Werde Virus/Trojaner nicht los - vermtl. Win32.Trojan.Tdss

Joe007 · 14.08.2009, 11:36

Hallo Forum!

ich habe seit letzten Samstag einen/mehrere Viren/Trojaner auf meinem System und werde sie nicht los. Über diverse Suchen bin ich auf euer Board gestoßen und hoffe, ihr könnt mir helfen.

Erstmal ne kurze Schilderung der Symptome:
Bin offensichtlich auf bei der Suche nach der Melodie eines religiösen deutschen Liedes auf eine dubiose Seite gelangt, worauf mir Antivir Virenwarnungen angezeigt hat. Ich habe entsprechend die Dateien gelöscht/in Quarantäne verschoben.
Dennoch scheint der PC seitdem (?) infiziert zu sein. Wenn ich bei Google was suche, sind bei den Suchergebnissen oft manipulierte Links hinterlegt, die nicht zur angegebenen Seite führen. Zudem sind die hinterlegten Webadressen nicht in der Statusleiste unten sichtbar und die Google-Suche dauert länger. Teilweise öffnen sich bei Eingabe einer Internetseite auch automatisch neue Tabs im Mozilla Firefox 2.0.0.20. (Als Firewall verwende ich übrigens Sygate Personal Firewall 5.5).
Was mir auch aufgefallen ist, inzwischen funktioniert die Autostart-Funktion nicht mehr. Und der Antivir Guard ist beim Start nicht mehr automatisch aktiv. Antivir kann sich anscheinend auch nicht mehr selbst automatisch updaten.

Was habe ich bisher gemacht?

Ich habe natürlich Antivir mal über das ganze System drüberlaufen lassen. Hier die Fundmeldungen:
In der Datei 'C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Temp\rasv.tmp'
wurde ein Virus oder unerwünschtes Programm 'TR/Click.VBiframe.XI' [trojan] gefunden.
Ausgeführte Aktion: Datei löschen

In der Datei 'C:\WINDOWS\system32\drivers\yfqqmcegobycvkos.sys'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.ZPACK.Gen' [trojan] gefunden.
Ausgeführte Aktion: Datei löschen

Die Datei 'C:\WINDOWS\system32\net.net'
enthielt einen Virus oder unerwünschtes Programm 'TR/Crypt.PEPM.Gen' [trojan].
Durchgeführte Aktion(en):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\net.
Die Datei wurde gelöscht.

Die Datei 'C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Temp\rasvsnet.tmp'
enthielt einen Virus oder unerwünschtes Programm 'TR/Click.VBiframe.XI' [trojan].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '4af0775b.qua' verschoben!

Die Datei 'C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Temporary Internet Files\Content.IE5\VK08AOSE\index[3].htm'
enthielt einen Virus oder unerwünschtes Programm 'HTML/Dldr.FraudLo.A' [virus].
Durchgeführte Aktion(en):
Die Datei wurde gelöscht.

Dann habe ich auch noch Adaware installiert. Ein Scan findet jedesmal Win32.Trojan.Tdss am folgenden Ort: C:\WINDOWS\system32\UACpjsixnpvbe.dll
Egal ob ich die Datei lösche oder in Quarantäne verschiebe, bei einem Neustart hängt sich der PC meist auf und der Trojaner wird jedesmal wieder gefunden. Ich werde ihn einfach nicht los.

Bei der Internetrecherche bin ich auf das Trojaner-Board gestoßen. Möglicherweise könnte wohl Combofix helfen, aber bevor ich das Programm laufen lasse, will ich mir unbedingt die Meinung von Experten einholen, kenn mich da einfach nicht aus.

Ich habe jetzt mal wie empfohlen CCleaner installiert und ausgeführt.

Malwarebytes habe ich auch heruntergeladen, konnte es jedoch auch bei Umbenennen der Datei nicht ausführen (erscheint zwar im Task Manager, aber es kam kein Programmfenster) (???)

RSIT habe ich auch runtergeladen und laufen lassen (nach der Überprüfung der Datei hat sich btw Antivir aufgehängt und ließ sich nicht beenden, anscheinend aber nur bei dieser Datei)

Die Logfiles von RSIT muss ich in separaten Beiträgen posten, weil die Anzahl der Zeichen zu groß ist..., folgen also sofort.

Joe007 · 14.08.2009, 11:51

info.txt von RSIT:

Code:

