Zurück   Trojaner-Board > Archiv - Kein Posten möglich > Mülltonne
2x | http://www.searchnu.com/413 von Chip.de. Klasse Magazin. Bietet infizierte Software zum Download an.

2x | http://www.searchnu.com/413 von Chip.de. Klasse Magazin. Bietet infizierte Software zum Download an.


Mülltonne: 2x | http://www.searchnu.com/413 von Chip.de. Klasse Magazin. Bietet infizierte Software zum Download an.

Windows 7 Beiträge, die gegen unsere Regeln verstoßen haben, solche, die die Welt nicht braucht oder sonstiger Müll landet hier in der Mülltonne...

 
Alt 10.03.2013, 14:54   #1
grimreaper
 
2x | http://www.searchnu.com/413 von Chip.de. Klasse Magazin. Bietet infizierte Software zum Download an. - Standard

2x | http://www.searchnu.com/413 von Chip.de. Klasse Magazin. Bietet infizierte Software zum Download an.


Hallo zusammen,

ich habe den hxxp://www.searchnu.com/413 Trojaner von Chip.de FLV Converter eingefangen. Bin stink sauer, was soll ich machen? Führe gerade Malwarebytes Vollscan durch. Wie kann so ein Misst überhaupt passieren? Chip.de, hallo?????????????? Was ist denn das für ein Dreck. Ich hoffe, dass Ihr mir helfen könnt. MBAM log wird gleich gepostet. Ich habe keine Lust das ganze System neu zu installieren.

Vielen Dank im Voraus für Eure Hilfe.

Grimreaper

Also: bevor ich den Thread oben gestartet habe, habe ich mit einer etwas älteren Version von MBAM ein Quickscan gemacht und habe unabsichtlich eine Malware-Datei gelöscht (ich habs gerade gelesen dass man das nicht machen sollte). Die Logdatei von diesem Scan ist kopiert. Und nachdem ich den Thread gestartet habe (besser gesagt während) habe ich mit der neusten Version von MBAM ein VollScan gemacht, scheint aber nichts gefunden zu haben. Wie gesagt beide Logdateien:

Malwarebytes Anti-Malware 1.60.0.1800
Malwarebytes : Free Anti-Malware download

Database version: v2013.03.09.13

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 6.0.2900.5512
The Grim Reaper :: THEGRIMREAPER-1 [limited]

Protection: Enabled

2013.03.10. 14:27:59
mbam-log-2013-03-10 (14-27-59).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 152131
Time elapsed: 5 minute(s), 17 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Documents and Settings\The Grim Reaper\Local Settings\Temp\LfebEWOE.exe.part (PUP.Offerware) -> Quarantined and deleted successfully.

(end)


**********************************************************
**********************************************************



Malwarebytes Anti-Malware 1.70.0.1100
Malwarebytes : Free Anti-Malware download

Database version: v2013.03.10.03

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 6.0.2900.5512
Adminisztrátor :: THEGRIMREAPER-1 [administrator]

2013.03.10. 14:43:31
mbam-log-2013-03-10 (14-43-31).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 352853
Time elapsed: 46 minute(s), 3 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


PLS Hilfe. Das einzige Symptom bisher ist, dass beim Öffnen von einem neuen Tab in Mozilla die Seite Search angezeigt wird.

VG,
Grimreaper

Also: bevor ich den Thread oben gestartet habe, habe ich mit einer etwas älteren Version von MBAM ein Quickscan gemacht und habe unabsichtlich eine Malware-Datei gelöscht (ich habs gerade gelesen dass man das nicht machen sollte). Die Logdatei von diesem Scan ist kopiert. Und nachdem ich den Thread gestartet habe (besser gesagt während) habe ich mit der neusten Version von MBAM ein VollScan gemacht, scheint aber nichts gefunden zu haben. Wie gesagt beide Logdateien:

Malwarebytes Anti-Malware 1.60.0.1800
Malwarebytes : Free Anti-Malware download

Database version: v2013.03.09.13

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 6.0.2900.5512
The Grim Reaper :: THEGRIMREAPER-1 [limited]

Protection: Enabled

2013.03.10. 14:27:59
mbam-log-2013-03-10 (14-27-59).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 152131
Time elapsed: 5 minute(s), 17 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Documents and Settings\The Grim Reaper\Local Settings\Temp\LfebEWOE.exe.part (PUP.Offerware) -> Quarantined and deleted successfully.

