Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Habe mir den "ICQ-Virus" eingefangen

Habe mir den "ICQ-Virus" eingefangen


Plagegeister aller Art und deren Bekämpfung: Habe mir den "ICQ-Virus" eingefangen

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 22.04.2010, 20:07   #1
Akim
 
Habe mir den "ICQ-Virus" eingefangen - Standard

Habe mir den "ICQ-Virus" eingefangen


Hallo Leute,
ich bin ein totaler Virus-Neuling, und konnte aus den anderne "ICQ-Virus" Themen nicht wirklich heraus lesen was ich zum beseiteigen des Virus tun muss.
Nun ja ich habe es immerhin schon geschafft die Scans durchzuführen:

Malwarebytes Anti-Malware :

Malwarebytes' Anti-Malware 1.45
www.malwarebytes.org

Datenbank Version: 4021

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18904

22.04.2010 20:08:20
mbam-log-2010-04-22 (20-08-20).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|G:\|H:\|)
Durchsuchte Objekte: 277333
Laufzeit: 2 Stunde(n), 2 Minute(n), 54 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 2
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 3

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\windows update manager (Backdoor.IRCBot) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\windows update services (Backdoor.IRCBot) -> Quarantined and deleted successfully.

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
C:\Program Files\Guitar Pro 4.1.0\keygen.exe (Trojan.Backdoor) -> Quarantined and deleted successfully.
C:\Users\Public\winsvcn.exe (Backdoor.IRCBot) -> Delete on reboot.
C:\Users\Public\winsvn.exe (Backdoor.IRCBot) -> Delete on reboot.

Alt 22.04.2010, 20:10   #2
Akim
 
Habe mir den "ICQ-Virus" eingefangen - Standard

Habe mir den "ICQ-Virus" eingefangen


Sorry für den doppelten Post, aber irgentwie hat es eine Error gegeben, wenn ich alles auf einmal reingepackt habe.



OTL:

OTL:
OTL logfile created on: 22.04.2010 20:27:34 - Run 1
OTL by OldTimer - Version 3.2.2.0 Folder = C:\Users\********\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 65,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 84,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 576,16 Gb Total Space | 377,29 Gb Free Space | 65,48% Space Free | Partition Type: NTFS
Drive D: | 20,00 Gb Total Space | 12,36 Gb Free Space | 61,81% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: *******
Current User Name: ******
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Users\******\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Users\Public\winvsn.exe ()
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Tunngle\TnglCtrl.exe (Tunngle.net GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Programme\TeamViewer\Version5\TeamViewer.exe (TeamViewer GmbH)
PRC - C:\Programme\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Programme\ICQ6Toolbar\ICQ Service.exe ()
PRC - C:\Programme\OpenOffice\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\Programme\OpenOffice\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation)


========== Modules (SafeList) ==========

MOD - C:\Users\******\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Programme\TeamViewer\Version5\TV.dll (TeamViewer GmbH)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\dwmapi.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (TunngleService) -- C:\Programme\Tunngle\TnglCtrl.exe (Tunngle.net GmbH)
SRV - (TeamViewer5) -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (ICQ Service) -- C:\Programme\ICQ6Toolbar\ICQ Service.exe ()
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (IAANTMON) Intel(R) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (atksgt) -- C:\Windows\System32\drivers\atksgt.sys ()
DRV - (lirsgt) -- C:\Windows\System32\drivers\lirsgt.sys ()
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (teamviewervpn) -- C:\Windows\System32\drivers\teamviewervpn.sys (TeamViewer GmbH)
DRV - (tap0901t) TAP-Win32 Adapter V9 (Tunngle) -- C:\Windows\System32\drivers\tap0901t.sys (Tunngle.net)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (iaStor) -- C:\Windows\system32\DRIVERS\iaStor.sys (Intel Corporation)
DRV - (e1express) Intel(R) -- C:\Windows\System32\drivers\e1e6032.sys (Intel Corporation)
DRV - (MegaSR) -- C:\Windows\system32\drivers\megasr.sys (LSI Corporation, Inc.)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Corporation)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.04.13 16:38:23 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.04.22 17:41:38 | 000,000,000 | ---D | M]

