan.Dropper) -> No action taken.

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
C:\Users\Kevin\AppData\Roaming\Iwuxtu\opwe.exe (Trojan.Dropper) -> No action taken.
C:\Users\Kevin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19\33c155d3-44d23f00 (Trojan.Dropper) -> No action taken.



Was mach ich nun? Direkt Formatieren?

Ich such schon seit Stunden nach ner Lösung aber ich komme einfach nicht weiter! Ich hoffe ihr könnt mir helfen.

Schon mal Vielen lieben Dank an euch!

Gruß Kevin

Alt 09.04.2011, 10:24   #2
SaDe
 
Javavirus? Ich bin mir nicht sicher! - Standard

Javavirus? Ich bin mir nicht sicher!



Der OTL Scan falls er euch was nützt =) :OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 09.04.2011 11:16:23 - Run 1
OTL by OldTimer - Version 3.2.22.3     Folder = C:\Users\Kevin\Desktop
 An unknown product  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 64,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 78,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 97,56 Gb Total Space | 73,93 Gb Free Space | 75,78% Space Free | Partition Type: NTFS
Drive D: | 368,10 Gb Total Space | 348,97 Gb Free Space | 94,80% Space Free | Partition Type: NTFS
 
Computer Name: KEVIN-PC | User Name: Kevin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Kevin\Desktop\OTL.exe (OldTimer Tools)
PRC - D:\Program Files\ICQ7.2\ICQ7.4\ICQ.exe (ICQ, LLC.)
PRC - D:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\NVIDIA Corporation\Display\NvXDSync.exe (NVIDIA Corporation)
PRC - C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Programme\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.)
PRC - C:\Programme\Vtune\TBPANEL.exe ()
PRC - D:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
PRC - C:\Programme\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
PRC - C:\Programme\Common Files\LogiShrd\LVCOMSER\LVComSer.exe (Logitech Inc.)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Kevin\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation)
MOD - C:\Programme\Common Files\LogiShrd\LVMVFM\LVPrcInj.dll (Logitech Inc.)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (Stereo Service) -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (StorSvc) -- C:\Windows\System32\StorSvc.dll (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (LVSrvLauncher) -- C:\Programme\Common Files\LogiShrd\SrvLnch\SrvLnch.exe (Logitech Inc.)
SRV - (LVPrcSrv) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
SRV - (LVCOMSer) -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe (Logitech Inc.)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (dtsoftbus01) -- C:\Windows\System32\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation)
DRV - (HECI) Intel(R) -- C:\Windows\System32\drivers\HECI.sys (Intel Corporation)
DRV - (MBAMSwissArmy) -- C:\Windows\System32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)
DRV - (vmbus) -- C:\Windows\system32\DRIVERS\vmbus.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\system32\DRIVERS\vmstorfl.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\system32\DRIVERS\storvsc.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\system32\DRIVERS\vms3cap.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\system32\DRIVERS\VMBusHID.sys (Microsoft Corporation)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (LVcKap) -- C:\Windows\System32\drivers\Lvckap.sys (Logitech Inc.)
DRV - (LVPr2Mon) -- C:\Windows\System32\drivers\LVPr2Mon.sys ()
DRV - (LVMVDrv) -- C:\Windows\System32\drivers\LVMVdrv.sys (Logitech Inc.)
DRV - (TBPanel) -- C:\Windows\System32\drivers\TBPanel.sys (Windows (R) 2000 DDK provider)
DRV - (sfdrv01) StarForce Protection Environment Driver (version 1.x) -- C:\Windows\System32\drivers\sfdrv01.sys (Protection Technology)
DRV - (sfsync02) StarForce Protection Synchronization Driver (version 2.x) -- C:\Windows\System32\drivers\sfsync02.sys (Protection Technology)
DRV - (sfhlp02) StarForce Protection Helper Driver (version 2.x) -- C:\Windows\System32\drivers\sfhlp02.sys (Protection Technology)
DRV - (QCMerced) -- C:\Windows\System32\drivers\lvcm.sys ()
DRV - (LVUSBSta) -- C:\Windows\System32\drivers\LVUSBSta.sys (Logitech Inc.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 4D 1C 83 DD 83 7A CB 01  [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "google.de"
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..network.proxy.type: 0
 
 
FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.01.12 19:08:35 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2011.03.30 23:10:48 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins [2011.04.08 15:22:49 | 000,000,000 | ---D | M]
 
[2010.11.02 13:58:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kevin\AppData\Roaming\mozilla\Extensions
[2011.04.09 11:02:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\yh0ddx82.default\extensions
[2011.03.29 11:17:11 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Kevin\AppData\Roaming\mozilla\Firefox\Profiles\yh0ddx82.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
 
O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [ Malwarebytes Anti-Malware  (reboot)] D:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKCU..\Run: [{11899D98-AC90-DA3C-7D6B-D9068C9702C3}] C:\Users\Kevin\AppData\Roaming\Iwuxtu\opwe.exe ()
O4 - HKCU..\Run: [TBPanel] C:\Program Files\Vtune\TBPanel.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Free YouTube Download - C:\Users\Kevin\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Kevin\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - D:\Program Files\ICQ7.2\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - D:\Program Files\ICQ7.2\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: fritz.box ([]* in Lokales Intranet)
O15 - HKCU\..Trusted Ranges: Range1 ([*] in Lokales Intranet)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.04.09 11:15:25 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Kevin\Desktop\OTL.exe
[2011.04.09 11:01:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2011.04.09 11:01:45 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner
[2011.04.09 01:21:12 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{A69B16C4-2615-453E-9A87-CB3D946F8C27}
[2011.04.08 20:09:06 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2011.04.08 20:09:06 | 000,000,000 | ---D | C] -- C:\Users\Kevin\Documents\Simply Super Software
[2011.04.08 20:08:54 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ztvcabinet.dll
[2011.04.08 19:30:54 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Roaming\Uqinve
[2011.04.08 19:30:54 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Roaming\Iwuxtu
[2011.04.08 15:22:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2011.04.08 15:22:49 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2011.04.08 13:20:49 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{53B64EF5-E3A7-46F9-90BE-E6EEBC37FFF8}
[2011.04.07 23:49:51 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{22A6BBCE-9EC9-43C6-B2F7-77D82F803105}
[2011.04.07 11:49:17 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{DF2D22D4-8049-4A85-9564-84838B51808F}
[2011.04.06 23:48:49 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{97F1C110-F388-4B59-B9B1-BF59140DD1A3}
[2011.04.06 09:39:06 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{2BE6AE38-2CD9-49D5-B0A5-51061E9255D6}
[2011.04.05 12:08:47 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{BD2A8E5B-2AB8-4A24-9CE5-2C3BA80FCCE8}
[2011.04.05 09:18:18 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CasinoClub
[2011.04.05 09:18:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CasinoClub
[2011.04.04 10:37:29 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{216B1530-7B76-4AD5-8646-B3A524B79BF8}
[2011.04.03 15:31:37 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{485F533B-C346-4D58-B69F-CDC357275FFE}
[2011.04.02 10:12:01 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{6877AD41-2FE3-4E0B-99C5-71E07095BC54}
[2011.04.01 22:06:20 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{BBA688CE-5EF0-4448-8410-8FBC2CA71228}
[2011.04.01 10:05:57 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{C630D8EE-02F5-4CC1-A83F-F1FBC5D5636F}
[2011.03.31 21:06:26 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{C6D6D966-DD6B-41B9-B86B-E93721FDD907}
[2011.03.31 09:05:54 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{5C0C2D55-EAB3-4905-94F7-FE7BF474C9D5}
[2011.03.30 10:35:11 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{43F690AC-FB74-412B-946D-9467C77E8D93}
[2011.03.29 22:34:37 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{42BE7B07-681D-4989-97D4-A37A22FF84A2}
[2011.03.29 10:34:02 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{1D077972-A842-407B-A24B-D60B9B8A2C6A}
[2011.03.29 10:09:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICQ7.4
[2011.03.28 22:33:28 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{554703FD-B1C0-43FD-A7E5-D3FBB88A4253}
[2011.03.28 10:33:05 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{5B297F2E-9111-4B15-AB8C-CA9FCA3663E6}
[2011.03.27 12:13:21 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{75C2DD7A-244E-4296-909E-B8B4207FFB40}
[2011.03.26 14:28:33 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{2314DDE0-D67F-47EE-9496-2E9C0385174D}
[2011.03.25 11:35:19 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{AFC2D6A2-A2F3-4392-A96B-C6FAFFE551B6}
[2011.03.24 23:34:56 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{0C74DF1D-CCA7-4F21-A9C1-874FF81D638E}
[2011.03.24 11:29:20 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{CD60794A-379B-4EC7-868A-7DA4DFEC3AF1}
[2011.03.23 23:28:46 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{3BB4280A-D517-457F-BF94-0EB05C5D53BE}
[2011.03.23 11:28:12 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{F4A66CFD-D138-4F8F-855A-19AE2859D70E}
[2011.03.22 23:27:38 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{92916D16-17BF-483B-9FF3-B3CDC9D72540}
[2011.03.22 11:09:49 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{277DAF39-8C80-4030-ABFB-D608984F65E9}
[2011.03.21 13:05:04 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{FE7C4AAE-C972-477A-A497-EAE26E193F34}
[2011.03.21 01:04:30 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{F69C7B00-FC38-418E-84A0-51F6F7F84F54}
[2011.03.20 13:04:07 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{3796BF11-8614-4718-85BC-9A4FDA7BFA50}
[2011.03.19 11:54:22 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{E54667A9-790F-4886-AEB9-A778041C493F}
[2011.03.18 23:29:34 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{1DD9067F-8303-4E38-8E73-242C860CE67C}
[2011.03.18 11:29:11 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{4E8A8E2E-26B2-4376-A0EE-6F092FE4F4A3}
[2011.03.17 11:56:12 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{190CEFB0-B9B4-44B8-8CEC-A28AFFAAA1E1}
[2011.03.16 11:34:50 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{3031D5C8-484F-44A3-8450-25467953BD48}
[2011.03.15 23:34:16 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{5B25DE53-F92A-4368-A558-958A3779FBA8}
[2011.03.15 11:33:41 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{11FE18B9-0D6D-4909-B216-EFCFB8969A16}
[2011.03.14 13:05:49 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{A85D6531-6C75-416B-A6E0-431C335A52AB}
[2011.03.14 00:01:22 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{836399A1-0361-48D8-AFA5-B038E380391F}
[2011.03.12 12:15:54 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{22F5B7EC-776E-4286-9D4B-C64FAAF5A7B9}
[2011.03.11 14:52:04 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{886D6D9E-DAF4-46EA-B936-CB93D02695A0}
[2011.03.10 17:30:15 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{4FE790F8-807D-4FFD-9A93-BB2A85C57711}
 
========== Files - Modified Within 30 Days ==========
 
[2011.04.09 11:15:27 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Kevin\Desktop\OTL.exe
[2011.04.09 11:04:40 | 000,054,016 | ---- | M] () -- C:\Windows\System32\drivers\kjobyqh.sys
[2011.04.09 11:01:46 | 000,000,969 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.04.09 10:46:17 | 000,014,816 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.04.09 10:46:17 | 000,014,816 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.04.09 10:43:15 | 000,653,928 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.04.09 10:43:15 | 000,615,810 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.04.09 10:43:15 | 000,129,800 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.04.09 10:43:15 | 000,106,190 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.04.09 10:38:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.04.09 10:38:56 | 2383,761,408 | -HS- | M] () -- C:\hiberfil.sys
[2011.04.08 20:04:10 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2011.03.29 10:09:03 | 000,000,828 | ---- | M] () -- C:\Users\Public\Desktop\ICQ7.4.lnk
[2011.03.16 16:19:29 | 000,137,656 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
 
