Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Antimaleware-Doctor-Attacke und troj/FakeAV-***

Antimaleware-Doctor-Attacke und troj/FakeAV-***


Plagegeister aller Art und deren Bekämpfung: Antimaleware-Doctor-Attacke und troj/FakeAV-***

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Seite 2 von 4 1 2 34
Alt 01.05.2010, 23:54   #16
mäander
 
Antimaleware-Doctor-Attacke und troj/FakeAV-*** - Standard

Antimaleware-Doctor-Attacke und troj/FakeAV-***


sieht nicht so aus, als wäre alles weg, oder?
lg
anke

SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com

Generated 05/01/2010 at 11:12 PM

Application Version : 4.36.1006

Core Rules Database Version : 4877
Trace Rules Database Version: 2689

Scan type : Complete Scan
Total Scan Time : 02:15:20

Memory items scanned : 505
Memory threats detected : 0
Registry items scanned : 6094
Registry threats detected : 0
File items scanned : 123242
File threats detected : 15

Adware.Tracking Cookie
C:\Dokumente und Einstellungen\***\Cookies\***@adfarm1.adition[1].txt
C:\Dokumente und Einstellungen\***\Cookies\***@atdmt[2].txt
C:\Dokumente und Einstellungen\***\Cookies\***@bs.serving-sys[1].txt
C:\Dokumente und Einstellungen\***\Cookies\***@doubleclick[1].txt
C:\Dokumente und Einstellungen\***\Cookies\***@msnportal.112.2o7[1].txt
C:\Dokumente und Einstellungen\***\Cookies\***@serving-sys[1].txt

Trojan.Agent/Gen
C:\QOOBOX\QUARANTINE\C\DOKUMENTE UND EINSTELLUNGEN\ALL USERS\ANWENDUNGSDATEN\7IAXK8NI.EXE.VIR
C:\SYSTEM VOLUME INFORMATION\_RESTORE{5CAB3290-8584-4F85-A167-5FBD4764C68D}\RP1153\A0776344.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{5CAB3290-8584-4F85-A167-5FBD4764C68D}\RP1154\A0776977.EXE
C:\_OTL\MOVEDFILES\05012010_003745\C_WINDOWS\SYSTEM32\YOUJA_.DLL

Adware.Vundo/Variant-Slider
C:\SYSTEM VOLUME INFORMATION\_RESTORE{5CAB3290-8584-4F85-A167-5FBD4764C68D}\RP1151\A0774404.DLL

Trojan.Agent/Gen-Nullo[Short]
C:\SYSTEM VOLUME INFORMATION\_RESTORE{5CAB3290-8584-4F85-A167-5FBD4764C68D}\RP1152\A0774722.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{5CAB3290-8584-4F85-A167-5FBD4764C68D}\RP1152\A0774724.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{5CAB3290-8584-4F85-A167-5FBD4764C68D}\RP1152\A0774725.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{5CAB3290-8584-4F85-A167-5FBD4764C68D}\RP1152\A0774726.EXE


Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4057

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.11

02.05.2010 00:45:42
mbam-log-2010-05-02 (00-45-42).txt

Scan type: Full scan (C:\|)
Objects scanned: 267677
Time elapsed: 59 minute(s), 35 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
Geändert von mäander (01.05.2010 um 23:56 Uhr) Grund: sterne vergessen

Alt 03.05.2010, 07:40   #17
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Antimaleware-Doctor-Attacke und troj/FakeAV-*** - Standard

Antimaleware-Doctor-Attacke und troj/FakeAV-***


Da waren nur noch einige Reste, die entfernt wurden. Rechner wieder ok?
__________________

__________________
Alt 03.05.2010, 17:28   #18
mäander
 
Antimaleware-Doctor-Attacke und troj/FakeAV-*** - Standard

Antimaleware-Doctor-Attacke und troj/FakeAV-***


nein, leider nicht ...
Der Browser versucht sich immer noch mit irgendwas zu verbinden, sieht man unten in der Leiste, und dieses lästige Popup-Fenster kommt auch immer noch. Heute morgen ist auch der IE wieder von allein aufgegangen.

Also die ganze Prozedur nochmal?? In welcher Reihenfolge? Oder hilft das jetzt auch nicht mehr weiter?

vg
anke

PS.: Ach ja, sophos hat heute morgen dies angezeigt: Mal/obfJS-CM in h**p://ticimat.com
__________________
Alt 03.05.2010, 18:09   #19
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Antimaleware-Doctor-Attacke und troj/FakeAV-*** - Standard

Antimaleware-Doctor-Attacke und troj/FakeAV-***


Die Dinger werden immer hartnäckiger...
Mach bitte Logs mit OSAM und GMER und poste sie.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 04.05.2010, 06:44   #20
mäander
 
Antimaleware-Doctor-Attacke und troj/FakeAV-*** - Standard

Antimaleware-Doctor-Attacke und troj/FakeAV-***


Hier schon mal das log von OSAM, mit dem GMER tut sich mein Rechner schwer, zweimal wurde der Vorgang gestoppt, weil ich (nach 3 Stunden!) schauen wollte, ob er fertig ist. Dann habe ich es über Nacht laufen lassen, da hat er sich aber auch aufgehängt, konnte kein log mehr sichern. Gibt es noch einAlternative?

vg
anke

Report of OSAM: Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 19:23:55 on 03.05.2010

OS: Windows XP Home Edition Service Pack 3 (Build 2600)
Default Browser: Microsoft Corporation Internet Explorer 7.00.6000.17023

Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures

Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries


[Common]
-----( %SystemRoot%\Tasks )-----
"AppleSoftwareUpdate.job" - "Apple Inc." - C:\Programme\Apple Software Update\SoftwareUpdate.exe
"At1.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At10.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At100.job" - ? - C:\Dokumente und Einstellungen\a1\Lokale Einstellungen\Anwendungsdaten\kks637.exe (File found, but it contains no detailed information)
"At101.job" - ? - C:\Dokumente und Einstellungen\a1\Lokale Einstellungen\Anwendungsdaten\kks637.exe (File found, but it contains no detailed information)
"At102.job" - ? - C:\Dokumente und Einstellungen\a1\Lokale Einstellungen\Anwendungsdaten\kks637.exe (File found, but it contains no detailed information)
"At103.job" - ? - C:\Dokumente und Einstellungen\a1\Lokale Einstellungen\Anwendungsdaten\kks637.exe (File found, but it contains no detailed information)
"At104.job" - ? - C:\Dokumente und Einstellungen\a1\Lokale Einstellungen\Anwendungsdaten\kks637.exe (File found, but it contains no detailed information)
"At105.job" - ? - C:\Dokumente und Einstellungen\a1\Lokale Einstellungen\Anwendungsdaten\kks637.exe (File found, but it contains no detailed information)
"At106.job" - ? - C:\Dokumente und Einstellungen\a1\Lokale Einstellungen\Anwendungsdaten\kks637.exe (File found, but it contains no detailed information)
"At107.job" - ? - C:\Dokumente und Einstellungen\a1\Lokale Einstellungen\Anwendungsdaten\kks637.exe (File found, but it contains no detailed information)
"At108.job" - ? - C:\Dokumente und Einstellungen\a1\Lokale Einstellungen\Anwendungsdaten\kks637.exe (File found, but it contains no detailed information)
"At109.job" - ? - C:\Dokumente und Einstellungen\a1\Lokale Einstellungen\Anwendungsdaten\kks637.exe (File found, but it contains no detailed information)
"At11.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At110.job" - ? - C:\Dokumente und Einstellungen\a1\Lokale Einstellungen\Anwendungsdaten\kks637.exe (File found, but it contains no detailed information)
"At111.job" - ? - C:\Dokumente und Einstellungen\a1\Lokale Einstellungen\Anwendungsdaten\kks637.exe (File found, but it contains no detailed information)
"At112.job" - ? - C:\Dokumente und Einstellungen\a1\Lokale Einstellungen\Anwendungsdaten\kks637.exe (File found, but it contains no detailed information)
"At113.job" - ? - C:\Dokumente und Einstellungen\a1\Lokale Einstellungen\Anwendungsdaten\kks637.exe (File found, but it contains no detailed information)
"At114.job" - ? - C:\Dokumente und Einstellungen\a1\Lokale Einstellungen\Anwendungsdaten\kks637.exe (File found, but it contains no detailed information)
"At115.job" - ? - C:\Dokumente und Einstellungen\a1\Lokale Einstellungen\Anwendungsdaten\kks637.exe (File found, but it contains no detailed information)
"At116.job" - ? - C:\Dokumente und Einstellungen\a1\Lokale Einstellungen\Anwendungsdaten\kks637.exe (File found, but it contains no detailed information)
"At117.job" - ? - C:\Dokumente und Einstellungen\a1\Lokale Einstellungen\Anwendungsdaten\kks637.exe (File found, but it contains no detailed information)
"At118.job" - ? - C:\Dokumente und Einstellungen\a1\Lokale Einstellungen\Anwendungsdaten\kks637.exe (File found, but it contains no detailed information)
"At119.job" - ? - C:\Dokumente und Einstellungen\a1\Lokale Einstellungen\Anwendungsdaten\kks637.exe (File found, but it contains no detailed information)
"At12.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At120.job" - ? - C:\Dokumente und Einstellungen\a1\Lokale Einstellungen\Anwendungsdaten\kks637.exe (File found, but it contains no detailed information)
"At121.job" - ? - C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\kks637.exe (File found, but it contains no detailed information)
"At122.job" - ? - C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\kks637.exe (File found, but it contains no detailed information)
"At123.job" - ? - C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\kks637.exe (File found, but it contains no detailed information)
"At124.job" - ? - C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\kks637.exe (File found, but it contains no detailed information)
"At125.job" - ? - C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\kks637.exe (File found, but it contains no detailed information)
"At126.job" - ? - C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\kks637.exe (File found, but it contains no detailed information)
"At127.job" - ? - C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\kks637.exe (File found, but it contains no detailed information)
"At128.job" - ? - C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\kks637.exe (File found, but it contains no detailed information)
"At129.job" - ? - C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\kks637.exe (File found, but it contains no detailed information)
"At13.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At130.job" - ? - C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\kks637.exe (File found, but it contains no detailed information)
"At131.job" - ? - C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\kks637.exe (File found, but it contains no detailed information)
"At132.job" - ? - C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\kks637.exe (File found, but it contains no detailed information)
"At133.job" - ? - C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\kks637.exe (File found, but it contains no detailed information)
"At134.job" - ? - C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\kks637.exe (File found, but it contains no detailed information)
"At135.job" - ? - C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\kks637.exe (File found, but it contains no detailed information)
"At136.job" - ? - C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\kks637.exe (File found, but it contains no detailed information)
"At137.job" - ? - C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\kks637.exe (File found, but it contains no detailed information)
"At138.job" - ? - C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\kks637.exe (File found, but it contains no detailed information)
"At139.job" - ? - C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\kks637.exe (File found, but it contains no detailed information)
"At14.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At140.job" - ? - C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\kks637.exe (File found, but it contains no detailed information)
"At141.job" - ? - C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\kks637.exe (File found, but it contains no detailed information)
"At142.job" - ? - C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\kks637.exe (File found, but it contains no detailed information)
"At143.job" - ? - C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\kks637.exe (File found, but it contains no detailed information)
"At144.job" - ? - C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\kks637.exe (File found, but it contains no detailed information)
"At15.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At16.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At17.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At18.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At19.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At2.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At20.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At21.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At22.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At23.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At24.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At25.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At26.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At27.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At28.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At29.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At3.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At30.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At31.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At32.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At33.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At34.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At35.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At36.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At37.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At38.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At39.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At4.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At40.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At41.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At42.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At43.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At44.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At45.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At46.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At47.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At48.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At49.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
"At5.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At50.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
"At51.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
"At52.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
"At53.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
"At54.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
"At55.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
"At56.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
"At57.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
"At58.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
"At59.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
"At6.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At60.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
"At61.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
"At62.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
"At63.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
"At64.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
"At65.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
"At66.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
"At67.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
"At68.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
"At69.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
"At7.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At70.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
"At71.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
"At72.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
"At73.job" - ? - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\7iaXk8nI.exe (File found, but it contains no detailed information)
"At74.job" - ? - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\7iaXk8nI.exe (File found, but it contains no detailed information)
"At75.job" - ? - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\7iaXk8nI.exe (File found, but it contains no detailed information)
"At76.job" - ? - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\7iaXk8nI.exe (File found, but it contains no detailed information)
"At77.job" - ? - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\7iaXk8nI.exe (File found, but it contains no detailed information)
"At78.job" - ? - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\7iaXk8nI.exe (File found, but it contains no detailed information)
"At79.job" - ? - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\7iaXk8nI.exe (File found, but it contains no detailed information)
"At8.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At80.job" - ? - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\7iaXk8nI.exe (File found, but it contains no detailed information)
"At81.job" - ? - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\7iaXk8nI.exe (File found, but it contains no detailed information)
"At82.job" - ? - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\7iaXk8nI.exe (File found, but it contains no detailed information)
"At83.job" - ? - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\7iaXk8nI.exe (File found, but it contains no detailed information)
"At84.job" - ? - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\7iaXk8nI.exe (File found, but it contains no detailed information)
"At85.job" - ? - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\7iaXk8nI.exe (File found, but it contains no detailed information)
"At86.job" - ? - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\7iaXk8nI.exe (File found, but it contains no detailed information)
"At87.job" - ? - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\7iaXk8nI.exe (File found, but it contains no detailed information)
"At88.job" - ? - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\7iaXk8nI.exe (File found, but it contains no detailed information)
"At89.job" - ? - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\7iaXk8nI.exe (File found, but it contains no detailed information)
"At9.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At90.job" - ? - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\7iaXk8nI.exe (File found, but it contains no detailed information)
"At91.job" - ? - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\7iaXk8nI.exe (File found, but it contains no detailed information)
"At92.job" - ? - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\7iaXk8nI.exe (File found, but it contains no detailed information)
"At93.job" - ? - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\7iaXk8nI.exe (File found, but it contains no detailed information)
"At94.job" - ? - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\7iaXk8nI.exe (File found, but it contains no detailed information)
"At95.job" - ? - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\7iaXk8nI.exe (File found, but it contains no detailed information)
"At96.job" - ? - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\7iaXk8nI.exe (File found, but it contains no detailed information)
"At97.job" - ? - C:\Dokumente und Einstellungen\a1\Lokale Einstellungen\Anwendungsdaten\kks637.exe (File found, but it contains no detailed information)
"At98.job" - ? - C:\Dokumente und Einstellungen\a1\Lokale Einstellungen\Anwendungsdaten\kks637.exe (File found, but it contains no detailed information)
"At99.job" - ? - C:\Dokumente und Einstellungen\a1\Lokale Einstellungen\Anwendungsdaten\kks637.exe (File found, but it contains no detailed information)

[Control Panel Objects]
-----( %SystemRoot%\system32 )-----
"btcpl.cpl" - "Broadcom Corporation." - C:\WINDOWS\system32\btcpl.cpl
"javacpl.cpl" - "Sun Microsystems, Inc." - C:\WINDOWS\system32\javacpl.cpl
"MagicKBD.cpl" - "SAMSUNG Electronics Co., Ltd." - C:\WINDOWS\system32\MagicKBD.cpl
"nvtuicpl.cpl" - "NVIDIA Corporation" - C:\WINDOWS\system32\nvtuicpl.cpl
"pdfSaver.cpl" - "Tracker Software Products" - C:\WINDOWS\system32\pdfSaver.cpl
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )-----
"QuickTime" - "Apple Inc." - C:\Programme\QuickTime\QTSystem\QuickTime.cpl
"SMAX4CP" - "Analog Devices, Inc." - C:\Programme\Analog Devices\SoundMAX\SMax4.cpl
"SRSCpl" - "SRS Labs, Inc." - C:\Programme\SRS Labs\WOWXT and TSXT Driver\srscpl.cpl

