| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: System infizert gewesen - wieder sauber?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
18.04.2009, 17:53
| #16 |
  |  System infizert gewesen - wieder sauber? Und bitte noch die Uninstall List, wie es geht steht unten beschrieben 
__________________ Avira Upgrade 10 ist auf dem Markt! Agressive Einstellung von Avira What goes around comes around!  |
|
18.04.2009, 17:56
| #17 |
 | System infizert gewesen - wieder sauber? log teil 3:
__________________Code:
ATTFilter
---\\ Derniers fichiers modifiés ou crées sous System32 (O44)
O44 - LFC:Last File Created - C:\WINDOWS\System32\advapi32.dll -->09.02.2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\advpack.dll -->20.02.2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\ativvaxx.cap -->18.04.2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\CmdLineExt.dll -->24.03.2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\dxtmsft.dll -->20.02.2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\dxtrans.dll -->20.02.2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\extmgr.dll -->20.02.2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\FNTCACHE.DAT -->18.04.2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\html.iec -->20.02.2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\icardie.dll -->20.02.2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\ie4uinit.exe -->20.02.2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\ieakeng.dll -->20.02.2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\ieaksie.dll -->20.02.2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\ieakui.dll -->20.02.2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\ieapfltr.dll -->20.02.2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\iedkcs32.dll -->20.02.2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\ieencode.dll -->20.02.2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\ieframe.dll -->20.02.2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\iernonce.dll -->20.02.2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\iertutil.dll -->20.02.2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\ieudinit.exe -->20.02.2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\inetcpl.cpl -->20.02.2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\jsproxy.dll -->20.02.2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\kernel32.dll -->21.03.2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\lsasrv.dll -->09.02.2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\msfeeds.dll -->20.02.2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\msfeedsbs.dll -->20.02.2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\mshtml.dll -->20.02.2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\mshtmled.dll -->20.02.2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\msrating.dll -->20.02.2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\mstime.dll -->20.02.2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\ntdll.dll -->09.02.2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\ntkrnlpa.exe -->09.02.2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\ntoskrnl.exe -->09.02.2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\occache.dll -->20.02.2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\OpenAL32.dll -->04.04.2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\pdh.dll -->06.03.2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\perfc007.dat -->18.04.2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\perfc009.dat -->18.04.2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\perfh007.dat -->18.04.2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\perfh009.dat -->18.04.2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\PerfStringBackup.INI -->18.04.2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\pngfilt.dll -->20.02.2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\rpcss.dll -->09.02.2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\sc.exe -->06.02.2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\secur32.dll -->03.02.2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\services.exe -->09.02.2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\spupdwxp.log -->18.04.2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\TZLog.log -->23.01.2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\url.dll -->20.02.2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\urlmon.dll -->20.02.2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\webcheck.dll -->20.02.2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\win32k.sys -->09.02.2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\wininet.dll -->03.03.2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\wpa.dbl -->18.04.2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\wrap_oal.dll -->04.04.2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\drivers\hamachi.sys -->17.04.2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\drivers\mbam.sys -->06.04.2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\drivers\mbamswissarmy.sys -->06.04.2009
---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ALAUNCH.EXE-145B15F4.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ALCMTR.EXE-01A7139B.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ALG.EXE-275708CF.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\APPLESYNCNOTIFIER.EXE-2C481DCB.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ATTRIB.CFEXE-119E0ED3.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ATTRIB.EXE-15ACDFFE.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\AUPDATE.EXE-3712CED8.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\AVGNT.EXE-1A8D43C9.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\AVWSC.EXE-100E7505.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\AXCMD.EXE-12E2DF53.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\BLASTCLN.EXE-32F30471.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CASPOL.EXE-25914F74.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CATCHME.CFEXE-20352551.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CATCHME.TMP-1C9402FA.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CCC.EXE-2F3357A9.