Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
DRIVER_IRQ_NOT_LESS_OR_EQUAL - iastor.sys ; XP.Crack.Gen ; Antimalware-Doctor Trojaner

DRIVER_IRQ_NOT_LESS_OR_EQUAL - iastor.sys ; XP.Crack.Gen ; Antimalware-Doctor Trojaner


Log-Analyse und Auswertung: DRIVER_IRQ_NOT_LESS_OR_EQUAL - iastor.sys ; XP.Crack.Gen ; Antimalware-Doctor Trojaner

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 22.04.2011, 08:08   #7
antonology
 
DRIVER_IRQ_NOT_LESS_OR_EQUAL - iastor.sys ; XP.Crack.Gen ; Antimalware-Doctor Trojaner - Standard

DRIVER_IRQ_NOT_LESS_OR_EQUAL - iastor.sys ; XP.Crack.Gen ; Antimalware-Doctor Trojaner


Und hier sind die beiden logfiles von otl;

1: OTL.txtOTL Logfile:
Code:
ATTFilter
OTL logfile created on: 4/22/2011 8:59:43 AM - Run 1
OTL by OldTimer - Version 3.2.22.3     Folder = C:\Users\antonology\Desktop
 Starter Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,014.00 Mb Total Physical Memory | 286.00 Mb Available Physical Memory | 28.00% Memory free
3.00 Gb Paging File | 2.00 Gb Available in Paging File | 75.00% Paging File free
Paging file location(s): d:\pagefile.sys 2000 2000 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 80.00 Gb Total Space | 46.27 Gb Free Space | 57.84% Space Free | Partition Type: NTFS
Drive D: | 59.03 Gb Total Space | 0.76 Gb Free Space | 1.29% Space Free | Partition Type: NTFS
 
Computer Name: ANTONOLOGY_HQ | User Name: antonology | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\antonology\Desktop\OTL.exe (OldTimer Tools)
PRC - D:\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - D:\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - D:\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files\Hamachi\hamachi-2.exe (LogMeIn Inc.)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\CDBurnerXP\NMSAccessU.exe ()
PRC - D:\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Windows\System32\AsusService.exe ()
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\WerFault.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe (Cisco Systems, Inc.)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation)
PRC - C:\Program Files\Spybot\SDWinSec.exe (Safer Networking Ltd.)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\antonology\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (AntiVirSchedulerService) -- D:\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AntiVirService) -- D:\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (Hamachi2Svc) -- C:\Program Files\Hamachi\hamachi-2.exe (LogMeIn Inc.)
SRV - (NMSAccess) -- C:\Program Files\CDBurnerXP\NMSAccessU.exe ()
SRV - (AsusService) -- C:\Windows\System32\AsusService.exe ()
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (vpnagent) -- C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe (Cisco Systems, Inc.)
SRV - (IAANTMON) Intel(R) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation)
SRV - (SBSDWSCService) -- C:\Program Files\Spybot\SDWinSec.exe (Safer Networking Ltd.)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (sptd) -- C:\windows\System32\Drivers\sptd.sys ()
DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (StarOpen) -- C:\windows\System32\drivers\StarOpen.sys ()
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (kbfiltr) -- C:\Windows\System32\drivers\kbfiltr.sys ( )
DRV - (RMCAST) -- C:\Windows\System32\drivers\rmcast.sys (Microsoft Corporation)
DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (L1C) NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20) -- C:\Windows\System32\drivers\L1C62x86.sys (Atheros Communications, Inc.)
DRV - (AsUpIO) -- C:\Windows\System32\drivers\AsUpIO.sys ()
DRV - (btusbflt) -- C:\Windows\System32\drivers\btusbflt.sys (Broadcom Corporation.)
DRV - (vpnva) -- C:\Windows\System32\drivers\vpnva.sys (Cisco Systems, Inc.)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://eeepc.asus.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://eeepc.asus.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.ixquick.de"
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
 
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/04/16 10:11:43 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/16 10:11:37 | 000,000,000 | ---D | M]
 
