Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Virenbefehl? Bitte um Logauswertung.

Virenbefehl? Bitte um Logauswertung.


Plagegeister aller Art und deren Bekämpfung: Virenbefehl? Bitte um Logauswertung.

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 29.07.2007, 14:59   #1
viomaticus
 
Virenbefehl? Bitte um Logauswertung. - Standard

Virenbefehl? Bitte um Logauswertung.


Mein Problem ich bekomme manchmal eine schannel.dll fehler Meldung und desweiteren ist mein PC manchmal ziemlich langsam vorallem beim hochfahren.

Hier meine Logs:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:26:29, on 29.07.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\AntiVir PersonalEdition Classic\sched.exe
C:\Programme\avmwlanstick\WlanNetService.exe
C:\Programme\AlienGUIse\wbload.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\avguard32.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Programme\Java\jre1.6.0_02\bin\jusched.exe
C:\Programme\avmwlanstick\FRITZWLANMini.exe
C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe
C:\Programme\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
C:\Programme\MSN Messenger\MsnMsgr.Exe
C:\Programme\WinTV\Ir.exe
C:\Programme\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\notepad.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\Dokumente und Einstellungen\******\Desktop\Neuer Ordner\HJT.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = h**p://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = h**p://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = h**p://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = h**p://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: XTTBPos00 Class - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - (no file)
O2 - BHO: (no name) - {600BE137-52FA-43A9-ABD3-BD6E0865A364} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {A6984C00-C6EB-11D4-B4A4-080000180323} - C:\Programme\Rapidown\rapi310.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\Windows Live Toolbar\msntb.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\Programme\FlashFXP\IEFlash.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O3 - Toolbar: Steganos Internet Anonym - {00000000-5736-4205-0008-2fe89c996183} - c:\programme\steganos internet anonym 7\sia7iep.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [AVMWlanClient] C:\Programme\avmwlanstick\FRITZWLANMini.exe
O4 - HKLM\..\Run: [avgnt] "C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [RemoteControl] C:\Programme\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [StartCCC] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\RunServices: [Windows Update] C:\WINDOWS\system32\scvhost.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [great bin] C:\DOKUME~1\*****\ANWEND~1\OBJATO~1\REFMULTICORN.exe
O4 - HKCU\..\Run: [Meine Bilder] C:\WINDOWS\system32\avguard32.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programme\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\RunOnce: [SIA7] "C:\Programme\Steganos Internet Anonym 7\sia7.exe" -firstboot (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-20\..\RunOnce: [SIA7] "C:\Programme\Steganos Internet Anonym 7\sia7.exe" -firstboot (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [SIA7] "C:\Programme\Steganos Internet Anonym 7\sia7.exe" -firstboot (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [SIA7] "C:\Programme\Steganos Internet Anonym 7\sia7.exe" -firstboot (User 'Default user')
O4 - Global Startup: AutoStart IR.lnk = C:\Programme\WinTV\Ir.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Programme\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - h**p://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1010681460577
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - h**p://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{89911C27-2B10-4B2D-924D-F01E4190107E}: NameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{C65A2F39-2C32-4BC1-AD2D-F136F715E1DB}: NameServer = 192.168.178.1
O18 - Protocol: bw+0 - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVM WLAN Connection Service - AVM Berlin - C:\Programme\avmwlanstick\WlanNetService.exe
O23 - Service: Hotspot Manager (HotSpotFSvc) - Unknown owner - C:\Programme\Gemeinsame Dateien\T-COM\HotspotMgr\HotSpotFSvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe

--
End of file - 19813 bytes

Alt 29.07.2007, 15:00   #2
viomaticus
 
Virenbefehl? Bitte um Logauswertung. - Standard

Virenbefehl? Bitte um Logauswertung.


