Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Trojaner bei Windows Vista extrem

Trojaner bei Windows Vista extrem


Plagegeister aller Art und deren Bekämpfung: Trojaner bei Windows Vista extrem

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 06.02.2008, 18:00   #1
uncleschulle
 
Trojaner bei Windows Vista extrem - Standard

Trojaner bei Windows Vista extrem


Hallo brauche dringend Hilfe dreh sonst noch durch weiß net mehr weiter. Habe schon alles Probiert und gegoogelt aber nichts für Vista gefunden.

Mein Problem ist wenn ich Windows Vista gestartet habe und die Arbeitsoberfläche da ist sagt er mir in einem Feld

Rundll
Fehler beim laden von
C:\User\MarcoS~1\AppData\Local\Temp\nnnlj.dll
zugriff verweigert


im Virenprogram zeigt er mir an

Virus: Trojan.Vundo.DUH
Pfad: C:\User\MarcoSchulze\AppData\Local\Temp\nnnlj.dll



Bekomme ihn nicht weg weder noch mit "TrojanHunter Scan", "SpywareDoctor", "Hijack This", "CClener",

wer kann mir da helfen????????????

Alt 06.02.2008, 18:07   #2
BataAlexander
> MalwareDB
 
Trojaner bei Windows Vista extrem - Standard

Trojaner bei Windows Vista extrem


Deinstalliere den TH / Spyware Doctor wieder.

Deckards System Scanner (DSS)

Hier gibt es das Tool -> dss.exe
* Schließe alle Anwendungen
* Doppelklicke dss.exe um das Programm zu starten
* Wenn der Scan abgeschlossen ist wird sich ein Notepad mit dem Inhalt der main.txt öffnen. Ein weiteres Logfile, die extra.txt liegt im Verzeichnis
c:\Deckard\SystemScanner\extra.txt
* Kopiere den Inhalt der beiden Logfiles in diesen Thread, bitte als [CODE]dazwischen müssen Deine Logs :)[/CODE].
* Drücke die "#" um diese Felder zu erzeugen.
Wichtig: Durchsuche die Log-Files nach persönlichen Informationen, wie z.B. deinen Realname, und editiere diese, bevor Du es postest.
* Alle Links im Log-File sollten wie folgt editiert werden -> z.B. h**p://meine-seite.de. Einfach, damit niemand auf die Idee kommt, auf die Links zu klicken.



Was Deckards System Scanner macht:
* Es Erstellt einen System Wiederherstellungspunkt
* es säubert die temporären Dateien, Downloaded Program Files, Internet Cache Dateien und es leert den Mülleimer auf allen Lauferken.
* es läd das Programm es führt das Programm HijackThis aus (ggf. läd es dies aus dem Internet nach) und führt einen Systemscan aus
* es prüft verschiedene Systemeinstellungen
__________________
Alt 06.02.2008, 19:05   #3
uncleschulle
 
Trojaner bei Windows Vista extrem - Standard

Trojaner bei Windows Vista extrem


Hi das geht nicht der will mir dann mitten drin "Hijack" oder sowas runterladen und wenn ich das zusage sagt er mir Fehler
__________________
__________________
Alt 06.02.2008, 19:12   #4
uncleschulle
 
Trojaner bei Windows Vista extrem - Standard

Trojaner bei Windows Vista extrem


Das hat er mir jetzt im Norepat angezeigt.


Habe mcaffee deinstalliert und alle trojaner programme und so


Deckard's System Scanner v20071014.68
Run by Marco Schulze on 2008-02-06 19:01:57
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- Last 5 Restore Point(s) --
11: 2008-02-06 17:49:00 UTC - RP255 - Windows Update
10: 2008-02-06 17:32:06 UTC - RP254 - Removed SweetIM For Internet Explorer 3.0b
9: 2008-02-06 17:30:45 UTC - RP253 - Removed Windows Media Player Firefox Plugin
8: 2008-02-06 17:24:36 UTC - RP252 - Microsoft Visual C++ 2005 Redistributable wird entfernt
7: 2008-02-06 17:22:32 UTC - RP251 - Entfernt PC Booster


-- First Restore Point --
1: 2008-02-04 18:37:10 UTC - RP241 - Windows Defender Checkpoint


Backed up registry hives.
Performed disk cleanup.



