Wie bekomme ich den BOO/Sinowal.d weg?

#0
25.08.2009, 16:46
...neu hier

Beiträge: 5
#1 Hallo zusammen,

wie auf http://virus-protect.org/artikel/tools/mbr.html beschrieben ist, poste ich hier die Logfile... Ich bitte um Hilfe bekomme das Ding nicht weg....

Zitat

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.6 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK
malicious code @ sector 0x017499F03 !
PE file found in sector at 0x017499F19 !
Seitenanfang Seitenende
26.08.2009, 01:16
Moderator

Beiträge: 5694
#2 Hallo und soory für die verspätete Antwort ;)

Arbeite einmal den Link in meiner Signatur ab dann sehen wir was sich machen lässt, wobei zu erwähnen ist, dass ein infizierter MBR nicht so ideal ist. Falls Du Ebankin machst, dann unterlasse das vorerst.

Gruss Swiss
Seitenanfang Seitenende
26.08.2009, 13:20
...neu hier

Themenstarter

Beiträge: 5
#3 Danke für den Hinweis:

Malwarebytes Log

Zitat

Malwarebytes' Anti-Malware 1.40
Datenbank Version: 2693
Windows 5.1.2600 Service Pack 3

25.08.2009 17:21:51
mbam-log-2009-08-25 (17-21-51).txt

Scan-Methode: Quick-Scan
Durchsuchte Objekte: 108108
Laufzeit: 21 minute(s), 42 second(s)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 2
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 3

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_CLASSES_ROOT\urlsearchhook.toolbarurlsearchhook (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\urlsearchhook.toolbarurlsearchhook.1 (Trojan.BHO) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
C:\WINDOWS\system32\italc.ifo (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\nitroox\Lokale Einstellungen\Temp\B.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\nitroox\Lokale Einstellungen\Temp\ie3.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
GMer Report
GMER 1.0.15.15077 [ih42v7q8.exe] - http://www.gmer.net
Rootkit scan 2009-08-26 13:20:09
Windows 5.1.2600 Service Pack 3


---- System - GMER 1.0.15 ----

SSDT BA72CF5E ZwCreateKey
SSDT BA72CF54 ZwCreateThread
SSDT BA72CF63 ZwDeleteKey
SSDT BA72CF6D ZwDeleteValueKey
SSDT spii.sys ZwEnumerateKey [0xB9EC5CA4]
SSDT spii.sys ZwEnumerateValueKey [0xB9EC6032]
SSDT BA72CF72 ZwLoadKey
SSDT spii.sys ZwOpenKey [0xB9EA70C0]
SSDT BA72CF40 ZwOpenProcess
SSDT BA72CF45 ZwOpenThread
SSDT spii.sys ZwQueryKey [0xB9EC610A]
SSDT spii.sys ZwQueryValueKey [0xB9EC5F8A]
SSDT BA72CF7C ZwReplaceKey
SSDT BA72CF77 ZwRestoreKey
SSDT BA72CF68 ZwSetValueKey
SSDT BA72CF4F ZwTerminateProcess

INT 0x62 ? 8B187BF8
INT 0x63 ? 8AECFBF8
INT 0x73 ? 8B187BF8
INT 0x73 ? 8B187BF8
INT 0x73 ? 8B189BF8
INT 0x73 ? 8AECFBF8
INT 0x73 ? 8B187BF8
INT 0x82 ? 8B187BF8
INT 0x83 ? 8B187BF8
INT 0x83 ? 8B187BF8
INT 0x83 ? 8AECFBF8
INT 0x83 ? 8B187BF8
INT 0x94 ? 8AECFBF8
INT 0xB4 ? 8AECFBF8

---- Kernel code sections - GMER 1.0.15 ----

? spii.sys Das System kann die angegebene Datei nicht finden. !
.text USBPORT.SYS!DllUnload B95518AC 5 Bytes JMP 8AECF1D8
.text a2mjm6zz.SYS B9465386 35 Bytes [00, 00, 00, 00, 00, 00, 20, ...]
.text a2mjm6zz.SYS B94653AA 24 Bytes [00, 00, 00, 00, 00, 00, 00, ...]
.text a2mjm6zz.SYS B94653C4 3 Bytes [00, 70, 02] {ADD [EAX+0x2], DH}
.text a2mjm6zz.SYS B94653C9 1 Byte [30]
.text a2mjm6zz.SYS B94653C9 11 Bytes [30, 00, 00, 00, 5C, 02, 00, ...] {XOR [EAX], AL; ADD [EAX], AL; POP ESP; ADD AL, [EAX]; ADD [EAX], AL; ADD [EAX], AL}
.text ...

