Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Viren, Trojaner, Spyware

Viren, Trojaner, Spyware


Plagegeister aller Art und deren Bekämpfung: Viren, Trojaner, Spyware

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Seite 1 von 4 1 23 Letzte »
Alt 15.01.2009, 15:59   #1
Tony_M90
 
Viren, Trojaner, Spyware - Standard

Viren, Trojaner, Spyware


Hi Leute ...

Mein Computer ist in letzter Zeit unglaublich langsam geworden. Ich habe mehrere Antivirus Programme installiert (Kaspersky, Norton, Avira, Spyware Doctor, Malwarebytes, Spybot, Adaware) und damit über 4000 (!!!) infizierte Dateien gelöscht. Der Zustand meines PCs hat sich dadurch gebessert, ist aber immernoch ziemlich langsam. Vorallem wenn ich im Internet surfe oder Videos schaue, dann ist das PC unglaublich langsam. Ich kann nicht mehr Filme schauen, weil sie so sehr stocken!!

Kann mir jemand helfen ????????????

Thx

Alt 15.01.2009, 16:08   #2
Eminemstyle
 
Viren, Trojaner, Spyware - Standard

Viren, Trojaner, Spyware


Du solltest dich für ein AV-Programm entscheiden und dann die anderen deinstallieren, jedenfalls würde ich Norton keinesfalls drauf lassen.
Bitte Norton mit dem Norton Removel deinstallieren:
Download und Ausführung des Norton-Entfernungsprogramms


Dann bitte CCleaner wie in der Anleitung benutzen (auch Registry säubern)!


Dann bitte einen HijackThis Log posten (anleitung genau durchlsen).


Malwarebytes' Anti-Malware:

 Downloade dir Malwarebytes herunter
 Installiere es
 Befolge die Anleitung (führe einen kompletten Scan aus!)



 Poste den entstandenen Log


@Händichweg da haben wir wohl zur selben Zeit geopstet...
__________________
Alt 15.01.2009, 16:08   #3
Haengdichweg
 
Viren, Trojaner, Spyware - Standard

Viren, Trojaner, Spyware


Moin,

hast du die Virenscanner gleichzeitig am laufen?
Lad dir mal bitte HijackThis runter und mach ein logfile und stell es hier rein.
Entscheide dich für einen Virenscanner (ich würde Avira nehmen) und deinstalliere bitte die anderen.

Bitte Logfile hier posten!
__________________
Alt 15.01.2009, 19:28   #4
Tony_M90
 
Viren, Trojaner, Spyware - Standard

Viren, Trojaner, Spyware


Hi Leute ..

Danke für die schnellen Antworten.

Nein ich habe nicht alle gleichzeitig laufen, sondern nacheinander .. Zurzeit hab ich Kaspersky, Spyware Doctor, Spybot S&D und Malewarebytes drauf ..

Ich habe auch CCleaner installiert und eingesetzt ..

