HiJackThis LogFile

Sandro1988 · 06.10.2008, 18:58

Hallo zusammen,

bin neu hier im Board und hoffe Ihr könnt mir weiterhelfen, ich selbst bin mit meinem Latein am Ende. Dürfte mir einen Zlob eingefangen haben!?!?

Hier der Log_file von HiJackThis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:49, on 06.10.2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18241)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Programme\a-squared Free\a2service.exe
C:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Programme\Broadcom\ASFIPMon\AsfIpMon.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Programme\Bonjour\mDNSResponder.exe
C:\DATEV\PROGRAMM\B0001442\PSNTSERV.EXE
C:\DATEV\PROGRAMM\B0000150\ScServer\DVckService.exe
C:\DATEV\PROGRAMM\B0001364\DTVSCSer.exe
C:\Programme\Intel\Wireless\Bin\EvtEng.exe
C:\DATEV\PROGRAMM\B0001356\SpdyScProcessSrv.exe
C:\Programme\KOBIL Systems\KOBIL mIDentity\msdisrv.exe
C:\Programme\Gemeinsame Dateien\Nero\Nero BackItUp 4\NBService.exe
C:\Programme\Intel\Wireless\Bin\RegSrvc.exe
C:\DATEV\PROGRAMM\B0000347\ScMgmt\SCardService.exe
C:\Programme\SigmaTel\C-Major Audio\WDM\StacSV.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\Programme\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Programme\DellTPad\Apoint.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\stsystra.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Programme\Wave Systems Corp\Services Manager\DocMgr\bin\docmgr.exe
C:\Programme\Intel\Wireless\bin\ZCfgSvc.exe
C:\Programme\Intel\Wireless\Bin\ifrmewrk.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Programme\FreePDF_XP\fpassist.exe
C:\DATEV\PROGRAMM\B0000150\ScWTS\DVCCSAWTSSetEntryNTE.exe
C:\DATEV\PROGRAMM\B0000347\ScMgmt\ScardManager.exe
C:\DATEV\PROGRAMM\B0001356\mIDentity.exe
C:\Programme\WinMagic\SecureDoc-NT\SDPin.exe
C:\Programme\HP\HP Software Update\HPWuSchd2.exe
C:\Programme\DellTPad\ApMsgFwd.exe
C:\Programme\DellTPad\Apntex.exe
C:\Programme\DellTPad\HidFind.exe
C:\Programme\iTunes\iTunesHelper.exe
C:\Programme\Spamihilator\spamihilator.exe
C:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Programme\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Dokumente und Einstellungen\*****\Lokale Einstellungen\Anwendungsdaten\Skype\Phone\Skype.exe
C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe
C:\Programme\T-Mobile\web'n'walk Manager\web'n'walk Manager.exe
C:\Programme\iPod\bin\iPodService.exe
C:\Programme\HP\Digital Imaging\bin\hpqgalry.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\DOKUME~1\******\LOKALE~1\Temp\OnlineScanner\Anti-Virus\fsgk32.exe
C:\DOKUME~1\*****\LOKALE~1\Temp\OnlineScanner\Anti-Virus\fssm32.exe
C:\Programme\Outlook Express\msimn.exe
C:\Dokumente und Einstellungen\*******\Eigene Dateien\firefox.exe
C:\WINDOWS\explorer.exe
C:\Programme\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = w*w.google.de/ig/dell?hl=de&client=dell-row-rel&channel=de&ibd=4071229
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = h**ps://prsaccess.itnutzen.de/Citrix/AccessPlatform/auth/login.aspx
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = h**p://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = h**p://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = h**p://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = h**p://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = **w.google.de/ig/dell?hl=de&client=dell-row-rel&channel=de&ibd=4071229
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = h**p://go.microsoft.com/fwlink/?LinkId=74005
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Apoint] C:\Programme\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [Document Manager] C:\Programme\Wave Systems Corp\Services Manager\DocMgr\bin\docmgr.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Programme\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Programme\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [FreePDF Assistant] C:\Programme\FreePDF_XP\fpassist.exe
O4 - HKLM\..\Run: [DVCCSAWTSSetEntryNTE] C:\DATEV\PROGRAMM\B0000150\ScWTS\DVCCSAWTSSetEntryNTE.exe
O4 - HKLM\..\Run: [DATEV_SCardMan] C:\DATEV\PROGRAMM\B0000347\ScMgmt\ScardManager.exe
O4 - HKLM\..\Run: [StartSpeedy] C:\DATEV\PROGRAMM\B0001356\mIDentity.exe
O4 - HKLM\..\Run: [DTVLOGON] C:\DATEV\PROGRAMM\B0001364\DTVLOGON.EXE /CARDCHECK
