Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Verdacht auf weiteren Virenbefall (u.a. TrojanDownloader.Agent.NCJ trojan gefunden und gelöscht) (https://www.trojaner-board.de/113243-verdacht-weiteren-virenbefall-u-a-trojandownloader-agent-ncj-trojan-gefunden-geloescht.html)

Gandaf 06.04.2012 16:43
Verdacht auf weiteren Virenbefall (u.a. TrojanDownloader.Agent.NCJ trojan gefunden und gelöscht)
 
Hallo Zusammen,

seit nun zwei Tagen schlage ich mich nun mit Virenbefall auf meinem PC herum. Bemerkt habe ich ihn leider erst nach dem mein lotor Account gehackt worden war (04.04.2012). Daraufhin habe ich einen Antivir komplett scann durchgeführt wobei ich vier exploits entdeckt und gelöscht habe, leider habe ich die Logs nicht mehr :-( Nach dem Fund dieses Einfalltors habe bin ich auf die Suche per Google gemacht und bin auf das Thema "http://www.trojaner-board.de/110311-...he-6-0-a.html" gestoßen. Auch wenn mein Problem ein anderes ist fand ich die Hinweise auf diverse Scanner doch recht hilfreich. So habe ich dann einen Vollscan mit Malwarebytes vorgenommen wo allerdings nichts verdächtiges entdeckt wurde. Allerdings brachte ein Scann mit dem "ESET Online Scanner" acht weitere Infektionen zu Tage, die ich in der Folge ebenfalls entfernt habe.

Ich vermute mal das es euch nicht sonderlich gefallen wird, dass ich recht eigenmächtig vorgangen bin. Daher bitte ich euch auch nur darum mal die DDS logs durchzusehen. Der ein oder andere Prozess kommt mir nach wie vor nicht ganz geheuer vor.