(end)


**********************************************************
**********************************************************



Malwarebytes Anti-Malware 1.70.0.1100
Malwarebytes : Free Anti-Malware download

Database version: v2013.03.10.03

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 6.0.2900.5512
Adminisztrátor :: THEGRIMREAPER-1 [administrator]

2013.03.10. 14:43:31
mbam-log-2013-03-10 (14-43-31).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 352853
Time elapsed: 46 minute(s), 3 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


PLS Hilfe. Das einzige Symptom bisher ist, dass beim Öffnen von einem neuen Tab in Mozilla die Seite Search angezeigt wird.

VG,
Grimreaper

Seitdem habe ich auch OTL ausgeführt mit folgenden Einstellungen:

Haken bei Scanne alle Benutzer gesetzt.
Unter Extra Registry, Use SafeList ausgewählt.

Log File anbei, hoffe, dass jemand auf mein Thread antwordet. Vielleicht Cosinus?OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 2013.03.10. 17:10:33 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\Adminisztrátor\Asztal
Windows XP Professional Edition Szervizcsomag 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 0000040E | Country: Magyarország | Language: HUN | Date Format: yyyy.MM.dd.
 
2,50 Gb Total Physical Memory | 1,82 Gb Available Physical Memory | 72,87% Memory free
4,34 Gb Paging File | 3,66 Gb Available in Paging File | 84,34% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 250,00 Gb Total Space | 217,89 Gb Free Space | 87,16% Space Free | Partition Type: NTFS
Drive D: | 448,63 Gb Total Space | 404,59 Gb Free Space | 90,18% Space Free | Partition Type: NTFS
 
Computer Name: THEGRIMREAPER-1 | User Name: Adminisztrátor | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.03.10 15:49:01 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Adminisztrátor\Asztal\OTL.exe
PRC - [2013.02.14 11:07:38 | 001,683,456 | ---- | M] (Bandoo Media, inc) -- C:\Program Files\Searchqu Toolbar\Datamngr\datamngrUI.exe
PRC - [2012.12.29 10:49:28 | 019,160,032 | ---- | M] (VoipDiscount) -- C:\Program Files\VoipDiscount\voipdiscount.exe
PRC - [2012.12.14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.12.14 16:49:28 | 000,512,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012.12.14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012.12.08 13:48:47 | 000,161,768 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2012.08.11 13:55:25 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.07.03 09:04:58 | 000,507,312 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
PRC - [2012.05.02 00:42:31 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2012.05.01 23:34:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.04.24 01:11:59 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2010.03.04 22:38:00 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe
PRC - [2008.04.14 17:02:16 | 001,035,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008.01.29 11:25:10 | 000,598,016 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
PRC - [2008.01.29 11:24:46 | 000,163,840 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
PRC - [2004.05.05 09:49:08 | 000,491,520 | ---- | M] (Hewlett-Packard) -- C:\WINDOWS\system32\hphmon05.exe
PRC - [2004.05.04 18:51:22 | 000,176,128 | ---- | M] (HP) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
PRC - [2004.03.18 15:55:48 | 000,065,536 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe
PRC - [2003.12.05 14:41:44 | 000,049,152 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\HP Software Update\hpwuSchd2.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.04.16 22:11:02 | 000,398,288 | ---- | M] () -- C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2011.09.05 18:05:04 | 000,300,544 | ---- | M] () -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.HUN
MOD - [2010.03.04 22:38:00 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe
MOD - [2008.05.22 20:19:00 | 000,466,944 | ---- | M] () -- C:\WINDOWS\system32\nvshell.dll
MOD - [2008.01.29 11:25:10 | 000,598,016 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
MOD - [2008.01.29 11:24:46 | 000,163,840 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
MOD - [2008.01.29 11:18:40 | 000,454,656 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\SpecialCase.dll
MOD - [2008.01.29 11:17:38 | 000,102,400 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nv_common.dll
 