O4 - HKLM\..\Run: [StartSecurDoc] C:\Programme\WinMagic\SecureDoc-NT\SDPin.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Programme\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [au] C:\Programme\Dealio\DealioAU.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\GEMEIN~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programme\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Spamihilator] "C:\Programme\Spamihilator\spamihilator.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [Malware Defender] c:\programme\malware defender\malwaredefender.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Skype] "C:\Dokumente und Einstellungen\Steindorfer\Lokale Einstellungen\Anwendungsdaten\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [] C:\Dokumente und Einstellungen\Steindorfer\Anwendungsdaten\Adobe\Player.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Schnellstart.lnk = C:\Programme\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: web'n'walk Manager.lnk = C:\Programme\T-Mobile\web'n'walk Manager\web'n'walk Manager.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &Google Search - res://C:\Programme\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://C:\Programme\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\Programme\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Compare Prices with &Dealio - C:\Dokumente und Einstellungen\*****\Anwendungsdaten\Dealio\kb127\res\DealioSearch.html
O8 - Extra context menu item: Si&milar Pages - res://C:\Programme\Google\GoogleToolbar1.dll/cmsimilar.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1199708644296
O16 - DPF: {66E410C6-7B9C-4382-B9C4-AC5223230F0A} (CVPNInstall Object) - https://cnportal.cs.arcor.net/ea/activex/NT/vpninstallactivex.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1217933794843
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
O16 - DPF: {B6BAB322-1841-406C-99F0-4302EAF9A635} (CGenerateRequest Object) - https://cnportal.cs.arcor.net/ea/activex/NT/generaterequestactivex.cab
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{549CDB87-4F85-4B98-B846-4F42E6041F06}: NameServer = 192.168.1.1,195.34.133.22
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\DOKUME~1\*****\LOKALE~1\ANWEND~1\Skype\Shared\SKYPE4~1.DLL
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Programme\a-squared Free\a2service.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Planer (AntiVirScheduler) - Avira GmbH - C:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Broadcom ASF IP and SMBIOS Mailbox Monitor (ASFIPmon) - Broadcom Corporation - C:\Programme\Broadcom\ASFIPMon\AsfIpMon.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. - C:\Programme\Bonjour\mDNSResponder.exe
O23 - Service: DATEV Update-Service - DATEV eG - C:\DATEV\PROGRAMM\INSTALL\DvInesASDSvc.Exe
O23 - Service: DATEV Druckservice (DatevPrintService) - DATEV eG - C:\DATEV\PROGRAMM\B0001442\PSNTSERV.EXE
O23 - Service: DVckService - DATEV eG - C:\DATEV\PROGRAMM\B0000150\ScServer\DVckService.exe
O23 - Service: DV-SmartCard-Logon (DVSmartCardLogon) - DATEV eG - C:\DATEV\PROGRAMM\B0001364\DTVSCSer.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Programme\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Programme\iPod\bin\iPodService.exe
O23 - Service: KOBIL Container Encryption Control1 - KOBIL Systems - C:\DATEV\PROGRAMM\B0001356\SpdyScProcessSrv.exe
O23 - Service: KOBIL_MSDI - KOBIL Systems GmbH - C:\Programme\KOBIL Systems\KOBIL mIDentity\msdisrv.exe
O23 - Service: Malware Defender Service (MalwareDefenderService) - TorchSoft - c:\programme\malware defender\mdservice.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Programme\Gemeinsame Dateien\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Programme\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Programme\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: DATEV SmartCard Service (SCardService) - DATEV eG - C:\DATEV\PROGRAMM\B0000347\ScMgmt\SCardService.exe
O23 - Service: SecureStorageService - Wave Systems Corp. - C:\Programme\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Programme\SigmaTel\C-Major Audio\WDM\StacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Programme\Gemeinsame Dateien\SureThing Shared\stllssvr.exe
O23 - Service: NTRU TSS v1.2.1.12 TCS (tcsd_win32.exe) - Unknown owner - C:\Programme\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Programme\Intel\Wireless\Bin\WLKeeper.exe

