Internet Explorer startet ohne Aufforderung

Handyman1983 · 19.10.2009, 10:53

Hier meine Report's.

SDFix:

Code:

ATTFilter

SDFix: Version 1.240 
Run by Administrator on 18.10.2009 at 21:48

Microsoft Windows XP [Version 5.1.2600]
Running From: C:\SDFix

Checking Services :


Restoring Default Security Values
Restoring Default Hosts File

Rebooting


Checking Files : 

Trojan Files Found:

C:\WINDOWS\system32\msxml71.dll - Deleted

Removing Temp Files

ADS Check :
 

                                 Final Check :

catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-10-18 22:19:15
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\00027241a5f3]
"001edc2aec38"=hex:5d,4d,74,4e,38,2e,db,e4,08,15,57,03,52,6c,dc,e6
"00180fd4e4af"=hex:f8,04,b7,84,37,fb,6e,9a,d7,f8,e9,71,1f,60,81,49
"002403c6d49b"=hex:f2,63,94,41,ba,60,f5,4a,52,c5,04,a8,d6,ad,5c,47
"001cd477a609"=hex:42,c2,d9,39,8f,ea,81,93,17,53,33,47,fb,a0,b7,98
"0021d2fd3ff2"=hex:f7,c8,72,df,cb,24,37,08,c4,47,19,86,c3,52,8c,c1
"002345774daa"=hex:50,a1,59,fe,ab,90,91,e4,94,44,2b,d3,e9,67,d4,d6
"00233a685e2b"=hex:fb,44,43,cf,d8,a4,85,a4,d5,71,bd,80,39,c3,04,ab
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Vax347s\Config\jdgg40]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\00027241a5f3]
"001edc2aec38"=hex:5d,4d,74,4e,38,2e,db,e4,08,15,57,03,52,6c,dc,e6
"00180fd4e4af"=hex:f8,04,b7,84,37,fb,6e,9a,d7,f8,e9,71,1f,60,81,49
"002403c6d49b"=hex:f2,63,94,41,ba,60,f5,4a,52,c5,04,a8,d6,ad,5c,47
"001cd477a609"=hex:42,c2,d9,39,8f,ea,81,93,17,53,33,47,fb,a0,b7,98
"0021d2fd3ff2"=hex:f7,c8,72,df,cb,24,37,08,c4,47,19,86,c3,52,8c,c1
"002345774daa"=hex:50,a1,59,fe,ab,90,91,e4,94,44,2b,d3,e9,67,d4,d6
"00233a685e2b"=hex:fb,44,43,cf,d8,a4,85,a4,d5,71,bd,80,39,c3,04,ab

scanning hidden registry entries ...

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E9F81423-211E-46B6-9AE0-38568BC5CF6F}]
"DisplayName"="Alcohol 120%"

scanning hidden files ...

C:\Dokumente und Einstellungen\Administrator\Cookies\administrator@ad.yieldmanager[1].txt

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 1


Remaining Services :

Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Programme\\Trillian\\trillian.exe"="C:\\Programme\\Trillian\\trillian.exe:*:Enabled:Trillian"
"C:\\Programme\\uTorrent\\uTorrent.exe"="C:\\Programme\\uTorrent\\uTorrent.exe:*:Enabled:æTorrent"
"›['|?›"="›['|?›:*:Enabled:Nod42 Service"
"C:\\Programme\\Pinnacle\\Shared Files\\Programs\\StrmServer\\StrmServer.exe"="C:\\Programme\\Pinnacle\\Shared Files\\Programs\\StrmServer\\StrmServer.exe:LocalSubNet:Enabled:Pinnacle Streaming Server"
"C:\\WINDOWS\\system32\\PnkBstrA.exe"="C:\\WINDOWS\\system32\\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\\WINDOWS\\system32\\PnkBstrB.exe"="C:\\WINDOWS\\system32\\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\\Programme\\Gemeinsame Dateien\\aol\\Loader\\aolload.exe"="C:\\Programme\\Gemeinsame Dateien\\aol\\Loader\\aolload.exe:*:Enabled:AOL Loader"
"C:\\Programme\\AIM6\\aim6.exe"="C:\\Programme\\AIM6\\aim6.exe:*:Enabled:AIM"
"C:\\Programme\\AIM\\aim.exe"="C:\\Programme\\AIM\\aim.exe:*:Enabled:AIM"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

Remaining Files :

File Backups: - C:\SDFix\backups\backups.zip

Files with Hidden Attributes :