[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"ACEDRV08" (ACEDRV08) - "Protect Software GmbH" - C:\WINDOWS\system32\drivers\ACEDRV08.sys
"Apple Mobile USB Driver" (USBAAPL) - ? - C:\WINDOWS\System32\Drivers\usbaapl.sys (File not found)
"ASCTRM" (ASCTRM) - ? - C:\WINDOWS\system32\drivers\ASCTRM.sys (File not found)
"atksgt" (atksgt) - ? - C:\WINDOWS\System32\DRIVERS\atksgt.sys (File found, but it contains no detailed information)
"B.H.A Storage Helper Driver" (BsStor) - "Cyberlink Co.,Ltd." - C:\WINDOWS\system32\drivers\BsStor.sys
"B.H.A UDF Filesystem" (BsUDF) - "CyberLink Corporation." - C:\WINDOWS\system32\drivers\BsUDF.sys
"Belkin USB 2.0 to Fast Ethernet Adapter" (AX88172) - "ASIX Electronics Corp." - C:\WINDOWS\System32\DRIVERS\AX88172.sys
"Bluetooth Serial Driver" (BTSERIAL) - "Broadcom Corporation." - C:\WINDOWS\system32\drivers\btserial.sys
"Bluetooth-Audiogerät" (btaudio) - "Broadcom Corporation." - C:\WINDOWS\System32\drivers\btaudio.sys
"Bluetooth-Bus-Enumerator" (BTKRNL) - "Broadcom Corporation." - C:\WINDOWS\System32\DRIVERS\btkrnl.sys
"Bluetooth-LAN-Zugangsserver" (BTWDNDIS) - "Broadcom Corporation." - C:\WINDOWS\System32\DRIVERS\btwdndis.sys
"catchme" (catchme) - ? - C:\cofi\catchme.sys (File not found)
"Changer" (Changer) - ? - C:\WINDOWS\system32\drivers\Changer.sys (File not found)
"Cisco Systems Inc. IPSec Driver" (CVPNDRVA) - "Cisco Systems, Inc." - C:\WINDOWS\system32\Drivers\CVPNDRVA.sys
"FBAPI" (FBAPI) - ? - C:\WINDOWS\system32\drivers\FBAPI.sys (File found, but it contains no detailed information)
"ialm" (ialm) - "Intel Corporation" - C:\WINDOWS\System32\DRIVERS\ialmnt5.sys
"lbrtfdc" (lbrtfdc) - ? - C:\WINDOWS\system32\drivers\lbrtfdc.sys (File not found)
"lirsgt" (lirsgt) - ? - C:\WINDOWS\System32\DRIVERS\lirsgt.sys (File found, but it contains no detailed information)
"MEMIO" (DOSMEMIO) - ? - C:\WINDOWS\system32\MEMIO.SYS (File found, but it contains no detailed information)
"PCIDump" (PCIDump) - ? - C:\WINDOWS\system32\drivers\PCIDump.sys (File not found)
"PDCOMP" (PDCOMP) - ? - C:\WINDOWS\system32\drivers\PDCOMP.sys (File not found)
"PDFRAME" (PDFRAME) - ? - C:\WINDOWS\system32\drivers\PDFRAME.sys (File not found)
"PDRELI" (PDRELI) - ? - C:\WINDOWS\system32\drivers\PDRELI.sys (File not found)
"PDRFRAME" (PDRFRAME) - ? - C:\WINDOWS\system32\drivers\PDRFRAME.sys (File not found)
"PxHelp20" (PxHelp20) - "Sonic Solutions" - C:\WINDOWS\System32\Drivers\PxHelp20.sys
"RITCPT" (RITCPT) - ? - C:\WINDOWS\system32\drivers\RITCPT.sys (File found, but it contains no detailed information)
"SASDIFSV" (SASDIFSV) - "SUPERAdBlocker.com and SUPERAntiSpyware.com" - C:\Programme\SUPERAntiSpyware\SASDIFSV.SYS
"SASKUTIL" (SASKUTIL) - "SUPERAdBlocker.com and SUPERAntiSpyware.com" - C:\Programme\SUPERAntiSpyware\SASKUTIL.SYS
"SUE NDIS Protocol Driver" (SUEPD) - "Samsung" - C:\WINDOWS\System32\DRIVERS\SUE_PD.sys
"Upper Class Filter Driver" (NTIDrvr) - "NewTech Infosystems, Inc." - C:\WINDOWS\System32\DRIVERS\NTIDrvr.sys
"Virtueller Bluetooth-Kommunikationstreiber" (BTDriver) - "Broadcom Corporation." - C:\WINDOWS\System32\DRIVERS\btport.sys
"vsdatant" (vsdatant) - "Zone Labs LLC" - C:\WINDOWS\system32\vsdatant.sys
"WDICA" (WDICA) - ? - C:\WINDOWS\system32\drivers\WDICA.sys (File not found)
"WIDCOMM USB Bluetooth Driver" (BTWUSB) - "Broadcom Corporation." - C:\WINDOWS\System32\Drivers\btwusb.sys
"WOW XT Filter Driver" (wowfilter) - ? - C:\WINDOWS\System32\drivers\wowfilter.sys

[Explorer]
-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----
{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Programme\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll
-----( HKLM\Software\Classes\Protocols\Filter )-----
{807563E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
-----( HKLM\Software\Classes\Protocols\Handler )-----
{32505114-5902-49B2-880A-1F7738E5A384} "Data Page Plugable Protocal mso-offdap11 Handler" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBCOM~1\11\OWC11.DLL
{3D9F03FA-7A94-11D3-BE81-0050048385D1} "Data Page Pluggable Protocol mso-offdap Handler" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBCOM~1\10\OWC10.DLL
{314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll
{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
{828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
{0A9007C0-4076-11D3-8789-0000F8105754} "Microsoft Infotech Storage Protocol for IE 4.0" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\MSITSS.DLL
{828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks )-----
{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} "SABShellExecuteHook Class" - "SuperAdBlocker.com" - C:\Programme\SUPERAntiSpyware\SASSEH.DLL
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} "Acrobat Elements Context Menu" - "Adobe Systems Inc." - C:\Programme\Adobe\Acrobat 7.0\Acrobat Elements\ContextMenu.dll
{6af09ec9-b429-11d4-a1fb-0090960218cb} "Bluetooth-Umgebung" - "Broadcom Corporation." - C:\WINDOWS\system32\btneighborhood.dll
{A3A1D8A1-006D-4B93-BA27-6F6B4C9C4F1D} "ContextMenuHandler Class" - "Sophos Plc" - c:\Programme\Sophos\Sophos Anti-Virus\SavShellExt.dll
{42071714-76d4-11d1-8b24-00a0c9068ff3} "CPL-Erweiterung für Anzeigeverschiebung" - ? - deskpan.dll (File not found)
{1CDB2949-8F65-4355-8456-263E7C208A5D} "Desktop Explorer" - "NVIDIA Corporation" - C:\WINDOWS\system32\nvshell.dll
{1E9B04FB-F9E5-4718-997B-B8DA88302A47} "Desktop Explorer Menu" - "NVIDIA Corporation" - C:\WINDOWS\system32\nvshell.dll
{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} "iTunes" - "Apple Inc." - C:\Programme\iTunes\iTunesMiniPlayer.dll
{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} "Kontextmenü für die Verschlüsselung" - ? - (File not found | COM-object registry key not found)
{42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Programme\Microsoft Office\Office12\msohevi.dll
{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\OFFICE12\msoshext.dll
{00020D75-0000-0000-C000-000000000046} "Microsoft Office Outlook" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\OFFICE11\MLSHEXT.DLL
{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\OFFICE12\msoshext.dll
{afc638f0-e8a4-11ce-9ade-00aa00a42d2e} "MS TrueType File Properties" - "Microsoft Corporation" - C:\Programme\OpenType Extension\TTFExtNT.dll
{1E9B04FB-F9E5-4718-997B-B8DA88302A48} "nView Desktop Context Menu" - "NVIDIA Corporation" - C:\WINDOWS\system32\nvshell.dll
{0006F045-0000-0000-C000-000000000046} "Outlook-Dateisymbolerweiterung" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\OFFICE11\OLKFSTUB.DLL
{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} "RealOne Player Context Menu Class" - "RealNetworks, Inc." - C:\Program Files\Real\RealPlayer\rpshell.dll
{764BF0E1-F219-11ce-972D-00AA00A14F56} "Shellerweiterungen für die Dateikomprimierung" - ? - (File not found | COM-object registry key not found)
{BDEADF00-C265-11D0-BCED-00A0C90AB50F} "Web Folders" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\MSONSEXT.DLL
{B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - ? - C:\Programme\WinRAR\rarext.dll

[Internet Explorer]
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
<binary data> "Adobe PDF" - "Adobe Systems Incorporated" - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
<binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found)
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} "Java Plug-in 1.5.0" - "Sun Microsystems, Inc." - C:\Programme\Java\jre1.5.0\bin\npjpi150.dll / hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab
{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} "Java Plug-in 1.6.0_01" - "Sun Microsystems, Inc." - C:\Programme\Java\jre1.6.0_01\bin\npjpi160_01.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} "Java Plug-in 1.6.0_02" - "Sun Microsystems, Inc." - C:\Programme\Java\jre1.6.0_02\bin\npjpi160_02.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} "Java Plug-in 1.6.0_03" - "Sun Microsystems, Inc." - C:\Programme\Java\jre1.6.0_03\bin\npjpi160_03.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} "Java Plug-in 1.6.0_05" - "Sun Microsystems, Inc." - C:\Programme\Java\jre1.6.0_05\bin\npjpi160_05.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} "Java Plug-in 1.6.0_07" - "Sun Microsystems, Inc." - C:\Programme\Java\jre1.6.0_07\bin\npjpi160_07.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_11" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_11.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} "Java Plug-in 1.6.0_11" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_11.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_11" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_11.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
"@btrez.dll,-4015" - ? - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm
"ICQ6" - "ICQ, LLC." - C:\Programme\ICQ6.5\ICQ.exe
{FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Recherchieren" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )-----
<binary data> "Adobe PDF" - "Adobe Systems Incorporated" - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} "Easy-WebPrint" - ? - C:\Programme\Canon\Easy-WebPrint\Toolband.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{AE7CD045-E861-484f-8273-0445EE161910} "Adobe PDF Conversion Toolbar Helper" - "Adobe Systems Incorporated" - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\jp2ssv.dll
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} "Java(tm) Plug-In SSV Helper" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\ssv.dll
{E7E6F031-17CE-4C07-BC86-EABFE594F69C} "JQSIEStartDetectorImpl Class" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
{3049C3E9-B461-4BC5-8870-4C09146192CA} "RealPlayer Download and Record Plugin for Internet Explorer" - "RealPlayer" - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
{39EA7695-B3F2-4C44-A4BC-297ADA8FD235} "Sophos Web Content Scanner" - "Sophos Plc" - c:\Programme\Sophos\Sophos Anti-Virus\SophosBHO.dll
{5C255C8A-E604-49b4-9D64-90988571CECB} "{5C255C8A-E604-49b4-9D64-90988571CECB}" - ? - (File not found | COM-object registry key not found)

[Logon]
-----( %AllUsersProfile%\Startmenü\Programme\Autostart )-----
"Adobe Acrobat - Schnellstart.lnk" - "Adobe Systems Incorporated" - C:\Programme\Adobe\Acrobat 7.0\Acrobat\acrobat_sl.exe (Shortcut exists | File exists)
"Adobe Gamma Loader.lnk" - "Adobe Systems, Inc." - C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe (Shortcut exists | File exists)
"Adobe Reader - Schnellstart.lnk" - "Adobe Systems Incorporated" - C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Shortcut exists | File exists)
"AutoUpdate Monitor.lnk" - "Sophos Plc" - C:\Programme\Sophos\AutoUpdate\ALMon.exe (Shortcut exists | File exists)
"desktop.ini" - ? - C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\desktop.ini
"MindManager PDF Writer.lnk" - "Tracker Software Products" - C:\Programme\Mindjet\MindManager 5\sys\PDF\GER\W2K\PDFSaver.exe (Shortcut exists | File exists)
"BTTray.lnk" - "Broadcom Corporation." - C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe (Shortcut exists | File exists)
"VPN Client.lnk" - "Cisco Systems, Inc." - C:\Programme\Cisco Systems\VPN Client\vpngui.exe (Shortcut exists | File exists)
-----( %UserProfile%\Startmenü\Programme\Autostart )-----
"desktop.ini" - ? - C:\Dokumente und Einstellungen\a1\Startmenü\Programme\Autostart\desktop.ini
-----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )-----
"SUPERAntiSpyware" - ? - C:\Programme\SUPERAntiSpyware\SUPERAntiSpyware.exe (File found, but it contains no detailed information)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"Acrobat Assistant 7.0" - ? - "C:\Programme\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" (File found, but it contains no detailed information)
"AVStation Premium 3.75" - ? - C:\Programme\Samsung\AVStation Premium 3.75\AVSAgent.exe (File not found)
"B'sCLiP" - ? - C:\PROGRA~1\CYBERL~1\INSTAN~1\Win2K\IBurn.exe (File not found)
"BatteryManager" - ? - C:\Programme\Samsung\Samsung Battery Manager\BatteryManager.exe (File not found)
"CanonMyPrinter" - "CANON INC." - C:\Programme\Canon\MyPrinter\BJMyPrt.exe /logon
"CanonSolutionMenu" - "CANON INC." - C:\Programme\Canon\SolutionMenu\CNSLMAIN.exe /logon
"DisplayManager" - ? - C:\Programme\Samsung\DisplayManager\DMLoader.exe (File found, but it contains no detailed information)
"Easy-PrintToolBox" - "CANON INC." - C:\Programme\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
"IJNetworkScanUtility" - ? - C:\Programme\Canon\Canon IJ Network Scan Utility\CNMNSUT .exe (File found, but it contains no detailed information)
"iTunesHelper" - ? - "C:\Programme\iTunes\iTunesHelper.exe" (File found, but it contains no detailed information)
"MagicKeyboard" - ? - C:\Programme\SAMSUNG\MagicKBD\PreMKBD.exe (File not found)
"nwiz" - "NVIDIA Corporation" - nwiz.exe /install
"QuickTime Task" - "Apple Inc." - "C:\Programme\QuickTime\QTTask .exe" -atboottime
"RemoteControl" - ? - C:\Programme\CyberLink\PowerDVD\PDVDServ.exe (File not found)
"RestoreIT!" - ? - "C:\Programme\Phoenix Technologies Ltd\RecoverPro_XP\VBPTASK.EXE" VBStart (File not found)
"SoundMAXPnP" - ? - C:\Programme\Analog Devices\Core\smax4pnp.exe (File found, but it contains no detailed information)
"SunJavaUpdateSched" - ? - "C:\Programme\Java\jre6\bin\jusched.exe" (File not found)
"SynTPEnh" - ? - C:\Programme\Synaptics\SynTP\SynTPEnh.exe (File not found)
"TkBellExe" - ? - "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot (File found, but it contains no detailed information)
"Verknüpfung mit der High Definition Audio-Eigenschaftenseite" - ? - HDAShCut.exe (File not found)