[2010.01.22 23:16:31 | 000,000,000 | ---D | M] -- C:\Users\*******\AppData\Roaming\mozilla\Extensions
[2010.04.22 20:25:57 | 000,000,000 | ---D | M] -- C:\Users\*******\AppData\Roaming\mozilla\Firefox\Profiles\7um3here.default\extensions
[2010.01.22 23:27:28 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\*******\AppData\Roaming\mozilla\Firefox\Profiles\7um3here.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.04.15 18:03:31 | 000,000,947 | ---- | M] () -- C:\Users\********\AppData\Roaming\Mozilla\FireFox\Profiles\7um3here.default\searchplugins\icqplugin.xml
[2010.04.22 17:41:39 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2010.04.22 17:41:39 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.04.12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.01.16 03:15:29 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.01.16 03:15:29 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.01.16 03:15:29 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.01.16 03:15:29 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.01.16 03:15:29 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Programme\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [ Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NBKeyScan] C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [toolbar_eula_launcher] C:\Programme\GoogleEULA\EULALauncher.exe ( )
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [ICQ] C:\Program Files\ICQ7.0\ICQ.exe (ICQ, LLC.)
O4 - HKCU..\Run: [Windows Control Manager] C:\Users\Public\winvsn.exe ()
O4 - Startup: C:\Users\*******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk = C:\Programme\OpenOffice\OpenOffice.org 3\program\quickstart.exe ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - File not found
O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Programme\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Programme\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: fritz.box ([]* in Lokales Intranet)
O15 - HKCU\..Trusted Ranges: Range1 ([*] in Lokales Intranet)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\*******\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\*******\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010.04.22 17:45:55 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Roaming\Malwarebytes
[2010.04.22 17:45:42 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.04.22 17:45:40 | 000,020,824 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.04.22 17:45:40 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.04.22 17:45:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.04.22 17:44:32 | 005,918,720 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\******\Desktop\mbam-setup-1.45.exe
[2010.04.22 17:43:39 | 000,562,176 | ---- | C] (OldTimer Tools) -- C:\Users\******\Desktop\OTL.exe
[2010.04.22 17:41:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010.04.22 17:41:38 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2010.04.22 17:41:38 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010.04.22 17:41:38 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010.04.22 17:41:38 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010.04.22 17:35:03 | 000,000,000 | ---D | C] -- C:\Users\********\AppData\Roaming\Avira
[2010.04.22 17:31:52 | 000,051,992 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntdd.sys
[2010.04.22 17:31:52 | 000,017,016 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntmgr.sys
[2010.04.14 15:15:19 | 003,600,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2010.04.14 15:15:19 | 003,548,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2010.04.14 15:14:45 | 000,420,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2010.04.14 15:14:40 | 000,220,672 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codecp.acm
[2010.04.14 15:14:40 | 000,062,464 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codeca.acm
[2010.04.13 16:39:57 | 000,000,000 | ---D | C] -- C:\Programme\iPod
[2010.04.13 16:39:54 | 000,000,000 | ---D | C] -- C:\Programme\iTunes
[2010.04.13 16:39:54 | 000,000,000 | ---D | C] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010.04.13 16:38:06 | 000,000,000 | ---D | C] -- C:\Programme\QuickTime
[2010.04.13 16:35:51 | 000,000,000 | ---D | C] -- C:\Programme\Bonjour
[2010.04.11 12:40:48 | 000,000,000 | ---D | C] -- C:\Users\*******\Documents\ICQ
[2010.04.08 15:12:41 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2010.04.08 15:12:41 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010.04.08 15:12:41 | 000,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010.04.08 15:12:41 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010.04.08 15:12:40 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010.04.08 15:12:39 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010.04.08 15:12:39 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010.04.08 15:12:39 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2010.04.08 15:12:39 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010.04.08 15:12:39 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010.04.08 15:12:38 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010.04.08 15:12:38 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2010.04.08 15:12:38 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2010.04.08 15:12:38 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2010.04.08 15:12:38 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010.03.27 13:02:19 | 000,000,000 | ---D | C] -- C:\Windows\Minidump

