Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
ihavenet-virus.. help

ihavenet-virus.. help


Plagegeister aller Art und deren Bekämpfung: ihavenet-virus.. help

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 09.09.2012, 14:49   #1
holly0
 
ihavenet-virus.. help - Standard

ihavenet-virus.. help


Hallo Trojaner-Board-Team,

ich habe seit ein paar Tagen den fiesen ihavenet.com-Virus. Bemerkbar machte er sich in dem ich ständig auf die besagte Internetseite, oder aber anderen Seiten mit zwiespältigen Inhalten, geführt wurde. Zum Glück benutze ich dieses Notebook nicht auf Arbeit ^^

Ich habe schon einige Anleitungen zum Entfernen des Virus durchgelesen, aber mich dann doch entschlossen lieber euch Profis ranzulassen.

Ich bedanke mich schon mal im Vorraus für die Mühe.


OTL:

OTL logfile created on: 09.09.2012 14:47:34 - Run 3
OTL by OldTimer - Version 3.2.61.2 Folder = C:\Users\Privat\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,91 Gb Total Physical Memory | 2,76 Gb Available Physical Memory | 70,55% Memory free
7,81 Gb Paging File | 6,42 Gb Available in Paging File | 82,27% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232,79 Gb Total Space | 175,32 Gb Free Space | 75,31% Space Free | Partition Type: NTFS

Computer Name: PRIVAT-LAPTOP | User Name: Privat | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Privat\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe ()
PRC - C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe ()
PRC - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe ()
PRC - C:\Program Files (x86)\XSManager\WTGService.exe ()
PRC - C:\Program Files (x86)\XSManager\XSManager.exe (WebToGo Mobiles Internet GmbH)
PRC - C:\Windows\starter4g.exe (4G Systems GmbH & Co. KG)
PRC - C:\Windows\service4g.exe (4G Systems GmbH & Co. KG)


========== Modules (No Company Name) ==========

MOD - C:\Program Files (x86)\Common Files\AVG Secure Search\DNTInstaller\12.2.6\avgdttbx.dll ()
MOD - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.6\SiteSafety.dll ()
MOD - C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\f3814b488d9e083cbbc623e01b389f09\System.Data.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\Maps\R66Api.dll ()
MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe ()
MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\sqlite3.7.dll ()
MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\sqlite3.dll ()
MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\HtcDetect.dll ()
MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\htcDetectLegend.dll ()
MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\htcDisk.dll ()
MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\OutputLog.dll ()
MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\fdHttpd.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll ()
MOD - C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll ()
MOD - C:\Program Files (x86)\XSManager\4GSystems_WTGSMSPCClientGer.dll ()
MOD - C:\Program Files (x86)\XSManager\4GSystems_OneClickAssistantGer.dll ()
MOD - C:\Program Files (x86)\XSManager\WTGDriverInstallX.Dll ()
MOD - C:\Program Files (x86)\XSManager\WTGSMSPCClient.Dll ()
MOD - C:\Program Files (x86)\XSManager\WtgCore.dll ()
MOD - C:\Program Files (x86)\XSManager\WtgDriverInstall.dll ()
MOD - C:\Program Files (x86)\XSManager\WtgBluetooth.dll ()
MOD - C:\Program Files (x86)\XSManager\WtgDialup.dll ()
MOD - C:\Program Files (x86)\XSManager\WtgDetection.dll ()
MOD - C:\Program Files (x86)\XSManager\WtgDatabase.dll ()
MOD - C:\Program Files (x86)\XSManager\WtgPorts.dll ()
MOD - C:\Program Files (x86)\XSManager\WtgUtil.dll ()