[Print Monitors]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )-----
"Adobe PDF Port" - "Adobe Systems Incorporated." - C:\WINDOWS\system32\AdobePDF.dll
"Bluetooth-Druckeranschluss" - "Broadcom Corporation." - C:\WINDOWS\system32\bthcrp.dll
"Canon BJNP Port" - "CANON INC." - C:\WINDOWS\system32\CNMNPPM.DLL
"Microsoft Document Imaging Writer Monitor" - "Microsoft Corporation" - C:\WINDOWS\system32\mdimon.dll
"PDF-XChange" - "Tracker Software" - C:\WINDOWS\system32\pxc25pm.dll

[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"Anwendungsverwaltung" (AppMgmt) - ? - C:\WINDOWS\System32\appmgmts.dll (File not found)
"Bluetooth Service" (btwdins) - "Broadcom Corporation." - C:\Programme\WIDCOMM\Bluetooth Software\bin\btwdins.exe
"Cisco Systems, Inc. VPN Service" (CVPND) - "Cisco Systems, Inc." - C:\Programme\Cisco Systems\VPN Client\cvpnd.exe
"Cyberlink RichVideo Service(CRVS)" (RichVideo) - ? - C:\Programme\CyberLink\Shared Files\RichVideo.exe
"Google Updater Service" (gusvc) - "Google" - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
"InstallDriver Table Manager" (IDriverT) - "Macrovision Corporation" - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1150\Intel 32\IDriverT.exe
"iPod-Dienst" (iPod Service) - "Apple Inc." - C:\Programme\iPod\bin\iPodService.exe
"Java Quick Starter" (JavaQuickStarterService) - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\jqs.exe
"LightScribeService Direct Disc Labeling Service" (LightScribeService) - "Hewlett-Packard Company" - C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
"Machine Debug Manager" (MDM) - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
"Microsoft Office Diagnostics Service" (odserv) - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE
"Office Source Engine" (ose) - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
"Samsung Update Plus" (Samsung Update Plus) - ? - C:\Programme\Samsung\Samsung Update Plus\SLUBackgroundService.exe (File found, but it contains no detailed information)
"SNM WLAN Service" (SNM WLAN Service) - ? - C:\Programme\samsung\Samsung Network Manager\SNMWLANService.exe (File found, but it contains no detailed information)
"Sophos Anti-Virus" (SAVService) - "Sophos Plc" - c:\Programme\Sophos\Sophos Anti-Virus\SavService.exe
"Sophos Anti-Virus Statusreporter" (SAVAdminService) - "Sophos Plc" - c:\Programme\Sophos\Sophos Anti-Virus\SAVAdminService.exe
"Sophos AutoUpdate Service" (Sophos AutoUpdate Service) - "Sophos Plc" - c:\Programme\Sophos\AutoUpdate\ALsvc.exe
"SRS PostInstaller Service" (SRS_PostInstaller) - "SRS Labs, Inc." - C:\Programme\SRS Labs\WOWXT and TSXT Driver\SRS_PostInstaller.exe
"STI Simulator" (STI Simulator) - ? - C:\WINDOWS\System32\PAStiSvc.exe (File signed by Microsoft | File found, but it contains no detailed information)

[Winlogon]
-----( HKCU\Control Panel\IOProcs )-----
"MVB" - ? - mvfs32.dll (File not found)
-----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions )-----
{c6dc5466-785a-11d2-84d0-00c04fb169f7} "Softwareinstallation" - ? - appmgmts.dll (File not found)
-----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify )-----
"!SASWinLogon" - "SUPERAntiSpyware.com" - C:\Programme\SUPERAntiSpyware\SASWINLO.dll
"igfxcui" - "Intel Corporation" - C:\WINDOWS\system32\igfxdev.dll
"WgaLogon" - "Microsoft Corporation" - C:\WINDOWS\system32\WgaLogon.dll

===[ Logfile end ]=========================================[ Logfile end ]===

If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru


Alt 04.05.2010, 08:47   #21
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Antimaleware-Doctor-Attacke und troj/FakeAV-*** - Standard

Antimaleware-Doctor-Attacke und troj/FakeAV-***


Beende alle Programme, starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":Files" muss mitkopiert werden!!!)

Code:
ATTFilter
:Files
c:\windows\tasks\at*.job
C:\WINDOWS\Fonts\*.com
C:\Dokumente und Einstellungen\a1\Lokale Einstellungen\Anwendungsdaten\*.exe
C:\WINDOWS\system32\kks637.com
C:\WINDOWS\system32\drivers\FBAPI.sys
:Commands
[purity]
[resethosts]
[emptytemp]
Klick dann auf den Button Run Fixes!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.
__________________
--> Antimaleware-Doctor-Attacke und troj/FakeAV-***

Alt 04.05.2010, 15:52   #22
mäander
 
Antimaleware-Doctor-Attacke und troj/FakeAV-*** - Standard

Antimaleware-Doctor-Attacke und troj/FakeAV-***


gmer hatte ich heute morgen nochmal gestartet, jetzt hat es geklappt!
auch den log-file von OTL poste ich jetzt, das habe ich gerade durchlaufen lassen.


GMER 1.0.15.15281 - hxxp://w*w.gmer.net
Rootkit scan 2010-05-04 16:31:09
Windows 5.1.2600 Service Pack 3
Running: 5l9rhqgi.exe; Driver: C:\DOKUME~1\***\LOKALE~1\Temp\uftiqkoc.sys


---- System - GMER 1.0.15 ----

SSDT \??\C:\Programme\SUPERAntiSpyware\SASKUTIL.SYS (SASKUTIL.SYS/SUPERAdBlocker.com and SUPERAntiSpyware.com) ZwTerminateProcess [0xF3116900]

---- Kernel code sections - GMER 1.0.15 ----

.text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xF682E360, 0x2154AD, 0xE8000020]
.text C:\WINDOWS\system32\drivers\ACEDRV08.sys section is writeable [0xBAC5F000, 0x328BA, 0xE8000020]
.pklstb C:\WINDOWS\system32\drivers\ACEDRV08.sys entry point in ".pklstb" section [0xBACA3000]
.relo2 C:\WINDOWS\system32\drivers\ACEDRV08.sys unknown last section [0xBACBF000, 0x8E, 0x42000040]
.text C:\WINDOWS\system32\DRIVERS\atksgt.sys section is writeable [0xBA10C300, 0x3ACC8, 0xE8000020]
.text C:\WINDOWS\system32\DRIVERS\lirsgt.sys section is writeable [0xF7B4C300, 0x1B7E, 0xE8000020]

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs savonaccessfilter.sys (SAV On-access and HIPS for Windows XP (x86)/Sophos Plc)

Device \FileSystem\Udfs \UdfsCdRom BsUDF.SYS (UDF File System Driver (Windows2000)/CyberLink Corporation.)
Device \FileSystem\Udfs \UdfsDisk BsUDF.SYS (UDF File System Driver (Windows2000)/CyberLink Corporation.)

AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)

Device \FileSystem\Cdfs \Cdfs BsUDF.SYS (UDF File System Driver (Windows2000)/CyberLink Corporation.)

