Windowsclick.com Trojaner auf meinem PC

LindaHH · 23.08.2009, 12:42

Teil II

Code:

ATTFilter

======List of files/folders created in the last 1 months======

2009-08-23 13:13:28 ----D---- C:\rsit
2009-08-23 13:13:28 ----D---- C:\Programme\trend micro
2009-08-23 12:28:23 ----D---- C:\Programme\CCleaner
2009-08-23 10:37:53 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2009-08-23 10:33:14 ----D---- C:\2a14503caf6b6df49340db
2009-08-23 10:20:24 ----D---- C:\44cb73585a2cb1d06607acb23d
2009-08-22 23:09:03 ----D---- C:\5d9aa79e0ae0f34208c74e0aa582
2009-08-22 14:34:28 ----D---- C:\WINDOWS\system32\XPSViewer
2009-08-22 14:34:25 ----D---- C:\WINDOWS\system32\en-US
2009-08-22 14:34:21 ----D---- C:\Programme\Reference Assemblies
2009-08-22 14:34:04 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2009-08-22 14:34:04 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2009-08-22 14:34:04 ----N---- C:\WINDOWS\system32\prntvpt.dll
2009-08-22 14:34:04 ----D---- C:\672f7e1f3e8531b20d3b3ea343208cab
2009-08-22 14:32:22 ----SHD---- C:\Config.Msi
2009-08-21 21:04:43 ----A---- C:\WINDOWS\system32\xa.tmp
2009-08-18 19:52:45 ----D---- C:\Programme\Sierra
2009-08-17 21:10:04 ----A---- C:\WINDOWS\system32\CmdLineExt.dll
2009-08-17 20:11:05 ----D---- C:\Programme\Eidos
2009-08-16 09:44:24 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Panasonic
2009-08-16 09:13:45 ----A---- C:\WINDOWS\system32\setupsvc.dll
2009-08-16 09:13:45 ----A---- C:\WINDOWS\system32\GenSvcInst.exe
2009-08-16 09:13:45 ----A---- C:\WINDOWS\system32\BHARegister.dll
2009-08-16 09:13:45 ----A---- C:\WINDOWS\system32\bgsvcgen.exe
2009-08-16 09:12:34 ----D---- C:\Programme\Panasonic
2009-08-16 09:11:52 ----D---- C:\Dokumente und Einstellungen\***\Anwendungsdaten\InstallShield
2009-08-14 08:08:10 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2009-08-14 08:08:06 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2009-08-14 08:08:01 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$
2009-08-14 08:07:57 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2009-08-14 08:07:52 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2009-08-14 08:07:30 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2009-08-14 08:07:25 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
2009-08-14 08:07:18 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2009-08-14 08:05:51 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2009-08-14 08:05:43 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2009-08-07 20:14:50 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVS4YOU
2009-08-07 20:14:47 ----D---- C:\Dokumente und Einstellungen\***\Anwendungsdaten\AVS4YOU
2009-08-07 20:13:47 ----D---- C:\Programme\Gemeinsame Dateien\AVSMedia
2009-08-07 20:13:06 ----D---- C:\Programme\AVS4YOU
2009-08-06 16:48:05 ----D---- C:\divx
2009-08-06 16:41:24 ----D---- C:\Programme\ConvertHelper
2009-07-28 17:42:50 ----D---- C:\Programme\Photo DVD Maker Professional
2009-07-28 14:29:37 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP
2009-07-28 14:29:34 ----D---- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Photo DVD Maker
2009-07-28 14:29:34 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Anvsoft
2009-07-26 10:45:42 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2009-07-26 10:45:24 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2009-07-26 10:45:04 ----HDC---- C:\WINDOWS\$NtUninstallKB959772_WM11$
2009-07-26 10:45:00 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2009-07-26 10:44:53 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP11$
2009-07-24 12:47:12 ----N---- C:\WINDOWS\system32\spmsg.dll
2009-07-24 12:47:07 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2009-07-24 12:47:02 ----A---- C:\WINDOWS\system32\wmpns.dll
2009-07-24 12:46:56 ----D---- C:\Programme\Windows Media Connect 2
2009-07-24 12:46:47 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
2009-07-24 12:46:08 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2009-07-24 12:45:35 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$

