Malware URL: dynamicdialogs.alert.conduit-services.com/alert

XHQ · 16.05.2011, 13:12

hi coverflow!,danke das du mir hilft

!,

zu 1. => HijackThis 2.0.4 - Logfile <=

Code:

ATTFilter


HiJackthis Logfile:

	Code: 

 ATTFilter

  
	Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:58:05, on 16.05.2011
Platform: Windows 7  (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16766)
Boot mode: Normal

Running processes:
C:\PROGRA~2\eScan\TRAYICOS.EXE
C:\PROGRA~2\eScan\MAILDISP.EXE
C:\PROGRA~2\eScan\Vista\eScanMon.exe
C:\PROGRA~2\ESCAN\SPOOLER.EXE
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.babylon.com/home?AF=11534
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer bereitgestellt von ARLT Computer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) -  - (no file)
R3 - URLSearchHook: (no name) - {26647ca4-a2a7-4eac-8a72-761aa9141de7} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: (no name) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - (no file)
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Free YouTube Download - C:\Users\Marc\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Marc\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O9 - Extra button: Virtuelle Tastatur - {54848076-14D0-45E7-851E-CAF7EF0125F1} - C:\PROGRA~2\eScan\VKBoard.exe
O9 - Extra 'Tools' menuitem: Virtuelle Tastatur - {54848076-14D0-45E7-851E-CAF7EF0125F1} - C:\PROGRA~2\eScan\VKBoard.exe
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files (x86)\PokerStars.NET\PokerStarsUpdate.exe
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: eConServ (EconService) - MicroWorld Technologies Inc. - c:\progra~2\escan\EconSer.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: eScan Monitor Service - MicroWorld Technologies Inc. - C:\PROGRA~3\MICROW~1\eScanBD\avpmapp.exe
O23 - Service: eScan Server-Updater (eScan-trayicos) - MicroWorld Technologies Inc. - C:\PROGRA~2\eScan\TRAYSSER.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MWAgent - MicroWorld Technologies Inc. - C:\PROGRA~2\COMMON~1\MICROW~1\Agent\MWASER.EXE
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8689 bytes
         
 --- --- ---

zu 2. => System-Dateien und -Ordner unter XP und Vista sichtbar machen <=

zu 3. => hjtscanlist.txt <=

Code:

ATTFilter

                        $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ 
                        º                                    º 
                                    hjtscanlist v2.0              
                        º                                    º 
                        $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ 

Microsoft Windows [Version 6.1.7600]
 
 
C:

  16.05.2011 13:57     C:\FBackup --------- 1835008   
  16.05.2011 13:55     C:\Program Files (x86) --------- 24576   
  16.05.2011 13:55     C:\System Volume Information --------- 20480   
  16.05.2011 12:02     C:\Windows --------- 28672   
       C:\pagefile.sys ---------    
       C:\hiberfil.sys ---------    
  15.05.2011 18:56     C:\WarRock.ini --------- 1697   
  07.05.2011 23:02     C:\ProgramData --------- 12288   
  04.04.2011 15:30     C:\Program Files --------- 8192   
  29.12.2010 00:34     C:\Nexon --------- 0   
  29.12.2010 00:34     C:\Download --------- 0   
  20.12.2010 17:16     C:\CFLog --------- 0   
  12.12.2010 02:45     C:\Users --------- 4096   
  05.12.2010 16:13     C:\$Recycle.Bin --------- 4096   
  22.10.2010 21:21     C:\msofficesetup2k10 --------- 0   
  22.10.2010 21:18     C:\Recovery --------- 0   
  22.10.2010 21:18     C:\Programme --------- 0   
  22.10.2010 21:18     C:\Dokumente und Einstellungen --------- 0   
  23.09.2009 09:51     C:\BOOTSECT.BAK --------- 8192   
  23.09.2009 09:51     C:\Boot --------- 4096   
  14.07.2009 07:08     C:\Documents and Settings --------- 0   
  14.07.2009 05:20     C:\PerfLogs --------- 0   
  14.07.2009 03:38     C:\bootmgr --------- 383562   
----------------------------------------

