Ergebnis 1 bis 2 von 2

Thema: Trojan.Fake.Alert, DNSChanger...Trojan.Agent

  1. 28.01.2010, 19:06 #1
    Joker85
    Joker85 ist offline
    Einsteiger
    Registriert seit
    28.01.2010
    Beiträge
    1

    Trojan.Fake.Alert, DNSChanger...Trojan.Agent

    Hallooo heute, hoffe sehr ihr könnte mir helfen !!??

    hatte vorkurzen probleme mit den "Malware Defense" und gestern mit "Vista Antivirus 2010" gehabt !

    hab Malware mit hilfe von TDSSKiller und Malwarebytes' bekämpfen können..
    Vista antivrus 2010 könnte ich durch systemwiederherstellung entfernen.

    allerdings hab ich dann nochmal ein vollständigen scan mit Malwarebytes gemacht und hab noch weitere trojaner gefunden bei den ich nicht weiter weiss (Trojan.FakeAlert) (Trojan.Agent) (Trojan.DNSChanger), desweitern kann ich mein sicherheitscenter nicht mehr starten (seid Malware Defense).
    ich weiss nicht ob ich auch einfach die datein die Malewarebytes gefunden hat löschen kann ??

    hier mein Malewarebytes scan:

    Code:
    Malwarebytes' Anti-Malware 1.44
Datenbank Version: 3651
Windows 6.0.6000
Internet Explorer 7.0.6000.16386

28.01.2010 18:08:05
mbam-log-2010-01-28 (18-08-01).txt

Scan-Methode: Vollständiger Scan (C:\|D:\|E:\|F:\|G:\|H:\|I:\|J:\|)
Durchsuchte Objekte: 241873
Laufzeit: 52 minute(s), 20 second(s)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 7

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
C:\Users\Home\AppData\Local\Temp\wscsvc32.exe (Trojan.FakeAlert) -> No action taken.
C:\Users\Home\AppData\Local\Temp\Installer.exe (Trojan.FakeAlert) -> No action taken.
C:\Users\Home\AppData\Local\Temp\settdebugx.exe (Rogue.Installer) -> No action taken.
J:\Programme ee\registrycleanerdoktor.exe (Rogue.RegistryDoctor) -> No action taken.
J:\Programme ee\Neuer Ordner\8-neo-l\Nero 8.3.6.0\Keygens\EMBRACE\keygen.exe (Trojan.Agent) -> No action taken.
J:\Programme ee\Neuer Ordner\DivX_6_Pro_Ver._6.8.4.5\DivX 6 Pro Ver. 6.8.4.5 (Key-Generator).exe (Trojan.Agent) -> No action taken.
C:\Windows\System32\krl32mainweq.dll (Trojan.DNSChanger) -> No action taken.
    und hier mein Hijackthis scan:
    Code:
    Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:16:41, on 28.01.2010
Platform: Windows Vista  (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16386)
Boot mode: Normal

Running processes:
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Lexmark X1100 Series\LXBKbmgr.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [lxbkbmgr.exe] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST')
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O13 - Gopher Prefix: 
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: lxbk_device -   - C:\Windows\system32\lxbkcoms.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

--
End of file - 4709 bytes
    hier noch ein Scean mit OTL

    Extra.Txt
    Code:
    OTL Extras logfile created on: 28.01.2010 20:27:25 - Run 1
OTL by OldTimer - Version 3.1.27.0     Folder = C:\Users\Home\Desktop
Windows Vista Home Premium Edition  (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16386)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1.022,00 Mb Total Physical Memory | 491,00 Mb Available Physical Memory | 48,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 64,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 24,42 Gb Total Space | 4,74 Gb Free Space | 19,42% Space Free | Partition Type: NTFS
Drive D: | 208,46 Gb Total Space | 62,54 Gb Free Space | 30,00% Space Free | Partition Type: NTFS
Drive E: | 232,88 Gb Total Space | 232,79 Gb Free Space | 99,96% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
Drive G: | 1,90 Gb Total Space | 1,08 Gb Free Space | 56,85% Space Free | Partition Type: FAT
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive J: | 465,65 Gb Total Space | 192,30 Gb Free Space | 41,30% Space Free | Partition Type: FAT32
 
