Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Windows 7: Security Center Alert!

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 18.05.2011, 00:14   #1
Aircan
 
Windows 7: Security Center Alert! - Standard

Windows 7: Security Center Alert!



Hallo zusammen,

habe folgende Probleme:

- Ständig geht das Fenster mit "Security Center Alert!" auf
- Eine "setupXXXXXXXXX.exe" versucht sich zu installieren (X = 9stellige Zahl die sich ständig ändert
- Java updater versucht sich ständig zu akutalisieren (Auch wenn erst vor kurzem ausgeführt
- Meldung, daß eine IDE / SATA-Festplatte teilweise zerstört ist

Auf dem Rechner ist eine Testversion von Norton installiert. Diese zeigt 29 Funde an. Mit diesem Testversion kann man aber nicht löschen.

Regulär ist dann noch Antivir auf dem System. Dies hat beim letzten Scan 54 Funde angezeigt und auch in Quarantäne versetzt. Probleme bestehen aber weiterhin.

Habe bereits mit Malwarebytes einen Scan durchgeführt. Anbei das Ergebnis:

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 6601

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

18.05.2011 00:48:38
mbam-log-2011-05-18 (00-48-38).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 155827
Laufzeit: 5 Minute(n), 33 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 22

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
c:\Users\topenka81\AppData\Local\Temp\B857.tmp (Rootkit.TDSS) -> Quarantined and deleted successfully.
c:\Users\topenka81\AppData\Local\Temp\C8BB.tmp (Rootkit.TDSS) -> Quarantined and deleted successfully.
c:\Users\topenka81\AppData\Local\Temp\E521.tmp (Rootkit.TDSS) -> Quarantined and deleted successfully.
c:\Users\topenka81\AppData\Local\Temp\E917.tmp (Rootkit.TDSS) -> Quarantined and deleted successfully.
c:\Users\topenka81\AppData\Local\Temp\setup1548900688.exe (Rootkit.TDSS) -> Quarantined and deleted successfully.
c:\Users\topenka81\AppData\Local\Temp\setup1681408592.exe (Rootkit.TDSS) -> Quarantined and deleted successfully.
c:\Users\topenka81\AppData\Local\Temp\setup1787533044.exe (Rootkit.TDSS) -> Quarantined and deleted successfully.
c:\Users\topenka81\AppData\Local\Temp\setup2711200636.exe (Rootkit.TDSS) -> Quarantined and deleted successfully.
c:\Users\topenka81\AppData\Local\Temp\setup3297157668.exe (Rootkit.TDSS) -> Quarantined and deleted successfully.
c:\Users\topenka81\AppData\Local\Temp\setup3748893108.exe (Rootkit.TDSS) -> Quarantined and deleted successfully.
c:\Users\topenka81\AppData\Local\Temp\setup3825840132.exe (Rootkit.TDSS) -> Quarantined and deleted successfully.
c:\Users\topenka81\AppData\Local\Temp\setup3935498440.exe (Rootkit.TDSS) -> Quarantined and deleted successfully.
c:\Users\topenka81\AppData\Local\Temp\setup3984374944.exe (Rootkit.TDSS) -> Quarantined and deleted successfully.
c:\Users\topenka81\AppData\Local\Temp\setup3985950204.exe (Rootkit.TDSS) -> Quarantined and deleted successfully.
c:\Users\topenka81\AppData\Local\Temp\setup4042617992.exe (Rootkit.TDSS) -> Quarantined and deleted successfully.
c:\Users\topenka81\AppData\Local\Temp\setup4090967748.exe (Rootkit.TDSS) -> Quarantined and deleted successfully.
c:\Users\topenka81\AppData\Local\Temp\setup4146060276.exe (Rootkit.TDSS) -> Quarantined and deleted successfully.
c:\Users\topenka81\AppData\Local\Temp\setup589728008.exe (Rootkit.TDSS) -> Quarantined and deleted successfully.
c:\Users\topenka81\AppData\Local\Temp\setup803440364.exe (Rootkit.TDSS) -> Quarantined and deleted successfully.
c:\Users\topenka81\AppData\Local\Temp\setup860105660.exe (Rootkit.TDSS) -> Quarantined and deleted successfully.
c:\Users\topenka81\AppData\Local\Temp\0.28003147909025194.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Users\topenka81\AppData\Roaming\Adobe\plugs\mmc214.exe (Trojan.Agent) -> Quarantined and deleted successfully.


Und hier noch das Ergebnis des OTL Scans Teil 1:
OTL Logfile:
OTL EXTRAS Logfile:
Code:
ATTFilter
OTL logfile created on: 18.05.2011 01:10:26 - Run 1
OTL by OldTimer - Version 3.2.22.3     Folder = C:\Users\topenka81\Desktop
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 61,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 80,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 421,81 Gb Total Space | 385,73 Gb Free Space | 91,45% Space Free | Partition Type: NTFS
Drive D: | 29,00 Gb Total Space | 28,18 Gb Free Space | 97,18% Space Free | Partition Type: NTFS
 
