Spybot hat Trojaner Bifrose.LA gefunden |
||
---|---|---|
#0
| ||
20.02.2008, 14:23
Member
Themenstarter Beiträge: 13 |
||
|
||
20.02.2008, 14:37
Ehrenmitglied
Beiträge: 1441 |
#17
dann poste bitte noch mal die 2 logs von Comboscan
http://virus-protect.org/artikel/tools/comboscan.html __________ Gruss Pinguin bin dabei, meine Seite + Proggies zu aktualisieren: http://www.virus-protect.org/ |
|
|
||
20.02.2008, 14:57
Member
Themenstarter Beiträge: 13 |
#18
soll ich den dr.web so ausführen wie du es auf der seite beschrieben hast oder einfach nur starten und dann fängt er automatisch an eine kurzen durchlauf zu starten(so habe ich es gemacht)?
Logfile of HijackThis v1.99.1 Scan saved at 14:57:01, on 20.02.2008 Platform: Unknown Windows (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16609) Running processes: C:\Windows\System32\smss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\system32\Ati2evxx.exe C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe C:\Windows\system32\svchost.exe C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe C:\Windows\system32\svchost.exe C:\Windows\System32\ZoneLabs\vsmon.exe C:\Windows\system32\Ati2evxx.exe C:\Windows\System32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Windows\system32\svchost.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Tobit ClipInc\Player\ClipIncTray.exe C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Logitech\QuickCam\Quickcam.exe C:\Program Files\Common Files\logishrd\LComMgr\Communications_Helper.exe C:\Program Files\Spyware Doctor\pctsTray.exe C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe C:\Program Files\Vidalia Bundle\Privoxy\privoxy.exe C:\AMD\ATI.ACE\Core-Static\MOM.EXE C:\Windows\ehome\ehmsas.exe C:\Program Files\OpenOffice.org 2.3\program\soffice.exe C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Tobit ClipInc\Server\ClipInc-Server.exe C:\AMD\ATI.ACE\Core-Static\CCC.exe C:\Program Files\Vidalia Bundle\Tor\tor.exe C:\Program Files\Tobit ClipInc\Server\ClipInc-Server.exe C:\Program Files\Tobit ClipInc\Server\ClipInc-Server.exe C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe C:\Windows\system32\svchost.exe C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe C:\Program Files\Spyware Doctor\pctsAuxs.exe C:\Program Files\Spyware Doctor\pctsSvc.exe C:\Windows\system32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe C:\Windows\system32\taskeng.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\iPod\bin\iPodService.exe C:\Windows\System32\svchost.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe C:\Users\user\Desktop\dss.exe C:\Windows\system32\conime.exe C:\Users\user\Desktop\user.exe C:\Windows\system32\wbem\wmiprvse.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [Skytel] Skytel.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [ClipIncSrvTray] "C:\Program Files\Tobit ClipInc\Player\ClipIncTray.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe" O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe" O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe" O4 - HKLM\..\Run: [AVP] "C:\Users\Public\Desktop\Kaspersky Lab Tool\setup_7.0.0.180_18.02.2008_17-09.exe" O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [StartCCC] C:\AMD\ATI.ACE\Core-Static\CLIStart.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [Vidalia] "C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe" O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ\ICQ6\ICQ.exe" silent O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe O4 - Global Startup: Adobe Gamma Loader.lnk = ? O4 - Global Startup: Privoxy.lnk = C:\Program Files\Vidalia Bundle\Privoxy\privoxy.exe O8 - Extra context menu item: Diese Seite in Firefox öffnen - file://C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\libd8q4g.default\extensions\{5D558C43-550F-4b12-84AB-0D8ABDA9F975}\firefoxviewpage.html O8 - Extra context menu item: Link-Ziel in Firefox öffnen - file://C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\libd8q4g.default\extensions\{5D558C43-550F-4b12-84AB-0D8ABDA9F975}\firefoxviewlink.