Computer Name: HOME-PC
Current User Name: Home
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01FF68AB-1E55-4625-A023-7DF69D7BCB94}" = rport=445 | protocol=6 | dir=out | app=system | 
"{17BB12CE-0480-4BF7-8AE4-9CC89451E4C9}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
"{1A5DBFB8-EA24-488D-99AD-77A9FA3702B5}" = rport=137 | protocol=17 | dir=out | app=system | 
"{3175F8AF-8B46-4F81-9DA4-7B8985A33640}" = rport=139 | protocol=6 | dir=out | app=system | 
"{3C8D38FD-EE90-458C-9DAC-E3C6BF68CCEA}" = lport=137 | protocol=17 | dir=in | app=system | 
"{3CDF350E-CF8C-4611-B6E9-B0D456468D7C}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{78C0B6F0-BD37-4641-8A63-E65F1045A6A3}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{9399F46B-4327-475B-B814-C0FBA52162FF}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{A20B3104-E1D8-4CCC-B596-6855295A9D92}" = lport=139 | protocol=6 | dir=in | app=system | 
"{D6F796E8-B3AE-40A0-945B-8C59922CBDB2}" = rport=138 | protocol=17 | dir=out | app=system | 
"{DBD0242D-BF65-4FF2-9DBF-5F5DCC641524}" = lport=445 | protocol=6 | dir=in | app=system | 
"{DF748018-0700-47C3-AF1C-AC09F69D99F6}" = lport=138 | protocol=17 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1CC63931-0A2E-4336-9C68-897F201E2C11}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{2542BDE0-9945-4185-AC89-59069C4E81E7}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxbkpswx.exe | 
"{2AAF0E3A-3843-4323-B2E5-4E4339F0AD86}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{4468ECFF-3590-4DBA-B91A-C2A54615C48E}" = protocol=58 | dir=out | app=system | 
"{4633FAA6-3BB7-4490-8FC4-61CD5B308C09}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | 
"{4A4A430B-50D8-4E80-BF4C-B7A084494485}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{6CA47779-B832-4D5D-95C0-F0FD0E42614F}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 
"{7A5FECF3-1F62-4711-AD7F-CA0E43D82CE4}" = protocol=58 | dir=out | app=system | 
"{8C1D29B6-88C2-4CE1-82D7-BC2F2A69C2DD}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{8F601688-BED3-42D7-8523-3AC3561D19F3}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{96EAAD0A-2B7F-44D8-A7C9-E41946D6F415}" = protocol=6 | dir=in | app=c:\windows\system32\lxbkcoms.exe | 
"{98DD87A5-D4F5-41D0-B6D1-3C5D3C50B2C9}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{AB5B0225-FD60-4F75-BCD2-4BCDAA03E9EC}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxbkpswx.exe | 
"{B32EEB80-EE7C-4BA5-B3E1-C8B27842DE57}" = protocol=17 | dir=in | app=c:\windows\system32\lxbkcoms.exe | 
"{DB8CE9C8-E4BC-4997-85A4-30DF0DD790DF}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{FFEE790E-C919-471E-95AC-A74F68BD6F50}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"TCP Query User{98D53990-E9E2-4979-95A8-0486557387B7}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe | 
"TCP Query User{9A1EA90D-D3F8-4B74-9A48-CC1F7B88B1F6}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | 
"TCP Query User{A6B609D9-0611-401A-94FF-1663C9F70A93}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"TCP Query User{A6FABDFF-FFAD-4C6B-BD9F-28A4099F4923}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe | 
"TCP Query User{B03FC2F3-4659-489C-BACA-16756DAD6E05}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe | 
"UDP Query User{0D7BC04D-4EEC-4E92-A47A-A60B7BB69F48}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | 
"UDP Query User{14F769D2-7684-4587-A0BA-AE84D3882483}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe | 
"UDP Query User{5D624430-FCA2-4BE5-A6B8-1400521BCCB5}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"UDP Query User{9ABB994B-7666-4369-B426-8E7699C6FB2F}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe | 
"UDP Query User{B47D192E-AB4A-4557-9B52-4C76A1A5A879}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{1744f9bd-714f-4054-8257-a7f501a4ccd8}" = Nero 9 Essentials
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1E9FF55F-6FFE-4502-9EAF-23EC215007EF}" = TVsweeper
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 15
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{3AF8FCCD-F51A-4014-9002-F195E1CBC876}" = Logitech QuickCam
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{4D43D635-6FDA-4fa5-AA9B-23CF73D058EA}" = Nero StartSmart OEM
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{53735ECE-E461-4FD0-B742-23A352436D3A}" = Logitech Updater
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{90850407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AC76BA86-7AD7-1031-7B44-A92000000001}" = Adobe Reader 9.2 - Deutsch
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}" = Nokia Connectivity Cable Driver
"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}" = Full Tilt Poker
"{dba84796-8503-4ff0-af57-1747dd9a166d}" = Nero Online Upgrade
"{E1BBBAC5-2857-4155-82A6-54492CE88620}" = Opera 9.64
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"HijackThis" = HijackThis 2.0.2
"Lexmark X1100 Series" = Lexmark X1100 Series
"lvdrivers_11.80" = Logitech QuickCam-Treiberpaket
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.5.7)" = Mozilla Firefox (3.5.7)
"Mp3tag" = Mp3tag v2.40
"RealPlayer 12.0" = RealPlayer
"SopCast" = SopCast 3.0.3
"Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions
"VLC media player" = VLC media player 1.0.1
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"X10Hardware" = X10 Hardware(TM)
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 04.01.2010 15:19:47 | Computer Name = Home-PC | Source = System Restore | ID = 8193
Description = 
 