Computer Name: TOPENKA81-PC | User Name: topenka81 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\topenka81\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Users\topenka81\ceiuxoc.exe ()
PRC - C:\Users\topenka81\svc32.exe ()
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Norton Security Scan\Engine\2.7.6.13\Nss.exe (Symantec Corporation)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe (PC Tools)
PRC - C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe (PC Tools)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe (Lenovo)
PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\Program Files (x86)\USB Camera\VM331_STI.EXE (Vimicro)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe (CyberLink Corp.)
PRC - C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe ()
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\topenka81\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (Lenovo ReadyComm ConnSvc) -- C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe (Lenovo Group Limited)
SRV:64bit: - (Lenovo ReadyComm AppSvc) -- C:\Program Files\Lenovo\ReadyComm\AppSvc.exe (Lenovo Group Limited)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (PCToolsSSDMonitorSvc) -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe (PC Tools)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (IAStorDataMgrSvc) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (UNS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
SRV - (IGRS) -- C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe (Lenovo Group Limited)
SRV - (ReadyComm.DirectRouter) -- C:\windows\SysWow64\IgrsSvcs.exe (Microsoft Corporation)
SRV - (PS_MDP) -- C:\windows\SysWow64\IgrsSvcs.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (vm331avs) -- C:\Windows\SysNative\drivers\vm331avs.sys (Vimicro Corporation)
DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation)
DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)
DRV:64bit: - (CnxtHdAudService) -- C:\Windows\SysNative\drivers\CHDRT64.sys (Conexant Systems Inc.)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation)
DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation)
DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation)
DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (ACPIVPC) -- C:\Windows\SysNative\drivers\AcpiVpc.sys (Lenovo Corporation)
DRV:64bit: - (HECIx64) Intel(R) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:64bit: - (wsvd) -- C:\Windows\SysNative\drivers\wsvd.sys (CyberLink)
DRV:64bit: - (wdmirror) -- C:\Windows\SysNative\drivers\WDMirror.sys (Lenovo)
DRV:64bit: - (Bridge0) -- C:\Windows\SysNative\drivers\WDBridge.sys (Lenovo)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (pavboot) -- C:\Windows\SysNative\drivers\pavboot64.sys (Panda Security, S.L.)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (netw5v64) Intel(R) -- C:\Windows\SysNative\drivers\netw5v64.sys (Intel Corporation)
DRV:64bit: - (k57nd60a) Broadcom NetLink (TM) -- C:\Windows\SysNative\drivers\k57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo.msn.com
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.12.15 20:31:01 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.02.12 12:10:15 | 000,000,000 | ---D | M]
 
[2011.02.12 09:22:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2010.11.22 21:14:40 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files (x86)\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010.11.22 21:26:47 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.11.27 10:16:54 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.02.12 09:22:55 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2010.11.12 19:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010.10.27 07:44:13 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.10.27 07:44:13 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.10.27 07:44:13 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.10.27 07:44:13 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.10.27 07:44:13 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [cAudioFilterAgent] C:\Programme\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe (Conexant Systems, Inc.)
O4:64bit: - HKLM..\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)
O4:64bit: - HKLM..\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\windows\SysNative\NvCpl.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [OnekeyStudio] C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe (Lenovo)
O4 - HKLM..\Run: [331BigDog] C:\Program Files (x86)\USB Camera\VM331_STI.EXE (Vimicro)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [SSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe (PC Tools)
O4 - HKLM..\Run: [UCam_Menu] C:\Program Files (x86)\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GShortCut] C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe (Lenovo)
O4 - HKLM..\Run: [YouCam Mirror Tray icon] C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe (CyberLink Corp.)
O4 - HKCU..\Run: [ceiuxoc] C:\Users\topenka81\ceiuxoc.exe ()
O4 - HKCU..\Run: [RESTART_STICKY_NOTES]  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 192.168.1.1
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.05.18 00:37:37 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysWow64\drivers\mbamswissarmy.sys
[2011.05.18 00:37:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.05.18 00:37:33 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2011.05.18 00:37:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011.05.18 00:18:56 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10_1.dll
[2011.05.18 00:18:56 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3d10_1.dll
[2011.05.18 00:18:52 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\poqexec.exe
[2011.05.18 00:18:52 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\poqexec.exe
[2011.05.17 10:25:02 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2011.05.11 16:02:14 | 005,509,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntoskrnl.exe
[2011.05.11 16:02:13 | 003,957,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntkrnlpa.exe
[2011.05.11 16:02:13 | 003,901,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntoskrnl.exe
[2011.05.11 16:02:11 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\usbport.sys
[2011.05.11 16:02:11 | 000,007,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\usbd.sys
[2011.04.27 19:24:20 | 002,870,272 | ---- | C] (Microsoft Corporation) -- C:\windows\explorer.exe
[2011.04.27 19:24:20 | 002,614,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\explorer.exe
[2011.04.27 19:24:16 | 000,662,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XpsPrint.dll
[2011.04.27 19:24:16 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XpsPrint.dll
[2011.04.27 19:23:53 | 002,566,144 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\esent.dll
[2011.04.27 19:23:53 | 001,686,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\esent.dll
[2011.04.27 19:23:53 | 000,187,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\storport.sys
[2011.04.27 19:23:53 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\windows\SysNative\drivers\amdsata.sys
[2011.04.27 19:23:53 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\windows\SysNative\drivers\amdxata.sys
[2011.04.27 19:23:52 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fsutil.exe
[2011.04.27 19:23:52 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\fsutil.exe
[2011.04.27 19:23:44 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\prevhost.exe
[2011.04.27 19:23:43 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\prevhost.exe
 
========== Files - Modified Within 30 Days ==========
 
[2011.05.18 01:00:09 | 000,013,424 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.05.18 01:00:09 | 000,013,424 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.05.18 00:58:23 | 001,500,018 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2011.05.18 00:58:23 | 000,654,610 | ---- | M] () -- C:\windows\SysNative\perfh007.dat
[2011.05.18 00:58:23 | 000,616,452 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2011.05.18 00:58:23 | 000,130,192 | ---- | M] () -- C:\windows\SysNative\perfc007.dat
[2011.05.18 00:58:23 | 000,106,574 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2011.05.18 00:54:29 | 000,249,856 | RHS- | M] () -- C:\Users\topenka81\ceiuxoc.exe
[2011.05.18 00:53:12 | 000,001,112 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.05.18 00:52:29 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2011.05.18 00:52:22 | 3113,365,504 | -HS- | M] () -- C:\hiberfil.sys
[2011.05.18 00:37:37 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.05.18 00:29:08 | 000,001,116 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.05.17 23:18:23 | 000,000,136 | -H-- | M] () -- C:\ProgramData\~36691704r
[2011.05.17 23:18:23 | 000,000,112 | -H-- | M] () -- C:\ProgramData\~36691704
[2011.05.17 23:17:39 | 000,000,328 | -H-- | M] () -- C:\ProgramData\36691704
[2011.05.17 17:36:16 | 000,135,168 | ---- | M] () -- C:\Users\topenka81\svc32.exe
[2011.05.17 10:25:02 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2011.05.17 03:38:44 | 000,126,976 | ---- | M] () -- C:\Users\topenka81\pppp.exe
[2011.05.15 22:06:09 | 000,000,274 | ---- | M] () -- C:\windows\tasks\RMSchedule.job
[2011.05.14 21:00:13 | 000,000,506 | -H-- | M] () -- C:\windows\tasks\Norton Security Scan for topenka81.job
[2011.05.14 18:29:38 | 000,002,344 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011.05.12 17:26:34 | 000,000,000 | -H-- | M] () -- C:\Users\topenka81\2gweorjqjutp92vjy9gake
 