 
C:\Windows

  16.05.2011 13:07     C:\Windows\win.ini --------- 3389   
  16.05.2011 13:07     C:\Windows\bootstat.dat --------- 67584   
  16.05.2011 12:14     C:\Windows\ESCAN.LOG --------- 7553   
  16.05.2011 14:00     C:\Windows\WindowsUpdate.log --------- 1637800   
  16.05.2011 12:02     C:\Windows\frights.log --------- 50   
  16.05.2011 12:02     C:\Windows\setuperr.log --------- 0   
  16.05.2011 12:02     C:\Windows\setupact.log --------- 56   
  16.05.2011 12:01     C:\Windows\PFRO.log --------- 1770   
  30.04.2011 01:10     C:\Windows\REGBK01.ZIP --------- 14791776   
  17.04.2011 18:51     C:\Windows\tpl.cfg --------- 3141   
  17.04.2011 18:50     C:\Windows\ISISAIHP.INI --------- 1759   
  17.04.2011 18:50     C:\Windows\ISISAIM.INI --------- 542   
  11.04.2011 17:08     C:\Windows\escan.dbf --------- 29   
  11.04.2011 15:07     C:\Windows\WSSPORDx.DAT --------- 9420   
  11.04.2011 15:07     C:\Windows\WSSPORD.DAT --------- 9420   
  11.04.2011 14:54     C:\Windows\REGBK00.ZIP --------- 14749063   
  11.04.2011 14:52     C:\Windows\WIN.PRO --------- 20   
  11.04.2011 14:52     C:\Windows\eScan.BAT --------- 42   
  11.04.2011 14:52     C:\Windows\sporder.exe.manifest --------- 602   
  11.04.2011 14:52     C:\Windows\winsbak2.reg --------- 143160   
  11.04.2011 14:52     C:\Windows\winsbak.reg --------- 3956   
  26.02.2011 08:23     C:\Windows\explorer.exe --------- 2870272   
  02.01.2011 02:11     C:\Windows\vpd.properties --------- 0   
  28.12.2010 19:14     C:\Windows\NEXON_EU_DownloaderUpdater.exe --------- 446464   
  17.11.2010 18:22     C:\Windows\killproc.exe --------- 145928   
  17.11.2010 18:22     C:\Windows\inst_tspx.exe --------- 249352   
  17.11.2010 18:22     C:\Windows\inst_tsp.exe --------- 174600   
  10.11.2010 02:28     C:\Windows\WLXPGSS.SCR --------- 301936   
  26.10.2010 21:55     C:\Windows\T”ý --------- 20   
  22.10.2010 22:37     C:\Windows\diagwrn.xml --------- 2562   
  22.10.2010 22:37     C:\Windows\diagerr.xml --------- 1908   
  22.10.2010 22:24     C:\Windows\nsreg.dat --------- 0   
  23.04.2010 20:55     C:\Windows\atiogl.xml --------- 21290   
  23.09.2009 09:54     C:\Windows\ativpsrm.bin --------- 0   
  22.07.2009 22:39     C:\Windows\sporder.exe --------- 13056   
  15.07.2009 19:08     C:\Windows\sporder.dll --------- 13840   
  14.07.2009 06:54     C:\Windows\WindowsShell.Manifest --------- 749   
  14.07.2009 03:39     C:\Windows\write.exe --------- 10240   
  14.07.2009 03:39     C:\Windows\splwow64.exe --------- 61952   
  14.07.2009 03:39     C:\Windows\regedit.exe --------- 427008   
  14.07.2009 03:39     C:\Windows\notepad.exe --------- 193536   
  14.07.2009 03:39     C:\Windows\HelpPane.exe --------- 733696   
  14.07.2009 03:39     C:\Windows\hh.exe --------- 16896   
  14.07.2009 03:39     C:\Windows\fveupdate.exe --------- 15360   
  14.07.2009 03:38     C:\Windows\bfsvc.exe --------- 71168   
  14.07.2009 03:16     C:\Windows\twain_32.dll --------- 51200   
  14.07.2009 03:14     C:\Windows\winhlp32.exe --------- 9728   
  14.07.2009 03:14     C:\Windows\twunk_32.exe --------- 31232   
  14.07.2009 01:06     C:\Windows\mib.bin --------- 43131   
  10.06.2009 23:41     C:\Windows\twunk_16.exe --------- 49680   
  10.06.2009 23:41     C:\Windows\twain.dll --------- 94784   
  10.06.2009 23:08     C:\Windows\system.ini --------- 219   
  10.06.2009 22:52     C:\Windows\WMSysPr9.prx --------- 316640   
  10.06.2009 22:36     C:\Windows\msdfmap.ini --------- 1405   
  10.06.2009 22:31     C:\Windows\Starter.xml --------- 48201   
  10.06.2009 22:30     C:\Windows\HomePremium.xml --------- 48265   
  24.11.2008 12:00     C:\Windows\WMSysPr8.prx --------- 156910   
  17.12.1997 19:33     C:\Windows\IsUninst.exe --------- 304128   
----------------------------------------