Hier ist nun mein HijackThis Logfile:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:17:26, on 15.01.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
F:\My Documents\""\Programms\"" SpyDoctor\Spyware Doctor\pctsAuxs.exe
F:\My Documents\""\Programms\"" SpyDoctor\Spyware Doctor\pctsSvc.exe
C:\WINDOWS\System32\TUProgSt.exe
c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe
C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe
F:\My Documents\""\Programms\"" SpyDoctor\Spyware Doctor\pctsTray.exe
C:\Program Files\Lavasoft\Ad-aware 6\Ad-watch.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\""\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\TuneUp Utilities 2009\MemOptimizer.exe
F:\My Documents\""\Programms\"" SpyBot S&D\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\SEC\Natural Color\NaturalColorLoad.exe
C:\Program Files\USB\USB VoIP Phone\USBPhoneDriver.exe
C:\Program Files\Pinnacle\Shared Files\Programs\PclePvr\VideoControl.exe
F:\My Documents\""\Programms\"" Azureus\Azureus\Azureus.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\VideoLAN\VLC\vlc.exeC:\Documents and Settings\""\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\""\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\""\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\""\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\""\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\""\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = h""p://www.google.ch/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = h""p://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = h""p://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = h""p://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = h""p://downloads.yahoo.com/internetexplorer/welcome.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
R3 - URLSearchHook: BearShare MediaBar - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - (no file)
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - F:\MYDOCU~1\""\PROGRA~1\""~1\SPYBOT~1\SDHelper.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: XBTP02634 - {F97DA966-F09D-4cab-BF29-75A0026986EA} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: BearShare MediaBar - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - (no file)
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXEO4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [PMCRemote] C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe
O4 - HKLM\..\Run: [PMCS] "C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe" -host -clearDebug
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe"
O4 - HKLM\..\Run: [ISTray] "F:\My Documents\""\Programms\"" SpyDoctor\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [Ad-watch] "C:\Program Files\Lavasoft\Ad-aware 6\Ad-watch.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\""\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2009\MemOptimizer.exe" autostart
O4 - HKCU\..\Run: [SpybotSD TeaTimer] F:\My Documents\""\Programms\"" SpyBot S&D\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [] (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [] (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [] (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [] (User 'Default user')
O4 - Global Startup: NaturalColorLoad.lnk = ?
O4 - Global Startup: USBVoIPPhone.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe (file missing)
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - E:\""\Games\Poker\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - E:\Omar & Youssef\Games\Poker\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - F:\MYDOCU~1\""\PROGRA~1\""~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - F:\MYDOCU~1\""\PROGRA~1\""~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - h""p://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {1B9B97D0-C0F4-4045-9B42-50A4535C9041} (WCLoaderCtl Class) - h""p://download.paltalk.com/wcloader_prod/wcloader.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - h""p://egyptian-"".spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - h""p://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1145681592718
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - h""p://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - h""p://messenger.zone.msn.com/binary/ZIntro.cab47946.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{CD9C35DB-9D48-4193-923D-A4684DFA35B8}: NameServer = 163.121.128.134,163.121.128.135
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe (file missing)
O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service - Unknown owner - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (file missing)
O23 - Service: Norton Protection Center Service (NSCService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE (file missing)
O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - F:\My Documents\""\Programms\"" SpyDoctor\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - F:\My Documents\""\Programms\"" SpyDoctor\Spyware Doctor\pctsSvc.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe

--
End of file - 12373 bytes



-------------


Danke sehr Leute schon im Voraus ..

Lg

Tony

Alt 15.01.2009, 23:16   #5
Eminemstyle
 
Viren, Trojaner, Spyware - Standard

Viren, Trojaner, Spyware


Da ist immer noch Norton drauf!
Lies mal mein ersten Post genau durch!


Alt 16.01.2009, 00:40   #6
Tony_M90
 
Viren, Trojaner, Spyware - Standard

Viren, Trojaner, Spyware


Ey Eminemstyle:

Danke. Ich hatte es eigentlich deinstalliert, aber hab nun dein Programm benutzt und Norton endgültig entfernt, dann Malware und CCleaner..

Hier nun mein HijackThis Logfile:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:38:24, on 15.01.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe
F:\My Documents\Marwan\Programms\Marwans SpyDoctor\Spyware Doctor\pctsAuxs.exe
F:\My Documents\Marwan\Programms\Marwans SpyDoctor\Spyware Doctor\pctsSvc.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe
C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe
F:\My Documents\Marwan\Programms\Marwans SpyDoctor\Spyware Doctor\pctsTray.exe
C:\Program Files\Lavasoft\Ad-aware 6\Ad-watch.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Marwan\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\TuneUp Utilities 2009\MemOptimizer.exe
F:\My Documents\Marwan\Programms\Marwans SpyBot S&D\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\SEC\Natural Color\NaturalColorLoad.exe
C:\Program Files\USB\USB VoIP Phone\USBPhoneDriver.exe
C:\Program Files\Pinnacle\Shared Files\Programs\PclePvr\VideoControl.exe
C:\Documents and Settings\Marwan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Marwan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
F:\My Documents\Marwan\Programms\Marwans Azureus\Azureus\Azureus.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ch/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://downloads.yahoo.com/internetexplorer/welcome.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
R3 - URLSearchHook: BearShare MediaBar - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - (no file)
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - F:\MYDOCU~1\Marwan\PROGRA~1\MARWAN~1\SPYBOT~1\SDHelper.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: XBTP02634 - {F97DA966-F09D-4cab-BF29-75A0026986EA} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: BearShare MediaBar - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - (no file)
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [PMCRemote] C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe
O4 - HKLM\..\Run: [PMCS] "C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe" -host -clearDebug
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe"
O4 - HKLM\..\Run: [ISTray] "F:\My Documents\Marwan\Programms\Marwans SpyDoctor\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [Ad-watch] "C:\Program Files\Lavasoft\Ad-aware 6\Ad-watch.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Marwan\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2009\MemOptimizer.exe" autostart
O4 - HKCU\..\Run: [SpybotSD TeaTimer] F:\My Documents\Marwan\Programms\Marwans SpyBot S&D\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [] (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [] (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [] (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [] (User 'Default user')
O4 - Global Startup: NaturalColorLoad.lnk = ?
O4 - Global Startup: USBVoIPPhone.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe (file missing)
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - E:\Omar & Youssef\Games\Poker\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - E:\Omar & Youssef\Games\Poker\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - F:\MYDOCU~1\Marwan\PROGRA~1\MARWAN~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - F:\MYDOCU~1\Marwan\PROGRA~1\MARWAN~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {1B9B97D0-C0F4-4045-9B42-50A4535C9041} (WCLoaderCtl Class) - http://download.paltalk.com/wcloader_prod/wcloader.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://egyptian-marwan.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1145681592718
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{CD9C35DB-9D48-4193-923D-A4684DFA35B8}: NameServer = 163.121.128.134,163.121.128.135
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - F:\My Documents\Marwan\Programms\Marwans SpyDoctor\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - F:\My Documents\Marwan\Programms\Marwans SpyDoctor\Spyware Doctor\pctsSvc.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe

--
End of file - 10989 bytes


Thx

Alt 16.01.2009, 13:50   #7
Eminemstyle
 
Viren, Trojaner, Spyware - Standard

Viren, Trojaner, Spyware


Bitte deinstallieren:

Code:
ATTFilter
AdAware 
Spybot 
Spyware Doctor

Es bleiben meistens oder immer Teile von Norton übrig die andere AV-Softwares behinder oder blockieren und den PC verlangsamen, deswegen den Norton Removal.

Dann bitte einen Malwarebytes Scan und danach einen frischen HiJackThis Log.

Alt 16.01.2009, 16:30   #8
Tony_M90
 
Viren, Trojaner, Spyware - Standard

Viren, Trojaner, Spyware


Hi Eminemstyle ..

Ok habe alles deinstalliert und Malwarebytes laufen gelassen -- keine Malwares gefunden ..

Hier nun mein HijackThis Logfile:


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 07:28:51, on 16.01.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
C:\WINDOWS\System32\TUProgSt.exe
c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe
C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Marwan\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\TuneUp Utilities 2009\MemOptimizer.exe
C:\Program Files\SEC\Natural Color\NaturalColorLoad.exe
C:\Program Files\USB\USB VoIP Phone\USBPhoneDriver.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Pinnacle\Shared Files\Programs\PclePvr\VideoControl.exe
F:\My Documents\Marwan\Programms\Marwans Azureus\Azureus\Azureus.exe
C:\Documents and Settings\Marwan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Marwan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\VideoLAN\VLC\vlc.exe
C:\Documents and Settings\Marwan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Marwan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Marwan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ch/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://downloads.yahoo.com/internetexplorer/welcome.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
R3 - URLSearchHook: BearShare MediaBar - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - (no file)
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: XBTP02634 - {F97DA966-F09D-4cab-BF29-75A0026986EA} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: BearShare MediaBar - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - (no file)
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [PMCRemote] C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe
O4 - HKLM\..\Run: [PMCS] "C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe" -host -clearDebug
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Marwan\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2009\MemOptimizer.exe" autostart
O4 - HKUS\S-1-5-19\..\RunOnce: [] (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [] (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [] (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [] (User 'Default user')
O4 - Global Startup: NaturalColorLoad.lnk = ?
O4 - Global Startup: USBVoIPPhone.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe (file missing)
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - E:\Omar & Youssef\Games\Poker\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - E:\Omar & Youssef\Games\Poker\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {1B9B97D0-C0F4-4045-9B42-50A4535C9041} (WCLoaderCtl Class) - http://download.paltalk.com/wcloader_prod/wcloader.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://egyptian-marwan.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1145681592718
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{CD9C35DB-9D48-4193-923D-A4684DFA35B8}: NameServer = 163.121.128.134,163.121.128.135
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe

--
End of file - 9728 bytes


Thx

Lg
Tony

Alt 16.01.2009, 16:52   #9
Eminemstyle
 
Viren, Trojaner, Spyware - Standard

Viren, Trojaner, Spyware


Zitat:
Zitat von Eminemstyle Beitrag anzeigen
Bitte deinstallieren:

Code:
ATTFilter
AdAware 
Spybot 
Spyware Doctor

Es bleiben meistens oder immer Teile von Norton übrig die andere AV-Softwares behinder oder blockieren und den PC verlangsamen, deswegen den Norton Removal.

Dann bitte einen Malwarebytes Scan und danach einen frischen HiJackThis Log.

Hast du das gelesen?

Du solltest den ersten und 3. Abschnitt beachten und befolgen.