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CCLEANER.EXE-17ADB38C.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CF11851.EXE-04D5578B.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CHCP.COM-17EDBDC9.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CLISTART.EXE-3AF3AA34.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CMD.EXE-034B0549.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CMD.EXECF-04239AFE.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\COMBOFIX-DOWNLOAD.CFEXE-0504F612.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\COMBOFIX.EXE-2A180FB9.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CSCRIPT.EXE-0A13A05C.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CTFMON.EXE-05E57A5E.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DUMPHIVE.CFEXE-04BE9822.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\EHTRAY.EXE-337AC592.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ERUNT.CFEXE-03BA0C46.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\EXPLORER.EXE-02121B1A.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\FINDSTR.CFEXE-27467DCB.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\FINDSTR.EXE-1A4FC238.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\FIREFOX.EXE-28BE8AE1.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\GOOGLETOOLBARNOTIFIER.EXE-31A6BBAB.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\GREP.CFEXE-25FF7687.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\GREP.CFEXE-2C6C0099.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\GRPCONV.EXE-375690AD.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\GSAR.CFEXE-093F9079.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\GSAR.CFEXE-2D1F6459.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\HANDLE.CFEXE-060063D0.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\HIDEC.EXE-110154A1.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\HIDEC.EXE-2888B6D9.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\HIJACKTHIS.EXE-3643707F.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ICQ.EXE-09964922.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\IEXPLORE.EXE-360BBB5C.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\IMAPI.EXE-201490BB.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\IMEKRMIG.EXE-227C14E9.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\IMJPMIG.EXE-32ABEE9A.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\IMSCINST.EXE-2B626103.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\IPCONFIG.EXE-05D7908C.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\IPODSERVICE.EXE-07892C80.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ITUNESHELPER.EXE-1CC2818B.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\JUSCHED.EXE-35967D1E.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\LANGUAGE.EXE-0C543E78.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\LOGAGENT.EXE-2BE87CC2.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\LUCOMS~1.EXE-1DF6F3E9.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MOFCOMP.EXE-266B2314.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MOM.EXE-33BF1D10.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MSDTC.EXE-1D9D8668.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MTEE.CFEXE-283D2AF9.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\N.COM-1420D574.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\NGEN.EXE-0FE278E5.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\NIRCMD.CFEXE-00BC64DF.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\NIRCMD.COM-104AA346.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\NIRCMD.EXE-3789D3CC.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\NIRCMDC.CFEXE-2F2E2424.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\NOTEPAD.EXE-2F2D61E1.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\NTIMUI.EXE-13A6CF51.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\NTOSBOOT-B00DFAAD.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\NWIZ.EXE-2D374245.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\PDVDSERV.EXE-19072CB6.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\PEV.CFEXE-017E8F57.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\PING.EXE-30F9CA9D.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\PV.CFEXE-06AB029F.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\PV.CFEXE-0D4977C3.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\QTTASK.EXE-0C419446.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\READER_SL.EXE-15061EEE.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\REALSCHED.EXE-0C8249C8.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\REG.EXE-07FA5B3F.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\REGCURE.EXE-03CAE3EE.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\REGEDIT.EXE-2AE3423E.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\REGSVR32.EXE-396DEA2C.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\REGT.CFEXE-30684912.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RTHDCPL.EXE-005A6E31.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-3CADD0BA.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-3CAE7316.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-3DD6937A.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-4853FA67.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-4D5D6CC3.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-5560CAC5.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-5E6ADB37.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-6A09524A.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-6ACD0C83.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNONCE.EXE-01CA3A2F.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SEAMON~1.EXE-095B4DC8.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SED.CFEXE-019B7AC0.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SED.CFEXE-3B25863A.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SED.EXE-1EFB2ADD.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SETUP50.EXE-0177D3B8.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SHMGRATE.EXE-2DD3E4D8.