---- Kernel IAT/EAT - GMER 1.0.15 ----

IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [B9EA8042] spii.sys
IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [B9EA813E] spii.sys
IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [B9EA80C0] spii.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [B9EA8800] spii.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [B9EA86D6] spii.sys
IAT \SystemRoot\System32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [B9EB7E9C] spii.sys
IAT \SystemRoot\System32\Drivers\a2mjm6zz.SYS[HAL.dll!KfAcquireSpinLock] 18C4830E
IAT \SystemRoot\System32\Drivers\a2mjm6zz.SYS[HAL.dll!READ_PORT_UCHAR] 1C8D9E88
IAT \SystemRoot\System32\Drivers\a2mjm6zz.SYS[HAL.dll!KeGetCurrentIrql] 9E880000
IAT \SystemRoot\System32\Drivers\a2mjm6zz.SYS[HAL.dll!KfRaiseIrql] 00001CA9
IAT \SystemRoot\System32\Drivers\a2mjm6zz.SYS[HAL.dll!KfLowerIrql] 0E798366
IAT \SystemRoot\System32\Drivers\a2mjm6zz.SYS[HAL.dll!HalGetInterruptVector] 74AAB000
IAT \SystemRoot\System32\Drivers\a2mjm6zz.SYS[HAL.dll!HalTranslateBusAddress] 8186C636
IAT \SystemRoot\System32\Drivers\a2mjm6zz.SYS[HAL.dll!KeStallExecutionProcessor] 1A00001C
IAT \SystemRoot\System32\Drivers\a2mjm6zz.SYS[HAL.dll!KfReleaseSpinLock] 1C8386C6
IAT \SystemRoot\System32\Drivers\a2mjm6zz.SYS[HAL.dll!READ_PORT_BUFFER_USHORT] C6020000
IAT \SystemRoot\System32\Drivers\a2mjm6zz.SYS[HAL.dll!READ_PORT_USHORT] 001C8E86
IAT \SystemRoot\System32\Drivers\a2mjm6zz.SYS[HAL.dll!WRITE_PORT_BUFFER_USHORT] 86C60200
IAT \SystemRoot\System32\Drivers\a2mjm6zz.SYS[HAL.dll!WRITE_PORT_UCHAR] 00001CAA
IAT \SystemRoot\System32\Drivers\a2mjm6zz.SYS[WMILIB.SYS!WmiSystemControl] 8800001C
IAT \SystemRoot\System32\Drivers\a2mjm6zz.SYS[WMILIB.SYS!WmiCompleteRequest] 001CB19E

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs 8B1171F8
Device \Driver\PCI_PNP4264 \Device\00000041 spii.sys
Device \Driver\usbuhci \Device\USBPDO-0 8AECE1F8
Device \Driver\usbuhci \Device\USBPDO-1 8AECE1F8
Device \Driver\usbehci \Device\USBPDO-2 8AEB71F8
Device \Driver\usbuhci \Device\USBPDO-3 8AECE1F8
Device \Driver\usbuhci \Device\USBPDO-4 8AECE1F8

AttachedDevice \Driver\Tcpip \Device\Tcp Lbd.sys (Boot Driver/Lavasoft AB)

Device \Driver\usbuhci \Device\USBPDO-5 8AECE1F8
Device \Driver\usbehci \Device\USBPDO-6 8AEB71F8
Device \Driver\Ftdisk \Device\HarddiskVolume1 8B1191F8
Device \Driver\sptd \Device\1276924264 spii.sys
Device \Driver\Ftdisk \Device\HarddiskVolume2 8B1191F8
Device \Driver\Cdrom \Device\CdRom0 8AEAB1F8
Device \Driver\Ftdisk \Device\HarddiskVolume3 8B1191F8
Device \Driver\Cdrom \Device\CdRom1 8AEAB1F8
Device \Driver\Ftdisk \Device\HarddiskVolume4 8B1191F8
Device \Driver\Ftdisk \Device\HarddiskVolume5 8B1191F8
Device \Driver\Ftdisk \Device\HarddiskVolume6 8B1191F8
Device \Driver\NetBT \Device\NetBt_Wins_Export 8AAD8500
Device \Driver\NetBT \Device\NetbiosSmb 8AAD8500
Device \Driver\NetBT \Device\NetBT_Tcpip_{3292C7B8-C9EA-4B9C-83D5-E06DCCE5103A} 8AAD8500
Device \Driver\usbuhci \Device\USBFDO-0 8AECE1F8
Device \Driver\usbuhci \Device\USBFDO-1 8AECE1F8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 8AB78500
Device \Driver\usbehci \Device\USBFDO-2 8AEB71F8
Device \FileSystem\MRxSmb \Device\LanmanRedirector 8AB78500
Device \Driver\usbuhci \Device\USBFDO-3 8AECE1F8
Device \Driver\usbuhci \Device\USBFDO-4 8AECE1F8
Device \Driver\Ftdisk \Device\FtControl 8B1191F8
Device \Driver\usbuhci \Device\USBFDO-5 8AECE1F8
Device \Driver\usbehci \Device\USBFDO-6 8AEB71F8
Device \Driver\a2mjm6zz \Device\Scsi\a2mjm6zz1Port7Path0Target0Lun0 8AE581F8
Device \Driver\a2mjm6zz \Device\Scsi\a2mjm6zz1 8AE581F8
Device \Driver\JRAID \Device\Scsi\JRAID1 8B1181F8
Device \FileSystem\Cdfs \Cdfs 8AB79500

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Programme\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x98 0x36 0xF4 0x35 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xCD 0x1A 0xAB 0x81 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xD3 0x84 0x43 0xC7 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Programme\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x98 0x36 0xF4 0x35 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xCD 0x1A 0xAB 0x81 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xD3 0x84 0x43 0xC7 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Programme\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x98 0x36 0xF4 0x35 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xCD 0x1A 0xAB 0x81 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xDC 0x6E 0x5B 0xCA ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{A059DD64-AB03-C955-6E61-9F95331C7ABE}
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{A059DD64-AB03-C955-6E61-9F95331C7ABE}@iaoceblcmnlcoonjfd 0x6A 0x61 0x63 0x69 ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{A059DD64-AB03-C955-6E61-9F95331C7ABE}@haackikpkkdiapdk 0x6A 0x61 0x63 0x69 ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{A059DD64-AB03-C955-6E61-9F95331C7ABE}@iaccekocbaneolikla 0x63 0x61 0x6A 0x64 ...

