Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Googlechrome macht was es will..

Googlechrome macht was es will..


Log-Analyse und Auswertung: Googlechrome macht was es will..

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Seite 2 von 2 1 2
Alt 14.07.2010, 20:40   #1
markusg
/// Malware-holic
 
Googlechrome macht was es will.. - Standard

Googlechrome macht was es will..


kannst du es mal im abgesicherten modus versuchen?
beim pc start die f8-taste drücken, dann solltest du dort hingelangen

Alt 14.07.2010, 21:29   #2
Mofa
 
Googlechrome macht was es will.. - Standard

Googlechrome macht was es will..


nach zig scans hab ich jetzt endlich die log file:


Combofix Logfile:
Code:
ATTFilter
ComboFix 10-07-13.08 - Skillz 14.07.2010  22:10:11.4.2 - x86 MINIMAL
Microsoft Windows 7 Starter   6.1.7600.0.1252.49.1031.18.1014.681 [GMT 2:00]
ausgeführt von:: c:\users\Skillz\Desktop\ComboFix.exe
SP: Spybot - Search and Destroy *disabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
.

(((((((((((((((((((((((   Dateien erstellt von 2010-06-14 bis 2010-07-14  ))))))))))))))))))))))))))))))
.

2010-07-14 20:18 . 2010-07-14 20:18	--------	d-----w-	c:\users\Public\AppData\Local\temp
2010-07-14 20:18 . 2010-07-14 20:18	--------	d-----w-	c:\users\Default\AppData\Local\temp
2010-07-14 19:05 . 2009-10-31 05:45	2614272	----a-w-	c:\windows\system32\userinit.exe
2010-07-14 18:03 . 2010-07-14 20:18	--------	d-----w-	c:\users\Skillz\AppData\Local\temp
2010-07-13 15:42 . 2010-07-13 15:42	--------	d-----w-	c:\users\Skillz\AppData\Roaming\Malwarebytes
2010-07-13 15:42 . 2010-04-29 13:39	38224	----a-w-	c:\windows\system32\drivers\mbamswissarmy.sys
2010-07-13 15:42 . 2010-07-13 15:42	--------	d-----w-	c:\programdata\Malwarebytes
2010-07-13 15:42 . 2010-04-29 13:39	20952	----a-w-	c:\windows\system32\drivers\mbam.sys
2010-07-13 15:41 . 2010-07-13 15:42	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2010-07-12 21:17 . 2010-07-13 01:51	--------	d-----w-	c:\programdata\Spybot - Search & Destroy
2010-07-12 21:17 . 2010-07-12 21:19	--------	d-----w-	c:\program files\Spybot - Search & Destroy
2010-07-12 19:17 . 2010-07-12 19:17	--------	d-----w-	c:\windows\system32\log
2010-07-11 19:50 . 2010-07-12 19:27	--------	d-----w-	c:\program files\Vector Magic
2010-07-11 18:12 . 2010-07-11 18:12	--------	d-----w-	c:\users\Skillz\AppData\Roaming\Pegasys Inc
2010-07-11 18:11 . 2010-07-11 18:11	--------	d-----w-	c:\users\Skillz\AppData\Roaming\DVDVideoSoftIEHelpers
2010-07-11 18:09 . 2010-07-11 18:10	--------	d-----w-	c:\program files\Common Files\DVDVideoSoft
2010-07-11 18:09 . 2010-07-11 18:10	--------	d-----w-	c:\program files\DVDVideoSoft
2010-07-11 05:51 . 2010-07-11 07:03	--------	d-----w-	c:\users\Skillz\AppData\Roaming\Windows Live Writer
2010-07-11 05:51 . 2010-07-11 05:51	--------	d-----w-	c:\users\Skillz\AppData\Local\Windows Live Writer
2010-07-11 05:38 . 2010-07-12 05:49	--------	d-----w-	c:\users\Skillz\Tracing
2010-07-10 18:29 . 2010-07-10 18:29	--------	d-----w-	c:\users\Skillz\AppData\Roaming\com.zoosk.Desktop.096E6A67431258A508A2446A847B240591D2C99B.1
2010-07-10 18:29 . 2010-07-10 18:26	53632	----a-w-	c:\users\Skillz\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-07-10 18:29 . 2010-07-10 18:26	53632	----a-w-	c:\users\Default\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-07-08 12:53 . 2010-07-08 12:56	--------	d-----w-	c:\users\Skillz\AppData\Roaming\Apple Computer
2010-07-08 12:53 . 2010-07-08 12:53	--------	d-----w-	c:\users\Skillz\AppData\Local\Apple Computer
2010-07-08 12:52 . 2009-05-18 11:17	26600	----a-w-	c:\windows\system32\drivers\GEARAspiWDM.sys
2010-07-08 12:52 . 2008-04-17 10:12	107368	----a-w-	c:\windows\system32\GEARAspi.dll
2010-07-08 12:51 . 2010-07-08 12:51	--------	d-----w-	c:\program files\iPod
2010-07-08 12:51 . 2010-07-08 12:52	--------	d-----w-	c:\programdata\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2010-07-08 12:51 . 2010-07-08 12:52	--------	d-----w-	c:\program files\iTunes
2010-07-08 12:47 . 2010-07-08 12:49	--------	d-----w-	c:\program files\QuickTime
2010-07-08 12:47 . 2010-07-08 12:51	--------	d-----w-	c:\programdata\Apple Computer
2010-07-08 12:47 . 2010-07-08 12:47	--------	d-----w-	c:\users\Skillz\AppData\Local\Apple
2010-07-08 12:47 . 2010-07-08 12:47	--------	d-----w-	c:\program files\Apple Software Update
2010-07-08 12:46 . 2010-07-08 12:46	--------	d-----w-	c:\program files\Bonjour
2010-07-08 12:45 . 2010-07-08 12:55	--------	d-----w-	c:\programdata\Apple
2010-07-08 12:45 . 2010-07-08 12:51	--------	d-----w-	c:\program files\Common Files\Apple
2010-07-03 19:18 . 2010-07-03 19:18	--------	d-----w-	C:\Skillz
2010-07-03 16:55 . 2009-11-25 10:47	99176	----a-w-	c:\windows\system32\PresentationHostProxy.dll
2010-07-03 16:55 . 2009-11-25 10:47	49472	----a-w-	c:\windows\system32\netfxperf.dll
2010-07-03 16:55 . 2009-11-25 10:47	297808	----a-w-	c:\windows\system32\mscoree.dll
2010-07-03 16:55 . 2009-11-25 10:47	295264	----a-w-	c:\windows\system32\PresentationHost.exe
2010-07-03 16:55 . 2009-11-25 10:47	1130824	----a-w-	c:\windows\system32\dfshim.dll
2010-07-03 16:48 . 2010-02-11 07:10	293376	----a-w-	c:\windows\system32\browserchoice.exe
2010-07-03 07:54 . 2010-07-14 19:42	--------	d-----w-	c:\users\Skillz\AppData\Roaming\ICQ
2010-07-03 07:54 . 2010-07-03 07:54	--------	d-----w-	c:\users\Skillz\AppData\Local\AOL
2010-07-03 07:54 . 2010-07-03 07:57	--------	d-----w-	c:\program files\ICQ7.2
2010-07-03 06:48 . 2010-05-09 09:14	641536	----a-w-	c:\windows\system32\CPFilters.dll
2010-07-03 06:48 . 2009-12-13 09:30	465408	----a-w-	c:\windows\system32\psisdecd.dll
2010-07-03 06:48 . 2010-03-08 21:33	427520	----a-w-	c:\windows\system32\vbscript.dll
2010-07-03 06:48 . 2009-09-26 05:58	194488	----a-w-	c:\windows\system32\drivers\fvevol.sys
2010-07-03 06:47 . 2009-10-31 05:45	2614272	----a-w-	c:\windows\explorer.exe
2010-07-03 06:47 . 2009-10-28 06:17	285696	----a-w-	c:\windows\system32\winlogon.exe