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SKYPE.EXE-0D322358.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SKYPEPM.EXE-1D416A14.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SKYTEL.EXE-15B3DBDE.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SOFFICE.BIN-063C249E.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SOFFICE.EXE-0E2BB9C5.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SORT.EXE-19728AC5.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SPNPINST.EXE-098364FC.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SPUPDSVC.EXE-07BA1E73.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SPUPDWXP.EXE-290B02C1.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\STEAM.EXE-25A9EDD7.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SWREG.CFEXE-19E71DFD.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SWREG.EXE-20DD5B9B.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SWREG.EXE-2E6304DD.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SWSC.CFEXE-0736E034.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SWSC.EXE-2E4EECB7.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\TASKMGR.EXE-06144C13.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\TINTSETP.EXE-2DD83AEF.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\UNREGMP2.EXE-0CFB0619.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\UNZIP.CFEXE-160CE8D0.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\USERINIT.EXE-0743FDA9.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\VFIND.EXE-1922F79E.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WINRAR.EXE-1A0EFB18.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WMIADAP.EXE-32F99497.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WMIPRVSE.EXE-0D449B4F.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WSCNTFY.EXE-0B14C27D.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WUAUCLT.EXE-1360D60A.pf -->18.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ZHPDIAG.EXE-29028029.pf -->18.04.2009
---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll
O46 - SEH:ShellExecuteHooks - SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Programme\SUPERAntiSpyware\SASSEH.DLL
---\\ Export de clé d'application autorisée (O47)
O47 - AAKE:Key Export - "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
O47 - AAKE:Key Export - "C:\Programme\Steam\steamapps\ander1992\counter-strike source\hl2.exe"="C:\Programme\Steam\steamapps\ander1992\counter-strike source\hl2.exe:*:Enabled:hl2"
O47 - AAKE:Key Export - "C:\Programme\Gemeinsame Dateien\aol\System Information\sinf.exe"="C:\Programme\Gemeinsame Dateien\aol\System Information\sinf.exe:*:Enabled:AOL System Information"
O47 - AAKE:Key Export - "C:\Programme\ICQ6\ICQ.exe"="C:\Programme\ICQ6\ICQ.exe:*:Enabled:ICQ6"
O47 - AAKE:Key Export - "C:\Programme\Steam\Steam.exe"="C:\Programme\Steam\Steam.exe:*:Enabled:Steam"
O47 - AAKE:Key Export - "C:\Programme\BitTorrent\bittorrent.exe"="C:\Programme\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
O47 - AAKE:Key Export - "C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
O47 - AAKE:Key Export - "C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
O47 - AAKE:Key Export - "C:\Programme\Veoh Networks\Veoh\VeohClient.exe"="C:\Programme\Veoh Networks\Veoh\VeohClient.exe:*:Enabled:Veoh Client"
O47 - AAKE:Key Export - "C:\Programme\mIRC\mirc.exe"="C:\Programme\mIRC\mirc.exe:*:Enabled:mIRC"
O47 - AAKE:Key Export - "D:\Programme\World In Conflict\wic.exe"="D:\Programme\World In Conflict\wic.exe:*:Enabled:WORLD IN CONFLICT"
O47 - AAKE:Key Export - "D:\Programme\World In Conflict\wic_online.exe"="D:\Programme\World In Conflict\wic_online.exe:*:Enabled:WORLD IN CONFLICT - Nur Online"
O47 - AAKE:Key Export - "D:\Programme\World In Conflict\wic_ds.exe"="D:\Programme\World In Conflict\wic_ds.exe:*:Enabled:WORLD IN CONFLICT - Dedizierter Server"
O47 - AAKE:Key Export - "D:\Programme\World of Warcraft\WoW-1.12.0-deDE-downloader.exe"="D:\Programme\World of Warcraft\WoW-1.12.0-deDE-downloader.exe:*:Enabled:Blizzard Downloader"
O47 - AAKE:Key Export - "C:\Programme\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"="C:\Programme\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:*:Enabled:Veoh Web Player "
O47 - AAKE:Key Export - "C:\Programme\THQ\Gas Powered Games\Supreme Commander - Forged Alliance\bin\ForgedAlliance.exe"="C:\Programme\THQ\Gas Powered Games\Supreme Commander - Forged Alliance\bin\ForgedAlliance.exe:*:Enabled:Supreme Commander - Forged Alliance"
O47 - AAKE:Key Export - "C:\Programme\THQ\Gas Powered Games\GPGNet\GPG.Multiplayer.Client.exe"="C:\Programme\THQ\Gas Powered Games\GPGNet\GPG.Multiplayer.Client.exe:*:Enabled:GPGNet - Supreme Commander - Forged Alliance"
O47 - AAKE:Key Export - "C:\Programme\Steam\steamapps\common\empire total war\Empire.exe"="C:\Programme\Steam\steamapps\common\empire total war\Empire.exe:*:Enabled:Empire: Total War"
O47 - AAKE:Key Export - "C:\Programme\Bonjour\mDNSResponder.exe"="C:\Programme\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
O47 - AAKE:Key Export - "C:\Programme\iTunes\iTunes.exe"="C:\Programme\iTunes\iTunes.exe:*:Enabled:iTunes"
O47 - AAKE:Key Export - "D:\Programme\KAL\kaneandlynch.exe"="D:\Programme\KAL\kaneandlynch.exe:*:Enabled:Kane & Lynch: Dead Men"
O47 - AAKE:Key Export - "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
O47 - AAKE:Key Export - "C:\Programme\Skype\Phone\Skype.exe"="C:\Programme\Skype\Phone\Skype.exe:*:Enabled:Skype"
O47 - AAKE:Key Export - "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
O47 - AAKE:Key Export - "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
---\\ Déni du service LSA (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages - C:\WINDOWS\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages - C:\WINDOWS\System32\scecli.dll
|
|
18.04.2009, 17:57
| #18 |
| | System infizert gewesen - wieder sauber? so log teil 4:
__________________Code:
ATTFilter ---\\ Contrôle du Safe Boot (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nm.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\nm.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\nm.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\rdpdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\vgasave.sys
