| |
| |||||||
Log-Analyse und Auswertung: Internet Explorer - öffnet automatisch Werbung!Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
09.10.2008, 20:11
| #2 |
| |  Internet Explorer - öffnet automatisch Werbung! Nach der Reinigung mit dem CC-Cleaner hier das Log von COMBOFIX:
__________________ComboFix 08-10-08.05 - smarty005 2008-10-09 20:54:22.1 - NTFSx86 Microsoft® Windows Vista™ Business 6.0.6001.1.1252.1.1031.18.1106 [GMT 2:00] ausgeführt von:: C:\Users\smarty005\Desktop\ComboFix.exe * Neuer Wiederherstellungspunkt wurde erstellt . (((((((((((((((((((((((((((((((((((( Weitere Löschungen )))))))))))))))))))))))))))))))))))))))))))))))) . C:\Users\smarty005\AppData\Local\ophipqy.dat C:\Users\smarty005\AppData\Local\ophipqy.exe C:\Users\smarty005\AppData\Local\ophipqy_nav.dat C:\Users\smarty005\AppData\Local\ophipqy_navps.dat C:\Windows\system32\x64 F:\Autorun.inf . ((((((((((((((((((((((( Dateien erstellt von 2008-09-09 bis 2008-10-09 )))))))))))))))))))))))))))))) . 2008-10-09 20:47 . 2008-10-09 20:47 <DIR> d-------- C:\Program Files\CCleaner 2008-10-09 19:59 . 2008-10-09 19:59 <DIR> d-------- C:\Windows\BDOSCAN8 2008-10-09 19:33 . 2008-10-09 20:49 <DIR> d-------- C:\Users\All Users\Spybot - Search & Destroy 2008-10-09 19:33 . 2008-10-09 20:49 <DIR> d-------- C:\ProgramData\Spybot - Search & Destroy 2008-10-09 19:33 . 2008-10-09 20:11 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy 2008-10-09 19:29 . 2008-10-09 19:31 <DIR> d-------- C:\Users\All Users\Lavasoft 2008-10-09 19:29 . 2008-10-09 19:31 <DIR> d-------- C:\ProgramData\Lavasoft 2008-10-09 19:29 . 2008-10-09 19:29 <DIR> d-------- C:\Program Files\Lavasoft 2008-10-09 19:23 . 2008-10-09 19:23 <DIR> d-------- C:\Program Files\Trend Micro 2008-10-09 16:45 . 2008-10-09 16:45 <DIR> d-------- C:\Users\smarty005\AppData\Roaming\Malwarebytes 2008-10-09 16:45 . 2008-10-09 16:45 <DIR> d-------- C:\Users\All Users\Malwarebytes 2008-10-09 16:45 . 2008-10-09 16:45 <DIR> d-------- C:\ProgramData\Malwarebytes 2008-10-09 16:45 . 2008-10-09 16:47 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware 2008-10-09 16:45 . 2008-09-10 00:04 38,528 --a------ C:\Windows\System32\drivers\mbamswissarmy.sys 2008-10-09 16:45 . 2008-09-10 00:03 17,200 --a------ C:\Windows\System32\drivers\mbam.sys 2008-10-03 19:34 . 2008-10-03 19:34 <DIR> d-------- C:\Users\smarty005\AppData\Roaming\TVU Networks 2008-10-03 19:34 . 2008-10-03 19:34 <DIR> d-------- C:\Users\All Users\TVU Networks 2008-10-03 19:34 . 2008-10-03 19:34 <DIR> d-------- C:\ProgramData\TVU Networks 2008-10-03 19:20 . 2008-10-03 19:20 <DIR> d-------- C:\Windows\System32\PPLive 2008-10-02 10:20 . 2008-04-26 10:25 3,600,952 --a------ C:\Windows\System32\ntkrnlpa.exe 2008-10-01 19:07 . 2008-10-01 19:07 0 --ah----- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf 2008-10-01 10:39 . 2008-10-01 10:39 <DIR> d-------- C:\PerfLogs 2008-10-01 09:51 . 2008-10-01 09:51 <DIR> d-------- C:\Windows\CheckSur 2008-10-01 09:48 . 2008-01-19 09:33 8,139,264 --a------ C:\Windows\System32\ssBranded.scr 2008-10-01 09:47 . 2008-01-19 09:32 5,714,432 --a------ C:\Windows\System32\logon.scr 2008-10-01 09:46 . 2008-01-19 08:06 8,147,456 --a------ C:\Windows\System32\wmploc.DLL 2008-10-01 09:45 . 2008-01-19 09:36 704,512 --a------ C:\Windows\System32\SmiEngine.dll 2008-10-01 09:45 . 