========== Files - Modified Within 30 Days ==========

[2010.04.22 20:26:50 | 001,572,864 | -HS- | M] () -- C:\Users\********\NTUSER.DAT
[2010.04.22 20:26:46 | 001,418,806 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.04.22 20:26:46 | 000,618,204 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.04.22 20:26:46 | 000,586,980 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.04.22 20:26:46 | 000,122,636 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.04.22 20:26:46 | 000,101,052 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.04.22 20:20:28 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.04.22 20:20:28 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.04.22 20:20:27 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.04.22 20:20:25 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.04.22 20:20:21 | 3217,260,544 | -HS- | M] () -- C:\hiberfil.sys
[2010.04.22 20:19:43 | 000,524,288 | -HS- | M] () -- C:\Users\*******\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010.04.22 20:19:43 | 000,065,536 | -HS- | M] () -- C:\Users\*******\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010.04.22 20:19:39 | 000,000,000 | ---- | M] () -- C:\Windows\System32\Access.dat
[2010.04.22 20:19:37 | 002,467,899 | -H-- | M] () -- C:\Users\*******\AppData\Local\IconCache.db
[2010.04.22 17:45:45 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.04.22 17:44:38 | 005,918,720 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\*******\Desktop\mbam-setup-1.45.exe
[2010.04.22 17:43:43 | 000,562,176 | ---- | M] (OldTimer Tools) -- C:\Users\*******\Desktop\OTL.exe
[2010.04.22 17:28:38 | 044,151,368 | ---- | M] () -- C:\Users\*******\Desktop\avira_antivir_personal_de567.exe
[2010.04.21 17:30:49 | 000,022,328 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010.04.13 16:40:24 | 000,001,804 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010.04.13 16:38:15 | 000,001,730 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010.04.12 17:29:27 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010.04.12 17:29:26 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010.04.12 17:29:25 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010.04.12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2010.04.11 12:25:03 | 026,099,574 | ---- | M] () -- C:\Users\*******\Desktop\CCI00001.bmp
[2010.04.11 00:26:42 | 000,012,288 | ---- | M] () -- C:\Users\*******\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.03.29 15:24:58 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.03.29 15:24:46 | 000,020,824 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.03.27 13:02:12 | 223,414,978 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010.03.26 21:00:50 | 000,041,872 | ---- | M] () -- C:\Windows\System32\xfcodec.dll
[2010.03.26 15:12:05 | 000,215,104 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr

========== Files Created - No Company Name ==========

[2010.04.22 17:45:45 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.04.22 17:27:31 | 044,151,368 | ---- | C] () -- C:\Users\*******\Desktop\avira_antivir_personal_de567.exe
[2010.04.13 16:40:24 | 000,001,804 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010.04.13 16:38:15 | 000,001,730 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010.03.27 13:02:12 | 223,414,978 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010.03.26 21:00:50 | 000,041,872 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
[2010.03.17 18:10:50 | 000,197,120 | ---- | C] () -- C:\Windows\patchw32.dll
[2010.02.27 18:05:08 | 000,271,360 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2010.02.27 18:04:48 | 000,018,048 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2010.01.26 20:04:49 | 000,022,328 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010.01.26 20:04:32 | 000,000,319 | ---- | C] () -- C:\Windows\game.ini
[2010.01.22 21:38:48 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2010.01.22 15:52:30 | 000,000,887 | ---- | C] () -- C:\Windows\uninst.ini
[2008.08.08 15:49:44 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
< End of report >
__________________

Geändert von Akim (22.04.2010 um 20:16 Uhr)