-- HijackThis Clone ------------------------------------------------------------


Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-02-06 19:04:08
Platform: Windows Vista (6.00.6000)
MSIE: Internet Explorer (7.00.6000.16386)
Boot mode: Normal

Running processes:
C:\Windows\System32\dwm.exe
C:\Windows\explorer.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Windows\System32\mobsync.exe
C:\Windows\System32\taskeng.exe
C:\Program Files\Alice\Signup\AliceCnn.exe
C:\Program Files\Pinnacle\TVCenter Pro\PMCLoader.exe
C:\Program Files\Pinnacle\Shared Files\Programs\PclePvr\VideoControl.exe
C:\Windows\System32\wuauclt.exe
C:\Program Files\Mozilla Firefox 3 Beta 1\firefox.exe
C:\Users\Marco Schulze\Downloads\eMule\dss.exe
C:\Windows\System32\conime.exe
C:\Windows\System32\SearchFilterHost.exe

F0 - win.ini: load=C:\Users\MARCOS~1\AppData\Local\Temp\nnnlj.exe
F3 - REG:win.ini: Load=C:\Windows\system32\userinit.exe,
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {DA70FF16-1272-4BCC-9964-D660F14A7371} - C:\Users\Marco Schulze\AppData\Local\Temp\nnnlj.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [cmds] rundll32.exe C:\Users\MARCOS~1\AppData\Local\Temp\nnnlj.dll,c
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} () - http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
O17 - HKLM\SYSTEM\CCS\Services\Tcpip\..\{A97622B7-9E52-4E6E-BCE6-C19061FD1960}: NameServer = 62.109.123.196 213.191.74.18
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll
O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\microsoft shared\Information Retrieval\MSITSS.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll
O18 - Protocol: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\microsoft shared\Web Components\10\OWC10.DLL
O18 - Protocol: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\microsoft shared\Web Components\11\OWC11.DLL
O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\EmProxy\emproxy.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender S.R.L. - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - Unknown owner - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Services (mcmscsvc) - Unknown owner - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - Unknown owner - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\RedirSvc\RedirSvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - Unknown owner - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - Unknown owner - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: Nero BackItUp Scheduler 3 - Unknown owner - C:\Program Files\Nero\Nero8\Nero
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\System32\PnkBstrA.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe


--
End of file - 5500 bytes

-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R2 SVKP - \??\c:\windows\system32\svkp.sys
R3 BDSelfPr - \??\c:\program files\bitdefender\bitdefender 2008\bdselfpr.sys


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

S2 mcmscsvc (McAfee Services) - c:\progra~1\mcafee\msc\mcmscsvc.exe (file missing)
S2 mcpromgr (McAfee Protection Manager) - c:\progra~1\mcafee\msc\mcpromgr.exe (file missing)
S2 McShield (McAfee Real-time Scanner) - c:\progra~1\mcafee\viruss~1\mcshield.exe (file missing)
S2 McSysmon (McAfee SystemGuards) - c:\progra~1\mcafee\viruss~1\mcsysmon.exe (file missing)
S3 mcmispupdmgr (McAfee Update Manager) - c:\progra~1\mcafee\msc\mcupdmgr.exe (file missing)
S4 Nero BackItUp Scheduler 3 - c:\program files\nero\nero8\nero backitup\nbservice.exe


-- Device Manager: Disabled ----------------------------------------------------

Class GUID:
Description: Bluetooth Peripheral Device
Device ID: BTHENUM\{00000002-0000-1000-8000-0002EE000002}_LOCALMFG&000A\7&2557CC07&0&001CD46E391C_C00000001
Manufacturer:
Name: Bluetooth Peripheral Device
PNP Device ID: BTHENUM\{00000002-0000-1000-8000-0002EE000002}_LOCALMFG&000A\7&2557CC07&0&001CD46E391C_C00000001
Service:

Class GUID:
Description: Bluetooth Peripheral Device
Device ID: BTHENUM\{0000111B-0000-1000-8000-00805F9B34FB}_LOCALMFG&000A\7&2557CC07&0&001CD46E391C_C00000001
Manufacturer:
Name: Bluetooth Peripheral Device
PNP Device ID: BTHENUM\{0000111B-0000-1000-8000-00805F9B34FB}_LOCALMFG&000A\7&2557CC07&0&001CD46E391C_C00000001
Service:

Class GUID:
Description: Bluetooth Peripheral Device
Device ID: BTHENUM\{00005005-0000-1000-8000-0002EE000001}_LOCALMFG&000A\7&2557CC07&0&001CD46E391C_C00000001
Manufacturer:
Name: Bluetooth Peripheral Device
PNP Device ID: BTHENUM\{00005005-0000-1000-8000-0002EE000001}_LOCALMFG&000A\7&2557CC07&0&001CD46E391C_C00000001
Service:

Class GUID:
Description: Bluetooth Peripheral Device
Device ID: BTHENUM\{00005601-0000-1000-8000-0002EE000001}_LOCALMFG&000A\7&2557CC07&0&001CD46E391C_C00000001
Manufacturer:
Name: Bluetooth Peripheral Device
PNP Device ID: BTHENUM\{00005601-0000-1000-8000-0002EE000001}_LOCALMFG&000A\7&2557CC07&0&001CD46E391C_C00000001
Service:


-- Scheduled Tasks -------------------------------------------------------------

2008-02-06 18:56:00 270 --a------ C:\Windows\Tasks\Auf Updates für Windows Live Toolbar prüfen.job
2008-02-01 17:44:24 406 --a------ C:\Windows\Tasks\1-Klick-Wartung.job


