| |
| |||||||
Log-Analyse und Auswertung: Trojaner gefunden! - TR/NaviPromo.CWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
| |
16.10.2009, 18:04
| #1 |
 |  Trojaner gefunden! - TR/NaviPromo.C Servus! Antivir hat mir einen Trojaner gemeldet: TR/NaviPromo.C Könnt ihr mir damit irgendwie helfen? Hier ist mein Logfile: Code:
ATTFilter Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:51:32, on 16.10.2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\Mixer.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\avmwlanstick\FRITZWLANMini.exe C:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe C:\Program Files\Lexmark 7600 Series\lxdwmon.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\avmwlanstick\WlanNetService.exe C:\Program Files\Lexmark 7600 Series\lxdwMsdMon.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\lxdwcoms.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\VIA\RAID\vialogsv.exe C:\Program Files\Common Files\Adobe\Updater6\Adobe_Updater.exe C:\Program Files\Last.fm\LastFM.exe C:\Program Files\Windows Media Player\wmplayer.exe C:\WINDOWS\system32\imapi.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = h**p://start.icq.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = fritz.box O2 - BHO: Lexmark Symbolleiste - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Lexmark - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Lexmark Symbolleiste - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [AVMWlanClient] C:\Program Files\avmwlanstick\FRITZWLANMini.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [AudioDeck] C:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe 1 O4 - HKLM\..\Run: [lxdwmon.exe] "C:\Program Files\Lexmark 7600 Series\lxdwmon.exe" O4 - HKLM\..\Run: [lxdwamon] "C:\Program Files\Lexmark 7600 Series\lxdwamon.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: AVM WLAN Connection Service - AVM Berlin - C:\Program Files\avmwlanstick\WlanNetService.exe O23 - Service: Google Update Service (gupdate1c9f821a74d73d0) (gupdate1c9f821a74d73d0) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: lxdwCATSCustConnectService - Lexmark International, Inc. - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdwserv.exe O23 - Service: lxdw_device - - C:\WINDOWS\system32\lxdwcoms.exe O23 - Service: VRAID Log Service - Unknown owner - C:\Program Files\VIA\RAID\vialogsv.exe -- End of file - 5437 bytes Geändert von Bam-Bam (16.10.2009 um 18:09 Uhr) |
|
16.10.2009, 18:29
| #2 |
| /// Helfer-Team  | Trojaner gefunden! - TR/NaviPromo.C Hallo Bam-Bam und
__________________ Entfernung von Navipromo: http://www.trojaner-board.de/69713-e...navipromo.html Befolge bitte diese Anleitung und arbeite bitte folgende Liste zur Sicherheit ab Punkt 2 ab: http://www.trojaner-board.de/69886-a...-beachten.html Bitte alle anfallenden Logfiles hier posten. Gruß handball10
__________________ |
|
16.10.2009, 19:37
| #3 |
| | Trojaner gefunden! - TR/NaviPromo.C Hallo, also ich hab mal angefangen:
__________________Code:
ATTFilter Fix Navipromo version 4.0.3 begonnen am 16.10.2009 20:24:44,38
Programm ausgefuehrt in: C:\Program Files\navilog1
Zuletzt von IL-MAFIOSO aktualisiert am 13.10.2009 um 19h00
Microsoft Windows XP Home Edition ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : Intel(R) Celeron(R) CPU 2.00GHz )
BIOS : Default System BIOS
USER : *** ( Administrator )
BOOT : Normal boot
Antivirus : Avira AntiVir PersonalEdition 8.0.1.30 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:37 Go (Free:5 Go)
D:\ (CD or DVD)
E:\ (CD or DVD)
F:\ (USB)
Suche Im normalen Modus ausgefuehrt
Bereinigung beim Neustart des Rechners durchgefuehrt.
C:\WINDOWS\prefetch\GACUTIL.EXE-2736E6B3.pf entfernt!
Bereinigung in C:\WINDOWS\Temp ausgefuehrt!
Bereinigung in C:\Documents and Settings\***\locals~1\Temp ausgefuehrt!
*** Sicherung der Registry im Ordner Safebackup ***
Sicherung der Registry erfolgreich abgeschlossen!
