Home » Spyware & Browser Hijacker Support Forum » explorer.exe und drwtsn32.exe problem beim öffnen v. eigene dateien! » Themenansicht
explorer.exe und drwtsn32.exe problem beim öffnen v. eigene dateien! |
||
|---|---|---|
| #0
| ||
|
23.03.2007, 21:32
...neu hier
Beiträge: 2 |
||
 
|
|
|
|
25.03.2007, 12:57
Ehrenmitglied
 Beiträge: 29434 |
#2
DonSimon
1. poste dieses log http://virus-protect.org/artikel/tools/combofix.html 2. gehe ins Systemprotrokoll -> Start -> Ausführen -> eventvwr.msc Schau nach Fehlern unter System und Anwendung __________ MfG Sabina rund um die PC-Sicherheit |
|
|
|
|
|
|
25.03.2007, 14:00
...neu hier
Themenstarter Beiträge: 2 |
#3
Hallo Sabina, und was mache ich dann wenn da Fehler angezeigt werden? bei eventvwr.msc
"Clemens Simon" - 07-03-25 14:03:27 Service Pack 2 ComboFix 07-03-23 - Running from: "C:\Dokumente und Einstellungen\Clemens Simon\Desktop" ((((((((((((((((((((((((((((((( Files Created from 2007-02-25 to 2007-03-25 )))))))))))))))))))))))))))))))))) 2007-03-24 17:12 75,932 --a------ C:\WINDOWS\system32\drivers\klick.dat 2007-03-24 17:12 74,396 --a------ C:\WINDOWS\system32\drivers\klin.dat 2007-03-24 17:12 5,664 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat 2007-03-24 17:12 2,404,896 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat 2007-03-24 17:12 <DIR> d-------- C:\Programme\Kaspersky Lab 2007-03-24 17:12 <DIR> d-------- C:\DOKUME~1\ALLUSE~1\ANWEND~1\Kaspersky Lab 2007-03-24 17:10 <DIR> d-------- C:\KAV 2007-03-23 20:41 <DIR> dr------- C:\DOKUME~1\CLEMEN~1\ANWEND~1\Brother 2007-03-23 20:37 <DIR> d-------- C:\Programme\Gemeinsame Dateien\mapserv 2007-03-23 20:37 <DIR> d-------- C:\Programme\Gemeinsame Dateien\GIS 2007-03-23 20:33 <DIR> d-------- C:\Programme\Shell Routenplaner 2007 2008 2007-03-18 15:08 <DIR> d-------- C:\Programme\RegistrySmart 2007-03-18 15:08 <DIR> d-------- C:\DOKUME~1\CLEMEN~1\ANWEND~1\RegistrySmart 2007-03-15 23:38 32,592 --a------ C:\WINDOWS\system32\msonpmon.dll 2007-03-15 23:35 <DIR> d-------- C:\Programme\MSBuild 2007-03-15 23:04 <DIR> d-------- C:\Programme\Microsoft Visual Studio 8 2007-03-15 20:39 <DIR> d-------- C:\Programme\Microsoft Works 2007-03-15 20:38 <DIR> d-------- C:\Programme\Microsoft.NET 2007-03-15 20:36 <DIR> d-------- C:\DOKUME~1\ALLUSE~1\ANWEND~1\Microsoft Help 2007-03-15 20:34 <DIR> dr-h----- C:\MSOCache 2007-03-13 22:17 <DIR> d-------- C:\WINDOWS\Prefetch 2007-03-13 22:07 95,424 --------- C:\WINDOWS\system32\drivers\slnthal.sys 2007-03-13 22:07 9,728 --------- C:\WINDOWS\system32\proxycfg.exe 2007-03-13 22:07 88,064 --------- C:\WINDOWS\system32\p2pnetsh.dll 2007-03-13 22:07 86,016 --------- C:\WINDOWS\system32\p2pgasvc.dll 2007-03-13 22:07 86,016 --------- C:\WINDOWS\system32\mdmxsdk.dll 2007-03-13 22:07 81,920 --------- C:\WINDOWS\system32\ieencode.dll 2007-03-13 22:07 81,408 --------- C:\WINDOWS\system32\wscsvc.dll 2007-03-13 22:07 8,192 --------- C:\WINDOWS\system32\smbinst.exe 2007-03-13 22:07 8,192 --------- C:\WINDOWS\system32\bitsprx2.dll 2007-03-13 22:07 78,464 --------- C:\WINDOWS\system32\drivers\usbvideo.sys 2007-03-13 22:07 755,200 --------- C:\WINDOWS\system32\ir50_32.dll 2007-03-13 22:07 75,776 --------- C:\WINDOWS\system32\strmfilt.dll 2007-03-13 22:07 73,832 --------- C:\WINDOWS\system32\slcoinst.dll 