========== Files Created - No Company Name ==========
 
[2011.04.09 11:04:40 | 000,054,016 | ---- | C] () -- C:\Windows\System32\drivers\kjobyqh.sys
[2011.04.09 11:01:46 | 000,000,969 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.04.08 20:08:54 | 000,162,304 | ---- | C] () -- C:\Windows\System32\ztvunrar36.dll
[2011.04.08 20:08:54 | 000,077,312 | ---- | C] () -- C:\Windows\System32\ztvunace26.dll
[2011.04.08 20:08:54 | 000,075,264 | ---- | C] () -- C:\Windows\System32\unacev2.dll
[2011.04.08 20:08:53 | 000,153,088 | ---- | C] () -- C:\Windows\System32\UNRAR3.dll
[2011.03.29 10:09:03 | 000,000,828 | ---- | C] () -- C:\Users\Public\Desktop\ICQ7.4.lnk
[2011.02.15 18:10:07 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2011.02.04 19:00:04 | 000,000,001 | ---- | C] () -- C:\Windows\System32\SI.bin
[2011.01.16 22:46:25 | 000,003,584 | ---- | C] () -- C:\Users\Kevin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.01.16 01:11:07 | 000,000,760 | ---- | C] () -- C:\Users\Kevin\AppData\Roaming\setup_ldm.iss
[2011.01.12 19:05:17 | 000,245,209 | ---- | C] () -- C:\Windows\hpoins19.dat
[2011.01.12 19:05:17 | 000,013,898 | ---- | C] () -- C:\Windows\hpomdl19.dat
[2010.11.18 22:57:00 | 000,053,248 | R--- | C] () -- C:\Windows\System32\InstMed.exe
[2010.11.18 22:56:59 | 000,006,812 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2010.11.18 22:56:55 | 000,585,824 | ---- | C] () -- C:\Windows\System32\drivers\lvcm.sys
[2010.11.02 13:29:43 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2009.07.14 10:47:43 | 000,653,928 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2009.07.14 10:47:43 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2009.07.14 10:47:43 | 000,129,800 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2009.07.14 10:47:43 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2009.07.14 06:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 06:33:53 | 000,410,096 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009.07.14 04:05:48 | 000,615,810 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009.07.14 04:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009.07.14 04:05:48 | 000,106,190 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009.07.14 04:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009.07.14 04:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009.07.14 04:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009.07.14 02:19:49 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2009.07.14 01:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2007.10.11 19:59:24 | 000,025,624 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys

< End of report >
         
--- --- ---
OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 09.04.2011 11:16:23 - Run 1
OTL by OldTimer - Version 3.2.22.3     Folder = C:\Users\Kevin\Desktop
 An unknown product  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 64,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 78,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 97,56 Gb Total Space | 73,93 Gb Free Space | 75,78% Space Free | Partition Type: NTFS
Drive D: | 368,10 Gb Total Space | 348,97 Gb Free Space | 94,80% Space Free | Partition Type: NTFS
 
Computer Name: KEVIN-PC | User Name: Kevin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0E4EDFCB-DC4D-4339-AB85-A8444E85D37B}" = 2600
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{104066F4-5897-4067-85D3-4C88B67CCF75}" = AIO_Scan
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{302AC480-43D2-11D5-A818-00500435FC18}" = Gothic_Patch
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{5730CAAC-9368-4813-9D3C-7D1AB5F0A154}" = ABBYY ScanTo Office 1.0
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6F215D53-6560-4E65-B268-3358508C6D6D}" = 2600Trb
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37}" = ICQ7.4
"{75247E38-5C9B-45D6-ADF8-E11CB56B4990}" = Network
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{89661B04-C646-4412-B6D3-5E19F02F1F37}" = EAX4 Unified Redist
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A4B0C5D-035C-4643-B80F-AFF81534D117}" = 2600_Help
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer
"{945AC98B-3DC8-45BE-BAE0-22CEEE37A103}" = Logitech QuickCam
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9F6B13E2-B93F-4203-9BD4-5DC18C9F9DEB}" = AIO_CDB_Software
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AC76BA86-7AD7-1031-7B44-AA0000000001}" = Adobe Reader X (10.0.1) - Deutsch
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 266.58
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 266.58
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 266.58
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.1.13.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B61ED343-0B14-4241-999C-490CB1A20DA4}" = HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E7112940-5F8E-4918-B9FE-251F2F8DC81F}" = AIO_CDB_ProductContext
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AVMFBox" = AVM FRITZ!Box Dokumentation
"AVMFBoxPrinter" = AVM FRITZ!Box Druckeranschluss
"CasinoClub" = CasinoClub
"CCleaner" = CCleaner
"ControlCenter_is1" = ControlCenter
"DAEMON Tools Lite" = DAEMON Tools Lite
"DivX Setup.divx.com" = DivX-Setup
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.35.324
"Gothic 1_is1" = Gothic 1
"Gothic-Patch 1.07c" = Gothic-Patch 1.07c
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.51
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"lvdrivers_11.50" = Logitech QuickCam-Treiberpaket
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12)
"MySSID_is1" = Vtune 7.12
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Picasa 3" = Picasa 3
"PokerStars" = PokerStars
"Shop for HP Supplies" = Shop for HP Supplies
"Uninstall_is1" = Uninstall 1.0.0.1
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"World of Warcraft" = World of Warcraft
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Mozilla Firefox (3.6.16)" = Mozilla Firefox (3.6.16)
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 26.03.2011 16:01:53 | Computer Name = Kevin-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "d:\program files\spybot
 - search & destroy\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei "d:\program
 files\spybot - search & destroy\DelZip179.dll" in Zeile 8.  Der Wert "*" des "language"-Attributs
 im assemblyIdentity-Element ist ungültig.
 
Error - 31.03.2011 07:44:52 | Computer Name = Kevin-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: plugin-container.exe, Version: 1.9.2.4095,
 Zeitstempel: 0x4d852c62  Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16695,
 Zeitstempel: 0x4cc7ab44  Ausnahmecode: 0xc0000005  Fehleroffset: 0x000469e0  ID des fehlerhaften
 Prozesses: 0xddc  Startzeit der fehlerhaften Anwendung: 0x01cbef96febc5abc  Pfad der
 fehlerhaften Anwendung: D:\Program Files\Mozilla Firefox\plugin-container.exe  Pfad
 des fehlerhaften Moduls: C:\Windows\SYSTEM32\ntdll.dll  Berichtskennung: 49bffcfa-5b8c-11e0-927f-6c626d6070f4
 
Error - 01.04.2011 06:46:16 | Computer Name = Kevin-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "d:\program files\spybot
 - search & destroy\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei "d:\program
 files\spybot - search & destroy\DelZip179.dll" in Zeile 8.  Der Wert "*" des "language"-Attributs
 im assemblyIdentity-Element ist ungültig.
 
Error - 07.04.2011 08:06:01 | Computer Name = Kevin-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "d:\program files\spybot
 - search & destroy\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei "d:\program
 files\spybot - search & destroy\DelZip179.dll" in Zeile 8.  Der Wert "*" des "language"-Attributs
 im assemblyIdentity-Element ist ungültig.
 
Error - 08.04.2011 08:37:21 | Computer Name = Kevin-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "d:\program files\spybot
 - search & destroy\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei "d:\program
 files\spybot - search & destroy\DelZip179.dll" in Zeile 8.  Der Wert "*" des "language"-Attributs
 im assemblyIdentity-Element ist ungültig.
 
Error - 08.04.2011 13:53:43 | Computer Name = Kevin-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: msnmsgr.exe, Version: 15.4.3508.1109,
 Zeitstempel: 0x4cda7240  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
 Zeitstempel: 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x08b38c03  ID des fehlerhaften
 Prozesses: 0xef8  Startzeit der fehlerhaften Anwendung: 0x01cbf5def94c54ee  Pfad der
 fehlerhaften Anwendung: C:\Program Files\Windows Live\Messenger\msnmsgr.exe  Pfad
 des fehlerhaften Moduls: unknown  Berichtskennung: 248c825d-6209-11e0-9942-6c626d6070f4
 
Error - 08.04.2011 14:55:22 | Computer Name = Kevin-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: tc6.exe, Version: 6.0.0.0, Zeitstempel:
 0x2a425e19  Name des fehlerhaften Moduls: tc6.exe, Version: 6.0.0.0, Zeitstempel:
 0x2a425e19  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00001f63  ID des fehlerhaften Prozesses:
 0x1700  Startzeit der fehlerhaften Anwendung: 0x01cbf61e6ba323b3  Pfad der fehlerhaften
 Anwendung: D:\Trojancheck 6\tc6.exe  Pfad des fehlerhaften Moduls: D:\Trojancheck
 6\tc6.exe  Berichtskennung: c14499e9-6211-11e0-99fb-6c626d6070f4
 
Error - 08.04.2011 14:57:56 | Computer Name = Kevin-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: tc6.exe, Version: 6.0.0.0, Zeitstempel:
 0x2a425e19  Name des fehlerhaften Moduls: tc6.exe, Version: 6.0.0.0, Zeitstempel:
 0x2a425e19  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00001f6c  ID des fehlerhaften Prozesses:
 0xe74  Startzeit der fehlerhaften Anwendung: 0x01cbf61e84f1a0ff  Pfad der fehlerhaften
 Anwendung: D:\Trojancheck 6\tc6.exe  Pfad des fehlerhaften Moduls: D:\Trojancheck
 6\tc6.exe  Berichtskennung: 1ccdf2c8-6212-11e0-99fb-6c626d6070f4
 
Error - 08.04.2011 14:57:58 | Computer Name = Kevin-PC | Source = Application Hang | ID = 1002
Description = Programm tc6.exe, Version 6.0.0.0 kann nicht mehr unter Windows ausgeführt
 werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 1700    Startzeit:
 01cbf61e6ba323b3    Endzeit: 2    Anwendungspfad: D:\Trojancheck 6\tc6.exe    Berichts-ID: 
1ccba8d0-6212-11e0-99fb-6c626d6070f4  
 
Error - 08.04.2011 14:59:19 | Computer Name = Kevin-PC | Source = Application Hang | ID = 1002
Description = Programm tc6.exe, Version 6.0.0.0 kann nicht mehr unter Windows ausgeführt
 werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: e74    Startzeit: 
01cbf61e84f1a0ff    Endzeit: 3    Anwendungspfad: D:\Trojancheck 6\tc6.exe    Berichts-ID: 4c72149d-6212-11e0-99fb-6c626d6070f4

 
[ System Events ]
Error - 21.03.2011 05:57:06 | Computer Name = Kevin-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   sfdrv01  sfsync02
 
Error - 21.03.2011 16:07:55 | Computer Name = Kevin-PC | Source = Application Popup | ID = 875
Description = Treiber sfsync02.sys konnte nicht geladen werden.
 
Error - 21.03.2011 16:07:59 | Computer Name = Kevin-PC | Source = Application Popup | ID = 875
Description = Treiber sfdrv01.sys konnte nicht geladen werden.
 
Error - 21.03.2011 16:08:22 | Computer Name = Kevin-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   sfdrv01  sfsync02
 
Error - 22.03.2011 05:08:31 | Computer Name = Kevin-PC | Source = Application Popup | ID = 875
Description = Treiber sfsync02.sys konnte nicht geladen werden.
 
Error - 22.03.2011 05:08:35 | Computer Name = Kevin-PC | Source = Application Popup | ID = 875
Description = Treiber sfdrv01.sys konnte nicht geladen werden.
 
Error - 22.03.2011 05:08:57 | Computer Name = Kevin-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   sfdrv01  sfsync02
 
Error - 22.03.2011 09:27:16 | Computer Name = Kevin-PC | Source = Application Popup | ID = 875
Description = Treiber sfsync02.sys konnte nicht geladen werden.
 
Error - 22.03.2011 09:27:21 | Computer Name = Kevin-PC | Source = Application Popup | ID = 875
Description = Treiber sfdrv01.sys konnte nicht geladen werden.
 
Error - 22.03.2011 09:27:41 | Computer Name = Kevin-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   sfdrv01  sfsync02
 
 
< End of report >
         
--- --- ---

Ich hoffe immernoch auf Hilfe oder soll ich diese 2 Datein einfach löschen?

Gruß Kevin
__________________


Alt 09.04.2011, 17:17   #3
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Javavirus? Ich bin mir nicht sicher! - Standard

Javavirus? Ich bin mir nicht sicher!



Zitat:
warebytes' Anti-Malware 1.46
Malwarebytes

Datenbank Version: 5044
Du hast Malwarebytes vorher nicht aktualisiert. Bitte updaten und einen Vollscan machen.
Klick so oft auf den Updatebutton, bis keine neuen Signaturen mehr gefunden werden. Darüber wird dir auch eine neue Version des Programms installiert.
__________________
__________________

Alt 09.04.2011, 18:05   #4
SaDe
 
Javavirus? Ich bin mir nicht sicher! - Standard

Javavirus? Ich bin mir nicht sicher!



