Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Virus/Trojaner oder von allem etwas?

Virus/Trojaner oder von allem etwas?


Log-Analyse und Auswertung: Virus/Trojaner oder von allem etwas?

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Seite 3 von 6 12 3 45 Letzte »
Alt 08.08.2009, 15:22   #31
Skylite
 
Virus/Trojaner oder von allem etwas? - Standard

Virus/Trojaner oder von allem etwas?


2009-08-07 18:31 . 2008-12-01 17:07 73 ----a-w- c:\bases_x\plugins\emalware.296
2009-08-07 18:31 . 2008-12-01 17:07 73 ----a-w- c:\bases_x\plugins\emalware.297
2009-08-07 18:31 . 2008-12-01 17:07 73 ----a-w- c:\bases_x\plugins\emalware.298
2009-08-07 18:31 . 2008-12-01 17:07 103472 ----a-w- c:\bases_x\plugins\emalware.299
2009-08-07 18:31 . 2008-12-01 17:07 73 ----a-w- c:\bases_x\plugins\emalware.295
2009-08-07 18:31 . 2008-12-01 17:07 73 ----a-w- c:\bases_x\plugins\emalware.289
2009-08-07 18:31 . 2008-12-01 17:07 73 ----a-w- c:\bases_x\plugins\emalware.290
2009-08-07 18:31 . 2008-12-01 17:07 73 ----a-w- c:\bases_x\plugins\emalware.291
2009-08-07 18:31 . 2008-12-01 17:07 73 ----a-w- c:\bases_x\plugins\emalware.292
2009-08-07 18:31 . 2008-12-01 17:07 73 ----a-w- c:\bases_x\plugins\emalware.293
2009-08-07 18:31 . 2008-12-01 17:07 73 ----a-w- c:\bases_x\plugins\emalware.294
2009-08-07 18:31 . 2008-12-01 17:07 73 ----a-w- c:\bases_x\plugins\emalware.286
2009-08-07 18:31 . 2008-12-01 17:07 73 ----a-w- c:\bases_x\plugins\emalware.287
2009-08-07 18:31 . 2008-12-01 17:07 73 ----a-w- c:\bases_x\plugins\emalware.288
2009-08-07 18:31 . 2008-12-12 18:18 73 ----a-w- c:\bases_x\plugins\emalware.277
2009-08-07 18:31 . 2008-12-12 18:18 73 ----a-w- c:\bases_x\plugins\emalware.278
2009-08-07 18:31 . 2008-12-12 18:18 73 ----a-w- c:\bases_x\plugins\emalware.279
2009-08-07 18:31 . 2008-12-01 17:07 73 ----a-w- c:\bases_x\plugins\emalware.280
2009-08-07 18:31 . 2008-12-01 17:07 73 ----a-w- c:\bases_x\plugins\emalware.281
2009-08-07 18:31 . 2008-12-01 17:07 73 ----a-w- c:\bases_x\plugins\emalware.282
2009-08-07 18:31 . 2008-12-01 17:07 73 ----a-w- c:\bases_x\plugins\emalware.283
2009-08-07 18:31 . 2008-12-01 17:07 73 ----a-w- c:\bases_x\plugins\emalware.284
2009-08-07 18:31 . 2008-12-01 17:07 73 ----a-w- c:\bases_x\plugins\emalware.285
2009-08-07 18:31 . 2008-12-12 18:18 73 ----a-w- c:\bases_x\plugins\emalware.268
2009-08-07 18:31 . 2008-12-12 18:18 73 ----a-w- c:\bases_x\plugins\emalware.269
2009-08-07 18:31 . 2008-12-12 18:18 73 ----a-w- c:\bases_x\plugins\emalware.270
2009-08-07 18:31 . 2008-12-12 18:18 73 ----a-w- c:\bases_x\plugins\emalware.271
2009-08-07 18:31 . 2008-12-12 18:18 73 ----a-w- c:\bases_x\plugins\emalware.272
2009-08-07 18:31 . 2008-12-12 18:18 73 ----a-w- c:\bases_x\plugins\emalware.273
2009-08-07 18:31 . 2008-12-12 18:18 73 ----a-w- c:\bases_x\plugins\emalware.274
2009-08-07 18:31 . 2008-12-12 18:18 73 ----a-w- c:\bases_x\plugins\emalware.275
2009-08-07 18:31 . 2008-12-12 18:18 73 ----a-w- c:\bases_x\plugins\emalware.276
2009-08-07 18:31 . 2008-12-12 18:18 73 ----a-w- c:\bases_x\plugins\emalware.259
2009-08-07 18:31 . 2008-12-12 18:18 73 ----a-w- c:\bases_x\plugins\emalware.260
2009-08-07 18:31 . 2008-12-12 18:18 73 ----a-w- c:\bases_x\plugins\emalware.261
2009-08-07 18:31 . 2008-12-12 18:18 73 ----a-w- c:\bases_x\plugins\emalware.262
2009-08-07 18:31 . 2008-12-12 18:18 73 ----a-w- c:\bases_x\plugins\emalware.263
2009-08-07 18:31 . 2008-12-12 18:18 73 ----a-w- c:\bases_x\plugins\emalware.264
2009-08-07 18:31 . 2008-12-12 18:18 73 ----a-w- c:\bases_x\plugins\emalware.265
2009-08-07 18:31 . 2008-12-12 18:18 73 ----a-w- c:\bases_x\plugins\emalware.266
2009-08-07 18:31 . 2008-12-12 18:18 73 ----a-w- c:\bases_x\plugins\emalware.267
2009-08-07 18:31 . 2008-12-12 18:18 73 ----a-w- c:\bases_x\plugins\emalware.252
2009-08-07 18:31 . 2008-12-12 18:18 73 ----a-w- c:\bases_x\plugins\emalware.253
2009-08-07 18:31 . 2008-12-12 18:18 73 ----a-w- c:\bases_x\plugins\emalware.254
2009-08-07 18:31 . 2008-12-12 18:18 73 ----a-w- c:\bases_x\plugins\emalware.255
2009-08-07 18:31 . 2008-12-12 18:18 73 ----a-w- c:\bases_x\plugins\emalware.256
2009-08-07 18:31 . 2008-12-12 18:18 73 ----a-w- c:\bases_x\plugins\emalware.257
2009-08-07 18:31 . 2008-12-12 18:18 73 ----a-w- c:\bases_x\plugins\emalware.258
2009-08-07 18:31 . 2008-12-12 18:18 73 ----a-w- c:\bases_x\plugins\emalware.249
2009-08-07 18:31 . 2008-12-12 18:18 73 ----a-w- c:\bases_x\plugins\emalware.250
2009-08-07 18:31 . 2008-12-12 18:18 73 ----a-w- c:\bases_x\plugins\emalware.251
2009-08-07 18:31 . 2008-12-12 18:18 73 ----a-w- c:\bases_x\plugins\emalware.239
2009-08-07 18:31 . 2008-12-12 18:18 73 ----a-w- c:\bases_x\plugins\emalware.240
2009-08-07 18:31 . 2008-12-12 18:18 73 ----a-w- c:\bases_x\plugins\emalware.241
2009-08-07 18:31 . 2008-12-12 18:18 73 ----a-w- c:\bases_x\plugins\emalware.242
2009-08-07 18:31 . 2008-12-12 18:18 73 ----a-w- c:\bases_x\plugins\emalware.243
2009-08-07 18:31 . 2008-12-12 18:18 73 ----a-w- c:\bases_x\plugins\emalware.244
2009-08-07 18:31 . 2008-12-12 18:18 73 ----a-w- c:\bases_x\plugins\emalware.245
2009-08-07 18:31 . 2008-12-12 18:18 73 ----a-w- c:\bases_x\plugins\emalware.246
2009-08-07 18:31 . 2008-12-12 18:18 73 ----a-w- c:\bases_x\plugins\emalware.247
2009-08-07 18:31 . 2008-12-12 18:18 73 ----a-w- c:\bases_x\plugins\emalware.248
2009-08-07 18:31 . 2008-12-12 18:18 73 ----a-w- c:\bases_x\plugins\emalware.230
2009-08-07 18:31 . 2008-12-12 18:18 73 ----a-w- c:\bases_x\plugins\emalware.231
2009-08-07 18:31 . 2008-12-12 18:18 73 ----a-w- c:\bases_x\plugins\emalware.232
2009-08-07 18:31 . 2008-12-12 18:18 73 ----a-w- c:\bases_x\plugins\emalware.233
2009-08-07 18:31 . 2008-12-12 18:18 73 ----a-w- c:\bases_x\plugins\emalware.234
2009-08-07 18:31 . 2008-12-12 18:18 73 ----a-w- c:\bases_x\plugins\emalware.235
2009-08-07 18:31 . 2008-12-12 18:18 73 ----a-w- c:\bases_x\plugins\emalware.236
2009-08-07 18:31 . 2008-12-12 18:18 73 ----a-w- c:\bases_x\plugins\emalware.237
2009-08-07 18:31 . 2008-12-12 18:18 73 ----a-w- c:\bases_x\plugins\emalware.238
2009-08-07 18:31 . 2008-12-12 18:18 73 ----a-w- c:\bases_x\plugins\emalware.225
2009-08-07 18:31 . 2008-12-12 18:18 73 ----a-w- c:\bases_x\plugins\emalware.226
2009-08-07 18:31 . 2008-12-12 18:18 73 ----a-w- c:\bases_x\plugins\emalware.227
2009-08-07 18:31 . 2008-12-12 18:18 73 ----a-w- c:\bases_x\plugins\emalware.228
2009-08-07 18:31 . 2008-12-12 18:18 73 ----a-w- c:\bases_x\plugins\emalware.229
2009-08-07 18:31 . 2008-12-12 18:18 73 ----a-w- c:\bases_x\plugins\emalware.222
2009-08-07 18:31 . 2008-12-12 18:18 73 ----a-w- c:\bases_x\plugins\emalware.223
2009-08-07 18:31 . 2008-12-12 18:18 73 ----a-w- c:\bases_x\plugins\emalware.224
2009-08-07 18:31 . 2008-12-12 18:18 73 ----a-w- c:\bases_x\plugins\emalware.221
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.219
2009-08-07 18:31 . 2008-12-12 18:18 73 ----a-w- c:\bases_x\plugins\emalware.220
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.218
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.217
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.214
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.215
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.216
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.210
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.211
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.212
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.213
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.209
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.207
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.208
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.204
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.205
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.206
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.203
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.201
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.202
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.200
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.196
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.197
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.198
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.199
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.192
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.193
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.194
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.195
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.190
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.191
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.186
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.187
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.188
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.189
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.185
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.184
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.180
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.181
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.182
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.183
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.177
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.178
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.179
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.173
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.174
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.175
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.176
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.169
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.170
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.171
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.172
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.168
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.166
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.167
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.165
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.164
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.163
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.161
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.162
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.159
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.160
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.155
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.156
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.157
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.158
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.153
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.154
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.150
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.151
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.152
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.148
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.149
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.144
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.145
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.146
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.147
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.140
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.141