2007-03-13 22:07 73,796 --------- C:\WINDOWS\system32\slserv.exe 2007-03-13 22:07 73,216 --------- C:\WINDOWS\system32\drivers\atintuxx.sys 2007-03-13 22:07 71,680 --------- C:\WINDOWS\system32\blastcln.exe 2007-03-13 22:07 7,680 --------- C:\WINDOWS\system32\kbdsmsno.dll 2007-03-13 22:07 7,680 --------- C:\WINDOWS\system32\kbdsmsfi.dll 2007-03-13 22:07 7,168 --------- C:\WINDOWS\system32\kbdukx.dll 2007-03-13 22:07 7,168 --------- C:\WINDOWS\system32\kbdno1.dll 2007-03-13 22:07 7,168 --------- C:\WINDOWS\system32\kbdfi1.dll 2007-03-13 22:07 7,168 --------- C:\WINDOWS\system32\bitsprx3.dll 2007-03-13 22:07 685,056 --------- C:\WINDOWS\system32\drivers\hsfcxts2.sys 2007-03-13 22:07 67,584 --------- C:\WINDOWS\system32\drivers\sdbus.sys 2007-03-13 22:07 63,663 --------- C:\WINDOWS\system32\drivers\ati1rvxx.sys 2007-03-13 22:07 63,488 --------- C:\WINDOWS\system32\drivers\atinxsxx.sys 2007-03-13 22:07 61,440 --------- C:\WINDOWS\system32\logman.exe 2007-03-13 22:07 60,416 --------- C:\WINDOWS\system32\fwcfg.dll 2007-03-13 22:07 6,656 --------- C:\WINDOWS\system32\kbdinmal.dll 2007-03-13 22:07 6,656 --------- C:\WINDOWS\system32\kbdinben.dll 2007-03-13 22:07 6,144 --------- C:\WINDOWS\system32\kbdmlt48.dll 2007-03-13 22:07 6,144 --------- C:\WINDOWS\system32\kbdmlt47.dll 2007-03-13 22:07 6,144 --------- C:\WINDOWS\system32\kbdinbe1.dll 2007-03-13 22:07 6,016 --------- C:\WINDOWS\system32\drivers\smbali.sys 2007-03-13 22:07 59,648 --------- C:\WINDOWS\system32\drivers\rfcomm.sys 2007-03-13 22:07 57,856 --------- C:\WINDOWS\system32\drivers\atinbtxx.sys 2007-03-13 22:07 564,736 --------- C:\WINDOWS\system32\WMSPDMOD.dll 2007-03-13 22:07 56,623 --------- C:\WINDOWS\system32\drivers\ati1btxx.sys 2007-03-13 22:07 526,848 --------- C:\WINDOWS\system32\p2psvc.dll 2007-03-13 22:07 52,224 --------- C:\WINDOWS\system32\drivers\atinraxx.sys 2007-03-13 22:07 50,688 --------- C:\WINDOWS\system32\btpanui.dll 2007-03-13 22:07 50,176 --------- C:\WINDOWS\system32\xmlprovi.dll 2007-03-13 22:07 5,632 --------- C:\WINDOWS\system32\kbdmaori.dll 2007-03-13 22:07 49,152 --------- C:\WINDOWS\system32\powercfg.exe 2007-03-13 22:07 48,640 --------- C:\WINDOWS\system32\pnrpnsp.dll 2007-03-13 22:07 46,464 --------- C:\WINDOWS\system32\drivers\gagp30kx.sys 2007-03-13 22:07 452,736 --------- C:\WINDOWS\system32\drivers\mtxparhm.sys 2007-03-13 22:07 44,928 --------- C:\WINDOWS\system32\drivers\agpcpq.sys 2007-03-13 22:07 44,672 --------- C:\WINDOWS\system32\drivers\uagp35.sys 2007-03-13 22:07 44,032 --------- C:\WINDOWS\system32\twext.dll 2007-03-13 22:07 438,784 --------- C:\WINDOWS\system32\xpob2res.dll 2007-03-13 22:07 431,616 --------- C:\WINDOWS\system32\wuapi.dll 2007-03-13 22:07 43,008 --------- C:\WINDOWS\system32\drivers\amdagp.sys 2007-03-13 22:07 42,752 --------- C:\WINDOWS\system32\drivers\alim1541.sys 2007-03-13 22:07 42,368 --------- C:\WINDOWS\system32\drivers\agp440.sys 2007-03-13 22:07 42,240 --------- C:\WINDOWS\system32\drivers\viaagp.sys 2007-03-13 22:07 41,088 --------- C:\WINDOWS\system32\drivers\sisagp.sys 2007-03-13 22:07 404,990 --------- C:\WINDOWS\system32\drivers\slntamr.sys 2007-03-13 22:07 40,192 --------- C:\WINDOWS\system32\drivers\intelppm.sys 2007-03-13 22:07 4,274,816 --------- C:\WINDOWS\system32\nv4_disp.dll 