Alt 22.04.2010, 20:12   #3
Akim
 
Habe mir den "ICQ-Virus" eingefangen - Standard

Habe mir den "ICQ-Virus" eingefangen


Extras:
OTL Extras logfile created on: 22.04.2010 20:27:34 - Run 1
OTL by OldTimer - Version 3.2.2.0 Folder = C:\Users\******\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 65,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 84,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 576,16 Gb Total Space | 377,29 Gb Free Space | 65,48% Space Free | Partition Type: NTFS
Drive D: | 20,00 Gb Total Space | 12,36 Gb Free Space | 61,81% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ********
Current User Name: ********
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~4\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0405B59D-07A9-4C11-8617-FDD95EE206E2}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{131192F4-0CDD-4CA0-9239-943EF0B4EFAD}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe |
"{18F6A440-E276-4A5B-ABD3-5BE3D3438766}" = protocol=17 | dir=in | app=c:\program files\tunngle\tunngle.exe |
"{1A303F31-98A8-406C-A0AA-89F96E264BE5}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{1BE83384-599E-40A5-BE99-3EB160A31AF7}" = protocol=17 | dir=in | app=c:\program files\tunngle\tnglctrl.exe |
"{1D8B395D-607A-4291-BE89-745EBC8CEDCC}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{23263271-C0D2-4137-B290-6FC56F51919B}" = protocol=6 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{269438CC-5795-42C8-9006-B20171E08405}" = protocol=6 | dir=in | app=c:\program files\tunngle\tnglctrl.exe |
"{29DC5031-07B4-47E0-B36F-E49A9353AFFB}" = protocol=6 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{2B782CCC-F883-44DE-83DA-25461B5AF6DF}" = protocol=17 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{44DA55D9-B665-4EEE-9ECD-86B427C135CA}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{5642C98D-064D-435C-B0F3-7123ED375E9E}" = protocol=6 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{7EA9A0CD-8336-420E-A833-0752D827F64F}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{9CD53D96-3FA4-476A-9346-A6B2C7A393C9}" = protocol=17 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{9E5B5679-609D-464D-A856-CB3F3B0C9049}" = protocol=17 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{A445A302-A570-459F-8FB8-2A998403C023}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{A4B39F66-0485-4624-90E9-F35D0BFD8E1E}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{A5E8ECC8-A2B4-499E-BABE-BA99C61F54F9}" = protocol=6 | dir=in | app=c:\program files\tunngle\tunngle.exe |
"{AE1CDFB6-D134-40C9-87B1-FD08DA13DCB7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C01FF365-FF17-414A-9B8B-E7276AB1DA22}" = protocol=6 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{C10C64A5-6E6A-43CF-95C4-D469DC833E8A}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{CFAEA151-D67B-4D1B-AA0B-8F947D7D3944}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{DCA4E2AA-DD4B-4215-9DD6-1597A3038EFC}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe |
"{DD8DBE22-1B5B-48A0-A476-61C82F199520}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{DFC31FBD-02B2-47F6-AEBD-21935875B19D}" = protocol=6 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{E334E465-90C1-4395-8921-19B4AF8CB48A}" = protocol=17 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{F8D9FCF8-4C8E-42D8-B154-84157B7777AB}" = protocol=17 | dir=in | app=c:\program files\icq7.0\icq.exe |
"TCP Query User{1EF76F6E-BB6F-493F-A677-403487681EF1}C:\windows\system32\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"TCP Query User{37193D2D-02A8-44C3-B382-B4EEBADC8290}C:\program files\xfire\xfire.exe" = protocol=6 | dir=in | app=c:\program files\xfire\xfire.exe |
"TCP Query User{5BC2D1A4-26F4-40D3-8270-9364241423BD}C:\program files\icq7.0\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq7.0\icq.exe |
"TCP Query User{5E55D746-B7D9-46B1-B20F-F98E519DC41C}C:\program files\3do\heroes 3 complete\heroes3.exe" = protocol=6 | dir=in | app=c:\program files\3do\heroes 3 complete\heroes3.exe |
"TCP Query User{6543483D-7EBD-4CAA-8EA4-4B8DF778C621}C:\program files\ubisoft\heroes of might and magic v - tribes of the east\bin\h5_game.exe" = protocol=6 | dir=in | app=c:\program files\ubisoft\heroes of might and magic v - tribes of the east\bin\h5_game.exe |
"TCP Query User{6D5FF414-7097-4F08-BBF5-67CF6CB2EB24}C:\program files\electronic arts\die schlacht um mittelerde ii\game.dat" = protocol=6 | dir=in | app=c:\program files\electronic arts\die schlacht um mittelerde ii\game.dat |
"TCP Query User{766DA340-3777-4DF4-AFA0-BAC352A1AFC0}C:\program files\ubisoft\heroes of might and magic v - tribes of the east\bin\h5_game.exe" = protocol=6 | dir=in | app=c:\program files\ubisoft\heroes of might and magic v - tribes of the east\bin\h5_game.exe |
"TCP Query User{8011D598-1FA7-4D01-A9A5-86054A3C43EE}C:\windows\system32\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"TCP Query User{9410A554-CAF1-4B3E-9672-1F5D68E6D53F}C:\program files\3do\heroes 3 complete\heroes3.exe" = protocol=6 | dir=in | app=c:\program files\3do\heroes 3 complete\heroes3.exe |
