was ist das Trojanische Pferd TR/Dldr.VB.dey?

marleo · 13.07.2008, 13:15

Hallo !

Mein Antivir Programm meldet mir immer das Trojanische Pferd TR/Dldr.VB.dey:

C:\System Volume Information\_restore{99802502-E435-45C9-ABE1-D5D46CA10E44}\RP535\A0186454.exe
[FUND] Ist das Trojanische Pferd TR/Dldr.VB.dey

Beim googlen dieses Problems bekomme ich keine Hinweise. Wirkliche Probleme mit meinem Rechner habe ich nicht, aber das kann ja trotzdem nicht gut sein oder?
Habt ihr eine Idee wie ich das wieder los werde? Ich habe Windows XP und habe auch eigentlich so gut wie alle Programme zur Reinigung des Rechners ausprobiert, wie z.B. washandgo, spybot, ccleaner, fixware etc.

Vielen Dank schon mal!!

Und hier einmal das HijackThis log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:41:25, on 13/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Sygate\SPF\smc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\AntiVir PersonalEdition Classic\sched.exe
C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
C:\Programme\FRITZ!DSL\IGDCTRL.EXE
C:\Programme\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Programme\Cisco Systems\VPN Client\cvpnd.exe
C:\Programme\Gemeinsame Dateien\MicroWorld\Agent\MWASER.EXE
C:\Programme\Gemeinsame Dateien\MicroWorld\Agent\MWAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Programme\Apoint2K\Apoint.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Programme\TOSHIBA\E-KEY\CeEKey.exe
C:\Programme\TOSHIBA\TouchPad\TPTray.exe
C:\Programme\TOSHIBA\Accessibility\FnKeyHook.exe
C:\WINDOWS\system32\ZoomingHook.exe
C:\WINDOWS\system32\TCtrlIOHook.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Programme\TOSHIBA\Tvs\TvsTray.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Programme\Apoint2K\Apntex.exe
C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe
C:\Programme\TOSHIBA\Touch and Launch\PadExe.exe
C:\Programme\TOSHIBA\ConfigFree\NDSTray.exe
C:\Programme\TOSHIBA\TOSHIBA Controls\TFncKy.exe
C:\Programme\TOSHIBA\ConfigFree\CFSServ.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\Programme\TuneUp Utilities 2007\MemOptimizer.exe
C:\Programme\Microsoft ActiveSync\wcescomm.exe
C:\Programme\FRITZ!DSL\FwebProt.exe
C:\Programme\FRITZ!DSL\StCenter.exe
C:\PROGRA~1\MICROS~3\rapimgr.exe
C:\Programme\TOSHIBA\ConfigFree\CFXFER.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programme\Mozilla Firefox\firefox.exe
c:\programme\antivir personaledition classic\avcenter.exe
C:\WINDOWS\system32\notepad.exe
C:\Programme\Trend Micro\HijackThis\HijackThis.exe

R3 - URLSearchHook: Yahoo! Toolbar mit Pop-Up-Blocker - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Asz.Citavi.IEAddon.IEPickerButton - {609D670F-B735-4da7-AC6D-F3BD358E325E} - C:\WINDOWS\system32\mscoree.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Yahoo! Toolbar mit Pop-Up-Blocker - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Programme\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O4 - HKLM\..\Run: [Apoint] C:\Programme\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [CeEKEY] C:\Programme\TOSHIBA\E-KEY\CeEKey.exe
O4 - HKLM\..\Run: [TPNF] C:\Programme\TOSHIBA\TouchPad\TPTray.exe
O4 - HKLM\..\Run: [TOSHIBA Accessibility] C:\Programme\TOSHIBA\Accessibility\FnKeyHook.exe
O4 - HKLM\..\Run: [SVPWUTIL] "C:\Programme\Toshiba\Windows Utilities\SVPWUTIL.exe" SVPwUTIL
O4 - HKLM\..\Run: [Zooming] ZoomingHook.exe
O4 - HKLM\..\Run: [TCtryIOHook] TCtrlIOHook.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [Tvs] C:\Programme\TOSHIBA\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [SmcService] "C:\PROGRA~1\Sygate\SPF\smc.exe" -startgui
O4 - HKLM\..\Run: [avgnt] "C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [HWSetup] "C:\Programme\TOSHIBA\TOSHIBA Applet\HWSetup.exe" hwSetUP
O4 - HKLM\..\Run: [PadTouch] "C:\Programme\TOSHIBA\Touch and Launch\PadExe.exe"
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [CFSServ.exe] CFSServ.exe -NoClient
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TOSCDSPD] C:\Programme\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Programme\TuneUp Utilities 2007\MemOptimizer.exe" autostart
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Programme\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [updateMgr] "C:\Programme\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKCU\..\RunOnce: [Shockwave Updater] "C:\WINDOWS\system32\Adobe\SHOCKW~1\SWHELP~1.E XE" -Update -1100429 -Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:1.8.1.15) Gecko/20080623 Firefox/2.0.0.15
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: FRITZ!DSL Protect.lnk = C:\Programme\FRITZ!DSL\FwebProt.exe
O4 - Startup: FRITZ!DSL Startcenter.lnk = C:\Programme\FRITZ!DSL\StCenter.exe
O8 - Extra context menu item: &Citavi Picker... - file://C:\Programme\Internet Explorer\PLUGINS\Citavi Picker\ShowContextMenu.html
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Mobilen Favoriten erstellen... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: Citavi Picker - {619D670F-B735-4da7-AC6D-F3BD358E325E} - C:\WINDOWS\system32\mscoree.dll
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe (file missing)
O9 - Extra button: eBay - {670C5F66-0866-4DD7-8A3F-1EDE62C2E8BB} - C:\Programme\Internet Explorer\Signup\ToshibaGotoEbay.exe (file missing) (HKCU)
O17 - HKLM\System\CCS\Services\Tcpip\..\{AE11FA69-D128-4C74-A773-C90986404273}: NameServer = 192.168.122.252,192.168.122.253
O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVM IGD CTRL Service - AVM Berlin - C:\Programme\FRITZ!DSL\IGDCTRL.EXE
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Programme\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Programme\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: AVM FRITZ!web Routing Service (de_serv) - AVM Berlin - C:\Programme\Gemeinsame Dateien\AVM\de_serv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: MWAgent - MicroWorld Technologies Inc. - C:\Programme\Gemeinsame Dateien\MicroWorld\Agent\MWASER.EXE
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Programme\Sygate\SPF\smc.exe