2007-03-13 22:07 4,255 --------- C:\WINDOWS\system32\drivers\adv01nt5.dll 2007-03-13 22:07 4,096 --------- C:\WINDOWS\system32\wmvdmoe2.dll 2007-03-13 22:07 4,096 --------- C:\WINDOWS\system32\wmsdmoe2.dll 2007-03-13 22:07 4,096 --------- C:\WINDOWS\system32\MP4SDMOD.dll 2007-03-13 22:07 4,096 --------- C:\WINDOWS\system32\MP43DMOD.dll 2007-03-13 22:07 397,056 --------- C:\WINDOWS\system32\s3gnb.dll 2007-03-13 22:07 38,016 --------- C:\WINDOWS\system32\drivers\bthmodem.sys 2007-03-13 22:07 377,984 --------- C:\WINDOWS\system32\ati2dvaa.dll 2007-03-13 22:07 36,864 --------- C:\WINDOWS\system32\wups.dll 2007-03-13 22:07 36,463 --------- C:\WINDOWS\system32\drivers\ati1tuxx.sys 2007-03-13 22:07 35,456 --------- C:\WINDOWS\system32\drivers\bthprint.sys 2007-03-13 22:07 34,735 --------- C:\WINDOWS\system32\drivers\ati1xsxx.sys 2007-03-13 22:07 338,432 --------- C:\WINDOWS\system32\ir41_qcx.dll 2007-03-13 22:07 327,168 --------- C:\WINDOWS\system32\drivers\ati2mtaa.sys 2007-03-13 22:07 32,866 --------- C:\WINDOWS\system32\slrundll.exe 2007-03-13 22:07 32,866 --------- C:\WINDOWS\slrundll.exe 2007-03-13 22:07 32,768 --------- C:\WINDOWS\system32\ativtmxx.dll 2007-03-13 22:07 32,285 --------- C:\WINDOWS\system32\hsfcisp2.dll 2007-03-13 22:07 312,320 --------- C:\WINDOWS\system32\p2pgraph.dll 2007-03-13 22:07 31,744 --------- C:\WINDOWS\system32\drivers\atinxbxx.sys 2007-03-13 22:07 301,056 --------- C:\WINDOWS\system32\wmpdxm.dll 2007-03-13 22:07 30,671 --------- C:\WINDOWS\system32\drivers\ati1raxx.sys 2007-03-13 22:07 30,208 --------- C:\WINDOWS\system32\bthserv.dll 2007-03-13 22:07 30,080 --------- C:\WINDOWS\system32\drivers\rndismpx.sys 2007-03-13 22:07 3,967 --------- C:\WINDOWS\system32\drivers\adv02nt5.dll 2007-03-13 22:07 3,901 --------- C:\WINDOWS\system32\drivers\siint5.dll 2007-03-13 22:07 3,775 --------- C:\WINDOWS\system32\drivers\adv11nt5.dll 2007-03-13 22:07 3,711 --------- C:\WINDOWS\system32\drivers\adv09nt5.dll 2007-03-13 22:07 3,647 --------- C:\WINDOWS\system32\drivers\adv07nt5.dll 2007-03-13 22:07 3,615 --------- C:\WINDOWS\system32\drivers\adv05nt5.dll 2007-03-13 22:07 3,135 --------- C:\WINDOWS\system32\drivers\adv08nt5.dll 2007-03-13 22:07 290,816 --a------ C:\WINDOWS\system32\ati2cqag.dll 2007-03-13 22:07 29,455 --------- C:\WINDOWS\system32\drivers\ati1xbxx.sys 2007-03-13 22:07 29,184 --------- C:\WINDOWS\system32\sdhcinst.dll 2007-03-13 22:07 29,056 --------- C:\WINDOWS\system32\drivers\ip6fw.sys 2007-03-13 22:07 286,792 --------- C:\WINDOWS\system32\slextspk.dll 2007-03-13 22:07 28,672 --------- C:\WINDOWS\system32\drivers\atinsnxx.sys 2007-03-13 22:07 275,200 --------- C:\WINDOWS\system32\drivers\bthport.sys 2007-03-13 22:07 263,040 --------- C:\WINDOWS\system32\drivers\http.sys 2007-03-13 22:07 262,656 --------- C:\WINDOWS\system32\wmerror.dll 2007-03-13 22:07 26,367 --------- C:\WINDOWS\system32\drivers\ati1snxx.sys 2007-03-13 22:07 26,112 --------- C:\WINDOWS\system32\MsPMSNSv.dll 2007-03-13 22:07 25,856 --------- C:\WINDOWS\system32\drivers\hidbth.sys 2007-03-13 22:07 25,471 --------- C:\WINDOWS\system32\drivers\watv10nt.sys 2007-03-13 22:07 25,471 --------- C:\WINDOWS\system32\drivers\atv04nt5.dll 2007-03-13 22:07 24,576 --------- C:\WINDOWS\system32\httpapi.dll 