Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
W32/parite please help

W32/parite please help


Plagegeister aller Art und deren Bekämpfung: W32/parite please help

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 30.04.2007, 18:53   #4
terayaki
Gast
 
W32/parite please help - Standard

W32/parite please help


so und hier noch von comboscan:



ComboScan v20070306.20 run by *** on 2007-04-30 at 11:23:05
Computer is in Safe Mode.
--------------------------------------------------------------------------------





Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Windows Defender\MsMpEng.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Free Download Manager\fdm.exe
C:\Downloads\Video\comboscan.exe
C:\DOKUME~1\Matze\LOKALE~1\Temp\Rar$EX00.843\***.exe


R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8080
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar3.dll
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Programme\ICQLite\ICQLite.exe -trayboot
O4 - Global Startup: OnlineControl.lnk = C:\Programme\OnlineControl\ocontrol.exe
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Programme\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Programme\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download web site with Free Download Manager - file://C:\Programme\Free Download Manager\dlpage.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Programme\Free Download Manager\dllink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {C36112BF-2FA3-4694-8603-3B510EA3B465} (Lycos File Upload Component) - h**p://f003.mail.lycos.de/app/uploader/FileUploader.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - h**p://www.gutchat.de/control/msnchat45.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{105D0E81-B31B-41F6-9B50-75F5B227BE3C}: NameServer = 192.168.2.1,194.25.2.129
O17 - HKLM\System\CS1\Services\Tcpip\..\{105D0E81-B31B-41F6-9B50-75F5B227BE3C}: NameServer = 192.168.2.1,194.25.2.129
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: MWAgent - MicroWorld Technologies Inc. - C:\Programme\Gemeinsame Dateien\MicroWorld\Agent\MWASER.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\SYSTEM32\HPZipm12.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: Stealth Service Helper (StealthInjectorService) - Softwareentwicklung Remus - C:\Programme\ArchiCrypt Stealth 4\IJStealth4Svc.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe


-- Files created between 2007-03-30 and 2007-04-30 -----------------------------



2007-04-29 22:07:22 264 --a------ C:\WINDOWS\system32\winsusrm.dll
2007-04-29 22:07:15 0 d-------- C:\Programme\XoftSpy
2007-04-29 20:23:53 16224 --a------ C:\WINDOWS\system32\drivers\hamachi.sys
2007-04-28 17:47:46 0 d-------- C:\Programme\program files<PROGRA~1>
2007-04-28 17:47:45 253952 --a------ C:\Programme\setup.exe
2007-04-28 17:47:42 1822520 --a------ C:\Programme\instmsiw.exe
2007-04-28 17:47:42 1708856 --a------ C:\Programme\instmsia.exe
2007-04-28 17:36:02 0 d-------- C:\Programme\Gemeinsame Dateien\Xuisoft
2007-04-27 18:41:57 0 d-------- C:\!KillBox
2007-04-25 13:47:10 0 d-------- C:\Programme\ArchiCrypt Stealth 4<ARCHIC~1>
2007-04-25 13:23:17 0 d-------- C:\Programme\A4Proxy
2007-04-25 09:17:30 77824 --a------ C:\WINDOWS\system32\nmapwin.exe
2007-04-25 09:17:30 290816 --a------ C:\WINDOWS\system32\nmapserv.exe
2007-04-25 09:17:29 192 --a------ C:\WINDOWS\system32\nmap_performance.reg<NMAP_P~1.REG>
2007-04-25 09:17:29 452096 --a------ C:\WINDOWS\system32\nmap.exe
2007-04-25 09:17:28 114688 --a------ C:\WINDOWS\system32\CCGNU32.dll
2007-04-25 09:17:26 544768 --a------ C:\WINDOWS\system32\msvcr71d.dll
2007-04-25 09:17:25 10752 --a------ C:\WINDOWS\system32\aamd532.dll
2007-04-25 09:17:22 137216 --a------ C:\WINDOWS\system32\MSDERUN.DLL
2007-04-25 09:17:22 299008 --a------ C:\WINDOWS\system32\MSDBRPTR.DLL
2007-04-25 09:17:22 561179 --a------ C:\WINDOWS\system32\dao360.dll
2007-04-25 09:17:18 101888 --a------ C:\WINDOWS\system32\VB6STKIT.DLL
2007-04-24 20:59:50 0 d-------- C:\Programme\Net Tools<NETTOO~1>