[2010/04/25 14:26:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\antonology\AppData\Roaming\mozilla\Extensions
[2011/04/03 08:29:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\antonology\AppData\Roaming\mozilla\Firefox\Profiles\p541g0qh.default\extensions
[2011/04/20 11:14:53 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\antonology\AppData\Roaming\mozilla\Firefox\Profiles\p541g0qh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011/04/02 22:08:42 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\antonology\AppData\Roaming\mozilla\Firefox\Profiles\p541g0qh.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010/05/12 17:40:48 | 000,001,042 | ---- | M] () -- C:\Users\antonology\AppData\Roaming\Mozilla\Firefox\Profiles\p541g0qh.default\searchplugins\icqplugin.xml
[2010/05/08 13:09:02 | 000,001,595 | ---- | M] () -- C:\Users\antonology\AppData\Roaming\Mozilla\Firefox\Profiles\p541g0qh.default\searchplugins\ixquick---deutsch.xml
[2011/04/16 10:11:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
File not found (No name found) -- 
[2011/03/18 19:53:24 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010/01/01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
 
Hosts file not found
O2 - BHO: (Babylon IE plugin) - {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)
O2 - BHO: (ASUS Windows 7 Starter Helper) - {D381FF29-7CFB-4D4E-B92A-C4EDDC696614} - C:\Program Files\asus\SystemSetting\StarterHelper.dll (ASUSTeK Computer Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O4 - HKLM..\Run: [avgnt] D:\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\antonology\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Translate this web page with Babylon - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)
O8 - Extra context menu item: Translate with Babylon - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)
O9 - Extra Button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)
O9 - Extra 'Tools' menuitem : Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKCU Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O30 - LSA: Authentication Packages - (efccbx.dll) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011/04/22 08:52:14 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\antonology\Desktop\OTL.exe
[2011/04/22 08:27:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/04/22 08:27:34 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbamswissarmy.sys
[2011/04/22 08:27:28 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys
[2011/04/22 08:18:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2011/04/22 08:18:22 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2011/04/21 19:05:47 | 000,000,000 | ---D | C] -- C:\avz
[2011/04/20 15:16:04 | 000,000,000 | ---D | C] -- C:\Users\antonology\AppData\Roaming\Yahoo!
[2011/04/20 15:10:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yahoo! Messenger
[2011/04/20 15:10:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo!
[2011/04/20 10:58:41 | 000,000,000 | ---D | C] -- C:\Users\antonology\Desktop\Super RMN Bros2
[2011/04/20 10:54:47 | 000,000,000 | -HSD | C] -- C:\found.000
[2011/04/19 12:38:16 | 000,000,000 | ---D | C] -- C:\Users\antonology\AppData\Roaming\Intel Corporation
[2011/04/19 12:34:00 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
[2011/04/19 10:06:29 | 000,000,000 | ---D | C] -- C:\Users\antonology\Desktop\BG2 Patches und updates
[2011/04/19 09:50:25 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2011/04/18 18:43:37 | 000,000,000 | ---D | C] -- C:\Users\antonology\AppData\Roaming\Malwarebytes
[2011/04/18 18:42:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/04/18 18:42:55 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/04/18 10:50:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICQ7.4
[2011/04/18 10:23:00 | 000,000,000 | ---D | C] -- C:\Program Files\ICQ7.4
[2011/04/17 19:11:07 | 000,000,000 | ---D | C] -- C:\Users\antonology\AppData\Roaming\ICQ
[2011/04/16 11:15:44 | 008,392,346 | ---- | C] (BioWare Corp.) -- C:\Users\antonology\Desktop\BGII-ThroneofBhaal_Patch_26498_ENGLISH.exe
[2011/04/08 16:47:07 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011/04/07 21:34:25 | 000,000,000 | ---D | C] -- C:\Users\antonology\Desktop\superrmbbros