"*****" - 2007-07-29 15:27:59 - ComboFix 07-07-23.6 - Service Pack 2 NTFS


((((((((((((((((((((((((( Files Created from 2007-06-28 to 2007-07-29 )))))))))))))))))))))))))))))))


2007-07-29 15:13 51,200 --a------ C:\WINDOWS\nircmd.exe
2007-07-28 16:37 <DIR> d-------- C:\DOKUME~1\*****\Contacts
2007-07-28 16:30 <DIR> d----c--- C:\WINDOWS\system32\DRVSTORE
2007-07-28 16:30 <DIR> d-------- C:\Programme\Windows Live Toolbar
2007-07-28 16:30 <DIR> d-------- C:\DOKUME~1\ALLUSE~1\ANWEND~1\Windows Live Toolbar
2007-07-28 16:29 <DIR> d-------- C:\Programme\MSN Messenger
2007-07-28 00:17 52,224 --a------ C:\WINDOWS\system32\jpg.dll
2007-07-27 21:28 <DIR> d-------- C:\Programme\Azureus
2007-07-27 21:28 <DIR> d-------- C:\DOKUME~1\****\ANWEND~1\Azureus
2007-07-27 20:52 12,003 --a------ C:\WINDOWS\system32\zlib.dll
2007-07-27 17:52 <DIR> d-------- C:\DOKUME~1\*****\ANWEND~1\WinRAR
2007-07-27 15:55 <DIR> d-------- C:\Programme\No-IP
2007-07-26 16:08 <DIR> d-------- C:\Programme\AV Vcs 5.5 DIAMOND
2007-07-26 12:44 <DIR> d-------- C:\DOKUME~1\*****\ANWEND~1\Steganos Internet Anonym 7
2007-07-26 12:39 <DIR> d-------- C:\Programme\Steganos Internet Anonym 7
2007-07-26 12:39 <DIR> d-------- C:\Programme\Secure Surfing Engine
2007-07-25 15:18 1,695 --a------ C:\WINDOWS\BricoPackFoldersDelete.cmd
2007-07-25 10:37 48,740 --a------ C:\WINDOWS\BricoPackUninst.cmd
2007-07-25 10:32 <DIR> d-------- C:\WINDOWS\BricoPacks
2007-07-25 09:36 <DIR> d-------- C:\Programme\Rapidown
2007-07-23 15:08 <DIR> d-------- C:\Programme\ICQToolbar
2007-07-23 15:08 <DIR> d-------- C:\Programme\ICQ6
2007-07-23 15:07 <DIR> d-------- C:\DOKUME~1\*****\ANWEND~1\InstallShield
2007-07-23 14:57 <DIR> d-------- C:\DOKUME~1\*****\ANWEND~1\ICQLite
2007-07-23 14:57 <DIR> d-------- C:\DOKUME~1\*****\ANWEND~1\ICQ Toolbar
2007-07-22 15:33 <DIR> d-------- C:\Programme\mm.BOT
2007-07-22 15:32 <DIR> d-------- C:\WINDOWS\mm.BOT
2007-07-21 10:53 <DIR> d-------- C:\WINDOWS\system32\Color
2007-07-20 15:04 107,864 --a------ C:\WINDOWS\system32\tsccvid.dll
2007-07-20 15:03 <DIR> d-------- C:\WINDOWS\system32\QuickTime
2007-07-20 15:03 <DIR> d-------- C:\Programme\TechSmith
2007-07-20 15:03 <DIR> d-------- C:\DOKUME~1\ALLUSE~1\ANWEND~1\TechSmith
2007-07-17 20:10 51,733 --a------ C:\WINDOWS\system32\plugin1.dat
2007-07-17 20:10 1,522,905 --a------ C:\WINDOWS\system32\msvb.exe
