booster Win32 wurm

Bilo84 · 29.07.2008, 22:42

Hallo miteinander.

diesmal hat es mich erwischt

. Naja aufjedenfall erläutere ich erstmal was der wurm ansich hat.

- zeigt meine 2 von 3 festplatten nicht an
- Admin rechte entzogen
- Tasmanager klappt auch nicht
- alle systemwiederherstellungspunkte sind mit "VIRUS ALERT" bestückt
- und natürlich ist in der taskleiste neben der uhr auch ein VIRUS ALERT

vorherriger standpunkt (bevor ich spybot und avira durchlaufen hab) war, dass sich noch ein möchtergern Spyware program öffnete, dass den wurm beseitigen sollte.... ein paar pop ups waren auch noch im spiel.

Dies ist zum glück erstmal weg. Meine Probs sind die oben aufgeführten sachen. ich hab auch nicht soviel ahnung von virus und würmen bekämüfung und brauche deswegen eure unterstützung...

Ich poste mal einen HijackThis logfile, hoffe ihr könnt mir weiterhelfen.

Vielen Dank

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:39: VIRUS ALERT!, on 29.07.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\AntiVir PersonalEdition Classic\sched.exe
C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Programme\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\Programme\Home Cinema\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Programme\CyberLink\Shared Files\RichVideo.exe
C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe
C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\Dokumente und Einstellungen\***\Eigene Dateien\HiJackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = h**p://www.medion.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = h**p://softwarereferral.com/jump.php?wmid=6010&mid=MjI6Ojg5&lid=2
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = h**p://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = h**p://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = h**p://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = h**p://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: DAPHelper Class - {0000CC75-ACF3-4cac-A0A9-DD3868E06852} - C:\Programme\DAP\DAPBHO.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Programme\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: QXK Olive - {AEFFF7D6-917C-4D8D-A780-7C2D69F1B01A} - C:\WINDOWS\nfavxwdbsxb.dll
O3 - Toolbar: DAP Bar - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - C:\Programme\DAP\DAPIEBar.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Programme\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: fdkowvbp - {BF53502D-3BEF-4273-9925-89D7526A5F87} - (no file)
O4 - HKLM\..\Run: [avgnt] "C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [BigDog305] C:\WINDOWS\VM305_STI.EXE VIMICRO USB PC Camera (ZC0305)
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm
O8 - Extra context menu item: Download with Xilisoft Download YouTube Video - C:\Programme\Xilisoft\Download YouTube Video\upod_link.HTM
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Run DAP - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\PROGRA~1\DAP\DAP.EXE
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Programme\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Programme\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Programme\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
O9 - Extra button: @C:\Programme\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Programme\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra button: Klicke hier um das Projekt xp-AntiSpy zu unterstützen - {0CF7A555-4E85-4021-9504-14A8D54B8974} - C:\Programme\xp-AntiSpy\sponsoring\sponsor.html (HKCU)
O9 - Extra 'Tools' menuitem: Unterstützung für xp-AntiSpy - {0CF7A555-4E85-4021-9504-14A8D54B8974} - C:\Programme\xp-AntiSpy\sponsoring\sponsor.html (HKCU)
O9 - Extra button: MedionShop - {A461BF3E-96B0-488F-9ACA-202335DDCC4B} - h**p://www.medionshop.de/ (file missing) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=h**p://www.aldi.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - h**p://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - h**p://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - h**p://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1128778405937
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - h**p://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - h**p://javadl-esd.sun.com/update/1.6.0/jinstall-6u3-windows-i586-jc.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
O21 - SSODL: eqvwamkl - {B44CB897-389B-48F4-B8A7-9E6C402A20F5} - C:\WINDOWS\eqvwamkl.dll
O21 - SSODL: wnslvxtf - {ACA96E84-347B-4CC2-B6AC-1E18DEF194EE} - (no file)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Programme\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Programme\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Programme\Home Cinema\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Programme\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Programme\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programme\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Programme\TuneUp Utilities 2006\WinStylerThemeSvc.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