[2011/04/07 21:28:06 | 000,000,000 | ---D | C] -- C:\Users\antonology\Desktop\Lettres de Motivation
[2011/04/05 20:13:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hamachi
[2011/04/05 20:13:17 | 000,000,000 | ---D | C] -- C:\Program Files\Hamachi
[2011/04/05 19:08:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baldur's Gate
[2011/04/05 18:55:57 | 000,306,688 | ---- | C] (InstallShield Software Corporation) -- C:\windows\IsUninst.exe
[2011/04/04 19:32:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xenocide
[2011/04/04 19:29:37 | 000,000,000 | ---D | C] -- C:\windows\System32\directx
[2011/04/04 19:29:17 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft XNA
[2011/04/03 16:08:09 | 000,000,000 | ---D | C] -- C:\Users\antonology\AppData\Roaming\Archibald's Adventures
[2011/04/03 16:08:00 | 000,000,000 | ---D | C] -- C:\Users\antonology\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Archibald Crazy Adventures
[2011/04/03 00:00:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jewel Quest IV
[2011/04/02 22:07:42 | 000,000,000 | ---D | C] -- C:\Program Files\DVDVideoSoft
[2011/04/02 22:07:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
[2011/04/02 22:06:50 | 000,000,000 | ---D | C] -- C:\Program Files\YT to mp3
[2011/04/01 19:14:34 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\iWin
[2011/04/01 19:12:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jewel Quest III
[2011/03/29 16:23:50 | 000,000,000 | ---D | C] -- C:\Users\antonology\AppData\Roaming\Abra Academy
[2011/03/29 16:22:16 | 000,000,000 | ---D | C] -- C:\ProgramData\BigFishGamesCache
[2011/03/29 16:22:04 | 000,000,000 | ---D | C] -- C:\Program Files\bfgclient
[2011/03/29 16:21:32 | 000,000,000 | ---D | C] -- C:\BigFishGamesCache
[2011/03/27 21:03:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catan
[2009/10/06 15:08:27 | 000,013,880 | ---- | C] ( ) -- C:\windows\System32\drivers\kbfiltr.sys
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011/04/22 09:03:20 | 000,001,138 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3270439410-2971256653-2768509937-1000UA.job
[2011/04/22 09:02:26 | 000,009,696 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/04/22 09:02:26 | 000,009,696 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/04/22 08:54:28 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2011/04/22 08:54:22 | 146,812,160 | ---- | M] () -- C:\windows\MEMORY.DMP
[2011/04/22 08:54:19 | 797,581,312 | -HS- | M] () -- C:\hiberfil.sys
[2011/04/22 08:52:24 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\antonology\Desktop\OTL.exe
[2011/04/22 08:27:37 | 000,000,983 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/04/21 22:30:48 | 001,110,476 | ---- | M] () -- C:\Users\antonology\Desktop\7z920.exe
[2011/04/21 19:21:30 | 000,731,136 | ---- | M] () -- C:\Users\antonology\Desktop\avenger.exe
[2011/04/21 19:20:12 | 004,325,821 | ---- | M] () -- C:\Users\antonology\Desktop\ComboFix.exe
[2011/04/21 19:05:22 | 006,175,589 | ---- | M] () -- C:\Users\antonology\Desktop\avz4.zip
[2011/04/21 19:01:05 | 000,001,086 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3270439410-2971256653-2768509937-1000Core.job
[2011/04/21 18:43:32 | 000,137,752 | ---- | M] () -- C:\Users\antonology\Desktop\28th.jpg
[2011/04/21 14:21:54 | 000,002,634 | ---- | M] () -- C:\nuhr.m3u
[2011/04/20 13:58:15 | 000,059,194 | ---- | M] () -- C:\Users\antonology\Desktop\11_Geheimnis_eines_langen_Lebens__2.pdf
[2011/04/20 10:20:54 | 014,305,258 | ---- | M] () -- C:\Users\antonology\Desktop\Super_RMN_Bros2_ss.zip
[2011/04/16 11:20:42 | 008,392,346 | ---- | M] (BioWare Corp.) -- C:\Users\antonology\Desktop\BGII-ThroneofBhaal_Patch_26498_ENGLISH.exe
[2011/04/16 10:11:46 | 000,001,096 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/04/08 21:28:11 | 000,646,482 | ---- | M] () -- C:\windows\System32\perfh007.dat
[2011/04/08 21:28:11 | 000,609,806 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2011/04/08 21:28:11 | 000,127,608 | ---- | M] () -- C:\windows\System32\perfc007.dat
[2011/04/08 21:28:11 | 000,104,782 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2011/04/03 14:36:05 | 000,137,656 | ---- | M] (Avira GmbH) -- C:\windows\System32\drivers\avipbb.sys
[2011/04/03 14:36:05 | 000,061,960 | ---- | M] (Avira GmbH) -- C:\windows\System32\drivers\avgntflt.sys