========== Files Created - No Company Name ==========
 
[2011.05.18 00:54:29 | 000,249,856 | RHS- | C] () -- C:\Users\topenka81\ceiuxoc.exe
[2011.05.18 00:37:37 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.05.17 23:35:54 | 000,135,168 | ---- | C] () -- C:\Users\topenka81\svc32.exe
[2011.05.17 23:18:23 | 000,000,136 | -H-- | C] () -- C:\ProgramData\~36691704r
[2011.05.17 23:18:21 | 000,000,112 | -H-- | C] () -- C:\ProgramData\~36691704
[2011.05.17 23:17:39 | 000,000,328 | -H-- | C] () -- C:\ProgramData\36691704
[2011.05.17 10:25:05 | 000,126,976 | ---- | C] () -- C:\Users\topenka81\pppp.exe
[2011.05.12 17:26:34 | 000,000,000 | -H-- | C] () -- C:\Users\topenka81\2gweorjqjutp92vjy9gake
[2011.03.22 17:51:17 | 001,526,948 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2010.11.22 21:16:39 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.06.12 03:26:24 | 000,000,512 | ---- | C] () -- C:\windows\previous.bin
[2010.06.12 03:26:24 | 000,000,512 | ---- | C] () -- C:\windows\current.bin
[2010.06.12 03:19:46 | 000,016,648 | R--- | C] () -- C:\windows\SysWow64\LogAPI.dll
[2010.06.12 03:12:32 | 002,110,816 | ---- | C] () -- C:\windows\SysWow64\Apblend.dll
[2010.06.12 03:12:32 | 001,171,456 | ---- | C] () -- C:\windows\SysWow64\PicNotify.dll
[2010.06.12 03:12:24 | 001,044,480 | ---- | C] () -- C:\windows\SysWow64\3DImageRenderer.dll
[2010.06.12 02:51:53 | 000,001,341 | ---- | C] () -- C:\windows\vm331Rmv.ini
[2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
[2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\windows\SysWow64\NOISE.DAT
[2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\windows\SysWow64\dssec.dat
[2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:59:36 | 000,982,196 | ---- | C] () -- C:\windows\SysWow64\igkrng500.bin
[2009.07.13 23:59:36 | 000,139,824 | ---- | C] () -- C:\windows\SysWow64\igfcg500.bin
[2009.07.13 23:59:36 | 000,097,448 | ---- | C] () -- C:\windows\SysWow64\igfcg500m.bin
[2009.07.13 23:59:35 | 000,417,344 | ---- | C] () -- C:\windows\SysWow64\igcompkrng500.bin
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\windows\SysWow64\msjetoledb40.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\windows\SysWow64\mlang.dat
 
========== LOP Check ==========
 
[2011.05.15 22:06:09 | 000,000,274 | ---- | M] () -- C:\Windows\Tasks\RMSchedule.job
[2011.03.23 19:50:21 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 102 bytes -> C:\ProgramData\Temp:D1B5B4F1

< End of report >
         
--- --- ---

--- --- ---

OTL Scan Teil 2:OTL EXTRAS Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 18.05.2011 01:10:26 - Run 1
OTL by OldTimer - Version 3.2.22.3     Folder = C:\Users\topenka81\Desktop
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 61,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 80,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 421,81 Gb Total Space | 385,73 Gb Free Space | 91,45% Space Free | Partition Type: NTFS
Drive D: | 29,00 Gb Total Space | 28,18 Gb Free Space | 97,18% Space Free | Partition Type: NTFS
 
Computer Name: TOPENKA81-PC | User Name: topenka81 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"0A4175B489A1B4A6E07E11B063A6263480C51D71" = Windows-Treiberpaket - Lenovo (ACPIVPC) System  (10/19/2009 5.4.0.1)
"CNXT_AUDIO_HDA" = Conexant HD Audio
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"NVIDIA Drivers" = NVIDIA Drivers
"SynTPDeinstKey" = Synaptics Pointing Device Driver
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{0CE226F3-EB27-4ECD-BBF5-F088716779FD}" = Energy Management
"{17542DBF-E17C-4562-BC4D-FA3EF3076C45}" = Lenovo ReadyComm 5
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 23
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{70B7A167-0B88-445D-A3EA-97C73AA88CAC}" = Windows Live Toolbar
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{76C66170-C538-4E77-B54D-48E136B5B533}" = Lenovo ReadyComm 5.0 Service
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows Vista and Later
"{8991E763-21F5-4DEA-A938-5D9D77DCB488}" = Broadcom 802.11 Wireless Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}" = Microsoft Search Enhancement Pack
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-AA0000000001}" = Adobe Reader X (10.0.1) - Deutsch
"{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}" = Lenovo EasyCamera
"{B2164CCB-C002-4B80-8550-7535D80DF237}" = Lenovo DirectShare
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel(R) Turbo Boost Technology Driver
"{DFB19121-0609-49C1-92B1-546E5A940FE8}" = Onekey Theater
"{DFFC0648-BC4B-47D1-93D2-6CA6B9457641}" = OpenOffice.org 3.2
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"ActiveScan 2.0" = Panda ActiveScan 2.0
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Google Chrome" = Google Chrome
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery
"InstallShield_{B2164CCB-C002-4B80-8550-7535D80DF237}" = Lenovo DirectShare
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"NSS" = Norton Security Scan
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"Registry Mechanic_is1" = Registry Mechanic 10.0
"VeriFace" = VeriFace
"WinLiveSuite_Wave3" = Windows Live Essentials
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 29.04.2011 14:11:00 | Computer Name = topenka81-PC | Source = VSS | ID = 12310
Description = 
 