Erst mal Danke das sich einer die Mühe macht, mir zu helfen!

Sooo und hier das müsste aber jetzt das richtige sein:

Malwarebytes' Anti-Malware 1.50.1.1100
Malwarebytes

Datenbank Version: 6320

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

09.04.2011 19:04:00
mbam-log-2011-04-09 (19-03-57).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 226096
Laufzeit: 22 Minute(n), 7 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 1
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 1

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\{11899D98-AC90-DA3C-7D6B-D9068C9702C3} (Trojan.ZbotR.Gen) -> Value: {11899D98-AC90-DA3C-7D6B-D9068C9702C3} -> No action taken.

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
c:\Users\Kevin\AppData\LocalLow\Sun\Java\deployment\cache\6.0\19\33c155d3-44d23f00 (Trojan.Dropper) -> No action taken.

Alt 09.04.2011, 18:18   #5
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Javavirus? Ich bin mir nicht sicher! - Standard

Javavirus? Ich bin mir nicht sicher!



Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:
ATTFilter
:OTL
O4 - HKCU..\Run: [{11899D98-AC90-DA3C-7D6B-D9068C9702C3}] C:\Users\Kevin\AppData\Roaming\Iwuxtu\opwe.exe ()
[2011.04.08 13:20:49 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{53B64EF5-E3A7-46F9-90BE-E6EEBC37FFF8}
[2011.04.07 23:49:51 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{22A6BBCE-9EC9-43C6-B2F7-77D82F803105}
[2011.04.07 11:49:17 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{DF2D22D4-8049-4A85-9564-84838B51808F}
[2011.04.06 23:48:49 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{97F1C110-F388-4B59-B9B1-BF59140DD1A3}
[2011.04.06 09:39:06 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{2BE6AE38-2CD9-49D5-B0A5-51061E9255D6}
[2011.04.05 12:08:47 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{BD2A8E5B-2AB8-4A24-9CE5-2C3BA80FCCE8}
[2011.04.04 10:37:29 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{216B1530-7B76-4AD5-8646-B3A524B79BF8}
[2011.04.03 15:31:37 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{485F533B-C346-4D58-B69F-CDC357275FFE}
[2011.04.02 10:12:01 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{6877AD41-2FE3-4E0B-99C5-71E07095BC54}
[2011.04.01 22:06:20 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{BBA688CE-5EF0-4448-8410-8FBC2CA71228}
[2011.04.01 10:05:57 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{C630D8EE-02F5-4CC1-A83F-F1FBC5D5636F}
[2011.03.31 21:06:26 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{C6D6D966-DD6B-41B9-B86B-E93721FDD907}
[2011.03.31 09:05:54 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{5C0C2D55-EAB3-4905-94F7-FE7BF474C9D5}
[2011.03.30 10:35:11 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{43F690AC-FB74-412B-946D-9467C77E8D93}
[2011.03.29 22:34:37 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{42BE7B07-681D-4989-97D4-A37A22FF84A2}
[2011.03.29 10:34:02 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{1D077972-A842-407B-A24B-D60B9B8A2C6A}
[2011.03.28 22:33:28 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{554703FD-B1C0-43FD-A7E5-D3FBB88A4253}
[2011.03.28 10:33:05 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{5B297F2E-9111-4B15-AB8C-CA9FCA3663E6}
[2011.03.27 12:13:21 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{75C2DD7A-244E-4296-909E-B8B4207FFB40}
[2011.03.26 14:28:33 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{2314DDE0-D67F-47EE-9496-2E9C0385174D}
[2011.03.25 11:35:19 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{AFC2D6A2-A2F3-4392-A96B-C6FAFFE551B6}
[2011.03.24 23:34:56 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{0C74DF1D-CCA7-4F21-A9C1-874FF81D638E}
[2011.03.24 11:29:20 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{CD60794A-379B-4EC7-868A-7DA4DFEC3AF1}
[2011.03.23 23:28:46 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{3BB4280A-D517-457F-BF94-0EB05C5D53BE}
[2011.03.23 11:28:12 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{F4A66CFD-D138-4F8F-855A-19AE2859D70E}
[2011.03.22 23:27:38 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{92916D16-17BF-483B-9FF3-B3CDC9D72540}
[2011.03.22 11:09:49 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{277DAF39-8C80-4030-ABFB-D608984F65E9}
[2011.03.21 13:05:04 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{FE7C4AAE-C972-477A-A497-EAE26E193F34}
[2011.03.21 01:04:30 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{F69C7B00-FC38-418E-84A0-51F6F7F84F54}
[2011.03.20 13:04:07 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{3796BF11-8614-4718-85BC-9A4FDA7BFA50}
[2011.03.19 11:54:22 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{E54667A9-790F-4886-AEB9-A778041C493F}
[2011.03.18 23:29:34 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{1DD9067F-8303-4E38-8E73-242C860CE67C}
[2011.03.18 11:29:11 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{4E8A8E2E-26B2-4376-A0EE-6F092FE4F4A3}
[2011.03.17 11:56:12 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{190CEFB0-B9B4-44B8-8CEC-A28AFFAAA1E1}
[2011.03.16 11:34:50 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{3031D5C8-484F-44A3-8450-25467953BD48}
[2011.03.15 23:34:16 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{5B25DE53-F92A-4368-A558-958A3779FBA8}
[2011.03.15 11:33:41 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{11FE18B9-0D6D-4909-B216-EFCFB8969A16}
[2011.03.14 13:05:49 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{A85D6531-6C75-416B-A6E0-431C335A52AB}
[2011.03.14 00:01:22 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{836399A1-0361-48D8-AFA5-B038E380391F}
[2011.03.12 12:15:54 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{22F5B7EC-776E-4286-9D4B-C64FAAF5A7B9}
[2011.03.11 14:52:04 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{886D6D9E-DAF4-46EA-B936-CB93D02695A0}
[2011.03.10 17:30:15 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{4FE790F8-807D-4FFD-9A93-BB2A85C57711}
[2011.04.08 19:30:54 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Roaming\Uqinve
[2011.04.08 19:30:54 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Roaming\Iwuxtu
[2011.04.09 01:21:12 | 000,000,000 | ---D | C] -- C:\Users\Kevin\AppData\Local\{A69B16C4-2615-453E-9A87-CB3D946F8C27}
[2011.04.08 20:09:06 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2011.04.09 11:04:40 | 000,054,016 | ---- | C] () -- C:\Windows\System32\drivers\kjobyqh.sys
:Commands
[purity]
[resethosts]
[emptytemp]
         
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 10.04.2011, 18:07   #6
SaDe
 
Javavirus? Ich bin mir nicht sicher! - Standard

Javavirus? Ich bin mir nicht sicher!



Hallo Cosinus

Sorry mein Internet ging ne zeitlang nicht, ging nicht eher. Jedenfalls hab ich das nun gemacht, hier das Logfile:

All processes killed
========== OTL ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\{11899D98-AC90-DA3C-7D6B-D9068C9702C3} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11899D98-AC90-DA3C-7D6B-D9068C9702C3}\ not found.
File C:\Users\Kevin\AppData\Roaming\Iwuxtu\opwe.exe not found.
C:\Users\Kevin\AppData\Local\{53B64EF5-E3A7-46F9-90BE-E6EEBC37FFF8} folder moved successfully.
C:\Users\Kevin\AppData\Local\{22A6BBCE-9EC9-43C6-B2F7-77D82F803105} folder moved successfully.
C:\Users\Kevin\AppData\Local\{DF2D22D4-8049-4A85-9564-84838B51808F} folder moved successfully.
C:\Users\Kevin\AppData\Local\{97F1C110-F388-4B59-B9B1-BF59140DD1A3} folder moved successfully.
C:\Users\Kevin\AppData\Local\{2BE6AE38-2CD9-49D5-B0A5-51061E9255D6} folder moved successfully.
C:\Users\Kevin\AppData\Local\{BD2A8E5B-2AB8-4A24-9CE5-2C3BA80FCCE8} folder moved successfully.
C:\Users\Kevin\AppData\Local\{216B1530-7B76-4AD5-8646-B3A524B79BF8} folder moved successfully.
C:\Users\Kevin\AppData\Local\{485F533B-C346-4D58-B69F-CDC357275FFE} folder moved successfully.
C:\Users\Kevin\AppData\Local\{6877AD41-2FE3-4E0B-99C5-71E07095BC54} folder moved successfully.
C:\Users\Kevin\AppData\Local\{BBA688CE-5EF0-4448-8410-8FBC2CA71228} folder moved successfully.
C:\Users\Kevin\AppData\Local\{C630D8EE-02F5-4CC1-A83F-F1FBC5D5636F} folder moved successfully.
C:\Users\Kevin\AppData\Local\{C6D6D966-DD6B-41B9-B86B-E93721FDD907} folder moved successfully.
C:\Users\Kevin\AppData\Local\{5C0C2D55-EAB3-4905-94F7-FE7BF474C9D5} folder moved successfully.
C:\Users\Kevin\AppData\Local\{43F690AC-FB74-412B-946D-9467C77E8D93} folder moved successfully.
C:\Users\Kevin\AppData\Local\{42BE7B07-681D-4989-97D4-A37A22FF84A2} folder moved successfully.
C:\Users\Kevin\AppData\Local\{1D077972-A842-407B-A24B-D60B9B8A2C6A} folder moved successfully.
C:\Users\Kevin\AppData\Local\{554703FD-B1C0-43FD-A7E5-D3FBB88A4253} folder moved successfully.
C:\Users\Kevin\AppData\Local\{5B297F2E-9111-4B15-AB8C-CA9FCA3663E6} folder moved successfully.
C:\Users\Kevin\AppData\Local\{75C2DD7A-244E-4296-909E-B8B4207FFB40} folder moved successfully.
C:\Users\Kevin\AppData\Local\{2314DDE0-D67F-47EE-9496-2E9C0385174D} folder moved successfully.
C:\Users\Kevin\AppData\Local\{AFC2D6A2-A2F3-4392-A96B-C6FAFFE551B6} folder moved successfully.
C:\Users\Kevin\AppData\Local\{0C74DF1D-CCA7-4F21-A9C1-874FF81D638E} folder moved successfully.
C:\Users\Kevin\AppData\Local\{CD60794A-379B-4EC7-868A-7DA4DFEC3AF1} folder moved successfully.
C:\Users\Kevin\AppData\Local\{3BB4280A-D517-457F-BF94-0EB05C5D53BE} folder moved successfully.
C:\Users\Kevin\AppData\Local\{F4A66CFD-D138-4F8F-855A-19AE2859D70E} folder moved successfully.
C:\Users\Kevin\AppData\Local\{92916D16-17BF-483B-9FF3-B3CDC9D72540} folder moved successfully.
C:\Users\Kevin\AppData\Local\{277DAF39-8C80-4030-ABFB-D608984F65E9} folder moved successfully.
C:\Users\Kevin\AppData\Local\{FE7C4AAE-C972-477A-A497-EAE26E193F34} folder moved successfully.
C:\Users\Kevin\AppData\Local\{F69C7B00-FC38-418E-84A0-51F6F7F84F54} folder moved successfully.
C:\Users\Kevin\AppData\Local\{3796BF11-8614-4718-85BC-9A4FDA7BFA50} folder moved successfully.
C:\Users\Kevin\AppData\Local\{E54667A9-790F-4886-AEB9-A778041C493F} folder moved successfully.
C:\Users\Kevin\AppData\Local\{1DD9067F-8303-4E38-8E73-242C860CE67C} folder moved successfully.
C:\Users\Kevin\AppData\Local\{4E8A8E2E-26B2-4376-A0EE-6F092FE4F4A3} folder moved successfully.
C:\Users\Kevin\AppData\Local\{190CEFB0-B9B4-44B8-8CEC-A28AFFAAA1E1} folder moved successfully.
C:\Users\Kevin\AppData\Local\{3031D5C8-484F-44A3-8450-25467953BD48} folder moved successfully.
C:\Users\Kevin\AppData\Local\{5B25DE53-F92A-4368-A558-958A3779FBA8} folder moved successfully.
C:\Users\Kevin\AppData\Local\{11FE18B9-0D6D-4909-B216-EFCFB8969A16} folder moved successfully.
C:\Users\Kevin\AppData\Local\{A85D6531-6C75-416B-A6E0-431C335A52AB} folder moved successfully.
C:\Users\Kevin\AppData\Local\{836399A1-0361-48D8-AFA5-B038E380391F} folder moved successfully.
C:\Users\Kevin\AppData\Local\{22F5B7EC-776E-4286-9D4B-C64FAAF5A7B9} folder moved successfully.
C:\Users\Kevin\AppData\Local\{886D6D9E-DAF4-46EA-B936-CB93D02695A0} folder moved successfully.
C:\Users\Kevin\AppData\Local\{4FE790F8-807D-4FFD-9A93-BB2A85C57711} folder moved successfully.
C:\Users\Kevin\AppData\Roaming\Uqinve folder moved successfully.
C:\Users\Kevin\AppData\Roaming\Iwuxtu folder moved successfully.
C:\Users\Kevin\AppData\Local\{A69B16C4-2615-453E-9A87-CB3D946F8C27} folder moved successfully.
C:\ProgramData\TEMP folder moved successfully.
File C:\Windows\System32\drivers\kjobyqh.sys not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes


Mfg Kevin

Alt 10.04.2011, 19:57   #7
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Javavirus? Ich bin mir nicht sicher! - Standard

Javavirus? Ich bin mir nicht sicher!