Code:
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 8.0.7601.17514  BrowserJavaVersion: 1.6.0_31
Run by vid at 17:04:35 on 2012-04-06
Microsoft Windows 7 Professional  6.1.7601.1.1252.49.1031.18.4094.2558 [GMT 2:00]
.
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: COMODO Defense+ *Enabled/Updated* {FEEA52D5-051E-08DD-07EF-2F009097607D}
FW: COMODO Firewall *Enabled* {7DB03214-694B-060B-1600-BD4715C36DBB}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
C:\Program Files (x86)\Secunia\PSI\PSIA.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
E:\Programme\SetPointP\SetPoint.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Secunia\PSI\sua.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uInternet Settings,ProxyOverride = *.local;192.168.*.*
mWinlogon: Userinit=userinit.exe
BHO: Octh Class: {000123b4-9b42-4900-b3f7-f4b073efc214} - C:\Program Files (x86)\Orbitdownloader\orbitcth.dll
BHO: Adobe PDF Reader: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO: SteadyVideoBHO Class: {6c680bae-655c-4e3d-8fc4-e6a520c3d928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
mRun: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
mRun: [<NO NAME>]
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SECUNI~1.LNK - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: &Download by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/204
IE: An OneNote s&enden - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: An vorhandenes PDF anfügen - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Auswahl in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Auswahl in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Do&wnload selected by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/202
IE: In Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Nach Microsoft E&xcel exportieren - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Verknüpfungsziel in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{6547EA37-F4B2-4DD7-8BC1-53226602DFD1} : DhcpNameServer = 192.168.0.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
AppInit_DLLs:          C:\Windows\SysWOW64\guard32.dll
{000123B4-9B42-4900-B3F7-F4B073EFC214}
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
{326E768D-4182-46FD-9C16-1449A49795F4}
{6C680BAE-655C-4E3D-8FC4-E6A520C3D928}
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
{AE7CD045-E861-484f-8273-0445EE161910}
{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
{B4F3A835-0E21-4959-BA22-42B3008E02FF}
{DBC80044-A445-435b-BC74-9C25C1C588A9}
{47833539-D0C5-4125-9FA8-0819E2EAAC93}
EB-X64: {182EC0BE-5110-49C8-A062-BEB1D02A220B} - No File
mRun-x64: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
mRun-x64: [(Standard)]
mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun-x64: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
AppInit_DLLs-X64:          C:\Windows\SysWOW64\guard32.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\vid\AppData\Roaming\Mozilla\Firefox\Profiles\8d3m72so.default\
FF - prefs.js: browser.search.selectedEngine - Wikipedia (de)
FF - prefs.js: browser.startup.homepage - www.google.com
FF - component: C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
FF - component: C:\Program Files (x86)\Orbitdownloader\addons\OneClickYouTubeDownloader\components\GrabXpcom.dll
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
.
============= SERVICES / DRIVERS ===============
.
R1 avkmgr;avkmgr;C:\Windows\system32\DRIVERS\avkmgr.sys --> C:\Windows\system32\DRIVERS\avkmgr.sys [?]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;C:\Windows\system32\DRIVERS\cmdguard.sys --> C:\Windows\system32\DRIVERS\cmdguard.sys [?]
R1 cmdHlp;COMODO Internet Security Helper Driver;C:\Windows\system32\DRIVERS\cmdhlp.sys --> C:\Windows\system32\DRIVERS\cmdhlp.sys [?]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys --> C:\Windows\system32\DRIVERS\dtsoftbus01.sys [?]
R2 acedrv11;acedrv11;\??\C:\Windows\system32\drivers\acedrv11.sys --> C:\Windows\system32\drivers\acedrv11.sys [?]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-2-14 361984]