2010-07-03 06:47 . 2009-12-11 07:38	1037312	----a-w-	c:\windows\system32\lsasrv.dll
2010-07-03 06:47 . 2009-12-11 07:44	133720	----a-w-	c:\windows\system32\drivers\ksecpkg.sys
2010-07-03 06:47 . 2010-03-04 07:33	740864	----a-w-	c:\windows\system32\inetcomm.dll
2010-07-03 06:45 . 2009-12-19 09:02	1328640	----a-w-	c:\windows\system32\quartz.dll
2010-07-03 06:44 . 2010-04-23 07:13	2048	----a-w-	c:\windows\system32\tzres.dll
2010-07-03 06:43 . 2010-02-27 07:32	221696	----a-w-	c:\windows\system32\drivers\mrxsmb10.sys
2010-07-03 06:43 . 2010-02-27 07:32	95744	----a-w-	c:\windows\system32\drivers\mrxsmb20.sys
2010-07-03 06:43 . 2010-02-27 07:32	123392	----a-w-	c:\windows\system32\drivers\mrxsmb.sys
2010-07-03 06:42 . 2010-05-27 03:49	293888	----a-w-	c:\windows\system32\atmfd.dll
2010-07-03 06:42 . 2009-10-19 14:10	70656	----a-w-	c:\windows\system32\fontsub.dll
2010-07-03 06:42 . 2010-05-27 07:24	34304	----a-w-	c:\windows\system32\atmlib.dll
2010-07-02 21:40 . 2010-07-02 21:40	--------	d-----w-	c:\windows\ConfigSetRoot
2010-07-02 21:35 . 2010-02-01 13:53	79136	----a-w-	c:\users\Default\AppData\Local\GDIPFONTCACHEV1.DAT
2010-07-02 21:35 . 2010-02-01 13:53	--------	d-----w-	c:\users\Default\AppData\Roaming\E-Cam
2010-07-02 21:35 . 2010-02-01 13:46	--------	d-----w-	c:\users\Default\AppData\Local\Microsoft Help
2010-07-02 21:35 . 2010-02-01 13:46	--------	d-----w-	c:\users\Default\AppData\Local\Adobe
2010-07-02 21:35 . 2010-02-01 13:21	--------	d-----w-	c:\users\Default\AppData\Local\Broadcom
2010-07-02 21:35 . 2010-02-01 13:14	--------	d-----w-	c:\users\Default\AppData\Roaming\InstallShield
2010-07-02 20:18 . 2010-07-02 20:18	--------	d-----w-	c:\program files\Common Files\Java
2010-07-02 20:18 . 2010-07-02 20:17	411368	----a-w-	c:\windows\system32\deployJava1.dll
2010-07-02 20:17 . 2010-07-02 20:17	--------	d-----w-	c:\program files\Java
2010-07-02 18:40 . 2010-07-02 18:40	--------	d-----w-	c:\users\Skillz\AppData\Local\BVRP Software
2010-07-02 17:42 . 2010-07-02 17:42	57344	----a-w-	c:\programdata\DivX\RunAsUser\RUNASUSERPROCESS.dll
2010-07-02 17:42 . 2010-07-02 17:29	1062184	----a-w-	c:\programdata\DivX\Setup\Resource.dll
2010-07-02 17:42 . 2010-07-02 17:28	895256	----a-w-	c:\programdata\DivX\Setup\DivXSetup.exe
2010-07-02 17:42 . 2010-07-02 17:42	56765	----a-w-	c:\programdata\DivX\DivXPlusShortcuts\Uninstaller.exe
2010-07-02 17:42 . 2010-07-02 17:42	56997	----a-w-	c:\programdata\DivX\WebPlayer\Uninstaller.exe
2010-07-02 17:41 . 2010-07-02 17:41	53600	----a-w-	c:\programdata\DivX\Update\Uninstaller.exe
2010-07-02 17:41 . 2010-07-02 17:41	57715	----a-w-	c:\programdata\DivX\Player\Uninstaller.exe
2010-07-02 17:40 . 2010-07-11 18:18	--------	d-----w-	c:\users\Skillz\AppData\Roaming\DivX
2010-07-02 17:39 . 2010-07-02 17:39	84062	----a-w-	c:\programdata\DivX\TransferWizard\Uninstaller.exe
2010-07-02 17:39 . 2010-07-02 17:39	--------	d-----w-	c:\program files\Common Files\PX Storage Engine
2010-07-02 17:39 . 2010-07-02 17:39	57609	----a-w-	c:\programdata\DivX\MFComponents\Uninstaller.exe
2010-07-02 17:39 . 2010-07-02 17:39	57054	----a-w-	c:\programdata\DivX\DSDesktopComponents\Uninstaller.exe
2010-07-02 17:39 . 2010-07-02 17:39	54166	----a-w-	c:\programdata\DivX\DSAVCDecoder\Uninstaller.exe
2010-07-02 17:39 . 2010-07-02 17:39	57532	----a-w-	c:\programdata\DivX\DSASPDecoder\Uninstaller.exe
2010-07-02 17:38 . 2010-07-02 17:38	56458	----a-w-	c:\programdata\DivX\DivXDecoderShortcut\Uninstaller.exe
2010-07-02 17:38 . 2010-07-02 17:38	54174	----a-w-	c:\programdata\DivX\DSAACDecoder\Uninstaller.exe
2010-07-02 17:38 . 2010-07-02 17:38	54153	----a-w-	c:\programdata\DivX\DFXPlugin\Uninstaller.exe
2010-07-02 17:38 . 2010-07-02 17:38	54128	----a-w-	c:\programdata\DivX\Converter\Uninstaller.exe
2010-07-02 17:38 . 2010-07-02 17:38	54644	----a-w-	c:\programdata\DivX\TranscodeEngine\Uninstaller.exe
2010-07-02 17:38 . 2010-07-02 17:38	54101	----a-w-	c:\programdata\DivX\MPEG2Plugin\Uninstaller.exe
2010-07-02 17:38 . 2010-07-02 17:38	57409	----a-w-	c:\programdata\DivX\ControlPanel\Uninstaller.exe
2010-07-02 17:37 . 2010-07-02 17:37	52963	----a-w-	c:\programdata\DivX\MSVC80CRTRedist\Uninstaller.exe
2010-07-02 17:36 . 2010-07-02 17:36	54073	----a-w-	c:\programdata\DivX\Qt4.5\Uninstaller.exe
2010-07-02 17:36 . 2010-07-02 17:36	--------	d-----w-	c:\program files\Common Files\DivX Shared
2010-07-02 17:36 . 2010-07-02 17:36	56969	----a-w-	c:\programdata\DivX\ASPEncoder\Uninstaller.exe
2010-07-02 17:30 . 2010-07-11 18:09	--------	d-----w-	c:\program files\DivX
2010-07-02 17:30 . 2010-07-02 17:30	144696	----a-w-	c:\programdata\DivX\RunAsUser\RUNASUSERPROCESS.exe
2010-07-02 17:29 . 2010-07-02 17:42	--------	d-----w-	c:\programdata\DivX
2010-07-02 17:06 . 2010-07-02 17:06	--------	d-----w-	c:\users\Skillz\AppData\Roaming\Thunderbird
2010-07-02 17:06 . 2010-07-02 17:06	--------	d-----w-	c:\users\Skillz\AppData\Local\Thunderbird
2010-07-02 17:03 . 2010-07-02 17:41	--------	d-----w-	c:\program files\Mozilla Thunderbird
2010-07-02 16:49 . 2010-05-21 12:14	221568	------w-	c:\windows\system32\MpSigStub.exe
2010-07-02 16:46 . 2009-12-04 16:05	1322680	----a-w-	c:\windows\system32\drivers\vsapint.sys
2010-07-02 16:46 . 2009-12-04 16:39	230928	----a-w-	c:\windows\system32\drivers\tmxpflt.sys
2010-07-02 16:46 . 2009-12-04 16:38	36368	----a-w-	c:\windows\system32\drivers\tmpreflt.sys
2010-07-02 16:36 . 2010-07-02 16:40	--------	d-----w-	c:\users\Skillz\AppData\Local\Google
2010-07-02 16:30 . 2010-07-02 16:36	--------	d-----w-	c:\users\Skillz\AppData\Local\Deployment
2010-07-02 16:30 . 2010-07-02 16:30	--------	d-----w-	c:\users\Skillz\AppData\Local\Apps
2010-07-02 13:50 . 2009-12-29 06:55	172032	----a-w-	c:\windows\system32\wintrust.dll
2010-07-02 13:50 . 2010-01-09 06:52	132608	----a-w-	c:\windows\system32\cabview.dll
2010-06-15 18:01 . 2010-06-15 18:01	72504	----a-w-	c:\programdata\Apple Computer\Installer Cache\iTunes 9.2.0.61\SetupAdmin.exe