========== Services (SafeList) ==========

SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (vToolbarUpdater12.2.6) -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe ()
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (npggsvc) -- C:\Windows\SysWOW64\GameMon.des (INCA Internet Co., Ltd.)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (PassThru Service) -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe ()
SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (WTGService) -- C:\Program Files (x86)\XSManager\WTGService.exe ()
SRV - (XS Stick Service) -- C:\Windows\service4g.exe (4G Systems GmbH & Co. KG)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV:64bit: - (avgtp) -- C:\Windows\SysNative\drivers\avgtpx64.sys (AVG Technologies)
DRV:64bit: - (cmnsusbser) -- C:\Windows\SysNative\drivers\cmnsusbser.sys (Mobile Connector)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (htcnprot) -- C:\Windows\SysNative\drivers\htcnprot.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (HTCAND64) -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys (HTC, Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (usb_rndisx) -- C:\Windows\SysNative\drivers\usb8023x.sys (Microsoft Corporation)
DRV:64bit: - (netw5v64) -- C:\Windows\SysNative\drivers\netw5v64.sys (Intel Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (cmnsusbser) -- C:\Windows\SysWOW64\drivers\cmnsusbser.sys (Mobile Connector)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-444856508-3485798204-574523835-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://isearch.avg.com/?cid={8FC0E3CB-2713-4376-9103-FE246E45F207}&mid=abfbdab7e45a46489fc1af5902e32d56-8310918e65a94bd3f7656650b9606fedd14066ea&lang=de&ds=hk011&pr=sa&d=2012-07-10 19:49:58&v=12.2.5.32&sap=hp
IE - HKU\S-1-5-21-444856508-3485798204-574523835-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-444856508-3485798204-574523835-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKU\S-1-5-21-444856508-3485798204-574523835-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 67 29 02 A5 3E 17 CD 01 [binary data]
IE - HKU\S-1-5-21-444856508-3485798204-574523835-1000\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKU\S-1-5-21-444856508-3485798204-574523835-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-444856508-3485798204-574523835-1000\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://isearch.avg.com/search?cid={8FC0E3CB-2713-4376-9103-FE246E45F207}&mid=abfbdab7e45a46489fc1af5902e32d56-8310918e65a94bd3f7656650b9606fedd14066ea&lang=de&ds=hk011&pr=sa&d=2012-07-10 19:49:58&v=12.2.5.32&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-444856508-3485798204-574523835-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledAddons: DivXWebPlayer@divx.com:2.0.2.039
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_271.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.6\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\12.2.5.32\ [2012.08.30 22:43:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.09.07 23:04:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.09.07 23:04:18 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2012.04.10 12:46:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Privat\AppData\Roaming\mozilla\Extensions
[2012.07.26 21:15:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Privat\AppData\Roaming\mozilla\Firefox\Profiles\w1ql5h7e.default\extensions
[2012.06.03 18:43:13 | 000,550,833 | ---- | M] () (No name found) -- C:\Users\Privat\AppData\Roaming\mozilla\firefox\profiles\w1ql5h7e.default\extensions\DivXWebPlayer@divx.com.xpi
[2012.07.26 21:15:04 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\Privat\AppData\Roaming\mozilla\firefox\profiles\w1ql5h7e.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012.04.10 12:46:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.09.07 23:04:18 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.03.13 07:23:34 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.08.30 22:43:15 | 000,003,771 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2012.09.07 23:04:17 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.03.13 07:23:34 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.03.13 07:23:34 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.03.13 07:23:34 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.03.13 07:23:34 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\12.2.5.32\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\12.2.5.32\AVG Secure Search_toolbar.dll ()