2007-04-21 00:11:24 0 d-------- C:\Programme\ALCATech
2007-04-20 17:40:11 28352 --a------ C:\WINDOWS\system32\drivers\ssmdrv.sys
2007-04-20 17:40:11 43584 --a------ C:\WINDOWS\system32\drivers\avipbb.sys
2007-04-19 00:25:30 0 d-------- C:\Programme\VirtualDJ<VIRTUA~1>

2007-04-18 21:24:09 98304 --a------ C:\WINDOWS\system32\tsccvid.dll
2007-04-17 19:28:25 0 d-------- C:\Programme\bhv
2007-04-16 13:59:39 0 d-------- C:\Programme\sdthzydhydh<SDTHZY~1>
2007-04-16 13:59:25 2319709 --a------ C:\Programme\sdthzydhydh Install.exe<SDTHZY~1.EXE>
2007-04-16 13:41:30 0 d-------- C:\Setup
2007-04-16 13:34:29 0 d-------- C:\Programme\Smart Install Maker<SMARTI~1>
2007-04-16 13:27:11 0 d-------- C:\Programme\Inno Setup 5<INNOSE~1>
2007-04-16 13:09:49 0 d-------- C:\Programme\RedShift Freestyle<REDSHI~1>
2007-04-14 16:18:57 0 d-------- C:\Programme\themexp
2007-04-14 15:00:54 14848 --a------ C:\WINDOWS\system32\drivers\avgntmgr.sys
2007-04-14 15:00:54 34304 --a------ C:\WINDOWS\system32\drivers\avgntdd.sys

2007-04-13 19:49:41 111104 --a------ C:\WINDOWS\system32\uharc.exe
2007-04-13 19:13:22 0 d-------- C:\Programme\eMule
2007-04-13 12:46:16 0 d-------- C:\Programme\Visitenkarten-Designer 3<VISITE~1>
2007-04-12 14:49:49 0 d-------- C:\126ef4f4de4a02f8fbf2f4<126EF4~1>
2007-04-10 18:25:45 0 d-------- C:\Programme\Filetopia3<FILETO~1>


2007-04-04 20:07:08 0 d-------- C:\Programme\EA GAMES<EAGAME~1>
2007-04-01 02:18:07 0 d-------- C:\WINDOWS\Symbols


