typisches Adware-Problem |
||
|---|---|---|
| #0
| ||
|
10.01.2008, 23:40
Member
Beiträge: 14 |
||
 
|
|
|
|
10.01.2008, 23:51
Moderator
Beiträge: 5694 |
#2
Hi
Dein Hijackthis Log fehlt noch. Hast du den ATF CLeaner laufen lassen? Dieser Beitrag wurde am 11.01.2008 um 00:02 Uhr von Tonstudio editiert.
|
|
|
|
|
|
|
11.01.2008, 23:38
Member
Themenstarter Beiträge: 14 |
#3
das problem hat sich irgendwie gelöst. anscheinend hat cureIt den trojaner doch erwischt. er hieß "backdoor".
|
|
|
|
|
|
|
11.01.2008, 23:48
Ehrenmitglied
 Beiträge: 1441 |
#4
Schlango2
hier sollte noch die Registry und anderes gereinigt werden.... zum beginn, lade bitte diese exe und die dll hoch, lasse sie prüfen und poste den Report http://www.virustotal.com/de/ C:\Programme\wJkl.exe C:\WINDOWS\System32\cryptuic.dll . __________ Gruss Pinguin bin dabei, meine Seite + Proggies zu aktualisieren: http://www.virus-protect.org/ |
|
|
|
|
|
|
12.01.2008, 22:03
Member
Themenstarter Beiträge: 14 |
#5
beide dateien sind nicht mehr vorhanden.
|
|
|
|
|
|
Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!
bitte erst » hier kostenlos registrieren!!
Folgende Themen könnten Dich auch interessieren:
Seite(n): 1
Copyright © 2024, Protecus.de - Protecus Team - Impressum / Mediadaten
ständig öffnen sich irgendwelche unerwünschten, unseriösen seiten, die mir antiviren-programme verkaufen wollen. auch startseite ist verstellt und google-toolbar meldet sich regelmäßig.
kriege das problem leider weder mit Avira, noch mit ComboFix oder CureIt in den griff.
vielen dank für eure hilfe!
hier die logs:
ComboFix 08-01-10.2 - Häßelbarth 2008-01-10 22:21:49.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.0.1252.1.1031.18.102 [GMT 1:00]ausgeführt von:: C:\Dokumente und
Einstellungen\Häßelbarth\Desktop\ComboFix.exe
* Neuer Wiederherstellungspunkt wurde erstellt
.
ADS - explorer.exe: deleted 132 bytes in 1 streams.
(((((((((((((((((((((((((((((((((((( Weitere L”schungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Temp\abW9
C:\Temp\abW9\tPho.log
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\Mlkf.dll
.
((((((((((((((((((((((( Dateien erstellt von 2007-12-10 bis 2008-01-10 ))))))))))))))))))))))))))))))
.
2008-01-08 16:31 . 2001-08-23 13:00 84,992 --a------ C:\WINDOWS\system32\cryptuic.dll
2008-01-08 16:29 . 2008-01-09 17:09 <DIR> d-------- C:\WINDOWS\system32\AppCert
2008-01-01 15:25 . 2008-01-01 15:25 47,104 --a------ C:\WINDOWS\system32\KMVIDC32.DLL
2007-12-30 00:27 . 2007-12-30 00:27 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2007-12-30 00:27 . 2007-12-30 00:27 1,409 --a------ C:\WINDOWS\QTFont.for
2007-12-29 22:42 . 2007-12-29 22:54 <DIR> d-------- C:\Dokumente und Einstellungen\All
Users\Anwendungsdaten\WildTangent
2007-12-29 22:40 . 2007-12-29 22:42 <DIR> d-------- C:\Programme\WildGames
2007-12-29 12:40 . 2007-12-29 12:40 <DIR> d-------- C:\Programme\Borland
2007-12-29 12:40 . 1999-11-12 05:11 184,832 --a------ C:\WINDOWS\system32\BDEADMIN.CPL
2007-12-27 23:41 . 2007-12-28 09:34 <DIR> d-------- C:\Dokumente und Einstellungen\All
Users\Anwendungsdaten\HSETU
2007-12-27 19:28 . 2007-12-27 19:28 <DIR> d-------- C:\Programme\HSETU
