Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
AVIRA Meldung EXP/CVE-2010-4452

AVIRA Meldung EXP/CVE-2010-4452


Log-Analyse und Auswertung: AVIRA Meldung EXP/CVE-2010-4452

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 01.12.2013, 15:07   #1
nexxus88
 
AVIRA Meldung EXP/CVE-2010-4452 - Standard

AVIRA Meldung EXP/CVE-2010-4452


Hallo liebes Forum,

der Rechner von meiner Mutter hat heute über AVIRA, diesen Fund angezeigt: EXP/CVE-2010-4452 angezeigt, und noch zahlreiche Adwares. Lasse jetzt mal eine vollständigen Scan duchlaufen.
Hoffe ihr könnte mir weiterhelfen diese Malewares loszuwerden
Ich glaube Adwares sind nicht so schwer habe im Internet diese Programm gefunden welches die Adware entferen kann.
hxxp://www.chip.de/downloads/AdwCleaner_58118522.html
Meint ihr ich kann die Adwares darüber löschen bzw. unschädlich ? Und wie werde ich den oben genannten Fund wieder los ?

Achso nochwas dazu der Rechner piepst auch die ganze Zeit sehr komisch. Mit was kann das zusammen hängen ? Auch mit einer von diesen Malwares ?

Alt 01.12.2013, 15:34   #2
schrauber
/// the machine
/// TB-Ausbilder
 
AVIRA Meldung EXP/CVE-2010-4452 - Standard

AVIRA Meldung EXP/CVE-2010-4452


hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________
Alt 01.12.2013, 16:13   #3
nexxus88
 
AVIRA Meldung EXP/CVE-2010-4452 - Standard

AVIRA Meldung EXP/CVE-2010-4452


Okay soll ich noch warten bis AVIRA das System vollständig gecheckt hat ?

FRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 01-12-2013
Ran by Meltem at 2013-12-01 15:52:36
Running from C:\Users\Meltem\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: AntiVir Desktop (Enabled - Up to date) {090F9C29-64CE-6C6F-379C-5901B49A85B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AntiVir Desktop (Enabled - Up to date) {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}

