| |
| |||||||
Log-Analyse und Auswertung: 3 Infektionen mit Malwarebytes gefunden. Noch mehr?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
03.05.2012, 14:54
| #1 |
 |  3 Infektionen mit Malwarebytes gefunden. Noch mehr? Hallo, Ich hatte das Gefuehl, dass der Rechner nicht mehr ganz optimal laeuft. Deshalb habe iche einen Scan mit Malwarebytes gemacht. Dabei wurden 3 Infektionen gefunden. Ich habe auf loeschen geklickt. Reicht das, oder gibt es noch mehr, was ich tun muss? Hier die erforderlichen Informationen entsprechend der Anleitung: 1. DDS: .DDS Logfile: Code:
ATTFilter DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_29
Run by Bro at 9:09:36 on 2012-05-03
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3956.2411 [GMT 2:00]
.
AV: Lavasoft Ad-Watch Live! Virenschutz *Enabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}
AV: Bitdefender Virenschutz *Enabled/Updated* {50909708-FF80-02AF-F814-B28405891E92}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Lavasoft Ad-Watch Live! *Enabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}
SP: Bitdefender Spyware-Schutz *Enabled/Updated* {EBF176EC-D9BA-0D21-C2A4-89F67E0E542F}
FW: Bitdefender Firewall *Enabled* {68AB162D-B5EF-03F7-D34B-1BB1FB5A59E9}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files\Bitdefender\Bitdefender 2012\vsserv.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\atieclxx.exe
C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwltry.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Bitdefender\Bitdefender 2012\bdagent.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Windows\SysWOW64\EloSrvce.exe
C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\Windows\system32\spool\DRIVERS\x64\3\HP1006MC.EXE
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
C:\Program Files\Bitdefender\Bitdefender 2012\updatesrv.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
D:\Programms on D\TrueCrypt.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\svchost.exe -k HPService
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\sysWow64\SearchProtocolHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\taskhost.exe
C:\Windows\splwow64.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
mStart Page = about:blank
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
uRun: [TrueCrypt] "D:\Programms on D\TrueCrypt.exe" /q preferences /a logon
mRun: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: An vorhandene PDF-Datei anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: In Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Linkziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{0D6B3A2C-EFE6-492F-8773-D271A4153DA8} : DhcpNameServer = 141.42.3.33 141.42.2.22
TCP: Interfaces\{29694DF3-1B17-4DB2-9273-B537D9C77A5D} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{29694DF3-1B17-4DB2-9273-B537D9C77A5D}\0516070756C62756968656 : DhcpNameServer = 192.168.178.1
TCP: Interfaces\{29694DF3-1B17-4DB2-9273-B537D9C77A5D}\24F647373686166647 : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{29694DF3-1B17-4DB2-9273-B537D9C77A5D}\3596475636F6D6734313449303 : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{29694DF3-1B17-4DB2-9273-B537D9C77A5D}\3596475636F6D6934434032343 : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{29694DF3-1B17-4DB2-9273-B537D9C77A5D}\64259445A51224F6870264F6E60275C414E40273131333 : DhcpNameServer = 192.168.178.1
TCP: Interfaces\{CAC49198-987D-4635-8C67-51AC97FDA001} : DhcpNameServer = 192.168.42.129
TCP: Interfaces\{FC985235-42D8-4DCD-A170-B21049B42ED3} : DhcpNameServer = 80.227.2.2 80.227.2.3
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO-X64: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO-X64: SmartSelect - No File
TB-X64: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
mRun-x64: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Bro\AppData\Roaming\Mozilla\Firefox\Profiles\23a5mxjj.Tor2\
FF - prefs.js: network.proxy.socks - 127.0.0.1
FF - prefs.js: network.proxy.socks_port - 9050
FF - prefs.js: network.proxy.type - 1
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll
FF - plugin: D:\Programms on D\VLC\npvlc.dll
.
============= SERVICES / DRIVERS ===============
.
R0 avc3;avc3;C:\Windows\system32\DRIVERS\avc3.sys --> C:\Windows\system32\DRIVERS\avc3.sys [?]
R0 Lbd;Lbd;C:\Windows\system32\DRIVERS\Lbd.sys --> C:\Windows\system32\DRIVERS\Lbd.sys [?]
R1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdfndisf6.sys [2012-4-20 90192]
R1 bdfwfpf;bdfwfpf;C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdfwfpf.sys [2012-4-20 103504]
R1 BDVEDISK;BDVEDISK;C:\Windows\system32\DRIVERS\bdvedisk.sys --> C:\Windows\system32\DRIVERS\bdvedisk.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service;C:\Program Files (x86)\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [2007-12-6 660768]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2011-12-23 98208]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04);C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE [2011-12-25 168448]
R2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04);C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [2011-12-25 131072]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2011-11-3 2152152]
R2 PassThru Service;Internet Pass-Through Service;C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2011-9-15 88576]
R2 TeamViewer6;TeamViewer 6;C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-7-18 2337144]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys --> C:\Windows\system32\DRIVERS\TurboB.sys [?]