*** Bereingung der Registry ***
Registry Bereinigung Ok
*** Scan beendet 16.10.2009 20:33:03,90 ***
|
|
16.10.2009, 21:26
| #4 |
| | Trojaner gefunden! - TR/NaviPromo.CCode:
ATTFilter Malwarebytes' Anti-Malware 1.36
Datenbank Version: 2174
Windows 5.1.2600 Service Pack 3
16.10.2009 22:21:05
mbam-log-2009-10-16 (22-21-05).txt
Scan-Methode: Vollständiger Scan (A:\|C:\|D:\|E:\|)
Durchsuchte Objekte: 165702
Laufzeit: 1 hour(s), 30 minute(s), 23 second(s)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
|
|
16.10.2009, 21:35
| #5 |
| | Trojaner gefunden! - TR/NaviPromo.CCode:
ATTFilter Logfile of random's system information tool 1.06 (written by random/random) Run by *** at 2009-10-16 22:30:02 Microsoft Windows XP Home Edition Service Pack 3 System drive C: has 5 GB (14%) free of 38 GB Total RAM: 447 MB (58% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:30:15, on 16.10.2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\Explorer.EXE C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\avmwlanstick\WlanNetService.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\lxdwcoms.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\VIA\RAID\vialogsv.exe C:\WINDOWS\Mixer.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\avmwlanstick\FRITZWLANMini.exe C:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe C:\Program Files\Lexmark 7600 Series\lxdwmon.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Lexmark 7600 Series\lxdwMsdMon.exe C:\Documents and Settings\***\Desktop\RSIT.exe C:\Program Files\Trend Micro\HijackThis\***.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = h**p://start.icq.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = fritz.box O2 - BHO: Lexmark Symbolleiste - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Lexmark - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Lexmark Symbolleiste - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [AVMWlanClient] C:\Program Files\avmwlanstick\FRITZWLANMini.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [AudioDeck] C:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe 1 O4 - HKLM\..\Run: [lxdwmon.exe] "C:\Program Files\Lexmark 7600 Series\lxdwmon.exe" O4 - HKLM\..\Run: [lxdwamon] "C:\Program Files\Lexmark 7600 Series\lxdwamon.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: AVM WLAN Connection Service - AVM Berlin - C:\Program Files\avmwlanstick\WlanNetService.exe O23 - Service: Google Update Service (gupdate1c9f821a74d73d0) (gupdate1c9f821a74d73d0) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: lxdwCATSCustConnectService - Lexmark International, Inc. - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdwserv.exe O23 - Service: lxdw_device - - C:\WINDOWS\system32\lxdwcoms.exe O23 - Service: VRAID Log Service - Unknown owner - C:\Program Files\VIA\RAID\vialogsv.exe -- End of file - 5264 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\AppleSoftwareUpdate.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1017A80C-6F09-4548-A84D-EDD6AC9525F0}] Lexmark Symbolleiste - C:\Program Files\Lexmark Toolbar\toolband.dll [2008-09-10 372736] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] SSVHelper Class - C:\Program Files\Java\jre6\bin\ssv.dll [2009-05-24 320920] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D2C5E510-BE6D-42CC-9F61-E4F939078474}] Lexmark - C:\Program Files\Lexmark Printable Web\bho.dll [2008-09-10 180224] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-05-24 35840] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-05-24 73728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - Lexmark Symbolleiste - C:\Program Files\Lexmark Toolbar\toolband.dll [2008-09-10 372736] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "C-Media Mixer"=Mixer.exe /startup [] "avgnt"=C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe [2008-07-19 266497] "AVMWlanClient"=C:\Program Files\avmwlanstick\FRITZWLANMini.exe [2006-06-23 343552] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696] "AudioDeck"=C:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe [2007-08-09 528384] "lxdwmon.exe"=C:\Program Files\Lexmark 7600 Series\lxdwmon.exe [2008-09-10 676520] "lxdwamon"=C:\Program Files\Lexmark 7600 Series\lxdwamon.exe [2008-09-10 16040] "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-05-24 148888] C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=91000000 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe"="C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare" "C:\Program