Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Virenbefehl? Bitte um Logauswertung. (https://www.trojaner-board.de/41484-virenbefehl-bitte-um-logauswertung.html)

viomaticus 29.07.2007 14:59
Virenbefehl? Bitte um Logauswertung.
 
Mein Problem ich bekomme manchmal eine schannel.dll fehler Meldung und desweiteren ist mein PC manchmal ziemlich langsam vorallem beim hochfahren.

Hier meine Logs:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:26:29, on 29.07.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\AntiVir PersonalEdition Classic\sched.exe
C:\Programme\avmwlanstick\WlanNetService.exe
C:\Programme\AlienGUIse\wbload.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\avguard32.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Programme\Java\jre1.6.0_02\bin\jusched.exe
C:\Programme\avmwlanstick\FRITZWLANMini.exe
C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe
C:\Programme\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
C:\Programme\MSN Messenger\MsnMsgr.Exe
C:\Programme\WinTV\Ir.exe
C:\Programme\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\notepad.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\Dokumente und Einstellungen\******\Desktop\Neuer Ordner\HJT.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = h**p://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = h**p://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = h**p://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = h**p://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: XTTBPos00 Class - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - (no file)
O2 - BHO: (no name) - {600BE137-52FA-43A9-ABD3-BD6E0865A364} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {A6984C00-C6EB-11D4-B4A4-080000180323} - C:\Programme\Rapidown\rapi310.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\Windows Live Toolbar\msntb.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\Programme\FlashFXP\IEFlash.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O3 - Toolbar: Steganos Internet Anonym - {00000000-5736-4205-0008-2fe89c996183} - c:\programme\steganos internet anonym 7\sia7iep.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [AVMWlanClient] C:\Programme\avmwlanstick\FRITZWLANMini.exe
O4 - HKLM\..\Run: [avgnt] "C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [RemoteControl] C:\Programme\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [StartCCC] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\RunServices: [Windows Update] C:\WINDOWS\system32\scvhost.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [great bin] C:\DOKUME~1\*****\ANWEND~1\OBJATO~1\REFMULTICORN.exe
O4 - HKCU\..\Run: [Meine Bilder] C:\WINDOWS\system32\avguard32.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programme\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\RunOnce: [SIA7] "C:\Programme\Steganos Internet Anonym 7\sia7.exe" -firstboot (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-20\..\RunOnce: [SIA7] "C:\Programme\Steganos Internet Anonym 7\sia7.exe" -firstboot (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [SIA7] "C:\Programme\Steganos Internet Anonym 7\sia7.exe" -firstboot (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [SIA7] "C:\Programme\Steganos Internet Anonym 7\sia7.exe" -firstboot (User 'Default user')
O4 - Global Startup: AutoStart IR.lnk = C:\Programme\WinTV\Ir.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Programme\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - h**p://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1010681460577
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - h**p://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{89911C27-2B10-4B2D-924D-F01E4190107E}: NameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{C65A2F39-2C32-4BC1-AD2D-F136F715E1DB}: NameServer = 192.168.178.1
O18 - Protocol: bw+0 - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {B1B4E53B-1319-417B-A912-060545230FF4} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVM WLAN Connection Service - AVM Berlin - C:\Programme\avmwlanstick\WlanNetService.exe
O23 - Service: Hotspot Manager (HotSpotFSvc) - Unknown owner - C:\Programme\Gemeinsame Dateien\T-COM\HotspotMgr\HotSpotFSvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe

--
End of file - 19813 bytes

viomaticus 29.07.2007 15:00
"*****" - 2007-07-29 15:27:59 - ComboFix 07-07-23.6 - Service Pack 2 NTFS


((((((((((((((((((((((((( Files Created from 2007-06-28 to 2007-07-29 )))))))))))))))))))))))))))))))