--
End of file - 8923 bytes

trojan-death · 13.07.2008, 13:29

Hi und

Das Logfile sieht gut aus

Deaktiviere mal deine Systemsteuerung
Lass Malwarebytes laufen, lass alles löschen was er findet und poste das Log.
Bitte fixe noch mit HijackThis folgende Einträge:
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe (file missing)

marleo · 13.07.2008, 14:21

Vielen Dank schon mal!! Malwarebytes läuft grad und braucht scheinbar relativ lange. Ich melde mich zurück sobald es durch ist! Vielen Dank!!

marleo · 13.07.2008, 16:53

So ich bin zurück...
Ich habe jetzt auch nochmal escan laufen lassen und der gibt mir folgende warnung:

Datei C:\Dokumente und Einstellungen\XXX\Desktop\vlc-0.8.6e-win32.exe infiziert durch den Virus "NULL.Corrupted"! Maßnahme ergriffen: Keine Maßnahme ergriffen.

Das scheint aber ein ganz anderes Problem zu sein oder?

Leider kann ich den ganzen log von Malwarebytes gar nicht anzeigen, also hier erstmal der erste Teil:

Malwarebytes' Anti-Malware 1.20
Datenbank Version: 944
Windows 5.1.2600 Service Pack 2

17:37:14 13/07/2008
mbam-log-7-13-2008 (17-37-13).txt

Scan Art: Komplett Scan (C:\|)
Objekte gescannt: 104439
Scan Dauer: 48 minute(s), 5 second(s)

Infizierte Speicher Prozesse: 0
Infizierte Speicher Module: 0
Infizierte Registrierungsschlüssel: 27
Infizierte Registrierungswerte: 0
Infizierte Datei Objekte der Registrierung: 0
Infizierte Verzeichnisse: 33
Infizierte Dateien: 823

Infizierte Speicher Prozesse:
(Keine Malware Objekte gefunden)

Infizierte Speicher Module:
(Keine Malware Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_CLASSES_ROOT\CLSID\{e282c728-189d-419e-8ee2-1601f4b39ba5} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{168dc258-1455-4e61-8590-9dac2f27b675} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1a8642f1-dc80-4edc-a39d-0fb62a58b455} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3f91eb90-ef62-44ee-a685-fac29af111cd} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{5c29c7e4-5321-4cad-be2e-877666bed5df} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{83dfb6ee-ab18-41b5-86d4-b544a141d67e} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{88d6cf0e-cf70-4c24-bf6e-e4e414bc649c} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8f6a82a2-d7b1-443e-bb9f-f7dc887dd618} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9856e2d8-ffb2-4fe5-8cad-d5ad6a35a804} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a3d06987-c35e-49e4-8fe2-ac67b9fbfb4c} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a58c497b-3ee2-45e7-9594-daca6be2a0d0} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ad0a3058-fd49-4f98-a514-fd055201835e} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ad5915ea-b61a-4dba-b5c8-ef4b2df0a3c7} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{af2e62b6-f9e1-4d4f-a10a-9dc8e6dcbcc0} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{bb187c0d-6f53-4f3e-9590-98fd3a7364a2} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c5041fd9-4819-4dc4-b20e-c950b5b03d2a} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d17726cc-d4dd-4c4a-9671-471d56e413b5} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{db8cce99-59c6-4552-8bfc-058feb38d6ce} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{dc3a04ee-cdd7-4407-915c-a5502f97eecd} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e1a63484-a022-4d42-830a-fbd411514440} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\videoegg.activexloader (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\videoegg.activexloader.1 (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videoegg.com/publisher,version=0.2.0 (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videoegg.com/updater,version=0.2.0 (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Trymedia Systems (Adware.Trymedia) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\The Weather Channel (Adware.Hotbar) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
(Keine Malware Objekte gefunden)

Infizierte Datei Objekte der Registrierung:
(Keine Malware Objekte gefunden)

Infizierte Verzeichnisse:
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329 (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124 (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03 (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817 (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\messages (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\3461 (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\3461\resources (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\3461\resources\gid329 (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\3461\resources\gid329\cid1124 (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02 (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo02\images (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo03 (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\3461\resources\gid329\cid1124\bebo03\images (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\3461\resources\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\3461\resources\VideoEgg\images (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\3461\resources\VideoEgg\messages (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\4458 (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\4458\resources (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\4458\resources\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\4458\resources\VideoEgg\images (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\4458\resources\VideoEgg\messages (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Updater (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Updater\2663 (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Updater\4458 (Adware.VideoEgg) -> Quarantined and deleted successfully.

Vielen Dank!!

marleo · 13.07.2008, 16:55

Hier der zweite Teil:

Infizierte Dateien:
C:\Programme\VideoEgg\Loader\2663\npvideoegg-loader.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\WINDOWS\diabunin.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\VideoEgg\user.dat (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\report.log (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\aol_watermark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\audio_combo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\audio_source.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\bebo_tv_watermark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\bebo_tv_watermark_1.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\big_gray_logo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\big_logo_cropped.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\blank_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\button_browse_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\button_browse_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\button_browse_up.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\camcorders_title.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\camcorder_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\camcorder_slide copy.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\camcorder_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\corners_bottom_left.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\corners_bottom_left_curve.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\corners_bottom_right.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\corners_top_right.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\done.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\done_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\done_capture_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\done_capture_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\done_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\done_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\dropshadow_bottom_left.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\dropshadow_horiz.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\dropshadow_vertical.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\dropzone.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\dv_fast_forward.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\dv_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\dv_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\dv_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\dv_stop.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\email_instructions.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\email_sent.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\email_sent_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\email_sent_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\eraser.CUR (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\eraser_cursor.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\file_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\file_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\help.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\icon_camcorders.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\icon_ff.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\icon_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\icon_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\icon_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\icon_stop.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\icon_webcams.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\loading.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\loading_movie.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\locating.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\logo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\logo_bottom.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\logo_middle.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\logo_top.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\mobile_btn_highlighted copy.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\mobile_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\mobile_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\mobile_slide_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\movie_placeholder.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\ok.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\ok_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\ok_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\player_fast_forward.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\player_fast_forward_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\player_fill.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\player_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\player_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\player_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\player_rewind_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\player_rewind_to_start.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\playhead.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\powered_by.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\progress.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\refresh_list_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\refresh_list_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\refresh_list_up.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\skin.ver (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\skin.zip (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\start_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\start_capture_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\start_capture_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\start_capture_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\start_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\start_over_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\start_slider.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\stop_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\stop_capture_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\stop_capture_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\stop_capture_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\stop_slider.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\tab_slide_deselected.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\tape_control.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

marleo · 13.07.2008, 16:57

Hier der dritte Teil:

C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\title.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\upload.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\uploading.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\uploading_fill.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\uploading_high.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\uploading_low.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\uploading_medium.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\uploading_thumbnail.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\upload_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\upload_from.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\upload_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\videoegg-large.ico (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\videoegg-small.ico (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\videoegg.ico (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\volume_gray.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\volume_green.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\volume_high.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\volume_low.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\volume_orange.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\volume_red.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\volume_slider.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\waiting_for_email.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\webcams_title.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\webcam_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Data\Resources\gid329\cid1124\bebo03\images\webcam_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\publisher.ver (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\avcodec.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\crashRpt.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\FLVEncoder.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\lame_enc.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\LevelMeter.ax (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\libcurlve.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\libpng.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\npvideoegg-publisher.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\remoteblacklist (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\report.log (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\VideoEgg_FLVWriter.ax (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\zlib.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\aol_watermark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\audio_combo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\audio_source.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\big_gray_logo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\big_logo_cropped.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\blank_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\button_browse_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\button_browse_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\button_browse_up.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\camcorders_title.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\camcorder_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\camcorder_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\corners_bottom_left.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\corners_bottom_left_curve.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\corners_bottom_right.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\corners_top_right.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\done.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\done_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\done_capture_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\done_capture_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\done_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\done_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\dropshadow_bottom_left.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\dropshadow_horiz.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\dropshadow_vertical.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\dropzone.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\dv_fast_forward.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\dv_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\dv_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\dv_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\dv_stop.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\email_instructions.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\email_sent.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\email_sent_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\email_sent_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\eraser.CUR (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\eraser_cursor.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\file_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\file_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\help.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\icon_camcorder.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\icon_camcorders.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\icon_camcorder_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\icon_camcorder_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\icon_ff.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\icon_file_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\icon_file_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\icon_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\icon_phone_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\icon_phone_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\icon_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\icon_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\icon_stop.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\icon_webcam.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\icon_webcams.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\icon_webcam_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\icon_webcam_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\loading.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\loading_movie.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\locating.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\logo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\logo_bottom.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\logo_middle.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\logo_top.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\mobile_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\mobile_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\mobile_slide_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\movie_placeholder.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\ok.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\ok_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\ok_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\player_fast_forward.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\player_fast_forward_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\player_fill.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\player_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\player_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\player_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\player_rewind_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\player_rewind_to_start.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\playhead.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\powered_by.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\progress.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\refresh_list_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\refresh_list_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\refresh_list_up.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\restart.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\restart_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\start_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\start_capture_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\start_capture_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\start_capture_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\start_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\start_over_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\start_slider.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\stop_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\stop_capture_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg\Publisher\2817\resources\VideoEgg\images\stop_capture_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

marleo · 13.07.2008, 17:00

so im Grunde geht das alles genauso weiter... muss ich mir Sorgen machen über die große Anzahl von Fehlern? Es scheint ja immer nur der Video Egg publisher Probleme zu machen..

marleo · 13.07.2008, 17:02

Und jetzt habe ich aus Versehen nochmal den escanner laufen lassen und da hat er folgendes gefunden:

Datei C:\Dokumente und Einstellungen\XXX\Desktop\vlc-0.8.6e-win32.exe infiziert durch den Virus "NULL.Corrupted"! Maßnahme ergriffen: Keine Maßnahme ergriffen.
Datei C:\WINDOWS\system32\taskkill.exe infiziert durch den Virus "NULL.Corrupted"! Maßnahme ergriffen: Keine Maßnahme ergriffen.

trojan-death · 13.07.2008, 17:03

Hol dir The Avenger (Signatur) starte es und gib im weissen Feld folgenden Text ein:

Zitat:

folders to delete:
C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg

files to delete:
C:\WINDOWS\system32\taskkill.exe
C:\Dokumente und Einstellungen\XXX\Desktop\vlc-0.8.6e-win32.exe

drücke Execute und poste das Log

(Schliesse vor dem verwenden von The Avenger alle Programme und lass direkt nach dem ausführen Neustarten)

marleo · 13.07.2008, 17:38

Alles klar!

Hier folgt das log:

Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com

Platform: Windows XP

*******************

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

Rootkit scan active.
No rootkits found!

Error: could not open folder "C:\Dokumente und Einstellungen\XXX\Anwendungsdateien\VideoEgg"
Deletion of folder "C:\Dokumente und Einstellungen\XXX\Anwendungsdateien\VideoEgg" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist

File "C:\Windows\system32\taskkill.exe" deleted successfully.
File "C:\Dokumente und Einstellungen\XXX\Desktop\vlc-0.8.6e-win32.exe" deleted successfully.

Completed script processing.

*******************

Finished! Terminate.

trojan-death · 13.07.2008, 21:24

Ok gut

Kannst du bitte mal nachschauen, ob der Ordner C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg vorhanden ist.