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ\ICQ6\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ\ICQ6\ICQ.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll O11 - Options group: [INTERNATIONAL] International* O13 - Gopher Prefix: O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: ClipInc 001 (ClipInc001) - Unknown owner - C:\Program Files\Tobit ClipInc\Server\ClipInc-Server.exe O23 - Service: ClipInc 002 (ClipInc002) - Unknown owner - C:\Program Files\Tobit ClipInc\Server\ClipInc-Server.exe O23 - Service: ClipInc 003 (ClipInc003) - Unknown owner - C:\Program Files\Tobit ClipInc\Server\ClipInc-Server.exe O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - %windir%\system32\svchost.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe" /service (file missing) O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing) O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing) O23 - Service: setup_7.0.0.180_18.02.2008_17-09 - Unknown owner - C:\Users\Public\Desktop\Kaspersky Lab Tool\setup_7.0.0.180_18.02.2008_17-09.exe" -r (file missing) O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe" /service (file missing) O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe" /service (file missing) Deckard's System Scanner v20071014.68 Run by user on 2008-02-20 14:55:45 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- HijackThis (run as user.exe) ------------------------------------------------ Unable to find log (file not found); running clone. -- HijackThis Clone ------------------------------------------------------------ Emulating logfile of Trend Micro HijackThis v2.0.2 Scan saved at 2008-02-20 14:57:00 Platform: Windows Vista (6.00.6000) MSIE: Internet Explorer (7.00.6000.16386) Boot mode: Normal Running processes: C:\Windows\System32\smss.exe C:\Windows\System32\csrss.exe C:\Windows\System32\wininit.exe C:\Windows\System32\csrss.exe C:\Windows\System32\services.exe C:\Windows\System32\lsass.exe C:\Windows\System32\lsm.exe C:\Windows\System32\winlogon.exe C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\System32\Ati2evxx.exe C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe C:\Windows\System32\svchost.exe C:\Windows\System32\SLsvc.exe C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\System32\ZoneLabs\vsmon.exe C:\Windows\System32\Ati2evxx.exe C:\Windows\System32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Windows\System32\svchost.exe C:\Windows\System32\taskeng.exe C:\Windows\System32\dwm.exe C:\Windows\explorer.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Tobit ClipInc\Player\ClipIncTray.exe C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Logitech\QuickCam\Quickcam.exe C:\Program Files\Common Files\logishrd\LComMgr\Communications_Helper.exe C:\Program Files\Spyware Doctor\pctsTray.exe C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe C:\Program Files\Vidalia Bundle\Privoxy\privoxy.exe C:\AMD\ATI.ACE\Core-Static\MOM.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\OpenOffice.org 2.3\program\soffice.exe C:\Program Files\OpenOffice.org 2.3\program\soffice.bin C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Tobit ClipInc\Server\ClipInc-Server.exe C:\AMD\ATI.ACE\Core-Static\CCC.exe C:\Program Files\Vidalia Bundle\Tor\tor.exe C:\Program Files\Tobit ClipInc\Server\ClipInc-Server.exe C:\Program Files\Tobit ClipInc\Server\ClipInc-Server.exe C:\Program Files\Common Files\logishrd\LVCOMSER\LVComSer.exe C:\Windows\System32\svchost.exe C:\Program Files\Common Files\logishrd\LVCOMSER\LVComSer.exe C:\Program Files\Spyware Doctor\pctsAuxs.exe C:\Program Files\Spyware Doctor\pctsSvc.exe C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\System32\SearchIndexer.exe C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe C:\Windows\System32\taskeng.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\iPod\bin\iPodService.exe C:\Windows\System32\svchost.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Common Files\logishrd\LQCVFX\COCIManager.exe C:\Users\user\Desktop\dss.exe C:\Windows\System32\conime.exe C:\Users\user\Desktop\user.exe C:\Windows\System32\wbem\WmiPrvSE.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [Skytel] Skytel.