---\\ Image File Execution Options (IFEO) (O50)
O50 - IEFO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
---\\ MountPoints2 Shell Key (MPKS) (O51)
O51 - MPSK:{edfacba6-1c1c-11dd-9231-00038a000015}\Shell\AutoRun\command - K:\SETUP.EXE
---\\ Trojan Driver Search Data (TDSD) (O52)
O52 - TDSD:HKLM\...\Drivers\"timer"="timer.drv"
O52 - TDSD:HKLM\...\Drivers32\"midimapper"="midimap.dll"
O52 - TDSD:HKLM\...\Drivers32\"msacm.imaadpcm"="imaadp32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msadpcm"="msadp32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msg711"="msg711.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msgsm610"="msgsm32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.trspch"="tssoft32.acm"
O52 - TDSD:HKLM\...\Drivers32\"vidc.cvid"="iccvid.dll"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.I420"="msh263.drv"
O52 - TDSD:HKLM\...\Drivers32\"vidc.iv31"="ir32_32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.iv32"="ir32_32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.iv41"="ir41_32.ax"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.IYUV"="iyuv_32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.mrle"="msrle32.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.msvc"="msvidc32.dll"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.UYVY"="msyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.YUY2"="msyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.YVU9"="tsbyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.YVYU"="msyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"wavemapper"="msacm32.drv"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msg723"="msg723.acm"
O52 - TDSD:HKLM\...\Drivers32\"vidc.M263"="msh263.drv"
O52 - TDSD:HKLM\...\Drivers32\"vidc.M261"="msh261.drv"
O52 - TDSD:HKLM\...\Drivers32\"msacm.msaudio1"="msaud32.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.sl_anet"="sl_anet.acm"
O52 - TDSD:HKLM\...\Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax"
O52 - TDSD:HKLM\...\Drivers32\"vidc.iv50"="ir50_32.dll"
O52 - TDSD:HKLM\...\Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm"
O52 - TDSD:HKLM\...\Drivers32\"wave"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"midi"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"mixer"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"aux"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"MSVideo8"="VfWWDM32.dll"
O52 - TDSD:HKLM\...\Drivers32\"msacm.lhacm"="lhacm.acm"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.FPS1"="frapsvid.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.DIVX"="DivX.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.yv12"="yv12vfw.dll"
O52 - TDSD:HKLM\...\Drivers32\"wave1"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"mixer1"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.MPG4"="mpg4c32.dll"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.MP42"="mpg4c32.dll"
End of the scan:
|
|
18.04.2009, 17:58
| #19 |
| | System infizert gewesen - wieder sauber? so jetzt die uninstall liste Code:
ATTFilter
AC3Filter (remove only)
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Premiere Pro 1.5 Tryout
Adobe Reader 8.1.3
afreeCodecVT 1.1.52
AGEIA PhysX v7.11.13
Alive Video Converter (version 3.2.0.8)
Apple Mobile Device Support
Apple Software Update
ATI - Software Uninstall Utility
ATI Catalyst Control Center
ATI Display Driver
Avira AntiVir Personal - Free Antivirus
AVS Video Converter 6
AVS4YOU Software Navigator 1.3
BitTorrent 5.0.9
Blender (remove only)
Bonjour
Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch
Call of Juarez
Catalyst Control Center - Branding
CCleaner (remove only)
Celtx (1.0)
commercial
Company of Heroes
Counter-Strike: Source
DivX Codec
DivX Converter
DivX Player
DivX Web Player
DV Capture 1.0
DVD Suite
EAX Unified
EAX4 Unified Redist
Empire: Total War
Eternal Silence
EVEREST Home Edition v2.20
Fahrenheit
Fallout 3
FileZilla Client 3.0.10
Firebird SQL Server - MAGIX Edition
Free Video Converter V 1.2
Fuzzelcheck Version 2.22
Game Cam
Game Cam v1.4
GameTap
GAMI (Gta-Action Mod-Installer)
GemMaster Mystic
GIMP 2.6.4
Google Earth
Google Toolbar for Internet Explorer
Google Toolbar for Internet Explorer
Gothic
GPGNet
Half-Life 2
Hamachi 1.0.3.0
High Definition Audio Driver Package - KB888111
HijackThis 2.0.2
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 10 (KB903157)
Hotfix für Windows Media Player 11 (KB939683)
Hotfix für Windows XP (KB952287)
ICQ6
IsoBuster 2.4
iTunes
Java(TM) 6 Update 3
Java(TM) 6 Update 5
Kane and Lynch: Dead Men
LeechFTP
LiveUpdate 3.2 (Symantec Corporation)
Logitech Gaming Software 5.02
MAGIX Music Maker 15 Trial 15.0.1.5 (D)
MAGIX Screenshare 4.3.6.1987 (D)
Malwarebytes' Anti-Malware
Metaboli Player
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 German Language Pack
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0 Service Pack 1
Microsoft .NET Framework 3.0
Microsoft .NET Framework 3.0
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Games for Windows - LIVE
Microsoft Games for Windows - LIVE Redistributable
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual J# 2.0 Redistributable Package
Microsoft Works
mIRC
MobileMe Control Panel
MonkeyJam 3_050529
Mozilla (1.7.13)
Mozilla Firefox (3.0.8)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 6 Service Pack 2 (KB954459)
My Personal Translator 1.46
N Schach 3
Nero 8 Lite 8.3.2.1
neroxml
NTI Backup NOW! 4
NTI CD & DVD-Maker
Numedia CD-DVD writing as non-admin user
NVIDIA Drivers
OCA Client history tool install
OpenAL
OpenOffice.org 2.3
Painter
PCFriendly
Phase 5 HTML-Editor
Phase 5 HTML-Editor
phase5
Portal: The First Slice
PowerDVD
PowerProducer
Python 2.6
QuickTime
ratDVD 0.78.1444
Real Alternative 1.8.0
RealPlayer
Realtek High Definition Audio Driver
REAPER
RegCure 1.5.0.1
Safari
SeaMonkey (1.1.14)
SecurDisc Viewer
Sicherheitsupdate für Step by Step Interactive Training (KB898458)
Sicherheitsupdate für Windows Internet Explorer 7 (KB958215)
Sicherheitsupdate für Windows Internet Explorer 7 (KB960714)
Sicherheitsupdate für Windows Internet Explorer 7 (KB961260)