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.142
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.143
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.136
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.137
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.138
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.139
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.135
2009-08-07 18:31 . 2009-08-07 18:37 17092 ----a-w- c:\bases_x\plugins\emalware.132
2009-08-07 18:31 . 2009-08-07 18:37 48290 ----a-w- c:\bases_x\plugins\emalware.133
2009-08-07 18:31 . 2008-12-12 18:17 73 ----a-w- c:\bases_x\plugins\emalware.134
2009-08-07 18:31 . 2009-08-07 18:37 92594 ----a-w- c:\bases_x\plugins\emalware.130
2009-08-07 18:31 . 2009-08-07 18:37 4996 ----a-w- c:\bases_x\plugins\emalware.131
2009-08-07 18:31 . 2009-07-19 17:49 119511 ----a-w- c:\bases_x\plugins\emalware.125
2009-08-07 18:31 . 2009-07-20 16:49 112404 ----a-w- c:\bases_x\plugins\emalware.126
2009-08-07 18:31 . 2009-07-20 16:49 109098 ----a-w- c:\bases_x\plugins\emalware.127
2009-08-07 18:31 . 2009-07-20 16:49 112129 ----a-w- c:\bases_x\plugins\emalware.128
2009-08-07 18:31 . 2009-07-21 23:49 132431 ----a-w- c:\bases_x\plugins\emalware.129
2009-08-07 18:31 . 2009-07-18 12:44 105279 ----a-w- c:\bases_x\plugins\emalware.122
2009-08-07 18:31 . 2009-07-18 12:44 104936 ----a-w- c:\bases_x\plugins\emalware.123
2009-08-07 18:31 . 2009-07-18 12:44 146879 ----a-w- c:\bases_x\plugins\emalware.124
2009-08-07 18:31 . 2009-07-16 14:45 106808 ----a-w- c:\bases_x\plugins\emalware.119
2009-08-07 18:31 . 2009-07-16 14:45 103735 ----a-w- c:\bases_x\plugins\emalware.120
2009-08-07 18:31 . 2009-07-17 16:14 102415 ----a-w- c:\bases_x\plugins\emalware.121
2009-08-07 18:31 . 2009-07-13 17:03 104795 ----a-w- c:\bases_x\plugins\emalware.116
2009-08-07 18:31 . 2009-07-14 21:38 105319 ----a-w- c:\bases_x\plugins\emalware.117
2009-08-07 18:31 . 2009-07-14 21:38 101748 ----a-w- c:\bases_x\plugins\emalware.118
2009-08-07 18:31 . 2009-07-10 09:46 101455 ----a-w- c:\bases_x\plugins\emalware.113
2009-08-07 18:31 . 2009-07-12 17:47 101803 ----a-w- c:\bases_x\plugins\emalware.114
2009-08-07 18:31 . 2009-07-12 17:47 102670 ----a-w- c:\bases_x\plugins\emalware.115
2009-08-07 18:31 . 2009-07-02 12:14 112188 ----a-w- c:\bases_x\plugins\emalware.111
2009-08-07 18:31 . 2009-07-04 13:34 102675 ----a-w- c:\bases_x\plugins\emalware.112
2009-08-07 18:31 . 2009-07-02 12:14 101533 ----a-w- c:\bases_x\plugins\emalware.110
2009-08-07 18:31 . 2009-07-01 10:12 107598 ----a-w- c:\bases_x\plugins\emalware.108
2009-08-07 18:31 . 2009-07-01 22:56 103857 ----a-w- c:\bases_x\plugins\emalware.109
2009-08-07 18:31 . 2009-07-01 10:12 107054 ----a-w- c:\bases_x\plugins\emalware.105
2009-08-07 18:31 . 2009-07-01 10:12 100538 ----a-w- c:\bases_x\plugins\emalware.106
2009-08-07 18:31 . 2009-07-01 10:12 102880 ----a-w- c:\bases_x\plugins\emalware.107
2009-08-07 18:31 . 2009-06-29 11:48 105225 ----a-w- c:\bases_x\plugins\emalware.102
2009-08-07 18:31 . 2009-06-29 11:48 101196 ----a-w- c:\bases_x\plugins\emalware.103
2009-08-07 18:31 . 2009-06-29 11:48 106609 ----a-w- c:\bases_x\plugins\emalware.104
2009-08-07 18:31 . 2009-06-29 11:48 104123 ----a-w- c:\bases_x\plugins\emalware.101
2009-08-07 18:31 . 2009-06-29 11:48 106932 ----a-w- c:\bases_x\plugins\emalware.099
2009-08-07 18:31 . 2009-06-29 11:48 139960 ----a-w- c:\bases_x\plugins\emalware.100
2009-08-07 18:31 . 2009-06-29 11:48 278018 ----a-w- c:\bases_x\plugins\emalware.098
2009-08-07 18:31 . 2009-06-25 14:21 143459 ----a-w- c:\bases_x\plugins\emalware.096
2009-08-07 18:31 . 2009-06-29 11:48 329912 ----a-w- c:\bases_x\plugins\emalware.097
2009-08-07 18:31 . 2009-06-25 10:25 151544 ----a-w- c:\bases_x\plugins\emalware.094
2009-08-07 18:31 . 2009-06-25 10:25 146522 ----a-w- c:\bases_x\plugins\emalware.095
2009-08-07 18:31 . 2009-06-24 21:51 138276 ----a-w- c:\bases_x\plugins\emalware.092
2009-08-07 18:31 . 2009-06-25 10:25 147189 ----a-w- c:\bases_x\plugins\emalware.093
2009-08-07 18:31 . 2009-06-24 21:51 156035 ----a-w- c:\bases_x\plugins\emalware.091
2009-08-07 18:31 . 2009-06-19 18:47 100072 ----a-w- c:\bases_x\plugins\emalware.090
2009-08-07 18:31 . 2009-06-05 18:03 110315 ----a-w- c:\bases_x\plugins\emalware.089
2009-08-07 18:31 . 2009-06-05 18:03 141218 ----a-w- c:\bases_x\plugins\emalware.088
2009-08-07 18:31 . 2009-06-04 14:38 134057 ----a-w- c:\bases_x\plugins\emalware.086
2009-08-07 18:31 . 2009-06-04 14:38 134730 ----a-w- c:\bases_x\plugins\emalware.087
2009-08-07 18:31 . 2009-06-01 21:11 151097 ----a-w- c:\bases_x\plugins\emalware.083
2009-08-07 18:31 . 2009-06-02 17:07 104917 ----a-w- c:\bases_x\plugins\emalware.084
2009-08-07 18:31 . 2009-06-04 14:38 152245 ----a-w- c:\bases_x\plugins\emalware.085
2009-08-07 18:31 . 2009-06-01 21:11 105262 ----a-w- c:\bases_x\plugins\emalware.082
2009-08-07 18:31 . 2009-06-11 15:03 114471 ----a-w- c:\bases_x\plugins\emalware.081
2009-08-07 18:31 . 2009-06-01 21:11 111060 ----a-w- c:\bases_x\plugins\emalware.079
2009-08-07 18:31 . 2009-06-01 21:11 150937 ----a-w- c:\bases_x\plugins\emalware.080
2009-08-07 18:31 . 2009-05-28 12:57 114195 ----a-w- c:\bases_x\plugins\emalware.078
2009-08-07 18:31 . 2009-06-11 15:03 132953 ----a-w- c:\bases_x\plugins\emalware.077
2009-08-07 18:31 . 2009-06-11 15:03 138328 ----a-w- c:\bases_x\plugins\emalware.076
2009-08-07 18:31 . 2009-05-28 12:57 134201 ----a-w- c:\bases_x\plugins\emalware.075
2009-08-07 18:31 . 2009-05-27 12:50 136745 ----a-w- c:\bases_x\plugins\emalware.071
2009-08-07 18:31 . 2009-05-27 12:50 112334 ----a-w- c:\bases_x\plugins\emalware.072
2009-08-07 18:31 . 2009-05-27 15:32 151030 ----a-w- c:\bases_x\plugins\emalware.073
2009-08-07 18:31 . 2009-05-28 12:57 130425 ----a-w- c:\bases_x\plugins\emalware.074
2009-08-07 18:31 . 2009-05-28 12:57 150884 ----a-w- c:\bases_x\plugins\emalware.070
2009-08-07 18:31 . 2009-05-26 18:03 102356 ----a-w- c:\bases_x\plugins\emalware.068
2009-08-07 18:31 . 2009-05-27 12:50 101628 ----a-w- c:\bases_x\plugins\emalware.069
2009-08-07 18:31 . 2009-05-26 10:36 110758 ----a-w- c:\bases_x\plugins\emalware.067
2009-08-07 18:31 . 2009-05-20 17:52 102798 ----a-w- c:\bases_x\plugins\emalware.066
2009-08-07 18:31 . 2009-05-20 11:37 145970 ----a-w- c:\bases_x\plugins\emalware.062
2009-08-07 18:31 . 2009-05-20 17:52 134282 ----a-w- c:\bases_x\plugins\emalware.063
2009-08-07 18:31 . 2009-05-20 17:52 131859 ----a-w- c:\bases_x\plugins\emalware.064
2009-08-07 18:31 . 2009-05-20 17:52 102697 ----a-w- c:\bases_x\plugins\emalware.065
2009-08-07 18:31 . 2009-05-20 11:37 105547 ----a-w- c:\bases_x\plugins\emalware.061
2009-08-07 18:31 . 2009-05-22 07:55 100272 ----a-w- c:\bases_x\plugins\emalware.057
2009-08-07 18:31 . 2009-05-20 11:37 100680 ----a-w- c:\bases_x\plugins\emalware.058
2009-08-07 18:31 . 2009-05-20 11:37 148229 ----a-w- c:\bases_x\plugins\emalware.059
2009-08-07 18:31 . 2009-05-20 11:37 105561 ----a-w- c:\bases_x\plugins\emalware.060
2009-08-07 18:31 . 2009-05-18 11:59 121035 ----a-w- c:\bases_x\plugins\emalware.052
2009-08-07 18:31 . 2009-05-13 14:58 107089 ----a-w- c:\bases_x\plugins\emalware.053
2009-08-07 18:31 . 2009-05-22 07:54 102725 ----a-w- c:\bases_x\plugins\emalware.054
2009-08-07 18:31 . 2009-05-22 07:55 100603 ----a-w- c:\bases_x\plugins\emalware.055
2009-08-07 18:31 . 2009-05-18 11:59 103746 ----a-w- c:\bases_x\plugins\emalware.056
2009-08-07 18:31 . 2009-05-26 10:36 128398 ----a-w- c:\bases_x\plugins\emalware.048
2009-08-07 18:31 . 2009-05-12 17:22 146619 ----a-w- c:\bases_x\plugins\emalware.049
2009-08-07 18:31 . 2009-05-22 07:54 150515 ----a-w- c:\bases_x\plugins\emalware.050
2009-08-07 18:31 . 2009-05-12 17:22 112233 ----a-w- c:\bases_x\plugins\emalware.051
2009-08-07 18:31 . 2009-05-05 15:42 121562 ----a-w- c:\bases_x\plugins\emalware.046
2009-08-07 18:31 . 2009-05-05 15:42 125196 ----a-w- c:\bases_x\plugins\emalware.047
2009-08-07 18:31 . 2009-05-05 15:41 127018 ----a-w- c:\bases_x\plugins\emalware.044
2009-08-07 18:31 . 2009-05-05 15:42 121940 ----a-w- c:\bases_x\plugins\emalware.045
2009-08-07 18:31 . 2009-04-09 11:47 113836 ----a-w- c:\bases_x\plugins\emalware.041
2009-08-07 18:31 . 2009-05-22 07:53 99937 ----a-w- c:\bases_x\plugins\emalware.042
2009-08-07 18:31 . 2009-05-26 10:36 105743 ----a-w- c:\bases_x\plugins\emalware.043
2009-08-07 18:31 . 2009-05-22 07:53 122443 ----a-w- c:\bases_x\plugins\emalware.039
2009-08-07 18:31 . 2009-05-22 07:53 109268 ----a-w- c:\bases_x\plugins\emalware.040
2009-08-07 18:31 . 2009-03-28 12:22 100435 ----a-w- c:\bases_x\plugins\emalware.036
2009-08-07 18:31 . 2009-04-09 11:47 101901 ----a-w- c:\bases_x\plugins\emalware.037
2009-08-07 18:31 . 2009-03-22 17:57 100814 ----a-w- c:\bases_x\plugins\emalware.038
2009-08-07 18:31 . 2009-03-06 12:20 117668 ----a-w- c:\bases_x\plugins\emalware.029
2009-08-07 18:31 . 2009-03-06 12:20 129747 ----a-w- c:\bases_x\plugins\emalware.030
2009-08-07 18:31 . 2009-03-06 12:20 111287 ----a-w- c:\bases_x\plugins\emalware.031
2009-08-07 18:31 . 2009-03-28 12:22 102746 ----a-w- c:\bases_x\plugins\emalware.032
2009-08-07 18:31 . 2009-03-16 21:52 100906 ----a-w- c:\bases_x\plugins\emalware.033
2009-08-07 18:31 . 2009-03-28 12:22 103978 ----a-w- c:\bases_x\plugins\emalware.034
2009-08-07 18:31 . 2009-04-01 11:57 106994 ----a-w- c:\bases_x\plugins\emalware.035
2009-08-07 18:31 . 2009-03-06 12:20 126243 ----a-w- c:\bases_x\plugins\emalware.028
2009-08-07 18:31 . 2009-03-26 21:50 104827 ----a-w- c:\bases_x\plugins\emalware.024
2009-08-07 18:31 . 2009-04-09 11:47 103705 ----a-w- c:\bases_x\plugins\emalware.025
2009-08-07 18:31 . 2009-04-09 11:47 100112 ----a-w- c:\bases_x\plugins\emalware.026
2009-08-07 18:31 . 2009-03-06 12:20 119986 ----a-w- c:\bases_x\plugins\emalware.027
2009-08-07 18:31 . 2009-02-24 18:34 100806 ----a-w- c:\bases_x\plugins\emalware.018
2009-08-07 18:31 . 2009-03-06 12:20 100182 ----a-w- c:\bases_x\plugins\emalware.019
2009-08-07 18:31 . 2009-02-17 18:31 100414 ----a-w- c:\bases_x\plugins\emalware.020
2009-08-07 18:31 . 2009-03-06 12:20 101308 ----a-w- c:\bases_x\plugins\emalware.021
2009-08-07 18:31 . 2009-04-09 11:47 102012 ----a-w- c:\bases_x\plugins\emalware.022
2009-08-07 18:31 . 2009-03-02 09:58 102466 ----a-w- c:\bases_x\plugins\emalware.023
2009-08-07 18:31 . 2009-01-27 08:56 106038 ----a-w- c:\bases_x\plugins\emalware.013
2009-08-07 18:31 . 2009-05-22 07:53 106828 ----a-w- c:\bases_x\plugins\emalware.014
2009-08-07 18:31 . 2009-02-15 22:15 103929 ----a-w- c:\bases_x\plugins\emalware.015
2009-08-07 18:31 . 2009-03-26 21:50 99947 ----a-w- c:\bases_x\plugins\emalware.016
2009-08-07 18:31 . 2009-03-06 12:20 115997 ----a-w- c:\bases_x\plugins\emalware.017
2009-08-07 18:31 . 2009-04-01 11:57 102817 ----a-w- c:\bases_x\plugins\emalware.010
2009-08-07 18:31 . 2009-03-06 12:20 108019 ----a-w- c:\bases_x\plugins\emalware.011
2009-08-07 18:31 . 2009-01-27 08:56 125275 ----a-w- c:\bases_x\plugins\emalware.012
2009-08-07 18:31 . 2009-04-03 11:34 109971 ----a-w- c:\bases_x\plugins\emalware.007
2009-08-07 18:31 . 2009-03-06 12:20 120152 ----a-w- c:\bases_x\plugins\emalware.008
2009-08-07 18:31 . 2009-03-06 12:20 105400 ----a-w- c:\bases_x\plugins\emalware.009
2009-08-07 18:31 . 2008-12-01 17:03 2293 ----a-w- c:\bases_x\plugins\dbx.xmd

Alt 08.08.2009, 15:23   #32
Skylite
 
Virus/Trojaner oder von allem etwas? - Standard

Virus/Trojaner oder von allem etwas?