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [ClipIncSrvTray] "C:\Program Files\Tobit ClipInc\Player\ClipIncTray.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe" O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe" O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe" O4 - HKLM\..\Run: [AVP] "C:\Users\Public\Desktop\Kaspersky Lab Tool\setup_7.0.0.180_18.02.2008_17-09.exe" O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [StartCCC] C:\AMD\ATI.ACE\Core-Static\CLIStart.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [Vidalia] "C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe" O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ\ICQ6\ICQ.exe" silent O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'NETWORK SERVICE') O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Privoxy.lnk = C:\Program Files\Vidalia Bundle\Privoxy\privoxy.exe O8 - Extra context menu item: Diese Seite in Firefox öffnen - file://C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\libd8q4g.default\extensions\{5D558C43-550F-4b12-84AB-0D8ABDA9F975}\firefoxviewpage.html O8 - Extra context menu item: Link-Ziel in Firefox öffnen - file://C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\libd8q4g.default\extensions\{5D558C43-550F-4b12-84AB-0D8ABDA9F975}\firefoxviewlink.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ\ICQ6\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ\ICQ6\ICQ.exe O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () - http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\System32\Ati2evxx.exe O23 - Service: ClipInc 001 (ClipInc001) - Unknown owner - C:\Program Files\Tobit ClipInc\Server\ClipInc-Server.exe O23 - Service: ClipInc 002 (ClipInc002) - Unknown owner - C:\Program Files\Tobit ClipInc\Server\ClipInc-Server.exe O23 - Service: ClipInc 003 (ClipInc003) - Unknown owner - C:\Program Files\Tobit ClipInc\Server\ClipInc-Server.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender S.R.L. - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\logishrd\LVCOMSER\LVComSer.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\logishrd\SrvLnch\SrvLnch.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe O23 - Service: setup_7.0.0.180_18.02.2008_17-09 - Unknown owner - C:\Users\Public\Desktop\Kaspersky Lab Tool\setup_7.0.0.180_18.02.2008_17-09.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe -- End of file - 12476 bytes -- Files created between 2008-01-20 and 2008-02-20 ----------------------------- 2008-02-19 14:18:40 0 d-------- C:\Program Files\Trend Micro 2008-02-17 21:35:34 68096 --a------ C:\Windows\system32\zip.exe 2008-02-17 21:35:34 98816 --a------ C:\Windows\system32\sed.exe 2008-02-17 21:35:34 80412 --a------ C:\Windows\system32\grep.exe 2008-02-17 21:35:34 73728 --a------ C:\Windows\system32\fdsv.exe <Not Verified; Smallfrogs Studio; > 2008-02-17 13:22:18 81984 --a------ C:\Windows\system32\bdod.bin 2008-02-17 13:16:32 0 d-------- C:\Users\All Users\BitDefender 2008-02-17 13:16:32 0 d-------- C:\Program Files\BitDefender 2008-02-17 13:15:01 0 d-------- C:\Program Files\Common Files\BitDefender 2008-02-16 20:39:52 0 d-a------ C:\Users\All Users\TEMP 2008-02-16 20:39:41 0 d-------- C:\Program Files\Spyware Doctor 2008-01-28 17:06:30 0 d-------- C:\Users\All Users\Pinnacle VideoSpin 2008-01-28 17:03:44 0 d-------- C:\Users\All Users\VideoSpin 2008-01-28 17:03:44 0 d-------- C:\Program Files\Pinnacle 2008-01-28 17:03:44 0 d-------- C:\Program Files\Common Files\Yahoo! 