 
C:\Windows\System

----------------------------------------

 
C:\Windows\System32

 16.05.2011 14:02     C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 --------- 14608  
 16.05.2011 14:02     C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 --------- 14608  
 16.05.2011 13:58     C:\Windows\system32\Tasks --------- 4096  
 16.05.2011 13:57     C:\Windows\system32\config --------- 28672  
 16.05.2011 12:08     C:\Windows\system32\perfh009.dat --------- 616348  
 16.05.2011 12:08     C:\Windows\system32\perfc009.dat --------- 106728  
 16.05.2011 12:08     C:\Windows\system32\perfh007.dat --------- 655802  
 16.05.2011 12:08     C:\Windows\system32\perfc007.dat --------- 130434  
 16.05.2011 12:08     C:\Windows\system32\PerfStringBackup.INI --------- 1498506  
 15.05.2011 22:14     C:\Windows\system32\drivers --------- 81920  
 15.05.2011 21:34     C:\Windows\system32\catroot2 --------- 16384  
 12.05.2011 18:02     C:\Windows\system32\DriverStore --------- 8192  
 12.05.2011 17:19     C:\Windows\system32\MRT.exe --------- 44548040  
 11.05.2011 21:59     C:\Windows\system32\catroot --------- 4096  
 05.05.2011 20:24     C:\Windows\system32\wdi --------- 4096  
 28.04.2011 19:04     C:\Windows\system32\de-DE --------- 327680  
 16.04.2011 12:06     C:\Windows\system32\FNTCACHE.DAT --------- 276560  
 16.04.2011 00:04     C:\Windows\system32\migration --------- 4096  
 16.04.2011 00:04     C:\Windows\system32\Boot --------- 0  
 11.04.2011 14:58     C:\Windows\system32\test2.exe --------- 940552  
 09.04.2011 08:45     C:\Windows\system32\ntoskrnl.exe --------- 5509504  
 12.03.2011 14:03     C:\Windows\system32\XpsPrint.dll --------- 662528  
 11.03.2011 08:19     C:\Windows\system32\mfc42u.dll --------- 1359872  
 11.03.2011 08:19     C:\Windows\system32\mfc42.dll --------- 1395712  
 11.03.2011 08:18     C:\Windows\system32\esent.dll --------- 2566144  
 11.03.2011 08:15     C:\Windows\system32\fsutil.exe --------- 96768  
 08.03.2011 08:14     C:\Windows\system32\inetcomm.dll --------- 976896  
 07.03.2011 04:17     C:\Windows\system32\wfp --------- 0  
 07.03.2011 04:17     C:\Windows\system32\wbem --------- 65536  
 03.03.2011 08:17     C:\Windows\system32\dnsrslvr.dll --------- 182272  
 03.03.2011 08:17     C:\Windows\system32\dnsapi.dll --------- 356352  
 03.03.2011 08:14     C:\Windows\system32\dnscacheugc.exe --------- 30208  
 03.03.2011 05:58     C:\Windows\system32\win32k.sys --------- 3133440  
 24.02.2011 08:30     C:\Windows\system32\XpsGdiConverter.dll --------- 476160  
 24.02.2011 08:29     C:\Windows\system32\wininet.dll --------- 1197056  
 24.02.2011 08:28     C:\Windows\system32\urlmon.dll --------- 1499136  
 24.02.2011 08:25     C:\Windows\system32\mstime.dll --------- 1026560  
 24.02.2011 08:25     C:\Windows\system32\mshtmled.dll --------- 97280  
 24.02.2011 08:25     C:\Windows\system32\mshtml.dll --------- 9311744  
 24.02.2011 08:25     C:\Windows\system32\msfeedsbs.dll --------- 82944  
 24.02.2011 08:25     C:\Windows\system32\msfeeds.dll --------- 703488  
 24.02.2011 08:24     C:\Windows\system32\licmgr10.dll --------- 57856  
 24.02.2011 08:24     C:\Windows\system32\jsproxy.dll --------- 64512  
 24.02.2011 08:24     C:\Windows\system32\ieui.dll --------- 247808  
 24.02.2011 08:24     C:\Windows\system32\iertutil.dll --------- 2447872  
 24.02.2011 08:24     C:\Windows\system32\iepeers.dll --------- 256000  
 24.02.2011 08:24     C:\Windows\system32\ieframe.dll --------- 12369408  
 24.02.2011 08:24     C:\Windows\system32\iedkcs32.dll --------- 445952  
 24.02.2011 08:21     C:\Windows\system32\msfeedssync.exe --------- 12288  
 24.02.2011 07:05     C:\Windows\system32\html.iec --------- 482816  