Error - 04.01.2010 15:26:43 | Computer Name = Home-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung MSASCui.exe, Version 1.1.1505.0, Zeitstempel
 0x45ad82d9, fehlerhaftes Modul ntdll.dll, Version 6.0.6000.16386, Zeitstempel 0x4549bdc9,
 Ausnahmecode 0x80000003, Fehleroffset 0x00008fc7,  Prozess-ID 0x564, Anwendungsstartzeit
 01ca8d73ba8b3a62.
 
Error - 04.01.2010 15:54:28 | Computer Name = Home-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung mbam.exe, Version 1.43.0.0, Zeitstempel 0x4b3bba31,
 fehlerhaftes Modul mbam.exe, Version 1.43.0.0, Zeitstempel 0x4b3bba31, Ausnahmecode
 0x80000003, Fehleroffset 0x00003114,  Prozess-ID 0x79c, Anwendungsstartzeit 01ca8d77b8d9a4e7.
 
Error - 04.01.2010 16:01:10 | Computer Name = Home-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung Opera.exe, Version 9.64.10487.0, Zeitstempel
 0x49a6659c, fehlerhaftes Modul PCTLsp.dll_unloaded, Version 0.0.0.0, Zeitstempel
 0x4a67a8e7, Ausnahmecode 0xc0000005, Fehleroffset 0x026712b0,  Prozess-ID 0xa24, 
Anwendungsstartzeit 01ca8d73f3aea7ab.
 
Error - 04.01.2010 16:20:45 | Computer Name = Home-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung MSASCui.exe, Version 1.1.1505.0, Zeitstempel
 0x45ad82d9, fehlerhaftes Modul MpClient.dll, Version 1.1.1505.0, Zeitstempel 0x45ad8fe2,
 Ausnahmecode 0x80000003, Fehleroffset 0x00013b34,  Prozess-ID 0x6f0, Anwendungsstartzeit
 01ca8d7b5cf22101.
 
Error - 04.01.2010 16:20:49 | Computer Name = Home-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung MSASCui.exe, Version 1.1.1505.0, Zeitstempel
 0x45ad82d9, fehlerhaftes Modul MSASCui.exe, Version 1.1.1505.0, Zeitstempel 0x45ad82d9,
 Ausnahmecode 0x80000003, Fehleroffset 0x00062b27,  Prozess-ID 0x6f0, Anwendungsstartzeit
 01ca8d7b5cf22101.
 
Error - 09.01.2010 11:56:08 | Computer Name = Home-PC | Source = ESENT | ID = 215
Description = wlcomm (1352) C:\Users\Home\AppData\Local\Microsoft\Windows Live Contacts\{fe9c9982-381e-415f-abef-5df10c5116d0}\:
 The backup has been stopped because it was halted by the client or the connection
 with the client failed.
 
Error - 16.01.2010 20:00:26 | Computer Name = Home-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung msnmsgr.exe, Version 14.0.8089.726, Zeitstempel
 0x4a6ce533, fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel 0x00000000,
 Ausnahmecode 0xc0000005, Fehleroffset 0x00000000,  Prozess-ID 0x484, Anwendungsstartzeit
 01ca96f2798fe133.
 
Error - 22.01.2010 14:09:50 | Computer Name = Home-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung Opera.exe, Version 9.64.10487.0, Zeitstempel
 0x49a6659c, fehlerhaftes Modul Multimedia.api, Version 9.2.0.124, Zeitstempel 0x4ac71df2,
 Ausnahmecode 0xc0000005, Fehleroffset 0x00042f8b,  Prozess-ID 0x61c, Anwendungsstartzeit
 01ca9b8440c445f7.
 
Error - 28.01.2010 10:21:51 | Computer Name = Home-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung av.exe, Version 0.0.0.0, Zeitstempel 0x4984e258,
 fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel 0x00000000, Ausnahmecode
 0xc0000005, Fehleroffset 0x005153a9,  Prozess-ID 0x10ec, Anwendungsstartzeit 01caa025374dd80e.
 