==================== Installed Programs ======================

Adobe AIR (Version: 2.5.1.17730)
Adobe Flash Player 10 ActiveX (Version: 10.3.181.26)
Adobe Flash Player 10 Plugin (Version: 10.3.181.26)
Adobe Reader X (10.0.1) - Deutsch (Version: 10.0.1)
AM Usb Card Reader Driver (Version: 8.1366.6366.1299)
AmbionWizard (Version: 1.0.0)
Apple Application Support (Version: 2.3.2)
Apple Mobile Device Support (Version: 6.0.1.3)
Apple Software Update (Version: 2.1.3.127)
Ashampoo Burning Studio (Version: 9.23.0)
Ashampoo Photo Commander (Version: 8.3.2)
Ashampoo Photo Optimizer (Version: 3.12.0)
Ashampoo Snap (Version: 3.4.1)
Atheros WLAN and Bluetooth Client Installation Program (Version: 9.0)
Avira AntiVir Personal - Free Antivirus (Version: 10.2.0.2100)
BitGuard
Bonjour (Version: 3.0.0.10)
CCleaner (Version: 3.06)
CorelDRAW Essentials 4
CorelDRAW Essentials 4 - Content (Version: 4.0)
CorelDRAW Essentials 4 - Draw (Version: 4.0)
CorelDRAW Essentials 4 - Filters (Version: 4.0)
CorelDRAW Essentials 4 - ICA (Version: 4.0)
CorelDRAW Essentials 4 - IPM - No VBA (Version: 4.0)
CorelDRAW Essentials 4 - Lang BR (Version: 4.0)
CorelDRAW Essentials 4 - Lang DE (Version: 4.0)
CorelDRAW Essentials 4 - Lang EN (Version: 4.0)
CorelDRAW Essentials 4 - Lang ES (Version: 4.0)
CorelDRAW Essentials 4 - Lang FR (Version: 4.0)
CorelDRAW Essentials 4 - Lang IT (Version: 4.0)
CorelDRAW Essentials 4 - Lang NL (Version: 4.0)
CorelDRAW Essentials 4 - PHOTO-PAINT (Version: 4.0)
CorelDRAW Essentials 4 - Windows Shell Extension
CorelDRAW Essentials 4 - Windows Shell Extension (Version: 1.1)
CorelDRAW Essentials 4 (Version: 4.0)
CyberLink PowerDVD 10 (Version: 10.0.2312.02)
CyberLink YouCam (Version: 3.1.3428)
CyberLink YouPaint (Version: 1.2.1928)
D3DX10 (Version: 15.4.2368.0902)
DealPly (remove only) (Version: 4.8.6.1)
Delta Chrome Toolbar
Delta toolbar   (Version: 1.8.21.5)
DeltaVision WallPaperChanger 1.3 (Version: 1.3)
Finger Sensing Pad Driver (Version: 8.7.6.3)
Free Audio CD Burner version 1.4.8
Free YouTube to MP3 Converter version 3.9.38.517
Fresco Logic USB3.0 Host Controller (Version: 3.0.110.12)
Glary Utilities 2.38.0.1288 (Version: 2.38.0.1288)
Google Chrome (Version: 31.0.1650.57)
Google Update Helper (Version: 1.3.21.165)
Hotkey (Version: 1.0.0.6T4)
Instant-On Utilities v1.2
Intel(R) Graphics Media Accelerator Driver (Version: 8.14.10.2230)
IrfanView (remove only) (Version: 4.28)
iTunes (Version: 11.0.1.12)
Java Auto Updater (Version: 2.0.5.1)
Java(TM) 6 Update 22 (Version: 6.0.220)
Java(TM) 6 Update 26 (Version: 6.0.260)
Junk Mail filter update (Version: 15.4.3502.0922)
Malwarebytes' Anti-Malware Version 1.51.0.1200 (Version: 1.51.0.1200)
Medion Home Cinema (Version: 8.0.2227)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - Deutsch (Version: 14.0.4763.1000)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft_VC100_CRT_SP1_x86 (Version: 10.0.40219.1)
Mozilla Firefox 22.0 (x86 de) (Version: 22.0)
Mozilla Maintenance Service (Version: 22.0)
MSVC80_x86_v2 (Version: 1.0.3.0)
MSVC90_x86 (Version: 1.0.1.2)
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Nokia Connectivity Cable Driver (Version: 7.1.78.0)
Nokia Suite (Version: 3.5.34.0)
Nur Entfernen der CopyTrans Suite möglich (HKCU Version: 2.37)
OpenOffice.org 3.3 (Version: 3.3.9567)
PC Connectivity Solution (Version: 12.0.32.0)
PDFCreator (Version: 1.2.1)
PlayReady PC Runtime x86 (Version: 1.3.0)
QuickTime (Version: 7.70.80.34)
Realtek Ethernet Controller Driver For Windows 7 (Version: 7.23.623.2010)
Realtek High Definition Audio Driver (Version: 6.0.1.6225)
Uninstall 1.0.0.1
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (Version: 3)
Versandhelfer (Version: 0.9.511)
VLC media player 1.1.10 (Version: 1.1.10)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3508.1109)
Windows Live Fotogalerie (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX control for remote connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Media Encoder 9 Series
Windows Media Encoder 9 Series (Version: 9.00.2980)
Windows-Treiberpaket - Nokia pccsmcfd “LegacyDriver”  (05/31/2012 7.1.2.0) (Version: 05/31/2012 7.1.2.0)
WinRAR 4.01 (32-Bit) (Version: 4.01.0)

==================== Restore Points  =========================

26-09-2013 06:42:05 Windows Update
28-10-2013 05:33:23 Windows Update
28-10-2013 13:51:57 Windows Modules Installer
25-11-2013 14:54:57 Windows Update

