Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Trojan:WinNT/Bubnix.gen!A - wie werde ich den los??

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 30.06.2010, 17:35   #1
bic
 
Trojan:WinNT/Bubnix.gen!A - wie werde ich den los?? - Standard

Trojan:WinNT/Bubnix.gen!A - wie werde ich den los??



Hallo,

ich bin neu hier und habe folgendes Problem:

Microsoft Security Essentials hat folgendes auf meinem Laptop entdeckt, der "Trojaner" wurde angeblich auch schon 3 mal entfernt, ist aber bei dem nächsten Scan und nach einem Neustart immer noch da:

Trojan:WinNT/Bubnix.gen!A

Kann mir jemand sagen, wie ich das teil wieder losbekomme, hat anscheinend auch schon von meinem Mail-Account eMails verschickt ...

Vielen Dank schonmal im voraus, ich hoffe ich habe nichts vergessen,

Bianca

Alt 30.06.2010, 18:50   #2
bic
 
Trojan:WinNT/Bubnix.gen!A - wie werde ich den los?? - Standard

Trojan:WinNT/Bubnix.gen!A - wie werde ich den los??



Nochmal Hallo,

habe gesehen, dass ich das noch machen sollte:

OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 30.06.2010 19:38:54 - Run 1
OTL by OldTimer - Version 3.2.7.0     Folder = C:\Users\Bianca\Desktop
Windows Vista Home Basic Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
502,00 Mb Total Physical Memory | 130,00 Mb Available Physical Memory | 26,00% Memory free
1,00 Gb Paging File | 0,00 Gb Available in Paging File | 26,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 37,26 Gb Total Space | 13,43 Gb Free Space | 36,03% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 35,80 Gb Total Space | 34,00 Gb Free Space | 94,98% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: BIANCA-PC
Current User Name: Bianca
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [dm Fotowelt.exe] -- "C:\Program Files\dm\dm Fotowelt\dm Fotowelt.exe" "%1" File not found
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 1
"InternetSettingsDisableNotify" = 1
"AutoUpdateDisableNotify" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DisableUnicastResponsesToMulticastBroadcast" = 0
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
"DefaultOutboundAction" = 1
"DefaultInboundAction" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{AA18AF74-CB56-4353-8980-246EE0151F08}" = lport=1230 | protocol=17 | dir=in | name=nortel client (upd 1230) | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0136A895-9922-4602-ACCD-EDDDE63DB8C7}" = protocol=17 | dir=in | app=c:\program files\alice\isw.exe | 
"{119D776D-7AD6-4E96-AA8C-62398F4398C4}" = protocol=6 | dir=in | app=c:\program files\ivt corporation\bluesoleil\bluesoleil.exe | 
"{33F2969A-9F8F-4961-8F34-CBC8C5F4F390}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe | 
"{442A3919-0197-444F-A43D-EC62DE8EF277}" = protocol=6 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe | 
"{51987BCC-B3D7-4E0E-8E35-C974AC864031}" = protocol=6 | dir=in | app=c:\program files\nortel networks\extranet.exe | 
"{5A3478BE-006E-4DB6-805B-8CF66D7892D8}" = protocol=6 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe | 
"{5A4C9206-BD97-4EFC-B470-2E16C401278F}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe | 
"{5D8FE919-05E1-4749-B72D-FC18988F4288}" = protocol=17 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe | 
"{5FCDD674-5C3C-4991-97B1-BBFA5EECC3E6}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe | 
"{721CF8F5-6FE5-40B6-B5E6-0917D176B065}" = protocol=17 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe | 
"{72CA6EF4-C2C1-4CBE-A767-EDF915CA7B21}" = protocol=17 | dir=in | app=c:\program files\nortel networks\extranet.exe | 
"{84974E8A-4BB0-4332-8F56-1A9B331BF87E}" = protocol=17 | dir=in | app=c:\program files\alice\support\alicesup.exe | 
"{862480EC-4B50-4251-AE35-98DC4185AA37}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe | 
"{8B543E7F-ADFE-4E8B-8F67-408D4B3820D5}" = protocol=17 | dir=in | app=c:\program files\alice\signup\alicecnn.exe | 
"{919780E0-B598-4BA1-BD99-8C1639215448}" = protocol=17 | dir=in | app=c:\program files\ivt corporation\bluesoleil\bluesoleil.exe | 
"{926C4370-BF72-4B57-AA88-73878FA61DFC}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe | 
"{A6F572C7-6AC1-46EC-B27C-86D018796ACD}" = protocol=17 | dir=in | app=c:\program files\aol 9.0 vr\waol.exe | 
"{AB210CED-E900-4E49-9B2E-35075C56E35F}" = protocol=17 | dir=in | app=c:\program files\alice\signup\alicecnf.exe | 
"{B0E7F15C-76EA-4A7F-A084-7872E2C88DEE}" = protocol=6 | dir=in | app=c:\program files\alice\signup\alicecnn.exe | 