Error - 02.05.2011 14:17:10 | Computer Name = topenka81-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: plugin-container.exe, Version: 1.9.2.3989,
 Zeitstempel: 0x4cf928fc  Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16695,
 Zeitstempel: 0x4cc7ab86  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00022262  ID des fehlerhaften
 Prozesses: 0x48c  Startzeit der fehlerhaften Anwendung: 0x01cc08e86471da42  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
Pfad
 des fehlerhaften Moduls: C:\windows\SysWOW64\ntdll.dll  Berichtskennung: 6500b676-74e8-11e0-bf99-afa4cf231fa5
 
Error - 09.05.2011 08:47:52 | Computer Name = topenka81-PC | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
 (x86)\windows live\photo gallery\MovieMaker.Exe". Fehler in Manifest- oder Richtliniendatei
 "c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL" in Zeile  8.  Die 
im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente
 überein.  Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition:
 WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".  Verwenden Sie
 das Programm "sxstrace.exe" für eine detaillierte Diagnose.
 
Error - 09.05.2011 08:48:16 | Computer Name = topenka81-PC | Source = SideBySide | ID = 16842811
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
 (x86)\microsoft\search enhancement pack\search box extension\SRCHBXEX.DLL". Fehler
 in Manifest- oder Richtliniendatei "c:\program files (x86)\microsoft\search enhancement
 pack\search box extension\SRCHBXEX.DLL" in Zeile 2.  Ungültige XML-Syntax.
 
Error - 09.05.2011 08:48:16 | Computer Name = topenka81-PC | Source = SideBySide | ID = 16842811
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
 (x86)\microsoft\search enhancement pack\search helper\SearchHelper.dll". Fehler
 in Manifest- oder Richtliniendatei "c:\program files (x86)\microsoft\search enhancement
 pack\search helper\SearchHelper.dll" in Zeile 2.  Ungültige XML-Syntax.
 
Error - 09.05.2011 08:48:20 | Computer Name = topenka81-PC | Source = SideBySide | ID = 16842811
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
 (x86)\microsoft\search enhancement pack\search helper\searchhelper.dll". Fehler
 in Manifest- oder Richtliniendatei "c:\program files (x86)\microsoft\search enhancement
 pack\search helper\searchhelper.dll" in Zeile 2.  Ungültige XML-Syntax.
 
Error - 10.05.2011 04:46:00 | Computer Name = topenka81-PC | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
 (x86)\windows live\photo gallery\MovieMaker.Exe". Fehler in Manifest- oder Richtliniendatei
 "c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL" in Zeile  8.  Die 
im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente
 überein.  Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition:
 WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".  Verwenden Sie
 das Programm "sxstrace.exe" für eine detaillierte Diagnose.
 
Error - 10.05.2011 04:46:24 | Computer Name = topenka81-PC | Source = SideBySide | ID = 16842811
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
 (x86)\microsoft\search enhancement pack\search box extension\SRCHBXEX.DLL". Fehler
 in Manifest- oder Richtliniendatei "c:\program files (x86)\microsoft\search enhancement
 pack\search box extension\SRCHBXEX.DLL" in Zeile 2.  Ungültige XML-Syntax.
 
Error - 10.05.2011 04:46:24 | Computer Name = topenka81-PC | Source = SideBySide | ID = 16842811
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
 (x86)\microsoft\search enhancement pack\search helper\SearchHelper.dll". Fehler
 in Manifest- oder Richtliniendatei "c:\program files (x86)\microsoft\search enhancement
 pack\search helper\SearchHelper.dll" in Zeile 2.  Ungültige XML-Syntax.
 
Error - 10.05.2011 04:46:26 | Computer Name = topenka81-PC | Source = SideBySide | ID = 16842811
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
 (x86)\microsoft\search enhancement pack\search helper\searchhelper.dll". Fehler
 in Manifest- oder Richtliniendatei "c:\program files (x86)\microsoft\search enhancement
 pack\search helper\searchhelper.dll" in Zeile 2.  Ungültige XML-Syntax.
 
[ System Events ]
Error - 10.05.2011 16:12:31 | Computer Name = topenka81-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "ReadyComm.DirectRouter" wurde aufgrund folgenden Fehlers
 nicht gestartet:   %%2
 
Error - 11.05.2011 09:59:03 | Computer Name = topenka81-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "ReadyComm.DirectRouter" wurde aufgrund folgenden Fehlers
 nicht gestartet:   %%2
 
Error - 12.05.2011 07:50:00 | Computer Name = topenka81-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1000
Description = Fehler bei der CBS-Clientinitialisierung. Letzter Fehler: 0x8007045b
 
Error - 12.05.2011 07:53:08 | Computer Name = topenka81-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "ReadyComm.DirectRouter" wurde aufgrund folgenden Fehlers
 nicht gestartet:   %%2
 
Error - 12.05.2011 11:25:03 | Computer Name = topenka81-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "ReadyComm.DirectRouter" wurde aufgrund folgenden Fehlers
 nicht gestartet:   %%2
 
Error - 12.05.2011 16:50:45 | Computer Name = topenka81-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "ReadyComm.DirectRouter" wurde aufgrund folgenden Fehlers
 nicht gestartet:   %%2
 
Error - 13.05.2011 11:41:29 | Computer Name = topenka81-PC | Source = Ntfs | ID = 262281
Description = Auf dem Volume "E:" konnte der Transaktionsressourcen-Manager aufgrund
 eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in
 den Daten enthalten.
 
Error - 13.05.2011 11:43:15 | Computer Name = topenka81-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "ReadyComm.DirectRouter" wurde aufgrund folgenden Fehlers
 nicht gestartet:   %%2
 
Error - 13.05.2011 12:37:20 | Computer Name = topenka81-PC | Source = Ntfs | ID = 262281
Description = Auf dem Volume "E:" konnte der Transaktionsressourcen-Manager aufgrund
 eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in
 den Daten enthalten.
 
Error - 13.05.2011 12:37:26 | Computer Name = topenka81-PC | Source = Ntfs | ID = 262281
Description = Auf dem Volume "E:" konnte der Transaktionsressourcen-Manager aufgrund
 eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in
 den Daten enthalten.
 