-- Find3M Report ---------------------------------------------------------------

2007-05-01 19:47:02 0 d-------- C:\Programme\johnyTech<JOHNYT~1>
2007-05-01 19:46:20 0 d-------- C:\Programme\Gemeinsame Dateien\{38149C32-0A64-1031-0317-051018200031}<{38149~1>
2007-05-01 18:31:24 0 d-------- C:\Programme\a-squared Anti-Malware<A-SQUA~1>
2007-04-30 18:38:22 0 d-------- C:\Programme\SSS
2007-04-29 22:30:25 0 d-------- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Free Download Manager<FREEDO~1>
2007-04-29 21:38:41 0 d-------- C:\Dokumente und Einstellungen\***\Anwendungsdaten\AnoNet
2007-04-29 20:47:24 0 d-------- C:\Dokumente und Einstellungen\***\Anwendungsdaten\MSNInstaller<MSNINS~1>
2007-04-29 20:27:26 0 d-------- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Hamachi
2007-04-29 04:21:20 0 d-------- C:\Dokumente und Einstellungen\***\Anwendungsdaten\ACStealth4<ACSTEA~1>
2007-04-29 04:09:56 0 d-------- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Tor
2007-04-29 02:26:47 0 d-------- C:\Programme\MSN Messenger<MSNMES~1>
2007-04-28 21:57:41 0 d-------- C:\Programme\ICQLite
2007-04-28 17:48:17 1682 --a------ C:\WINDOWS\system32\KGyGaAvL.sys
2007-04-28 17:39:03 0 d-------- C:\Dokumente und Einstellungen\***\Anwendungsdaten\{452774A5-D0A2-4AA4-8CBB-9635E9EBB7E5}<{45277~1>
2007-04-28 17:36:02 0 d-------- C:\Programme\Gemeinsame Dateien<GEMEIN~1>
2007-04-25 16:10:29 0 d-------- C:\Programme\BitTorrent<BITTOR~1>
2007-04-25 10:29:43 0 d-------- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Sandbox
2007-04-25 09:17:44 0 d-------- C:\Programme\WinPcap
2007-04-22 21:18:24 0 d-------- C:\Dokumente und Einstellungen\***\Anwendungsdaten\FinalBurner Audio CD<FINALB~1>
2007-04-22 02:31:20 0 d-------- C:\Programme\Gemeinsame Dateien\Wise Installation Wizard<WISEIN~1>
2007-04-21 17:03:52 0 d-------- C:\Programme\Native Instruments<NATIVE~1>
2007-04-21 16:21:24 0 d--h----- C:\Programme\InstallShield Installation Information<INSTAL~1>
2007-04-21 01:11:00 0 d-------- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Ableton
2007-04-20 14:19:43 0 d-------- C:\Dokumente und Einstellungen\***\Anwendungsdaten\SmartDraw<SMARTD~1>
2007-04-18 23:50:12 0 d-------- C:\Programme\Gemeinsame Dateien\Ahead
2007-04-18 23:46:41 0 d-------- C:\Programme\Ahead
2007-04-18 21:23:57 0 d-------- C:\Programme\TechSmith<TECHSM~1>
2007-04-18 16:19:53 0 d-------- C:\Programme\SmartDraw 7<SMARTD~2>
2007-04-18 10:22:47 0 d-------- C:\Dokumente und Einstellungen\***\Anwendungsdaten\OpenOffice.org2<OPENOF~1.ORG>
2007-04-17 18:34:02 0 d-------- C:\Programme\StuffPlug3<STUFFP~1>
2007-04-17 15:14:22 0 d-------- C:\Programme\Bifrost Inventory Management<BIFROS~1>
2007-04-17 14:41:09 737280 --a------ C:\WINDOWS\iun6002.exe
2007-04-04 16:00:13 0 d-------- C:\Programme\Email Spider Platinum Full<EMAILS~1>
2007-03-28 19:57:51 249856 -----n--- C:\WINDOWS\Setup1.exe
2007-03-28 19:57:50 73216 --a------ C:\WINDOWS\ST6UNST.EXE
2007-03-28 16:20:39 0 d-------- C:\Programme\AnoNet
2007-03-28 14:47:17 0 d-------- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Real
2007-03-27 19:15:12 0 d-------- C:\Programme\Network ICE<NETWOR~2>
2007-03-27 14:52:38 0 d-------- C:\Programme\YIntai
2007-03-26 19:11:46 0 d-------- C:\Dokumente und Einstellungen\***\Anwendungsdaten\BitTorrent<BITTOR~1>
2007-03-26 18:29:20 0 d-------- C:\Programme\KeithWare<KEITHW~1>
2007-03-25 22:33:13 0 d-------- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Digital Asphyxia<DIGITA~1>
