Name
Passwort
Registrieren
Startseite
Security News
Suche
Home
»
Viren, Trojaner & Malware Forum
»
Was ist bridge.dll, dumrep und WZCSLDR2.exe
» Themenansicht
Firefox Tipp:
Instantfox - Quick Search Add-On!
Seite(n):
1
Antworten
Was ist bridge.dll, dumrep und WZCSLDR2.exe
#0
25.11.2004, 21:23
ice_manp
...neu hier
Beiträge: 1
#1
Hier die log Datei von Hijackthis
Was ist dumprep 0 -k
b.z. WZCSLDR2.exe
bridge.dll
Logfile of HijackThis v1.98.2
Scan saved at 21:19:14, on 25.11.2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\NETWOR~1\MCAFEE~1\FireSvc.exe
C:\Programme\Network Associates\Common Framework\FrameworkService.exe
C:\Programme\Network Associates\VirusScan\Mcshield.exe
C:\PROGRA~1\NETWOR~1\COMMON~1\naPrdMgr.exe
C:\Programme\Network Associates\VirusScan\VsTskMgr.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe
C:\Programme\Gemeinsame Dateien\PestPatrol\ppRemoteService.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Network Associates\VirusScan\SHSTAT.EXE
C:\Programme\Network Associates\Common Framework\UpdaterUI.exe
C:\WinTK_Standard\modules\traycontrol.exe
C:\Programme\Steganos AntiSpyware 7\aspy7.exe
C:\Programme\Lavasoft\Ad-aware 6\Ad-watch.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Programme\MoreTV.353\MoreTV.exe
F:\Downloads\HijackThis.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = ftp=192.168.1.14:21;http=192.168.1.14:80;socks=192.168.1.14:1080
R3 - URLSearchHook: (no name) - {00D6A7E7-4A97-456f-848A-3B75BF7554D7} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar1.dll (filesize 708608 bytes, MD5 D817B0EABAB48C5F42EC3EA8C317DEF4)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar1.dll (filesize 708608 bytes, MD5 D817B0EABAB48C5F42EC3EA8C317DEF4)
O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [ccRegVfy] "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [ShStatEXE] "C:\Programme\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE (filesize 94208 bytes, MD5 7FDD96F93ADBE7E986AABAE0CA446011)
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Programme\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey (filesize 139320 bytes, MD5 E4A7B1AA1E40676153A824AC00EC3450)
O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Programme\Gemeinsame Dateien\Network Associates\TalkBack\TBMon.exe"
O4 - HKLM\..\Run: [RunDLL] rundll32.exe "C:\WINDOWS\system32\bridge.dll",Load (filesize 32256 bytes, MD5 3B97EDB791FB209017B8864C8E7087F9)
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [ccApp] "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Programme\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [SpyHunter] C:\Programme\Enigma Software Group\SpyHunter\SpyHunter.exe (filesize 339968 bytes, MD5 0681CA63A4BD1C1082848D6570EAEE8A)
O4 - HKCU\..\Run: [wintktraycontrol] C:\WinTK_Standard\modules\traycontrol.exe (filesize 583680 bytes, MD5 467B257817C8216B2384C86E0CA150C5)
O4 - HKCU\..\Run: [AntiSpyware7] "C:\Programme\Steganos AntiSpyware 7\aspy7.exe" /0 (filesize 3522560 bytes, MD5 992A0471D4F4C60E2F34199B9663D316)
O4 - Startup: Ad-watch 3.0.lnk = C:\Programme\Lavasoft\Ad-aware 6\Ad-watch.exe (filesize 392192 bytes, MD5 71E45918ED6772CD6F0FEF70F688DF04)
O9 - Extra button: (no name) - c95fe080-8f5d-112d-a20b-00aa003c157a - (no file)
O9 - Extra button: ICQ 4.0 - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe (filesize 2323536 bytes, MD5 FD23D4D11A9F5748723FC06716BEBD30)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe (filesize 2323536 bytes, MD5 FD23D4D11A9F5748723FC06716BEBD30)
O16 - DPF: {1C955F3B-5B32-4393-A05D-24B4970CD2A1} -
http://stream10k.redhotnetworks.com/cabs/videox.cab
O16 - DPF: {26CBF141-7D0F-46E1-AA06-718958B6E4D2} -
http://download.ebay.com/turbo_lister/DE/install.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) -
http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {53B8B406-42E4-4DD3-96E7-9DEC8CEB3DD8} (ICQVideoControl Class) -
http://xtraz.icq.com/xtraz/activex/ICQVideoControl.cab
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) -
http://files.ea.com/downloads/rtpatch/v2/EARTPX.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) -
http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6B4788E2-BAE8-11D2-A1B4-00400512739B} (PWMediaSendControl Class) -
http://216.249.25.152/code/PWActiveXImgCtl.CAB
O16 - DPF: {6D15BD40-CCA6-11D2-A6A0-0060089A0EFF} (RWSO_IHB) -
https://banking.rwso.de/KSK_Sigmaringen/srwso1301.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall-Kontrolle) -
http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) -
http://www.johannrain-softwareentwicklung.de/scan/Msie/bitdefender.cab
O16 - DPF: {8FA9D107-547B-4DBC-9D88-FABD891EDB0A} (shizmoo Class) -
http://playroom.icq.com/odyssey_web11.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -
http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {B942A249-D1E7-4C11-98AE-FCB76B08747F} (RealArcadeRdxIE Class) -
http://games-dl.real.com/gameconsole/Bundler/CAB/RealArcadeRdxIE.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) -
http://download.mcafee.com/molbin/iss-loc/vso/en-us/tools/mcfscan/2,0,0,4388/mcfscan.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{A0DE81A2-8E42-478D-B079-5A668AFE0990}: NameServer = 192.168.1.1
Um auf dieses Thema zu ANTWORTEN
bitte erst
» hier
kostenlos registrieren!!