 
< End of report >
         
--- --- ---

Besten Dank im Voraus für eure Ratschläge und Tips.

Geändert von Aircan (18.05.2011 um 00:19 Uhr)

Alt 18.05.2011, 10:10   #2
markusg
/// Malware-holic
 
Windows 7: Security Center Alert! - Standard

Windows 7: Security Center Alert!



• Starte bitte die OTL.exe
• Kopiere nun das Folgende in die Textbox.

:OTL
PRC - C:\Users\topenka81\ceiuxoc.exe ()
PRC - C:\Users\topenka81\svc32.exe ()
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found
O4 - HKCU..\Run: [ceiuxoc] C:\Users\topenka81\ceiuxoc.exe ()
O4 - HKCU..\Run: [RESTART_STICKY_NOTES] File not found
[2011.05.17 23:18:23 | 000,000,136 | -H-- | M] () -- C:\ProgramData\~36691704r
[2011.05.17 23:18:23 | 000,000,112 | -H-- | M] () -- C:\ProgramData\~36691704
[2011.05.17 23:17:39 | 000,000,328 | -H-- | M] () -- C:\ProgramData\36691704
[2011.05.17 17:36:16 | 000,135,168 | ---- | M] () -- C:\Users\topenka81\svc32.exe
[2011.05.17 03:38:44 | 000,126,976 | ---- | M] () -- C:\Users\topenka81\pppp.exe
[2011.05.12 17:26:34 | 000,000,000 | -H-- | M] () -- C:\Users\topenka81\2gweorjqjutp92vjy9gake
:Files
C:\Users\topenka81\svc32.exe
C:\Users\topenka81\ceiuxoc.exe
:Commands
[purity]
[EMPTYFLASH]
[emptytemp]
[Reboot]

• Schliesse bitte nun alle Programme.
• Klicke nun bitte auf den Fix Button.
• OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
• Nach dem Neustart findest Du ein Textdokument, dessen inhalt in deiner nächsten antwort hier reinkopieren.


öffne computer, öffne C: dann _OTL
dort rechtsklick auf moved files
wähle zu moved files.rar oder zip hinzufügen.
http://www.trojaner-board.de/54791-a...ner-board.html
__________________

__________________

Alt 18.05.2011, 11:14   #3
Aircan
 
Windows 7: Security Center Alert! - Standard

Windows 7: Security Center Alert!



Hallo,

danke erst einmal für die Hilfe. Habe alles so ausgeführt wie beschrieben. Rechner hat neu gebootet und im Anschluß ist folgende Textdatei erstellt worden.

Das Problem mit der SetupXXXXXXXXX.exe besteht aber weiterhin.

All processes killed
========== OTL ==========
No active process named ceiuxoc.exe was found!
No active process named svc32.exe was found!
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ceiuxoc not found.
File C:\Users\topenka81\ceiuxoc.exe not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\RESTART_STICKY_NOTES deleted successfully.
C:\ProgramData\~36691704r moved successfully.
C:\ProgramData\~36691704 moved successfully.
C:\ProgramData\36691704 moved successfully.
C:\Users\topenka81\svc32.exe moved successfully.
C:\Users\topenka81\pppp.exe moved successfully.
C:\Users\topenka81\2gweorjqjutp92vjy9gake moved successfully.
========== FILES ==========
File\Folder C:\Users\topenka81\svc32.exe not found.
File\Folder C:\Users\topenka81\ceiuxoc.exe not found.
========== COMMANDS ==========

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Public

User: topenka81

Total Flash Files Cleaned = 0,00 mb


[EMPTYTEMP]

User: All Users

User: Default

User: Default User

User: Public

User: topenka81

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 95374602 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50568 bytes
RecycleBin emptied: 64146976 bytes

Total Files Cleaned = 152,00 mb


OTL by OldTimer - Version 3.2.22.3 log created on 05182011_120835

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...
__________________

Geändert von Aircan (18.05.2011 um 11:27 Uhr)

Alt 18.05.2011, 11:22   #4
markusg
/// Malware-holic
 
Windows 7: Security Center Alert! - Standard

Windows 7: Security Center Alert!



das war ja auch erst der erste streich :-) jetzt warte ich erst mal auf den upload.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 18.05.2011, 11:30   #5
Aircan
 
Windows 7: Security Center Alert! - Standard

Windows 7: Security Center Alert!



Upload ist nach Anleitung erledigt. Kann die Datei aber nirgends sehen im Thread. Hoffe es hat geklappt!


Alt 18.05.2011, 11:39   #6
markusg
/// Malware-holic
 
Windows 7: Security Center Alert! - Standard

Windows 7: Security Center Alert!



ja, die datei soll ja nicht im thread sichtbar sein, überleg mal wie viele leute das vllt laden und sich dann infizieren, wir haben schon genug arbeit :d
1. lade den atf cleaner:
|MG| ATF Cleaner 3.0.0.2 Download
rechtsklick als admin ausführen. hake alles an.
auf allen registerkarten. also auch bei firefox und opera falls instaliert.
wähle empty selected.
achtung, auf websites musst du evtl. pws neu eingeben.
danach
bitte erstelle und poste ein combofix log.
Ein Leitfaden und Tutorium zur Nutzung von ComboFix
__________________
--> Windows 7: Security Center Alert!

Alt 18.05.2011, 11:58   #7
Aircan
 
Windows 7: Security Center Alert! - Standard

Windows 7: Security Center Alert!