[2011/04/02 22:07:09 | 000,001,061 | ---- | M] () -- C:\Users\antonology\Desktop\YT to mp3.lnk
[2011/03/23 13:45:56 | 000,000,118 | -H-- | M] () -- C:\Users\antonology\Desktop\.~lock.Lettre de Motivation - Office de Tourisme.odt#
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011/04/22 08:27:37 | 000,000,983 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/04/22 07:17:16 | 146,812,160 | ---- | C] () -- C:\windows\MEMORY.DMP
[2011/04/21 22:30:25 | 001,110,476 | ---- | C] () -- C:\Users\antonology\Desktop\7z920.exe
[2011/04/21 19:20:51 | 000,731,136 | ---- | C] () -- C:\Users\antonology\Desktop\avenger.exe
[2011/04/21 19:16:17 | 004,325,821 | ---- | C] () -- C:\Users\antonology\Desktop\ComboFix.exe
[2011/04/21 19:01:40 | 006,175,589 | ---- | C] () -- C:\Users\antonology\Desktop\avz4.zip
[2011/04/21 18:43:31 | 000,137,752 | ---- | C] () -- C:\Users\antonology\Desktop\28th.jpg
[2011/04/20 13:58:16 | 000,059,194 | ---- | C] () -- C:\Users\antonology\Desktop\11_Geheimnis_eines_langen_Lebens__2.pdf
[2011/04/20 09:58:37 | 014,305,258 | ---- | C] () -- C:\Users\antonology\Desktop\Super_RMN_Bros2_ss.zip
[2011/04/18 21:32:48 | 000,002,634 | ---- | C] () -- C:\nuhr.m3u
[2011/04/02 22:07:09 | 000,001,061 | ---- | C] () -- C:\Users\antonology\Desktop\YT to mp3.lnk
[2011/03/23 13:45:56 | 000,000,118 | -H-- | C] () -- C:\Users\antonology\Desktop\.~lock.Lettre de Motivation - Office de Tourisme.odt#
[2011/02/20 23:53:59 | 000,080,384 | ---- | C] () -- C:\windows\gamedelete.exe
[2011/01/11 14:00:29 | 000,001,595 | ---- | C] () -- C:\windows\wininit.ini
[2010/09/14 22:09:49 | 000,000,000 | ---- | C] () -- C:\windows\System32\Access.dat
[2010/07/27 09:33:21 | 000,000,041 | ---- | C] () -- C:\windows\DAVILEX.INI
[2010/07/15 18:23:43 | 000,000,034 | ---- | C] () -- C:\windows\cdplayer.ini
[2010/06/13 00:57:13 | 000,000,036 | ---- | C] () -- C:\Users\antonology\AppData\Local\housecall.guid.cache
[2010/06/09 15:56:27 | 000,000,056 | -H-- | C] () -- C:\windows\System32\ezsidmv.dat
[2010/05/02 22:22:41 | 000,000,320 | ---- | C] () -- C:\windows\WinSchach.ini
[2010/04/25 18:40:38 | 000,000,000 | ---- | C] () -- C:\Users\antonology\AppData\Roaming\wklnhst.dat
[2010/04/24 20:23:06 | 000,007,168 | ---- | C] () -- C:\windows\System32\drivers\StarOpen.sys
[2010/04/21 20:16:06 | 000,038,703 | ---- | C] () -- C:\windows\Ascd_tmp.ini
[2009/11/11 02:02:27 | 000,219,136 | ---- | C] () -- C:\windows\System32\AsusService.exe
[2009/11/11 02:02:27 | 000,021,864 | ---- | C] () -- C:\windows\AsAcpiSvrLang.ini
[2009/11/11 02:00:14 | 000,013,931 | ---- | C] () -- C:\windows\System32\RaCoInst.dat
[2009/11/11 01:49:39 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2009/11/11 01:42:59 | 000,011,448 | ---- | C] () -- C:\windows\System32\drivers\AsUpIO.sys
[2009/11/11 01:42:49 | 000,001,769 | ---- | C] () -- C:\windows\Language_trs.ini
[2009/07/26 03:28:45 | 000,646,482 | ---- | C] () -- C:\windows\System32\perfh007.dat
[2009/07/26 03:28:45 | 000,295,922 | ---- | C] () -- C:\windows\System32\perfi007.dat
[2009/07/26 03:28:45 | 000,127,608 | ---- | C] () -- C:\windows\System32\perfc007.dat
[2009/07/26 03:28:45 | 000,038,104 | ---- | C] () -- C:\windows\System32\perfd007.dat
[2009/07/14 06:57:37 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
[2009/07/14 06:33:53 | 000,369,472 | ---- | C] () -- C:\windows\System32\FNTCACHE.DAT
[2009/07/14 04:05:48 | 000,609,806 | ---- | C] () -- C:\windows\System32\perfh009.dat
[2009/07/14 04:05:48 | 000,291,294 | ---- | C] () -- C:\windows\System32\perfi009.dat
[2009/07/14 04:05:48 | 000,104,782 | ---- | C] () -- C:\windows\System32\perfc009.dat
[2009/07/14 04:05:48 | 000,031,548 | ---- | C] () -- C:\windows\System32\perfd009.dat
[2009/07/14 04:05:05 | 000,000,741 | ---- | C] () -- C:\windows\System32\NOISE.DAT
[2009/07/14 04:04:11 | 000,215,943 | ---- | C] () -- C:\windows\System32\dssec.dat
[2009/07/14 01:55:01 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2009/07/14 01:51:43 | 000,073,728 | ---- | C] () -- C:\windows\System32\BthpanContextHandler.dll
[2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\windows\System32\BWContextHandler.dll
[2009/06/10 23:26:10 | 000,673,088 | ---- | C] () -- C:\windows\System32\mlang.dat
[2009/04/02 14:30:14 | 000,010,296 | ---- | C] () -- C:\windows\System32\drivers\ASUSHWIO.SYS
 