.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-14 20:13 . 2009-07-14 08:47	643628	----a-w-	c:\windows\system32\perfh007.dat
2010-07-14 20:13 . 2009-07-14 08:47	126188	----a-w-	c:\windows\system32\perfc007.dat
2010-07-10 18:28 . 2010-02-01 14:02	--------	d-----w-	c:\program files\Common Files\Adobe AIR
2010-07-07 15:36 . 2010-07-07 15:36	0	---ha-w-	c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2010-07-03 17:26 . 2009-07-14 02:37	--------	d-----w-	c:\program files\Windows Mail
2010-07-03 07:54 . 2010-02-01 13:14	--------	d--h--w-	c:\program files\InstallShield Installation Information
2010-07-02 21:39 . 2010-07-02 21:39	--------	d-sh--we	c:\programdata\Vorlagen
2010-07-02 21:39 . 2010-07-02 21:39	--------	d-sh--we	c:\programdata\Startmenü
2010-07-02 21:39 . 2010-07-02 21:39	--------	d-sh--we	c:\programdata\Favoriten
2010-07-02 21:39 . 2010-07-02 21:39	--------	d-sh--we	c:\programdata\Dokumente
2010-07-02 21:39 . 2010-07-02 21:39	--------	d-sh--we	c:\programdata\Anwendungsdaten
2010-07-02 21:39 . 2010-07-02 21:39	--------	d-sh--we	c:\program files\Gemeinsame Dateien
2010-07-02 13:58 . 2010-02-01 15:16	--------	d-----w-	c:\programdata\Trend Micro
2010-07-02 13:47 . 2010-02-01 15:15	--------	d-----w-	c:\program files\Trend Micro
2010-05-21 05:18 . 2010-07-03 06:46	977920	----a-w-	c:\windows\system32\wininet.dll
2010-05-18 14:35 . 2010-05-18 14:35	91424	----a-w-	c:\windows\system32\dnssd.dll
2010-05-18 14:35 . 2010-05-18 14:35	75040	----a-w-	c:\windows\system32\jdns_sd.dll
2010-05-18 14:35 . 2010-05-18 14:35	197920	----a-w-	c:\windows\system32\dnssdX.dll
2010-05-18 14:35 . 2010-05-18 14:35	107808	----a-w-	c:\windows\system32\dns-sd.exe
2010-05-01 14:49 . 2010-07-03 06:46	2326528	----a-w-	c:\windows\system32\win32k.sys
2010-04-19 18:47 . 2010-04-19 18:47	3062048	----a-w-	c:\windows\system32\usbaaplrc.dll
2010-04-19 18:47 . 2010-04-19 18:47	41984	----a-w-	c:\windows\system32\drivers\usbaapl.sys
2009-06-10 21:26 . 2009-07-14 02:04	9633792	--sha-r-	c:\windows\Fonts\StaticCache.dat
.