Bitte starte nochmals The Avenger und gib nun folgenden text ein:

Zitat:

files to delete:
C:\System Volume Information\_restore{99802502-E435-45C9-ABE1-D5D46CA10E44}\RP535\A0186454.exe

Lass nun SmitfraudFix (Link mit Anleitung ist in meiner Signatur) laufen und poste dann das Log

Bitte auch ein Log mit RunScanner erstellen und posten!
Dann bitte auch ein frisches HijackThis Logfile posten

marleo · 14.07.2008, 19:39

Hallo!!
Also C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\VideoEgg ist nicht vorhanden.

Ich bekomme jetzt wieder mehrere Hinweise von Antivir auf das Trojanische Pferd:

In der Datei 'C:\Dokumente und Einstellungen\XXX\setup.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Dldr.VB.dey' [trojan] gefunden.
Ausgeführte Aktion: Datei in Quarantäne verschieben

Und hier folgt jetzt das log von smitfraudfix:

SmitFraudFix v2.329

Scan done at 19:37:18.67, 14/07/2008
Run from C:\Dokumente und Einstellungen\XXX\Desktop\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
The filesystem type is NTFS
Fix run in safe mode

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Killing process

»»»»»»»»»»»»»»»»»»»»»»»» hosts

127.0.0.1 localhost

»»»»»»»»»»»»»»»»»»»»»»»» VACFix

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix

S!Ri's WS2Fix: LSP not Found.

»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files

»»»»»»»»»»»»»»»»»»»»»»»» IEDFix

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» 404Fix

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» DNS

HKLM\SYSTEM\CCS\Services\Tcpip\..\{72024A2F-47DE-41FD-82A5-AB12F3796815}: DhcpNameServer=129.70.240.53 129.70.182.24
HKLM\SYSTEM\CCS\Services\Tcpip\..\{AE11FA69-D128-4C74-A773-C90986404273}: NameServer=192.168.122.252,192.168.122.253
HKLM\SYSTEM\CS1\Services\Tcpip\..\{72024A2F-47DE-41FD-82A5-AB12F3796815}: DhcpNameServer=129.70.240.53 129.70.182.24
HKLM\SYSTEM\CS1\Services\Tcpip\..\{AE11FA69-D128-4C74-A773-C90986404273}: NameServer=192.168.122.252,192.168.122.253
HKLM\SYSTEM\CS2\Services\Tcpip\..\{72024A2F-47DE-41FD-82A5-AB12F3796815}: DhcpNameServer=129.70.240.53 129.70.182.24
HKLM\SYSTEM\CS2\Services\Tcpip\..\{AE11FA69-D128-4C74-A773-C90986404273}: NameServer=192.168.122.252,192.168.122.253
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=129.70.240.53 129.70.182.24
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=129.70.240.53 129.70.182.24
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=129.70.240.53 129.70.182.24

»»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files

»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""

»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning

Registry Cleaning done.

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler After SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Reboot

C:\WINDOWS\system32\systems.txt Please, Reboot and Run SmitfraudFix option 2 once again.

»»»»»»»»»»»»»»»»»»»»»»»» End

marleo · 14.07.2008, 19:41

Und hier das runscan log:

Code:

ATTFilter

Runscanner logfile http://www.runscanner.net 

* = signed file
- = file not found

000 General info
----------------
Computer name : XXX
Creation time : 14/07/2008 20:29:31
Hosts <> 127.0.0.1 : 0
Hosts file location : %SystemRoot%\System32\drivers\etc
IE version : 6.0.2900.2180
OS : Microsoft Windows XP
OS Build : 2600
OS SP : Service Pack 2
RunScanner Version : 1.6.3.0
User Language : Deutsch (Deutschland)
User rights : Administrator
Windows folder : C:\WINDOWS