---- EOF - GMER 1.0.15 ----




OTL


All processes killed
========== FILES ==========
c:\windows\tasks\At1.job moved successfully.
c:\windows\tasks\At10.job moved successfully.
c:\windows\tasks\At100.job moved successfully.
c:\windows\tasks\At101.job moved successfully.
c:\windows\tasks\At102.job moved successfully.
c:\windows\tasks\At103.job moved successfully.
c:\windows\tasks\At104.job moved successfully.
c:\windows\tasks\At105.job moved successfully.
c:\windows\tasks\At106.job moved successfully.
c:\windows\tasks\At107.job moved successfully.
c:\windows\tasks\At108.job moved successfully.
c:\windows\tasks\At109.job moved successfully.
c:\windows\tasks\At11.job moved successfully.
c:\windows\tasks\At110.job moved successfully.
c:\windows\tasks\At111.job moved successfully.
c:\windows\tasks\At112.job moved successfully.
c:\windows\tasks\At113.job moved successfully.
c:\windows\tasks\At114.job moved successfully.
c:\windows\tasks\At115.job moved successfully.
c:\windows\tasks\At116.job moved successfully.
c:\windows\tasks\At117.job moved successfully.
c:\windows\tasks\At118.job moved successfully.
c:\windows\tasks\At119.job moved successfully.
c:\windows\tasks\At12.job moved successfully.
c:\windows\tasks\At120.job moved successfully.
c:\windows\tasks\At121.job moved successfully.
c:\windows\tasks\At122.job moved successfully.
c:\windows\tasks\At123.job moved successfully.
c:\windows\tasks\At124.job moved successfully.
c:\windows\tasks\At125.job moved successfully.
c:\windows\tasks\At126.job moved successfully.
c:\windows\tasks\At127.job moved successfully.
c:\windows\tasks\At128.job moved successfully.
c:\windows\tasks\At129.job moved successfully.
c:\windows\tasks\At13.job moved successfully.
c:\windows\tasks\At130.job moved successfully.
c:\windows\tasks\At131.job moved successfully.
c:\windows\tasks\At132.job moved successfully.
c:\windows\tasks\At133.job moved successfully.
c:\windows\tasks\At134.job moved successfully.
c:\windows\tasks\At135.job moved successfully.
c:\windows\tasks\At136.job moved successfully.
c:\windows\tasks\At137.job moved successfully.
c:\windows\tasks\At138.job moved successfully.
c:\windows\tasks\At139.job moved successfully.
c:\windows\tasks\At14.job moved successfully.
c:\windows\tasks\At140.job moved successfully.
c:\windows\tasks\At141.job moved successfully.
c:\windows\tasks\At142.job moved successfully.
c:\windows\tasks\At143.job moved successfully.
c:\windows\tasks\At144.job moved successfully.
c:\windows\tasks\At145.job moved successfully.
c:\windows\tasks\At146.job moved successfully.
c:\windows\tasks\At147.job moved successfully.
c:\windows\tasks\At148.job moved successfully.
c:\windows\tasks\At149.job moved successfully.
c:\windows\tasks\At15.job moved successfully.
c:\windows\tasks\At150.job moved successfully.
c:\windows\tasks\At151.job moved successfully.
c:\windows\tasks\At152.job moved successfully.
c:\windows\tasks\At153.job moved successfully.
c:\windows\tasks\At154.job moved successfully.
c:\windows\tasks\At155.job moved successfully.
c:\windows\tasks\At156.job moved successfully.
c:\windows\tasks\At157.job moved successfully.
c:\windows\tasks\At158.job moved successfully.
c:\windows\tasks\At159.job moved successfully.
c:\windows\tasks\At16.job moved successfully.
c:\windows\tasks\At160.job moved successfully.
c:\windows\tasks\At161.job moved successfully.
c:\windows\tasks\At162.job moved successfully.
c:\windows\tasks\At163.job moved successfully.
c:\windows\tasks\At164.job moved successfully.
c:\windows\tasks\At165.job moved successfully.
c:\windows\tasks\At166.job moved successfully.
c:\windows\tasks\At167.job moved successfully.
c:\windows\tasks\At168.job moved successfully.
c:\windows\tasks\At169.job moved successfully.
c:\windows\tasks\At17.job moved successfully.
c:\windows\tasks\At170.job moved successfully.
c:\windows\tasks\At171.job moved successfully.
c:\windows\tasks\At172.job moved successfully.
c:\windows\tasks\At173.job moved successfully.
c:\windows\tasks\At174.job moved successfully.
c:\windows\tasks\At175.job moved successfully.
c:\windows\tasks\At176.job moved successfully.
c:\windows\tasks\At177.job moved successfully.
c:\windows\tasks\At178.job moved successfully.
c:\windows\tasks\At179.job moved successfully.
c:\windows\tasks\At18.job moved successfully.
c:\windows\tasks\At180.job moved successfully.
c:\windows\tasks\At181.job moved successfully.
c:\windows\tasks\At182.job moved successfully.
c:\windows\tasks\At183.job moved successfully.
c:\windows\tasks\At184.job moved successfully.
c:\windows\tasks\At185.job moved successfully.
c:\windows\tasks\At186.job moved successfully.
c:\windows\tasks\At187.job moved successfully.
c:\windows\tasks\At188.job moved successfully.
c:\windows\tasks\At189.job moved successfully.
c:\windows\tasks\At19.job moved successfully.
c:\windows\tasks\At190.job moved successfully.
c:\windows\tasks\At191.job moved successfully.
c:\windows\tasks\At192.job moved successfully.
c:\windows\tasks\At193.job moved successfully.
c:\windows\tasks\At194.job moved successfully.
c:\windows\tasks\At195.job moved successfully.
c:\windows\tasks\At196.job moved successfully.
c:\windows\tasks\At197.job moved successfully.
c:\windows\tasks\At198.job moved successfully.
c:\windows\tasks\At199.job moved successfully.
c:\windows\tasks\At2.job moved successfully.
c:\windows\tasks\At20.job moved successfully.
c:\windows\tasks\At200.job moved successfully.
c:\windows\tasks\At201.job moved successfully.
c:\windows\tasks\At202.job moved successfully.
c:\windows\tasks\At203.job moved successfully.
c:\windows\tasks\At204.job moved successfully.
c:\windows\tasks\At205.job moved successfully.
c:\windows\tasks\At206.job moved successfully.
c:\windows\tasks\At207.job moved successfully.
c:\windows\tasks\At208.job moved successfully.
c:\windows\tasks\At209.job moved successfully.
c:\windows\tasks\At21.job moved successfully.
c:\windows\tasks\At210.job moved successfully.
c:\windows\tasks\At211.job moved successfully.
c:\windows\tasks\At212.job moved successfully.
c:\windows\tasks\At213.job moved successfully.
c:\windows\tasks\At214.job moved successfully.
c:\windows\tasks\At215.job moved successfully.
c:\windows\tasks\At216.job moved successfully.
c:\windows\tasks\At217.job moved successfully.
c:\windows\tasks\At218.job moved successfully.
c:\windows\tasks\At219.job moved successfully.
c:\windows\tasks\At22.job moved successfully.
c:\windows\tasks\At220.job moved successfully.
c:\windows\tasks\At221.job moved successfully.
c:\windows\tasks\At222.job moved successfully.
c:\windows\tasks\At223.job moved successfully.
c:\windows\tasks\At224.job moved successfully.
c:\windows\tasks\At225.job moved successfully.
c:\windows\tasks\At226.job moved successfully.
c:\windows\tasks\At227.job moved successfully.
c:\windows\tasks\At228.job moved successfully.
c:\windows\tasks\At229.job moved successfully.
c:\windows\tasks\At23.job moved successfully.
c:\windows\tasks\At230.job moved successfully.
c:\windows\tasks\At231.job moved successfully.
c:\windows\tasks\At232.job moved successfully.
c:\windows\tasks\At233.job moved successfully.
c:\windows\tasks\At234.job moved successfully.
c:\windows\tasks\At235.job moved successfully.
c:\windows\tasks\At236.job moved successfully.
c:\windows\tasks\At237.job moved successfully.
c:\windows\tasks\At238.job moved successfully.
c:\windows\tasks\At239.job moved successfully.
c:\windows\tasks\At24.job moved successfully.
c:\windows\tasks\At240.job moved successfully.
c:\windows\tasks\At241.job moved successfully.
c:\windows\tasks\At242.job moved successfully.
c:\windows\tasks\At243.job moved successfully.
c:\windows\tasks\At244.job moved successfully.
c:\windows\tasks\At245.job moved successfully.
c:\windows\tasks\At246.job moved successfully.
c:\windows\tasks\At247.job moved successfully.
c:\windows\tasks\At248.job moved successfully.
c:\windows\tasks\At249.job moved successfully.
c:\windows\tasks\At25.job moved successfully.
c:\windows\tasks\At250.job moved successfully.
c:\windows\tasks\At251.job moved successfully.
c:\windows\tasks\At252.job moved successfully.
c:\windows\tasks\At253.job moved successfully.
c:\windows\tasks\At254.job moved successfully.
c:\windows\tasks\At255.job moved successfully.
c:\windows\tasks\At256.job moved successfully.
c:\windows\tasks\At257.job moved successfully.
c:\windows\tasks\At258.job moved successfully.
c:\windows\tasks\At259.job moved successfully.
c:\windows\tasks\At26.job moved successfully.
c:\windows\tasks\At260.job moved successfully.
c:\windows\tasks\At261.job moved successfully.
c:\windows\tasks\At262.job moved successfully.
c:\windows\tasks\At263.job moved successfully.
c:\windows\tasks\At264.job moved successfully.
c:\windows\tasks\At265.job moved successfully.
c:\windows\tasks\At266.job moved successfully.
c:\windows\tasks\At267.job moved successfully.
c:\windows\tasks\At268.job moved successfully.
c:\windows\tasks\At269.job moved successfully.
c:\windows\tasks\At27.job moved successfully.
c:\windows\tasks\At270.job moved successfully.
c:\windows\tasks\At271.job moved successfully.
c:\windows\tasks\At272.job moved successfully.
c:\windows\tasks\At273.job moved successfully.
c:\windows\tasks\At274.job moved successfully.
c:\windows\tasks\At275.job moved successfully.
c:\windows\tasks\At276.job moved successfully.
c:\windows\tasks\At277.job moved successfully.
c:\windows\tasks\At278.job moved successfully.
c:\windows\tasks\At279.job moved successfully.
c:\windows\tasks\At28.job moved successfully.
c:\windows\tasks\At280.job moved successfully.
c:\windows\tasks\At281.job moved successfully.
c:\windows\tasks\At282.job moved successfully.
c:\windows\tasks\At283.job moved successfully.
c:\windows\tasks\At284.job moved successfully.
c:\windows\tasks\At285.job moved successfully.
c:\windows\tasks\At286.job moved successfully.
c:\windows\tasks\At287.job moved successfully.
c:\windows\tasks\At288.job moved successfully.
c:\windows\tasks\At289.job moved successfully.
c:\windows\tasks\At29.job moved successfully.
c:\windows\tasks\At290.job moved successfully.
c:\windows\tasks\At291.job moved successfully.
c:\windows\tasks\At292.job moved successfully.
c:\windows\tasks\At293.job moved successfully.
c:\windows\tasks\At294.job moved successfully.
c:\windows\tasks\At295.job moved successfully.
c:\windows\tasks\At296.job moved successfully.
c:\windows\tasks\At297.job moved successfully.
c:\windows\tasks\At298.job moved successfully.
c:\windows\tasks\At299.job moved successfully.
c:\windows\tasks\At3.job moved successfully.
c:\windows\tasks\At30.job moved successfully.
c:\windows\tasks\At300.job moved successfully.
c:\windows\tasks\At301.job moved successfully.
c:\windows\tasks\At302.job moved successfully.
c:\windows\tasks\At303.job moved successfully.
c:\windows\tasks\At304.job moved successfully.
c:\windows\tasks\At305.job moved successfully.
c:\windows\tasks\At306.job moved successfully.
c:\windows\tasks\At307.job moved successfully.
c:\windows\tasks\At308.job moved successfully.
c:\windows\tasks\At309.job moved successfully.
c:\windows\tasks\At31.job moved successfully.
c:\windows\tasks\At310.job moved successfully.
c:\windows\tasks\At311.job moved successfully.
c:\windows\tasks\At312.job moved successfully.
c:\windows\tasks\At313.job moved successfully.
c:\windows\tasks\At314.job moved successfully.
c:\windows\tasks\At315.job moved successfully.
c:\windows\tasks\At316.job moved successfully.
c:\windows\tasks\At317.job moved successfully.
c:\windows\tasks\At318.job moved successfully.
c:\windows\tasks\At319.job moved successfully.
c:\windows\tasks\At32.job moved successfully.
c:\windows\tasks\At320.job moved successfully.
c:\windows\tasks\At321.job moved successfully.
c:\windows\tasks\At322.job moved successfully.
c:\windows\tasks\At323.job moved successfully.
c:\windows\tasks\At324.job moved successfully.
c:\windows\tasks\At325.job moved successfully.
c:\windows\tasks\At326.job moved successfully.
c:\windows\tasks\At327.job moved successfully.
c:\windows\tasks\At328.job moved successfully.
c:\windows\tasks\At329.job moved successfully.
c:\windows\tasks\At33.job moved successfully.
c:\windows\tasks\At330.job moved successfully.
c:\windows\tasks\At331.job moved successfully.
c:\windows\tasks\At332.job moved successfully.
c:\windows\tasks\At333.job moved successfully.
c:\windows\tasks\At334.job moved successfully.
c:\windows\tasks\At335.job moved successfully.
c:\windows\tasks\At336.job moved successfully.
c:\windows\tasks\At337.job moved successfully.
c:\windows\tasks\At338.job moved successfully.
c:\windows\tasks\At339.job moved successfully.
c:\windows\tasks\At34.job moved successfully.
c:\windows\tasks\At340.job moved successfully.
c:\windows\tasks\At341.job moved successfully.
c:\windows\tasks\At342.job moved successfully.
c:\windows\tasks\At343.job moved successfully.
c:\windows\tasks\At344.job moved successfully.
c:\windows\tasks\At345.job moved successfully.
c:\windows\tasks\At346.job moved successfully.
c:\windows\tasks\At347.job moved successfully.
c:\windows\tasks\At348.job moved successfully.
c:\windows\tasks\At349.job moved successfully.
c:\windows\tasks\At35.job moved successfully.
c:\windows\tasks\At350.job moved successfully.
c:\windows\tasks\At351.job moved successfully.
c:\windows\tasks\At352.job moved successfully.
c:\windows\tasks\At353.job moved successfully.
c:\windows\tasks\At354.job moved successfully.
c:\windows\tasks\At355.job moved successfully.
c:\windows\tasks\At356.job moved successfully.
c:\windows\tasks\At357.job moved successfully.
c:\windows\tasks\At358.job moved successfully.
c:\windows\tasks\At359.job moved successfully.
c:\windows\tasks\At36.job moved successfully.
c:\windows\tasks\At360.job moved successfully.
c:\windows\tasks\At361.job moved successfully.
c:\windows\tasks\At362.job moved successfully.
c:\windows\tasks\At363.job moved successfully.
c:\windows\tasks\At364.job moved successfully.
c:\windows\tasks\At365.job moved successfully.
c:\windows\tasks\At366.job moved successfully.
c:\windows\tasks\At367.job moved successfully.
c:\windows\tasks\At368.job moved successfully.
c:\windows\tasks\At369.job moved successfully.
c:\windows\tasks\At37.job moved successfully.
c:\windows\tasks\At370.job moved successfully.
c:\windows\tasks\At371.job moved successfully.
c:\windows\tasks\At372.job moved successfully.
c:\windows\tasks\At373.job moved successfully.
c:\windows\tasks\At374.job moved successfully.
c:\windows\tasks\At375.job moved successfully.
c:\windows\tasks\At376.job moved successfully.
c:\windows\tasks\At377.job moved successfully.
c:\windows\tasks\At378.job moved successfully.
c:\windows\tasks\At379.job moved successfully.
c:\windows\tasks\At38.job moved successfully.
c:\windows\tasks\At380.job moved successfully.
c:\windows\tasks\At381.job moved successfully.
c:\windows\tasks\At382.job moved successfully.
c:\windows\tasks\At383.job moved successfully.
c:\windows\tasks\At384.job moved successfully.
c:\windows\tasks\At385.job moved successfully.
c:\windows\tasks\At386.job moved successfully.
c:\windows\tasks\At387.job moved successfully.
c:\windows\tasks\At388.job moved successfully.
c:\windows\tasks\At389.job moved successfully.
c:\windows\tasks\At39.job moved successfully.
c:\windows\tasks\At390.job moved successfully.
c:\windows\tasks\At391.job moved successfully.
c:\windows\tasks\At392.job moved successfully.
c:\windows\tasks\At393.job moved successfully.
c:\windows\tasks\At394.job moved successfully.
c:\windows\tasks\At395.job moved successfully.
c:\windows\tasks\At396.job moved successfully.
c:\windows\tasks\At397.job moved successfully.
c:\windows\tasks\At398.job moved successfully.
c:\windows\tasks\At399.job moved successfully.
c:\windows\tasks\At4.job moved successfully.
c:\windows\tasks\At40.job moved successfully.
c:\windows\tasks\At400.job moved successfully.
c:\windows\tasks\At401.job moved successfully.
c:\windows\tasks\At402.job moved successfully.
c:\windows\tasks\At403.job moved successfully.
c:\windows\tasks\At404.job moved successfully.
c:\windows\tasks\At405.job moved successfully.
c:\windows\tasks\At406.job moved successfully.
c:\windows\tasks\At407.job moved successfully.
c:\windows\tasks\At408.job moved successfully.
c:\windows\tasks\At409.job moved successfully.
c:\windows\tasks\At41.job moved successfully.
c:\windows\tasks\At410.job moved successfully.
c:\windows\tasks\At411.job moved successfully.
c:\windows\tasks\At412.job moved successfully.
c:\windows\tasks\At413.job moved successfully.
c:\windows\tasks\At414.job moved successfully.
c:\windows\tasks\At415.job moved successfully.
c:\windows\tasks\At416.job moved successfully.
c:\windows\tasks\At417.job moved successfully.
c:\windows\tasks\At418.job moved successfully.
c:\windows\tasks\At419.job moved successfully.
c:\windows\tasks\At42.job moved successfully.
c:\windows\tasks\At420.job moved successfully.
c:\windows\tasks\At421.job moved successfully.
c:\windows\tasks\At422.job moved successfully.
c:\windows\tasks\At423.job moved successfully.
c:\windows\tasks\At424.job moved successfully.
c:\windows\tasks\At425.job moved successfully.
c:\windows\tasks\At426.job moved successfully.
c:\windows\tasks\At427.job moved successfully.
c:\windows\tasks\At428.job moved successfully.
c:\windows\tasks\At429.job moved successfully.
c:\windows\tasks\At43.job moved successfully.
c:\windows\tasks\At430.job moved successfully.
c:\windows\tasks\At431.job moved successfully.
c:\windows\tasks\At432.job moved successfully.
c:\windows\tasks\At433.job moved successfully.
c:\windows\tasks\At434.job moved successfully.
c:\windows\tasks\At435.job moved successfully.
c:\windows\tasks\At436.job moved successfully.
c:\windows\tasks\At437.job moved successfully.
c:\windows\tasks\At438.job moved successfully.
c:\windows\tasks\At439.job moved successfully.
c:\windows\tasks\At44.job moved successfully.
c:\windows\tasks\At440.job moved successfully.
c:\windows\tasks\At441.job moved successfully.
c:\windows\tasks\At442.job moved successfully.
c:\windows\tasks\At443.job moved successfully.
c:\windows\tasks\At444.job moved successfully.
c:\windows\tasks\At445.job moved successfully.
c:\windows\tasks\At446.job moved successfully.
c:\windows\tasks\At447.job moved successfully.
c:\windows\tasks\At448.job moved successfully.
c:\windows\tasks\At449.job moved successfully.
c:\windows\tasks\At45.job moved successfully.
c:\windows\tasks\At450.job moved successfully.
c:\windows\tasks\At451.job moved successfully.
c:\windows\tasks\At452.job moved successfully.
c:\windows\tasks\At453.job moved successfully.
c:\windows\tasks\At454.job moved successfully.
c:\windows\tasks\At455.job moved successfully.
c:\windows\tasks\At456.job moved successfully.
c:\windows\tasks\At46.job moved successfully.
c:\windows\tasks\At47.job moved successfully.
c:\windows\tasks\At48.job moved successfully.
c:\windows\tasks\At49.job moved successfully.
c:\windows\tasks\At5.job moved successfully.
c:\windows\tasks\At50.job moved successfully.
c:\windows\tasks\At51.job moved successfully.
c:\windows\tasks\At52.job moved successfully.
c:\windows\tasks\At53.job moved successfully.
c:\windows\tasks\At54.job moved successfully.
c:\windows\tasks\At55.job moved successfully.
c:\windows\tasks\At56.job moved successfully.
c:\windows\tasks\At57.job moved successfully.
c:\windows\tasks\At58.job moved successfully.
c:\windows\tasks\At59.job moved successfully.
c:\windows\tasks\At6.job moved successfully.
c:\windows\tasks\At60.job moved successfully.
c:\windows\tasks\At61.job moved successfully.
c:\windows\tasks\At62.job moved successfully.
c:\windows\tasks\At63.job moved successfully.
c:\windows\tasks\At64.job moved successfully.
c:\windows\tasks\At65.job moved successfully.
c:\windows\tasks\At66.job moved successfully.
c:\windows\tasks\At67.job moved successfully.
c:\windows\tasks\At68.job moved successfully.
c:\windows\tasks\At69.job moved successfully.
c:\windows\tasks\At7.job moved successfully.
c:\windows\tasks\At70.job moved successfully.
c:\windows\tasks\At71.job moved successfully.
c:\windows\tasks\At72.job moved successfully.
c:\windows\tasks\At73.job moved successfully.
c:\windows\tasks\At74.job moved successfully.
c:\windows\tasks\At75.job moved successfully.
c:\windows\tasks\At76.job moved successfully.
c:\windows\tasks\At77.job moved successfully.
c:\windows\tasks\At78.job moved successfully.
c:\windows\tasks\At79.job moved successfully.
c:\windows\tasks\At8.job moved successfully.
c:\windows\tasks\At80.job moved successfully.
c:\windows\tasks\At81.job moved successfully.
c:\windows\tasks\At82.job moved successfully.
c:\windows\tasks\At83.job moved successfully.
c:\windows\tasks\At84.job moved successfully.
c:\windows\tasks\At85.job moved successfully.
c:\windows\tasks\At86.job moved successfully.
c:\windows\tasks\At87.job moved successfully.
c:\windows\tasks\At88.job moved successfully.
c:\windows\tasks\At89.job moved successfully.
c:\windows\tasks\At9.job moved successfully.
c:\windows\tasks\At90.job moved successfully.
c:\windows\tasks\At91.job moved successfully.
c:\windows\tasks\At92.job moved successfully.
c:\windows\tasks\At93.job moved successfully.
c:\windows\tasks\At94.job moved successfully.
c:\windows\tasks\At95.job moved successfully.
c:\windows\tasks\At96.job moved successfully.
c:\windows\tasks\At97.job moved successfully.
c:\windows\tasks\At98.job moved successfully.
c:\windows\tasks\At99.job moved successfully.
File\Folder C:\WINDOWS\Fonts\*.com not found.
File\Folder C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\*.exe not found.
C:\WINDOWS\system32\kks637.com moved successfully.
C:\WINDOWS\system32\drivers\FBAPI.sys moved successfully.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: ***
->Temp folder emptied: 649493 bytes
->Temporary Internet Files folder emptied: 7757144 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 27839799 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 562 bytes

User: All Users

User: **
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: **
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Gast
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->FireFox cache emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: **
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 3284366 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 38,00 mb


OTL by OldTimer - Version 3.2.3.0 log created on 05042010_163712

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

Alt 04.05.2010, 15:54   #23
mäander
 
Antimaleware-Doctor-Attacke und troj/FakeAV-*** - Standard

Antimaleware-Doctor-Attacke und troj/FakeAV-***


Im Browser öffnen sich Werbebanner und auch dieses lästige Popup ist noch da.

