| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Trojan.TDSS wie wegbekommen?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
23.07.2009, 11:02
| #5 |
 |  Trojan.TDSS wie wegbekommen? Hier das RSIT log.txt - File Logfile of random's system information tool 1.06 (written by random/random) Run by Besitzer at 2009-07-23 11:57:44 Microsoft Windows XP Home Edition Service Pack 3 System drive C: has 3 GB (18%) free of 20 GB Total RAM: 247 MB (44% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:58:15, on 23.07.2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = htp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = htp://www.google.de/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = htp://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = htp://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = htp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = htp://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = htp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Programme\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [avgnt] "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Programme\PokerStars\PokerStarsUpdate.exe O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O15 - ESC Trusted Zone: htp://*.update.microsoft.com O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - htp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1241609567218 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - htp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1241614431421 O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\avguard.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- End of file - 4166 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\AppleSoftwareUpdate.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}] RealPlayer Download and Record Plugin for Internet Explorer - C:\Programme\Real\RealPlayer\rpbrowserrecordplugin.dll [2009-05-24 312928] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Programme\Java\jre6\bin\jp2ssv.dll [2009-06-19 35840] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-06-19 73728] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "SunJavaUpdateSched"=C:\Programme\Java\jre6\bin\jusched.exe [2009-06-19 148888] "IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2005-06-21 155648] "HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2005-06-21 126976] "ZoneAlarm Client"=C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe [2008-07-09 919016] "avgnt"=C:\Programme\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153] "Adobe Reader Speed Launcher"=C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696] "QuickTime Task"=C:\Programme\QuickTime\qttask.exe [2009-05-26 413696] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] "MSMSGS"=C:\Programme\Messenger\msmsgs.exe [2008-04-14 1695232] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA] C:\Programme\DNA\btdna.exe [2009-06-07 321344] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] C:\Programme\QuickTime\qttask.exe [2009-05-26 413696] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe [2009-05-24 198160] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\WINDOWS\system32\igfxsrvc.dll [2005-06-21 348160] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=323 "NoDriveAutoRun"=67108863 "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= "NoDriveAutoRun"= "NoDriveTypeAutoRun"= "NoDrives"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Programme\Messenger\msmsgs.exe"="C:\Programme\Messenger\msmsgs.exe:*:Enabled:Windows Messenger" "C:\Programme\DNA\btdna.exe"="C:\Programme\DNA\btdna.exe:*:Enabled  NA""C:\Programme\BitTorrent\bittorrent.exe"="C:\Programme\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent" "C:\Programme\ICQ6.5\ICQ.exe"="C:\Programme\ICQ6.5\ICQ.exe:*:Enabled:ICQ6" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" ======List