Dann mir sagen ob er schneller geworden ist, ob dir irgendwas auffällt ob sich was verändert hat.

Alt 16.01.2009, 17:48   #10
Tony_M90
 
Viren, Trojaner, Spyware - Standard

Viren, Trojaner, Spyware


Was meinst du ??

Ich hab genau das gemacht, was du gesagt hast.

Ich hab Norton mit deinem Removal Tool deinstalliert, hab Adaware, Spybot und Spyware Doctor auch deinstalliert und dann mein HijackThis Logfile gepostet.

Mein PC ist genauso langsam wie früher, hat sich nix geändert.

Könntest du bitte mein HijackThis Logfile anschauen ??


Lg
Tony

Alt 17.01.2009, 15:12   #11
Tony_M90
 
Viren, Trojaner, Spyware - Standard

Viren, Trojaner, Spyware


Hier meinen frischen HijackThis Log:


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 06:10:25, on 17.01.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
C:\WINDOWS\System32\TUProgSt.exe
c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe
C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Marwan\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\TuneUp Utilities 2009\MemOptimizer.exe
C:\Program Files\SEC\Natural Color\NaturalColorLoad.exe
C:\Program Files\USB\USB VoIP Phone\USBPhoneDriver.exe
C:\Program Files\Pinnacle\Shared Files\Programs\PclePvr\VideoControl.exe
C:\WINDOWS\System32\TuneUpDefragService.exe
F:\My Documents\Marwan\Programms\Marwans Azureus\Azureus\Azureus.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\system32\winlogon.exe
C:\Documents and Settings\Marwan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Marwan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Marwan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Marwan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Marwan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\VideoLAN\VLC\vlc.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ch/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://downloads.yahoo.com/internetexplorer/welcome.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
R3 - URLSearchHook: BearShare MediaBar - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - (no file)
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: XBTP02634 - {F97DA966-F09D-4cab-BF29-75A0026986EA} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: BearShare MediaBar - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - (no file)
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [PMCRemote] C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe
O4 - HKLM\..\Run: [PMCS] "C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe" -host -clearDebug
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Marwan\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2009\MemOptimizer.exe" autostart
O4 - HKUS\S-1-5-19\..\RunOnce: [] (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [] (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1960408961-2139871995-839522115-1003\..\Run: [ares] "E:\Marwan\Marwans Prgramms\Marwans Ares\Ares\Ares.exe" -h (User 'Owner')
O4 - HKUS\S-1-5-21-1960408961-2139871995-839522115-1003\..\Run: [VoipBuster] "E:\marwan\marwans prgramms\marwans voipbusters\voipbuster\voipbuster.exe" -nosplash -minimized (User 'Owner')
O4 - HKUS\S-1-5-18\..\RunOnce: [] (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [] (User 'Default user')
O4 - Global Startup: NaturalColorLoad.lnk = ?
O4 - Global Startup: USBVoIPPhone.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe (file missing)
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - E:\Omar & Youssef\Games\Poker\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - E:\Omar & Youssef\Games\Poker\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {1B9B97D0-C0F4-4045-9B42-50A4535C9041} (WCLoaderCtl Class) - http://download.paltalk.com/wcloader_prod/wcloader.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://egyptian-marwan.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1145681592718
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{CD9C35DB-9D48-4193-923D-A4684DFA35B8}: NameServer = 163.121.128.134,163.121.128.135
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe

--
End of file - 10185 bytes


-----------

Thx Leutz

Alt 18.01.2009, 11:56   #12
Eminemstyle
 
Viren, Trojaner, Spyware - Standard

Viren, Trojaner, Spyware


Okay also:

Dann fixen wir Einträge mit HiJackThis (siehe Anleitung http://www.trojaner-board.de/51130-a...ijackthis.html):
Code:
ATTFilter
R3 - URLSearchHook: BearShare MediaBar - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - (no file)

O2 - BHO: XBTP02634 - {F97DA966-F09D-4cab-BF29-75A0026986EA} - (no file)

O3 - Toolbar: BearShare MediaBar - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - (no file)

O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)

O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe (file missing)

O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - E:\Omar & Youssef\Games\Poker\PartyPoker\RunApp.exe (file missing)

O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - E:\Omar & Youssef\Games\Poker\PartyPoker\RunApp.exe (file missing)

Folgende Dateien bei VirusTotal - Free Online Virus and Malware Scan
Code:
ATTFilter
C:\WINDOWS\system32\userinit.exe

GMER - Rootkit Detection
  • Lade GMER von hier
  • entpacke es auf den Dektop
  • Doppelklick auf gmer.exe
  • Der Reiter Rootkit oben ist schon angewählt
  • Drücke Scan, Der Vorgang kann je nach System 3 - 10min dauern
  • nach Beendigung des Scan, drücke "Copy"
  • nun kannst Du das Ergebnis hier einfügen. Sollte das Log zu lang sein, dann lade es bei einem Filehoster wie z.B. File-Upload.net hoch und poste den Link.
  • Sollte GMER sagen "Gmer hasen´t found any System Modifikation", so hat GMER keine Einträge gefunden.