Bitte nun dieses Tool von Kaspersky ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 11.04.2011, 09:03   #8
SaDe
 
Javavirus? Ich bin mir nicht sicher! - Standard

Javavirus? Ich bin mir nicht sicher!



Guten Morgeen!

Hier ist der Log:

2011/04/11 10:01:03.0982 6132 TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:28
2011/04/11 10:01:04.0263 6132 ================================================================================
2011/04/11 10:01:04.0263 6132 SystemInfo:
2011/04/11 10:01:04.0263 6132
2011/04/11 10:01:04.0263 6132 OS Version: 6.1.7600 ServicePack: 0.0
2011/04/11 10:01:04.0263 6132 Product type: Workstation
2011/04/11 10:01:04.0263 6132 ComputerName: KEVIN-PC
2011/04/11 10:01:04.0263 6132 UserName: Kevin
2011/04/11 10:01:04.0263 6132 Windows directory: C:\Windows
2011/04/11 10:01:04.0263 6132 System windows directory: C:\Windows
2011/04/11 10:01:04.0263 6132 Processor architecture: Intel x86
2011/04/11 10:01:04.0263 6132 Number of processors: 4
2011/04/11 10:01:04.0263 6132 Page size: 0x1000
2011/04/11 10:01:04.0263 6132 Boot type: Normal boot
2011/04/11 10:01:04.0263 6132 ================================================================================
2011/04/11 10:01:04.0482 6132 Initialize success
2011/04/11 10:01:08.0881 2732 ================================================================================
2011/04/11 10:01:08.0881 2732 Scan started
2011/04/11 10:01:08.0881 2732 Mode: Manual;
2011/04/11 10:01:08.0881 2732 ================================================================================
2011/04/11 10:01:10.0659 2732 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys
2011/04/11 10:01:10.0706 2732 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys
2011/04/11 10:01:10.0737 2732 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys
2011/04/11 10:01:10.0768 2732 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
2011/04/11 10:01:10.0846 2732 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
2011/04/11 10:01:10.0878 2732 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
2011/04/11 10:01:10.0924 2732 AFD (ddc040fdb01ef1712a6b13e52afb104c) C:\Windows\system32\drivers\afd.sys
2011/04/11 10:01:10.0956 2732 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys
2011/04/11 10:01:10.0987 2732 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
2011/04/11 10:01:11.0127 2732 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys
2011/04/11 10:01:11.0143 2732 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys
2011/04/11 10:01:11.0190 2732 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys
2011/04/11 10:01:11.0236 2732 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
2011/04/11 10:01:11.0346 2732 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
2011/04/11 10:01:11.0377 2732 amdsata (2101a86c25c154f8314b24ef49d7fbc2) C:\Windows\system32\DRIVERS\amdsata.sys
2011/04/11 10:01:11.0424 2732 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
2011/04/11 10:01:11.0455 2732 amdxata (b81c2b5616f6420a9941ea093a92b150) C:\Windows\system32\DRIVERS\amdxata.sys
2011/04/11 10:01:11.0533 2732 AppID (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys
2011/04/11 10:01:11.0642 2732 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
2011/04/11 10:01:11.0704 2732 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
2011/04/11 10:01:11.0767 2732 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/04/11 10:01:11.0814 2732 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys
2011/04/11 10:01:11.0907 2732 avgntflt (47b879406246ffdced59e18d331a0e7d) C:\Windows\system32\DRIVERS\avgntflt.sys
2011/04/11 10:01:11.0985 2732 avipbb (5fedef54757b34fb611b9ec8fb399364) C:\Windows\system32\DRIVERS\avipbb.sys
2011/04/11 10:01:12.0048 2732 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
2011/04/11 10:01:12.0157 2732 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
2011/04/11 10:01:12.0344 2732 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
2011/04/11 10:01:12.0391 2732 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
2011/04/11 10:01:12.0406 2732 bowser (fcafaef6798d7b51ff029f99a9898961) C:\Windows\system32\DRIVERS\bowser.sys
2011/04/11 10:01:12.0453 2732 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
2011/04/11 10:01:12.0469 2732 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
2011/04/11 10:01:12.0500 2732 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
2011/04/11 10:01:12.0531 2732 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
2011/04/11 10:01:12.0594 2732 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
2011/04/11 10:01:12.0656 2732 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
2011/04/11 10:01:12.0687 2732 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
2011/04/11 10:01:12.0765 2732 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
2011/04/11 10:01:12.0952 2732 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys
2011/04/11 10:01:13.0030 2732 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
2011/04/11 10:01:13.0140 2732 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
2011/04/11 10:01:13.0249 2732 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/04/11 10:01:13.0280 2732 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys
2011/04/11 10:01:13.0389 2732 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
2011/04/11 10:01:13.0436 2732 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
2011/04/11 10:01:13.0561 2732 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys
2011/04/11 10:01:13.0779 2732 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
2011/04/11 10:01:13.0920 2732 CSC (27c9490bdd0ae48911ab8cf1932591ed) C:\Windows\system32\drivers\csc.sys
2011/04/11 10:01:13.0998 2732 DfsC (8e09e52ee2e3ceb199ef3dd99cf9e3fb) C:\Windows\system32\Drivers\dfsc.sys
2011/04/11 10:01:14.0044 2732 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
2011/04/11 10:01:14.0091 2732 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
2011/04/11 10:01:14.0154 2732 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
2011/04/11 10:01:14.0232 2732 dtsoftbus01 (555e54ac2f601a8821cef58961653991) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
2011/04/11 10:01:14.0263 2732 DXGKrnl (1679a4669326cb1a67cc95658d273234) C:\Windows\System32\drivers\dxgkrnl.sys
2011/04/11 10:01:14.0637 2732 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
2011/04/11 10:01:14.0778 2732 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
2011/04/11 10:01:14.0809 2732 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys
2011/04/11 10:01:14.0856 2732 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
2011/04/11 10:01:14.0871 2732 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
2011/04/11 10:01:14.0918 2732 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
2011/04/11 10:01:14.0949 2732 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
2011/04/11 10:01:14.0980 2732 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
2011/04/11 10:01:14.0996 2732 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/04/11 10:01:15.0027 2732 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
2011/04/11 10:01:15.0074 2732 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
2011/04/11 10:01:15.0121 2732 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
2011/04/11 10:01:15.0152 2732 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\Windows\system32\DRIVERS\fvevol.sys
2011/04/11 10:01:15.0246 2732 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
2011/04/11 10:01:15.0308 2732 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
2011/04/11 10:01:15.0386 2732 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\Windows\system32\drivers\HdAudio.sys
2011/04/11 10:01:15.0480 2732 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/04/11 10:01:15.0511 2732 HECI (fa5679693a532929d9ad76d941c65e61) C:\Windows\system32\DRIVERS\HECI.sys
2011/04/11 10:01:15.0526 2732 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
2011/04/11 10:01:15.0558 2732 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
2011/04/11 10:01:15.0589 2732 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
2011/04/11 10:01:15.0620 2732 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys
2011/04/11 10:01:15.0682 2732 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys
2011/04/11 10:01:15.0714 2732 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys
2011/04/11 10:01:15.0745 2732 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys
2011/04/11 10:01:15.0760 2732 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/04/11 10:01:15.0776 2732 iaStorV (934af4d7c5f457b9f0743f4299b77b67) C:\Windows\system32\DRIVERS\iaStorV.sys
2011/04/11 10:01:15.0823 2732 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
2011/04/11 10:01:15.0916 2732 IntcAzAudAddService (5a4aad2240cb8b50ffeaedb2bf747abd) C:\Windows\system32\drivers\RTKVHDA.sys
2011/04/11 10:01:15.0963 2732 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys
2011/04/11 10:01:16.0010 2732 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
2011/04/11 10:01:16.0041 2732 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/04/11 10:01:16.0072 2732 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys
2011/04/11 10:01:16.0088 2732 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
2011/04/11 10:01:16.0119 2732 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
2011/04/11 10:01:16.0150 2732 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys
2011/04/11 10:01:16.0166 2732 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/04/11 10:01:16.0197 2732 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/04/11 10:01:16.0213 2732 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/04/11 10:01:16.0228 2732 KSecDD (e36a061ec11b373826905b21be10948f) C:\Windows\system32\Drivers\ksecdd.sys
2011/04/11 10:01:16.0260 2732 KSecPkg (365c6154bbbc5377173f1ca7bfb6cc59) C:\Windows\system32\Drivers\ksecpkg.sys
2011/04/11 10:01:16.0306 2732 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
2011/04/11 10:01:16.0338 2732 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
2011/04/11 10:01:16.0353 2732 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
2011/04/11 10:01:16.0384 2732 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
2011/04/11 10:01:16.0400 2732 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
2011/04/11 10:01:16.0431 2732 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
2011/04/11 10:01:16.0509 2732 LVcKap (8113133ec42dd6c566908008ce913edd) C:\Windows\system32\DRIVERS\LVcKap.sys
2011/04/11 10:01:16.0618 2732 LVMVDrv (0dd5b8af4917a2821047450195c511b3) C:\Windows\system32\DRIVERS\LVMVDrv.sys
2011/04/11 10:01:16.0681 2732 LVPr2Mon (406b1d186f75b4b4832d6237859e1b00) C:\Windows\system32\DRIVERS\LVPr2Mon.sys
2011/04/11 10:01:16.0743 2732 LVUSBSta (90259f3a20fbaec1a08d74ef5415b9d8) C:\Windows\system32\drivers\lvusbsta.sys
2011/04/11 10:01:16.0806 2732 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
2011/04/11 10:01:16.0837 2732 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
2011/04/11 10:01:16.0884 2732 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
2011/04/11 10:01:16.0915 2732 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
2011/04/11 10:01:16.0930 2732 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
2011/04/11 10:01:16.0962 2732 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
2011/04/11 10:01:16.0977 2732 mountmgr (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys
2011/04/11 10:01:17.0008 2732 mpio (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys
2011/04/11 10:01:17.0040 2732 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
2011/04/11 10:01:17.0071 2732 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys
2011/04/11 10:01:17.0118 2732 mrxsmb (f1b6aa08497ea86ca6ef6f7a08b0bfb8) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/04/11 10:01:17.0133 2732 mrxsmb10 (5613358b4050f46f5a9832da8050d6e4) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/04/11 10:01:17.0180 2732 mrxsmb20 (25c9792778d80feb4c8201e62281bfdf) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/04/11 10:01:17.0211 2732 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS\msahci.sys
2011/04/11 10:01:17.0242 2732 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys
2011/04/11 10:01:17.0289 2732 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
2011/04/11 10:01:17.0305 2732 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
2011/04/11 10:01:17.0320 2732 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys
2011/04/11 10:01:17.0352 2732 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
2011/04/11 10:01:17.0383 2732 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/04/11 10:01:17.0398 2732 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
2011/04/11 10:01:17.0414 2732 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
