Google Umleitungen/Redirects bei SuchergebnissenThema ist geschlossen! |
||
---|---|---|
Thema ist geschlossen! |
||
#0
| ||
09.02.2009, 21:25
Member
Beiträge: 3716 |
||
|
||
09.02.2009, 22:37
Member
Themenstarter Beiträge: 56 |
#17
127.0.0.1 localhost
|
|
|
||
10.02.2009, 06:36
Ehrenmitglied
Beiträge: 6028 |
||
|
||
10.02.2009, 13:49
Member
Themenstarter Beiträge: 56 |
#19
GooredFix v1.83 by jpshortstuff
Log created at 13:48 on 10/02/2009 running Option #1 (Joe) Firefox version 3.0.6 (de) =====Suspect Goored Entries===== =====Dumping Registry Values===== [HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Firefox 3.0.6\extensions] "Plugins"="C:\Programme\Mozilla Firefox\plugins" [HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Firefox 3.0.6\extensions] "Components"="C:\Programme\Mozilla Firefox\components" [HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\extensions] "jqs@sun.com"="C:\Programme\Java\jre6\lib\deploy\jqs\ff" |
|
|
||
10.02.2009, 14:24
Moderator
Beiträge: 5694 |
#20
>>
Lade bitte SDfix, wende es im abgesicherten Modus an + poste hier den Report, der nach Neustart erscheint http://virus-protect.org/artikel/tools/sdfix.html >> Den folgenden Text in den Editor (Start - Zubehör - Editor) kopieren und als listen.bat mit 'Speichern unter' auf dem Desktop. Gebe bei Dateityp 'Alle Dateien' an. Du solltest jetzt auf dem Desktop diese Datei finden. --> die listen.bat doppelt klicken --> kopiere den Text, der erscheint Zitat cd\Gruss Swiss |
|
|
||
10.02.2009, 16:25
Member
Themenstarter Beiträge: 56 |
#21
SDfix Report
SDFix: Version 1.240 Run by Joe on 2009-02-10 at 15:40 Microsoft Windows XP [Version 5.1.2600] Running From: C:\SDFix Checking Services : Restoring Default Security Values Restoring Default Hosts File Rebooting Checking Files : No Trojan Files Found Removing Temp Files ADS Check : Final Check : catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-02-10 15:51:07 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden services & system hive ... [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "p0"="C:\Programme\DAEMON Tools\" "h0"=dword:00000000 "khjeh"=hex:98,24,b9,14,50,e4,0f,62,ea,b1,25,05,6b,5a,9a,d3,4e,d5,08,87,b1,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001] "a0"=hex:20,01,00,00,b1,be,80,9d,fe,07,7c,3a,91,93,a2,c0,ef,4a,8c,89,17,.. "khjeh"=hex:8d,ad,cf,78,b8,dc,0a,92,a0,1d,3e,78,f4,8d,09,e5,61,9a,20,f3,68,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40] "khjeh"=hex:c7,11,d9,ac,37,b0,bb,ed,e4,46,8a,90,63,d7,79,5e,c6,e1,2e,4c,00,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41] "khjeh"=hex:56,e2,bf,90,cc,6a,8f,eb,f7,61,55,ad,04,62,71,8d,59,e6,ec,7b,7b,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "p0"="C:\Programme\DAEMON