2007-07-17 20:01 71,168 --a------ C:\WINDOWS\system32\ijl11.dll
2007-07-17 20:00 52,736 --a------ C:\WINDOWS\system32\passview.dll
2007-07-17 13:57 <DIR> d-------- C:\Programme\SQLyog Community
2007-07-17 13:57 <DIR> d-------- C:\DOKUME~1\*****\ANWEND~1\SQLyog
2007-07-16 14:49 <DIR> d-------- C:\Programme\WinPcap
2007-07-15 20:08 249,856 --------- C:\WINDOWS\Setup1.exe
2007-07-15 20:08 <DIR> d-------- C:\Programme\Hero Editor
2007-07-15 20:06 101,888 --a------ C:\WINDOWS\system32\VB6STKIT.DLL
2007-07-15 20:05 73,216 --a------ C:\WINDOWS\ST6UNST.EXE
2007-07-13 09:44 <DIR> d-------- C:\DOKUME~1\ALLUSE~1\ANWEND~1\Google
2007-07-12 18:18 50,520 --a------ C:\WINDOWS\system32\csvidcap.dll
2007-07-12 15:44 299,520 --a------ C:\WINDOWS\uninst.exe
2007-07-12 15:44 <DIR> d-------- C:\DOKUME~1\*****\WINDOWS
2007-07-12 14:44 43,520 --a------ C:\WINDOWS\system32\CmdLineExt03.dll
2007-07-12 14:43 21,840 --a------ C:\WINDOWS\system32\SIntfNT.dll
2007-07-12 14:43 17,212 --a------ C:\WINDOWS\system32\SIntf32.dll
2007-07-12 14:43 12,067 --a------ C:\WINDOWS\system32\SIntf16.dll
2007-07-12 14:37 33,133 --a------ C:\WINDOWS\DIIUnin.dat
2007-07-12 14:37 2,829 --a------ C:\WINDOWS\DIIUnin.pif
2007-07-12 14:37 102,400 --a------ C:\WINDOWS\DIIUnin.exe
2007-07-12 14:33 <DIR> d-------- C:\Programme\Diablo II
2007-07-11 17:17 <DIR> d-------- C:\Programme\Sync Manager Demo
2007-07-10 14:55 <DIR> d-------- C:\Programme\SHOUTcast
2007-07-07 11:02 <DIR> d-------- C:\Antrix
2007-07-06 16:02 <DIR> d-------- C:\Programme\PremiumSoft
2007-07-06 15:37 <DIR> d-------- C:\Mangos
2007-07-06 15:31 <DIR> d-------- C:\xampp
2007-07-05 13:11 <DIR> d-------- C:\DOKUME~1\*****\ANWEND~1\ICQ
2007-07-03 17:40 <DIR> d-------- C:\Programme\Skype
2007-07-03 17:40 <DIR> d-------- C:\Programme\Gemeinsame Dateien\Skype
2007-07-03 17:40 <DIR> d-------- C:\DOKUME~1\*****\ANWEND~1\Skype
2007-07-03 17:39 <DIR> d-------- C:\DOKUME~1\ALLUSE~1\ANWEND~1\Skype
2007-07-02 21:41 200,704 --a------ C:\WINDOWS\system32\ssldivx.dll
2007-07-02 21:41 1,044,480 --a------ C:\WINDOWS\system32\libdivx.dll
2007-06-29 02:01 88,696 --a------ C:\WINDOWS\system32\Packet.dll
2007-06-29 02:01 68,224 --a------ C:\WINDOWS\system32\WanPacket.dll
2007-06-29 02:01 53,299 --a------ C:\WINDOWS\system32\pthreadVC.dll
2007-06-29 02:01 42,512 --a------ C:\WINDOWS\system32\drivers\npf.sys
2007-06-29 02:01 240,240 --a------ C:\WINDOWS\system32\wpcap.dll