Sicherheitsupdate für Windows Internet Explorer 7 (KB963027)
Sicherheitsupdate für Windows Media Player (KB952069)
Sicherheitsupdate für Windows Media Player 10 (KB911565)
Sicherheitsupdate für Windows Media Player 10 (KB917734)
Sicherheitsupdate für Windows Media Player 10 (KB936782)
Sicherheitsupdate für Windows Media Player 11 (KB936782)
Sicherheitsupdate für Windows Media Player 11 (KB954154)
Sicherheitsupdate für Windows XP (KB913433)
Sicherheitsupdate für Windows XP (KB923561)
Sicherheitsupdate für Windows XP (KB938464)
Sicherheitsupdate für Windows XP (KB941569)
Sicherheitsupdate für Windows XP (KB946648)
Sicherheitsupdate für Windows XP (KB950760)
Sicherheitsupdate für Windows XP (KB950762)
Sicherheitsupdate für Windows XP (KB950974)
Sicherheitsupdate für Windows XP (KB951066)
Sicherheitsupdate für Windows XP (KB951376)
Sicherheitsupdate für Windows XP (KB951376-v2)
Sicherheitsupdate für Windows XP (KB951698)
Sicherheitsupdate für Windows XP (KB951748)
Sicherheitsupdate für Windows XP (KB952004)
Sicherheitsupdate für Windows XP (KB952954)
Sicherheitsupdate für Windows XP (KB954211)
Sicherheitsupdate für Windows XP (KB954600)
Sicherheitsupdate für Windows XP (KB955069)
Sicherheitsupdate für Windows XP (KB956391)
Sicherheitsupdate für Windows XP (KB956572)
Sicherheitsupdate für Windows XP (KB956802)
Sicherheitsupdate für Windows XP (KB956803)
Sicherheitsupdate für Windows XP (KB956841)
Sicherheitsupdate für Windows XP (KB957097)
Sicherheitsupdate für Windows XP (KB958644)
Sicherheitsupdate für Windows XP (KB958687)
Sicherheitsupdate für Windows XP (KB958690)
Sicherheitsupdate für Windows XP (KB959426)
Sicherheitsupdate für Windows XP (KB960225)
Sicherheitsupdate für Windows XP (KB960715)
Sicherheitsupdate für Windows XP (KB960803)
Sicherheitsupdate für Windows XP (KB961373)
Skype™ 3.8
Sonic Encoders
Source SDK Base - Orange Box
Steam
StudioLine Photo Basic
SUPERAntiSpyware Free Edition
Supreme Commander - Forged Alliance
TeamSpeak 2 RC2
TeamViewer 3
Text-To-Speech-Runtime
Tor 0.2.0.32
TrackMania Nations ESWC 1.7.9
Update für Windows Media Player 10 (KB910393)
Update für Windows Media Player 10 (KB913800)
Update für Windows Media Player 10 (KB926251)
Update für Windows XP (KB955839)
Update für Windows XP (KB967715)
Update Rollup 2 für Windows XP Media Center Edition 2005
USB Driver for Panasonic DVC
Veoh Web Player Beta
VeohTV BETA
Videoload Manager 1.0.1514
VLC media player 0.9.6
Webocton - Scriptly 0.8.95.2
WeGame Client Beta 1.0.7
Wichtiges Update für Windows Media Player 11 (KB959772)
WinAce Archiver
Windows Communication Foundation
Windows Imaging Component
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Windows Media Player Firefox Plugin
Windows Presentation Foundation
Windows Workflow Foundation
Windows XP Media Center Edition 2005 KB908246
Windows XP Media Center Edition 2005 KB925766
Windows XP Service Pack 3
Windows-Treiberpaket - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)
Windows-Treiberpaket - AMD System (04/06/2006 1.0.1.0)
WinRAR archiver
WORLD IN CONFLICT
World of Warcraft
Zoo Tycoon 2: Zoodirektor Sammlung
|
|
18.04.2009, 18:08
| #20 |
| | System infizert gewesen - wieder sauber? Hallo, schlechte Nachrichten. Dein System ist so schlimm vermurkst, ich würde an Deiner Stelle Neuaufsetzen, erspart immens Zeit und Nerven beider Seiten. Die Bereinigung des Ganzen würde das 10 Fache des neuaufsetzens übersteigen. Bitte nach dem Neuaufsetzen keine Torrentprogramme reinknallen, keine Toolbars und keine unnötigen Autostarteinträge. Hier ist eine Anleitung, damit du sicher Neuaufsetzen kannst, und du nicht alleine dastehts, so ohne alles und nichts: http://www.trojaner-board.de/51262-a...sicherung.html EDIT: warte bitte mit dem Neuaufsetzen.
__________________ Avira Upgrade 10 ist auf dem Markt! Agressive Einstellung von Avira What goes around comes around! |
|
18.04.2009, 18:47
| #21 |
| | System infizert gewesen - wieder sauber? Lade dir Lop S&D herunter. Führe Lop S&D.exe per Doppelklick aus. Wähle die Sprache deiner Wahl und anschließend die Option 1 (Suche) Warte bis der Scanbericht erstellt wird (Du findest ihn unter C:\lopR.txt, sollte der Bericht nicht erscheinen) (Sollte dein Desktop verschwinden, drücke bitte Ctrl + Alt + Entf um den Taskmanager zu starten. Wähle unter Datei, neuen Task aus und gib dort explorer.exe ein)
__________________ --> System infizert gewesen - wieder sauber? |
|
18.04.2009, 18:54
| #22 |
| | System infizert gewesen - wieder sauber? hier der scan bericht Code:
ATTFilter
--------------------\\ Lop S&D 4.2.5-0 XP/Vista
Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 X2 Dual Core Processor 5200+ )
BIOS : )Phoenix - Award WorkstationBIOS v6.00PG
USER : Zitrone ( Administrator )
BOOT : Normal boot
Antivirus : Avira AntiVir PersonalEdition 8.0.1.30 (Activated)
C:\ (Local Disk) - NTFS - Total:113 Go (Free:14 Go)
D:\ (Local Disk) - NTFS - Total:232 Go (Free:172 Go)
E:\ (Local Disk) - FAT32 - Total:113 Go (Free:111 Go)
F:\ (CD or DVD)
G:\ (CD or DVD)
H:\ (USB)
I:\ (USB)
J:\ (USB)
K:\ (CD or DVD)
L:\ (CD or DVD)
M:\ (USB)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 18.04.2009|19:51 )
--------------------\\ Ordner Verzeichnis unter ANWEND~1
[24.10.2006|19:22] C:\DOKUME~1\ADMINI~1\ANWEND~1\Identities
[24.10.2006|19:22] C:\DOKUME~1\ADMINI~1\ANWEND~1\Macromedia
[24.10.2006|19:22] C:\DOKUME~1\ADMINI~1\ANWEND~1\Microsoft
[0|Datei(en)] C:\DOKUME~1\ADMINI~1\ANWEND~1\Bytes
[5|Verzeichnis(se),] C:\DOKUME~1\ADMINI~1\ANWEND~1\Bytes frei
[03.04.2009|18:06] C:\DOKUME~1\ALLUSE~1\ANWEND~1\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[19.01.2009|22:22] C:\DOKUME~1\ALLUSE~1\ANWEND~1\2DBoy
[11.10.2008|15:42] C:\DOKUME~1\ALLUSE~1\ANWEND~1\Activision
[11.11.2008|20:06] C:\DOKUME~1\ALLUSE~1\ANWEND~1\Adobe
[07.06.2008|00:45] C:\DOKUME~1\ALLUSE~1\ANWEND~1\Ahead
[07.06.2008|19:41] C:\DOKUME~1\ALLUSE~1\ANWEND~1\AOL
[11.02.2008|17:27] C:\DOKUME~1\ALLUSE~1\ANWEND~1\Apple
[11.02.2008|17:29] C:\DOKUME~1\ALLUSE~1\ANWEND~1\Apple Computer
[08.10.2008|15:53] C:\DOKUME~1\ALLUSE~1\ANWEND~1\ATI
[21.06.2008|00:17] C:\DOKUME~1\ALLUSE~1\ANWEND~1\Avira
[03.12.2008|23:41] C:\DOKUME~1\ALLUSE~1\ANWEND~1\AVS4YOU
[22.07.2007|16:07] C:\DOKUME~1\ALLUSE~1\ANWEND~1\Babylon