2009-08-07 18:31 . 2009-07-28 16:12 12640 ----a-w- c:\bases_x\plugins\docfile.xmd
2009-08-07 18:31 . 2009-07-01 22:56 4419 ----a-w- c:\bases_x\plugins\dummyarch.xmd
2009-08-07 18:31 . 2009-07-01 22:56 2582 ----a-w- c:\bases_x\plugins\dummyscan.xmd
2009-08-07 18:31 . 2009-01-18 11:39 27527 ----a-w- c:\bases_x\plugins\emalware.001
2009-08-07 18:31 . 2009-02-27 14:25 141037 ----a-w- c:\bases_x\plugins\emalware.002
2009-08-07 18:31 . 2009-02-27 14:25 128386 ----a-w- c:\bases_x\plugins\emalware.003
2009-08-07 18:31 . 2009-03-19 17:35 109394 ----a-w- c:\bases_x\plugins\emalware.004
2009-08-07 18:31 . 2009-04-09 11:47 152589 ----a-w- c:\bases_x\plugins\emalware.005
2009-08-07 18:31 . 2009-03-06 12:20 111753 ----a-w- c:\bases_x\plugins\emalware.006
2009-08-07 18:31 . 2008-12-01 17:03 6416 ----a-w- c:\bases_x\plugins\cookie.cvd
2009-08-07 18:31 . 2008-12-01 17:03 2315 ----a-w- c:\bases_x\plugins\cookie.xmd
2009-08-07 18:31 . 2008-12-01 17:03 4026 ----a-w- c:\bases_x\plugins\cpio.xmd
2009-08-07 18:31 . 2009-07-13 17:03 466658 ----a-w- c:\bases_x\plugins\cran.cvd
2009-08-07 18:31 . 2009-08-07 18:36 121459 ----a-w- c:\bases_x\plugins\cran.ivd
2009-08-07 18:31 . 2009-04-14 01:20 12 ----a-w- c:\bases_x\plugins\ceva_vfs.ivd
2009-08-07 18:31 . 2009-08-07 18:36 13924 ----a-w- c:\bases_x\plugins\chm.xmd
2009-08-07 18:31 . 2009-07-30 16:28 122801 ----a-w- c:\bases_x\plugins\ceva_dll.cvd
2009-08-07 18:31 . 2009-07-30 16:28 165147 ----a-w- c:\bases_x\plugins\ceva_emu.cvd
2009-08-07 18:31 . 2009-07-30 14:34 586158 ----a-w- c:\bases_x\plugins\ceva_vfs.cvd
2009-08-07 18:31 . 2009-07-30 16:28 216448 ----a-w- c:\bases_x\plugins\cevakrnl.xmd
2009-08-07 18:31 . 2009-08-07 18:36 496117 ----a-w- c:\bases_x\plugins\cevakrnl.rvd
2009-08-07 18:31 . 2009-08-07 18:36 56865 ----a-w- c:\bases_x\plugins\cevakrnl.ivd
2009-08-07 18:31 . 2009-08-07 18:36 561192 ----a-w- c:\bases_x\plugins\cevakrnl.rv0
2009-08-07 18:31 . 2009-07-10 09:45 3340 ----a-w- c:\bases_x\plugins\boot.xmd
2009-08-07 18:31 . 2008-12-01 17:03 19355 ----a-w- c:\bases_x\plugins\bzip2.xmd
2009-08-07 18:31 . 2009-08-07 18:36 14711 ----a-w- c:\bases_x\plugins\cab.xmd
2009-08-07 18:31 . 2009-07-15 16:34 607449 ----a-w- c:\bases_x\plugins\cevakrnl.cvd
2009-08-07 18:31 . 2008-12-01 17:03 7691 ----a-w- c:\bases_x\plugins\bach.xmd
2009-08-07 18:31 . 2009-08-01 11:16 135958 ----a-w- c:\bases_x\plugins\aspy_emu.cvd
2009-08-07 18:31 . 2008-12-01 17:03 6284 ----a-w- c:\bases_x\plugins\arj.xmd
2009-08-07 18:31 . 2008-12-01 17:03 19163 ----a-w- c:\bases_x\plugins\alz.xmd
2009-08-07 18:31 . 2009-07-21 23:49 349 ----a-w- c:\bases_x\plugins\arc.xmd
2009-08-07 18:31 . 2009-07-14 22:35 7817 ----a-w- c:\bases_x\plugins\ace.xmd
2009-08-07 18:31 . 2009-06-15 19:09 3885 ----a-w- c:\bases_x\plugins\adsntfs.xmd
2009-08-07 18:31 . 2009-07-28 16:12 35403 ----a-w- c:\bases_x\plugins\7zip.xmd
2009-08-07 18:31 . 2008-12-01 17:03 4064 ----a-w- c:\bases_x\plugins\access.xmd
2009-08-07 18:31 . 2009-08-07 18:37 306944 ----a-w- c:\bases_x\phupdn.txz
2009-08-07 18:31 . 2007-03-20 12:20 279040 ----a-w- c:\bases_x\pdm2rt.ppl
2009-08-07 18:31 . 2009-07-27 16:13 12092 ----a-w- c:\bases_x\phish.avs
2009-08-07 18:31 . 2009-08-07 14:52 1205213 ----a-w- c:\bases_x\phupdn.txt
2009-08-07 18:31 . 2007-03-20 12:01 9216 ----a-w- c:\bases_x\passdmap.ppl
2009-08-07 18:31 . 2007-03-20 12:01 327680 ----a-w- c:\bases_x\PDM.ppl
2009-08-07 18:31 . 2009-07-27 16:13 202 ----a-w- c:\bases_x\nvlist.avs
2009-08-07 18:31 . 2007-03-20 12:03 61440 ----a-w- c:\bases_x\oas.ppl
2009-08-07 18:31 . 2007-03-20 12:03 81920 ----a-w- c:\bases_x\ods.ppl
2009-08-07 18:31 . 2007-03-20 12:01 22016 ----a-w- c:\bases_x\og.ppl
2009-08-07 18:31 . 2009-07-27 16:13 418 ----a-w- c:\bases_x\owl.avs
2009-08-07 18:31 . 2007-03-20 11:53 393216 ----a-w- c:\bases_x\params.ppl
2009-08-07 18:31 . 2007-03-20 12:04 12288 ----a-w- c:\bases_x\ndetect.ppl
2009-08-07 18:31 . 2007-03-20 11:52 86016 ----a-w- c:\bases_x\nfio.ppl
2009-08-07 18:31 . 2007-03-20 12:04 61440 ----a-w- c:\bases_x\NNTPprtc.ppl
2009-08-07 18:31 . 2007-03-20 12:03 16384 ----a-w- c:\bases_x\NTFSstrm.ppl
2009-08-07 18:31 . 2009-08-01 11:18 293384 ----a-w- c:\bases_x\mwunzip.dll
2009-08-07 18:31 . 2009-08-01 11:18 698888 ----a-w- c:\bases_x\MWAVReg.EXE
2009-08-07 18:31 . 2008-08-04 18:17 173432 ----a-w- c:\bases_x\mwav.bmp
2009-08-07 18:31 . 2008-08-13 11:14 2727 ----a-w- c:\bases_x\mwav.ini
2009-08-07 18:31 . 2009-08-01 11:18 105992 ----a-w- c:\bases_x\MWAVL.exe
2009-08-07 18:31 . 2009-08-01 11:18 231944 ----a-w- c:\bases_x\msvlclnt.dll
2009-08-07 18:31 . 2009-08-01 11:18 2140680 ----a-w- c:\bases_x\msvl64.dll
2009-08-07 18:31 . 2009-08-01 11:18 240136 ----a-w- c:\bases_x\msvclnt.dll
2009-08-07 18:31 . 2005-09-22 21:22 522 ----a-w- c:\bases_x\Microsoft.VC80.CRT.manifest
2009-08-07 18:31 . 2009-01-16 02:15 869 ----a-w- c:\bases_x\MicroWorld Toolkit Utility.txt
2009-08-07 18:31 . 2007-03-20 12:15 18944 ----a-w- c:\bases_x\minizip.ppl
2009-08-07 18:31 . 2007-03-20 12:04 27648 ----a-w- c:\bases_x\MKavIO.ppl
2009-08-07 18:31 . 2007-03-20 12:04 69632 ----a-w- c:\bases_x\msoe.ppl
2009-08-07 18:31 . 2008-01-16 16:34 46080 ----a-w- c:\bases_x\mdb.ppl
2009-08-07 18:31 . 2007-03-20 12:04 6656 ----a-w- c:\bases_x\MDMAP.ppl
2009-08-07 18:31 . 2007-03-20 12:04 23040 ----a-w- c:\bases_x\MemModSc.ppl
2009-08-07 18:31 . 2007-03-20 12:04 16896 ----a-w- c:\bases_x\MemScan.ppl
2009-08-07 18:31 . 2009-08-01 11:18 2112072 ----a-w- c:\bases_x\mexe.com
2009-08-07 18:31 . 2007-03-20 12:07 212992 ----a-w- c:\bases_x\MailDisp.ppl
2009-08-07 18:31 . 2007-03-20 12:07 26624 ----a-w- c:\bases_x\MailMsg.ppl
2009-08-07 18:31 . 2005-08-23 11:46 10240 ----a-w- c:\bases_x\main.avi
2009-08-07 18:31 . 2007-03-20 12:07 53248 ----a-w- c:\bases_x\mc.ppl
2009-08-07 18:31 . 2007-03-20 12:07 8192 ----a-w- c:\bases_x\L_llio.ppl
2009-08-07 18:31 . 2009-05-08 12:05 9793 ----a-w- c:\bases_x\license.txt
2009-08-07 18:31 . 2007-03-20 12:07 15872 ----a-w- c:\bases_x\LicMgr.ppl
2009-08-07 18:31 . 2007-03-20 12:15 25088 ----a-w- c:\bases_x\lha.ppl
2009-08-07 18:31 . 2007-03-20 11:54 192512 ----a-w- c:\bases_x\lic60.ppl
2009-08-07 18:31 . 2003-03-13 14:16 304 ----a-w- c:\bases_x\keyid.dat
2009-08-07 18:31 . 2007-03-20 11:58 15360 ----a-w- c:\bases_x\klavsrch.ppl
2009-08-07 18:31 . 2009-04-16 11:55 57129 ----a-w- c:\bases_x\language.ini
2009-08-07 18:31 . 2009-07-31 00:01 109152 ----a-w- c:\bases_x\kavvlg.dll
2009-08-07 18:31 . 2007-03-20 11:58 10240 ----a-w- c:\bases_x\IWGen.ppl
2009-08-07 18:31 . 2009-07-17 11:39 283904 ----a-w- c:\bases_x\kave.dll
2009-08-07 18:31 . 2009-05-20 16:28 2103 ----a-w- c:\bases_x\Italian.tcp
2009-08-07 18:31 . 2009-05-20 16:27 13019 ----a-w- c:\bases_x\Italian.win
2009-08-07 18:31 . 2009-05-20 16:27 8596 ----a-w- c:\bases_x\Italian.dow
2009-08-07 18:31 . 2005-04-24 15:41 7187 ----a-w- c:\bases_x\Italian.lic
2009-08-07 18:31 . 2009-05-20 16:27 13194 ----a-w- c:\bases_x\Italian.con
2009-08-07 18:31 . 2009-05-20 16:27 51839 ----a-w- c:\bases_x\Italian.Age
2009-08-07 18:31 . 2007-03-20 12:08 77824 ----a-w- c:\bases_x\IMAPprtc.ppl
2009-08-07 18:31 . 2007-03-20 11:51 18432 ----a-w- c:\bases_x\Inflate.ppl
2009-08-07 18:31 . 2007-03-20 12:08 15872 ----a-w- c:\bases_x\IniFile.ppl
2009-08-07 18:31 . 2009-07-31 00:00 43592 ----a-w- c:\bases_x\ipc.dll
2009-08-07 18:31 . 2008-03-13 11:59 13824 ----a-w- c:\bases_x\ichk2.ppl
2009-08-07 18:31 . 2007-03-20 12:08 23552 ----a-w- c:\bases_x\iChkSA.ppl
2009-08-07 18:31 . 2009-07-17 11:39 70912 ----a-w- c:\bases_x\ikave.dll
2009-08-07 18:31 . 2005-10-06 19:25 7414 ----a-w- c:\bases_x\Icelandic.lic
2009-08-07 18:31 . 2008-01-05 16:20 1750 ----a-w- c:\bases_x\Icelandic.tcp
2009-08-07 18:31 . 2008-05-03 16:13 12922 ----a-w- c:\bases_x\Icelandic.win
2009-08-07 18:31 . 2008-08-06 16:21 12433 ----a-w- c:\bases_x\Icelandic.con
2009-08-07 18:31 . 2007-11-21 21:07 5575 ----a-w- c:\bases_x\Icelandic.dow
2009-08-07 18:31 . 2007-03-20 12:10 5120 ----a-w- c:\bases_x\HCCMP.ppl
2009-08-07 18:31 . 2008-06-23 19:42 115123 ----a-w- c:\bases_x\Icelandic.Age
2009-08-07 18:31 . 2009-07-31 13:18 18960 ----a-w- c:\bases_x\global.daz
2009-08-07 18:31 . 2007-03-20 12:10 5632 ----a-w- c:\bases_x\HashCont.ppl
2009-08-07 18:31 . 2007-03-20 12:10 8192 ----a-w- c:\bases_x\HashMD5.PPL
2009-08-07 18:31 . 2009-06-17 15:48 55928 ----a-w- c:\bases_x\global.dat
2009-08-07 18:31 . 2009-04-16 11:55 2276 ----a-w- c:\bases_x\German.tcp
2009-08-07 18:31 . 2009-04-16 11:55 13849 ----a-w- c:\bases_x\German.win
2009-08-07 18:31 . 2009-08-01 11:18 182856 ----a-w- c:\bases_x\Getvlist.exe
2009-08-07 18:31 . 2009-04-16 11:55 9858 ----a-w- c:\bases_x\German.dow
2009-08-07 18:31 . 2009-05-08 12:05 9793 ----a-w- c:\bases_x\German.lic
2009-08-07 18:31 . 2009-04-16 11:55 15792 ----a-w- c:\bases_x\German.con
2009-08-07 18:31 . 2009-04-16 11:55 57129 ----a-w- c:\bases_x\German.Age
2009-08-07 18:31 . 2007-03-20 12:11 18944 ----a-w- c:\bases_x\FsDrvPlg.ppl
2009-08-07 18:31 . 2009-07-17 11:39 43776 ----a-w- c:\bases_x\FSSync.dll
2009-08-07 18:31 . 2006-12-02 16:11 7187 ----a-w- c:\bases_x\French.lic
2009-08-07 18:31 . 2009-04-16 11:30 2221 ----a-w- c:\bases_x\French.tcp
2009-08-07 18:31 . 2009-04-16 11:30 14205 ----a-w- c:\bases_x\French.win
2009-08-07 18:31 . 2009-04-16 11:30 14172 ----a-w- c:\bases_x\French.con
2009-08-07 18:31 . 2009-04-16 11:30 9176 ----a-w- c:\bases_x\French.dow
2009-08-07 18:31 . 2008-05-03 16:13 12952 ----a-w- c:\bases_x\Finnish.win
2009-08-07 18:31 . 2009-07-27 16:13 357 ----a-w- c:\bases_x\fmw.avs
2009-08-07 18:31 . 2009-04-16 11:30 57452 ----a-w- c:\bases_x\French.Age
2009-08-07 18:31 . 2007-11-21 21:07 5844 ----a-w- c:\bases_x\Finnish.dow
2009-08-07 18:31 . 2005-07-13 10:56 6633 ----a-w- c:\bases_x\Finnish.lic
2009-08-07 18:31 . 2008-01-05 16:20 1834 ----a-w- c:\bases_x\Finnish.tcp
2009-08-07 18:31 . 2008-08-06 16:19 12322 ----a-w- c:\bases_x\Finnish.con
2009-08-07 18:31 . 2007-03-20 12:11 9728 ----a-w- c:\bases_x\Explode.ppl
2009-08-07 18:31 . 2008-07-21 16:58 14912 ----a-w- c:\bases_x\farbuffer.ppl
2009-08-07 18:31 . 2008-07-21 16:58 14400 ----a-w- c:\bases_x\faristream.ppl
2009-08-07 18:31 . 2008-06-23 19:42 116891 ----a-w- c:\bases_x\Finnish.Age
2009-08-07 18:31 . 2009-08-01 11:18 289800 ----a-w- c:\bases_x\esupdate.exe
2009-08-07 18:31 . 2009-08-01 11:18 13832 ----a-w- c:\bases_x\erootdrv.sys
2009-08-07 18:31 . 2003-03-01 12:20 7946 ----a-w- c:\bases_x\esmain.avi
2009-08-07 18:31 . 2009-07-29 14:26 18159 ----a-w- c:\bases_x\esupd.ini
2009-08-07 18:31 . 2009-01-16 01:53 8059 ----a-w- c:\bases_x\English.lic
2009-08-07 18:31 . 2008-11-25 13:25 2062 ----a-w- c:\bases_x\English.tcp
2009-08-07 18:31 . 2009-01-28 11:12 12490 ----a-w- c:\bases_x\English.win
2009-08-07 18:31 . 2009-02-23 09:50 8202 ----a-w- c:\bases_x\English.dow
2009-08-07 18:31 . 2009-03-19 12:47 12921 ----a-w- c:\bases_x\English.con
2009-08-07 18:31 . 2009-04-20 15:22 51086 ----a-w- c:\bases_x\English.Age
2009-08-07 18:31 . 2007-03-20 12:11 49152 ----a-w- c:\bases_x\dtreg.ppl
2009-08-07 18:31 . 2009-08-01 11:18 120328 ----a-w- c:\bases_x\encdec.dll
2009-08-07 18:31 . 2007-03-20 12:11 23552 ----a-w- c:\bases_x\diff.ppl
2009-08-07 18:31 . 2007-03-20 12:11 6656 ----a-w- c:\bases_x\dmap.ppl
2009-08-07 18:31 . 2009-08-01 11:18 924168 ----a-w- c:\bases_x\download.exe
2009-08-07 18:31 . 2007-05-02 16:13 7416 ----a-w- c:\bases_x\Czech.lic
2009-08-07 18:31 . 2008-04-02 09:02 1781 ----a-w- c:\bases_x\Czech.tcp
2009-08-07 18:31 . 2007-03-20 12:15 17408 ----a-w- c:\bases_x\deflate.ppl
2009-08-07 18:31 . 2007-11-21 21:08 5515 ----a-w- c:\bases_x\Czech.dow
2009-08-07 18:31 . 2008-10-17 13:12 11973 ----a-w- c:\bases_x\Czech.con
2009-08-07 18:31 . 2009-08-07 18:37 24302 ----a-w- c:\bases_x\cr.avs
2009-08-07 18:31 . 2009-07-27 16:13 4934 ----a-w- c:\bases_x\cr2.avs
2009-08-07 18:31 . 2007-03-20 11:52 30720 ----a-w- c:\bases_x\crpthlpr.ppl
2009-08-07 18:31 . 2008-06-23 19:42 56459 ----a-w- c:\bases_x\Czech.Age
2009-08-07 18:31 . 2009-04-16 11:55 15792 ----a-w- c:\bases_x\config.lan
2009-08-07 18:31 . 2005-08-23 14:51 6144 ----a-w- c:\bases_x\complete.avi
2009-08-07 18:31 . 2007-03-20 11:58 14336 ----a-w- c:\bases_x\ComStmIO.ppl
2009-08-07 18:31 . 2009-06-02 16:10 3260 ----a-w- c:\bases_x\ChineseSimplified.tcp
2009-08-07 18:31 . 2008-12-09 11:52 11 ----a-w- c:\bases_x\clean.bat
2009-08-07 18:31 . 2009-04-16 16:24 1972 ----a-w- c:\bases_x\Chinese.tcp
2009-08-07 18:31 . 2009-04-16 16:24 10058 ----a-w- c:\bases_x\Chinese.win
2009-08-07 18:31 . 2009-06-02 16:09 13562 ----a-w- c:\bases_x\ChineseSimplified.con
2009-08-07 18:31 . 2009-06-02 16:09 10240 ----a-w- c:\bases_x\ChineseSimplified.dow
2009-08-07 18:31 . 2009-04-16 16:24 6491 ----a-w- c:\bases_x\Chinese.dow
2009-08-07 18:31 . 2007-06-03 19:03 4428 ----a-w- c:\bases_x\Chinese.lic
2009-08-07 18:31 . 2009-04-16 16:24 9729 ----a-w- c:\bases_x\Chinese.con
2009-08-07 18:31 . 2007-10-18 14:31 15872 ----a-w- c:\bases_x\CAB.ppl
2009-08-07 18:31 . 2009-04-16 16:24 40970 ----a-w- c:\bases_x\Chinese.Age
2009-08-07 18:31 . 2007-02-13 10:14 58870 ----a-w- c:\bases_x\bitmap1.bmp
2009-08-07 18:31 . 2007-03-20 12:12 15872 ----a-w- c:\bases_x\btdisk.ppl
2009-08-07 18:31 . 2007-03-20 12:12 14848 ----a-w- c:\bases_x\btimages.ppl
2009-08-07 18:31 . 2007-03-20 12:11 5632 ----a-w- c:\bases_x\buffer.ppl
2009-08-07 18:31 . 2009-07-26 15:01 58624 ----a-w- c:\bases_x\bdupdateservice.dll
2009-08-07 18:31 . 2009-07-15 14:15 226560 ----a-w- c:\bases_x\bdfltlib2k.dll
2009-08-07 18:31 . 2009-07-15 14:15 226560 ----a-w- c:\bases_x\bdfltlib.dll
2009-08-07 18:31 . 2008-12-12 18:42 499 ----a-w- c:\bases_x\bdc.ini
2009-08-07 18:31 . 2009-07-23 17:30 102400 ----a-w- c:\bases_x\bdcore.dll
2009-08-07 18:31 . 2007-03-20 12:12 6656 ----a-w- c:\bases_x\Base64.ppl
2009-08-07 18:31 . 2007-03-20 12:12 6656 ----a-w- c:\bases_x\Base64P.ppl
2009-08-07 18:31 . 2009-07-15 14:15 91904 ----a-w- c:\bases_x\bdc.exe
2009-08-07 18:31 . 2007-03-20 12:12 118784 ----a-w- c:\bases_x\avs.ppl
2009-08-07 18:31 . 2007-03-20 11:58 19456 ----a-w- c:\bases_x\avspm.ppl
2009-08-07 18:31 . 2009-01-18 17:57 53248 ----a-w- c:\bases_x\avxdisk.dll
2009-08-07 18:31 . 2007-03-20 12:14 16896 ----a-w- c:\bases_x\AVP3Info.ppl
2009-08-07 18:31 . 2007-12-07 07:20 98304 ----a-w- c:\bases_x\avpgs.ppl
2009-08-07 18:31 . 2007-03-20 12:12 40448 ----a-w- c:\bases_x\AvpMgr.ppl
2009-08-07 18:31 . 2007-03-20 12:15 131072 ----a-w- c:\bases_x\Avp1.ppl
2009-08-07 18:31 . 2006-03-31 17:28 889 ----a-w- c:\bases_x\appinfo.kli
2009-08-07 18:31 . 2007-03-20 12:15 17408 ----a-w- c:\bases_x\Arj.ppl
2009-08-07 18:31 . 2007-03-20 12:15 12288 ----a-w- c:\bases_x\ArjPack.ppl
2009-08-07 18:31 . 2007-03-20 12:15 12288 ----a-w- c:\bases_x\avlib.ppl
2009-08-07 18:31 . 2007-02-13 10:14 58870 ----a-w- c:\bases_x\about.bmp
2009-08-07 18:31 . 2007-03-20 12:20 52736 ----a-w- c:\bases_x\advdis.ppl
2009-08-07 18:31 . 2007-03-20 12:15 11264 ----a-w- c:\bases_x\antispy.ppl
2009-08-07 18:31 . 2007-03-20 12:16 40448 ----a-w- c:\bases_x\aphish.ppl
2009-08-07 18:31 . 2007-03-20 12:16 12800 ----a-w- c:\bases_x\aphisht.ppl