2007-12-26 14:01 . 2001-08-17 13:52 33,664 --a------ C:\WINDOWS\system32\drivers\disk.sys
2007-12-17 20:48 . 2007-12-17 20:48 74 --a------ C:\WINDOWS\system32\mslck.dat
2007-12-17 19:46 . 2007-12-17 20:47 <DIR> d-------- C:\Programme\FolderAccess
2007-12-17 19:46 . 2002-04-01 13:39 546,524 --a------ C:\WINDOWS\system32\olelib.tlb
2007-12-17 19:46 . 2003-05-14 21:07 389,120 --a------ C:\WINDOWS\system32\actskn43.ocx
2007-12-17 19:46 . 1998-04-24 00:00 368,912 --a------ C:\WINDOWS\system32\vbar332.dll
2007-12-17 19:46 . 2002-07-26 17:02 153,088 --a------ C:\WINDOWS\system32\fldlckun.exe
2007-12-17 19:46 . 2004-01-11 16:03 36,864 --a------ C:\WINDOWS\system32\LckFldService.exe
2007-12-17 19:46 . 1997-05-21 09:51 34,304 --a------ C:\WINDOWS\system32\ntsvc.ocx
2007-12-12 21:11 . 2005-05-26 15:34 2,297,552 --a------ C:\WINDOWS\system32\d3dx9_26.dll
2007-12-11 22:51 . 2008-01-05 20:56 <DIR> d-------- C:\Programme\eMule
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-10 17:05 --------- d-----w C:\Programme\AntiVir PersonalEdition Premium
2008-01-01 14:12 --------- d-----w C:\Programme\IsoBuster
2007-12-31 17:48 --------- d--h--w C:\Programme\InstallShield Installation Information
2007-12-28 22:24 --------- d-----w C:\Programme\NCH Swift Sound
2007-12-28 22:23 --------- d-----w C:\Programme\XviD
2007-12-25 20:31 --------- d-----w C:\Programme\DOSBox-0.65
2007-12-22 11:07 --------- d-----w C:\Programme\SPSS
2007-12-09 17:33 --------- d-----w C:\Programme\Macromedia
2007-12-09 17:33 --------- d-----w C:\Programme\Gemeinsame Dateien\Macromedia
2007-12-09 17:25 --------- d-----w C:\Programme\Gemeinsame Dateien\Wise Installation Wizard
2007-12-09 15:50 --------- d-----w C:\Programme\Empires & Dungeons
2007-11-26 19:26 --------- d-----w C:\Programme\Game_Maker7
2007-11-17 17:18 --------- d-----w C:\Programme\Opera7
2007-10-15 19:41 65,536 ----a-w C:\WINDOWS\IFinst27.exe
2007-10-05 18:54 132,242 ----a-w C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\firstlsp.reg.dat
2007-07-20 17:31 1,349,932 ----a-w C:\Programme\NCH Swift Sound.rar
2007-01-25 19:31 13,824 --sha-w C:\Programme\Gemeinsame Dateien\Thumbs.db
2006-06-04 20:42 97,280 ---ha-r C:\Programme\wJkl.exe
2005-08-14 20:29 87,040 -csha-w C:\Programme\Thumbs.db
2001-08-23 12:00 322,560 -csha-w C:\WINDOWS\LastGood\System32\msvcrt.dll
2004-10-22 07:00 320,872 --sha-r C:\WINDOWS\system32\6mo4svc.dll
2004-10-22 07:00 320,872 --sha-r C:\WINDOWS\system32\6vo4svc.dll
2004-10-22 07:00 320,872 --sha-r C:\WINDOWS\system32\ablui.dll
2004-10-22 07:00 320,872 -csha-r C:\WINDOWS\system32\ajledit.dll
2004-10-22 07:00 320,872 -csha-r C:\WINDOWS\system32\avledit.dll
2007-06-04 21:22 56 --sh--r C:\WINDOWS\system32\E7F4B94E98.sys
2007-06-04 21:22 848 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
2001-08-23 12:00 50,688 --sh--w C:\WINDOWS\system32\msvcirt.dll
2001-08-23 12:00 401,462 --sh--w C:\WINDOWS\system32\msvcp60.dll
2001-08-23 12:00 322,560 --sh--w C:\WINDOWS\system32\msvcrt.dll
2001-08-23 12:00 569,344 --sh--w C:\WINDOWS\system32\oleaut32.dll
2001-08-23 12:00 106,496 --sh--w C:\WINDOWS\system32\olepro32.dll
2001-08-23 12:00 10,240 --sh--w C:\WINDOWS\system32\regsvr32.exe
.