-- Files created between 2008-01-06 and 2008-02-06 -----------------------------

2008-02-06 12:47:40 81984 --a------ C:\Windows\system32\bdod.bin
2008-02-06 12:41:46 0 d-------- C:\Users\All Users\BitDefender
2008-02-06 12:41:46 0 d-------- C:\Program Files\BitDefender
2008-02-06 12:40:03 0 d-------- C:\Program Files\Common Files\BitDefender
2008-02-06 09:44:19 39 --a------ C:\MUI00
2008-02-06 09:44:13 3508 --a------ C:\Start_.cmd
2008-02-06 09:44:12 0 d-------- C:\327882R2FWJFW
2008-02-05 23:06:02 0 d-------- C:\Program Files\Trend Micro
2008-02-05 19:12:15 0 d-------- C:\Program Files\TrojanHunter 5.0
2008-02-04 19:07:22 0 d-------- C:\Program Files\ICQ6
2008-02-02 02:07:55 0 d-------- C:\Program Files\Secured eMule
2008-02-02 01:47:37 0 dr------- C:\Users\Public\Application Data\syskontroller
2008-02-02 01:47:32 0 dr------- C:\Users\Public\Application Data
2008-02-02 01:47:32 0 dr------- C:\Users\Public\Application Data\SalesMon
2008-01-31 20:24:46 0 d-------- C:\Program Files\inKline Global
2008-01-31 20:05:29 0 d-------- C:\Program Files\MSN Messenger
2008-01-30 23:06:33 0 d-------- C:\Program Files\Stardock
2008-01-28 21:58:21 0 d-------- C:\Program Files\ICQToolbar
2008-01-27 10:58:25 0 d-------- C:\Program Files\Napoleon's Campaigns
2008-01-26 06:20:37 0 d-------- C:\Windows\system32\Logs
2008-01-22 17:14:44 0 d-------- C:\Users\All Users\HotbarSA
2008-01-20 14:03:55 0 d-------- C:\Program Files\Trojan Remover
2008-01-18 14:17:23 0 d-------- C:\Program Files\PANZERS - Phase1
2008-01-17 09:03:34 0 d-a------ C:\Users\All Users\TEMP
2008-01-16 22:25:47 0 d-------- C:\VundoFix Backups
2008-01-16 22:08:32 0 d-------- C:\Program Files\PrevxCSI
2008-01-16 22:03:41 0 d-------- C:\Users\All Users\Prevx
2008-01-16 14:17:15 0 d-------- C:\Program Files\Microsoft Silverlight
2008-01-15 08:13:40 0 d-------- C:\Program Files\AWS
2008-01-13 19:26:13 0 d-------- C:\Program Files\ICQLite
2008-01-13 12:51:55 0 d-------- C:\Program Files\Valve
2008-01-11 19:25:38 0 d-------- C:\Program Files\TuneUp Utilities 2008
2008-01-11 18:30:49 0 d-------- C:\Program Files\Buhl
2008-01-09 20:09:18 2368 --a------ C:\Windows\system32\SVKP.sys <Not Verified; AntiCracking; SVKP driver for NT>
2008-01-09 15:28:48 0 d-------- C:\MFT 92
2008-01-09 13:17:41 0 d-------- C:\Program Files\Fox
2008-01-09 13:17:20 21840 --a------ C:\Windows\system32\SIntfNT.dll
2008-01-09 13:17:20 17212 --a------ C:\Windows\system32\SIntf32.dll
2008-01-09 13:17:20 12067 --a------ C:\Windows\system32\SIntf16.dll
2008-01-09 13:10:04 0 d-------- C:\Program Files\GameSpy Arcade
2008-01-08 22:37:13 0 d-------- C:\Users\All Users\Yahoo!
2008-01-08 22:34:26 0 d-------- C:\Program Files\Yahoo!
2008-01-06 18:33:00 0 d-------- C:\Program Files\Smart Projects