2007-03-25 22:08:12 0 d-------- C:\Programme\MSNFreezer-1.0<MSNFRE~1.0>
2007-03-25 20:39:50 27 -----n--- C:\WINDOWS\system32\SysConfig.sys<SYSCON~1.SYS>
2007-03-25 14:16:36 0 d-------- C:\Programme\QuizTime - 4. Edition<QUIZTI~1.EDI>
2007-03-25 14:14:08 0 d-------- C:\Programme\Google
2007-03-25 14:12:53 0 d-------- C:\Programme\MessengerDiscovery<MESSEN~3>
2007-03-25 14:12:47 415470 -----n--- C:\WINDOWS\system32\perfh007.dat
2007-03-25 14:12:47 74996 -----n--- C:\WINDOWS\system32\perfc007.dat
2007-03-25 14:11:48 0 d-------- C:\Programme\PokerStars.NET<POKERS~1.NET>
2007-03-25 02:33:48 0 d---s---- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Microsoft<MICROS~1>
2007-03-25 01:26:44 0 d-------- C:\Programme\Java
2007-03-25 01:12:52 0 d-------- C:\Programme\JAP
2007-03-25 00:18:01 0 d-------- C:\Programme\Messenger<MESSEN~1>
2007-03-25 00:02:05 0 d-------- C:\Programme\Gemeinsame Dateien\System
2007-03-24 23:57:54 0 d-------- C:\Programme\Movie Maker<MOVIEM~1>
2007-03-24 23:15:02 0 d-------- C:\Programme\Messenger Plus! Live<MESSEN~2>
2007-03-24 23:02:46 0 d-------- C:\Programme\Yahoo!
2007-03-24 20:24:18 0 d-------- C:\Programme\HSL
2007-03-24 14:30:15 0 d-------- C:\Programme\PowerHouseProgramming<POWERH~1>
2007-03-24 12:18:22 434688 -----n--- C:\WINDOWS\system32\ss2uinst.exe
2007-03-22 23:34:36 0 d-------- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Screenshot Sender<SCREEN~1>
2007-03-22 21:03:52 0 d-------- C:\Programme\Adverts
2007-03-22 09:45:04 8464 -----n--- C:\WINDOWS\system32\sporder.dll
2007-03-22 09:42:03 0 d-------- C:\Programme\NudgeMania<NUDGEM~1>
2007-03-19 15:34:36 0 d-------- C:\Dokumente und Einstellungen\***\Anwendungsdaten\ICQ Toolbar<ICQTOO~1>
2007-03-18 15:57:16 0 d-------- C:\Programme\Bearshare Accelerator<BEARSH~3>
2007-03-18 00:17:55 98304 -----n--- C:\WINDOWS\system32\CmdLineExt.dll<CMDLIN~1.DLL>
2007-03-17 15:44:25 293376 --a------ C:\WINDOWS\system32\winsrv.dll
2007-03-13 15:01:29 0 d-------- C:\Programme\Flash Effect Maker<FLASHE~1>
2007-03-12 13:51:46 0 d-------- C:\Programme\Security Task Manager<SECURI~1>
2007-03-08 17:36:30 579072 --a------ C:\WINDOWS\system32\user32.dll
2007-03-08 17:36:30 40960 -----n--- C:\WINDOWS\system32\mf3216.dll
2007-03-08 17:36:30 281600 --a------ C:\WINDOWS\system32\gdi32.dll
2007-03-08 17:32:24 1843712 -----n--- C:\WINDOWS\system32\win32k.sys
2007-03-08 13:12:19 0 d-------- C:\Programme\Lx_cats
2007-03-06 15:20:24 0 d-------- C:\Programme\mIRC
2007-03-03 21:45:16 0 d-------- C:\Programme\Gemeinsame Dateien\DeskShare Shared<DESKSH~1>
2007-03-03 13:43:41 0 d-------- C:\Programme\7-Zip
2007-03-02 19:51:07 0 d-------- C:\Programme\Windows Media Bonus Pack for Windows XP<WI12E0~1>
2007-03-02 19:28:17 0 d-------- C:\Programme\Windows Defender<WIFD1F~1>
2007-02-28 10:06:08 0 d-------- C:\Programme\Kabbalah Trainer<KABBAL~1>
2007-02-27 20:53:46 0 -----n--- C:\WINDOWS\system32\kabbtree.reg
2007-02-25 20:37:41 648 --a------ C:\Dokumente und Einstellungen\***\Anwendungsdaten\wklnhst.dat
2007-02-22 13:35:04 1 -----n--- C:\WINDOWS\system32\ActiveXComponent32.dll<ACTIVE~1.DLL>
2007-02-22 13:34:52 720896 -----n--- C:\WINDOWS\iun6002ev.exe<IUN600~1.EXE>
2007-02-18 10:47:26 5 -----n--- C:\WINDOWS\system32\SySMp3rj.dat
2007-02-13 01:00:03 356352 -----n--- C:\WINDOWS\eSellerateEngine.dll<ESELLE~1.DLL>
2007-02-05 22:18:44 185856 --a------ C:\WINDOWS\system32\upnphost.dll
2007-02-05 20:29:54 127892 -----n--- C:\WINDOWS\hpoins11.dat
2007-02-04 20:40:17 118784 -----n--- C:\WINDOWS\dsdxirmv.exe