2008-01-28 17:01:31 0 d-------- C:\Users\All Users\Pinnacle -- Find3M Report --------------------------------------------------------------- 2008-02-20 14:53:38 0 d-------- C:\Users\user\AppData\Roaming\tor 2008-02-20 14:53:21 0 d-------- C:\Users\user\AppData\Roaming\OpenOffice.org2 2008-02-20 14:53:12 0 d-------- C:\Users\user\AppData\Roaming\Vidalia 2008-02-20 14:25:01 641106 --a------ C:\Windows\system32\perfh007.dat 2008-02-20 14:25:01 116500 --a------ C:\Windows\system32\perfc007.dat 2008-02-17 13:18:26 0 d-------- C:\Users\user\AppData\Roaming\BitDefender 2008-02-17 13:15:01 0 d-------- C:\Program Files\Common Files 2008-02-16 20:39:41 0 d-------- C:\Users\user\AppData\Roaming\PC Tools 2008-02-11 19:33:21 0 d-------- C:\Users\user\AppData\Roaming\Skype 2008-02-11 18:39:32 0 d-------- C:\Users\user\AppData\Roaming\skypePM 2008-01-18 14:43:57 0 d-------- C:\Program Files\iTunes 2008-01-18 14:43:50 0 d-------- C:\Program Files\iPod 2008-01-18 14:43:10 0 d-------- C:\Program Files\QuickTime 2008-01-16 14:33:04 0 d-------- C:\Users\user\AppData\Roaming\Adobe 2008-01-12 16:27:19 0 d-------- C:\Program Files\Java 2008-01-12 16:25:56 0 d-------- C:\Program Files\Common Files\Java 2008-01-09 20:04:18 0 d-------- C:\Program Files\Windows Mail 2008-01-09 14:44:06 0 d-------- C:\Program Files\Windows Sidebar 2008-01-08 16:40:54 0 d-------- C:\Program Files\Wise Registry Cleaner 2008-01-08 14:26:07 0 d-------- C:\Program Files\Vidalia Bundle 2008-01-08 14:17:47 0 d-------- C:\Program Files\SpeedFan 2008-01-07 19:14:48 0 d-------- C:\Program Files\CCleaner 2008-01-05 19:46:02 0 d-------- C:\Users\user\AppData\Roaming\XnView 2008-01-04 12:31:13 0 d-------- C:\Program Files\Common Files\Adobe 2007-12-26 18:30:10 0 d-------- C:\Program Files\Transcribe 2007-12-22 22:07:27 0 d-------- C:\Users\user\AppData\Roaming\gtk-2.0 2007-12-22 21:57:21 0 d-------- C:\Program Files\GIMP-2.0 2007-12-22 18:30:48 0 --a------ C:\Windows\nsreg.dat 2007-12-21 15:35:29 0 d-------- C:\Program Files\Tobit ClipInc 2007-12-06 17:39:21 4054239 --a------ C:\Users\user\AppData\Roaming\UserTile.png 2007-11-27 16:46:24 77824 --a------ C:\Windows\system32\xcomm.dll <Not Verified; BitDefender; BitDefender Communicator> 2007-11-25 10:46:30 0 -rahs---- C:\MSDOS.SYS 2007-11-25 10:46:30 0 -rahs---- C:\IO.SYS 2007-11-20 16:36:04 174 --ahs---- C:\Program Files\desktop.ini -- Registry Dump --------------------------------------------------------------- *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [20.11.2007 16:29] "RtHDVCpl"="RtHDVCpl.exe" [28.05.2007 09:29 C:\Windows\RtHDVCpl.exe] "Skytel"="Skytel.exe" [28.05.2007 13:39 C:\Windows\SkyTel.exe] "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [20.11.2007 21:34] "ClipIncSrvTray"="C:\Program Files\Tobit ClipInc\Player\ClipIncTray.exe" [24.10.2007 15:05] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [11.05.2007 03:06] "ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [28.06.2007 05:17] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [25.09.2007 01:11] "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [10.01.2008 15:27] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [15.01.2008 03:22] "LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam\Quickcam.exe" [25.10.2007 16:37] "LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [25.10.2007 16:33] "ISTray"="C:\Program Files\Spyware Doctor\pctsTray.exe" [10.12.2007 14:53] "BitDefender Antiphishing Helper"="C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe" [09.10.2007 15:46] "BDAgent"="C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe" [16.11.2007 16:37] "AVP"="C:\Users\Public\Desktop\Kaspersky Lab Tool\setup_7.0.0.180_18.02.2008_17-09.exe" [] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [09.01.2008 14:43] "StartCCC"="C:\AMD\ATI.ACE\Core-Static\CLIStart.exe" [10.11.2006 12:35] "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [18.10.2007 11:34] "ehTray.exe"="C:\Windows\ehome\ehTray.exe" [02.11.2006 13:35] "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [02.11.2006 13:36] "Vidalia"="C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe" [26.08.2007 07:02] "ICQ"="C:\Program Files\ICQ\ICQ6\ICQ.exe" [11.10.2007 14:43] C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OpenOffice.org 2.3.lnk - C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe [17.08.2007 22:57:56] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [30.11.2007 14:16:53] Privoxy.lnk - C:\Program Files\Vidalia Bundle\Privoxy\privoxy.exe [20.11.2006 15:30:54] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"=2 (0x2) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] @="Volume shadow copy" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] @="IEEE 