((((((((((((((((((((((((((((( SnapShot@2009-08-08_00.35.22 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-08-08 13:42 . 2009-08-08 13:42 16384 c:\windows\temp\Perflib_Perfdata_884.dat
+ 2009-08-08 13:23 . 2009-08-08 13:23 16384 c:\windows\temp\Perflib_Perfdata_73c.dat
+ 2009-08-08 13:03 . 2009-08-08 13:03 84661 c:\windows\system32\Macromed\Flash\uninstall_plugin.exe
- 2007-08-03 02:40 . 2009-03-25 20:44 84661 c:\windows\system32\Macromed\Flash\uninstall_plugin.exe
+ 2009-08-08 13:21 . 2009-08-08 13:21 8192 c:\windows\ERDNT\subs\Users\00000006\UsrClass.dat
+ 2009-08-08 13:21 . 2009-08-08 13:21 8192 c:\windows\ERDNT\subs\Users\00000002\UsrClass.dat
+ 2009-07-18 03:21 . 2009-07-18 03:21 257440 c:\windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe
+ 2009-08-08 12:58 . 2009-08-08 12:58 149280 c:\windows\system32\javaws.exe
+ 2009-08-08 12:58 . 2009-08-08 12:58 145184 c:\windows\system32\javaw.exe
+ 2009-08-08 12:58 . 2009-08-08 12:58 145184 c:\windows\system32\java.exe
+ 2009-08-08 13:03 . 2009-08-08 13:03 792576 c:\windows\Installer\7f88a.msi
+ 2009-08-08 12:58 . 2009-08-08 12:58 537600 c:\windows\Installer\7f87b.msi
+ 2009-08-08 13:03 . 2009-08-08 13:03 371272 c:\windows\Installer\{D103C4BA-F905-437A-8049-DB24763BBE36}\SkypeIcon.exe
+ 2009-08-08 13:21 . 2009-08-08 13:21 233472 c:\windows\ERDNT\subs\Users\00000005\NTUSER.DAT
+ 2009-08-08 13:21 . 2009-08-08 13:21 208896 c:\windows\ERDNT\subs\Users\00000004\UsrClass.dat
+ 2009-08-08 13:21 . 2009-08-08 13:21 233472 c:\windows\ERDNT\subs\Users\00000001\NTUSER.DAT
+ 2009-07-18 03:21 . 2009-07-18 03:21 3883424 c:\windows\system32\Macromed\Flash\NPSWF32.dll
+ 2009-08-08 13:03 . 2009-08-08 13:03 1565696 c:\windows\Installer\7f884.msi
+ 2009-08-08 13:21 . 2009-08-08 13:21 11370496 c:\windows\ERDNT\subs\Users\00000003\ntuser.dat
__________________
Alt 08.08.2009, 15:24   #33
Skylite
 
Virus/Trojaner oder von allem etwas? - Standard

Virus/Trojaner oder von allem etwas?