"TCP Query User{BC53DE61-D3B1-4049-8B8E-37C102BAF680}C:\program files\xfire\xfire.exe" = protocol=6 | dir=in | app=c:\program files\xfire\xfire.exe |
"TCP Query User{E8E9A57E-E0CC-4201-8873-DFAAEA098EC8}C:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe" = protocol=6 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe |
"UDP Query User{02326C2C-588A-48F5-9049-20224825C877}C:\program files\3do\heroes 3 complete\heroes3.exe" = protocol=17 | dir=in | app=c:\program files\3do\heroes 3 complete\heroes3.exe |
"UDP Query User{29CA96B5-FA0B-4312-B4DC-4AF1CCBCCA7E}C:\program files\xfire\xfire.exe" = protocol=17 | dir=in | app=c:\program files\xfire\xfire.exe |
"UDP Query User{45DA6116-9413-487D-B001-B3C2948B2E4E}C:\windows\system32\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"UDP Query User{6E4C6AA0-FB7B-4694-B67A-B0C4A9892576}C:\program files\icq7.0\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq7.0\icq.exe |
"UDP Query User{70376413-C7E7-4600-ACC8-5BE55D588FEE}C:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe" = protocol=17 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe |
"UDP Query User{7706410E-D14D-4836-8CE3-83197B302F29}C:\program files\3do\heroes 3 complete\heroes3.exe" = protocol=17 | dir=in | app=c:\program files\3do\heroes 3 complete\heroes3.exe |
"UDP Query User{7A8C8AD5-A5A0-4363-9F3B-B58D20E6D766}C:\windows\system32\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"UDP Query User{8C7DCF8E-5BDE-4FD2-BDCC-19D9DFB1FBE1}C:\program files\ubisoft\heroes of might and magic v - tribes of the east\bin\h5_game.exe" = protocol=17 | dir=in | app=c:\program files\ubisoft\heroes of might and magic v - tribes of the east\bin\h5_game.exe |
"UDP Query User{C1B4BA5A-7EEB-414B-AEA0-BEC62FB75F35}C:\program files\ubisoft\heroes of might and magic v - tribes of the east\bin\h5_game.exe" = protocol=17 | dir=in | app=c:\program files\ubisoft\heroes of might and magic v - tribes of the east\bin\h5_game.exe |
"UDP Query User{DDF2533F-3F18-4539-85E9-B61BAE8E5F26}C:\program files\xfire\xfire.exe" = protocol=17 | dir=in | app=c:\program files\xfire\xfire.exe |
"UDP Query User{F2172212-3163-4191-8BEF-DE1AB26A3F31}C:\program files\electronic arts\die schlacht um mittelerde ii\game.dat" = protocol=17 | dir=in | app=c:\program files\electronic arts\die schlacht um mittelerde ii\game.dat |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02B244A2-7F6A-42E8-A36F-8C385D7A1625}" = Gothic III
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20071984-5EB1-4881-8EDB-082532ACEC6D}" = Heroes of Might and Magic V
"{2223FC2F-B862-4F83-BC9E-DDF2DADF2859}" = Intel(R) Network Connections 13.0.42.0
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 20
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}" = Die Schlacht um Mittelerde™ II
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3F290582-3F4E-4B96-009C-E0BABAA40C42}" = Die Schlacht um Mittelerde(tm)
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51F96AEC-D902-4434-A0DC-B9692A21AE7C}" = MobileMe Control Panel
"{54A2CFDE-DC70-46E0-92AC-DC88F6303D39}" = Guitar Pro 4
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{66FF4C48-0083-4E60-8556-B883AB200091}" = Heroes of Might & Magic V: Hammers of Fate
"{66FF4C48-0083-4E60-8556-B883AB200092}" = Heroes of Might and Magic V - Tribes of the East
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{76BC2442-0002-47FA-9617-43BAD82BEF4C}" = Bonjour
"{88EB38EF-4D2C-436D-ABD3-56B232674062}" = ICQ7
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{430971B1-C31E-45DA-81E0-72C095BAB72C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{58FC5E37-DD28-4D4A-A549-125744C6763C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{888B9AC7-8F5C-456B-A27A-157A6C310E52}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{907B4640-266B-4A21-92FB-CD1A86CD0F63}" = RollerCoaster Tycoon 3
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{996A2FAA-7514-4628-9D12-A8FC34A0016E}" = iTunes
"{99BEB67F-B288-44F5-8B2A-23F5F522A1AE}_is1" = Universal Anticheat 2 v2.24
"{99E862CC-6F69-4D39-99AA-DBF71BF3B585}" = OpenOffice.org 3.1
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A67BB21E-D419-45BB-AB86-7D87D14BBCE2}" = Safari
"{AC76BA86-7AD7-1031-7B44-A90000000001}" = Adobe Reader 9 - Deutsch
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{B5C3B892-0849-476C-9F46-B12F84819D57}" = Apple Mobile Device Support
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{EA926717-CE5A-4CB4-AB21-9E6E9565A458}" = RCT3 Soaked
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AVMFBox" = AVM FRITZ!Box Dokumentation
"AVMFBoxPrinter" = AVM FRITZ!Box Druckeranschluss
"CoD RconTool" = CoD RconTool
"Hamachi" = Hamachi 1.0.1.5
"Heroes of Might and Magic IV" = Heroes of Might and Magic IV: Winds of War
"Heroes of Might and Magic® III" = Heroes of Might and Magic® III Complete
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"ICQToolbar" = ICQ Toolbar
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"NVIDIA Drivers" = NVIDIA Drivers
"PROSetDX" = Intel(R) Network Connections 13.0.42.0
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TeamViewer 5" = TeamViewer 5
"Tunngle beta_is1" = Tunngle beta
"WinRAR archiver" = WinRAR
"Xfire" = Xfire (remove only)