2011/04/11 10:01:17.0445 2732 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/04/11 10:01:17.0461 2732 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
2011/04/11 10:01:17.0476 2732 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
2011/04/11 10:01:17.0492 2732 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
2011/04/11 10:01:17.0523 2732 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
2011/04/11 10:01:17.0586 2732 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys
2011/04/11 10:01:17.0617 2732 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
2011/04/11 10:01:17.0664 2732 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/04/11 10:01:17.0695 2732 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/04/11 10:01:17.0710 2732 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/04/11 10:01:17.0742 2732 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys
2011/04/11 10:01:17.0757 2732 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
2011/04/11 10:01:17.0773 2732 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys
2011/04/11 10:01:17.0820 2732 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
2011/04/11 10:01:17.0866 2732 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
2011/04/11 10:01:17.0898 2732 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
2011/04/11 10:01:17.0960 2732 Ntfs (3795dcd21f740ee799fb7223234215af) C:\Windows\system32\drivers\Ntfs.sys
2011/04/11 10:01:18.0007 2732 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
2011/04/11 10:01:18.0054 2732 NVHDA (92cfe8964b3a6da0692331fa66630db3) C:\Windows\system32\drivers\nvhda32v.sys
2011/04/11 10:01:18.0397 2732 nvlddmkm (73a70f1d89c942eedd99a3f10459b051) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2011/04/11 10:01:18.0490 2732 nvraid (3f3d04b1d08d43c16ea7963954ec768d) C:\Windows\system32\DRIVERS\nvraid.sys
2011/04/11 10:01:18.0522 2732 nvstor (c99f251a5de63c6f129cf71933aced0f) C:\Windows\system32\DRIVERS\nvstor.sys
2011/04/11 10:01:18.0584 2732 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys
2011/04/11 10:01:18.0880 2732 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/04/11 10:01:19.0395 2732 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
2011/04/11 10:01:19.0910 2732 partmgr (ff4218952b51de44fe910953a3e686b9) C:\Windows\system32\drivers\partmgr.sys
2011/04/11 10:01:20.0144 2732 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
2011/04/11 10:01:20.0269 2732 pci (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys
2011/04/11 10:01:20.0706 2732 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys
2011/04/11 10:01:20.0908 2732 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
2011/04/11 10:01:21.0174 2732 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
2011/04/11 10:01:21.0361 2732 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
2011/04/11 10:01:21.0704 2732 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
2011/04/11 10:01:21.0766 2732 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
2011/04/11 10:01:21.0876 2732 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
2011/04/11 10:01:22.0110 2732 QCMerced (e7ac7b1e8ae57c3d55c661187ceebf11) C:\Windows\system32\DRIVERS\LVCM.sys
2011/04/11 10:01:22.0250 2732 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
2011/04/11 10:01:22.0328 2732 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
2011/04/11 10:01:22.0390 2732 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
2011/04/11 10:01:22.0468 2732 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
2011/04/11 10:01:22.0562 2732 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
2011/04/11 10:01:22.0624 2732 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/04/11 10:01:22.0702 2732 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/04/11 10:01:22.0812 2732 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
2011/04/11 10:01:22.0890 2732 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys
2011/04/11 10:01:23.0046 2732 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
2011/04/11 10:01:23.0108 2732 RDPCDD (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/04/11 10:01:23.0155 2732 RDPDR (c5ff95883ffef704d50c40d21cfb3ab5) C:\Windows\system32\drivers\rdpdr.sys
2011/04/11 10:01:23.0373 2732 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
2011/04/11 10:01:23.0404 2732 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
2011/04/11 10:01:23.0498 2732 RDPWD (801371ba9782282892d00aadb08ee367) C:\Windows\system32\drivers\RDPWD.sys
2011/04/11 10:01:23.0607 2732 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys
2011/04/11 10:01:23.0763 2732 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
2011/04/11 10:01:23.0857 2732 RTL8167 (d5ede44ca85899e0478208c8413c1c31) C:\Windows\system32\DRIVERS\Rt86win7.sys
2011/04/11 10:01:23.0935 2732 s3cap (5423d8437051e89dd34749f242c98648) C:\Windows\system32\DRIVERS\vms3cap.sys
2011/04/11 10:01:24.0013 2732 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys
2011/04/11 10:01:24.0060 2732 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys
2011/04/11 10:01:24.0138 2732 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/04/11 10:01:24.0184 2732 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
2011/04/11 10:01:24.0309 2732 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
2011/04/11 10:01:24.0340 2732 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
2011/04/11 10:01:24.0434 2732 sfdrv01 (56250672235bbe54ba8a4963b1ac997c) C:\Windows\system32\drivers\sfdrv01.sys
2011/04/11 10:01:24.0465 2732 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys
2011/04/11 10:01:24.0496 2732 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS\sffp_mmc.sys
2011/04/11 10:01:24.0512 2732 sffp_sd (4f1e5b0fe7c8050668dbfade8999aefb) C:\Windows\system32\DRIVERS\sffp_sd.sys
2011/04/11 10:01:24.0559 2732 sfhlp02 (3ad2b15ccc03febfbaf5ff057822aa75) C:\Windows\system32\drivers\sfhlp02.sys
2011/04/11 10:01:24.0606 2732 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
2011/04/11 10:01:24.0684 2732 sfsync02 (798d918d8f20380008277ce3ce5319d1) C:\Windows\system32\drivers\sfsync02.sys
2011/04/11 10:01:24.0746 2732 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys
2011/04/11 10:01:24.0808 2732 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
2011/04/11 10:01:24.0855 2732 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
2011/04/11 10:01:24.0918 2732 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
2011/04/11 10:01:24.0996 2732 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
2011/04/11 10:01:25.0058 2732 srv (2dbedfb1853f06110ec2aa7f3213c89f) C:\Windows\system32\DRIVERS\srv.sys
2011/04/11 10:01:25.0183 2732 srv2 (db37131d1027c50ea7ee21c8bb4536aa) C:\Windows\system32\DRIVERS\srv2.sys
2011/04/11 10:01:25.0261 2732 srvnet (f5980b74124db9233b33f86fc5ebbb4f) C:\Windows\system32\DRIVERS\srvnet.sys
2011/04/11 10:01:25.0323 2732 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
2011/04/11 10:01:25.0417 2732 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
2011/04/11 10:01:25.0464 2732 StillCam (edb05bd63148796f23ea78506404a538) C:\Windows\system32\DRIVERS\serscan.sys
2011/04/11 10:01:25.0635 2732 storflt (957e346ca948668f2496a6ccf6ff82cc) C:\Windows\system32\DRIVERS\vmstorfl.sys
2011/04/11 10:01:25.0698 2732 storvsc (d5751969dc3e4b88bf482ac8ec9fe019) C:\Windows\system32\DRIVERS\storvsc.sys
2011/04/11 10:01:25.0744 2732 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys
2011/04/11 10:01:25.0854 2732 TBPanel (04e1c782cf14b7282ebc633b0fd3ed16) C:\Windows\system32\drivers\TBPanel.sys
2011/04/11 10:01:25.0947 2732 Tcpip (bb7f39c31c4a4417fd318e7cd184e225) C:\Windows\system32\drivers\tcpip.sys
2011/04/11 10:01:26.0056 2732 TCPIP6 (bb7f39c31c4a4417fd318e7cd184e225) C:\Windows\system32\DRIVERS\tcpip.sys
2011/04/11 10:01:26.0103 2732 tcpipreg (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys
2011/04/11 10:01:26.0119 2732 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys
2011/04/11 10:01:26.0134 2732 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\Windows\system32\drivers\tdtcp.sys
2011/04/11 10:01:26.0166 2732 tdx (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys
2011/04/11 10:01:26.0181 2732 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys
2011/04/11 10:01:26.0212 2732 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/04/11 10:01:26.0259 2732 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys
2011/04/11 10:01:26.0290 2732 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
2011/04/11 10:01:26.0306 2732 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys
2011/04/11 10:01:26.0337 2732 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys
2011/04/11 10:01:26.0368 2732 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys
2011/04/11 10:01:26.0400 2732 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
2011/04/11 10:01:26.0431 2732 usbaudio (2436a42aab4ad48a9b714e5b0f344627) C:\Windows\system32\drivers\usbaudio.sys
2011/04/11 10:01:26.0462 2732 usbccgp (8455c4ed038efd09e99327f9d2d48ffa) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/04/11 10:01:26.0478 2732 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys
2011/04/11 10:01:26.0509 2732 usbehci (1c333bfd60f2fed2c7ad5daf533cb742) C:\Windows\system32\DRIVERS\usbehci.sys
2011/04/11 10:01:26.0540 2732 usbhub (ee6ef93ccfa94fae8c6ab298273d8ae2) C:\Windows\system32\DRIVERS\usbhub.sys
2011/04/11 10:01:26.0571 2732 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys
2011/04/11 10:01:26.0587 2732 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
2011/04/11 10:01:26.0602 2732 USBSTOR (d8889d56e0d27e57ed4591837fe71d27) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/04/11 10:01:26.0618 2732 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/04/11 10:01:26.0649 2732 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys
2011/04/11 10:01:26.0680 2732 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/04/11 10:01:26.0712 2732 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
2011/04/11 10:01:26.0727 2732 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys
2011/04/11 10:01:26.0774 2732 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys
2011/04/11 10:01:26.0790 2732 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
2011/04/11 10:01:26.0821 2732 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys
2011/04/11 10:01:26.0852 2732 vmbus (379b349f65f453d2a6e75ea6b7448e49) C:\Windows\system32\DRIVERS\vmbus.sys
2011/04/11 10:01:26.0868 2732 VMBusHID (ec2bbab4b84d0738c6c83d2234dc36fe) C:\Windows\system32\DRIVERS\VMBusHID.sys
2011/04/11 10:01:26.0899 2732 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys
2011/04/11 10:01:26.0914 2732 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
2011/04/11 10:01:26.0977 2732 volsnap (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS\volsnap.sys
2011/04/11 10:01:27.0070 2732 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
2011/04/11 10:01:27.0102 2732 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
2011/04/11 10:01:27.0148 2732 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
2011/04/11 10:01:27.0180 2732 WANARP (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
2011/04/11 10:01:27.0195 2732 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
2011/04/11 10:01:27.0226 2732 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
2011/04/11 10:01:27.0258 2732 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
2011/04/11 10:01:27.0320 2732 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
2011/04/11 10:01:27.0336 2732 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
2011/04/11 10:01:27.0398 2732 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys
2011/04/11 10:01:27.0445 2732 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
2011/04/11 10:01:27.0460 2732 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
2011/04/11 10:01:27.0507 2732 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/04/11 10:01:27.0538 2732 ================================================================================
2011/04/11 10:01:27.0538 2732 Scan finished
2011/04/11 10:01:27.0538 2732 ================================================================================


Gruß Kevin

Alt 11.04.2011, 12:32   #9
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Javavirus? Ich bin mir nicht sicher! - Standard

Javavirus? Ich bin mir nicht sicher!



Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Lade dir ComboFix hier herunter auf deinen Desktop. Benenne es beim Runterladen um in cofi.exe.
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte cofi.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 12.04.2011, 12:29   #10
SaDe
 
Javavirus? Ich bin mir nicht sicher! - Standard

Javavirus? Ich bin mir nicht sicher!



Huhuuu Cosinus!!