R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-4-24 2320920]
R2 UPDATESRV;BitDefender Desktop Update Service;C:\Program Files\Bitdefender\Bitdefender 2012\updatesrv.exe [2012-4-20 66096]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atipmdag.sys --> C:\Windows\system32\DRIVERS\atipmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
R3 avchv;avchv Function Driver;C:\Windows\system32\DRIVERS\avchv.sys --> C:\Windows\system32\DRIVERS\avchv.sys [?]
R3 avckf;avckf;C:\Windows\system32\DRIVERS\avckf.sys --> C:\Windows\system32\DRIVERS\avckf.sys [?]
R3 btusbflt;Bluetooth USB Filter;C:\Windows\system32\drivers\btusbflt.sys --> C:\Windows\system32\drivers\btusbflt.sys [?]
R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys --> C:\Windows\system32\DRIVERS\btwl2cap.sys [?]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\system32\DRIVERS\CtClsFlt.sys --> C:\Windows\system32\DRIVERS\CtClsFlt.sys [?]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 huawei_enumerator;huawei_enumerator;C:\Windows\system32\DRIVERS\ew_jubusenum.sys --> C:\Windows\system32\DRIVERS\ew_jubusenum.sys [?]
R3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys --> C:\Windows\system32\DRIVERS\Impcd.sys [?]
R3 Lavasoft Kernexplorer;Lavasoft helper driver;C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys [2011-11-15 17152]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-7 253088]
S3 bdsandbox;bdsandbox;\??\C:\Windows\system32\drivers\bdsandbox.sys --> C:\Windows\system32\drivers\bdsandbox.sys [?]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;C:\Windows\system32\DRIVERS\ew_hwusbdev.sys --> C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [?]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-2-22 1038088]
S3 HTCAND64;HTC Device Driver;C:\Windows\system32\Drivers\ANDROIDUSB.sys --> C:\Windows\system32\Drivers\ANDROIDUSB.sys [?]
S3 htcnprot;HTC NDIS Protocol Driver;C:\Windows\system32\DRIVERS\htcnprot.sys --> C:\Windows\system32\DRIVERS\htcnprot.sys [?]
S3 ncplelhp;LANCOM Secure Client NDIS6 Driver;C:\Windows\system32\DRIVERS\ncplelhp.sys --> C:\Windows\system32\DRIVERS\ncplelhp.sys [?]
S3 OXSDIDRV_x64;Oxford Semi eSATA Filter (x64);C:\Windows\system32\DRIVERS\OXSDIDRV_x64.sys --> C:\Windows\system32\DRIVERS\OXSDIDRV_x64.sys [?]
S3 OXUDIDRV;OXUDIDRV;\??\C:\Windows\system32\Drivers\OXUDIDRV_X64.sys --> C:\Windows\system32\Drivers\OXUDIDRV_X64.sys [?]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys --> C:\Windows\system32\Drivers\RtsUStor.sys [?]