 24.02.2011 06:24     C:\Windows\system32\mshtml.tlb --------- 1638912  
 21.02.2011 19:10     C:\Windows\system32\NDF --------- 0  
 19.02.2011 08:37     C:\Windows\system32\FntCache.dll --------- 1135104  
 19.02.2011 08:37     C:\Windows\system32\DWrite.dll --------- 1540608  
 19.02.2011 08:36     C:\Windows\system32\d2d1.dll --------- 902656  
 19.02.2011 08:36     C:\Windows\system32\atmlib.dll --------- 46080  
 19.02.2011 06:13     C:\Windows\system32\atmfd.dll --------- 367104  
 18.02.2011 08:37     C:\Windows\system32\vbscript.dll --------- 612352  
 18.02.2011 08:36     C:\Windows\system32\jscript.dll --------- 852480  
 18.02.2011 08:33     C:\Windows\system32\prevhost.exe --------- 31232  
 12.02.2011 08:14     C:\Windows\system32\FXSCOVER.exe --------- 267776  
 05.02.2011 14:41     C:\Windows\system32\winresume.efi --------- 556928  
 05.02.2011 14:41     C:\Windows\system32\winload.efi --------- 640896  
 05.02.2011 14:41     C:\Windows\system32\kdusb.dll --------- 20352  
 05.02.2011 14:41     C:\Windows\system32\kd1394.dll --------- 19328  
 05.02.2011 14:41     C:\Windows\system32\kdcom.dll --------- 17792  
 05.02.2011 14:39     C:\Windows\system32\winresume.exe --------- 518160  
 05.02.2011 14:39     C:\Windows\system32\winload.exe --------- 603976  
 02.02.2011 18:11     C:\Windows\system32\MpSigStub.exe --------- 270720  
 26.01.2011 08:31     C:\Windows\system32\cdd.dll --------- 144384  
 23.12.2010 08:07     C:\Windows\system32\sbe.dll --------- 1118720  
 23.12.2010 08:07     C:\Windows\system32\CPFilters.dll --------- 961024  
 23.12.2010 08:07     C:\Windows\system32\EncDec.dll --------- 723968  
 23.12.2010 08:02     C:\Windows\system32\mpg2splt.ax --------- 259072  
 21.12.2010 08:16     C:\Windows\system32\wscsvc.dll --------- 97280  
 21.12.2010 08:16     C:\Windows\system32\wscapi.dll --------- 62976  
 21.12.2010 08:16     C:\Windows\system32\winsrv.dll --------- 214016  
 21.12.2010 08:16     C:\Windows\system32\winhttp.dll --------- 442880  
 21.12.2010 08:16     C:\Windows\system32\WebClnt.dll --------- 258048  
 21.12.2010 08:15     C:\Windows\system32\upnp.dll --------- 264192  
 21.12.2010 08:15     C:\Windows\system32\slwga.dll --------- 15360  
 21.12.2010 08:13     C:\Windows\system32\msxml6.dll --------- 2003968  
 21.12.2010 08:13     C:\Windows\system32\msxml3.dll --------- 1880576  
 21.12.2010 08:10     C:\Windows\system32\davclnt.dll --------- 100864  
 18.12.2010 08:12     C:\Windows\system32\mstscax.dll --------- 3138048  
 18.12.2010 08:11     C:\Windows\system32\kerberos.dll --------- 714752  
 18.12.2010 08:08     C:\Windows\system32\mstsc.exe --------- 1097216  
 26.11.2010 23:05     C:\Windows\system32\LogFiles --------- 4096  
 17.11.2010 18:23     C:\Windows\system32\mwtsp.dll --------- 687624  
 17.11.2010 18:21     C:\Windows\system32\mwnsp.dll --------- 221704  
 17.11.2010 18:20     C:\Windows\system32\contfilt.dll --------- 2161672  
 17.11.2010 18:18     C:\Windows\system32\BACKUP.76029037.test2.exe --------- 907784  
 02.11.2010 07:18     C:\Windows\system32\XpsRasterService.dll --------- 229888  
 02.11.2010 07:18     C:\Windows\system32\wmicmiplugin.dll --------- 524288  
 02.11.2010 07:17     C:\Windows\system32\taskschd.dll --------- 1169408  
 02.11.2010 07:17     C:\Windows\system32\taskcomp.dll --------- 473600  
 02.11.2010 07:16     C:\Windows\system32\schedsvc.dll --------- 1114624  
 02.11.2010 07:12     C:\Windows\system32\d3d10warp.dll --------- 1837568  
 02.11.2010 07:12     C:\Windows\system32\d3d10_1core.dll --------- 320512  
 02.11.2010 07:12     C:\Windows\system32\d3d10_1.dll --------- 197120  
----------------------------------------