Hab Combofix ausgeführt, hier ist der Log:
Combofix Logfile:
Code:
ATTFilter
ComboFix 11-04-11.03 - Kevin 12.04.2011  13:24:29.1.4 - x86
Microsoft Windows 7 Professional   6.1.7600.0.1252.49.1031.18.3031.2218 [GMT 2:00]
ausgeführt von:: c:\users\Kevin\Desktop\ComboFix.exe
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((   Dateien erstellt von 2011-03-12 bis 2011-04-12  ))))))))))))))))))))))))))))))
.
.
2011-04-12 11:26 . 2011-04-12 11:26	--------	d-----w-	c:\users\Default\AppData\Local\temp
2011-04-12 08:58 . 2011-04-12 08:58	--------	d-----w-	c:\users\Kevin\AppData\Local\{CA2C6B73-2C88-44A8-BBB6-2C33BC69BBAA}
2011-04-12 08:34 . 2011-03-15 04:05	6792528	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{63632033-00A9-4022-B102-9406ED123178}\mpengine.dll
2011-04-11 21:07 . 2011-04-11 21:07	--------	d-----w-	c:\programdata\Caphyon
2011-04-11 08:11 . 2011-04-11 08:11	--------	d-----w-	c:\users\Kevin\AppData\Local\{C95F028E-D846-4D0D-BCBF-BB6E300F97D6}
2011-04-10 17:03 . 2011-04-10 17:03	--------	d-----w-	C:\_OTL
2011-04-10 09:07 . 2011-04-10 09:07	--------	d-----w-	c:\users\Kevin\AppData\Local\{DA4B23D3-B708-4258-BD56-11E93705630D}
2011-04-09 12:12 . 2011-04-09 12:13	--------	d-----w-	c:\users\Kevin\AppData\Local\{40353C69-DBBA-4D01-AC06-900225AA853F}
2011-04-09 09:01 . 2011-04-09 09:01	--------	d-----w-	c:\program files\CCleaner
2011-04-08 18:08 . 2006-06-19 11:01	69632	----a-w-	c:\windows\system32\ztvcabinet.dll
2011-04-08 18:08 . 2006-05-25 13:52	162304	----a-w-	c:\windows\system32\ztvunrar36.dll
2011-04-08 18:08 . 2005-08-25 23:50	77312	----a-w-	c:\windows\system32\ztvunace26.dll
2011-04-08 18:08 . 2002-03-05 23:00	75264	----a-w-	c:\windows\system32\unacev2.dll
2011-04-08 18:08 . 2003-02-02 18:06	153088	----a-w-	c:\windows\system32\UNRAR3.dll
2011-04-08 13:22 . 2011-04-08 18:04	472808	----a-w-	c:\windows\system32\deployJava1.dll
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-16 14:19 . 2010-11-02 11:54	137656	----a-w-	c:\windows\system32\drivers\avipbb.sys
2011-03-10 15:30 . 2010-06-24 10:33	18328	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-02-19 05:33 . 2011-03-09 14:52	802304	----a-w-	c:\windows\system32\FntCache.dll
2011-02-19 05:32 . 2011-03-09 14:52	1074176	----a-w-	c:\windows\system32\DWrite.dll
2011-02-19 05:32 . 2011-03-09 14:52	739840	----a-w-	c:\windows\system32\d2d1.dll
2011-02-03 05:45 . 2011-02-09 22:10	219008	----a-w-	c:\windows\system32\drivers\dxgmms1.sys
2011-02-02 17:11 . 2010-11-02 11:32	222080	------w-	c:\windows\system32\MpSigStub.exe
2011-01-20 19:33 . 2011-01-20 19:33	218688	----a-w-	c:\windows\system32\drivers\dtsoftbus01.sys
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TBPanel"="c:\program files\Vtune\TBPanel.exe" [2010-07-30 2158592]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-06-08 9267816]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-11-03 281768]
" Malwarebytes Anti-Malware  (reboot)"="d:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-12-20 963976]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-01-30 35736]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-10 932288]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages	REG_MULTI_SZ   	kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2011-01-20 09:20	1305408	----a-w-	d:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2010-09-16 20:04	1164584	----a-w-	c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
2011-03-29 08:08	119608	----a-w-	d:\program files\ICQ7.2\ICQ7.4\ICQ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechCommunicationsManager]
2007-10-25 15:33	563984	----a-w-	c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]
2007-10-25 15:37	2178832	----a-w-	d:\program files\Logitech\QuickCam\Quickcam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LVCOMSX]
2004-10-08 10:52	221184	----a-w-	c:\windows\System32\LVCOMSX.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2010-11-29 20:06	1242448	----a-w-	d:\program files\Steam\Steam.exe
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [2010-11-03 135336]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-01-07 378984]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-01-20 218688]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2010-11-11 122984]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2010-06-23 275048]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12	REG_MULTI_SZ   	Pml Driver HPZ12 Net Driver HPZ12
HPService	REG_MULTI_SZ   	HPSLPSVC
hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvc
.
.
------- Zusätzlicher Suchlauf -------
.
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Free YouTube Download - c:\users\Kevin\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to MP3 Converter - c:\users\Kevin\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - d:\program files\ICQ7.2\ICQ7.4\ICQ.exe
FF - ProfilePath - c:\users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\yh0ddx82.default\
FF - prefs.js: browser.startup.homepage - google.de
FF - prefs.js: network.proxy.type - 0
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - d:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: DVDVideoSoft Menu: {ACAA314B-EEBA-48e4-AD47-84E31C44796C} - %profile%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
MSConfigStartUp-CamWizard - c:\program files\Common Files\Logitech\QCDRV\BIN\CamWizrd.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2011-04-12  13:27:20
ComboFix-quarantined-files.txt  2011-04-12 11:27
.
Vor Suchlauf: 9 Verzeichnis(se), 80.534.142.976 Bytes frei
Nach Suchlauf: 14 Verzeichnis(se), 81.090.203.648 Bytes frei
.
- - End Of File - - DF9ADBF4A9B47931E362C6DB2A93AEFE
         
--- --- ---

Alt 12.04.2011, 12:45   #11
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Javavirus? Ich bin mir nicht sicher! - Standard

Javavirus? Ich bin mir nicht sicher!



Ok. Bitte nun Logs mit GMER und OSAM erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen.
Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst.


Downloade Dir danach bitte MBRCheck (by a_d_13) und speichere die Datei auf dem Desktop.
  • Doppelklick auf die MBRCheck.exe.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Das Tool braucht nur wenige Sekunden.
  • Danach solltest du eine MBRCheck_<Datum>_<Uhrzeit>.txt auf dem Desktop finden.
Poste mir bitte den Inhalt des .txt Dokumentes
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 13.04.2011, 10:44   #12
SaDe
 
Javavirus? Ich bin mir nicht sicher! - Standard

Javavirus? Ich bin mir nicht sicher!



Guten Morgeen!

Hier die Logs:

GMER:
GMER Logfile:
Code:
ATTFilter
GMER 1.0.15.15570 - GMER - Rootkit Detector and Remover
Rootkit scan 2011-04-13 11:25:30
Windows 6.1.7600  Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-4 WDC_WD5000AAKS-00H2B0 rev.07.04C07
Running: f3nxz28q.exe; Driver: C:\Users\Kevin\AppData\Local\Temp\agloqpod.sys


---- Kernel code sections - GMER 1.0.15 ----

.text           ntkrnlpa.exe!ZwSaveKeyEx + 13BD                                                                                 83060589 1 Byte  [06]
.text           ntkrnlpa.exe!KiDispatchInterrupt + 5A2                                                                          83085092 19 Bytes  [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}

---- User IAT/EAT - GMER 1.0.15 ----

IAT             C:\Windows\Explorer.EXE[736] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc]                                  [746C2494] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[736] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup]                             [746A5624] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[736] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown]                            [746A56E2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[736] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree]                                   [746C250F] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[736] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics]                         [746B8573] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[736] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage]                           [746B4D27] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[736] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth]                          [746B50CE] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[736] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight]                         [746B51A3] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[736] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromHBITMAP]                [746B66D0] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[736] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC]                          [746B82CA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[736] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode]                     [746B8819] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[736] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode]                   [746B907A] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[736] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI]                         [746BE21D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[736] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage]                             [746B4C59] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT             C:\Windows\Explorer.EXE[736] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                   [03E02CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Windows\Explorer.EXE[736] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]               [03E02CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Windows\Explorer.EXE[736] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                             [03E02D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Windows\Explorer.EXE[736] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                        [03E02F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Users\Kevin\Desktop\f3nxz28q.exe[5432] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]      [00802CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Users\Kevin\Desktop\f3nxz28q.exe[5432] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]  [00802CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Users\Kevin\Desktop\f3nxz28q.exe[5432] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                [00802D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT             C:\Users\Kevin\Desktop\f3nxz28q.exe[5432] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]           [00802F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)

---- Devices - GMER 1.0.15 ----

Device          \Driver\ACPI_HAL \Device\00000048                                                                               halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)

AttachedDevice  \Driver\volmgr \Device\HarddiskVolume1                                                                          fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice  \Driver\volmgr \Device\HarddiskVolume2                                                                          fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice  \Driver\volmgr \Device\HarddiskVolume3                                                                          fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

---- EOF - GMER 1.0.15 ----
         
--- --- ---

OSAM:
OSAM Logfile:
Code:
ATTFilter
Report of OSAM: Autorun Manager v5.0.11926.0
Online Solutions. Complex Protection for Information Systems
Saved at 11:30:07 on 13.04.2011

OS: Windows 7  (Build 7600), 32-bit
Default Browser: Mozilla Corporation Firefox 3.6.16

Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures

Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries


[Control Panel Objects]
-----( %SystemRoot%\system32 )-----
"DivXControlPanelApplet.cpl" - "DivX, Inc." - C:\Windows\system32\DivXControlPanelApplet.cpl
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )-----
"mlcfg32.cpl" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\MLCFG32.CPL

[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"agloqpod" (agloqpod) - ? - C:\Users\Kevin\AppData\Local\Temp\agloqpod.sys  (Hidden registry entry, rootkit activity | File not found)
"avgntflt" (avgntflt) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avgntflt.sys
"avipbb" (avipbb) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avipbb.sys
"catchme" (catchme) - ? - C:\Users\Kevin\AppData\Local\Temp\catchme.sys  (File not found)
"ssmdrv" (ssmdrv) - "Avira GmbH" - C:\Windows\System32\DRIVERS\ssmdrv.sys
"StarForce Protection Environment Driver (version 1.x)" (sfdrv01) - "Protection Technology" - C:\Windows\System32\drivers\sfdrv01.sys
"StarForce Protection Helper Driver (version 2.x)" (sfhlp02) - "Protection Technology" - C:\Windows\System32\drivers\sfhlp02.sys
"StarForce Protection Synchronization Driver (version 2.x)" (sfsync02) - "Protection Technology" - C:\Windows\System32\drivers\sfsync02.sys
"TBPanel" (TBPanel) - "Windows (R) 2000 DDK provider" - C:\Windows\system32\drivers\TBPanel.sys

[Explorer]
-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----
{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
-----( HKLM\Software\Classes\Protocols\Filter )-----
{807563E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
-----( HKLM\Software\Classes\Protocols\Handler )-----
{314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
{828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\Program Files\Windows Live\Messenger\msgrapp.dll
{88FED34C-F0CA-4636-A375-3CB6248B04CD} "Local Groove Web Services Protocol" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
{828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Messenger\msgrapp.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks )-----
{B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{AEB6717E-7E19-11d0-97EE-00C04FD91972} "{AEB6717E-7E19-11d0-97EE-00C04FD91972}" - ? -   (File not found | COM-object registry key not found)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{0DE76E1C-40C5-4fae-A59A-44EF606A0B02} "AbbyyS2O.S2OShellExtension.1" - "ABBYY (BIT Software)" - D:\Program Files\ABBYY ScanTo Office 1.0\STOShellExtension.dll
{A70C977A-BF00-412C-90B7-034C51DA2439} "DesktopContext Class" - "NVIDIA Corporation" - C:\Program Files\NVIDIA Corporation\Display\nvui.dll
{99FD978C-D287-4F50-827F-B2C658EDA8E7} "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} "Groove Explorer Icon Overlay 2 (GFS Stub)" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{920E6DB1-9907-4370-B3A0-BAFC03D81399} "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{16F3DD56-1AF5-4347-846D-7C10C4192619} "Groove Explorer Icon Overlay 3 (GFS Folder)" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{2916C86E-86A6-43FE-8112-43ABE6BF8DCC} "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{2A541AE1-5BF6-4665-A8A3-CFA9672E4291} "Groove Folder Synchronization" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{6C467336-8281-4E60-8204-430CED96822D} "Groove GFS Context Menu Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{A449600E-1DC6-4232-B948-9BD794D62056} "Groove GFS Stub Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{387E725D-DC16-4D76-B310-2C93ED4752A0} "Groove XML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\msohevi.dll
{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
{5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C} "Microsoft Office OneNote Namespace Extension for Windows Desktop Search" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\ONFILTER.DLL
{00020D75-0000-0000-C000-000000000046} "Microsoft Office Outlook" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\MLSHEXT.DLL
{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
{3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} "NVIDIA CPL Context Menu Extension" - "NVIDIA Corporation" - C:\Windows\system32\nvshext.dll
{0006F045-0000-0000-C000-000000000046} "Outlook File Icon Extension" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\OLKFSTUB.DLL
{45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\shlext.dll
{52B87208-9CCF-42C9-B88E-069281105805} "Trojan Remover Shell Extension" - ? -   (File not found | COM-object registry key not found)
{B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - "Alexander Roshal" - D:\Program Files\WinRAR\rarext.dll