2007-03-13 22:07 237,056 --------- C:\WINDOWS\system32\wmpasf.dll 2007-03-13 22:07 220,032 --------- C:\WINDOWS\system32\drivers\hsfbs2s2.sys 2007-03-13 22:07 22,528 --------- C:\WINDOWS\system32\fltmc.exe 2007-03-13 22:07 22,271 --------- C:\WINDOWS\system32\drivers\watv06nt.sys 2007-03-13 22:07 21,343 --------- C:\WINDOWS\system32\drivers\ati1ttxx.sys 2007-03-13 22:07 21,183 --------- C:\WINDOWS\system32\drivers\atv01nt5.dll 2007-03-13 22:07 200,192 --------- C:\WINDOWS\system32\ir50_qc.dll 2007-03-13 22:07 20,992 --------- C:\WINDOWS\system32\bthci.dll 2007-03-13 22:07 2,981,888 --------- C:\WINDOWS\system32\xpsp2res.dll 2007-03-13 22:07 2,510,752 --a------ C:\WINDOWS\system32\ativvaxx.dll 2007-03-13 22:07 193,024 --------- C:\WINDOWS\system32\fsquirt.exe 2007-03-13 22:07 188,508 --------- C:\WINDOWS\system32\slgen.dll 2007-03-13 22:07 183,808 --------- C:\WINDOWS\system32\wuaueng1.dll 2007-03-13 22:07 183,808 --------- C:\WINDOWS\system32\ir50_qcx.dll 2007-03-13 22:07 180,360 --------- C:\WINDOWS\system32\drivers\ntmtlfax.sys 2007-03-13 22:07 18,944 --------- C:\WINDOWS\system32\drivers\bthusb.sys 2007-03-13 22:07 17,408 --------- C:\WINDOWS\system32\winshfhc.dll 2007-03-13 22:07 17,279 --------- C:\WINDOWS\system32\drivers\atv10nt5.dll 2007-03-13 22:07 17,024 --------- C:\WINDOWS\system32\drivers\bthenum.sys 2007-03-13 22:07 168,448 --------- C:\WINDOWS\system32\wuauclt1.exe 2007-03-13 22:07 166,912 --------- C:\WINDOWS\system32\drivers\s3gnbm.sys 2007-03-13 22:07 16,896 --------- C:\WINDOWS\system32\fltlib.dll 2007-03-13 22:07 155,136 --a------ C:\WINDOWS\system32\wmidx.dll 2007-03-13 22:07 15,872 --------- C:\WINDOWS\system32\w3ssl.dll 2007-03-13 22:07 15,488 --------- C:\WINDOWS\system32\drivers\mssmbios.sys 2007-03-13 22:07 15,423 --------- C:\WINDOWS\system32\drivers\ch7xxnt5.dll 2007-03-13 22:07 15,104 --------- C:\WINDOWS\system32\drivers\hidir.sys 2007-03-13 22:07 14,336 --------- C:\WINDOWS\system32\drivers\atinpdxx.sys 2007-03-13 22:07 14,336 --------- C:\WINDOWS\system32\auditusr.exe 2007-03-13 22:07 14,143 --------- C:\WINDOWS\system32\drivers\atv06nt5.dll 2007-03-13 22:07 13,824 --------- C:\WINDOWS\system32\wscntfy.exe 2007-03-13 22:07 13,824 --------- C:\WINDOWS\system32\drivers\atinttxx.sys 2007-03-13 22:07 13,824 --------- C:\WINDOWS\system32\drivers\atinmdxx.sys 2007-03-13 22:07 13,824 --------- C:\WINDOWS\system32\cmsetacl.dll 2007-03-13 22:07 13,776 --------- C:\WINDOWS\system32\drivers\recagent.sys 2007-03-13 22:07 13,568 --------- C:\WINDOWS\system32\drivers\wacompen.sys 2007-03-13 22:07 13,240 --------- C:\WINDOWS\system32\drivers\slwdmsup.sys 2007-03-13 22:07 129,536 --------- C:\WINDOWS\system32\xmlprov.dll 2007-03-13 22:07 129,535 --------- C:\WINDOWS\system32\drivers\slnt7554.sys 2007-03-13 22:07 126,686 --------- C:\WINDOWS\system32\drivers\mtlmnt5.sys 2007-03-13 22:07 124,800 --------- C:\WINDOWS\system32\drivers\fltmgr.sys 2007-03-13 22:07 120,320 --------- C:\WINDOWS\system32\wuweb.dll 2007-03-13 22:07 120,320 --------- C:\WINDOWS\system32\ir41_qc.dll 2007-03-13 22:07 12,672 --------- C:\WINDOWS\system32\drivers\usb8023x.sys 2007-03-13 22:07 12,672 --------- C:\WINDOWS\system32\drivers\mutohpen.sys 2007-03-13 22:07 12,047 --------- C:\WINDOWS\system32\drivers\ati1pdxx.sys 2007-03-13 