Tools\" "h0"=dword:00000000 "khjeh"=hex:98,24,b9,14,50,e4,0f,62,ea,b1,25,05,6b,5a,9a,d3,4e,d5,08,87,b1,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001] "a0"=hex:20,01,00,00,b1,be,80,9d,fe,07,7c,3a,91,93,a2,c0,ef,4a,8c,89,17,.. "khjeh"=hex:8d,ad,cf,78,b8,dc,0a,92,a0,1d,3e,78,f4,8d,09,e5,61,9a,20,f3,68,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40] "khjeh"=hex:6a,dd,f4,51,7d,31,08,8f,4d,26,26,79,a3,3f,4f,57,e9,5f,2b,f5,4a,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41] "khjeh"=hex:23,ff,ea,eb,86,af,d9,3b,65,dd,58,e3,b3,5b,46,70,dc,31,b5,88,44,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "p0"="C:\Programme\DAEMON Tools\" "h0"=dword:00000000 "khjeh"=hex:98,24,b9,14,50,e4,0f,62,ea,b1,25,05,6b,5a,9a,d3,4e,d5,08,87,b1,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001] "a0"=hex:20,01,00,00,b1,be,80,9d,fe,07,7c,3a,91,93,a2,c0,ef,4a,8c,89,17,.. "khjeh"=hex:8d,ad,cf,78,b8,dc,0a,92,a0,1d,3e,78,f4,8d,09,e5,61,9a,20,f3,68,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40] "khjeh"=hex:6a,dd,f4,51,7d,31,08,8f,4d,26,26,79,a3,3f,4f,57,e9,5f,2b,f5,4a,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41] "khjeh"=hex:23,ff,ea,eb,86,af,d9,3b,65,dd,58,e3,b3,5b,46,70,dc,31,b5,88,44,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "p0"="C:\Programme\DAEMON Tools\" "h0"=dword:00000000 "khjeh"=hex:98,24,b9,14,50,e4,0f,62,ea,b1,25,05,6b,5a,9a,d3,4e,d5,08,87,b1,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001] "a0"=hex:20,01,00,00,b1,be,80,9d,fe,07,7c,3a,91,93,a2,c0,ef,4a,8c,89,17,.. "khjeh"=hex:8d,ad,cf,78,b8,dc,0a,92,a0,1d,3e,78,f4,8d,09,e5,61,9a,20,f3,68,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40] "khjeh"=hex:41,1e,52,9c,cb,41,92,4f,55,e4,50,34,f8,c0,29,b2,f6,47,ee,de,d2,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41] "khjeh"=hex:23,ff,ea,eb,86,af,d9,3b,65,dd,58,e3,b3,5b,46,70,dc,31,b5,88,44,.. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg] "s1"=dword:921de877 "s2"=dword:3e48ae2e "h0"=dword:00000001 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "p0"="C:\Programme\DAEMON Tools\" "h0"=dword:00000000 "khjeh"=hex:98,24,b9,14,50,e4,0f,62,ea,b1,25,05,6b,5a,9a,d3,4e,d5,08,87,b1,.. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001] "a0"=hex:20,01,00,00,b1,be,80,9d,fe,07,7c,3a,91,93,a2,c0,ef,4a,8c,89,17,.. "khjeh"=hex:8d,ad,cf,78,b8,dc,0a,92,a0,1d,3e,78,f4,8d,09,e5,61,9a,20,f3,68,.. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40] "khjeh"=hex:0b,f7,71,05,2c,76,c6,5c,05,bb,26,84,70,85,38,d5,25,c6,9c,88,9a,.. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41] "khjeh"=hex:79,af,bd,ab,34,f0,be,c3,72,95,c7,5f,47,62,4c,d2,78,f2,b4,83,94,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "p0"="C:\Programme\DAEMON Tools\" "h0"=dword:00000000 "khjeh"=hex:98,24,b9,14,50,e4,0f,62,ea,b1,25,05,6b,5a,9a,d3,4e,d5,08,87,b1,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001] "a0"=hex:20,01,00,00,b1,be,80,9d,fe,07,7c,3a,91,93,a2,c0,ef,4a,8c,89,17,.. "khjeh"=hex:8d,ad,cf,78,b8,dc,0a,92,a0,1d,3e,78,f4,8d,09,e5,61,9a,20,f3,68,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40] "khjeh"=hex:0b,f7,71,05,2c,76,c6,5c,05,bb,26,84,70,85,38,d5,25,c6,9c,88,9a,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41] "khjeh"=hex:79,af,bd,ab,34,f0,be,c3,72,95,c7,5f,47,62,4c,d2,78,f2,b4,83,94,.. scanning hidden registry entries ... [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System] "OODEFRAG10.00.00.01WORKSTATION"="9294A786264525D4F8E1313F06756300D3052441FEC31538E" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E9F81423-211E-46B6-9AE0-38568BC5CF6F}] "DisplayName"="Alcohol 120%" scanning hidden files ... scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 0 Remaining Services : Authorized Application Key Export: [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Programme\\ICQLite\\ICQLite.exe"="C:\\Programme\\ICQLite\\ICQLite.exe:*:Enabled:ICQ Lite" "C:\\Programme\\Steam\\steam.exe"="C:\\Programme\\Steam\\steam.exe:*:Enabled:Steam" "C:\\Programme\\Bonjour\\mDNSResponder.exe"="C:\\Programme\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour" "C:\\WINDOWS\\system32\\PnkBstrA.exe"="C:\\WINDOWS\\system32\\PnkBstrA.exe:*:EnablednkBstrA" "C:\\WINDOWS\\system32\\PnkBstrB.exe"="C:\\WINDOWS\\system32\\PnkBstrB.exe:*:EnablednkBstrB" "C:\\Programme\\Call of Duty - World at War\\CoDWaWmp.exe"="C:\\Programme\\Call of Duty - World at War\\CoDWaWmp.exe:*:Enabled:Call of Duty(R) - World at War(TM)" "C:\\Programme\\Call of Duty - World at War\\CoDWaW.exe"="C:\\Programme\\Call of Duty - World at War\\CoDWaW.exe:*:Enabled:Call of Duty(R) - World at War(TM)" "C:\\Programme\\Skype\\Phone\\Skype.exe"="C:\\Programme\\Skype\\Phone\\Skype.exe:*:Enabled:Skype" "C:\\Programme\\Spamihilator\\cdcc.exe"="C:\\Programme\\Spamihilator\\cdcc.exe:*:Enabled:Spamihilator DCC Filter Configuration" "C:\\Programme\\Spamihilator\\dccproc.exe"="C:\\Programme\\Spamihilator\\dccproc.exe:*:Enabled:Spamihilator DCC Filter" "C:\\Programme\\Spamihilator\\spamihilator.exe"="C:\\Programme\\Spamihilator\\spamihilator.exe:*:Enabled:Spamihilator" "C:\\Programme\\NewsBin\\nbpro.exe"="C:\\Programme\\NewsBin\\nbpro.exe:*:Enabled:NewsBin Pro" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" Remaining Files : Files with Hidden Attributes : Thu 13 Dec 2007 24 ..SH. --- "C:\WINDOWS\S86EDA54D.tmp" Wed 22 Oct 2008 949,072 A.SHR --- "C:\Programme\Spybot - Search & Destroy\advcheck.dll" Mon 15 Sep 2008 1,562,960 A.SHR --- "C:\Programme\Spybot - Search & Destroy\SDHelper.dll" Wed 30 Jul 2008 1,429,840 