001 Running processes
---------------------
* c:\programme\microsoft activesync\wcescomm.exe (Microsoft Corporation)
* c:\progra~1\micros~3\rapimgr.exe (Microsoft Corporation)
* c:\programme\apoint2k\apoint.exe (Alps Electric Co., Ltd.)
* c:\programme\apoint2k\apntex.exe (Alps Electric Co., Ltd.)
c:\programme\antivir personaledition classic\avguard.exe (Avira GmbH)
c:\programme\antivir personaledition classic\sched.exe (Avira GmbH)
c:\programme\antivir personaledition classic\avgnt.exe (Avira GmbH)
* c:\windows\system32\services.exe (Microsoft Corporation)
c:\program files\ati technologies\ati control panel\atiptaxx.exe (ATI Technologies, Inc.)
* c:\windows\system32\ati2evxx.exe (ATI Technologies Inc.)
* c:\windows\system32\ati2evxx.exe (ATI Technologies Inc.)
c:\programme\fritz!dsl\igdctrl.exe (AVM Berlin)
c:\programme\toshiba\toscdspd\toscdspd.exe (TOSHIBA)
* c:\programme\cisco systems\vpn client\cvpnd.exe (Cisco Systems, Inc.)
* c:\programme\cisco systems\vpn client\vpngui.exe (Cisco Systems, Inc.)
* c:\windows\system32\csrss.exe (Microsoft Corporation)
c:\programme\toshiba\configfree\cfxfer.exe (TOSHIBA CORPORATION)
c:\programme\toshiba\configfree\cfsserv.exe (TOSHIBA CORPORATION)
c:\programme\toshiba\configfree\ndstray.exe (TOSHIBA CORPORATION)
* c:\windows\system32\ctfmon.exe (Microsoft Corporation)
* c:\programme\mozilla firefox\firefox.exe (Mozilla Corporation)
c:\programme\fritz!dsl\fwebprot.exe (AVM Berlin)
c:\programme\fritz!dsl\stcenter.exe (AVM Berlin)
* c:\windows\system32\svchost.exe (Microsoft Corporation)
* c:\windows\system32\svchost.exe (Microsoft Corporation)
* c:\windows\system32\svchost.exe (Microsoft Corporation)
* c:\windows\system32\svchost.exe (Microsoft Corporation)
* c:\windows\system32\svchost.exe (Microsoft Corporation)
* c:\windows\system32\svchost.exe (Microsoft Corporation)
* c:\windows\system32\svchost.exe (Microsoft Corporation)
* c:\windows\system32\lsass.exe (Microsoft Corporation)
c:\programme\gemeinsame dateien\microworld\agent\mwagent.exe (MicroWorld Technologies Inc.)
c:\programme\gemeinsame dateien\microworld\agent\mwaser.exe (MicroWorld Technologies Inc.)
c:\programme\toshiba\touch and launch\padexe.exe (TOSHIBA)
* c:\dokumente und einstellungen\XXX\lokale einstellungen\temp\runscanner.exe (Runscanner.net)
c:\programme\toshiba\configfree\cfsvcs.exe (TOSHIBA CORPORATION)
c:\windows\agrsmmsg.exe (Agere Systems)
* c:\windows\system32\spoolsv.exe (Microsoft Corporation)
* c:\programme\sygate\spf\smc.exe (Sygate Technologies, Inc.)
c:\programme\toshiba\toshiba controls\tfncky.exe (TOSHIBA Corporation)
c:\programme\toshiba\accessibility\fnkeyhook.exe (TOSHIBA)
c:\windows\system32\tctrliohook.exe (TOSHIBA)
c:\programme\toshiba\e-key\ceekey.exe (COMPAL ELECTRONIC INC.)
c:\programme\toshiba\tvs\tvstray.exe (TOSHIBA Corporation)
c:\windows\system32\tpsbattm.exe (TOSHIBA Corporation)
c:\windows\system32\tpsmain.exe (TOSHIBA Corporation)
c:\programme\toshiba\touchpad\tptray.exe (COMPAL ELECTRONIC INC.)
* c:\programme\tuneup utilities 2007\memoptimizer.exe (TuneUp Software GmbH)
* c:\windows\explorer.exe (Microsoft Corporation)
* c:\windows\system32\winlogon.exe (Microsoft Corporation)
* c:\windows\system32\smss.exe (Microsoft Corporation)
* c:\windows\system32\wscntfy.exe (Microsoft Corporation)
* c:\windows\system32\wuauclt.exe (Microsoft Corporation)
c:\progra~1\winzip\winzip32.exe (WinZip Computing, Inc.)
c:\windows\system32\zoominghook.exe (TOSHIBA)

002 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run (+subkeys)
-----------------------------------------------------------------
C:\WINDOWS\agrsmmsg.exe (Agere Systems)
c:\program files\ati technologies\ati control panel\atiptaxx.exe (ATI Technologies, Inc.)
c:\programme\antivir personaledition classic\avgnt.exe (Avira GmbH)
c:\programme\toshiba\e-key\ceekey.exe (COMPAL ELECTRONIC INC.)
- cfsserv.exe
c:\programme\toshiba\toshiba applet\hwsetup.exe (TOSHIBA CO.,LTD.)
- ndstray.exe
c:\programme\toshiba\touch and launch\padexe.exe (TOSHIBA)
c:\programme\quicktime\qttask.exe (Apple Inc.)
* c:\progra~1\sygate\spf\smc.exe (Sygate Technologies, Inc.)
c:\programme\toshiba\windows utilities\svpwutil.exe (TOSHIBA)
C:\WINDOWS\system32\tctrliohook.exe (TOSHIBA)
- tfncky.exe
c:\programme\toshiba\accessibility\fnkeyhook.exe (TOSHIBA)
c:\programme\toshiba\touchpad\tptray.exe (COMPAL ELECTRONIC INC.)
C:\WINDOWS\system32\tpsmain.exe (TOSHIBA Corporation)
c:\programme\toshiba\tvs\tvstray.exe (TOSHIBA Corporation)
C:\WINDOWS\system32\zoominghook.exe (TOSHIBA)

003 HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run (+subkeys)
-----------------------------------------------------------------
c:\programme\toshiba\toscdspd\toscdspd.exe (TOSHIBA)
* c:\programme\tuneup utilities 2007\memoptimizer.exe (TuneUp Software GmbH)

004 C:\Dokumente und Einstellungen\XXX\Startmenü\Programme\Autostart
-------------------------------------------------------------------------------
c:\progra~1\fritz!~3\fwebprot.exe (AVM Berlin)
c:\progra~1\fritz!~3\stcenter.exe (AVM Berlin)

010 HKLM\SYSTEM\CurrentControlSet\Services (Services)
-----------------------------------------------------
c:\programme\antivir personaledition classic\avguard.exe (AntiVir PersonalEdition Classic Guard)
c:\programme\antivir personaledition classic\sched.exe (AntiVir PersonalEdition Classic Planer)
c:\programme\gemeinsame dateien\avm\de_serv.exe (AVM FRITZ!web Routing Service)
c:\programme\fritz!dsl\igdctrl.exe (AVM IGD CTRL Service)
* c:\programme\cisco systems\vpn client\cvpnd.exe (Cisco Systems, Inc. VPN Service)
c:\programme\toshiba\configfree\cfsvcs.exe (ConfigFree Service)
c:\programme\gemeinsame dateien\installshield\driver\11\intel 32\idrivert.exe (InstallDriver Table Manager)
c:\programme\gemeinsame dateien\microworld\agent\mwaser.exe (MWAgent)
* c:\programme\sygate\spf\smc.exe (Sygate Personal Firewall)