--
End of file - 10181 bytes

myrtille · 29.07.2008, 23:04

Hi,

lade dir SmitfraudFix herunter und arbeite genau die Schritte unter "Reinigung" ab. Speichere das erstellte Log ab und poste es dann hier.

lg myrtille

Bilo84 · 29.07.2008, 23:36

Das Virus Alert in der taskleiste ist weg.. JIPIIEEE und meine C Festplatte sehe ich auch wieder. Also es hat sich einiges getan. Ich kann mir aber nicht vorstellen, dass es schon war, weil beim reinigen so einige fehler aufgetreten sind. Schau dir es mal einfach an.

SmitFraudFix v2.332

Scan done at 0:22:29,90, 30.07.2008
Run from C:\Dokumente und Einstellungen\***\Eigene Dateien\jetzt gehts los\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
The filesystem type is NTFS
Fix run in safe mode

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Killing process

»»»»»»»»»»»»»»»»»»»»»»»» hosts

127.0.0.1 localhost
127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 www.drivecleaner.com ## added by CiD
127.0.0.1 www.errorprotector.com ## added by CiD
127.0.0.1 www.errorsafe.com ## added by CiD
127.0.0.1 www.systemdoctor.com ## added by CiD
127.0.0.1 www.win-anti-virus-pro.com ## added by CiD
127.0.0.1 www.win-virus-pro.com ## added by CiD
127.0.0.1 www.winantispam.com ## added by CiD
127.0.0.1 www.winantispy.com ## added by CiD
127.0.0.1 www.winantispyware.com ## added by CiD
127.0.0.1 www.winantivirus.com ## added by CiD
127.0.0.1 www.winantiviruspro.com ## added by CiD
127.0.0.1 www.windrivecleaner.com ## added by CiD
127.0.0.1 www.windrivesafe.com ## added by CiD
127.0.0.1 www.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 www.utils.winfixer.com ## added by CiD
127.0.0.1 www.winfixer2006.com ## added by CiD
127.0.0.1 www.winsoftware.com ## added by CiD

»»»»»»»»»»»»»»»»»»»»»»»» VACFix

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
C:\WINDOWS\nfavxwdbsxb.dll deleted.
C:\WINDOWS\eqvwamkl.dll deleted.

»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix

S!Ri's WS2Fix: LSP not Found.

»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files

»»»»»»»»»»»»»»»»»»»»»»»» IEDFix

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» 404Fix

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» DNS

»»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files

»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""

»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning

Registry Cleaning done.

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler After SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» End

myrtille · 30.07.2008, 09:37

Hi,
dann erstell bitte ein log mit Malwarebytes und lasse alle Funde löschen.

Erstelle danach bitte ein Log mit DSS und poste es hier.

Lade dir DSS
Schließe alle Anwendungen und führe DSS.exe dann mit einem Doppelklick aus
Führe während DSS arbeitet bitte keine anderen Aktionen durch
Am Ende öffnen sich 2 Datein main.txt und extra.txt
Poste den Inhalt beider Dateien hier

Was für Probleme sind beim reinigen aufgetreten? Smitfraudfix ist für diese Art von Infektion sehr zuverlässig. Allerdings haben die allermeisten Leute mehrere Infektionen aufm Rechner.

lg myrtille

Bilo84 · 01.08.2008, 12:34

so jetzt erstmal die logdatei von MalwareBytes

Malwarebytes' Anti-Malware 1.23
Datenbank Version: 985
Windows 5.1.2600 Service Pack 2

23:34:41 30.07.2008
mbam-log-7-30-2008 (23-34-41).txt

Scan-Methode: Vollständiger Scan (C:\|D:\|E:\|)
Durchsuchte Objekte: 132663
Laufzeit: 50 minute(s), 50 second(s)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 4
Infizierte Registrierungswerte: 1
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 15
Infizierte Dateien: 255