"{C4E806AC-EF36-4B2F-8311-A256507C51DF}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe | 
"{CDEF998A-A77D-4EB4-B000-20E6B39638B3}" = protocol=6 | dir=in | app=c:\program files\aol 9.0 vr\waol.exe | 
"{DA9C020A-026B-475C-B1AC-A880A2BF522B}" = protocol=6 | dir=in | app=c:\program files\common files\aol\1193393663\ee\aolsoftware.exe | 
"{DD57D384-4FAB-4A8F-8CA1-C7A8FDA423BA}" = protocol=6 | dir=in | app=c:\program files\alice\support\alicesup.exe | 
"{E99540D3-1750-43C5-BA05-F82B84727F6B}" = protocol=17 | dir=in | app=c:\program files\common files\aol\1193393663\ee\aolsoftware.exe | 
"{F8907BB7-32DC-473A-B236-DD5FE2D5FA65}" = protocol=6 | dir=in | app=c:\program files\alice\isw.exe | 
"{FC6B1566-A911-4EF2-87AD-8D239C96E45E}" = protocol=6 | dir=in | app=c:\program files\alice\signup\alicecnf.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{04B45310-A5FE-4425-BFCA-1A6D8920DE74}" = OpenOffice.org 3.0
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{2290A680-4083-410A-ADCC-7092C67FC052}" = Toshiba Online Product Information
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2C544254-39F2-4ACA-B779-ABF7297C96CF}" = Accessibility
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6
"{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}" = ATK Hotkey
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{44CDBD1B-89FB-4E02-8319-2A4C550F664A}" = RTC Client API v1.2
"{56995235-B76E-44A6-BA17-8FF13D3F907A}" = TOSHIBA Benutzerhandbücher
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER
"{7095FD27-37F0-4750-9DE8-D37DC0043706}" = REALTEK USB Wireless LAN Driver
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78C6A78A-8B03-48C8-A47C-78BA1FCA2307}" = TOSHIBA ConfigFree
"{84ED5482-CFB0-4DD9-BF18-489FFDACD18A}" = Microsoft Antimalware Service DE-DE Language Pack
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = CD/DVD Drive Acoustic Silencer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.2 - Deutsch
"{AE46ABD3-D625-467F-B5A7-8D3FFF077F0D}" = Realtek 8139 and 8139C+ Ethernet Network Card Driver for Windows Vista
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9-Reihe
"{E62A1F01-07B7-4541-A835-EE5B0BF064C2}" = Microsoft Antimalware
"{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}" = TOSHIBA SD Memory Utilities
"{EF98A02A-1748-4762-9B7D-5ED1600520D5}" = Microsoft Security Essentials
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Advanced WindowsCare V2 Personal_is1" = Advanced WindowsCare Personal
"Alice" = Alice-Installationsdateien entfernen
"AOL Toolbar 4.0" = 
"EPSON Printer and Utilities" = EPSON-Drucker-Software
"Firebird SQL Server D" = Firebird SQL Server - MAGIX Edition 2.0.0.1 (D)
"Free WMA MP3 Converter" = Free WMA MP3 Converter
"Galswin Grundschule Klasse 1" = Galswin Grundschule Klasse 1 v4.0
"GX10i USB-Handset Manager" = GX10i USB-Handset Manager
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"KLiteCodecPack_is1" = K-Lite Codec Pack 3.9.5 (Full)
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft Security Essentials" = Microsoft Security Essentials
"Shockwave" = Shockwave
"SmartSuite V98.0" = Lotus SmartSuite Version 9
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TOSHIBA Software Modem" = TOSHIBA Software Modem
"ViewpointMediaPlayer" = Viewpoint Media Player
"Windows Media Encoder 9" = Windows Media Encoder 9-Reihe
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 14.10.2009 08:35:28 | Computer Name = Bianca-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 14.10.2009 09:32:15 | Computer Name = Bianca-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 16.10.2009 02:25:04 | Computer Name = Bianca-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 16.10.2009 08:33:54 | Computer Name = Bianca-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 17.10.2009 14:41:25 | Computer Name = Bianca-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 17.10.2009 14:42:46 | Computer Name = Bianca-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 18.10.2009 02:24:24 | Computer Name = Bianca-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 18.10.2009 02:24:50 | Computer Name = Bianca-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 18.10.2009 02:53:57 | Computer Name = Bianca-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 18.10.2009 02:54:00 | Computer Name = Bianca-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
 