011 HKLM\SYSTEM\CurrentControlSet\Services (drivers)
----------------------------------------------------
* C:\WINDOWS\system32\drivers\avgntdd.sys (avgntdd)
* C:\WINDOWS\system32\drivers\avgntmgr.sys (avgntmgr)
* C:\WINDOWS\system32\drivers\avipbb.sys (avipbb)
C:\WINDOWS\system32\drivers\netfwdsl.sys (AVM FRITZ!web DSL PPP)
C:\WINDOWS\system32\drivers\netdsl.sys (AVM PPP over Ethernet)
- c:\windows\system32\drivers\changer.sys (Changer)
c:\windows\system32\drivers\cvpndrva.sys (Cisco Systems IPsec Driver)
C:\WINDOWS\system32\drivers\tpwsav.sys (Common Driver)
- c:\windows\system32\drivers\i2omgmt.sys (i2omgmt)
C:\WINDOWS\system32\drivers\imagedrv.sys (Imagedrv)
- c:\windows\system32\drivers\lbrtfdc.sys (lbrtfdc)
- c:\windows\system32\drivers\pcidump.sys (PCIDump)
- c:\windows\system32\drivers\pdcomp.sys (PDCOMP)
- c:\windows\system32\drivers\pdframe.sys (PDFRAME)
- c:\windows\system32\drivers\pdreli.sys (PDRELI)
- c:\windows\system32\drivers\pdrframe.sys (PDRFRAME)
C:\WINDOWS\system32\drivers\sdcplh.sys (sdcplh)
C:\WINDOWS\system32\drivers\ekiomngr.sys (SrvcEKIOMngr)
C:\WINDOWS\system32\drivers\ssiomngr.sys (SrvcSSIOMngr)
C:\WINDOWS\system32\drivers\ssmdrv.sys (ssmdrv)
c:\windows\system32\drivers\wg3n.sys (SyGate for NT, wg3n)
C:\WINDOWS\system32\drivers\teefer.sys (Teefer for NT)
C:\WINDOWS\system32\drivers\epiomngr.sys (TOSHIBA Controls Driver -EPIOMngr)
C:\WINDOWS\system32\drivers\netdevio.sys (TOSHIBA Network Device Usermode I/O Protocol)
C:\WINDOWS\system32\drivers\tvs.sys (Toshiba Virtual Sound with SRS technologies)
* c:\windows\system32\vsdatant.sys (vsdatant)
- c:\windows\system32\drivers\wdica.sys (WDICA)
c:\windows\system32\drivers\wpsdrvnt.sys (wpsdrvnt)

041 HKLM-HKCU\Software\Microsoft\Internet Explorer\Toolbar
----------------------------------------------------------
c:\programme\veoh networks\veoh\plugins\reg\veohtoolbar.dll (Veoh Networks Inc) {D0943516-5076-4020-A3B5-AEFAF26AB263}

042 HKLM\Software\Microsoft\Internet Explorer\Extensions
--------------------------------------------------------
* c:\programme\icqlite\icqlite.exe (ICQ Ltd.) {B863453A-26C3-4e1f-A54D-A2CD196348E9}

043 HKCU\Software\Microsoft\Internet Explorer\Extensions
--------------------------------------------------------
- c:\programme\internet explorer\signup\toshibagotoebay.exe {670C5F66-0866-4DD7-8A3F-1EDE62C2E8BB}

047 Trusted zones
-----------------
Zone: fritz.box : *.fritz.box

061 HKLM-HCKU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
---------------------------------------------------------------------------------
c:\programme\icqlite\icqliteshell.dll {73B24247-042E-4EF5-ADC2-42F62E6FD654}
c:\programme\antivir personaledition classic\shlext.dll (Avira GmbH) {45AC2688-0253-4ED8-97DE-B5370FA7D48A}
* c:\programme\real\realplayer\rpshell.dll (RealNetworks, Inc.) {F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4}
c:\windows\system32\tpprop.dll (COMPAL ELECTRONIC INC.) {9ED66769-A198-41FE-8615-601691C68846}
* c:\progra~1\tuneup~1\sdshelex-win32.dll (TuneUp Software GmbH) {4858E7D9-8E12-45a3-B6A3-1CD128C9D403}
* C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software GmbH) {44440D00-FF19-4AFC-B765-9A0970567D97}
c:\programme\winace\arcext.dll (e-merge GmbH) {8FF88D21-7BD0-11D1-BFB7-00AA00262A11}
c:\programme\winace\arcext.dll (e-merge GmbH) {8FF88D27-7BD0-11D1-BFB7-00AA00262A11}
c:\programme\winace\arcext.dll (e-merge GmbH) {8FF88D25-7BD0-11D1-BFB7-00AA00262A11}
c:\programme\winace\arcext.dll (e-merge GmbH) {8FF88D23-7BD0-11D1-BFB7-00AA00262A11}
c:\programme\winrar\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
c:\progra~1\winzip\wzshlstb.dll (WinZip Computing, Inc.) {E0D79304-84BE-11CE-9641-444553540000}
c:\progra~1\winzip\wzshlstb.dll (WinZip Computing, Inc.) {E0D79305-84BE-11CE-9641-444553540000}
c:\progra~1\winzip\wzshlstb.dll (WinZip Computing, Inc.) {E0D79306-84BE-11CE-9641-444553540000}
c:\progra~1\winzip\wzshlstb.dll (WinZip Computing, Inc.) {E0D79307-84BE-11CE-9641-444553540000}

062 HKLM-HKCU\Software\Classes\Folder\Shellex\ColumnHandlers
------------------------------------------------------------
c:\programme\adobe\acrobat 7.0\activex\pdfshell.dll (Adobe Systems, Inc.) {F9DB5320-233E-11D1-9F84-707F02C10627}

066 HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\UIHost
---------------------------------------------------------------------
c:\dokumente und einstellungen\all users\anwendungsdaten\tuneup software\tuneup utilities\winstyler\tu_logonui.exe (Microsoft Corporation)

068 HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9
--------------------------------------------------------------------------------
c:\programme\fritz!dsl\sarah.dll (AVM Berlin)
c:\programme\fritz!dsl\sarah.dll (AVM Berlin)
c:\programme\fritz!dsl\sarah.dll (AVM Berlin)
c:\programme\fritz!dsl\sarah.dll (AVM Berlin)

069 HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors
--------------------------------------------------------
C:\WINDOWS\system32\avmprmon.dll (AVM Berlin GmbH)