Files\Real\RealPlayer\realplay.exe"="C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer" "C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe"="C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe:*:Enabled:Kodak Software Updater" "C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox" "C:\Program Files\IncrediMail\bin\ImApp.exe"="C:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail" "C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail" "C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x86\RpcSandraSrv.exe"="C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x86\RpcSandraSrv.exe:*:Enabled:SiSoftware Sandra Agent Service" "C:\WINDOWS\system32\lxdwcoms.exe"="C:\WINDOWS\system32\lxdwcoms.exe:*:Enabled:7600 Series Server" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\J] shell\AutoRun\command - J:\pushinst.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{71dd6e26-5a5b-11dd-b811-00040efa8b1c}] shell\AutoRun\command - F:\LaunchU3.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d1020120-6554-11dc-8f12-e4ad1e6ca65a}] shell\AutoRun\command - J:\pushinst.exe ======List of files/folders created in the last 1 months====== 2009-10-16 22:30:02 ----DC---- C:\rsit 2009-10-16 15:42:08 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Lexmark 7600 Series 2009-10-14 18:38:54 ----HDC---- C:\WINDOWS\$NtUninstallKB974455$ 2009-10-14 18:38:41 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$ 2009-10-14 18:35:48 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$ 2009-10-14 18:35:37 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$ 2009-10-14 18:35:26 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$ 2009-10-14 18:34:29 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$ 2009-10-14 18:33:43 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$ 2009-10-14 18:31:14 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$ 2009-10-14 18:30:54 ----HDC---- C:\WINDOWS\$NtUninstallKB973525$ 2009-10-14 18:30:41 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$ 2009-10-12 21:21:03 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$ 2009-09-17 21:27:19 ----A---- C:\WINDOWS\Menu.INI ======List of files/folders modified in the last 1 months====== 2009-10-16 22:30:06 ----D---- C:\WINDOWS\Prefetch 2009-10-16 21:53:23 ----D---- C:\WINDOWS\Temp 2009-10-16 20:44:52 ----D---- C:\Program Files\Mozilla Firefox 2009-10-16 20:43:45 ----D---- C:\WINDOWS\Debug 2009-10-16 20:43:45 ----D---- C:\WINDOWS 2009-10-16 20:33:14 ----D---- C:\Program Files\Navilog1 2009-10-16 20:33:03 ----AC---- C:\cleannavi.txt 2009-10-16 20:31:10 ----N---- C:\WINDOWS\SchedLgU.Txt 2009-10-16 15:21:19 ----AC---- C:\WINDOWS\cdplayer.ini 2009-10-16 13:51:42 ----D---- C:\WINDOWS\Microsoft.NET 2009-10-16 13:51:27 ----RSD---- C:\WINDOWS\assembly 2009-10-16 13:14:27 ----D---- C:\Program Files\AntiVir PersonalEdition Classic 2009-10-16 13:14:21 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVir PersonalEdition Classic 2009-10-15 14:14:48 ----SHD---- C:\Config.Msi 2009-10-15 14:14:48 ----D---- C:\WINDOWS\system32 2009-10-14 18:46:00 ----SHD---- C:\WINDOWS\Installer 2009-10-14 18:44:58 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2009-10-14 18:43:54 ----D---- C:\WINDOWS\WinSxS 2009-10-14 18:39:09 ----HD---- C:\WINDOWS\inf 2009-10-14 18:39:02 ----RSHDC---- C:\WINDOWS\system32\dllcache 2009-10-14 18:31:05 ----HD---- C:\WINDOWS\$hf_mig$ 2009-10-14 16:04:14 ----D---- C:\WINDOWS\system32\CatRoot2 2009-10-13 17:48:13 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Skype 2009-10-13 17:48:12 ----RD---- C:\Program Files 2009-10-13 17:46:33 ----D---- C:\Program Files\QuickTime 2009-10-13 17:44:18 ----D---- C:\Program Files\Common Files 2009-10-12 21:21:06 ----D---- C:\WINDOWS\system32\drivers 2009-10-02 20:01:57 ----A---- C:\WINDOWS\system32\MRT.exe 2009-10-02 13:21:45 ----D---- C:\Documents and Settings\***\Application Data\vlc 2009-09-29 20:22:38 ----D---- C:\Documents and Settings\***\Application Data\dvdcss 2009-09-25 07:37:11 ----A---- C:\WINDOWS\system32\wininet.dll 2009-09-25 07:37:11 ----A---- C:\WINDOWS\system32\urlmon.dll 2009-09-25 07:37:10 ----A---- C:\WINDOWS\system32\shdocvw.dll 2009-09-25 07:37:10 ----A---- C:\WINDOWS\system32\mshtml.dll 2009-09-25 07:37:09 ----A---- C:\WINDOWS\system32\ieencode.dll ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 avgio;avgio; \??\C:\Program Files\AntiVir PersonalEdition Classic\avgio.sys [] R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-05-27 75096] R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352] R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2008-04-21 21248] R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.5.