Home » Spyware & Browser Hijacker Support Forum » Problem mit "whenU"...... » Themenansicht

Problem mit "whenU"......
#0
21.11.2006, 23:47
Schmidsy
Member

Beiträge: 11
#1 Hallo habe ein Problem mit WhenU, habe das über Programme entfernt, glaube aber nicht das es so leicht ist....hier mal der Ad-Aware scan und danach habe ich gelöscht (versucht) ob es geklappt hat weiß ich nicht ! Dann habe ich nochmal Hijack laufen lassen und dann nochmal mit Ad-Aware......
Danke schonmal im voraus !!!!!!!!





Tracking Cookie Object Recognized!
Type : IECache Entry
Data : sylvia schmidt@perf.overture[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:sylvia schmidt@perf.overture.com/
Expires : 15.11.2010 19:47:14
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : sylvia schmidt@adviva[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:sylvia schmidt@adviva.net/
Expires : 25.10.2011 21:18:46
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : sylvia schmidt@tradedoubler[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:7
Value : Cookie:sylvia schmidt@tradedoubler.com/
Expires : 08.11.2026 18:52:02
LastSync : Hits:7
UseCount : 0
Hits : 7

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : sylvia schmidt@bfast[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:5
Value : Cookie:sylvia schmidt@bfast.com/
Expires : 18.11.2026 20:44:38
LastSync : Hits:5
UseCount : 0
Hits : 5

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : sylvia schmidt@ads.addynamix[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:sylvia schmidt@ads.addynamix.com/
Expires : 14.11.2006 23:10:08
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : sylvia schmidt@centrport[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:sylvia schmidt@centrport.net/
Expires : 01.01.2030 01:00:00
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : sylvia schmidt@adserver.71i[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:sylvia schmidt@adserver.71i.de/
Expires : 30.12.2037 17:00:00
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : sylvia schmidt@2o7[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:13
Value : Cookie:sylvia schmidt@2o7.net/
Expires : 18.11.2011 11:01:14
LastSync : Hits:13
UseCount : 0
Hits : 13

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : sylvia schmidt@mediaplex[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:7
Value : Cookie:sylvia schmidt@mediaplex.com/
Expires : 22.06.2009 01:00:00
LastSync : Hits:7
UseCount : 0
Hits : 7

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : sylvia schmidt@as1.falkag[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:234
Value : Cookie:sylvia schmidt@as1.falkag.de/
Expires : 18.01.2007 11:01:14
LastSync : Hits:234
UseCount : 0
Hits : 234

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : sylvia schmidt@doubleclick[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:12
Value : Cookie:sylvia schmidt@doubleclick.net/
Expires : 17.11.2009 17:42:50
LastSync : Hits:12
UseCount : 0
Hits : 12

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : sylvia schmidt@atdmt[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:9
Value : Cookie:sylvia schmidt@atdmt.com/
Expires : 17.11.2011 01:00:00
LastSync : Hits:9
UseCount : 0
Hits : 9

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : sylvia schmidt@serving-sys[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:270
Value : Cookie:sylvia schmidt@serving-sys.com/
Expires : 31.12.2037 23:00:00
LastSync : Hits:270
UseCount : 0
Hits : 270

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : sylvia schmidt@adverserve[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:sylvia schmidt@adverserve.net/
Expires : 01.01.2021 01:00:00
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : sylvia schmidt@as-eu.falkag[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:11
Value : Cookie:sylvia schmidt@as-eu.falkag.net/
Expires : 20.12.2006 20:57:40
LastSync : Hits:11
UseCount : 0
Hits : 11

Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 17
Objects found so far: 48



Deep scanning and examining files (C;)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 48


Deep scanning and examining files (D;)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for D:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 48


Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entries scanned.
New critical objects:0
Objects found so far: 48




Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 48

23:33:46 Scan Complete

Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:03:30.784
Objects scanned:118564
Objects identified:17
Objects ignored:0
New critical objects:17