S3 SafeBox;SafeBox;C:\Program Files\Bitdefender\Bitdefender Safebox\safeboxservice.exe [2012-4-20 75384]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TurboBoost;TurboBoost;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-11-2 126352]
S3 Update Server;BitDefender Update Server v2;C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe [2012-4-20 466736]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2012-04-29 08:25:07 -------- d-----w- C:\Users\Bro\AppData\Roaming\tor
2012-04-29 08:24:45 -------- d-----w- C:\Users\Bro\AppData\Local\Vidalia
2012-04-20 12:14:04 -------- d-----w- C:\ProgramData\BDLogging
2012-04-20 12:10:03 691896 ----a-w- C:\Windows\System32\drivers\avc3.sys
2012-04-20 12:09:56 545064 ----a-w- C:\Windows\System32\drivers\avckf.sys
2012-04-20 12:09:37 329800 ----a-w- C:\Windows\System32\drivers\trufos.sys
2012-04-20 12:07:44 258736 ----a-w- C:\Windows\System32\drivers\avchv.sys
2012-04-20 12:07:39 90192 ----a-w- C:\Windows\System32\drivers\bdfndisf6.sys
2012-04-20 12:07:29 79952 ----a-w- C:\Windows\System32\drivers\bdsandbox.sys
2012-04-20 12:07:16 442088 ----a-w- C:\Windows\System32\drivers\bdfsfltr.sys
2012-04-20 11:58:25 307684 ----a-w- C:\ProgramData\1334921041.bdinstall.bin
2012-04-20 11:39:02 -------- d-----w- C:\BDLOGS
2012-04-20 11:35:24 -------- d-----w- C:\Users\Bro\AppData\Roaming\Bitdefender
2012-04-20 11:35:16 -------- d-----w- C:\ProgramData\Bitdefender
2012-04-20 11:24:35 -------- d-----w- C:\Program Files\Bitdefender
2012-04-14 07:38:23 5559152 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-04-14 07:38:22 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-04-14 07:38:22 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-04-14 07:35:08 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2012-04-14 07:35:07 81408 ----a-w- C:\Windows\System32\imagehlp.dll
2012-04-14 07:35:07 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2012-04-14 07:35:05 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2012-04-14 07:35:05 5120 ----a-w- C:\Windows\System32\wmi.dll
2012-04-14 07:35:05 220672 ----a-w- C:\Windows\System32\wintrust.dll
2012-04-14 07:35:05 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll
2012-04-07 14:11:43 418464 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-04-04 09:44:42 -------- d-----w- C:\Users\Bro\AppData\Roaming\SAS
2012-04-04 09:44:17 -------- d-----w- C:\ProgramData\SAS
2012-04-04 09:43:38 306688 ----a-w- C:\Windows\IsUninst.exe
2012-04-04 09:37:22 638464 ------w- C:\Windows\SysWow64\oc30.dll
2012-04-04 09:37:21 13600 ------w- C:\Windows\SysWow64\sasperf.dll
2012-04-04 09:37:21 133904 ------w- C:\Windows\SysWow64\mfcans32.dll
2012-04-04 08:49:21 -------- d-----w- C:\Program Files\SAS
2012-04-04 08:48:48 974848 ----a-w- C:\Windows\SysWow64\mfc70.dll
2012-04-04 08:48:48 964608 ----a-w- C:\Windows\SysWow64\mfc70u.dll
2012-04-04 08:48:48 84992 ----a-w- C:\Windows\SysWow64\atl70.dll
2012-04-04 08:48:48 54784 ----a-w- C:\Windows\SysWow64\msvci70.dll
2012-04-04 08:48:48 487424 ----a-w- C:\Windows\SysWow64\msvcp70.dll
2012-04-04 08:48:48 344064 ----a-w- C:\Windows\SysWow64\msvcr70.dll
2012-04-04 08:47:43 -------- d-----w- C:\Program Files (x86)\SAS
2012-04-04 08:44:12 77824 ------w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2012-04-04 08:44:12 32768 ------w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2012-04-04 08:44:12 225280 ------w- C:\Program Files (x86)\Common Files\InstallShield\IScript\iscript.dll
2012-04-04 08:44:12 176128 ------w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2012-04-04 05:53:56 182160 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll
.
==================== Find3M ====================
.
2012-04-20 11:15:17 552497 ----a-w- C:\ProgramData\bdinstall.bin
2012-04-14 14:08:01 70304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-03-05 14:03:43 205 ----a-w- C:\Windows\SysWow64\lsprst7.dll
2012-02-28 06:56:48 2311168 ----a-w- C:\Windows\System32\jscript9.dll
2012-02-28 06:49:56 1390080 ----a-w- C:\Windows\System32\wininet.dll
2012-02-28 06:48:57 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-02-28 06:42:55 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-02-28 01:18:55 1799168 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-02-28 01:11:21 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-02-28 01:11:07 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-02-28 01:03:16 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-02-17 06:38:26 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2012-02-17 05:34:22 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2012-02-17 04:58:24 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2012-02-17 04:57:32 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2012-02-10 06:36:07 1544192 ----a-w- C:\Windows\System32\DWrite.dll
2012-02-10 05:38:43 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll
2012-02-07 09:02:40 1070352 ----a-w- C:\Windows\SysWow64\MSCOMCTL.OCX
.
============= FINISH: 9:11:56,19 ===============
2. Attach log siehe Anhang 3. Malwarebytes log siehe Anhang 4. OTL log siehe Anhang 5. Extras log siehe Anhang Vielen Dank bereits vorab! Eddi Geändert von edlarge (03.05.2012 um 15:06 Uhr) |
| Themen zu 3 Infektionen mit Malwarebytes gefunden. Noch mehr? |
| acrobat update, ad-aware, adobe, adobe flash player, defender, device driver, excel, explorer, firefox, firewall, flash player, helper, home, hook, hängen, monitor, mozilla, notification, pdf, plug-in, preferences, realtek, scan, schutz, security, software, svchost.exe, system, windows, windows 7 home, wlan |
Baum-Darstellung