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2007-08-06 21035] R2 irda;IrDA Protocol; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192] R3 avgntflt;avgntflt; \??\C:\Program Files\AntiVir PersonalEdition Classic\avgntflt.sys [] R3 FWLANUSB;AVM FRITZ!WLAN; C:\WINDOWS\system32\DRIVERS\fwlanusb.sys [2006-07-31 264704] R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 irsir;Microsoft Serial Infrared Driver; C:\WINDOWS\system32\DRIVERS\irsir.sys [2001-08-17 18688] R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584] R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] R3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] R3 VIAudio;Vinyl AC'97 Audio Controller (WDM); C:\WINDOWS\system32\drivers\vinyl97.sys [2007-06-27 207488] S1 AmdK7;AMD K7 Processor Driver; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-04-13 37760] S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [] S3 catchme;catchme; \??\C:\DOCUME~1\***~1\LOCALS~1\Temp\catchme.sys [] S3 cmpci;C-Media PCI Audio Driver (WDM); C:\WINDOWS\system32\drivers\cmaudio.sys [2002-01-29 370382] S3 FETND5BV;VIA Rhine-Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2004-12-16 42496] S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165] S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-08-04 1897408] S3 RTLWUSB;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\wg111v2.sys [] S3 SANDRA;SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP3c\WNt500x86\Sandra.sys [] S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-29 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-29 82944] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AntiVirScheduler;AntiVir PersonalEdition Classic Planer; C:\Program Files\AntiVir PersonalEdition Classic\sched.exe [2008-10-23 68865] R2 AntiVirService;AntiVir PersonalEdition Classic Guard; C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe [2008-10-23 151297] R2 AVM WLAN Connection Service;AVM WLAN Connection Service; C:\Program Files\avmwlanstick\WlanNetService.exe [2006-07-31 370756] R2 Irmon;Infrared Monitor; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-05-24 152984] R2 lxdw_device;lxdw_device; C:\WINDOWS\system32\lxdwcoms.exe [2008-05-16 594600] R2 VRAID Log Service;VRAID Log Service; C:\Program Files\VIA\RAID\vialogsv.exe [2009-06-08 52888] S2 gupdate1c9f821a74d73d0;Google Update Service (gupdate1c9f821a74d73d0); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-06-28 133104] S2 lxdwCATSCustConnectService;lxdwCATSCustConnectService; C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdwserv.exe [2008-05-16 98984] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-06-07 137200] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728] S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF----------------- |
|
16.10.2009, 21:38
| #6 |
| | Trojaner gefunden! - TR/NaviPromo.CCode:
ATTFilter info.txt logfile of random's system information tool 1.06 2009-10-16 22:30:22
======Uninstall list======
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
ABBYY FineReader 6.0 Sprint-->MsiExec.exe /X{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9.1 - Deutsch-->MsiExec.exe /I{AC76BA86-7AD7-1031-7B44-A91000000001}
Adobe Shockwave Player-->C:\WINDOWS\system32\Adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Audiograbber 1.83 SE -->"C:\Program Files\Audiograbber\Uninstall.exe"
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
AVM FRITZ!WLAN-->C:\Program Files\avmwlanstick\instwcli.exe -d1
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Critical Update for Windows Media Player 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
DeepBurner v1.8.0.224-->"C:\Program Files\Astonsoft\DeepBurner\Uninstall.exe" "C:\Program Files\Astonsoft\DeepBurner\install.log"
Free PDF to Word Doc Converter v1.1-->"C:\Program Files\Free PDF to Word Doc Converter\unins000.exe"
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Hotfix for Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"
janosch_bildschirmschoner Screensaver-->pysoft_uninstaller.exe /u C:\WINDOWS\system32\janosch_bildschirmschoner.scr
Java(TM) 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216013FF}
Last.fm 1.5.4.24567-->"C:\Program Files\Last.fm\unins000.exe"
Lexmark -->regsvr32.exe /s /u "C:\Program Files\Lexmark Printable Web\bho.dll"
Lexmark 7600 Series-->C:\Program Files\Lexmark 7600 Series\Install\x86\Uninst.exe
Lexmark Symbolleiste-->regsvr32.exe /s /u "C:\Program Files\Lexmark Toolbar\toolband.dll"
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft DirectX Transform optional components-->RUNDLL32.EXE ADVPACK.DLL,LaunchINFSection C:\WINDOWS\INF\DXTXTRA.INF,UNINSTALL.NT,12