*****************************************************

Zitat

Logfile of HijackThis v1.99.1
Scan saved at 23:55:08, on 21.11.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Intel\Wireless\Bin\EvtEng.exe
C:\Programme\Intel\Wireless\Bin\S24EvMon.exe
C:\Programme\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\eManager\anbmServ.exe
C:\Programme\AntiVir PersonalEdition Classic\sched.exe
C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
C:\Programme\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Programme\Intel\Wireless\Bin\OProtSvc.exe
C:\Programme\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Synaptics\SynTP\SynTPLpr.exe
C:\Programme\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Programme\QuickTime\qttask.exe
C:\Programme\Musicmatch\Musicmatch Jukebox\mm_tray.exe
C:\Programme\Intel\Wireless\Bin\ifrmewrk.exe
C:\Programme\Intel\Wireless\Bin\EOUWiz.exe
C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe
C:\Programme\Musicmatch\Musicmatch Jukebox\mmtask.exe
C:\Programme\Messenger\msmsgs.exe
C:\Programme\Microsoft ActiveSync\WCESCOMM.EXE
C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Programme\Yahoo!\Messenger\ymsgr_tray.exe
C:\Dokumente und Einstellungen\Sylvia Schmidt\Desktop\Neuer Ordner (2)\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.internetcologne.de
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.internetcologne.de
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.internetcologne.de
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer bereitgestellt von NetCologne
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;localhost;<local>
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [SynTPLpr] C:\Programme\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programme\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [WinDSL MTU-Adjust] WinDSL_MTU.exe
O4 - HKLM\..\Run: [MMTray] "C:\Programme\Musicmatch\Musicmatch Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [IntelWireless] C:\Programme\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [EOUApp] C:\Programme\Intel\Wireless\Bin\EOUWiz.exe
O4 - HKLM\..\Run: [avgnt] "C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [mmtask] "C:\Programme\Musicmatch\Musicmatch Jukebox\mmtask.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Programme\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Programme\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - Global Startup: BTTray.lnk = ?
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Mobilen Favoriten erstellen - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Programme\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Programme\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Mobilen Favoriten erstellen... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Programme\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Programme\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Programme\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.internetcologne.de
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Programme\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by115fd.bay115.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1151349683250
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\system32\btxppanel.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: IntelWireless - C:\Programme\Intel\Wireless\Bin\LgNotify.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Boonty Games - BOONTY - C:\Programme\Gemeinsame Dateien\BOONTY Shared\Service\Boonty.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Programme\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: EvtEng - Intel Corporation - C:\Programme\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: OwnershipProtocol - Intel Corporation - C:\Programme\Intel\Wireless\Bin\OProtSvc.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Programme\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Programme\Intel\Wireless\Bin\S24EvMon.exe
Dieser Beitrag wurde am 22.11.2006 um 00:18 Uhr von Schmidsy editiert.
Seitenanfang Seitenende
22.11.2006, 01:18
Sabina
Ehrenmitglied
Avatar Sabina

Beiträge: 29434
#2 Poste bitte dieses log
http://virus-protect.org/artikel/tools/combofix.html
__________
MfG Sabina

rund um die PC-Sicherheit
Seitenanfang Seitenende
22.11.2006, 19:04
Schmidsy
Member

Themenstarter

Beiträge: 11
#3 Hallo......
Hier der geforderte Scan......
Danke !!!!!!!!!