-- Registry Dump ---------------------------------------------------------------


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
"MSMSGS"="\"C:\\Programme\\Messenger\\msmsgs.exe\" /background"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run\not active]
"Free Download Manager"="C:\\Programme\\Free Download Manager\\fdm.exe -autorun"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\runonce]
"ICQ Lite"="C:\\Programme\\ICQLite\\ICQLite.exe -trayboot"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\a-squared]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="a2guard"
"hkey"="HKLM"
"command"="\"C:\\Programme\\a-squared Anti-Malware\\a2guard.exe\""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BearShare]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="BearShare"
"hkey"="HKLM"
"command"="\"C:\\Programme\\BearShare\\BearShare.exe\" /pause"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="bittorrent"
"hkey"="HKCU"
"command"="\"C:\\Programme\\BitTorrent\\bittorrent.exe\" --force_start_minimized"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cww]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="cww"
"hkey"="HKLM"
"command"="C:\\Programme\\cw5\\cww.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EzPrint]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ezprint"
"hkey"="HKLM"
"command"="\"C:\\Programme\\Lexmark 2300 Series\\ezprint.exe\""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ Lite]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ICQLite"
"hkey"="HKLM"
"command"="\"C:\\Programme\\ICQLite\\ICQLite.exe\" -minimize"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InvisibleBrowsing]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="InvisibleBrowsing"
"hkey"="HKLM"
"command"="C:\\Programme\\Invisible Browsing\\InvisibleBrowsing.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IPDetect]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="IP Detector 2"
"hkey"="HKCU"
"command"="C:\\DOKUME~1\\Matze\\LOKALE~1\\Temp\\Rar$EX00.376\\IP Detector 2"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="dumprep 0 -k"
"hkey"="HKLM"
"command"="%systemroot%\\system32\\dumprep 0 -k"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxcgmon.exe]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="lxcgmon"
"hkey"="HKLM"
"command"="\"C:\\Programme\\Lexmark 2300 Series\\lxcgmon.exe\""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSN State Tools]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="MSN State Tools"
"hkey"="HKCU"
"command"="C:\\Programme\\Xyerclev\\MSN State Tools\\MSN State Tools.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="NeroCheck"
"hkey"="HKLM"
"command"="C:\\WINDOWS\\system32\\NeroCheck.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\New.net Startup]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="NEWDOT~2"
"hkey"="HKLM"
"command"="rundll32 C:\\PROGRA~1\\NEWDOT~1\\NEWDOT~2.DLL,ClientStartup -s"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="igfxpers"
"hkey"="HKLM"
"command"="C:\\WINDOWS\\system32\\igfxpers.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="qttask"
"hkey"="HKLM"
"command"="\"C:\\Programme\\QuickTime\\qttask.exe\" -atboottime"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="RTHDCPL"
"hkey"="HKLM"
"command"="RTHDCPL.EXE"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SandboxieControl]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Control"
"hkey"="HKCU"
"command"="C:\\Programme\\Sandboxie\\Control.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SkyTel"
"hkey"="HKLM"
"command"="SkyTel.EXE"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="jusched"
"hkey"="HKLM"
"command"="\"C:\\Programme\\Java\\jre1.5.0_11\\bin\\jusched.exe\""
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="realsched"
"hkey"="HKLM"
"command"="\"C:\\Programme\\Gemeinsame Dateien\\Real\\Update_OB\\realsched.exe\" -osboot"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="MSASCui"
"hkey"="HKLM"
"command"="\"C:\\Programme\\Windows Defender\\MSASCui.exe\" -hide"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WISE-FTP Task Planner]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="wf_tp"
"hkey"="HKCU"
"command"="\"C:\\Programme\\AceBIT\\WISE-FTP 4\\wf_tp.exe\" /bg"
"inimapping"="0"