ATTFilter

info.txt logfile of random's system information tool 1.06 2009-08-14 11:25:22

======Uninstall list======

-->C:\Programme\Gemeinsame Dateien\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->C:\Programme\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\IsUn0407.exe -fC:\WINDOWS\orun32.isu
-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNRecode.exe /UNINSTALL
-->MsiExec.exe /I{8A42F680-2DD6-11D4-9A8C-0040F6982C20}
-->MsiExec.exe /I{A2529672-574A-4A99-86A5-C1770A0E31FE}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
7-Zip 4.65-->"C:\Programme\7-Zip\Uninstall.exe"
Ad-Aware-->"C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{EF63305C-BAD7-4144-9208-D65528260864}\Ad-AwareAE.exe" REMOVE=TRUE MODIFY=FALSE
Ad-Aware-->C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{EF63305C-BAD7-4144-9208-D65528260864}\Ad-AwareAE.exe
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 7.0.8 - Deutsch-->MsiExec.exe /I{AC76BA86-7AD7-1031-7B44-A70800000002}
Adobe Shockwave Player 11.5-->"C:\WINDOWS\system32\Adobe\Shockwave 11\uninstaller.exe"
ALDI Online Druck Service (Sued)-->C:\PROGRA~1\ALDION~1\ALDI_ODS\UNWISE.EXE C:\PROGRA~1\ALDION~1\ALDI_ODS\INSTALL.LOG
ALDI Sued Foto Manager (D)-->C:\Programme\ALDI Sued Foto Service\ALDI_Foto_Manager\instslct.exe
ALDI Sued Foto Service (D)-->C:\Programme\ALDI Sued Foto Service\ALDI_Foto_Service\instslct.exe
Atlantis - Sky Patrol (remove only)-->C:\Programme\Games\Atlantis - Sky Patrol\Uninstall.exe
Avira AntiVir Personal - Free Antivirus-->C:\Programme\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
Biet-O-Matic v2.6.1-->C:\PROGRA~1\BIET-O~1\UNWISE.EXE C:\PROGRA~1\BIET-O~1\Install.log
Big Fish Games Center (remove only)-->C:\Programme\Games\Uninstall.exe
Brother MFL-Pro Suite-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{D83BD5E2-5AF4-49F6-B5C1-484A9760E73D}\Setup.exe" -l0x7 Brunin03.dllBrunin03.dll
Canon PhotoRecord-->MsiExec.exe /X{D958FAC4-BAE0-4B1D-A42E-DE9BFDE7DDEE}
Canon PIXMA iP3000-->C:\WINDOWS\system32\CNMCP61.exe "-PRINTERNAMECanon PIXMA iP3000" "-HELPERDLLC:\BJPrinter\CNMWINDOWS\Canon PIXMA iP3000 Installer\Inst2\cnmis.dll" "-RCDLLC:\BJPrinter\CNMWINDOWS\Canon PIXMA iP3000 Installer\Inst2\cnmi0407.dll"
Canon Utilities Easy-PhotoPrint-->C:\Programme\Canon\Easy-PhotoPrint\uninst.exe C:\Programme\Canon\Easy-PhotoPrint\uninst.ini
Canon Utilities Easy-PrintToolBox-->C:\WINDOWS\BJPSUNST.EXE
CCleaner (remove only)-->"C:\Programme\CCleaner\uninst.exe"
CD-LabelPrint-->"C:\Programme\Canon\CD-LabelPrint\Uninstal.exe" Canon.CDLabelPrint.Application
DivX Player-->C:\Programme\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Pro-->C:\Programme\DivX\DivXCodecUninstall.exe /CODEC
DivX User Guide-->C:\Programme\DivX\DivXUserGuideUninstall /USERGUIDE
EA SPORTS online 2004-->C:\Programme\EA SPORTS\EA SPORTS online\EASOUNInstaller.exe
Easy-WebPrint-->C:\WINDOWS\IsUn0407.exe -fC:\Programme\Canon\Easy-WebPrint\Uninst.isu
Europa Raser-->C:\PROGRA~1\Davilex\EUROPA~1\UNINST32.EXE C:\PROGRA~1\Davilex\EUROPA~1\INSTALL.LOG
Fairies EU (remove only)-->C:\Programme\Games\Fairies EU\Uninstall.exe
ffdshow [rev 1473] [2007-09-10]-->"C:\Programme\ffdshow\unins000.exe"
FIFA 2004-->C:\Programme\EA SPORTS\FIFA 2004\EAUninstall.exe
FIFA RTWC 98-->C:\WINDOWS\unin0407.exe -f"C:\Program Files\EA SPORTS\FIFA RTWC 98\DeIsL1.isu"
Fish Tycoon (remove only)-->C:\Programme\Games\Fish Tycoon\Uninstall.exe
Free Download Manager 2.1-->"C:\Programme\Free Download Manager\unins000.exe"
GemMaster Mystic-->"C:\Programme\GemMasterGerman\uninstallgemmaster.exe"
GetRight-->"C:\Programme\GetRight\unins000.exe"
Google Earth-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B}\setup.exe" -l0x7  -removeonly
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\programme\google\googletoolbar3.dll"
Hidden Expedition Titanic (remove only)-->C:\Programme\Games\Hidden Expedition Titanic\Uninstall.exe
High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HijackThis 2.0.2-->"C:\Programme\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Media Player 10 (KB903157)-->"C:\WINDOWS\$NtUninstallKB903157$\spuninst\spuninst.exe"
Hotfix für Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Hotfix für Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Internet Radio-->"C:\WINDOWS\lsb_un20.exe" /C=UC /N=Internet Radio
iTunes-->MsiExec.exe /I{446DBFFA-4088-48E3-8932-74316BA4CAE4}
J2SE Runtime Environment 5.0 Update 8-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150080}
KompoZer 0.77-->"C:\Programme\KompoZer\unins000.exe"
LetsTrade Komponenten-->C:\WINDOWS\fpuninst.exe -uninstall:"c:\programme\letstrade\uninst\uninst.ini"
MagicDirector 1.2-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{F79A208D-D929-11D9-9D77-000129760D75}\setup.exe"  -uninstall
Mah-Jomino (remove only)-->C:\Programme\Games\Mah-Jomino\Uninstall.exe
MakeDisc-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{B145EC69-66F5-11D8-9D75-000129760D75}\setup.exe"  -uninstall
MCE Software Encoder 1.0-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{7655E113-C306-11D9-A373-0050BAE317E1}\setup.exe"  -uninstall
MediaShow 3.0-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{D5A9B7C0-8751-11D8-9D75-000129760D75}\setup.exe"  -uninstall
MEDION Fotos auf CD Sued (D)-->C:\Programme\ALDI Sued Foto Service\MEDION_Fotos_auf_CD\instslct.exe
Mein Geld Professional-->MsiExec.exe /I{08E4F3CE-A34E-4667-8DE9-147249FAE468}
Microsoft .NET Framework 1.1 German Language Pack-->MsiExec.exe /X{E78BFA60-5393-4C38-82AB-E8019E464EB4}
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Language Pack - DEU-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - DEU\install.exe
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Windows-Journal-Viewer-->MsiExec.exe /X{43DCF766-6838-4F9A-8C91-D92DA586DFA8}
Microsoft Works-->MsiExec.exe /I{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}
Microsoft-Basissmartcard-Kryptografiedienstanbieterpaket-->"C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe"
Mozilla Firefox (2.0.0.20)-->C:\Programme\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB925672)-->MsiExec.exe /I{A9CF9052-F4A0-475D-A00F-A8388C62DD63}
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Mystery Case Files - Huntsville (remove only)-->C:\Programme\Games\Mystery Case Files - Huntsville\Uninstall.exe
Mystery Case Files - Prime Suspects (remove only)-->C:\Programme\Games\Mystery Case Files - Prime Suspects\Uninstall.exe
Mystic Inn (remove only)-->C:\Programme\Games\Mystic Inn\Uninstall.exe
Need For Speed Hot Pursuit 2-->C:\Programme\EA Games\Need For Speed Hot Pursuit 2\EAUninstall.exe
Need For Speed II SE-->C:\WINDOWS\unin0407.exe -f"C:\Programme\Electronic Arts\Need For Speed II SE\DeIsL1.isu"
Nero 7 Essentials-->MsiExec.exe /I{5B8072B3-A576-4C0B-99BC-FAA7145A1031}
NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI
Office 2003 Trial Assistant-->MsiExec.exe /I{47D2103B-FD51-4017-9C20-DD408B17D726}
OpenOffice.org 2.4-->MsiExec.exe /I{50E21B3A-FF06-412D-879B-DEA30815736E}
Otto-->"C:\Programme\GermanOtto\uninstallotto.exe"
PaperPort-->MsiExec.exe /I{A17EABB6-D0C6-44E5-820C-72DC7F495064}
PDFCreator-->C:\Programme\PDFCreator\unins000.exe
PhotoNow! 1.0-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{D36DD326-7280-11D8-97C8-000129760CBE}\setup.exe"  -uninstall
Poker Superstars II (remove only)-->C:\Programme\Games\Poker Superstars II\Uninstall.exe
PowerCinema Linux 5.0-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{D5F82F8F-4DE2-11D9-A373-0050BAE317E1}\Setup.exe"  -uninstall
PowerDirector-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\setup.exe"  -uninstall
PowerDVD-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe"  -uninstall
PowerProducer-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\setup.exe"  -uninstall
QuickTime-->MsiExec.exe /I{50D8FFDD-90CD-4859-841F-AA1961C7767A}
Ralink Wireless LAN-Karte-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{E91E8912-769D-42F0-8408-0E329443BABC}\setup.exe" -l0x7  -removeonly
RealPlayer-->C:\Programme\Gemeinsame Dateien\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x7  -removeonly
Sceneo Bonavista-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{4C73B683-B15D-4B94-AC7A-520B70C4FFE9}\Setup.exe" 
SDFormatter-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{5A347920-4AFC-11D5-9FB0-800649886934}\setup.exe" 
Security Update für Microsoft .NET Framework 2.0 (KB928365)-->C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {8056AC9E-49C5-4375-9ADE-B2F862C9DF51} /package {7131646D-CD3C-40F4-97B9-CD9E4E6262EF}
Sicherheitsupdate für Step by Step Interactive Training (KB898458)-->"C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Sicherheitsupdate für Step by Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB928090)-->"C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe"
SfWIE 7 (KB929969)-->"C:\WINDOWS\ie7updates\KB929969\spuninst\spuninst.exe"
SfWIE 7 (KB931768)-->"C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe"
SfWIE 7 (KB933566)-->"C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe"
SfWIE 7 (KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe"
SfWIE 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
SfWIE 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
SfWIE 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
SfWIE 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
SfWIE 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
SfWIE 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
SfWIE 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
SfWIE 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
SfWIE 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
SfWIE 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
SfWIE 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"
SfWIE 7 (KB969897)-->"C:\WINDOWS\ie7updates\KB969897-IE7\spuninst\spuninst.exe"
SfWIE 7 (KB972260)-->"C:\WINDOWS\ie7updates\KB972260-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
SfWMP 10 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
SfWMP 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
SfWMP 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
SfWXP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
SfWXP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe"
SfWXP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
SfWXP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
SfWXP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
SfWXP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
SfWXP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
SfWXP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
SfWXP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
SfWXP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
SfWXP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
SfWXP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
SfWXP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
SfWXP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
SfWXP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
SfWXP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
SfWXP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
SfWXP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
SfWXP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
SfWXP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
SfWXP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
SfWXP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
SfWXP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
SfWXP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
SfWXP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
SfWXP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
SfWXP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
SfWXP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
SfWXP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
SfWXP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
SfWXP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
SfWXP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
SfWXP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe"
SfWXP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
SfWXP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
SfWXP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
SfWXP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe"
SfWXP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
SFWXP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
SFWXP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
Sygate Personal Firewall-->MsiExec.exe /X{F860F390-78F4-4B45-8C1A-0489618E315B}
Trillian-->C:\Programme\Trillian\trillian.exe /uninstall
Turbo Lister 2-->C:\PROGRA~1\GEMEIN~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{69640730-B830-4C24-BB5C-222DA1260548} 
TV Enhance-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{E4C891D6-6844-41B8-86E8-633CACCC644F}\setup.exe"  -uninstall
TVsweeper-->MsiExec.exe /I{D0CC1431-915D-4454-A045-232155BFD498}
Update für Windows Media Player 10 (KB913800)-->"C:\WINDOWS\$NtUninstallKB913800$\spuninst\spuninst.exe"
Update für Windows Media Player 10 (KB926251)-->"C:\WINDOWS\$NtUninstallKB926251$\spuninst\spuninst.exe"
Update für Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
UfWXP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
UfWXP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
UfWXP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Update Rollup 2 für Windows XP Media Center Edition 2005-->C:\WINDOWS\$NtUninstallKB900325$\spuninst\spuninst.exe
USB2.0 CARD READER-->MsiExec.exe /I{247A11CA-F5CE-4DD6-85E2-64850E64E064}
VIA Platform Device Manager-->C:\PROGRA~1\GEMEIN~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169} 
VIA Rhine-Family Fast Ethernet Adapter-->Rundll32.exe vuins32.dll,vuins32Ex $Rhine $VIA
VideoLAN VLC media player 0.8.6-->C:\Programme\VideoLAN\VLC\uninstall.exe
Virtual Villagers (remove only)-->C:\Programme\Games\Virtual Villagers\Uninstall.exe
Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}
Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\WINDOWS\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""
VRally3-->C:\Programme\Atari\VRally3\unins000.exe
Windows Live Messenger-->MsiExec.exe /I{8DCBD4B1-DD30-4A9A-ADF7-FA3162B596C4}
Windows Media Connect-->"C:\WINDOWS\$NtUninstallWMCSetup$\spuninst\spuninst.exe"
Windows Media Format Runtime-->"C:\Programme\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format SDK Hotfix - KB891122-->"C:\WINDOWS\$NtUninstallKB891122$\spuninst\spuninst.exe"
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
Windows Messenger 5.1-->MsiExec.exe /I{9D1C26BD-E792-4159-9D16-07EA222D8EF0}
Windows XP Media Center Edition 2005 KB908246-->"C:\WINDOWS\$NtUninstallKB908246$\spuninst\spuninst.exe"
Windows XP Media Center Edition 2005 KB925766-->"C:\WINDOWS\$NtUninstallKB925766$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
Windows-Sicherungsprogramm-->MsiExec.exe /I{76EFFC7C-17A6-479D-9E47-8E658C1695AE}
WLAN Monitor-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{2808E975-BD01-47DD-9852-54E3C622BDDC}\setup.exe" -l0x7 
WLAN Quick-Starter-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{E40268F4-7E9F-4E07-B773-7FF64971F42E}\setup.exe" -l0x7 
X10 Hardware(TM)-->C:\WINDOWS\UNWISE.EXE C:\PROGRA~1\X10HAR~1\Install.log

======Security center information======

[44 x] AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic (disabled)
[64 x] AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic (disabled)
[weit über 100 x] AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic (outdated)
[zig mal] AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition
[ganz oft] AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic (disabled)
AV: Avira AntiVir PersonalEdition Classic
AV: Avira AntiVir PersonalEdition Classic (disabled)
[ganz oft] AV: Avira AntiVir PersonalEdition Classic

======System event log======

Computer Name: MD8818
Event Code: 7036
Message: Dienst "IMAPI-CD-Brenn-COM-Dienste" befindet sich jetzt im Status "Ausgeführt".