---- EOF - GMER 1.0.15 ----


HiJackThis Log:

Zitat

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:52:36, on 26.08.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Programme\Java\jre6\bin\jusched.exe
C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Programme\Rowisoft red\printer\rvpagent.exe
C:\Programme\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Programme\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexStoreSvr.exe
C:\Programme\DAEMON Tools Lite\daemon.exe
C:\Programme\SURECOM\SURECOM 802.11g WLAN USB Adapter\Installer\WINXP\EP9001-g-3A.exe
C:\Programme\Avira\AntiVir Desktop\avguard.exe
C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\ASTSRV.EXE
C:\Programme\Bonjour\mDNSResponder.exe
C:\Programme\Firebird\Firebird_2_1\bin\fbguard.exe
C:\Programme\ICQ6Toolbar\ICQ Service.exe
C:\Programme\Java\jre6\bin\jqs.exe
C:\Programme\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Programme\Mozilla Thunderbird\thunderbird.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe
C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Programme\iPod\bin\iPodService.exe
C:\Programme\Firebird\Firebird_2_1\bin\fbserver.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\Programme\Lavasoft\Ad-Aware\AAWTray.exe
C:\Dokumente und Einstellungen\nitroox\Desktop\ih42v7q8.exe
C:\Programme\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - (no file)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - (no file)
O2 - BHO: TBSB03968 - {AA61DE26-FA67-4575-9033-918671094293} - (no file)
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file)
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - (no file)
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Programme\TechSmith\SnagIt 9\SnagItIEAddin.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Programme\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: Toolbar fuer eBay - {000E148C-F7A7-445A-9044-93BF6CE09ECB} - C:\Dokumente und Einstellungen\nitroox\Anwendungsdaten\Toolbars\Toolbar fuer eBay\ebay.dll
O4 - HKLM\..\Run: [GBB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot
O4 - HKLM\..\Run: [avgnt] "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NBKeyScan] "C:\Programme\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [Rowisoft Virtual Printer virtual printer agent] "C:\Programme\Rowisoft red\printer\rvpagent.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Programme\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programme\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Steam] "c:\programme\steam\steam.exe" -silent
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Programme\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: EP9001-g.lnk = C:\Programme\SURECOM\SURECOM 802.11g WLAN USB Adapter\Installer\WINXP\EP9001-g-3A.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: An vorhandenes PDF anfügen - res://C:\Programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - res://C:\Programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - res://C:\Programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Auswahl in Adobe PDF konvertieren - res://C:\Programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Auswahl in vorhandene PDF-Datei konvertieren - res://C:\Programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: In Adobe PDF konvertieren - res://C:\Programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://I:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - res://C:\Programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - res://C:\Programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - I:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Unknown owner - C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Nalpeiron Licensing Service (ASTSRV) - Nalpeiron Ltd. - C:\WINDOWS\system32\ASTSRV.EXE
O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. - C:\Programme\Bonjour\mDNSResponder.exe
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - FirebirdSQL Project - C:\Programme\Firebird\Firebird_2_1\bin\fbguard.exe
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - FirebirdSQL Project - C:\Programme\Firebird\Firebird_2_1\bin\fbserver.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Programme\ICQ6Toolbar\ICQ Service.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Programme\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Programme\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Programme\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe

--
End of file - 10868 bytes
Uninstall Liste:

Zitat

2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
7-Zip 4.65
Ad-Aware
Ad-Aware
Adobe Acrobat 8.1.0 Professional
Adobe Anchor Service CS4
Adobe Bridge CS4
Adobe CMaps CS4
Adobe Color - Photoshop Specific CS4
Adobe Color EU Recommended Settings CS4
Adobe Color JA Extra Settings CS4
Adobe Color NA Extra Settings CS4
Adobe Color Video Profiles CS CS4
Adobe CSI CS4
Adobe Default Language CS4
Adobe ExtendScript Toolkit CS4
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Fonts All
Adobe Linguistics CS4
Adobe Output Module
Adobe PDF Library Files CS4
Adobe Photoshop CS
Adobe Photoshop CS4
Adobe Photoshop CS4
Adobe Photoshop CS4
Adobe Photoshop CS4 Support
Adobe Reader 9.1 - Deutsch
Adobe Search for Help
Adobe Service Manager Extension
Adobe Setup
Adobe Type Support CS4
Adobe Update Manager CS4
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS4
AdobeColorCommonSetCMYK
AdobeColorCommonSetRGB
Alien Skin Bokeh
Apple Mobile Device Support
Apple Software Update
Audacity 1.2.6
Audiograbber 1.83 SE
Avira AntiVir Personal - Free Antivirus
AVM FRITZ!fax für FRITZ!Box
Beauty Pilot Trial 2.2
Bonjour
Choice Guard
Combined Community Codec Pack 2008-09-21 16:18
Connect
Counter-Strike: Source
Creative WebCam Pro Driver (1.03.01.0523)
DAEMON Tools Toolbar
DiskAid 3.1
DivX Codec
DivX Converter
DivX Player
DivX Plus DirectShow Filters
DivX Web Player
eMule
ffdshow [rev 2940] [2009-05-06]
FileZilla Client 3.2.3.1
Firebird 2.1.0.16780 (Win32)
Free WMV to AVI MPEG Converter v1.2
Free YouTube to Mp3 Converter version 3.1
FUSSBALL MANAGER 09
Gigabyte Raid Configurer
Hauppauge German Help Files and Resources
Hauppauge WinTV Scheduler
Hauppauge WinTV Soft PVR
Hauppauge WinTV2000
Hercules DJ Products Series drivers
High Definition Audio Driver Package - KB888111
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix für Windows XP (KB952287)
Hotfix für Windows XP (KB961118)
ICQ Toolbar
ICQ6.5
IKEA Home Planner
iTunes
Java(TM) 6 Update 13
kuler
MakeUp Pilot Full 4.2
Malwarebytes' Anti-Malware
Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - DEU
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - DEU
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 Language Pack - deu
Microsoft .NET Framework 3.5 Language Pack - DEU
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft National Language Support Downlevel APIs
Microsoft Office Excel MUI (German) 2007
Microsoft Office FrontPage 2003
Microsoft Office Outlook MUI (German) 2007
Microsoft Office PowerPoint MUI (German) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (German) 2007
Microsoft Office Proof (Italian) 2007
Microsoft Office Proofing (German) 2007
Microsoft Office Shared MUI (German) 2007
Microsoft Office Standard 2007
Microsoft Office Standard 2007
Microsoft Office Word MUI (German) 2007
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Mozilla Firefox (3.5.2)
Mozilla Thunderbird (2.0.0.23)
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 6 Service Pack 2 (KB954459)
MySQL-Front
Nero 8
neroxml
NS Virtual DJ 6.0 Full
NVIDIA Drivers
PDF Settings CS4
Photoshop Camera Raw
Picasa 3
PSFtp Version 1.8
QuickTime
Realtek High Definition Audio Driver
Redtube Video Downloader 3.18
Rowisoft® red™
Safari
SAM Broadcaster (remove only)
save2pc Converter 3.46
Security Update for 2007 Microsoft Office System (KB951550)
Security Update for 2007 Microsoft Office System (KB951944)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB969679)
Security Update for Microsoft Office Excel 2007 (KB969682)
Security Update for Microsoft Office PowerPoint 2007 (KB957789)
Security Update for Microsoft Office system 2007 (KB954326)
Security Update for Microsoft Office system 2007 (KB969613)
Security Update for Microsoft Office Word 2007 (KB969604)
Segoe UI
Sicherheitsupdate für Windows Internet Explorer 7 (KB938127-v2)
Sicherheitsupdate für Windows Internet Explorer 7 (KB956390)
Sicherheitsupdate für Windows Internet Explorer 7 (KB961260)
Sicherheitsupdate für Windows Internet Explorer 7 (KB963027)
Sicherheitsupdate für Windows Internet Explorer 8 (KB969897)
Sicherheitsupdate für Windows Internet Explorer 8 (KB972260)
Sicherheitsupdate für Windows Media Player (KB952069)
Sicherheitsupdate für Windows Media Player (KB973540)
Sicherheitsupdate für Windows XP (KB923561)
Sicherheitsupdate für Windows XP (KB938464-v2)
Sicherheitsupdate für Windows XP (KB941569)
Sicherheitsupdate für Windows XP (KB946648)
Sicherheitsupdate für Windows XP (KB950762)
Sicherheitsupdate für Windows XP (KB950974)
Sicherheitsupdate für Windows XP (KB951066)
Sicherheitsupdate für Windows XP (KB951376-v2)
Sicherheitsupdate für Windows XP (KB951698)
Sicherheitsupdate für Windows XP (KB951748)
Sicherheitsupdate für Windows XP (KB952004)
Sicherheitsupdate für Windows XP (KB952954)
Sicherheitsupdate für Windows XP (KB954600)
Sicherheitsupdate für Windows XP (KB955069)
Sicherheitsupdate für Windows XP (KB956572)
Sicherheitsupdate für Windows XP (KB956744)
Sicherheitsupdate für Windows XP (KB956802)
Sicherheitsupdate für Windows XP (KB956803)
Sicherheitsupdate für Windows XP (KB956841)
Sicherheitsupdate für Windows XP (KB957097)
Sicherheitsupdate für Windows XP (KB958215)
Sicherheitsupdate für Windows XP (KB958644)
Sicherheitsupdate für Windows XP (KB958687)
Sicherheitsupdate für Windows XP (KB958690)
Sicherheitsupdate für Windows XP (KB959426)
Sicherheitsupdate für Windows XP (KB960225)
Sicherheitsupdate für Windows XP (KB960714)
Sicherheitsupdate für Windows XP (KB960715)
Sicherheitsupdate für Windows XP (KB960803)
Sicherheitsupdate für Windows XP (KB960859)
Sicherheitsupdate für Windows XP (KB961371)
Sicherheitsupdate für Windows XP (KB961373)
Sicherheitsupdate für Windows XP (KB961501)
Sicherheitsupdate für Windows XP (KB968537)
Sicherheitsupdate für Windows XP (KB969898)
Sicherheitsupdate für Windows XP (KB970238)
Sicherheitsupdate für Windows XP (KB971557)
Sicherheitsupdate für Windows XP (KB971633)
Sicherheitsupdate für Windows XP (KB971657)
Sicherheitsupdate für Windows XP (KB973346)
Sicherheitsupdate für Windows XP (KB973354)
Sicherheitsupdate für Windows XP (KB973507)
Sicherheitsupdate für Windows XP (KB973869)
Skype web features
Skype™ 4.1
Slim U2 TA
SnagIt 9
Steam
Suite Shared Configuration CS4
SURECOM 802.11 g USB Adapter
TeamSpeak 2 RC2
TeamViewer 4
Toolbar fuer eBay
Total Commander (Remove or Repair)
Turbo Lister 2
Uninstall 1.0.0.1
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office Outlook 2007 (KB969907)
Update for Outlook 2007 Junk Email Filter (kb972691)
Update für Windows Internet Explorer 8 (KB969497)
Update für Windows XP (KB951978)
Update für Windows XP (KB955839)
Update für Windows XP (KB961503)
Update für Windows XP (KB967715)
Update für Windows XP (KB968389)
Update für Windows XP (KB973815)
VC80CRTRedist - 8.0.50727.762
VLC media player 1.0.1
VTPlus32 für WinTV (German)
WETO Modul Holzhaus
Windows Imaging Component
Windows Internet Explorer 8
Windows Live Anmelde-Assistent
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live Messenger
Windows Live-Uploadtool
Windows Media Format Runtime
Windows XP Service Pack 3
WinRAR
WinSCP 4.1.9
Wintergarten Privat
WMV TO AVI CONVERTER version 3.1.1
XAMPP 1.7.1
Xbox 360 Controller for Windows
XML Paper Specification Shared Components Language Pack 1.0
Zero Assumption Recovery Version 8.4