O3 - HKU\S-1-5-21-444856508-3485798204-574523835-1000\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [HF_G_Jul] C:\Program Files (x86)\AVG Secure Search\HF_G_Jul.exe ()
O4 - HKLM..\Run: [HTC Sync Loader] C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe ()
O4 - HKLM..\Run: [ROC_ROC_JULY_P1] C:\Program Files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe ()
O4 - HKLM..\Run: [starter4g] C:\Windows\starter4g.exe (4G Systems GmbH & Co. KG)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4B630F34-B32B-4D3B-82D2-ADF8C557C620}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7CC07784-FB7F-422F-AB55-62C214F41480}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F8222A10-C0D8-4B1F-8611-EE440FD13FAE}: NameServer = 193.189.244.206 193.189.244.225
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F8EB8377-4CFE-413A-893F-1D62991E1473}: DhcpNameServer = 192.168.42.129
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\12.2.6\ViProtocol.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{4ddb1a5e-aa17-11e1-aa6d-0022fbca0172}\Shell - "" = AutoRun
O33 - MountPoints2\{4ddb1a5e-aa17-11e1-aa6d-0022fbca0172}\Shell\AutoRun\command - "" = "E:\WD SmartWare.exe" autoplay=true
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012.09.09 08:08:32 | 000,000,000 | ---D | C] -- C:\Users\Privat\AppData\Local\{616541B9-301C-4877-ABF8-641F2D64EE12}
[2012.09.08 10:07:03 | 000,000,000 | ---D | C] -- C:\Users\Privat\AppData\Local\{A4F7D140-0730-4710-9336-21E77C6F4B3B}
[2012.09.07 10:06:38 | 000,000,000 | ---D | C] -- C:\Users\Privat\AppData\Local\{59F71E5C-F766-431C-9E7C-DA3ADB073574}
[2012.09.06 10:06:20 | 000,000,000 | ---D | C] -- C:\Users\Privat\AppData\Local\{436260F4-BECF-42AE-9064-8676CE8EE0CE}
[2012.09.05 10:42:07 | 000,000,000 | ---D | C] -- C:\Users\Privat\AppData\Local\{5CDB34CF-48F9-4B30-9531-3332848DF93E}
[2012.09.04 21:27:05 | 000,000,000 | ---D | C] -- C:\Users\Privat\AppData\Local\{491EC3A1-2EFA-4638-A91A-F8C7A29C60A2}
[2012.09.04 19:26:46 | 000,000,000 | ---D | C] -- C:\Users\Privat\AppData\Local\{C00AF378-187F-4A67-B338-1994762FC307}
[2012.09.03 19:03:42 | 000,000,000 | ---D | C] -- C:\Users\Privat\AppData\Local\{78FBC4E2-0BC6-41DE-AC04-5C4926A0AFCD}
[2012.09.02 22:06:11 | 000,000,000 | ---D | C] -- C:\Users\Privat\AppData\Local\{105423ED-123D-46CD-8760-8A309A6B76AE}
[2012.09.02 10:04:48 | 000,000,000 | ---D | C] -- C:\Users\Privat\AppData\Local\{102B6DB5-1F92-4899-8FF0-8974176085E4}
[2012.09.01 14:32:22 | 000,000,000 | ---D | C] -- C:\Users\Privat\AppData\Local\{74254C9C-E85A-4A79-BCCD-C38BC761408A}
[2012.08.31 21:06:18 | 000,000,000 | ---D | C] -- C:\Users\Privat\AppData\Local\{090EE768-E776-4AEC-8624-249468672899}
[2012.08.30 22:43:19 | 000,031,080 | ---- | C] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2012.08.30 20:42:46 | 000,000,000 | ---D | C] -- C:\Users\Privat\AppData\Local\{C889C569-CF38-4720-A29E-156A15680B78}
[2012.08.30 07:52:43 | 000,000,000 | ---D | C] -- C:\Users\Privat\AppData\Local\{130CAB28-A8C7-475A-9A84-795947D44C91}
[2012.08.29 19:49:56 | 000,000,000 | ---D | C] -- C:\Users\Privat\AppData\Local\{9656F777-C8A9-4CBE-82B3-2E03737AA809}
[2012.08.29 07:06:48 | 000,000,000 | ---D | C] -- C:\Users\Privat\AppData\Local\{39ED0FD8-78C0-4E38-A181-14FDCE27B1DD}
[2012.08.28 18:49:19 | 000,000,000 | ---D | C] -- C:\Users\Privat\AppData\Local\{951D3822-0167-4231-89E0-22BD6F49F362}
[2012.08.27 20:29:31 | 000,000,000 | ---D | C] -- C:\Users\Privat\AppData\Local\{BD1BC1C5-3B17-448E-A7A3-0807B8E78DFE}
[2012.08.26 13:17:16 | 000,000,000 | ---D | C] -- C:\Users\Privat\AppData\Local\{E72E283E-CAA4-43B1-8779-675EA124E454}
[2012.08.26 07:21:38 | 000,000,000 | ---D | C] -- C:\Users\Privat\AppData\Local\{EC0DC912-C4ED-4BF1-B050-B8DA43C6D527}
[2012.08.25 11:10:55 | 000,000,000 | ---D | C] -- C:\Users\Privat\AppData\Local\{87C2A868-1975-46B3-B50F-2CFBB4BA8FFD}
[2012.08.25 06:54:36 | 000,000,000 | ---D | C] -- C:\Users\Privat\AppData\Local\{723F992D-772B-4001-A6DE-F63A3258E6D5}