======List of files/folders modified in the last 1 months======

2009-08-23 13:13:28 ----RD---- C:\Programme
2009-08-23 12:52:03 ----D---- C:\WINDOWS\Temp
2009-08-23 12:52:03 ----D---- C:\WINDOWS\system32
2009-08-23 12:50:42 ----D---- C:\WINDOWS\system32\CatRoot2
2009-08-23 12:50:37 ----D---- C:\WINDOWS
2009-08-23 12:49:31 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-08-23 12:31:48 ----D---- C:\WINDOWS\Debug
2009-08-23 12:23:41 ----D---- C:\Programme\Mozilla Thunderbird
2009-08-23 10:38:07 ----HD---- C:\WINDOWS\inf
2009-08-23 10:38:04 ----D---- C:\WINDOWS\system32\CatRoot
2009-08-23 10:37:58 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-08-22 18:21:13 ----D---- C:\WINDOWS\Microsoft.NET
2009-08-22 18:09:29 ----D---- C:\WINDOWS\Prefetch
2009-08-22 16:18:59 ----RSD---- C:\WINDOWS\assembly
2009-08-22 14:35:18 ----SHD---- C:\WINDOWS\Installer
2009-08-22 14:35:00 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-08-22 14:34:24 ----RSD---- C:\WINDOWS\Fonts
2009-08-22 14:34:10 ----D---- C:\WINDOWS\system32\spool
2009-08-22 14:32:50 ----D---- C:\WINDOWS\WinSxS
2009-08-22 14:32:29 ----D---- C:\Programme\Internet Explorer
2009-08-22 13:03:49 ----D---- C:\Dokumente und Einstellungen\***\Anwendungsdaten\ICQ
2009-08-21 21:16:08 ----D---- C:\WINDOWS\system32\drivers
2009-08-17 20:44:46 ----D---- C:\WINDOWS\system32\DirectX
2009-08-17 20:11:04 ----HD---- C:\Programme\InstallShield Installation Information
2009-08-16 10:59:29 ----A---- C:\WINDOWS\NeroDigital.ini
2009-08-16 08:04:34 ----D---- C:\Programme\Gemeinsame Dateien
2009-08-15 22:34:01 ----D---- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Adobe
2009-08-14 08:07:56 ----HD---- C:\WINDOWS\$hf_mig$
2009-08-14 08:07:49 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft Help
2009-08-14 08:07:27 ----D---- C:\Programme\Outlook Express
2009-08-06 16:49:39 ----D---- C:\Dokumente und Einstellungen\***\Anwendungsdaten\DivX
2009-08-06 16:16:19 ----SD---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft
2009-08-05 10:59:36 ----A---- C:\WINDOWS\system32\mswebdvd.dll
2009-07-30 09:27:12 ----D---- C:\WINDOWS\system32\de-de
2009-07-30 02:49:14 ----A---- C:\WINDOWS\system32\MRT.exe
2009-07-24 13:47:44 ----D---- C:\WINDOWS\system32\Adobe
2009-07-24 13:47:39 ----D---- C:\WINDOWS\system32\Macromed
2009-07-24 13:47:39 ----D---- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Macromedia
2009-07-24 12:57:08 ----D---- C:\Programme\Windows Media Player
2009-07-24 12:56:37 ----D---- C:\WINDOWS\security
2009-07-24 12:47:02 ----A---- C:\WINDOWS\win.ini
2009-07-24 12:46:53 ----D---- C:\WINDOWS\Help
2009-07-24 12:45:43 ----D---- C:\WINDOWS\system32\LogFiles
2009-07-24 11:35:47 ----D---- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Move Networks