========== Last 10 Event Log Errors ==========
 
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
 
< End of report >
         
--- --- ---


OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 30.06.2010 19:38:54 - Run 1
OTL by OldTimer - Version 3.2.7.0     Folder = C:\Users\Bianca\Desktop
Windows Vista Home Basic Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
502,00 Mb Total Physical Memory | 130,00 Mb Available Physical Memory | 26,00% Memory free
1,00 Gb Paging File | 0,00 Gb Available in Paging File | 26,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 37,26 Gb Total Space | 13,43 Gb Free Space | 36,03% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 35,80 Gb Total Space | 34,00 Gb Free Space | 94,98% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: BIANCA-PC
Current User Name: Bianca
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Bianca\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Google\Google Toolbar\GoogleToolbarUser_32.exe (Google Inc.)
PRC - C:\Programme\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
PRC - C:\Programme\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft Security Essentials\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft Security Essentials\MpCmdRun.exe (Microsoft Corporation)
PRC - C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\Windows\System32\Macromed\Flash\FlashUtil10c.exe (Adobe Systems, Inc.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\Programme\Internet Explorer\ieuser.exe (Microsoft Corporation)
PRC - C:\Programme\Alice\Signup\AliceCnn.exe (Hansenet)
PRC - C:\Programme\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe (TOSHIBA Corporation)
PRC - C:\Programme\TOSHIBA\ConfigFree\NDSTray.exe (TOSHIBA CORPORATION)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Programme\TOSHIBA\ConfigFree\CFSwMgr.exe (TOSHIBA CORPORATION)
PRC - C:\Programme\ATK Hotkey\HControl.exe (ATK0100)
PRC - C:\Programme\ATK Hotkey\ATKOSD.exe ()
PRC - C:\Programme\ATK Hotkey\ASLDRSrv.exe ()
PRC - C:\Programme\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
PRC - C:\Windows\System32\wpcumi.exe (Microsoft Corporation)
PRC - C:\Windows\System32\agrsmsvc.exe (Agere Systems)
PRC - C:\Windows\System32\TODDSrv.exe (TOSHIBA Corporation)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Bianca\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (MsMpSvc) -- C:\Program Files\Microsoft Security Essentials\MsMpEng.exe (Microsoft Corporation)
SRV - (WPFFontCache_v0400) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (TNaviSrv) -- C:\Programme\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe (TOSHIBA Corporation)
SRV - (ASLDRService) -- C:\Programme\ATK Hotkey\ASLDRSrv.exe ()
SRV - (CFSvcs) -- C:\Programme\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
SRV - (AgereModemAudio) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems)
SRV - (TODDSrv) -- C:\Windows\System32\TODDSrv.exe (TOSHIBA Corporation)
SRV - (FirebirdServerMAGIXInstance) -- C:\Programme\MAGIX\Common\Database\bin\fbserver.exe (MAGIX®)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (MpFilter) -- C:\Windows\System32\drivers\MpFilter.sys (Microsoft Corporation)
DRV - (MpNWMon) -- C:\Windows\System32\drivers\MpNWMon.sys (Microsoft Corporation)
DRV - (usbaudio) USB-Audiotreiber (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (igfx) -- C:\Windows\System32\drivers\igdkmd32.sys (Intel Corporation)
DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC)
DRV - (tos_sps32) -- C:\Windows\system32\DRIVERS\tos_sps32.sys (TOSHIBA Corporation)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (RTL8023xp) -- C:\Windows\System32\drivers\Rtnicxp.sys (Realtek Semiconductor Corporation                           )
DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (RTL8187B) -- C:\Windows\System32\drivers\rtl8187B.sys (Realtek Semiconductor Corporation                           )
DRV - (iaStor) -- C:\Windows\system32\DRIVERS\iaStor.sys (Intel Corporation)
DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)
DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
DRV - (KR10N) -- C:\Windows\system32\drivers\kr10n.sys (TOSHIBA CORPORATION)
DRV - (KR10I) -- C:\Windows\system32\drivers\kr10i.sys (TOSHIBA CORPORATION)
DRV - (MTsensor) -- C:\Windows\System32\drivers\ATKACPI.sys (ATK0100)
DRV - (wanatw) WAN Miniport (ATW) -- C:\Windows\System32\drivers\wanatw4.sys (America Online, Inc.)