 
========== Services (SafeList) ==========
 
SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2012.12.14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.12.14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012.12.08 13:48:47 | 000,161,768 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012.05.02 00:42:31 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.05.01 23:34:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010.03.04 22:38:00 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccess)
SRV - [2008.01.29 11:25:10 | 000,598,016 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM)
SRV - [2008.01.29 11:24:46 | 000,163,840 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe -- (nSvcIp)
SRV - [2004.03.18 15:55:48 | 000,065,536 | ---- | M] (HP) [On_Demand | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - [2012.12.15 00:47:14 | 000,239,168 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2012.12.14 16:49:28 | 000,021,104 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012.04.27 09:20:04 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2012.04.24 23:32:27 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012.04.16 20:18:01 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2010.06.17 14:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.11.12 13:48:56 | 000,005,504 | ---- | M] () [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2008.09.25 17:35:24 | 000,181,120 | ---- | M] (Stephan Schreiber) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\ext2fs.sys -- (Ext2fs)
DRV - [2008.08.28 22:45:58 | 000,051,072 | ---- | M] (Stephan Schreiber) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ifsmount.sys -- (IfsMount)
DRV - [2008.05.20 10:53:00 | 004,800,000 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2008.04.28 10:02:42 | 000,038,176 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvhda32.sys -- (NVHDA)
DRV - [2008.01.29 05:37:48 | 000,022,016 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2008.01.29 05:37:46 | 000,054,016 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2007.10.12 09:53:10 | 000,013,312 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2005.01.31 11:20:04 | 000,211,712 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LV561AV.SYS -- (PID_0928)
DRV - [2005.01.31 11:12:48 | 000,022,016 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2004.08.13 03:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=0&systemid=413&apn_dtid=BND413&apn_ptnrs=AGA&o=APN10649&apn_uid=4562161314034821&q={searchTerms}
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-1409082233-484061587-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Search-results Search
IE - HKU\S-1-5-21-1409082233-484061587-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Search
IE - HKU\S-1-5-21-1409082233-484061587-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=0&systemid=413&apn_dtid=BND413&apn_ptnrs=AGA&o=APN10649&apn_uid=4562161314034821&q={searchTerms}
IE - HKU\S-1-5-21-1409082233-484061587-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Search Results"
FF - prefs.js..browser.search.order.1: "Search Results"
FF - prefs.js..browser.search.selectedEngine: "Search Results"
FF - prefs.js..browser.startup.homepage: "hxxp://www.searchnu.com/413"
FF - prefs.js..extensions.enabledAddons: {1FD91A9C-410C-4090-BBCC-55D3450EF433}:1.0
FF - prefs.js..extensions.enabledAddons: {3ec1a45c-8bc3-4bfe-b226-4051c5d3d068}:1.0.0.12
FF - prefs.js..keyword.URL: "hxxp://dts.search-results.com/sr?src=ffb&gct=ds&appid=0&systemid=413&apn_dtid=BND413&apn_ptnrs=AGA&apn_uid=4562161314034821&o=APN10649&q="
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.09.11 16:39:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
 
[2013.03.09 13:05:22 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Adminisztrátor\Application Data\Mozilla\Extensions
[2013.03.09 13:05:22 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Adminisztrátor\Application Data\Mozilla\Firefox\Profiles\n6tywqy7.default\extensions
[2013.03.09 13:05:11 | 000,000,000 | ---D | M] (Search-Results Toolbar) -- C:\Documents and Settings\Adminisztrátor\Application Data\Mozilla\Firefox\Profiles\n6tywqy7.default\extensions\{3ec1a45c-8bc3-4bfe-b226-4051c5d3d068}
[2013.03.09 13:05:07 | 000,002,683 | ---- | M] () -- C:\Documents and Settings\Adminisztrátor\Application Data\Mozilla\Firefox\Profiles\n6tywqy7.default\searchplugins\Search_Results.xml
[2013.03.09 13:05:22 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012.01.02 18:34:07 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISZTRáTOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N6TYWQY7.DEFAULT\EXTENSIONS\{3EC1A45C-8BC3-4BFE-B226-4051C5D3D068}
[2013.03.09 13:05:22 | 000,000,000 | ---D | M] (DataMngr) -- C:\PROGRAM FILES\SEARCHQU TOOLBAR\DATAMNGR\FIREFOXEXTENSION
[2011.08.07 20:27:15 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2011.09.11 16:39:23 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.09.11 16:39:20 | 000,002,933 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bluu.xml
[2011.09.11 16:39:20 | 000,000,980 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-hu.xml
[2013.03.09 13:05:07 | 000,002,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Search_Results.xml
[2011.09.11 16:39:20 | 000,001,628 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\sztaki-en-hu.xml
[2011.09.11 16:39:20 | 000,000,974 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\vatera.xml
[2011.09.11 16:39:20 | 000,001,189 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-hu.xml
 