R2 AntiVirSchedulerService;Avira Planer;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2012-4-5 86224]
R2 AntiVirService;Avira Echtzeit Scanner;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2012-4-5 110032]
R2 AODDriver4.01;AODDriver4.01;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-1-3 55936]
R2 avgntflt;avgntflt;C:\Windows\system32\DRIVERS\avgntflt.sys --> C:\Windows\system32\DRIVERS\avgntflt.sys [?]
R2 CLPSLS;COMODO livePCsupport Service;C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe [2011-11-23 1267000]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-4-4 652360]
R2 MotoHelper;MotoHelper Service;C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe [2011-4-26 223088]
R2 Secunia PSI Agent;Secunia PSI Agent;C:\Program Files (x86)\Secunia\PSI\psia.exe [2011-7-29 994360]
R2 Secunia Update Agent;Secunia Update Agent;C:\Program Files (x86)\Secunia\PSI\sua.exe [2011-7-29 399416]
R3 amdiox64;AMD IO Driver;C:\Windows\system32\DRIVERS\amdiox64.sys --> C:\Windows\system32\DRIVERS\amdiox64.sys [?]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 PSI;PSI;C:\Windows\system32\DRIVERS\psi_mf.sys --> C:\Windows\system32\DRIVERS\psi_mf.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\system32\drivers\viahduaa.sys --> C:\Windows\system32\drivers\viahduaa.sys [?]
S2 AODDriver4.1;AODDriver4.1;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-1-3 55936]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 StorSvc;Speicherdienst;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 20992]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
.
=============== Created Last 30 ================
.
2012-04-06 14:19:48        283200        ----a-w-        C:\Windows\System32\drivers\dtsoftbus01.sys
2012-04-06 12:47:14        --------        d-----w-        C:\Program Files (x86)\DAEMON Tools Lite
2012-04-06 12:38:51        --------        d-----w-        C:\Users\vid\AppData\Local\Secunia PSI
2012-04-06 12:38:48        --------        d-----w-        C:\Program Files (x86)\Secunia
2012-04-05 20:52:33        --------        d-----w-        C:\ProgramData\CPA_VA
2012-04-05 20:48:36        --------        d-----w-        C:\Users\vid\AppData\Roaming\Avira
2012-04-05 20:46:17        --------        d-----w-        C:\ProgramData\Comodo
2012-04-05 20:46:14        --------        d-----w-        C:\Program Files (x86)\Comodo
2012-04-05 20:46:13        1700352        ----a-w-        C:\Windows\SysWow64\gdiplus.dll
2012-04-05 20:43:18        97312        ----a-w-        C:\Windows\System32\drivers\avgntflt.sys
2012-04-05 20:43:18        27760        ----a-w-        C:\Windows\System32\drivers\avkmgr.sys
2012-04-05 20:43:18        --------        d-----w-        C:\ProgramData\Avira
2012-04-05 20:43:18        --------        d-----w-        C:\Program Files (x86)\Avira
2012-04-05 20:19:15        --------        d-----w-        C:\TDSSKiller_Quarantine
2012-04-04 20:51:30        8669240        ----a-w-        C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{AB7600E5-A3D0-4CAC-AB11-F4BEA733045C}\mpengine.dll
2012-04-04 18:56:01        --------        d-----w-        C:\Program Files (x86)\ESET
2012-04-04 18:33:34        --------        d-----w-        C:\Users\vid\AppData\Roaming\Malwarebytes
2012-04-04 18:33:27        --------        d-----w-        C:\ProgramData\Malwarebytes
2012-04-04 18:33:26        23152        ----a-w-        C:\Windows\System32\drivers\mbam.sys
2012-04-04 18:33:26        --------        d-----w-        C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-04-04 17:41:15        --------        d-----w-        C:\Users\vid\AppData\Roaming\QuickScan
2012-03-26 17:13:46        51496        ----a-w-        C:\Windows\System32\drivers\stflt.sys
2012-03-23 00:26:36        592824        ----a-w-        C:\Program Files (x86)\Mozilla Firefox\gkmedias.dll
2012-03-23 00:26:36        44472        ----a-w-        C:\Program Files (x86)\Mozilla Firefox\mozglue.dll