[2012.08.24 15:19:35 | 000,000,000 | ---D | C] -- C:\Users\Privat\AppData\Local\{7564E01B-6EA7-4E63-BF31-E0A5AEE1FB60}
[2012.08.23 20:00:43 | 000,000,000 | ---D | C] -- C:\Users\Privat\AppData\Local\{AA95BC63-7A3D-49C9-99D2-DD1365A193AA}
[2012.08.22 19:08:06 | 000,000,000 | ---D | C] -- C:\Users\Privat\AppData\Local\{D274171E-7F1C-44B2-903F-7E7B8591A509}
[2012.08.21 18:46:33 | 000,000,000 | ---D | C] -- C:\Users\Privat\AppData\Local\{93C4114F-D768-44F8-A80E-4B9E0AD56CF9}
[2012.08.20 19:46:22 | 000,000,000 | ---D | C] -- C:\Users\Privat\AppData\Local\{FE95E47D-CD9F-4BC4-A177-550BA6CE4DD2}
[2012.08.19 11:07:56 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012.08.19 11:04:20 | 000,000,000 | ---D | C] -- C:\Users\Privat\AppData\Local\{582E40B1-E7CF-4696-AB92-535933685F0B}
[2012.08.18 16:44:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2012.08.18 16:44:12 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2012.08.18 16:44:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2012.08.18 12:19:37 | 000,000,000 | ---D | C] -- C:\Users\Privat\AppData\Local\{E8E38926-6DF6-4B43-9E4D-38F5447B6F8F}
[2012.08.18 12:17:34 | 000,000,000 | ---D | C] -- C:\Users\Privat\AppData\Local\{2F7E6DEF-3E3A-4507-8D83-42BB1292836C}
[2012.08.17 22:54:21 | 000,000,000 | ---D | C] -- C:\Users\Privat\AppData\Local\{DCEDD600-FD6E-4344-9023-E14916267653}
[2012.08.17 22:53:19 | 000,000,000 | ---D | C] -- C:\Users\Privat\AppData\Local\{A7C5A409-DE70-4B73-A3CD-28AD63D380D6}
[2012.08.17 09:29:54 | 000,000,000 | ---D | C] -- C:\Users\Privat\AppData\Local\{5436DA30-99FA-4F12-8D3F-DAEA7ACB4B29}
[2012.08.17 09:29:48 | 000,000,000 | ---D | C] -- C:\Users\Privat\AppData\Local\{A10D462F-016C-4302-A16D-94795CCCF8F0}
[2012.08.16 22:23:28 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.08.16 22:23:28 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.08.16 22:23:27 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.08.16 22:23:27 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.08.16 22:23:26 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.08.16 22:23:25 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.08.16 22:23:25 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.08.16 22:23:25 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.08.16 22:23:24 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.08.16 22:23:24 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.08.16 22:23:24 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.08.16 22:23:22 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.08.16 22:23:21 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.08.16 21:29:30 | 000,000,000 | ---D | C] -- C:\Users\Privat\AppData\Local\{A5679616-C0A3-404A-A5E0-E2186B13512A}
[2012.08.16 09:36:34 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2012.08.16 09:36:30 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2012.08.16 09:36:29 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2012.08.16 09:36:29 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe
[2012.08.16 09:36:27 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2012.08.16 09:36:27 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2012.08.16 09:36:27 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll
[2012.08.16 09:36:21 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2012.08.16 09:29:18 | 000,000,000 | ---D | C] -- C:\Users\Privat\AppData\Local\{A18D73A5-E57F-43B9-9384-1701EAC31F37}
[2012.08.16 09:27:23 | 000,000,000 | ---D | C] -- C:\Users\Privat\AppData\Local\{A55CCCB6-F111-494D-81DF-CF2DD2DC13BF}
[2012.08.12 10:32:04 | 000,000,000 | ---D | C] -- C:\Users\Privat\AppData\Local\{F3513E78-95C2-41E4-B920-2C8AE455EEF6}
[2012.08.12 10:30:13 | 000,000,000 | ---D | C] -- C:\Users\Privat\AppData\Local\{EDEB4DE4-EF13-4E7C-A933-B6083ACC6074}
[2012.08.11 18:15:28 | 000,000,000 | ---D | C] -- C:\Users\Privat\AppData\Local\{DB026238-E3AF-450A-AA6C-BDA93A2A3CD3}
[2012.08.11 18:14:22 | 000,000,000 | ---D | C] -- C:\Users\Privat\AppData\Local\{AC11E768-4B6D-49B5-8C33-612ADF1D07CE}
[2012.08.10 19:52:26 | 000,000,000 | ---D | C] -- C:\Users\Privat\AppData\Local\{D9D5F37C-8B76-4F9C-8FF9-471BAD0002EC}
[2012.08.10 19:49:19 | 000,000,000 | ---D | C] -- C:\Users\Privat\AppData\Local\{7C47A0FF-5280-4039-891E-31A15F82B292}