Dann bitte einen Scan mit Blacklight und Log posten.

Dann einen SUPERAntiSpyware Scan und entstandenen Log posten.


Dann einen neuen HijackThis Log.
__________________
Die Ärzte - Deine Schuld

Es ist nicht deine Schuld, dass die Welt ist, wie sie ist
Es wär nur deine Schuld, wenn sie so bleibt
Weil jeder, der die Welt nicht ändern will
Ihr Todesurteil unterschreibt

Alt 18.01.2009, 15:41   #13
Tony_M90
 
Viren, Trojaner, Spyware - Standard

Viren, Trojaner, Spyware


Hi Eminemstyle ..

Erstens mal danke sehr für dein Bemühen und deine Hilfe..

Hier erstens mal die Ergebnisse aus dem VirusTotal Scan:

Die Datei wurde bereits analysiert:
MD5: a93aee1928a9d7ce3e16d24ec7380f89
First received: -
Datum 2009.01.18 09:40:07 (CET) [<1D]
Ergebnisse 0/38
Permalink: analisis/c48331caaeeec6de65b58780460b74a7

Alt 18.01.2009, 16:01   #14
Eminemstyle
 
Viren, Trojaner, Spyware - Standard

Viren, Trojaner, Spyware


Okay dann weiter
__________________
Die Ärzte - Deine Schuld

Es ist nicht deine Schuld, dass die Welt ist, wie sie ist
Es wär nur deine Schuld, wenn sie so bleibt
Weil jeder, der die Welt nicht ändern will
Ihr Todesurteil unterschreibt

Alt 18.01.2009, 16:13   #15
Tony_M90
 
Viren, Trojaner, Spyware - Standard

Viren, Trojaner, Spyware


Jetzt mein GMER Log (Ich habe alle Harddrives gescant):


GMER 1.0.14.14536 - http://www.gmer.net
Rootkit scan 2009-01-18 07:10:36
Windows 5.1.2600 Service Pack 3


---- System - GMER 1.0.14 ----

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwAdjustPrivilegesToken [0xB9A80224]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwClose [0xB9A807F8]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwConnectPort [0xB9A82234]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwCreateFile [0xB9A81BE6]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwCreateKey [0xB9A7F99A]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwCreateSymbolicLinkObject [0xB9A83BC6]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwCreateThread [0xB9A805F8]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwDeleteKey [0xB9A7FDDC]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwDeleteValueKey [0xB9A7FFDC]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwDeviceIoControlFile [0xB9A81EF6]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwDuplicateObject [0xB9A840CE]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwEnumerateKey [0xB9A800F2]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwEnumerateValueKey [0xB9A8015A]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwFsControlFile [0xB9A81DA8]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwLoadDriver [0xB9A8366A]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwOpenFile [0xB9A81A42]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwOpenKey [0xB9A7FAFC]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwOpenProcess [0xB9A803FC]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwOpenSection [0xB9A83BF0]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwOpenThread [0xB9A80348]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwQueryKey [0xB9A801C2]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwQueryMultipleValueKey [0xB9A7FEC6]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwQueryValueKey [0xB9A7FCA4]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwQueueApcThread [0xB9A838D2]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwReplaceKey [0xB9A7F61C]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwRequestWaitReplyPort [0xB9A82ABE]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwRestoreKey [0xB9A7F77E]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwResumeThread [0xB9A83FA0]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwSaveKey [0xB9A7F41A]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwSecureConnectPort [0xB9A820D6]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwSetContextThread [0xB9A806F6]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwSetSecurityObject [0xB9A83764]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwSetSystemInformation [0xB9A83C1A]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwSetValueKey [0xB9A7FB52]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwSuspendProcess [0xB9A83CFE]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwSuspendThread [0xB9A83E2A]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwSystemDebugControl [0xB9A83596]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwTerminateProcess [0xB9A804C8]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) ZwWriteVirtualMemory [0xB9A8053A]

Code \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) FsRtlCheckLockForReadAccess
Code \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab) IoIsOperationSynchronous