Microsoft Office 2000 Premium-->MsiExec.exe /I{00000407-78E1-11D2-B60F-006097C998E7}
Mozilla Firefox (3.5.3)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
PCI Audio Driver-->cmuninst.exe
Picasa 3-->"C:\Program Files\Google\Picasa3\Uninstall.exe"
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x9 -removeonly
Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953155)-->"C:\WINDOWS\$NtUninstallKB953155$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953838)-->"C:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956390)-->"C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958215)-->"C:\WINDOWS\$NtUninstallKB958215$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"
Security Update for Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960714)-->"C:\WINDOWS\$NtUninstallKB960714$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Security Update for Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe"
Security Update for Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
Security Update for Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Security Update for Windows XP (KB963027)-->"C:\WINDOWS\$NtUninstallKB963027$\spuninst\spuninst.exe"
Security Update for Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
Security Update for Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"
Security Update for Windows XP (KB969897)-->"C:\WINDOWS\$NtUninstallKB969897$\spuninst\spuninst.exe"
Security Update for Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe"
Security Update for Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971961)-->"C:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe"
Security Update for Windows XP (KB972260)-->"C:\WINDOWS\$NtUninstallKB972260$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974455)-->"C:\WINDOWS\$NtUninstallKB974455$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"
Sony USB Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}\setup.exe" -l0x9 UNINSTALL -removeonly
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Update for Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Update for Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Update for Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
Update for Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
VIA Platform Device Manager-->C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169}
VIA Rhine-Family Fast Ethernet Adapter-->Rundll32.exe vuins32.dll,vuins32Ex $Rhine $VIA
VLC media player 1.0.0-->C:\Program Files\VLC\uninstall.exe
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
=====HijackThis Backups=====
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2009-05-24]
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') [2009-05-24]
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-05-24]
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') [2009-05-24]
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') [2009-05-24]
======Security center information======
AV: Avira AntiVir PersonalEdition
======System event log======
Computer Name: ***-A63D2A32
Event Code: 32
Message: Dependent Assembly Microsoft.VC80.MFCLOC could not be found and Last Error was The referenced assembly is not installed on your system.
Record Number: 58468
Source Name: SideBySide
Time Written: 20090920201254.000000+120
Event Type: error
User:
Computer Name: ***-A63D2A32
Event Code: 6161
Message: The document Microsoft Word - Dokument2 owned by *** failed to print on printer Lexmark 7600 Series (USB). Data type: LEMF. Size of the spool file in bytes: 106529. Number of bytes printed: 106529. Total number of pages in the document: 1. Number of pages printed: 0. Client machine: \\***-A63D2A32. Win32 error code returned by the print processor: 0 (0x0).
Record Number: 58467
Source Name: Print
Time Written: 20090920201244.000000+120
Event Type: error
User: ***-A63D2A32\***
Computer Name: ***-A63D2A32
Event Code: 7000
Message: The lxdwCATSCustConnectService service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Record Number: 58448
Source Name: Service Control Manager
Time Written: 20090920193428.000000+120
Event Type: error
User:
Computer Name: ***-A63D2A32
Event Code: 7009
Message: Timeout (30000 milliseconds) waiting for the lxdwCATSCustConnectService service to connect.
Record Number: 58447
Source Name: Service Control Manager
Time Written: 20090920193428.000000+120
Event Type: error
User:
Computer Name: ***-A63D2A32
Event Code: 2504
Message: The server could not bind to the transport \Device\NetBT_Tcpip_{98780EAB-3E02-4215-A8C4-04ACCC6165E6}.