O1 HOSTS File: ([2001.10.26 13:00:00 | 000,000,687 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Search-Results Toolbar) - {3ec1a45c-8bc3-4bfe-b226-4051c5d3d068} - C:\Program Files\Searchqu Toolbar\Datamngr\SRTOOL~1\searchresultsDx.dll (APN LLC)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Program Files\Searchqu Toolbar\Datamngr\BrowserConnection.dll (Bandoo Media, inc)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Search-Results Toolbar) - {3ec1a45c-8bc3-4bfe-b226-4051c5d3d068} - C:\Program Files\Searchqu Toolbar\Datamngr\SRTOOL~1\searchresultsDx.dll (APN LLC)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [DATAMNGR] C:\Program Files\Searchqu Toolbar\Datamngr\datamngrUI.exe (Bandoo Media, inc)
O4 - HKLM..\Run: [HP Software Update] c:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe (HP)
O4 - HKLM..\Run: [HPHmon05] C:\WINDOWS\system32\hphmon05.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HPHUPD05] c:\Program Files\Hewlett-Packard\\{5372B9A6-6E51-4f90-9B40-E0A3B8475C4E}\hphupd05.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKU\S-1-5-21-1409082233-484061587-682003330-1003..\Run: [VoipDiscount] C:\Program Files\VoipDiscount\VoipDiscount.exe (VoipDiscount)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1409082233-484061587-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\nvLsp.dll (NVIDIA)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C6AA9957-0C8B-4BA9-BC0D-A248ADD358C0}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O20 - AppInit_DLLs: (C:\DOCUME~1\ALLUSE~1\APPLIC~1\Wincert\WIN32C~1.DLL) - C:\Documents and Settings\All Users\Application Data\Wincert\win32cert.dll ()
O20 - AppInit_DLLs: (C:\PROGRA~1\SEARCH~1\Datamngr\datamngr.dll) - C:\Program Files\Searchqu Toolbar\Datamngr\datamngr.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (C:\PROGRA~1\SEARCH~1\Datamngr\IEBHO.dll) - C:\Program Files\Searchqu Toolbar\Datamngr\IEBHO.dll (Bandoo Media, inc)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Jelenlegi saját honlap) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Lanka.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Lanka.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.08.03 12:20:42 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.03.10 15:52:14 | 002,237,968 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Adminisztrátor\Asztal\tdsskiller.exe
[2013.03.10 15:51:32 | 004,732,416 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Adminisztrátor\Asztal\aswMBR.exe
[2013.03.10 15:49:00 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Adminisztrátor\Asztal\OTL.exe
[2013.03.09 13:06:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Adminisztrátor\AppData
[2013.03.09 13:06:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Adminisztrátor\Application Data\searchresultstb
[2013.03.09 13:05:14 | 000,397,312 | ---- | C] (Koyote Soft) -- C:\WINDOWS\System32\TubeFinder.exe
[2013.03.09 13:05:12 | 001,081,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mscomctl.ocx
[2013.03.09 13:05:12 | 000,152,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\COMDLG32.OCX
[2013.03.09 13:05:12 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSCMCFR.DLL
[2013.03.09 13:05:12 | 000,119,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\VB6FR.DLL
[2013.03.09 13:05:12 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\VB6STKIT.DLL
[2013.03.09 13:05:12 | 000,084,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\PICCLP32.OCX
[2013.03.09 13:05:12 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\CMDLGFR.DLL
[2013.03.09 13:05:12 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\PCCLPFR.DLL
[2013.03.09 13:05:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Adminisztrátor\Application Data\FreeFLVConverter
[2013.03.09 13:05:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Adminisztrátor\Application Data\koyotesofttoolbarnew