==================== Hosts content: ==========================

2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0CB081D6-0CF2-4689-8079-6D410C8637B0} - System32\Tasks\EPUpdater => C:\Users\Meltem\AppData\Roaming\BabSolution\Shared\BabMaint.exe [2013-06-06] ()
Task: {5814B560-FAF0-4C1B-B96F-B62763AF9F95} - System32\Tasks\DealPly => C:\Users\Meltem\AppData\Roaming\DealPly\UpdateProc\UpdateTask.exe [2013-02-27] () <==== ATTENTION
Task: {5B90EF2F-1D61-4754-881E-3A24510852E6} - System32\Tasks\GlaryInitialize => C:\Program Files\Glary Utilities\initialize.exe [2011-10-01] (Glarysoft Ltd)
Task: {7B536EFE-7A74-4971-92CE-CAB16328EDF8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-03-05] (Google Inc.)
Task: {9F09AD83-BFB2-410F-845A-517373A70C1A} - System32\Tasks\{22CD9EC9-4D16-4B06-92FE-76608E6A5254} => C:\Program Files\DVDVideoSoft\Free YouTube to MP3 Converter\FreeYouTubeToMP3Converter.exe [2011-05-18] (DVDVideoSoft Limited.)
Task: {A2AF8E0C-9B9B-4330-9629-90767635AEDF} - System32\Tasks\DSite => C:\Users\Meltem\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE
Task: {B0CB1BF1-A879-4AA2-AA67-5C106B5166EC} - System32\Tasks\QtraxPlayer => C:\Program Files\Microsoft Silverlight\sllauncher.exe [2013-09-13] (Microsoft Corporation)
Task: {DE5C31C7-5647-4E7A-9BC9-C5C27B969276} - System32\Tasks\DealPlyUpdate => C:\Program
Task: {E9062C0A-BB8B-4606-89BF-4AE422D2ABD3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-03-05] (Google Inc.)
Task: {FA19B40A-8591-43AB-B52B-E419755CA86D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: C:\Windows\Tasks\DSite.job => C:\Users\Meltem\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE
Task: C:\Windows\Tasks\GlaryInitialize.job => C:\Program Files\Glary Utilities\initialize.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2011-06-13 14:21 - 2011-05-28 21:04 - 00140288 _____ () C:\Program Files\WinRAR\rarext.dll
2010-12-17 08:46 - 2010-09-09 17:43 - 00044544 _____ () C:\Program Files\FSP\KbdHook.dll
2010-12-17 08:46 - 2010-09-09 17:44 - 00066048 _____ () C:\Program Files\FSP\FspLib.dll
2011-01-07 13:24 - 2009-06-16 16:06 - 00212992 _____ () C:\Program Files\Pegatron\Hotkey\HKBD.dll
2011-01-07 13:24 - 2010-05-04 14:27 - 00155648 _____ () C:\Program Files\Pegatron\Hotkey\LCSwit.dll
2011-01-07 13:24 - 2009-10-28 16:15 - 00053248 _____ () C:\Program Files\Pegatron\Hotkey\TPS.dll
2011-01-07 13:24 - 2009-06-03 15:03 - 00053248 _____ () C:\Program Files\Pegatron\Hotkey\PEGAACPIDLL32.dll
2011-01-07 13:24 - 2010-09-24 17:04 - 00053248 _____ () C:\Program Files\Pegatron\Hotkey\WLANV.dll
2011-09-27 06:23 - 2011-09-27 06:23 - 00087912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2011-09-27 06:22 - 2011-09-27 06:22 - 01242472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2012-08-03 15:06 - 2012-08-03 15:06 - 08506792 _____ () C:\Program Files\Nokia\Nokia Suite\QtGui4.dll
2012-08-03 15:06 - 2012-08-03 15:06 - 02353576 _____ () C:\Program Files\Nokia\Nokia Suite\QtCore4.dll
2012-08-03 15:06 - 2012-08-03 15:06 - 01013672 _____ () C:\Program Files\Nokia\Nokia Suite\QtNetwork4.dll
2012-08-03 15:06 - 2012-08-03 15:06 - 00363944 _____ () C:\Program Files\Nokia\Nokia Suite\QtXml4.dll
2012-08-03 15:06 - 2012-08-03 15:06 - 02480552 _____ () C:\Program Files\Nokia\Nokia Suite\QtDeclarative4.dll
2012-08-03 15:06 - 2012-08-03 15:06 - 01346472 _____ () C:\Program Files\Nokia\Nokia Suite\QtScript4.dll
2012-08-03 15:06 - 2012-08-03 15:06 - 00205736 _____ () C:\Program Files\Nokia\Nokia Suite\QtSql4.dll
2012-08-03 15:06 - 2012-08-03 15:06 - 02652584 _____ () C:\Program Files\Nokia\Nokia Suite\QtXmlPatterns4.dll
2012-08-03 15:06 - 2012-08-03 15:06 - 00032680 _____ () C:\Program Files\Nokia\Nokia Suite\imageformats\qgif4.dll
2012-08-03 15:06 - 2012-08-03 15:06 - 00035240 _____ () C:\Program Files\Nokia\Nokia Suite\imageformats\qico4.dll
2012-08-03 15:06 - 2012-08-03 15:06 - 00206760 _____ () C:\Program Files\Nokia\Nokia Suite\imageformats\qjpeg4.dll
2012-08-03 15:06 - 2012-08-03 15:06 - 11166120 _____ () C:\Program Files\Nokia\Nokia Suite\QtWebKit4.dll
2012-08-03 15:07 - 2012-08-03 15:07 - 00276392 _____ () C:\Program Files\Nokia\Nokia Suite\phonon4.dll
2012-07-02 10:29 - 2012-07-02 10:29 - 00391600 _____ () C:\Program Files\Nokia\Nokia Suite\ssoengine.dll
2012-07-02 10:29 - 2012-07-02 10:29 - 00059280 _____ () C:\Program Files\Nokia\Nokia Suite\securestorage.dll
2012-08-03 15:06 - 2012-08-03 15:06 - 00437672 _____ () C:\Program Files\Nokia\Nokia Suite\NService.dll
2012-08-03 15:06 - 2012-08-03 15:06 - 00445864 _____ () C:\Program Files\Nokia\Nokia Suite\sqldrivers\qsqlite4.dll
2012-08-03 15:06 - 2012-08-03 15:06 - 00520104 _____ () C:\Program Files\Nokia\Nokia Suite\QtMultimediaKit1.dll
2012-08-03 15:06 - 2012-08-03 15:06 - 00720296 _____ () C:\Program Files\Nokia\Nokia Suite\QtOpenGL4.dll
2012-08-03 15:05 - 2012-08-03 15:05 - 00604072 _____ () C:\Program Files\Nokia\Nokia Suite\CommonUpdateChecker.dll
2012-07-02 10:28 - 2012-07-02 10:28 - 00110080 _____ () C:\Program Files\Nokia\Nokia Suite\mediaservice\dsengine.dll
2013-08-23 21:45 - 2013-08-22 11:02 - 00187888 _____ () C:\Users\Meltem\AppData\Roaming\BabSolution\Shared\enhancedNT.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BsScanner => ""="Service"