Seitenanfang Seitenende
26.08.2009, 20:08
Moderator

Beiträge: 5694
#4 >>
Schliesse alle Fenster und starte Hijack This
Klicke: Do a Systemscan only
Setze ein Häckchen in das Kästchen vor den genannten Einträgen bei: (falls diese noch vorhanden sind)

Zitat

R3 - URLSearchHook: (no name) - - (no file)

O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - (no file)

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - (no file)

O2 - BHO: TBSB03968 - {AA61DE26-FA67-4575-9033-918671094293} - (no file)

O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file)

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - (no file)
und wähle fix checked.

Starte den Rechner neu.

>>
Download ToolbarSD zum Desktop
Nur fuer Windows XP und Vista
Doppelklick ToolBarSD.exe
Gib ein D Enter und klicke bei den Pop-Up ok
Wähle 1 Enter
Am Ende erscheint ein Log (C:\TB.txt) poste dessen inhalt im Thread

Starte ToolbarSD nochmal
Gib ein D Enter und klicke bei den Pop-Up ok
Wähle 2 Enter
Am Ende erscheint ein Log (C:\TB.txt) poste dessen inhalt im Thread

>>
Mach ein Onlinescan mit Bitdefender und poste das Log:
http://virus-protect.org/artikel/tools/bitdefender.html

Gruss Swiss
Seitenanfang Seitenende
26.08.2009, 20:56
...neu hier

Themenstarter

Beiträge: 5
#5 -----------\\ ToolBar S&D 1.2.9 XP/Vista

Microsoft Windows XP Home Edition ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 CPU 6300 @ 1.86GHz )
BIOS : Award Modular BIOS v6.00PG
USER : nitroox ( Administrator )
BOOT : Normal boot
Antivirus : AntiVir Desktop 9.0.1.32 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:24 Go (Free:4 Go)
D:\ (Local Disk) - NTFS - Total:29 Go (Free:4 Go)
E:\ (Local Disk) - NTFS - Total:137 Go (Free:16 Go)
F:\ (Local Disk) - NTFS - Total:136 Go (Free:26 Go)
G:\ (Local Disk) - NTFS - Total:66 Go (Free:26 Go)
H:\ (CD or DVD)
I:\ (Local Disk) - NTFS - Total:24 Go (Free:5 Go)
J:\ (CD or DVD)
K:\ (USB) - FAT32 - Total:492 Mo (Free:0 Go)

"C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )
Option : [1] ( 26.08.2009|20:42 )

-----------\\ Suche nach Dateien - Ordnern ...