2008-01-19 09:36 357,888 --a------ C:\Windows\System32\wbemcomn.dll 2008-10-01 09:45 . 2008-01-19 09:36 218,624 --a------ C:\Windows\System32\wdscore.dll 2008-10-01 09:45 . 2008-01-19 09:36 139,264 --a------ C:\Windows\System32\SmiInstaller.dll 2008-10-01 09:45 . 2008-01-19 09:33 130,560 --a------ C:\Windows\System32\PkgMgr.exe 2008-10-01 09:44 . 2008-01-19 09:34 305,152 --a------ C:\Windows\System32\msdelta.dll 2008-10-01 09:44 . 2008-01-19 09:34 258,560 --a------ C:\Windows\System32\dpx.dll 2008-10-01 09:44 . 2008-01-19 09:34 246,784 --a------ C:\Windows\System32\drvstore.dll 2008-10-01 09:44 . 2008-01-19 09:35 35,328 --a------ C:\Windows\System32\mspatcha.dll 2008-09-27 12:10 . 2008-09-27 12:10 <DIR> d-------- C:\Users\All Users\Electronic Arts 2008-09-27 12:10 . 2008-09-27 12:10 <DIR> d-------- C:\ProgramData\Electronic Arts 2008-09-27 12:07 . 2008-03-05 15:56 3,786,760 --a------ C:\Windows\System32\D3DX9_37.dll 2008-09-27 12:07 . 2007-07-19 18:14 3,727,720 --a------ C:\Windows\System32\d3dx9_35.dll 2008-09-27 12:07 . 2007-05-16 16:45 3,497,832 --a------ C:\Windows\System32\d3dx9_34.dll 2008-09-27 12:07 . 2007-03-12 16:42 3,495,784 --a------ C:\Windows\System32\d3dx9_33.dll 2008-09-27 12:07 . 2006-11-29 13:06 3,426,072 --a------ C:\Windows\System32\d3dx9_32.dll 2008-09-27 12:07 . 2006-09-28 16:05 2,414,360 --a------ C:\Windows\System32\d3dx9_31.dll 2008-09-27 12:07 . 2007-04-04 18:53 81,768 --a------ C:\Windows\System32\xinput1_3.dll 2008-09-27 12:06 . 2005-05-26 15:34 2,297,552 --a------ C:\Windows\System32\d3dx9_26.dll 2008-09-16 06:33 . 2008-07-19 07:09 1,811,656 --a------ C:\Windows\System32\wuaueng.dll 2008-09-16 06:33 . 2008-07-19 05:44 1,524,736 --a------ C:\Windows\System32\wucltux.dll 2008-09-16 06:33 . 2008-07-19 07:09 563,912 --a------ C:\Windows\System32\wuapi.dll 2008-09-16 06:33 . 2008-07-18 22:08 163,904 --a------ C:\Windows\System32\wuwebv.dll 2008-09-16 06:33 . 2008-07-19 05:44 83,456 --a------ C:\Windows\System32\wudriver.dll 2008-09-16 06:33 . 2008-07-19 07:10 53,448 --a------ C:\Windows\System32\wuauclt.exe 2008-09-16 06:33 . 2008-07-19 07:10 45,768 --a------ C:\Windows\System32\wups2.dll 2008-09-16 06:33 . 2008-07-19 07:10 36,552 --a------ C:\Windows\System32\wups.dll 2008-09-16 06:33 . 2008-07-18 20:44 31,232 --a------ C:\Windows\System32\wuapp.exe 2008-09-11 21:12 . 2008-07-31 03:13 4,240,384 --a------ C:\Windows\System32\GameUXLegacyGDFs.dll 2008-09-11 21:12 . 2008-06-26 05:29 303,616 --a------ C:\Windows\System32\wmpeffects.dll 2008-09-11 21:12 . 2008-07-31 05:32 28,160 --a------ C:\Windows\System32\Apphlpdm.dll . (((((((((((((((((((((((((((((((((((( Find3M Bericht )))))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-10-09 17:48 --------- d-----w C:\Users\smarty005\AppData\Roaming\Spamihilator 2008-10-09 17:28 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard 2008-10-01 08:50 174 --sha-w C:\Program Files\desktop.ini 2008-10-01 08:41 --------- d-----w C:\Program Files\Windows Sidebar 2008-10-01 08:41 --------- d-----w C:\Program Files\Windows Photo Gallery 2008-10-01 08:41 --------- d-----w C:\Program Files\Windows Mail 2008-10-01 08:41 --------- d-----w C:\Program Files\Windows Journal 2008-10-01 08:41 --------- d-----w C:\Program Files\Windows Defender 2008-10-01 08:41 --------- d-----w C:\Program