| |
| |||||||
Log-Analyse und Auswertung: Hijack This log bitte überprüfenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
24.09.2009, 20:30
| #10 |
 |  Hijack This log bitte überprüfen hallo, vieln dank das du dich jetzt um mich kümmerst(: ja mir kanns nur recht sein  nein die datei existiert wohl nichtmehr, ich habe mir alles anzeigen lassen, weder manuell suchen noch ein suchlauf hat sie gefunden, also wird so schon weg sein^^ Code:
ATTFilter ComboFix 09-09-23.02 - ****** 24.09.2009 20:29:04.1.2 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.49.1031.18.1919.1085 [GMT 2:00]
ausgeführt von:: C:\Users\******\Desktop\ComboFix.exe
AV: AntiVir Desktop *On-access scanning enabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
SP: AntiVir Desktop *enabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
SP: Windows-Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\$RECYCLE.BIN\S-1-5-21-2841101459-4050323791-12494921-500
C:\Users\Martin\AppData\Local\icyuesu.dat
C:\Users\Martin\AppData\Local\icyuesu_nav.dat
C:\Users\Martin\AppData\Local\icyuesu_navps.dat
C:\Users\Martin\AppData\Roaming\Microsoft\Clip Organizer\mstore10.mgc
C:\Users\Martin\AppData\Roaming\Microsoft\Clip Organizer\Offic10.MGC
C:\Windows\Downloaded Program Files\bdcore.dll
C:\Windows\Downloaded Program Files\libfn.dll
.
((((((((((((((((((((((( Dateien erstellt von 2009-08-24 bis 2009-09-24 ))))))))))))))))))))))))))))))
.
2009-09-24 18:57:56 . 2009-09-24 18:58:38 0 d-----w- C:\Users\******\AppData\Local\temp
2009-09-24 18:57:56 . 2009-09-24 18:57:56 0 d-----w- C:\Users\Mcx1\AppData\Local\temp
2009-09-24 18:57:56 . 2009-09-24 18:57:56 0 d-----w- C:\Users\Gast\AppData\Local\temp
2009-09-24 18:57:56 . 2009-09-24 18:57:56 0 d-----w- C:\Users\Default\AppData\Local\temp
2009-09-23 22:56:20 . 2009-09-23 23:07:59 0 d-----w- C:\Windows\BDOSCAN8
2009-09-19 18:29:02 . 2009-09-19 18:29:31 0 d-----w- C:\rsit
2009-09-19 18:19:05 . 2009-09-19 18:19:05 0 d-----w- C:\Users\******\AppData\Roaming\Malwarebytes
2009-09-19 18:18:59 . 2009-09-10 12:54:06 38224 ----a-w- C:\Windows\system32\drivers\mbamswissarmy.sys
2009-09-19 18:18:57 . 2009-09-19 18:19:04 0 d-----w- C:\Program Files\Malwarebytes' Anti-Malware
2009-09-19 18:18:57 . 2009-09-19 18:18:57 0 d-----w- C:\ProgramData\Malwarebytes
2009-09-19 18:18:57 . 2009-09-10 12:53:50 19160 ----a-w- C:\Windows\system32\drivers\mbam.sys
2009-09-19 18:10:10 . 2009-09-19 18:10:11 0 d-----w- C:\Program Files\CCleaner
2009-09-18 21:35:12 . 2009-09-18 21:35:12 0 d-----w- C:\Windows\system32\RTCOM
2009-09-18 20:04:04 . 2009-09-18 20:08:10 0 d-----w- C:\Users\*****\AppData\Roaming\Teeworlds
2009-09-14 11:58:59 . 2009-09-14 11:58:59 361728 ----a-w- C:\Windows\system32\TuneUpDefragService.exe
2009-09-14 11:56:57 . 2008-07-18 13:05:40 28416 ----a-w- C:\Windows\system32\uxtuneup.dll