[ System Events ]
Error - 29.08.2009 12:19:09 | Computer Name = Home-PC | Source = Microsoft-Windows-Servicing | ID = 4385
Description = 
 
Error - 29.08.2009 12:19:09 | Computer Name = Home-PC | Source = Microsoft-Windows-Servicing | ID = 4385
Description = 
 
Error - 29.08.2009 12:19:09 | Computer Name = Home-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description = 
 
Error - 29.08.2009 12:19:09 | Computer Name = Home-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description = 
 
Error - 29.08.2009 12:19:09 | Computer Name = Home-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description = 
 
Error - 29.08.2009 12:19:09 | Computer Name = Home-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description = 
 
Error - 29.08.2009 12:19:09 | Computer Name = Home-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description = 
 
Error - 29.08.2009 12:19:09 | Computer Name = Home-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description = 
 
Error - 29.08.2009 12:19:09 | Computer Name = Home-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description = 
 
Error - 29.08.2009 12:19:09 | Computer Name = Home-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description = 
 
 
< End of report >
    OTL.Txt

    Code:
    OTL logfile created on: 28.01.2010 20:27:25 - Run 1
OTL by OldTimer - Version 3.1.27.0     Folder = C:\Users\Home\Desktop
Windows Vista Home Premium Edition  (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16386)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1.022,00 Mb Total Physical Memory | 491,00 Mb Available Physical Memory | 48,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 64,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 24,42 Gb Total Space | 4,74 Gb Free Space | 19,42% Space Free | Partition Type: NTFS
Drive D: | 208,46 Gb Total Space | 62,54 Gb Free Space | 30,00% Space Free | Partition Type: NTFS
Drive E: | 232,88 Gb Total Space | 232,79 Gb Free Space | 99,96% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
Drive G: | 1,90 Gb Total Space | 1,08 Gb Free Space | 56,85% Space Free | Partition Type: FAT
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive J: | 465,65 Gb Total Space | 192,30 Gb Free Space | 41,30% Space Free | Partition Type: FAT32
 
Computer Name: HOME-PC
Current User Name: Home
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Home\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
PRC - C:\Programme\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Programme\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Programme\Opera\opera.exe (Opera Software)
PRC - C:\Programme\Logitech\QuickCam\Quickcam.exe ()
PRC - C:\Programme\Common Files\LogiShrd\LComMgr\Communications_Helper.exe ()
PRC - C:\Programme\Common Files\LogiShrd\LQCVFX\COCIManager.exe (Logitech Inc.)
PRC - C:\Programme\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
PRC - C:\Programme\Common Files\LogiShrd\LVCOMSER\LVComSer.exe (Logitech Inc.)
PRC - C:\Programme\Lexmark X1100 Series\LXBKbmgr.exe (Lexmark International, Inc.)
PRC - C:\Programme\Lexmark X1100 Series\LXBKbmon.exe (Lexmark International, Inc.)
PRC - C:\Windows\System32\lxbkcoms.exe ( )
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\Windows\System32\WUDFHost.exe (Microsoft Corporation)
PRC - C:\Windows\System32\audiodg.exe (Microsoft Corporation)
PRC - C:\Programme\Common Files\X10\Common\X10nets.exe (X10)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Home\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16782_none_9ea1072ec96e0be7\GdiPlus.dll (Microsoft Corporation)
MOD - C:\Windows\Temp\logishrd\LVPrcInj02.dll (Logitech Inc.)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (Nero BackItUp Scheduler 4.0) -- C:\Programme\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (LVPrcSrv) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
SRV - (LVCOMSer) -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe (Logitech Inc.)
SRV - (lxbk_device) -- C:\Windows\System32\lxbkcoms.exe ( )
SRV - (ehstart) -- C:\Windows\ehome\ehstart.dll (Microsoft Corporation)
SRV - (ose) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (x10nets) -- C:\Programme\Common Files\X10\Common\X10nets.exe (X10)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (LVUSBSta) -- C:\Windows\System32\drivers\LVUSBSta.sys (Logitech Inc.)
DRV - (LVRS) -- C:\Windows\System32\drivers\lvrs.sys (Logitech Inc.)
DRV - (PID_PEPI) Logitech QuickCam IM(PID_PEPI) -- C:\Windows\System32\drivers\LV302V32.SYS (Logitech Inc.)
DRV - (pepifilter) -- C:\Windows\System32\drivers\lv302af.sys (Logitech Inc.)
DRV - (LVPr2Mon) -- C:\Windows\System32\drivers\LVPr2Mon.sys ()
DRV - (upperdev) -- C:\Windows\System32\drivers\usbser_lowerflt.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia)
DRV - (HdAudAddService) -- C:\Windows\System32\drivers\viahduaa.sys (VIA Technologies, Inc.)
DRV - (X10Hid) -- C:\Windows\System32\drivers\x10hid.sys (X10 Wireless Technology, Inc.)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (usbser) -- C:\Windows\System32\drivers\usbser.sys (Microsoft Corporation)
DRV - (usbaudio) USB-Audiotreiber (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (R300) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (FETNDIS) -- C:\Windows\System32\drivers\fetnd5.sys (VIA Technologies, Inc.              )
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (secdrv) -- C:\Windows\System32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
 