2012-03-18 20:14:59        --------        d-----w-        C:\ProgramData\Gibraltar
2012-03-18 19:11:14        --------        d-----w-        C:\Users\vid\AppData\Local\assembly
2012-03-18 19:05:45        --------        d-----w-        C:\Users\vid\AppData\Roaming\Swiss Academic Software
2012-03-18 19:03:57        --------        d-----w-        C:\Program Files (x86)\Citavi 3
2012-03-16 14:23:05        3145728        ----a-w-        C:\Windows\System32\win32k.sys
2012-03-16 14:23:04        9216        ----a-w-        C:\Windows\System32\rdrmemptylst.exe
2012-03-16 14:23:04        77312        ----a-w-        C:\Windows\System32\rdpwsx.dll
2012-03-16 14:23:04        1544192        ----a-w-        C:\Windows\System32\DWrite.dll
2012-03-16 14:23:04        149504        ----a-w-        C:\Windows\System32\rdpcorekmts.dll
2012-03-16 14:23:03        826880        ----a-w-        C:\Windows\SysWow64\rdpcore.dll
2012-03-16 14:23:03        1077248        ----a-w-        C:\Windows\SysWow64\DWrite.dll
2012-03-16 14:23:03        1031680        ----a-w-        C:\Windows\System32\rdpcore.dll
2012-03-16 14:23:02        23552        ----a-w-        C:\Windows\System32\drivers\tdtcp.sys
2012-03-16 14:23:02        210944        ----a-w-        C:\Windows\System32\drivers\rdpwd.sys
2012-03-12 10:52:22        --------        d-----w-        C:\Program Files\Windows XP Mode
2012-03-12 07:23:27        --------        d-----w-        C:\Program Files (x86)\AMD AVT
2012-03-12 07:23:25        --------        d-----w-        C:\Program Files\AMD
2012-03-12 07:23:25        --------        d-----w-        C:\Program Files (x86)\AMD
2012-03-12 07:23:24        --------        d-----w-        C:\Program Files (x86)\AMD APP
2012-03-11 19:13:42        577824        ----a-w-        C:\Windows\System32\drivers\cmdGuard.sys
2012-03-11 19:13:42        43248        ----a-w-        C:\Windows\System32\drivers\cmdhlp.sys
2012-03-11 19:13:40        22696        ----a-w-        C:\Windows\System32\drivers\cmderd.sys
2012-03-11 19:13:20        301224        ----a-w-        C:\Windows\SysWow64\guard32.dll
2012-03-11 19:13:18        389840        ----a-w-        C:\Windows\System32\guard64.dll
2012-03-08 17:57:05        --------        d-----w-        C:\Users\vid\AppData\Local\RenSim
.
==================== Find3M  ====================
.
2012-04-06 12:45:37        472808        ----a-w-        C:\Windows\SysWow64\deployJava1.dll
2012-03-11 21:13:20        41200        ----a-w-        C:\Windows\System32\cmdcsr.dll
2012-02-23 07:18:36        279656        ------w-        C:\Windows\System32\MpSigStub.exe
2012-02-15 03:48:32        10856960        ----a-w-        C:\Windows\System32\drivers\atikmdag.sys
2012-02-15 03:21:24        25839104        ----a-w-        C:\Windows\System32\atio6axx.dll
2012-02-15 03:18:56        159744        ----a-w-        C:\Windows\System32\atiapfxx.exe
2012-02-15 03:18:40        791040        ----a-w-        C:\Windows\SysWow64\aticfx32.dll
2012-02-15 03:17:04        957952        ----a-w-        C:\Windows\System32\aticfx64.dll
2012-02-15 03:13:56        442368        ----a-w-        C:\Windows\System32\ATIDEMGX.dll
2012-02-15 03:13:40        496128        ----a-w-        C:\Windows\System32\atieclxx.exe
2012-02-15 03:13:00        235520        ----a-w-        C:\Windows\System32\atiesrxx.exe
2012-02-15 03:11:42        120320        ----a-w-        C:\Windows\System32\atitmm64.dll
2012-02-15 03:10:58        21504        ----a-w-        C:\Windows\System32\atimuixx.dll
2012-02-15 03:10:54        59392        ----a-w-        C:\Windows\System32\atiedu64.dll
2012-02-15 03:10:48        43520        ----a-w-        C:\Windows\SysWow64\ati2edxx.dll
2012-02-15 03:07:44        6200320        ----a-w-        C:\Windows\SysWow64\atidxx32.dll
2012-02-15 02:58:56        19392000        ----a-w-        C:\Windows\SysWow64\atioglxx.dll
2012-02-15 02:52:28        7646208        ----a-w-        C:\Windows\System32\atidxx64.dll
2012-02-15 02:41:28        1113088        ----a-w-        C:\Windows\System32\atiumd6v.dll