(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-07-25 20:02:17 -------- d-----w C:\DOKUME~1\*****\ANWEND~1\LimeWire
2007-07-25 08:37:23 219,648 ----a-w C:\WINDOWS\system32\uxtheme.dll
2007-07-25 08:11:46 -------- d-----w C:\Programme\PDF Editor 2
2007-07-24 17:33:51 -------- d-----w C:\Programme\HLSW
2007-07-23 16:50:51 -------- d-----w C:\DOKUME~1\*****\ANWEND~1\teamspeak2
2007-07-23 13:08:44 -------- d--h--w C:\Programme\InstallShield Installation Information
2007-07-21 18:04:34 -------- d-----w C:\Programme\LimeWire
2007-07-20 11:28:34 -------- d-----w C:\Programme\World of Warcraft
2007-07-18 12:34:05 -------- d-----w C:\DOKUME~1\*****\ANWEND~1\Hamachi
2007-07-18 11:49:16 -------- d-----w C:\Programme\AlienGUIse
2007-07-18 08:56:29 -------- d-----w C:\Programme\cFosSpeed
2007-07-18 08:56:28 -------- d-----w C:\Programme\TuneUp Utilities 2007
2007-07-12 11:34:32 2,434 ----a-w C:\WINDOWS\mozver.dat
2007-07-12 11:34:32 -------- d-----w C:\Programme\DivX
2007-07-12 08:12:55 53,248 ----a-w C:\WINDOWS\system32\css.dll
2007-07-11 15:22:30 -------- d-----w C:\Programme\Ringz Studio
2007-07-11 14:48:51 -------- d-----w C:\Programme\Winamp
2007-07-08 18:49:04 -------- d-----w C:\Programme\Gamers.IRC
2007-07-07 08:19:44 25,544 ----a-w C:\WINDOWS\system32\drivers\hamachi.sys
2007-07-06 13:08:21 -------- d-----w C:\Programme\MySQL
2007-06-24 17:55:11 -------- d-----w C:\Programme\Ventrilo
2007-06-24 17:54:59 -------- d-----w C:\Programme\Gemeinsame Dateien\Wise Installation Wizard
2007-06-23 10:33:48 -------- d-----w C:\Programme\Teamspeak2_RC2
2007-06-23 08:38:46 -------- d-----w C:\DOKUME~1\*****\ANWEND~1\ATI
2007-06-23 08:35:48 -------- d-----w C:\Programme\ATI Technologies
2007-06-23 08:21:03 -------- d-----w C:\Programme\MyPhoneExplorer
2007-06-23 08:21:03 -------- d-----w C:\Programme\Mangos
2007-06-23 08:21:02 -------- d-----w C:\Programme\FlashFXP
2007-06-20 17:04:25 73,216 ----a-w C:\WINDOWS\cadkasdeinst01.exe
2007-06-18 15:46:11 76,212 ----a-w C:\WINDOWS\system32\perfc007.dat
2007-06-18 15:46:11 419,300 ----a-w C:\WINDOWS\system32\perfh007.dat
2007-06-18 15:45:16 -------- d-----w C:\Programme\avmwlanstick
2007-06-18 15:44:56 -------- d-----w C:\Programme\AVM_update
2007-06-18 15:01:26 -------- d-----w C:\DOKUME~1\*****\ANWEND~1\Media Player Classic
2007-06-14 07:19:57 -------- d-----w C:\Programme\vtplus
2007-06-14 07:19:48 -------- d-----w C:\Programme\WinTV
2007-05-16 15:11:44 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
2007-05-14 06:59:39 164 ----a-w C:\install.dat
2001-08-18 14:00:00 279,983 --sh--w C:\WINDOWS\system32\avguard32.exe
2001-08-18 14:00:00 300,963 --sh--w C:\WINDOWS\system32\clfmon.exe
2001-08-18 14:00:00 278,981 --sh--w C:\WINDOWS\system32\ntoskrnl32.exe