C:\DOKUME~1\nitroox\LOKALE~1\Temp\NERO14766\Toolbar.exe
C:\Programme\DAEMON Tools Toolbar
C:\Programme\DAEMON Tools Toolbar\DTToolbar.dll
C:\Programme\DAEMON Tools Toolbar\Resources
C:\Programme\DAEMON Tools Toolbar\uninst.exe
C:\Programme\DAEMON Tools Toolbar\_DTLite.xml
C:\Programme\DAEMON Tools Toolbar\Resources\about.ico
C:\Programme\DAEMON Tools Toolbar\Resources\AboutWindow.ico
C:\Programme\DAEMON Tools Toolbar\Resources\AddRadioStation.ico
C:\Programme\DAEMON Tools Toolbar\Resources\as.ico
C:\Programme\DAEMON Tools Toolbar\Resources\as.png
C:\Programme\DAEMON Tools Toolbar\Resources\astro.ico
C:\Programme\DAEMON Tools Toolbar\Resources\az.ico
C:\Programme\DAEMON Tools Toolbar\Resources\b1.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\b1.png
C:\Programme\DAEMON Tools Toolbar\Resources\BurnImage.ico
C:\Programme\DAEMON Tools Toolbar\Resources\buy.ico
C:\Programme\DAEMON Tools Toolbar\Resources\cond000.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond001.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond003.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond004.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond005.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond006.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond007.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond008.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond009.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond010.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond011.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond019.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond020.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond021.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond022.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond023.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond024.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond025.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond026.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond037.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond038.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond039.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond040.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond041.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond046.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond048.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond050.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond051.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond052.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond053.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond054.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond055.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond056.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond057.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond058.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond059.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond060.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond061.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond062.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond063.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond064.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond065.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond066.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond067.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond068.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond069.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond075.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond076.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond077.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond078.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond079.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond080.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond084.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond085.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond086.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond087.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond088.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond089.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond090.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond091.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond092.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond093.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond094.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond095.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond108.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond109.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond110.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond111.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond112.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond113.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond120.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond121.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond122.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond126.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond127.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond128.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond129.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond130.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond131.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond132.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond133.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond134.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond135.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond136.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond137.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond138.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond140.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond141.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond142.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond143.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond148.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond149.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond152.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond154.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond155.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond156.gif
C:\Programme\DAEMON Tools Toolbar\Resources\cond157.gif
C:\Programme\DAEMON Tools Toolbar\Resources\Config.ico
C:\Programme\DAEMON Tools Toolbar\Resources\d.ico
C:\Programme\DAEMON Tools Toolbar\Resources\d2.ico
C:\Programme\DAEMON Tools Toolbar\Resources\daemon.ico
C:\Programme\DAEMON Tools Toolbar\Resources\dot_disabled.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\dot_enabled.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\dot_on_over.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\ds.ico
C:\Programme\DAEMON Tools Toolbar\Resources\dsearch.ico
C:\Programme\DAEMON Tools Toolbar\Resources\dt.ico
C:\Programme\DAEMON Tools Toolbar\Resources\DTPro.ico
C:\Programme\DAEMON Tools Toolbar\Resources\dtt16.ico
C:\Programme\DAEMON Tools Toolbar\Resources\dtt32.ico
C:\Programme\DAEMON Tools Toolbar\Resources\Dwnl.ico
C:\Programme\DAEMON Tools Toolbar\Resources\emulation.ico
C:\Programme\DAEMON Tools Toolbar\Resources\favicon.ico
C:\Programme\DAEMON Tools Toolbar\Resources\features.ico
C:\Programme\DAEMON Tools Toolbar\Resources\GameCentrix.ico
C:\Programme\DAEMON Tools Toolbar\Resources\GameS.ico
C:\Programme\DAEMON Tools Toolbar\Resources\GameSA.ico
C:\Programme\DAEMON Tools Toolbar\Resources\gd.ico
C:\Programme\DAEMON Tools Toolbar\Resources\genre.xml
C:\Programme\DAEMON Tools Toolbar\Resources\globe.ico
C:\Programme\DAEMON Tools Toolbar\Resources\GrabImage.ico
C:\Programme\DAEMON Tools Toolbar\Resources\hb.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\hb.ico
C:\Programme\DAEMON Tools Toolbar\Resources\help.ico
C:\Programme\DAEMON Tools Toolbar\Resources\hide.ico
C:\Programme\DAEMON Tools Toolbar\Resources\ImageS.ico
C:\Programme\DAEMON Tools Toolbar\Resources\ImageSA.ico
C:\Programme\DAEMON Tools Toolbar\Resources\ip.ico