Record Number: 63776
Source Name: Service Control Manager
Time Written: 20090625122413.000000+120
Event Type: Informationen
User: 

Computer Name: MD8818
Event Code: 7035
Message: Der Steuerbefehl "starten" wurde erfolgreich an den Dienst "IMAPI-CD-Brenn-COM-Dienste" gesendet.

Record Number: 63775
Source Name: Service Control Manager
Time Written: 20090625122413.000000+120
Event Type: Informationen
User: NT-AUTORITÄT\SYSTEM

Computer Name: MD8818
Event Code: 7036
Message: Dienst "IMAPI-CD-Brenn-COM-Dienste" befindet sich jetzt im Status "Beendet".

Record Number: 63774
Source Name: Service Control Manager
Time Written: 20090625122335.000000+120
Event Type: Informationen
User: 

Computer Name: MD8818
Event Code: 7036
Message: Dienst "IMAPI-CD-Brenn-COM-Dienste" befindet sich jetzt im Status "Ausgeführt".

Record Number: 63773
Source Name: Service Control Manager
Time Written: 20090625122330.000000+120
Event Type: Informationen
User: 

Computer Name: MD8818
Event Code: 7035
Message: Der Steuerbefehl "starten" wurde erfolgreich an den Dienst "IMAPI-CD-Brenn-COM-Dienste" gesendet.

Record Number: 63772
Source Name: Service Control Manager
Time Written: 20090625122330.000000+120
Event Type: Informationen
User: NT-AUTORITÄT\SYSTEM

=====Application event log=====

Computer Name: MD8818
Event Code: 0
Message: 
Record Number: 13188
Source Name: TVESched
Time Written: 20081129090754.000000+060
Event Type: Informationen
User: 

Computer Name: MD8818
Event Code: 0
Message: 
Record Number: 13187
Source Name: TVECapSvc
Time Written: 20081129090752.000000+060
Event Type: Informationen
User: 

Computer Name: MD8818
Event Code: 32068
Message: Die ausgehende Verteilerregel ist nicht gültig, weil kein gültiges Gerät gefunden werden kann. Ausgehende Faxe, die diese Regel verwenden, werden nicht weitergeleitet. Stellen Sie sicher, dass das angezielte Gerät bzw. die angezielten Geräte angeschlossen, korrekt installiert und angeschaltet sind. Stellen Sie außerdem sicher, dass die Gruppe korrekt konfiguriert ist, falls die Weiterleitung an eine Gruppe von Geräten erfolgen soll.
Landes-/Regionskennzahl: "*"
Ortskennzahl: "*"

Record Number: 13186
Source Name: Microsoft Fax
Time Written: 20081129090752.000000+060
Event Type: Warnung
User: 

Computer Name: MD8818
Event Code: 32026
Message: Fehler beim Initialisieren der zugewiesenen Faxgeräte (virtuell oder TAPI) durch den Faxdienst.
Es können keine Faxe gesendet werden, bis ein Faxgerät installiert ist.

Record Number: 13185
Source Name: Microsoft Fax
Time Written: 20081129090752.000000+060
Event Type: Warnung
User: 

Computer Name: MD8818
Event Code: 1800
Message: Der Windows-Sicherheitscenterdienst wurde gestartet.

Record Number: 13184
Source Name: SecurityCenter
Time Written: 20081129090752.000000+060
Event Type: Informationen
User: 

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Programme\QuickTime\QTSystem
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 6, GenuineIntel
"PROCESSOR_REVISION"=0f06
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Programme\Java\jre1.5.0_08\lib\ext\QTJava.zip
"QTJAVA"=C:\Programme\Java\jre1.5.0_08\lib\ext\QTJava.zip

-----------------EOF-----------------

Joe007 · 14.08.2009, 11:56

Und hier die log.txt aus RSIT (ich muss sie leider splitten, passt nicht ganz rein):

Code:

ATTFilter

Logfile of random's system information tool 1.06 (written by random/random)
Run by *** at 2009-08-14 11:25:16
Microsoft Windows XP Professional Service Pack 3
System drive C: has 11 GB (4%) free of 285 GB
Total RAM: 1022 MB (40% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:25:20, on 14.08.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16876)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Sygate\SPF\smc.exe
C:\Programme\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Gemeinsame Dateien\AccSys\accsvc.exe
C:\Programme\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\CyberLink\Shared Files\RichVideo.exe
C:\Programme\Sceneo\Bonavista\Services\PVR\PVRService.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Home Cinema\TV Enhance\Kernel\TV\TVECapSvc.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Programme\SMSC\SetIcon.exe
C:\Programme\Home Cinema\TV Enhance\TVEService.exe
C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe
C:\Programme\QuickTime\qttask.exe
C:\Programme\Home Cinema\TV Enhance\Kernel\TV\TVESched.exe
C:\Programme\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\dllhost.exe
C:\Programme\ScanSoft\PaperPort\pptd40nt.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Programme\Brother\ControlCenter2\brctrcen.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\iPod\bin\iPodService.exe
C:\Programme\OpenOffice.org 2.4\program\soffice.exe
C:\Programme\OpenOffice.org 2.4\program\soffice.BIN
C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
C:\Programme\Lavasoft\Ad-Aware\AAWTray.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Programme\Mozilla Firefox\firefox.exe
C:\Dateien\Downloads\RSIT.exe
C:\Programme\Trend Micro\HijackThis\***.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = h**p://www.arcor.de
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = h**p://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = h**p://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = h**p://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = h**p://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,First Home Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Arcor AG & Co. KG
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.5.0_08\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar3.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Programme\Free Download Manager\iefdmcks.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar3.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programme\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SetIcon] \Programme\SMSC\SetIcon.exe
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Programme\Home Cinema\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [TVEService] "C:\Programme\Home Cinema\TV Enhance\TVEService.exe"
O4 - HKLM\..\Run: [InstantOn] "C:\Programme\CyberLink\PowerCinema Linux\ion_install.exe /c "
O4 - HKLM\..\Run: [wlconfig] "C:\Programme\WLAN Monitor\wlconfig.exe" -autostart
O4 - HKLM\..\Run: [avgnt] "C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programme\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] C:\Programme\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Programme\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [SetDefPrt] C:\Programme\Brother\Brmfl04g\BrStDvPt.exe
O4 - HKLM\..\Run: [ControlCenter2.0] C:\Programme\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Programme\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Programme\OpenOffice.org 2.4\program\quickstart.exe
O8 - Extra context menu item: Alles mit FDM herunterladen - file://C:\Programme\Free Download Manager\dlall.htm
O8 - Extra context menu item: Auswahl mit FDM herunterladen - file://C:\Programme\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Datei mit FDM herunterladen - file://C:\Programme\Free Download Manager\dllink.htm
O8 - Extra context menu item: Download with GetRight - C:\Programme\GetRight\GRdownload.htm
O8 - Extra context menu item: Easy-WebPrint - Drucken - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint - Schnelldruck - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint - Vorschau - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint - Zu Druckliste hinzufügen - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Open with GetRight Browser - C:\Programme\GetRight\GRbrowse.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra button: Internet Radio by Endicosoft.com - {1F958B09-3312-7f0e-9723-4C1324C57B20} - C:\Programme\Internet Radio\Radio.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: @C:\Programme\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Programme\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=h**p://www.aldi.com/
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - h**p://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1160402350437
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - h**p://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1161001832152
O23 - Service: AccSys WiFi Component (accsvc) - AccSys GmbH - C:\Programme\Gemeinsame Dateien\AccSys\accsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Programme\iPod\bin\iPodService.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Programme\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Programme\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Programme\Sygate\SPF\smc.exe
O23 - Service: Sceneo PVR Service (srvcPVR) - Buhl Data Service GmbH - C:\Programme\Sceneo\Bonavista\Services\PVR\PVRService.exe
O23 - Service: TVEnhance Background Capture Service (TBCS) (TVECapSvc) - Unknown owner - C:\Programme\Home Cinema\TV Enhance\Kernel\TV\TVECapSvc.exe
O23 - Service: TVEnhance Task Scheduler (TTS)) (TVESched) - Unknown owner - C:\Programme\Home Cinema\TV Enhance\Kernel\TV\TVESched.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