Mon 26 Jan 2009     1,740,632 A.SHR --- "C:\Programme\Spybot - Search & Destroy\SDUpdate.exe"
Mon 26 Jan 2009     5,365,592 A.SHR --- "C:\Programme\Spybot - Search & Destroy\SpybotSD.exe"
Thu  5 Mar 2009     2,260,480 A.SHR --- "C:\Programme\Spybot - Search & Destroy\TeaTimer.exe"
Wed  3 May 2006       163,328 ..SHR --- "C:\WINDOWS\system32\flvDX.dll"
Fri 28 Aug 2009         1,056 A.SH. --- "C:\WINDOWS\system32\KGyGaAvL.sys"
Wed 21 Feb 2007        31,232 ..SHR --- "C:\WINDOWS\system32\msfDX.dll"
Sun 16 Mar 2008       216,064 ..SHR --- "C:\WINDOWS\system32\nbDX.dll"
Sun 26 Jun 2005       616,448 ..SHR --- "C:\Programme\eRightSoft\SUPER\cygwin1.dll"
Tue 21 Jun 2005        45,568 ..SHR --- "C:\Programme\eRightSoft\SUPER\cygz.dll"
Mon 27 Apr 2009        90,624 ..SHR --- "C:\Programme\eRightSoft\SUPER\Setup.exe"
Mon 20 Oct 2008        17,471 A.SHR --- "C:\Programme\eRightSoft\SUPER\_Setup.dll"
Tue  4 Jun 2002        84,992 ...HR --- "C:\Programme\eRightSoft\SUPER\mencoder\14_43260.dll"
Tue  4 Jun 2002        44,032 ...HR --- "C:\Programme\eRightSoft\SUPER\mencoder\28_83260.dll"
Tue 10 Dec 2002        73,766 ...HR --- "C:\Programme\eRightSoft\SUPER\mencoder\atrc3260.dll"
Tue 10 Dec 2002        65,575 ...HR --- "C:\Programme\eRightSoft\SUPER\mencoder\cook3260.dll"
Sun  9 Jun 2002        36,864 ...HR --- "C:\Programme\eRightSoft\SUPER\mencoder\ddnt3260.dll"
Tue  4 Jun 2002        20,480 ...HR --- "C:\Programme\eRightSoft\SUPER\mencoder\dnet3260.dll"
Tue 10 Dec 2002       102,437 ...HR --- "C:\Programme\eRightSoft\SUPER\mencoder\drv13260.dll"
Tue 10 Dec 2002       176,165 ...HR --- "C:\Programme\eRightSoft\SUPER\mencoder\drv23260.dll"
Tue 10 Dec 2002       208,935 ...HR --- "C:\Programme\eRightSoft\SUPER\mencoder\drv33260.dll"
Tue 10 Dec 2002       217,127 ...HR --- "C:\Programme\eRightSoft\SUPER\mencoder\drv43260.dll"
Sun  9 Jun 2002        40,448 ...HR --- "C:\Programme\eRightSoft\SUPER\mencoder\dspr3260.dll"
Sun  4 Nov 2001       225,280 ...HR --- "C:\Programme\eRightSoft\SUPER\mencoder\ivvideo.dll"
Tue 10 Apr 2001       225,280 ...HR --- "C:\Programme\eRightSoft\SUPER\mencoder\qtmlClient.dll"
Fri 20 Feb 2004       232,960 ...HR --- "C:\Programme\eRightSoft\SUPER\mencoder\raac.dll"
Sun  9 Jun 2002       525,824 ...HR --- "C:\Programme\eRightSoft\SUPER\mencoder\rnco3260.dll"
Tue 10 Dec 2002       245,805 ...HR --- "C:\Programme\eRightSoft\SUPER\mencoder\rnlt3260.dll"
Tue 10 Dec 2002        45,093 ...HR --- "C:\Programme\eRightSoft\SUPER\mencoder\rv103260.dll"
Tue 10 Dec 2002        98,341 ...HR --- "C:\Programme\eRightSoft\SUPER\mencoder\rv203260.dll"
Tue 10 Dec 2002        94,247 ...HR --- "C:\Programme\eRightSoft\SUPER\mencoder\rv303260.dll"
Tue 10 Dec 2002        90,151 ...HR --- "C:\Programme\eRightSoft\SUPER\mencoder\rv403260.dll"
Tue 10 Dec 2002       102,439 ...HR --- "C:\Programme\eRightSoft\SUPER\mencoder\sipr3260.dll"
Sun  9 Jun 2002        49,152 ...HR --- "C:\Programme\eRightSoft\SUPER\mencoder\tokr3260.dll"
Thu 20 Mar 2008         5,632 ..SHR --- "C:\Programme\eRightSoft\SUPER\spk\1stRun.exe"
Mon 13 Nov 2006       319,456 A..H. --- "C:\Programme\Gemeinsame Dateien\Motorola Shared\MotPCSDrivers\difxapi.dll"

Finished!

Internet Explorer startet ohne Aufforderung

Log-Analyse und Auswertung: Internet Explorer startet ohne Aufforderung

Internet Explorer startet ohne Aufforderung

Ähnliche Themen: Internet Explorer startet ohne Aufforderung