GMER Logfile:

Code: Alles auswählenAufklappen

ATTFilter

GMER 1.0.15.15627 - GMER - Rootkit Detector and Remover
Rootkit scan 2011-05-19 11:42:49
Windows 6.1.7600  Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 Hitachi_HTS725025A9A364 rev.PC2OC70E
Running: 0e9dd4x4.exe; Driver: C:\Users\bga\AppData\Local\Temp\uwldqpow.sys


---- Kernel code sections - GMER 1.0.15 ----

.text                                                                                                                                 ntkrnlpa.exe!ZwSaveKeyEx + 13BD                                                                  82E53589 1 Byte  [06]
.text                                                                                                                                 ntkrnlpa.exe!KiDispatchInterrupt + 5A2                                                           82E78092 19 Bytes  [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
?                                                                                                                                     C:\windows\System32\Drivers\SafeBoot.sys                                                         Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
.text                                                                                                                                 C:\windows\system32\DRIVERS\atikmdag.sys                                                         section is writeable [0x8FA1C000, 0x2D5526, 0xE8000020]
.text                                                                                                                                 C:\windows\system32\drivers\hardlock.sys                                                         section is writeable [0xAA211400, 0x87EE2, 0xE8000020]
.protectÿÿÿÿhardlockentry point in ".protectÿÿÿÿhardlockentry point in ".protectÿÿÿÿhardlockentry point in ".p" section [0xAA2B5620]  C:\windows\system32\drivers\hardlock.sys                                                         entry point in ".protectÿÿÿÿhardlockentry point in ".protectÿÿÿÿhardlockentry point in ".p" section [0xAA2B5620]
.protectÿÿÿÿhardlockunknown last code section [0xAA2B5400, 0x5126, 0xE0000020]                                                        C:\windows\system32\drivers\hardlock.sys                                                         unknown last code section [0xAA2B5400, 0x5126, 0xE0000020]

---- Devices - GMER 1.0.15 ----

AttachedDevice                                                                                                                        \Driver\kbdclass \Device\KeyboardClass0                                                          Wdf01000.sys (Kernelmodustreiber-Frameworklaufzeit/Microsoft Corporation)
AttachedDevice                                                                                                                        \Driver\kbdclass \Device\KeyboardClass1                                                          Wdf01000.sys (Kernelmodustreiber-Frameworklaufzeit/Microsoft Corporation)
AttachedDevice                                                                                                                        \Driver\tdx \Device\Tcp                                                                          mfetdik.sys (Anti-Virus Mini-Firewall Driver/McAfee, Inc.)
AttachedDevice                                                                                                                        \Driver\volmgr \Device\HarddiskVolume1                                                           fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice                                                                                                                        \Driver\volmgr \Device\HarddiskVolume2                                                           fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice                                                                                                                        \Driver\volmgr \Device\HarddiskVolume3                                                           fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice                                                                                                                        \Driver\volmgr \Device\HarddiskVolume4                                                           fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

Device                                                                                                                                \Driver\ACPI_HAL \Device\00000074                                                                halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)

AttachedDevice                                                                                                                        \Driver\tdx \Device\Udp                                                                          mfetdik.sys (Anti-Virus Mini-Firewall Driver/McAfee, Inc.)
AttachedDevice                                                                                                                        \FileSystem\fastfat \Fat                                                                         fltmgr.sys (Microsoft Dateisystem-Filter-Manager/Microsoft Corporation)

---- Registry - GMER 1.0.15 ----

Reg                                                                                                                                   HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0027135da290                      
Reg                                                                                                                                   HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0027135da290 (not active ControlSet)  

---- EOF - GMER 1.0.15 ----
         

--- --- ---

Wieso den nochmal GMER??

Sorry mein Fehler!

Wenn ich das OSAM herunterladen wil, kommt immer ein Fenster, Thank you for Trying Win Zip. Buy now.

Muss ich dies kaufen?

Sorry

Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden!!! KEIN WINZIP!!
Winzip kannst du deinstallieren!