2012-02-15 02:40:54        1828864        ----a-w-        C:\Windows\SysWow64\atiumdmv.dll
2012-02-15 02:40:42        4958208        ----a-w-        C:\Windows\System32\atiumd6a.dll
2012-02-15 02:34:56        51200        ----a-w-        C:\Windows\System32\aticalrt64.dll
2012-02-15 02:34:54        46080        ----a-w-        C:\Windows\SysWow64\aticalrt.dll
2012-02-15 02:34:46        44544        ----a-w-        C:\Windows\System32\aticalcl64.dll
2012-02-15 02:34:44        44032        ----a-w-        C:\Windows\SysWow64\aticalcl.dll
2012-02-15 02:34:36        5954048        ----a-w-        C:\Windows\SysWow64\atiumdag.dll
2012-02-15 02:34:30        13859840        ----a-w-        C:\Windows\System32\aticaldd64.dll
2012-02-15 02:29:52        5062656        ----a-w-        C:\Windows\SysWow64\atiumdva.dll
2012-02-15 02:29:50        11561984        ----a-w-        C:\Windows\SysWow64\aticaldd.dll
2012-02-15 02:25:06        7551488        ----a-w-        C:\Windows\System32\atiumd64.dll
2012-02-15 02:16:38        58880        ----a-w-        C:\Windows\System32\coinst.dll
2012-02-15 02:14:00        512000        ----a-w-        C:\Windows\System32\atiadlxx.dll
2012-02-15 02:13:50        356352        ----a-w-        C:\Windows\SysWow64\atiadlxy.dll
2012-02-15 02:13:36        17408        ----a-w-        C:\Windows\System32\atig6pxx.dll
2012-02-15 02:13:32        14336        ----a-w-        C:\Windows\SysWow64\atiglpxx.dll
2012-02-15 02:13:32        14336        ----a-w-        C:\Windows\System32\atiglpxx.dll
2012-02-15 02:13:28        39936        ----a-w-        C:\Windows\System32\atig6txx.dll
2012-02-15 02:13:20        33280        ----a-w-        C:\Windows\SysWow64\atigktxx.dll
2012-02-15 02:13:12        327680        ----a-w-        C:\Windows\System32\drivers\atikmpag.sys
2012-02-15 02:12:22        43008        ----a-w-        C:\Windows\System32\atiuxp64.dll
2012-02-15 02:12:14        33280        ----a-w-        C:\Windows\SysWow64\atiuxpag.dll
2012-02-15 02:12:08        39936        ----a-w-        C:\Windows\System32\atiu9p64.dll
2012-02-15 02:12:00        30208        ----a-w-        C:\Windows\SysWow64\atiu9pag.dll
2012-02-15 02:11:22        53248        ----a-w-        C:\Windows\System32\drivers\ati2erec.dll
2012-02-15 02:11:16        54784        ----a-w-        C:\Windows\System32\atimpc64.dll
2012-02-15 02:11:16        54784        ----a-w-        C:\Windows\System32\amdpcom64.dll
2012-02-15 02:11:10        53760        ----a-w-        C:\Windows\SysWow64\atimpc32.dll
2012-02-15 02:11:10        53760        ----a-w-        C:\Windows\SysWow64\amdpcom32.dll
2012-02-14 21:05:32        69632        ----a-w-        C:\Windows\System32\OpenVideo64.dll
2012-02-14 21:05:26        59904        ----a-w-        C:\Windows\SysWow64\OpenVideo.dll
2012-02-14 21:05:20        61952        ----a-w-        C:\Windows\System32\OVDecode64.dll
2012-02-14 21:05:16        54784        ----a-w-        C:\Windows\SysWow64\OVDecode.dll
2012-02-14 21:05:08        16507904        ----a-w-        C:\Windows\System32\amdocl64.dll
2012-02-14 21:04:26        13238272        ----a-w-        C:\Windows\SysWow64\amdocl.dll
2012-02-14 21:03:44        54272        ----a-w-        C:\Windows\System32\OpenCL.dll
2012-02-14 21:03:38        48128        ----a-w-        C:\Windows\SysWow64\OpenCL.dll
2012-01-31 05:02:26        21504        ----a-w-        C:\Windows\System32\kdbsdk64.dll
2012-01-31 05:00:24        16896        ----a-w-        C:\Windows\SysWow64\kdbsdk32.dll
.
============= FINISH: 17:05:26,66 ===============
Eine weitere Sache die mich etwas stutzig macht ist, dass die Emails die ich von der in dem gehackten Account hinterlegten Emailadresse versende mit über 30 min. Verspätung ankommen. Empfangen kann ich mit dieser Adresse garnichts mehr (weder über Thunderbird noch direkt über den Browser). Daher hier noch ein Logfile vom Quelltext einer Testmail (Meine Emailadressen und Klarnamen sowie meine IP-Adresse habe ich durch XY bzw. XX ersetzt ...)