--
End of file - 9790 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-01-12 63128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Programme\Java\jre1.5.0_08\bin\ssv.dll [2006-07-26 434279]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\programme\google\googletoolbar3.dll [2007-01-20 2427968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
FDMIECookiesBHO Class - C:\Programme\Free Download Manager\iefdmcks.dll [2006-08-20 81920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\programme\google\googletoolbar3.dll [2007-01-20 2427968]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - C:\Programme\Canon\Easy-WebPrint\Toolband.dll [2004-04-16 405504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray"=C:\WINDOWS\ehome\ehtray.exe [2005-09-29 67584]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-10-09 16236032]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2006-10-09 69632]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-10-06 7700480]
"nwiz"=nwiz.exe /install []
"NeroFilterCheck"=C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"SetIcon"=\Programme\SMSC\SetIcon.exe [2004-04-28 42496]
"LanguageShortcut"=C:\Programme\Home Cinema\PowerDVD\Language\Language.exe [2006-05-18 49152]
"TVEService"=C:\Programme\Home Cinema\TV Enhance\TVEService.exe [2006-10-19 151552]
"InstantOn"=C:\Programme\CyberLink\PowerCinema Linux\ion_install.exe [2006-06-21 93640]
"wlconfig"=C:\Programme\WLAN Monitor\wlconfig.exe [2006-03-06 1347584]
"avgnt"=C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe [2008-07-18 266497]
"QuickTime Task"=C:\Programme\QuickTime\qttask.exe [2006-10-25 282624]
"iTunesHelper"=C:\Programme\iTunes\iTunesHelper.exe [2006-10-30 256576]
"SmcService"=C:\PROGRA~1\Sygate\SPF\smc.exe [2004-02-24 2372760]
"SSBkgdUpdate"=C:\Programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2003-10-14 155648]
"PaperPort PTD"=C:\Programme\ScanSoft\PaperPort\pptd40nt.exe [2004-03-09 57393]
"IndexSearch"=C:\Programme\ScanSoft\PaperPort\IndexSearch.exe [2004-03-09 40960]
"SetDefPrt"=C:\Programme\Brother\Brmfl04g\BrStDvPt.exe [2004-11-11 49152]
"ControlCenter2.0"=C:\Programme\Brother\ControlCenter2\brctrcen.exe [2004-11-11 864256]
"Easy-PrintToolBox"=C:\Programme\Canon\Easy-PrintToolBox\BJPSMAIN.EXE [2004-01-14 409600]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BullGuard]
C:\Programme\BullGuard Software\BullGuard\bullguard.exe -boot []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TVBroadcast]
C:\Programme\Sceneo\Bonavista\SERVICES\ODSBC\ODSBCApp.exe [2006-10-20 814080]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"gusvc"=3

C:\Dokumente und Einstellungen\***\Startmenü\Programme\Autostart
OpenOffice.org 2.4.lnk - C:\Programme\OpenOffice.org 2.4\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2006-06-19 702768]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:enabled:Remoteunterstützung"
"C:\Programme\Messenger\msmsgs.exe"="C:\Programme\Messenger\msmsgs.exe:*:enabled:Windows Messenger"
"C:\Programme\MSN Messenger\msnmsgr.exe"="C:\Programme\MSN Messenger\msnmsgr.exe:*:enabled:MSN Messenger"
"C:\WINDOWS\system32\fxsclnt.exe"="C:\WINDOWS\system32\fxsclnt.exe:*:enabled:Microsoft Fax"
"C:\Programme\NetMeeting\Conf.exe"="C:\Programme\NetMeeting\Conf.exe:*:enabled:NetMeeting"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Programme\iTunes\iTunes.exe"="C:\Programme\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Programme\Trillian\trillian.exe"="C:\Programme\Trillian\trillian.exe:*:Enabled:Trillian"
"C:\WINDOWS\system32\usmt\migwiz.exe"="C:\WINDOWS\system32\usmt\migwiz.exe:*:Enabled:Assistent zum Übertragen von Dateien und Einstellungen"
"C:\Programme\WS_FTP\WS_FTP95.exe"="C:\Programme\WS_FTP\WS_FTP95.exe:*:Enabled:WS_FTP 95"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:enabled:Remoteunterstützung"
"C:\Programme\Messenger\msmsgs.exe"="C:\Programme\Messenger\msmsgs.exe:*:enabled:Windows Messenger"
"C:\Programme\MSN Messenger\msnmsgr.exe"="C:\Programme\MSN Messenger\msnmsgr.exe:*:enabled:MSN Messenger"
"C:\WINDOWS\system32\fxsclnt.exe"="C:\WINDOWS\system32\fxsclnt.exe:*:enabled:Microsoft Fax"
"C:\Programme\NetMeeting\Conf.exe"="C:\Programme\NetMeeting\Conf.exe:*:enabled:NetMeeting"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2009-08-14 11:25:16 ----D---- C:\rsit
2009-08-14 10:58:09 ----D---- C:\Programme\CCleaner
2009-08-14 10:40:05 ----AH---- C:\aaw7boot.cmd
2009-08-09 23:18:12 ----D---- C:\WINDOWS\ERDNT
2009-08-09 23:18:10 ----SD---- C:\ComboFix1
2009-08-09 23:17:52 ----D---- C:\Qoobox
2009-08-09 20:13:53 ----D---- C:\WINDOWS\Minidump
2009-08-09 14:30:43 ----D---- C:\Programme\Trend Micro
2009-08-09 09:19:27 ----D---- C:\WINDOWS\pss
2009-08-08 22:19:34 ----A---- C:\WINDOWS\system32\lsdelete.exe
2009-08-08 20:20:42 ----HDC---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{EF63305C-BAD7-4144-9208-D65528260864}
2009-08-08 20:20:31 ----D---- C:\Programme\Lavasoft
2009-08-08 20:20:31 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Lavasoft
2009-07-30 00:31:54 ----HDC---- C:\WINDOWS\$NtUninstallKB973346$
2009-07-30 00:31:48 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
2009-07-30 00:31:11 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2009-07-30 00:29:29 ----HDC---- C:\WINDOWS\$NtUninstallKB961371$
2009-07-22 10:26:45 ----D---- C:\Dokumente und Einstellungen\***\Anwendungsdaten\GetRight
2009-07-22 10:26:33 ----D---- C:\Programme\GetRight

======List of files/folders modified in the last 1 months======

2009-08-14 11:09:09 ----D---- C:\Programme\Mozilla Firefox
2009-08-14 11:06:15 ----D---- C:\WINDOWS\Temp
2009-08-14 11:06:15 ----D---- C:\WINDOWS\Debug
2009-08-14 11:06:15 ----D---- C:\WINDOWS
2009-08-14 10:58:09 ----RD---- C:\Programme
2009-08-14 10:36:34 ----A---- C:\WINDOWS\NeroDigital.ini
2009-08-14 10:36:21 ----D---- C:\WINDOWS\system32
2009-08-14 10:36:06 ----D---- C:\Dokumente und Einstellungen\***\Anwendungsdaten\OpenOffice.org2
2009-08-14 10:35:26 ----D---- C:\WINDOWS\Registration
2009-08-14 10:35:16 ----D---- C:\Programme\WLAN Monitor
2009-08-14 10:35:10 ----D---- C:\WINDOWS\system32\CatRoot2
2009-08-13 23:59:36 ----N---- C:\WINDOWS\SchedLgU.Txt
2009-08-13 21:56:51 ----D---- C:\Programme\AntiVir PersonalEdition Classic
2009-08-13 21:56:49 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AntiVir PersonalEdition Classic
2009-08-13 10:52:13 ----D---- C:\WINDOWS\Prefetch
2009-08-11 23:19:54 ----D---- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Free Download Manager
2009-08-09 09:55:12 ----RASH---- C:\boot.ini
2009-08-09 09:55:12 ----A---- C:\WINDOWS\win.ini
2009-08-09 09:55:12 ----A---- C:\WINDOWS\system.ini
2009-08-08 20:21:44 ----HD---- C:\WINDOWS\inf
2009-08-08 20:21:44 ----D---- C:\WINDOWS\system32\drivers
2009-08-08 20:21:39 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-08-08 20:21:35 ----SD---- C:\WINDOWS\Tasks
2009-08-08 20:20:42 ----D---- C:\Config.Msi
2009-08-08 20:20:41 ----SHD---- C:\WINDOWS\Installer
2009-08-08 20:20:25 ----D---- C:\WINDOWS\WinSxS
2009-08-03 01:05:22 ----D---- C:\Programme\Trillian
2009-08-01 00:20:02 ----D---- C:\Dokumente und Einstellungen\***\Anwendungsdaten\BOM
2009-07-31 21:56:06 ----D---- C:\Dateien
2009-07-31 09:01:34 ----D---- C:\Programme\Biet-O-Matic
2009-07-30 00:31:53 ----HD---- C:\WINDOWS\$hf_mig$
2009-07-30 00:31:50 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-07-30 00:31:37 ----D---- C:\WINDOWS\system32\de-de
2009-07-30 00:31:37 ----D---- C:\Programme\Internet Explorer
2009-07-29 17:13:27 ----A---- C:\WINDOWS\BRWMARK.INI
2009-07-22 10:29:23 ----D---- C:\Downloads
2009-07-19 15:25:34 ----A---- C:\WINDOWS\system32\mshtml.dll
2009-07-19 15:25:30 ----A---- C:\WINDOWS\system32\ieframe.dll

Joe007 · 14.08.2009, 11:57

hier der Rest von der log.txt:

Code:

ATTFilter

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Programme\AntiVir PersonalEdition Classic\avgio.sys []
R1 intelppm;Intel-Prozessortreiber; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40448]
R1 kbdhid;Tastatur-HID-Treiber; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
R1 wpsdrvnt;wpsdrvnt; \??\C:\WINDOWS\system32\drivers\wpsdrvnt.sys []
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.10.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2006-10-23 21275]
R2 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2006-03-06 32512]
R2 wg3n;SyGate for NT, wg3n; C:\WINDOWS\SYSTEM32\Drivers\wg3n.sys [2004-02-02 11914]
R3 3xHybrid;Philips SAA713x PCI Card; C:\WINDOWS\system32\DRIVERS\3xHybrid.sys [2006-10-10 1105664]
R3 Arp1394;1394-ARP-Clientprotokoll; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 avgntflt;avgntflt; \??\C:\Programme\AntiVir PersonalEdition Classic\avgntflt.sys []
R3 FETND5BV;VIA Rhine-Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2006-03-15 43008]
R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2006-09-19 15664]
R3 HDAudBus;Microsoft UAA-Bustreiber für High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-10-09 4381696]
R3 NIC1394;1394-Netzwerktreiber; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-10-06 3992608]
R3 usbehci;Miniporttreiber für erweiterten Microsoft USB 2.0-Hostcontroller; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Microsoft USB-Standardhubtreiber; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbstor;USB-Massenspeichertreiber; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Miniporttreiber für universellen Microsoft USB-Hostcontroller; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 X10Hid;X10 Hid Device; C:\WINDOWS\System32\Drivers\x10hid.sys [2005-11-28 7040]
R3 XUIF;X10 USB Wireless Transceiver; C:\WINDOWS\System32\Drivers\x10ufx2.sys [2005-05-19 17792]
S3 BrScnUsb;Brother USB Still Image driver; C:\WINDOWS\System32\Drivers\BrScnUsb.sys [2004-10-15 15295]
S3 CCDECODE;Untertiteldecoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 DMSKSSRh;DMSKSSRh; \??\C:\DOKUME~1\***\LOKALE~1\Temp\DMSKSSRh.sys []
S3 FETNDIS;VIA PCI 10/100-MBit/s-Fast Ethernetadapter-NT-Treiber; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 HidUsb;Microsoft HID Class-Treiber; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 MHNDRV;MHN-Treiber; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]
S3 mouhid;Maus-HID-Treiber; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-18 12288]
S3 MPE;BDA MPE-Filter; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI-Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV-/Videoverbindung; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 RT73;RT73 USB Wireless LAN Card Driver; C:\WINDOWS\system32\DRIVERS\rt73.sys [2006-06-08 344064]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA-IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbccgp;Microsoft Standard-USB-Haupttreiber; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Microsoft USB-Druckerklasse; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 WSTCODEC;World Standard Teletext-Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 accsvc;AccSys WiFi Component; C:\Programme\Gemeinsame Dateien\AccSys\accsvc.exe [2006-01-11 147456]
R2 AntiVirScheduler;AntiVir PersonalEdition Classic Planer; C:\Programme\AntiVir PersonalEdition Classic\sched.exe [2008-10-25 68865]
R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2006-10-09 237568]
R2 ehSched;Media Center-Planerdienst; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 102912]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Programme\Lavasoft\Ad-Aware\AAWService.exe [2009-07-03 1029456]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe [2006-04-24 73728]
R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]
R2 MDM;Machine Debug Manager; C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-10-06 159810]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Programme\CyberLink\Shared Files\RichVideo.exe [2006-10-19 262247]
R2 SmcService;Sygate Personal Firewall; C:\Programme\Sygate\SPF\smc.exe [2004-02-24 2372760]
R2 srvcPVR;Sceneo PVR Service; C:\Programme\Sceneo\Bonavista\Services\PVR\PVRService.exe [2006-10-24 1441280]
R2 TVECapSvc;TVEnhance Background Capture Service (TBCS); C:\Programme\Home Cinema\TV Enhance\Kernel\TV\TVECapSvc.exe [2006-10-19 282709]
R2 TVESched;TVEnhance Task Scheduler (TTS)); C:\Programme\Home Cinema\TV Enhance\Kernel\TV\TVESched.exe [2006-10-19 122971]
R2 x10nets;X10 Device Network Service; C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe [2001-11-12 20480]
R3 AntiVirService;AntiVir PersonalEdition Classic Guard; C:\Programme\AntiVir PersonalEdition Classic\avguard.exe [2008-10-25 151297]
R3 iPod Service;iPod Service; C:\Programme\iPod\bin\iPodService.exe [2006-10-30 492608]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800]
S3 aspnet_state;ASP.NET-Zustandsdienst; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-04-13 33632]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-04-13 68952]
S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-08-03 38912]
S3 usnsvc;Messenger Sharing USN Journal Reader-Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 WMConnectCDS;Windows Media Connect-Dienst; C:\Programme\Windows Media Connect 2\wmccds.exe [2005-10-06 856064]
S4 gusvc;Google Updater Service; C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-01-31 138168]

-----------------EOF-----------------

bei der info.txt habe ich folgende Abkürzungen verwendet (beim ersten Mal aber immer voll ausgeschrieben):
SfWXP = Sicherheitsupdate für Windows XP,
SfWMP = Sicherheitsupdate für Windows Media Player,
SfWIE = Sicherheitsupdate für Windows Internet Explorer,
UfWXP = Update für Windows XP

So ist mein aktueller Stand. Ich komme nicht mehr weiter und würde mich freuen, wenn ihr mir helfen könntet.

Danke und viele Grüße
Joe

Chris4You · 14.08.2009, 12:28

Hi,

schweres Geschützt:

Combofix
Lade ComboFix (im Downloadidalog bereits auf test.com umbenennen) von http://download.bleepingcomputer.com/sUBs/ComboFix.exe und speichere es auf den Desktop.
Alle Fenster schliessen und combofix.exe starten und bestätige die folgende Abfrage mit 1 und drücke Enter.

Der Scan mit Combofix kann einige Zeit in Anspruch nehmen, also habe etwas Geduld. Während des Scans bitte nichts am Rechner unternehmen
Es kann möglich sein, dass der Rechner zwischendurch neu gestartet wird.
Nach Scanende wird ein Report angezeigt, den bitte kopieren und in deinem Thread einfuegen.
Weitere Anleitung unter:http://www.bleepingcomputer.com/comb...x-benutzt-wird
Hinweis: unter : C:\WINDOWS\erdnt
wird ein Backup angelegt.

Danach MAM:
Malwarebytes Antimalware (MAM).
Anleitung&Download hier: http://www.trojaner-board.de/51187-m...i-malware.html
Fullscan und alles bereinigen lassen! Log posten.

Gmer:
http://www.trojaner-board.de/74908-a...t-scanner.html
Den Downloadlink findest Du links oben (www.gmer.net/files), dort dann
auf den Button "Download EXE", dabei wird ein zufälliger Name generiert (den und den Pfad wo Du sie gespeichert hast bitte merken).
Starte GMER und schaue, ob es schon was meldet. Macht es das, bitte alle Fragen mit "nein" beantworten, auf den Reiter "rootkit" gehen, wiederum die Frage mit "nein" beantworten und mit Hilfe von copy den Bericht in den Thread einfügen. Meldet es so nichts, gehe auf den Reiter Rootkit und mache einen Scan. Ist dieser beendet, wähle Copy und füge den Bericht ein.

chris

Joe007 · 14.08.2009, 14:22

Danke Chris!

Habe jetzt schon mal Combofix laufen lassen, hier die log.txt (ist viel zu groß zum einbetten, ich muss sie in 5 Teilen posten, sry):

Code:

ATTFilter

ComboFix 09-08-10.06 - *** 14.08.2009 14:55.1.2 - NTFSx86
Microsoft Windows XP Professional  5.1.2600.3.1252.49.1031.18.1022.657 [GMT 2:00]
ausgeführt von:: c:\dokumente und einstellungen\***\Desktop\test.com
AV: Avira AntiVir PersonalEdition *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) {85EC5DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) {86145DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) {86225C04-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) {864F4C7C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Outdated) {00000000-0000-0000-0000-000000000000}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {00000246-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {00000246-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {0871AAA0-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85C9F054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85CD7DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85CF3874-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D0426C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D2CDDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D2D054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D3FDDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D4C694-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85DAA404-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85DAE4FC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85DB5DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85DB8CE4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85DC9CE4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85DD5054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85DE3054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85DE6654-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85DEACE4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85DF5DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85DF896C-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85DFA054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85DFA96C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85DFE054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E0B5E4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E1EDDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E21DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E32A6C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E3FDDC-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E57054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E5E29C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E66A3C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E8FDDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E93054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EA6DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EABDDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EB8DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EC1844-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85ED2DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85ED3824-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EE5054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EE6594-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EE75FC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EE8DDC-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EED96C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EF0AD4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EF1814-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EFDDDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EFE4D4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EFF74C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F01A7C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F054FC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F074D4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F0F054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F12684-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F12AAC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F2798C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F37C24-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F46054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F49DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F6CDDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F6F34C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F7A664-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F7C314-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85FA5B64-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85FAAA64-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85FADDDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85FDAAD4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85FE0DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86020A1C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8604EBD4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8608AC0C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86095A7C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8609C374-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860AD1AC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860AF734-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860B8DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860BA054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860BEA6C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860C1944-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860C9054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860C92C4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860CB054-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860CD484-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860D239C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860D4054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860D7C2C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860DA20C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860DFA44-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860E7054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860E7A74-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860EC32C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860ECC14-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860F5314-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860FAA8C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860FB054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860FDDDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86104DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8610852C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86111C8C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8611333C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86116DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8611ADDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8611F054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8611F434-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8611F524-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8611F5A4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8612344C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8612440C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86125054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8612BDDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8612D054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86132054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86136DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8613734C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86138054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861381A4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861392AC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8613C6B4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8613D50C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86141054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8614139C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86141794-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86143054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86144054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86144DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8614BDDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8614D2F4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8614D96C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8614ECBC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8614F2F4-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86150054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8615397C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86154A64-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8615545C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86155B5C-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86158DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8615C2F4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8615D39C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8615F2F4-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86163DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8616427C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861643BC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8616AA3C-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8616C39C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8616D054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8616D394-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8616EDDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8616EDDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8616F054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86170054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861713C4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86172054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86172DDC-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86174264-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86175054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86175B4C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8617656C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8617D054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86183DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86184DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86186804-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86188054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8618A054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8618D234-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8618EC14-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86191054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86198DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8619B25C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8619C2A4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8619E714-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861A096C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861A0DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861A2BFC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861A3DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861AE6DC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861AF054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861B139C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861B3A6C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861B7DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861C0324-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861C0B4C-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861C1DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861C2054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861C3C2C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861C62CC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861CB96C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861CC7CC-FFA4-00DE-0D24-347CA8A3377C}
(...)