Record Number: 58446
Source Name: Server
Time Written: 20090920193415.000000+120
Event Type: warning
User:
=====Application event log=====
Computer Name: ***-A63D2A32
Event Code: 1002
Message: Hanging application firefox.exe, version 1.9.0.3257, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Record Number: 2408
Source Name: Application Hang
Time Written: 20090113191326.000000+060
Event Type: error
User:
Computer Name: ***-A63D2A32
Event Code: 1002
Message: Hanging application firefox.exe, version 1.9.0.3257, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Record Number: 2407
Source Name: Application Hang
Time Written: 20090113191211.000000+060
Event Type: error
User:
Computer Name: ***-A63D2A32
Event Code: 1002
Message: Hanging application firefox.exe, version 1.9.0.3257, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Record Number: 2406
Source Name: Application Hang
Time Written: 20090113170035.000000+060
Event Type: error
User:
Computer Name: ***-A63D2A32
Event Code: 1001
Message: Detection of product '{00000407-78E1-11D2-B60F-006097C998E7}', feature 'ThesaurusFiles_ITA' failed during request for component '{6C3C75EE-D6CD-11D2-B778-00805F4AD050}'
Record Number: 2243
Source Name: MsiInstaller
Time Written: 20081127183332.000000+060
Event Type: warning
User: ***-A63D2A32\***
Computer Name: ***-A63D2A32
Event Code: 1002
Message: Hanging application WINWORD.EXE, version 9.0.0.2823, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Record Number: 2165
Source Name: Application Hang
Time Written: 20081111190852.000000+060
Event Type: error
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\WBEM
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 2 Stepping 7, GenuineIntel
"PROCESSOR_REVISION"=0207
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
-----------------EOF-----------------
|
|
16.10.2009, 21:49
| #7 |
| /// Helfer-Team | Trojaner gefunden! - TR/NaviPromo.C moin bam-bam. Bitte poste noch die Logdatei von AntiVir. EDIT: Bitte mach einen Scan mit Super AntiSpyware: http://www.trojaner-board.de/51871-a...tispyware.html Gruß Handball10
__________________ Lustige Rechtschreibfehler des Trojanischen Pferdes "Trojan.Win32.FraudPack.ajn" Lustige Rechtschreibfehler von "XP Deluxe Protector" - Neu !! |
|
17.10.2009, 19:23
| #8 |
| | Trojaner gefunden! - TR/NaviPromo.C Servus handball10, die Logdatei von AntiVir, wie find ich die?? :/ Hier ist jedenfalls schon mal das logfile von SuperAntiSpyware: Code:
ATTFilter SUPERAntiSpyware Scan Log
h**p://w*w.superantispyware.com
Generated 10/17/2009 at 07:58 PM
Application Version : 4.29.1004
Core Rules Database Version : 4171
Trace Rules Database Version: 2093
Scan type : Complete Scan
Total Scan Time : 02:50:13
Memory items scanned : 446
Memory threats detected : 0
Registry items scanned : 4540
Registry threats detected : 0
File items scanned : 66012
File threats detected : 138
Adware.Tracking Cookie
.adtech.de [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.adtech.de [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.mediaplex.com [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.as-eu.falkag.net [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.specificclick.net [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.specificclick.net [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.specificclick.net [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.specificclick.net [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
w*w.blogcounter.de [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.ice.112.2o7.net [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.adopt.euroclick.com [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
adopt.euroclick.com [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.adopt.euroclick.com [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.adopt.euroclick.com [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.adopt.euroclick.com [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.adopt.euroclick.com [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.indextools.com [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.indextools.com [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
statse.webtrendslive.com [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.komtrack.com [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.komtrack.com [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.e-2dj6wgkoancjskp.stats.esomniture.com [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.e-2dj6wjnygjd5mbq.stats.esomniture.com [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.doubleclick.net [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.4stats.de [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.4stats.de [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
partners.webmasterplan.com [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
partners.webmasterplan.com [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
partners.webmasterplan.com [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
adserver.71i.de [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.overture.com [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.mediavantage.de [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.tradedoubler.com [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.tradedoubler.com [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.e-2dj6wjlowhcpkho.stats.esomniture.com [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.e-2dj6whkiskazghq.stats.esomniture.com [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.e-2dj6whkiamcjebp.stats.esomniture.com [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.e-2dj6wfkowocpcko.stats.esomniture.com [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.e-2dj6wfkiqhdjaeo.stats.esomniture.com [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.e-2dj6wfliekdzocp.stats.esomniture.com [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.adfarm1.adition.com [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.e-2dj6wfloggdzwap.stats.esomniture.com [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
ad.yieldmanager.com [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
ad.yieldmanager.com [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
ad.yieldmanager.com [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
adserving.cpxinteractive.com [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