-- Find3M Report ---------------------------------------------------------------

2008-02-06 18:49:52 0 d-------- C:\Program Files\Windows Live Toolbar
2008-02-06 18:41:27 836 --a------ C:\Windows\bthservsdp.dat
2008-02-06 18:26:44 0 d-------- C:\Program Files\VideoLAN
2008-02-06 12:43:35 0 d-------- C:\Users\-----------\AppData\Roaming\BitDefender
2008-02-06 12:40:03 0 d-------- C:\Program Files\Common Files
2008-02-06 09:30:05 0 d-------- C:\Program Files\McAfee
2008-02-06 09:08:39 0 d-------- C:\Program Files\Mozilla Firefox 3 Beta 1
2008-02-05 23:50:14 0 d-------- C:\Users\-----------\AppData\Roaming\Skype
2008-02-05 23:08:08 0 d-------- C:\Program Files\IE7pro
2008-02-05 20:21:35 0 d-------- C:\Users\-------------\AppData\Roaming\TrojanHunter
2008-02-05 18:31:39 0 d-------- C:\Users\-----------\AppData\Roaming\skypePM
2008-02-04 19:10:06 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-02-02 18:31:35 651112 --a------ C:\Windows\system32\perfh007.dat
2008-02-02 18:31:35 120908 --a------ C:\Windows\system32\perfc007.dat
2008-01-31 19:08:48 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-01-31 19:01:04 2560 --a------ C:\Windows\_MSRSTRT.EXE
2008-01-29 09:19:30 0 d-------- C:\Program Files\DOOM 3
2008-01-25 21:45:30 0 d-------- C:\Program Files\Free Download Manager
2008-01-22 17:14:48 0 d-------- C:\Users\--------------\AppData\Roaming\WeatherDPA
2008-01-22 17:10:43 0 d-------- C:\Program Files\Macrogaming
2008-01-18 17:59:16 0 d-------- C:\Program Files\Electronic Arts
2008-01-16 22:11:42 0 d-------- C:\Users\--------------\AppData\Roaming\PrevxCSI
2008-01-16 18:37:32 0 d-------- C:\Program Files\Google
2008-01-13 17:10:10 0 d-------- C:\Program Files\Netdevil
2008-01-13 16:00:23 0 d-------- C:\Users\-------------\AppData\Roaming\GMX
2008-01-11 07:54:23 0 d-------- C:\Program Files\DivX
2008-01-10 20:17:46 0 d-------- C:\Users\-------------\AppData\Roaming\Yahoo!
2008-01-09 10:44:36 0 d-------- C:\Program Files\Windows Mail
2008-01-09 10:44:33 0 d-------- C:\Program Files\Windows Sidebar
2008-01-08 15:26:09 0 d-------- C:\Users\----------\AppData\Roaming\IE7pro
2008-01-05 22:11:36 0 d-------- C:\Program Files\Java
2008-01-05 22:09:21 0 d-------- C:\Program Files\Common Files\Java
2008-01-04 22:58:50 3596288 --a------ C:\Windows\system32\qt-dx331.dll
2008-01-04 22:57:22 196608 --a------ C:\Windows\system32\dtu100.dll <Not Verified; DivX, Inc.; DivX, Inc. dtu100>
2008-01-04 22:57:22 81920 --a------ C:\Windows\system32\dpl100.dll <Not Verified; DivX, Inc.; DivX, Inc. dpl100>
2008-01-04 22:57:12 823296 --a------ C:\Windows\system32\divx_xx07.dll <Not Verified; DivX, Inc.; DivX®>
2008-01-04 22:57:10 802816 --a------ C:\Windows\system32\divx_xx11.dll <Not Verified; DivX, Inc.; DivX?>
2008-01-04 22:57:10 823296 --a------ C:\Windows\system32\divx_xx0c.dll <Not Verified; DivX, Inc.; DivX®>
2008-01-04 22:57:10 682496 --a------ C:\Windows\system32\DivX.dll <Not Verified; DivX, Inc.; DivX®>
2008-01-04 22:56:24 12288 --a------ C:\Windows\system32\DivXWMPExtType.dll
2008-01-04 20:13:52 0 d-------- C:\Program Files\Wings Of Fury
2008-01-03 20:41:06 0 d-------- C:\Program Files\Common Files\InstallShield
2008-01-03 19:42:20 0 d-------- C:\Program Files\Norman
2008-01-03 19:19:53 0 d-------- C:\Program Files\Common Files\McAfee
2008-01-03 16:07:27 0 d-------- C:\Program Files\bhv
2008-01-03 15:23:59 0 d-------- C:\Program Files\Alice
2008-01-03 10:09:02 0 d-------- C:\Users\-----------\AppData\Roaming\ICQ Toolbar
2008-01-02 08:57:51 0 d-------- C:\Program Files\Online_TV
2008-01-02 08:57:51 0 d-------- C:\Program Files\AskTBar
2008-01-02 08:24:04 0 d-------- C:\Program Files\Microsoft Works
2007-12-31 18:01:10 0 d-------- C:\Program Files\Pinnacle
2007-12-31 17:20:11 0 d-------- C:\Program Files\Common Files\MSSoap
2007-12-30 18:49:41 0 d-------- C:\Users\-----------\AppData\Roaming\Nero
2007-12-30 18:48:00 0 d-------- C:\Program Files\Common Files\Nero
2007-12-30 18:43:35 0 d-------- C:\Program Files\Nero
2007-12-30 09:11:27 0 d-------- C:\Users\------------\AppData\Roaming\Talkback
2007-12-30 09:11:02 0 --a------ C:\Windows\nsreg.dat
2007-12-30 09:11:00 0 d-------- C:\Users\--------------\AppData\Roaming\Mozilla
2007-12-29 11:31:36 0 d-------- C:\Program Files\Microsoft.NET
2007-12-20 19:05:41 0 dr-h----- C:\Users\-----------\AppData\Roaming\SecuROM
2007-12-20 18:57:40 669184 --a------ C:\Windows\system32\pbsvc.exe
2007-12-17 08:58:33 0 d-------- C:\Program Files\AlienGUIse
2007-12-17 08:38:29 0 d-------- C:\Program Files\Winter Fun Pack 2004 for Windows XP
2007-12-17 08:38:09 0 d-------- C:\Program Files\Microsoft
2007-12-16 10:57:38 0 d-------- C:\Users\----------\AppData\Roaming\DivX
2007-12-16 10:11:00 0 d-------- C:\Users\---------\AppData\Roaming\WinRAR
2007-12-15 14:26:24 0 d-------- C:\Program Files\Xvid
2007-12-15 12:53:26 0 d-------- C:\Program Files\MP4 Video Player
2007-12-14 09:47:29 0 d-------- C:\Program Files\Spring
2007-12-14 09:06:38 0 d-------- C:\Program Files\GameSpy
2007-12-14 09:01:49 0 d-------- C:\Program Files\AGEIA Technologies
2007-12-12 13:16:45 0 d-------- C:\Users\---------\AppData\Roaming\eMule
2007-12-12 13:16:45 0 d-------- C:\Program Files\eMule
2007-12-12 09:56:40 0 d-------- C:\Users\---------\AppData\Roaming\AdobeUM
2007-12-12 09:56:02 0 d-------- C:\Users\---------\AppData\Roaming\Adobe
2007-12-11 03:06:55 0 d-------- C:\Program Files\Windows Calendar
2007-12-10 17:22:02 0 d-------- C:\Users\--------------\AppData\Roaming\TuneUp Software
2007-12-10 14:41:48 0 d-------- C:\Users\--------------\AppData\Roaming\Google
2007-12-10 13:07:34 0 d-------- C:\Program Files\Common Files\PX Storage Engine
2007-12-10 12:22:54 174 --ahs---- C:\Program Files\desktop.ini
2007-12-10 12:18:51 0 d-------- C:\Program Files\Windows Defender
2007-12-10 11:52:17 0 d-------- C:\Program Files\Activision
2007-12-10 11:12:36 0 d-------- C:\Program Files\PC Camera
2007-12-10 11:00:02 0 d-------- C:\Program Files\Skype
2007-12-10 10:59:50 0 d-------- C:\Program Files\Common Files\Skype
2007-12-10 10:55:03 0 d-------- C:\Program Files\MSXML 4.0
2007-12-10 10:47:51 0 d-------- C:\Users\---------\AppData\Roaming\Macromedia
2007-12-10 10:43:30 0 d--hs--c- C:\Program Files\Common Files\WindowsLiveInstaller
2007-12-10 10:13:24 0 d-------- C:\Program Files\Common Files\Alice
2007-12-09 18:11:23 0 d-------- C:\Users\-----------\AppData\Roaming\Identities
2007-12-09 18:09:09 0 d-------- C:\Program Files\Windows NT
2007-12-09 18:09:09 0 d--hs---- C:\Program Files\Gemeinsame Dateien
2007-11-27 16:46:24 77824 --a------ C:\Windows\system32\xcomm.dll <Not Verified; BitDefender; BitDefender Communicator>
2007-11-12 10:56:19 0 -rahs---- C:\MSDOS.SYS
2007-11-12 10:56:19 0 -rahs---- C:\IO.SYS