A.SHR --- "C:\Programme\Spybot - Search & Destroy\SDUpdate.exe" Wed 30 Jul 2008 4,891,984 A.SHR --- "C:\Programme\Spybot - Search & Destroy\SpybotSD.exe" Tue 16 Sep 2008 1,833,296 A.SHR --- "C:\Programme\Spybot - Search & Destroy\TeaTimer.exe" Wed 22 Oct 2008 962,896 A.SHR --- "C:\Programme\Spybot - Search & Destroy\Tools.dll" Sun 8 Feb 2009 2,828 A.SH. --- "C:\WINDOWS\system32\KGyGaAvL.sys" Thu 22 Jan 2009 0 A.SH. --- "C:\Dokumente und Einstellungen\All Users\DRM\Cache\Indiv01.tmp" Fri 7 Sep 2007 7,185 A..HR --- "C:\Dokumente und Einstellungen\Joe\Anwendungsdaten\SecuROM\UserData\securom_v7_01.bak" Mon 9 Jan 2006 237,568 A.SH. --- "C:\250GB\Abizeitung\Abizeitung 2006\Fotos\Julia\Julia\Fotos Julia\M„dels Kochen,Omas Geb., Candlelight dinner\SIV3.tmp" Finished! listen.bat Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 0C1C-FE8B Verzeichnis von C:\Programme 2009-02-09 01:07 <DIR> . 2009-02-09 01:07 <DIR> .. 2008-03-03 13:37 <DIR> Activision 2007-10-13 13:55 <DIR> Adobe 2007-09-10 11:42 <DIR> Alcohol Soft 2007-08-15 10:55 <DIR> Analog Devices 2008-11-05 13:23 <DIR> Anno 1701 2008-12-29 13:35 <DIR> Apple Software Update 2007-08-09 16:03 <DIR> ATI 2007-12-22 11:13 <DIR> BioShock 2007-10-13 13:50 <DIR> Bonjour 2008-12-28 01:06 <DIR> Call of Duty - World at War 2007-09-27 13:14 <DIR> Canon 2009-02-04 20:34 <DIR> CCleaner 2007-08-09 15:33 <DIR> ComPlus Applications 2008-02-21 07:56 <DIR> CopyTo 2007-08-13 15:54 <DIR> Corel 2008-11-17 13:00 <DIR> COWON 2009-01-22 22:32 <DIR> Creative Installation Information 2007-08-28 00:59 <DIR> DAEMON Tools 2007-08-27 16:29 <DIR> dBpoweramp 2008-01-04 16:53 <DIR> directx 2007-10-18 20:53 <DIR> DivX 2008-02-19 18:15 <DIR> East-Tec Eraser 2008 2009-01-03 12:32 <DIR> ElsterFormular 2009-02-03 17:20 <DIR> EsetOnlineScanner 2009-02-10 16:00 <DIR> F-Secure Internet Security 2007-09-28 17:44 <DIR> FDRTools 2007-09-21 20:41 <DIR> FlashGet 2007-08-13 01:54 <DIR> FLVPlayer 2008-01-09 21:37 <DIR> FoxBurnerPlugin 2008-07-30 08:09 <DIR> Foxit Software 2008-08-22 19:24 <DIR> Free Download Manager 2009-02-09 17:21 <DIR> Gamers.IRC 2009-02-09 16:01 <DIR> Gemeinsame Dateien 2007-10-31 15:17 <DIR> Ghostgum 2007-10-31 15:16 <DIR> Ghostscript 2007-12-08 13:06 <DIR> Google 2008-02-06 00:33 <DIR> Guitar Pro 5 2009-02-09 16:42 <DIR> HijackThis 2007-11-25 15:11 <DIR> Hitman Blood Money 2007-09-25 15:17 <DIR> HLSW 2007-09-19 13:39 <DIR> Icemat Siberia USB Soundcard 2008-01-11 15:58 <DIR> ICQLite 2007-08-30 14:48 <DIR> IMSIDesign 2007-08-17 14:20 <DIR> Internet Explorer 2008-12-04 09:40 <DIR> Java 2009-01-17 22:05 <DIR> JetAudio 2007-09-04 22:06 <DIR> jv16 PowerTools 2007 2009-01-25 23:23 <DIR> JägerprüfungNI 2008-05-31 15:31 <DIR> Kalenderchen 2008-01-11 13:47 <DIR> Learning Essentials 2007-08-14 