[Internet Explorer]
-----( HKCU\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars )-----
{555D4D79-4BD2-4094-A395-CFC534424A05} "HP Smart Web Printing" - "Hewlett-Packard Co." - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
{D27CDB6E-AE6D-11CF-96B8-444553540000} "Shockwave Flash Object" - "Adobe Systems, Inc." - C:\Windows\system32\Macromed\Flash\Flash10k.ocx / hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
{48E73304-E1D6-4330-914C-F5F514E3486C} "An OneNote senden" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
{DDE87865-83C5-48c4-8357-2F5B1AA84522} "HP Smart Web Printing ein- oder ausblenden" - "Hewlett-Packard Co." - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
"ICQ7.4" - "ICQ, LLC." - D:\Program Files\ICQ7.2\ICQ7.4\ICQ.exe
{FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Research" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
{72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{0347C33E-8762-4905-BF09-768834316C61} "HP Print Enhancer" - "Hewlett-Packard Co." - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} "HP Smart BHO Class" - "Hewlett-Packard Co." - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
{9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live ID Sign-in Helper" - "Microsoft Corp." - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
{DBC80044-A445-435b-BC74-9C25C1C588A9} "{DBC80044-A445-435b-BC74-9C25C1C588A9}" - ? -   (File not found | COM-object registry key not found)

[LSA Providers]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Lsa )-----
"Security Packages" - "Microsoft Corp." - C:\Windows\system32\livessp.dll

[Logon]
-----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )-----
"TBPanel" - ? - C:\Program Files\Vtune\TBPanel.exe /A
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"Adobe ARM" - "Adobe Systems Incorporated" - "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe"
"avgnt" - "Avira GmbH" - "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
"GrooveMonitor" - "Microsoft Corporation" - "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
"HP Software Update" - "Hewlett-Packard" - C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
"hpqSRMon" - "Hewlett-Packard" - C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
" Malwarebytes Anti-Malware  (reboot)" - "Malwarebytes Corporation" - "D:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript

[Print Monitors]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )-----
"avm:" - "AVM Berlin GmbH" - C:\Windows\system32\avmprmon.dll
"Send To Microsoft OneNote Monitor" - "Microsoft Corporation" - C:\Windows\system32\msonpmon.dll

[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"Avira AntiVir Guard" (AntiVirService) - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
"Avira AntiVir Planer" (AntiVirSchedulerService) - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\sched.exe
"Google Updater Service" (gusvc) - "Google" - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
"HP CUE DeviceDiscovery Service" (hpqddsvc) - "Hewlett-Packard Co." - C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
"HP Network Devices Support" (HPSLPSVC) - "Hewlett-Packard Co." - C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
"hpqcxs08" (hpqcxs08) - "Hewlett-Packard Co." - C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
"LVCOMSer" (LVCOMSer) - "Logitech Inc." - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
"LVSrvLauncher" (LVSrvLauncher) - "Logitech Inc." - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
"Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
"Microsoft Office Diagnostics Service" (odserv) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
"Microsoft Office Groove Audit Service" (Microsoft Office Groove Audit Service) - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
"Net Driver HPZ12" (Net Driver HPZ12) - "Hewlett-Packard" - C:\Windows\system32\HPZinw12.dll
"NVIDIA Display Driver Service" (nvsvc) - "NVIDIA Corporation" - C:\Windows\system32\nvvsvc.exe
"NVIDIA Stereoscopic 3D Driver Service" (Stereo Service) - "NVIDIA Corporation" - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
"Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
"Pml Driver HPZ12" (Pml Driver HPZ12) - "Hewlett-Packard" - C:\Windows\system32\HPZipm12.dll
"Process Monitor" (LVPrcSrv) - "Logitech Inc." - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
"Steam Client Service" (Steam Client Service) - "Valve Corporation" - C:\Program Files\Common Files\Steam\SteamService.exe
"Windows Live ID Sign-in Assistant" (wlidsvc) - "Microsoft Corp." - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

[Winsock Providers]
-----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )-----
"WindowsLive Local NSP" - "Microsoft Corp." - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
"WindowsLive NSP" - "Microsoft Corp." - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL

===[ Logfile end ]=========================================[ Logfile end ]===
         
--- --- ---
If You have questions or want to get some help, You can visit Online Solutions :: Index


MBRcheck:

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows 7 Professional
Windows Information: (build 7600), 32-bit
Base Board Manufacturer: MSI
BIOS Manufacturer: American Megatrends Inc.
System Manufacturer: brunenIT
System Product Name: MS-7636
Logical Drives Mask: 0x0000001c

Kernel Drivers (total 185):
0x8301D000 \SystemRoot\system32\ntkrnlpa.exe
0x8342D000 \SystemRoot\system32\halmacpi.dll
0x80BB0000 \SystemRoot\system32\kdcom.dll
0x83612000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x8368A000 \SystemRoot\system32\PSHED.dll
0x8369B000 \SystemRoot\system32\BOOTVID.dll
0x836A3000 \SystemRoot\system32\CLFS.SYS
0x836E5000 \SystemRoot\system32\CI.dll
0x83C2F000 \SystemRoot\system32\drivers\Wdf01000.sys
0x83CA0000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x83CAE000 \SystemRoot\system32\DRIVERS\ACPI.sys
0x83CF6000 \SystemRoot\system32\DRIVERS\WMILIB.SYS
0x83CFF000 \SystemRoot\system32\DRIVERS\msisadrv.sys
0x83D07000 \SystemRoot\system32\DRIVERS\pci.sys
0x83D31000 \SystemRoot\system32\DRIVERS\vdrvroot.sys
0x83D3C000 \SystemRoot\System32\drivers\partmgr.sys
0x83D4D000 \SystemRoot\system32\DRIVERS\volmgr.sys
0x83D5D000 \SystemRoot\System32\drivers\volmgrx.sys
0x83DA8000 \SystemRoot\system32\DRIVERS\pciide.sys
0x83DAF000 \SystemRoot\system32\DRIVERS\PCIIDEX.SYS
0x83DBD000 \SystemRoot\System32\drivers\mountmgr.sys
0x83DD9000 \SystemRoot\system32\DRIVERS\atapi.sys
0x83C00000 \SystemRoot\system32\DRIVERS\ataport.SYS
0x83C23000 \SystemRoot\system32\DRIVERS\msahci.sys
0x83DE2000 \SystemRoot\system32\DRIVERS\amdxata.sys
0x83790000 \SystemRoot\system32\drivers\fltmgr.sys
0x83DEB000 \SystemRoot\system32\drivers\fileinfo.sys
0x83E29000 \SystemRoot\System32\Drivers\Ntfs.sys
0x83F58000 \SystemRoot\System32\Drivers\msrpc.sys
0x83F83000 \SystemRoot\System32\Drivers\ksecdd.sys
0x83F96000 \SystemRoot\System32\Drivers\cng.sys
0x83E00000 \SystemRoot\System32\drivers\pcw.sys
0x83E0E000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x8B621000 \SystemRoot\system32\drivers\ndis.sys
0x8B6D8000 \SystemRoot\system32\drivers\NETIO.SYS
0x8B716000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x8B809000 \SystemRoot\System32\drivers\tcpip.sys
0x8B952000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x8B983000 \SystemRoot\system32\DRIVERS\vmstorfl.sys
0x8B98C000 \SystemRoot\system32\DRIVERS\volsnap.sys
0x8B9CB000 \SystemRoot\System32\Drivers\spldr.sys
0x8B9D3000 \SystemRoot\System32\drivers\sfhlp02.sys
0x8B73B000 \SystemRoot\System32\drivers\rdyboost.sys
0x8B9EC000 \SystemRoot\System32\Drivers\mup.sys
0x8B800000 \SystemRoot\System32\drivers\hwpolicy.sys
0x8B768000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x8B79A000 \SystemRoot\system32\DRIVERS\disk.sys
0x8B7AB000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
0x8B600000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x8B7F6000 \SystemRoot\System32\Drivers\Null.SYS
0x83E17000 \SystemRoot\System32\Drivers\Beep.SYS
0x83FF3000 \SystemRoot\System32\drivers\vga.sys
0x837C4000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x837E5000 \SystemRoot\System32\drivers\watchdog.sys
0x83E1E000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x837F2000 \SystemRoot\system32\drivers\rdpencdd.sys
0x83600000 \SystemRoot\system32\drivers\rdprefmp.sys
0x90021000 \SystemRoot\System32\Drivers\Msfs.SYS
0x9002C000 \SystemRoot\System32\Drivers\Npfs.SYS
0x9003A000 \SystemRoot\system32\DRIVERS\tdx.sys
0x90051000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x9005C000 \SystemRoot\system32\drivers\afd.sys
0x900B6000 \SystemRoot\System32\DRIVERS\netbt.sys
0x900E8000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x900EF000 \SystemRoot\system32\DRIVERS\pacer.sys
0x9010E000 \SystemRoot\system32\DRIVERS\netbios.sys
0x9011C000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x9012F000 \SystemRoot\system32\DRIVERS\termdd.sys
0x9013F000 \SystemRoot\system32\DRIVERS\ssmdrv.sys
0x90145000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x90186000 \SystemRoot\system32\drivers\nsiproxy.sys
0x90190000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x9019A000 \SystemRoot\System32\drivers\discache.sys
0x90A18000 \SystemRoot\system32\drivers\csc.sys
0x90A7C000 \SystemRoot\System32\Drivers\dfsc.sys
0x90A94000 \SystemRoot\system32\DRIVERS\blbdrive.sys
0x90AA2000 \SystemRoot\system32\DRIVERS\avipbb.sys
0x90AC8000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x90AE9000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x90C03000 \SystemRoot\system32\DRIVERS\nvlddmkm.sys
0x915FD000 \SystemRoot\System32\Drivers\nvBridge.kmd
0x90AFB000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x90BB2000 \SystemRoot\System32\drivers\dxgmms1.sys
0x901A6000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x90BEB000 \SystemRoot\system32\DRIVERS\HECI.sys
0x90A00000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x96830000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x9687B000 \SystemRoot\system32\DRIVERS\Rt86win7.sys
0x968C0000 \SystemRoot\system32\DRIVERS\CompositeBus.sys
0x968CD000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x968DF000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x968F7000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x96902000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x96924000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x9693C000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x96953000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x9696A000 \SystemRoot\system32\DRIVERS\rdpbus.sys
0x96974000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x96981000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x9698E000 \SystemRoot\system32\DRIVERS\swenum.sys
0x96990000 \SystemRoot\system32\DRIVERS\ks.sys
0x969C4000 \SystemRoot\system32\DRIVERS\dtsoftbus01.sys
0x96800000 \SystemRoot\system32\DRIVERS\umbus.sys
0x96C24000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x96C68000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x96C86000 \SystemRoot\system32\drivers\nvhda32v.sys
0x96CA7000 \SystemRoot\system32\drivers\portcls.sys
0x96CD6000 \SystemRoot\system32\drivers\drmk.sys
0x9A00F000 \SystemRoot\system32\drivers\RTKVHDA.sys
0x9B6F0000 \SystemRoot\System32\win32k.sys
0x9A306000 \SystemRoot\System32\drivers\Dxapi.sys
0x9A310000 \SystemRoot\System32\Drivers\crashdmp.sys
0x9A31D000 \SystemRoot\System32\Drivers\dump_dumpata.sys
0x9A328000 \SystemRoot\System32\Drivers\dump_msahci.sys
0x9A332000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
0x9A343000 \SystemRoot\system32\DRIVERS\monitor.sys
0x9B950000 \SystemRoot\System32\TSDDD.dll
0x9B980000 \SystemRoot\System32\cdd.dll
0x9A34E000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x9A365000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x9A367000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x9A372000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x9A385000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x9A38C000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0x9A398000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x9A3A3000 \SystemRoot\system32\drivers\luafv.sys
0x9A3BE000 \SystemRoot\system32\DRIVERS\avgntflt.sys
0x9A3D3000 \SystemRoot\system32\drivers\WudfPf.sys
0x9A3ED000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x96D23000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x96D36000 \SystemRoot\system32\drivers\HTTP.sys
0x96DBB000 \SystemRoot\system32\DRIVERS\bowser.sys
0x96DD4000 \SystemRoot\System32\drivers\mpsdrv.sys
0x96C00000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x901C5000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x96CEF000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x9A3FD000 \SystemRoot\System32\Drivers\TBPanel.SYS
0x9AE33000 \SystemRoot\system32\drivers\peauth.sys
0x9AECA000 \SystemRoot\System32\Drivers\secdrv.SYS
0x9AED4000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x9AEF5000 \SystemRoot\System32\drivers\tcpipreg.sys
0x9AF02000 \SystemRoot\System32\DRIVERS\srv2.sys
0x9AF51000 \SystemRoot\System32\DRIVERS\srv.sys
0x9AFA2000 \SystemRoot\system32\DRIVERS\LVPr2Mon.sys
0xA5285000 \SystemRoot\system32\DRIVERS\asyncmac.sys
0xA528E000 \??\C:\Users\Kevin\AppData\Local\Temp\agloqpod.sys
0x77C40000 \Windows\System32\ntdll.dll
0x47C00000 \Windows\System32\smss.exe
0x77E80000 \Windows\System32\apisetschema.dll
0x00090000 \Windows\System32\autochk.exe
0x77E50000 \Windows\System32\imm32.dll
0x77DB0000 \Windows\System32\advapi32.dll
0x77B40000 \Windows\System32\wininet.dll
0x77AF0000 \Windows\System32\gdi32.dll
0x77A60000 \Windows\System32\clbcatq.dll
0x779B0000 \Windows\System32\rpcrt4.dll
0x778E0000 \Windows\System32\msctf.dll
0x77DA0000 \Windows\System32\lpk.dll
0x77840000 \Windows\System32\usp10.dll
0x777B0000 \Windows\System32\oleaut32.dll
0x77750000 \Windows\System32\difxapi.dll
0x776D0000 \Windows\System32\comdlg32.dll
0x77D90000 \Windows\System32\normaliz.dll
0x774D0000 \Windows\System32\iertutil.dll
0x77370000 \Windows\System32\ole32.dll
0x77330000 \Windows\System32\ws2_32.dll
0x77250000 \Windows\System32\kernel32.dll
0x770B0000 \Windows\System32\setupapi.dll
0x77080000 \Windows\System32\imagehlp.dll
0x77D80000 \Windows\System32\nsi.dll
0x77020000 \Windows\System32\shlwapi.dll
0x76F50000 \Windows\System32\user32.dll
0x76F30000 \Windows\System32\sechost.dll
0x76EE0000 \Windows\System32\Wldap32.dll
0x76290000 \Windows\System32\shell32.dll
0x76150000 \Windows\System32\urlmon.dll
0x760A0000 \Windows\System32\msvcrt.dll
0x76090000 \Windows\System32\psapi.dll
0x76060000 \Windows\System32\wintrust.dll
0x75F40000 \Windows\System32\crypt32.dll
0x75F20000 \Windows\System32\devobj.dll
0x75EF0000 \Windows\System32\cfgmgr32.dll
0x75EA0000 \Windows\System32\KernelBase.dll
0x75E10000 \Windows\System32\comctl32.dll
0x75E00000 \Windows\System32\msasn1.dll