[2013.03.09 13:05:07 | 000,000,000 | ---D | C] -- C:\Program Files\Searchqu Toolbar
[2013.03.09 13:04:34 | 000,000,000 | ---D | C] -- C:\Program Files\Free FLV Converter
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2024.03.21 13:44:18 | 000,246,272 | ---- | M] (Stirling Technologies, Inc.) -- C:\WINDOWS\UNINST16.EXE
[2013.03.10 15:52:53 | 004,732,416 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Adminisztrátor\Asztal\aswMBR.exe
[2013.03.10 15:52:15 | 002,237,968 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Adminisztrátor\Asztal\tdsskiller.exe
[2013.03.10 15:51:23 | 000,050,477 | ---- | M] () -- C:\Documents and Settings\Adminisztrátor\Asztal\Defogger.exe
[2013.03.10 15:49:01 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Adminisztrátor\Asztal\OTL.exe
[2013.03.10 15:08:02 | 000,000,360 | ---- | M] () -- C:\WINDOWS\tasks\HP Usg Daily.job
[2013.03.10 14:44:49 | 000,436,416 | ---- | M] () -- C:\WINDOWS\System32\perfh00E.dat
[2013.03.10 14:44:49 | 000,432,784 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013.03.10 14:44:49 | 000,094,520 | ---- | M] () -- C:\WINDOWS\System32\perfc00E.dat
[2013.03.10 14:44:49 | 000,067,740 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013.03.10 14:41:13 | 000,186,608 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2013.03.10 14:41:13 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job
[2013.03.10 14:40:32 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.03.10 14:39:12 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Asztal\ Malwarebytes Anti-Malware .lnk
[2013.03.09 13:13:40 | 151,918,313 | ---- | M] () -- C:\Documents and Settings\Adminisztrátor\Asztal\S1E04.mp4
[2013.03.08 13:04:29 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.02.16 03:26:14 | 000,136,464 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.02.16 03:03:58 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.03.10 15:51:23 | 000,050,477 | ---- | C] () -- C:\Documents and Settings\Adminisztrátor\Asztal\Defogger.exe
[2013.03.10 14:39:12 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Asztal\ Malwarebytes Anti-Malware .lnk
[2013.03.09 13:08:08 | 151,918,313 | ---- | C] () -- C:\Documents and Settings\Adminisztrátor\Asztal\S1E04.mp4
[2013.03.09 13:05:12 | 000,364,544 | ---- | C] () -- C:\WINDOWS\System32\PropertyGrid.ocx
[2013.03.09 13:05:12 | 000,208,500 | ---- | C] () -- C:\WINDOWS\System32\ReyXpBasics.tlb
[2013.03.09 13:05:12 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\ControlSubX.ocx
[2012.11.14 17:51:01 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012.02.23 14:04:39 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\CNMVS79.DLL
[2012.02.16 14:06:10 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011.08.06 17:07:43 | 000,005,504 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2011.08.03 14:07:36 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011.08.03 14:05:17 | 000,019,932 | ---- | C] () -- C:\WINDOWS\HPHins02.dat
[2011.08.03 14:05:17 | 000,004,308 | ---- | C] () -- C:\WINDOWS\hphmdl02.dat
[2011.08.03 14:05:07 | 000,136,464 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.08.03 13:52:03 | 000,009,255 | R--- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2011.08.03 13:10:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011.08.03 12:57:06 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\nvModes.dat
[2011.08.03 12:54:42 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2011.08.03 12:51:33 | 000,003,948 | R--- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin
[2011.08.03 12:51:01 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2011.08.03 12:50:46 | 000,029,750 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2011.08.03 12:50:46 | 000,010,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2011.08.03 12:22:08 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011.08.03 12:18:46 | 000,021,948 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
 
