![]() |
|
Log-Analyse und Auswertung: Virus oder unerwünschtes Programm ' BOO/TDss.O' wurde von Antivir gefundenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
![]() | #1 |
![]() | ![]() Virus oder unerwünschtes Programm ' BOO/TDss.O' wurde von Antivir gefunden Hey, erst einmal muss ich sagen, dass ich kaum Ahnung von PC's habe und deshalb etwas aufgeschmissen bin. Seit circa 2 wochen hab ich einen Virus auf meinem Laptop und Antivir kann ihn nicht entfernen. Antivir zeigt mir jedesmal wenn ich meinen Laptop hochfahre an, dass ein Virus oder unerwünschtes Programm gefunden wurde 'BOO/TDss.O' oder ' TR/Crypt.XPACK.Gen'. In meiner Startleiste sind alle meine Symbole und Programme verschwunden, mein Desktophintergrund ist schwarz geworden und einige meiner Desktopsymbole sind auch nicht mehr da. Ins Internet komm ich nur noch auf Umwegen, da ich nur noch die Dateien/ Programme öffnen kann, die auf meinem Desktop angezeigt werden. Ich hab jetzt die Logdateien erstellt und hoffe ihr könnt mir weiterhelfen ![]() Liebe Grüße und schon mal Danke im Vorraus, Anna Hier ist dds.txt . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 Run by Anna at 15:57:53 on 2012-02-06 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.4007.2373 [GMT -5:00] . AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C} SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: PC Tools Firewall Plus *Enabled* {175D0B73-9F8F-2CA9-8BF1-62277A276DC9} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\WLANExt.exe C:\Windows\system32\conhost.exe C:\Program Files (x86)\PHotkey\ASLDRSrv.exe C:\Program Files (x86)\PHotkey\GFNEXSrv.exe C:\Windows\System32\spoolsv.exe C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\system32\CxAudMsg64.exe C:\Program Files\Intel\WiFi\bin\EvtEng.exe C:\Program Files (x86)\PC Tools Firewall Plus\FWService.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\watchmi\TvdService.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\PHotkey\PHotkey.exe C:\Program Files (x86)\PHotkey\MsgTranAgt.exe C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\FSP\FspUip.exe C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe C:\Users\Anna\AppData\Local\dplaysvr.exe C:\Users\Anna\AppData\Roaming\Apo\houpxo.exe C:\Windows\SysWOW64\runonce.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe C:\Windows\system32\conhost.exe C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files (x86)\CyberLink\Shared files\brs.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\PHotkey\PVDesktop.exe C:\Windows\servicing\TrustedInstaller.exe C:\Program Files (x86)\PHotkey\POSD.exe C:\Program Files (x86)\PHotkey\PVDAgent.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\wuauclt.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\REGSVR32.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=MDND&bmod=MDND uInternet Settings,ProxyOverride = *.local BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun uRun: [winupd] C:\Users\Anna\AppData\Local\Temp:winupd.exe uRun: [PIFoHdCpFL.exe] C:\ProgramData\PIFoHdCpFL.exe uRun: [dplaysvr] C:\Users\Anna\AppData\Local\dplaysvr.exe uRun: [machst] C:\Users\Anna\AppData\Roaming\machst.exe uRun: [{7C50133E-ED51-58A4-66AA-5B5437F2308E}] C:\Users\Anna\AppData\Roaming\Apo\houpxo.exe mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" mRun: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" mRun: [YouCam Mirage] "C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe" mRun: [YouCam Tray] "C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe" /s mRun: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: Free YouTube to MP3 Converter - C:\Users\Anna\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html IE: Nach Microsoft &Excel exportieren - C:\PROGRA~2\MICROS~3\OFFICE11\EXCEL.EXE/3000 IE: {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~3\OFFICE11\REFIEBAR.DLL IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab TCP: DhcpNameServer = 192.168.1.1 71.250.0.12 TCP: Interfaces\{02BF71B6-BE6C-4740-9949-D4D49548E119} : DhcpNameServer = 192.168.1.1 71.250.0.12 Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll {18DF081C-E8AD-4283-A596-FA578C2EBDC3} {53707962-6F74-2D53-2644-206D7942484F} {9030D464-4C02-4ABF-8ECC-5164760863C6} {DBC80044-A445-435b-BC74-9C25C1C588A9} mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe mRun-x64: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" mRun-x64: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" mRun-x64: [YouCam Mirage] "C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe" mRun-x64: [YouCam Tray] "C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe" /s mRun-x64: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe mRun-x64: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min IE-X64: {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 IE-X64: {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Anna\AppData\Roaming\Mozilla\Firefox\Profiles\f1x0zstb.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/ FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll . ---- FIREFOX POLICIES ---- FF - user.js: network.cookie.cookieBehavior - 0 FF - user.js: privacy.clearOnShutdown.cookies - false FF - user.js: security.warn_viewing_mixed - false FF - user.js: security.warn_viewing_mixed.show_once - false FF - user.js: security.warn_submit_insecure - false FF - user.js: security.warn_submit_insecure.show_once - false . ============= SERVICES / DRIVERS =============== . R1 avkmgr;avkmgr;C:\Windows\system32\DRIVERS\avkmgr.sys --> C:\Windows\system32\DRIVERS\avkmgr.sys [?] R1 pctgntdi;pctgntdi;\??\C:\Windows\System32\drivers\pctgntdi64.sys --> C:\Windows\System32\drivers\pctgntdi64.sys [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928] R2 AntiVirSchedulerService;Avira Planer;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2011-10-20 86224] R2 AntiVirService;Avira Echtzeit Scanner;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2011-10-20 110032] R2 avgntflt;avgntflt;C:\Windows\system32\DRIVERS\avgntflt.sys --> C:\Windows\system32\DRIVERS\avgntflt.sys [?] R2 CxAudMsg;Conexant Audio Message Service;C:\Windows\system32\CxAudMsg64.exe --> C:\Windows\system32\CxAudMsg64.exe [?] R2 GFNEXSrv;GFNEX Service;C:\Program Files (x86)\PHotkey\GFNEXSrv.exe [2011-3-29 159752] R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-3-29 13336] R2 PCToolsFirewallPlus;PC Tools Firewall Plus;C:\Program Files (x86)\PC Tools Firewall Plus\FWService.exe [2011-10-22 286000] R2 PEGAGFN;PEGAGFN;C:\Program Files (x86)\PHotkey\PEGAGFN.sys [2011-3-29 14344] R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2011-12-18 1153368] R2 watchmi;watchmi service;C:\Program Files (x86)\watchmi\TvdService.exe [2010-12-6 62464] R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\system32\DRIVERS\clwvd.sys --> C:\Windows\system32\DRIVERS\clwvd.sys [?] R3 fspad_wlh64;Finger Sensing Pad Driver for Windows 2000/XP/Vista/Win7_wlh64;C:\Windows\system32\drivers\fspad_wlh64.sys --> C:\Windows\system32\drivers\fspad_wlh64.sys [?] R3 IntcDAud;Intel(R) Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?] R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\system32\DRIVERS\L1C62x64.sys --> C:\Windows\system32\DRIVERS\L1C62x64.sys [?] R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETwNs64.sys --> C:\Windows\system32\DRIVERS\NETwNs64.sys [?] R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\drivers\nusb3hub.sys --> C:\Windows\system32\drivers\nusb3hub.sys [?] R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\drivers\nusb3xhc.sys --> C:\Windows\system32\drivers\nusb3xhc.sys [?] R3 PCTFW-PacketFilter;PCTools Firewall - Packet filter driver;\??\C:\Windows\system32\drivers\pctNdis-PacketFilter64.sys --> C:\Windows\system32\drivers\pctNdis-PacketFilter64.sys [?] R3 pctNdisMP;PC Tools Driver;C:\Windows\system32\DRIVERS\pctNdis64.sys --> C:\Windows\system32\DRIVERS\pctNdis64.sys [?] R3 pctplfw;pctplfw;\??