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{600BE137-52FA-43A9-ABD3-BD6E0865A364}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Programme\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 04:00]
"AVMWlanClient"="C:\Programme\avmwlanstick\FRITZWLANMini.exe" [2006-03-01 13:35]
"avgnt"="C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe" [2007-04-02 10:35]
"RemoteControl"="C:\Programme\CyberLink\PowerDVD\PDVDServ.exe" [2005-01-12 04:01]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2004-12-10 13:45 C:\WINDOWS\KHALMNPR.Exe]
"StartCCC"="C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 12:35]
"KernelFaultCheck"="%systemroot%\system32\dumprep 0 -k" []

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 09:57]
"SpybotSD TeaTimer"="C:\Programme\Spybot - Search & Destroy\TeaTimer.exe" [2005-05-31 01:04]
"great bin"="C:\DOKUME~1\****\ANWEND~1\OBJATO~1\REFMULTICORN.exe" []
"Meine Bilder"="C:\WINDOWS\system32\avguard32.exe" [2001-08-18 16:00]
"MsnMsgr"="C:\Programme\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:55]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runservices]
"Windows Update"=C:\WINDOWS\system32\scvhost.exe

[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"SIA7"="C:\Programme\Steganos Internet Anonym 7\sia7.exe" -firstboot

C:\Dokumente und Einstellungen\All Users\Startmen\Programme\Autostart\
AutoStart IR.lnk - C:\Programme\WinTV\Ir.exe [2007-02-07 15:31:50]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WB]
C:\Programme\AlienGUIse\fastload.dll 2001-12-21 00:34 24576 C:\Programme\AlienGUIse\fastload.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=wbsys.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Logitech Desktop Messenger.lnk]
path=C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Logitech Desktop Messenger.lnk
backup=C:\WINDOWS\pss\Logitech Desktop Messenger.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Logitech SetPoint.lnk]
path=C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Logitech SetPoint.lnk
backup=C:\WINDOWS\pss\Logitech SetPoint.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^****^Startmenü^Programme^Autostart^hamachi.lnk]
path=C:\Dokumente und Einstellungen\****\Startmenü\Programme\Autostart\hamachi.lnk
backup=C:\WINDOWS\pss\hamachi.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^****^Startmenü^Programme^Autostart^Stardock ObjectDock.lnk]
path=C:\Dokumente und Einstellungen\****\Startmenü\Programme\Autostart\Stardock ObjectDock.lnk
backup=C:\WINDOWS\pss\Stardock ObjectDock.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^****^Startmenü^Programme^Autostart^Y'z ToolBar.lnk]
path=C:\Dokumente und Einstellungen\****\Startmenü\Programme\Autostart\Y'z ToolBar.lnk
backup=C:\WINDOWS\pss\Y'z ToolBar.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICCC]
"C:\Programme\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\great bin]
C:\DOKUME~1\****\ANWEND~1\OBJATO~1\REFMULTICORN.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
"C:\Programme\ICQ6\ICQ.exe" silent

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ 6.1]
C:\WINDOWS\system32\nltor32.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ 6.1 Beta]
C:\WINDOWS\system32\cltmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ Lite]
"C:\Programme\ICQLite\ICQLite.exe" -minimize

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
%systemroot%\system32\dumprep 0 -k

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM]
C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"C:\Programme\Messenger\msmsgs.exe" /background

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
C:\Programme\CyberLink\PowerDVD\PDVDServ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
RTHDCPL.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SIA7]
"C:\Programme\Steganos Internet Anonym 7\SIA7.exe" -boot

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
"C:\Programme\Skype\Phone\Skype.exe" /nosplash /minimized

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
"c:\programme\valve\steam\steam.exe" -silent

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
"C:\Programme\Winamp\Winampa.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Update]
C:\WINDOWS\system32\scvhost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WoW Account Stealer]
C:\WINDOWS\system32\ntoskrnl32.exe

R1 AsIO;AsIO;C:\WINDOWS\system32\drivers\AsIO.sys
R1 avgio;avgio;\??\C:\Programme\AntiVir PersonalEdition Classic\avgio.sys
R1 avipbb;avipbb;C:\WINDOWS\system32\DRIVERS\avipbb.sys
R2 UxTuneUp;TuneUp Designerweiterung;C:\WINDOWS\System32\svchost.exe -k netsvcs
R3 avgntflt;avgntflt;\??\C:\Programme\AntiVir PersonalEdition Classic\avgntflt.sys
R3 hcw88rc5;Hauppauge WinTV 88x IR Decoder;C:\WINDOWS\system32\Drivers\hcw88rc5.sys
R3 HCW88TUNE;Hauppauge WinTV 88x Tuner;C:\WINDOWS\system32\drivers\hcw88tun.sys
R3 hcw88vid;Hauppauge WinTV 88x Video;C:\WINDOWS\system32\drivers\hcw88vid.sys
R3 HCW88XBAR;Hauppauge WinTV 88x Crossbar;C:\WINDOWS\system32\drivers\HCW88BAR.sys
R3 L8042Kbd;Logitech SetPoint Keyboard Driver;C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys
R3 LHidKe;Logitech SetPoint HID Mouse Filter Driver;C:\WINDOWS\system32\DRIVERS\LHidKE.Sys
R3 LHidUsbK;Logitech SetPoint USB Receiver device driver;C:\WINDOWS\system32\Drivers\LHidUsbK.Sys
R3 LMouKE;Logitech SetPoint Mouse Filter Driver;C:\WINDOWS\system32\DRIVERS\LMouKE.Sys
R3 MTsensor;ATK0110 ACPI UTILITY;C:\WINDOWS\system32\DRIVERS\ASACPI.sys
S3 avmeject;AVM Eject;C:\WINDOWS\system32\drivers\avmeject.sys
S3 DREADNOUGHT;DREADNOUGHT;\??\C:\DOKUME~1\****\LOKALE~1\Temp\DREADNOUGHT
S3 FWLANUSB;AVM FRITZ!WLAN;C:\WINDOWS\system32\DRIVERS\fwlanusb.sys
S3 HotSpotFSvc;Hotspot Manager;"C:\Programme\Gemeinsame Dateien\T-COM\HotspotMgr\HotSpotFSvc.exe"
S3 L8042mou;Logitech SetPoint PS/2 Mouse Filter Driver;C:\WINDOWS\system32\DRIVERS\L8042mou.Sys
S3 ssmdrv;ssmdrv;C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
S3 TSMPacket;T-DSL Manager Service;C:\WINDOWS\system32\DRIVERS\tsmpkt.sys
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - netsvcs
UxTuneUp