========== ZeroAccess Check ==========
 
[2011.08.06 17:00:55 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2012.12.27 11:31:39 | 001,510,400 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 11:54:16 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 17:02:04 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >
--- --- ---

Vielen Dank und Gruß

Grimreaper

Alt 10.03.2013, 23:01   #2
aharonov
/// TB-Ausbilder
 
2x | http://www.searchnu.com/413 von Chip.de. Klasse Magazin. Bietet infizierte Software zum Download an. - Standard

2x | http://www.searchnu.com/413 von Chip.de. Klasse Magazin. Bietet infizierte Software zum Download an.


Hier geht es weiter: http://www.trojaner-board.de/132043-...-download.html
__________________

__________________
 

Themen zu 2x | http://www.searchnu.com/413 von Chip.de. Klasse Magazin. Bietet infizierte Software zum Download an.
askbar, bandoo, biete, bietet, cdburnerxp, chip.de, converter, download, hallo zusammen, hoffe, infizierte, installiere, klasse, koyote, log, malwarebytes, mbam, mbam log, neu, passieren, plug-in, software, system, system neu, troja, trojaner, was soll ich machen, überhaupt, zusammen


« 2x|Groupon Virus eingefangen, Desktop gesperrt | 2x | blauer bildschirm, trojaner o. virus wie entferne ich dies? »


Ähnliche Themen: 2x | http://www.searchnu.com/413 von Chip.de. Klasse Magazin. Bietet infizierte Software zum Download an.


  1. http://www.searchnu.com/410 Mozilla Firefox
    Plagegeister aller Art und deren Bekämpfung - 04.07.2014 (10)
  2. Adware.Lollipop.D erkannt bei Download von Chip & Co.
    Plagegeister aller Art und deren Bekämpfung - 18.12.2013 (10)
  3. http://www.searchnu.com/413 von Chip.de. Klasse Magazin. Bietet infizierte Software zum Download an.
    Plagegeister aller Art und deren Bekämpfung - 11.03.2013 (9)
  4. http://www.searchnu.com/413 Trojaner
    Plagegeister aller Art und deren Bekämpfung - 08.03.2013 (20)
  5. searchnu.com /413 mit FLV Converter von Chip erhalten
    Plagegeister aller Art und deren Bekämpfung - 26.12.2012 (3)
  6. http://www.searchnu.com/406?tag=newtab als Startseite
    Log-Analyse und Auswertung - 13.12.2012 (15)
  7. http://www.searchnu.com/406 durch ilivid
    Plagegeister aller Art und deren Bekämpfung - 27.11.2012 (12)
  8. http://www.searchnu.com/413
    Plagegeister aller Art und deren Bekämpfung - 17.10.2012 (1)
  9. http://www.searchnu.com/410 - wie wegkriegen?
    Plagegeister aller Art und deren Bekämpfung - 06.09.2012 (1)
  10. Trojaner Searchnu - http://www.searchnu.com/413?tag=newtab
    Log-Analyse und Auswertung - 30.08.2012 (29)
  11. Trojaner http://www.searchnu.com/406
    Log-Analyse und Auswertung - 01.05.2012 (12)
  12. http://www.searchnu.com/410
    Log-Analyse und Auswertung - 24.04.2012 (7)
  13. Problem mit http://www.searchnu.com/413?tag=newtab
    Plagegeister aller Art und deren Bekämpfung - 20.04.2012 (1)
  14. Startseite http://www.searchnu.com/410
    Log-Analyse und Auswertung - 15.04.2012 (18)
  15. http://w w w. searchnu . com /413 Toolbar, Trojaner?
    Plagegeister aller Art und deren Bekämpfung - 11.04.2012 (2)
  16. http://www.searchnu.com/414 <Startseite
    Log-Analyse und Auswertung - 26.03.2012 (1)
  17. Adobe bietet nur noch vollständig gepatchte Reader-Version zum Download an
    Nachrichten - 14.07.2010 (0)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema 2x | http://www.searchnu.com/413 von Chip.de. Klasse Magazin. Bietet infizierte Software zum Download an. - Hallo zusammen, ich habe den hxxp://www.searchnu.com/413 Trojaner von Chip.de FLV Converter eingefangen. Bin stink sauer, was soll ich machen? Führe gerade Malwarebytes Vollscan durch. Wie kann so ein Misst überhaupt - 2x | http://www.searchnu.com/413 von Chip.de. Klasse Magazin. Bietet infizierte Software zum Download an....
Archiv
Du betrachtest: 2x | http://www.searchnu.com/413 von Chip.de. Klasse Magazin. Bietet infizierte Software zum Download an. auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130