Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Java_bytever.bj ????

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 06.09.2008, 23:05   #1
godsilla
 
Java_bytever.bj ???? - Icon23

Java_bytever.bj ????



Halli Hallo,

Um es auf den Punkt zu bringen mein Pc ist verseucht bis zum geht nicht mehr.Internet seiten starten sich von alleine und unten rechts oeffnet sich andauert ein gelbes Fenster wo drin steht Das mein Pc mit Spyware und Malware versucht bin, und hir ein Programm runterladen soll um sie zu loeschen. Also ich denke mal das, das der Virus ist?!
Ich habe auch mal mein Antivirus das ich habe ( Trend Micro Pc-chilln) durchlaufen lassen. Es hat 17 Sachen gefunden.

JAVA_BYTEVER.BJ
JAVA_BYTEVER.DL
JAVA_BYTEVER.DK
JAVA_BYTEVER.BK
---
JAVA_BYTEVER.BJ
JAVA_BYTEVER.DL
JAVA_BYTEVER.DK
JAVA_BYTEVER.BK
---
Possible_SCRDL
Possible_SCRDL
Possible_SCRDL
Possible_SCRDL
Possible_SCRDL
Possible_SCRDL
TROJ_AGENT.AGER
TROJ_AGENT.AGER
TROJ_DLOADER.OCD


Das ist was er gefunden hatte. Ich habe es probiert zu loeschen aber funktioniert hat es nicht. Kann mir villeicht jemand weiter helfen? Ich weis echt nicht mehr weiter.

mfg

Alt 06.09.2008, 23:07   #2
Silent sharK
 

Java_bytever.bj ???? - Standard

Java_bytever.bj ????



Hi,
du könntest die Pfade zu den Funden angeben oder noch besser den ganzen Report von Trend Micro posten.
Nebenbei auch ein regelkonformes HijackThis Logfile.
__________________

__________________

Alt 06.09.2008, 23:30   #3
godsilla
 
Java_bytever.bj ???? - Standard

Java_bytever.bj ????



hi,

Hir ist der Logfile fuer Trend Mirco. Warum der solange ist weis ich nicht. Meines wissens hat er nur 17 gefunden naja.