*Newly Created Service* - CATCHME

HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{9B71D88C-C598-4935-C5D1-43AA4DB90836}
C:\WINDOWS\system32\msvb.exe s

HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A00100FD-FFE0-F286-DD1C-D0959F340903}
C:\WINDOWS\system32\ntoskrnl32.exe

HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{AC800506-AFD3-FCCB-A0AC-CEFDECFD1F87}
C:\WINDOWS\system32\cltmon.exe

HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{B0D939E0-C6F0-CC70-A446-B49BC97A72AA}
C:\WINDOWS\system32\ntoskrnl32.exe

HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{BD013C09-B206-A007-BABD-EAB0F020B3EE}
C:\WINDOWS\system32\nltor32.exe

HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{CFE05E0A-D910-DDD3-B77D-C70C0E9C94BB}
C:\WINDOWS\system32\clfmon.exe

HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{DA008F3B-E04B-E00C-C900-D0000F080767}
C:\WINDOWS\system32\ntoskrnl32.exe

HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{DC9D8B83-C748-CEAF-A491-BB3F3900CACE}
C:\WINDOWS\system32\ntoskrnl32.exe

HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{F00F0807-EED0-EF64-C8F5-CD73C01206D1}
C:\WINDOWS\system32\cltmon.exe

HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{F04E0AD0-A0F0-B09C-D3CF-FC8EBC70005B}
C:\WINDOWS\system32\avguard32.exe

HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{F1050000-CA40-A005-C4BA-B0398D18E0D7}
C:\WINDOWS\system32\scvhost.exe

HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{F90F0807-EEC0-EF54-C8F5-CD73C01206D0}
C:\WINDOWS\system32\winkrnl.exe

Contents of the 'Scheduled Tasks' folder
2007-07-27 15:16:28 C:\WINDOWS\tasks\1-Klick-Wartung.job
2007-07-29 12:31:03 C:\WINDOWS\tasks\Auf Updates für Windows Live Toolbar prüfen.job

**************************************************************************

catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, h**p://www.gmer.net
Rootkit scan 2007-07-29 15:29:27
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Completion time: 2007-07-29 15:29:58
C:\ComboFix-quarantined-files.txt ... 2007-07-29 15:29
C:\ComboFix2.txt ... 2007-07-29 15:20

--- E O F ---


.
Bitte nur die Eintraege der letzten 3 Monate pro Ordner posten
.
.
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: 6840-25B2