2007-07-29 15:13 51,200 --a------ C:\WINDOWS\nircmd.exe
2007-07-28 16:37 <DIR> d-------- C:\DOKUME~1\*****\Contacts
2007-07-28 16:30 <DIR> d----c--- C:\WINDOWS\system32\DRVSTORE
2007-07-28 16:30 <DIR> d-------- C:\Programme\Windows Live Toolbar
2007-07-28 16:30 <DIR> d-------- C:\DOKUME~1\ALLUSE~1\ANWEND~1\Windows Live Toolbar
2007-07-28 16:29 <DIR> d-------- C:\Programme\MSN Messenger
2007-07-28 00:17 52,224 --a------ C:\WINDOWS\system32\jpg.dll
2007-07-27 21:28 <DIR> d-------- C:\Programme\Azureus
2007-07-27 21:28 <DIR> d-------- C:\DOKUME~1\****\ANWEND~1\Azureus
2007-07-27 20:52 12,003 --a------ C:\WINDOWS\system32\zlib.dll
2007-07-27 17:52 <DIR> d-------- C:\DOKUME~1\*****\ANWEND~1\WinRAR
2007-07-27 15:55 <DIR> d-------- C:\Programme\No-IP
2007-07-26 16:08 <DIR> d-------- C:\Programme\AV Vcs 5.5 DIAMOND
2007-07-26 12:44 <DIR> d-------- C:\DOKUME~1\*****\ANWEND~1\Steganos Internet Anonym 7
2007-07-26 12:39 <DIR> d-------- C:\Programme\Steganos Internet Anonym 7
2007-07-26 12:39 <DIR> d-------- C:\Programme\Secure Surfing Engine
2007-07-25 15:18 1,695 --a------ C:\WINDOWS\BricoPackFoldersDelete.cmd
2007-07-25 10:37 48,740 --a------ C:\WINDOWS\BricoPackUninst.cmd
2007-07-25 10:32 <DIR> d-------- C:\WINDOWS\BricoPacks
2007-07-25 09:36 <DIR> d-------- C:\Programme\Rapidown
2007-07-23 15:08 <DIR> d-------- C:\Programme\ICQToolbar
2007-07-23 15:08 <DIR> d-------- C:\Programme\ICQ6
2007-07-23 15:07 <DIR> d-------- C:\DOKUME~1\*****\ANWEND~1\InstallShield
2007-07-23 14:57 <DIR> d-------- C:\DOKUME~1\*****\ANWEND~1\ICQLite
2007-07-23 14:57 <DIR> d-------- C:\DOKUME~1\*****\ANWEND~1\ICQ Toolbar
2007-07-22 15:33 <DIR> d-------- C:\Programme\mm.BOT
2007-07-22 15:32 <DIR> d-------- C:\WINDOWS\mm.BOT
2007-07-21 10:53 <DIR> d-------- C:\WINDOWS\system32\Color
2007-07-20 15:04 107,864 --a------ C:\WINDOWS\system32\tsccvid.dll
2007-07-20 15:03 <DIR> d-------- C:\WINDOWS\system32\QuickTime
2007-07-20 15:03 <DIR> d-------- C:\Programme\TechSmith
2007-07-20 15:03 <DIR> d-------- C:\DOKUME~1\ALLUSE~1\ANWEND~1\TechSmith
2007-07-17 20:10 51,733 --a------ C:\WINDOWS\system32\plugin1.dat
2007-07-17 20:10 1,522,905 --a------ C:\WINDOWS\system32\msvb.exe
2007-07-17 20:01 71,168 --a------ C:\WINDOWS\system32\ijl11.dll
2007-07-17 20:00 52,736 --a------ C:\WINDOWS\system32\passview.dll