"Virus Scan Logs","2008/09/06","***-EAC181B4"
"Time","Security Feature","Source Type","Virus Name","File Name","First Action","Second Action"
"00:01","File Monitor","File","PAK_Generic.001","C:\Documents and Settings\***\Local Settings\Temporary Internet Files\Content.IE5\4HQVW1ER\test2[1].exe","Quarantine Success",""
"00:01","File Monitor","File","TROJ_MONDERB.AF","C:\WINDOWS\system32\yaywwVLf.dll","Quarantine Success",""
"00:02","File Monitor","File","TROJ_DLOADER.OCD","C:\Documents and Settings\***\Local Settings\Temporary Internet Files\Content.IE5\0LQB01IN\tmp[1].exe","Quarantine Success",""
"00:02","File Monitor","File","TROJ_DLOADER.OCD","C:\Documents and Settings\***\Cookies\ltmxn.exe","Quarantine Success",""
"00:02","File Monitor","File","TROJ_AGENT.AGER","C:\Documents and Settings\***\Local Settings\Temporary Internet Files\Content.IE5\V10GTVVD\554[1].exe","Quarantine Success",""
"00:02","File Monitor","File","TROJ_AGENT.AGER","C:\Documents and Settings\***\Cookies\nujjl.exe","Quarantine Success",""
"00:16","File Monitor","File","PAK_Generic.001","C:\Documents and Settings\***\Local Settings\Temporary Internet Files\Content.IE5\0LQB01IN\test2[1].exe","Quarantine Success",""
"00:16","File Monitor","File","TROJ_MONDERB.AF","C:\WINDOWS\system32\fccBsSij.dll","Quarantine Success",""
"00:17","File Monitor","File","TROJ_DLOADER.OCD","C:\Documents and Settings\***\Local Settings\Temporary Internet Files\Content.IE5\4HQVW1ER\tmp[1].exe","Quarantine Success",""
"00:17","File Monitor","File","TROJ_DLOADER.OCD","C:\Documents and Settings\***\Cookies\mldpe.exe","Quarantine Success",""
"00:17","File Monitor","File","TROJ_AGENT.AGER","C:\Documents and Settings\***\Local Settings\Temporary Internet Files\Content.IE5\0LQB01IN\554[1].exe","Quarantine Success",""
"00:17","File Monitor","File","TROJ_AGENT.AGER","C:\Documents and Settings\***\Cookies\zlwco.exe","Quarantine Success",""
"00:31","File Monitor","File","PAK_Generic.001","C:\Documents and Settings\***\Local Settings\Temporary Internet Files\Content.IE5\V10GTVVD\test2[1].exe","Quarantine Success",""
"00:31","File Monitor","File","TROJ_MONDERB.AF","C:\WINDOWS\system32\pmnlkLFy.dll","Quarantine Success",""
"00:32","File Monitor","File","TROJ_DLOADER.OCD","C:\Documents and Settings\***\Local Settings\Temporary Internet Files\Content.IE5\0LQB01IN\tmp[1].exe","Quarantine Success",""
"00:32","File Monitor","File","TROJ_DLOADER.OCD","C:\Documents and Settings\***\Cookies\pxcuo.exe","Quarantine Success",""
"00:32","File Monitor","File","TROJ_AGENT.AGER","C:\Documents and Settings\***\Local Settings\Temporary Internet Files\Content.IE5\4HQVW1ER\554[1].exe","Quarantine Success",""
"00:32","File Monitor","File","TROJ_AGENT.AGER","C:\Documents and Settings\***\Cookies\rbibl.exe","Quarantine Success",""
"10:46","File Monitor","File","PAK_Generic.001","C:\Documents and Settings\***\Local Settings\Temporary Internet Files\Content.IE5\CJGJ6N0Z\test2[1].exe","Quarantine Success",""
"10:46","File Monitor","File","TROJ_DLOADER.OCD","C:\Documents and Settings\***\Local Settings\Temporary Internet Files\Content.IE5\V10GTVVD\tmp[1].exe","Quarantine Success",""
"10:46","File Monitor","File","TROJ_DLOADER.OCD","C:\Documents and Settings\***\Cookies\cfwhz.exe","Quarantine Success",""
"10:46","File Monitor","File","TROJ_MONDERB.AF","C:\WINDOWS\system32\tuvVMfdb.dll","Quarantine Success",""
"10:46","File Monitor","File","TROJ_AGENT.AGER","C:\Documents and Settings\***\Local Settings\Temporary Internet Files\Content.IE5\0LQB01IN\554[1].exe","Quarantine Success",""
"10:46","File Monitor","File","TROJ_AGENT.AGER","C:\Documents and Settings\***\Cookies\oaply.exe","Quarantine Success",""
"10:56","File Monitor","File","PAK_Generic.001","C:\Documents and Settings\***\Local Settings\Temporary Internet Files\Content.IE5\4HQVW1ER\test2[1].exe","Quarantine Success",""
"10:56","File Monitor","File","TROJ_MONDERB.AF","C:\WINDOWS\system32\vtULCTLC.dll","Quarantine Success",""
"10:56","File Monitor","File","TROJ_DLOADER.OCD","C:\Documents and Settings\***\Local Settings\Temporary Internet Files\Content.IE5\CJGJ6N0Z\tmp[1].exe","Quarantine Success",""
"10:56","File Monitor","File","TROJ_DLOADER.OCD","C:\Documents and Settings\***\Cookies\leuwl.exe","Quarantine Success",""
"10:57","File Monitor","File","TROJ_AGENT.AGER","C:\Documents and Settings\***\Local Settings\Temporary Internet Files\Content.IE5\V10GTVVD\554[1].exe","Quarantine Success",""
"10:57","File Monitor","File","TROJ_AGENT.AGER","C:\Documents and Settings\***\Cookies\grdlj.exe","Quarantine Success",""
"11:11","File Monitor","File","PAK_Generic.001","C:\Documents and Settings\***\Local Settings\Temporary Internet Files\Content.IE5\0LQB01IN\test2[1].exe","Quarantine Success",""
"11:11","File Monitor","File","TROJ_MONDERB.AF","C:\WINDOWS\system32\pmnoLfde.dll","Quarantine Success",""
"11:11","File Monitor","File","TROJ_DLOADER.OCD","C:\Documents and Settings\***\Local Settings\Temporary Internet Files\Content.IE5\4HQVW1ER\tmp[1].exe","Quarantine Success",""
"11:11","File Monitor","File","TROJ_DLOADER.OCD","C:\Documents and Settings\***\Cookies\ejftw.exe","Quarantine Success",""
"11:12","File Monitor","File","TROJ_AGENT.AGER","C:\Documents and Settings\***\Local Settings\Temporary Internet Files\Content.IE5\CJGJ6N0Z\554[1].exe","Quarantine Success",""
"11:12","File Monitor","File","TROJ_AGENT.AGER","C:\Documents and Settings\***\Cookies\rxfck.exe","Quarantine Success",""
"11:25","File Monitor","File","PAK_Generic.001","C:\Documents and Settings\***\Local Settings\Temporary Internet Files\Content.IE5\V10GTVVD\test2[1].exe","Quarantine Success",""
"11:26","File Monitor","File","TROJ_MONDERB.AF","C:\WINDOWS\system32\byXonMdb.dll","Quarantine Success",""
"11:26","File Monitor","File","TROJ_DLOADER.OCD","C:\Documents and Settings\***\Local Settings\Temporary Internet Files\Content.IE5\0LQB01IN\tmp[1].exe","Quarantine Success",""
"11:26","File Monitor","File","TROJ_DLOADER.OCD","C:\Documents and Settings\***\Cookies\corzh.exe","Quarantine Success",""
"11:26","File Monitor","File","TROJ_AGENT.AGER","C:\Documents and Settings\***\Local Settings\Temporary Internet Files\Content.IE5\4HQVW1ER\554[1].exe","Quarantine Success",""
"11:26","File Monitor","File","TROJ_AGENT.AGER","C:\Documents and Settings\***\Cookies\yxufk.exe","Quarantine Success",""
"11:40","File Monitor","File","PAK_Generic.001","C:\Documents and Settings\***\Local Settings\Temporary Internet Files\Content.IE5\CJGJ6N0Z\test2[1].exe","Quarantine Success",""
"11:41","File Monitor","File","TROJ_MONDERB.AF","C:\WINDOWS\system32\jkkHYPHy.dll","Quarantine Success",""
"11:41","File Monitor","File","TROJ_DLOADER.OCD","C:\Documents and Settings\***\Local Settings\Temporary Internet Files\Content.IE5\V10GTVVD\tmp[1].exe","Quarantine Success",""
"11:41","File Monitor","File","TROJ_DLOADER.OCD","C:\Documents and Settings\***\Cookies\uvcap.exe","Quarantine Success",""
"11:41","File Monitor","File","TROJ_AGENT.AGER","C:\Documents and Settings\***\Local Settings\Temporary Internet Files\Content.IE5\0LQB01IN\554[1].exe","Quarantine Success",""
"11:41","File Monitor","File","TROJ_AGENT.AGER","C:\Documents and Settings\***\Cookies\vpdjz.exe","Quarantine Success",""
"11:55","File Monitor","File","PAK_Generic.001","C:\Documents and Settings\***\Local Settings\Temporary Internet Files\Content.IE5\4HQVW1ER\test2[1].exe","Quarantine Success",""
"11:56","File Monitor","File","TROJ_MONDERB.AF","C:\WINDOWS\system32\vtUmMdeC.dll","Quarantine Success",""
"11:56","File Monitor","File","TROJ_DLOADER.OCD","C:\Documents and Settings\***\Local Settings\Temporary Internet Files\Content.IE5\CJGJ6N0Z\tmp[1].exe","Quarantine Success",""
"11:56","File Monitor","File","TROJ_DLOADER.OCD","C:\Documents and Settings\***\Cookies\ptcfc.exe","Quarantine Success",""
"11:56","File Monitor","File","TROJ_AGENT.AGER","C:\Documents and Settings\***\Local Settings\Temporary Internet Files\Content.IE5\V10GTVVD\554[1].exe","Quarantine Success",""
"11:56","File Monitor","File","TROJ_AGENT.AGER","C:\Documents and Settings\***\Cookies\qjxed.exe","Quarantine Success",""
"12:11","File Monitor","File","PAK_Generic.001","C:\Documents and Settings\***\Local Settings\Temporary Internet Files\Content.IE5\SPEB856V\test2[1].exe","Quarantine Success",""
"12:11","File Monitor","File","TROJ_MONDERB.AF","C:\WINDOWS\system32\fccyaAtu.dll","Quarantine Success",""
"12:11","File Monitor","File","TROJ_DLOADER.OCD","C:\Documents and Settings\***\Local Settings\Temporary Internet Files\Content.IE5\89QJKX2J\tmp[1].exe","Quarantine Success",""
"12:11","File Monitor","File","TROJ_DLOADER.OCD","C:\Documents and Settings\***\Cookies\gitze.exe","Quarantine Success",""
"12:12","File Monitor","File","TROJ_AGENT.AGER","C:\Documents and Settings\***\Local Settings\Temporary Internet Files\Content.IE5\CJGJ6N0Z\554[1].exe","Quarantine Success",""
"12:12","File Monitor","File","TROJ_AGENT.AGER","C:\Documents and Settings\***\Cookies\hqpzb.exe","Quarantine Success",""
"12:26","File Monitor","File","PAK_Generic.001","C:\Documents and Settings\***\Local Settings\Temporary Internet Files\Content.IE5\V10GTVVD\test2[1].exe","Quarantine Success",""
"12:26","File Monitor","File","TROJ_MONDERB.AF","C:\WINDOWS\system32\ddcYqroN.dll","Quarantine Success",""
"12:26","File Monitor","File","TROJ_DLOADER.OCD","C:\Documents and Settings\***\Local Settings\Temporary Internet Files\Content.IE5\SPEB856V\tmp[1].exe","Quarantine Success",""
"12:26","File Monitor","File","TROJ_DLOADER.OCD","C:\Documents and Settings\***\Cookies\oupsj.exe","Quarantine Success",""
"12:27","File Monitor","File","TROJ_AGENT.AGER","C:\Documents and Settings\***\Local Settings\Temporary Internet Files\Content.IE5\89QJKX2J\554[1].exe","Quarantine Success",""
"12:27","File Monitor","File","TROJ_AGENT.AGER","C:\Documents and Settings\***\Cookies\hsakv.exe","Quarantine Success",""
"12:41","File Monitor","File","PAK_Generic.001","C:\Documents and Settings\***\Local Settings\Temporary Internet Files\Content.IE5\GXMB01QF\test2[1].exe","Quarantine Success",""
"12:41","File Monitor","File","TROJ_MONDERB.AF","C:\WINDOWS\system32\qoMgggHw.dll","Quarantine Success",""
"12:41","File Monitor","File","TROJ_DLOADER.OCD","C:\Documents and Settings\***\Local Settings\Temporary Internet Files\Content.IE5\MX8H2XAZ\tmp[1].exe","Quarantine Success",""
"12:41","File Monitor","File","TROJ_DLOADER.OCD","C:\Documents and Settings\***\Cookies\xeelk.exe","Quarantine Success",""
"12:41","File Monitor","File","TROJ_AGENT.AGER","C:\Documents and Settings\***\Local Settings\Temporary Internet Files\Content.IE5\SPEB856V\554[1].exe","Quarantine Success",""
"12:41","File Monitor","File","TROJ_AGENT.AGER","C:\Documents and Settings\***\Cookies\bomdm.exe","Quarantine Success",""
"12:56","File Monitor","File","PAK_Generic.001","C:\Documents and Settings\***\Local Settings\Temporary Internet Files\Content.IE5\4HQVW1ER\test2[1].exe","Quarantine Success",""
"12:56","File Monitor","File","TROJ_MONDERB.AF","C:\WINDOWS\system32\vtUkiGWM.dll","Quarantine Success",""