adserving.cpxinteractive.com [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
de.sitestat.com [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
w*w.etracker.de [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
w*w.etracker.de [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.atdmt.com [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.w*w.windowsmedia.com [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.w*w.windowsmedia.com [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.xiti.com [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.list.ru [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.fastclick.net [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.fastclick.net [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.fastclick.net [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.fastclick.net [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.fastclick.net [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.fastclick.net [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.fastclick.net [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.247realmedia.com [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.smartadserver.com [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.smartadserver.com [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.smartadserver.com [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.hbxtracking.sueddeutsche.de [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.hbxtracking.sueddeutsche.de [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.hbxtracking.sueddeutsche.de [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.sevenloadgmbh.112.2o7.net [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.yadro.ru [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.estat.com [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.bfast.com [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.bfast.com [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.screensavers.com [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.screensavers.com [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
w*w.screensavers.com [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.perf.overture.com [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.adbrite.com [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.adbrite.com [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.burstnet.com [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.burstnet.com [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
w*w.burstnet.com [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
w*w.burstbeacon.com [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.e-2dj6wgkoujczahp.stats.esomniture.com [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
track.webtrekk.de [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.advertising.com [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.advertising.com [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.revsci.net [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.revsci.net [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.revsci.net [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.revsci.net [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.atwola.com [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.hitbox.com [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.hitbox.com [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.ehg-nokiafin.hitbox.com [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.msnportal.112.2o7.net [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.serving-sys.com [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.serving-sys.com [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.serving-sys.com [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.serving-sys.com [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.serving-sys.com [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.microsoftwga.112.2o7.net [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
.bs.serving-sys.com [ C:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\ny25hamf.default\cookies.txt ]
C:\Documents and Settings\***\Cookies\***@atdmt[2].txt
C:\Documents and Settings\***\Cookies\***@bs.serving-sys[1].txt
C:\Documents and Settings\***\Cookies\***@doubleclick[2].txt
C:\Documents and Settings\***\Cookies\***@mediaplex[1].txt
C:\Documents and Settings\***\Cookies\***@microsoftwga.112.2o7[1].txt
C:\Documents and Settings\***\Cookies\***@msnportal.112.2o7[1].txt
C:\Documents and Settings\***\Cookies\***@serving-sys[1].txt
C:\Documents and Settings\***\Cookies\***@w*w.windowsmedia[1].txt
C:\Documents and Settings\***\Cookies\***@2o7[1].txt
C:\Documents and Settings\***\Cookies\***@adfarm1.adition[1].txt
C:\Documents and Settings\***\Cookies\***@adtech[2].txt
C:\Documents and Settings\***\Cookies\***@advertising[1].txt
C:\Documents and Settings\***\Cookies\***@as-eu.falkag[1].txt
C:\Documents and Settings\***\Cookies\***@atwola[1].txt
C:\Documents and Settings\***\Cookies\***@komtrack[2].txt
C:\Documents and Settings\***\Cookies\***@overture[2].txt
C:\Documents and Settings\***\Cookies\***@sevenoneintermedia.112.2o7[1].txt
C:\Documents and Settings\***\Cookies\***@tradedoubler[2].txt
C:\Documents and Settings\***\Cookies\***@w*w.googleadservices[1].txt
C:\Dokumente und Einstellungen\***\Cookies\***@2o7[2].txt
C:\Dokumente und Einstellungen\***\Cookies\***@atdmt[2].txt
C:\Dokumente und Einstellungen\***\Cookies\***@bs.serving-sys[2].txt
C:\Dokumente und Einstellungen\***\Cookies\***@doubleclick[1].txt
C:\Dokumente und Einstellungen\***\Cookies\***@mediaplex[1].txt
C:\Dokumente und Einstellungen\***\Cookies\***@msnportal.112.2o7[1].txt
C:\Dokumente und Einstellungen\***\Cookies\***@serving-sys[2].txt
C:\Dokumente und Einstellungen\***\Cookies\***@overture[2].txt
C:\Dokumente und Einstellungen\***\Cookies\***@w*w.googleadservices[1].txt
Adware.Vundo/Variant-MSFake
C:\PROGRAM FILES\NAVILOG1\REG.EXE
|
|
| Themen zu Trojaner gefunden! - TR/NaviPromo.C |
| adobe, avira, bho, explorer, firefox, google, gupdate, hijack, hijackthis, internet, internet explorer, logfile, messenger, micro, microsoft, mozilla, plug-in, rojaner gefunden, software, sp3, stick, system, system32, tr/navipromo.c, trojaner, trojaner gefunden, windows, windows media player, windows xp |
Hybrid-Darstellung
