GUV-Trojaner

aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-03-13 19:11:54
-----------------------------
19:11:54.936    OS Version: Windows x64 6.1.7601 Service Pack 1
19:11:54.936    Number of processors: 4 586 0x503
19:11:54.936    ComputerName: ***-PC  UserName: ***
19:11:57.323    Initialize success
19:12:07.869    AVAST engine defs: 13031300
19:12:35.283    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000054
19:12:35.283    Disk 0 Vendor: Hitachi_ JC4O Size: 953869MB BusType: 11
19:12:35.314    Disk 0 MBR read successfully
19:12:35.314    Disk 0 MBR scan
19:12:35.330    Disk 0 unknown MBR code
19:12:35.330    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 2048
19:12:35.377    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       911782 MB offset 206848
19:12:35.424    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS        40960 MB offset 1867536384
19:12:35.455    Disk 0 Partition 4 00     12  Compaq diag NTFS         1025 MB offset 1951422464
19:12:35.580    Disk 0 scanning C:\Windows\system32\drivers
19:12:52.522    Service scanning
19:13:37.567    Modules scanning
19:13:37.583    Disk 0 trace - called modules:
19:13:38.113    ntoskrnl.exe CLASSPNP.SYS disk.sys amd_xata.sys storport.sys hal.dll amd_sata.sys 
19:13:38.129    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800498f790]
19:13:38.145    3 CLASSPNP.SYS[fffff8800145143f] -> nt!IofCallDriver -> [0xfffffa80039f3040]
19:13:38.145    5 amd_xata.sys[fffff880010b97a8] -> nt!IofCallDriver -> \Device\00000054[0xfffffa80048bb9c0]
19:13:40.422    AVAST engine scan C:\Windows
19:13:45.882    AVAST engine scan C:\Windows\system32
19:17:40.397    AVAST engine scan C:\Windows\system32\drivers
19:17:57.729    AVAST engine scan C:\Users\***
20:16:41.309    AVAST engine scan C:\ProgramData
20:21:06.512    Scan finished successfully
20:23:04.355    Disk 0 MBR has been saved successfully to "C:\Users\***\Desktop\MBR.dat"
20:23:04.365    The log file has been saved successfully to "C:\Users\***\Desktop\aswMBR.txt"
         

ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=1d6b6ad2d1630b439a9cd8af0e1868b9
# engine=13375
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-03-13 09:07:33
# local_time=2013-03-13 10:07:33 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1799 16775165 100 96 16357 228628543 9129 0
# compatibility_mode=5893 16776573 100 94 16260 114838703 0 0
# scanned=212914
# found=2
# cleaned=0
# scan_time=5267
sh=B860CE3E4781AAB7376A2C7A78F9C3E5E3FF7473 ft=0 fh=0000000000000000 vn="HTML/Ransom.B trojan" ac=I fn="C:\ProgramData\szverbmcrwkykfs\main.html"
sh=B860CE3E4781AAB7376A2C7A78F9C3E5E3FF7473 ft=0 fh=0000000000000000 vn="HTML/Ransom.B trojan" ac=I fn="C:\Users\All Users\szverbmcrwkykfs\main.html"
         

 Results of screen317's Security Check version 0.99.59  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 9  
``````````````Antivirus/Firewall Check:`````````````` 
Avira Desktop   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 MVPS Hosts File  
 Malwarebytes Anti-Malware Version 1.70.0.1100  
 Java(TM) 6 Update 22  
 Java(TM) 6 Update 24  
 Java version out of Date! 
 Adobe Flash Player 11.6.602.180  
 Adobe Reader 10.1.6 Adobe Reader out of Date!  
 Google Chrome 7.0.517.43  
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbamgui.exe  
 Avira Antivir avgnt.exe 
 Avira Antivir avguard.exe 
 Malwarebytes' Anti-Malware mbamscheduler.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````