Hat funktioniert!! Danke

Anbei das Log

OSAM Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Report of OSAM: Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 16:16:02 on 19.05.2011

OS: Windows 7 Home Premium Edition (Build 7600), 32-bit
Default Browser: Microsoft Corporation Internet Explorer 8.00.7600.16385

Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures

Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries


[AppInit DLLs]
-----( HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows )-----
"AppInit_DLLs" - "Bioscrypt Inc." - C:\PROGRA~1\HEWLET~1\IAM\Bin\APSHook.dll

[Common]
-----( %SystemRoot%\Tasks )-----
"GoogleUpdateTaskMachineCore1cc10af481fed05.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"GoogleUpdateTaskMachineUA1cc10af49236303.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe

[Control Panel Objects]
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )-----
"HP 3D DriveGuard" - "Hewlett-Packard" - C:\Program Files\Hewlett-Packard\HP 3D DriveGuard\hpaccelerometercp.CPL

[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"avgio" (avgio) - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\avgio.sys
"avgntflt" (avgntflt) - "Avira GmbH" - C:\windows\System32\DRIVERS\avgntflt.sys
"avipbb" (avipbb) - "Avira GmbH" - C:\windows\System32\DRIVERS\avipbb.sys
"catchme" (catchme) - ? - C:\Users\bga\AppData\Local\Temp\catchme.sys  (File not found)
"RsvLock" (RsvLock) - "SafeBoot International" - C:\windows\system32\drivers\RsvLock.sys
"SafeBoot" (SafeBoot) - "SafeBoot International" - C:\windows\system32\drivers\SafeBoot.sys  (File is exclusively opened, access blocked)
"SbAlg" (SbAlg) - "SafeBoot N.V." - C:\windows\system32\drivers\SbAlg.sys
"SbFsLock" (SbFsLock) - "SafeBoot International" - C:\windows\system32\drivers\SbFsLock.sys
"ssmdrv" (ssmdrv) - "Avira GmbH" - C:\windows\System32\DRIVERS\ssmdrv.sys

[Explorer]
-----( HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components )-----
{10880D85-AAD9-4558-ABDC-2AB1552D831F} "LightScribe Control Panel" - "Hewlett-Packard Company" - "C:\Program Files\Common Files\LightScribe\LSRunOnce.exe"
-----( HKLM\Software\Classes\Protocols\Handler )-----
{3D9F03FA-7A94-11D3-BE81-0050048385D1} "Data Page Pluggable Protocol mso-offdap Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL
{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
{828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL
{828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL
{03C514A3-1EFB-4856-9F99-10D7BE1653C0} "Windows Live Mail HTML Asynchronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\Program Files\Windows Live\Mail\mailcomm.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{0563DB41-F538-4B37-A92D-4659049B7766} "CLSID_WLMCMimeFilter" - "Microsoft Corporation" - C:\Program Files\Windows Live\Mail\mailcomm.dll
{872A9397-E0D6-4e28-B64D-52B8D0A7EA35} "DisplayCplExt Class" - "Advanced Micro Devices, Inc." - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiamaxx.dll
{42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office10\msohev.dll
{7842554E-6BED-11D2-8CDB-B05550C10000} "Monitor Class" - "Broadcom Corporation." - C:\Program Files\WIDCOMM\Bluetooth Software\btncopy.dll
{0006F045-0000-0000-C000-000000000046} "Outlook-Dateisymbolerweiterung" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office10\OLKFSTUB.DLL
{45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\shlext.dll
{5E2121EE-0300-11D4-8D3B-444553540000} "SimpleShlExt Class" - "Advanced Micro Devices, Inc." - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll
{BDEADF00-C265-11D0-BCED-00A0C90AB50F} "Webordner" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL
{2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} "Windows Live Photo Gallery Autoplay Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} "Windows Live Photo Gallery Editor Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} "Windows Live Photo Gallery Editor Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F30F90-3E96-453B-AFCD-D71989ECC2C7} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F33137-EE26-412F-8D71-F84E4C2C6625} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F374B7-B390-4884-B372-2FC349F2172B} "Windows Live Photo Gallery Viewer Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F346CB-35A4-465B-8B8F-65A29DBAB1F6} "Windows Live Photo Gallery Viewer Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - "Alexander Roshal" - C:\Program Files\WinRAR\rarext.dll
{06A2568A-CED6-4187-BB20-400B8C02BE5A} "{06A2568A-CED6-4187-BB20-400B8C02BE5A}" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe

[Internet Explorer]
-----( HKCU\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
"InterCasino Deutschland" - ? - hxxp://deutsch.intercasino.com/?utm_source=download-  (HTTP value)
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
<binary data> "&Windows Live Toolbar" - "Microsoft Corporation" - C:\Program Files\Windows Live\Toolbar\wltcore.dll
<binary data> "Google Toolbar" - "Google Inc." - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
ITBar7Height "ITBar7Height" - ? -   (File not found | COM-object registry key not found)
<binary data> "ITBar7Layout" - ? -   (File not found | COM-object registry key not found)
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
{E008A543-CEFB-4559-912F-C27C2B89F13B} "Domino Web Access 7 Control" - "IBM Corporation" - C:\Windows\Downloaded Program Files\dwa7W.dll / https://domino1.protectas.com/dwa7W.cab
{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_21" - "Oracle" - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} "Java Plug-in 1.6.0_21" - "Oracle" - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_21" - "Oracle" - C:\Program Files\Java\jre6\bin\npjpi160_21.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
{7530BFB8-7293-4D34-9923-61A11451AFC5} "{7530BFB8-7293-4D34-9923-61A11451AFC5}" - ? -   (File not found | COM-object registry key not found) / hxxp://download.eset.com/special/eos-beta/OnlineScanner.cab
{E2883E8F-472F-4FB0-9522-AC9BF37916A7} "{E2883E8F-472F-4FB0-9522-AC9BF37916A7}" - ? -   (File not found | COM-object registry key not found) / hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
"@C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015" - ? - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
{5F7B1267-94A9-47F5-98DB-E99415F33AEC} "In Blog veröffentlichen" - "Microsoft Corporation" - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )-----
<binary data> "&Windows Live Toolbar" - "Microsoft Corporation" - C:\Program Files\Windows Live\Toolbar\wltcore.dll
<binary data> "Google Toolbar" - "Google Inc." - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
{0BF43445-2F28-4351-9252-17FE6E806AA0} "McAfee SiteAdvisor" - ? -   (File not found | COM-object registry key not found)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{DF21F1DB-80C6-11D3-9483-B03D0EC10000} "Credential Manager for HP ProtectTools" - "Bioscrypt Inc." - C:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll
{AA58ED58-01DD-4d91-8333-CF10577473F7} "Google Toolbar Helper" - "Google Inc." - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} "Google Toolbar Notifier BHO" - "Google Inc." - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Oracle" - C:\Program Files\Java\jre6\bin\jp2ssv.dll
{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} "Search Helper" - "Microsoft Corporation" - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
{9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live ID-Anmelde-Hilfsprogramm" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} "Windows Live Toolbar Helper" - "Microsoft Corporation" - C:\Program Files\Windows Live\Toolbar\wltcore.dll
{5C255C8A-E604-49b4-9D64-90988571CECB} "{5C255C8A-E604-49b4-9D64-90988571CECB}" - ? -   (File not found | COM-object registry key not found)

[LSA Providers]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Lsa )-----
"Security Packages" - "Microsoft Corporation" - C:\windows\system32\livessp.dll