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaulturl: "http://search.live.com/results.aspx?FORM=IEFM1&q="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.studivz.net/Start"
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_results.php?ch_id=afex&q="
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.01.17 22:00:02 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.01.07 16:28:00 | 00,000,000 | ---D | M]
 
[2009.04.16 16:17:22 | 00,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\mozilla\Extensions
[2009.04.16 20:43:47 | 00,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\mozilla\Firefox\Profiles\xrf6ihlz.default\extensions
[2010.01.25 18:50:20 | 00,000,961 | ---- | M] () -- C:\Users\Home\AppData\Roaming\Mozilla\FireFox\Profiles\xrf6ihlz.default\searchplugins\icqplugin-1.xml
[2009.08.06 01:11:46 | 00,000,950 | ---- | M] () -- C:\Users\Home\AppData\Roaming\Mozilla\FireFox\Profiles\xrf6ihlz.default\searchplugins\icqplugin-2.xml
[2009.07.20 20:36:37 | 00,000,950 | ---- | M] () -- C:\Users\Home\AppData\Roaming\Mozilla\FireFox\Profiles\xrf6ihlz.default\searchplugins\icqplugin.xml
[2009.04.16 20:43:16 | 00,001,632 | ---- | M] () -- C:\Users\Home\AppData\Roaming\Mozilla\FireFox\Profiles\xrf6ihlz.default\searchplugins\live-search.xml
[2010.01.28 16:29:51 | 00,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2009.08.31 19:25:16 | 00,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2009.08.31 19:25:16 | 00,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2009.08.31 19:25:16 | 00,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2009.09.12 16:59:35 | 00,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2009.08.31 19:25:16 | 00,000,801 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 22:41:30 | 00,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe ()
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\QuickCam\Quickcam.exe ()
O4 - HKLM..\Run: [lxbkbmgr.exe] C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe (Lexmark International, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 81.173.194.77 194.8.194.60
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Home\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Home\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\L\Shell - "" = AutoRun
O33 - MountPoints2\L\Shell\AutoRun\command - "" = L:\Enterprise_Launcher.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.01.28 20:21:58 | 00,548,864 | ---- | C] (OldTimer Tools) -- C:\Users\Home\Desktop\OTL.exe
[2010.01.28 15:27:50 | 00,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\ScanSpyware
[2010.01.28 15:27:49 | 00,000,000 | ---D | C] -- C:\Programme\ScanSpyware
[2010.01.27 20:22:59 | 00,000,000 | ---D | C] -- C:\Users\Home\Desktop\Neuer Ordner (3)
[2010.01.27 20:02:08 | 00,000,000 | ---D | C] -- C:\Users\Home\Desktop\Neuer Ordner (2)
[2010.01.27 18:58:24 | 00,000,000 | ---D | C] -- C:\Users\Home\Desktop\Neuer Ordner
[2010.01.24 17:55:24 | 00,000,000 | ---D | C] -- C:\Users\Home\Desktop\doudou
[2010.01.21 12:59:47 | 00,000,000 | ---D | C] -- C:\Programme\Microsoft Office
[2010.01.21 12:59:08 | 00,000,000 | ---D | C] -- C:\Programme\MSECache
[2010.01.04 21:56:16 | 00,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\Malwarebytes
[2010.01.04 20:19:04 | 00,195,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010.01.04 20:18:21 | 00,000,000 | ---D | C] -- C:\Programme\MSXML 4.0
[2010.01.04 20:17:51 | 00,604,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL
[2010.01.04 19:59:19 | 00,000,000 | ---D | C] -- C:\Programme\Enigma Software Group
[2010.01.04 19:55:18 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.01.04 19:55:15 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.01.04 17:51:15 | 00,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.01.04 17:51:15 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.01.04 17:07:15 | 00,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\Uniblue
[2010.01.04 16:27:01 | 00,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2009.06.16 15:00:07 | 00,991,232 | ---- | C] ( ) -- C:\Windows\System32\lxbkusb1.dll
[2009.06.16 15:00:07 | 00,413,696 | ---- | C] ( ) -- C:\Windows\System32\lxbkinpa.dll
[2009.06.16 15:00:07 | 00,397,312 | ---- | C] ( ) -- C:\Windows\System32\lxbkiesc.dll
[2009.06.16 15:00:07 | 00,323,584 | ---- | C] ( ) -- C:\Windows\System32\LXBKhcp.dll
[2009.06.16 15:00:06 | 01,224,704 | ---- | C] ( ) -- C:\Windows\System32\lxbkserv.dll
[2009.06.16 15:00:06 | 00,643,072 | ---- | C] ( ) -- C:\Windows\System32\lxbkpmui.dll
[2009.06.16 15:00:06 | 00,585,728 | ---- | C] ( ) -- C:\Windows\System32\lxbklmpm.dll
[2009.06.16 15:00:06 | 00,163,840 | ---- | C] ( ) -- C:\Windows\System32\lxbkprox.dll
[2009.06.16 15:00:06 | 00,094,208 | ---- | C] ( ) -- C:\Windows\System32\lxbkpplc.dll
[2009.06.16 15:00:05 | 00,696,320 | ---- | C] ( ) -- C:\Windows\System32\lxbkhbn3.dll
[2009.06.16 15:00:04 | 00,684,032 | ---- | C] ( ) -- C:\Windows\System32\lxbkcomc.dll
[2009.06.16 15:00:04 | 00,421,888 | ---- | C] ( ) -- C:\Windows\System32\lxbkcomm.dll
 