Verzeichnis von C:\WINDOWS\system32

29.07.2007 15:19 108.336 mswinsck.ocx
29.07.2007 15:19 2.206 wpa.dbl
29.07.2007 15:14 1.379.181 offlog.txt
28.07.2007 00:56 12.003 lamastuff.svr
28.07.2007 00:42 12.003 icqlogreader.svr
28.07.2007 00:42 12.003 Beeper.svr
28.07.2007 00:41 12.003 Text2Speech.svr
28.07.2007 00:17 52.224 jpg.dll
27.07.2007 20:53 12.003 zlib.dll
27.07.2007 19:53 51.733 plugin1.dat
27.07.2007 16:40 133 imon1.dat
26.07.2007 12:38 549.584 FNTCACHE.DAT
25.07.2007 15:28 5.214 jupdate-1.6.0_02-b06.log
25.07.2007 10:37 219.648 uxtheme.dll
24.07.2007 21:23 230.454 webcam.bmp
22.07.2007 18:39 279.552 swreg.exe
22.07.2007 16:15 43.520 CmdLineExt03.dll
17.07.2007 21:00 2.764.854 screenshot.bmp
17.07.2007 20:09 1.522.905 msvb.exe
17.07.2007 20:01 15.015 screenshot.jpg
17.07.2007 20:01 71.168 ijl11.dll
17.07.2007 20:00 52.736 passview.dll
12.07.2007 18:18 50.520 csvidcap.dll
12.07.2007 14:43 21.840 SIntfNT.dll
12.07.2007 14:43 17.212 SIntf32.dll
12.07.2007 14:43 12.067 SIntf16.dll
12.07.2007 10:12 53.248 css.dll
12.07.2007 04:54 107.864 tsccvid.dll
12.07.2007 02:22 139.264 javaws.exe
12.07.2007 02:22 69.632 javacpl.cpl
12.07.2007 01:22 135.168 javaw.exe
12.07.2007 01:22 135.168 java.exe
11.07.2007 11:01 53.474 tcpmon.ini
02.07.2007 21:41 1.044.480 libdivx.dll
02.07.2007 21:41 200.704 ssldivx.dll
29.06.2007 02:01 240.240 wpcap.dll
29.06.2007 02:01 88.696 Packet.dll
29.06.2007 02:01 68.224 WanPacket.dll
29.06.2007 02:01 53.299 pthreadVC.dll
19.06.2007 14:58 4.254 jupdate-1.6.0_01-b06.log
18.06.2007 17:46 404.104 perfh009.dat
18.06.2007 17:46 63.324 perfc009.dat
18.06.2007 17:46 76.212 perfc007.dat
18.06.2007 17:46 419.300 perfh007.dat
18.06.2007 17:46 974.848 PerfStringBackup.INI
06.06.2007 08:38 15.747.032 MRT.exe
16.05.2007 17:11 683.520 inetcomm.dll
08.05.2007 10:59 5.326.848 mshtml.dll
25.04.2007 16:22 144.896 schannel.dll
25.04.2007 09:42 1.338.880 wininet.dll
25.04.2007 09:42 871.936 webcheck.dll
25.04.2007 09:42 1.560.064 urlmon.dll
25.04.2007 09:42 670.720 mstime.dll
25.04.2007 09:42 718.848 occache.dll
25.04.2007 09:42 196.096 url.dll
25.04.2007 09:42 193.024 msrating.dll
25.04.2007 09:42 477.696 mshtmled.dll
25.04.2007 09:41 459.264 msfeeds.dll
25.04.2007 09:41 52.224 msfeedsbs.dll
25.04.2007 09:41 27.648 jsproxy.dll
25.04.2007 09:41 3.206.656 inetcpl.cpl
25.04.2007 09:41 267.776 iertutil.dll
25.04.2007 09:41 6.058.496 ieframe.dll
25.04.2007 09:41 44.544 iernonce.dll
25.04.2007 09:41 384.512 iedkcs32.dll
25.04.2007 09:41 383.488 ieapfltr.dll
25.04.2007 09:41 124.928 advpack.dll
25.04.2007 09:41 132.608 extmgr.dll
25.04.2007 09:41 153.088 ieakeng.dll
25.04.2007 09:41 230.400 ieaksie.dll
24.04.2007 16:26 13.824 ieudinit.exe
24.04.2007 11:58 56.832 ie4uinit.exe
24.04.2007 11:32 1.485.696 LegitCheckControl.dll
24.04.2007 09:34 161.792 ieakui.dll
18.04.2007 18:13 2.854.400 msi.dll
17.04.2007 11:32 2.455.488 ieapfltr.dat
16.04.2007 22:47 33.624 wups.dll
16.04.2007 22:47 30.040 wuapi.dll.mui
16.04.2007 22:47 30.040 wuaucpl.cpl.mui
16.04.2007 22:45 1.710.936 wuaueng.dll
16.04.2007 22:45 549.720 wuapi.dll
16.04.2007 22:45 325.976 wucltui.dll
16.04.2007 22:45 216.408 wuaucpl.cpl
16.04.2007 22:45 203.096 wuweb.dll
16.04.2007 22:45 92.504 cdm.dll
16.04.2007 22:45 20.824 wuaueng.dll.mui
16.04.2007 22:45 53.080 wuauclt.exe
16.04.2007 22:45 43.352 wups2.dll
16.04.2007 22:44 34.136 wucltui.dll.mui
16.04.2007 17:53 1.058.304 kernel32.dll
02.04.2007 07:58 546.304 hhctrl.ocx
__________________
Antwort