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/01/2013 01:50:13 PM) (Source: Application Hang) (User: )
Description: Programm avscan.exe, Version 10.3.0.7 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 6e0

Startzeit: 01ceee91f5a108b1

Endzeit: 60000

Anwendungspfad: C:\Program Files\Avira\AntiVir Desktop\avscan.exe

Berichts-ID: efc1aa69-5a86-11e3-b779-525d60d0e6f8

Error: (10/28/2013 02:51:09 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 29365019

Error: (10/28/2013 02:51:09 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 29365019

Error: (10/28/2013 02:51:09 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/06/2013 08:51:38 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1647573

Error: (10/06/2013 08:51:38 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1647573

Error: (10/06/2013 08:51:38 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/06/2013 08:51:34 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1643923

Error: (10/06/2013 08:51:34 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1643923

Error: (10/06/2013 08:51:34 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (12/01/2013 01:38:59 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Google Update Service (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (12/01/2013 01:38:59 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Google Update Service (gupdate) erreicht.

Error: (12/01/2013 01:38:28 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Microsoft .NET Framework NGEN v4.0.30319_X86 erreicht.

Error: (12/01/2013 00:56:32 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.

Error: (12/01/2013 00:53:33 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Microsoft .NET Framework NGEN v4.0.30319_X86 erreicht.

Error: (11/25/2013 03:27:12 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎25.‎11.‎2013 um 15:25:16 unerwartet heruntergefahren.

Error: (10/31/2013 06:21:23 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "iPod-Dienst" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (10/31/2013 06:21:23 AM) (Source: DCOM) (User: )
Description: 1053iPod Service{063D34A4-BF84-4B8D-B699-E8CA06504DDE}

Error: (10/31/2013 06:21:14 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst iPod-Dienst erreicht.

Error: (10/30/2013 03:57:03 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Microsoft .NET Framework NGEN v4.0.30319_X86 erreicht.


Microsoft Office Sessions:
=========================
Error: (12/01/2013 01:50:13 PM) (Source: Application Hang)(User: )
Description: avscan.exe10.3.0.76e001ceee91f5a108b160000C:\Program Files\Avira\AntiVir Desktop\avscan.exeefc1aa69-5a86-11e3-b779-525d60d0e6f8

Error: (10/28/2013 02:51:09 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 29365019

Error: (10/28/2013 02:51:09 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 29365019

Error: (10/28/2013 02:51:09 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/06/2013 08:51:38 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1647573

Error: (10/06/2013 08:51:38 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1647573

Error: (10/06/2013 08:51:38 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/06/2013 08:51:34 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1643923

Error: (10/06/2013 08:51:34 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1643923

Error: (10/06/2013 08:51:34 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second


==================== Memory info =========================== 

Percentage of memory in use: 70%
Total physical RAM: 1014.18 MB
Available physical RAM: 303.15 MB
Total Pagefile: 2038.18 MB
Available Pagefile: 724.26 MB
Total Virtual: 2047.88 MB
Available Virtual: 1908.26 MB

==================== Drives ================================

Drive c: (BOOT) (Fixed) (Total:191.78 GB) (Free:126.89 GB) NTFS
Drive d: (Recover) (Fixed) (Total:37.99 GB) (Free:26.11 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 233 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=192 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=40 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)

==================== End Of Log ============================
--- --- ---
hier das was du woltest. und Jetzt ?

Übrigens ist Avira gerade fertig geworden, und hat 7 Dateien in Quarantäne verschoben.