C:\Programme\DAEMON Tools Toolbar\Resources\lang.xml
C:\Programme\DAEMON Tools Toolbar\Resources\lingvo.ico
C:\Programme\DAEMON Tools Toolbar\Resources\m.ico
C:\Programme\DAEMON Tools Toolbar\Resources\mail.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\mailc.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\mailc_disable.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\mailc_down.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\mailc_m.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\mailc_under.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\mail_disable.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\mail_down.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\mail_m.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\mail_under.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\MenuRadioConfig.ico
C:\Programme\DAEMON Tools Toolbar\Resources\MenuRadioStation.ico
C:\Programme\DAEMON Tools Toolbar\Resources\MenuRSCur.ico
C:\Programme\DAEMON Tools Toolbar\Resources\MenuTr.ico
C:\Programme\DAEMON Tools Toolbar\Resources\next.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\next_down.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\next_m.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\next_under.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\none.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\none_m.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\noW.gif
C:\Programme\DAEMON Tools Toolbar\Resources\op.ico
C:\Programme\DAEMON Tools Toolbar\Resources\play.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\play.ico
C:\Programme\DAEMON Tools Toolbar\Resources\play_down.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\play_m.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\play_under.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\pragma.ico
C:\Programme\DAEMON Tools Toolbar\Resources\prev.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\prev_down.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\prev_m.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\prev_under.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\prod.ico
C:\Programme\DAEMON Tools Toolbar\Resources\Radio.ico
C:\Programme\DAEMON Tools Toolbar\Resources\RadioBg.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\RadioBg.ico
C:\Programme\DAEMON Tools Toolbar\Resources\RadioBgMask.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\RadioDisp.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\RadioDisp_m.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\RadioDown.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\RadioDown.ico
C:\Programme\DAEMON Tools Toolbar\Resources\RadioDown_down.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\RadioDown_m.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\RadioDown_under.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\RadioE.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\RadioG.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\RadioL.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\RadioLDotMask.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\RadioLeft.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\RadioLeftMask.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\RadioLM.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\RadioM.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\RadioN.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\RadioR.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\RadioR.ico
C:\Programme\DAEMON Tools Toolbar\Resources\RadioRM.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\RadioRU.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\RadioVolume.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\RadioVolume_down.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\RadioVolume_m.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\RadioVolume_under.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\RadioW.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\rbcheck.ico
C:\Programme\DAEMON Tools Toolbar\Resources\rbtxt.ico
C:\Programme\DAEMON Tools Toolbar\Resources\refresh.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\refresh_down.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\refresh_m.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\refresh_under.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\Rss.ico
C:\Programme\DAEMON Tools Toolbar\Resources\Rss1.ico
C:\Programme\DAEMON Tools Toolbar\Resources\RssA.ico
C:\Programme\DAEMON Tools Toolbar\Resources\RssA1.ico
C:\Programme\DAEMON Tools Toolbar\Resources\rssClose.ico
C:\Programme\DAEMON Tools Toolbar\Resources\rssL.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\rssOpen.ico
C:\Programme\DAEMON Tools Toolbar\Resources\RssRefresh.ico
C:\Programme\DAEMON Tools Toolbar\Resources\s2.ico
C:\Programme\DAEMON Tools Toolbar\Resources\show.ico
C:\Programme\DAEMON Tools Toolbar\Resources\size.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\size_m.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\skins.ico
C:\Programme\DAEMON Tools Toolbar\Resources\spt.ico
C:\Programme\DAEMON Tools Toolbar\Resources\stop.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\stop.ico
C:\Programme\DAEMON Tools Toolbar\Resources\stop_down.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\stop_m.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\stop_under.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\style.ico
C:\Programme\DAEMON Tools Toolbar\Resources\SupportRequest.ico
C:\Programme\DAEMON Tools Toolbar\Resources\time.ico
C:\Programme\DAEMON Tools Toolbar\Resources\TitleIcon.ico
C:\Programme\DAEMON Tools Toolbar\Resources\toolbar.xml
C:\Programme\DAEMON Tools Toolbar\Resources\trans.ico
C:\Programme\DAEMON Tools Toolbar\Resources\Trash.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\Trash_disable.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\Trash_down.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\Trash_m.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\Trash_under.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\u.ico
C:\Programme\DAEMON Tools Toolbar\Resources\vol.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\vol.ico
C:\Programme\DAEMON Tools Toolbar\Resources\vol_back.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\vol_dott.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\vol_dott_m.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\vol_down.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\vol_m.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\vol_mute.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\vol_mute_check.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\vol_under.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\wb.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\wBtClose.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\wBtClose_down.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\wBtClose_m.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\wBtClose_under.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\wBtText.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\wBtText_down.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\wBtText_m.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\wBtText_under.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\Weather_m42.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\Weather_m43.bmp
C:\Programme\DAEMON Tools Toolbar\Resources\WebS.ico
C:\Programme\DAEMON Tools Toolbar\Resources\WebSa.ico
C:\Programme\DAEMON Tools Toolbar\Resources\wi.ico
C:\Programme\DAEMON Tools Toolbar\Resources\wi0.ico
C:\Programme\DAEMON Tools Toolbar\Resources\wi1.ico
C:\Programme\DAEMON Tools Toolbar\Resources\wi10.ico
C:\Programme\DAEMON Tools Toolbar\Resources\wi11.ico
C:\Programme\DAEMON Tools Toolbar\Resources\wi12.ico
C:\Programme\DAEMON Tools Toolbar\Resources\wi13.ico
C:\Programme\DAEMON Tools Toolbar\Resources\wi14.ico
C:\Programme\DAEMON Tools Toolbar\Resources\wi2.ico
C:\Programme\DAEMON Tools Toolbar\Resources\wi3.ico
C:\Programme\DAEMON Tools Toolbar\Resources\wi4.ico
C:\Programme\DAEMON Tools Toolbar\Resources\wi5.ico
C:\Programme\DAEMON Tools Toolbar\Resources\wi6.ico
C:\Programme\DAEMON Tools Toolbar\Resources\wi7.ico
C:\Programme\DAEMON Tools Toolbar\Resources\wi8.ico
C:\Programme\DAEMON Tools Toolbar\Resources\wi9.ico