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Programme\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 cdrbsdrv;cdrbsdrv; C:\WINDOWS\system32\drivers\cdrbsdrv.sys [2006-02-20 33408]
R1 intelppm;Intel-Prozessortreiber; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40448]
R1 kbdhid;Tastatur-HID-Treiber; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.0.0.5; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2009-03-10 15939]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-08-05 55656]
R2 CdaC15BA;CdaC15BA; \??\C:\WINDOWS\system32\drivers\CDAC15BA.SYS []
R3 3xHybrid;3xHybrid service; C:\WINDOWS\system32\DRIVERS\3xHybrid.sys [2005-02-09 666368]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2004-06-29 1268204]
R3 Arp1394;1394-ARP-Clientprotokoll; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-08-02 1681920]
R3 BthEnum;Bluetooth-Anforderungsblocktreiber; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
R3 BthPan;Bluetooth-Gerät (PAN); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
R3 BTHUSB;USB-Treiber für Bluetooth-Funkgerät; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
R3 cmudax;C-Media High Definition Audio Interface; C:\WINDOWS\system32\drivers\cmudax.sys [2005-05-12 1287296]
R3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5b.sys [2004-04-15 42496]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400]
R3 HDAudBus;Microsoft UAA-Bustreiber für High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Microsoft HID Class-Treiber; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Maus-HID-Treiber; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-04 12288]
R3 NIC1394;1394-Netzwerktreiber; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 RFCOMM;Bluetooth-Gerät (RFCOMM-Protokoll-TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
R3 usbccgp;Microsoft Standard-USB-Haupttreiber; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Miniporttreiber für erweiterten Microsoft USB 2.0-Hostcontroller; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2-aktivierter Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbstor;USB-Massenspeichertreiber; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Miniporttreiber für universellen Microsoft USB-Hostcontroller; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 wbscr;Winbond Smartcard Reader for I/O; C:\WINDOWS\system32\drivers\wbscr.sys [2002-04-24 19928]
R3 XUIF;X10 USB Wireless Transceiver; C:\WINDOWS\System32\Drivers\x10ufx2.sys [2004-01-16 17408]
S3 BTHPORT;Bluetooth-Porttreiber; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 273024]
S3 CardReaderFilter;Card Reader Filter; \??\C:\WINDOWS\system32\Drivers\USBCRFT.SYS []
S3 CCDECODE;Untertiteldecoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-06-16 25280]
S3 MPE;BDA MPE-Filter; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI-Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV-/Videoverbindung; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NTSIM;NTSIM; \??\C:\WINDOWS\system32\ntsim.sys []
S3 PDNMp50;PDNMp50 NDIS Protocol Driver; \??\C:\WINDOWS\system32\drivers\PDNMp50.sys []
S3 PDNSp50;PDNSp50 NDIS Protocol Driver; \??\C:\WINDOWS\system32\drivers\PDNSp50.sys []
S3 RT2500USB;RT2500 USB Wireless LAN Driver; C:\WINDOWS\system32\DRIVERS\rt2500usb.sys [2004-12-03 140544]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA-IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 USBAV191;Instant VideoXpress; C:\WINDOWS\SYSTEM32\DRIVERS\USBAV191.SYS [2005-04-28 120128]
S3 usbprint;Microsoft USB-Druckerklasse; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext-Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirSchedulerService;Avira AntiVir Planer; C:\Programme\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
R2 Apple Mobile Device;Apple Mobile Device; C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-03-26 132424]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-08-02 401408]
R2 bgsvcgen;B's Recorder GOLD Library General Service; C:\WINDOWS\system32\bgsvcgen.exe [2007-06-15 145504]
R2 Bonjour Service;Bonjour-Dienst; C:\Programme\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 C-DillaCdaC11BA;C-DillaCdaC11BA; C:\WINDOWS\system32\drivers\CDAC11BA.EXE [2009-03-11 54784]
R2 JavaQuickStarterService;Java Quick Starter; C:\Programme\Java\jre6\bin\jqs.exe [2009-06-01 152984]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-06-15 66872]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2009-06-15 103736]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service; C:\WINDOWS\System32\TUProgSt.exe [2009-05-06 604416]
R2 UxTuneUp;TuneUp Designerweiterung; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 AntiVirService;Avira AntiVir Guard; C:\Programme\Avira\AntiVir Desktop\avguard.exe [2009-08-05 185089]
S3 Adobe Version Cue CS3;Adobe Version Cue CS3 {de_DE} ; C:\Programme\Gemeinsame Dateien\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe [2007-03-20 153792]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 de_serv;AVM FRITZ!web Routing Service; C:\Programme\Gemeinsame Dateien\AVM\de_serv.exe []
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-04-05 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 iPod Service;iPod-Dienst; C:\Programme\iPod\bin\iPodService.exe [2009-04-02 656168]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Programme\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 TuneUp.Defrag;TuneUp Drive Defrag-Dienst; C:\WINDOWS\System32\TuneUpDefragService.exe [2009-05-06 360704]
S3 WMPNetworkSvc;Windows Media Player-Netzwerkfreigabedienst; C:\Programme\Windows Media Player\WMPNetwk.exe [2006-11-03 920576]
S3 x10nets;X10 Device Network Service; C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe [2001-11-12 20480]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Ich hab nicht so wirklich viel Ahnung von der ganzen Materie, aber ich hoffe sehr, dass mir hier geholfen werden kann!! Danke schonmal!

Windowsclick.com Trojaner auf meinem PC

Plagegeister aller Art und deren Bekämpfung: Windowsclick.com Trojaner auf meinem PC

Windowsclick.com Trojaner auf meinem PC

Ähnliche Themen: Windowsclick.com Trojaner auf meinem PC