073 %windir%\Tasks
------------------
1-Click Maintenance.job : c:\programme\tuneup utilities 2007\systemoptimizer.exe (TuneUp Software GmbH)
1-Klick-Wartung.job : c:\programme\tuneup utilities 2007\systemoptimizer.exe (TuneUp Software GmbH)

100 Internet Explorer settings
------------------------------
SearchUrl HKCU : http://home.microsoft.com/access/autosearch.asp?p=%s

104 HKLM\Software\Microsoft\Code Store Database\Distribution Units
------------------------------------------------------------------
* c:\programme\quicktime\qtplugin.ocx (Apple Inc.) {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B}

105 HKCU\Software\Microsoft\Internet Explorer\MenuExt
-----------------------------------------------------
&Citavi Picker... : file://C:\Programme\Internet Explorer\PLUGINS\Citavi Picker\ShowContextMenu.html
Nach Microsoft &Excel exportieren : res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

107 HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5
---------------------------------------------------------------------------------
c:\programme\fritz!dsl\sarah.dll (AVM Berlin)

120 Domain/DNS hijacking
------------------------
Domain {695A1B60-AD0C-4FF4-8D1A-579A1A8B0764} : uni-bielefeld.de
NameServer {695A1B60-AD0C-4FF4-8D1A-579A1A8B0764} : 129.70.240.53,129.70.182.8
NameServer {AE11FA69-D128-4C74-A773-C90986404273} : 192.168.122.252,192.168.122.253
TcpIp SearchList : uni-bielefeld.de

170 HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2
------------------------------------------------------------------------
{96f9d5d8-e742-11db-a1bb-00059a3c7800} : E:\setupSNK.exe

173 HKCR\*\shellex\ContextMenuHandlers
--------------------------------------
c:\programme\icqlite\icqliteshell.dll {73B24247-042E-4EF5-ADC2-42F62E6FD654}
c:\programme\antivir personaledition classic\shlext.dll (Avira GmbH) {45AC2688-0253-4ED8-97DE-B5370FA7D48A}
c:\programme\toshiba\configfree\cfshlext.dll {5a900bf8-09f0-4d1d-bb42-47617ee2eedc}
* c:\progra~1\tuneup~1\sdshelex-win32.dll (TuneUp Software GmbH) {4858E7D9-8E12-45a3-B6A3-1CD128C9D403}
c:\programme\winrar\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
c:\progra~1\winzip\wzshlstb.dll (WinZip Computing, Inc.) {E0D79304-84BE-11CE-9641-444553540000}
c:\programme\winace\arcext.dll (e-merge GmbH) {8FF88D27-7BD0-11D1-BFB7-00AA00262A11}

221 HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers
-------------------------------------------------------
c:\programme\icqlite\icqliteshell.dll {73B24247-042E-4EF5-ADC2-42F62E6FD654}
c:\programme\antivir personaledition classic\shlext.dll (Avira GmbH) {45AC2688-0253-4ED8-97DE-B5370FA7D48A}
c:\programme\toshiba\configfree\cfshlext.dll {5a900bf8-09f0-4d1d-bb42-47617ee2eedc}
* c:\progra~1\tuneup~1\sdshelex-win32.dll (TuneUp Software GmbH) {4858E7D9-8E12-45a3-B6A3-1CD128C9D403}
c:\programme\winrar\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
c:\progra~1\winzip\wzshlstb.dll (WinZip Computing, Inc.) {E0D79304-84BE-11CE-9641-444553540000}
c:\programme\winace\arcext.dll (e-merge GmbH) {8FF88D27-7BD0-11D1-BFB7-00AA00262A11}

223 HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers
--------------------------------------------------------------------------
* c:\programme\malwarebytes' anti-malware\mbamext.dll (Malwarebytes) {57CE581A-0CB6-4266-9CA0-19364C90A0B3}

225 HKCU\Software\Classes\Folder\ShellEx\ContextMenuHandlers
------------------------------------------------------------
* c:\programme\malwarebytes' anti-malware\mbamext.dll (Malwarebytes) {57CE581A-0CB6-4266-9CA0-19364C90A0B3}
* c:\programme\malwarebytes' anti-malware\mbamext.dll (Malwarebytes) {57CE581A-0CB6-4266-9CA0-19364C90A0B3}
c:\programme\antivir personaledition classic\shlext.dll (Avira GmbH) {45AC2688-0253-4ED8-97DE-B5370FA7D48A}
c:\programme\antivir personaledition classic\shlext.dll (Avira GmbH) {45AC2688-0253-4ED8-97DE-B5370FA7D48A}
c:\programme\winrar\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
c:\programme\winrar\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
c:\progra~1\winzip\wzshlstb.dll (WinZip Computing, Inc.) {E0D79304-84BE-11CE-9641-444553540000}
c:\progra~1\winzip\wzshlstb.dll (WinZip Computing, Inc.) {E0D79304-84BE-11CE-9641-444553540000}

227 HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers
---------------------------------------------------------------
c:\programme\icqlite\icqliteshell.dll {73B24247-042E-4EF5-ADC2-42F62E6FD654}
c:\programme\toshiba\configfree\cfshlext.dll {5a900bf8-09f0-4d1d-bb42-47617ee2eedc}
* c:\progra~1\tuneup~1\sdshelex-win32.dll (TuneUp Software GmbH) {4858E7D9-8E12-45a3-B6A3-1CD128C9D403}
c:\programme\winrar\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}
c:\progra~1\winzip\wzshlstb.dll (WinZip Computing, Inc.) {E0D79304-84BE-11CE-9641-444553540000}
c:\programme\winace\arcext.dll (e-merge GmbH) {8FF88D27-7BD0-11D1-BFB7-00AA00262A11}

231 HKLM\Software\Classes\Folder\Shellex\ColumnHandlers
-------------------------------------------------------
c:\programme\adobe\acrobat 7.0\activex\pdfshell.dll (Adobe Systems, Inc.) PDF Column Info

marleo · 14.07.2008, 19:45

So und noch das HijackThis log:

Code:

ATTFilter

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:43:28, on 14/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Sygate\SPF\smc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\AntiVir PersonalEdition Classic\sched.exe
C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
C:\Programme\FRITZ!DSL\IGDCTRL.EXE
C:\Programme\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Programme\Cisco Systems\VPN Client\cvpnd.exe
C:\Programme\Gemeinsame Dateien\MicroWorld\Agent\MWASER.EXE
C:\Programme\Apoint2K\Apoint.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Programme\TOSHIBA\E-KEY\CeEKey.exe
C:\Programme\TOSHIBA\TouchPad\TPTray.exe
C:\Programme\TOSHIBA\Accessibility\FnKeyHook.exe
C:\WINDOWS\system32\ZoomingHook.exe
C:\WINDOWS\system32\TCtrlIOHook.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Programme\TOSHIBA\Tvs\TvsTray.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Programme\Apoint2K\Apntex.exe
C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe
C:\Programme\TOSHIBA\Touch and Launch\PadExe.exe
C:\Programme\TOSHIBA\ConfigFree\NDSTray.exe
C:\Programme\TOSHIBA\TOSHIBA Controls\TFncKy.exe
C:\Programme\TOSHIBA\ConfigFree\CFSServ.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\Programme\TuneUp Utilities 2007\MemOptimizer.exe
C:\Programme\Microsoft ActiveSync\wcescomm.exe
C:\Programme\FRITZ!DSL\FwebProt.exe
C:\Programme\FRITZ!DSL\StCenter.exe
C:\PROGRA~1\MICROS~3\rapimgr.exe
C:\Programme\Gemeinsame Dateien\MicroWorld\Agent\MWAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\TOSHIBA\ConfigFree\CFXFER.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Programme\Cisco Systems\VPN Client\vpngui.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\Programme\Trend Micro\HijackThis\HijackThis.exe

R3 - URLSearchHook: Yahoo! Toolbar mit Pop-Up-Blocker - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Asz.Citavi.IEAddon.IEPickerButton - {609D670F-B735-4da7-AC6D-F3BD358E325E} - C:\WINDOWS\system32\mscoree.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Yahoo! Toolbar mit Pop-Up-Blocker - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Programme\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O4 - HKLM\..\Run: [Apoint] C:\Programme\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [CeEKEY] C:\Programme\TOSHIBA\E-KEY\CeEKey.exe
O4 - HKLM\..\Run: [TPNF] C:\Programme\TOSHIBA\TouchPad\TPTray.exe
O4 - HKLM\..\Run: [TOSHIBA Accessibility] C:\Programme\TOSHIBA\Accessibility\FnKeyHook.exe
O4 - HKLM\..\Run: [SVPWUTIL] "C:\Programme\Toshiba\Windows Utilities\SVPWUTIL.exe" SVPwUTIL
O4 - HKLM\..\Run: [Zooming] ZoomingHook.exe
O4 - HKLM\..\Run: [TCtryIOHook] TCtrlIOHook.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [Tvs] C:\Programme\TOSHIBA\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [SmcService] "C:\PROGRA~1\Sygate\SPF\smc.exe" -startgui
O4 - HKLM\..\Run: [avgnt] "C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [HWSetup] "C:\Programme\TOSHIBA\TOSHIBA Applet\HWSetup.exe" hwSetUP
O4 - HKLM\..\Run: [PadTouch] "C:\Programme\TOSHIBA\Touch and Launch\PadExe.exe"
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [CFSServ.exe] CFSServ.exe -NoClient
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TOSCDSPD] C:\Programme\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Programme\TuneUp Utilities 2007\MemOptimizer.exe" autostart
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Programme\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [updateMgr] "C:\Programme\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: FRITZ!DSL Protect.lnk = C:\Programme\FRITZ!DSL\FwebProt.exe
O4 - Startup: FRITZ!DSL Startcenter.lnk = C:\Programme\FRITZ!DSL\StCenter.exe
O8 - Extra context menu item: &Citavi Picker... - file://C:\Programme\Internet Explorer\PLUGINS\Citavi Picker\ShowContextMenu.html
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Mobilen Favoriten erstellen... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: Citavi Picker - {619D670F-B735-4da7-AC6D-F3BD358E325E} - C:\WINDOWS\system32\mscoree.dll
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra button: eBay - {670C5F66-0866-4DD7-8A3F-1EDE62C2E8BB} - C:\Programme\Internet Explorer\Signup\ToshibaGotoEbay.exe (file missing) (HKCU)
O17 - HKLM\System\CCS\Services\Tcpip\..\{695A1B60-AD0C-4FF4-8D1A-579A1A8B0764}: Domain = uni-bielefeld.de
O17 - HKLM\System\CCS\Services\Tcpip\..\{695A1B60-AD0C-4FF4-8D1A-579A1A8B0764}: NameServer = 129.70.240.53,129.70.182.8
O17 - HKLM\System\CCS\Services\Tcpip\..\{AE11FA69-D128-4C74-A773-C90986404273}: NameServer = 192.168.122.252,192.168.122.253
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = uni-bielefeld.de
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = uni-bielefeld.de
O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVM IGD CTRL Service - AVM Berlin - C:\Programme\FRITZ!DSL\IGDCTRL.EXE
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Programme\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Programme\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: AVM FRITZ!web Routing Service (de_serv) - AVM Berlin - C:\Programme\Gemeinsame Dateien\AVM\de_serv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: MWAgent - MicroWorld Technologies Inc. - C:\Programme\Gemeinsame Dateien\MicroWorld\Agent\MWASER.EXE
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Programme\Sygate\SPF\smc.exe

--
End of file - 8772 bytes

Vielen vielen Dank schon mal!! Wüsste gar nicht was ich sonst machen würde

trojan-death · 15.07.2008, 14:54

Was befindet sich denn im XXX Ordner??
Kann man den allenfalls löschen??
Werde mir die Logfiles heute Abend anschauen und mich wieder melden

was ist das Trojanische Pferd TR/Dldr.VB.dey?

Plagegeister aller Art und deren Bekämpfung: was ist das Trojanische Pferd TR/Dldr.VB.dey?