Alt 04.05.2010, 16:04   #24
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Antimaleware-Doctor-Attacke und troj/FakeAV-*** - Standard

Antimaleware-Doctor-Attacke und troj/FakeAV-***


Poste bitte ein frisches OSAM Log.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 04.05.2010, 16:21   #25
mäander
 
Antimaleware-Doctor-Attacke und troj/FakeAV-*** - Standard

Antimaleware-Doctor-Attacke und troj/FakeAV-***


Lieber Arne,

erstmal zwischendurch ein herzliches Dankeschön für Deine Geduld!!!


hier das osam-log

Report of OSAM: Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 17:13:37 on 04.05.2010

OS: Windows XP Home Edition Service Pack 3 (Build 2600)
Default Browser: Microsoft Corporation Internet Explorer 7.00.6000.17023

Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures

Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries


[Common]
-----( %SystemRoot%\Tasks )-----
"AppleSoftwareUpdate.job" - "Apple Inc." - C:\Programme\Apple Software Update\SoftwareUpdate.exe
"At1.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At10.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At11.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At12.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At13.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At14.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At15.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At16.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At17.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At18.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At19.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At2.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At20.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At21.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At22.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At23.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At24.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At25.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
"At26.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
"At27.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
"At28.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
"At29.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
"At3.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At30.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
"At31.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
"At32.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
"At33.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
"At34.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
"At35.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
"At36.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
"At37.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
"At38.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
"At39.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
"At4.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At40.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
"At41.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
"At42.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
"At43.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
"At44.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
"At45.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
"At46.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
"At47.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
"At48.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
"At5.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At6.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At7.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At8.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At9.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)

[Control Panel Objects]
-----( %SystemRoot%\system32 )-----
"btcpl.cpl" - "Broadcom Corporation." - C:\WINDOWS\system32\btcpl.cpl
"javacpl.cpl" - "Sun Microsystems, Inc." - C:\WINDOWS\system32\javacpl.cpl
"MagicKBD.cpl" - "SAMSUNG Electronics Co., Ltd." - C:\WINDOWS\system32\MagicKBD.cpl
"nvtuicpl.cpl" - "NVIDIA Corporation" - C:\WINDOWS\system32\nvtuicpl.cpl
"pdfSaver.cpl" - "Tracker Software Products" - C:\WINDOWS\system32\pdfSaver.cpl
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )-----
"QuickTime" - "Apple Inc." - C:\Programme\QuickTime\QTSystem\QuickTime.cpl
"SMAX4CP" - "Analog Devices, Inc." - C:\Programme\Analog Devices\SoundMAX\SMax4.cpl
"SRSCpl" - "SRS Labs, Inc." - C:\Programme\SRS Labs\WOWXT and TSXT Driver\srscpl.cpl

[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"ACEDRV08" (ACEDRV08) - "Protect Software GmbH" - C:\WINDOWS\system32\drivers\ACEDRV08.sys
"Apple Mobile USB Driver" (USBAAPL) - ? - C:\WINDOWS\System32\Drivers\usbaapl.sys (File not found)
"ASCTRM" (ASCTRM) - ? - C:\WINDOWS\system32\drivers\ASCTRM.sys (File not found)
"atksgt" (atksgt) - ? - C:\WINDOWS\System32\DRIVERS\atksgt.sys (File found, but it contains no detailed information)
"B.H.A Storage Helper Driver" (BsStor) - "Cyberlink Co.,Ltd." - C:\WINDOWS\system32\drivers\BsStor.sys
"B.H.A UDF Filesystem" (BsUDF) - "CyberLink Corporation." - C:\WINDOWS\system32\drivers\BsUDF.sys
"Belkin USB 2.0 to Fast Ethernet Adapter" (AX88172) - "ASIX Electronics Corp." - C:\WINDOWS\System32\DRIVERS\AX88172.sys
"Bluetooth Serial Driver" (BTSERIAL) - "Broadcom Corporation." - C:\WINDOWS\system32\drivers\btserial.sys
"Bluetooth-Audiogerät" (btaudio) - "Broadcom Corporation." - C:\WINDOWS\System32\drivers\btaudio.sys
"Bluetooth-Bus-Enumerator" (BTKRNL) - "Broadcom Corporation." - C:\WINDOWS\System32\DRIVERS\btkrnl.sys
"Bluetooth-LAN-Zugangsserver" (BTWDNDIS) - "Broadcom Corporation." - C:\WINDOWS\System32\DRIVERS\btwdndis.sys
"catchme" (catchme) - ? - C:\cofi\catchme.sys (File not found)
"Changer" (Changer) - ? - C:\WINDOWS\system32\drivers\Changer.sys (File not found)
"Cisco Systems Inc. IPSec Driver" (CVPNDRVA) - "Cisco Systems, Inc." - C:\WINDOWS\system32\Drivers\CVPNDRVA.sys
"FBAPI" (FBAPI) - ? - C:\WINDOWS\system32\drivers\FBAPI.sys (File not found)
"ialm" (ialm) - "Intel Corporation" - C:\WINDOWS\System32\DRIVERS\ialmnt5.sys
"lbrtfdc" (lbrtfdc) - ? - C:\WINDOWS\system32\drivers\lbrtfdc.sys (File not found)
"lirsgt" (lirsgt) - ? - C:\WINDOWS\System32\DRIVERS\lirsgt.sys (File found, but it contains no detailed information)
"MEMIO" (DOSMEMIO) - ? - C:\WINDOWS\system32\MEMIO.SYS (File found, but it contains no detailed information)
"PCIDump" (PCIDump) - ? - C:\WINDOWS\system32\drivers\PCIDump.sys (File not found)
"PDCOMP" (PDCOMP) - ? - C:\WINDOWS\system32\drivers\PDCOMP.sys (File not found)
"PDFRAME" (PDFRAME) - ? - C:\WINDOWS\system32\drivers\PDFRAME.sys (File not found)
"PDRELI" (PDRELI) - ? - C:\WINDOWS\system32\drivers\PDRELI.sys (File not found)
"PDRFRAME" (PDRFRAME) - ? - C:\WINDOWS\system32\drivers\PDRFRAME.sys (File not found)
"PxHelp20" (PxHelp20) - "Sonic Solutions" - C:\WINDOWS\System32\Drivers\PxHelp20.sys
"RITCPT" (RITCPT) - ? - C:\WINDOWS\system32\drivers\RITCPT.sys (File found, but it contains no detailed information)
"SASDIFSV" (SASDIFSV) - "SUPERAdBlocker.com and SUPERAntiSpyware.com" - C:\Programme\SUPERAntiSpyware\SASDIFSV.SYS
"SASKUTIL" (SASKUTIL) - "SUPERAdBlocker.com and SUPERAntiSpyware.com" - C:\Programme\SUPERAntiSpyware\SASKUTIL.SYS
"SUE NDIS Protocol Driver" (SUEPD) - "Samsung" - C:\WINDOWS\System32\DRIVERS\SUE_PD.sys
"Upper Class Filter Driver" (NTIDrvr) - "NewTech Infosystems, Inc." - C:\WINDOWS\System32\DRIVERS\NTIDrvr.sys
"Virtueller Bluetooth-Kommunikationstreiber" (BTDriver) - "Broadcom Corporation." - C:\WINDOWS\System32\DRIVERS\btport.sys
"vsdatant" (vsdatant) - "Zone Labs LLC" - C:\WINDOWS\system32\vsdatant.sys
"WDICA" (WDICA) - ? - C:\WINDOWS\system32\drivers\WDICA.sys (File not found)
"WIDCOMM USB Bluetooth Driver" (BTWUSB) - "Broadcom Corporation." - C:\WINDOWS\System32\Drivers\btwusb.sys
"WOW XT Filter Driver" (wowfilter) - ? - C:\WINDOWS\System32\drivers\wowfilter.sys

[Explorer]
-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----
{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Programme\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll
-----( HKLM\Software\Classes\Protocols\Filter )-----
{807563E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
-----( HKLM\Software\Classes\Protocols\Handler )-----
{32505114-5902-49B2-880A-1F7738E5A384} "Data Page Plugable Protocal mso-offdap11 Handler" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBCOM~1\11\OWC11.DLL
{3D9F03FA-7A94-11D3-BE81-0050048385D1} "Data Page Pluggable Protocol mso-offdap Handler" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBCOM~1\10\OWC10.DLL
{314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll
{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
{828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
{0A9007C0-4076-11D3-8789-0000F8105754} "Microsoft Infotech Storage Protocol for IE 4.0" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\MSITSS.DLL
{828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks )-----
{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} "SABShellExecuteHook Class" - "SuperAdBlocker.com" - C:\Programme\SUPERAntiSpyware\SASSEH.DLL
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} "Acrobat Elements Context Menu" - "Adobe Systems Inc." - C:\Programme\Adobe\Acrobat 7.0\Acrobat Elements\ContextMenu.dll
{6af09ec9-b429-11d4-a1fb-0090960218cb} "Bluetooth-Umgebung" - "Broadcom Corporation." - C:\WINDOWS\system32\btneighborhood.dll
{A3A1D8A1-006D-4B93-BA27-6F6B4C9C4F1D} "ContextMenuHandler Class" - "Sophos Plc" - c:\Programme\Sophos\Sophos Anti-Virus\SavShellExt.dll
{42071714-76d4-11d1-8b24-00a0c9068ff3} "CPL-Erweiterung für Anzeigeverschiebung" - ? - deskpan.dll (File not found)
{1CDB2949-8F65-4355-8456-263E7C208A5D} "Desktop Explorer" - "NVIDIA Corporation" - C:\WINDOWS\system32\nvshell.dll
{1E9B04FB-F9E5-4718-997B-B8DA88302A47} "Desktop Explorer Menu" - "NVIDIA Corporation" - C:\WINDOWS\system32\nvshell.dll
{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} "iTunes" - "Apple Inc." - C:\Programme\iTunes\iTunesMiniPlayer.dll
{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} "Kontextmenü für die Verschlüsselung" - ? - (File not found | COM-object registry key not found)
{42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Programme\Microsoft Office\Office12\msohevi.dll
{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\OFFICE12\msoshext.dll
{00020D75-0000-0000-C000-000000000046} "Microsoft Office Outlook" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\OFFICE11\MLSHEXT.DLL
{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\OFFICE12\msoshext.dll
{afc638f0-e8a4-11ce-9ade-00aa00a42d2e} "MS TrueType File Properties" - "Microsoft Corporation" - C:\Programme\OpenType Extension\TTFExtNT.dll
{1E9B04FB-F9E5-4718-997B-B8DA88302A48} "nView Desktop Context Menu" - "NVIDIA Corporation" - C:\WINDOWS\system32\nvshell.dll
{0006F045-0000-0000-C000-000000000046} "Outlook-Dateisymbolerweiterung" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\OFFICE11\OLKFSTUB.DLL
{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} "RealOne Player Context Menu Class" - "RealNetworks, Inc." - C:\Program Files\Real\RealPlayer\rpshell.dll
{764BF0E1-F219-11ce-972D-00AA00A14F56} "Shellerweiterungen für die Dateikomprimierung" - ? - (File not found | COM-object registry key not found)
{BDEADF00-C265-11D0-BCED-00A0C90AB50F} "Web Folders" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\MSONSEXT.DLL
{B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - ? - C:\Programme\WinRAR\rarext.dll

[Internet Explorer]
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
<binary data> "Adobe PDF" - "Adobe Systems Incorporated" - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
<binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found)
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} "Java Plug-in 1.5.0" - "Sun Microsystems, Inc." - C:\Programme\Java\jre1.5.0\bin\npjpi150.dll / hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab
{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} "Java Plug-in 1.6.0_01" - "Sun Microsystems, Inc." - C:\Programme\Java\jre1.6.0_01\bin\npjpi160_01.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} "Java Plug-in 1.6.0_02" - "Sun Microsystems, Inc." - C:\Programme\Java\jre1.6.0_02\bin\npjpi160_02.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} "Java Plug-in 1.6.0_03" - "Sun Microsystems, Inc." - C:\Programme\Java\jre1.6.0_03\bin\npjpi160_03.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} "Java Plug-in 1.6.0_05" - "Sun Microsystems, Inc." - C:\Programme\Java\jre1.6.0_05\bin\npjpi160_05.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} "Java Plug-in 1.6.0_07" - "Sun Microsystems, Inc." - C:\Programme\Java\jre1.6.0_07\bin\npjpi160_07.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_11" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_11.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} "Java Plug-in 1.6.0_11" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_11.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_11" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_11.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
"@btrez.dll,-4015" - ? - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm
"ICQ6" - "ICQ, LLC." - C:\Programme\ICQ6.5\ICQ.exe
{FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Recherchieren" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )-----
<binary data> "Adobe PDF" - "Adobe Systems Incorporated" - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} "Easy-WebPrint" - ? - C:\Programme\Canon\Easy-WebPrint\Toolband.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{AE7CD045-E861-484f-8273-0445EE161910} "Adobe PDF Conversion Toolbar Helper" - "Adobe Systems Incorporated" - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\jp2ssv.dll
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} "Java(tm) Plug-In SSV Helper" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\ssv.dll
{E7E6F031-17CE-4C07-BC86-EABFE594F69C} "JQSIEStartDetectorImpl Class" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
{3049C3E9-B461-4BC5-8870-4C09146192CA} "RealPlayer Download and Record Plugin for Internet Explorer" - "RealPlayer" - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
{39EA7695-B3F2-4C44-A4BC-297ADA8FD235} "Sophos Web Content Scanner" - "Sophos Plc" - c:\Programme\Sophos\Sophos Anti-Virus\SophosBHO.dll
{5C255C8A-E604-49b4-9D64-90988571CECB} "{5C255C8A-E604-49b4-9D64-90988571CECB}" - ? - (File not found | COM-object registry key not found)