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{DA70FF16-1272-4BCC-9964-D660F14A7371}]
31.12.2007 01:01 344576 --------- C:\Users\---------\AppData\Local\Temp\nnnlj.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BitDefender Antiphishing Helper"="C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe" [09.10.2007 15:46]
"BDAgent"="C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe" [16.11.2007 16:37]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [19.01.2007 12:55]
"cmds"="C:\Users\---------\AppData\Local\Temp\nnnlj.dll,c" []
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [28.01.2008 11:43]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"=2 (0x2)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 C:\Users\MARCOS~1\AppData\Local\Temp\nnnlj

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
@="IEEE 1394 Bus host controllers"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
@="SBP2 IEEE 1394 Devices"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
@="SecurityDevices"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalSystemNetworkRestricted hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc EMDMgmt TabletInputService wlansvc WPDBusEnum
bthsvcs BthServ
bdx scan

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp


[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
C:\Windows\system32\unregmp2.exe /ShowWMP

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
%SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI



-- Hosts -----------------------------------------------------------------------

127.0.0.1 babe.the-killer.bz
127.0.0.1 www.babe.the-killer.bz
127.0.0.1 babe.k-lined.com
127.0.0.1 www.babe.k-lined.com
127.0.0.1 did.i-used.cc
127.0.0.1 www.did.i-used.cc
127.0.0.1 coolwwwsearch.com
127.0.0.1 www.coolwwwsearch.com
127.0.0.1 coolwebsearch.com
127.0.0.1 www.coolwebsearch.com

2313 more entries in hosts file.