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\VSPlugin (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\fdkowvbp.bgow (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\fdkowvbp.toolbar.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\SecuriSoft SARL (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\wnslvxtf (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
C:\Casino (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\history (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\history\1018399 (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\logs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\promo (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\sfx (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SecuriSoft SARL (Rogue.WinSpywareProtect) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SecuriSoft SARL\WinSpywareProtect (Rogue.WinSpywareProtect) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SecuriSoft SARL\WinSpywareProtect\BASE (Rogue.WinSpywareProtect) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SecuriSoft SARL\WinSpywareProtect\DELETED (Rogue.WinSpywareProtect) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SecuriSoft SARL\WinSpywareProtect\LOG (Rogue.WinSpywareProtect) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SecuriSoft SARL\WinSpywareProtect\SAVED (Rogue.WinSpywareProtect) -> Quarantined and deleted successfully.

Infizierte Dateien:
C:\Programme\eMule\Incoming\Progz\KeyGen - Sony Sound Forge 7.0 - MP3 Plug-In 2.0\Sony Sound Forge 7.0 Keygen.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\eovp.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
D:\Progz\Bluetoth Widcom v1.4.3.4\Bluetoth WIDCOM V1.4.3.4\patch_v4.exe (Rogue.Installer) -> Quarantined and deleted successfully.
D:\Progz\Sony.Sound.Forge.v7.0.Incl.Universal.Keygen-SSG\KeyGen\keygen.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\Progz\Sony.Soundforge.8.Inc.Keygen-RENEGADE\SF8.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}\BILO\Eigene\Progz\ALPluginIE-1.0.2.1-setup.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\id.xrs (Adware.Casino) -> Quarantined and deleted successfully.

C:\Casino\bet-at-home.com Poker\msvcr80.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\bjlicens.txt (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\blackjack.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\browser.exe (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\cacerts.crt (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\cam.cas (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\cardlib.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\common.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\countries.lst (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\creditdebit.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\db.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\devlib.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\devlibcomm.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\filemap.lst (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\fivecard.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\games.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\gsid.txt (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\INSTALL.LOG (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\languages.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\libeay32.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\licens.txt (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\mfc80.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\microsoft.vc80.crt.manifest (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\microsoft.vc80.mfc.manifest (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\modstatus.lst (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\mp3dec.asi (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\mss32.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\msvcp80.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\navigator.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\omaha.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\options.cfg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\poker.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\poker.exe (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\sc.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\srvmap.lst (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\ssleay32.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\texas.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\UNWISE.EXE (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\UNWISE.INI (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\update.exe (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\xml.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\0.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\1.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\10.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\11.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\12.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\13.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\14.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\15.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\16.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\17.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\18.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\19.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\2.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\20.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\21.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\22.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\23.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\24.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\25.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\26.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\28.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\29.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\3.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\30.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\31.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\32.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\33.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\34.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\35.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\36.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\37.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\38.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\39.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\4.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\40.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\41.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\42.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\43.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\44.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\45.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\47.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\48.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\49.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\5.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\50.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\51.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\6.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\7.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\8.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\9.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\allin_popup.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\archive.xsl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\archive_ff.xsl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\avatar.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\b.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\base.css (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\bkg.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\but_blackjack.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\but_cashier.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\but_close.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\but_filters_big.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\but_filters_small.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\but_game.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\but_general.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\but_join.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\but_main.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\but_medium.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\but_minmax.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\but_sublevels_big.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\but_sublevels_small.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\caret.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\chatbubble.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\chips.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\decktype_settings.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\edit.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\gamelimits1.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\gamelimits2.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\gamelimits3.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\game_bjframe.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\game_blackjack.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\game_summary.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\gre_font_11p_regular.xbf (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\hand.html (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\hand.xsl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\hand_cursor.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\hand_ff.xsl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\harrow.cur (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\headers_bkg.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\27.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\46.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\browserdetect.js (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\headers_text.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\pointer.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\promo-test1.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\history.html (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\history.xsl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\history_ff.xsl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\input_additional.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\input_boxes.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\input_lists.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\language.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\language.xsl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\languages.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\language_ff.xsl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\main.js (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\main_bkg.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\main_listhi.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\navigator_bg.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\navigator_buttons.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\navigator_moneytext.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\navigator_timer.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\panel_big.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\panel_bottom.bmp (Adware.Casino) -> Quarantined and deleted successfully.