DRV - (PDNMp50) -- C:\Windows\System32\drivers\PDNMp50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (PDNSp50) -- C:\Windows\System32\drivers\PDNSp50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (tdcmdpst) -- C:\Windows\System32\drivers\tdcmdpst.sys (TOSHIBA Corporation.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Alice - Willkommen
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Alice - Willkommen
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Anmelden
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {1CFFA392-0898-4b1c-89D1-6E98F9D8EF78} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,736 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: ::1             localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (AOL Toolbar Launcher) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Programme\AOL\AOL Toolbar 4.0\aoltb.dll (AOL LLC)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Programme\AOL\AOL Toolbar 4.0\aoltb.dll (AOL LLC)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Programme\AOL\AOL Toolbar 4.0\aoltb.dll (AOL LLC)
O4 - HKLM..\Run: [MSSE] C:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NDSTray.exe]  File not found
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [WPCUMI] C:\Windows\System32\wpcumi.exe (Microsoft Corporation)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: &AOL Toolbar-Suche - c:\Programme\AOL\AOL Toolbar 4.0\resources\de-DE\local\search.html ()
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0\bin\npjpi160.dll (Sun Microsystems, Inc.)
O9 - Extra Button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Programme\AOL\AOL Toolbar 4.0\aoltb.dll (AOL LLC)
O9 - Extra Button: eBay - Der weltweite Online Marktplatz - {76577871-04EC-495E-A12B-91F7C3600AFA} -  File not found
O9 - Extra Button: Amazon.de - {8A918C1D-E123-4E36-B562-5C1519E434CE} -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range -  5)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file:///C:/Windows/Java/classes/xmldso.cab (Reg Error: Key error.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Users\Bianca\Pictures\FebAug2008\DSC04369.JPG
O24 - Desktop BackupWallPaper: C:\Users\Bianca\Pictures\FebAug2008\DSC04369.JPG
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2007.09.06 21:22:33 | 000,000,084 | RHS- | M] () - C:\AutoRun.inf -- [ NTFS ]
O32 - AutoRun File - [2007.09.06 21:22:37 | 000,000,084 | RHS- | M] () - E:\AutoRun.inf -- [ NTFS ]
O33 - MountPoints2\{7305b365-82d8-11dc-879d-0016441dc4d3}\Shell\AutoRun\command - "" = D:\usbagent.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.06.30 19:30:46 | 000,574,464 | ---- | C] (OldTimer Tools) -- C:\Users\Bianca\Desktop\OTL.exe
[2010.06.30 14:11:53 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010.06.30 11:48:44 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Security Essentials
[2010.06.26 11:10:40 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft.NET
[2010.06.24 14:58:20 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2010.06.24 14:58:19 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2010.06.24 14:58:19 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2010.06.23 21:43:50 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2010.06.23 21:43:48 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2010.06.10 18:46:49 | 000,289,792 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2010.06.10 18:46:49 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2010.06.10 18:46:46 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll
[2010.06.10 18:46:34 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010.06.10 18:46:34 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2010.06.10 18:46:33 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010.06.10 18:46:33 | 000,458,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010.06.10 18:46:33 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2010.06.10 18:46:33 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2010.06.10 18:46:33 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010.06.10 18:46:33 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll
[2010.06.10 18:46:33 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010.06.10 18:46:32 | 001,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010.06.10 18:46:32 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010.06.10 18:46:28 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2010.06.10 18:46:15 | 002,036,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2010.06.30 19:43:25 | 000,741,376 | ---- | M] () -- C:\Windows\System32\drivers\lmuyps.sys
[2010.06.30 19:41:37 | 003,932,160 | -HS- | M] () -- C:\Users\Bianca\ntuser.dat
[2010.06.30 19:41:26 | 000,030,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\weefcwio.sys