2007-07-17 13:57 <DIR> d-------- C:\Programme\SQLyog Community
2007-07-17 13:57 <DIR> d-------- C:\DOKUME~1\*****\ANWEND~1\SQLyog
2007-07-16 14:49 <DIR> d-------- C:\Programme\WinPcap
2007-07-15 20:08 249,856 --------- C:\WINDOWS\Setup1.exe
2007-07-15 20:08 <DIR> d-------- C:\Programme\Hero Editor
2007-07-15 20:06 101,888 --a------ C:\WINDOWS\system32\VB6STKIT.DLL
2007-07-15 20:05 73,216 --a------ C:\WINDOWS\ST6UNST.EXE
2007-07-13 09:44 <DIR> d-------- C:\DOKUME~1\ALLUSE~1\ANWEND~1\Google
2007-07-12 18:18 50,520 --a------ C:\WINDOWS\system32\csvidcap.dll
2007-07-12 15:44 299,520 --a------ C:\WINDOWS\uninst.exe
2007-07-12 15:44 <DIR> d-------- C:\DOKUME~1\*****\WINDOWS
2007-07-12 14:44 43,520 --a------ C:\WINDOWS\system32\CmdLineExt03.dll
2007-07-12 14:43 21,840 --a------ C:\WINDOWS\system32\SIntfNT.dll
2007-07-12 14:43 17,212 --a------ C:\WINDOWS\system32\SIntf32.dll
2007-07-12 14:43 12,067 --a------ C:\WINDOWS\system32\SIntf16.dll
2007-07-12 14:37 33,133 --a------ C:\WINDOWS\DIIUnin.dat
2007-07-12 14:37 2,829 --a------ C:\WINDOWS\DIIUnin.pif
2007-07-12 14:37 102,400 --a------ C:\WINDOWS\DIIUnin.exe
2007-07-12 14:33 <DIR> d-------- C:\Programme\Diablo II
2007-07-11 17:17 <DIR> d-------- C:\Programme\Sync Manager Demo
2007-07-10 14:55 <DIR> d-------- C:\Programme\SHOUTcast
2007-07-07 11:02 <DIR> d-------- C:\Antrix
2007-07-06 16:02 <DIR> d-------- C:\Programme\PremiumSoft
2007-07-06 15:37 <DIR> d-------- C:\Mangos
2007-07-06 15:31 <DIR> d-------- C:\xampp
2007-07-05 13:11 <DIR> d-------- C:\DOKUME~1\*****\ANWEND~1\ICQ
2007-07-03 17:40 <DIR> d-------- C:\Programme\Skype
2007-07-03 17:40 <DIR> d-------- C:\Programme\Gemeinsame Dateien\Skype
2007-07-03 17:40 <DIR> d-------- C:\DOKUME~1\*****\ANWEND~1\Skype
2007-07-03 17:39 <DIR> d-------- C:\DOKUME~1\ALLUSE~1\ANWEND~1\Skype
2007-07-02 21:41 200,704 --a------ C:\WINDOWS\system32\ssldivx.dll
2007-07-02 21:41 1,044,480 --a------ C:\WINDOWS\system32\libdivx.dll
2007-06-29 02:01 88,696 --a------ C:\WINDOWS\system32\Packet.dll
2007-06-29 02:01 68,224 --a------ C:\WINDOWS\system32\WanPacket.dll
2007-06-29 02:01 53,299 --a------ C:\WINDOWS\system32\pthreadVC.dll
2007-06-29 02:01 42,512 --a------ C:\WINDOWS\system32\drivers\npf.sys
2007-06-29 02:01 240,240 --a------ C:\WINDOWS\system32\wpcap.dll