\C:\Windows\System32\drivers\pctplfw64.sys --> C:\Windows\System32\drivers\pctplfw64.sys [?] S2 CLKMSVC10_38F51D56;CyberLink Product - 2011/04/21 05:30:36;C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [2010-11-29 241648] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S3 AMPPAL;Intel(R) Centrino(R) Bluetooth 3.0 + High Speed Virtual Adapter;C:\Windows\system32\DRIVERS\AMPPAL.sys --> C:\Windows\system32\DRIVERS\AMPPAL.sys [?] S3 AmUStor;AM USB Stroage Driver;C:\Windows\system32\drivers\AmUStor.SYS --> C:\Windows\system32\drivers\AmUStor.SYS [?] S3 btmhsf;btmhsf;C:\Windows\system32\DRIVERS\btmhsf.sys --> C:\Windows\system32\DRIVERS\btmhsf.sys [?] S3 fspad_xp64;Finger Sensing Pad Driver for Windows 2000/XP/Vista/Win7_xp64;C:\Windows\system32\drivers\fspad_xp64.sys --> C:\Windows\system32\drivers\fspad_xp64.sys [?] S3 iBtFltCoex;iBtFltCoex;C:\Windows\system32\DRIVERS\iBtFltCoex.sys --> C:\Windows\system32\DRIVERS\iBtFltCoex.sys [?] S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-1-5 340240] S3 pctNdis;PC Tools Firewall Intermediate Filter Service;C:\Windows\system32\DRIVERS\pctNdis64.sys --> C:\Windows\system32\DRIVERS\pctNdis64.sys [?] S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?] S3 WatAdminSvc;Windows-Aktivierungstechnologieservice;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] S3 WSDPrintDevice;WSD-Druckunterstützung durch UMB;C:\Windows\system32\DRIVERS\WSDPrint.sys --> C:\Windows\system32\DRIVERS\WSDPrint.sys [?] S3 wsvd;wsvd;C:\Windows\system32\DRIVERS\wsvd.sys --> C:\Windows\system32\DRIVERS\wsvd.sys [?] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] . =============== Created Last 30 ================ . 2012-01-26 17:52:43 457728 ----a-w- C:\ProgramData\abdnnVRIrbax.exe 2012-01-26 15:42:36 -------- d-----w- C:\Users\Anna\AppData\Roaming\Ehfaom 2012-01-26 15:42:35 -------- d-----w- C:\Users\Anna\AppData\Roaming\Apo 2012-01-26 15:42:26 38448 --sh--w- C:\Users\Anna\AppData\Local\dplayx.dll 2012-01-26 15:42:25 99888 --sh--w- C:\Users\Anna\AppData\Local\dplaysvr.exe 2012-01-22 02:17:34 -------- d-sh--w- C:\$RECYCLE.BIN 2012-01-22 00:15:01 98816 ----a-w- C:\Windows\sed.exe 2012-01-22 00:15:01 518144 ----a-w- C:\Windows\SWREG.exe 2012-01-22 00:15:01 256000 ----a-w- C:\Windows\PEV.exe 2012-01-22 00:15:01 208896 ----a-w- C:\Windows\MBR.exe 2012-01-21 22:01:39 -------- d-----w- C:\Users\Anna\AppData\Local\ElevatedDiagnostics 2012-01-11 03:30:51 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll 2012-01-11 03:30:51 366592 ----a-w- C:\Windows\System32\qdvd.dll 2012-01-11 03:30:51 1572864 ----a-w- C:\Windows\System32\quartz.dll 2012-01-11 03:30:51 1328128 ----a-w- C:\Windows\SysWow64\quartz.dll 2012-01-11 03:30:50 1731920 ----a-w- C:\Windows\System32\ntdll.dll 2012-01-11 03:30:50 1292080 ----a-w- C:\Windows\SysWow64\ntdll.dll 2012-01-11 03:30:44 77312 ----a-w- C:\Windows\System32\packager.dll 2012-01-11 03:30:44 67072 ----a-w- C:\Windows\SysWow64\packager.dll 2012-01-10 16:12:24 626688 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcr80.dll 2012-01-10 16:12:24 548864 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcp80.dll 2012-01-10 16:12:24 479232 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcm80.dll 2012-01-10 16:12:24 43992 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozutils.dll . ==================== Find3M ==================== . 2011-12-05 23:22:05 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2011-11-24 04:52:09 3145216 ----a-w- C:\Windows\System32\win32k.sys 2011-11-17 06:49:14 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys 2011-11-17 06:49:14 152432 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys 2011-11-17 06:44:43 459232 ----a-w- C:\Windows\System32\drivers\cng.sys 2011-11-17 06:35:28 395776 ----a-w- C:\Windows\System32\webio.dll 2011-11-17 06:35:26 29184 ----a-w- C:\Windows\System32\sspisrv.dll 2011-11-17 06:35:26 136192 ----a-w- C:\Windows\System32\sspicli.dll 2011-11-17 06:35:25 340992 ----a-w- C:\Windows\System32\schannel.dll 2011-11-17 06:35:25 28160 ----a-w- C:\Windows\System32\secur32.dll 2011-11-17 06:35:19 1447936 ----a-w- C:\Windows\System32\lsasrv.dll 2011-11-17 06:33:55 31232 ----a-w- C:\Windows\System32\lsass.exe 2011-11-17 05:35:02 314880 ----a-w- C:\Windows\SysWow64\webio.dll 2011-11-17 05:34:52 224768 ----a-w- C:\Windows\SysWow64\schannel.dll 2011-11-17 05:34:52 22016 ----a-w- C:\Windows\SysWow64\secur32.dll 2011-11-17 05:28:48 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll . ============= FINISH: 16:05:27,49 =============== und attach.txt . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 20.10.2011 12:20:26 System Uptime: 06.02.2012 15:40:35 (1 hours ago) . Motherboard: Medion | | E6221 Processor: Intel(R) Core(TM) i3-2310M CPU @ 2.10GHz | CPU 1 | 1092/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 435 GiB total, 363,669 GiB free. D: is FIXED (NTFS) - 30 GiB total, 10,138 GiB free. E: is CDROM () . ==== Disabled Device Manager Items ============= . Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318} Description: Microsoft-Adapter für Miniports virtueller WiFis Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&12B4799B&1&05 Manufacturer: Microsoft Name: Microsoft Virtual WiFi Miniport Adapter #2 PNP Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&12B4799B&1&05 Service: vwifimp . Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318} Description: Microsoft-Adapter für Miniports virtueller WiFis Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&12B4799B&1&06 Manufacturer: Microsoft Name: Microsoft-Adapter für Miniports virtueller WiFis PNP Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&12B4799B&1&06 Service: vwifimp . ==== System Restore Points =================== . RP22: 23.12.2011 01:05:52 - Geplanter Prüfpunkt RP23: 01.01.2012 08:37:04 - Geplanter Prüfpunkt RP24: 10.01.2012 23:27:00 - Windows Update RP25: 21.01.2012 19:15:40 - ComboFix created restore point RP26: 26.01.2012 10:41:29 - Windows Update RP27: 26.01.2012 12:45:39 - OTL Restore Point - 1/26/2012 12:45:35 PM RP28: 26.01.2012 13:13:48 - OTL Restore Point - 1/26/2012 1:13:42 PM . ==== Installed Programs ====================== . Adobe AIR Adobe Flash Player 10 ActiveX Adobe Reader X (10.1.2) MUI Alcor Micro USB Card Reader Apple Application Support Apple Software Update Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver Avira Free Antivirus Compatibility Pack für 2007 Office System Contrôle ActiveX Windows Live Mesh pour connexions à distance Control ActiveX de Windows Live Mesh para conexiones remotas Controlo ActiveX do Windows Live Mesh para Ligações Remotas CyberLink LabelPrint CyberLink Power2Go CyberLink PowerDVD 10 CyberLink PowerDVD Copy CyberLink PowerProducer CyberLink PowerRecover CyberLink YouCam D3DX10 Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsluge polaczen zdalnych Fotogalerija Windows Live Free YouTube to MP3 Converter version 3.10.11.923 Galeria de Fotografias do Windows Live Galeria fotografii uslugi Windows Live Galerie de photos Windows Live Galería fotográfica de Windows Live Intel(R) Processor Graphics Intel(R) Rapid Storage Technology Java Auto Updater Java(TM) 6 Update 24 Junk Mail filter update Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave Malwarebytes' Anti-Malware Version 1.51.2.1300 Medion Home Cinema Mesh Runtime Microsoft Office 2010 Microsoft Office Professional Edition 2003 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Mozilla Firefox 9.0.1 (x86 de) MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB973688) PC Tools Firewall Plus 7.0 PHotkey Poczta uslugi Windows Live Podstawowe programy Windows Live Pošta Windows Live Raccolta foto di Windows Live Renesas Electronics USB 3.0 Host Controller Driver S?????? f?t???af??? t?? Windows Live Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Skype™ 5.5 Sonos Desktop Controller Spelling Dictionaries Support For Adobe Reader X Spybot - Search & Destroy St???e?? e?????? ActiveX t?? Windows Live Mesh ??a ap?µa???sµ??e? s??d?se?? Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Uzak Baglantilar Için Windows Live Mesh ActiveX Denetimi Versandhelfer watchmi Windows Live Windows Live Communications Platform Windows Live Essentials Windows Live Fotótár Windows Live Fotogalerie Windows Live Fotograf Galerisi Windows Live Installer Windows Live Mail Windows Live Mesh Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen Windows Live Mesh ActiveX-objekt til fjernforbindelser Windows Live Mesh ActiveX-vezérlo távoli kapcsolatokhoz Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live Temel Parçalar Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources . ==== End Of File =========================== |
Themen zu Virus oder unerwünschtes Programm ' BOO/TDss.O' wurde von Antivir gefunden |
4d36e972-e325-11ce-bfc1-08002be10318, acrobat update, antivir, avgnt, avira, bonjour, combofix, converter, cpu, defender, excel, firefox, flash player, helper, home, internet, mozilla, mp3, plug-in, programm, realtek, scan, software, svchost.exe, system, tr/crypt.xpack.ge, tr/crypt.xpack.gen, usb, usb 3.0, virus, windows, windows 7 home, windows 7 home premium |