"12:56","File Monitor","File","TROJ_DLOADER.OCD","C:\Documents and Settings\***\Local Settings\Temporary Internet Files\Content.IE5\GXMB01QF\tmp[1].exe","Quarantine Success",""
"12:56","File Monitor","File","TROJ_DLOADER.OCD","C:\Documents and Settings\***\Cookies\cywkb.exe","Quarantine Success",""
"12:56","File Monitor","File","TROJ_AGENT.AGER","C:\Documents and Settings\***\Local Settings\Temporary Internet Files\Content.IE5\MX8H2XAZ\554[1].exe","Quarantine Success",""
"12:56","File Monitor","File","TROJ_AGENT.AGER","C:\Documents and Settings\***\Cookies\fvxjm.exe","Quarantine Success",""
"13:11","Manual Scan","File","JAVA_BYTEVER.BJ","MagicApplet.class (C:\Documents and Settings\***\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\dsbr.jar-48717fd3-78af5608.zip)","Quarantine Fail",""
"13:11","Manual Scan","File","JAVA_BYTEVER.DL","OwnClassLoader.class (C:\Documents and Settings\***\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\dsbr.jar-48717fd3-78af5608.zip)","Quarantine Fail",""
"13:11","Manual Scan","File","JAVA_BYTEVER.DK","ProxyClassLoader.class (C:\Documents and Settings\***\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\dsbr.jar-48717fd3-78af5608.zip)","Quarantine Fail",""
"13:11","Manual Scan","File","---","C:\Documents and Settings\***\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\dsbr.jar-48717fd3-78af5608.zip","Quarantine Success",""
"13:11","Manual Scan","File","JAVA_BYTEVER.BK","Installer.class (C:\Documents and Settings\***\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\dsbr.jar-48717fd3-78af5608.zip)","Quarantine Fail",""
"13:11","Manual Scan","File","JAVA_BYTEVER.BJ","MagicApplet.class (C:\Documents and Settings\***\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\dsbr.jar-6c2fc83e-2ece0469.zip)","Quarantine Fail",""
"13:11","Manual Scan","File","JAVA_BYTEVER.DL","OwnClassLoader.class (C:\Documents and Settings\***\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\dsbr.jar-6c2fc83e-2ece0469.zip)","Quarantine Fail",""
"13:11","Manual Scan","File","JAVA_BYTEVER.DK","ProxyClassLoader.class (C:\Documents and Settings\***\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\dsbr.jar-6c2fc83e-2ece0469.zip)","Quarantine Fail",""
"13:11","Manual Scan","File","JAVA_BYTEVER.BK","Installer.class (C:\Documents and Settings\***\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\dsbr.jar-6c2fc83e-2ece0469.zip)","Quarantine Fail",""
"13:11","Manual Scan","File","---","C:\Documents and Settings\***\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\dsbr.jar-6c2fc83e-2ece0469.zip","Quarantine Success",""
"13:23","Manual Scan","File","Possible_SCRDL","C:\Documents and Settings\***\Local Settings\Temporary Internet Files\Content.IE5\00LSYPBV\10[1].htm","None Taken",""
"13:26","Manual Scan","File","Possible_SCRDL","C:\Documents and Settings\***\Local Settings\Temporary Internet Files\Content.IE5\89QJKX2J\10[1].htm","None Taken",""
"13:28","Manual Scan","File","Possible_SCRDL","C:\Documents and Settings\***\Local Settings\Temporary Internet Files\Content.IE5\CTEZKHI3\10[1].htm","None Taken",""
"13:28","Manual Scan","File","Possible_SCRDL","C:\Documents and Settings\***\Local Settings\Temporary Internet Files\Content.IE5\GXMB01QF\10[1].htm","None Taken",""
"13:30","Manual Scan","File","Possible_SCRDL","C:\Documents and Settings\***\Local Settings\Temporary Internet Files\Content.IE5\TCHHFTTJ\10[1].htm","None Taken",""
"13:31","Manual Scan","File","Possible_SCRDL","C:\Documents and Settings\***\Local Settings\Temporary Internet Files\Content.IE5\V10GTVVD\10[1].htm","None Taken",""
"13:33","Manual Scan","File","TROJ_AGENT.AGER","C:\Documents and Settings\LocalService\CookiesËvwknv¹òïò","Quarantine Success",""
"13:33","Manual Scan","File","TROJ_AGENT.AGER","C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\8205005F\554[1].exe","Quarantine Success",""
"13:33","Manual Scan","File","TROJ_DLOADER.OCD","C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\HYTH0TIY\tmp[1].exe","Quarantine Success",""
"14:26","File Monitor","File","PAK_Generic.001","C:\Documents and Settings\***\Local Settings\Temporary Internet Files\Content.IE5\8HMFODYV\test2[1].exe","Quarantine Success",""
"14:26","File Monitor","File","TROJ_MONDERB.AF","C:\WINDOWS\system32\opnkkkli.dll","Quarantine Success",""
"14:26","File Monitor","File","TROJ_DLOADER.OCD","C:\Documents and Settings\***\Local Settings\Temporary Internet Files\Content.IE5\V10GTVVD\tmp[1].exe","Quarantine Success",""
"14:26","File Monitor","File","TROJ_DLOADER.OCD","C:\Documents and Settings\***\Cookies\jncks.exe","Quarantine Success",""
"14:26","File Monitor","File","TROJ_AGENT.AGER","C:\Documents and Settings\***\Local Settings\Temporary Internet Files\Content.IE5\SLAZCD23\554[1].exe","Quarantine Success",""
"14:26","File Monitor","File","TROJ_AGENT.AGER","C:\Documents and Settings\***\Cookies\ggags.exe","Quarantine Success",""
"14:41","File Monitor","File","PAK_Generic.001","C:\Documents and Settings\***\Local Settings\Temporary Internet Files\Content.IE5\0LQB01IN\test2[1].exe","Quarantine Success",""
"14:41","File Monitor","File","TROJ_MONDERB.AF","C:\WINDOWS\system32\efcYRHyA.dll","Quarantine Success",""
"14:41","File Monitor","File","TROJ_DLOADER.OCD","C:\Documents and Settings\***\Local Settings\Temporary Internet Files\Content.IE5\8HMFODYV\tmp[1].exe","Quarantine Success",""
"14:41","File Monitor","File","TROJ_DLOADER.OCD","C:\Documents and Settings\***\Cookies\qkzyq.exe","Quarantine Success",""
"14:41","File Monitor","File","TROJ_AGENT.AGER","C:\Documents and Settings\***\Local Settings\Temporary Internet Files\Content.IE5\V10GTVVD\554[1].exe","Quarantine Success",""
"14:41","File Monitor","File","TROJ_AGENT.AGER","C:\Documents and Settings\***\Cookies\irwts.exe","Quarantine Success",""
"14:56","File Monitor","File","PAK_Generic.001","C:\Documents and Settings\***\Local Settings\Temporary Internet Files\Content.IE5\MFMZQZ4V\test2[1].exe","Quarantine Success",""
"14:56","File Monitor","File","TROJ_MONDERB.AF","C:\WINDOWS\system32\awtutRJD.dll","Quarantine Success",""
"14:56","File Monitor","File","TROJ_DLOADER.OCD","C:\Documents and Settings\***\Local Settings\Temporary Internet Files\Content.IE5\A3S3TAR6\tmp[1].exe","Quarantine Success",""
"14:56","File Monitor","File","TROJ_DLOADER.OCD","C:\Documents and Settings\***\Cookies\pkojg.exe","Quarantine Success",""
"14:57","File Monitor","File","TROJ_AGENT.AGER","C:\Documents and Settings\***\Local Settings\Temporary Internet Files\Content.IE5\MFMZQZ4V\554[1].exe","Quarantine Success",""
"14:57","File Monitor","File","TROJ_AGENT.AGER","C:\Documents and Settings\***\Cookies\rsklr.exe","Quarantine Success",""
"15:11","File Monitor","File","PAK_Generic.001","C:\Documents and Settings\***\Local Settings\Temporary Internet Files\Content.IE5\0LQB01IN\test2[1].exe","Quarantine Success",""
"15:11","File Monitor","File","TROJ_MONDERB.AF","C:\WINDOWS\system32\nnnkIaby.dll","Quarantine Success",""
"15:11","File Monitor","File","TROJ_DLOADER.OCD","C:\Documents and Settings\***\Local Settings\Temporary Internet Files\Content.IE5\V5VSHJF4\tmp[1].exe","Quarantine Success",""
"15:11","File Monitor","File","TROJ_DLOADER.OCD","C:\Documents and Settings\***\Cookies\pdneo.exe","Quarantine Success",""
"15:11","File Monitor","File","TROJ_AGENT.AGER","C:\Documents and Settings\***\Local Settings\Temporary Internet Files\Content.IE5\CJGJ6N0Z\554[1].exe","Quarantine Success",""
"15:11","File Monitor","File","TROJ_AGENT.AGER","C:\Documents and Settings\****\Cookies\vdryu.exe","Quarantine Success",""
"15:26","File Monitor","File","PAK_Generic.001","C:\Documents and Settings\***\Local Settings\Temporary Internet Files\Content.IE5\00LSYPBV\test2[1].exe","Quarantine Success",""
"15:26","File Monitor","File","TROJ_MONDERB.AF","C:\WINDOWS\system32\cbXPhhij.dll","Quarantine Success",""
"15:26","File Monitor","File","TROJ_DLOADER.OCD","C:\Documents and Settings\***\Local Settings\Temporary Internet Files\Content.IE5\0LQB01IN\tmp[1].exe","Quarantine Success",""
"15:26","File Monitor","File","TROJ_DLOADER.OCD","C:\Documents and Settings\***\Cookies\xuytu.exe","Quarantine Success",""
"15:27","File Monitor","File","TROJ_AGENT.AGER","C:\Documents and Settings\***\Local Settings\Temporary Internet Files\Content.IE5\CJGJ6N0Z\554[1].exe","Quarantine Success",""
"15:27","File Monitor","File","TROJ_AGENT.AGER","C:\Documents and Settings\***\Cookies\clijq.exe","Quarantine Success",""
"15:41","File Monitor","File","PAK_Generic.001","C:\Documents and Settings\***\Local Settings\Temporary Internet Files\Content.IE5\CJGJ6N0Z\test2[1].exe","Quarantine Success",""
"15:41","File Monitor","File","TROJ_MONDERB.AF","C:\WINDOWS\system32\urqNEVMe.dll","Quarantine Success",""
"15:41","File Monitor","File","TROJ_DLOADER.OCD","C:\Documents and Settings\***\Local Settings\Temporary Internet Files\Content.IE5\00LSYPBV\tmp[1].exe","Quarantine Success",""
"15:41","File Monitor","File","TROJ_DLOADER.OCD","C:\Documents and Settings\***\Cookies\iyrmi.exe","Quarantine Success",""
"15:41","File Monitor","File","TROJ_AGENT.AGER","C:\Documents and Settings\***\Local Settings\Temporary Internet Files\Content.IE5\0LQB01IN\554[1].exe","Quarantine Success",""
"15:41","File Monitor","File","TROJ_AGENT.AGER","C:\Documents and Settings\***\Cookies\murdc.exe","Quarantine Success",""
"15:56","File Monitor","File","PAK_Generic.001","C:\Documents and Settings\***\Local Settings\Temporary Internet Files\Content.IE5\89QJKX2J\test2[1].exe","Quarantine Success",""
"15:56","File Monitor","File","TROJ_MONDERB.AF","C:\WINDOWS\system32\mlJDSLbb.dll","Quarantine Success",""
"15:56","File Monitor","File","TROJ_DLOADER.OCD","C:\Documents and Settings\***\Local Settings\Temporary Internet Files\Content.IE5\V5VSHJF4\tmp[1].exe","Quarantine Success",""
"15:56","File Monitor","File","TROJ_DLOADER.OCD","C:\Documents and Settings\***\Cookies\xdvzl.exe","Quarantine Success",""
"15:57","File Monitor","File","TROJ_AGENT.AGER","C:\Documents and Settings\***\Local Settings\Temporary Internet Files\Content.IE5\00LSYPBV\554[1].exe","Quarantine Success",""
"15:57","File Monitor","File","TROJ_AGENT.AGER","C:\Documents and Settings\***\Cookies\zgjhd.exe","Quarantine Success",""
"16:10","File Monitor","File","PAK_Generic.001","C:\Documents and Settings\***\Local Settings\Temporary Internet Files\Content.IE5\MFMZQZ4V\test2[1].exe","Quarantine Success",""
"16:11","File Monitor","File","TROJ_MONDERB.AF","C:\WINDOWS\system32\xxyaAsrO.dll","Quarantine Success",""
"16:11","File Monitor","File","TROJ_DLOADER.OCD","C:\Documents and Settings\***\Local Settings\Temporary Internet Files\Content.IE5\MX8H2XAZ\tmp[1].exe","Quarantine Success",""
"16:11","File Monitor","File","TROJ_DLOADER.OCD","C:\Documents and Settings\***\Cookies\cskyu.exe","Quarantine Success",""
"16:11","File Monitor","File","TROJ_AGENT.AGER","C:\Documents and Settings\***\Local Settings\Temporary Internet Files\Content.IE5\0LQB01IN\554[1].exe","Quarantine Success",""
"16:11","File Monitor","File","TROJ_AGENT.AGER","C:\Documents and Settings\***\Cookies\noswz.exe","Quarantine Success",""