13:06 <DIR> Logitech 2008-01-09 21:37 <DIR> Machinist2DLL 2007-09-12 11:31 <DIR> MagicISO 2009-01-29 16:38 <DIR> Malwarebytes' Anti-Malware 2007-08-09 16:01 <DIR> Marvell 2008-12-16 20:39 <DIR> MediaMonkey 2007-08-09 15:47 <DIR> Messenger 2008-01-11 13:49 <DIR> Microsoft Encarta 2009-02-01 15:45 <DIR> microsoft frontpage 2008-01-11 13:48 <DIR> Microsoft Lernen und Wissen 2008-02-20 19:31 <DIR> Microsoft Office 2007-10-17 20:43 <DIR> Microsoft.NET 2007-10-31 15:11 <DIR> MiKTeX 2.5 2007-08-09 15:34 <DIR> Movie Maker 2009-02-10 16:22 <DIR> Mozilla Firefox 2009-02-10 14:33 <DIR> Mozilla Thunderbird 2007-08-09 15:40 <DIR> MSBuild 2008-02-20 19:31 <DIR> MSECache 2007-08-09 15:32 <DIR> MSN 2007-08-09 15:33 <DIR> MSN Gaming Zone 2007-08-14 10:55 <DIR> Nero 2007-11-18 16:40 <DIR> NETGEAR 2007-08-09 15:35 <DIR> NetMeeting 2009-01-28 20:34 <DIR> NewsBin 2007-08-09 15:33 <DIR> Online Services 2008-01-13 10:35 <DIR> Online-Dienste 2007-11-16 11:05 <DIR> OO Software 2007-09-17 22:21 <DIR> OpenOffice.org 2.3 2007-08-09 15:35 <DIR> Outlook Express 2009-02-03 10:42 <DIR> Panda Security 2007-09-12 11:07 <DIR> PowerStrip 2008-12-14 21:11 <DIR> QIP 2008-12-29 13:38 <DIR> QuickTime 2008-01-27 22:19 <DIR> Real 2007-08-09 15:38 <DIR> Reference Assemblies 2008-01-04 16:53 <DIR> Rockstar Games 2008-01-24 18:27 <DIR> Saal Digital 2008-10-05 09:56 <DIR> Sam And Max Season One Collection Pack 2007-12-01 21:28 <DIR> seRapid 2008-01-09 21:37 <DIR> ShrinkTo5 2008-02-04 07:36 <DIR> Skype 2007-12-13 15:56 <DIR> SlySoft 2007-11-18 15:07 <DIR> SmartCode Solutions 2008-01-08 23:51 <DIR> SoundSpectrum 2009-02-10 15:59 <DIR> Spamihilator 2008-10-06 10:50 <DIR> SPORE 2009-01-03 20:42 <DIR> Spybot - Search & Destroy 2009-01-02 21:51 <DIR> Steam 2009-02-03 15:38 <DIR> SUPERAntiSpyware 2008-07-11 10:46 <DIR> Surfino Newsreader 2007-11-02 13:04 <DIR> Synchronizer 2009-02-09 11:40 <DIR> TELL ME MORE NV 2007-10-31 15:15 <DIR> TeXnicCenter 2009-02-09 11:40 <DIR> The Rosetta Stone 2008-12-17 10:22 <DIR> Tipp10 2008-02-04 11:15 <DIR> TippKönigin Demo 2008-02-18 13:41 <DIR> TrueCrypt 2009-01-26 08:35 <DIR> TuneUp Utilities 2009 2008-05-23 18:36 <DIR> Valve 2008-02-20 20:27 <DIR> Ventrilo 2007-08-09 16:18 <DIR> VentriloMIX 2007-08-09 15:49 <DIR> VideoLAN 2007-08-21 12:04 <DIR> VMNetSrv 2007-11-18 15:07 <DIR> VNC Manager 2008-05-06 16:56 <DIR> Vokabel Master 2007-08-09 15:33 <DIR> Windows Media Connect 2 2009-02-09 01:07 <DIR> Windows Media Player 2007-08-09 15:33 <DIR> Windows NT 2008-08-23 11:46 <DIR> WinRAR 2008-10-06 10:51 <DIR> XAC 2009-02-01 15:45 <DIR> xerox 2007-08-09 15:53 <DIR> XP Codec Pack 2007-08-09 15:45 <DIR> xp-AntiSpy 0 Datei(en) 0 Bytes 125 Verzeichnis(se), 207,018,799,104 Bytes frei Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 0C1C-FE8B