 
C:\Windows\Prefetch

----------------------------------------

 
C:\Windows\Tasks

 16.05.2011 12:02     C:\Windows\Tasks\SA.DAT --------- 6  
 03.04.2011 11:59     C:\Windows\Tasks\SCHEDLGU.TXT --------- 32640  
----------------------------------------

 
C:\Windows\Temp

----------------------------------------

 
C:\Users\Marc\AppData\Local\Temp

 16.05.2011 14:01     C:\Users\Marc\AppData\Local\Temp\LogWrite.LOG --------- 0  
 16.05.2011 13:58     C:\Users\Marc\AppData\Local\Temp\msdt --------- 0  
 16.05.2011 13:57     C:\Users\Marc\AppData\Local\Temp\PCW317D.xml --------- 760  
 16.05.2011 13:57     C:\Users\Marc\AppData\Local\Temp\PCW317D.tmp --------- 0  
 16.05.2011 13:52     C:\Users\Marc\AppData\Local\Temp\plugtmp --------- 8192  
 16.05.2011 12:03     C:\Users\Marc\AppData\Local\Temp\WPDNSE --------- 0  
 15.05.2011 22:14     C:\Users\Marc\AppData\Local\Temp\v3init2.log --------- 1781  
 15.05.2011 22:14     C:\Users\Marc\AppData\Local\Temp\VTMPO3736_2 --------- 74  
 15.05.2011 22:07     C:\Users\Marc\AppData\Local\Temp\DNSCache --------- 0  
 15.05.2011 17:56     C:\Users\Marc\AppData\Local\Temp\OOBE(20110515175610390).log --------- 4444  
 05.05.2011 20:27     C:\Users\Marc\AppData\Local\Temp\Low --------- 0  
 22.10.2010 21:22     C:\Users\Marc\AppData\Local\Temp\FXSAPIDebugLogFile.txt --------- 0  
----------------------------------------