Sylvia Schmidt - 06-11-22 19:01:05,10 Service Pack 2
ComboFix 06.11.22 - Running from: "C:\Dokumente und Einstellungen\Sylvia Schmidt\Desktop"

((((((((((((((((((((((((((((((( Files Created from 2006-10-22 to 2006-11-22 ))))))))))))))))))))))))))))))))))


2006-11-21 22:42 <DIR> d-------- C:\Programme\Lavasoft
2006-11-21 22:42 <DIR> d-------- C:\Dokumente und Einstellungen\Sylvia Schmidt\Anwendungsdaten\Lavasoft
2006-11-20 21:28 <DIR> d-------- C:\Dokumente und Einstellungen\Sylvia Schmidt\Anwendungsdaten\BSplayer
2006-11-19 12:47 <DIR> d-------- C:\Dokumente und Einstellungen\Sylvia Schmidt\Anwendungsdaten\Black Sea Studios
2006-11-19 12:39 <DIR> d-------- C:\Programme\Black Sea Studios
2006-11-19 00:43 <DIR> d-------- C:\Programme\Windows Media Connect 2
2006-11-18 17:45 <DIR> d-------- C:\Avenger
2006-11-09 21:39 <DIR> d-------- C:\Tivola
2006-11-07 08:43 <DIR> d--h----- C:\WINDOWS\msdownld.tmp
2006-11-07 08:43 <DIR> d-------- C:\WINDOWS\RegisteredPackages
2006-11-07 08:41 <DIR> d-------- C:\WINDOWS\ISW
2006-11-04 23:57 <DIR> d-------- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Yahoo! Companion
2006-11-04 21:26 53,248 --a------ C:\WINDOWS\system32\Process.exe
2006-11-04 21:26 40,960 --a------ C:\WINDOWS\system32\swsc.exe
2006-11-04 21:26 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2006-11-04 21:26 2,884 --a------ C:\WINDOWS\system32\tmp.reg
2006-11-04 21:26 135,168 --a------ C:\WINDOWS\system32\swreg.exe
2006-11-04 14:14 1,245,696 --a------ C:\WINDOWS\system32\msxml4.dll
2006-11-02 21:29 <DIR> d-------- C:\Programme\MSXML 4.0
2006-11-02 21:29 <DIR> d-------- C:\Programme\Microsoft Office
2006-11-02 21:29 <DIR> d-------- C:\Programme\hp deskjet 3820 series
2006-11-02 21:29 <DIR> d-------- C:\Programme\Gemeinsame Dateien\MAGIX Shared
2006-11-02 21:29 <DIR> d-------- C:\Programme\Gemeinsame Dateien\Macrovision Shared
2006-11-02 21:29 <DIR> d-------- C:\Programme\Gemeinsame Dateien\Dienste
2006-11-02 21:29 <DIR> d-------- C:\Programme\Gemeinsame Dateien\BOONTY Shared
2006-11-02 21:29 <DIR> d-------- C:\Programme\AvantGo Connect
2006-11-02 21:29 <DIR> d-------- C:\Myworks
2006-11-02 11:51 43,008 --------- C:\WINDOWS\system32\wpdshextres.dll
2006-10-30 22:55 5,632 --a------ C:\WINDOWS\system32\Machnm64.sys
2006-10-30 22:55 2,304 --a------ C:\WINDOWS\system32\Machnm32.sys
2006-10-30 22:55 15,840 --a------ C:\WINDOWS\system32\Machnm1.exe
2006-10-26 19:32 <DIR> d-------- C:\Dokumente und Einstellungen\Sylvia Schmidt\Anwendungsdaten\Zylom
2006-10-25 18:41 <DIR> d-------- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Zylom
2006-10-25 16:55 283,648 --a------ C:\WINDOWS\unin0407.exe
2006-10-25 16:54 967 --a------ C:\WINDOWS\GPM_1x1y.PIF