Verzeichnis von C:\Dokumente und Einstellungen\Joe\Lokale Einstellungen\Anwendungsdaten 2008-12-27 16:38 <DIR> Activision 2007-10-31 15:50 <DIR> Adobe 2008-02-19 17:48 <DIR> Ahead 2007-08-17 14:20 <DIR> Apple 2007-08-17 14:20 <DIR> Apple Computer 2007-12-16 13:55 <DIR> ashampoo 2007-12-16 14:09 <DIR> Ashampoo Movie Shrink & Burn 3 2007-09-01 21:25 <DIR> Codemasters 2008-08-03 07:19 <DIR> Cooliris 2009-02-09 16:26 115,712 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2008-12-29 14:38 <DIR> Deployment 2008-05-06 20:00 38,528 GDIPFONTCACHEV1.DAT 2007-12-08 13:06 <DIR> Google 2008-08-23 11:46 <DIR> Help 2007-08-09 15:57 <DIR> Identities 2007-11-18 15:13 <DIR> IsolatedStorage 2007-08-09 17:14 <DIR> Logitech 2009-02-08 16:20 <DIR> MediaMonkey 2007-10-31 15:12 <DIR> MiKTeX 2007-08-09 15:55 <DIR> Mozilla 2009-01-28 20:34 <DIR> NewsBin 2008-01-14 18:38 <DIR> Oblivion 2008-12-29 14:36 <DIR> RapidShare 2007-09-13 11:14 <DIR> Steam 2008-11-05 13:29 <DIR> Thunderbird 2007-08-09 15:50 <DIR> {3248F0A6-6813-11D6-A77B-00B0D0150060} 2 Datei(en) 154,240 Bytes 24 Verzeichnis(se), 207,018,799,104 Bytes frei Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 0C1C-FE8B Verzeichnis von C:\Dokumente und Einstellungen\Joe\Anwendungsdaten 2007-10-17 23:01 <DIR> AccurateRip 2009-02-05 23:07 <DIR> Adobe 2007-08-14 10:57 <DIR> Ahead 2008-02-19 17:54 <DIR> Apple Computer 2007-09-07 16:18 <DIR> Bioshock 2007-09-28 17:39 <DIR> Canon 2007-08-13 15:54 <DIR> Corel 2008-11-17 12:37 <DIR> COWON 2009-01-22 15:05 <DIR> Creative 2007-10-07 18:03 <DIR> dBpoweramp 2008-08-20 13:27 <DIR> dvdcss 2008-02-19 18:16 <DIR> EAST Technologies 2009-02-04 20:47 <DIR> F-Secure 2007-09-28 18:00 <DIR> fdrtools.com 2008-02-03 12:22 <DIR> FileMaker 2007-12-08 13:06 <DIR> Google 2008-08-23 11:46 <DIR> Help 2007-08-09 15:51 <DIR> ICQLite 2007-08-09 15:43 <DIR> Identities 2007-08-30 14:47 <DIR> IMSIDesign 2007-08-14 13:05 <DIR> InstallShield 2007-08-14 13:06 <DIR> Logitech 2007-08-09 16:02 <DIR> Macromedia 2009-01-25 23:49 <DIR> Mael 2009-01-29 16:38 <DIR> Malwarebytes 2008-11-05 13:29 <DIR> Mozilla 2008-02-03 12:22 <DIR> net.dacons.menucontrol 2009-02-03 10:20 <DIR> Newsbin 2007-08-24 17:16 <DIR> NewsLeecher 2008-07-04 18:37 <DIR> OpenOffice.org2 2008-08-29 23:39 <DIR> PlayFirst 2008-03-04 13:31 22,328 PnkBstrK.sys 2008-03-20 13:30 <DIR> Real 2009-01-03 21:05 <DIR> Skype 2009-01-03 21:05 <DIR> skypePM 2007-11-18 15:12 <DIR> Smart Code 2007-11-18 15:13 <DIR> SmartCode Solutions 2007-08-09 16:51 <DIR> SmartFTP 2007-08-21 12:28 <DIR> Steganos VPN 2007-08-20 16:11 <DIR> Sun 2009-02-03 15:38 <DIR> SUPERAntiSpyware.com 2007-12-22 14:37 <DIR> Synchronizer 2008-11-05 13:30 <DIR> Talkback 2008-04-03 21:49 <DIR> teamspeak2 2008-11-05 13:29 <DIR> Thunderbird 2008-02-04 