-----------\\ Extensions

(nitroox) - {20a82645-c095-46ed-80e3-08825760534b} => chrome_user


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="http://start.icq.com/"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"ICQ Search"="http://www.icq.com/search/results.php?q={searchTerms}&ch_id=osd"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"


--------------------\\ Suche nach anderen Infektionen


Kein anderen Infektionen gefunden !


1 - "C:\ToolBar SD\TB_1.txt" - 26.08.2009|20:44 - Option : [1]

-----------\\ Scan beendet um 20:44:06,96
Seitenanfang Seitenende
26.08.2009, 20:58
...neu hier

Themenstarter

Beiträge: 5
#6 -----------\\ ToolBar S&D 1.2.9 XP/Vista

Microsoft Windows XP Home Edition ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 CPU 6300 @ 1.86GHz )
BIOS : Award Modular BIOS v6.00PG
USER : nitroox ( Administrator )
BOOT : Normal boot
Antivirus : AntiVir Desktop 9.0.1.32 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:24 Go (Free:4 Go)
D:\ (Local Disk) - NTFS - Total:29 Go (Free:4 Go)
E:\ (Local Disk) - NTFS - Total:137 Go (Free:16 Go)
F:\ (Local Disk) - NTFS - Total:136 Go (Free:26 Go)
G:\ (Local Disk) - NTFS - Total:66 Go (Free:26 Go)
H:\ (CD or DVD)
I:\ (Local Disk) - NTFS - Total:24 Go (Free:5 Go)
J:\ (CD or DVD)
K:\ (USB) - FAT32 - Total:492 Mo (Free:0 Go)

"C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )
Option : [2] ( 26.08.2009|20:56 )

-----------\\ FIX

Geloescht ! - C:\DOKUME~1\nitroox\LOKALE~1\Temp\NERO14766\Toolbar.exe
Geloescht ! - C:\Programme\DAEMON Tools Toolbar\DTToolbar.dll
Geloescht ! - C:\Programme\DAEMON Tools Toolbar\Resources
Geloescht ! - C:\Programme\DAEMON Tools Toolbar\uninst.exe
Geloescht ! - C:\Programme\DAEMON Tools Toolbar\_DTLite.xml
Geloescht ! - C:\Programme\DAEMON Tools Toolbar

-----------\\ Suche nach Dateien - Ordnern ...


-----------\\ Extensions

(nitroox) - {20a82645-c095-46ed-80e3-08825760534b} => chrome_user


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="http://start.icq.com/"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"ICQ Search"="http://www.icq.com/search/results.php?q={searchTerms}&ch_id=osd"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="http://www.msn.com/"


--------------------\\ Suche nach anderen Infektionen


Kein anderen Infektionen gefunden !


1 - "C:\ToolBar SD\TB_1.txt" - 26.08.2009|20:44 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 26.08.2009|20:57 - Option : [2]

-----------\\ Scan beendet um 20:57:31,25
Seitenanfang Seitenende
27.08.2009, 11:41
Moderator

Beiträge: 5694
#7 Was meint Bitdefender?

Gruss Swiss
Seitenanfang Seitenende
27.08.2009, 13:59
...neu hier

Themenstarter

Beiträge: 5
#8 BitDefender Online Scanner - Echtzeit-Virenmeldung

Erstellt am: Thu, Aug 27, 2009 - 13:58:26

Prüf-Info
Geprüfte Dateien

111965

Infizierte Dateien

0

Erkannte Viren

Keine Viren gefunden

Diese Zusammenfassung des Prüfvorgangs wird vom BitDefender Virus Labor dazu verwendet detaillierte Berichte über die weltweite Aktivität von Viren zu erstellen.
Seitenanfang Seitenende
28.08.2009, 00:28
Moderator

Beiträge: 5694
#9 mache folgendes:

Den folgenden Text in den Editor (Start - Zubehör - Editor) kopieren und als fix.bat mit 'Speichern unter' auf dem Desktop.
Gebe bei Dateityp 'Alle Dateien' an.
Du solltest jetzt auf dem Desktop diese Datei finden.

Zitat

mbr.exe –f
Doppelklick auf fix.bat
Es wird ein Log erstellt ( mbr.log )und poste dessen Inhalt in deinen Beitrag

>>
sdfix
http://virus-protect.org/artikel/tools/sdfix.html
unter C:\ findet man nun den SDFix-Ordner

boote in den abgesicherten Modus (die Taste F8 drücken, während der Rechner neustartet)

gehe in den Ordner C:\SDFix

RunThis.bat doppelt klicken
folge allen Anweisungen, während gescannt wird - dann wird der Rechner neustarten
kopiere mit der rechten Maustaste den Text ab, der erscheint - und in den Beitrag


Gruss Swiss
Seitenanfang Seitenende