(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


2006-11-19 19:35 43520 --a------ C:\WINDOWS\system32\CmdLineExt03.dll
2006-11-03 10:02 8282112 --a------ C:\WINDOWS\system32\wmploc.dll
2006-11-03 09:56 99840 --a------ C:\WINDOWS\system32\wmpshell.dll
2006-11-03 09:55 275968 --a------ C:\WINDOWS\system32\wmerror.dll
2006-11-03 09:54 8192 --a------ C:\WINDOWS\system32\asferror.dll
2006-10-18 21:58 8704 --------- C:\WINDOWS\system32\WdfMgr.exe
2006-10-18 21:58 8704 --------- C:\WINDOWS\system32\uWDF.exe
2006-10-18 21:47 991744 --a------ C:\WINDOWS\system32\drmv2clt.dll
2006-10-18 21:47 937984 --a------ C:\WINDOWS\system32\WMNetMgr.dll
2006-10-18 21:47 767488 --------- C:\WINDOWS\system32\WMVSENCD.dll
2006-10-18 21:47 757248 --a------ C:\WINDOWS\system32\WMADMOD.dll
2006-10-18 21:47 656896 --------- C:\WINDOWS\system32\WMVXENCD.dll
2006-10-18 21:47 63488 --------- C:\WINDOWS\system32\wpdmtpus.dll
2006-10-18 21:47 629760 --------- C:\WINDOWS\system32\wpd_ci.dll
2006-10-18 21:47 613376 --------- C:\WINDOWS\system32\wmpmde.dll
2006-10-18 21:47 603648 --a------ C:\WINDOWS\system32\WMSPDMOD.dll
2006-10-18 21:47 542720 --a------ C:\WINDOWS\system32\blackbox.dll
2006-10-18 21:47 535040 --------- C:\WINDOWS\system32\wmdrmsdk.dll
2006-10-18 21:47 429056 --------- C:\WINDOWS\system32\wmdrmdev.dll
2006-10-18 21:47 414208 --a------ C:\WINDOWS\system32\msscp.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\wmvdmoe2.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\wmvdmod.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\wmsdmoe2.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\wmsdmod.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\MPG4DMOD.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\MP4SDMOD.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\MP43DMOD.dll
2006-10-18 21:47 4096 --------- C:\WINDOWS\system32\WMVADVE.DLL
2006-10-18 21:47 4096 --------- C:\WINDOWS\system32\WMVADVD.dll
2006-10-18 21:47 4096 --------- C:\WINDOWS\system32\wdfApi.dll
2006-10-18 21:47 37376 --a------ C:\WINDOWS\system32\wmdmps.dll
2006-10-18 21:47 35840 --------- C:\WINDOWS\system32\wpdconns.dll
2006-10-18 21:47 356352 --------- C:\WINDOWS\system32\WPDSp.dll
2006-10-18 21:47 348672 --------- C:\WINDOWS\system32\wmdrmnet.dll
2006-10-18 21:47 33792 --a------ C:\WINDOWS\system32\wmdmlog.dll
2006-10-18 21:47 321536 --a------ C:\WINDOWS\system32\mswmdm.dll
2006-10-18 21:47 317440 --------- C:\WINDOWS\system32\MP4SDECD.dll
2006-10-18 21:47 314880 --a------ C:\WINDOWS\system32\wmpdxm.dll
2006-10-18 21:47 295936 --------- C:\WINDOWS\system32\wmpeffects.dll
2006-10-18 21:47 284160 --a------ C:\WINDOWS\system32\portabledeviceapi.dll
2006-10-18 21:47 276992 --------- C:\WINDOWS\system32\Audiodev.dll
2006-10-18 21:47 27136 --a------ C:\WINDOWS\system32\MsPMSNSv.dll
2006-10-18 21:47 2603008 --------- C:\WINDOWS\system32\WpdShext.dll
2006-10-18 21:47 259072 --------- C:\WINDOWS\system32\MPG4DECD.dll
2006-10-18 21:47 259072 --------- C:\WINDOWS\system32\MP43DECD.dll
2006-10-18 21:47 2450944 --a------ C:\WINDOWS\system32\wmvcore.dll