2009-09-13 16:32:29 . 2009-09-13 16:32:46 0 d-----w- C:\Program Files\TuneUp Utilities 2008
2009-09-13 16:31:53 . 2009-09-13 16:31:53 0 d-----w- C:\Program Files\Common Files\Wise Installation Wizard
2009-09-11 21:47:49 . 2009-09-18 21:38:37 0 d--h--w- C:\Program Files\Temp
2009-09-09 13:55:38 . 2009-07-11 19:01:42 513536 ----a-w- C:\Windows\system32\wlansvc.dll
2009-09-09 13:55:38 . 2009-07-11 19:01:42 302592 ----a-w- C:\Windows\system32\wlansec.dll
2009-09-09 13:55:38 . 2009-07-11 19:01:42 293376 ----a-w- C:\Windows\system32\wlanmsm.dll
2009-09-09 13:55:38 . 2009-07-11 19:01:41 65024 ----a-w- C:\Windows\system32\wlanapi.dll
2009-09-09 13:55:38 . 2009-07-11 17:03:41 127488 ----a-w- C:\Windows\system32\L2SecHC.dll
2009-09-05 21:02:53 . 2009-09-05 21:02:53 0 d-----w- C:\Program Files\NVIDIA Corporation
2009-09-05 20:58:47 . 2009-09-05 20:58:47 0 d-----w- C:\NVIDIA
2009-09-05 18:11:13 . 2009-09-06 10:47:42 0 d-----w- C:\ProgramData\NVIDIA
2009-09-05 17:31:40 . 2009-09-05 17:31:40 0 d-----w- C:\Windows\system32\nn-NO
2009-09-05 17:31:40 . 2009-06-03 23:03:40 61440 ----a-w- C:\Windows\system32\athihvui.dll
2009-09-05 17:31:40 . 2009-06-03 23:03:16 397312 ----a-w- C:\Windows\system32\athihvs.dll
2009-09-05 17:31:25 . 2009-09-05 17:31:26 0 d-----w- C:\Program Files\Cisco
2009-09-05 17:27:49 . 2009-09-05 17:27:49 0 d-----w- C:\Windows\system32\sda
2009-09-05 17:26:53 . 2009-08-19 19:13:24 173056 ----a-w- C:\Windows\system32\drivers\RtsUStor.sys
2009-09-05 17:26:53 . 2009-08-19 08:23:52 270336 ----a-w- C:\Windows\system32\RtsUStor.dll
2009-09-05 17:26:53 . 2009-02-02 16:27:20 7360512 ----a-w- C:\Windows\system32\RTSUSTORicon.dll
2009-09-05 17:13:03 . 2009-09-18 21:21:53 0 d-----w- C:\Users\******\AppData\Roaming\vlc
2009-09-05 14:36:20 . 2009-09-05 14:36:20 0 d-----w- C:\Program Files\Driver-Soft
2009-09-05 13:58:22 . 2009-09-13 16:29:04 0 d-sh--w- C:\ProgramData\{55A29068-F2CE-456C-9148-C869879E2357}
2009-09-02 21:14:46 . 2009-08-29 00:27:49 4240384 ----a-w- C:\Windows\system32\GameUXLegacyGDFs.dll
2009-09-02 21:14:46 . 2009-08-29 00:14:38 28672 ----a-w- C:\Windows\system32\Apphlpdm.dll
2009-08-26 15:27:33 . 2009-06-22 10:09:49 2048 ----a-w- C:\Windows\system32\tzres.dll
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-09-24 18:02:57 . 2009-09-05 18:08:02 201086 ----a-w- C:\ProgramData\nvModes.dat
2009-09-24 15:42:23 . 2008-02-04 13:45:05 45056 ----a-w- C:\Windows\system32\acovcnt.exe
2009-09-24 13:27:23 . 2007-04-18 08:33:08 12 ----a-w- C:\Windows\bthservsdp.dat
2009-09-23 11:49:41 . 2007-04-18 09:14:04 621942 ----a-w- C:\Windows\system32\perfh007.dat
2009-09-23 11:49:41 . 2007-04-18 09:14:04 123666 ----a-w- C:\Windows\system32\perfc007.dat
2009-09-18 21:33:59 . 2008-02-04 13:25:44 319456 ----a-w- C:\Windows\DIFxAPI.dll