11:41 <DIR> TippKönigin Demo 2008-02-21 07:31 <DIR> TrueCrypt 2007-08-21 16:11 <DIR> TuneUp Software 2007-10-14 20:01 <DIR> U3 2008-07-11 11:14 <DIR> uTorrent 2007-08-13 22:50 <DIR> Ventrilo 2007-08-10 17:07 <DIR> vlc 2009-01-29 21:07 <DIR> WebMoney 2007-08-09 17:09 <DIR> WinRAR 1 Datei(en) 22,328 Bytes 53 Verzeichnis(se), 207,018,795,008 Bytes frei Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 0C1C-FE8B Verzeichnis von C:\Dokumente und Einstellungen\All Users\Anwendungsdaten 2007-08-09 16:14 305 addr_file.html 2007-10-21 02:08 <DIR> Adobe 2007-10-13 13:54 <DIR> ALM 2008-12-29 13:35 <DIR> Apple 2008-12-29 13:38 <DIR> Apple Computer 2007-12-16 13:55 <DIR> ashampoo 2009-01-03 12:35 <DIR> ElsterFormular 2008-02-03 16:37 32 ezsid.dat 2009-02-03 10:19 <DIR> f-secure 2007-09-28 18:00 <DIR> fdrtools.com 2008-07-02 11:08 <DIR> FLEXnet 2009-02-03 10:18 <DIR> fssg 2007-08-13 15:54 <DIR> InstallShield 2009-02-09 17:32 <DIR> Kaspersky Lab 2007-08-14 13:06 <DIR> LogiShrd 2007-08-14 13:06 <DIR> Logitech 2009-01-29 16:38 <DIR> Malwarebytes 2007-10-31 15:12 <DIR> MiKTeX 2008-04-28 20:20 <DIR> MSScanAppDataDir 2007-08-14 10:55 <DIR> Nero 2009-01-17 19:41 <DIR> NewsBin 2008-08-29 23:39 <DIR> PlayFirst 2008-02-03 17:53 1,359 QTSBandwidthCache 2008-02-03 16:32 <DIR> Skype 2007-12-13 15:59 <DIR> SlySoft 2009-02-09 13:43 <DIR> Spybot - Search & Destroy 2009-02-03 15:38 <DIR> SUPERAntiSpyware.com 2009-02-03 15:14 <DIR> TEMP 2007-08-30 14:17 <DIR> Trymedia 2009-01-26 08:35 <DIR> TuneUp Software 3 Datei(en) 1,696 Bytes 27 Verzeichnis(se), 207,018,790,912 Bytes frei Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 0C1C-FE8B Verzeichnis von C:\Programme\Gemeinsame Dateien 2009-02-09 16:01 <DIR> . 2009-02-09 16:01 <DIR> .. 2007-10-20 22:06 <DIR> Adobe 2007-08-14 10:56 <DIR> Ahead 2008-12-29 13:38 <DIR> Apple 2007-08-13 15:54 <DIR> Corel 2008-11-17 12:37 <DIR> COWON 2007-10-17 20:43 <DIR> Designer 2007-08-09 15:35 <DIR> Dienste 2007-08-14 13:07 <DIR> InstallShield 2007-08-09 15:50 <DIR> Java 2008-07-30 22:18 <DIR> Logishrd 2008-07-30 22:18 <DIR> Logitech 2007-10-13 13:48 <DIR> Macrovision Shared 2008-02-20 19:31 <DIR> Microsoft Shared 2007-08-09 15:35 <DIR> MSSoap 2007-08-09 16:28 <DIR> ODBC 2008-01-27 22:19 <DIR> Real 2008-07-22 21:19 <DIR> Skype 2007-08-09 16:28 <DIR> SpeechEngines 2007-08-09 15:34 <DIR> System 2009-02-03 15:38 <DIR> Wise Installation Wizard 2008-01-27 22:19 <DIR> xing shared 0 Datei(en) 0 Bytes 23 Verzeichnis(se), 207,018,790,912 Bytes frei Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 0C1C-FE8B Verzeichnis von C:\Windows\tasks 2009-02-10 16:00 488 1-Klick-Wartung.job 1 Datei(en) 488 Bytes 0 Verzeichnis(se), 207,018,790,912 Bytes frei Dieser Beitrag wurde am 10.02.2009 um 16:34 Uhr von cakewalk editiert.