 
C:\Program Files

 16.04.2011 00:04     C:\Program Files\Internet Explorer --------- 4096  
 20.02.2011 22:13     C:\Program Files\CCleaner --------- 0  
 29.01.2011 01:41     C:\Program Files\Babylon --------- 0  
 25.12.2010 21:14     C:\Program Files\Common Files --------- 4096  
 15.12.2010 19:06     C:\Program Files\Windows Mail --------- 4096  
 21.11.2010 20:01     C:\Program Files\WinRAR --------- 4096  
 23.10.2010 19:54     C:\Program Files\Windows Media Player --------- 4096  
 22.10.2010 22:54     C:\Program Files\ATI Technologies --------- 0  
 22.10.2010 21:21     C:\Program Files\ATI --------- 0  
 22.10.2010 21:18     C:\Program Files\Windows NT --------- 4096  
 22.10.2010 21:18     C:\Program Files\Gemeinsame Dateien --------- 0  
 22.10.2010 21:02     C:\Program Files\Realtek --------- 0  
 14.07.2009 20:18     C:\Program Files\DVD Maker --------- 4096  
 14.07.2009 20:18     C:\Program Files\Windows Journal --------- 4096  
 14.07.2009 20:18     C:\Program Files\Microsoft Games --------- 4096  
 14.07.2009 19:58     C:\Program Files\Windows Sidebar --------- 4096  
 14.07.2009 19:58     C:\Program Files\Windows Photo Viewer --------- 4096  
 14.07.2009 19:58     C:\Program Files\Windows Defender --------- 4096  
 14.07.2009 07:32     C:\Program Files\Windows Portable Devices --------- 0  
 14.07.2009 07:32     C:\Program Files\Reference Assemblies --------- 0  
 14.07.2009 07:32     C:\Program Files\MSBuild --------- 0  
 14.07.2009 07:09     C:\Program Files\Uninstall Information --------- 0  
 14.07.2009 06:54     C:\Program Files\desktop.ini --------- 174  
----------------------------------------

 
C:\ProgramData\.. 

Marc    
Default    
Public    
Default User    
All Users    
desktop.ini    
----------------------------------------

 
C:\Windows\system32\drivers\etc\hosts


----------------------------------------

 

Abbildname                     PID Sitzungsname       Sitz.-Nr. Speichernutzung
========================= ======== ================ =========== ===============
System Idle Process              0 Services                   0            24 K
System                           4 Services                   0        13.800 K
smss.exe                       280 Services                   0            72 K
csrss.exe                      408 Services                   0         1.884 K
wininit.exe                    472 Services                   0           156 K
csrss.exe                      496 Console                    1        10.520 K
services.exe                   528 Services                   0         7.776 K
lsass.exe                      544 Services                   0         8.884 K
lsm.exe                        552 Services                   0         1.256 K
winlogon.exe                   640 Console                    1         1.356 K
svchost.exe                    720 Services                   0         4.640 K
svchost.exe                    800 Services                   0         5.444 K
atiesrxx.exe                   860 Services                   0         1.032 K
svchost.exe                    972 Services                   0        14.852 K
svchost.exe                   1004 Services                   0       134.868 K
svchost.exe                    128 Services                   0        32.016 K
svchost.exe                    388 Services                   0        14.296 K
atieclxx.exe                  1056 Console                    1         1.848 K
svchost.exe                   1116 Services                   0        25.540 K
spoolsv.exe                   1344 Services                   0         3.924 K
svchost.exe                   1372 Services                   0         9.668 K
econser.exe                   1472 Services                   0           472 K
econceal.exe                  1528 Services                   0        27.460 K
avpmapp.exe                   1536 Services                   0        11.676 K
traysser.exe                  1560 Services                   0           356 K
svchost.exe                   1608 Services                   0        10.200 K
NBService.exe                 1700 Services                   0         1.632 K
CONSCTLX.EXE                  1776 Services                   0         1.604 K
PnkBstrA.exe                  1880 Services                   0         1.080 K
svchost.exe                   1948 Services                   0           784 K
svchost.exe                   1984 Services                   0         2.472 K
WLIDSVC.EXE                   1240 Services                   0         3.304 K
WLIDSVCM.EXE                  2120 Services                   0           132 K
WUDFHost.exe                  2596 Services                   0         1.220 K
svchost.exe                   2752 Services                   0         3.316 K
taskhost.exe                   124 Console                    1         5.096 K
taskeng.exe                   2460 Console                    1         1.488 K
dwm.exe                       2692 Console                    1        25.016 K
TRAYICOS.EXE                   964 Console                    1         1.552 K
explorer.exe                  1824 Console                    1        66.236 K
RAVCpl64.exe                  2812 Console                    1         2.356 K
sidebar.exe                   1272 Console                    1        23.404 K
MOM.exe                       3104 Console                    1         5.404 K
CCC.exe                       3472 Console                    1        16.520 K
maildisp.exe                  3536 Console                    1           620 K
conhost.exe                   3604 Console                    1           992 K
SearchIndexer.exe             3852 Services                   0        28.168 K
wmpnetwk.exe                  4028 Services                   0        14.184 K
escanmon.exe                  2556 Console                    1           716 K
svchost.exe                    212 Services                   0        10.740 K
SPOOLER.EXE                   3084 Console                    1           552 K
svchost.exe                   4484 Services                   0        23.492 K
dllhost.exe                   4644 Services                   0         2.564 K
firefox.exe                   6104 Console                    1       193.684 K
MWASER.EXE                    5968 Services                   0           468 K
MWAGENT.EXE                   3864 Services                   0         1.024 K
PLUGIN~1.EXE                  5400 Console                    1        20.476 K
svchost.exe                   4216 Services                   0         4.404 K
TrustedInstaller.exe          2904 Services                   0         7.712 K
audiodg.exe                   5988 Services                   0        17.576 K
SearchProtocolHost.exe        4572 Services                   0         8.672 K
SearchFilterHost.exe          1980 Services                   0         6.972 K
cmd.exe                       5992 Console                    1         3.784 K
conhost.exe                   5384 Console                    1         5.704 K
dllhost.exe                   5780 Console                    1         6.032 K
tasklist.exe                  4908 Console                    1         5.660 K
WmiPrvSE.exe                  5088 Services                   0         6.276 K