Combofix Logfile:
Code:
ATTFilter
ComboFix 11-05-17.01 - topenka81 18.05.2011  12:52:32.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7600.0.1252.49.1031.18.3959.2724 [GMT 2:00]
ausgeführt von:: c:\users\topenka81\Desktop\ComboFix.exe
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\users\topenka81\AppData\Local\{6F14C258-6674-43F9-9DE1-43206928EA15}
c:\users\topenka81\AppData\Local\{6F14C258-6674-43F9-9DE1-43206928EA15}\chrome.manifest
c:\users\topenka81\AppData\Local\{6F14C258-6674-43F9-9DE1-43206928EA15}\chrome\content\_cfg.js
c:\users\topenka81\AppData\Local\{6F14C258-6674-43F9-9DE1-43206928EA15}\chrome\content\overlay.xul
c:\users\topenka81\AppData\Local\{6F14C258-6674-43F9-9DE1-43206928EA15}\install.rdf
c:\users\topenka81\AppData\Roaming\Adobe\plugs
c:\users\topenka81\AppData\Roaming\Adobe\shed
c:\users\topenka81\AppData\Roaming\Adobe\shed\thr1.chm
c:\users\topenka81\svc32.exe
c:\users\topenka81\wuailu.exe
c:\windows\s.bat
.
.
(((((((((((((((((((((((   Dateien erstellt von 2011-04-18 bis 2011-05-18  ))))))))))))))))))))))))))))))
.
.
2011-05-18 10:55 . 2011-05-18 10:55	--------	d-----w-	c:\users\Default\AppData\Local\temp
2011-05-18 10:24 . 2011-05-18 10:24	--------	d-----w-	c:\program files (x86)\7-Zip
2011-05-18 10:08 . 2011-05-18 10:26	--------	d-----w-	C:\_OTL
2011-05-17 22:41 . 2011-05-17 22:41	--------	d-----w-	c:\users\topenka81\AppData\Roaming\Malwarebytes
2011-05-17 22:37 . 2010-12-20 16:09	38224	----a-w-	c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-05-17 22:37 . 2011-05-17 22:37	--------	d-----w-	c:\programdata\Malwarebytes
2011-05-17 22:37 . 2011-05-17 22:37	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2011-05-17 22:37 . 2010-12-20 16:08	24152	----a-w-	c:\windows\system32\drivers\mbam.sys
2011-05-17 22:19 . 2009-10-10 03:17	14336	----a-w-	c:\windows\system32\drivers\sffp_sd.sys
2011-05-17 22:18 . 2011-01-17 06:17	197120	----a-w-	c:\windows\system32\d3d10_1.dll
2011-05-17 22:18 . 2011-01-17 05:38	161792	----a-w-	c:\windows\SysWow64\d3d10_1.dll
2011-05-17 22:18 . 2011-04-09 06:58	142336	----a-w-	c:\windows\system32\poqexec.exe
2011-05-17 22:18 . 2011-04-09 05:56	123904	----a-w-	c:\windows\SysWow64\poqexec.exe
2011-05-17 21:38 . 2011-04-11 08:21	8802128	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{800FC3F4-8E86-42D1-B4D0-EC8C10B099E1}\mpengine.dll
2011-05-17 08:25 . 2011-05-17 08:25	404640	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-05-12 15:28 . 2011-05-13 15:41	0	---ha-w-	c:\users\topenka81\AppData\Local\Qsebiyiyime.bin
2011-05-11 15:46 . 2011-05-18 07:32	--------	d-----w-	c:\users\topenka81\AppData\Local\Chat Republic Games
2011-05-11 14:02 . 2011-04-09 06:45	5509504	----a-w-	c:\windows\system32\ntoskrnl.exe
2011-05-11 14:02 . 2011-04-09 06:13	3957632	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2011-05-11 14:02 . 2011-04-09 06:13	3901824	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
2011-05-11 14:02 . 2011-03-25 03:23	343040	----a-w-	c:\windows\system32\drivers\usbhub.sys
2011-05-11 14:02 . 2011-03-25 03:23	98816	----a-w-	c:\windows\system32\drivers\usbccgp.sys
2011-05-11 14:02 . 2011-03-25 03:23	324608	----a-w-	c:\windows\system32\drivers\usbport.sys
2011-05-11 14:02 . 2011-03-25 03:22	52224	----a-w-	c:\windows\system32\drivers\usbehci.sys
2011-05-11 14:02 . 2011-03-25 03:22	25600	----a-w-	c:\windows\system32\drivers\usbohci.sys
2011-05-11 14:02 . 2011-03-25 03:22	30720	----a-w-	c:\windows\system32\drivers\usbuhci.sys
2011-05-11 14:02 . 2011-03-25 03:22	7936	----a-w-	c:\windows\system32\drivers\usbd.sys
2011-04-27 17:24 . 2011-02-26 06:23	2870272	----a-w-	c:\windows\explorer.exe
2011-04-27 17:24 . 2011-02-26 05:33	2614784	----a-w-	c:\windows\SysWow64\explorer.exe
2011-04-27 17:24 . 2011-03-12 12:03	662528	----a-w-	c:\windows\system32\XpsPrint.dll
2011-04-27 17:24 . 2011-03-12 11:31	442880	----a-w-	c:\windows\SysWow64\XpsPrint.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-11 06:19 . 2011-04-13 21:16	1395712	----a-w-	c:\windows\system32\mfc42.dll
2011-03-11 06:19 . 2011-04-13 21:16	1359872	----a-w-	c:\windows\system32\mfc42u.dll
2011-03-11 05:40 . 2011-04-13 21:16	1164288	----a-w-	c:\windows\SysWow64\mfc42u.dll
2011-03-11 05:40 . 2011-04-13 21:16	1137664	----a-w-	c:\windows\SysWow64\mfc42.dll
2011-03-08 06:14 . 2011-04-13 21:15	976896	----a-w-	c:\windows\system32\inetcomm.dll
2011-03-08 05:38 . 2011-04-13 21:15	740864	----a-w-	c:\windows\SysWow64\inetcomm.dll
2011-03-04 06:17 . 2011-04-27 17:24	135168	----a-w-	c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2011-03-04 06:17 . 2011-04-27 17:24	347648	----a-w-	c:\windows\apppatch\AppPatch64\AcLayers.dll
2011-03-03 06:17 . 2011-04-13 21:15	182272	----a-w-	c:\windows\system32\dnsrslvr.dll
2011-03-03 06:14 . 2011-04-13 21:15	30208	----a-w-	c:\windows\system32\dnscacheugc.exe
2011-03-03 05:27 . 2011-04-13 21:15	28672	----a-w-	c:\windows\SysWow64\dnscacheugc.exe
2011-03-03 03:58 . 2011-04-13 21:16	3133440	----a-w-	c:\windows\system32\win32k.sys
2011-02-24 06:30 . 2011-04-13 21:16	476160	----a-w-	c:\windows\system32\XpsGdiConverter.dll
2011-02-24 06:29 . 2011-04-13 21:16	1197056	----a-w-	c:\windows\system32\wininet.dll
2011-02-24 06:24 . 2011-04-13 21:16	57856	----a-w-	c:\windows\system32\licmgr10.dll
2011-02-24 05:32 . 2011-04-13 21:16	288256	----a-w-	c:\windows\SysWow64\XpsGdiConverter.dll
2011-02-24 05:32 . 2011-04-13 21:16	981504	----a-w-	c:\windows\SysWow64\wininet.dll
2011-02-24 05:30 . 2011-04-13 21:16	44544	----a-w-	c:\windows\SysWow64\licmgr10.dll
2011-02-24 05:05 . 2011-04-13 21:16	482816	----a-w-	c:\windows\system32\html.iec
2011-02-24 04:24 . 2011-04-13 21:16	1638912	----a-w-	c:\windows\system32\mshtml.tlb