HijackThis Logfile folgt...
__________________

Alt 06.09.2008, 23:36   #4
godsilla
 
Java_bytever.bj ???? - Standard

Java_bytever.bj ????



Hir das HijackThis Logfile....

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:30:49 PM, on 9/6/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\DOCUME~1\***\LOCALS~1\Temp\svchost.exe
C:\PROGRA~1\TRENDM~1\INTERN~2\PcScnSrv.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\TRENDM~1\INTERN~2\Tmntsrv.exe
C:\PROGRA~1\TRENDM~1\INTERN~2\TmPfw.exe
C:\PROGRA~1\TRENDM~1\INTERN~2\tmproxy.exe
C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\PROGRA~1\TRENDM~1\INTERN~2\pccguide.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\WINDOWS\TEMP\mainti2.exe
C:\WINDOWS\system32\uesiuqcr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\webHancer\Programs\whagent.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Java\jre1.5.0_09\bin\jucheck.exe
C:\PROGRA~1\TRENDM~1\INTERN~2\PcCtlCom.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\Internet Security 2007\pccmain.exe
C:\PROGRA~1\TRENDM~1\INTERN~2\PccVScan.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.shaw.ca/start/enCA
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\uesiuqcr.exe,
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: getsn32.msiesn - {2D9F1530-0B38-4DCB-A90A-CECD559F3514} - C:\WINDOWS\system32\getsn32.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: WhIeHelperObj Class - {c900b400-cdfe-11d3-976a-00e02913a9e0} - C:\Program Files\webHancer\programs\whiehlpr.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
O4 - HKLM\..\Run: [SiS KHooker] C:\WINDOWS\system32\khooker.exe
O4 - HKLM\..\Run: [nmapp] "C:\Program Files\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash
O4 - HKLM\..\Run: [pccguide.exe] C:\PROGRA~1\TRENDM~1\INTERN~2\pccguide.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [webHancer Agent] C:\Program Files\webHancer\Programs\whagent.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Run] "C:\Documents and Settings\***\Application Data\Adobe\Manager.exe"
O4 - HKUS\S-1-5-18\..\Run: [Run] "C:\Documents and Settings\LocalService\Application Data\Adobe\Manager.exe" (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Run] "C:\Documents and Settings\LocalService\Application Data\Adobe\Manager.exe" (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - Startup: IMVU.lnk = C:\Program Files\IMVU\IMVUClient.exe
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\***\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Hijacked Internet access by WebHancer
O10 - Hijacked Internet access by WebHancer
O10 - Hijacked Internet access by WebHancer
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {55027008-315F-4F45-BBC3-8BE119764741} (Slide Image Uploader Control) - http://www.slide.com/uploader/SlideImageUploader.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://217.22.201.135/activex/AMC.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O22 - SharedTaskScheduler: kjlsjf9843nksngfdgffn - {C5AF49A2-94F3-42BD-F234-3604812C897D} - C:\WINDOWS\system32\ksfj83nwe.dll (file missing)
O23 - Service: Print Spooler Service (a6vowoi3iy) - Unknown owner - C:\WINDOWS\system32\odibjh.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Network Driver Interface - Unknown owner - C:\DOCUME~1\Eileen\LOCALS~1\Temp\svchost.exe
O23 - Service: Pure Networks Net2Go Service (nmraapache) - Pure Networks, Inc. - C:\Program Files\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe
O23 - Service: Pure Networks Network Magic Service (nmservice) - Pure Networks, Inc. - C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~2\PcCtlCom.exe
O23 - Service: Trend Micro Protection Against Spyware (PcScnSrv) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~2\PcScnSrv.exe
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~2\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~2\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~2\tmproxy.exe
O24 - Desktop Component 0: (no name) - h**p://207.46.10.252/cgi-bin/getmsg/pic9.jpg?&msg=BCC162AD-09A4-4F5F-A722-7C5F1097FB73&start=0&len=77931&mimepart=3&curmbox=00000000-0000-0000-0000-000000000001&b=45cf5edc0ea994a81e153c11ff285cd7&disk=10.1.106.220_d2219&login=tic%2dtac%2dup%2dur%2dnose&domain=hotmail%2ecom&hm___sig=9cbf261b01c7498 c256d2de97f74fe64f3722478614ec45a

--
End of file - 9608 bytes



Alt 06.09.2008, 23:55   #5
Silent sharK
 

Java_bytever.bj ???? - Standard

Java_bytever.bj ????



So, folge den Schritten genau der Reihe nach:

1.)

Dateien Online überprüfen lassen:
  • Suche die Seite Virtustotal auf, klicke auf den Button „Durchsuchen“ und suche folgende Datei/Dateien:
Code:
ATTFilter
C:\DOCUME~1\***\LOCALS~1\Temp\svchost.exe
C:\WINDOWS\system32\uesiuqcr.exe
         
  • Lade nun nacheinander jede/alle Datei/Dateien hoch, und warte bis der Scan vorbei ist. (kann bis zu 2 Minuten dauern.)
  • Poste im Anschluss das Ergebnis der Auswertung, alles abkopieren und in einen Beitrag einfügen.
  • Wichtig: Auch die Größenangabe sowie den HASH mit kopieren!