Processes (total 58):
0 System Idle Process
4 System
276 C:\Windows\System32\smss.exe
428 csrss.exe
496 C:\Windows\System32\wininit.exe
504 csrss.exe
544 C:\Windows\System32\services.exe
572 C:\Windows\System32\lsass.exe
580 C:\Windows\System32\lsm.exe
616 C:\Windows\System32\winlogon.exe
720 C:\Windows\System32\svchost.exe
816 C:\Windows\System32\nvvsvc.exe
856 C:\Windows\System32\svchost.exe
956 C:\Windows\System32\svchost.exe
988 C:\Windows\System32\svchost.exe
1020 C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
1040 C:\Windows\System32\svchost.exe
1168 C:\Windows\System32\svchost.exe
1296 C:\Windows\System32\svchost.exe
1432 C:\Windows\System32\spoolsv.exe
1484 C:\Program Files\Avira\AntiVir Desktop\sched.exe
1516 C:\Windows\System32\svchost.exe
1560 C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
1572 C:\Windows\System32\nvvsvc.exe
1844 C:\Windows\System32\taskhost.exe
1916 C:\Program Files\Avira\AntiVir Desktop\avguard.exe
1940 C:\Windows\System32\dwm.exe
2016 C:\Windows\System32\svchost.exe
2040 C:\Windows\System32\svchost.exe
292 C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
432 C:\Windows\System32\svchost.exe
736 C:\Windows\explorer.exe
424 C:\Windows\System32\svchost.exe
1536 C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
1608 C:\Windows\System32\conhost.exe
1600 C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
1780 C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
2080 C:\Windows\System32\svchost.exe
2172 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
2336 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
2736 C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
2756 C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
2780 C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
2908 C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
2944 C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe
2956 C:\Program Files\Vtune\TBPANEL.exe
3232 C:\Windows\System32\svchost.exe
3448 C:\Windows\System32\taskhost.exe
3552 C:\Windows\System32\svchost.exe
3828 C:\Windows\System32\SearchIndexer.exe
4000 C:\Program Files\Windows Media Player\wmpnetwk.exe
3220 C:\Windows\System32\svchost.exe
4428 dllhost.exe
5024 C:\Windows\System32\svchost.exe
4200 C:\Windows\System32\audiodg.exe
4592 C:\Users\Kevin\Desktop\MBRCheck.exe
5700 C:\Windows\System32\conhost.exe
4504 C:\Windows\System32\dllhost.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`06500000 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000018`6a100000 (NTFS)

PhysicalDrive0 Model Number: WDCWD5000AAKS-00H2B0, Rev: 07.04C07

Size Device Name MBR Status
--------------------------------------------
465 GB \\.\PhysicalDrive0 Windows 7 MBR code detected
SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79


Done!

MFG Kevin

Alt 13.04.2011, 11:12   #13
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Javavirus? Ich bin mir nicht sicher! - Standard

Javavirus? Ich bin mir nicht sicher!



Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 13.04.2011, 12:12   #14
SaDe
 
Javavirus? Ich bin mir nicht sicher! - Standard

Javavirus? Ich bin mir nicht sicher!



Hier die Logs: (und ja ich hab die Tools geupdatet haha )

Malwarebytes:

Malwarebytes' Anti-Malware 1.50.1.1100
Malwarebytes

Datenbank Version: 6350

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

13.04.2011 12:55:37
mbam-log-2011-04-13 (12-55-37).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 230781
Laufzeit: 27 Minute(n), 27 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)


SUPERAntiSpyware:

SUPERAntiSpyware Scan Log
SUPERAntiSpyware.com | Remove Malware | Remove Spyware - AntiMalware, AntiSpyware, AntiAdware!

Generated 04/13/2011 at 12:52 PM

Application Version : 4.50.1002

Core Rules Database Version : 6824
Trace Rules Database Version: 4636

Scan type : Complete Scan
Total Scan Time : 00:24:13

Memory items scanned : 732
Memory threats detected : 0
Registry items scanned : 9508
Registry threats detected : 0
File items scanned : 21484
File threats detected : 16

Adware.Tracking Cookie
C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Cookies\kevin@tracking.quisma[2].txt
C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Cookies\kevin@atdmt[1].txt
C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Cookies\kevin@content.yieldmanager[2].txt
C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Cookies\kevin@adfarm1.adition[2].txt
C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Cookies\kevin@serving-sys[2].txt
C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Cookies\kevin@content.yieldmanager[3].txt
C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Cookies\kevin@apmebf[1].txt
C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Cookies\kevin@mediaplex[2].txt
C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Cookies\kevin@zbox.zanox[2].txt
C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Cookies\kevin@tradedoubler[1].txt
C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Cookies\kevin@ad.zanox[2].txt
C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Cookies\kevin@ad.yieldmanager[2].txt
C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Cookies\kevin@ad2.adfarm1.adition[1].txt
C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Cookies\kevin@doubleclick[1].txt

Adware.Casino Games (Golden Palace Casino)
D:\CASINO\CASINOCLUB\CASINO.EXE

Trojan.Agent/Gen-FakeAlert[Local]
D:\USERS\KEVIN\APPDATA\LOCAL\TEMP\STO10\SETUP.EXE


Gruß Kevin

Alt 13.04.2011, 12:48   #15
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Javavirus? Ich bin mir nicht sicher! - Standard

Javavirus? Ich bin mir nicht sicher!



Sieht ok aus, da wurden nur Cookies/Fehlalarme gefunden.
Noch Probleme oder weitere Funde in der Zwischenzeit?
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Antwort

Themen zu Javavirus? Ich bin mir nicht sicher!
action, anti-malware, appdata, bösartige, cache, dateien, direkt, einfach, explorer, formatieren, formatieren?, guten, hoffe, java, leute, lieben, lösung, microsoft, minute, nicht sicher, problem, roaming, software, stunden, troja, version



Ähnliche Themen: Javavirus? Ich bin mir nicht sicher!


  1. Ich bin mir nicht Sicher, ob ich Sicher bin?
    Plagegeister aller Art und deren Bekämpfung - 08.08.2015 (12)
  2. Bin mir nicht sicher was es ist
    Plagegeister aller Art und deren Bekämpfung - 12.02.2015 (23)
  3. Avira hat JavaVirus und weitere Infektionen gefunden
    Plagegeister aller Art und deren Bekämpfung - 23.11.2013 (13)
  4. Programme nicht löschbar - Delta Search evtl. nicht sicher entfernt.
    Plagegeister aller Art und deren Bekämpfung - 26.05.2013 (17)
  5. Exploits EXP/CVE-2013-0422.I + Javavirus JAVA/Jogek.WW
    Log-Analyse und Auswertung - 21.02.2013 (19)
  6. Sicher ist sicher: Ressourcen rund um die Entwicklung sicherer Anwendungen
    Nachrichten - 11.12.2012 (0)
  7. Sicher ist sicher: Attack Surface Analyzer 1.0
    Nachrichten - 13.08.2012 (0)
  8. Facemoods - schädigend? (hijackthis) - sicher ist sicher
    Plagegeister aller Art und deren Bekämpfung - 02.09.2011 (13)
  9. Bluescreen, Systemabstürze, Javavirus und Trojaner Spyeye gefunden - Bitte um Hilfe!
    Plagegeister aller Art und deren Bekämpfung - 23.07.2011 (2)
  10. Ich bin mir nicht Sicher , Sauber ?
    Plagegeister aller Art und deren Bekämpfung - 25.06.2011 (2)
  11. ich bin mir da nicht sicher ^^
    Mülltonne - 26.11.2008 (0)
  12. Bin mir nicht sicher ...
    Mülltonne - 10.09.2008 (0)
  13. Computer nicht sicher
    Antiviren-, Firewall- und andere Schutzprogramme - 01.09.2008 (7)
  14. Trojaner ?! Bin mir nicht sicher
    Plagegeister aller Art und deren Bekämpfung - 01.06.2008 (1)
  15. Nicht sicher ob OK
    Log-Analyse und Auswertung - 27.02.2007 (8)
  16. CWS.XPSystem ??? Bin mir nicht sicher
    Log-Analyse und Auswertung - 27.03.2006 (11)
  17. Bin mir nicht sicher was es ist!
    Plagegeister aller Art und deren Bekämpfung - 05.12.2003 (1)

Zum Thema Javavirus? Ich bin mir nicht sicher! - Guten Abend liebe Leute, folgendes Problem: warebytes' Anti-Malware 1.46 www.malwarebytes.org Datenbank Version: 5044 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 08.04.2011 21:24:27 mbam-log-2011-04-08 (21-24-27).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Durchsuchte Objekte: - Javavirus? Ich bin mir nicht sicher!...
Archiv
Du betrachtest: Javavirus? Ich bin mir nicht sicher! auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.