========== Files - Modified Within 30 Days ==========
 
[2010.01.28 20:27:15 | 02,359,296 | -HS- | M] () -- C:\Users\Home\ntuser.dat
[2010.01.28 20:21:58 | 00,548,864 | ---- | M] (OldTimer Tools) -- C:\Users\Home\Desktop\OTL.exe
[2010.01.28 19:32:55 | 00,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.01.28 19:32:55 | 00,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.01.28 19:32:52 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.01.28 19:32:48 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.01.28 19:32:45 | 10,721,60768 | -HS- | M] () -- C:\hiberfil.sys
[2010.01.28 19:31:26 | 03,141,741 | -H-- | M] () -- C:\Users\Home\AppData\Local\IconCache.db
[2010.01.28 19:06:30 | 01,872,472 | ---- | M] () -- C:\Users\Home\Desktop\SmitfraudFix.exe
[2010.01.28 16:23:58 | 00,235,520 | ---- | M] () -- C:\Users\Home\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.01.28 16:05:17 | 00,000,000 | -H-- | M] () -- C:\Users\Home\Documents\Default.rdp
[2010.01.28 15:16:45 | 00,049,368 | ---- | M] () -- C:\Users\Home\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.01.28 15:16:35 | 00,008,850 | -HS- | M] () -- C:\Users\Home\AppData\Local\HdBV4yMQ7OM5k
[2010.01.28 01:28:52 | 00,001,361 | ---- | M] () -- C:\Users\Home\Desktop\movies.rtf
[2010.01.21 14:00:13 | 01,461,736 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.01.21 14:00:13 | 00,641,106 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.01.21 14:00:13 | 00,609,944 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.01.21 14:00:13 | 00,116,500 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.01.21 14:00:13 | 00,103,726 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.01.21 13:57:11 | 00,001,315 | ---- | M] () -- C:\Users\Home\Desktop\Lebenslauf Ramona.rtf
[2010.01.21 13:55:33 | 00,000,317 | ---- | M] () -- C:\Windows\Lexstat.ini
[2010.01.19 16:10:27 | 14,004,4668 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010.01.18 20:26:05 | 00,000,510 | ---- | M] () -- C:\Windows\WORDPAD.INI
[2010.01.18 19:50:53 | 00,000,430 | ---- | M] () -- C:\Users\Home\Desktop\gangstar.rtf
[2010.01.14 20:51:57 | 00,000,262 | ---- | M] () -- C:\Users\Home\Desktop\lustig.rtf
[2010.01.11 19:34:52 | 00,000,168 | ---- | M] () -- C:\Users\Home\Desktop\doplet.rtf
[2010.01.09 20:09:44 | 00,000,424 | ---- | M] () -- C:\Users\Home\Desktop\fans.rtf
[2010.01.07 22:57:35 | 00,000,025 | ---- | M] () -- C:\Windows\cdplayer.ini
[2010.01.07 16:07:14 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.01.07 16:07:04 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.01.06 18:09:08 | 00,000,008 | ---- | M] () -- C:\ProgramData\sysReserve.ini
[2010.01.04 23:23:28 | 00,000,437 | ---- | M] () -- C:\Users\Home\Desktop\dd.rtf
[2010.01.04 21:16:43 | 00,000,202 | ---- | M] () -- C:\Windows\System32\srcr.dat
[2010.01.04 20:17:51 | 00,604,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL
[2010.01.04 17:36:59 | 00,004,853 | ---- | M] () -- C:\Users\Home\Desktop\aaaaaa.rtf
[2010.01.04 12:14:36 | 00,000,860 | ---- | M] () -- C:\Windows\System32\krl32mainweq.dll
 