2.)
LSPFix anwenden:

Im WINSOCK von Windows werden Funktionen gesammelt (Bibliothek) welche zum Zugriff auf Netzwerkkomponenten nötig ist.
Winsock ergänzt Windows um das TCP/IP-Protokoll und ist für die Verbindung des PCs mit dem Internet zuständig.
Sie wird oftmals durch spezielle schädliche Software (Webhancer, NewDotNet) zerstört.
  • Hilfe biete in diesem Fall das Tool -> LSPFix
  • Nach dem Start erscheint diese Auswahl:
  • Bewege nun die schädlichen Dateien von links (KEEP) nach rechts (REMOVE) und dann auf Finish:
Code:
ATTFilter
Die bösartigen Einträge sind schon Rechts
         
  • Danach das System neu starten lassen, und der Zugriff auf das Netzwerk/Internet sollte wieder funktionieren

3.)
SDFix anwenden:
  • Lade das SDFix von AndyManchesta herunter und speichere es auf deinem Desktop.
  • Mach einen Doppelklick auf die Datei SDFix.exe, wähle installieren, um das Programm in seinen eigenen Ordner in C:\ zu entpacken:
  • Starte deinen Rechner neu, diesmal in den abgesicherten Modus <= Hinweise beachten!
  • Öffne den neu entstandenen SDFix Ordner, mach einen Doppelklick auf die RunThis.bat, um das Skript zu starten.
  • Gib ein Y ein, um den Reinigungsprozess zu beginnen.
  • Das Programm wird alle Trojaner Dienste und die dazugehörigen Registrierungseinträge löschen, die es findet.
  • Nun wirst du darum gebeten, eine Taste zu drücken, damit dein Rechner neustarten kann.
  • Drücke auf eine Taste. Jetzt wird dein Rechner neu aufgestartet.
  • Wenn der Rechner neu aufgestartet ist, wird das Fixtool nocheinmal laufen, um den Reinigungsprozess zu vervollständigen.
  • Wenn das Programm angibt, dass es beendet ist (Finished), drücke wieder auf irgendeine Taste, um das Skript zu beenden und deine Desktop Icons wieder zu laden.
  • Wenn die Desktop Icons wieder da sind, wird das Skript ein Fenster öffnen und das Ergebnis als einen Report.txt im Ordner SDFix speichern.
  • Kopiere den Inhalt dieses Report.txt und poste ihn, zusammen mit einem neuen HijackThis Logfile in deinem nächsten Posting.

4.)
MalwareBytes Anti-Malware :
  • Lade dir Malwarebytes Anti-Malware
  • Folge den Anweisungen der Anleitung und poste das Logfile

__________________
mfg, Patrick


Technische Kompromittierung
=> Tatort Internet
Keine Windows-CD? Selbst brennen.


Alt 07.09.2008, 02:04   #6
godsilla
 
Java_bytever.bj ???? - Standard

Java_bytever.bj ????



So ich habe Schritt eins schon mal gemacht.
Ich habe auch folgende Datein:

C:\DOCUME~1\***\LOCALS~1\Temp\svchost.exe
C:\WINDOWS\system32\uesiuqcr.exe

auf Virustotal geladen das war das ergebniss...

C:\DOCUME~1\***\LOCALS~1\Temp\svchost.exe

MD5: 6564a4020125132069eec77cd033b861
First received: 09.05.2008 01:00:43 (CET)
Date: 09.05.2008 16:54:25 (CET) [+1D]
Results: 4/36
Permalink: analisis/261f29adbb8683cc329c222ce3f4d6fd

File index39.exe received on 09.05.2008 16:53:20 (CET)
Current status: finished

Result: 4/36 (11.11%)
Compact Print results
Antivirus Version Last Update Result
AhnLab-V3 2008.9.5.1 2008.09.05 -
AntiVir 7.8.1.28 2008.09.05 -
Authentium 5.1.0.4 2008.09.05 -
Avast 4.8.1195.0 2008.09.05 -
AVG 8.0.0.161 2008.09.05 -
BitDefender 7.2 2008.09.05 -
CAT-QuickHeal 9.50 2008.09.02 -
ClamAV 0.93.1 2008.09.05 -
DrWeb 4.44.0.09170 2008.09.05 -
eSafe 7.0.17.0 2008.09.03 -
eTrust-Vet 31.6.6071 2008.09.05 -
Ewido 4.0 2008.09.04 -
F-Prot 4.4.4.56 2008.09.04 -
F-Secure 8.0.14332.0 2008.09.05 -
Fortinet 3.14.0.0 2008.09.03 -
GData 19 2008.09.05 -
Ikarus T3.1.1.34.0 2008.09.05 -
K7AntiVirus 7.10.443 2008.09.05 -
Kaspersky 7.0.0.125 2008.09.05 -
McAfee 5377 2008.09.04 -
Microsoft 1.3903 2008.09.05 Worm:Win32/Hamweq.gen!B
NOD32v2 3419 2008.09.05 probably a variant of Win32/AutoRun.KS
Norman 5.80.02 2008.09.05 -
Panda 9.0.0.4 2008.09.04 -
PCTools 4.4.2.0 2008.09.05 -
Prevx1 V2 2008.09.05 Cloaked Malware
Rising 20.60.42.00 2008.09.05 -
Sophos 4.33.0 2008.09.05 -
Sunbelt 3.1.1610.1 2008.09.05 -
Symantec 10 2008.09.05 Downloader
TheHacker 6.3.0.8.072 2008.09.04 -
TrendMicro 8.700.0.1004 2008.09.05 -
VBA32 3.12.8.5 2008.09.05 -
ViRobot 2008.9.5.1365 2008.09.05 -
VirusBuster 4.5.11.0 2008.09.05 -
Webwasher-Gateway 6.6.2 2008.09.05 -
Additional information
File size: 11776 bytes
MD5...: 6564a4020125132069eec77cd033b861
SHA1..: fc22c93ac56ed422b9dd21b74a58450f3dfeae6f
SHA256: 19ffa38a6d093465d4f008c082b71b0f4dda56ee7a591bceaf279d2504ae2536
SHA512: 8468455511e8ba08388627373a700ab7875baef94f24fbccfa685a6f280f643b
e4718bb9c87aad9d0ac20967d81fa5dd023bb77406066e26cea58317b2d93625
PEiD..: -
TrID..: File type identification
Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x401caa
timedatestamp.....: 0x48c04ed6 (Thu Sep 04 21:10:46 2008)
machinetype.......: 0x14c (I386)

( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x1d79 0x1e00 5.85 f6047ec0591d79467d0c900a4114d3aa
.rdata 0x3000 0x310 0x400 3.99 f3ae83658e60b70a4bdd792c4e100220
.data 0x4000 0x75c 0x800 5.02 34b7b3a7181b941f82dac0bc9bbd4596

( 2 imports )
> KERNEL32.dll: GetTickCount, GetLastError, GetModuleHandleA, GetModuleFileNameA, lstrcpyA, lstrcatA, Sleep, LoadLibraryA, GetProcAddress, ExitProcess, lstrcpynA, lstrlenA, GetCurrentProcess, CloseHandle
> ADVAPI32.dll: QueryServiceStatus, CreateServiceA, CloseServiceHandle, RegisterServiceCtrlHandlerA, SetServiceStatus, OpenSCManagerA, OpenServiceA, StartServiceCtrlDispatcherA, OpenProcessToken, LookupPrivilegeValueA, AdjustTokenPrivileges, StartServiceA

( 0 exports )

Prevx info: http://info.prevx.com/aboutprogramtext.asp?PX5=62A252F200AB774A2E0F00EB51F31500EFB8C214






C:\WINDOWS\system32\uesiuqcr.exe

MD5: 3f883039cb9f132845b2595430915137
First received: 09.06.2008 01:50:03 (CET)
Date: 09.07.2008 01:16:11 (CET) [<1D]
Results: 12/36
Permalink: analisis/d7fb4980d52d0517bcb9f1e998e6c3a9