Files\Windows Collaboration 2008-10-01 08:41 --------- d-----w C:\Program Files\Windows Calendar 2008-10-01 08:30 82,432 ----a-w C:\Windows\System32\axaltocm.dll 2008-10-01 08:30 101,888 ----a-w C:\Windows\System32\ifxcardm.dll 2008-09-27 10:10 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-09-15 15:43 --------- d-----w C:\Program Files\Hp 2008-08-17 11:43 307,968 ----a-w C:\Windows\System32\TuneUpDefragService.exe 2008-08-17 11:43 --------- d-----w C:\Program Files\TuneUp Utilities 2008 2008-08-14 17:38 --------- d-----w C:\Program Files\HO_1421 2008-08-02 03:26 36,864 ----a-w C:\Windows\System32\cdd.dll 2008-07-31 03:32 460,288 ----a-w C:\Windows\AppPatch\AcSpecfc.dll 2008-07-31 03:32 2,154,496 ----a-w C:\Windows\AppPatch\AcGenral.dll 2008-07-31 03:32 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll 2008-07-16 01:32 2,048 ----a-w C:\Windows\System32\tzres.dll . (((((((((((((((((((((((((((( Autostartpunkte der Registrierung )))))))))))))))))))))))))))))))))))))))) . . *Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920] "LightScribe Control Panel"="C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-04-19 484904] "SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-09-16 1833296] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "PDF Complete"="C:\Program Files\PDF Complete\pdfsty.exe" [2007-05-08 331552] "PTHOSTTR"="C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE" [2007-01-09 145184] "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2008-01-18 1033512] "hpWirelessAssistant"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-05-11 472632] "WAWifiMessage"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [2007-01-10 317128] "HP Health Check Scheduler"="C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2007-03-12 50696] "QlbCtrl"="C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2007-05-02 163840] "CognizanceTS"="C:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll" [2003-12-22 17920] "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-07-17 266497] "GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 31016] "Spamihilator"="C:\Program Files\Spamihilator\spamihilator.exe" [2008-04-05 1060864] "WatchDog"="C:\Program Files\InterVideo\DVD Check\DVDCheck.exe" [2007-05-23 192512] "IgfxTray"="C:\Windows\system32\igfxtray.exe" [2007-09-13 141848] "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" [2007-09-13 154136] "Persistence"="C:\Windows\system32\igfxpers.exe" [2007-09-13 129560] "SynTPStart"="C:\Program Files\Synaptics\SynTP\SynTPStart.exe" [2007-09-15 102400] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784] "HP Software Update"="C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840] "SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2007-02-21 1183744] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "ST Recovery Launcher"="C:\Windows\SMINST\launcher.exe" [2007-03-09 44168] C:\Users\smarty005\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 113664] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-03-29 719664] Canon LBP2900 Statusfenster.lnk - C:\Windows\System32\spool\drivers\w32x86\3\CNAB4LAK.EXE [2008-04-19 50848] DVD Check.lnk - C:\Program Files\InterVideo\DVD Check\DVDCheck.exe [2008-01-14 192512] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "DisableCAD"= 