========== LOP Check ==========
 
[2011/03/29 16:23:50 | 000,000,000 | ---D | M] -- C:\Users\antonology\AppData\Roaming\Abra Academy
[2011/04/03 16:13:05 | 000,000,000 | ---D | M] -- C:\Users\antonology\AppData\Roaming\Archibald's Adventures
[2010/04/25 19:11:41 | 000,000,000 | ---D | M] -- C:\Users\antonology\AppData\Roaming\Asus
[2010/12/07 20:55:12 | 000,000,000 | ---D | M] -- C:\Users\antonology\AppData\Roaming\Babylon
[2010/12/07 11:19:53 | 000,000,000 | ---D | M] -- C:\Users\antonology\AppData\Roaming\BitTorrent
[2010/06/05 18:16:33 | 000,000,000 | ---D | M] -- C:\Users\antonology\AppData\Roaming\Canneverbe Limited
[2010/05/15 18:32:12 | 000,000,000 | ---D | M] -- C:\Users\antonology\AppData\Roaming\ChessBase
[2010/04/30 10:13:20 | 000,000,000 | ---D | M] -- C:\Users\antonology\AppData\Roaming\DAEMON Tools Lite
[2011/03/01 21:19:11 | 000,000,000 | ---D | M] -- C:\Users\antonology\AppData\Roaming\Dropbox
[2011/04/02 22:08:39 | 000,000,000 | ---D | M] -- C:\Users\antonology\AppData\Roaming\DVDVideoSoftIEHelpers
[2010/09/14 23:05:55 | 000,000,000 | ---D | M] -- C:\Users\antonology\AppData\Roaming\Free Download Manager
[2011/02/05 13:54:03 | 000,000,000 | ---D | M] -- C:\Users\antonology\AppData\Roaming\GetRightToGo
[2010/08/09 22:47:14 | 000,000,000 | ---D | M] -- C:\Users\antonology\AppData\Roaming\GSplit
[2011/03/22 12:08:48 | 000,000,000 | ---D | M] -- C:\Users\antonology\AppData\Roaming\gtk-2.0
[2011/04/18 11:04:40 | 000,000,000 | ---D | M] -- C:\Users\antonology\AppData\Roaming\ICQ
[2010/12/06 22:33:03 | 000,000,000 | ---D | M] -- C:\Users\antonology\AppData\Roaming\iWin
[2010/06/10 11:57:54 | 000,000,000 | -HSD | M] -- C:\Users\antonology\AppData\Roaming\lowsec
[2010/09/30 17:25:34 | 000,000,000 | ---D | M] -- C:\Users\antonology\AppData\Roaming\LucasArts
[2010/08/06 18:35:25 | 000,000,000 | ---D | M] -- C:\Users\antonology\AppData\Roaming\Nokia
[2010/09/15 10:11:58 | 000,000,000 | ---D | M] -- C:\Users\antonology\AppData\Roaming\OpenCandy
[2010/04/30 13:29:12 | 000,000,000 | ---D | M] -- C:\Users\antonology\AppData\Roaming\OpenOffice.org
[2010/08/06 18:35:31 | 000,000,000 | ---D | M] -- C:\Users\antonology\AppData\Roaming\PC Suite
[2010/06/10 18:16:22 | 000,000,000 | ---D | M] -- C:\Users\antonology\AppData\Roaming\Simply Super Software
[2010/04/26 14:57:57 | 000,000,000 | ---D | M] -- C:\Users\antonology\AppData\Roaming\Template
[2010/11/27 22:02:17 | 000,000,000 | ---D | M] -- C:\Users\antonology\AppData\Roaming\Tunngle
[2010/07/23 14:05:27 | 000,000,000 | ---D | M] -- C:\Users\antonology\AppData\Roaming\Uniblue
[2011/04/22 08:49:27 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 159 bytes -> C:\ProgramData\TEMP:5BC73C48
@Alternate Data Stream - 150 bytes -> C:\ProgramData\TEMP:AB689DEA
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:9F38BF31
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:706B1D1A
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:D1B5B4F1