========== Files - Modified Within 30 Days ==========

[2012.09.09 14:41:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.09.09 14:05:45 | 000,015,136 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.09.09 14:05:45 | 000,015,136 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.09.09 13:57:49 | 000,000,314 | ---- | M] () -- C:\Windows\tasks\aktu.job
[2012.09.09 13:57:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.09.09 13:57:37 | 3144,871,936 | -HS- | M] () -- C:\hiberfil.sys
[2012.09.06 11:55:06 | 000,139,264 | RHS- | M] () -- C:\Windows\SysWow64\IMJP10D.dll
[2012.09.05 20:52:09 | 000,000,197 | ---- | M] () -- C:\Users\Privat\Documents\4.rtf
[2012.09.05 18:56:08 | 000,012,502 | ---- | M] () -- C:\Users\Privat\Documents\Dokument.odt
[2012.08.30 22:43:19 | 000,031,080 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2012.08.29 22:59:05 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.08.29 22:59:05 | 000,654,166 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.08.29 22:59:05 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.08.29 22:59:05 | 000,130,006 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.08.29 22:59:05 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.08.18 16:08:13 | 000,000,193 | ---- | M] () -- C:\Users\Privat\Desktop\skygo.rtf
[2012.08.17 09:18:36 | 000,293,448 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.08.16 09:41:30 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.08.16 09:41:30 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

========== Files Created - No Company Name ==========

[2012.09.06 11:55:06 | 000,139,264 | RHS- | C] () -- C:\Windows\SysWow64\IMJP10D.dll
[2012.09.06 11:55:06 | 000,000,314 | ---- | C] () -- C:\Windows\tasks\aktu.job
[2012.09.05 20:52:09 | 000,000,197 | ---- | C] () -- C:\Users\Privat\Documents\4.rtf
[2012.08.18 16:08:13 | 000,000,193 | ---- | C] () -- C:\Users\Privat\Desktop\skygo.rtf

========== LOP Check ==========

[2012.04.25 12:34:36 | 000,000,000 | ---D | M] -- C:\Users\Privat\AppData\Roaming\HTC
[2012.04.25 12:33:58 | 000,000,000 | ---D | M] -- C:\Users\Privat\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
[2012.04.15 15:48:09 | 000,000,000 | ---D | M] -- C:\Users\Privat\AppData\Roaming\LockLizard
[2012.07.31 18:53:51 | 000,000,000 | ---D | M] -- C:\Users\Privat\AppData\Roaming\OpenOffice.org
[2012.04.26 13:31:43 | 000,000,000 | ---D | M] -- C:\Users\Privat\AppData\Roaming\Windows Live Writer
[2012.07.25 21:02:24 | 000,000,000 | ---D | M] -- C:\Users\Privat\AppData\Roaming\XSManager
[2012.09.09 13:57:49 | 000,000,314 | ---- | M] () -- C:\Windows\Tasks\aktu.job
[2012.06.22 14:10:55 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\Users\Privat\Documents\eEdS LS Band2 v3.pdc:SummaryInformation

< End of report >

Alt 10.09.2012, 11:30   #2
markusg
/// Malware-holic
 
ihavenet-virus.. help - Standard

ihavenet-virus.. help


hi

dieses script sowie evtl. folgende scripts sind nur für den jeweiligen user.
wenn ihr probleme habt, eröffnet eigene topics und wartet auf, für euch angepasste scripts.


• Starte bitte die OTL.exe
• Kopiere nun das Folgende in die Textbox.



Code:
ATTFilter
:OTL
[2012.09.06 11:55:06 | 000,139,264 | RHS- | M] () -- C:\Windows\SysWow64\IMJP10D.dll
[2012.09.06 11:55:06 | 000,000,314 | ---- | C] () -- C:\Windows\tasks\aktu.job
 :Files
:Commands
[purity]
[EMPTYFLASH] 
[emptytemp]
[Reboot]


• Schliesse bitte nun alle Programme.
• Klicke nun bitte auf den Fix Button.
• OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
• Nach dem Neustart findest Du ein Textdokument, dessen inhalt in deiner nächsten antwort hier reinkopieren.
starte in den normalen modus.

falls du keine symbole hast, dann rechtsklick, ansicht, desktop symbole einblenden

Hinweis: Die Datei bitte wie in der Anleitung zum UpChannel angegeben auch da hochladen. Bitte NICHT die ZIP-Datei hier als Anhang
in den Thread posten!