-- End of Deckard's System Scanner: finished at 2008-02-06 19:05:56 ------------
__________________
No pain no Gain

Alt 06.02.2008, 19:22   #5
uncleschulle
 
Trojaner bei Windows Vista extrem - Standard

Trojaner bei Windows Vista extrem


Das hat er mir bei Extra.txt angezeigt


Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft® Windows Vista™ Home Premium (build 6000)
Architecture: X86; Language: German

CPU 0: Intel(R) Core(TM)2 Duo CPU E4500 @ 2.20GHz
Percentage of Memory in Use: 47%
Physical Memory (total/avail): 2046.63 MiB / 1075.4 MiB
Pagefile Memory (total/avail): 4330.48 MiB / 3144.48 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1889.89 MiB

C: is Fixed (NTFS) - 320.7 GiB total, 196.01 GiB free.
D: is Fixed (FAT32) - 14.63 GiB total, 4.94 GiB free.
E: is CDROM (No Media)
F: is Fixed (NTFS) - 19 GiB total, 1.52 GiB free.
G: is Removable (No Media)
H: is Removable (No Media)
I: is Removable (No Media)

\\.\PHYSICALDRIVE0 - Maxtor 52049U4 ATA Device - 19.01 GiB - 1 partition
\PARTITION0 (bootable) - Installierbares Dateisystem - 19 GiB - F:

\\.\PHYSICALDRIVE1 - ST3360320AS ATA Device - 335.35 GiB - 2 partitions
\PARTITION0 (bootable) - Installierbares Dateisystem - 320.7 GiB - C:
\PARTITION1 - Erweitert mit Int 13 (erweitert) - 14.65 GiB - D:

\\.\PHYSICALDRIVE2 - Generic Flash HS-CF USB Device

\\.\PHYSICALDRIVE3 - Generic Flash HS-MS/SD USB Device

\\.\PHYSICALDRIVE4 - Generic Flash HS-SM USB Device



-- Security Center -------------------------------------------------------------

AUOptions is set to notify before download.
Windows Internal Firewall is enabled.

FW: Bitdefender Firewall v8.0 (BitDefender)
AV: Bitdefender Antivirus v8.0 (BitDefender)
AV: McAfee VirusScan v (McAfee)
AS: BitDefender Antispyware v8.0 (BitDefender)
AS: McAfee VirusScan v (McAfee)
AS: Avira AntiVir PersonalEdition v 7.0.2.100
(Avira GmbH)
AS: Spybot - Search and Destroy v1.0.0.5 (Safer Networking Ltd.)
AS: Windows-Defender v1.1.1505.0 (Microsoft Corporation) Disabled

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\ProgramData
APPDATA=C:\Users\Marco Schulze\AppData\Roaming
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=MARCOSCHULZE-PC
ComSpec=C:\Windows\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Users\Marco Schulze
LOCALAPPDATA=C:\Users\Marco Schulze\AppData\Local
LOGONSERVER=\\MARCOSCHULZE-PC
NpmLib=C:\Program Files\Norman\Npm\Bin
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Program Files\Smart Projects\IsoBuster;C:\Program Files\Norman\Npm\Bin
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 15 Stepping 13, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0f0d
ProgramData=C:\ProgramData
ProgramFiles=C:\Program Files
PROMPT=$P$G
PUBLIC=C:\Users\Public
SystemDrive=C:
SystemRoot=C:\Windows
TEMP=C:\Users\M-----~1\AppData\Local\Temp
TMP=C:\Users\M-----~1\AppData\Local\Temp
USERDOMAIN=M-------PC
USERNAME=Ma-
USERPROFILE=C:\Users\Ma-
windir=C:\Windows