.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RemoteCenter"="c:\programme\Creative\MediaSource\RemoteControl\RCMan.EXE" [2003-10-08 139264]
"Skype"="c:\programme\Skype\Phone\Skype.exe" [2009-07-16 25604904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SBDrvDet"="c:\programme\Creative\SB Drive Det\SBDrvDet.exe" [2002-12-03 45056]
"ATIPTA"="c:\programme\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-03-29 339968]
"ATICCC"="c:\programme\ATI Technologies\ATI.ACE\CLIStart.exe" [2006-09-25 90112]
"LogitechCommunicationsManager"="c:\programme\Gemeinsame Dateien\LogiShrd\LComMgr\Communications_Helper.exe" [2007-02-07 488984]
"CTSysVol"="c:\programme\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe" [2003-09-17 57344]
"CTDVDDET"="c:\programme\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE" [2003-06-17 45056]
"avgnt"="c:\programme\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"SunJavaUpdateSched"="c:\programme\Java\jre6\bin\jusched.exe" [2009-08-08 149280]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" - c:\windows\KHALMNPR.Exe [2007-04-11 56080]
"CTHelper"="CTHELPER.EXE" - c:\windows\system32\CTHELPER.EXE [2003-10-06 24576]

c:\dokumente und einstellungen\All Users\Startmen\Programme\Autostart\
Hochfahren.bat [2008-4-28 65]
Logitech SetPoint.lnk - c:\programme\Logitech\SetPoint\SetPoint.exe [2007-11-3 692224]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""

[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^SATARAID5.lnk]
path=c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\SATARAID5.lnk
backup=c:\windows\pss\SATARAID5.lnkCommon Startup

[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^WinTV Recording Status..lnk]
path=c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\WinTV Recording Status..lnk
backup=c:\windows\pss\WinTV Recording Status..lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Apple Mobile Device"=2 (0x2)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"SpybotSD TeaTimer"=c:\programme\Spybot - Search & Destroy\TeaTimer.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programme\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\Programme\\Gemeinsame Dateien\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"d:\\Spiele\\Worms World Party\\wwp.exe"=
"c:\\Programme\\Paltalk Messenger\\paltalk.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Programme\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"17010:TCP"= 17010:TCP:worms world party
"17011:TCP"= 17011:TCP:Worms world Party
"17012:TCP"= 17012:TCP:Worms world party

R2 AntiVirSchedulerService;Avira AntiVir Planer;c:\programme\Avira\AntiVir Desktop\sched.exe [31.07.2009 16:04 108289]
R2 PfDetNT;PfDetNT;c:\windows\system32\drivers\PfModNT.sys [26.05.2009 01:38 15840]
S3 hcw95bda;Hauppauge MOD7700 Tuner Driver;c:\windows\system32\drivers\hcw95bda.sys [04.04.2009 17:23 562176]
S3 hcw95rc;Hauppauge MOD7700 IR Driver;c:\windows\system32\drivers\hcw95rc.sys [04.04.2009 17:23 15616]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [16.02.2009 17:07 138112]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [16.02.2009 17:07 8320]
S3 PDNMp50;PDNMp50 NDIS Protocol Driver;\??\c:\windows\system32\drivers\PDNMp50.sys --> c:\windows\system32\drivers\PDNMp50.sys [?]
S3 PDNSp50;PDNSp50 NDIS Protocol Driver;\??\c:\windows\system32\drivers\PDNSp50.sys --> c:\windows\system32\drivers\PDNSp50.sys [?]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.gmx.de/
mStart Page = about:blank
TCP: {7D12C82E-EF19-40E1-A2F1-469F20F0A96E} = 213.191.74.19 62.109.123.197
FF - ProfilePath - c:\dokumente und einstellungen\User\Anwendungsdaten\Mozilla\Firefox\Profiles\l0j5s00l.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.startup.homepage - hxxp://www.gmx.de
FF - prefs.js: keyword.enabled - false
FF - component: c:\programme\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - plugin: c:\dokumente und einstellungen\User\Anwendungsdaten\Mozilla\Firefox\Profiles\l0j5s00l.default\extensions\moveplayer@movenetworks.com\platform\WINNT_x86-msvc\plugins\npmnqmp07100121.dll
FF - plugin: c:\programme\Google\Update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: c:\programme\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\programme\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX Richtlinien ----
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: browser.history_expire_days - 3
FF - user.js: browser.history_expire_days_min - 3
FF - user.js: browser.history_expire_sites - 40000
FF - user.js: dom.storage.enabled - true
FF - user.js: privacy.sanitize.sanitizeOnShutdown - false
FF - user.js: privacy.sanitize.promptOnSanitize - false
FF - user.js: privacy.item.offlineApps - false
FF - user.js: browser.safebrowsing.malware.enabled - true
FF - user.js: nglayout.initialpaint.delay - 50
FF - user.js: network.http.pipelining - true
FF - user.js: network.prefetch-next - true
FF - user.js: config.trim_on_minimize - true
FF - user.js: browser.sessionhistory.max_total_viewers - 0
FF - user.js: browser.cache.memory.capacity - 18432
FF - user.js: browser.cache.disk.capacity - 20000
FF - user.js: browser.cache.offline.capacity - 25000
FF - user.js: browser.sessionstore.interval - 30000000
FF - user.js: browser.sessionstore.max_tabs_undo - 10
FF - user.js: browser.urlbar.maxRichResults - 0
FF - user.js: keyword.enabled - false
FF - user.js: browser.fixup.alternate.suffix - .com
FF - user.js: browser.urlbar.doubleClickSelectsAll - false
FF - user.js: browser.urlbar.clickSelectsAll - true
FF - user.js: browser.zoom.siteSpecific - false
FF - user.js: browser.search.openintab - true
FF - user.js: browser.tabs.loadDivertedInBackground - true
FF - user.js: browser.tabs.closeButtons - 1
FF - user.js: browser.download.manager.useWindow - true
FF - user.js: browser.download.manager.retention - 1
FF - user.js: browser.download.manager.closeWhenDone - true
FF - user.js: extensions.checkCompatibility - true
FF - user.js: extensions.hideInstallButton - true
c:\programme\Mozilla Firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);
c:\programme\Mozilla Firefox\greprefs\all.js - pref("media.cache_size", 51200);
c:\programme\Mozilla Firefox\greprefs\all.js - pref("media.ogg.enabled", true);
c:\programme\Mozilla Firefox\greprefs\all.js - pref("media.wave.enabled", true);
c:\programme\Mozilla Firefox\greprefs\all.js - pref("media.autoplay.enabled", true);
c:\programme\Mozilla Firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);
c:\programme\Mozilla Firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");
c:\programme\Mozilla Firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120);
c:\programme\Mozilla Firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);
c:\programme\Mozilla Firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);
c:\programme\Mozilla Firefox\greprefs\all.js - pref("layout.css.dpi", -1);
c:\programme\Mozilla Firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);
c:\programme\Mozilla Firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);
c:\programme\Mozilla Firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);
c:\programme\Mozilla Firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);
c:\programme\Mozilla Firefox\greprefs\all.js - pref("geo.enabled", true);
c:\programme\Mozilla Firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);
c:\programme\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");
c:\programme\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true);
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true);
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false);
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true);
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true);
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true);
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true);
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true);
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true);
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false);
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true);
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true);
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true);
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true);
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false);
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false);
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false);
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2009-08-08 15:39
Windows 5.1.2600 Service Pack 3 NTFS

Scanne versteckte Prozesse...

Scanne versteckte Autostarteinträge...

Scanne versteckte Dateien...


c:\dokumente und einstellungen\User\Anwendungsdaten\Skype
c:\dokumente und einstellungen\User\Anwendungsdaten\Skype\shared.lck 0 bytes
c:\dokumente und einstellungen\User\Anwendungsdaten\Skype\shared.xml 353 bytes

Scan erfolgreich abgeschlossen
versteckte Dateien: 3

**************************************************************************
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------

- - - - - - - > 'winlogon.exe'(732)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(7876)
c:\programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll
c:\programme\Logitech\SetPoint\GameHook.dll
c:\programme\Logitech\SetPoint\lgscroll.dll
c:\windows\system32\ctagent.dll
c:\windows\system32\msls31.dll
c:\windows\system32\webcheck.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\system32\ati2evxx.exe
c:\windows\system32\ati2evxx.exe
c:\programme\Gemeinsame Dateien\LogiShrd\LVMVFM\LVPrcSrv.exe
c:\programme\Avira\AntiVir Desktop\avguard.exe
c:\windows\system32\CTSVCCDA.EXE
c:\programme\Java\jre6\bin\jqs.exe
c:\windows\system32\MsPMSPSv.exe
c:\programme\ATI Technologies\ATI.ACE\CLI.exe
c:\programme\Gemeinsame Dateien\Logitech\KhalShared\KHALMNPR.exe
c:\programme\Gemeinsame Dateien\LogiShrd\LComMgr\LVComSX.exe
c:\programme\ATI Technologies\ATI.ACE\CLI.exe
c:\programme\ATI Technologies\ATI.ACE\CLI.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2009-08-08 15:46 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2009-08-08 13:46
ComboFix2.txt 2009-08-08 00:39

Vor Suchlauf: 11 Verzeichnis(se), 36.938.526.720 Bytes frei
Nach Suchlauf: 9 Verzeichnis(se), 36.800.950.272 Bytes frei

3935 --- E O F --- 2009-08-07 02:15


Fertig, mann das war aber viel!
Puh...
__________________
Alt 08.08.2009, 15:57   #34
john.doe
 
Virus/Trojaner oder von allem etwas? - Standard

Virus/Trojaner oder von allem etwas?


Zitat:
Ist escan dieses mwav? Soll ich es löschen?
Ja. Ja.
Zitat:
Zur Datei Hochfahren.bat, die habe ich damals selber gebastelt vor Jahren,
Dann ist alles i.O.
Zitat:
deinstalliert aber eigene Anpassungen beibehalten, hätte ich die auch löschen sollen?
Nein, dein Firefox sieht sauber aus.
Zitat:
Alles installiert bis auf ICQ das nutze ich nicht, sollen wir es trotzdem installieren?
Nein.

Ich habe da etwas zuviel gelöscht, dass muss wieder rückgängig gemacht werden.