[2010.06.30 19:38:35 | 000,003,552 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.06.30 19:38:35 | 000,003,552 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.06.30 19:32:43 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Users\Bianca\Desktop\OTL.exe
[2010.06.30 19:03:28 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.06.30 17:38:47 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.06.30 17:36:19 | 000,008,192 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2010.06.30 17:35:14 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.06.30 17:35:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.06.30 17:32:22 | 000,524,288 | -HS- | M] () -- C:\Users\Bianca\ntuser.dat{ed84851c-2235-11df-b570-c143573dba26}.TMContainer00000000000000000001.regtrans-ms
[2010.06.30 17:32:22 | 000,065,536 | -HS- | M] () -- C:\Users\Bianca\ntuser.dat{ed84851c-2235-11df-b570-c143573dba26}.TM.blf
[2010.06.30 17:32:12 | 001,909,698 | -H-- | M] () -- C:\Users\Bianca\AppData\Local\IconCache.db
[2010.06.30 14:12:07 | 000,000,965 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Security Essentials.lnk
[2010.06.26 11:18:32 | 001,493,492 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.06.26 11:18:32 | 000,644,136 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.06.26 11:18:32 | 000,600,690 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.06.26 11:18:32 | 000,131,194 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.06.26 11:18:32 | 000,108,572 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.06.20 14:12:27 | 000,053,248 | ---- | M] () -- C:\Users\Bianca\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.06.11 22:54:17 | 000,304,928 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.06.01 19:37:48 | 000,221,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2010.06.30 11:48:47 | 000,000,965 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Security Essentials.lnk
[2010.01.06 17:00:23 | 000,741,376 | ---- | C] () -- C:\Windows\System32\drivers\lmuyps.sys
[2009.10.03 11:43:42 | 000,000,283 | ---- | C] () -- C:\Windows\LilliS.ini
[2009.10.03 11:37:09 | 000,000,158 | ---- | C] () -- C:\Windows\LilliP.ini
[2009.02.21 15:55:45 | 000,000,000 | ---- | C] () -- C:\Windows\winhelp.ini
[2008.06.18 16:33:23 | 000,001,025 | ---- | C] () -- C:\Windows\System32\sysprs7.dll
[2008.06.18 16:33:23 | 000,001,025 | ---- | C] () -- C:\Windows\System32\clauth2.dll
[2008.06.18 16:33:23 | 000,001,025 | ---- | C] () -- C:\Windows\System32\clauth1.dll
[2008.06.18 16:33:23 | 000,000,205 | ---- | C] () -- C:\Windows\System32\lsprst7.dll
[2008.06.18 16:33:23 | 000,000,073 | ---- | C] () -- C:\Windows\System32\ssprs.dll
[2008.06.11 00:28:38 | 000,164,352 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2008.06.11 00:28:35 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2008.06.11 00:28:35 | 000,755,027 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2008.06.11 00:28:35 | 000,159,839 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2008.06.11 00:28:34 | 000,007,680 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2008.06.11 00:28:34 | 000,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest
[2008.01.02 17:57:36 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1409.dll
[2008.01.02 17:47:22 | 001,953,696 | ---- | C] () -- C:\Windows\System32\igklg400.dll
[2008.01.02 17:47:22 | 001,533,360 | ---- | C] () -- C:\Windows\System32\igklg450.dll
[2008.01.02 17:47:22 | 000,104,636 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.dll
[2007.12.11 14:50:27 | 000,042,982 | ---- | C] () -- C:\Windows\System32\pddsladp.dll
[2007.11.18 15:29:18 | 000,000,002 | ---- | C] () -- C:\Windows\msoffice.ini
[2007.08.30 07:21:22 | 000,006,642 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2007.08.30 06:44:26 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2007.08.30 06:30:52 | 000,128,113 | ---- | C] () -- C:\Windows\System32\csellang.ini
[2007.08.30 06:30:52 | 000,045,056 | ---- | C] () -- C:\Windows\System32\csellang.dll
[2007.08.30 06:30:52 | 000,010,146 | ---- | C] () -- C:\Windows\System32\tosmreg.ini
[2007.08.30 06:30:52 | 000,007,671 | ---- | C] () -- C:\Windows\System32\cseltbl.ini
[2007.08.29 12:57:48 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2007.08.29 12:56:46 | 000,910,464 | ---- | C] () -- C:\Windows\System32\igmedkrn.dll
[2007.08.29 12:56:46 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1283.dll
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[1998.06.17 23:39:28 | 000,000,247 | ---- | C] () -- C:\Windows\acroread.ini
 