[Logon]
-----( %AllUsersProfile%\Startmenü\Programme\Autostart )-----
"Adobe Acrobat - Schnellstart.lnk" - "Adobe Systems Incorporated" - C:\Programme\Adobe\Acrobat 7.0\Acrobat\acrobat_sl.exe (Shortcut exists | File exists)
"Adobe Gamma Loader.lnk" - "Adobe Systems, Inc." - C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe (Shortcut exists | File exists)
"Adobe Reader - Schnellstart.lnk" - "Adobe Systems Incorporated" - C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Shortcut exists | File exists)
"AutoUpdate Monitor.lnk" - "Sophos Plc" - C:\Programme\Sophos\AutoUpdate\ALMon.exe (Shortcut exists | File exists)
"desktop.ini" - ? - C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\desktop.ini
"MindManager PDF Writer.lnk" - "Tracker Software Products" - C:\Programme\Mindjet\MindManager 5\sys\PDF\GER\W2K\PDFSaver.exe (Shortcut exists | File exists)
"BTTray.lnk" - "Broadcom Corporation." - C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe (Shortcut exists | File exists)
"VPN Client.lnk" - "Cisco Systems, Inc." - C:\Programme\Cisco Systems\VPN Client\vpngui.exe (Shortcut exists | File exists)
-----( %UserProfile%\Startmenü\Programme\Autostart )-----
"desktop.ini" - ? - C:\Dokumente und Einstellungen\a1\Startmenü\Programme\Autostart\desktop.ini
-----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )-----
"SUPERAntiSpyware" - ? - C:\Programme\SUPERAntiSpyware\SUPERAntiSpyware.exe (File found, but it contains no detailed information)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"Acrobat Assistant 7.0" - ? - "C:\Programme\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" (File found, but it contains no detailed information)
"AVStation Premium 3.75" - ? - C:\Programme\Samsung\AVStation Premium 3.75\AVSAgent.exe (File not found)
"B'sCLiP" - ? - C:\PROGRA~1\CYBERL~1\INSTAN~1\Win2K\IBurn.exe (File not found)
"BatteryManager" - ? - C:\Programme\Samsung\Samsung Battery Manager\BatteryManager.exe (File not found)
"CanonMyPrinter" - "CANON INC." - C:\Programme\Canon\MyPrinter\BJMyPrt.exe /logon
"CanonSolutionMenu" - "CANON INC." - C:\Programme\Canon\SolutionMenu\CNSLMAIN.exe /logon
"DisplayManager" - ? - C:\Programme\Samsung\DisplayManager\DMLoader.exe (File found, but it contains no detailed information)
"Easy-PrintToolBox" - "CANON INC." - C:\Programme\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
"IJNetworkScanUtility" - ? - C:\Programme\Canon\Canon IJ Network Scan Utility\CNMNSUT .exe (File found, but it contains no detailed information)
"iTunesHelper" - ? - "C:\Programme\iTunes\iTunesHelper.exe" (File found, but it contains no detailed information)
"MagicKeyboard" - ? - C:\Programme\SAMSUNG\MagicKBD\PreMKBD.exe (File not found)
"nwiz" - "NVIDIA Corporation" - nwiz.exe /install
"QuickTime Task" - "Apple Inc." - "C:\Programme\QuickTime\QTTask .exe" -atboottime
"RemoteControl" - ? - C:\Programme\CyberLink\PowerDVD\PDVDServ.exe (File not found)
"RestoreIT!" - ? - "C:\Programme\Phoenix Technologies Ltd\RecoverPro_XP\VBPTASK.EXE" VBStart (File not found)
"SoundMAXPnP" - ? - C:\Programme\Analog Devices\Core\smax4pnp.exe (File found, but it contains no detailed information)
"SunJavaUpdateSched" - ? - "C:\Programme\Java\jre6\bin\jusched.exe" (File not found)
"SynTPEnh" - ? - C:\Programme\Synaptics\SynTP\SynTPEnh.exe (File not found)
"TkBellExe" - ? - "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot (File found, but it contains no detailed information)
"Verknüpfung mit der High Definition Audio-Eigenschaftenseite" - ? - HDAShCut.exe (File not found)

[Print Monitors]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )-----
"Adobe PDF Port" - "Adobe Systems Incorporated." - C:\WINDOWS\system32\AdobePDF.dll
"Bluetooth-Druckeranschluss" - "Broadcom Corporation." - C:\WINDOWS\system32\bthcrp.dll
"Canon BJNP Port" - "CANON INC." - C:\WINDOWS\system32\CNMNPPM.DLL
"Microsoft Document Imaging Writer Monitor" - "Microsoft Corporation" - C:\WINDOWS\system32\mdimon.dll
"PDF-XChange" - "Tracker Software" - C:\WINDOWS\system32\pxc25pm.dll

[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"Anwendungsverwaltung" (AppMgmt) - ? - C:\WINDOWS\System32\appmgmts.dll (File not found)
"Bluetooth Service" (btwdins) - "Broadcom Corporation." - C:\Programme\WIDCOMM\Bluetooth Software\bin\btwdins.exe
"Cisco Systems, Inc. VPN Service" (CVPND) - "Cisco Systems, Inc." - C:\Programme\Cisco Systems\VPN Client\cvpnd.exe
"Cyberlink RichVideo Service(CRVS)" (RichVideo) - ? - C:\Programme\CyberLink\Shared Files\RichVideo.exe
"Google Updater Service" (gusvc) - "Google" - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
"InstallDriver Table Manager" (IDriverT) - "Macrovision Corporation" - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1150\Intel 32\IDriverT.exe
"iPod-Dienst" (iPod Service) - "Apple Inc." - C:\Programme\iPod\bin\iPodService.exe
"Java Quick Starter" (JavaQuickStarterService) - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\jqs.exe
"LightScribeService Direct Disc Labeling Service" (LightScribeService) - "Hewlett-Packard Company" - C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
"Machine Debug Manager" (MDM) - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
"Microsoft Office Diagnostics Service" (odserv) - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE
"Office Source Engine" (ose) - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
"Samsung Update Plus" (Samsung Update Plus) - ? - C:\Programme\Samsung\Samsung Update Plus\SLUBackgroundService.exe (File found, but it contains no detailed information)
"SNM WLAN Service" (SNM WLAN Service) - ? - C:\Programme\samsung\Samsung Network Manager\SNMWLANService.exe (File found, but it contains no detailed information)
"Sophos Anti-Virus" (SAVService) - "Sophos Plc" - c:\Programme\Sophos\Sophos Anti-Virus\SavService.exe
"Sophos Anti-Virus Statusreporter" (SAVAdminService) - "Sophos Plc" - c:\Programme\Sophos\Sophos Anti-Virus\SAVAdminService.exe
"Sophos AutoUpdate Service" (Sophos AutoUpdate Service) - "Sophos Plc" - c:\Programme\Sophos\AutoUpdate\ALsvc.exe
"SRS PostInstaller Service" (SRS_PostInstaller) - "SRS Labs, Inc." - C:\Programme\SRS Labs\WOWXT and TSXT Driver\SRS_PostInstaller.exe
"STI Simulator" (STI Simulator) - ? - C:\WINDOWS\System32\PAStiSvc.exe (File signed by Microsoft | File found, but it contains no detailed information)

[Winlogon]
-----( HKCU\Control Panel\IOProcs )-----
"MVB" - ? - mvfs32.dll (File not found)
-----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions )-----
{c6dc5466-785a-11d2-84d0-00c04fb169f7} "Softwareinstallation" - ? - appmgmts.dll (File not found)
-----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify )-----
"!SASWinLogon" - "SUPERAntiSpyware.com" - C:\Programme\SUPERAntiSpyware\SASWINLO.dll
"igfxcui" - "Intel Corporation" - C:\WINDOWS\system32\igfxdev.dll
"WgaLogon" - "Microsoft Corporation" - C:\WINDOWS\system32\WgaLogon.dll

===[ Logfile end ]=========================================[ Logfile end ]===

If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru

Alt 04.05.2010, 20:16   #26
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Antimaleware-Doctor-Attacke und troj/FakeAV-*** - Standard

Antimaleware-Doctor-Attacke und troj/FakeAV-***


Diese komischen at-Jobs sind da noch immer
Bitte alle Einträge mit OSAM fixen:

Zitat:
"At1.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At10.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At11.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At12.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At13.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At14.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At15.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At16.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At17.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At18.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At19.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At2.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At20.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At21.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At22.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At23.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At24.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At25.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
"At26.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
"At27.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
"At28.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
"At29.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
"At3.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At30.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
"At31.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
"At32.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
"At33.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
"At34.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
"At35.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
"At36.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
"At37.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
"At38.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
"At39.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
"At4.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At40.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
"At41.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
"At42.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
"At43.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
"At44.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
"At45.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
"At46.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
"At47.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
"At48.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
"At5.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At6.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At7.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At8.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
"At9.job" - ? - C:\WINDOWS\Fonts\kks637.com (File not found)
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 04.05.2010, 20:41   #27
zm0
 
Antimaleware-Doctor-Attacke und troj/FakeAV-*** - Standard

Antimaleware-Doctor-Attacke und troj/FakeAV-***


Sorry aber ich finde es lustig!

Punkt 1: alle Windows Updates aufspielen.
Punkt 2 Firewall installieren
Punkt 3 kk.exe von kasperski drüberjagen (freeware)
erst dann kannst du den rest entfernen

c:\windows\tasks\At152.job moved successfully.
c:\windows\tasks\At153.job moved successfully. ...

Das sind typische Conficker Jobs. und den zu entfernen ist nicht mehr so schwer.

Gruss vom Russ

Alt 04.05.2010, 20:47   #28
zm0
 
Antimaleware-Doctor-Attacke und troj/FakeAV-*** - Standard

Antimaleware-Doctor-Attacke und troj/FakeAV-***


und ganz wichtig ist es noch deine USB Sticks zu prüfen, autorun zu deaktivieren (geht auch mit kk.exe einfach), und die anderen Rechner im netz zu säubern (vorausgesetzt du hast mehrere rechner am netz)

Alt 04.05.2010, 21:36   #29
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Antimaleware-Doctor-Attacke und troj/FakeAV-*** - Standard

Antimaleware-Doctor-Attacke und troj/FakeAV-***


Bring ihn jetzt nicht durcheinander. Er soll erst die Dinger entfernen und die Windows-Updates kommen zum Schluss!
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 04.05.2010, 23:00   #30
mäander
 
Antimaleware-Doctor-Attacke und troj/FakeAV-*** - Standard

Antimaleware-Doctor-Attacke und troj/FakeAV-***


hier ist das frische OSAM-Log, ich lass mich mal durch die weiteren Anmerkungen nicht durcheinander bringen ... als weitere Rechner ist ein Mac am Netz und noch ein Windows-Rechner, der bisher keine Symptome zeigt, hoffe, das bleibt auch so ...


Ach ja, OSAM hat sich aufgehangen, so dass ich nur das "frische" Log habe, nicht der Zwischenbericht ...

Report of OSAM: Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 23:52:29 on 04.05.2010

OS: Windows XP Home Edition Service Pack 3 (Build 2600)
Default Browser: Microsoft Corporation Internet Explorer 7.00.6000.17023

Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures

Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries


[Common]
-----( %SystemRoot%\Tasks )-----
"AppleSoftwareUpdate.job" - "Apple Inc." - C:\Programme\Apple Software Update\SoftwareUpdate.exe
"At100.job" - ? - C:\Dokumente und Einstellungen\a1\Lokale Einstellungen\Anwendungsdaten\kks637.exe (File found, but it contains no detailed information)
"At101.job" - ? - C:\Dokumente und Einstellungen\a1\Lokale Einstellungen\Anwendungsdaten\kks637.exe (File found, but it contains no detailed information)
"At102.job" - ? - C:\Dokumente und Einstellungen\a1\Lokale Einstellungen\Anwendungsdaten\kks637.exe (File found, but it contains no detailed information)
"At103.job" - ? - C:\Dokumente und Einstellungen\a1\Lokale Einstellungen\Anwendungsdaten\kks637.exe (File found, but it contains no detailed information)
"At104.job" - ? - C:\Dokumente und Einstellungen\a1\Lokale Einstellungen\Anwendungsdaten\kks637.exe (File found, but it contains no detailed information)
"At105.job" - ? - C:\Dokumente und Einstellungen\a1\Lokale Einstellungen\Anwendungsdaten\kks637.exe (File found, but it contains no detailed information)
"At106.job" - ? - C:\Dokumente und Einstellungen\a1\Lokale Einstellungen\Anwendungsdaten\kks637.exe (File found, but it contains no detailed information)
"At107.job" - ? - C:\Dokumente und Einstellungen\a1\Lokale Einstellungen\Anwendungsdaten\kks637.exe (File found, but it contains no detailed information)
"At108.job" - ? - C:\Dokumente und Einstellungen\a1\Lokale Einstellungen\Anwendungsdaten\kks637.exe (File found, but it contains no detailed information)
"At109.job" - ? - C:\Dokumente und Einstellungen\a1\Lokale Einstellungen\Anwendungsdaten\kks637.exe (File found, but it contains no detailed information)
"At110.job" - ? - C:\Dokumente und Einstellungen\a1\Lokale Einstellungen\Anwendungsdaten\kks637.exe (File found, but it contains no detailed information)
"At111.job" - ? - C:\Dokumente und Einstellungen\a1\Lokale Einstellungen\Anwendungsdaten\kks637.exe (File found, but it contains no detailed information)
"At112.job" - ? - C:\Dokumente und Einstellungen\a1\Lokale Einstellungen\Anwendungsdaten\kks637.exe (File found, but it contains no detailed information)
"At113.job" - ? - C:\Dokumente und Einstellungen\a1\Lokale Einstellungen\Anwendungsdaten\kks637.exe (File found, but it contains no detailed information)
"At114.job" - ? - C:\Dokumente und Einstellungen\a1\Lokale Einstellungen\Anwendungsdaten\kks637.exe (File found, but it contains no detailed information)
"At115.job" - ? - C:\Dokumente und Einstellungen\a1\Lokale Einstellungen\Anwendungsdaten\kks637.exe (File found, but it contains no detailed information)
"At116.job" - ? - C:\Dokumente und Einstellungen\a1\Lokale Einstellungen\Anwendungsdaten\kks637.exe (File found, but it contains no detailed information)
"At117.job" - ? - C:\Dokumente und Einstellungen\a1\Lokale Einstellungen\Anwendungsdaten\kks637.exe (File found, but it contains no detailed information)
"At118.job" - ? - C:\Dokumente und Einstellungen\a1\Lokale Einstellungen\Anwendungsdaten\kks637.exe (File found, but it contains no detailed information)
"At119.job" - ? - C:\Dokumente und Einstellungen\a1\Lokale Einstellungen\Anwendungsdaten\kks637.exe (File found, but it contains no detailed information)
"At120.job" - ? - C:\Dokumente und Einstellungen\a1\Lokale Einstellungen\Anwendungsdaten\kks637.exe (File found, but it contains no detailed information)
"At49.job" - ? - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\7iaXk8nI.exe (File found, but it contains no detailed information)
"At50.job" - ? - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\7iaXk8nI.exe (File found, but it contains no detailed information)
"At51.job" - ? - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\7iaXk8nI.exe (File found, but it contains no detailed information)
"At52.job" - ? - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\7iaXk8nI.exe (File found, but it contains no detailed information)
"At53.job" - ? - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\7iaXk8nI.exe (File found, but it contains no detailed information)
"At54.job" - ? - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\7iaXk8nI.exe (File found, but it contains no detailed information)
"At55.job" - ? - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\7iaXk8nI.exe (File found, but it contains no detailed information)
"At56.job" - ? - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\7iaXk8nI.exe (File found, but it contains no detailed information)
"At57.job" - ? - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\7iaXk8nI.exe (File found, but it contains no detailed information)
"At58.job" - ? - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\7iaXk8nI.exe (File found, but it contains no detailed information)
"At59.job" - ? - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\7iaXk8nI.exe (File found, but it contains no detailed information)
"At60.job" - ? - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\7iaXk8nI.exe (File found, but it contains no detailed information)
"At61.job" - ? - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\7iaXk8nI.exe (File found, but it contains no detailed information)
"At62.job" - ? - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\7iaXk8nI.exe (File found, but it contains no detailed information)
"At63.job" - ? - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\7iaXk8nI.exe (File found, but it contains no detailed information)
"At64.job" - ? - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\7iaXk8nI.exe (File found, but it contains no detailed information)
"At65.job" - ? - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\7iaXk8nI.exe (File found, but it contains no detailed information)
"At66.job" - ? - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\7iaXk8nI.exe (File found, but it contains no detailed information)
"At67.job" - ? - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\7iaXk8nI.exe (File found, but it contains no detailed information)
"At68.job" - ? - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\7iaXk8nI.exe (File found, but it contains no detailed information)
"At69.job" - ? - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\7iaXk8nI.exe (File found, but it contains no detailed information)
"At70.job" - ? - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\7iaXk8nI.exe (File found, but it contains no detailed information)
"At71.job" - ? - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\7iaXk8nI.exe (File found, but it contains no detailed information)
"At72.job" - ? - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\7iaXk8nI.exe (File found, but it contains no detailed information)
"At97.job" - ? - C:\Dokumente und Einstellungen\a1\Lokale Einstellungen\Anwendungsdaten\kks637.exe (File found, but it contains no detailed information)
"At98.job" - ? - C:\Dokumente und Einstellungen\a1\Lokale Einstellungen\Anwendungsdaten\kks637.exe (File found, but it contains no detailed information)
"At99.job" - ? - C:\Dokumente und Einstellungen\a1\Lokale Einstellungen\Anwendungsdaten\kks637.exe (File found, but it contains no detailed information)
(Disabled) "At1.job" - ? - C:\WINDOWS\Fonts\kks637.com (File found, but it contains no detailed information)
(Disabled) "At10.job" - ? - C:\WINDOWS\Fonts\kks637.com (File found, but it contains no detailed information)
(Disabled) "At11.job" - ? - C:\WINDOWS\Fonts\kks637.com (File found, but it contains no detailed information)
(Disabled) "At12.job" - ? - C:\WINDOWS\Fonts\kks637.com (File found, but it contains no detailed information)
(Disabled) "At13.job" - ? - C:\WINDOWS\Fonts\kks637.com (File found, but it contains no detailed information)
(Disabled) "At14.job" - ? - C:\WINDOWS\Fonts\kks637.com (File found, but it contains no detailed information)
(Disabled) "At15.job" - ? - C:\WINDOWS\Fonts\kks637.com (File found, but it contains no detailed information)
(Disabled) "At16.job" - ? - C:\WINDOWS\Fonts\kks637.com (File found, but it contains no detailed information)
(Disabled) "At17.job" - ? - C:\WINDOWS\Fonts\kks637.com (File found, but it contains no detailed information)
(Disabled) "At18.job" - ? - C:\WINDOWS\Fonts\kks637.com (File found, but it contains no detailed information)
(Disabled) "At19.job" - ? - C:\WINDOWS\Fonts\kks637.com (File found, but it contains no detailed information)
(Disabled) "At2.job" - ? - C:\WINDOWS\Fonts\kks637.com (File found, but it contains no detailed information)
(Disabled) "At20.job" - ? - C:\WINDOWS\Fonts\kks637.com (File found, but it contains no detailed information)
(Disabled) "At21.job" - ? - C:\WINDOWS\Fonts\kks637.com (File found, but it contains no detailed information)
(Disabled) "At22.job" - ? - C:\WINDOWS\Fonts\kks637.com (File found, but it contains no detailed information)
(Disabled) "At23.job" - ? - C:\WINDOWS\Fonts\kks637.com (File found, but it contains no detailed information)
(Disabled) "At24.job" - ? - C:\WINDOWS\Fonts\kks637.com (File found, but it contains no detailed information)
(Disabled) "At25.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
(Disabled) "At26.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
(Disabled) "At27.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
(Disabled) "At28.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
(Disabled) "At29.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
(Disabled) "At3.job" - ? - C:\WINDOWS\Fonts\kks637.com (File found, but it contains no detailed information)
(Disabled) "At30.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
(Disabled) "At31.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
(Disabled) "At32.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
(Disabled) "At33.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
(Disabled) "At34.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
(Disabled) "At35.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
(Disabled) "At36.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
(Disabled) "At37.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
(Disabled) "At38.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
(Disabled) "At39.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
(Disabled) "At4.job" - ? - C:\WINDOWS\Fonts\kks637.com (File found, but it contains no detailed information)
(Disabled) "At40.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
(Disabled) "At41.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
(Disabled) "At42.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
(Disabled) "At43.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
(Disabled) "At44.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
(Disabled) "At45.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
(Disabled) "At46.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
(Disabled) "At47.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
(Disabled) "At48.job" - ? - C:\WINDOWS\system32\kks637.com (File found, but it contains no detailed information)
(Disabled) "At5.job" - ? - C:\WINDOWS\Fonts\kks637.com (File found, but it contains no detailed information)
(Disabled) "At6.job" - ? - C:\WINDOWS\Fonts\kks637.com (File found, but it contains no detailed information)
(Disabled) "At7.job" - ? - C:\WINDOWS\Fonts\kks637.com (File found, but it contains no detailed information)
(Disabled) "At73.job" - ? - C:\WINDOWS\Fonts\kks637.com (File found, but it contains no detailed information)
(Disabled) "At74.job" - ? - C:\WINDOWS\Fonts\kks637.com (File found, but it contains no detailed information)
(Disabled) "At75.job" - ? - C:\WINDOWS\Fonts\kks637.com (File found, but it contains no detailed information)
(Disabled) "At76.job" - ? - C:\WINDOWS\Fonts\kks637.com (File found, but it contains no detailed information)
(Disabled) "At77.job" - ? - C:\WINDOWS\Fonts\kks637.com (File found, but it contains no detailed information)
(Disabled) "At78.job" - ? - C:\WINDOWS\Fonts\kks637.com (File found, but it contains no detailed information)
(Disabled) "At79.job" - ? - C:\WINDOWS\Fonts\kks637.com (File found, but it contains no detailed information)
(Disabled) "At8.job" - ? - C:\WINDOWS\Fonts\kks637.com (File found, but it contains no detailed information)
(Disabled) "At80.job" - ? - C:\WINDOWS\Fonts\kks637.com (File found, but it contains no detailed information)
(Disabled) "At81.job" - ? - C:\WINDOWS\Fonts\kks637.com (File found, but it contains no detailed information)
(Disabled) "At82.job" - ? - C:\WINDOWS\Fonts\kks637.com (File found, but it contains no detailed information)
(Disabled) "At83.job" - ? - C:\WINDOWS\Fonts\kks637.com (File found, but it contains no detailed information)
(Disabled) "At84.job" - ? - C:\WINDOWS\Fonts\kks637.com (File found, but it contains no detailed information)
(Disabled) "At85.job" - ? - C:\WINDOWS\Fonts\kks637.com (File found, but it contains no detailed information)
(Disabled) "At86.job" - ? - C:\WINDOWS\Fonts\kks637.com (File found, but it contains no detailed information)
(Disabled) "At87.job" - ? - C:\WINDOWS\Fonts\kks637.com (File found, but it contains no detailed information)
(Disabled) "At88.job" - ? - C:\WINDOWS\Fonts\kks637.com (File found, but it contains no detailed information)
(Disabled) "At89.job" - ? - C:\WINDOWS\Fonts\kks637.com (File found, but it contains no detailed information)
(Disabled) "At9.job" - ? - C:\WINDOWS\Fonts\kks637.com (File found, but it contains no detailed information)
(Disabled) "At90.job" - ? - C:\WINDOWS\Fonts\kks637.com (File found, but it contains no detailed information)
(Disabled) "At91.job" - ? - C:\WINDOWS\Fonts\kks637.com (File found, but it contains no detailed information)
(Disabled) "At92.job" - ? - C:\WINDOWS\Fonts\kks637.com (File found, but it contains no detailed information)
(Disabled) "At93.job" - ? - C:\WINDOWS\Fonts\kks637.com (File found, but it contains no detailed information)
(Disabled) "At94.job" - ? - C:\WINDOWS\Fonts\kks637.com (File found, but it contains no detailed information)
(Disabled) "At95.job" - ? - C:\WINDOWS\Fonts\kks637.com (File found, but it contains no detailed information)
(Disabled) "At96.job" - ? - C:\WINDOWS\Fonts\kks637.com (File found, but it contains no detailed information)

[Control Panel Objects]
-----( %SystemRoot%\system32 )-----
"btcpl.cpl" - "Broadcom Corporation." - C:\WINDOWS\system32\btcpl.cpl
"javacpl.cpl" - "Sun Microsystems, Inc." - C:\WINDOWS\system32\javacpl.cpl
"MagicKBD.cpl" - "SAMSUNG Electronics Co., Ltd." - C:\WINDOWS\system32\MagicKBD.cpl
"nvtuicpl.cpl" - "NVIDIA Corporation" - C:\WINDOWS\system32\nvtuicpl.cpl
"pdfSaver.cpl" - "Tracker Software Products" - C:\WINDOWS\system32\pdfSaver.cpl
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )-----
"QuickTime" - "Apple Inc." - C:\Programme\QuickTime\QTSystem\QuickTime.cpl
"SMAX4CP" - "Analog Devices, Inc." - C:\Programme\Analog Devices\SoundMAX\SMax4.cpl
"SRSCpl" - "SRS Labs, Inc." - C:\Programme\SRS Labs\WOWXT and TSXT Driver\srscpl.cpl

[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"ACEDRV08" (ACEDRV08) - "Protect Software GmbH" - C:\WINDOWS\system32\drivers\ACEDRV08.sys
"Apple Mobile USB Driver" (USBAAPL) - ? - C:\WINDOWS\System32\Drivers\usbaapl.sys (File not found)
"ASCTRM" (ASCTRM) - ? - C:\WINDOWS\system32\drivers\ASCTRM.sys (File not found)
"atksgt" (atksgt) - ? - C:\WINDOWS\System32\DRIVERS\atksgt.sys (File found, but it contains no detailed information)
"B.H.A Storage Helper Driver" (BsStor) - "Cyberlink Co.,Ltd." - C:\WINDOWS\system32\drivers\BsStor.sys
"B.H.A UDF Filesystem" (BsUDF) - "CyberLink Corporation." - C:\WINDOWS\system32\drivers\BsUDF.sys
"Belkin USB 2.0 to Fast Ethernet Adapter" (AX88172) - "ASIX Electronics Corp." - C:\WINDOWS\System32\DRIVERS\AX88172.sys
"Bluetooth Serial Driver" (BTSERIAL) - "Broadcom Corporation." - C:\WINDOWS\system32\drivers\btserial.sys
"Bluetooth-Audiogerät" (btaudio) - "Broadcom Corporation." - C:\WINDOWS\System32\drivers\btaudio.sys
"Bluetooth-Bus-Enumerator" (BTKRNL) - "Broadcom Corporation." - C:\WINDOWS\System32\DRIVERS\btkrnl.sys
"Bluetooth-LAN-Zugangsserver" (BTWDNDIS) - "Broadcom Corporation." - C:\WINDOWS\System32\DRIVERS\btwdndis.sys
"catchme" (catchme) - ? - C:\cofi\catchme.sys (File not found)
"Changer" (Changer) - ? - C:\WINDOWS\system32\drivers\Changer.sys (File not found)
"Cisco Systems Inc. IPSec Driver" (CVPNDRVA) - "Cisco Systems, Inc." - C:\WINDOWS\system32\Drivers\CVPNDRVA.sys
"FBAPI" (FBAPI) - ? - C:\WINDOWS\system32\drivers\FBAPI.sys (File not found)
"ialm" (ialm) - "Intel Corporation" - C:\WINDOWS\System32\DRIVERS\ialmnt5.sys
"lbrtfdc" (lbrtfdc) - ? - C:\WINDOWS\system32\drivers\lbrtfdc.sys (File not found)
"lirsgt" (lirsgt) - ? - C:\WINDOWS\System32\DRIVERS\lirsgt.sys (File found, but it contains no detailed information)
"MEMIO" (DOSMEMIO) - ? - C:\WINDOWS\system32\MEMIO.SYS (File found, but it contains no detailed information)
"PCIDump" (PCIDump) - ? - C:\WINDOWS\system32\drivers\PCIDump.sys (File not found)
"PDCOMP" (PDCOMP) - ? - C:\WINDOWS\system32\drivers\PDCOMP.sys (File not found)
"PDFRAME" (PDFRAME) - ? - C:\WINDOWS\system32\drivers\PDFRAME.sys (File not found)
"PDRELI" (PDRELI) - ? - C:\WINDOWS\system32\drivers\PDRELI.sys (File not found)
"PDRFRAME" (PDRFRAME) - ? - C:\WINDOWS\system32\drivers\PDRFRAME.sys (File not found)
"PxHelp20" (PxHelp20) - "Sonic Solutions" - C:\WINDOWS\System32\Drivers\PxHelp20.sys
"RITCPT" (RITCPT) - ? - C:\WINDOWS\system32\drivers\RITCPT.sys (File found, but it contains no detailed information)
"SASDIFSV" (SASDIFSV) - "SUPERAdBlocker.com and SUPERAntiSpyware.com" - C:\Programme\SUPERAntiSpyware\SASDIFSV.SYS
"SASKUTIL" (SASKUTIL) - "SUPERAdBlocker.com and SUPERAntiSpyware.com" - C:\Programme\SUPERAntiSpyware\SASKUTIL.SYS
"SUE NDIS Protocol Driver" (SUEPD) - "Samsung" - C:\WINDOWS\System32\DRIVERS\SUE_PD.sys
"Upper Class Filter Driver" (NTIDrvr) - "NewTech Infosystems, Inc." - C:\WINDOWS\System32\DRIVERS\NTIDrvr.sys
"Virtueller Bluetooth-Kommunikationstreiber" (BTDriver) - "Broadcom Corporation." - C:\WINDOWS\System32\DRIVERS\btport.sys
"vsdatant" (vsdatant) - "Zone Labs LLC" - C:\WINDOWS\system32\vsdatant.sys
"WDICA" (WDICA) - ? - C:\WINDOWS\system32\drivers\WDICA.sys (File not found)
"WIDCOMM USB Bluetooth Driver" (BTWUSB) - "Broadcom Corporation." - C:\WINDOWS\System32\Drivers\btwusb.sys
"WOW XT Filter Driver" (wowfilter) - ? - C:\WINDOWS\System32\drivers\wowfilter.sys

[Explorer]
-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----
{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Programme\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll
-----( HKLM\Software\Classes\Protocols\Filter )-----
{807563E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
-----( HKLM\Software\Classes\Protocols\Handler )-----
{32505114-5902-49B2-880A-1F7738E5A384} "Data Page Plugable Protocal mso-offdap11 Handler" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBCOM~1\11\OWC11.DLL
{3D9F03FA-7A94-11D3-BE81-0050048385D1} "Data Page Pluggable Protocol mso-offdap Handler" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBCOM~1\10\OWC10.DLL
{314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll
{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
{828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
{0A9007C0-4076-11D3-8789-0000F8105754} "Microsoft Infotech Storage Protocol for IE 4.0" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\MSITSS.DLL
{828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks )-----
{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} "SABShellExecuteHook Class" - "SuperAdBlocker.com" - C:\Programme\SUPERAntiSpyware\SASSEH.DLL
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} "Acrobat Elements Context Menu" - "Adobe Systems Inc." - C:\Programme\Adobe\Acrobat 7.0\Acrobat Elements\ContextMenu.dll
{6af09ec9-b429-11d4-a1fb-0090960218cb} "Bluetooth-Umgebung" - "Broadcom Corporation." - C:\WINDOWS\system32\btneighborhood.dll
{A3A1D8A1-006D-4B93-BA27-6F6B4C9C4F1D} "ContextMenuHandler Class" - "Sophos Plc" - c:\Programme\Sophos\Sophos Anti-Virus\SavShellExt.dll
{42071714-76d4-11d1-8b24-00a0c9068ff3} "CPL-Erweiterung für Anzeigeverschiebung" - ? - deskpan.dll (File not found)
{1CDB2949-8F65-4355-8456-263E7C208A5D} "Desktop Explorer" - "NVIDIA Corporation" - C:\WINDOWS\system32\nvshell.dll
{1E9B04FB-F9E5-4718-997B-B8DA88302A47} "Desktop Explorer Menu" - "NVIDIA Corporation" - C:\WINDOWS\system32\nvshell.dll
{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} "iTunes" - "Apple Inc." - C:\Programme\iTunes\iTunesMiniPlayer.dll
{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} "Kontextmenü für die Verschlüsselung" - ? - (File not found | COM-object registry key not found)
{42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Programme\Microsoft Office\Office12\msohevi.dll
{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\OFFICE12\msoshext.dll
{00020D75-0000-0000-C000-000000000046} "Microsoft Office Outlook" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\OFFICE11\MLSHEXT.DLL
{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\OFFICE12\msoshext.dll
{afc638f0-e8a4-11ce-9ade-00aa00a42d2e} "MS TrueType File Properties" - "Microsoft Corporation" - C:\Programme\OpenType Extension\TTFExtNT.dll
{1E9B04FB-F9E5-4718-997B-B8DA88302A48} "nView Desktop Context Menu" - "NVIDIA Corporation" - C:\WINDOWS\system32\nvshell.dll
{0006F045-0000-0000-C000-000000000046} "Outlook-Dateisymbolerweiterung" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\OFFICE11\OLKFSTUB.DLL
{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} "RealOne Player Context Menu Class" - "RealNetworks, Inc." - C:\Program Files\Real\RealPlayer\rpshell.dll
{764BF0E1-F219-11ce-972D-00AA00A14F56} "Shellerweiterungen für die Dateikomprimierung" - ? - (File not found | COM-object registry key not found)
{BDEADF00-C265-11D0-BCED-00A0C90AB50F} "Web Folders" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\MSONSEXT.DLL
{B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - ? - C:\Programme\WinRAR\rarext.dll