2011-02-24 04:23 . 2011-04-13 21:16	386048	----a-w-	c:\windows\SysWow64\html.iec
2011-02-24 03:50 . 2011-04-13 21:16	1638912	----a-w-	c:\windows\SysWow64\mshtml.tlb
2011-02-23 05:16 . 2011-04-13 21:16	461312	----a-w-	c:\windows\system32\drivers\srv.sys
2011-02-23 05:16 . 2011-04-13 21:16	401920	----a-w-	c:\windows\system32\drivers\srv2.sys
2011-02-23 05:15 . 2011-04-13 21:16	161792	----a-w-	c:\windows\system32\drivers\srvnet.sys
2011-02-23 05:15 . 2011-04-13 21:15	157696	----a-w-	c:\windows\system32\drivers\mrxsmb.sys
2011-02-23 05:15 . 2011-04-13 21:15	286720	----a-w-	c:\windows\system32\drivers\mrxsmb10.sys
2011-02-23 05:15 . 2011-04-13 21:15	126464	----a-w-	c:\windows\system32\drivers\mrxsmb20.sys
2011-02-23 05:15 . 2011-04-13 21:15	90624	----a-w-	c:\windows\system32\drivers\bowser.sys
2011-02-19 06:37 . 2011-03-09 18:15	1135104	----a-w-	c:\windows\system32\FntCache.dll
2011-02-19 06:37 . 2011-03-09 18:15	1540608	----a-w-	c:\windows\system32\DWrite.dll
2011-02-19 06:36 . 2011-03-09 18:15	902656	----a-w-	c:\windows\system32\d2d1.dll
2011-02-19 06:36 . 2011-04-13 21:16	46080	----a-w-	c:\windows\system32\atmlib.dll
2011-02-19 05:32 . 2011-03-09 18:15	1074176	----a-w-	c:\windows\SysWow64\DWrite.dll
2011-02-19 05:32 . 2011-03-09 18:15	739840	----a-w-	c:\windows\SysWow64\d2d1.dll
2011-02-19 05:32 . 2011-04-13 21:16	34304	----a-w-	c:\windows\SysWow64\atmlib.dll
2011-02-19 04:13 . 2011-04-13 21:16	367104	----a-w-	c:\windows\system32\atmfd.dll
2011-02-19 03:37 . 2011-04-13 21:16	294912	----a-w-	c:\windows\SysWow64\atmfd.dll
2011-02-18 06:37 . 2011-04-13 21:16	612352	----a-w-	c:\windows\system32\vbscript.dll
2011-02-18 05:36 . 2011-04-13 21:16	428032	----a-w-	c:\windows\SysWow64\vbscript.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2009-12-23 284696]
"331BigDog"="c:\program files (x86)\USB Camera\VM331_STI.EXE" [2010-01-15 536576]
"VeriFaceManager"="c:\program files (x86)\Lenovo\VeriFace\PManage.exe" [2010-06-12 3122528]
"UCam_Menu"="c:\program files (x86)\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"YouCam Mirror Tray icon"="c:\program files (x86)\Lenovo\YouCam\YouCamTray.exe" [2009-12-22 167008]
"UpdateP2GShortCut"="c:\program files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-12-03 218408]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2010-08-02 281768]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-01-30 35736]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-10 932288]
"SSDMonitor"="c:\program files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe" [2010-08-05 104408]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"WLStart"="c:\program files (x86)\Windows Live\Installer\wlstart.exe" [2009-07-26 786760]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-22 136176]
R3 Bridge0;Bridge0;c:\windows\system32\drivers\WDBridge.sys [x]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-22 136176]
R3 IGRS;IGRS;c:\program files (x86)\Lenovo\ReadyComm\common\IGRS.exe [2009-07-14 38152]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x]
R3 Lenovo ReadyComm AppSvc;Lenovo ReadyComm AppSvc;c:\program files\Lenovo\ReadyComm\AppSvc.exe [2009-08-14 509192]
R3 Lenovo ReadyComm ConnSvc;Lenovo ReadyComm ConnSvc;c:\program files\Lenovo\ReadyComm\ConnSvc.exe [2009-09-22 579400]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [x]
S0 pavboot;pavboot;c:\windows\system32\drivers\pavboot64.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-04-29 136360]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-12-23 13336]
S2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [2010-08-05 583640]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-12-02 483688]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-12-09 2320920]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-02 209768]
S3 vm331avs;Digital Camera 1;c:\windows\system32\Drivers\vm331avs.sys [x]
S3 wdmirror;wdmirror;c:\windows\system32\DRIVERS\WDMirror.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
IgrsSvcs	REG_MULTI_SZ   	ReadyComm.DirectRouter PS_MDP
.
Inhalt des "geplante Tasks" Ordners
.
2011-05-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-22 19:14]
.
2011-05-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-22 19:14]
.
2011-05-14 c:\windows\Tasks\Norton Security Scan for topenka81.job
- c:\program files (x86)\Norton Security Scan\Engine\2.7.6.13\Nss.exe [2011-04-07 21:15]
.
2011-05-15 c:\windows\Tasks\RMSchedule.job
- c:\program files (x86)\Registry Mechanic\RegMech.exe [2011-04-09 06:46]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VeriFace Enc]
@="{771C7324-DA80-49D3-8017-753B0AF60951}"
[HKEY_CLASSES_ROOT\CLSID\{771C7324-DA80-49D3-8017-753B0AF60951}]
2010-06-12 01:12	1502720	----a-w-	c:\windows\System32\IcnOvrly.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-12-11 16414312]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2010-03-22 521272]
"OnekeyStudio"="c:\program files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe" [2009-12-19 776608]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\utility.exe" [2009-12-17 4367808]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2009-12-17 6988736]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://lenovo.msn.com
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
FF - ProfilePath - 
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-wuailu - c:\users\topenka81\wuailu.exe
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2011-05-18  12:56:46
ComboFix-quarantined-files.txt  2011-05-18 10:56
.
Vor Suchlauf: 8 Verzeichnis(se), 414.503.227.392 Bytes frei
Nach Suchlauf: 11 Verzeichnis(se), 414.355.910.656 Bytes frei
.
- - End Of File - - 48FCE466C0C8665E4790810779A95EF8
         