Folgende Themen könnten Dich auch interessieren:
»
dumrep.exe --> ungefragter Systemreboot XP
»
Unbekannter Prozess "dumrep - 0 k
»
FB 7583 + Bridge?
»
Droppers Dr/ Bridge.A.2
»
DR/Bridge.A.2 - wie entfernen ?
Seite(n):
1
Copyright © 2024, Protecus.de -
Protecus Team
-
Impressum / Mediadaten
Was ist dumprep 0 -k
b.z. WZCSLDR2.exe
bridge.dll
Logfile of HijackThis v1.98.2
Scan saved at 21:19:14, on 25.11.2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\NETWOR~1\MCAFEE~1\FireSvc.exe
C:\Programme\Network Associates\Common Framework\FrameworkService.exe
C:\Programme\Network Associates\VirusScan\Mcshield.exe
C:\PROGRA~1\NETWOR~1\COMMON~1\naPrdMgr.exe
C:\Programme\Network Associates\VirusScan\VsTskMgr.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe
C:\Programme\Gemeinsame Dateien\PestPatrol\ppRemoteService.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Network Associates\VirusScan\SHSTAT.EXE
C:\Programme\Network Associates\Common Framework\UpdaterUI.exe
C:\WinTK_Standard\modules\traycontrol.exe
C:\Programme\Steganos AntiSpyware 7\aspy7.exe
C:\Programme\Lavasoft\Ad-aware 6\Ad-watch.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Programme\MoreTV.353\MoreTV.exe
F:\Downloads\HijackThis.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = ftp=192.168.1.14:21;http=192.168.1.14:80;socks=192.168.1.14:1080
R3 - URLSearchHook: (no name) - {00D6A7E7-4A97-456f-848A-3B75BF7554D7} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar1.dll (filesize 708608 bytes, MD5 D817B0EABAB48C5F42EC3EA8C317DEF4)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar1.dll (filesize 708608 bytes, MD5 D817B0EABAB48C5F42EC3EA8C317DEF4)
O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [ccRegVfy] "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [ShStatEXE] "C:\Programme\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE (filesize 94208 bytes, MD5 7FDD96F93ADBE7E986AABAE0CA446011)
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Programme\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey (filesize 139320 bytes, MD5 E4A7B1AA1E40676153A824AC00EC3450)
O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Programme\Gemeinsame Dateien\Network Associates\TalkBack\TBMon.exe"
O4 - HKLM\..\Run: [RunDLL] rundll32.exe "C:\WINDOWS\system32\bridge.dll",Load (filesize 32256 bytes, MD5 3B97EDB791FB209017B8864C8E7087F9)
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [ccApp] "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Programme\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [SpyHunter] C:\Programme\Enigma Software Group\SpyHunter\SpyHunter.exe (filesize 339968 bytes, MD5 0681CA63A4BD1C1082848D6570EAEE8A)
O4 - HKCU\..\Run: [wintktraycontrol] C:\WinTK_Standard\modules\traycontrol.exe (filesize 583680 bytes, MD5 467B257817C8216B2384C86E0CA150C5)
O4 - HKCU\..\Run: [AntiSpyware7] "C:\Programme\Steganos AntiSpyware 7\aspy7.exe" /0 (filesize 3522560 bytes, MD5 992A0471D4F4C60E2F34199B9663D316)
O4 - Startup: Ad-watch 3.0.lnk = C:\Programme\Lavasoft\Ad-aware 6\Ad-watch.exe (filesize 392192 bytes, MD5 71E45918ED6772CD6F0FEF70F688DF04)
O9 - Extra button: (no name) - c95fe080-8f5d-112d-a20b-00aa003c157a - (no file)
O9 - Extra button: ICQ 4.0 - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe (filesize 2323536 bytes, MD5 FD23D4D11A9F5748723FC06716BEBD30)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe (filesize 2323536 bytes, MD5 FD23D4D11A9F5748723FC06716BEBD30)
O16 - DPF: {1C955F3B-5B32-4393-A05D-24B4970CD2A1} - http://stream10k.redhotnetworks.com/cabs/videox.cab
O16 - DPF: {26CBF141-7D0F-46E1-AA06-718958B6E4D2} - http://download.ebay.com/turbo_lister/DE/install.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {53B8B406-42E4-4DD3-96E7-9DEC8CEB3DD8} (ICQVideoControl Class) - http://xtraz.icq.com/xtraz/activex/ICQVideoControl.cab
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://files.ea.com/downloads/rtpatch/v2/EARTPX.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6B4788E2-BAE8-11D2-A1B4-00400512739B} (PWMediaSendControl Class) - http://216.249.25.152/code/PWActiveXImgCtl.CAB
O16 - DPF: {6D15BD40-CCA6-11D2-A6A0-0060089A0EFF} (RWSO_IHB) - https://banking.rwso.de/KSK_Sigmaringen/srwso1301.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall-Kontrolle) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.johannrain-softwareentwicklung.de/scan/Msie/bitdefender.cab
O16 - DPF: {8FA9D107-547B-4DBC-9D88-FABD891EDB0A} (shizmoo Class) - http://playroom.icq.com/odyssey_web11.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {B942A249-D1E7-4C11-98AE-FCB76B08747F} (RealArcadeRdxIE Class) - http://games-dl.real.com/gameconsole/Bundler/CAB/RealArcadeRdxIE.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/vso/en-us/tools/mcfscan/2,0,0,4388/mcfscan.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{A0DE81A2-8E42-478D-B079-5A668AFE0990}: NameServer = 192.168.1.1