1 (0x1) "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=APSHook.dll [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Notification Packages REG_MULTI_SZ SbHpNp scecli ASWLNPkg [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "ICQ Lite"="C:\Program Files\ICQLite\ICQLite.exe" -minimize [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "TCP Query User{76F8E7EB-3E76-4E94-9B6A-D8802C75512F}C:\\program files\\icqlite\\icqlite.exe"= UDP:C:\program files\icqlite\icqlite.exe:ICQLite "UDP Query User{A20C9CFE-41C7-4734-B074-4DC469D14DD2}C:\\program files\\icqlite\\icqlite.exe"= TCP:C:\program files\icqlite\icqlite.exe:ICQLite "{397E9E12-4334-4B66-A65F-1D4AD15BF912}"= TCP:6004|C:\Program Files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook "{4446B9FA-002D-4F15-8495-035FF9CEC37D}"= UDP:C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove "{903A2383-DCCE-4DE5-B3F4-0BA1A30109E9}"= TCP:C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove "{3C1323CE-C24D-4048-AC4D-B55C78442BF8}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{CEA8A723-16CF-4C79-9D9C-1954342071D7}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "TCP Query User{14E72224-1DEA-4ADC-B5F4-B2458D1872C0}C:\\program files\\spamihilator\\dccproc.exe"= UDP:C:\program files\spamihilator\dccproc.exe:dccproc "UDP Query User{96EF272D-730F-40AD-99DA-8A44CE300829}C:\\program files\\spamihilator\\dccproc.exe"= TCP:C:\program files\spamihilator\dccproc.exe:dccproc "TCP Query User{B9A8698B-C095-4774-ACC2-327B35FB7B3D}C:\\program files\\hp\\hp software update\\hpwucli.exe"= UDP:C:\program files\hp\hp software update\hpwucli.exe:HP Software Update Client "UDP Query User{4370C719-C449-4C2C-8E21-556C6B27A840}C:\\program files\\hp\\hp software update\\hpwucli.exe"= TCP:C:\program files\hp\hp software update\hpwucli.exe:HP Software Update Client "TCP Query User{D46DAACC-D714-425B-AF7F-3F058D495006}C:\\program files\\icq6\\icq.exe"= UDP:C:\program files\icq6\icq.exe:ICQ Library "UDP Query User{C1AD31D2-9A4D-49D9-B25B-AE3EE40EF699}C:\\program files\\icq6\\icq.exe"= TCP:C:\program files\icq6\icq.exe:ICQ Library "TCP Query User{F2F4C83A-D9DA-429A-8CE2-377CDF2A75B2}C:\\program files\\internet explorer\\iexplore.exe"= UDP:C:\program files\internet explorer\iexplore.exe:Internet Explorer "UDP Query User{D0EFDDD5-D7DA-4288-8534-43B9431DE6D3}C:\\program files\\internet explorer\\iexplore.exe"= TCP:C:\program files\internet explorer\iexplore.exe:Internet Explorer "{FEEC1330-0F72-4C61-A8A1-80444D8705A4}"= UDP:C:\Windows\System32\CNAB4RPK.EXE:Canon LBP2900 RPC Server Process "{A025567F-34A2-4F18-A707-9E7F7A7364B5}"= TCP:C:\Windows\System32\CNAB4RPK.EXE:Canon LBP2900 RPC Server Process "{D6A2177C-DA31-44C2-B04A-3A6B587EDC02}"= TCP:19375|C:\Program Files\devolo\dlanwlancfg\dlanwlancfg.exe:devolo dLAN Wireless extender Konfiguration "{ACD82C04-2796-40E9-9A5E-D21B9BE3F734}"= UDP:10300|C:\Program Files\devolo\informer\devinf.exe:devolo Informer "{A9BE20D9-E6B0-4FD6-AC9C-3A7A9B71014E}"= TCP:10301|LPort=19375|C:\Program Files\devolo\informer\devinf.exe:devolo Informer "{1F8295DD-F932-4CC5-BB6C-07CDC73ECBE0}"= TCP:12345|C:\Program Files\devolo\easyshare\easyshare.exe:devolo EasyShare "{EF0FA780-B01D-4724-A8F8-2438C18F3B9D}"= UDP:12346|LPort=12347|C:\Program Files\devolo\easyshare\easyshare.exe:devolo