Code:
Delivered-To: XY@googlemail.com
Received: by 10.231.8.214 with SMTP id i22csp78536ibi;
        Fri, 6 Apr 2012 08:12:36 -0700 (PDT)
Received: by 10.180.102.100 with SMTP id fn4mr12523577wib.1.1333725155950;
        Fri, 06 Apr 2012 08:12:35 -0700 (PDT)
Return-Path: <XY@web.de>
Received: from fmmailgate05.web.de (fmmailgate05.web.de. [217.72.192.243])
        by mx.google.com with ESMTP id gb7si2383572wib.10.2012.04.06.08.12.35;
        Fri, 06 Apr 2012 08:12:35 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of XY@web.de designates 217.72.192.243 as permitted sender) client-ip=217.72.192.243;
Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of XY@web.de designates 217.72.192.243 as permitted sender) smtp.mail=XY@web.de
Received: from moweb002.kundenserver.de (moweb002.kundenserver.de [172.19.20.108])
        by fmmailgate05.web.de (Postfix) with ESMTP id 95B916C72D85
        for <XY@googlemail.com>; Fri,  6 Apr 2012 16:47:57 +0200 (CEST)
Received: from [192.168.0.199] ([XX.XXX.XXX.XX]) by smtp.web.de (mrweb002)
 with ESMTPA (Nemesis) id 0MXHt7-1Rk7Xk1wu5-00WHgU; Fri, 06 Apr 2012 16:47:57
 +0200
Message-ID: <4F7F021C.10802@web.de>
Date: Fri, 06 Apr 2012 16:47:56 +0200
From: XY <XY@web.de>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:11.0) Gecko/20120327 Thunderbird/11.0.1
MIME-Version: 1.0
To: XY <XY@googlemail.com>
Subject: sdfsdf
Content-Type: text/plain; charset=ISO-8859-15; format=flowed
Content-Transfer-Encoding: 7bit
X-Provags-ID:  V02:K0:RpvlZjf9tHU0aQbE8CV7we6dxxP0MiEAtc8Bbp5z7TT
 CT8qKQ1eaXeKF9pOtk6qwA6HNC+kwvTW2BEBqXHeFWZG1IeRlW
 ASOWUitXxoSG/pFRpr3FZEwl4EAepj6xw+8jh2Q2wWjdNNRT++
 AdK38FlEOwiQBOBIsRSiq6/Ck9d8hzzW3rOiO5MJQyItjoIdIC
 mVdXS49LRf4g2mOlt/Kog==