2009-09-18 21:33:53 . 2008-02-04 13:19:48 0 d--h--w- C:\Program Files\InstallShield Installation Information
2009-09-13 11:58:49 . 2008-12-30 12:10:41 0 d-----w- C:\Users\*******\AppData\Roaming\U3
2009-09-11 22:03:06 . 2008-02-04 13:25:35 0 d-----w- C:\Program Files\Realtek
2009-09-11 19:44:44 . 2009-09-18 21:33:55 2769120 ----a-w- C:\Windows\system32\drivers\RTKVHDA.sys
2009-09-11 18:54:42 . 2009-09-18 21:33:55 1305632 ----a-w- C:\Windows\system32\RtkPgExt.dll
2009-09-11 18:54:36 . 2009-09-18 21:33:55 53280 ----a-w- C:\Windows\system32\RtkCoInst.dll
2009-09-11 18:54:26 . 2009-09-18 21:33:55 338464 ----a-w- C:\Windows\system32\RtkApoApi.dll
2009-09-11 18:54:26 . 2009-09-18 21:33:55 2965536 ----a-w- C:\Windows\system32\RtkAPO.dll
2009-09-09 15:27:52 . 2006-11-02 11:18:33 0 d-----w- C:\Program Files\Windows Mail
2009-09-08 21:15:38 . 2008-12-27 02:12:10 0 d-----w- C:\Program Files\Google
2009-09-05 17:32:38 . 2008-02-04 13:27:52 0 d-----w- C:\ProgramData\Atheros
2009-09-05 17:31:40 . 2008-02-04 13:28:26 0 d-----w- C:\Program Files\Atheros
2009-09-05 16:53:01 . 2008-05-20 21:30:35 144838 ----a-w- C:\Users\Martin\AppData\Roaming\nvModes.dat
2009-08-31 18:46:26 . 2009-02-28 14:59:26 0 d-----w- C:\Users\Martin\AppData\Roaming\dvdcss
2009-08-31 17:44:56 . 2009-09-18 21:33:54 267264 ----a-w- C:\Windows\system32\FMAPO.dll
2009-08-22 21:34:27 . 2008-05-23 12:15:25 0 d-----w- C:\Program Files\Common Files\DVDVideoSoft
2009-08-22 21:34:01 . 2008-05-23 12:15:14 0 d-----w- C:\Program Files\DVDVideoSoft
2009-08-21 16:40:09 . 2009-08-21 16:40:09 0 d-----w- C:\ProgramData\WindowsSearch
2009-08-21 16:28:46 . 2009-05-02 18:49:20 0 d-----w- C:\Users\******\AppData\Roaming\uTorrent
2009-08-18 15:16:52 . 2009-09-18 21:33:47 831488 ----a-w- C:\Windows\RtlExUpd.dll
2009-08-14 16:27:34 . 2009-09-09 13:59:37 904776 ----a-w- C:\Windows\system32\drivers\tcpip.sys
2009-08-14 15:53:34 . 2009-09-09 13:59:34 17920 ----a-w- C:\Windows\system32\netevent.dll
2009-08-14 13:49:20 . 2009-09-09 13:59:35 9728 ----a-w- C:\Windows\system32\TCPSVCS.EXE
2009-08-14 13:49:18 . 2009-09-09 13:59:35 17920 ----a-w- C:\Windows\system32\ROUTE.EXE
2009-08-14 13:49:18 . 2009-09-09 13:59:35 11264 ----a-w- C:\Windows\system32\MRINFO.EXE
2009-08-14 13:49:15 . 2009-09-09 13:59:35 27136 ----a-w- C:\Windows\system32\NETSTAT.EXE
2009-08-14 13:49:14 . 2009-09-09 13:59:35 8704 ----a-w- C:\Windows\system32\HOSTNAME.EXE
2009-08-14 13:49:14 . 2009-09-09 13:59:35 19968 ----a-w- C:\Windows\system32\ARP.EXE
2009-08-14 13:49:13 . 2009-09-09 13:59:35 10240 ----a-w- C:\Windows\system32\finger.exe
2009-08-14 13:48:21 . 2009-09-09 13:59:35 30720 ----a-w- C:\Windows\system32\drivers\tcpipreg.sys
2009-08-14 13:48:02 . 2009-09-09 13:59:35 105984 ----a-w- C:\Windows\system32\netiohlp.dll