Scripten mit Combofix
  • Öffne den Editor (Start => Zubehör => Editor ) kopiere nun folgenden Text in das weiße Feld:
Code:
ATTFilter
DeQuarantine::
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\[??].Deep.Blue.2003.DVDRip.XViD-VoMiT.avi.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\ALBUM - Don Mclean - American Pie\Don McLean - American Pie\Don McLean - American Pie -01 - American Pie.mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\ALBUM - Don Mclean - American Pie\Don McLean - American Pie\Don McLean - American Pie -02 - Till Tomorrow.mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\ALBUM - Don Mclean - American Pie\Don McLean - American Pie\Don McLean - American Pie -03 - Vincent.mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\ALBUM - Don Mclean - American Pie\Don McLean - American Pie\Don McLean - American Pie -04 - Crossroads.mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\ALBUM - Don Mclean - American Pie\Don McLean - American Pie\Don McLean - American Pie -05 - Winterwood.mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\ALBUM - Don Mclean - American Pie\Don McLean - American Pie\Don McLean - American Pie -06 - Empty Chairs.mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\ALBUM - Don Mclean - American Pie\Don McLean - American Pie\Don McLean - American Pie -07 - Everybody Loves Me, Baby.mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\ALBUM - Don Mclean - American Pie\Don McLean - American Pie\Don McLean - American Pie -08 - Sister Fatima.mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\ALBUM - Don Mclean - American Pie\Don McLean - American Pie\Don McLean - American Pie -09 - The Grave.mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\ALBUM - Don Mclean - American Pie\Don McLean - American Pie\Don McLean - American Pie -10 - Babylon.mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\ALBUM - Don McLean - Classics\Don McLean - Classics -01. American Pie (Complete Original Version).mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\ALBUM - Don McLean - Classics\Don McLean - Classics -02. Vincent.mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\ALBUM - Don McLean - Classics\Don McLean - Classics -03. And I Love You So.mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\ALBUM - Don McLean - Classics\Don McLean - Classics -04. Crying.mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\ALBUM - Don McLean - Classics\Don McLean - Classics -05. Since I Don't Have You.mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\ALBUM - Don McLean - Classics\Don McLean - Classics -06. Castles In The Air.mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\ALBUM - Don McLean - Classics\Don McLean - Classics -07. It's Just The Sun.mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\ALBUM - Don McLean - Classics\Don McLean - Classics -08. Jerusalem.mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\ALBUM - Don McLean - Classics\Don McLean - Classics -09. It's A Beautiful Life.mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\ALBUM - Don McLean - Classics\Don McLean - Classics -10. American Pie (New Version).mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\Beth Gibbons - Mysteries - BO les poupées russes.mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\Don McLean - Rearview Mirror (2005)\00-don_mclean-rearview_mirror-advance-cover.jpg
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\Don McLean - Rearview Mirror (2005)\01-don_mclean-if_you_could_read_my_mind-jce.mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\Don McLean - Rearview Mirror (2005)\02-don_mclean-vincent-jce.mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\Don McLean - Rearview Mirror (2005)\03-don_mclean-wonderful_baby-jce.mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\Don McLean - Rearview Mirror (2005)\04-don_mclean-love_me_tender-jce.mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\Don McLean - Rearview Mirror (2005)\05-don_mclean-(it_was)_a_very_good_year-jce.mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\Don McLean - Rearview Mirror (2005)\06-don_mclean-el_paso-jce.mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\Don McLean - Rearview Mirror (2005)\07-don_mclean-my_saddle_pal_and_i-jce.mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\Don McLean - Rearview Mirror (2005)\08-don_mclean-and_i_love_you_so-jce.mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\Don McLean - Rearview Mirror (2005)\09-don_mclean-crying-jce.mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\Don McLean - Rearview Mirror (2005)\10-don_mclean-empty_chairs-jce.mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\Don McLean - Rearview Mirror (2005)\11-don_mclean-homeless_brother-jce.mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\Don McLean - Rearview Mirror (2005)\12-don_mclean-tb_blues-jce.mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\Don McLean - Rearview Mirror (2005)\13-don_mclean-magdalene_lane-jce.mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\Don McLean - Rearview Mirror (2005)\14-don_mclean-infinity-jce.mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\Don McLean - Rearview Mirror (2005)\15-don_mclean-prime_time-jce.mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\Don McLean - Rearview Mirror (2005)\16-don_mclean-american_pie-jce.mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\Don McLean - Rearview Mirror (2005)\17-don_mclean-run_diana_run-jce.mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\Don McLean - Rearview Mirror (2005)\18-don_mclean-youve_got_to_share-jce.mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\Don McLean - Rearview Mirror (2005)\Thumbs.db
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\Don Mclean - The Best Of\DON MCLEAN -01- AMERICAN PIE .mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\Don Mclean - The Best Of\DON MCLEAN -02- CASTLES IN THE AIR (1981 VERSION).mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\Don Mclean - The Best Of\DON MCLEAN -03- DREIDEL.mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\Don Mclean - The Best Of\DON MCLEAN -04- WINTERWOOD.mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\Don Mclean - The Best Of\DON MCLEAN -05- EVERYDAY.mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\Don Mclean - The Best Of\DON MCLEAN -06- SISTER FATIMA.mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\Don Mclean - The Best Of\DON MCLEAN -07- EMPTY CHAIRS.mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\Don Mclean - The Best Of\DON MCLEAN -08- THE BIRTHDAY SONG.mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\Don Mclean - The Best Of\DON MCLEAN -09- WONDERFUL BABY.mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\Don Mclean - The Best Of\DON MCLEAN -10- LA LA I LOVE YOU.mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\Don Mclean - The Best Of\DON MCLEAN -11- VINCENT.mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\Don Mclean - The Best Of\DON MCLEAN -12- CROSSROADS.mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\Don Mclean - The Best Of\DON MCLEAN -13- AND I LOVE YOU SO.mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\Don Mclean - The Best Of\DON MCLEAN -14- FOOLS PARADISE.mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\Don Mclean - The Best Of\DON MCLEAN -15- IF WE TRY.mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\Don Mclean - The Best Of\DON MCLEAN -16- MOUNTAINS OF MOURNE.mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\Don Mclean - The Best Of\DON MCLEAN -17- THE GRAVE.mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\Don Mclean - The Best Of\DON MCLEAN -18- RESPECTABLE.mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\Don McLean (1972) - Don McLean (original - released by deresel - dec 2004)\Don McLean (1972) - Don McLean\Side 01\01 Dreidl.mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\Don McLean (1972) - Don McLean (original - released by deresel - dec 2004)\Don McLean (1972) - Don McLean\Side 01\02 Branco Bill's Lament.mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\Don McLean (1972) - Don McLean (original - released by deresel - dec 2004)\Don McLean (1972) - Don McLean\Side 01\03 Oh My What A Shame.mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\Don McLean (1972) - Don McLean (original - released by deresel - dec 2004)\Don McLean (1972) - Don McLean\Side 01\04 If We Try.mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\Don McLean (1972) - Don McLean (original - released by deresel - dec 2004)\Don McLean (1972) - Don McLean\Side 01\05 The More You Pay (The More It's Worth).mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\Don McLean (1972) - Don McLean (original - released by deresel - dec 2004)\Don McLean (1972) - Don McLean\Side 02\01 Narcisissma.mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\Don McLean (1972) - Don McLean (original - released by deresel - dec 2004)\Don McLean (1972) - Don McLean\Side 02\02 Falling Through Time.mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\Don McLean (1972) - Don McLean (original - released by deresel - dec 2004)\Don McLean (1972) - Don McLean\Side 02\03 On the Amazon.mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\Don McLean (1972) - Don McLean (original - released by deresel - dec 2004)\Don McLean (1972) - Don McLean\Side 02\04 Birthday Song.mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\Don McLean (1972) - Don McLean (original - released by deresel - dec 2004)\Don McLean (1972) - Don McLean\Side 02\05 The Pride Parade.mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\James Blunt\ - Shine On - James Blunt.mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\James Blunt\ James Blunt - High.mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\James Blunt\ james blunt - no bravery(1).mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\James Blunt\ James Blunt - Tears And Rain.mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\James Blunt\(09) - [James Blunt] - Cry.mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\James Blunt\02-James Blunt-Dear Katie.mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\James Blunt\02-james_blunt-one_of_the_brightest_stars.mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\James Blunt\09-james_blunt-annie.mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\James Blunt\09 James Blunt - Annie.mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\James Blunt\13-James Blunt-Young Folks (From Jo Whiley Live Lounge).mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\James Blunt\James Blunt - irgendwas.mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\James Blunt\James Blunt - 1973 (Simona).mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\James Blunt\James Blunt - All The Lost Souls - 2007 - I Can't Hear The Music.mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\James Blunt\James Blunt - Back To Bedlam - 04 - Goodbye My Lover.mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\James Blunt\James Blunt - Carry you home(1).mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\James Blunt\James Blunt - Carry you home.mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\James Blunt\James Blunt - Lovec, love, love.mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\James Blunt\James Blunt - Same Mistake.mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\James Blunt\James Blunt - Wiseman.mp3.vir
C:\Qoobox\Quarantine\d\mulii\Muliiiiiiiiiii\James Blunt\James Blunt - You Are Beautiful.mp3.vir
QUIT::
Speichere diese Datei nun auf dem Desktop unter -> cfscript.txt
  • Nun die Datei cfscript.txt auf das Sysmbol von Combofix ziehen!

  • Danach das Log von Combofix ohne zu Editieren posten. Nur wenn dein Vor- und Nachname ersichtlich ist, dann entferne ihn.


Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann.

ciao, andreas
__________________
Kein Support per PN! Das ist hier ein Forum und keine Privatbetreuung!
Privatbetreuung nur gegen Bezahlung und ich koste sehr teuer.
Für alle Neuen
Anleitungen
Virenscanner
Kompromittierung unvermeidbar?

Alt 08.08.2009, 17:02   #35
Skylite
 
Virus/Trojaner oder von allem etwas? - Standard

Virus/Trojaner oder von allem etwas?


Hallo Andreas,


Habe hier das Log von Combo, bin verfahren wie beschrieben:

ComboFix 09-08-07.07 - User 08.08.2009 17:46.3.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.49.1031.18.1023.585 [GMT 2:00]
ausgeführt von:: c:\dokumente und einstellungen\User\Desktop\cofiexe.exe
Benutzte Befehlsschalter :: c:\dokumente und einstellungen\User\Desktop\cfscript.txt
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
.

((((((((((((((((((((((( Dateien erstellt von 2009-07-08 bis 2009-08-08 ))))))))))))))))))))))))))))))
.

2009-08-08 13:42 . 2009-08-08 15:44 -------- d-----w- c:\dokumente und einstellungen\User\Anwendungsdaten\Skype
2009-08-08 13:06 . 2009-08-08 14:36 -------- d-----w- c:\programme\The KMPlayer
2009-08-08 13:03 . 2009-08-08 13:03 -------- d-----w- c:\programme\Gemeinsame Dateien\Skype
2009-08-08 13:01 . 2009-08-08 13:01 -------- d-----w- c:\programme\Foxit Software
2009-08-08 13:01 . 2009-08-08 13:01 -------- d-----w- c:\dokumente und einstellungen\User\Anwendungsdaten\Foxit
2009-08-08 12:58 . 2009-08-08 12:58 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-08-08 12:57 . 2009-08-08 12:57 152576 ----a-w- c:\dokumente und einstellungen\User\Anwendungsdaten\Sun\Java\jre1.6.0_15\lzma.dll
2009-08-08 00:07 . 2009-08-08 00:07 -------- d-----w- c:\programme\CCleaner
2009-08-07 22:45 . 2009-08-07 22:45 -------- d-----w- c:\programme\trend micro
2009-08-07 18:31 . 2009-08-07 18:47 -------- d-----w- C:\Bases_X
2009-08-07 18:12 . 2009-08-07 18:12 -------- d-----r- c:\dokumente und einstellungen\Administrator\Eigene Dateien
2009-08-07 18:11 . 2009-08-07 18:11 -------- d-sh--w- c:\dokumente und einstellungen\Administrator\IETldCache
2009-08-07 18:01 . 2009-08-07 18:01 632064 ----a-w- c:\windows\system32\msvcr80.dll
2009-08-07 18:01 . 2009-08-07 18:01 554240 ----a-w- c:\windows\system32\msvcp80.dll
2009-08-07 18:01 . 2009-08-07 18:01 34048 ----a-w- c:\windows\system32\eEmpty.exe
2009-08-07 18:01 . 2008-04-14 02:23 140800 ----a-w- c:\windows\system32\T.COM
2009-08-07 18:01 . 2008-04-14 02:22 153600 ----a-w- c:\windows\R.COM
2009-08-07 15:49 . 2009-08-07 15:49 -------- d-----w- c:\dokumente und einstellungen\User\Anwendungsdaten\Malwarebytes
2009-08-07 15:49 . 2009-08-07 15:49 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\Malwarebytes
2009-08-06 02:35 . 2009-08-06 02:35 -------- d-sh--w- c:\dokumente und einstellungen\Default User\IETldCache
2009-08-06 02:35 . 2009-08-06 02:35 -------- d-----w- c:\windows\system32\XPSViewer
2009-08-06 02:35 . 2009-08-06 02:35 -------- d-----w- c:\programme\MSBuild
2009-08-06 02:35 . 2009-08-06 02:35 -------- d-----w- c:\programme\Reference Assemblies
2009-08-06 02:34 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-08-06 02:34 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2009-08-06 02:34 . 2009-08-06 02:34 -------- d-----w- C:\12f4608a15bd2e4517ea9e
2009-08-06 02:34 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2009-08-06 02:34 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2009-08-06 02:34 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2009-08-06 02:34 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2009-08-06 02:34 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-08-03 01:10 . 2009-08-03 01:11 3072 ----a-w- c:\dokumente und einstellungen\LocalService\Anwendungsdaten\Macromedia\Common\698c001a19.exe
2009-08-03 01:09 . 2009-08-03 01:09 3072 ----a-w- c:\dokumente und einstellungen\NetworkService\Anwendungsdaten\Macromedia\Common\698c001a19.exe
2009-08-03 00:54 . 2009-08-03 01:09 3072 ----a-w- c:\dokumente und einstellungen\User\Anwendungsdaten\Macromedia\Common\698c001a19.exe
2009-07-31 14:28 . 2009-07-31 14:28 -------- d-----r- c:\dokumente und einstellungen\LocalService\Favoriten
2009-07-31 14:04 . 2009-08-05 23:18 55656 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-07-31 14:04 . 2009-03-30 08:33 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys
2009-07-31 14:04 . 2009-02-13 10:29 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2009-07-31 14:04 . 2009-02-13 10:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2009-07-31 14:04 . 2009-07-31 14:04 -------- d-----w- c:\programme\Avira
2009-07-31 14:04 . 2009-07-31 14:04 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\Avira

.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-08-08 15:42 . 2009-05-26 00:12 384 ----a-w- c:\windows\system32\DVCStateBkp-{00000005-00000000-00000007-00001102-00000004-20021102}.dat
2009-08-08 15:42 . 2009-05-26 00:12 384 ----a-w- c:\windows\system32\DVCState-{00000005-00000000-00000007-00001102-00000004-20021102}.dat
2009-08-08 13:03 . 2007-03-23 14:28 -------- d-----r- c:\programme\Skype
2009-08-08 13:03 . 2007-03-23 14:28 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\Skype
2009-08-08 12:58 . 2007-02-12 09:42 -------- d-----w- c:\programme\Java
2009-08-08 12:27 . 2007-02-22 04:15 -------- d-----w- c:\programme\VideoLAN
2009-08-08 12:25 . 2009-06-01 22:02 -------- d-----w- c:\programme\Panda Security
2009-08-08 12:21 . 2008-01-07 17:47 -------- d-----w- c:\dokumente und einstellungen\User\Anwendungsdaten\eMule
2009-08-08 12:15 . 2007-02-12 11:56 -------- d-----w- c:\programme\Gemeinsame Dateien\Adobe
2009-08-08 12:11 . 2007-04-06 14:17 -------- d-----w- c:\programme\Lavasoft
2009-08-06 11:30 . 2007-02-09 15:43 54456 ----a-w- c:\dokumente und einstellungen\User\Lokale Einstellungen\Anwendungsdaten\GDIPFONTCACHEV1.DAT
2009-08-06 02:38 . 2003-04-02 12:00 97792 ----a-w- c:\windows\system32\perfc007.dat
2009-08-06 02:38 . 2003-04-02 12:00 488494 ----a-w- c:\windows\system32\perfh007.dat
2009-07-18 17:38 . 2009-07-18 17:38 56968 ----a-w- c:\windows\Fonts\USUn000.ttf
2009-07-18 17:38 . 2009-07-18 17:38 41952 ----a-w- c:\windows\Fonts\Blue000.ttf
2009-07-18 17:38 . 2009-07-18 17:38 38012 ----a-w- c:\windows\Fonts\Rude000.ttf
2009-07-18 17:38 . 2009-07-18 17:38 31820 ----a-w- c:\windows\Fonts\Suss000.ttf
2009-07-18 17:38 . 2009-07-18 17:38 24460 ----a-w- c:\windows\Fonts\Eval000.ttf
2009-07-03 16:55 . 2003-04-02 12:00 915456 ----a-w- c:\windows\system32\wininet.dll
2009-06-28 21:01 . 2007-04-21 23:56 -------- d-----w- c:\programme\IrfanView
2009-06-26 22:28 . 2007-04-19 00:18 -------- d-----w- c:\dokumente und einstellungen\User\Anwendungsdaten\dvdcss
2009-06-19 19:15 . 2009-02-05 16:51 1 ----a-w- c:\dokumente und einstellungen\User\Anwendungsdaten\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2009-06-16 14:36 . 2003-04-02 12:00 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-06-16 14:36 . 2003-04-02 12:00 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-06-03 19:09 . 2007-02-09 15:19 1296896 ----a-w- c:\windows\system32\quartz.dll
2009-05-26 00:31 . 2009-05-26 00:31 60416 ----a-w- c:\windows\ALCFDRTM.EXE
2009-05-26 00:07 . 2009-05-26 00:07 184 ----a-w- c:\windows\system32\e000002.dat
2009-05-16 19:41 . 2009-05-16 19:41 299824 ----a-w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\GvzPro\gvzlib.dll
2009-05-16 19:41 . 2009-05-16 19:41 98360 ----a-w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\GvzPro\bass.dll
2009-05-16 19:41 . 2009-05-16 19:41 366896 ----a-w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\GvzPro\gvzprores.dll
2009-05-16 19:41 . 2009-05-16 19:41 1262896 ----a-w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\GvzPro\gvzpro2.dll
2008-11-30 22:17 . 2008-11-30 22:17 1804050 ----a-w- c:\programme\Multidecoder_1.0.0.48.zip
.