sdfsdf
Beste Grüße und vielen Dank das es euch gibt :-) !
Gandaf

cosinus 06.04.2012 21:56
Zitat:
Allerdings brachte ein Scann mit dem "ESET Online Scanner" acht weitere Infektionen zu Tage,
Und warum postest du das Log dazu nicht? :confused:

Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
hier steht das Log

Gandaf 06.04.2012 22:11
Hallo Arne,

erstmal vielen Dank für die Antwort :-) Hast recht hätte ich gleich reinpacken sollen, waren ein paar mehr Scanns das log ist dem entsprechend etwas voller.
Solltest du noch etwas brauchen lass es mich wissen.

Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=37ce2951232f3c41a1157e02b9c9212c
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-04-04 07:29:07
# local_time=2012-04-04 09:29:07 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1797 16775165 100 94 5434 70103571 0 0
# compatibility_mode=3073 16777213 80 71 1046527 9249166 0 0
# compatibility_mode=5893 16776573 100 94 1662497 85196600 0 0
# compatibility_mode=8192 67108863 100 0 989 989 0 0
# scanned=2116
# found=5
# cleaned=0
# scan_time=997
C:\Downloads\freeripmp35-setup.exe        Win32/Toolbar.Zugo application (unable to clean)        00000000000000000000000000000000        I
C:\Downloads\PDFCreator-1_2_3_setup.exe        Win32/Adware.Toolbar.Dealio application (unable to clean)        00000000000000000000000000000000        I
C:\Downloads\SoftonicDownloader_fuer_freerip-mp3.exe        a variant of Win32/SoftonicDownloader.A application (unable to clean)        00000000000000000000000000000000        I
C:\Downloads\SoftonicDownloader_fuer_word-reader.exe        a variant of Win32/SoftonicDownloader.A application (unable to clean)        00000000000000000000000000000000        I
C:\Downloads\windows7codecpackv270setup.exe        multiple threats (unable to clean)        00000000000000000000000000000000        I
ESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=53251
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=37ce2951232f3c41a1157e02b9c9212c
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-04-04 09:30:58
# local_time=2012-04-04 11:30:58 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1797 16775165 100 94 6523 70104660 0 0
# compatibility_mode=3073 16777213 80 71 1047616 9250255 0 0
# compatibility_mode=5893 16776573 100 94 1663586 85197689 0 0
# compatibility_mode=8192 67108863 100 0 2078 2078 0 0
# scanned=222565
# found=7
# cleaned=0
# scan_time=7219
C:\Downloads\freeripmp35-setup.exe        Win32/Toolbar.Zugo application (unable to clean)        00000000000000000000000000000000        I
C:\Downloads\PDFCreator-1_2_3_setup.exe        Win32/Adware.Toolbar.Dealio application (unable to clean)        00000000000000000000000000000000        I
C:\Downloads\SoftonicDownloader_fuer_freerip-mp3.exe        a variant of Win32/SoftonicDownloader.A application (unable to clean)        00000000000000000000000000000000        I
C:\Downloads\SoftonicDownloader_fuer_word-reader.exe        a variant of Win32/SoftonicDownloader.A application (unable to clean)        00000000000000000000000000000000        I
C:\Downloads\windows7codecpackv270setup.exe        multiple threats (unable to clean)        00000000000000000000000000000000        I
C:\Program Files (x86)\PDFCreator\Toolbar\pdfforge Toolbar_setup.exe        Win32/Adware.Toolbar.Dealio application (unable to clean)        00000000000000000000000000000000        I
C:\Users\vid\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51\3db83733-48a07e9c        Java/TrojanDownloader.Agent.NCJ trojan (unable to clean)        00000000000000000000000000000000        I
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=37ce2951232f3c41a1157e02b9c9212c
# end=stopped
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-04-04 10:28:29
# local_time=2012-04-05 12:28:29 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=5.1.2600 NT Service Pack 2
# compatibility_mode=1797 16775165 100 94 14222 70112359 7017 0
# compatibility_mode=3073 16777213 80 71 1055315 9257954 0 0
# compatibility_mode=5893 16776573 100 94 2848 85205388 0 0
# compatibility_mode=8192 67108863 100 0 9777 9777 0 0
# scanned=63732
# found=5
# cleaned=5
# scan_time=2971
C:\Downloads\freeripmp35-setup.exe        Win32/Toolbar.Zugo application (deleted - quarantined)        00000000000000000000000000000000        C
C:\Downloads\PDFCreator-1_2_3_setup.exe        Win32/Adware.Toolbar.Dealio application (deleted - quarantined)        00000000000000000000000000000000        C
C:\Downloads\SoftonicDownloader_fuer_freerip-mp3.exe        a variant of Win32/SoftonicDownloader.A application (cleaned by deleting - quarantined)        00000000000000000000000000000000        C