(((((((((((((((((((((((((((((   SnapShot@2010-07-14_19.55.51   )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-02-01 15:10 . 2010-07-14 20:02	32208              c:\windows\System32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 04:55 . 2010-07-14 20:02	40210              c:\windows\System32\wdi\BootPerformanceDiagnostics_SystemData.bin
- 2010-07-02 21:37 . 2010-07-14 19:45	16384              c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-07-02 21:37 . 2010-07-14 20:02	16384              c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-07-02 21:37 . 2010-07-14 20:02	32768              c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-07-02 21:37 . 2010-07-14 19:45	32768              c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:41 . 2010-07-14 19:45	16384              c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:41 . 2010-07-14 20:02	16384              c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-07-03 06:34 . 2010-07-14 19:12	16384              c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-07-03 06:34 . 2010-07-14 20:06	16384              c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-07-03 06:34 . 2010-07-14 19:12	32768              c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-07-03 06:34 . 2010-07-14 20:06	32768              c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-07-03 06:34 . 2010-07-14 20:06	16384              c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-07-03 06:34 . 2010-07-14 19:12	16384              c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-07-02 13:48 . 2010-07-14 20:02	4376              c:\windows\System32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2144237666-3199333369-569597218-1000_UserData.bin
+ 2010-07-14 20:07 . 2010-07-14 20:07	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2010-07-14 19:43 . 2010-07-14 19:43	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2010-07-14 19:43 . 2010-07-14 19:43	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2010-07-14 20:07 . 2010-07-14 20:07	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-07-14 02:05 . 2010-07-14 20:13	606992              c:\windows\System32\perfh009.dat
- 2009-07-14 02:05 . 2010-07-14 19:50	606992              c:\windows\System32\perfh009.dat
- 2009-07-14 02:05 . 2010-07-14 19:50	103370              c:\windows\System32\perfc009.dat
+ 2009-07-14 02:05 . 2010-07-14 20:13	103370              c:\windows\System32\perfc009.dat
- 2009-09-22 02:46 . 2010-07-12 21:10	245760              c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2009-09-22 02:46 . 2010-07-14 20:02	245760              c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-04 186904]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-07-20 1545512]
"HotkeyMon"="AsusSender.exe" [2009-09-11 33768]
"HotkeyService"="AsusSender.exe" [2009-09-11 33768]
"SuperHybridEngine"="AsusSender.exe" [2009-09-11 33768]
"Eee Docking"="c:\program files\ASUS\Eee Docking\Eee Docking.exe" [2009-11-17 414384]
"EeeSplendidAgent"="c:\program files\ASUS\EPC\EeeSplendid\AsAgent.exe" [2009-12-29 104960]
"SynAsusAcpi"="c:\program files\Synaptics\SynTP\SynAsusAcpi.exe" [2009-07-20 83240]
"UfSeAgnt.exe"="c:\program files\Trend Micro\Internet Security\UfSeAgnt.exe" [2010-02-23 1024368]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-10-05 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-10-05 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-10-05 150552]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-09-29 7744032]
"EEESplendidAR"="AsusSender.exe" [2009-09-11 33768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"GrpConv"="grpconv -o" [X]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
backup=c:\windows\pss\Bluetooth.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^Users^Skillz^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^ZooskMessenger.lnk]
path=c:\users\Skillz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ZooskMessenger.lnk
backup=c:\windows\pss\ZooskMessenger.lnk.Startup
backupExtension=.Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-02-27 16:10	35696	----a-w-	c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2010-06-03 00:50	1144104	----a-w-	c:\program files\DivX\DivX Update\DivXUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2010-07-02 16:36	136176	----atw-	c:\users\Skillz\AppData\Local\Google\Update\GoogleUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2010-06-15 14:33	141624	----a-w-	c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2009-07-26 15:44	3883840	----a-w-	c:\program files\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-07-12 19:54	421888	----a-w-	c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-02-18 09:43	248040	----a-w-	c:\program files\Common Files\Java\Java Update\jusched.exe