[18.10.2008|13:50] C:\DOKUME~1\ALLUSE~1\ANWEND~1\Blizzard
[12.07.2008|10:00] C:\DOKUME~1\ALLUSE~1\ANWEND~1\BOONTY
[10.03.2007|18:57] C:\DOKUME~1\ALLUSE~1\ANWEND~1\CyberLink
[24.03.2009|16:19] C:\DOKUME~1\ALLUSE~1\ANWEND~1\Fallout3
[15.03.2008|18:50] C:\DOKUME~1\ALLUSE~1\ANWEND~1\fluxDVD
[03.09.2008|02:53] C:\DOKUME~1\ALLUSE~1\ANWEND~1\GameTap
[16.09.2007|22:51] C:\DOKUME~1\ALLUSE~1\ANWEND~1\Google
[27.12.2008|18:17] C:\DOKUME~1\ALLUSE~1\ANWEND~1\MAGIX
[16.04.2009|00:27] C:\DOKUME~1\ALLUSE~1\ANWEND~1\Malwarebytes
[10.03.2009|15:58] C:\DOKUME~1\ALLUSE~1\ANWEND~1\Media Center Programs
[21.03.2009|18:07] C:\DOKUME~1\ALLUSE~1\ANWEND~1\Metaboli Player
[17.04.2009|02:38] C:\DOKUME~1\ALLUSE~1\ANWEND~1\Microsoft
[03.04.2009|19:59] C:\DOKUME~1\ALLUSE~1\ANWEND~1\Microsoft Games
[18.06.2008|20:35] C:\DOKUME~1\ALLUSE~1\ANWEND~1\mpDRM
[04.01.2009|00:47] C:\DOKUME~1\ALLUSE~1\ANWEND~1\MsvThumbs
[19.07.2008|01:35] C:\DOKUME~1\ALLUSE~1\ANWEND~1\NCH Software
[19.07.2008|01:35] C:\DOKUME~1\ALLUSE~1\ANWEND~1\NCH Swift Sound
[17.04.2009|01:31] C:\DOKUME~1\ALLUSE~1\ANWEND~1\Nero
[02.06.2008|21:35] C:\DOKUME~1\ALLUSE~1\ANWEND~1\NtiDvdCopy
[21.07.2008|20:32] C:\DOKUME~1\ALLUSE~1\ANWEND~1\Real
[31.10.2008|16:11] C:\DOKUME~1\ALLUSE~1\ANWEND~1\Skype
[17.04.2009|14:20] C:\DOKUME~1\ALLUSE~1\ANWEND~1\SUPERAntiSpyware.com
[30.12.2007|21:11] C:\DOKUME~1\ALLUSE~1\ANWEND~1\Symantec
[04.09.2007|21:28] C:\DOKUME~1\ALLUSE~1\ANWEND~1\T-DSL Manager
[28.08.2007|15:26] C:\DOKUME~1\ALLUSE~1\ANWEND~1\Teledat
[11.06.2008|20:17] C:\DOKUME~1\ALLUSE~1\ANWEND~1\TEMP
[24.01.2007|12:28] C:\DOKUME~1\ALLUSE~1\ANWEND~1\Windows Genuine Advantage
[0|Datei(en)] C:\DOKUME~1\ALLUSE~1\ANWEND~1\Bytes
[41|Verzeichnis(se),] C:\DOKUME~1\ALLUSE~1\ANWEND~1\Bytes frei
[24.10.2006|19:22] C:\DOKUME~1\DEFAUL~1\ANWEND~1\Identities
[24.10.2006|19:22] C:\DOKUME~1\DEFAUL~1\ANWEND~1\Macromedia
[24.10.2006|19:22] C:\DOKUME~1\DEFAUL~1\ANWEND~1\Microsoft
[0|Datei(en)] C:\DOKUME~1\DEFAUL~1\ANWEND~1\Bytes
[5|Verzeichnis(se),] C:\DOKUME~1\DEFAUL~1\ANWEND~1\Bytes frei
[23.08.2007|23:41] C:\DOKUME~1\LOCALS~1\ANWEND~1\Microsoft
[0|Datei(en)] C:\DOKUME~1\LOCALS~1\ANWEND~1\Bytes
[3|Verzeichnis(se),] C:\DOKUME~1\LOCALS~1\ANWEND~1\Bytes frei
[10.06.2008|19:30] C:\DOKUME~1\NETWOR~1\ANWEND~1\Microsoft
[0|Datei(en)] C:\DOKUME~1\NETWOR~1\ANWEND~1\Bytes
[3|Verzeichnis(se),] C:\DOKUME~1\NETWOR~1\ANWEND~1\Bytes frei
[11.10.2008|15:42] C:\DOKUME~1\Zitrone\ANWEND~1\Activision
[24.10.2008|14:59] C:\DOKUME~1\Zitrone\ANWEND~1\Adobe
[07.06.2008|00:28] C:\DOKUME~1\Zitrone\ANWEND~1\AdobeUM
[18.06.2008|19:42] C:\DOKUME~1\Zitrone\ANWEND~1\Ahead
[07.06.2008|19:39] C:\DOKUME~1\Zitrone\ANWEND~1\AOL
[19.01.2009|22:14] C:\DOKUME~1\Zitrone\ANWEND~1\Apple Computer
[02.03.2008|21:32] C:\DOKUME~1\Zitrone\ANWEND~1\ATI
[03.12.2008|23:41] C:\DOKUME~1\Zitrone\ANWEND~1\AVS4YOU
[22.07.2007|11:07] C:\DOKUME~1\Zitrone\ANWEND~1\Babylon
[30.12.2008|01:35] C:\DOKUME~1\Zitrone\ANWEND~1\BitTorrent
[01.12.2008|00:08] C:\DOKUME~1\Zitrone\ANWEND~1\Blender Foundation
[08.06.2008|05:02] C:\DOKUME~1\Zitrone\ANWEND~1\CyberLink
[18.05.2008|23:14] C:\DOKUME~1\Zitrone\ANWEND~1\DAEMON Tools
[16.12.2007|16:57] C:\DOKUME~1\Zitrone\ANWEND~1\DivX
[10.01.2009|19:50] C:\DOKUME~1\Zitrone\ANWEND~1\dvdcss
[19.01.2009|21:50] C:\DOKUME~1\Zitrone\ANWEND~1\eMule
[01.12.2008|00:13] C:\DOKUME~1\Zitrone\ANWEND~1\FileMaker
[14.04.2009|18:28] C:\DOKUME~1\Zitrone\ANWEND~1\FileZilla
[03.04.2009|23:02] C:\DOKUME~1\Zitrone\ANWEND~1\FOG Downloader
[06.03.2008|22:29] C:\DOKUME~1\Zitrone\ANWEND~1\Google
[15.02.2009|21:57] C:\DOKUME~1\Zitrone\ANWEND~1\Greyfirst
[12.03.2009|19:28] C:\DOKUME~1\Zitrone\ANWEND~1\gtk-2.0
[18.04.2009|14:00] C:\DOKUME~1\Zitrone\ANWEND~1\Hamachi
[06.12.2008|16:02] C:\DOKUME~1\Zitrone\ANWEND~1\HamachiBackup
[20.04.2007|16:41] C:\DOKUME~1\Zitrone\ANWEND~1\Help
[05.02.2008|20:25] C:\DOKUME~1\Zitrone\ANWEND~1\ICQ
[09.02.2008|01:21] C:\DOKUME~1\Zitrone\ANWEND~1\ICQ Toolbar
[24.10.2006|19:22] C:\DOKUME~1\Zitrone\ANWEND~1\Identities
[21.03.2009|18:21] C:\DOKUME~1\Zitrone\ANWEND~1\InstallShield
[24.10.2006|19:22] C:\DOKUME~1\Zitrone\ANWEND~1\Macromedia
[27.12.2008|18:19] C:\DOKUME~1\Zitrone\ANWEND~1\MAGIX
[16.04.2009|00:27] C:\DOKUME~1\Zitrone\ANWEND~1\Malwarebytes
[21.07.2008|20:33] C:\DOKUME~1\Zitrone\ANWEND~1\Media Player Classic
[14.05.2008|20:59] C:\DOKUME~1\Zitrone\ANWEND~1\Megaupload
[10.12.2008|23:52] C:\DOKUME~1\Zitrone\ANWEND~1\Microsoft
[03.04.2009|19:59] C:\DOKUME~1\Zitrone\ANWEND~1\Microsoft Games
[02.09.2008|00:12] C:\DOKUME~1\Zitrone\ANWEND~1\mIRC
[01.12.2008|00:41] C:\DOKUME~1\Zitrone\ANWEND~1\MonkeyJam
[14.09.2008|22:48] C:\DOKUME~1\Zitrone\ANWEND~1\Mozilla
[19.01.2009|22:37] C:\DOKUME~1\Zitrone\ANWEND~1\MSNInstaller
[19.07.2008|01:35] C:\DOKUME~1\Zitrone\ANWEND~1\NCH Swift Sound
[07.05.2008|11:54] C:\DOKUME~1\Zitrone\ANWEND~1\Nero
[18.04.2009|18:14] C:\DOKUME~1\Zitrone\ANWEND~1\OpenOffice.org2
[12.04.2008|21:51] C:\DOKUME~1\Zitrone\ANWEND~1\Petroglyph
[14.08.2008|18:47] C:\DOKUME~1\Zitrone\ANWEND~1\Real
[14.11.2008|22:25] C:\DOKUME~1\Zitrone\ANWEND~1\REAPER
[14.08.2008|20:39] C:\DOKUME~1\Zitrone\ANWEND~1\Screaming Bee
[26.06.2007|16:58] C:\DOKUME~1\Zitrone\ANWEND~1\SecuROM
[18.04.2009|19:25] C:\DOKUME~1\Zitrone\ANWEND~1\Skype
[18.04.2009|17:50] C:\DOKUME~1\Zitrone\ANWEND~1\skypePM
[05.04.2008|13:49] C:\DOKUME~1\Zitrone\ANWEND~1\Sun
[17.04.2009|14:20] C:\DOKUME~1\Zitrone\ANWEND~1\SUPERAntiSpyware.com
[29.05.2008|18:14] C:\DOKUME~1\Zitrone\ANWEND~1\Talkback
[14.04.2009|20:04] C:\DOKUME~1\Zitrone\ANWEND~1\teamspeak2
[31.10.2008|18:38] C:\DOKUME~1\Zitrone\ANWEND~1\TeamViewer
[16.06.2008|11:02] C:\DOKUME~1\Zitrone\ANWEND~1\Template
[15.03.2009|01:55] C:\DOKUME~1\Zitrone\ANWEND~1\The Creative Assembly
[29.12.2008|04:22] C:\DOKUME~1\Zitrone\ANWEND~1\tor
[30.09.2008|17:26] C:\DOKUME~1\Zitrone\ANWEND~1\UseNeXT
[30.11.2007|13:55] C:\DOKUME~1\Zitrone\ANWEND~1\Ventrilo
[01.12.2008|00:22] C:\DOKUME~1\Zitrone\ANWEND~1\vlc
[04.04.2009|11:38] C:\DOKUME~1\Zitrone\ANWEND~1\Webocton - Scriptly
[31.07.2008|21:04] C:\DOKUME~1\Zitrone\ANWEND~1\WeGame
[24.02.2008|00:09] C:\DOKUME~1\Zitrone\ANWEND~1\WinRAR
[17.04.2009|01:00] C:\DOKUME~1\Zitrone\ANWEND~1\Wippien
[05.09.2007|16:54] C:\DOKUME~1\Zitrone\ANWEND~1\You've Got Pictures Screensaver