[Internet Explorer]
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
<binary data> "Adobe PDF" - "Adobe Systems Incorporated" - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
<binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found)
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} "Java Plug-in 1.5.0" - "Sun Microsystems, Inc." - C:\Programme\Java\jre1.5.0\bin\npjpi150.dll / hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab
{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} "Java Plug-in 1.6.0_01" - "Sun Microsystems, Inc." - C:\Programme\Java\jre1.6.0_01\bin\npjpi160_01.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} "Java Plug-in 1.6.0_02" - "Sun Microsystems, Inc." - C:\Programme\Java\jre1.6.0_02\bin\npjpi160_02.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} "Java Plug-in 1.6.0_03" - "Sun Microsystems, Inc." - C:\Programme\Java\jre1.6.0_03\bin\npjpi160_03.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} "Java Plug-in 1.6.0_05" - "Sun Microsystems, Inc." - C:\Programme\Java\jre1.6.0_05\bin\npjpi160_05.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} "Java Plug-in 1.6.0_07" - "Sun Microsystems, Inc." - C:\Programme\Java\jre1.6.0_07\bin\npjpi160_07.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_11" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_11.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} "Java Plug-in 1.6.0_11" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_11.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_11" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_11.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
"@btrez.dll,-4015" - ? - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm
"ICQ6" - "ICQ, LLC." - C:\Programme\ICQ6.5\ICQ.exe
{FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Recherchieren" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )-----
<binary data> "Adobe PDF" - "Adobe Systems Incorporated" - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} "Easy-WebPrint" - ? - C:\Programme\Canon\Easy-WebPrint\Toolband.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{AE7CD045-E861-484f-8273-0445EE161910} "Adobe PDF Conversion Toolbar Helper" - "Adobe Systems Incorporated" - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\jp2ssv.dll
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} "Java(tm) Plug-In SSV Helper" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\ssv.dll
{E7E6F031-17CE-4C07-BC86-EABFE594F69C} "JQSIEStartDetectorImpl Class" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
{3049C3E9-B461-4BC5-8870-4C09146192CA} "RealPlayer Download and Record Plugin for Internet Explorer" - "RealPlayer" - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
{39EA7695-B3F2-4C44-A4BC-297ADA8FD235} "Sophos Web Content Scanner" - "Sophos Plc" - c:\Programme\Sophos\Sophos Anti-Virus\SophosBHO.dll
{5C255C8A-E604-49b4-9D64-90988571CECB} "{5C255C8A-E604-49b4-9D64-90988571CECB}" - ? - (File not found | COM-object registry key not found)

[Logon]
-----( %AllUsersProfile%\Startmenü\Programme\Autostart )-----
"Adobe Acrobat - Schnellstart.lnk" - "Adobe Systems Incorporated" - C:\Programme\Adobe\Acrobat 7.0\Acrobat\acrobat_sl.exe (Shortcut exists | File exists)
"Adobe Gamma Loader.lnk" - "Adobe Systems, Inc." - C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe (Shortcut exists | File exists)
"Adobe Reader - Schnellstart.lnk" - "Adobe Systems Incorporated" - C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Shortcut exists | File exists)
"AutoUpdate Monitor.lnk" - "Sophos Plc" - C:\Programme\Sophos\AutoUpdate\ALMon.exe (Shortcut exists | File exists)
"desktop.ini" - ? - C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\desktop.ini
"MindManager PDF Writer.lnk" - "Tracker Software Products" - C:\Programme\Mindjet\MindManager 5\sys\PDF\GER\W2K\PDFSaver.exe (Shortcut exists | File exists)
"BTTray.lnk" - "Broadcom Corporation." - C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe (Shortcut exists | File exists)
"VPN Client.lnk" - "Cisco Systems, Inc." - C:\Programme\Cisco Systems\VPN Client\vpngui.exe (Shortcut exists | File exists)
-----( %UserProfile%\Startmenü\Programme\Autostart )-----
"desktop.ini" - ? - C:\Dokumente und Einstellungen\a1\Startmenü\Programme\Autostart\desktop.ini
-----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )-----
"SUPERAntiSpyware" - ? - C:\Programme\SUPERAntiSpyware\SUPERAntiSpyware.exe (File found, but it contains no detailed information)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"Acrobat Assistant 7.0" - ? - "C:\Programme\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" (File found, but it contains no detailed information)
"AVStation Premium 3.75" - ? - C:\Programme\Samsung\AVStation Premium 3.75\AVSAgent.exe (File not found)
"B'sCLiP" - ? - C:\PROGRA~1\CYBERL~1\INSTAN~1\Win2K\IBurn.exe (File not found)
"BatteryManager" - ? - C:\Programme\Samsung\Samsung Battery Manager\BatteryManager.exe (File not found)
"CanonMyPrinter" - "CANON INC." - C:\Programme\Canon\MyPrinter\BJMyPrt.exe /logon
"CanonSolutionMenu" - "CANON INC." - C:\Programme\Canon\SolutionMenu\CNSLMAIN.exe /logon
"DisplayManager" - ? - C:\Programme\Samsung\DisplayManager\DMLoader.exe (File found, but it contains no detailed information)
"Easy-PrintToolBox" - "CANON INC." - C:\Programme\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
"IJNetworkScanUtility" - ? - C:\Programme\Canon\Canon IJ Network Scan Utility\CNMNSUT .exe (File found, but it contains no detailed information)
"iTunesHelper" - ? - "C:\Programme\iTunes\iTunesHelper.exe" (File found, but it contains no detailed information)
"MagicKeyboard" - ? - C:\Programme\SAMSUNG\MagicKBD\PreMKBD.exe (File not found)
"nwiz" - "NVIDIA Corporation" - nwiz.exe /install
"QuickTime Task" - "Apple Inc." - "C:\Programme\QuickTime\QTTask .exe" -atboottime
"RemoteControl" - ? - C:\Programme\CyberLink\PowerDVD\PDVDServ.exe (File not found)
"RestoreIT!" - ? - "C:\Programme\Phoenix Technologies Ltd\RecoverPro_XP\VBPTASK.EXE" VBStart (File not found)
"SoundMAXPnP" - ? - C:\Programme\Analog Devices\Core\smax4pnp.exe (File found, but it contains no detailed information)
"SunJavaUpdateSched" - ? - "C:\Programme\Java\jre6\bin\jusched.exe" (File not found)
"SynTPEnh" - ? - C:\Programme\Synaptics\SynTP\SynTPEnh.exe (File not found)
"TkBellExe" - ? - "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot (File found, but it contains no detailed information)
"Verknüpfung mit der High Definition Audio-Eigenschaftenseite" - ? - HDAShCut.exe (File not found)

[Print Monitors]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )-----
"Adobe PDF Port" - "Adobe Systems Incorporated." - C:\WINDOWS\system32\AdobePDF.dll
"Bluetooth-Druckeranschluss" - "Broadcom Corporation." - C:\WINDOWS\system32\bthcrp.dll
"Canon BJNP Port" - "CANON INC." - C:\WINDOWS\system32\CNMNPPM.DLL
"Microsoft Document Imaging Writer Monitor" - "Microsoft Corporation" - C:\WINDOWS\system32\mdimon.dll
"PDF-XChange" - "Tracker Software" - C:\WINDOWS\system32\pxc25pm.dll

[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"Anwendungsverwaltung" (AppMgmt) - ? - C:\WINDOWS\System32\appmgmts.dll (File not found)
"Bluetooth Service" (btwdins) - "Broadcom Corporation." - C:\Programme\WIDCOMM\Bluetooth Software\bin\btwdins.exe
"Cisco Systems, Inc. VPN Service" (CVPND) - "Cisco Systems, Inc." - C:\Programme\Cisco Systems\VPN Client\cvpnd.exe
"Cyberlink RichVideo Service(CRVS)" (RichVideo) - ? - C:\Programme\CyberLink\Shared Files\RichVideo.exe
"Google Updater Service" (gusvc) - "Google" - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
"InstallDriver Table Manager" (IDriverT) - "Macrovision Corporation" - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1150\Intel 32\IDriverT.exe
"iPod-Dienst" (iPod Service) - "Apple Inc." - C:\Programme\iPod\bin\iPodService.exe
"Java Quick Starter" (JavaQuickStarterService) - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\jqs.exe
"LightScribeService Direct Disc Labeling Service" (LightScribeService) - "Hewlett-Packard Company" - C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
"Machine Debug Manager" (MDM) - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
"Microsoft Office Diagnostics Service" (odserv) - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE
"Office Source Engine" (ose) - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
"Samsung Update Plus" (Samsung Update Plus) - ? - C:\Programme\Samsung\Samsung Update Plus\SLUBackgroundService.exe (File found, but it contains no detailed information)
"SNM WLAN Service" (SNM WLAN Service) - ? - C:\Programme\samsung\Samsung Network Manager\SNMWLANService.exe (File found, but it contains no detailed information)
"Sophos Anti-Virus" (SAVService) - "Sophos Plc" - c:\Programme\Sophos\Sophos Anti-Virus\SavService.exe
"Sophos Anti-Virus Statusreporter" (SAVAdminService) - "Sophos Plc" - c:\Programme\Sophos\Sophos Anti-Virus\SAVAdminService.exe
"Sophos AutoUpdate Service" (Sophos AutoUpdate Service) - "Sophos Plc" - c:\Programme\Sophos\AutoUpdate\ALsvc.exe
"SRS PostInstaller Service" (SRS_PostInstaller) - "SRS Labs, Inc." - C:\Programme\SRS Labs\WOWXT and TSXT Driver\SRS_PostInstaller.exe
"STI Simulator" (STI Simulator) - ? - C:\WINDOWS\System32\PAStiSvc.exe (File signed by Microsoft | File found, but it contains no detailed information)

[Winlogon]
-----( HKCU\Control Panel\IOProcs )-----
"MVB" - ? - mvfs32.dll (File not found)
-----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions )-----
{c6dc5466-785a-11d2-84d0-00c04fb169f7} "Softwareinstallation" - ? - appmgmts.dll (File not found)
-----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify )-----
"!SASWinLogon" - "SUPERAntiSpyware.com" - C:\Programme\SUPERAntiSpyware\SASWINLO.dll
"igfxcui" - "Intel Corporation" - C:\WINDOWS\system32\igfxdev.dll
"WgaLogon" - "Microsoft Corporation" - C:\WINDOWS\system32\WgaLogon.dll

===[ Logfile end ]=========================================[ Logfile end ]===

If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru

Antwort
Seite 2 von 4 1 2 34

Themen zu Antimaleware-Doctor-Attacke und troj/FakeAV-***
adobe, adware.adrotator, adware.agent, adware.ezlife, anti malware, antimalware doctor, ap manager, apmanager.exe, browser, canon, components, converter, desktop, diagnostics, einstellungen, excel, firefox, firefox.exe, frage, gebraucht, hdaudio.sys, helper, hijack, hijackthis, hilfe!!, hkus\s-1-5-18, home, immer noch probleme, install.exe, log-files, loswerden, mozilla, pdf-datei, plug-in, registry, rogue.agent, rogue.antimalwaredoctor, rundll, schutz, skype.exe, software, sophos, super, svchost.exe, symantec, temp, troj/fakeav-***, trojan.downloader, trojan.fraudtool, trojan.hiloti, trojaner, windows xp, zu lang, zwei trojaner


« trojaner befund? | ICQ verschickt Links / Internet Explorer öffnet Fenster »


Ähnliche Themen: Antimaleware-Doctor-Attacke und troj/FakeAV-***


  1. Habe Antimaleware Doctor eingefangen.
    Plagegeister aller Art und deren Bekämpfung - 22.04.2011 (24)
  2. Antimaleware Doctor + Windows Explorer Abstürze
    Log-Analyse und Auswertung - 30.12.2010 (6)
  3. Antimaleware-Doctor eingefangen
    Plagegeister aller Art und deren Bekämpfung - 11.09.2010 (11)
  4. Antimaleware doctor seit 2 Tagen auf dem Rechner
    Plagegeister aller Art und deren Bekämpfung - 09.09.2010 (6)
  5. Antimaleware doctor, mein malewarebytes log
    Plagegeister aller Art und deren Bekämpfung - 01.09.2010 (1)
  6. Antimaleware Doctor
    Plagegeister aller Art und deren Bekämpfung - 31.08.2010 (1)
  7. Probleme mit antimaleware doctor
    Plagegeister aller Art und deren Bekämpfung - 26.08.2010 (1)
  8. antimaleware Doctor
    Plagegeister aller Art und deren Bekämpfung - 16.07.2010 (1)
  9. Ärger mit Antimaleware Doctor!
    Plagegeister aller Art und deren Bekämpfung - 08.07.2010 (10)
  10. Antimaleware Doctor
    Plagegeister aller Art und deren Bekämpfung - 05.06.2010 (6)
  11. Antimaleware Doctor
    Log-Analyse und Auswertung - 30.05.2010 (2)
  12. Antimaleware Doctor versucht zu beseitigen aber er klemmt!
    Plagegeister aller Art und deren Bekämpfung - 12.05.2010 (30)
  13. Habe Antimaleware doctor! Was soll ich tun?
    Plagegeister aller Art und deren Bekämpfung - 08.05.2010 (7)
  14. Antimaleware Doctor - nicht zu löschen !
    Plagegeister aller Art und deren Bekämpfung - 03.05.2010 (5)
  15. Antimaleware Doctor und Antimaleware Soft Attacke
    Plagegeister aller Art und deren Bekämpfung - 30.04.2010 (4)
  16. Antimaleware Doctor entfernt - Logfiles zur Auswertung
    Plagegeister aller Art und deren Bekämpfung - 28.04.2010 (13)
  17. Antimaleware doctor oder anderer fissling?
    Plagegeister aller Art und deren Bekämpfung - 28.04.2010 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Antimaleware-Doctor-Attacke und troj/FakeAV-*** - sieht nicht so aus, als wäre alles weg, oder? lg anke SUPERAntiSpyware Scan Log hxxp://www.superantispyware.com Generated 05/01/2010 at 11:12 PM Application Version : 4.36.1006 Core Rules Database Version : 4877 - Antimaleware-Doctor-Attacke und troj/FakeAV-***...
Archiv
Du betrachtest: Antimaleware-Doctor-Attacke und troj/FakeAV-*** auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131