2006-10-18 21:47 242688 --a------ C:\WINDOWS\system32\wmpasf.dll
2006-10-18 21:47 229376 --a------ C:\WINDOWS\system32\cewmdm.dll
2006-10-18 21:47 222208 --a------ C:\WINDOWS\system32\WMASF.dll
2006-10-18 21:47 212992 --------- C:\WINDOWS\system32\MFPLAT.dll
2006-10-18 21:47 211456 --a------ C:\WINDOWS\system32\qasf.dll
2006-10-18 21:47 204288 --------- C:\WINDOWS\system32\wmpsrcwp.dll
2006-10-18 21:47 199168 --------- C:\WINDOWS\system32\PortableDeviceWMDRM.dll
2006-10-18 21:47 179712 --a------ C:\WINDOWS\system32\msnetobj.dll
2006-10-18 21:47 175616 --a------ C:\WINDOWS\system32\MsPMSP.dll
2006-10-18 21:47 166912 --a------ C:\WINDOWS\system32\portabledevicetypes.dll
2006-10-18 21:47 1661440 --------- C:\WINDOWS\system32\wmpencen.dll
2006-10-18 21:47 1574912 --------- C:\WINDOWS\system32\WMVENCOD.dll
2006-10-18 21:47 157184 --a------ C:\WINDOWS\system32\wmidx.dll
2006-10-18 21:47 154624 --------- C:\WINDOWS\system32\wpdmtp.dll
2006-10-18 21:47 1543680 --------- C:\WINDOWS\system32\WMVDECOD.dll
2006-10-18 21:47 1382912 --------- C:\WINDOWS\system32\WMVSDECD.dll
2006-10-18 21:47 133632 --a------ C:\WINDOWS\system32\wpdshserviceobj.dll
2006-10-18 21:47 1329152 --a------ C:\WINDOWS\system32\WMSPDMOE.dll
2006-10-18 21:47 132096 --------- C:\WINDOWS\system32\PortableDeviceWiaCompat.dll
2006-10-18 21:47 130048 --------- C:\WINDOWS\system32\wmpps.dll
2006-10-18 21:47 11264 --a------ C:\WINDOWS\system32\LAPRXY.dll
2006-10-18 21:47 1117696 --a------ C:\WINDOWS\system32\WMADMOE.dll
2006-10-18 21:47 101888 --------- C:\WINDOWS\system32\PortableDeviceClassExtension.dll
2006-10-18 20:03 100864 --a------ C:\WINDOWS\system32\logagent.exe
2006-10-18 20:00 38528 --------- C:\WINDOWS\system32\drivers\wpdusb.sys
2006-10-18 20:00 249856 --------- C:\WINDOWS\system32\drmupgds.exe
2006-10-18 20:00 17408 --------- C:\WINDOWS\system32\wpdshextautoplay.exe
2006-10-18 16:14 -------- d-------- C:\Programme\AntiVir PersonalEdition Classic
2006-10-18 14:36 -------- d-------- C:\Programme\WIDCOMM
2006-10-18 14:28 17056 --a------ C:\WINDOWS\system32\drivers\AegisP.sys
2006-10-13 13:35 146432 --a------ C:\WINDOWS\system32\nwprovau.dll
2006-10-02 15:28 312128 --------- C:\WINDOWS\system32\MSDelta.dll
2006-09-28 20:13 95344 --------- C:\WINDOWS\system32\WUDFCoinstaller.dll
2006-09-28 19:00 82944 --------- C:\WINDOWS\system32\drivers\WudfRd.sys
2006-09-28 18:56 55808 --------- C:\WINDOWS\system32\WudfSvc.dll
2006-09-28 18:56 316416 --------- C:\WINDOWS\system32\WUDFx.dll
2006-09-28 18:56 165376 --------- C:\WINDOWS\system32\WudfPlatform.dll
2006-09-28 18:56 146432 --------- C:\WINDOWS\system32\WudfHost.exe
2006-09-28 18:55 77568 --------- C:\WINDOWS\system32\drivers\WudfPf.sys
2006-09-25 17:58 23856 --a------ C:\WINDOWS\system32\spupdsvc.exe
2006-09-25 14:38 -------- d-------- C:\Programme\Microsoft ActiveSync
2006-09-13 07:02 1084416 --a------ C:\WINDOWS\system32\msxml3.dll
2006-09-07 12:54 57384 --a------ C:\WINDOWS\system32\avsda.dll
2006-08-25 17:46 617472 --a------ C:\WINDOWS\system32\comctl32.dll