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 13.04.2010 15:30:26 | Computer Name = ******** | Source = Bonjour Service | ID = 100
Description = 400: ERROR: read_msg errno 10054 (Eine vorhandene Verbindung wurde
vom Remotehost geschlossen.)

Error - 13.04.2010 15:35:50 | Computer Name = ******** | Source = Application Hang | ID = 1002
Description = Programm ICQ.exe, Version 7.1.0.2096 arbeitet nicht mehr mit Windows
zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen
für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem
zu suchen. Prozess-ID: 91c Anfangszeit: 01cadb40621c8739 Zeitpunkt der Beendigung:
8

Error - 13.04.2010 15:36:26 | Computer Name = ******** | Source = WinMgmt | ID = 10
Description =

Error - 13.04.2010 15:40:13 | Computer Name = ******** | Source = Bonjour Service | ID = 100
Description = 384: ERROR: read_msg errno 10054 (Eine vorhandene Verbindung wurde
vom Remotehost geschlossen.)

Error - 13.04.2010 15:40:13 | Computer Name = ******** | Source = Bonjour Service | ID = 100
Description = 392: ERROR: read_msg errno 10054 (Eine vorhandene Verbindung wurde
vom Remotehost geschlossen.)

Error - 13.04.2010 15:40:13 | Computer Name = ******** | Source = Bonjour Service | ID = 100
Description = 396: ERROR: read_msg errno 10054 (Eine vorhandene Verbindung wurde
vom Remotehost geschlossen.)