Drücke bitte die + E Taste.
  • Öffne dein Systemlaufwerk ( meistens C: )
  • Suche nun
    folgenden Ordner: _OTL und öffne diesen.
  • Mache einen Rechtsklick auf den Ordner Movedfiles --> Senden an --> Zip-Komprimierter Ordner

  • Dies wird eine Movedfiles.zip Datei in _OTL erstellen
  • Lade diese bitte in unseren Uploadchannel
    hoch. ( Durchsuchen --> C:\_OTL\Movedfiles.zip )
Teile mir mit ob der Upload problemlos geklappt hat. Danke im voraus
downloade get info:
File-Upload.net - GetInfo.exe
doppelklicke die .exe
im selben ordner wird nun eine .txt erstellt:
summary-info.txt
diese doppelklicken und deren inhalt posten.
__________________

__________________
Alt 10.09.2012, 18:55   #3
holly0
 
ihavenet-virus.. help - Standard

ihavenet-virus.. help


Danke, Upload hat problemlos geklappt.

System volume information: dwHighDateTime = 0x1ccd6ff,dwLowDateTime = 0xde1a2ea0
System32: dwHighDateTime = 0x1ca0431,dwLowDateTime = 0xfec9a6f8
dwSerialNumber = 0xb823d355
__________________
Alt 10.09.2012, 19:19   #4
markusg
/// Malware-holic
 
ihavenet-virus.. help - Standard

ihavenet-virus.. help


ich danke dir.
hast du am 06.09 bzw 05.09 etwas geladen, bzw evtl. etwas über eine suchmaschine gesucht und bist dort zum downloaden aufgefordert worden, infos gerne per privater nachicht.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Antwort

Themen zu ihavenet-virus.. help
adobe, antivir, autorun, avg, avg secure search, avg security toolbar, avira, bho, cid, desktop, entfernen, explorer, fiese, firefox, flash player, format, google, help, helper, home, langs, logfile, registry, scan, secure search, security, seiten, software, stick, vtoolbarupdater, windows


« Trjan.Phex.THAGen9 + Rootkit.oAccess + Trojan.0Access | Trojaner verschickt Emails über Yahoo-Account »


Ähnliche Themen: ihavenet-virus.. help


  1. Ihavenet - Virus
    Log-Analyse und Auswertung - 17.11.2013 (6)
  2. ihavenet virus
    Log-Analyse und Auswertung - 09.10.2013 (28)
  3. ihavenet-Virus
    Plagegeister aller Art und deren Bekämpfung - 09.10.2013 (11)
  4. 2x | Ihavenet - Virus
    Mülltonne - 30.09.2013 (1)
  5. IHAVENET-virus??
    Plagegeister aller Art und deren Bekämpfung - 30.09.2013 (12)
  6. ihavenet Virus
    Plagegeister aller Art und deren Bekämpfung - 18.06.2013 (11)
  7. Ihavenet.com Virus
    Plagegeister aller Art und deren Bekämpfung - 28.02.2013 (30)
  8. Ihavenet Virus
    Plagegeister aller Art und deren Bekämpfung - 12.12.2012 (13)
  9. ihavenet virus
    Plagegeister aller Art und deren Bekämpfung - 06.12.2012 (3)
  10. ihavenet Virus
    Log-Analyse und Auswertung - 01.12.2012 (13)
  11. Ihavenet.com Browser Hijacker- bei Googlesuche öffnen sich andere Seiten (Weiterleitung über Ihavenet.com)
    Log-Analyse und Auswertung - 21.11.2012 (13)
  12. Ihavenet.com - Virus
    Plagegeister aller Art und deren Bekämpfung - 09.11.2012 (9)
  13. ihavenet - Virus
    Log-Analyse und Auswertung - 03.11.2012 (20)
  14. ihavenet.com virus auf dem PC
    Plagegeister aller Art und deren Bekämpfung - 29.10.2012 (5)
  15. ihavenet virus
    Log-Analyse und Auswertung - 07.10.2012 (1)
  16. ihavenet- virus
    Plagegeister aller Art und deren Bekämpfung - 17.09.2012 (13)
  17. Ihavenet.com Virus
    Log-Analyse und Auswertung - 13.09.2012 (12)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema ihavenet-virus.. help - Hallo Trojaner-Board-Team, ich habe seit ein paar Tagen den fiesen ihavenet.com-Virus. Bemerkbar machte er sich in dem ich ständig auf die besagte Internetseite, oder aber anderen Seiten mit zwiespältigen Inhalten, - ihavenet-virus.. help...
Archiv
Du betrachtest: ihavenet-virus.. help auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19