[0|Datei(en)] C:\DOKUME~1\Zitrone\ANWEND~1\Bytes
[68|Verzeichnis(se),] C:\DOKUME~1\Zitrone\ANWEND~1\Bytes frei
--------------------\\ Geplante Aufgaben unter C:\WINDOWS\Tasks
[18.04.2009 17:59][--a------] C:\WINDOWS\tasks\RegCure Program Check.job
[08.01.2009 04:00][--a------] C:\WINDOWS\tasks\RegCure.job
[03.04.2009 17:52][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[18.04.2009 17:58][--ah-----] C:\WINDOWS\tasks\SA.DAT
[10.08.2004 21:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Ordner Verzeichnis unter C:\Programme
[14.09.2008|02:26] C:\Programme\AC3Filter
[04.02.2009|17:39] C:\Programme\Activision
[11.12.2008|18:13] C:\Programme\Adobe
[14.09.2008|02:21] C:\Programme\afreeCodecVT
[29.09.2008|16:08] C:\Programme\AGEIA Technologies
[07.05.2008|12:04] C:\Programme\Alcohol Soft
[03.12.2008|22:42] C:\Programme\AliveMedia
[19.01.2009|21:45] C:\Programme\ANNO1602
[30.10.2008|21:06] C:\Programme\Apple Software Update
[08.10.2008|15:48] C:\Programme\ATI Technologies
[05.11.2008|19:53] C:\Programme\ATITool
[21.06.2008|00:17] C:\Programme\Avira
[03.12.2008|23:41] C:\Programme\AVS4YOU
[24.03.2009|16:19] C:\Programme\Bethesda Softworks
[25.02.2008|00:16] C:\Programme\BitTorrent
[01.12.2008|00:08] C:\Programme\Blender Foundation
[03.04.2009|17:56] C:\Programme\Bonjour
[19.03.2008|15:33] C:\Programme\Boonty
[24.03.2008|00:01] C:\Programme\BoontyGames
[27.05.2007|12:47] C:\Programme\buffed.de
[19.01.2009|22:23] C:\Programme\CCleaner
[08.06.2008|19:43] C:\Programme\CDV
[14.04.2009|17:35] C:\Programme\Celtx
[24.10.2006|19:23] C:\Programme\commercial
[07.05.2008|12:04] C:\Programme\Conduit
[22.12.2008|21:21] C:\Programme\Creative
[07.05.2008|11:54] C:\Programme\CUEcards 2000
[07.06.2008|00:12] C:\Programme\CyberLink
[08.06.2008|18:52] C:\Programme\DAEMON Tools Lite
[24.10.2006|19:23] C:\Programme\DIFX
[06.12.2008|00:03] C:\Programme\DivX
[25.01.2009|18:56] C:\Programme\DV Capture
[17.04.2009|14:46] C:\Programme\Fake Webcam
[09.06.2008|22:45] C:\Programme\FileZilla FTP Client
[03.12.2008|23:33] C:\Programme\Free Video Converter
[21.06.2008|21:03] C:\Programme\free-downloads.net
[01.12.2008|00:37] C:\Programme\Fuzzelcheck
[07.06.2008|20:01] C:\Programme\Game Cam v1.4
[13.03.2009|19:56] C:\Programme\Gamesload Spiele
[03.09.2008|02:52] C:\Programme\GameTap
[10.09.2008|23:44] C:\Programme\GAMI
[18.04.2009|17:57] C:\Programme\Gemeinsame Dateien
[24.10.2006|19:23] C:\Programme\GemMasterGerman
[19.01.2009|21:41] C:\Programme\GIMP-2.0
[05.11.2008|22:20] C:\Programme\Google
[17.04.2009|14:35] C:\Programme\Hamachi
[31.03.2009|20:17] C:\Programme\ICQ6
[05.11.2008|19:59] C:\Programme\ICQToolbar
[29.12.2006|16:31] C:\Programme\id Software
[30.03.2009|15:19] C:\Programme\InstallShield Installation Information
[08.06.2008|03:56] C:\Programme\InterActual
[17.04.2009|15:21] C:\Programme\Internet Explorer
[03.04.2009|18:06] C:\Programme\iPod
[03.04.2009|18:06] C:\Programme\iTunes
[05.11.2008|19:59] C:\Programme\Java
[23.03.2009|21:46] C:\Programme\Lavalys
[24.06.2008|19:40] C:\Programme\LeechFTP
[27.12.2008|18:17] C:\Programme\MAGIX
[16.04.2009|00:27] C:\Programme\Malwarebytes' Anti-Malware
[18.04.2009|17:42] C:\Programme\Messenger
[21.03.2009|22:19] C:\Programme\Metaboli Player
[24.10.2006|19:23] C:\Programme\microsoft frontpage
[24.03.2009|16:40] C:\Programme\Microsoft Games for Windows - LIVE
[25.12.2006|11:40] C:\Programme\Microsoft Office
[17.04.2009|15:20] C:\Programme\Microsoft Works
[01.09.2008|19:30] C:\Programme\mIRC
[01.12.2008|00:41] C:\Programme\MonkeyJam
[18.04.2009|17:38] C:\Programme\Movie Maker
[18.04.2009|18:08] C:\Programme\Mozilla Firefox
[17.01.2009|14:58] C:\Programme\mozilla.org
[05.11.2008|22:18] C:\Programme\Mozilla1.7.13
[24.03.2009|16:17] C:\Programme\MSBuild
[18.04.2009|17:38] C:\Programme\msn
[24.10.2006|19:23] C:\Programme\MSN Gaming Zone
[23.01.2009|20:00] C:\Programme\MSXML 4.0
[27.03.2009|20:01] C:\Programme\MSXML 6.0
[30.06.2008|21:34] C:\Programme\N Schach 3
[07.06.2008|00:43] C:\Programme\Nero
[02.05.2008|20:26] C:\Programme\NETGEAR
[18.04.2009|17:36] C:\Programme\NetMeeting
[24.10.2006|19:23] C:\Programme\NewTech Infosystems
[08.06.2008|03:50] C:\Programme\OnlineControl
[24.10.2006|19:24] C:\Programme\Online-Dienste
[09.01.2009|00:08] C:\Programme\OpenAL
[20.02.2008|18:50] C:\Programme\OpenOffice.org 2.3
[18.04.2009|17:36] C:\Programme\Outlook Express
[01.12.2008|00:42] C:\Programme\Painter
[18.06.2008|21:51] C:\Programme\Paradox Entertainment
[19.06.2008|16:44] C:\Programme\Paradox Interactive
[11.04.2009|23:42] C:\Programme\phase5
[20.02.2009|12:52] C:\Programme\PiranhaBytes
[03.04.2009|18:04] C:\Programme\QuickTime
[18.05.2008|00:37] C:\Programme\ratDVD
[16.06.2007|21:47] C:\Programme\Real
[21.07.2008|20:32] C:\Programme\Real Alternative
[24.10.2006|19:24] C:\Programme\Realtek
[14.11.2008|21:24] C:\Programme\REAPER
[24.03.2009|16:16] C:\Programme\Reference Assemblies
[07.05.2008|11:18] C:\Programme\RegCure
[03.04.2009|17:58] C:\Programme\Safari
[06.04.2009|17:06] C:\Programme\Skype
[08.06.2008|19:33] C:\Programme\Smart Projects
[18.04.2009|18:31] C:\Programme\Steam
[19.01.2009|21:27] C:\Programme\StudioLine Photo Basic
[17.04.2009|14:20] C:\Programme\SUPERAntiSpyware
[30.12.2007|21:07] C:\Programme\Symantec
[20.01.2007|19:47] C:\Programme\Teamspeak2_RC2
[06.12.2008|15:58] C:\Programme\TeamViewer3
[10.03.2009|15:43] C:\Programme\THQ
[23.03.2009|21:04] C:\Programme\TrackMania Nations ESWC
[15.04.2009|17:09] C:\Programme\Trend Micro
[27.01.2007|21:20] C:\Programme\Valve
[05.01.2009|23:24] C:\Programme\Veoh Networks
[29.12.2008|04:24] C:\Programme\Vidalia Bundle
[01.12.2008|00:19] C:\Programme\VideoLAN
[07.05.2008|14:33] C:\Programme\Videoload Manager
[14.04.2009|22:49] C:\Programme\Warcraft III
[04.04.2009|11:38] C:\Programme\Webocton - Scriptly
[31.07.2008|20:22] C:\Programme\WeGame
[05.09.2007|18:22] C:\Programme\WinAce
[14.08.2008|18:52] C:\Programme\Windows Media Connect 2
[14.09.2008|02:02] C:\Programme\Windows Media Player
[18.04.2009|17:36] C:\Programme\Windows NT
[24.02.2008|00:09] C:\Programme\WinRAR
[17.04.2009|01:00] C:\Programme\Wippien
[24.10.2006|19:24] C:\Programme\xerox
[05.09.2007|18:24] C:\Programme\Yahoo!