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 01-12-2013
Ran by Meltem (administrator) on MELTEM-PC on 01-12-2013 15:50:39
Running from C:\Users\Meltem\Downloads
Microsoft Windows 7 Starter  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Avira GmbH) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira GmbH) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Avira GmbH) C:\Program Files\Avira\AntiVir Desktop\avscan.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Avira GmbH) C:\Program Files\Avira\AntiVir Desktop\avscan.exe
(Atheros) C:\Program Files\Atheros\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files\Atheros\Bluetooth Suite\AdminService.exe
(Avira GmbH) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
() C:\ProgramData\BitGuard\2.7.1832.68\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
() C:\ProgramData\BitGuard\2.7.1832.68\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Windows (R) Win 7 DDK provider) C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe
(Atheros Communications) C:\Program Files\Atheros\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files\Atheros\Bluetooth Suite\AthBtTray.exe
(Sentelic Corporation) C:\Program Files\FSP\FspUip.exe
() C:\Program Files\Pegatron\Hotkey\FastUserSwitching.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Pegatron) C:\Program Files\Pegatron\Hotkey\PHControl.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Avira GmbH) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Nokia) C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Avira GmbH) C:\Program Files\Avira\AntiVir Desktop\avscan.exe
(Avira GmbH) C:\Program Files\Avira\AntiVir Desktop\avscan.exe
(Avira GmbH) C:\Program Files\Avira\AntiVir Desktop\avscan.exe
(Nokia) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
(Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
(Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [9755240 2010-10-19] (Realtek Semiconductor)
HKLM\...\Run: [FLxHCIm] - C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe [33792 2010-11-19] (Windows (R) Win 7 DDK provider)
HKLM\...\Run: [AtherosBtStack] - C:\Program Files\Atheros\Bluetooth Suite\BtvStack.exe [486560 2010-11-25] (Atheros Communications)
HKLM\...\Run: [AthBtTray] - C:\Program Files\Atheros\Bluetooth Suite\AthBtTray.exe [302240 2010-11-25] (Atheros Commnucations)
HKLM\...\Run: [fspuip] - C:\Program Files\FSP\FspUip.exe [3704320 2010-09-09] (Sentelic Corporation)
HKLM\...\Run: [Hotkey] - C:\Program Files\Pegatron\Hotkey\FastUserSwitching.exe [258048 2009-06-03] ()
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [281768 2011-03-28] (Avira GmbH)
HKLM\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files\Adobe\Reader 10.0\Reader\reader_sl.exe [35736 2011-01-30] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254696 2011-04-08] (Sun Microsystems, Inc.)
HKLM\...\Run: [Malwarebytes' Anti-Malware] - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [449584 2011-05-29] (Malwarebytes Corporation)
HKLM\...\Run: [Malwarebytes' Anti-Malware (reboot)] - C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [1047656 2011-05-29] (Malwarebytes Corporation)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2011-07-05] (Apple Inc.)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-11-28] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152544 2012-12-12] (Apple Inc.)
HKCU\...\Run: [dv_wpc] - C:\Program Files\DeltaVision\wpc\dv_wpc.exe [684032 2004-08-19] (DeltaVision)
HKCU\...\Run: [] - [x]
HKCU\...\Run: [NokiaSuite.exe] - C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe [1086376 2012-08-03] (Nokia)
HKCU\...\Run: [NTRedirect] - C:\Windows\system32\rundll32.exe  "C:\Users\Meltem\AppData\Roaming\BabSolution\Shared\enhancedNT.dll",Run
AppInit_DLLs: c:\progra~2\bitguard\271832~1.68\{c16c1~1\bitguard.dll  [ ] ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Delta Search
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Welcome to ALDI
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x74085E28664FCD01
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = Delta Search
URLSearchHook: HKCU - (No Name) - {40c3cc16-7269-4b32-9531-17f2950fb06f} -  No File
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=CEEA525D60D0E6F8&affID=119357&tl=gbn193009&tsp=4953
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=CEEA525D60D0E6F8&affID=119357&tl=gbn193009&tsp=4953
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files\Atheros\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files\Delta\delta\1.8.21.5\bh\delta.dll (Delta-search.com)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: DealPly - {EF7BD87A-8024-11E2-F316-F3E56188709B} - C:\Program Files\DealPly\DealPlyIE.dll (DealPly)
Toolbar: HKLM - Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files\Delta\delta\1.8.21.5\deltaTlbr.dll (Delta-search.com)
Toolbar: HKCU - No Name - {40C3CC16-7269-4B32-9531-17F2950FB06F} -  No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
Winsock: Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Meltem\AppData\Roaming\Mozilla\Firefox\Profiles\w103h5sm.default
FF user.js: detected! => C:\Users\Meltem\AppData\Roaming\Mozilla\Firefox\Profiles\w103h5sm.default\user.js
FF NewTab: hxxp://www1.delta-search.com/?babsrc=NT_ss&mntrId=CEEA525D60D0E6F8&affID=119357&tl=gbn193009&tsp=4953
FF SearchEngineOrder.1: Delta Search
FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", "");
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @nokia.com/EnablerPlugin - C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=1.1.10 - C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF SearchPlugin: C:\Users\Meltem\AppData\Roaming\Mozilla\Firefox\Profiles\w103h5sm.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\Meltem\AppData\Roaming\Mozilla\Firefox\Profiles\w103h5sm.default\searchplugins\conduit.xml
FF SearchPlugin: C:\Users\Meltem\AppData\Roaming\Mozilla\Firefox\Profiles\w103h5sm.default\searchplugins\delta.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Conduit Engine  - C:\Users\Meltem\AppData\Roaming\Mozilla\Firefox\Profiles\w103h5sm.default\Extensions\engine@conduit.com
FF Extension: Delta Toolbar - C:\Users\Meltem\AppData\Roaming\Mozilla\Firefox\Profiles\w103h5sm.default\Extensions\ffxtlbr@delta.com
FF Extension: Firefox Update Hotfix - C:\Users\Meltem\AppData\Roaming\Mozilla\Firefox\Profiles\w103h5sm.default\Extensions\firefox-hotfix@mozilla.org
FF Extension: No Name - C:\Users\Meltem\AppData\Roaming\Mozilla\Firefox\Profiles\w103h5sm.default\Extensions\staged
FF Extension: DVDVideoSoft Menu - C:\Users\Meltem\AppData\Roaming\Mozilla\Firefox\Profiles\w103h5sm.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
FF Extension: DownloadHelper - C:\Users\Meltem\AppData\Roaming\Mozilla\Firefox\Profiles\w103h5sm.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: finder - C:\Users\Meltem\AppData\Roaming\Mozilla\Firefox\Profiles\w103h5sm.default\Extensions\finder@meingutscheincode.de.xpi
FF Extension: firefox-hotfix - C:\Users\Meltem\AppData\Roaming\Mozilla\Firefox\Profiles\w103h5sm.default\Extensions\firefox-hotfix@mozilla.org.xpi
FF HKCU\...\Thunderbird\Extensions: [{0E810812-F4BB-4309-942A-755587587A5E}] - C:\Program Files\BullGuard Ltd\BullGuard\Spamfilter\TbSpamfilter