[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{B9E618A2-A4FE-11D4-83C2-005004636C96}"="OE Shell Hook"
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"="Microsoft AntiMalware ShellExecuteHook"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"UPnPMonitor"="{e57ce738-33e8-4c51-8354-bb4de9d215d1}"
"WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"
"InfoCockpit"="C:\\Programme\\T-Online\\T-Online_Software_6\\Info-Cockpit\\INFOCOCKPIT.EXE /nosplash"
"DWQueuedReporting"="\"C:\\PROGRA~1\\GEMEIN~1\\MICROS~1\\DW\\dwtrig20.exe\" -t"

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"
"InfoCockpit"="C:\\Programme\\T-Online\\T-Online_Software_6\\Info-Cockpit\\INFOCOCKPIT.EXE /nosplash"
"DWQueuedReporting"="\"C:\\PROGRA~1\\GEMEIN~1\\MICROS~1\\DW\\dwtrig20.exe\" -t"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"SynchronousMachineGroupPolicy"=dword:00000000
"SynchronousUserGroupPolicy"=dword:00000000

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"=dword:00000000

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]
"{38149C32-0A64-1031-0317-051018200031}"="\"C:\\Programme\\Gemeinsame Dateien\\{38149C32-0A64-1031-0317-051018200031}\\Update.exe\" te-110-12-0000073"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0
WudfServiceGroup REG_MULTI_SZ WUDFSvc\0\0



-- End of ComboScan: finished at 2007-04-30 at 11:23:37 ------------------------

 

Themen zu W32/parite please help
5 minuten, antivir, avira, bho, dateien, defender, download, entfernen, excel, explorer, free download, help, hijack, hijackthis, icq, internet, internet explorer, log, microsoft, please help, programme, scan, software, system, temp, virus, windows, windows defender, windows xp


« svchosts.exe fehlermeldung | virus oder hardwarefehler »


Ähnliche Themen: W32/parite please help


  1. W32/Parite und W32/Parite b
    Plagegeister aller Art und deren Bekämpfung - 11.04.2012 (1)
  2. Win32/Parite - nervenaufreibende Probleme
    Plagegeister aller Art und deren Bekämpfung - 13.02.2011 (1)
  3. Win32/Parite + langsamer PC!
    Plagegeister aller Art und deren Bekämpfung - 23.10.2009 (10)
  4. Virus Win32.Parite.
    Mülltonne - 19.12.2008 (1)
  5. WIN32 PARITE - was ist mit Infizierten .exe Datein
    Plagegeister aller Art und deren Bekämpfung - 05.07.2008 (11)
  6. win32.parite.b nicht runterzubekommen
    Log-Analyse und Auswertung - 27.07.2006 (3)
  7. W32/Parite
    Plagegeister aller Art und deren Bekämpfung - 25.06.2005 (20)
  8. W32/Parite?!
    Plagegeister aller Art und deren Bekämpfung - 11.06.2005 (1)
  9. Parite.b
    Log-Analyse und Auswertung - 19.03.2005 (1)
  10. W32/Parite versäucht System
    Plagegeister aller Art und deren Bekämpfung - 17.12.2004 (4)
  11. Win32.Parite.b
    Plagegeister aller Art und deren Bekämpfung - 17.11.2004 (1)
  12. was ist oder macht der W32/parite
    Plagegeister aller Art und deren Bekämpfung - 04.09.2004 (2)
  13. w32.parite in system restore
    Plagegeister aller Art und deren Bekämpfung - 24.07.2004 (3)
  14. Virus W32/Parite
    Plagegeister aller Art und deren Bekämpfung - 20.07.2003 (2)
  15. W32/Parite.B
    Plagegeister aller Art und deren Bekämpfung - 26.04.2003 (7)
  16. WIN32 PARITE
    Plagegeister aller Art und deren Bekämpfung - 05.03.2003 (3)
  17. HILFE !!! W32/Parite !!!!
    Plagegeister aller Art und deren Bekämpfung - 26.02.2003 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema W32/parite please help - so und hier noch von comboscan: ComboScan v20070306.20 run by *** on 2007-04-30 at 11:23:05 Computer is in Safe Mode. -------------------------------------------------------------------------------- Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Programme\Windows Defender\MsMpEng.exe - W32/parite please help...
Archiv
Du betrachtest: W32/parite please help auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131