 
***** Ende des Scans 16.05.2011 um 14:07:06,83 ***

zu 4. =>all meine installierten Programme <=

3DVIA player 5.0 3DVIA 25.03.2011 14,6MB 5.0.0.12
Adobe Flash Player 10 ActiveX Adobe Systems Incorporated 21.10.2010 6,00MB 10.1.82.76
Adobe Flash Player 10 Plugin Adobe Systems Incorporated 24.04.2011 6,00MB 10.2.159.1
Adobe Reader X (10.0.1) - Deutsch Adobe Systems Incorporated 19.02.2011 115,9MB 10.0.1
Adobe Shockwave Player 11.5 Adobe Systems, Inc. 19.02.2011 11.5.9.620
Apple Application Support Apple Inc. 03.04.2011 52,8MB 1.4.1
Apple Software Update Apple Inc. 03.04.2011 2,16MB 2.1.1.116
ATI Catalyst Install Manager ATI Technologies, Inc. 21.10.2010 22,3MB 3.0.774.0
Audacity 1.2.6 22.10.2010
Audials RapidSolution Software AG 06.03.2011 292MB 8.0.43301.100
Battlefield Play4Free EA Digital illusions 22.04.2011
CCleaner Piriform 19.02.2011 3.03
Combat Arms EU 28.12.2010
Cross Fire En Z8Games.com 21.10.2010
DVD Shrink 3.2 deutsch (DeCSS-frei) DVD Shrink 05.05.2011
EA SPORTS online 2008 21.12.2010
eScan Anti-Virus (AV) Edition für Windows MicroWorld Technologies Inc. 10.04.2011 252MB 11.0.1139.855
FIFA 08 Electronic Arts 21.12.2010 3.956MB 1.0.1.1
FlightGear v2.0.0 The FlightGear Team 01.05.2011 557MB
Free Studio version 5.0.8 DVDVideoSoft Limited. 09.04.2011 256MB
GamersFirst LIVE! GamersFirst 21.10.2010
GIMP 2.6.11 The GIMP Team 22.10.2010 106,8MB 2.6.11
HiJackThis Trend Micro 15.05.2011 0,36MB 1.0.0
HyperCam 2 28.01.2011
ICQ Toolbar ICQ 21.10.2010 3.0.0
ICQ7.2 ICQ 09.12.2010 7.2
IrfanView (remove only) Irfan Skiljan 22.12.2010 1,50MB 4.28
ISIS Draw 2.1.4 Standalone 16.04.2011
Malwarebytes' Anti-Malware Malwarebytes Corporation 06.05.2011 10,5MB
Microsoft .NET Framework 4 Client Profile Microsoft Corporation 26.10.2010 38,8MB 4.0.30319
Microsoft Office 2010 Microsoft Corporation 21.10.2010 6,31MB 14.0.4763.1000
Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 25.10.2010 1,70MB 3.1.0000
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 21.10.2010 0,34MB 8.0.59193
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Corporation 21.10.2010 0,77MB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Corporation 17.12.2010 0,24MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 21.10.2010 0,58MB 9.0.30729.4148