Error - 13.04.2010 15:40:13 | Computer Name = ******** | Source = Bonjour Service | ID = 100
Description = 400: ERROR: read_msg errno 10054 (Eine vorhandene Verbindung wurde
vom Remotehost geschlossen.)

Error - 13.04.2010 15:40:13 | Computer Name = ******** | Source = Bonjour Service | ID = 100
Description = 404: ERROR: read_msg errno 10054 (Eine vorhandene Verbindung wurde
vom Remotehost geschlossen.)

Error - 14.04.2010 09:03:13 | Computer Name = ******** | Source = Application Hang | ID = 1002
Description = Programm ICQ.exe, Version 7.1.0.2096 arbeitet nicht mehr mit Windows
zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen
für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem
zu suchen. Prozess-ID: df8 Anfangszeit: 01cadbd2c2fdd6cc Zeitpunkt der Beendigung:
15

Error - 14.04.2010 09:03:42 | Computer Name = ******** | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 28.02.2010 10:25:04 | Computer Name = ******** | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.178.23 für die Netzwerkkarte mit der Netzwerkadresse
0021856A9273 wurde durch den DHCP-Server 0.0.0.0 abgelehnt (der DHCP-Server hat
eine DHCPNACK-Meldung gesendet).

Error - 28.02.2010 10:25:18 | Computer Name = ******** | Source = Server | ID = 2505
Description = Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht
\Device\NetBT_Tcpip_{2FCBDA09-3BD7-4501-826F-AE964E25D275} vom Serverdienst nicht
gebunden werden. Der Serverdienst konnte nicht gestartet werden.

Error - 28.02.2010 11:01:24 | Computer Name = ******** | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 7.2.173.39 für die Netzwerkkarte mit der Netzwerkadresse
00FF99671080 wurde durch den DHCP-Server 7.254.254.254 abgelehnt (der DHCP-Server
hat eine DHCPNACK-Meldung gesendet).

Error - 28.02.2010 11:16:10 | Computer Name = ******** | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 7.2.173.39 für die Netzwerkkarte mit der Netzwerkadresse
00FF99671080 wurde durch den DHCP-Server 7.254.254.254 abgelehnt (der DHCP-Server
hat eine DHCPNACK-Meldung gesendet).

Error - 01.03.2010 05:46:11 | Computer Name = ******** | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.178.23 für die Netzwerkkarte mit der Netzwerkadresse
0021856A9273 wurde durch den DHCP-Server 0.0.0.0 abgelehnt (der DHCP-Server hat
eine DHCPNACK-Meldung gesendet).

Error - 02.03.2010 12:03:08 | Computer Name = ******** | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.178.23 für die Netzwerkkarte mit der Netzwerkadresse
0021856A9273 wurde durch den DHCP-Server 0.0.0.0 abgelehnt (der DHCP-Server hat
eine DHCPNACK-Meldung gesendet).

Error - 02.03.2010 15:31:51 | Computer Name = ******** | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.178.23 für die Netzwerkkarte mit der Netzwerkadresse
0021856A9273 wurde durch den DHCP-Server 0.0.0.0 abgelehnt (der DHCP-Server hat
eine DHCPNACK-Meldung gesendet).

Error - 03.03.2010 09:51:10 | Computer Name = ******** | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.178.23 für die Netzwerkkarte mit der Netzwerkadresse
0021856A9273 wurde durch den DHCP-Server 0.0.0.0 abgelehnt (der DHCP-Server hat
eine DHCPNACK-Meldung gesendet).

Error - 04.03.2010 08:40:40 | Computer Name = ******** | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.178.23 für die Netzwerkkarte mit der Netzwerkadresse
0021856A9273 wurde durch den DHCP-Server 0.0.0.0 abgelehnt (der DHCP-Server hat
eine DHCPNACK-Meldung gesendet).

Error - 04.03.2010 14:17:43 | Computer Name = ******** | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.178.23 für die Netzwerkkarte mit der Netzwerkadresse
0021856A9273 wurde durch den DHCP-Server 0.0.0.0 abgelehnt (der DHCP-Server hat
eine DHCPNACK-Meldung gesendet).