---- Kernel code sections - GMER 1.0.14 ----

.text ntkrnlpa.exe!FsRtlCheckLockForReadAccess 804EAF84 5 Bytes JMP B9A97874 \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab)
.text ntkrnlpa.exe!IoIsOperationSynchronous 804EF912 5 Bytes JMP B9A97C2E \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter fre_wnet_x86/Kaspersky Lab)
.text ntkrnlpa.exe!ZwCallbackReturn + 2FB8 80504854 12 Bytes [ FE, 3C, A8, B9, 2A, 3E, A8, ... ]

---- User code sections - GMER 1.0.14 ----

.text C:\Documents and Settings\Marwan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[432] ntdll.dll!NtCreateFile + 6 7C90D096 4 Bytes [ 25, 00, 16, 00 ]
.text C:\Documents and Settings\Marwan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[432] ntdll.dll!NtCreateFile + B 7C90D09B 1 Byte [ E2 ]
.text C:\Documents and Settings\Marwan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[432] ntdll.dll!NtOpenFile + 6 7C90D586 4 Bytes [ 65, 00, 16, 00 ]
.text C:\Documents and Settings\Marwan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[432] ntdll.dll!NtOpenFile + B 7C90D58B 1 Byte [ E2 ]
.text C:\Documents and Settings\Marwan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[432] ntdll.dll!NtOpenProcess + 6 7C90D5E6 4 Bytes [ A5, 01, 16, 00 ]
.text C:\Documents and Settings\Marwan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[432] ntdll.dll!NtOpenProcess + B 7C90D5EB 1 Byte [ E2 ]
.text C:\Documents and Settings\Marwan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[432] ntdll.dll!NtOpenProcessToken + 6 7C90D5F6 4 Bytes [ E5, 01, 16, 00 ]
.text C:\Documents and Settings\Marwan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[432] ntdll.dll!NtOpenProcessToken + B 7C90D5FB 1 Byte [ E2 ]
.text C:\Documents and Settings\Marwan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[432] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D606 4 Bytes [ A5, 02, 16, 00 ]
.text C:\Documents and Settings\Marwan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[432] ntdll.dll!NtOpenProcessTokenEx + B 7C90D60B 1 Byte [ E2 ]
.text C:\Documents and Settings\Marwan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[432] ntdll.dll!NtOpenThread + 6 7C90D646 4 Bytes [ 65, 01, 16, 00 ]
.text C:\Documents and Settings\Marwan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[432] ntdll.dll!NtOpenThread + B 7C90D64B 1 Byte [ E2 ]
.text C:\Documents and Settings\Marwan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[432] ntdll.dll!NtOpenThreadToken + 6 7C90D656 4 Bytes [ 65, 02, 16, 00 ]
.text C:\Documents and Settings\Marwan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[432] ntdll.dll!NtOpenThreadToken + B 7C90D65B 1 Byte [ E2 ]
.text C:\Documents and Settings\Marwan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[432] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D666 4 Bytes [ E5, 02, 16, 00 ]
.text C:\Documents and Settings\Marwan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[432] ntdll.dll!NtOpenThreadTokenEx + B 7C90D66B 1 Byte [ E2 ]
.text C:\Documents and Settings\Marwan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[432] ntdll.dll!NtQueryAttributesFile + 6 7C90D6F6 4 Bytes [ A5, 00, 16, 00 ]
.text C:\Documents and Settings\Marwan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[432] ntdll.dll!NtQueryAttributesFile + B 7C90D6FB 1 Byte [ E2 ]
.text C:\Documents and Settings\Marwan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[432] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D796 4 Bytes [ E5, 00, 16, 00 ]
.text C:\Documents and Settings\Marwan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[432] ntdll.dll!NtQueryFullAttributesFile + B 7C90D79B 1 Byte [ E2 ]
.text C:\Documents and Settings\Marwan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[432] ntdll.dll!NtSetInformationFile + 6 7C90DC46 4 Bytes [ 25, 01, 16, 00 ]
.text C:\Documents and Settings\Marwan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[432] ntdll.dll!NtSetInformationFile + B 7C90DC4B 1 Byte [ E2 ]
.text C:\Documents and Settings\Marwan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[432] ntdll.dll!NtSetInformationThread + 6 7C90DC96 4 Bytes [ 25, 02, 16, 00 ]
.text C:\Documents and Settings\Marwan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[432] ntdll.dll!NtSetInformationThread + B 7C90DC9B 1 Byte [ E2 ]
? C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe[1652] C:\WINDOWS\system32\kernel32.dll time/date stamp mismatch;
.text C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe[1652] USER32.dll!AlignRects + FFFA5598 7E412A78 4 Bytes [ 70, 11, 41, 6D ]
.text C:\Documents and Settings\Marwan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1884] ntdll.dll!NtCreateFile + 6 7C90D096 4 Bytes [ 25, 00, 16, 00 ]
.text C:\Documents and Settings\Marwan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1884] ntdll.dll!NtCreateFile + B 7C90D09B 1 Byte [ E2 ]