File mainti2.exe received on 09.07.2008 01:15:02 (CET)
Current status: finished

Result: 12/36 (33.33%)
Compact Print results
Antivirus Version Last Update Result
AhnLab-V3 2008.9.6.0 2008.09.06 -
AntiVir 7.8.1.28 2008.09.05 TR/Crypt.FKM.Gen
Authentium 5.1.0.4 2008.09.06 -
Avast 4.8.1195.0 2008.09.06 -
AVG 8.0.0.161 2008.09.07 -
BitDefender 7.2 2008.09.06 Trojan.Downloader.VB.Gen.1
CAT-QuickHeal 9.50 2008.09.06 -
ClamAV 0.93.1 2008.09.06 -
DrWeb 4.44.0.09170 2008.09.06 -
eSafe 7.0.17.0 2008.09.03 Suspicious File
eTrust-Vet 31.6.6072 2008.09.05 -
Ewido 4.0 2008.09.06 -
F-Prot 4.4.4.56 2008.09.06 -
F-Secure 8.0.14332.0 2008.09.06 AdWare.Win32.BHO.cvf
Fortinet 3.112.0.0 2008.09.06 W32/BbFake.A!tr
GData 19 2008.09.07 -
Ikarus T3.1.1.34.0 2008.09.06 not-a-virus:AdWare.Win32.CashDeluxe.b
K7AntiVirus 7.10.443 2008.09.05 -
Kaspersky 7.0.0.125 2008.09.07 not-a-virus:AdWare.Win32.BHO.cvf
McAfee 5378 2008.09.05 -
Microsoft 1.3903 2008.09.07 TrojanDownloader:Win32/Cadux.B
NOD32v2 3423 2008.09.06 -
Norman 5.80.02 2008.09.05 -
Panda 9.0.0.4 2008.09.06 Suspicious file
PCTools 4.4.2.0 2008.09.06 -
Prevx1 V2 2008.09.07 Malicious Software
Rising 20.60.52.00 2008.09.06 -
Sophos 4.33.0 2008.09.06 Mal/Behav-210
Sunbelt 3.1.1610.1 2008.09.05 -
Symantec 10 2008.09.07 -
TheHacker 6.3.0.8.075 2008.09.06 -
TrendMicro 8.700.0.1004 2008.09.05 -
VBA32 3.12.8.5 2008.09.06 -
ViRobot 2008.9.5.1365 2008.09.06 -
VirusBuster 4.5.11.0 2008.09.06 -
Webwasher-Gateway 6.6.2 2008.09.05 Trojan.Crypt.FKM.Gen
Additional information
File size: 85008 bytes
MD5...: 3f883039cb9f132845b2595430915137
SHA1..: 293046da211fad4de1831c7fd9482e3e4b776489
SHA256: 64d141fbe86cd6aa7c6bb64bca9ab8dc9074e0b0210e0bfe03c3cf1aae9cf03d
SHA512: 8a2fbd38e74f899aa6134c3749e4f0dcf584a89637cac119db828b28b2660e36
288ea7b9ad0f4a8da371bdc837a2b8edfaeb0180d0ba4fa38950336cf2a51c33
PEiD..: UPX 2.90 [LZMA] -> Markus Oberhumer, Laszlo Molnar & John Reiser
TrID..: File type identification
Win32 Executable Microsoft Visual Basic 6 (64.4%)
UPX compressed Win32 Executable (15.6%)
Win32 EXE Yoda's Crypter (13.5%)
Win32 Executable Generic (4.3%)
Generic Win/DOS Executable (1.0%)
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x537d40
timedatestamp.....: 0x48c13f4f (Fri Sep 05 14:16:47 2008)
machinetype.......: 0x14c (I386)

( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
UPX0 0x1000 0x129000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
UPX1 0x12a000 0xe000 0xe000 7.86 6a460f049cce17036fd83811692bedcd
.rsrc 0x138000 0x1000 0xa00 3.27 d53818bdf0800f4ee3e9598ec96f8666

( 2 imports )
> KERNEL32.DLL: LoadLibraryA, GetProcAddress, VirtualProtect, VirtualAlloc, VirtualFree, ExitProcess
> MSVBVM60.DLL: -

( 0 exports )

Prevx info: http://info.prevx.com/aboutprogramtext.asp?PX5=F3B63ECA108ED02C4CC4016149FB4C00490060C2
packers (Kaspersky): PE_Patch.UPX, UPX, PE_Patch.UPX, UPX, PE_Patch.UPX, UPX
packers (F-Prot): UPX

So nechster post kommt gleich...
Und danke fuer die Hilfe bis jetzt.

Alt 07.09.2008, 03:30   #7
godsilla
 
Java_bytever.bj ???? - Standard

Java_bytever.bj ????



Soa hab jetzt (LSPFix) angewendet.
Hier ist dazu der Report...

Teil 1...



SDFix: Version 1.221
Run by Administrator on Sat 09/06/2008 at 07:25 PM

Microsoft Windows XP [Version 5.1.2600]
Running From: C:\SDFix

Checking Services :

Name :
a6vowoi3iy

Path :
C:\WINDOWS\system32\odibjh.exe /service

a6vowoi3iy - Deleted



Restoring Default Security Values
Restoring Default Hosts File
Restoring Default Desktop Wallpaper

Rebooting


Checking Files :

Trojan Files Found:

C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat - Contains Links to Malware Sites! - Deleted
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat - Contains Links to Malware Sites! - Deleted
C:\WINDOWS\system32\odibjh.exe - Deleted
C:\Documents and Settings\Eileen\Application Data\Adobe\Manager.exe - Deleted
C:\Documents and Settings\LocalService\Application Data\Adobe\Manager.exe - Deleted
C:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1015\svchost.exe - Deleted
C:\WINDOWS\default.htm - Deleted



Folder C:\Documents and Settings\Eileen\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#w*w.redtube.com - Removed


Removing Temp Files

ADS Check :



Final Check :

catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-06 19:49:04
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0


Remaining Services :




Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"="C:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe:*:Enabled:EasyShare"
"C:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"="C:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe:*:Enabled:Remote Assistance - Windows Messenger and Voice"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

Remaining Files :

C:\WINDOWS\default.htm Found

File Backups: - C:\SDFix\backups\backups.zip

Files with Hidden Attributes :

Tue 3 Oct 2006 4,908,984 ...H. --- "C:\Program Files\Picasa2\setup.exe"
Wed 11 Oct 2006 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\2E7.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\2E8.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\2E9.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\2EA.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\2EB.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\2ED.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\2EE.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\2EF.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\2F0.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\2F2.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\2F4.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\2F5.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\2F6.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\2F7.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\2F8.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\2F9.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\2FB.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\2FC.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\2FD.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\2FE.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\2FF.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\300.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\302.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\304.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\305.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\306.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\307.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\308.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\30A.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\31A.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\31C.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\31D.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\31E.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\320.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\322.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\323.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\324.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\325.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\326.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\327.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\329.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\32A.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\32B.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\32C.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\32D.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\32F.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\330.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\331.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\332.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\333.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\334.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\336.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\337.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\338.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\339.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\33A.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\33B.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\33D.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\33E.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\33F.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\340.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\341.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\343.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\344.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\345.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\346.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\347.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\348.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\34A.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\34B.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\34C.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\34D.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\34E.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\34F.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\351.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\352.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\353.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\354.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\355.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\357.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\358.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\359.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\35A.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\35B.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\35C.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\35E.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\35F.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\360.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\361.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\362.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\365.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\367.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\368.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\36B.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\36C.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\36D.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\36F.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\371.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\372.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\373.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\374.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\375.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\376.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\378.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\379.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\37A.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\37B.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\37C.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\37E.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\37F.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\380.tmp"

Alt 07.09.2008, 03:32   #8
godsilla
 
Java_bytever.bj ???? - Standard

Java_bytever.bj ????



Teil 2

Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\381.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\382.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\383.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\385.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\386.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\387.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\388.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\389.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\38B.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\38C.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\38D.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\38E.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\38F.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\391.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\392.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\393.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\394.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\395.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\397.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\398.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\399.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\39A.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\39B.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\39C.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\39E.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\39F.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\3A0.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\3A1.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\3A2.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\3A3.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\3A5.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\3A6.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\3A7.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\3A8.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\3A9.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\3AB.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\3AC.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\3AD.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\3AE.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\3AF.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\3B1.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\3B3.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\3B4.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\3B5.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\3B6.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\3B7.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\3B9.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\3BA.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\3BB.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\3BC.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\3BD.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\3BF.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\3C0.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\3C1.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\3C2.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\3C3.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\3C4.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\3C6.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\3CE.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\3D2.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\3D3.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\3D6.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\3D8.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\3D9.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\3DC.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\3DD.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\3DE.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\3E0.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\3E2.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\3E3.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\3E4.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\3E5.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\3E6.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\3E8.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\3E9.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\3EA.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\3EB.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\3EC.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\3ED.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\3EF.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\3F0.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\3F1.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\3F2.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\3F3.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\3F4.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\3F6.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\3F7.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\3F8.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\3F9.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\3FA.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\3FB.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\3FD.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\3FE.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\3FF.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\400.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\401.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\403.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\404.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\405.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\406.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\407.tmp"

Alt 07.09.2008, 03:33   #9
godsilla
 
Java_bytever.bj ???? - Standard

Java_bytever.bj ????