22:07 118,784 --------- C:\WINDOWS\system32\msdadiag.dll 2007-03-13 22:07 116,224 --------- C:\WINDOWS\system32\p2p.dll 2007-03-13 22:07 113,664 --------- C:\WINDOWS\system32\wucltui.dll 2007-03-13 22:07 11,935 --------- C:\WINDOWS\system32\drivers\wadv11nt.sys 2007-03-13 22:07 11,871 --------- C:\WINDOWS\system32\drivers\wadv09nt.sys 2007-03-13 22:07 11,868 --------- C:\WINDOWS\system32\drivers\mdmxsdk.sys 2007-03-13 22:07 11,807 --------- C:\WINDOWS\system32\drivers\wadv07nt.sys 2007-03-13 22:07 11,615 --------- C:\WINDOWS\system32\drivers\ati1mdxx.sys 2007-03-13 22:07 11,359 --------- C:\WINDOWS\system32\drivers\atv02nt5.dll 2007-03-13 22:07 11,325 --------- C:\WINDOWS\system32\drivers\vchnt5.dll 2007-03-13 22:07 11,295 --------- C:\WINDOWS\system32\drivers\wadv08nt.sys 2007-03-13 22:07 11,136 --------- C:\WINDOWS\system32\drivers\sffdisk.sys 2007-03-13 22:07 108,032 --------- C:\WINDOWS\system32\wshbth.dll 2007-03-13 22:07 104,960 --------- C:\WINDOWS\system32\drivers\atinrvxx.sys 2007-03-13 22:07 100,992 --------- C:\WINDOWS\system32\drivers\bthpan.sys 2007-03-13 22:07 10,240 --------- C:\WINDOWS\system32\drivers\sffp_sd.sys 2007-03-13 22:07 1,897,408 --------- C:\WINDOWS\system32\drivers\nv4_mini.sys 2007-03-13 22:07 1,737,856 --------- C:\WINDOWS\system32\mtxparhd.dll 2007-03-13 22:07 1,309,184 --------- C:\WINDOWS\system32\drivers\mtlstrm.sys 2007-03-13 22:07 1,280,000 --------- C:\WINDOWS\system32\WMSPDMOE.dll 2007-03-13 22:07 1,041,536 --------- C:\WINDOWS\system32\drivers\hsfdpsp2.sys 2007-03-13 22:04 <DIR> d-------- C:\WINDOWS\ServicePackFiles 2007-03-09 20:58 25,734 --a------ C:\WINDOWS\system32\drivers\klop.dat 2007-03-09 20:52 200,768 --a------ C:\WINDOWS\system32\klogon.dll 2007-03-03 21:39 110,360 --a------ C:\WINDOWS\system32\drivers\kl1.sys (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-03-25 13:28 -------- d-------- C:\DOKUME~1\CLEMEN~1\ANWEND~1\myphoneexplorer 2007-03-25 12:12 71590 --a------ C:\WINDOWS\system32\perfc007.dat 2007-03-25 12:12 408628 --a------ C:\WINDOWS\system32\perfh007.dat 2007-03-23 22:02 -------- d-------- C:\Programme\xp-antispy 2007-03-23 20:33 -------- d--h----- C:\Programme\installshield installation information 2007-03-21 22:23 9374 --a------ C:\DOKUME~1\CLEMEN~1\ANWEND~1\kommagetrennte werte (windows).eml 2007-03-21 20:37 -------- d-------- C:\Programme\icqlite 2007-03-13 22:19 -------- d-------- C:\Programme\msn messenger 2007-03-13 22:07 -------- d-------- C:\Programme\movie maker 2007-03-13 22:07 -------- d-------- C:\Programme\messenger 2007-03-13 22:04 -------- d-------- C:\Programme\windows nt 2007-02-03 20:58 -------- d-------- C:\DOKUME~1\CLEMEN~1\ANWEND~1\canon 2007-01-29 22:35 -------- d-------- C:\Programme\tvgenial 2007-01-25 21:28 -------- d-------- C:\Programme\trillian 2007-01-02 01:10 5912 --a------ C:\WINDOWS\mozver.dat (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run] "ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\runonce] "ICQ Lite"="C:\\Programme\\ICQLite\\ICQLite.exe -trayboot" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] @="" "T-DSL SpeedMgr"="\"C:\\Programme\\T-DSL SpeedManager\\SpeedMgr.exe\"" "AVP"="\"C:\\Programme\\Kaspersky Lab\\Kaspersky Internet Security 