EasyShare "TCP Query User{B0C795BF-1CCE-4CDF-B00C-868FD3FC5537}C:\\users\\smarty005\\appdata\\local\\temp\\tmp22df.tmp\\update.exe"= UDP:C:\users\smarty005\appdata\local\temp\tmp22df.tmp\update.exe:update.exe "UDP Query User{BA5AAA12-8863-42F1-A5BB-00811E4DA652}C:\\users\\smarty005\\appdata\\local\\temp\\tmp22df.tmp\\update.exe"= TCP:C:\users\smarty005\appdata\local\temp\tmp22df.tmp\update.exe:update.exe "TCP Query User{34D33508-6C4D-4A82-99F4-B06F5D47A0B8}C:\\program files\\internet explorer\\iexplore.exe"= UDP:C:\program files\internet explorer\iexplore.exe:Internet Explorer "UDP Query User{B7E6311C-E672-4885-AB50-630E6ECEB10F}C:\\program files\\internet explorer\\iexplore.exe"= TCP:C:\program files\internet explorer\iexplore.exe:Internet Explorer "TCP Query User{52A46E38-05A6-49BD-B33F-DCC608970569}C:\\program files\\icqlite\\icqlite.exe"= UDP:C:\program files\icqlite\icqlite.exe:ICQLite "UDP Query User{1137EAFB-9C02-41E5-9C96-ADC76441839E}C:\\program files\\icqlite\\icqlite.exe"= TCP:C:\program files\icqlite\icqlite.exe:ICQLite "TCP Query User{6FF90A33-5863-4074-87B8-F49B18E2ADC1}C:\\program files\\miranda im\\miranda32.exe"= UDP:C:\program files\miranda im\miranda32.exe:Miranda IM "UDP Query User{2129E118-5E72-4DE7-87C5-7C612CDFDBC5}C:\\program files\\miranda im\\miranda32.exe"= TCP:C:\program files\miranda im\miranda32.exe:Miranda IM "TCP Query User{D0E5F611-4866-46B8-B1CF-E98527595273}C:\\program files\\electronic arts\\eadm\\core.exe"= UDP:C:\program files\electronic arts\eadm\core.exe:EA Download Manager "UDP Query User{23CBB635-F10D-4850-BB98-F884C1618F60}C:\\program files\\electronic arts\\eadm\\core.exe"= TCP:C:\program files\electronic arts\eadm\core.exe:EA Download Manager "TCP Query User{9132624D-C024-4E55-B04B-B2DCB93461F6}C:\\users\\smarty005\\appdata\\local\\temp\\tmp759c.tmp\\update.exe"= UDP:C:\users\smarty005\appdata\local\temp\tmp759c.tmp\update.exe:update.exe "UDP Query User{47502F80-3A5F-4E1B-A4B4-26ABA4D38C41}C:\\users\\smarty005\\appdata\\local\\temp\\tmp759c.tmp\\update.exe"= TCP:C:\users\smarty005\appdata\local\temp\tmp759c.tmp\update.exe:update.exe "{70A047B0-E5FE-4ADA-B584-4AFA8E4BC25C}"= UDP:C:\Program Files\PPLive\PPLive.exe:PPLive "{4910C019-7665-42DA-87DC-3612A8ADE5C3}"= TCP:C:\Program Files\PPLive\PPLive.exe:PPLive "TCP Query User{F3EBDEFF-8F58-4B36-A76D-91F4E057803E}C:\\program files\\tvuplayer\\tvuplayer.exe"= UDP:C:\program files\tvuplayer\tvuplayer.exe:TVUPlayer Component "UDP Query User{E95CAA37-B4BC-4C02-9BC3-458A44088257}C:\\program files\\tvuplayer\\tvuplayer.exe"= TCP:C:\program files\tvuplayer\tvuplayer.exe:TVUPlayer Component R0 SbAlg;SbAlg;C:\Windows\system32\drivers\SbAlg.sys [2006-10-09 44720] R0 SbFsLock;SbFsLock;C:\Windows\system32\drivers\SbFsLock.sys [2007-03-29 13696] R1 RsvLock;RsvLock;C:\Windows\system32\drivers\RsvLock.sys [2007-04-22 5808] R2 AEADIFilters;Andrea ADI Filters Service;C:\Windows\system32\AEADISRV.EXE [2007-02-06 69632] R2 ASBroker;Anmeldesitzungsbroker;C:\Windows\System32\svchost.exe [2008-01-19 21504] R2 ASChannel;Lokaler Verbindungskanal;C:\Windows\System32\svchost.exe [2008-01-19 21504] R2 HpFkCryptService;Drive Encryption Service;c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2007-04-22 221184] R2 hpsrv;HP Service;C:\Windows\system32\Hpservice.exe [2007-01-05 18944] R2 