C:\Downloads\SoftonicDownloader_fuer_word-reader.exe        a variant of Win32/SoftonicDownloader.A application (cleaned by deleting - quarantined)        00000000000000000000000000000000        C
C:\Downloads\windows7codecpackv270setup.exe        multiple threats (deleted - quarantined)        00000000000000000000000000000000        C
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=37ce2951232f3c41a1157e02b9c9212c
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-04-05 07:33:20
# local_time=2012-04-05 09:33:20 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=5.1.2600 NT Service Pack 2
# compatibility_mode=1797 16775165 100 94 40306 70183628 78286 0
# compatibility_mode=3073 16777213 80 71 1126584 9329223 0 0
# compatibility_mode=5893 16776574 100 94 74117 85276657 0 0
# compatibility_mode=8192 67108863 100 0 81046 81046 0 0
# scanned=222623
# found=7
# cleaned=7
# scan_time=7593
C:\Downloads\freeripmp35-setup.exe        Win32/Toolbar.Zugo application (deleted - quarantined)        00000000000000000000000000000000        C
C:\Downloads\PDFCreator-1_2_3_setup.exe        Win32/Adware.Toolbar.Dealio application (deleted - quarantined)        00000000000000000000000000000000        C
C:\Downloads\SoftonicDownloader_fuer_freerip-mp3.exe        a variant of Win32/SoftonicDownloader.A application (cleaned by deleting - quarantined)        00000000000000000000000000000000        C
C:\Downloads\SoftonicDownloader_fuer_word-reader.exe        a variant of Win32/SoftonicDownloader.A application (cleaned by deleting - quarantined)        00000000000000000000000000000000        C
C:\Downloads\windows7codecpackv270setup.exe        multiple threats (deleted - quarantined)        00000000000000000000000000000000        C
C:\Program Files (x86)\PDFCreator\Toolbar\pdfforge Toolbar_setup.exe        Win32/Adware.Toolbar.Dealio application (deleted - quarantined)        00000000000000000000000000000000        C
F:\Downloads\installer_commandos_3_-_destination_berlín.exe        Win32/Toggle application (deleted - quarantined)        00000000000000000000000000000000        C
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=37ce2951232f3c41a1157e02b9c9212c
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2012-04-05 11:37:32
# local_time=2012-04-06 01:37:32 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=5.1.2600 NT Service Pack 2
# compatibility_mode=1792 16777215 100 0 2906 2906 0 0
# compatibility_mode=3073 16777213 80 71 2691 9351118 0 0
# compatibility_mode=5893 16776573 100 94 88814 85291354 0 0
# compatibility_mode=8192 67108863 100 0 95743 95743 0 0
# scanned=222129
# found=3
# cleaned=3
# scan_time=7548
C:\Downloads\OrbitDownloader4006Setup.exe        Win32/OpenCandy application (deleted - quarantined)        00000000000000000000000000000000        C
C:\Downloads\ubcd511.iso        Win32/PSWTool.KonBoot.A application (deleted - quarantined)        00000000000000000000000000000000        C
F:\Games\Doom 3 + Doom 3 Resurrection of Evil + Cracks.iso        a variant of Win32/HackTool.Patcher.A application (deleted - quarantined)        00000000000000000000000000000000        C
ESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=53251
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=37ce2951232f3c41a1157e02b9c9212c
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2012-04-06 09:17:30
# local_time=2012-04-06 11:17:30 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=5.1.2600 NT Service Pack 2
# compatibility_mode=1792 16777215 100 0 37948 37948 0 0
# compatibility_mode=3073 16777213 80 71 37733 9386160 0 0
# compatibility_mode=5893 16776573 100 94 123856 85326396 0 0
# compatibility_mode=8192 67108863 100 0 130785 130785 0 0
# scanned=222131
# found=0
# cleaned=0
# scan_time=7304
Grüße
David

cosinus 06.04.2012 22:15
Zitat:
F:\Games\Doom 3 + Doom 3 Resurrection of Evil + Cracks.iso
:pfui:

Siehe auch => http://www.trojaner-board.de/95393-c...-software.html

Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support ohne jegliche Diskussion beenden.

Cracks/Keygens sind zu 99,9% gefährliche Schädlinge, mit denen man nicht spaßen sollte. Ausserdem sind diese illegal und wir unterstützen die Verwendung von geklauter Software nicht. Somit beschränkt sich der Support auf Anleitung zur kompletten Neuinstallation!!

Dass illegale Cracks und Keygens im Wesentlichen dazu dienen, Malware zu verbreiten ist kein Geheimnis und muss jedem klar sein!


In Zukunft Finger weg von: Softonic, Registry-Bereinigern und illegalem Zeugs Cracks/Keygens/Serials


Alle Zeitangaben in WEZ +1. Es ist jetzt 14:58 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131