Mozilla Firefox 4.0.1 (x86 de) Mozilla 01.05.2011 33,4MB 4.0.1
Mozilla Thunderbird (3.1.5) Mozilla 21.10.2010 3.1.5 (de)
MSXML 4.0 SP2 (KB954430) Microsoft Corporation 22.10.2010 1,28MB 4.20.9870.0
MSXML 4.0 SP2 (KB973688) Microsoft Corporation 22.10.2010 1,33MB 4.20.9876.0
Native Instruments Pro-53 Demo Native Instruments 06.05.2011
Need For Speed™ World Electronic Arts 22.10.2010 1.0.0.131
Nero 9 Essentials Nero AG 21.10.2010
NVIDIA PhysX NVIDIA Corporation 17.12.2010 78,9MB 9.10.0513
Picasa 3 Google, Inc. 21.10.2010 3.8
PokerStars.net PokerStars.net 17.03.2011
ProtectDisc Driver, Version 11 ProtectDisc Software GmbH 02.01.2011 11.0.0.12
PunkBuster Services Even Balance, Inc. 22.04.2011 0.990
QuickTime Apple Inc. 03.04.2011 73,7MB 7.69.80.9
Race Driver 3 Codemasters 27.11.2010 1.00.0000
Realtek HDMI Audio Driver for ATI Realtek Semiconductor Corp. 21.10.2010 6.0.1.6121
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 21.10.2010 6.0.1.6194
SAMSUNG Mobile Composite Device Software 14.12.2010
SAMSUNG Mobile Modem Driver Set 14.12.2010
Samsung Mobile phone USB driver Drive Software 14.12.2010
SAMSUNG Mobile USB Modem 1.0 Software 14.12.2010
SAMSUNG Mobile USB Modem Software 14.12.2010
Samsung PC Studio 3 Samsung Electronics Co., Ltd. 24.12.2010 3.2.2.80602
Skype Toolbars Skype Technologies S.A. 30.12.2010 7,09MB 5.0.4137
Skype™ 5.0 Skype Technologies S.A. 30.12.2010 22,4MB 5.0.156
Some PDF Image Extractr 1.5 SomePDF.com 22.11.2010
Test Drive Unlimited Ihr Firmenname 27.01.2011 3.117MB 1.00.0000
Uninstall 1.0.0.1 09.04.2011 10,9MB
Veoh Web Player Veoh Networks, Inc. 01.04.2011 1.1.2.0000
Virtual DJ Home - Atomix Productions 22.10.2010
VLC media player 1.1.5 VideoLAN 14.12.2010 1.1.5
War Rock GamersFirst 21.10.2010
Windows Live Essentials Microsoft Corporation 26.10.2010 15.4.3502.0922
Windows Media Player Firefox Plugin Microsoft Corp 13.11.2010 0,29MB 1.0.0.8
WinRAR 20.11.2010
Zattoo4 4.0.5 Zattoo Inc. 21.10.2010 4.0.5

liebe grüße,
xhq

Malware URL: dynamicdialogs.alert.conduit-services.com/alert

Plagegeister aller Art und deren Bekämpfung: Malware URL: dynamicdialogs.alert.conduit-services.com/alert

Malware URL: dynamicdialogs.alert.conduit-services.com/alert

Ähnliche Themen: Malware URL: dynamicdialogs.alert.conduit-services.com/alert