6.0\\avp.exe\"" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL] "Installed"="1" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI] "Installed"="1" "NoChange"="1" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS] "Installed"="1" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Adobe Gamma Loader.lnk] "path"="C:\\Dokumente und Einstellungen\\All Users\\Startmenü\\Programme\\Autostart\\Adobe Gamma Loader.lnk" "backup"="C:\\WINDOWS\\pss\\Adobe Gamma Loader.lnkCommon Startup" "location"="Common Startup" "command"="C:\\PROGRA~1\\GEMEIN~1\\Adobe\\CALIBR~1\\ADOBEG~1.EXE " "item"="Adobe Gamma Loader" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Adobe Reader - Schnellstart.lnk] "path"="C:\\Dokumente und Einstellungen\\All Users\\Startmenü\\Programme\\Autostart\\Adobe Reader - Schnellstart.lnk" "backup"="C:\\WINDOWS\\pss\\Adobe Reader - Schnellstart.lnkCommon Startup" "location"="Common Startup" "command"="C:\\PROGRA~1\\Adobe\\ACROBA~1.0\\Reader\\READER~1.EXE " "item"="Adobe Reader - Schnellstart" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Microsoft Office.lnk] "path"="C:\\Dokumente und Einstellungen\\All Users\\Startmenü\\Programme\\Autostart\\Microsoft Office.lnk" "backup"="C:\\WINDOWS\\pss\\Microsoft Office.lnkCommon Startup" "location"="Common Startup" "command"="C:\\PROGRA~1\\MICROS~2\\Office10\\OSA.EXE -b -l" "item"="Microsoft Office" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="apdproxy" "hkey"="HKLM" "command"="\"C:\\Programme\\Adobe\\Photoshop Album Starter Edition\\3.0\\Apps\\apdproxy.exe\"" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICCC] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="CLIStart" "hkey"="HKLM" "command"="\"C:\\Programme\\ATI Technologies\\ATI.ACE\\CLIStart.exe\"" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ctfmon" "hkey"="HKCU" "command"="C:\\WINDOWS\\system32\\ctfmon.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools-1033] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="daemon" "hkey"="HKLM" "command"="\"D:\\Programme\\D-Tools\\daemon.exe\" -lang 1033" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="GrooveMonitor" "hkey"="HKLM" "command"="\"C:\\Programme\\Microsoft Office\\Office12\\GrooveMonitor.exe\"" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ Lite] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ICQLite" "hkey"="HKLM" "command"="\"C:\\Programme\\ICQLite\\ICQLite.exe\" -minimize" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="iTunesHelper" "hkey"="HKLM" "command"="\"C:\\Programme\\iTunes\\iTunesHelper.exe\"" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="msnmsgr" "hkey"="HKCU" "command"="\"C:\\Programme\\MSN Messenger\\msnmsgr.exe\" /background" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="NeroCheck" "hkey"="HKLM" "command"="C:\\WINDOWS\\system32\\\\NeroCheck.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="qttask" "hkey"="HKLM" "command"="\"C:\\Programme\\QuickTime\\qttask.exe\" -atboottime" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegistrySmart] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="RegistrySmart" "hkey"="HKLM" "command"="\"C:\\Program Files\\RegistrySmart\\RegistrySmart.exe\" -boot" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Application Launcher" "hkey"="HKLM" "command"="\"C:\\Programme\\Sony Ericsson\\Mobile2\\Application Launcher\\Application Launcher.exe\" /startoptions" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SOUNDMAN" "hkey"="HKLM" "command"="SOUNDMAN.EXE" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="jusched" "hkey"="HKLM" "command"="C:\\Programme\\Java\\jre1.5.0_06\\bin\\jusched.