-- User Profiles ---------------------------------------------------------------

--------


-- Add/Remove Programs ---------------------------------------------------------

--> C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
--> C:\Program Files\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL
--> C:\Windows\UNNeroBackItUp.exe /UNINSTALL
--> C:\Windows\UNNeroMediaHome.exe /UNINSTALL
--> C:\Windows\UNNeroShowTime.exe /UNINSTALL
--> C:\Windows\UNNeroVision.exe /UNINSTALL
--> C:\Windows\UNRecode.exe /UNINSTALL
--> MsiExec /X{95FC26FB-19FD-4A96-BBB1-B1062E8648F5}
Adobe Flash Player 9 ActiveX --> C:\Windows\system32\Macromed\Flash\UninstFl.exe -q
Adobe Flash Player ActiveX --> C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin --> C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 6.0 - Deutsch --> MsiExec.exe /I{AC76BA86-7AD7-1031-7B44-000000000001}
AGEIA PhysX v7.11.13 --> MsiExec.exe /X{95FC26FB-19FD-4A96-BBB1-B1062E8648F5}
Alice-Installationsdateien entfernen --> C:\Program Files\Common Files\Alice\uninst.exe
Atheros Communications Inc.(R) L2 Fast Ethernet Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0A755762-EED8-47AB-A446-505766F93D43}\setup.exe" -l0x9 -removeonly
Battlefield 2142 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{ED50ECE9-EC54-4C05-B5ED-EE4741A9F2EC}\setup.exe" -l0x7 -removeonly
BitDefender Total Security 2008 --> MsiExec.exe /I{F4F09997-F426-4019-B29B-6F1FE74852AC}
Call of Duty(R) 4 - Modern Warfare(TM) --> C:\Program Files\InstallShield Installation Information\{E48469CC-635E-4FD5-A122-1497C286D217}\setup.exe -runfromtemp -l0x0407
Crysis(R) --> MsiExec.exe /I{000E79B7-E725-4F01-870A-C12942B7F8E4}
DivX Codec --> C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Content Uploader --> C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
DivX Converter --> C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player --> C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Doom 3 --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{EEFB15EB-FE8B-47DF-A496-1C4D1420294A}
eMedia --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5D11659E-A95B-42A5-9585-C2999CF119EF}\setup.exe" -l0x9
eMule --> "C:\Program Files\eMule\Uninstall.exe"
GameSpy Arcade --> C:\PROGRA~1\GAMESP~1\UNWISE.EXE C:\PROGRA~1\GAMESP~1\INSTALL.LOG
IE7pro --> "C:\Program Files\IE7pro\unins000.exe"
IsoBuster 2.0 --> "C:\Program Files\Smart Projects\IsoBuster\Uninst\unins000.exe"
Java(TM) 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Macrogaming SweetIM 2.1 --> MsiExec.exe /X{502358FB-0718-45BC-B142-7511F1694D58}
Microsoft .NET Framework 1.1 --> msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1 --> MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1 Hotfix (KB929729) --> "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\M929729\M929729Uninstall.msp"
Microsoft Office Professional Edition 2003 --> MsiExec.exe /I{90110407-6000-11D3-8CFE-0150048383C9}
Microsoft Silverlight --> MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Mozilla Firefox (3.0b2) --> C:\Program Files\Mozilla Firefox 3 Beta 1\uninstall\helper.exe
MSXML 4.0 SP2 (KB936181) --> MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833) --> MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
MSXML 4.0 SP2 Parser and SDK --> MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
Nero 8 --> MsiExec.exe /X{8AEA4BE2-2B52-41C0-BB7D-9F2D17AF1031}
neroxml --> MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NVIDIA Drivers --> C:\Windows\system32\NVUNINST.EXE UninstallGUI
Pinnacle TVCenter Pro --> "C:\Program Files\InstallShield Installation Information\{F38ADCA4-AF7C-4C73-9021-6F1EA15D15EA}\Setup.exe"UNINSTALL /l0x0007
PunkBuster Services --> C:\Windows\system32\pbsvc.exe -u
Skype™ 3.6 --> MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
Spybot - Search & Destroy --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
TuneUp Utilities 2008 --> MsiExec.exe /I{5888428E-699C-4E71-BF71-94EE06B497DA}
VCRedistSetup --> MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
Windows Live Messenger --> MsiExec.exe /I{279DB581-239C-4E13-97F8-0F48E40BE75C}
Windows Live Sign-in Assistant --> MsiExec.exe /I{49672EC2-171B-47B4-8CE7-50D7806360D7}
Windows Live Toolbar --> "C:\Program Files\Windows Live Toolbar\UnInstall.exe" {28E151E2-A495-4C41-A94C-D3682E10F57E}
Windows Live Toolbar --> MsiExec.exe /X{28E151E2-A495-4C41-A94C-D3682E10F57E}
Wings Of Fury --> "C:\Program Files\Wings Of Fury\uninstall.exe"
WinRAR --> C:\Program Files\WinRAR\uninstall.exe
Xvid 1.1.3 final uninstall --> "C:\Program Files\Xvid\unins000.exe"


-- Application Event Log -------------------------------------------------------

Event Record #/Type12155 / Error
Event Submitted/Written: 02/06/2008 06:49:45 PM
Event ID/Source: 10005 / MsiInstaller
Event Description:
Produkt: Windows Live Toolbar -- Bei der Installation dieses Pakets ist ein unerwarteter Fehler aufgetreten. Es liegt eventuell ein das Paket betreffendes Problem vor. Der Fehlercode ist 2738. Argumente: , ,

Event Record #/Type12148 / Success
Event Submitted/Written: 02/06/2008 06:45:28 PM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.

Event Record #/Type12137 / Success
Event Submitted/Written: 02/06/2008 06:43:23 PM
Event ID/Source: 5617 / WinMgmt
Event Description:


Event Record #/Type12136 / Success
Event Submitted/Written: 02/06/2008 06:43:22 PM
Event ID/Source: 5615 / WinMgmt
Event Description:


Event Record #/Type12133 / Success
Event Submitted/Written: 02/06/2008 06:42:37 PM
Event ID/Source: 902 / Software Licensing Service
Event Description:
Der Softwarelizenzierungsdienst wurde gestartet.