[0|Datei(en)] C:\Programme\Bytes
[129|Verzeichnis(se),] C:\Programme\Bytes frei
--------------------\\ Ordner Verzeichnis unter C:\Programme\Gemeinsame Dateien
[11.11.2008|20:06] C:\Programme\Gemeinsame Dateien\Adobe
[17.04.2009|01:31] C:\Programme\Gemeinsame Dateien\Ahead
[07.06.2008|19:43] C:\Programme\Gemeinsame Dateien\aol
[05.09.2007|16:54] C:\Programme\Gemeinsame Dateien\aolback
[03.04.2009|18:06] C:\Programme\Gemeinsame Dateien\Apple
[03.12.2008|23:40] C:\Programme\Gemeinsame Dateien\AVSMedia
[30.06.2008|21:25] C:\Programme\Gemeinsame Dateien\Blizzard Entertainment
[28.03.2008|21:56] C:\Programme\Gemeinsame Dateien\BOONTY Shared
[24.10.2006|19:23] C:\Programme\Gemeinsame Dateien\Dienste
[13.07.2007|20:41] C:\Programme\Gemeinsame Dateien\fluxDVD
[24.10.2006|19:23] C:\Programme\Gemeinsame Dateien\InstallShield
[24.12.2006|20:54] C:\Programme\Gemeinsame Dateien\Java
[24.10.2006|19:23] C:\Programme\Gemeinsame Dateien\LightScribe
[28.09.2008|08:54] C:\Programme\Gemeinsame Dateien\Logitech
[17.04.2009|02:40] C:\Programme\Gemeinsame Dateien\Microsoft Shared
[07.05.2008|14:32] C:\Programme\Gemeinsame Dateien\mpDRM
[24.10.2006|19:23] C:\Programme\Gemeinsame Dateien\MSSoap
[24.10.2006|19:23] C:\Programme\Gemeinsame Dateien\muvee Technologies
[07.05.2008|11:51] C:\Programme\Gemeinsame Dateien\Nero
[24.10.2006|19:23] C:\Programme\Gemeinsame Dateien\NewTech Infosystems
[27.12.2008|21:06] C:\Programme\Gemeinsame Dateien\NSV
[05.09.2007|16:53] C:\Programme\Gemeinsame Dateien\Nullsoft
[14.08.2008|18:47] C:\Programme\Gemeinsame Dateien\Real
[31.10.2008|16:11] C:\Programme\Gemeinsame Dateien\Skype
[24.10.2006|19:23] C:\Programme\Gemeinsame Dateien\SpeechEngines
[12.09.2008|15:01] C:\Programme\Gemeinsame Dateien\Symantec Shared
[18.04.2009|17:36] C:\Programme\Gemeinsame Dateien\System
[11.12.2008|18:14] C:\Programme\Gemeinsame Dateien\Vbox
[17.04.2009|02:34] C:\Programme\Gemeinsame Dateien\Windows Live
[17.04.2009|14:19] C:\Programme\Gemeinsame Dateien\Wise Installation Wizard
[14.08.2008|18:47] C:\Programme\Gemeinsame Dateien\xing shared
[0|Datei(en)] C:\Programme\Gemeinsame Dateien\Bytes
[33|Verzeichnis(se),] C:\Programme\Gemeinsame Dateien\Bytes frei
--------------------\\ Process
( 59 Processes )
iexplore.exe ~ [PID:3924]
IEXPLORE.EXE ~ [PID:3904]
IEXPLORE.EXE ~ [PID:2656]
--------------------\\ Ueberpruefung mit S_Lop
Kein Lop Ordner gefunden !
--------------------\\ Suche nach Lop Dateien - Ordnern
Kein Lop Ordner gefunden !
--------------------\\ Suche innerhalb der Registry
..... OK !
--------------------\\ Ueberpruefung der Hosts Datei
Hosts Datei SAUBER
--------------------\\ Suche nach verborgenen Dateien mit Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-18 19:51:51
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Suche nach anderen Infektionen
--------------------\\ Cracks & Keygens ..
C:\DOKUME~1\Zitrone\Eigene Dateien\ICQ\484450461\ReceivedFiles\480723826 caps169\NoCD_Crack.rar
C:\DOKUME~1\ALLUSE~1\Anwendungsdaten\GameTap\appdata\cache\gtPlayer\data\catalogmedia\CrackDown_GEN_Sega_243b0.dds
C:\DOKUME~1\ALLUSE~1\Anwendungsdaten\GameTap\appdata\cache\gtPlayer\data\catalogmedia\Crackpots_2600_Act_265f3.dds
[F:328][D:5]-> C:\DOKUME~1\Zitrone\LOKALE~1\Temp
[F:98][D:0]-> C:\DOKUME~1\Zitrone\Cookies
[F:2993][D:4]-> C:\DOKUME~1\Zitrone\LOKALE~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - 18.04.2009|19:52 - Option : [1]
--------------------\\ Scan beendet um 19:52:28
|
|
18.04.2009, 19:08
| #23 |
| | System infizert gewesen - wieder sauber? Ich werde mir das Log mal ansehen. Moment bitte.
__________________ Avira Upgrade 10 ist auf dem Markt! Agressive Einstellung von Avira What goes around comes around! |
|
18.04.2009, 19:15
| #24 |
| | System infizert gewesen - wieder sauber? Habe mir das Log genauer angeschaut, wie gesagt ich würde an deiner Stelle neu aufsetzen. Unten ist die Anleitung hierzu. Und du schreibst mir zusätzlich noch 100 mal an die Tafel "Ich habe keine Crack.exes zu downloaden und auch keine Toolbars mitzuinstallieren".
__________________ Avira Upgrade 10 ist auf dem Markt! Agressive Einstellung von Avira What goes around comes around! |
|
18.04.2009, 19:21
| #25 |
| | System infizert gewesen - wieder sauber? okay alles klar dann noch ein dickes dankeschön für die schnelle Hilfe |
|
18.04.2009, 19:30
| #26 |
| | System infizert gewesen - wieder sauber? Bitteschön
__________________ Avira Upgrade 10 ist auf dem Markt! Agressive Einstellung von Avira What goes around comes around! |
|
| Themen zu System infizert gewesen - wieder sauber? |
| add-on, adobe, adware.trace, avira, bho, bonjour, browser, desktop, disabled.securitycenter, entfernen, explorer, google, gservice, hijack, hijackthis, hijackthis log, hkus\s-1-5-18, hotspot, internet, internet explorer, logfile, magix, malware, malwarebytes' anti-malware, mbam log, nvidia, object, plug-in, pop-up-blocker, registrierungsschlüssel, rootkit, rootkit.agent, rundll, security, software, symantec, system, toolbars, windows xp |
Linear-Darstellung
