![]() |
|
Log-Analyse und Auswertung: Trojaner generiert sich immer wieder neu im windows/temp ordnerWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
![]() | #1 |
| ![]() Trojaner generiert sich immer wieder neu im windows/temp ordner Hallo, ich bin von einem Trojaner befallen, den ich einfach nicht mehr abschütteln kann. Er generiert sich immer wieder mit neuem Namen im Temp ordner. Die typische Meldung hier: ![]() Logfile of HijackThis v1.99.1 Scan saved at 20:55:43, on 19.07.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0011) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\svchost.exe C:\Programme\AntiVir PersonalEdition Classic\sched.exe C:\Programme\AntiVir PersonalEdition Classic\avguard.exe C:\Programme\IVT Corporation\BlueSoleil\BTNtService.exe C:\Programme\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe C:\Programme\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe C:\Programme\CyberLink\Shared Files\CLML_NTService\CLMLService.exe C:\WINDOWS\System32\svchost.exe C:\Programme\CA\SharedComponents\CA_LIC\LogWatNT.exe C:\WINDOWS\system32\nvsvc32.exe C:\Programme\CyberLink\Shared Files\RichVideo.exe C:\WINDOWS\system32\svchost.exe C:\Programme\Gemeinsame Dateien\Softwin\BitDefender Communicator\xcommsvr.exe C:\Programme\CyberLink\PowerCinema\Kernel\TV\CLSched.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\Dit.exe C:\WINDOWS\AGRSMMSG.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Programme\Softwin\BitDefender9\bdoesrv.exe C:\progra~1\softwin\bitdef~1\bdnagent.exe C:\WINDOWS\System32\alg.exe C:\progra~1\softwin\bitdef~1\bdswitch.exe C:\Programme\Java\jre1.5.0_09\bin\jusched.exe C:\WINDOWS\system32\RunDll32.exe C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe C:\Programme\Microsoft IntelliPoint\point32.exe C:\WINDOWS\system32\rundll32.exe C:\Programme\CyberLink\PowerCinema\PCMService.exe C:\WINDOWS\system32\ctfmon.exe C:\Programme\Windows Media Player\WMPNSCFG.exe C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe C:\Programme\Mozilla Firefox\firefox.exe C:\Programme\Miranda IM\miranda32.exe C:\WINDOWS\system32\rundll32.exe C:\DOKUME~1\Mori\LOKALE~1\Temp\Rar$EX02.188\HijackThis.exe C:\Programme\Gemeinsame Dateien\Softwin\BitDefender Update Service\livesrv.exe C:\Programme\Gemeinsame Dateien\Softwin\BitDefender Scan Server\bdss.exe C:\Programme\Softwin\BitDefender9\vsserv.exe c:\progra~1\softwin\bitdef~1\bdmcon.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com//0seenus/saos01 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.5.0_09\bin\ssv.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programme\Canon\Easy-WebPrint\Toolband.dll O4 - HKLM\..\Run: [Dit] Dit.exe O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [CloneCDTray] "C:\Programme\SlySoft\CloneCD\CloneCDTray.exe" /s O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [BDMCon] c:\progra~1\softwin\bitdef~1\bdmcon.exe O4 - HKLM\..\Run: [BDOESRV] "C:\Programme\Softwin\BitDefender9\bdoesrv.exe" O4 - HKLM\..\Run: [BDNewsAgent] "c:\progra~1\softwin\bitdef~1\bdnagent.exe" O4 - HKLM\..\Run: [BDSwitchAgent] "c:\progra~1\softwin\bitdef~1\bdswitch.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre1.5.0_09\bin\jusched.exe" O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [CmUsbSound] RunDll32 cmcnfgu.cpl,CMICtrlWnd O4 - HKLM\..