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type54299 / Error
Event Submitted/Written: 02/06/2008 06:49:57 PM
Event ID/Source: 20 / Microsoft-Windows-WindowsUpdateClient
Event Description:
0x80070643Update für Windows Live Toolbar (KB944786){B9BDCA02-ADA4-4B12-B270-3C0FF549402F}102

Event Record #/Type54242 / Error
Event Submitted/Written: 02/06/2008 06:43:24 PM
Event ID/Source: 7000 / Service Control Manager
Event Description:
McAfee SystemGuards%%2

Event Record #/Type54241 / Error
Event Submitted/Written: 02/06/2008 06:43:24 PM
Event ID/Source: 7000 / Service Control Manager
Event Description:
McAfee Real-time Scanner%%2

Event Record #/Type54237 / Error
Event Submitted/Written: 02/06/2008 06:43:24 PM
Event ID/Source: 7000 / Service Control Manager
Event Description:
McAfee Protection Manager%%3

Event Record #/Type54231 / Error
Event Submitted/Written: 02/06/2008 06:43:24 PM
Event ID/Source: 7000 / Service Control Manager
Event Description:
McAfee Services%%3



-- End of Deckard's System Scanner: finished at 2008-02-06 19:05:56 ------------

__________________
No pain no Gain

Alt 06.02.2008, 20:53   #6
BataAlexander
> MalwareDB
 
Trojaner bei Windows Vista extrem - Standard

Trojaner bei Windows Vista extrem


Combofix

- Download ComboFix von hier oder hier auf Deinen Desktop.
- Deaktivere den Guard Deines Antivirenprogramms und eine eventuell vorhandene Software Firewall.
- Mache einen Doppelklick auf combofix.exe
- Wenn combofix fertig ist, legt es ein Logfile an. Poste dieses Logfile und ein neues HJT Logfile als nächste Antwort
Achtung: Während Combofix läuft klicke nichts an, und benutze den Rechner nicht.

Antwort

Themen zu Trojaner bei Windows Vista extrem
?????, appdata, brauche, dringend, extrem, gestartet, helfen, hijack, hijack this, hunter, laden, local, local\temp, nichts, probiert, problem, program, scan, temp, this, troja, trojaner, trojanhunter, virenprogram, vista, windows, windows vista


« McAfee Rootkit Detective 1.1 findet verstekte Einträge | Kaspersky müllt Festplatte zu »


Ähnliche Themen: Trojaner bei Windows Vista extrem


  1. Windows XP: Internet-Leistung extrem verlangsamt nach Trojaner-Befall?
    Log-Analyse und Auswertung - 18.11.2015 (10)
  2. Windows Vista: Laptop extrem langsam und ständig die Meldung "Wenig Speicherplatz"
    Log-Analyse und Auswertung - 02.07.2015 (46)
  3. Windows Vista: Internet und System ( Lappi ) zeitweise extrem langsam
    Log-Analyse und Auswertung - 27.10.2014 (11)
  4. Alter Vista Laptop ist extrem Langsam geworden
    Plagegeister aller Art und deren Bekämpfung - 17.10.2014 (3)
  5. Vista: teilweise extrem langsam, Malwarebytes findet immer wieder Bedrohungen
    Log-Analyse und Auswertung - 27.03.2014 (17)
  6. Windows 8: 32bit. Trojaner/Virenproblem, extrem langsam, Dropbox aktualisiert ständig.
    Plagegeister aller Art und deren Bekämpfung - 24.11.2013 (9)
  7. Win Vista 32bit - Extrem langsam, Verdacht auf Adware/Scareware/Viren
    Plagegeister aller Art und deren Bekämpfung - 03.11.2013 (15)
  8. GVU/Trojaner Windows Vista
    Plagegeister aller Art und deren Bekämpfung - 09.05.2013 (5)
  9. Laptop mit Vista extrem langsam
    Alles rund um Windows - 22.03.2013 (5)
  10. Infiziert mit Windows-Verschlüsselungs Trojaner -Mail mit Telefonrechnung - windows vista
    Plagegeister aller Art und deren Bekämpfung - 06.05.2012 (12)
  11. Windows Vista Home Premium 32-Bit Trojaner Windows gesperrt 50€ zahlen.
    Log-Analyse und Auswertung - 23.01.2012 (1)
  12. Windows 7 extrem langsam, auto-neustart bei abgesichterten Modus, womöglich Trojaner
    Log-Analyse und Auswertung - 03.04.2011 (1)
  13. Vista nach einigen Minuten extrem lahm
    Plagegeister aller Art und deren Bekämpfung - 10.09.2009 (6)
  14. Pc extrem langsam (Vista)
    Plagegeister aller Art und deren Bekämpfung - 07.11.2008 (0)
  15. Hilfe Trojaner. Windows extrem langsam. 100%CPU Auslastung
    Log-Analyse und Auswertung - 05.08.2008 (1)
  16. Windows XP extrem langsam evt. Trojaner???
    Log-Analyse und Auswertung - 21.06.2008 (3)
  17. Dateien löschen/umbennen extrem langsam unter Vista!
    Alles rund um Windows - 07.09.2007 (3)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Trojaner bei Windows Vista extrem - Hallo brauche dringend Hilfe dreh sonst noch durch weiß net mehr weiter. Habe schon alles Probiert und gegoogelt aber nichts für Vista gefunden. Mein Problem ist wenn ich Windows Vista - Trojaner bei Windows Vista extrem...
Archiv
Du betrachtest: Trojaner bei Windows Vista extrem auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55