((((((((((((((((((((((((((((( SnapShot@2009-08-08_00.35.22 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-08-08 15:43 . 2009-08-08 15:43 16384 c:\windows\temp\Perflib_Perfdata_1f0.dat
+ 2009-08-08 13:03 . 2009-08-08 13:03 84661 c:\windows\system32\Macromed\Flash\uninstall_plugin.exe
- 2007-08-03 02:40 . 2009-03-25 20:44 84661 c:\windows\system32\Macromed\Flash\uninstall_plugin.exe
+ 2009-08-08 13:21 . 2009-08-08 13:21 8192 c:\windows\ERDNT\subs\Users\00000006\UsrClass.dat
+ 2009-08-08 13:21 . 2009-08-08 13:21 8192 c:\windows\ERDNT\subs\Users\00000002\UsrClass.dat
+ 2009-07-18 03:21 . 2009-07-18 03:21 257440 c:\windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe
+ 2009-08-08 12:58 . 2009-08-08 12:58 149280 c:\windows\system32\javaws.exe
+ 2009-08-08 12:58 . 2009-08-08 12:58 145184 c:\windows\system32\javaw.exe
+ 2009-08-08 12:58 . 2009-08-08 12:58 145184 c:\windows\system32\java.exe
+ 2009-08-08 13:03 . 2009-08-08 13:03 792576 c:\windows\Installer\7f88a.msi
+ 2009-08-08 12:58 . 2009-08-08 12:58 537600 c:\windows\Installer\7f87b.msi
+ 2009-08-08 13:03 . 2009-08-08 13:03 371272 c:\windows\Installer\{D103C4BA-F905-437A-8049-DB24763BBE36}\SkypeIcon.exe
+ 2009-08-08 13:21 . 2009-08-08 13:21 233472 c:\windows\ERDNT\subs\Users\00000005\NTUSER.DAT
+ 2009-08-08 13:21 . 2009-08-08 13:21 208896 c:\windows\ERDNT\subs\Users\00000004\UsrClass.dat
+ 2009-08-08 13:21 . 2009-08-08 13:21 233472 c:\windows\ERDNT\subs\Users\00000001\NTUSER.DAT
+ 2009-07-18 03:21 . 2009-07-18 03:21 3883424 c:\windows\system32\Macromed\Flash\NPSWF32.dll
+ 2009-08-08 13:03 . 2009-08-08 13:03 1565696 c:\windows\Installer\7f884.msi
+ 2009-08-08 13:21 . 2009-08-08 13:21 11370496 c:\windows\ERDNT\subs\Users\00000003\ntuser.dat
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RemoteCenter"="c:\programme\Creative\MediaSource\RemoteControl\RCMan.EXE" [2003-10-08 139264]
"Skype"="c:\programme\Skype\Phone\Skype.exe" [2009-07-16 25604904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SBDrvDet"="c:\programme\Creative\SB Drive Det\SBDrvDet.exe" [2002-12-03 45056]
"ATIPTA"="c:\programme\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-03-29 339968]
"ATICCC"="c:\programme\ATI Technologies\ATI.ACE\CLIStart.exe" [2006-09-25 90112]
"LogitechCommunicationsManager"="c:\programme\Gemeinsame Dateien\LogiShrd\LComMgr\Communications_Helper.exe" [2007-02-07 488984]
"CTSysVol"="c:\programme\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe" [2003-09-17 57344]
"CTDVDDET"="c:\programme\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE" [2003-06-17 45056]
"avgnt"="c:\programme\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"SunJavaUpdateSched"="c:\programme\Java\jre6\bin\jusched.exe" [2009-08-08 149280]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" - c:\windows\KHALMNPR.Exe [2007-04-11 56080]
"CTHelper"="CTHELPER.EXE" - c:\windows\system32\CTHELPER.EXE [2003-10-06 24576]

c:\dokumente und einstellungen\All Users\Startmen\Programme\Autostart\
Hochfahren.bat [2008-4-28 65]
Logitech SetPoint.lnk - c:\programme\Logitech\SetPoint\SetPoint.exe [2007-11-3 692224]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""

[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^SATARAID5.lnk]
path=c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\SATARAID5.lnk
backup=c:\windows\pss\SATARAID5.lnkCommon Startup

[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^WinTV Recording Status..lnk]
path=c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\WinTV Recording Status..lnk
backup=c:\windows\pss\WinTV Recording Status..lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Apple Mobile Device"=2 (0x2)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"SpybotSD TeaTimer"=c:\programme\Spybot - Search & Destroy\TeaTimer.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programme\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\Programme\\Gemeinsame Dateien\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"d:\\Spiele\\Worms World Party\\wwp.exe"=
"c:\\Programme\\Paltalk Messenger\\paltalk.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Programme\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"17010:TCP"= 17010:TCP:worms world party
"17011:TCP"= 17011:TCP:Worms world Party
"17012:TCP"= 17012:TCP:Worms world party

R2 AntiVirSchedulerService;Avira AntiVir Planer;c:\programme\Avira\AntiVir Desktop\sched.exe [31.07.2009 16:04 108289]
R2 PfDetNT;PfDetNT;c:\windows\system32\drivers\PfModNT.sys [26.05.2009 01:38 15840]
S3 hcw95bda;Hauppauge MOD7700 Tuner Driver;c:\windows\system32\drivers\hcw95bda.sys [04.04.2009 17:23 562176]
S3 hcw95rc;Hauppauge MOD7700 IR Driver;c:\windows\system32\drivers\hcw95rc.sys [04.04.2009 17:23 15616]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [16.02.2009 17:07 138112]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [16.02.2009 17:07 8320]
S3 PDNMp50;PDNMp50 NDIS Protocol Driver;\??\c:\windows\system32\drivers\PDNMp50.sys --> c:\windows\system32\drivers\PDNMp50.sys [?]
S3 PDNSp50;PDNSp50 NDIS Protocol Driver;\??\c:\windows\system32\drivers\PDNSp50.sys --> c:\windows\system32\drivers\PDNSp50.sys [?]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.gmx.de/
mStart Page = about:blank
TCP: {7D12C82E-EF19-40E1-A2F1-469F20F0A96E} = 213.191.74.19 62.109.123.197
FF - ProfilePath - c:\dokumente und einstellungen\User\Anwendungsdaten\Mozilla\Firefox\Profiles\l0j5s00l.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - eBay
FF - prefs.js: browser.startup.homepage - hxxp://www.gmx.de
FF - prefs.js: keyword.enabled - false
FF - component: c:\programme\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - plugin: c:\dokumente und einstellungen\User\Anwendungsdaten\Mozilla\Firefox\Profiles\l0j5s00l.default\extensions\moveplayer@movenetworks.com\platform\WINNT_x86-msvc\plugins\npmnqmp07100121.dll
FF - plugin: c:\programme\Google\Update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: c:\programme\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\programme\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX Richtlinien ----
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: browser.history_expire_days - 3
FF - user.js: browser.history_expire_days_min - 3
FF - user.js: browser.history_expire_sites - 40000
FF - user.js: dom.storage.enabled - true
FF - user.js: privacy.sanitize.sanitizeOnShutdown - false
FF - user.js: privacy.sanitize.promptOnSanitize - false
FF - user.js: privacy.item.offlineApps - false
FF - user.js: browser.safebrowsing.malware.enabled - true
FF - user.js: nglayout.initialpaint.delay - 50
FF - user.js: network.http.pipelining - true
FF - user.js: network.prefetch-next - true
FF - user.js: config.trim_on_minimize - true
FF - user.js: browser.sessionhistory.max_total_viewers - 0
FF - user.js: browser.cache.memory.capacity - 18432
FF - user.js: browser.cache.disk.capacity - 20000
FF - user.js: browser.cache.offline.capacity - 25000
FF - user.js: browser.sessionstore.interval - 30000000
FF - user.js: browser.sessionstore.max_tabs_undo - 10
FF - user.js: browser.urlbar.maxRichResults - 0
FF - user.js: keyword.enabled - false
FF - user.js: browser.fixup.alternate.suffix - .com
FF - user.js: browser.urlbar.doubleClickSelectsAll - false
FF - user.js: browser.urlbar.clickSelectsAll - true
FF - user.js: browser.zoom.siteSpecific - false
FF - user.js: browser.search.openintab - true
FF - user.js: browser.tabs.loadDivertedInBackground - true
FF - user.js: browser.tabs.closeButtons - 1
FF - user.js: browser.download.manager.useWindow - true
FF - user.js: browser.download.manager.retention - 1
FF - user.js: browser.download.manager.closeWhenDone - true
FF - user.js: extensions.checkCompatibility - true
FF - user.js: extensions.hideInstallButton - true
c:\programme\Mozilla Firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);
c:\programme\Mozilla Firefox\greprefs\all.js - pref("media.cache_size", 51200);
c:\programme\Mozilla Firefox\greprefs\all.js - pref("media.ogg.enabled", true);
c:\programme\Mozilla Firefox\greprefs\all.js - pref("media.wave.enabled", true);
c:\programme\Mozilla Firefox\greprefs\all.js - pref("media.autoplay.enabled", true);
c:\programme\Mozilla Firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);
c:\programme\Mozilla Firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");
c:\programme\Mozilla Firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120);
c:\programme\Mozilla Firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);
c:\programme\Mozilla Firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);
c:\programme\Mozilla Firefox\greprefs\all.js - pref("layout.css.dpi", -1);
c:\programme\Mozilla Firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);
c:\programme\Mozilla Firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);
c:\programme\Mozilla Firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);
c:\programme\Mozilla Firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);
c:\programme\Mozilla Firefox\greprefs\all.js - pref("geo.enabled", true);
c:\programme\Mozilla Firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);
c:\programme\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");
c:\programme\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true);
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true);
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false);
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true);
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true);
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true);
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true);
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true);
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true);
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false);
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true);
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true);
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true);
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true);
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false);
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false);
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false);
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-08-08 17:52
Windows 5.1.2600 Service Pack 3 NTFS

Scanne versteckte Prozesse...

Scanne versteckte Autostarteinträge...

Scanne versteckte Dateien...

Scan erfolgreich abgeschlossen
versteckte Dateien: 0

**************************************************************************
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------

- - - - - - - > 'winlogon.exe'(728)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(3760)
c:\programme\Logitech\SetPoint\GameHook.dll
c:\programme\Logitech\SetPoint\lgscroll.dll
c:\windows\system32\ctagent.dll
c:\windows\system32\msls31.dll
c:\windows\system32\webcheck.dll
.
Zeit der Fertigstellung: 2009-08-08 17:56
ComboFix-quarantined-files.txt 2009-08-08 15:55
ComboFix2.txt 2009-08-08 13:46
ComboFix3.txt 2009-08-08 00:39

Vor Suchlauf: 9 Verzeichnis(se), 36.826.939.392 Bytes frei
Nach Suchlauf: 9 Verzeichnis(se), 36.812.701.696 Bytes frei

291 --- E O F --- 2009-08-07 02:15

Wo finde ich denn die gelöschten Dateien wieder?
Falls sie weg sind ist es auch Wurscht!
Alt 08.08.2009, 17:06   #36
john.doe
 
Virus/Trojaner oder von allem etwas? - Standard

Virus/Trojaner oder von allem etwas?


Zitat:
Wo finde ich denn die gelöschten Dateien wieder?
Kontrolliere, ob im Ordner
Code:
ATTFilter
d:\mulii\Muliiiiiiiiiii
etwas ist. Dort sollten jetzt wieder ein Video und jede MP3's sein. Ich benutze diesen Befehl zum ersten Mal.

Sorry nochmal,
Andreas
__________________
--> Virus/Trojaner oder von allem etwas?