2009-08-07 17:08:06 . 2009-08-07 17:08:06 0 d-----w- C:\Program Files\OpenAL
2009-08-07 17:08:06 . 2009-08-07 17:08:05 413696 ----a-w- C:\Windows\system32\wrap_oal.dll
2009-08-07 17:08:05 . 2009-08-07 17:08:05 110592 ----a-w- C:\Windows\system32\OpenAL32.dll
2009-08-06 11:00:30 . 2009-04-10 10:12:32 55656 ----a-w- C:\Windows\system32\drivers\avgntflt.sys
2009-08-05 10:53:23 . 2008-09-28 16:01:50 0 d-----w- C:\Program Files\Java
2009-07-25 03:23:00 . 2008-12-06 15:10:28 411368 ----a-w- C:\Windows\system32\deploytk.dll
2009-07-21 21:52:28 . 2009-07-29 19:41:13 915456 ----a-w- C:\Windows\system32\wininet.dll
2009-07-21 21:47:28 . 2009-07-29 19:41:12 109056 ----a-w- C:\Windows\system32\iesysprep.dll
2009-07-21 21:47:27 . 2009-07-29 19:41:12 71680 ----a-w- C:\Windows\system32\iesetup.dll
2009-07-21 20:13:58 . 2009-07-29 19:41:12 133632 ----a-w- C:\Windows\system32\ieUnatt.exe
2009-07-17 13:54:43 . 2009-08-13 10:35:48 71680 ----a-w- C:\Windows\system32\atl.dll
2009-07-15 20:37:50 . 2008-04-20 13:52:08 100256 ----a-w- C:\Users\*******\AppData\Local\GDIPFONTCACHEV1.DAT
2009-07-15 12:40:34 . 2009-08-13 10:35:54 8147456 ----a-w- C:\Windows\system32\wmploc.DLL
2009-07-15 12:39:58 . 2009-08-13 10:35:55 313344 ----a-w- C:\Windows\system32\wmpdxm.dll
2009-07-15 12:39:40 . 2009-08-13 10:35:54 4096 ----a-w- C:\Windows\system32\dxmasf.dll
2009-07-15 12:39:28 . 2009-08-13 10:35:54 7680 ----a-w- C:\Windows\system32\spwmp.dll
2009-07-02 17:28:58 . 2009-09-18 21:33:55 73216 ----a-w- C:\Windows\system32\RTEEL32A.dll
2009-07-02 17:28:58 . 2009-09-18 21:33:55 59392 ----a-w- C:\Windows\system32\RTEEG32A.dll
2009-07-02 17:28:58 . 2009-09-18 21:33:55 347648 ----a-w- C:\Windows\system32\RTEEP32A.dll
2009-07-02 17:28:56 . 2009-09-18 21:33:55 164864 ----a-w- C:\Windows\system32\RTEED32A.dll
2009-06-29 19:40:07 . 2009-02-06 13:47:42 183112 ----a-w- C:\Windows\system32\PnkBstrB.exe
2009-06-29 19:40:02 . 2009-02-06 13:47:29 66872 ----a-w- C:\Windows\system32\PnkBstrA.exe
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 01:08:18 143360 ----a-w- C:\Program Files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2008-01-19 07:33:09 125952]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 07:33:39 202240]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2008-01-19 07:38:38 1008184]
"SMSERIAL"="C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe" [2007-09-03 05:29:40 630784]
"ATKMEDIA"="C:\Program Files\ASUS\ATK Media\DMEDIA.EXE" [2006-11-02 16:27:32 61440]
"ASUSTPE"="C:\Windows\system32\ASUSTPE.exe" [2007-01-17 00:13:14 106496]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2007-03-01 21:24:25 857648]
"ASUS Camera ScreenSaver"="C:\Windows\ASScrProlog.exe" [2008-02-04 13:38:52 37232]
"ASUS Screen Saver Protector"="C:\Windows\ASScrPro.exe" [2008-02-04 13:39:02 33136]