|
|
|
||
10.02.2009, 16:46
Member
Beiträge: 3716 |
#22
lösche sdfix:
lade: http://virus-protect.org/artikel/tools/systemscan.html hake an: Showing files newer than 60 days REGISTRY SCAN SCHEDULED JOBS LIST OF ALL SERVICES DRIVERS SVCHOST INSTANCES LOADED MODULES MASTER BOOT RECORD SUSPICIOUS FILES UNINSTALL LIST HIJACKTHIS LOG wenn file zu groß, dann bitte log teilen |
|
|
||
10.02.2009, 16:58
Member
Themenstarter Beiträge: 56 |
||
|
||
10.02.2009, 17:46
Member
Beiträge: 3716 |
#24
du kannst schon mal folgende dateien überprüfen:
C:\158508124794.kwm C:\WINDOWS\Setup1.exe C:\WINDOWS\system32\CF1862.exe http://www.virustotal.com/en/indexf.html nacheinander hier abkopieren, bei virus total einfügen, absenden klicken, abwarten bis status beendet steht, dann das ergebniss hier posten, fall meldung erscheint, datei bereits analysiert, klicke auf erneut analysieren |
|
|
||
10.02.2009, 18:24
Member
Themenstarter Beiträge: 56 |
#25
C:\158508124794.kwm
Ergebnis: 0/39 (0%) C:\WINDOWS\Setup1.exe Ergebnis: 0/39 (0%) C:\WINDOWS\system32\CF1862.exe Ergebnis: 0/39 (0%) |
|
|
||
10.02.2009, 18:29
Member
Beiträge: 3716 |
#26
C:\158508124794.kwm
und C:\WINDOWS\system32\CF1862.exe finde ich trotzdem komisch. packe sie mit winzip oder winrar versieh sie mit einem passwort infected sende sie an markusg@paules-pc-forum.de ich will sie mir näher ansehen. teile mir mit, wenn du sie zu mir geschickt hast. |
|
|
||
10.02.2009, 18:48
Member
Themenstarter Beiträge: 56 |
#27
Die gepackten Dateien sind per E-Mail raus.
|
|
|
||
10.02.2009, 18:54
Member
Beiträge: 3716 |
#28
dann heist es erst mal abwarten und tee trinken sorry...
|
|
|
||
10.02.2009, 18:59
Member
Beiträge: 3716 |
#29
http://support.f-secure.com/ger/home/ols.shtml
gesammten pc scannen funde löschen, vllt findet der was... |
|
|
||
10.02.2009, 19:14
Member
Themenstarter Beiträge: 56 |
#30
Kein Problem, schon mal an dieser Stelle vielen herzlichen Dank.
Ich werde mal scannen lassen. |
|
|
||
poste mir bitte den inhalt der hosts-datei