========== LOP Check ==========
 
[2010.02.10 07:40:13 | 000,000,000 | ---D | M] -- C:\Users\Bianca\AppData\Roaming\bhv-Edu
[2010.04.27 18:22:20 | 000,000,000 | ---D | M] -- C:\Users\Bianca\AppData\Roaming\Canneverbe Limited
[2007.12.20 00:31:08 | 000,000,000 | ---D | M] -- C:\Users\Bianca\AppData\Roaming\Nokia
[2009.02.01 16:13:23 | 000,000,000 | ---D | M] -- C:\Users\Bianca\AppData\Roaming\OpenOffice.org
[2007.12.15 17:58:28 | 000,000,000 | ---D | M] -- C:\Users\Bianca\AppData\Roaming\PC Suite
[2010.03.09 06:57:06 | 000,000,000 | ---D | M] -- C:\Users\Bianca\AppData\Roaming\Toshiba
[2010.06.30 17:33:12 | 000,032,538 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 304 bytes -> C:\Windows\System32\drivers\weefcwio.sys:changelist
< End of report >
         
--- --- ---
__________________


Antwort

Themen zu Trojan:WinNT/Bubnix.gen!A - wie werde ich den los??
angeblich, emails, entdeck, entdeckt, entfern, entfernt, essen, folge, folgendes, hoffe, laptop, mail-account, neu, neustart, nichts, problem, scan, schei, schonmal, security, troja, trojan, trojaner, vergessen, verschickt, win




Ähnliche Themen: Trojan:WinNT/Bubnix.gen!A - wie werde ich den los??


  1. Windows Defender: Problem beim Entfernen von Trojan:Win32/Necurs.A und Trojan:WinNT/Necurs.A unter Windows 7
    Log-Analyse und Auswertung - 11.04.2014 (52)
  2. Trojan Win32/Necurs.A wie werde ich ihn los?
    Plagegeister aller Art und deren Bekämpfung - 03.02.2014 (20)
  3. Trojan.ZBot.ED Meldung - wie werde ich den los?
    Plagegeister aller Art und deren Bekämpfung - 11.05.2013 (9)
  4. GVU Trojaner 2.07/Trojan.Ransom/Windows 7 - wie werde ich ihn los?
    Plagegeister aller Art und deren Bekämpfung - 18.10.2012 (2)
  5. Trojan.Bubnix in c:\windows\system32\drivers\nqpqz.sys
    Plagegeister aller Art und deren Bekämpfung - 15.03.2011 (14)
  6. Trojan:WinNT/Bubnix.gen!A - lässt sich nicht entfernen
    Log-Analyse und Auswertung - 15.10.2010 (1)
  7. Mehrere Trojaner wie Bubnix.ZM, Bubnix.abd.1, Bredolab.AA.312 :-(
    Plagegeister aller Art und deren Bekämpfung - 12.10.2010 (0)
  8. TrojanDownloader:Win32/Bubnix.A
    Plagegeister aller Art und deren Bekämpfung - 16.09.2010 (4)
  9. TrojanDownloader:Win32/Bubnix.A & Co. Problem :(
    Plagegeister aller Art und deren Bekämpfung - 24.05.2010 (12)
  10. RKIT/Bubnix.S HILFE
    Plagegeister aller Art und deren Bekämpfung - 14.05.2010 (2)
  11. Werde Reg-Einträge des Trojan.Vundo.H nicht los
    Plagegeister aller Art und deren Bekämpfung - 04.09.2008 (3)
  12. unknown trojan - werde ihn nicht los!
    Plagegeister aller Art und deren Bekämpfung - 21.02.2008 (7)
  13. Trojan.Vundo.DLY - Hilfe ! Werde ihn nicht los !
    Log-Analyse und Auswertung - 19.06.2007 (3)
  14. trojan.win32zapchast.ca - werde ihn nicht mehr los
    Plagegeister aller Art und deren Bekämpfung - 27.09.2006 (9)
  15. werde trojan nicht los!
    Log-Analyse und Auswertung - 19.03.2006 (1)
  16. Werde download.trojan nicht los!?
    Log-Analyse und Auswertung - 20.12.2005 (4)
  17. Werde den scheiss net los PWSteal.Trojan
    Plagegeister aller Art und deren Bekämpfung - 19.10.2004 (4)

Zum Thema Trojan:WinNT/Bubnix.gen!A - wie werde ich den los?? - Hallo, ich bin neu hier und habe folgendes Problem: Microsoft Security Essentials hat folgendes auf meinem Laptop entdeckt, der "Trojaner" wurde angeblich auch schon 3 mal entfernt, ist aber bei - Trojan:WinNT/Bubnix.gen!A - wie werde ich den los??...
Archiv
Du betrachtest: Trojan:WinNT/Bubnix.gen!A - wie werde ich den los?? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.