Joe007 · 14.08.2009, 14:23

Teil 2 vom Combofix log.txt:

Code:

ATTFilter

(...)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861D0CE4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861D2A6C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861D4344-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861D5DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861DC42C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861DCBD4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861E23DC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861E49AC-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861E5DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861E6B24-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861E6DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861E7B4C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861E7C4C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861EA424-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861EB054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861F439C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861F5CBC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861F8054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861FB4C4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861FCCE4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {861FEDDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86201DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86203624-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86204DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86206854-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86206DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8620796C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86208DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8620A33C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8620DC2C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8621139C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86213DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862152F4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86217C0C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86218054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8621CC04-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8621EDDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8621F36C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8621F4FC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8621F5AC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86220874-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86221324-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862219A4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8622439C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86225A74-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8622797C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86229364-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8622957C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86229DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8622A464-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8622A6CC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8622ADDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8622D37C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8622EC04-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8622EDDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862325FC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86232784-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86234054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86234C6C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862376AC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8623836C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86238C04-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862392CC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86239DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8623CDDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8623F234-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86242464-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86243A14-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86244054-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862451BC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862456B4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86246284-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86246DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862491F4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86249434-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8624ABF4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8624D45C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8624D88C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8624E38C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8624FDDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8624FDDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86250324-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86256DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862599FC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8625B054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8625BDDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8625C054-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8625C2AC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8625D34C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8625D544-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8625DDDC-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8625F054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8625F274-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86260DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86262B4C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86263054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86264C44-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86265394-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8626637C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86266DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8626740C-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86268C0C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86269DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8626ADDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8626BDDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8626D6C4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8626DDDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8626E3EC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8626F61C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86270AB4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86271054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862727AC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86275184-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8627528C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86276DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86279A6C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86279D8C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86279DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8627C57C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8627CBAC-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8627D3C4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8627D554-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8627DDB4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8627EDDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86280314-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8628161C-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86281C04-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86284054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86285C04-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8628BDDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8628C5E4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8628CDDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8628E3C4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8628E484-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86291D54-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862923C4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86294DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8629548C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86295DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86296A6C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86296DDC-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8629738C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86298A8C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86299494-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86299BFC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8629B944-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8629D62C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8629DA94-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862A0994-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862A0DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862A36AC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862A3DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862A4274-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862A4DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862A5CE4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862A836C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862A8374-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862AADDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862AB3DC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862ACDDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862ACDDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862AE51C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862AFA6C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862B03EC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862B43F4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862B684C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862B6DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862B85FC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862BADDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862BBC34-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862BEA8C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862BF054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862BF39C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862C074C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862C4DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862C789C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862C9DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862CA36C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862CBDDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862CC284-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862CC38C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862CD29C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862CDA74-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862CE7A4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862CE8F4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862D1DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862D267C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862D2DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862D5DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862D6324-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862D650C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862D6584-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862D6C9C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862D75FC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862D8434-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862D866C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862D868C-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862DF30C-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862E3054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862E58F4-FFA4-00EF-0D24-347CA8A3377C}
(...)

Joe007 · 14.08.2009, 14:24

Teil 3 vom Combofix log.txt:

Code:

ATTFilter

(...)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862E59F4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862E6D8C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862E8974-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862E8A14-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862E997C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862EA39C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862EB87C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862EBDDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862EC324-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862ECDDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862EDB54-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862EE60C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862EF404-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862EF4F4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862EF96C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862F0DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862F2544-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862F2554-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862F62CC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862F7B04-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862F7DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862F879C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862F8DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862FA764-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862FB4AC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862FEC6C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {862FFDDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86300434-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8630184C-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86302DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86305264-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863055F4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86306AAC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8630866C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86308BE4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86308DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8630A28C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8630A96C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8630DD14-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8630E324-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8631230C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86313A7C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86313DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86314D44-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863155FC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86315DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8631780C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8631F054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863226C4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86322B9C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86322BC4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86323334-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8632429C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863242AC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86324A4C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8632540C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8632656C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8632955C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8632BDDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8632D1D4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8632D1F4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8632E38C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8632E5BC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8632EDDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8632F444-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86330DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86332DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86334054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863358EC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86336DDC-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863385E4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86338DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86338DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8633B054-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8633B24C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8633CBCC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8633D9E4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8633DAD4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8633DDDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863405FC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86340CA4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86340DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86343054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86343784-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86344054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8634437C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8634437C-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86344C3C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86344DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86345DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86346C44-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86347DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8634894C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8634C7EC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8634CA24-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8634E594-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8634EDDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8634F054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8634FC04-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8635026C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863512F4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8635272C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8635341C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86354054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86354054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863544C4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863567EC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8635687C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8635736C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86359054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86359604-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86359854-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863599B4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8635A054-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8635ACA4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8635B4B4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8635CB74-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8635D054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8635E444-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8635EB24-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86361DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86362B14-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86363054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8636668C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86368DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8636A054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8636ADDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8636E054-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86370054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863713D4-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86371DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8637356C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86373D14-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86373DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863744A4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86377C24-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8637B054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8637B63C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8637D1A4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8637E484-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8637EDDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8637F694-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8637FDDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863812FC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86381CCC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86385054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863852D4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86385DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863864DC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86388054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8638863C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86388DDC-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8638ABEC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8638ADDC-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8638E2AC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8638E3AC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8638F69C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8638FC9C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863908E4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8639697C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863996F4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86399714-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8639A344-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8639B58C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8639CBC4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8639EDDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863A05AC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863A2604-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863A27FC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863A3904-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863A4474-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863A52A4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863A572C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863A5C3C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863A6054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863A623C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863A7054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863A7DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863A9BE4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863AADDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863AEDDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863B0BF4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863B1C6C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863B3054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863B4C04-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863B548C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863B7C9C-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863B86DC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863B9054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863BACA4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863BB2CC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863BBDDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863BCDDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863BD054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863BEDB4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863C463C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863C671C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863C935C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863CC9B4-FFA4-00EF-0D24-347CA8A3377C}
(...)

Joe007 · 14.08.2009, 14:25

Teil 4 vom Combofix-log.txt:

Code:

ATTFilter

(...)
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863D5054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863DF654-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863E1054-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863E13A4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863ED924-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863EDDDC-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863F0DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863F2C74-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863F5054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863F67C4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863F8054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863FC054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {863FD2E4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86412054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86412DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864181E4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86422D9C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8642627C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86428464-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864307EC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86433D0C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86438DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86444DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8644679C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864496EC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8644CBCC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86451524-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864525C4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8645459C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8645571C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86458054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86459054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86462054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86462054-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8646872C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8646BDDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8646DCE4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86470344-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86470664-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86472A94-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86476134-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8647A5FC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8647F9C4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864815A4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86486054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8648666C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864868CC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8648DD4C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86490054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8649444C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8649499C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86499054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8649B664-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8649BDDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8649FDDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864A6DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864B1CDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864B3054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864B7054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864B96EC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864BD054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864C2DDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864C465C-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864C6A44-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864C7054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864D076C-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864D29C4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864D5DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864D6054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864DBC74-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864DD98C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864E5054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864E5744-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864EBDDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864EC3AC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864ECDDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864ECDDC-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864EDDDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864F034C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864F3054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864F9054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864FB3DC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86500054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86503054-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {865087C4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8650977C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8650ABEC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8650B054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8650C4A4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8650CC9C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86511DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8651BDDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86542054-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8654FDB4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8655EDDC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8655F7D4-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86563274-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {865685D4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8656BBEC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8656E4FC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8656FB04-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8657043C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86571DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86573314-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86573974-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86574054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8657419C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86575054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8657572C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8657750C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {865784AC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86578A6C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86578A6C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {865795D4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8657A724-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8657E1E4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8657E7A4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86581C0C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86582324-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86582494-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86583504-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86584054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86584974-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8658AB5C-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8658C424-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8658C6EC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86590DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86594C0C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8659D29C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {865B31FC-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {865BDBD4-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {865DCDDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86641BD4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8667F374-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8668D7EC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8669D22C-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866E7054-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {866FFCB4-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86739474-FFA4-00DE-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86757DDC-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86767054-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {B9A93C84-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {BADB0D00-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {F78B8540-FFA4-00EF-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {FFDFF540-FFA4-00EF-0D24-347CA8A3377C}
 * Neuer Wiederherstellungspunkt wurde erstellt
.

((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\Installer\2f943ca.msi
c:\windows\kb913800.exe
c:\windows\system\msvbvm60.dll
c:\windows\system32\drivers\npf.sys
c:\windows\system32\drivers\SKYNETwoxxyakl.sys
c:\windows\system32\drivers\UACnhcallhhkc.sys
c:\windows\system32\Packet.dll
c:\windows\system32\SKYNETecsvgklq.dat
c:\windows\system32\SKYNETtpaupuoi.dll
c:\windows\system32\SKYNETvpedoasn.dat
c:\windows\system32\SKYNETvrqxgnpp.dll
c:\windows\system32\UACedrpvpbktv.dll
c:\windows\system32\UACgvpfibkshf.dll
c:\windows\system32\uacinit.dll
c:\windows\system32\UACjmmpcsquof.dll
c:\windows\system32\UACksjivkjscl.db
c:\windows\system32\UAClwjndpnfoc.dll
c:\windows\system32\UACouhcehbdot.dat
c:\windows\system32\UACpjsixnpvbe.dll
c:\windows\system32\WanPacket.dll
c:\windows\system32\wpcap.dll

.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_SKYNETgwkixipw
-------\Legacy_SKYNETgwkixipw
-------\Service_UACd.sys
-------\Legacy_UACd.sys
-------\Legacy_NPF
-------\Service_NPF


(((((((((((((((((((((((   Dateien erstellt von 2009-07-14 bis 2009-08-14  ))))))))))))))))))))))))))))))
.