--
End of file - 13946 bytes

vielleicht auch noch nützlich, das Ergebniss vom Online-Scan bei F-Secure:

Scanning Report
Monday, October 06, 2008 14:43:32 - 16:13:11
Computer name: NB00411
Scanning type: Scan system for malware, rootkits
Target: C:\

Result: 8 malware found
AdWare.Win32.Virtumonde (spyware)
· System
TrackingCookie.Tradedoubler (spyware)
· System
TrackingCookie.Zanox (spyware)
· System
Trojan-Spy.Win32.BZub (virus)
· System
Trojan.Win32.Monder (virus)
· System
Trojan.Win32.Monder.rgd (virus)
· C:\WINDOWS\SYSTEM32\SKLHCCTV.DLL
Trojan.Win32.Monder.rhy (virus)
· C:\WINDOWS\SYSTEM32\YLPYVTKU.DLL
W32/Vundo.ESD (virus)
· C:\WINDOWS\SYSTEM32\BYXQKJBB.DLL (Submitted)

Statistics
Scanned:
· Files: 46591
· System: 5143
· Not scanned: 8
Actions:
· Disinfected: 0
· Renamed: 0
· Deleted: 0
· None: 8
· Submitted: 1
Files not scanned:
· C:\PAGEFILE.SYS
· C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT
· C:\WINDOWS\SYSTEM32\CONFIG\SAM
· C:\WINDOWS\SYSTEM32\CONFIG\SECURITY
· C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE
· C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM
· C:\DOKUMENTE UND EINSTELLUNGEN\*******\LOKALE EINSTELLUNGEN\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\8FW7MYHS.DEFAULT\CACHE\6AC7897BD01
· C:\DOKUMENTE UND EINSTELLUNGEN\ALL USERS\ANWENDUNGSDATEN\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\035B30E70BED1560BE654D8DA0EFF9BF_9A8B723F-72C8-49B1-9C4D-EAF219A43E3C

Options
Scanning engines:
· F-Secure USS: 2.30.0
· F-Secure Blacklight: 1.0.68
· F-Secure Hydra: 2.8.8110, 2008-10-06
· F-Secure Pegasus: 1.20.0, 2008-09-02
· F-Secure AVP: 7.0.171, 2008-10-06
Scanning options:
· Scan defined files: COM EXE SYS OV? BIN SCR DLL SHS HTM HTML HTT VBS JS INF VXD DO? XL? RTF CPL WIZ HTA PP? PWZ P?T MSO PIF . ACM ASP AX CNV CSC DRV INI MDB MPD MPP MPT OBD OBT OCX PCI TLB TSP WBK WBT WPC WSH VWP WML BOO HLP TD0 TT6 MSG ASD JSE VBE WSC CHM EML PRC SHB LNK WSF {* PDF ZL? XML ZIP XXX ANI AVB BAT CMD JPG LSP MAP MHT MIF PHP POT SWF WMF NWS TAR
· Use Advanced heuristics

Monday, October 06, 2008 16:27:33 - 17:53:15
Computer name: NB00411
Scanning type: Scan system for malware, rootkits
Target: C:\

Result: 4 malware found
AdWare.Win32.Virtumonde (spyware)
· System
TrackingCookie.Zanox (spyware)
· System
Trojan-Spy.Win32.BZub (virus)
· System
W32/Vundo.ESD (virus)
· C:\WINDOWS\SYSTEM32\BYXQKJBB.DLL (Submitted)

Statistics
Scanned:
· Files: 46825
· System: 5118
· Not scanned: 8
Actions:
· Disinfected: 0
· Renamed: 0
· Deleted: 0
· None: 4
· Submitted: 1
Files not scanned:
· C:\PAGEFILE.SYS
· C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT
· C:\WINDOWS\SYSTEM32\CONFIG\SAM
· C:\WINDOWS\SYSTEM32\CONFIG\SECURITY
· C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE
· C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM
· C:\DOKUMENTE UND EINSTELLUNGEN\********\LOKALE EINSTELLUNGEN\TEMP\ETILQS_ACXZ5WHHCRAPYOID71SI
· C:\DOKUMENTE UND EINSTELLUNGEN\ALL USERS\ANWENDUNGSDATEN\MICROSOFT\CRYPTO\RSA\MACHINEKEYS\035B30E70BED1560BE654D8DA0EFF9BF_9A8B723F-72C8-49B1-9C4D-EAF219A43E3C

Options
Scanning engines:
· F-Secure USS: 2.30.0
· F-Secure Blacklight: 1.0.68
· F-Secure Hydra: 2.8.8110, 2008-10-06
· F-Secure Pegasus: 1.20.0, 2008-09-02
· F-Secure AVP: 7.0.171, 2008-10-06
Scanning options:
· Scan defined files: COM EXE SYS OV? BIN SCR DLL SHS HTM HTML HTT VBS JS INF VXD DO? XL? RTF CPL WIZ HTA PP? PWZ P?T MSO PIF . ACM ASP AX CNV CSC DRV INI MDB MPD MPP MPT OBD OBT OCX PCI TLB TSP WBK WBT WPC WSH VWP WML BOO HLP TD0 TT6 MSG ASD JSE VBE WSC CHM EML PRC SHB LNK WSF {* PDF ZL? XML ZIP XXX ANI AVB BAT CMD JPG LSP MAP MHT MIF PHP POT SWF WMF NWS TAR
· Use Advanced heuristics

VIELEN DANK SCHON MAL FÜR JEDE ART VON HILFE

mfG
sandro

HiJackThis LogFile

Mülltonne: HiJackThis LogFile

HiJackThis LogFile

Ähnliche Themen: HiJackThis LogFile