Teil 3

Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\408.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\40A.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\40B.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\40C.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\40D.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\40E.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\410.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\411.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\412.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\413.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\414.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\415.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\417.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\418.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\513.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\515.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\517.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\518.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\519.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\51A.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\51B.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\51C.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\51E.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\51F.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\520.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\521.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\522.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\523.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\525.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\526.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\527.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\528.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\529.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\52A.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\52C.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\52D.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\52E.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\52F.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\530.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\531.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\533.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\534.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\535.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\536.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\537.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\538.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\53B.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\53C.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\53D.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\53E.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\53F.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\541.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\542.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\543.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\544.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\545.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\546.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\548.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\549.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\54A.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\54B.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\54C.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\54D.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\54F.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\550.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\551.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\552.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\553.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\554.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\556.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\557.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\558.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\559.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\55A.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\55B.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\55D.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\55E.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\55F.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\560.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\561.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\562.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\564.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\565.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\566.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\567.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\568.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\569.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\56B.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\56C.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\56D.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\56E.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\56F.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\570.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\572.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\573.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\577.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\578.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\57B.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\57C.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\57E.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\581.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\582.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\583.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\585.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\586.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\588.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\589.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\58A.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\58B.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\58C.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\58D.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\58F.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\590.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\591.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\592.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\593.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\595.tmp"

Alt 07.09.2008, 03:36   #10
godsilla
 
Java_bytever.bj ???? - Standard

Java_bytever.bj ????



Teil 4

Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\596.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\597.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\598.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\599.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\59A.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\59C.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\59D.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\59E.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\59F.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\5A0.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\5A1.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\5A3.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\5A4.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\5A5.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\5A6.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\5A7.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\5A8.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\5AA.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\5AB.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\5AC.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\5AD.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\5AE.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\5AF.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\5B1.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\5B2.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\5B3.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\5B4.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\5B5.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\5B6.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\5B8.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\5B9.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\5BA.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\5BB.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\5BC.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\5BD.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\5BF.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\5C0.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\5C1.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\5C2.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\5C3.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\5C4.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\5C6.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\5C7.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\5C8.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\5C9.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\5CA.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\5CB.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\5CD.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\5CE.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\5CF.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\5D0.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\5D1.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\5D2.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\5D4.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\5D5.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\5D6.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\5D7.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\5D8.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\5D9.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\5DB.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\5DC.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\5DD.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\5DE.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\5DF.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\5E0.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\5E2.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\5EB.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\5EE.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\5EF.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\5F2.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\5F3.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\5F5.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\5F8.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\5F9.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\5FA.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\5FC.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\5FD.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\5FF.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\600.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\601.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\602.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\603.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\604.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\606.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\607.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\608.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\609.tmp"

Alt 07.09.2008, 03:38   #11
godsilla
 
Java_bytever.bj ???? - Standard

Java_bytever.bj ????



Teil 5

Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\60A.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\60B.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\60D.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\60E.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\60F.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\610.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\611.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\612.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\614.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\615.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\616.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\617.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\618.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\619.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\61B.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\61C.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\61D.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\61E.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\61F.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\620.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\622.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\623.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\624.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\625.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\626.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\627.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\629.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\62A.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\62B.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\62C.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\62D.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\62E.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\630.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\631.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\632.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\633.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\634.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\635.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\637.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\638.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\639.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\63A.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\63B.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\63C.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\63E.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\63F.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\640.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\641.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\642.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\643.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\645.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\646.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\647.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\648.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\649.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\64B.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\64C.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\64D.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\64E.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\64F.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\650.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\652.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\653.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\654.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\655.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\656.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\657.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\659.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\65B.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\65E.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\65F.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\662.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\663.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\665.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\668.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\669.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\66B.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\66D.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\66E.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\670.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\671.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\672.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\673.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\674.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\675.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\677.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\678.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\679.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\67A.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\67B.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\67C.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\67E.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\67F.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\680.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\681.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\682.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\683.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\685.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\686.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\687.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\688.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\689.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\68A.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\68C.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\68D.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\68E.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\68F.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\690.tmp"

Alt 07.09.2008, 03:41   #12
godsilla
 
Java_bytever.bj ???? - Standard

Java_bytever.bj ????



Teil 6

Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\691.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\693.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\694.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\695.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\696.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\697.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\698.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\69A.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\69B.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\69C.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\69D.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\69E.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\69F.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\6A1.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\6A2.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\6A3.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\6A4.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\6A5.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\6A6.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\6A8.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\6A9.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\6AA.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\6AB.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\6AC.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\6AD.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\6AF.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\6B0.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\6B1.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\6B2.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\6B3.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\6B5.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\6B6.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\6B7.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\6B8.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\6B9.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\6BA.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\6BC.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\6BD.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\6BE.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\6BF.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\6C0.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\6C1.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\6C3.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\6C4.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\6C5.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\6C6.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\6C7.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\6C8.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\6CA.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\6CE.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\6CF.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\6D2.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\6D3.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\6D4.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\6D8.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\6D9.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\6DB.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\6DD.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\6DE.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\6DF.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\6E1.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\6E2.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\6E3.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\6E4.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\6E5.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\6E6.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\6E8.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\6E9.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\6EA.tmp"

Alt 07.09.2008, 03:43   #13
godsilla
 
Java_bytever.bj ???? - Standard

Java_bytever.bj ????



So da kommt noch mehr... aber des wird noch bis zu 20 Seiten werden deswegen hoer ich damit jetz auf und geh gleich zum ende.





Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\C06.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\C07.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\C09.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\C0A.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\C0B.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\C0C.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\C0D.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\C0E.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\C10.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\C12.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\C15.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\C17.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\C19.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\C1B.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\C1E.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\C1F.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\C20.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\C22.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\C23.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\C25.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\C2B.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\C2C.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\C2D.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\C2F.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\C30.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\C32.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\C34.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\C35.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\C36.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\C3A.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\C3C.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\C3D.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\C3E.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\C3F.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\C40.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\C41.tmp"
Fri 5 Sep 2008 372 A.SHR --- "C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\C43.tmp"
Wed 11 Oct 2006 4,348 ...H. --- "C:\Documents and Settings\Eileen\My Documents\My Music\License Backup\drmv1key.bak"
Wed 11 Oct 2006 20 A..H. --- "C:\Documents and Settings\Eileen\My Documents\My Music\License Backup\drmv1lic.bak"
Fri 29 Sep 2006 312 ...H. --- "C:\Documents and Settings\Eileen\My Documents\My Music\License Backup\drmv2key.bak"
Wed 11 Oct 2006 1,536 A..H. --- "C:\Documents and Settings\Eileen\My Documents\My Music\License Backup\drmv2lic.bak"

Finished!

Alt 07.09.2008, 03:47   #14
godsilla
 
Java_bytever.bj ???? - Standard

Java_bytever.bj ????



So hir ist dan noch mal der neue HijackThis Report...

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:46:01 PM, on 9/6/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\uesiuqcr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
C:\Program Files\Pure Networks\Network Magic\nmapp.exe
C:\PROGRA~1\TRENDM~1\INTERN~2\pccguide.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\DOCUME~1\***\LOCALS~1\Temp\svchost.exe
C:\PROGRA~1\TRENDM~1\INTERN~2\PcCtlCom.exe
C:\PROGRA~1\TRENDM~1\INTERN~2\PcScnSrv.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\TRENDM~1\INTERN~2\Tmntsrv.exe
C:\PROGRA~1\TRENDM~1\INTERN~2\TmPfw.exe
C:\PROGRA~1\TRENDM~1\INTERN~2\tmproxy.exe
C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Java\jre1.5.0_09\bin\jucheck.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.shaw.ca/start/enCA
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\uesiuqcr.exe,
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: getsn32.msiesn - {2D9F1530-0B38-4DCB-A90A-CECD559F3514} - C:\WINDOWS\system32\getsn32.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: WhIeHelperObj Class - {c900b400-cdfe-11d3-976a-00e02913a9e0} - C:\Program Files\webHancer\programs\whiehlpr.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
O4 - HKLM\..\Run: [SiS KHooker] C:\WINDOWS\system32\khooker.exe
O4 - HKLM\..\Run: [nmapp] "C:\Program Files\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash
O4 - HKLM\..\Run: [pccguide.exe] C:\PROGRA~1\TRENDM~1\INTERN~2\pccguide.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [webHancer Agent] C:\Program Files\webHancer\Programs\whagent.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-18\..\Run: [Run] "C:\Documents and Settings\LocalService\Application Data\Adobe\Manager.exe" (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Run] "C:\Documents and Settings\LocalService\Application Data\Adobe\Manager.exe" (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - Startup: IMVU.lnk = C:\Program Files\IMVU\IMVUClient.exe
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Eileen\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {55027008-315F-4F45-BBC3-8BE119764741} (Slide Image Uploader Control) - http://www.slide.com/uploader/SlideImageUploader.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://217.22.201.135/activex/AMC.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O22 - SharedTaskScheduler: kjlsjf9843nksngfdgffn - {C5AF49A2-94F3-42BD-F234-3604812C897D} - C:\WINDOWS\system32\ksfj83nwe.dll (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Network Driver Interface - Unknown owner - C:\DOCUME~1\Eileen\LOCALS~1\Temp\svchost.exe
O23 - Service: Pure Networks Net2Go Service (nmraapache) - Pure Networks, Inc. - C:\Program Files\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe
O23 - Service: Pure Networks Network Magic Service (nmservice) - Pure Networks, Inc. - C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~2\PcCtlCom.exe
O23 - Service: Trend Micro Protection Against Spyware (PcScnSrv) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~2\PcScnSrv.exe
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~2\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~2\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~2\tmproxy.exe
O24 - Desktop Component 0: (no name) - http://207.46.10.252/cgi-bin/getmsg/pic9.jpg?&msg=BCC162AD-09A4-4F5F-A722-7C5F1097FB73&start=0&len=77931&mimepart=3&curmbox=00000000-0000-0000-0000-000000000001&b=45cf5edc0ea994a81e153c11ff285cd7&disk=10.1.106.220_d2219&login=tic%2dtac%2dup%2dur%2dnose&domain=hotmail%2ecom&hm___sig=9cbf261b01c7498 c256d2de97f74fe64f3722478614ec45a