"PowerForPhone"="C:\Program Files\PowerForPhone\PowerForPhone.exe" [2007-06-26 18:10:44 778240]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 13:57:24 153136]
"CanonSolutionMenu"="C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe" [2007-05-14 16:01:00 644696]
"OpwareSE4"="C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe" [2007-02-04 11:02:14 79400]
"WrtMon.exe"="C:\Windows\system32\spool\drivers\w32x86\3\WrtMon.exe" [2006-09-20 07:35:26 20480]
"amd_dc_opt"="C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 12:53:10 77824]
"avgnt"="C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 10:08:43 209153]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2008-09-19 13:21:00 13593120]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2008-09-19 13:21:00 92704]
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-09-11 18:54:20 7739936]
" Malwarebytes Anti-Malware (reboot)"="C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 12:53:56 1312080]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
"SSBkgdUpdate"="C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
"SunJavaUpdateSched"="C:\Program Files\Java\jre6\bin\jusched.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):ca,c6,4a,72,bf,e2,c9,01
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{82D008CE-00DE-4178-8CD9-79C1B526FD63}"= UDP:C:\Program Files\ASUS\ASUS Data Security Manager\My_Vault.exe:ASUS Data Security Manager
"{72568E0A-6048-443A-9BDD-BD574FD0AED7}"= TCP:C:\Program Files\ASUS\ASUS Data Security Manager\My_Vault.exe:ASUS Data Security Manager
"TCP Query User{9716E324-6959-4323-A047-5DFCF9FB5DD1}C:\\windows\\system32\\dplaysvr.exe"= UDP:C:\windows\system32\dplaysvr.exe:Microsoft DirectPlay-Helfer
"UDP Query User{03A919B4-ED05-4EA8-A2D5-A0F0A910178A}C:\\windows\\system32\\dplaysvr.exe"= TCP:C:\windows\system32\dplaysvr.exe:Microsoft DirectPlay-Helfer
"TCP Query User{A96B906E-E413-4F83-BB7B-A42A9090F8A0}G:\\warcraft3\\war3.exe"= UDP:G:\warcraft3\war3.exe:Warcraft III
"UDP Query User{82CDCB25-5AC8-4A6D-9398-3927015D7250}G:\\warcraft3\\war3.exe"= TCP:G:\warcraft3\war3.exe:Warcraft III
"TCP Query User{12AC7446-3B6A-4CA3-A724-0EA2490BF57A}C:\\program files\\java\\jre6\\bin\\java.exe"= UDP:C:\program files\java\jre6\bin\java.exe:Java(TM) Platform SE binary
"UDP Query User{743B3F9F-76E6-4A22-A698-D77D91A5055A}C:\\program files\\java\\jre6\\bin\\java.exe"= TCP:C:\program files\java\jre6\bin\java.exe:Java(TM) Platform SE binary
"TCP Query User{22F0581E-139E-436F-8C48-0D32577B8B69}C:\\program files\\mozilla firefox\\firefox.exe"= UDP:C:\program files\mozilla firefox\firefox.exe:Firefox
"UDP Query User{747F1413-7719-40F1-B24A-E17E7AC6ACC5}C:\\program files\\mozilla firefox\\firefox.exe"= TCP:C:\program files\mozilla firefox\firefox.exe:Firefox