--- --- ---

Alt 18.05.2011, 12:16   #8
markusg
/// Malware-holic
 
Windows 7: Security Center Alert! - Standard

Windows 7: Security Center Alert!



1. öffne computer c: qoobox.
quarantain mit winrar oder zip über rechtsklick packen und wieder im upload channel hochladen.
teile mir mit wenns geklappt hatt.
2. treten die setup meldungen noch auf?
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 18.05.2011, 12:28   #9
Aircan
 
Windows 7: Security Center Alert! - Standard

Windows 7: Security Center Alert!



1. Upload ist erfolgt
2. Weder Setup-Meldung, noch Security Center Alert tauchen auf!

Alt 18.05.2011, 13:09   #10
Aircan
 
Windows 7: Security Center Alert! - Standard

Windows 7: Security Center Alert!



Ist das Thema jetzt erledigt?

Alt 18.05.2011, 13:43   #11
markusg
/// Malware-holic
 
Windows 7: Security Center Alert! - Standard

Windows 7: Security Center Alert!



hier gibts keine 24 stunden rund um die uhr betreueung, also geduld bitte.
update Malwarebytes und mache einen vollständigen scan. log posten
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Antwort

Themen zu Windows 7: Security Center Alert!
.dll, 132.exe, adobe, alert, alternate, antivir, autorun, avira, bho, c:\windows\system32\rundll32.exe, chdrt64.sys, error, explorer, firefox, format, home, install.exe, lenovo, logfile, microsoft office starter 2010, mozilla, ntdll.dll, nvidia, oldtimer, plug-in, programme, realtek, registry, richtlinie, scan, sched.exe, searchplugins, security, security scan, shell32.dll, software, symantec, syswow64, temp, usb, usb 2.0, webcheck, windows




Ähnliche Themen: Windows 7: Security Center Alert!


  1. Security Center Alert Ads entfernen
    Anleitungen, FAQs & Links - 13.08.2015 (2)
  2. Security Center Alert! - Was ist denn nun los?
    Plagegeister aller Art und deren Bekämpfung - 06.06.2011 (8)
  3. Windows Security Alert / AV Security Suite / Antivirus Software Alert
    Plagegeister aller Art und deren Bekämpfung - 08.01.2011 (1)
  4. Meldung Windows Security Alert / AV Security Suite / Antivirus Software Alert
    Plagegeister aller Art und deren Bekämpfung - 17.09.2010 (26)
  5. Windows Security Alert / AV Security Suite / Antivirus Software Alert / gefakter AV lähmt PC
    Plagegeister aller Art und deren Bekämpfung - 09.09.2010 (3)
  6. selbe problem mit Windows Security Alert - Antivirus Software Alert
    Plagegeister aller Art und deren Bekämpfung - 15.08.2010 (3)
  7. Windows Security Alert / AV Security Suite / Antivirus Software Alert
    Plagegeister aller Art und deren Bekämpfung - 26.07.2010 (21)
  8. Windows Security Alert / AV Security Suite / Antivirus Software Alert// Ohne Internet
    Plagegeister aller Art und deren Bekämpfung - 21.07.2010 (1)
  9. PC friert ein, AntiVir und Co wird geblockt, Malware Defence, Security Center Alert
    Plagegeister aller Art und deren Bekämpfung - 17.01.2010 (1)
  10. system alert, windows security alert und fremde antiviren programme
    Plagegeister aller Art und deren Bekämpfung - 01.01.2010 (51)
  11. "Windows Security Center Alert", selbst ein Trojaner/Wurm ?
    Plagegeister aller Art und deren Bekämpfung - 29.12.2009 (5)
  12. Security Center Alert
    Plagegeister aller Art und deren Bekämpfung - 24.12.2009 (1)
  13. Windows Security Center Alert
    Plagegeister aller Art und deren Bekämpfung - 20.12.2009 (1)
  14. Fake Security Center Alert / Antivirusprogramme geblockt
    Log-Analyse und Auswertung - 18.12.2009 (3)
  15. Your computer remains infected by virus!... security center alert popup
    Log-Analyse und Auswertung - 09.12.2009 (4)
  16. Sicherheitszenter - Windows Security Center Alert
    Plagegeister aller Art und deren Bekämpfung - 28.10.2009 (3)
  17. System security center alert - Pop-up!?
    Plagegeister aller Art und deren Bekämpfung - 01.11.2006 (10)

Zum Thema Windows 7: Security Center Alert! - Hallo zusammen, habe folgende Probleme: - Ständig geht das Fenster mit "Security Center Alert!" auf - Eine "setupXXXXXXXXX.exe" versucht sich zu installieren (X = 9stellige Zahl die sich ständig ändert - Windows 7: Security Center Alert!...
Archiv
Du betrachtest: Windows 7: Security Center Alert! auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.