--
End of file - 9275 bytes

Alt 07.09.2008, 06:34   #15
godsilla
 
Java_bytever.bj ???? - Standard

Java_bytever.bj ????



So habe jetz auch Malwarebytes drueber laufen lassen. Hier der Report...

Malwarebytes' Anti-Malware 1.26
Database version: 1120
Windows 5.1.2600 Service Pack 3

9/6/2008 11:28:53 PM
mbam-log-2008-09-06 (23-28-53).txt

Scan type: Full Scan (C:\|)
Objects scanned: 141165
Time elapsed: 2 hour(s), 30 minute(s), 46 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 2
Registry Keys Infected: 17
Registry Values Infected: 3
Registry Data Items Infected: 1
Folders Infected: 3
Files Infected: 86

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
C:\Program Files\webHancer\Programs\whiehlpr.dll (Adware.WebHancer) -> Delete on reboot.
C:\WINDOWS\system32\getsn32.dll (Trojan.Agent) -> Delete on reboot.

Registry Keys Infected:
HKEY_CLASSES_ROOT\whiehelperobj.whiehelperobj.1 (Adware.WebHancer) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{c8cb3870-cdfe-11d3-976a-00e02913a9e0} (Adware.WebHancer) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{c89435b0-cdfe-11d3-976a-00e02913a9e0} (Adware.WebHancer) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c900b400-cdfe-11d3-976a-00e02913a9e0} (Adware.WebHancer) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c900b400-cdfe-11d3-976a-00e02913a9e0} (Adware.WebHancer) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{252874d8-5b00-4b93-a282-4ca656598278} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e221c81b-e518-4f93-b0d2-14e52065417a} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2d9f1530-0b38-4dcb-a90a-cecd559f3514} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2d9f1530-0b38-4dcb-a90a-cecd559f3514} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\IMAdvertiser (Adware.SearchTwo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\whiehelperobj.whiehelperobj (Adware.WebHancer) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\webHancer Agent (Adware.WebHancer) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\webHancer (Adware.WebHancer) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\getsn32.msiesn (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\network driver interface (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\network driver interface (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\network driver interface (Trojan.Agent) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\webhancer agent (Adware.Webhancer) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\General\wallpaper (Hijack.Desktop) -> Delete on reboot.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\run (Trojan.Agent) -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
C:\Program Files\webHancer (Adware.Webhancer) -> Delete on reboot.
C:\Program Files\webHancer\Programs (Adware.Webhancer) -> Delete on reboot.
C:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1015 (Trojan.Agent) -> Quarantined and deleted successfully.

Files Infected:
C:\Program Files\webHancer\Programs\whiehlpr.dll (Adware.WebHancer) -> Delete on reboot.
C:\Documents and Settings\***\Cookies\zobyl.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\8205005F\newsys[1].exe (Rogue.Spymonitor) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\HYTH0TIY\dkf[1].exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Program Files\webHancer\Programs\license.txt (Adware.Webhancer) -> Quarantined and deleted successfully.
C:\Program Files\webHancer\Programs\readme.txt (Adware.Webhancer) -> Quarantined and deleted successfully.
C:\Program Files\webHancer\Programs\sporder.dll (Adware.Webhancer) -> Quarantined and deleted successfully.
C:\Program Files\webHancer\Programs\whagent.exe (Adware.Webhancer) -> Quarantined and deleted successfully.
C:\Program Files\webHancer\Programs\whagent.ini (Adware.Webhancer) -> Quarantined and deleted successfully.
C:\Program Files\webHancer\Programs\whinstaller.exe (Adware.Webhancer) -> Quarantined and deleted successfully.
C:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1015\Desktop.ini (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\default.htm (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\getsn32.dll (Trojan.Agent) -> Delete on reboot.
C:\Documents and Settings\LocalService\Application Data\Adobe\Manager.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\***\Cookies\aagqh.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\***\Cookies\bagxw.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\***\Cookies\bgvqc.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\***\Cookies\bitxy.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\***\Cookies\brznc.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\***\Cookies\cfkdj.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\***\Cookies\dokzd.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\***\Cookies\evmow.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\***\Cookies\ffghc.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\***\Cookies\gagdt.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\***\Cookies\ggvgi.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\***\Cookies\hslfi.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\***\Cookies\icdkd.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\***\Cookies\idyuu.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\***\Cookies\ijahk.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\***\Cookies\ijgur.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\***\Cookies\irxak.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\***\Cookies\ivtal.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\***\Cookies\jbzie.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\***\Cookies\joeti.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\***\Cookies\jofbs.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\***\Cookies\julvi.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\***\Cookies\kmowk.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\***\Cookies\larag.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\***\Cookies\lukfy.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\***\Cookies\mjycn.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\***\Cookies\mmbfl.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\***\Cookies\mqubt.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\***\Cookies\nmnmm.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\***\Cookies\nygzr.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\***\Cookies\pqann.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\***\Cookies\qguju.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\***\Cookies\qidpr.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\***\Cookies\qiraf.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\***\Cookies\qpccp.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\***\Cookies\qtbmk.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\***\Cookies\qweiv.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\***\Cookies\rbbhi.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\***\Cookies\reafh.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\***\Cookies\ruymo.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\***\Cookies\rxbtx.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\***\Cookies\ssdgo.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\***\Cookies\sufym.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\***\Cookies\tshak.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\***\Cookies\tsorz.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\***\Cookies\ttvdr.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\***\Cookies\tvqvp.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\***\Cookies\udcga.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\***\Cookies\utfbf.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\***\Cookies\utuvz.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\***\Cookies\vomvc.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\***\Cookies\vqjuv.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\***\Cookies\vrshb.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\***\Cookies\wawrt.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\***\Cookies\wphuw.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\***\Cookies\wyckf.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\***\Cookies\xcbxh.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\***\Cookies\xhkkb.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\***\Cookies\xiezt.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\***\Cookies\xkehh.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\***\Cookies\yazup.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\***\Cookies\ycofz.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\***\Cookies\ykdjg.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\***\Cookies\yxmcp.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\***\Cookies\yytnr.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\***\Cookies\zbvjc.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\***\Cookies\zcpkq.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\***\Cookies\zjtcv.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\***\Cookies\zvzvs.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\***\Cookies\zwuyq.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\***\Cookies\zyabi.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\***\Local Settings\Temp\svchost.exe (Trojan.Agent) -> Delete on
reboot.


Naja das wars an sich. Hatte aber auch eine Meldung bekommen das manche Datein nicht geloescht werden koennen, und erst beim neustart geloescht werden. Naja ich hoffe mal das alles gut geht. Soll ich noch was machen um zu checken das alles weg ist?

Geändert von godsilla (07.09.2008 um 06:42 Uhr)

Antwort

Themen zu Java_bytever.bj ????
antivirus, dauert, fenster, funktioniert, gelbes, gen, helfen, java, malware, micro, probiert, programm, punkt, rechts, runterladen, sache, sachen, seite, seiten, spyware, starte, starten, trend, verseucht, versucht, virus




Zum Thema Java_bytever.bj ???? - Halli Hallo, Um es auf den Punkt zu bringen mein Pc ist verseucht bis zum geht nicht mehr.Internet seiten starten sich von alleine und unten rechts oeffnet sich andauert ein - Java_bytever.bj ????...
Archiv
Du betrachtest: Java_bytever.bj ???? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.