Alt 08.08.2009, 17:10   #37
Skylite
 
Virus/Trojaner oder von allem etwas? - Standard

Virus/Trojaner oder von allem etwas?


gibt den Ordner nicht mehr
Auch nicht nach unserer Wiederherstellaktion.
Alt 08.08.2009, 17:13   #38
john.doe
 
Virus/Trojaner oder von allem etwas? - Standard

Virus/Trojaner oder von allem etwas?


Dann lege den Ordner an und lasse das Skript nochmal laufen.

ciao, andreas
__________________
Kein Support per PN! Das ist hier ein Forum und keine Privatbetreuung!
Privatbetreuung nur gegen Bezahlung und ich koste sehr teuer.
Für alle Neuen
Anleitungen
Virenscanner
Kompromittierung unvermeidbar?

Alt 08.08.2009, 17:31   #39
Skylite
 
Virus/Trojaner oder von allem etwas? - Standard

Virus/Trojaner oder von allem etwas?


Hat sich nicht viel geändert. In dem Quarantäne Ordnerpfad ist auch gar nichts drinn soweit ich sehen kann.


Ist aber egal, hauptsache der fiese Trojaner iss weg.

Alt 08.08.2009, 17:34   #40
john.doe
 
Virus/Trojaner oder von allem etwas? - Standard

Virus/Trojaner oder von allem etwas?




Benutze die Windowssuche im Ordner C:\qoobox und suche nach *.vir.

Da muss etwas sein.

ciao, andreas
__________________
Kein Support per PN! Das ist hier ein Forum und keine Privatbetreuung!
Privatbetreuung nur gegen Bezahlung und ich koste sehr teuer.
Für alle Neuen
Anleitungen
Virenscanner
Kompromittierung unvermeidbar?

Alt 08.08.2009, 17:54   #41
Skylite
 
Virus/Trojaner oder von allem etwas? - Standard

Virus/Trojaner oder von allem etwas?


Sind viele Sachen da, aber nichts vom gesuchten.


Wird aber auch nicht wirklich vermisst!
Alt 08.08.2009, 17:58   #42
john.doe
 
Virus/Trojaner oder von allem etwas? - Standard

Virus/Trojaner oder von allem etwas?


OK, dann hat wohl der erste Befehl alle ins Nirvana geschickt.
Zitat:
Wird aber auch nicht wirklich vermisst!
Gut, dann muss ich mich heute nacht nicht in den Schlaf weinen.

1.) Panda Active Scan
Folgende Seite führt dich durch die Installation: PandaActiveScan2.0 Installation

Drücke auf Jetzt Scannen!

Eine Registrierung ist nicht erforderlich!

Nachdem der Scan abgeschlossen ist drücke auf das Text-Icon Export und speichere das log auf dem Desktop.
Öffne die Datei ActiveScan.txt die sich nun auf deinem Desktop befindet und poste uns den Inhalt.
2.) Überprüfe den Rechner mit PrevXCSI. Poste ein Screenshot falls etwas gefunden werden sollte.

ciao, andreas
__________________
Kein Support per PN! Das ist hier ein Forum und keine Privatbetreuung!
Privatbetreuung nur gegen Bezahlung und ich koste sehr teuer.
Für alle Neuen
Anleitungen
Virenscanner
Kompromittierung unvermeidbar?

Alt 08.08.2009, 20:57   #43
Skylite
 
Virus/Trojaner oder von allem etwas? - Standard

Virus/Trojaner oder von allem etwas?


Alles befolgt.


Hier ist der Virenscan Report:

;***************************************************************************************************************************************************** ******************************
ANALYSIS: 2009-08-08 21:30:48
PROTECTIONS: 1
MALWARE: 1
SUSPECTS: 3
;***************************************************************************************************************************************************** ******************************
PROTECTIONS
Description Version Active Updated
;===================================================================================================================================================== ==============================
AntiVir Desktop 9.0.1.32 Yes Yes
;===================================================================================================================================================== ==============================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===================================================================================================================================================== ==============================
02885963 Rootkit/Booto.C Virus/Worm No 0 Yes No C:\System Volume Information\_restore{2E1433D9-F1A5-4C72-B1D7-F97769D31F2E}\RP10\A0001208.sys
;===================================================================================================================================================== ==============================
SUSPECTS
Sent Location `U
;===================================================================================================================================================== ==============================
No C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\Macromedia\Common\698c001a19.exe `U
No C:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\Macromedia\Common\698c001a19.exe `U
No C:\Dokumente und Einstellungen\User\Anwendungsdaten\Macromedia\Common\698c001a19.exe `U
;===================================================================================================================================================== ==============================
VULNERABILITIES
Id Severity Description `U
;===================================================================================================================================================== ==============================
;===================================================================================================================================================== ==============================


Das andere Programm hat auch was gefunden. Bin leider zu blöd für nen Screenshot, bzw. klappt das bei mir nicht wie es in den üblichen Internet Anleitungen beschrieben ist, deshalb geb ichs mal selber wieder:

1 Infektion gefunden:

Status: Rootkit
Name: 698c001a19.exe in c:\dokumente und einstellungen\networkservice\anwendungsdaten\macromedia\common\ (mehr zeigt er nicht an, kann aber sein dass der Pfad noch weitergeht)
Thread identified: High Risk Fradulent Security Program

Programm wartet und fragt ob es bereinigen soll.

Alt 08.08.2009, 21:13   #44
john.doe
 
Virus/Trojaner oder von allem etwas? - Standard

Virus/Trojaner oder von allem etwas?


Wenn du es versuchst, sagt es dir, du musst 3000 Euronen bezahlen oder du kommst in die Hölle oder so ähnlich. Besser als Scareware bekannt.

Aber der Scanner ist immerhin umsonst und mehr brauchen wir nicht.

1.) Log von GMER posten => http://www.trojaner-board.de/74908-a...t-scanner.html

2.) Start => Ausführen => combofix /u => OK

ciao, andreas
__________________
Kein Support per PN! Das ist hier ein Forum und keine Privatbetreuung!
Privatbetreuung nur gegen Bezahlung und ich koste sehr teuer.
Für alle Neuen
Anleitungen
Virenscanner
Kompromittierung unvermeidbar?

Alt 08.08.2009, 21:45   #45
Skylite
 
Virus/Trojaner oder von allem etwas? - Standard

Virus/Trojaner oder von allem etwas?


Okidoki, hier der Log von Gmer:

GMER 1.0.15.15020 [x911sgp9.exe] - http://www.gmer.net
Rootkit scan 2009-08-08 22:39:46
Windows 5.1.2600 Service Pack 3


---- System - GMER 1.0.15 ----

SSDT F7B6B2B6 ZwCreateKey
SSDT F7B6B2AC ZwCreateThread
SSDT F7B6B2BB ZwDeleteKey
SSDT F7B6B2C5 ZwDeleteValueKey
SSDT F7B6B2CA ZwLoadKey
SSDT F7B6B298 ZwOpenProcess
SSDT F7B6B29D ZwOpenThread
SSDT F7B6B2D4 ZwReplaceKey
SSDT F7B6B2CF ZwRestoreKey
SSDT F7B6B2C0 ZwSetValueKey
SSDT F7B6B2A7 ZwTerminateProcess

---- Kernel code sections - GMER 1.0.15 ----

? pxscan.sys Das System kann die angegebene Datei nicht finden. !
? pxsec.sys Das System kann die angegebene Datei nicht finden. !

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\WINDOWS\system32\wscntfy.exe[1048] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00DD2EC0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\wscntfy.exe[1048] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00DD2C30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\wscntfy.exe[1048] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00DD2C90] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\wscntfy.exe[1048] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00DD2C60] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\Explorer.EXE[1772] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [02E22EC0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\Explorer.EXE[1772] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [02E22C30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\Explorer.EXE[1772] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [02E22C90] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\Explorer.EXE[1772] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [02E22C60] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\ATI Technologies\ATI.ACE\cli.exe[2060] @ C:\WINDOWS\system32\KERNEL32.dll [ntdll.dll!NtCreateFile] [00BF2EC0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\ATI Technologies\ATI.ACE\cli.exe[2060] @ C:\WINDOWS\system32\KERNEL32.dll [ntdll.dll!NtDeviceIoControlFile] [00BF2C30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\ATI Technologies\ATI.ACE\cli.exe[2060] @ C:\WINDOWS\system32\KERNEL32.dll [ntdll.dll!NtClose] [00BF2C90] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\ATI Technologies\ATI.ACE\cli.exe[2060] @ C:\WINDOWS\system32\KERNEL32.dll [ntdll.dll!NtDuplicateObject] [00BF2C60] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\ATI Technologies\ATI.ACE\cli.exe[2072] @ C:\WINDOWS\system32\KERNEL32.dll [ntdll.dll!NtCreateFile] [00802EC0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\ATI Technologies\ATI.ACE\cli.exe[2072] @ C:\WINDOWS\system32\KERNEL32.dll [ntdll.dll!NtDeviceIoControlFile] [00802C30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\ATI Technologies\ATI.ACE\cli.exe[2072] @ C:\WINDOWS\system32\KERNEL32.dll [ntdll.dll!NtClose] [00802C90] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Programme\ATI Technologies\ATI.ACE\cli.exe[2072] @ C:\WINDOWS\system32\KERNEL32.dll [ntdll.dll!NtDuplicateObject] [00802C60] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Dokumente und Einstellungen\User\Desktop\x911sgp9.exe[3612] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00802EC0] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Dokumente und Einstellungen\User\Desktop\x911sgp9.exe[3612] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00802C30] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Dokumente und Einstellungen\User\Desktop\x911sgp9.exe[3612] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00802C90] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Dokumente und Einstellungen\User\Desktop\x911sgp9.exe[3612] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00802C60] C:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs SiWinAcc.sys (Windows Accelerator Driver/Silicon Image, Inc.)
AttachedDevice \FileSystem\Fastfat \Fat SiWinAcc.sys (Windows Accelerator Driver/Silicon Image, Inc.)
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

---- EOF - GMER 1.0.15 ----

Starte jetzt wie beschrieben combo, soll ich den Log danach posten?

Antwort
Seite 3 von 6 12 3 45 Letzte »

Themen zu Virus/Trojaner oder von allem etwas?
adobe, antivir guard, avg, avira, bho, c:\windows\temp, content.ie5, dateisystem, desktop, einstellungen, entfernen, fehler, firefox, google, hijack, hijackthis, internet, internet explorer, log datei, maßnahme, monitor, mozilla, nicht möglich, problem, software, solution, starten, system, temp, virus/trojaner, windows, windows xp, windows\temp, zu langsam


« Rechner friert plötzlich ein ohne erkennbaren grund | Browser funktionieren nicht obwohl Internetverbindung steht (ICQ geht zB) »


Ähnliche Themen: Virus/Trojaner oder von allem etwas?


  1. Ist das ein Virus oder etwas anderes? Mit Bild.
    Plagegeister aller Art und deren Bekämpfung - 03.05.2015 (11)
  2. Keylogger oder etwas Anderes 2.0
    Plagegeister aller Art und deren Bekämpfung - 16.06.2014 (7)
  3. Keylogger oder etwas Anderes ?
    Plagegeister aller Art und deren Bekämpfung - 15.06.2014 (1)
  4. Ist diese Datei bzw. eine von ihnen ein Virus oder etwas ähnliches?
    Log-Analyse und Auswertung - 15.05.2013 (6)
  5. Trojaner oder etwas anderes?
    Plagegeister aller Art und deren Bekämpfung - 03.07.2012 (11)
  6. Trojaner/Virus sbcvvhost_win86 behindert Zugriff auf Windows in allem Modi
    Log-Analyse und Auswertung - 08.01.2012 (29)
  7. Keylogger oder sonst etwas?
    Log-Analyse und Auswertung - 29.05.2011 (1)
  8. Trojaner oder so etwas . Help .
    Plagegeister aller Art und deren Bekämpfung - 27.05.2011 (25)
  9. Etwas eingefangen oder nicht!?
    Plagegeister aller Art und deren Bekämpfung - 19.10.2009 (5)
  10. Virus, Wurm oder etwas anderes?
    Log-Analyse und Auswertung - 11.10.2009 (1)
  11. Trojaner.. Hacker schaut mir bei allem zu..
    Log-Analyse und Auswertung - 12.04.2009 (51)
  12. Trojaner Vundo oder etwas anderes?
    Plagegeister aller Art und deren Bekämpfung - 18.10.2008 (8)
  13. Hardware defekt oder Virus? Bin etwas ratlos
    Plagegeister aller Art und deren Bekämpfung - 16.02.2008 (16)
  14. Trojaner - vor allem TR/Vundo.Gen
    Log-Analyse und Auswertung - 09.11.2007 (5)
  15. WinFIX ?? oder etwas anderes??????
    Plagegeister aller Art und deren Bekämpfung - 22.01.2006 (7)
  16. Habe Dialer oder etwas anderes :(
    Log-Analyse und Auswertung - 28.04.2005 (6)
  17. Können Viren oder Trojaner so etwas tun...
    Plagegeister aller Art und deren Bekämpfung - 06.08.2003 (3)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Virus/Trojaner oder von allem etwas? - 2009-08-07 18:31 . 2008-12-01 17:07 73 ----a-w- c:\bases_x\plugins\emalware.296 2009-08-07 18:31 . 2008-12-01 17:07 73 ----a-w- c:\bases_x\plugins\emalware.297 2009-08-07 18:31 . 2008-12-01 17:07 73 ----a-w- c:\bases_x\plugins\emalware.298 2009-08-07 18:31 . 2008-12-01 17:07 103472 - Virus/Trojaner oder von allem etwas?...
Archiv
Du betrachtest: Virus/Trojaner oder von allem etwas? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131