R1 AsUpIO;AsUpIO;c:\windows\system32\drivers\AsUpIO.sys [2009-07-06 11448]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
R2 AsusService;Asus Launcher Service;c:\windows\System32\AsusService.exe [2009-08-18 219136]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 tmpreflt;tmpreflt;c:\windows\system32\DRIVERS\tmpreflt.sys [2009-12-04 36368]
R3 br3gmdm;BandLuxe 3.5G USB Adapter - MODEM;c:\windows\system32\DRIVERS\br3gmdm.sys [2009-09-02 107008]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2009-07-01 43944]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 29472]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [2009-06-22 100736]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x86.sys [2009-07-27 51712]
R3 tmevtmgr;tmevtmgr;c:\windows\system32\DRIVERS\tmevtmgr.sys [2009-08-22 50704]
R3 tmlwf;Trend Micro NDIS 6.0 Filter Driver;c:\windows\system32\DRIVERS\tmlwf.sys [2009-08-22 146448]
R3 TmPfw;Trend Micro Personal Firewall;c:\program files\Trend Micro\Internet Security\TmPfw.exe [2009-08-22 497008]
R3 TmProxy;Trend Micro Proxy Service;c:\program files\Trend Micro\Internet Security\TmProxy.exe [2009-08-22 689416]
R3 tmwfp;Trend Micro WFP Callout Driver;c:\windows\system32\DRIVERS\tmwfp.sys [2009-08-22 283152]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc
HPZ12	REG_MULTI_SZ   	Pml Driver HPZ12 Net Driver HPZ12
.
Inhalt des "geplante Tasks" Ordners