Chrome: 
=======
CHR DefaultSearchURL: (Delta Search) - hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=CEEA525D60D0E6F8&affID=119357&tl=gbn193009&tsp=4953
CHR DefaultSuggestURL: (Delta Search) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR Extension: (Delta Toolbar) - C:\Users\Meltem\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.4_0
CHR Extension: (Google Wallet) - C:\Users\Meltem\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR HKLM\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Users\Meltem\AppData\Roaming\BabSolution\CR\Delta.crx

========================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [136360 2011-03-28] (Avira GmbH)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [269480 2011-06-28] (Avira GmbH)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files\Atheros\Ath_CoexAgent.exe [151552 2010-05-24] (Atheros)
R2 AtherosSvc; C:\Program Files\Atheros\Bluetooth Suite\adminservice.exe [56480 2010-11-25] (Atheros Commnucations)
R2 BitGuard; C:\ProgramData\BitGuard\2.7.1832.68\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe [3780064 2013-11-18] ()
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [366640 2011-05-29] (Malwarebytes Corporation)

==================== Drivers (Whitelisted) ====================

R3 ACPIService; C:\Windows\system32\DRIVERS\ATKACPI.SYS [16456 2009-06-09] ()
S3 AmUStor; C:\Windows\system32\drivers\AmUStor.SYS [31232 2010-03-01] (Alcor Micro, Corp.)
R3 AthBTPort; C:\Windows\System32\DRIVERS\btath_flt.sys [34976 2010-11-25] (Atheros)
S3 ATHDFU; C:\Windows\System32\Drivers\AthDfu.sys [43680 2010-11-25] (Windows (R) Win 7 DDK provider)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [66616 2011-06-28] (Avira GmbH)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [138192 2011-06-28] (Avira GmbH)
R3 BTATH_A2DP; C:\Windows\System32\drivers\btath_a2dp.sys [258720 2010-11-25] (Atheros)
R3 BTATH_BUS; C:\Windows\system32\DRIVERS\btath_bus.sys [24736 2010-11-25] (Atheros)
R3 BTATH_HCRP; C:\Windows\system32\DRIVERS\btath_hcrp.sys [175776 2010-11-25] (Atheros)
R3 BTATH_LWFLT; C:\Windows\System32\DRIVERS\btath_lwflt.sys [49312 2010-11-25] (Atheros)
R3 BTATH_RCP; C:\Windows\system32\DRIVERS\btath_rcp.sys [141088 2010-11-25] (Atheros)
R3 BtFilter; C:\Windows\System32\DRIVERS\btfilter.sys [239776 2010-11-25] (Atheros)
R3 FLxHCIc; C:\Windows\system32\DRIVERS\FLxHCIc.sys [174080 2010-11-19] (Fresco Logic)
R3 FLxHCIh; C:\Windows\system32\DRIVERS\FLxHCIh.sys [38400 2010-11-19] (Fresco Logic)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22712 2011-05-29] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\mbamswissarmy.sys [39984 2011-05-29] (Malwarebytes Corporation)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2010-06-17] (Avira GmbH)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-01 15:50 - 2013-12-01 15:51 - 00016172 _____ C:\Users\Meltem\Downloads\FRST.txt
2013-12-01 15:50 - 2013-12-01 15:50 - 00000000 ____D C:\FRST
2013-12-01 15:49 - 2013-12-01 15:49 - 01092187 _____ (Farbar) C:\Users\Meltem\Downloads\FRST.exe
2013-12-01 13:35 - 2013-12-01 13:35 - 00000000 ___RD C:\Users\Meltem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2013-11-25 16:16 - 2013-10-12 08:04 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-25 16:16 - 2013-10-12 08:03 - 01767936 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-25 16:16 - 2013-10-12 08:03 - 01138176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-25 16:16 - 2013-10-12 08:02 - 14355968 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-25 16:16 - 2013-10-12 08:02 - 13761024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-25 16:16 - 2013-10-12 08:02 - 02877952 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-25 16:16 - 2013-10-12 08:02 - 02049024 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-25 16:16 - 2013-10-12 08:02 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-25 16:16 - 2013-10-12 08:02 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-25 16:16 - 2013-10-12 08:02 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-25 16:16 - 2013-10-12 08:02 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-25 16:16 - 2013-10-12 08:02 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-25 16:16 - 2013-10-12 08:02 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-25 16:16 - 2013-10-12 08:02 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-25 16:16 - 2013-10-12 07:08 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-25 16:16 - 2013-10-12 06:15 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-25 15:52 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-11-25 15:51 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-25 15:51 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-11-25 15:51 - 2013-09-25 03:01 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-25 15:51 - 2013-09-25 03:01 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-25 15:51 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-25 15:51 - 2013-09-25 02:57 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-25 15:51 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-25 15:51 - 2013-09-25 02:56 - 01038848 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-25 15:51 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-25 15:51 - 2013-09-25 01:49 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-25 15:51 - 2013-09-25 01:49 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-25 15:51 - 2013-07-04 13:16 - 00369848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-11-25 15:50 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-25 15:50 - 2013-10-12 03:01 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-25 15:50 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-25 15:50 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-25 15:50 - 2013-10-03 02:58 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-25 15:29 - 2013-11-25 15:29 - 00000000 ____D C:\Users\Meltem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard

==================== One Month Modified Files and Folders =======

2013-12-01 15:51 - 2013-12-01 15:50 - 00016172 _____ C:\Users\Meltem\Downloads\FRST.txt
2013-12-01 15:50 - 2013-12-01 15:50 - 00000000 ____D C:\FRST
2013-12-01 15:49 - 2013-12-01 15:49 - 01092187 _____ (Farbar) C:\Users\Meltem\Downloads\FRST.exe
2013-12-01 15:48 - 2011-03-05 08:47 - 01894257 _____ C:\Windows\WindowsUpdate.log
2013-12-01 15:19 - 2011-03-05 08:48 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-01 15:08 - 2011-01-07 13:24 - 00000004 _____ C:\ProgramData\RELED.INI
2013-12-01 13:52 - 2009-07-14 05:34 - 00009696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-01 13:52 - 2009-07-14 05:34 - 00009696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-01 13:36 - 2011-03-05 08:48 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-01 13:35 - 2013-12-01 13:35 - 00000000 ___RD C:\Users\Meltem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2013-12-01 13:35 - 2011-10-18 19:50 - 00000316 _____ C:\Windows\Tasks\GlaryInitialize.job
2013-12-01 13:35 - 2011-01-07 13:22 - 00000035 _____ C:\Users\Public\Documents\AtherosServiceConfig.ini
2013-12-01 13:34 - 2011-06-20 10:10 - 00016591 _____ C:\Windows\setupact.log
2013-12-01 13:34 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-01 12:58 - 2011-01-07 08:42 - 01500294 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-01 12:47 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\de-DE
2013-12-01 12:46 - 2013-09-26 07:21 - 00000000 ____D C:\ProgramData\BitGuard
2013-12-01 12:46 - 2011-06-20 10:10 - 00028094 _____ C:\Windows\PFRO.log
2013-11-25 16:15 - 2013-08-23 22:31 - 00000000 ____D C:\Windows\system32\MRT
2013-11-25 15:55 - 2011-01-07 08:59 - 80340640 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-25 15:50 - 2013-01-28 16:33 - 00000000 ____D C:\Users\Meltem\Rechnung TSV 2013
2013-11-25 15:29 - 2013-11-25 15:29 - 00000000 ____D C:\Users\Meltem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard

Some content of TEMP:
====================
C:\Users\Meltem\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\Sven\AppData\Local\Temp\nsqAF43.tmp.ConduitEngineEmbbed.exe
C:\Users\Sven\AppData\Local\Temp\tbWin0.dll


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-10-28 16:22

==================== End Of Log ============================
--- --- ---

--- --- ---
__________________
Alt 02.12.2013, 10:39   #4
schrauber
/// the machine
/// TB-Ausbilder
 
AVIRA Meldung EXP/CVE-2010-4452 - Standard

AVIRA Meldung EXP/CVE-2010-4452


Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!
Downloade dir bitte Combofix vom folgenden Downloadspiegel

Link 1


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 02.12.2013, 13:33   #5
nexxus88
 
AVIRA Meldung EXP/CVE-2010-4452 - Standard

AVIRA Meldung EXP/CVE-2010-4452


Hallo,

denke habe das Problem selber in Griff, weil nach meinem Avira Scan wurden die Viren in Quarantäne verschoben. Damit sind sie ja unschädlich gemacht. Kann ich sie da nicht einfach mal lassen ? Oder können die dort irgendwie "ausbrechen" ?