of files/folders created in the last 1 months====== 2009-07-23 11:43:06 ----D---- C:\rsit 2009-07-23 10:03:22 ----SHD---- C:\RECYCLER 2009-07-23 09:51:54 ----A---- C:\ComboFix.txt 2009-07-23 09:00:49 ----A---- C:\Boot.bak 2009-07-23 09:00:37 ----RASHD---- C:\cmdcons 2009-07-23 08:56:31 ----A---- C:\WINDOWS\zip.exe 2009-07-23 08:56:31 ----A---- C:\WINDOWS\SWXCACLS.exe 2009-07-23 08:56:31 ----A---- C:\WINDOWS\SWSC.exe 2009-07-23 08:56:31 ----A---- C:\WINDOWS\SWREG.exe 2009-07-23 08:56:31 ----A---- C:\WINDOWS\sed.exe 2009-07-23 08:56:31 ----A---- C:\WINDOWS\PEV.exe 2009-07-23 08:56:31 ----A---- C:\WINDOWS\NIRCMD.exe 2009-07-23 08:56:31 ----A---- C:\WINDOWS\grep.exe 2009-07-23 08:55:52 ----D---- C:\WINDOWS\ERDNT 2009-07-23 08:53:49 ----D---- C:\Qoobox 2009-07-14 20:21:51 ----HDC---- C:\WINDOWS\$NtUninstallKB973346$ 2009-07-14 20:19:12 ----HDC---- C:\WINDOWS\$NtUninstallKB961371$ 2009-07-14 20:19:04 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$ 2009-07-14 20:17:48 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$ 2009-07-14 20:17:38 ----HDC---- C:\WINDOWS\$NtUninstallKB968537$ 2009-07-14 20:17:25 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$ 2009-07-14 20:13:01 ----HDC---- C:\WINDOWS\$NtUninstallKB959772_WM11$ 2009-07-14 20:12:49 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$ 2009-07-14 20:12:39 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$ 2009-07-14 20:11:55 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP11$ 2009-07-14 20:11:25 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$ 2009-07-14 20:11:07 ----A---- C:\WINDOWS\imsins.BAK 2009-07-14 20:11:00 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$ 2009-07-14 19:15:59 ----A---- C:\WINDOWS\system32\mucltui.dll.mui 2009-07-14 19:15:58 ----A---- C:\WINDOWS\system32\mucltui.dll 2009-07-13 23:39:02 ----D---- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Malwarebytes 2009-07-13 23:38:48 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes 2009-07-13 23:38:47 ----D---- C:\Programme\Malwarebytes' Anti-Malware 2009-07-13 14:23:21 ----A---- C:\WINDOWS\wininit.ini 2009-07-13 12:19:47 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy 2009-07-13 11:24:42 ----D---- C:\Programme\CCleaner 2009-07-13 11:20:25 ----D---- C:\WINDOWS\pss 2009-07-13 10:02:17 ----D---- C:\Programme\Trend Micro 2009-07-11 15:51:00 ----A---- C:\WINDOWS\system32\CmdLineExt03.dll 2009-07-11 15:21:25 ----D---- C:\Programme\ANNO 1503 Königs- Edition 2009-07-11 15:01:08 ----D---- C:\Programme\DAEMON Tools Toolbar 2009-07-11 15:00:41 ----D---- C:\Programme\DAEMON Tools Lite 2009-07-11 14:51:22 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DAEMON Tools Lite 2009-07-11 14:42:18 ----D---- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\DAEMON Tools Lite 2009-07-06 12:06:53 ----D---- C:\Programme\GameSpy Arcade 2009-07-06 11:50:12 ----D---- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Help 2009-07-06 11:45:47 ----D---- C:\Programme\Smart Projects 2009-06-29 15:18:38 ----D---- C:\WINDOWS\Minidump 2009-06-28 14:40:50 ----D---- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Media Player Classic 2009-06-28 13:06:36 ----D---- C:\Programme\XP Codec Pack ======List of files/folders modified in the last 1 months====== 2009-07-23 11:55:44 ----D---- C:\WINDOWS\Internet Logs 2009-07-23 11:32:30 ----D---- C:\WINDOWS\Temp 2009-07-23 11:32:19 ----D---- C:\WINDOWS\system32\CatRoot2 2009-07-23 11:31:14 ----D---- C:\WINDOWS\system32\drivers 2009-07-23 11:30:45 ----A---- C:\WINDOWS\SchedLgU.Txt 2009-07-23 09:52:07 ----D---- C:\WINDOWS\system32 2009-07-23 09:48:19 ----RSHDC---- C:\WINDOWS\system32\dllcache 2009-07-23 09:44:44 ----D---- C:\WINDOWS 2009-07-23 09:44:44 ----A---- C:\WINDOWS\system.ini 2009-07-23 09:35:38 ----SHD---- C:\WINDOWS\Installer 2009-07-23 09:32:31 ----A---- C:\WINDOWS\system32\user32.dll 2009-07-23 09:30:18 ----D---- C:\WINDOWS\AppPatch 2009-07-23 09:29:41 ----D---- C:\Programme\Gemeinsame Dateien 2009-07-23 09:00:51 ----RASH---- C:\boot.ini 2009-07-23 08:53:43 ----D---- C:\WINDOWS\Prefetch 2009-07-22 11:03:38 ----D---- C:\Programme\Full Tilt Poker 2009-07-20 23:41:55 ----D---- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\BitTorrent 2009-07-16 18:38:16 ----D---- C:\Programme\PokerStars 2009-07-15 16:02:51 ----SHD---- C:\Config.Msi 2009-07-14 20:25:07 ----D---- C:\Programme\Internet Explorer 2009-07-14 20:21:57 ----HD---- C:\WINDOWS\inf 2009-07-14 20:21:50 ----HD---- C:\WINDOWS\$hf_mig$ 2009-07-14 20:19:32 ----D---- C:\WINDOWS\Debug 2009-07-14 20:16:20 ----D---- C:\WINDOWS\Registration 2009-07-14 20:13:41 ----D---- C:\WINDOWS\system32\CatRoot 2009-07-14 19:57:18 ----RD---- C:\Programme 2009-07-13 22:56:26 ----A---- C:\WINDOWS\system32\termsrv.dll 2009-07-13 11:38:35 ----D---- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\DNA 2009-07-13 11:22:00 ----A---- C:\WINDOWS\win.ini 2009-07-13 09:29:37 ----D---- C:\Programme\DNA 2009-07-12 01:52:10 ----HD---- C:\Programme\InstallShield Installation Information 2009-07-11 15:20:45 ----D---- C:\Programme\Gemeinsame Dateien\InstallShield 2009-07-07 08:10:58 ----A---- C:\WINDOWS\system32\MRT.exe 2009-07-01 09:34:29 ----D---- C:\Programme\Duke Nukem 3D Atomic Edition 1.5 (Original DOS) 2009-06-24 15:42:02 ----D---- C:\Eig ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 avgio;avgio; \??\C:\Programme\Avira\AntiVir Desktop\avgio.sys [] R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104] R1 KLIF;KLIF; C:\WINDOWS\system32\DRIVERS\klif.sys [2007-07-19 127768] R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-06-10 28520] R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2008-07-09 394952] R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-03-24 55640] R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2002-04-01 4816] R3 E100B;Intel(R) PRO Adapter Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2003-10-28 153088] R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-06-21 807998] R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2009-05-06 9856] R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2003-06-13 578752] R3 usbehci;Miniporttreiber für erweiterten Microsoft USB 2.0-Hostcontroller; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;USB2-aktivierter Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbuhci;Miniporttreiber für universellen Microsoft USB-Hostcontroller; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] S3 arz700j7;arz700j7; C:\WINDOWS\system32\drivers\arz700j7.sys [] S3 catchme;catchme; \??\C:\DOKUME~1\Besitzer\LOKALE~1\Temp\catchme.sys [] S3 hSONYPVh;hSONYPVh; \??\C:\DOKUME~1\Besitzer\LOKALE~1\Temp\hSONYPVh.sys [] S3 USBSTOR;USB-Massenspeichertreiber; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AntiVirSchedulerService;Avira AntiVir Planer; C:\Programme\Avira\AntiVir Desktop\sched.exe [2009-06-10 108289] R2 AntiVirService;Avira AntiVir Guard; C:\Programme\Avira\AntiVir Desktop\avguard.exe [2009-06-10 185089] R2 JavaQuickStarterService;Java Quick Starter; C:\Programme\Java\jre6\bin\jqs.exe [2009-06-19 152984] R2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2008-07-09 75304] S3 WMPNetworkSvc;Windows Media Player-Netzwerkfreigabedienst; C:\Programme\Windows Media Player\WMPNetwk.exe [2006-11-03 920576] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] -----------------EOF----------------- |
| Themen zu Trojan.TDSS wie wegbekommen? |
| action, anti-malware, bösartige, dateien, einfacher, erscheint, foren, funde, gelöscht, hijack, lösung, malwarebytes, minute, nichts, profis, rechners, registrierungsschlüssel, scan, schei, service, skynet, system32, teilen, troja, trojan.tdss, version, wegbekomme |
Baum-Darstellung