2010-07-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2144237666-3199333369-569597218-1000Core.job
- c:\users\Skillz\AppData\Local\Google\Update\GoogleUpdate.exe [2010-07-02 16:36]

2010-07-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2144237666-3199333369-569597218-1000UA.job
- c:\users\Skillz\AppData\Local\Google\Update\GoogleUpdate.exe [2010-07-02 16:36]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://asus.msn.com
mStart Page = hxxp://asus.msn.com
uInternet Settings,ProxyOverride = *.local
IE: Free YouTube to Mp3 Converter - c:\users\Skillz\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm
IE: {{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - c:\program files\ICQ7.2\ICQ.exe
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -

HKLM-RunOnce-<NO NAME> - (no file)


.
--------------------- Gesperrte Registrierungsschluessel ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2010-07-14  22:21:52
ComboFix-quarantined-files.txt  2010-07-14 20:21
ComboFix2.txt  2010-07-14 19:59

Vor Suchlauf: 12 Verzeichnis(se), 84.458.328.064 Bytes frei
Nach Suchlauf: 13 Verzeichnis(se), 84.339.212.288 Bytes frei

- - End Of File - - 7E4A27F5C8EFA50C6FA3623E81036A7B
--- --- ---
__________________
Alt 14.07.2010, 21:42   #3
markusg
/// Malware-holic
 
Googlechrome macht was es will.. - Standard

Googlechrome macht was es will..


kannst du mal den inhalt folgender txt posten?
ComboFix-quarantined-files.txt
__________________
Alt 14.07.2010, 22:07   #4
Mofa
 
Googlechrome macht was es will.. - Standard

Googlechrome macht was es will..