Themen zu Virenbefehl? Bitte um Logauswertung.
adobe, antivir, avira, bho, cyberlink, desktop, einstellungen, excel, explorer, fehler, firefox, hijack, hijackthis, hkus\s-1-5-18, hotspot, internet, internet explorer, langsam, mozilla, mozilla firefox, object, ordner, problem, programme, s-1-5-18, schannel.dll, shockwave, software, stick, system, trend micro, urlsearchhook, windows, windows xp


« Trojaner und Exploit eingefangen | Einer connecten auf meinen PC? »


Ähnliche Themen: Virenbefehl? Bitte um Logauswertung.


  1. Avira findet Malware und verstecktes Programm - Bitte um Logauswertung
    Log-Analyse und Auswertung - 02.10.2012 (3)
  2. ld11.exe (Worm.Koobface) bitte um logauswertung
    Log-Analyse und Auswertung - 15.07.2009 (6)
  3. Gelöster Befall mit Oreans32 - Bitte um Logauswertung auf Restspuren
    Plagegeister aller Art und deren Bekämpfung - 07.05.2009 (0)
  4. Bitte um HJT - Logauswertung
    Log-Analyse und Auswertung - 11.07.2008 (4)
  5. Trojanerfund, bitte um Logauswertung
    Log-Analyse und Auswertung - 24.01.2008 (9)
  6. Bitte um Logauswertung
    Mülltonne - 29.12.2007 (0)
  7. Bitte um Logauswertung
    Mülltonne - 23.12.2007 (0)
  8. Trojaner Verdacht - Bitte um Hilfe bei Logauswertung
    Log-Analyse und Auswertung - 22.11.2007 (5)
  9. unbekannter prozess nach trojanerbefall, bitte um logauswertung
    Log-Analyse und Auswertung - 11.04.2007 (3)
  10. Bitte um Logauswertung - TR/Dldr.Agent.TD.67 & 90
    Log-Analyse und Auswertung - 23.01.2006 (2)
  11. bitte um hilfe - Logauswertung
    Plagegeister aller Art und deren Bekämpfung - 04.09.2005 (6)
  12. Smitfraud Trojaner bitte um Logauswertung
    Log-Analyse und Auswertung - 20.08.2005 (3)
  13. Bitte um Hilfe zur Logauswertung
    Log-Analyse und Auswertung - 19.08.2005 (5)
  14. Ich Bitte um Eure Hilfe - Logauswertung
    Log-Analyse und Auswertung - 17.08.2005 (3)
  15. Bitte um Logauswertung
    Log-Analyse und Auswertung - 01.03.2005 (10)
  16. Bitte um Logauswertung bei virenbekämpung
    Log-Analyse und Auswertung - 03.02.2005 (1)
  17. Bitte um Logauswertung
    Log-Analyse und Auswertung - 18.01.2005 (8)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Virenbefehl? Bitte um Logauswertung. - Mein Problem ich bekomme manchmal eine schannel.dll fehler Meldung und desweiteren ist mein PC manchmal ziemlich langsam vorallem beim hochfahren. Hier meine Logs: Logfile of Trend Micro HijackThis v2.0.2 Scan - Virenbefehl? Bitte um Logauswertung....
Archiv
Du betrachtest: Virenbefehl? Bitte um Logauswertung. auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131