2009-08-14 09:25 . 2009-08-14 09:25	--------	d-----w-	C:\rsit
2009-08-14 08:58 . 2009-08-14 08:58	--------	d-----w-	c:\programme\CCleaner
2009-08-09 21:18 . 2009-08-09 21:20	--------	d-s---w-	C:\ComboFix1
2009-08-09 12:30 . 2009-08-09 12:30	--------	d-----w-	c:\programme\Trend Micro
2009-08-08 20:19 . 2009-07-03 14:49	15688	----a-w-	c:\windows\system32\lsdelete.exe
2009-08-08 18:21 . 2009-07-03 14:49	64160	----a-w-	c:\windows\system32\drivers\Lbd.sys
2009-08-08 18:20 . 2009-08-08 18:20	--------	dc-h--w-	c:\dokume~1\ALLUSE~1\ANWEND~1\{EF63305C-BAD7-4144-9208-D65528260864}
2009-08-08 18:20 . 2009-08-08 18:21	--------	d-----w-	c:\dokume~1\ALLUSE~1\ANWEND~1\Lavasoft
2009-08-08 18:20 . 2009-08-08 18:20	--------	d-----w-	c:\programme\Lavasoft
2009-07-22 08:26 . 2009-07-23 21:31	--------	d-----w-	c:\dokumente und einstellungen\***\Anwendungsdaten\GetRight
2009-07-22 08:26 . 2009-07-22 08:41	--------	d-----w-	c:\programme\GetRight
(...)

Joe007 · 14.08.2009, 14:26

...und Teil 5 der Combofix log.txt:

Code:

ATTFilter

(...)

.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-08-14 13:05 . 2006-12-03 18:11	--------	d-----w-	c:\dokumente und einstellungen\***\Anwendungsdaten\OpenOffice.org2
2009-08-14 13:05 . 2006-12-11 21:52	--------	d-----w-	c:\programme\WLAN Monitor
2009-08-14 09:09 . 2007-11-05 07:05	169936	----a-w-	c:\dokumente und einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\a3oos0kq.default\FlashGot.exe
2009-08-13 19:56 . 2006-12-15 21:32	--------	d-----w-	c:\dokume~1\ALLUSE~1\ANWEND~1\AntiVir PersonalEdition Classic
2009-08-12 07:06 . 2007-10-22 06:15	1	----a-w-	c:\dokumente und einstellungen\***\Anwendungsdaten\OpenOffice.org2\user\uno_packages\cache\stamp.sys
2009-08-11 21:19 . 2007-01-23 17:40	--------	d-----w-	c:\dokumente und einstellungen\***\Anwendungsdaten\Free Download Manager
2009-08-02 23:05 . 2006-12-15 22:18	--------	d-----w-	c:\programme\Trillian
2009-07-31 22:20 . 2008-03-11 09:13	--------	d-----w-	c:\dokumente und einstellungen\***\Anwendungsdaten\BOM
2009-07-31 07:01 . 2008-03-11 09:11	--------	d-----w-	c:\programme\Biet-O-Matic
2009-07-16 19:56 . 2006-09-29 11:56	55616	----a-w-	c:\dokumente und einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\GDIPFONTCACHEV1.DAT
2009-06-29 15:55 . 2006-03-24 12:00	827392	----a-w-	c:\windows\system32\wininet.dll
2009-06-29 15:55 . 2006-03-24 12:00	78336	----a-w-	c:\windows\system32\ieencode.dll
2009-06-29 15:55 . 2006-03-24 12:00	17408	------w-	c:\windows\system32\corpol.dll
2009-06-27 20:42 . 2006-12-02 14:21	6212	----a-w-	c:\dokumente und einstellungen\***\Anwendungsdaten\wklnhst.dat
2009-06-27 16:04 . 2008-09-20 09:00	--------	d-----w-	c:\programme\OpenOffice.org 2.4
2009-06-27 16:01 . 2009-06-16 20:33	--------	d-----w-	c:\programme\OpenOffice.org 3
2009-06-27 12:47 . 2009-06-16 20:37	1	----a-w-	c:\dokumente und einstellungen\***\Anwendungsdaten\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2009-06-16 20:36 . 2009-06-16 20:36	--------	d-----w-	c:\dokumente und einstellungen\***\Anwendungsdaten\OpenOffice.org
2009-06-16 14:36 . 2006-03-24 12:00	81920	----a-w-	c:\windows\system32\fontsub.dll
2009-06-16 14:36 . 2006-03-24 12:00	119808	----a-w-	c:\windows\system32\t2embed.dll
2009-06-03 19:09 . 2006-03-24 12:00	1296896	----a-w-	c:\windows\system32\quartz.dll
2009-05-31 19:52 . 2009-05-31 19:50	1915520	----a-w-	c:\dokumente und einstellungen\***\Anwendungsdaten\Macromedia\Flash Player\w*w.macromedia.com\bin\fpupdateax\fpupdateax.exe
2009-05-27 17:07 . 2007-04-21 13:09	75096	----a-w-	c:\windows\system32\drivers\avipbb.sys
2002-03-11 08:06 . 2002-03-11 08:06	1822520	----a-w-	c:\programme\instmsiw.exe
2002-03-11 07:45 . 2002-03-11 07:45	1708856	----a-w-	c:\programme\instmsia.exe
2009-02-24 09:16 . 2006-12-05 07:26	67688	----a-w-	c:\programme\mozilla firefox\components\jar50.dll
2009-02-24 09:16 . 2006-12-05 07:26	54368	----a-w-	c:\programme\mozilla firefox\components\jsd3250.dll
2009-02-24 09:16 . 2006-12-05 07:26	34944	----a-w-	c:\programme\mozilla firefox\components\myspell.dll
2009-02-24 09:16 . 2006-12-05 07:26	46712	----a-w-	c:\programme\mozilla firefox\components\spellchk.dll
2009-02-24 09:16 . 2006-12-05 07:26	172136	----a-w-	c:\programme\mozilla firefox\components\xpinstal.dll
2007-01-23 19:40 . 2007-01-23 19:40	56	--sh--r-	c:\windows\system32\1114386310.sys
2006-10-09 11:55 . 2006-10-09 11:55	8	--sh--r-	c:\windows\system32\EC23ACB85A.sys
2007-01-23 19:40 . 2006-10-09 11:55	9708	--sha-w-	c:\windows\system32\KGyGaAvL.sys
.

((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-29 67584]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-06 7700480]
"NeroFilterCheck"="c:\programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"SetIcon"="\Programme\SMSC\SetIcon.exe" [2004-04-28 42496]
"LanguageShortcut"="c:\programme\Home Cinema\PowerDVD\Language\Language.exe" [2006-05-18 49152]
"TVEService"="c:\programme\Home Cinema\TV Enhance\TVEService.exe" [2006-10-19 151552]
"InstantOn"="c:\programme\CyberLink\PowerCinema Linux\ion_install.exe" [2006-06-21 93640]
"wlconfig"="c:\programme\WLAN Monitor\wlconfig.exe" [2006-03-06 1347584]
"avgnt"="c:\programme\AntiVir PersonalEdition Classic\avgnt.exe" [2008-07-18 266497]
"QuickTime Task"="c:\programme\QuickTime\qttask.exe" [2006-10-25 282624]
"iTunesHelper"="c:\programme\iTunes\iTunesHelper.exe" [2006-10-30 256576]
"SmcService"="c:\progra~1\Sygate\SPF\smc.exe" [2004-02-24 2372760]
"SSBkgdUpdate"="c:\programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-10-14 155648]
"PaperPort PTD"="c:\programme\ScanSoft\PaperPort\pptd40nt.exe" [2004-03-09 57393]
"IndexSearch"="c:\programme\ScanSoft\PaperPort\IndexSearch.exe" [2004-03-09 40960]
"SetDefPrt"="c:\programme\Brother\Brmfl04g\BrStDvPt.exe" [2004-11-11 49152]
"ControlCenter2.0"="c:\programme\Brother\ControlCenter2\brctrcen.exe" [2004-11-11 864256]
"Easy-PrintToolBox"="c:\programme\Canon\Easy-PrintToolBox\BJPSMAIN.EXE" [2004-01-14 409600]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2006-10-09 16236032]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2006-10-06 1617920]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\dokumente und einstellungen\***\Startmen\Programme\Autostart\
OpenOffice.org 2.4.lnk - c:\programme\OpenOffice.org 2.4\program\quickstart.exe [2008-1-21 393216]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"gusvc"=3 (0x3)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Programme\\Messenger\\msmsgs.exe"=
"c:\\Programme\\MSN Messenger\\msnmsgr.exe"=
"c:\\WINDOWS\\system32\\fxsclnt.exe"=
"c:\\Programme\\NetMeeting\\Conf.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programme\\iTunes\\iTunes.exe"=
"c:\\Programme\\Trillian\\trillian.exe"=
"c:\\WINDOWS\\system32\\usmt\\migwiz.exe"=
"c:\\Programme\\WS_FTP\\WS_FTP95.exe"=
"%windir%\\system32\\sessmgr.exe"=