========== Files Created - No Company Name ==========
 
[2010.01.28 19:05:53 | 01,872,472 | ---- | C] () -- C:\Users\Home\Desktop\SmitfraudFix.exe
[2010.01.28 16:05:17 | 00,000,000 | -H-- | C] () -- C:\Users\Home\Documents\Default.rdp
[2010.01.28 01:26:51 | 00,008,850 | -HS- | C] () -- C:\Users\Home\AppData\Local\HdBV4yMQ7OM5k
[2010.01.21 13:57:11 | 00,001,315 | ---- | C] () -- C:\Users\Home\Desktop\Lebenslauf Ramona.rtf
[2010.01.14 20:51:57 | 00,000,262 | ---- | C] () -- C:\Users\Home\Desktop\lustig.rtf
[2010.01.11 19:34:52 | 00,000,168 | ---- | C] () -- C:\Users\Home\Desktop\doplet.rtf
[2010.01.07 22:57:35 | 00,000,025 | ---- | C] () -- C:\Windows\cdplayer.ini
[2010.01.04 19:37:48 | 10,721,60768 | -HS- | C] () -- C:\hiberfil.sys
[2010.01.04 17:36:59 | 00,004,853 | ---- | C] () -- C:\Users\Home\Desktop\aaaaaa.rtf
[2010.01.04 16:51:57 | 00,000,437 | ---- | C] () -- C:\Users\Home\Desktop\dd.rtf
[2010.01.04 12:14:36 | 00,000,860 | ---- | C] () -- C:\Windows\System32\krl32mainweq.dll
[2010.01.04 12:13:25 | 00,000,202 | ---- | C] () -- C:\Windows\System32\srcr.dat
[2010.01.04 12:11:59 | 00,000,008 | ---- | C] () -- C:\ProgramData\sysReserve.ini
[2009.07.31 20:01:30 | 00,000,067 | ---- | C] () -- C:\Windows\AVIConverter.INI
[2009.06.19 18:47:16 | 00,066,482 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2009.06.16 15:00:07 | 00,413,696 | ---- | C] () -- C:\Windows\System32\lxbkutil.dll
[2009.06.16 15:00:07 | 00,274,432 | ---- | C] () -- C:\Windows\System32\LXBKinst.dll
[2009.06.16 13:42:18 | 00,000,317 | ---- | C] () -- C:\Windows\Lexstat.ini
[2009.06.15 22:31:17 | 00,000,510 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2009.04.17 15:16:08 | 00,235,520 | ---- | C] () -- C:\Users\Home\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.07.26 07:25:02 | 00,025,624 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys
[2007.02.07 16:57:50 | 00,039,899 | ---- | C] () -- C:\Windows\System32\rtsicis.ini
[2007.01.22 07:49:34 | 00,344,064 | ---- | C] () -- C:\Windows\System32\lxbkcoin.dll
[2006.12.21 14:18:00 | 00,497,496 | ---- | C] () -- C:\Windows\System32\XceedZip.dll
[2006.11.02 13:35:32 | 00,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 11:25:44 | 00,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006.11.02 08:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.09.11 10:53:00 | 00,276,352 | ---- | C] () -- C:\Windows\System32\XceedSco.dll
[2005.10.05 11:19:32 | 00,040,960 | ---- | C] () -- C:\Windows\System32\lxbkvs.dll
[2005.09.13 15:27:10 | 00,061,440 | ---- | C] () -- C:\Windows\System32\lxbkcnv5.dll
[2005.09.13 15:27:10 | 00,061,440 | ---- | C] () -- C:\Windows\System32\lxbkcnv4.dll
[2004.12.07 09:11:00 | 00,258,352 | ---- | C] () -- C:\Windows\System32\unicows.dll
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 142 bytes -> C:\Windows\System32:pctlsp.log
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:7E95B6FD
< End of report >
    Ich bedanke mich schonmal vielmals für eure unterstützung !!!!!!!!
    Angehängte Dateien Angehängte Dateien
    Geändert von Joker85 (28.01.2010 um 19:31 Uhr)
  2. 28.01.2010, 23:00 #2
    kira
    kira ist offline
    Moderator Team-Mitglied Avatar von kira
    Registriert seit
    28.03.2006
    Ort
    Wien/Sprachen: Deutsch-Ungarisch
    Beiträge
    28.334