(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries are not shown

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"MSMSGS"="\"C:\\Programme\\Messenger\\msmsgs.exe\" /background"
"H/PC Connection Agent"="\"C:\\Programme\\Microsoft ActiveSync\\WCESCOMM.EXE\""
"Yahoo! Pager"="\"C:\\Programme\\Yahoo!\\Messenger\\YahooMessenger.exe\" -quiet"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"LaunchApp"="Alaunch"
"SynTPLpr"="C:\\Programme\\Synaptics\\SynTP\\SynTPLpr.exe"
"SynTPEnh"="C:\\Programme\\Synaptics\\SynTP\\SynTPEnh.exe"
"IMJPMIG8.1"="\"C:\\WINDOWS\\IME\\imjp8_1\\IMJPMIG.EXE\" /Spoil /RemAdvDef /Migration32"
"MSPY2002"="C:\\WINDOWS\\system32\\IME\\PINTLGNT\\ImScInst.exe /SYNC"
"PHIME2002ASync"="C:\\WINDOWS\\system32\\IME\\TINTLGNT\\TINTSETP.EXE /SYNC"
"PHIME2002A"="C:\\WINDOWS\\system32\\IME\\TINTLGNT\\TINTSETP.EXE /IMEName"
"BluetoothAuthenticationAgent"="rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent"
"IgfxTray"="C:\\WINDOWS\\system32\\igfxtray.exe"
"HotKeysCmds"="C:\\WINDOWS\\system32\\hkcmd.exe"
"QuickTime Task"="\"C:\\Programme\\QuickTime\\qttask.exe\" -atboottime"
"HPDJ Taskbar Utility"="C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\hpztsb05.exe"
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE"
"WinDSL MTU-Adjust"="WinDSL_MTU.exe"
"MMTray"="\"C:\\Programme\\Musicmatch\\Musicmatch Jukebox\\mm_tray.exe\""
"NeroCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe"
"IntelWireless"="C:\\Programme\\Intel\\Wireless\\Bin\\ifrmewrk.exe /tf Intel PROSet/Wireless"
"EOUApp"="C:\\Programme\\Intel\\Wireless\\Bin\\EOUWiz.exe"
"avgnt"="\"C:\\Programme\\AntiVir PersonalEdition Classic\\avgnt.exe\" /min"
"mmtask"="\"C:\\Programme\\Musicmatch\\Musicmatch Jukebox\\mmtask.exe\""

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000000

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoCDBurning"=dword:00000000

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"
"WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\IntelWireless

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

Completion time: 06-11-22 19:01:39.15
C:\ComboFix.txt ... 06-11-22 19:01
Seitenanfang Seitenende
22.11.2006, 22:00
Sabina
Ehrenmitglied
Avatar Sabina

Beiträge: 29434
#4 scanne mit Counterspy, stelle nach dem scan alles auf remove und kopiere hier den scanreport ;)
http://virus-protect.org/counterspy.html
__________
MfG Sabina

rund um die PC-Sicherheit
Seitenanfang Seitenende
23.11.2006, 00:49
Schmidsy
Member

Themenstarter

Beiträge: 11
#5 Hallo....................
das war eine schwere Geburt..... aber das ist jetzt übrig geblieben...


Spyware Scan Details
Start Date: 23.11.2006 00:31:21
End Date: 23.11.2006 00:31:26
Total Time: 5 secs

Detected spyware
No spyware were found during this scan.

Lg Schmidsy....
Seitenanfang Seitenende
Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!

Folgende Themen könnten Dich auch interessieren:
Seite(n): 1