"TCP Query User{35B67913-36FA-4DFF-BBFF-C92699198CDE}C:\\program files\\java\\jre6\\bin\\java.exe"= UDP:C:\program files\java\jre6\bin\java.exe:Java(TM) Platform SE binary
"UDP Query User{F938D3FA-BD2E-48D2-99F4-EAA8CD8DA1D4}C:\\program files\\java\\jre6\\bin\\java.exe"= TCP:C:\program files\java\jre6\bin\java.exe:Java(TM) Platform SE binary
"TCP Query User{A288BE2B-F0DC-410A-97AA-073A7F6AD869}C:\\program files\\icq6.5\\icq.exe"= UDP:C:\program files\icq6.5\icq.exe:ICQ
"UDP Query User{DB88CEC1-2261-4154-9D03-D181B5ADEB18}C:\\program files\\icq6.5\\icq.exe"= TCP:C:\program files\icq6.5\icq.exe:ICQ
"TCP Query User{1E2ECEC6-AC26-4E20-91A4-E95DFFE5DF21}C:\\windows\\system32\\java.exe"= UDP:C:\windows\system32\java.exe:Java(TM) Platform SE binary
"UDP Query User{83852CA4-BDE3-4A50-871B-336DAC6382F7}C:\\windows\\system32\\java.exe"= TCP:C:\windows\system32\java.exe:Java(TM) Platform SE binary
"TCP Query User{FC97A438-0191-4B03-853C-A00E5546DCF9}C:\\program files\\icq6.5\\icq.exe"= UDP:C:\program files\icq6.5\icq.exe:ICQ
"UDP Query User{ABE4D635-817A-42AF-9C3C-9EE8DDEAE9CF}C:\\program files\\icq6.5\\icq.exe"= TCP:C:\program files\icq6.5\icq.exe:ICQ
"{7CBD179E-6E95-4378-962E-3173CDE6C8AB}"= UDP:C:\Program Files\uTorrent\uTorrent.exe:µTorrent (TCP-In)
"{A7DE481C-0294-4A07-B5A9-C9BCA0BA9446}"= TCP:C:\Program Files\uTorrent\uTorrent.exe:µTorrent (UDP-In)
"TCP Query User{7FA8324E-3DD0-4D5F-B8AB-7B28876B002A}C:\\users\\******\\desktop\\vavle\\hl.exe"= UDP:C:\users\*****\desktop\vavle\hl.exe:hl.exe
"UDP Query User{BE0E1ABD-CCDD-4668-BCCA-4EF44D0ECDDD}C:\\users\\******\\desktop\\vavle\\hl.exe"= TCP:C:\users\******\desktop\vavle\hl.exe:hl.exe
"TCP Query User{3790F917-97E8-4C1D-B2C8-71F2DD5BB90F}D:\\program files\\call of duty 2\\cod2mp_s.exe"= UDP:D:\program files\call of duty 2\cod2mp_s.exe:CoD2MP_s
"UDP Query User{3557C2D1-D81D-4D84-94BD-58D526B8CF66}D:\\program files\\call of duty 2\\cod2mp_s.exe"= TCP:D:\program files\call of duty 2\cod2mp_s.exe:CoD2MP_s
"TCP Query User{FC3DCA5E-3FAE-4014-8ADE-82296AD5DABA}D:\\program files\\vavle\\hl.exe"= UDP:D:\program files\vavle\hl.exe:Half-Life Launcher
"UDP Query User{AAB3CC1D-AB05-4B22-BDE4-CAD5CCB81385}D:\\program files\\vavle\\hl.exe"= TCP:D:\program files\vavle\hl.exe:Half-Life Launcher
"TCP Query User{0B77E371-743D-45E5-98FE-CCC264AA1721}D:\\program files\\vavle\\hl.exe"= UDP:D:\program files\vavle\hl.exe:Half-Life Launcher
"UDP Query User{84025D87-6BDC-48C1-878C-C5662467EA9C}D:\\program files\\vavle\\hl.exe"= TCP:D:\program files\vavle\hl.exe:Half-Life Launcher
"TCP Query User{2308F046-5063-4FCF-AC07-E0296D33ACAD}D:\\program files\\company of heroes\\reliccoh.exe"= UDP:D:\program files\company of heroes\reliccoh.exe:RelicCOH