2010-07-14 19:57:36 . 2010-07-14 19:57:37 133 ----a-w- C:\Qoobox\Quarantine\Registry_backups\HKLM-Run-ASUSPRP.reg.dat
2010-07-14 19:57:31 . 2010-07-14 19:57:31 173 ----a-w- C:\Qoobox\Quarantine\Registry_backups\Toolbar-Locked.reg.dat
2010-07-14 18:02:02 . 2010-07-12 20:36:55 26,112 ----a-w- C:\Qoobox\Quarantine\C\windows\system32\userinit.exe.vir
2010-07-14 17:43:23 . 2010-07-14 20:15:44 6,117 ----a-w- C:\Qoobox\Quarantine\Registry_backups\tcpip.reg
2010-07-14 17:01:25 . 2010-07-14 20:10:11 362 ----a-w- C:\Qoobox\Quarantine\catchme.log
2010-07-13 05:28:22 . 2010-07-13 05:28:22 0 ----a-w- C:\Qoobox\Quarantine\C\System Volume Information\Windows Backup\Catalogs\GlobalCatalogLock.dat.vir
2010-02-01 15:32:25 . 2010-02-01 15:32:25 148,736 ----a-w- C:\Qoobox\Quarantine\C\ProgramData\hpe3E66.dll.vir
2010-02-01 13:15:04 . 2010-07-14 17:17:21 330,264 ----a-w- C:\Qoobox\Quarantine\C\windows\system32\Drivers\iaStor.sys.vir
2009-09-22 03:35:52 . 2009-07-14 14:27:26 7,680 ----a-w- C:\Qoobox\Quarantine\C\windows\system32\Thumbs.db.vir
2009-07-14 00:15:29 . 2010-07-12 19:32:05 522,752 ----a-w- C:\Qoobox\Quarantine\C\windows\system32\FXSSVC.exe.vir
2009-07-13 23:58:32 . 2010-07-12 20:36:02 14,848 ----a-w- C:\Qoobox\Quarantine\C\windows\system32\regsvr32.exe.vir
2009-07-13 23:55:05 . 2010-07-12 19:32:23 12,800 ----a-w- C:\Qoobox\Quarantine\C\windows\system32\snmptrap.exe.vir
2009-07-13 23:53:10 . 2010-07-12 19:31:58 59,392 ----a-w- C:\Qoobox\Quarantine\C\windows\system32\alg.exe.vir
2009-07-13 23:44:02 . 2010-07-12 19:32:13 134,144 ----a-w- C:\Qoobox\Quarantine\C\windows\system32\msdtc.exe.vir
2009-07-13 23:43:52 . 2010-07-12 20:29:31 7,168 ----a-w- C:\Qoobox\Quarantine\C\windows\system32\dllhost.exe.vir
2009-07-13 23:43:49 . 2010-07-12 19:32:20 9,216 ----a-w- C:\Qoobox\Quarantine\C\windows\system32\Locator.exe.vir
2009-07-13 23:41:43 . 2010-07-12 20:36:08 44,544 ----a-w- C:\Qoobox\Quarantine\C\windows\system32\rundll32.exe.vir
2009-07-13 23:36:55 . 2010-07-12 19:32:31 35,840 ----a-w- C:\Qoobox\Quarantine\C\windows\system32\UI0Detect.exe.vir
2009-07-13 23:32:18 . 2010-07-12 20:34:50 1,401,344 ----a-w- C:\Qoobox\Quarantine\C\windows\system32\mmc.exe.vir
2009-07-13 23:31:17 . 2010-07-12 19:32:38 136,192 ----a-w- C:\Qoobox\Quarantine\C\windows\system32\wbem\WmiApSrv.exe.vir
2009-07-13 23:30:45 . 2010-07-12 19:41:00 190,464 ----a-w- C:\Qoobox\Quarantine\C\windows\system32\taskeng.exe.vir
2009-07-13 23:27:32 . 2010-07-12 20:37:19 360,448 ----a-w- C:\Qoobox\Quarantine\C\windows\system32\WerFault.exe.vir
2009-07-13 23:24:05 . 2010-07-12 19:32:32 452,608 ----a-w- C:\Qoobox\Quarantine\C\windows\system32\vds.exe.vir
2009-07-13 23:23:48 . 2010-07-12 19:32:34 1,202,688 ----a-w- C:\Qoobox\Quarantine\C\windows\system32\wbengine.exe.vir
2009-07-13 23:22:31 . 2010-07-12 19:32:30 204,800 ----a-w- C:\Qoobox\Quarantine\C\windows\servicing\TrustedInstaller.exe.vir
2009-07-13 23:22:09 . 2010-07-12 20:28:09 301,568 ----a-w- C:\Qoobox\Quarantine\C\windows\system32\cmd.exe.vir
2009-07-13 23:20:05 . 2010-07-12 19:30:00 233,984 ----a-w- C:\Qoobox\Quarantine\C\windows\system32\msconfig.exe.vir
2009-07-13 23:19:25 . 2010-07-12 20:36:09 37,376 ----a-w- C:\Qoobox\Quarantine\C\windows\system32\sc.exe.vir

Alt 14.07.2010, 23:24   #5
markusg
/// Malware-holic
 
Googlechrome macht was es will.. - Standard

Googlechrome macht was es will..


kannst du mal den ordner qoobox, der sich auf c: befindet packen und zu uns hochladen?
evtl. dafür dein antivirus deaktiviren.