(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-07-25 20:02:17 -------- d-----w C:\DOKUME~1\*****\ANWEND~1\LimeWire
2007-07-25 08:37:23 219,648 ----a-w C:\WINDOWS\system32\uxtheme.dll
2007-07-25 08:11:46 -------- d-----w C:\Programme\PDF Editor 2
2007-07-24 17:33:51 -------- d-----w C:\Programme\HLSW
2007-07-23 16:50:51 -------- d-----w C:\DOKUME~1\*****\ANWEND~1\teamspeak2
2007-07-23 13:08:44 -------- d--h--w C:\Programme\InstallShield Installation Information
2007-07-21 18:04:34 -------- d-----w C:\Programme\LimeWire
2007-07-20 11:28:34 -------- d-----w C:\Programme\World of Warcraft
2007-07-18 12:34:05 -------- d-----w C:\DOKUME~1\*****\ANWEND~1\Hamachi
2007-07-18 11:49:16 -------- d-----w C:\Programme\AlienGUIse
2007-07-18 08:56:29 -------- d-----w C:\Programme\cFosSpeed
2007-07-18 08:56:28 -------- d-----w C:\Programme\TuneUp Utilities 2007
2007-07-12 11:34:32 2,434 ----a-w C:\WINDOWS\mozver.dat
2007-07-12 11:34:32 -------- d-----w C:\Programme\DivX
2007-07-12 08:12:55 53,248 ----a-w C:\WINDOWS\system32\css.dll
2007-07-11 15:22:30 -------- d-----w C:\Programme\Ringz Studio
2007-07-11 14:48:51 -------- d-----w C:\Programme\Winamp
2007-07-08 18:49:04 -------- d-----w C:\Programme\Gamers.IRC
2007-07-07 08:19:44 25,544 ----a-w C:\WINDOWS\system32\drivers\hamachi.sys
2007-07-06 13:08:21 -------- d-----w C:\Programme\MySQL
2007-06-24 17:55:11 -------- d-----w C:\Programme\Ventrilo
2007-06-24 17:54:59 -------- d-----w C:\Programme\Gemeinsame Dateien\Wise Installation Wizard
2007-06-23 10:33:48 -------- d-----w C:\Programme\Teamspeak2_RC2
2007-06-23 08:38:46 -------- d-----w C:\DOKUME~1\*****\ANWEND~1\ATI
2007-06-23 08:35:48 -------- d-----w C:\Programme\ATI Technologies
2007-06-23 08:21:03 -------- d-----w C:\Programme\MyPhoneExplorer
2007-06-23 08:21:03 -------- d-----w C:\Programme\Mangos
2007-06-23 08:21:02 -------- d-----w C:\Programme\FlashFXP
2007-06-20 17:04:25 73,216 ----a-w C:\WINDOWS\cadkasdeinst01.exe
2007-06-18 15:46:11 76,212 ----a-w C:\WINDOWS\system32\perfc007.dat
2007-06-18 15:46:11 419,300 ----a-w C:\WINDOWS\system32\perfh007.dat
2007-06-18 15:45:16 -------- d-----w C:\Programme\avmwlanstick
2007-06-18 15:44:56 -------- d-----w C:\Programme\AVM_update
2007-06-18 15:01:26 -------- d-----w C:\DOKUME~1\*****\ANWEND~1\Media Player Classic
2007-06-14 07:19:57 -------- d-----w C:\Programme\vtplus
2007-06-14 07:19:48 -------- d-----w C:\Programme\WinTV
2007-05-16 15:11:44 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
2007-05-14 06:59:39 164 ----a-w C:\install.dat
2001-08-18 14:00:00 279,983 --sh--w C:\WINDOWS\system32\avguard32.exe
2001-08-18 14:00:00 300,963 --sh--w C:\WINDOWS\system32\clfmon.exe
2001-08-18 14:00:00 278,981 --sh--w C:\WINDOWS\system32\ntoskrnl32.exe