Bilo84 · 01.08.2008, 12:35

teil 2

C:\Casino\bet-at-home.com Poker\data\panel_game_big.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\panel_game_small.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\panel_game_top.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\panel_left.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\panel_medium.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\panel_moretables.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\panel_texts.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\panel_top.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\poker_cardback.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\poker_cards.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\poker_cards_4c.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\poker_cards_large.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\poker_cards_large_4c.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\poker_deckside.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\poker_font_11p_bold.xbf (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\poker_font_11p_regular.xbf (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\poker_makechoice.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\poker_pucks.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\pol_font_11p_regular.xbf (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\popups.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\position_actions.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\position_active.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\position_inactive.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\position_mute.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\position_note.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\position_numbers.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\progress_ani.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\rus_font_11p_regular.xbf (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\sc_bkg8.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\tabs_big.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\tabs_cashier.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\tabs_small.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\text.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\timeslider.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\tur_font_11p_regular.xbf (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\tx_bkg10.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\tx_bkg5.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\user.xsl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\user_ff.xsl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\white_line.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\win_graphics.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\xml.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\data\xml_decoder.js (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\history\1018399\archive.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\history\1018399\history_0800.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\history\1018399\session142648111.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\history\1018399\session143256448.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\history\1018399\session143261604.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\history\1018399\stats_GAME_THM.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\promo\245x360_poker_ipod_de.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\sfx\c_button.wav (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\sfx\c_chip.wav (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\sfx\c_deal.mp3 (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\sfx\p_alert.wav (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\sfx\p_checkknock.wav (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\xrs\blackjack_game_panel.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\xrs\blackjack_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\xrs\common.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\xrs\creditdebit.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\xrs\ext_clientspecific.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\xrs\ext_creditdebit.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\xrs\ext_game.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\xrs\ext_general.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\xrs\ext_mc_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\xrs\ext_navigator.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\xrs\fcs_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\xrs\fc_join.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\xrs\fc_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\xrs\filemap.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\xrs\filerefs.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\xrs\gameclient.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\xrs\game_common.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\xrs\game_common_message.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\xrs\game_panel.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\xrs\gizmo.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\xrs\mc_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\xrs\message.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\xrs\mtt_join.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\xrs\mtt_lobby.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\xrs\navigator.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\xrs\omaha_join.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\xrs\omaha_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\xrs\optdef.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\xrs\poker_limits.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\xrs\sc_join.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\xrs\sc_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\xrs\soko_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\xrs\tel_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\xrs\texas_join.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\xrs\texas_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\bet-at-home.com Poker\xrs\tournament_join.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SecuriSoft SARL\WinSpywareProtect\wspwprtct.exe (Rogue.WinSpywareProtect) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SecuriSoft SARL\WinSpywareProtect\LOG\20080728003230343.log (Rogue.WinSpywareProtect) -> Quarantined and deleted successfully.
C:\WINDOWS\grswptdl.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.

29.07.2008, 23:04	#2
myrtille /// TB-Ausbilder	booster Win32 wurm Hi, lade dir SmitfraudFix herunter und arbeite genau die Schritte unter "Reinigung" ab. Speichere das erstellte Log ab und poste es dann hier. lg myrtille __________________ __________________

booster Win32 wurm

Plagegeister aller Art und deren Bekämpfung: booster Win32 wurm