Alt 15.07.2010, 07:03   #6
Mofa
 
Googlechrome macht was es will.. - Standard

Googlechrome macht was es will..


Kann ich irgendwie den ordner einfügen oder muss ich die ganzen datein einzeln hochladen?

Alt 15.07.2010, 12:17   #7
markusg
/// Malware-holic
 
Googlechrome macht was es will.. - Standard

Googlechrome macht was es will..


ne rechtsklick, zu qoobox.rar oder zip hinzufügen und das archiv hochladen

Alt 15.07.2010, 16:44   #8
Mofa
 
Googlechrome macht was es will.. - Standard

Googlechrome macht was es will..


Ok, danke, =)

Hab den ordner hochgeladen.

Alt 15.07.2010, 16:46   #9
markusg
/// Malware-holic
 
Googlechrome macht was es will.. - Standard

Googlechrome macht was es will..


dann scanne mal mit deinem antivirus programm, nach einem update natürlich, teile uns das ergebniss mit

Alt 15.07.2010, 18:32   #10
Mofa
 
Googlechrome macht was es will.. - Standard

Googlechrome macht was es will..


Ok, scan durchgeführt und es wurden nur 12 Cookies gefunden die gelöscht wurden.
Mehr wurde nicht gefunden
Hoffe des ist gut =)

Alt 16.07.2010, 13:13   #11
markusg
/// Malware-holic
 
Googlechrome macht was es will.. - Standard

Googlechrome macht was es will..


ja, endere nun mal alle passwörter. reinige mit dem ccleaner.

Antwort
Seite 2 von 2 1 2

Themen zu Googlechrome macht was es will..
adobe, bho, bonjour, browser, converter, explorer, firewall, googlechrome, hijack, hijackthis, icq, internet, internet explorer, logfile, microsoft, monitor, mp3, neue, plug-in, problem, realtek, safer networking, security, senden, software, system, windows, öffnet


« Internet Explorer macht sich selbständig und öffnet Werbefenster | Kann dienste/Seiten von Microsoft nicht aufrufen »


Ähnliche Themen: Googlechrome macht was es will..


  1. Trojaner "MyBrowser" von Plus Network eingefangen über GoogleChrome (WIn7)
    Log-Analyse und Auswertung - 30.09.2015 (42)
  2. Windows 8.1 64-bit GoogleChrome-Nutzer: Nach klicken auf beliebigen Link öffnet Tab mit Werbung
    Plagegeister aller Art und deren Bekämpfung - 12.08.2015 (27)
  3. YouTube Videos ohne Bild angezeigt! Neuste Version von Flash schon installiert-GoogleChrome
    Plagegeister aller Art und deren Bekämpfung - 26.02.2014 (3)
  4. Windows 7: GoogleChrome Erweiterung "DownSave5.2" taucht nach Löschen immer wieder auf
    Log-Analyse und Auswertung - 10.01.2014 (9)
  5. qv06 öffnet sich beim Start von GoogleChrome!
    Log-Analyse und Auswertung - 12.08.2013 (15)
  6. Pc macht was er will
    Plagegeister aller Art und deren Bekämpfung - 25.05.2013 (3)
  7. GoogleChrome hängt dauernd - PUP.AdBundle und PUP.OfferBundler gefunden
    Log-Analyse und Auswertung - 12.02.2013 (29)
  8. MyStartIncrediBar auf GoogleChrome
    Plagegeister aller Art und deren Bekämpfung - 16.11.2012 (1)
  9. FireFox/GoogleChrome - Falsche Weiterleitung bei Googlesuche
    Log-Analyse und Auswertung - 21.12.2010 (17)
  10. PC macht was er will?
    Plagegeister aller Art und deren Bekämpfung - 02.10.2010 (7)
  11. Gen.Trojan!iK - was macht der?
    Plagegeister aller Art und deren Bekämpfung - 05.01.2010 (1)
  12. Pc macht was er will
    Log-Analyse und Auswertung - 18.03.2008 (0)
  13. Hijackthis Log/IE macht was er will...
    Log-Analyse und Auswertung - 05.04.2007 (5)
  14. Der Ton macht die Musik
    Lob, Kritik und Wünsche - 09.10.2006 (91)
  15. Wer macht mit ...
    Alles rund um Mac OSX & Linux - 06.11.2002 (9)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Googlechrome macht was es will.. - kannst du es mal im abgesicherten modus versuchen? beim pc start die f8-taste drücken, dann solltest du dort hingelangen - Googlechrome macht was es will.....
Archiv
Du betrachtest: Googlechrome macht was es will.. auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30