"UDP Query User{0987DD41-2D81-4E39-B781-9B7470EB1614}D:\\program files\\company of heroes\\reliccoh.exe"= TCP:D:\program files\company of heroes\reliccoh.exe:RelicCOH
"TCP Query User{20A507F2-71E7-4BC9-B27D-2C2E30F0F688}D:\\program files\\call of duty 4 modern warfare\\iw3mp.exe"= UDP:D:\program files\call of duty 4 modern warfare\iw3mp.exe:iw3mp
"UDP Query User{28C69EA6-250D-4C55-BEB7-21C4AB7241CF}D:\\program files\\call of duty 4 modern warfare\\iw3mp.exe"= TCP:D:\program files\call of duty 4 modern warfare\iw3mp.exe:iw3mp
"TCP Query User{C6FF5ACC-5165-436F-B1E0-B907737C1DAF}C:\\program files\\common files\\ahead\\nero web\\setupx.exe"= UDP:C:\program files\common files\ahead\nero web\setupx.exe:MSI starter
"UDP Query User{02CB3F42-83E5-4EB7-A081-A1FF5FE488D3}C:\\program files\\common files\\ahead\\nero web\\setupx.exe"= TCP:C:\program files\common files\ahead\nero web\setupx.exe:MSI starter
"TCP Query User{F50B6C66-6073-4CBE-9389-6460B8EEDD8B}C:\\program files\\utorrent\\utorrent.exe"= UDP:C:\program files\utorrent\utorrent.exe:µTorrent
"UDP Query User{C9D69892-9448-4ED0-93B1-B759478B3054}C:\\program files\\utorrent\\utorrent.exe"= TCP:C:\program files\utorrent\utorrent.exe:µTorrent
"{F1C2D702-3A05-40CB-8707-C04B1D6FC012}"= UDP:C:\Users\*****\Downloads\utorrent-182.exe:µTorrent (TCP-In)
"{3EDB848B-85A6-4104-8220-585CC1BCDC13}"= TCP:C:\Users\******\Downloads\utorrent-182.exe:µTorrent (UDP-In)
"TCP Query User{F821F98E-5DCF-4CBE-92AD-F76F895B64E7}C:\\windows\\system32\\dplaysvr.exe"= UDP:C:\windows\system32\dplaysvr.exe:Microsoft DirectPlay-Helfer
"UDP Query User{4CE5EF89-6FB6-4EA7-BB84-043F69003D25}C:\\windows\\system32\\dplaysvr.exe"= TCP:C:\windows\system32\dplaysvr.exe:Microsoft DirectPlay-Helfer
"TCP Query User{63E1913B-C3A2-4602-B4BA-E169BE8EC3CE}C:\\users\\******\\downloads\\utorrent-182.exe"= UDP:C:\users\******\downloads\utorrent-182.exe:utorrent-182.exe
"UDP Query User{67BA2C3E-81DC-4A61-AE52-6201B423895F}C:\\users\\******\\downloads\\utorrent-182.exe"= TCP:C:\users\******\downloads\utorrent-182.exe:utorrent-182.exe
"TCP Query User{D6D01BC2-332F-40A2-B66A-159B46DC9B3E}D:\\program files\\left 4 dead\\left4dead.exe"= UDP:D:\program files\left 4 dead\left4dead.exe:left4dead
"UDP Query User{E68D00DC-A0FB-4111-A010-264AEDD361E6}D:\\program files\\left 4 dead\\left4dead.exe"= TCP:D:\program files\left 4 dead\left4dead.exe:left4dead
"TCP Query User{D2E2F220-3B7B-4013-AAF6-15A3FF6A7462}C:\\program files\\garena\\garena.exe"= UDP:C:\program files\garena\garena.exe:Garena
"UDP Query User{0DADC51A-A717-4864-B32A-1414150BC6C6}C:\\program files\\garena\\garena.exe"= TCP:C:\program files\garena\garena.exe:Garena
"TCP Query User{897BA663-E523-4620-9FE3-97213EF99132}D:\\program files\\left 4 dead\\left4dead.exe"= UDP:D:\program files\left 4 dead\left4dead.exe:left4dead