    AW: Trojan.Fake.Alert, DNSChanger...Trojan.Agent

    hi

    Code:
    J:\Programme ee\Neuer Ordner\8-neo-l\Nero 8.3.6.0\Keygens\EMBRACE\keygen.exe 
J:\Programme ee\Neuer Ordner\DivX_6_Pro_Ver._6.8.4.5\DivX 6 Pro Ver. 6.8.4.5 (Key-Generator).exe
    Eine Infizierung kann auf unterschiedlichen Arten erfolgen:
    z.B. wenn man in einer P2P-Börse und/oder Warez Seite Dateien/Programme runterläd, von einem bekannten von USB stick installiert oder per Mail geschickt bekommt, einem Serienkey-Generator (Keymaker), eine unrechtmäßig generierte Seriennummer etc verwendet - (`Kostenpflichtige Software zu benützen ohne dafür zu bezahlen`)
    Denn die die angebotenen Programme und Dateien enthalten Backdoor und Rootkit und nach dem Download so sehr tief und perfekt ins System eingebaut sind, so dass man praktisch nicht mehr herauszubekommen, bzw. dieses Problem nur durch eine Neuinstallation 100%ig lösen kann.
    Weil dieses `selbstzerrstörerischem Verhalten` illegal ist und verstößt gegen das Gesetz, wir dürfen Dir nicht weiter helfen. Daher, aus diesem Grund sehen wir uns gezwungen den Thread zu schließen
    Kurz zusammengefast: Du musst dein System einfach neu aufspielen!
    Aber wenigstens hast Du dann nach einer Neuinstallation wieder ein sauberes System und hoffentlich hast Du was draus gelernt und in Zukunft lässt die Finger von...
    Warnung vor Crackprogrammen und Keygeneratoren
    Sinn & Zweck der Sache - Viren Trojaner Würmer:
    Ein Wurm, der fast als "guter Wurm" bezeichnet werden kann, zieht durch
    das Netz und verbeitet sich über die File-Sharing Netzwerke BearShare, KaZaA
    eMule & Co
    Der Wurm besitzt unzählige verschiedene Namen bekannter Cracks oder
    Keygeneratoren zur illegalen Benutzung von kommerzieller Software. Wer gezielt
    nach solchen Dateien sucht, könnte also durchaus auch auf eine Wurmkopie
    treffen.
    Warnung!:
    Vorsicht beim Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einen Verschlüsselungs-Trojaner infiziert sein!
    Anhang nicht öffnen, in unserem Forum erst nachfragen!
    Bitte diese Warnung weitergeben, wo Du nur kannst!
    Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten!
    Bitte diese Warnung weitergeben, wo Du nur kannst!
« Vorheriges Thema | Nächstes Thema »

Aktive Benutzer

Aktive Benutzer

Aktive Benutzer in diesem Thema: 1 (Registrierte Benutzer: 0, Gäste: 1)

Ähnliche Themen

  1. Trojan.fake.alert
    Von Black_Jack im Forum Archiv
    Antworten: 7
    Letzter Beitrag: 30.12.2009, 19:56
  2. Help with log (trojan.vundo, Trojan.BHO.H, Trojan.Agent)
    Von bb4life im Forum English-Help
    Antworten: 13
    Letzter Beitrag: 02.01.2009, 23:00
  3. a-squared fund: trojan.agent!ik, sms-flooder.win32.lanmen!IK, trojan.win32.Jhee.V!IK
    Von tom macaroni im Forum Archiv
    Antworten: 3
    Letzter Beitrag: 24.12.2008, 18:37
  4. A fake trojan? Antivirus XP & the elusive .ttX.tmp.VBS script...
    Von dice_for_death_ im Forum English-Help
    Antworten: 1
    Letzter Beitrag: 20.08.2008, 01:43
  5. win32.trojan.dnschanger
    Von Warrioroflight im Forum Archiv
    Antworten: 9
    Letzter Beitrag: 03.02.2007, 13:14

Berechtigungen

  • Neue Themen erstellen: Nein
  • Themen beantworten: Nein
  • Anhänge hochladen: Nein
  • Beiträge bearbeiten: Nein
  •  

Foren-Regeln