1394 Bus host controllers" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] @="SBP2 IEEE 1394 Devices" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] @="SecurityDevices" [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalSystemNetworkRestricted hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc EMDMgmt TabletInputService wlansvc WPDBusEnum bdx scan [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] C:\Windows\system32\unregmp2.exe /ShowWMP [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] %SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI -- End of Deckard's System Scanner: finished at 2008-02-20 14:58:00 ------------ |
|
|
||
21.02.2008, 00:15
Ehrenmitglied
Beiträge: 1441 |
#19
es fehlt das 2.Log ...nur dort kann ich sehen, wie es mit der Hosts bestellt ist.
__________ Gruss Pinguin bin dabei, meine Seite + Proggies zu aktualisieren: http://www.virus-protect.org/ |
|
|
||
21.02.2008, 15:20
Member
Themenstarter Beiträge: 13 |
#20
also wenn ich comboscan laufen lassen öffnen sich danach zwei fenster mit jeweils einem log und diese 2 hab ich hier gepostet
Deckard's System Scanner v20071014.68 Run by user on 2008-02-20 14:55:45 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- HijackThis (run as user.exe) ------------------------------------------------ Unable to find log (file not found); running clone. -- HijackThis Clone ------------------------------------------------------------ Emulating logfile of Trend Micro HijackThis v2.0.2 Scan saved at 2008-02-20 14:57:00 Platform: Windows Vista (6.00.6000) MSIE: Internet Explorer (7.00.6000.16386) Boot mode: Normal da fängt im obigen beitrag der 2 log an! falls es hilft hier hab ich noch einen log --------------------------------------------------------- AVG Anti-Spyware - Scan-Bericht --------------------------------------------------------- + Erstellt um: 16:47:25 21.02.2008 + Scan-Ergebnis: C:\Users\Besucher\AppData\Roaming\Microsoft\Windows\Cookies\Low\ulrike@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Gesäubert. :mozilla.9:C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\libd8q4g.default\cookies.txt -> TrackingCookie.71i : Gesäubert. C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\user@adicqserver.71i[1].txt -> TrackingCookie.71i : Gesäubert. C:\Users\Besucher\AppData\Roaming\Microsoft\Windows\Cookies\Low\ulrike@doubleclick[1].txt -> TrackingCookie.Doubleclick : Gesäubert. :mozilla.101:C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\libd8q4g.default\cookies.txt -> TrackingCookie.Googleadservices : Gesäubert. :mozilla.102:C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\libd8q4g.default\cookies.txt -> TrackingCookie.Googleadservices : Gesäubert. :mozilla.111:C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\libd8q4g.default\cookies.txt -> TrackingCookie.Googleadservices : Gesäubert. :mozilla.99:C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\libd8q4g.default\cookies.txt -> TrackingCookie.Googleadservices : Gesäubert. :mozilla.8:C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\libd8q4g.default\cookies.txt -> TrackingCookie.Ivwbox : Gesäubert. C:\Users\Besucher\AppData\Roaming\Microsoft\Windows\Cookies\Low\ulrike@ivwbox[1].txt -> TrackingCookie.Ivwbox : Gesäubert. :mozilla.25:C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\libd8q4g.default\cookies.txt -> TrackingCookie.Netflame : Gesäubert. C:\Users\Besucher\AppData\Roaming\Microsoft\Windows\Cookies\Low\ulrike@site.skype[1].txt -> TrackingCookie.Skype : Gesäubert. C:\Users\Besucher\AppData\Roaming\Microsoft\Windows\Cookies\Low\ulrike@skype[1].txt -> TrackingCookie.Skype : Gesäubert. :mozilla.76:C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\libd8q4g.default\cookies.txt -> TrackingCookie.Tfag : Gesäubert. :mozilla.77:C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\libd8q4g.default\cookies.txt -> TrackingCookie.Tfag : Gesäubert. C:\Users\Besucher\AppData\Roaming\Microsoft\Windows\Cookies\Low\ulrike@m.webtrends[2].txt -> TrackingCookie.Webtrends : Gesäubert. ::Berichtende Dieser Beitrag wurde am 21.02.2008 um 16:48 Uhr von cc1 editiert.