.text C:\Documents and Settings\Marwan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1884] ntdll.dll!NtOpenFile + 6 7C90D586 4 Bytes [ 65, 00, 16, 00 ]
.text C:\Documents and Settings\Marwan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1884] ntdll.dll!NtOpenFile + B 7C90D58B 1 Byte [ E2 ]
.text C:\Documents and Settings\Marwan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1884] ntdll.dll!NtOpenProcess + 6 7C90D5E6 4 Bytes [ A5, 01, 16, 00 ]
.text C:\Documents and Settings\Marwan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1884] ntdll.dll!NtOpenProcess + B 7C90D5EB 1 Byte [ E2 ]
.text C:\Documents and Settings\Marwan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1884] ntdll.dll!NtOpenProcessToken + 6 7C90D5F6 4 Bytes [ E5, 01, 16, 00 ]
.text C:\Documents and Settings\Marwan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1884] ntdll.dll!NtOpenProcessToken + B 7C90D5FB 1 Byte [ E2 ]
.text C:\Documents and Settings\Marwan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1884] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D606 4 Bytes [ A5, 02, 16, 00 ]
.text C:\Documents and Settings\Marwan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1884] ntdll.dll!NtOpenProcessTokenEx + B 7C90D60B 1 Byte [ E2 ]
.text C:\Documents and Settings\Marwan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1884] ntdll.dll!NtOpenThread + 6 7C90D646 4 Bytes [ 65, 01, 16, 00 ]
.text C:\Documents and Settings\Marwan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1884] ntdll.dll!NtOpenThread + B 7C90D64B 1 Byte [ E2 ]
.text C:\Documents and Settings\Marwan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1884] ntdll.dll!NtOpenThreadToken + 6 7C90D656 4 Bytes [ 65, 02, 16, 00 ]
.text C:\Documents and Settings\Marwan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1884] ntdll.dll!NtOpenThreadToken + B 7C90D65B 1 Byte [ E2 ]
.text C:\Documents and Settings\Marwan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1884] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D666 4 Bytes [ E5, 02, 16, 00 ]
.text C:\Documents and Settings\Marwan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1884] ntdll.dll!NtOpenThreadTokenEx + B 7C90D66B 1 Byte [ E2 ]
.text C:\Documents and Settings\Marwan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1884] ntdll.dll!NtQueryAttributesFile + 6 7C90D6F6 4 Bytes [ A5, 00, 16, 00 ]
.text C:\Documents and Settings\Marwan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1884] ntdll.dll!NtQueryAttributesFile + B 7C90D6FB 1 Byte [ E2 ]
.text C:\Documents and Settings\Marwan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1884] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D796 4 Bytes [ E5, 00, 16, 00 ]
.text C:\Documents and Settings\Marwan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1884] ntdll.dll!NtQueryFullAttributesFile + B 7C90D79B 1 Byte [ E2 ]
.text C:\Documents and Settings\Marwan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1884] ntdll.dll!NtSetInformationFile + 6 7C90DC46 4 Bytes [ 25, 01, 16, 00 ]
.text C:\Documents and Settings\Marwan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1884] ntdll.dll!NtSetInformationFile + B 7C90DC4B 1 Byte [ E2 ]
.text C:\Documents and Settings\Marwan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1884] ntdll.dll!NtSetInformationThread + 6 7C90DC96 4 Bytes [ 25, 02, 16, 00 ]
.text C:\Documents and Settings\Marwan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1884] ntdll.dll!NtSetInformationThread + B 7C90DC9B 1 Byte [ E2 ]
? C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe[2892] C:\WINDOWS\system32\kernel32.dll time/date stamp mismatch;
.text C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe[2892] USER32.dll!AlignRects + FFFA5598 7E412A78 4 Bytes [ 70, 11, 41, 6D ]
.text C:\Program Files\MSN Messenger\MsnMsgr.Exe[2960] kernel32.dll!SetUnhandledExceptionFilter 7C8449FD 5 Bytes JMP 004DE392 C:\Program Files\MSN Messenger\MsnMsgr.Exe (Messenger/Microsoft Corporation)
.text C:\Documents and Settings\Marwan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3752] ntdll.dll!NtCreateFile + 6 7C90D096 4 Bytes [ 25, 00, 16, 00 ]
.text C:\Documents and Settings\Marwan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3752] ntdll.dll!NtCreateFile + B 7C90D09B 1 Byte [ E2 ]
.text C:\Documents and Settings\Marwan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3752] ntdll.dll!NtOpenFile + 6 7C90D586 4 Bytes [ 65, 00, 16, 00 ]
.text C:\Documents and Settings\Marwan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3752] ntdll.dll!NtOpenFile + B 7C90D58B 1 Byte [ E2 ]
.text C:\Documents and Settings\Marwan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3752] ntdll.dll!NtOpenProcess + 6 7C90D5E6 4 Bytes [ A5, 01, 16, 00 ]
.text C:\Documents and Settings\Marwan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3752] ntdll.dll!NtOpenProcess + B 7C90D5EB 1 Byte [ E2 ]
.text