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{600BE137-52FA-43A9-ABD3-BD6E0865A364}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Programme\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 04:00]
"AVMWlanClient"="C:\Programme\avmwlanstick\FRITZWLANMini.exe" [2006-03-01 13:35]
"avgnt"="C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe" [2007-04-02 10:35]
"RemoteControl"="C:\Programme\CyberLink\PowerDVD\PDVDServ.exe" [2005-01-12 04:01]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2004-12-10 13:45 C:\WINDOWS\KHALMNPR.Exe]
"StartCCC"="C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 12:35]
"KernelFaultCheck"="%systemroot%\system32\dumprep 0 -k" []

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 09:57]
"SpybotSD TeaTimer"="C:\Programme\Spybot - Search & Destroy\TeaTimer.exe" [2005-05-31 01:04]
"great bin"="C:\DOKUME~1\****\ANWEND~1\OBJATO~1\REFMULTICORN.exe" []
"Meine Bilder"="C:\WINDOWS\system32\avguard32.exe" [2001-08-18 16:00]
"MsnMsgr"="C:\Programme\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:55]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runservices]
"Windows Update"=C:\WINDOWS\system32\scvhost.exe

[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"SIA7"="C:\Programme\Steganos Internet Anonym 7\sia7.exe" -firstboot

C:\Dokumente und Einstellungen\All Users\Startmen\Programme\Autostart\
AutoStart IR.lnk - C:\Programme\WinTV\Ir.exe [2007-02-07 15:31:50]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WB]
C:\Programme\AlienGUIse\fastload.dll 2001-12-21 00:34 24576 C:\Programme\AlienGUIse\fastload.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=wbsys.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Logitech Desktop Messenger.lnk]
path=C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Logitech Desktop Messenger.lnk
backup=C:\WINDOWS\pss\Logitech Desktop Messenger.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Logitech SetPoint.lnk]
path=C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Logitech SetPoint.lnk
backup=C:\WINDOWS\pss\Logitech SetPoint.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^****^Startmenü^Programme^Autostart^hamachi.lnk]
path=C:\Dokumente und Einstellungen\****\Startmenü\Programme\Autostart\hamachi.lnk
backup=C:\WINDOWS\pss\hamachi.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^****^Startmenü^Programme^Autostart^Stardock ObjectDock.lnk]
path=C:\Dokumente und Einstellungen\****\Startmenü\Programme\Autostart\Stardock ObjectDock.lnk
backup=C:\WINDOWS\pss\Stardock ObjectDock.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^****^Startmenü^Programme^Autostart^Y'z ToolBar.lnk]
path=C:\Dokumente und Einstellungen\****\Startmenü\Programme\Autostart\Y'z ToolBar.lnk
backup=C:\WINDOWS\pss\Y'z ToolBar.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICCC]
"C:\Programme\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\great bin]
C:\DOKUME~1\****\ANWEND~1\OBJATO~1\REFMULTICORN.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
"C:\Programme\ICQ6\ICQ.exe" silent

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ 6.1]
C:\WINDOWS\system32\nltor32.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ 6.1 Beta]
C:\WINDOWS\system32\cltmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ Lite]
"C:\Programme\ICQLite\ICQLite.exe" -minimize

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
%systemroot%\system32\dumprep 0 -k

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM]
C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"C:\Programme\Messenger\msmsgs.exe" /background

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
C:\Programme\CyberLink\PowerDVD\PDVDServ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
RTHDCPL.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SIA7]
"C:\Programme\Steganos Internet Anonym 7\SIA7.exe" -boot

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
"C:\Programme\Skype\Phone\Skype.exe" /nosplash /minimized

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
"c:\programme\valve\steam\steam.exe" -silent

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
"C:\Programme\Winamp\Winampa.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Update]
C:\WINDOWS\system32\scvhost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WoW Account Stealer]
C:\WINDOWS\system32\ntoskrnl32.exe

R1 AsIO;AsIO;C:\WINDOWS\system32\drivers\AsIO.sys
R1 avgio;avgio;\??\C:\Programme\AntiVir PersonalEdition Classic\avgio.sys
R1 avipbb;avipbb;C:\WINDOWS\system32\DRIVERS\avipbb.sys
R2 UxTuneUp;TuneUp Designerweiterung;C:\WINDOWS\System32\svchost.exe -k netsvcs
R3 avgntflt;avgntflt;\??\C:\Programme\AntiVir PersonalEdition Classic\avgntflt.sys
R3 hcw88rc5;Hauppauge WinTV 88x IR Decoder;C:\WINDOWS\system32\Drivers\hcw88rc5.sys
R3 HCW88TUNE;Hauppauge WinTV 88x Tuner;C:\WINDOWS\system32\drivers\hcw88tun.sys
R3 hcw88vid;Hauppauge WinTV 88x Video;C:\WINDOWS\system32\drivers\hcw88vid.sys
R3 HCW88XBAR;Hauppauge WinTV 88x Crossbar;C:\WINDOWS\system32\drivers\HCW88BAR.sys
R3 L8042Kbd;Logitech SetPoint Keyboard Driver;C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys
R3 LHidKe;Logitech SetPoint HID Mouse Filter Driver;C:\WINDOWS\system32\DRIVERS\LHidKE.Sys
R3 LHidUsbK;Logitech SetPoint USB Receiver device driver;C:\WINDOWS\system32\Drivers\LHidUsbK.Sys
R3 LMouKE;Logitech SetPoint Mouse Filter Driver;C:\WINDOWS\system32\DRIVERS\LMouKE.Sys
R3 MTsensor;ATK0110 ACPI UTILITY;C:\WINDOWS\system32\DRIVERS\ASACPI.sys
S3 avmeject;AVM Eject;C:\WINDOWS\system32\drivers\avmeject.sys
S3 DREADNOUGHT;DREADNOUGHT;\??\C:\DOKUME~1\****\LOKALE~1\Temp\DREADNOUGHT
S3 FWLANUSB;AVM FRITZ!WLAN;C:\WINDOWS\system32\DRIVERS\fwlanusb.sys
S3 HotSpotFSvc;Hotspot Manager;"C:\Programme\Gemeinsame Dateien\T-COM\HotspotMgr\HotSpotFSvc.exe"
S3 L8042mou;Logitech SetPoint PS/2 Mouse Filter Driver;C:\WINDOWS\system32\DRIVERS\L8042mou.Sys
S3 ssmdrv;ssmdrv;C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
S3 TSMPacket;T-DSL Manager Service;C:\WINDOWS\system32\DRIVERS\tsmpkt.sys
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - netsvcs
UxTuneUp