< End of report >
--- --- ---
Geändert von antonology (22.04.2011 um 08:21 Uhr)

 

Themen zu DRIVER_IRQ_NOT_LESS_OR_EQUAL - iastor.sys ; XP.Crack.Gen ; Antimalware-Doctor Trojaner
antimalware doctor, antivir, antivir guard, auslastung, avg, avira, babylon, bho, bluescreen, cdburnerxp, converter, desktop, down, driver_irq_not_less_or_equal, equal, excel, firefox, hijack, hijackthis, hilfreich, hkus\s-1-5-18, hängen, iastor.sys, internet, internet explorer, monitor, mozilla, mp3, plug-in, safer networking, security, software, system, trojane, trojaner, windows, windows 7 starter, xp.crack.gen


« Boo/TDss.A nach Entfernen(?) von Alureon.A gefunden | Google Ergebnisse werden umgeleitet, Windows-Sicherheitscenter bleibt deaktiviert »


Ähnliche Themen: DRIVER_IRQ_NOT_LESS_OR_EQUAL - iastor.sys ; XP.Crack.Gen ; Antimalware-Doctor Trojaner


  1. Antimalware Doctor / Trojaner
    Plagegeister aller Art und deren Bekämpfung - 29.04.2011 (7)
  2. Antimalware Doctor
    Plagegeister aller Art und deren Bekämpfung - 21.09.2010 (22)
  3. antimalware doctor
    Plagegeister aller Art und deren Bekämpfung - 18.09.2010 (1)
  4. Antimalware Doctor
    Plagegeister aller Art und deren Bekämpfung - 14.09.2010 (19)
  5. Antimalware Doctor
    Plagegeister aller Art und deren Bekämpfung - 09.09.2010 (11)
  6. Antimalware Doctor...
    Plagegeister aller Art und deren Bekämpfung - 09.09.2010 (6)
  7. Antimalware Doctor
    Plagegeister aller Art und deren Bekämpfung - 08.09.2010 (1)
  8. Antimalware Doctor
    Plagegeister aller Art und deren Bekämpfung - 06.09.2010 (14)
  9. Antimalware Doctor
    Diskussionsforum - 30.08.2010 (8)
  10. Antimalware Doctor auf PC
    Plagegeister aller Art und deren Bekämpfung - 30.08.2010 (2)
  11. Antimalware Doctor
    Plagegeister aller Art und deren Bekämpfung - 27.07.2010 (1)
  12. antimalware Doctor
    Plagegeister aller Art und deren Bekämpfung - 07.07.2010 (2)
  13. Antimalware Doctor
    Plagegeister aller Art und deren Bekämpfung - 11.06.2010 (15)
  14. Antimalware Doctor
    Plagegeister aller Art und deren Bekämpfung - 03.06.2010 (12)
  15. Antimalware Doctor Trojaner vollständig entfernt?
    Log-Analyse und Auswertung - 03.05.2010 (8)
  16. Antimalware Doctor Trojaner komplett entfernt?
    Log-Analyse und Auswertung - 30.04.2010 (1)
  17. spyware doctor crack!
    Mülltonne - 29.05.2008 (3)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema DRIVER_IRQ_NOT_LESS_OR_EQUAL - iastor.sys ; XP.Crack.Gen ; Antimalware-Doctor Trojaner - Und hier sind die beiden logfiles von otl; 1: OTL.txtOTL Logfile: Code: Alles auswählen Aufklappen ATTFilter OTL logfile created on: 4/22/2011 8:59:43 AM - Run 1 OTL by OldTimer - - DRIVER_IRQ_NOT_LESS_OR_EQUAL - iastor.sys ; XP.Crack.Gen ; Antimalware-Doctor Trojaner...
Archiv
Du betrachtest: DRIVER_IRQ_NOT_LESS_OR_EQUAL - iastor.sys ; XP.Crack.Gen ; Antimalware-Doctor Trojaner auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131