"UDP Query User{40839F51-3923-43CB-8D92-AABBAC858D9E}D:\\program files\\left 4 dead\\left4dead.exe"= TCP:D:\program files\left 4 dead\left4dead.exe:left4dead
"TCP Query User{FB30607A-1015-4BA6-B390-79278660D073}H:\\******\\spiele\\warcraft iii\\war3.exe"= UDP:H:\*******\spiele\warcraft iii\war3.exe:Warcraft III
"UDP Query User{7C8DEFA6-5AAB-4560-84CC-BD319E63873E}H:\\*******\\spiele\\warcraft iii\\war3.exe"= TCP:H:\******\spiele\warcraft iii\war3.exe:Warcraft III
"TCP Query User{B262C078-0902-4711-A6C4-FB241741C42A}D:\\program files\\videolan\\vlc\\vlc.exe"= UDP:D:\program files\videolan\vlc\vlc.exe:VLC media player
"UDP Query User{F2822C2F-4AF9-4762-9951-A1667A4D89AE}D:\\program files\\videolan\\vlc\\vlc.exe"= TCP:D:\program files\videolan\vlc\vlc.exe:VLC media player
"TCP Query User{B1F14886-BA9D-4F10-A8C4-E67F1B72A5C8}C:\\users\\*******\\downloads\\teeworlds-0.5.1-win32\\teeworlds_srv.exe"= UDP:C:\users\******\downloads\teeworlds-0.5.1-win32\teeworlds_srv.exe:teeworlds_srv.exe
"UDP Query User{759BF7AE-61B1-4C43-98B5-9807DDE25597}C:\\users\\*******\\downloads\\teeworlds-0.5.1-win32\\teeworlds_srv.exe"= TCP:C:\users\*******\downloads\teeworlds-0.5.1-win32\teeworlds_srv.exe:teeworlds_srv.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"DoNotAllowExceptions"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"DoNotAllowExceptions"= 0 (0x0)
R2 AntiVirSchedulerService;Avira AntiVir Planer;C:\Program Files\Avira\AntiVir Desktop\sched.exe [10.04.2009 12:12:31 108289]
R2 litsgt;litsgt;C:\Windows\System32\drivers\litsgt.sys [13.05.2009 13:25:57 137344]
R2 tansgt;tansgt;C:\Windows\System32\drivers\tansgt.sys [13.05.2009 13:25:43 12032]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [05.09.2009 19:26:53 173056]
S2 gupdate1c9ca949dd28fd7;Google Update Service (gupdate1c9ca949dd28fd7);C:\Program Files\Google\Update\GoogleUpdate.exe [01.05.2009 21:39:59 133104]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"C:\Program Files\Common Files\LightScribe\LSRunOnce.exe"
.
Inhalt des "geplante Tasks" Ordners
2009-09-24 C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
- C:\Program Files\Google\Update\GoogleUpdate.exe [2009-05-01 19:39:59 . 2009-05-01 19:39:48]
2009-09-24 C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
- C:\Program Files\Google\Update\GoogleUpdate.exe [2009-05-01 19:39:59 . 2009-05-01 19:39:48]
.
.
Geändert von spucky (24.09.2009 um 20:35 Uhr) |
| Themen zu Hijack This log bitte überprüfen |
| antivir, antivir guard, ask toolbar, avg, avira, bho, desktop, excel, fehlermeldung, firefox, google, gservice, gupdate, hijack, hijack this, hijackthis, internet, internet explorer, logfile, mozilla, mp3, plug-in, realtek, rundll, saver, screensaver, security, software, system, tuneup.defrag, vista, windows |
Baum-Darstellung