Antwort
Seite 1 von 4 1 23 Letzte »

Themen zu Viren, Trojaner, Spyware
?????, adaware, antivirus, antivirus programme, avira, computer, dateien, infizierte, infizierte dateien, installiert, interne, internet, kaspersky, langsam, leute, malwarebytes, nicht mehr, norton, pcs, programme, spybot, spyware, spyware doctor, stocken, trojaner, videos, viren


« trojaner "Win32:Trojan-Gen {other}" entfernen | RON ads by bluskyadagency »


Ähnliche Themen: Viren, Trojaner, Spyware


  1. Empfehlungen welches Viren Spyware und Trojaner Programm geniesst Euer grösstes Vertrauen ?
    Antiviren-, Firewall- und andere Schutzprogramme - 07.05.2015 (58)
  2. Mögliche Spyware/Viren
    Plagegeister aller Art und deren Bekämpfung - 10.10.2014 (7)
  3. Viren,Trojaner,Spyware,System Progressive Protectin blockiert alles....Abzocke?
    Log-Analyse und Auswertung - 17.11.2012 (47)
  4. Kann sich jmnd mein log file anschauen ob viren trojaner oder spyware drauf ist ?
    Log-Analyse und Auswertung - 28.09.2010 (1)
  5. Verdacht auf Spyware/Viren (HiJackThis Log)
    Log-Analyse und Auswertung - 10.12.2009 (1)
  6. Spyware/Viren auf mac?
    Mülltonne - 10.10.2008 (0)
  7. Viren-/Spyware -Scanner im DOS gesucht
    Antiviren-, Firewall- und andere Schutzprogramme - 10.10.2008 (1)
  8. HILFE wegen massiven Viren, Spyware, Trojaner
    Log-Analyse und Auswertung - 18.07.2008 (34)
  9. Viren und Spyware?!
    Mülltonne - 10.06.2008 (0)
  10. Brauche Hilfe bei mehrere Viren, Trojaner oder Spyware
    Plagegeister aller Art und deren Bekämpfung - 21.04.2008 (24)
  11. 9 Viren gefunden (Trojaner,Spyware,Adware) - Kriege sie nicht weg!
    Plagegeister aller Art und deren Bekämpfung - 24.03.2008 (9)
  12. Windows Xp - Viren & Spyware verseucht ?
    Plagegeister aller Art und deren Bekämpfung - 03.01.2008 (13)
  13. laut Spyware Doctor 6 Viren!
    Log-Analyse und Auswertung - 13.10.2006 (3)
  14. Probleme mit Computer seit Neuinstallation (Viren,Trojaner und Spyware)
    Plagegeister aller Art und deren Bekämpfung - 12.08.2006 (2)
  15. Viren?SpyWare?Keine Ahnung!
    Log-Analyse und Auswertung - 04.06.2006 (15)
  16. Spyware / Viren - searchexe,bearshare, u.a.
    Log-Analyse und Auswertung - 29.10.2005 (8)
  17. HILFE: Immer Abstürz während Viren(Spyware-, Trojaner-, etc...)Scan!
    Plagegeister aller Art und deren Bekämpfung - 10.08.2004 (16)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Viren, Trojaner, Spyware - Hi Leute ... Mein Computer ist in letzter Zeit unglaublich langsam geworden. Ich habe mehrere Antivirus Programme installiert (Kaspersky, Norton, Avira, Spyware Doctor, Malwarebytes, Spybot, Adaware) und damit über 4000 - Viren, Trojaner, Spyware...
Archiv
Du betrachtest: Viren, Trojaner, Spyware auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55