< End of report >

DANKE IM VORRAUS
Akim
__________________
Antwort

Themen zu Habe mir den "ICQ-Virus" eingefangen
anti-malware, backdoor.ircbot, bösartige, dateien, eingefangen, explorer, files, gefangen, gen, icq - spammer, icq - virus, icq-virus, konnte, leute, malwarebytes, manager, microsoft, minute, service, services, software, theme, themen, totaler, troja, trojan.backdoor, update, version, windows update, wirklich


« Icq Virus eingefangen | C:\WINDOWS\system32\drivers\**; befürchte Rootkit »


Ähnliche Themen: Habe mir den "ICQ-Virus" eingefangen


  1. habe mir was eingefangen "DownloadSponsor.Gen"
    Plagegeister aller Art und deren Bekämpfung - 12.03.2015 (7)
  2. Diverse Malware ("CoolSaleCoupon", "ddownlloaditkeep", "omiga-plus", "SaveSense", "SaleItCoupon"); lahmer PC & viel Werbung!
    Plagegeister aller Art und deren Bekämpfung - 11.01.2015 (16)
  3. Beim Treiber Update "wiederspenstige" Software eingefangen. "SpeedUpMyComputer"
    Plagegeister aller Art und deren Bekämpfung - 27.05.2014 (3)
  4. Habe mir den "safesaver"-Mist eingefangen
    Plagegeister aller Art und deren Bekämpfung - 20.01.2014 (7)
  5. "monstermarketplace.com" Infektion und ihre Folgen; "Anti-Virus-Blocker"," unsichtbare Toolbars" + "Browser-Hijacker" von selbst installiert
    Log-Analyse und Auswertung - 16.11.2013 (21)
  6. 3x | habe mir virus/trojaner über skype eingefangen "sie ist auf diesem foto?"
    Mülltonne - 23.04.2013 (1)
  7. Habe mir "search.conduit.com" im IE eingefangen
    Log-Analyse und Auswertung - 18.03.2013 (7)
  8. Habe " bprotector for windows " als Programm auf meinem Rechner gefunden - ist das ein Virus?
    Plagegeister aller Art und deren Bekämpfung - 05.02.2013 (19)
  9. Ich habe mir vor drei Tagen den Ukash-BKA-Virus "eingefangen". Wie bekomme ich den wieder los?
    Plagegeister aller Art und deren Bekämpfung - 29.12.2012 (1)
  10. Windows aus "Sicherheitsgründen" blockiert-ich Thor habe den 50€ Virus
    Log-Analyse und Auswertung - 04.03.2012 (5)
  11. Habe mir einen "virus" o.ä. eingefangen, Linker Mausklick geht nicht mehr
    Log-Analyse und Auswertung - 17.09.2011 (1)
  12. habe auch "Roter Bildschirm: "Ihr System wurde aus Sicherheitsgründen blockiert" "
    Plagegeister aller Art und deren Bekämpfung - 26.08.2011 (3)
  13. Ich habe einen virus auf dem Computer der mich leicht "eingeschränkt"
    Log-Analyse und Auswertung - 03.08.2011 (1)
  14. Habe mir "ADSPY.AgentN" eingefangen...Was nun
    Plagegeister aller Art und deren Bekämpfung - 13.12.2009 (1)
  15. Hilfe, habe mir ein "TR /Renos.OAL" eingefangen
    Plagegeister aller Art und deren Bekämpfung - 01.07.2009 (2)
  16. Programme reagieren nicht mehr, nach dem ich Virus "entfernt" habe.
    Log-Analyse und Auswertung - 08.01.2009 (0)
  17. "RdxIE.dll"-habe ich mir etwas eingefangen?
    Log-Analyse und Auswertung - 13.04.2005 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Habe mir den "ICQ-Virus" eingefangen - Hallo Leute, ich bin ein totaler Virus-Neuling, und konnte aus den anderne "ICQ-Virus" Themen nicht wirklich heraus lesen was ich zum beseiteigen des Virus tun muss. Nun ja ich habe - Habe mir den "ICQ-Virus" eingefangen...
Archiv
Du betrachtest: Habe mir den "ICQ-Virus" eingefangen auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19