Alt 03.12.2013, 09:43   #6
schrauber
/// the machine
/// TB-Ausbilder
 
AVIRA Meldung EXP/CVE-2010-4452 - Standard

AVIRA Meldung EXP/CVE-2010-4452


In Quarantäne ist in Quarantäne, da passiert nix. Fraglich ob das die einzigen waren
__________________
--> AVIRA Meldung EXP/CVE-2010-4452

Antwort

Themen zu AVIRA Meldung EXP/CVE-2010-4452
angezeigt, avira, avira meldung, exp/cve-2010-4452, forum, fund, gefunde, glaube, heute, inter, interne, internet, löschen, meldung, mutter, programm, rechner, scan, schwer, schädlich, virus; adware; avira;, vollständige, weiterhelfen


« Windows7: hochfahren geht, dann nur Ausschalten möglich | avira: dieses programm wurde durch eine gruppenrichtlinie blockiert »


Ähnliche Themen: AVIRA Meldung EXP/CVE-2010-4452


  1. EXP/CVE-2010-4452 gefunden - wie werde ich ihn wieder los?
    Log-Analyse und Auswertung - 23.11.2012 (9)
  2. Exe/cve-2010-4452
    Log-Analyse und Auswertung - 07.10.2012 (3)
  3. TR/Dldr.OpenConnection.OJ.1, EXP/CVE-2010-4452 und EXP/CVE-2012-0507
    Log-Analyse und Auswertung - 10.07.2012 (16)
  4. EXP/CVE-2010-4452.BG + Email gehackt? Was tun?
    Plagegeister aller Art und deren Bekämpfung - 03.07.2012 (22)
  5. Avira: TR/Crypt.XPACK.Gen & EXP/CVE-2010-4452
    Log-Analyse und Auswertung - 22.03.2012 (27)
  6. Wie beseitige ich EXP/CVE-2010-4452.D ?
    Plagegeister aller Art und deren Bekämpfung - 05.03.2012 (7)
  7. TR/Agent.Rima.1 und EXP/CVE-2010-4452 entdeckt! Was nun?
    Log-Analyse und Auswertung - 03.03.2012 (15)
  8. (2x) TR/Agent.Rima.1 und EXP/CVE-2010-4452 entdeckt! Was nun?
    Mülltonne - 02.03.2012 (1)
  9. Exp/cve-2010-4452.ce
    Plagegeister aller Art und deren Bekämpfung - 13.01.2012 (1)
  10. Antivir findet EXP/CVE-2010-4452.CE
    Log-Analyse und Auswertung - 10.01.2012 (52)
  11. Avira findet Exploits EXP/CVE-2010-4452. Was ist das?
    Plagegeister aller Art und deren Bekämpfung - 27.11.2011 (25)
  12. ECP/CVE-2010-4452.AN gemeldet von Avira Antivir
    Log-Analyse und Auswertung - 03.11.2011 (7)
  13. Virusfund! EXP/CVE-2010-4452.C
    Log-Analyse und Auswertung - 22.08.2011 (12)
  14. Avira findet Virus EXP/CVE-2010-4452.C als Fund
    Plagegeister aller Art und deren Bekämpfung - 21.08.2011 (26)
  15. exploit.java.CVE-2010-4452.a
    Log-Analyse und Auswertung - 05.08.2011 (1)
  16. TR/Jorik.SpyEyes.nc + EXP/CVE-2010-4452.A
    Plagegeister aller Art und deren Bekämpfung - 05.06.2011 (23)
  17. Auf dem PC entdeckt SpyEyes / Exploits EXP/CVE-2010-4452.A
    Plagegeister aller Art und deren Bekämpfung - 28.05.2011 (23)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema AVIRA Meldung EXP/CVE-2010-4452 - Hallo liebes Forum, der Rechner von meiner Mutter hat heute über AVIRA, diesen Fund angezeigt: EXP/CVE-2010-4452 angezeigt, und noch zahlreiche Adwares. Lasse jetzt mal eine vollständigen Scan duchlaufen. Hoffe ihr - AVIRA Meldung EXP/CVE-2010-4452...
Archiv
Du betrachtest: AVIRA Meldung EXP/CVE-2010-4452 auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131