\Run: [avgnt] "C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [LogonStudio] "C:\Programme\WinCustomize\LogonStudio\logonstudio.exe" /RANDOM O4 - HKLM\..\Run: [IntelliPoint] "C:\Programme\Microsoft IntelliPoint\point32.exe" O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Programme\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [ALDI_SUED_FotoSuite_Download] "C:\Programme\ALDI Sued Foto Service\ALDI_Foto_Service\FotoSuite.exe" /autorun O4 - HKLM\..\Run: [PCMService] "C:\Programme\CyberLink\PowerCinema\PCMService.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\WMPNSCFG.exe O4 - Startup: Internet.lnk = ? O8 - Extra context menu item: Easy-WebPrint - Drucken - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O8 - Extra context menu item: Easy-WebPrint - Schnelldruck - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint - Vorschau - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O8 - Extra context menu item: Easy-WebPrint - Zu Druckliste hinzufügen - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: eBay - Homepage - {EF79EAC5-3452-4E02-B8BD-BA4C89F1AC7A} - C:\Programme\IrfanView\Ebay\Ebay.htm O9 - Extra button: MedionShop - {5CF0F1D2-1D22-499D-93A1-8126F28412F4} - http://www.medionshop.de/ (file missing) (HKCU) O11 - Options group: [INTERNATIONAL] International* O14 - IERESET.INF: START_PAGE_URL=http://www.aldi.com O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/12b59a1dbbc2c6658a05/netzip/RdxIE601_de.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1097566082250 O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.studivz.net/photouploader/ImageUploader4.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{F80DEE3A-1D76-42EF-95EC-84B770162BEE}: NameServer = 195.50.140.250 195.50.140.114 O18 - Protocol: bw+0 - {205BBAF1-680B-4E5D-8374-FAB7B0B43972} - (no file) O18 - Protocol: bw+0s - {205BBAF1-680B-4E5D-8374-FAB7B0B43972} - (no file) O18 - Protocol: bw-0 - {205BBAF1-680B-4E5D-8374-FAB7B0B43972} - (no file) O18 - Protocol: bw-0s - {205BBAF1-680B-4E5D-8374-FAB7B0B43972} - (no file) O18 - Protocol: bw00 - {205BBAF1-680B-4E5D-8374-FAB7B0B43972} - (no file) O18 - Protocol: bw00s - {205BBAF1-680B-4E5D-8374-FAB7B0B43972} - (no file) O18 - Protocol: bw10 - {205BBAF1-680B-4E5D-8374-FAB7B0B43972} - (no file) O18 - Protocol: bw10s - {205BBAF1-680B-4E5D-8374-FAB7B0B43972} - (no file) O18 - Protocol: bw20 - {205BBAF1-680B-4E5D-8374-FAB7B0B43972} - (no file) O18 - Protocol: bw20s - {205BBAF1-680B-4E5D-8374-FAB7B0B43972} - (no file) O18 - Protocol: bw30 - {205BBAF1-680B-4E5D-8374-FAB7B0B43972} - (no file) O18 - Protocol: bw30s - {205BBAF1-680B-4E5D-8374-FAB7B0B43972} - (no file) O18 - Protocol: bw40 - {205BBAF1-680B-4E5D-8374-FAB7B0B43972} - (no file) O18 - Protocol: bw40s - {205BBAF1-680B-4E5D-8374-FAB7B0B43972} - (no file) O18 - Protocol: bw50 - {205BBAF1-680B-4E5D-8374-FAB7B0B43972} - (no file) O18 - Protocol: bw50s - {205BBAF1-680B-4E5D-8374-FAB7B0B43972} - (no file) O18 - Protocol: bw60 - {205BBAF1-680B-4E5D-8374-FAB7B0B43972} - (no file) O18 - Protocol: bw60s - {205BBAF1-680B-4E5D-8374-FAB7B0B43972} - (no file) O18 - Protocol: bw70 - {205BBAF1-680B-4E5D-8374-FAB7B0B43972} - (no file) O18 - Protocol: bw70s - {205BBAF1-680B-4E5D-8374-FAB7B0B43972} - (no file) O18 - Protocol: bw80 - {205BBAF1-680B-4E5D-8374-FAB7B0B43972} - (no file) O18 - Protocol: bw80s - {205BBAF1-680B-4E5D-8374-FAB7B0B43972} - (no file) O18 - Protocol: bw90 - {205BBAF1-680B-4E5D-8374-FAB7B0B43972} - (no file) O18 - Protocol: bw90s - {205BBAF1-680B-4E5D-8374-FAB7B0B43972} - (no file) O18 - Protocol: bwa0 - {205BBAF1-680B-4E5D-8374-FAB7B0B43972} - (no file) O18 - Protocol: bwa0s - {205BBAF1-680B-4E5D-8374-FAB7B0B43972} - (no file) O18 - Protocol: bwb0 - {205BBAF1-680B-4E5D-8374-FAB7B0B43972} - (no file) O18 - Protocol: bwb0s - {205BBAF1-680B-4E5D-8374-FAB7B0B43972} - (no file) O18 - Protocol: bwc0 - {205BBAF1-680B-4E5D-8374-FAB7B0B43972} - (no file) O18 - Protocol: bwc0s - {205BBAF1-680B-4E5D-8374-FAB7B0B43972} - (no file) O18 - Protocol: bwd0 - {205BBAF1-680B-4E5D-8374-FAB7B0B43972} - (no file) O18 - Protocol: bwd0s - {205BBAF1-680B-4E5D-8374-FAB7B0B43972} - (no file) O18 - Protocol: bwe0 - {205BBAF1-680B-4E5D-8374-FAB7B0B43972} - (no file) O18 - Protocol: bwe0s - {205BBAF1-680B-4E5D-8374-FAB7B0B43972} - (no file) O18 - Protocol: bwf0 - {205BBAF1-680B-4E5D-8374-FAB7B0B43972} - (no file) O18 - Protocol: bwf0s - {205BBAF1-680B-4E5D-8374-FAB7B0B43972} - (no file) O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - (no file) O18 - Protocol: bwg0 - {205BBAF1-680B-4E5D-8374-FAB7B0B43972} - (no file) O18 - Protocol: bwg0s - {205BBAF1-680B-4E5D-8374-FAB7B0B43972} - (no file) O18 - Protocol: bwh0 - {205BBAF1-680B-4E5D-8374-FAB7B0B43972} - (no file) O18 - Protocol: bwh0s - {205BBAF1-680B-4E5D-8374-FAB7B0B43972} - (no file) O18 - Protocol: bwi0 - {205BBAF1-680B-4E5D-8374-FAB7B0B43972} - (no file) O18 - Protocol: bwi0s - {205BBAF1-680B-4E5D-8374-FAB7B0B43972} - (no file) O18 - Protocol: bwj0 - {205BBAF1-680B-4E5D-8374-FAB7B0B43972} - (no file) O18 - Protocol: bwj0s - {205BBAF1-680B-4E5D-8374-FAB7B0B43972} - (no file) O18 - Protocol: bwk0 - {205BBAF1-680B-4E5D-8374-FAB7B0B43972} - (no file) O18 - Protocol: bwk0s - {205BBAF1-680B-4E5D-8374-FAB7B0B43972} - (no file) O18 - Protocol: bwl0 - {205BBAF1-680B-4E5D-8374-FAB7B0B43972} - (no file) O18 - Protocol: bwl0s - {205BBAF1-680B-4E5D-8374-FAB7B0B43972} - (no file) O18 - Protocol: bwm0 - {205BBAF1-680B-4E5D-8374-FAB7B0B43972} - (no file) O18 - Protocol: bwm0s - {205BBAF1-680B-4E5D-8374-FAB7B0B43972} - (no file) O18 - Protocol: bwn0 - {205BBAF1-680B-4E5D-8374-FAB7B0B43972} - (no file) O18 - Protocol: bwn0s - {205BBAF1-680B-4E5D-8374-FAB7B0B43972} - (no file) O18 - Protocol: bwo0 - {205BBAF1-680B-4E5D-8374-FAB7B0B43972} - (no file) O18 - Protocol: bwo0s - {205BBAF1-680B-4E5D-8374-FAB7B0B43972} - (no file) O18 - Protocol: bwp0 - {205BBAF1-680B-4E5D-8374-FAB7B0B43972} - (no file) O18 - Protocol: bwp0s - {205BBAF1-680B-4E5D-8374-FAB7B0B43972} - (no file) O18 - Protocol: bwq0 - {205BBAF1-680B-4E5D-8374-FAB7B0B43972} - (no file) O18 - Protocol: bwq0s - {205BBAF1-680B-4E5D-8374-FAB7B0B43972} - (no file) O18 - Protocol: bwr0 - {205BBAF1-680B-4E5D-8374-FAB7B0B43972} - (no file) O18 - Protocol: bwr0s - {205BBAF1-680B-4E5D-8374-FAB7B0B43972} - (no file) O18 - Protocol: bws0 - {205BBAF1-680B-4E5D-8374-FAB7B0B43972} - (no file) O18 - Protocol: bws0s - {205BBAF1-680B-4E5D-8374-FAB7B0B43972} - (no file) O18 - Protocol: bwt0 - {205BBAF1-680B-4E5D-8374-FAB7B0B43972} - (no file) O18 - Protocol: bwt0s - {205BBAF1-680B-4E5D-8374-FAB7B0B43972} - (no file) O18 - Protocol: bwu0 - {205BBAF1-680B-4E5D-8374-FAB7B0B43972} - (no file) O18 - Protocol: bwu0s - {205BBAF1-680B-4E5D-8374-FAB7B0B43972} - (no file) O18 - Protocol: bwv0 - {205BBAF1-680B-4E5D-8374-FAB7B0B43972} - (no file) O18 - Protocol: bwv0s - {205BBAF1-680B-4E5D-8374-FAB7B0B43972} - (no file) O18 - Protocol: bww0 - {205BBAF1-680B-4E5D-8374-FAB7B0B43972} - (no file) O18 - Protocol: bww0s - {205BBAF1-680B-4E5D-8374-FAB7B0B43972} - (no file) O18 - Protocol: bwx0 - {205BBAF1-680B-4E5D-8374-FAB7B0B43972} - (no file) O18 - Protocol: bwx0s - {205BBAF1-680B-4E5D-8374-FAB7B0B43972} - (no file) O18 - Protocol: bwy0 - {205BBAF1-680B-4E5D-8374-FAB7B0B43972} - (no file) O18 - Protocol: bwy0s - {205BBAF1-680B-4E5D-8374-FAB7B0B43972} - (no file) O18 - Protocol: bwz0 - {205BBAF1-680B-4E5D-8374-FAB7B0B43972} - (no file) O18 - Protocol: bwz0s - {205BBAF1-680B-4E5D-8374-FAB7B0B43972} - (no file) O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: offline-8876480 - {205BBAF1-680B-4E5D-8374-FAB7B0B43972} - (no file) O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Adobe LM Service - Unknown owner - C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Programme\Gemeinsame Dateien\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing) O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Programme\IVT Corporation\BlueSoleil\BTNtService.exe O23 - Service: CA-Lizenz-Client (CA_LIC_CLNT) - Computer Associates - C:\Programme\CA\SharedComponents\CA_LIC\lic98rmt.exe O23 - Service: CA-Lizenzserver (CA_LIC_SRVR) - Computer Associates - C:\Programme\CA\SharedComponents\CA_LIC\lic98rmtd.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Programme\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Programme\CyberLink\PowerCinema\Kernel\TV\CLSched.exe O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Programme\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe O23 - Service: GEARSecurity - Unknown owner - C:\WINDOWS\SYSTEM32\GEARSEC.EXE (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Programme\Gemeinsame Dateien\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing) O23 - Service: Ereignisprotokoll-Überwachung (LogWatch) - Computer Associates - C:\Programme\CA\SharedComponents\CA_LIC\LogWatNT.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Programme\CyberLink\Shared Files\RichVideo.exe O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Programme\TuneUp Utilities 2006\WinStylerThemeSvc.exe O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Programme\Softwin\BitDefender9\vsserv.exe" /service (file missing) O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Programme\Gemeinsame Dateien\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing) Vielen Dank für jede Hilfe! |
Themen zu Trojaner generiert sich immer wieder neu im windows/temp ordner |
adobe, antivir, avira, bho, canon, computer, cyberlink, defender, desktop, downloader, ebay, excel, firefox, hijack, hijackthis, homepage, immer wieder, internet, internet explorer, mozilla, mozilla firefox, rundll, software, studio, system, trojaner, tuneup utilities, virus, windows, windows xp |