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [08.08.2009 20:21 64160]
R0 xfilt;VIA SATA IDE Hot-plug Driver;c:\windows\system32\drivers\xfilt.sys [10.10.2006 17:06 11264]
R2 accsvc;AccSys WiFi Component;c:\programme\Gemeinsame Dateien\AccSys\accsvc.exe [11.12.2006 23:52 147456]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\programme\Lavasoft\Ad-Aware\AAWService.exe [03.07.2009 16:49 1029456]
R2 srvcPVR;Sceneo PVR Service;c:\programme\Sceneo\Bonavista\Services\PVR\pvrservice.exe [31.10.2006 14:16 1441280]
R2 TVECapSvc;TVEnhance Background Capture Service (TBCS);c:\programme\Home Cinema\TV Enhance\Kernel\TV\TVECapSvc.exe [23.10.2006 12:50 282709]
R2 TVESched;TVEnhance Task Scheduler (TTS));c:\programme\Home Cinema\TV Enhance\Kernel\TV\TVESched.exe [23.10.2006 12:50 122971]
R3 3xHybrid;Philips SAA713x PCI Card;c:\windows\system32\drivers\3xHybrid.sys [17.10.2006 12:28 1105664]
R3 X10Hid;X10 Hid Device;c:\windows\system32\drivers\x10hid.sys [23.10.2006 12:37 7040]
S3 DMSKSSRh;DMSKSSRh;\??\c:\dokume~1\***\LOKALE~1\Temp\DMSKSSRh.sys --> c:\dokume~1\***\LOKALE~1\Temp\DMSKSSRh.sys [?]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = about:blank
mWindow Title = Arcor AG & Co. KG
IE: Alles mit FDM herunterladen - file://c:\programme\Free Download Manager\dlall.htm
IE: Auswahl mit FDM herunterladen - file://c:\programme\Free Download Manager\dlselected.htm
IE: Datei mit FDM herunterladen - file://c:\programme\Free Download Manager\dllink.htm
IE: Download with GetRight - c:\programme\GetRight\GRdownload.htm
IE: Easy-WebPrint - Drucken - c:\programme\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
IE: Easy-WebPrint - Schnelldruck - c:\programme\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
IE: Easy-WebPrint - Vorschau - c:\programme\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
IE: Easy-WebPrint - Zu Druckliste hinzufügen - c:\programme\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
IE: Nach Microsoft &Excel exportieren - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: Open with GetRight Browser - c:\programme\GetRight\GRbrowse.htm
IE: {{1F958B09-3312-7f0e-9723-4C1324C57B20} - c:\programme\Internet Radio\Radio.exe
FF - ProfilePath - c:\dokume~1\***\ANWEND~1\Mozilla\Firefox\Profiles\a3oos0kq.default\
FF - prefs.js: browser.startup.homepage - about:blank
FF - component: c:\programme\Free Download Manager\Firefox\Extension\components\component.dll
FF - component: c:\programme\Mozilla Firefox\components\xpinstal.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, h**p://www.gmer.net
Rootkit scan 2009-08-14 15:05
Windows 5.1.2600 Service Pack 3 NTFS

Scanne versteckte Prozesse... 

Scanne versteckte Autostarteinträge... 

Scanne versteckte Dateien... 

Scan erfolgreich abgeschlossen
versteckte Dateien: 0

**************************************************************************
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------

- - - - - - - > 'explorer.exe'(1636)
c:\windows\system32\SSSensor.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\programme\Sygate\SPF\Smc.exe
c:\programme\AntiVir PersonalEdition Classic\sched.exe
c:\windows\ehome\ehrecvr.exe
c:\windows\ehome\ehSched.exe
c:\programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
c:\programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\system32\nvsvc32.exe
c:\programme\CyberLink\Shared Files\RichVideo.exe
c:\programme\Common Files\X10\Common\X10nets.exe
c:\windows\ehome\mcrdsvc.exe
c:\windows\system32\dllhost.exe
c:\windows\system32\wbem\unsecapp.exe
c:\programme\SMSC\SetIcon.exe
c:\windows\ehome\ehmsas.exe
c:\programme\OpenOffice.org 2.4\program\soffice.exe
c:\programme\OpenOffice.org 2.4\program\soffice.bin
c:\programme\iPod\bin\iPodService.exe
c:\programme\Lavasoft\Ad-Aware\AAWTray.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2009-08-14 15:13 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2009-08-14 13:13

Vor Suchlauf: 14 Verzeichnis(se), 10.937.266.176 Bytes frei
Nach Suchlauf: 14 Verzeichnis(se), 11.670.523.904 Bytes frei

WindowsXP-KB310994-SP2-Pro-BootDisk-DEU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect

953	--- E O F ---	2009-07-29 22:31

mache jetzt mit MAM weiter und melde mich wieder...

Chris4You · 14.08.2009, 14:44

Hi,

Skynetrootkit und Konsorten, sollte auch noch was von MAM gefunden werden...

chris

Joe007 · 14.08.2009, 15:49

so, gerade fertig.
stimmt, er hat noch 12 infizierte files gefunden...

mbam-log:

Code:

ATTFilter

Malwarebytes' Anti-Malware 1.40
Datenbank Version: 2623
Windows 5.1.2600 Service Pack 3

14.08.2009 16:46:08
mbam-log-2009-08-14 (16-46-08).txt

Scan-Methode: Vollständiger Scan (C:\|D:\|)
Durchsuchte Objekte: 293830
Laufzeit: 1 hour(s), 6 minute(s), 26 second(s)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 12

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
C:\Qoobox\Quarantine\C\WINDOWS\system32\UACedrpvpbktv.dll.vir (Rogue.Agent) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\UACgvpfibkshf.dll.vir (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\UAClwjndpnfoc.dll.vir (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\UACpjsixnpvbe.dll.vir (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\SKYNETwoxxyakl.sys.vir (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\UACnhcallhhkc.sys.vir (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{BDB02021-8C9D-4BD9-BAB5-977838CC146D}\RP891\A0077783.sys (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{BDB02021-8C9D-4BD9-BAB5-977838CC146D}\RP891\A0077786.sys (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{BDB02021-8C9D-4BD9-BAB5-977838CC146D}\RP891\A0077787.dll (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{BDB02021-8C9D-4BD9-BAB5-977838CC146D}\RP891\A0077788.dll (Rogue.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{BDB02021-8C9D-4BD9-BAB5-977838CC146D}\RP891\A0077790.dll (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{BDB02021-8C9D-4BD9-BAB5-977838CC146D}\RP891\A0077791.dll (Trojan.TDSS) -> Quarantined and deleted successfully.

fehlt noch gmer, kommt als nächstes dran...

Joe007 · 14.08.2009, 16:39

GMER brachte beim Starten keine Meldungen. Habe dann den Scan angestoßen, allerdings hat sich dann anscheinend ein Windows-Service o.ä. aufgehängt, GMER war nicht mehr geöffnet, die Firewal meldete einen geänderten Windows service.exe und ich glaube der Windows Explorer wurde neu gestartet.
GMER läuft jetzt nochmal durch...

Joe007 · 14.08.2009, 18:37

hmmm, weiß nicht, woran es liegt, habe es jetzt noch 2 mal versucht, aber nach ner Zeit hängt sich Windows immer auf. ("Das System wird nach einem schwerwiegenden Fehler wieder ausgeführt."...)
Windows öffnet dann eine Microsoft-Seite, auf der steht:

Zitat:

Problem verursacht durch: Device Driver
Diese Meldung wurde angezeigt, weil ein auf dem Computer installierter Gerätetreiber eine Störung des Windows-Betriebssystems verursacht hat. Dieser Fehlertyp wird als „STOP-Fehler“ bezeichnet. Beim Auftreten eines STOP-Fehlers ist ein Neustart des Computers erforderlich.

weiß jetzt auch nicht so recht, woran es liegen könnte.

habe gerade nochmal Adaware (intelligenter Systemscan) drüber laufen lassen und nichts mehr gefunden, schon mal ein gutes Zeichen.
Werde jetzt Windows nochmal neu starten und nochmal mein Glück mit GMER versuchen - und das log-File dann ggf. heute Nacht posten.

edit: mir werden gerade einige neue Windows-Updates angezeigt, werde die mal vorher noch runterladen und installieren...

Chris4You · 15.08.2009, 07:39

Hi,

bitte GMER im abgesicherten Modus ausführen...

Wenn GMER nicht läuft:

Avira-Antirootkit
Downloade Avira Antirootkit und Scanne dein system, poste das logfile.
http://dl.antivir.de/down/windows/antivir_rootkit.zip

Auf jeden Fall die folgenden Sachen:
Systemwiederherstellung löschen
BSI-Faltblattt (http://www.bsi.de/literat/faltbl/F24VirenundCo.htm) und dort unter Viren entfernen
Wenn der Rechner einwandfrei läuft abschließend alle Systemwiederherstellungspunkte löschen lassen(das sind die: C:\System Volume Information\_restore - Dateien die gefunden wurden, d.h. der Trojaner wurde mit gesichert und wenn Du auf einen Restorepunkt zurück gehen solltest, dann ist er wieder da) wie folgt:

Arbeitsplatz ->rechte Maus -> Eigenschaften -> Systemwiederherstellung ->
anhaken: "Systemwiederherstellung auf allen Laufwerken deaktivieren" -> Übernehmen -> Sicherheitsabfrage OK -> Fenster mit OK schliessen -> neu Booten;

Dann das gleiche nochmal nur das Häkchen entfernen (dann läuft sie wieder).

Einen ersten Restorepunkt setzten:
Start->Programme->Zubehör->Systemprogramme->Systemwiederherstellung->einen Wiederherstellungspunkt erstellen->weiter, Beschreibung ausdenken->Erstellen

Prevx:
http://www.prevx.com/freescan.asp
Falls das Tool was findet, nicht das Log posten sondern einen Screenshot des dann angezeigten Fensters...

Dann nochmal ein neues RSIT-Log!

chris

Werde Virus/Trojaner nicht los - vermtl. Win32.Trojan.Tdss

Log-Analyse und Auswertung: Werde Virus/Trojaner nicht los - vermtl. Win32.Trojan.Tdss