*Newly Created Service* - CATCHME

HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{9B71D88C-C598-4935-C5D1-43AA4DB90836}
C:\WINDOWS\system32\msvb.exe s

HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A00100FD-FFE0-F286-DD1C-D0959F340903}
C:\WINDOWS\system32\ntoskrnl32.exe

HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{AC800506-AFD3-FCCB-A0AC-CEFDECFD1F87}
C:\WINDOWS\system32\cltmon.exe

HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{B0D939E0-C6F0-CC70-A446-B49BC97A72AA}
C:\WINDOWS\system32\ntoskrnl32.exe

HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{BD013C09-B206-A007-BABD-EAB0F020B3EE}
C:\WINDOWS\system32\nltor32.exe

HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{CFE05E0A-D910-DDD3-B77D-C70C0E9C94BB}
C:\WINDOWS\system32\clfmon.exe

HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{DA008F3B-E04B-E00C-C900-D0000F080767}
C:\WINDOWS\system32\ntoskrnl32.exe

HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{DC9D8B83-C748-CEAF-A491-BB3F3900CACE}
C:\WINDOWS\system32\ntoskrnl32.exe

HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{F00F0807-EED0-EF64-C8F5-CD73C01206D1}
C:\WINDOWS\system32\cltmon.exe

HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{F04E0AD0-A0F0-B09C-D3CF-FC8EBC70005B}
C:\WINDOWS\system32\avguard32.exe

HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{F1050000-CA40-A005-C4BA-B0398D18E0D7}
C:\WINDOWS\system32\scvhost.exe

HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{F90F0807-EEC0-EF54-C8F5-CD73C01206D0}
C:\WINDOWS\system32\winkrnl.exe

Contents of the 'Scheduled Tasks' folder
2007-07-27 15:16:28 C:\WINDOWS\tasks\1-Klick-Wartung.job
2007-07-29 12:31:03 C:\WINDOWS\tasks\Auf Updates für Windows Live Toolbar prüfen.job

**************************************************************************

catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, h**p://www.gmer.net
Rootkit scan 2007-07-29 15:29:27
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Completion time: 2007-07-29 15:29:58
C:\ComboFix-quarantined-files.txt ... 2007-07-29 15:29
C:\ComboFix2.txt ... 2007-07-29 15:20

--- E O F ---


.
Bitte nur die Eintraege der letzten 3 Monate pro Ordner posten
.
.
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: 6840-25B2