[Logon]
-----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\Users\bga\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
"Bluetooth.lnk" - "Broadcom Corporation." - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe  (Shortcut exists | File exists)
"Microsoft Office.lnk" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office10\OSA.EXE  (Shortcut exists | File exists)
-----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )-----
"AccelerometerSysTrayApplet" - "Hewlett-Packard" - "C:\Program Files\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.Exe" 
"HPADVISOR" - "Hewlett-Packard" - C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW
"LightScribe Control Panel" - "Hewlett-Packard Company" - C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
"msnmsgr" - "Microsoft Corporation" - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
"swg" - "Google Inc." - "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
-----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )-----
"StartupPrograms" - ? - rdpclip  (File not found)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"accrdsub" - "ActivIdentity" - "C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe"
"acevents" - "ActivIdentity" - "C:\Program Files\ActivIdentity\ActivClient\acevents.exe"
"avgnt" - "Avira GmbH" - "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
"CognizanceTS" - "Bioscrypt Inc." - rundll32.exe C:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll,RegisterModule
"HP Software Update" - "Hewlett-Packard" - c:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
"PDF Complete" - "PDF Complete Inc" - C:\Program Files\PDF Complete\pdfsty.exe
"PTHOSTTR" - "Hewlett-Packard Development Company, L.P." - C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start
"QlbCtrl.exe" - " Hewlett-Packard Development Company, L.P." - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
"StartCCC" - "Advanced Micro Devices, Inc." - "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
"SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
"WirelessAssistant" - "Hewlett-Packard" - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

[Print Monitors]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )-----
"PDFC" - "PDF Complete, Inc." - C:\windows\system32\pdfc_port.dll

[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"ActivIdentity Shared Store Service" (ac.sharedstore) - "ActivIdentity" - C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe
"AuthenTec Fingerprint Service" (ATService) - "AuthenTec, Inc." - C:\Program Files\Fingerprint Sensor\AtService.exe
"Avira AntiVir Guard" (AntiVirService) - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
"Avira AntiVir Planer" (AntiVirSchedulerService) - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\sched.exe
"Bluetooth Service" (btwdins) - "Broadcom Corporation." - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
"Com4QLBEx" (Com4QLBEx) - "Hewlett-Packard Development Company, L.P." - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
"Drive Encryption Service" (HpFkCryptService) - "McAfee, Inc." - C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
"Google Software Updater" (gusvc) - "Google" - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
"Google Update Service (gupdate)" (gupdate) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"Google Update-Dienst (gupdatem)" (gupdatem) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"HP Health Check Service" (HP Health Check Service) - "Hewlett-Packard Company" - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
"HP ProtectTools Service" (HP ProtectTools Service) - "Hewlett-Packard Development Company, L.P" - C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe
"HP Quick Synchronization Service" (HPDrvMntSvc.exe) - "Hewlett-Packard Company" - C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
"HP Software Framework Service" (hpqwmiex) - "Hewlett-Packard Company" - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
"LightScribeService Direct Disc Labeling Service" (LightScribeService) - "Hewlett-Packard Company" - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
"Logon Session Broker" (ASBroker) - "Bioscrypt Inc." - C:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll
"Lokaler Verbindungskanal" (ASChannel) - "Bioscrypt Inc." - C:\Program Files\Hewlett-Packard\IAM\Bin\AsChnl.dll
"Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
"PDF Document Manager" (pdfcDispatcher) - "PDF Complete Inc" - C:\Program Files\PDF Complete\pdfsvc.exe
"SeaPort" (SeaPort) - "Microsoft Corporation" - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
"Windows Live ID Sign-in Assistant" (wlidsvc) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

[Winlogon]
-----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions )-----
{8F51D94E-8B89-4844-B15C-9C049BA0F49F} "DLLName" - "Bioscrypt Inc." - C:\Program Files\Hewlett-Packard\IAM\Bin\ItVCard.dll

[Winsock Providers]
-----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )-----
"WindowsLive Local NSP" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
"WindowsLive NSP" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL

===[ Logfile end ]=========================================[ Logfile end ]===
         

--- --- ---

If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru

Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!

läuft...
werde es möglichst schnell ins netz stellen.

Hallo
Anbei das Log von Malwarebyte. Das andere folgt

Malwarebytes' Anti-Malware 1.50.1.1100
Malwarebytes : Free anti-malware, anti-virus and spyware removal download

Datenbank Version: 6617

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

19.05.2011 17:10:29
mbam-log-2011-05-19 (17-10-29).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|E:\|)
Durchsuchte Objekte: 279584
Laufzeit: 31 Minute(n), 0 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)