|
|
|
||
22.02.2008, 01:03
Ehrenmitglied
Beiträge: 1441 |
#21
scanne mit counterspy, lasse alles entfernen, was gefunden wird + poste hier den scanreport
http://virus-protect.org/counterspy1.html __________ Gruss Pinguin bin dabei, meine Seite + Proggies zu aktualisieren: http://www.virus-protect.org/ |
|
|
||
22.02.2008, 15:58
Member
Themenstarter Beiträge: 13 |
#22
Scan History Details
Start Date: 22.02.2008 15:11:05 End Date: 22.02.2008 15:56:02 Total Time: 44 Min 57 Sec Detected security risks KaZaA P2P Program more information... Details: KaZaA is a peer-to-peer (P2P) application that allows its users to join together in a network via the Internet and share files from each other's hard drives. Status: Deleted Registry entries detected HKEY_USERS\S-1-5-21-1142793588-2157804360-3538953708-1000\SOFTWARE\KAZAA HKEY_USERS\S-1-5-21-1142793588-2157804360-3538953708-1000\SOFTWARE\KAZAA\LocalContent Bifrost Backdoor more information... Details: Bifrost is an advanced remote administration tool that allows users to remotely control computers that are behind firewalls and routers. Status: Deleted Registry entries detected HKEY_USERS\S-1-5-21-1142793588-2157804360-3538953708-1000\SOFTWARE\WGET also der trojan.generic wird von spyware doctor nicht mehr gefunden allerdings immer noch der trojan.pws tanspy was kann ich gegen den noch machen? Dieser Beitrag wurde am 22.02.2008 um 16:15 Uhr von cc1 editiert.
|
|
|
||
22.02.2008, 16:51
Ehrenmitglied
Beiträge: 6028 |
#23
Tag,cc1
Zitat Registry entries detectedund Zitat Registry entries detectedsind beide von ComboFix spyware doctor Zitat trojan.pws tanspyist eine "False positive"es findet etwas was gar nicht da ist,es meint damit "kauf mich" __________ MfG Argus |
|
|
||
22.02.2008, 18:35
Member
Themenstarter Beiträge: 13 |
#24
ah ok das ist eine gute nachricht sind die trojaner jetzt alle behoben und muss ich jetzt noch etwas dagegen unternehmen? (werde alle passwörter ändern)
manchmal wenn ich den pc herunterfahren will, passiert nichts und manche programme können nicht geöffnet werden mit einer fehlermeldung hängt dass mit den trojanern zusammen? außerdem habe ich die ganzen Programme wieder gelöscht. ist das ok? Dieser Beitrag wurde am 24.02.2008 um 11:12 Uhr von cc1 editiert.
|
|
|
||
03.03.2008, 12:29
Member
Themenstarter Beiträge: 13 |
#25
ich habe nur noch eine Frage es wird ja oft geschrieben, dass der PC nach einem Trojaner neu aufgesetzt werden sollte ( formatieren, neu installieren...), muss ich das jetzt auch machen oder kann ich mir sicher sien, dass alles entfernt wurde?
|
|
|
||
und bei dr.web wurde nichts gefunden