Verzeichnis von C:\WINDOWS\system32

29.07.2007 15:19 108.336 mswinsck.ocx
29.07.2007 15:19 2.206 wpa.dbl
29.07.2007 15:14 1.379.181 offlog.txt
28.07.2007 00:56 12.003 lamastuff.svr
28.07.2007 00:42 12.003 icqlogreader.svr
28.07.2007 00:42 12.003 Beeper.svr
28.07.2007 00:41 12.003 Text2Speech.svr
28.07.2007 00:17 52.224 jpg.dll
27.07.2007 20:53 12.003 zlib.dll
27.07.2007 19:53 51.733 plugin1.dat
27.07.2007 16:40 133 imon1.dat
26.07.2007 12:38 549.584 FNTCACHE.DAT
25.07.2007 15:28 5.214 jupdate-1.6.0_02-b06.log
25.07.2007 10:37 219.648 uxtheme.dll
24.07.2007 21:23 230.454 webcam.bmp
22.07.2007 18:39 279.552 swreg.exe
22.07.2007 16:15 43.520 CmdLineExt03.dll
17.07.2007 21:00 2.764.854 screenshot.bmp
17.07.2007 20:09 1.522.905 msvb.exe
17.07.2007 20:01 15.015 screenshot.jpg
17.07.2007 20:01 71.168 ijl11.dll
17.07.2007 20:00 52.736 passview.dll
12.07.2007 18:18 50.520 csvidcap.dll
12.07.2007 14:43 21.840 SIntfNT.dll
12.07.2007 14:43 17.212 SIntf32.dll
12.07.2007 14:43 12.067 SIntf16.dll
12.07.2007 10:12 53.248 css.dll
12.07.2007 04:54 107.864 tsccvid.dll
12.07.2007 02:22 139.264 javaws.exe
12.07.2007 02:22 69.632 javacpl.cpl
12.07.2007 01:22 135.168 javaw.exe
12.07.2007 01:22 135.168 java.exe
11.07.2007 11:01 53.474 tcpmon.ini
02.07.2007 21:41 1.044.480 libdivx.dll
02.07.2007 21:41 200.704 ssldivx.dll
29.06.2007 02:01 240.240 wpcap.dll
29.06.2007 02:01 88.696 Packet.dll
29.06.2007 02:01 68.224 WanPacket.dll
29.06.2007 02:01 53.299 pthreadVC.dll
19.06.2007 14:58 4.254 jupdate-1.6.0_01-b06.log
18.06.2007 17:46 404.104 perfh009.dat
18.06.2007 17:46 63.324 perfc009.dat
18.06.2007 17:46 76.212 perfc007.dat
18.06.2007 17:46 419.300 perfh007.dat
18.06.2007 17:46 974.848 PerfStringBackup.INI
06.06.2007 08:38 15.747.032 MRT.exe
16.05.2007 17:11 683.520 inetcomm.dll
08.05.2007 10:59 5.326.848 mshtml.dll
25.04.2007 16:22 144.896 schannel.dll
25.04.2007 09:42 1.338.880 wininet.dll
25.04.2007 09:42 871.936 webcheck.dll
25.04.2007 09:42 1.560.064 urlmon.dll
25.04.2007 09:42 670.720 mstime.dll
25.04.2007 09:42 718.848 occache.dll
25.04.2007 09:42 196.096 url.dll
25.04.2007 09:42 193.024 msrating.dll
25.04.2007 09:42 477.696 mshtmled.dll
25.04.2007 09:41 459.264 msfeeds.dll
25.04.2007 09:41 52.224 msfeedsbs.dll
25.04.2007 09:41 27.648 jsproxy.dll
25.04.2007 09:41 3.206.656 inetcpl.cpl
25.04.2007 09:41 267.776 iertutil.dll
25.04.2007 09:41 6.058.496 ieframe.dll
25.04.2007 09:41 44.544 iernonce.dll
25.04.2007 09:41 384.512 iedkcs32.dll
25.04.2007 09:41 383.488 ieapfltr.dll
25.04.2007 09:41 124.928 advpack.dll
25.04.2007 09:41 132.608 extmgr.dll
25.04.2007 09:41 153.088 ieakeng.dll
25.04.2007 09:41 230.400 ieaksie.dll
24.04.2007 16:26 13.824 ieudinit.exe
24.04.2007 11:58 56.832 ie4uinit.exe
24.04.2007 11:32 1.485.696 LegitCheckControl.dll
24.04.2007 09:34 161.792 ieakui.dll
18.04.2007 18:13 2.854.400 msi.dll
17.04.2007 11:32 2.455.488 ieapfltr.dat
16.04.2007 22:47 33.624 wups.dll
16.04.2007 22:47 30.040 wuapi.dll.mui
16.04.2007 22:47 30.040 wuaucpl.cpl.mui
16.04.2007 22:45 1.710.936 wuaueng.dll
16.04.2007 22:45 549.720 wuapi.dll
16.04.2007 22:45 325.976 wucltui.dll
16.04.2007 22:45 216.408 wuaucpl.cpl
16.04.2007 22:45 203.096 wuweb.dll
16.04.2007 22:45 92.504 cdm.dll
16.04.2007 22:45 20.824 wuaueng.dll.mui
16.04.2007 22:45 53.080 wuauclt.exe
16.04.2007 22:45 43.352 wups2.dll
16.04.2007 22:44 34.136 wucltui.dll.mui
16.04.2007 17:53 1.058.304 kernel32.dll
02.04.2007 07:58 546.304 hhctrl.ocx


Alle Zeitangaben in WEZ +1. Es ist jetzt 22:53 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19