NPF_devolo;NetGroup Packet Filter Driver (devolo);C:\Windows\system32\drivers\npf_devolo.sys [2007-02-07 35840] R2 pdfcDispatcher;PDF Document Manager;C:\Program Files\PDF Complete\pdfsvc.exe [2007-05-08 540448] R2 UxTuneUp;TuneUp Designerweiterung;C:\Windows\System32\svchost.exe [2008-01-19 21504] R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\b57nd60x.sys [2007-02-26 179712] R3 btwaudio;Bluetooth-Audiogerät;C:\Windows\system32\drivers\btwaudio.sys [2007-05-11 79664] R3 btwavdt;Bluetooth AVDT;C:\Windows\system32\drivers\btwavdt.sys [2007-05-11 81200] R3 btwrchid;btwrchid;C:\Windows\system32\DRIVERS\btwrchid.sys [2007-05-11 16432] S3 TuneUp.Defrag;TuneUp Drive Defrag-Dienst;C:\Windows\System32\TuneUpDefragService.exe [2008-08-17 307968] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc bthsvcs REG_MULTI_SZ BthServ Cognizance REG_MULTI_SZ ASBroker ASChannel HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] "C:\Program Files\Common Files\LightScribe\LSRunOnce.exe" . Inhalt des "geplante Tasks" Ordners 2008-10-09 C:\Windows\Tasks\1-Klick-Wartung.job - C:\Program Files\TuneUp Utilities 2008\OneClickStarter.exe [2008-02-29 09:58] 2008-10-08 C:\Windows\Tasks\User_Feed_Synchronization-{F8821C4C-6A9F-47C2-BE00-2BB4E22DED9D}.job - C:\Windows\system32\msfeedssync.exe [2008-01-19 09:33] . - - - - Entfernte verwaiste Registrierungseinträge - - - - HKCU-Run-ophipqy - c:\users\smarty005\appdata\local\ophipqy.exe . ------- Zusätzlicher Suchlauf ------- . FireFox -: Profile - C:\Users\smarty005\AppData\Roaming\Mozilla\Firefox\Profiles\hecgxad2.default\ FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.t-online.de/ . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-10-09 21:02:01 Windows 6.0.6001 Service Pack 1 NTFS Scanne versteckte Prozesse... Scanne versteckte Autostarteinträge... Scanne versteckte Dateien... Scan erfolgreich abgeschlossen versteckte Dateien: 0 ************************************************************************** . ------------------------ Weitere laufende Prozesse ------------------------ . C:\Windows\System32\audiodg.exe C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Windows\System32\agrsmsvc.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe C:\Program Files\Hewlett-Packard\IAM\Bin\asghost.exe C:\Windows\System32\CNAB4RPK.EXE C:\Windows\System32\conime.exe C:\Windows\SMINST\Scheduler.exe C:\Windows\System32\igfxsrvc.exe C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Windows\System32\wbem\WMIADAP.exe . ************************************************************************** . Zeit der Fertigstellung: 2008-10-09 21:08:08 - PC wurde neu gestartet ComboFix-quarantined-files.txt 2008-10-09 19:07:49 Vor Suchlauf: 10 Verzeichnis(se), 119.394.275.328 Bytes frei Nach Suchlauf: 20 Verzeichnis(se), 118,895,046,656 Bytes frei 267 --- E O F --- 2008-10-08 18:22:28 |
| Themen zu Internet Explorer - öffnet automatisch Werbung! |
| ad-aware, adobe, agere systems, antivir, avg, avira, bho, browser, canon, defender, document, explorer, hijack, internet, internet explorer, kaspersky, launch, mehrere, micro, microsoft, pdf, problem, rundll, security, sich automatisch, software, tuneup.defrag, vista, werbung, windows, windows defender, windows sidebar, öffnet, öffnet automatisch, öffnet sich automatisch |
Baum-Darstellung