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\T-DSL SpeedMgr] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SpeedMgr" "hkey"="HKLM" "command"="\"C:\\Programme\\T-DSL SpeedManager\\SpeedMgr.exe\"" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "appinit_dlls"="C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"="Groove GFS Stub Execution Hook" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload] "WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll" [HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost] LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0 NetworkService REG_MULTI_SZ DnsCache\0\0 rpcss REG_MULTI_SZ RpcSs\0\0 imgsvc REG_MULTI_SZ StiSvc\0\0 termsvcs REG_MULTI_SZ TermService\0\0 HTTPFilter REG_MULTI_SZ HTTPFilter\0\0 WudfServiceGroup REG_MULTI_SZ WUDFSvc\0\0 Usnsvc REG_MULTI_SZ usnsvc\0\0 DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0 Contents of the 'Scheduled Tasks' folder C:\WINDOWS\tasks\AppleSoftwareUpdate.job ******************************************************************** catchme 0.2 W2K/XP/Vista - userland rootkit detector by Gmer, 17 October 2006 http://www.gmer.net scanning hidden processes ... scanning hidden services ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 0 ******************************************************************** Completion time: 07-03-25 14:09:37 Dieser Beitrag wurde am 25.03.2007 um 14:16 Uhr von DonSimon editiert.
|
|
|
|
|
|
|
25.03.2007, 14:37
Ehrenmitglied
Beiträge: 29434 |
#4
gehe ins Systemprotrokoll -> Start -> Ausführen -> eventvwr.msc
Schau nach Fehlern unter System und Anwendung __________ MfG Sabina rund um die PC-Sicherheit |
|
|
|
|
|
Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!
bitte erst » hier kostenlos registrieren!!
Folgende Themen könnten Dich auch interessieren:
Seite(n): 1
Copyright © 2024, Protecus.de - Protecus Team - Impressum / Mediadaten
Hier meine log file Daten.
Ich hoffe mir kann jemand helfen
Logfile of HijackThis v1.99.1
Scan saved at 21:26:51, on 23.03.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\AntiVir PersonalEdition Classic\sched.exe
C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe
C:\Programme\T-DSL SpeedManager\SpeedMgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\T-DSL SpeedManager\TSMSvc.exe
C:\WINDOWS\explorer.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\Dokumente und Einstellungen\Clemens Simon\Desktop\HijackThis.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O4 - HKLM\..\Run: [avgnt] "C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [T-DSL SpeedMgr] "C:\Programme\T-DSL SpeedManager\SpeedMgr.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\GEMEIN~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Programme\iPod\bin\iPodService.exe
O23 - Service: T-DSL SpeedManager (TSMService) - T-Systems Business Services - C:\Programme\T-DSL SpeedManager\TSMSvc.exe
Danke im vorraus