((((((((((((((((((((((((((((( snapshot@2007-11-30_20.26.13.56 )))))))))))))))))))))))))))))))))))))))))
.
- 2004-07-09 02:26:38 11,392 -c--a-w C:\WINDOWS\Driver Cache\i386\bdasup.sys
+ 2004-07-09 03:26:38 11,392 ----a-w C:\WINDOWS\Driver Cache\i386\bdasup.sys
- 2004-07-09 02:26:38 16,384 -c--a-w C:\WINDOWS\Driver Cache\i386\ccdecode.sys
+ 2004-07-09 03:26:38 16,384 ----a-w C:\WINDOWS\Driver Cache\i386\ccdecode.sys
- 2004-07-09 02:26:38 15,104 -c--a-w C:\WINDOWS\Driver Cache\i386\mpe.sys
+ 2004-07-09 03:26:38 15,104 ----a-w C:\WINDOWS\Driver Cache\i386\mpe.sys
- 2004-07-09 02:26:38 52,096 -c--a-w C:\WINDOWS\Driver Cache\i386\msdv.sys
+ 2004-07-09 03:26:38 52,096 ----a-w C:\WINDOWS\Driver Cache\i386\msdv.sys
- 2004-07-09 02:26:38 16,896 -c--a-w C:\WINDOWS\Driver Cache\i386\msyuv.dll
+ 2004-07-09 03:26:38 16,896 ----a-w C:\WINDOWS\Driver Cache\i386\msyuv.dll
- 2004-07-09 02:26:38 83,968 -c--a-w C:\WINDOWS\Driver Cache\i386\nabtsfec.sys
+ 2004-07-09 03:26:38 83,968 ----a-w C:\WINDOWS\Driver Cache\i386\nabtsfec.sys
- 2004-07-09 02:26:38 10,112 -c--a-w C:\WINDOWS\Driver Cache\i386\ndisip.sys
+ 2004-07-09 03:26:38 10,112 ----a-w C:\WINDOWS\Driver Cache\i386\ndisip.sys
- 2004-07-09 02:26:40 354,816 -c--a-w C:\WINDOWS\Driver Cache\i386\psisdecd.dll
+ 2004-07-09 03:26:40 354,816 ----a-w C:\WINDOWS\Driver Cache\i386\psisdecd.dll
- 2004-07-09 02:26:40 10,880 -c--a-w C:\WINDOWS\Driver Cache\i386\slip.sys
+ 2004-07-09 03:26:40 10,880 ----a-w C:\WINDOWS\Driver Cache\i386\slip.sys
- 2004-07-09 02:27:28 48,512 -c--a-w C:\WINDOWS\Driver Cache\i386\stream.sys
+ 2004-07-09 03:27:28 48,512 ----a-w C:\WINDOWS\Driver Cache\i386\stream.sys
- 2004-07-09 02:26:40 14,976 -c--a-w C:\WINDOWS\Driver Cache\i386\streamip.sys
+ 2004-07-09 03:26:40 14,976 ----a-w C:\WINDOWS\Driver Cache\i386\streamip.sys
- 2004-07-09 02:26:40 18,688 -c--a-w C:\WINDOWS\Driver Cache\i386\wstcodec.sys
+ 2004-07-09 03:26:40 18,688 ----a-w C:\WINDOWS\Driver Cache\i386\wstcodec.sys
+ 2000-08-31 07:00:00 163,328 ----a-w C:\WINDOWS\erdnt\Hiv-backup\ERDNT.EXE
+ 2008-01-10 21:21:23 237,568 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000001\NTUSER.DAT
+ 2008-01-10 21:21:23 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000002\UsrClass.dat
+ 2008-01-10 21:21:23 237,568 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000003\NTUSER.DAT
+ 2008-01-10 21:21:23 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000004\UsrClass.dat
+ 2008-01-10 21:21:24 6,950,912 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000005\NTUSER.DAT
+ 2008-01-10 21:21:24 172,032 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000006\UsrClass.dat
+ 2000-08-31 07:00:00 163,328 ----a-w C:\WINDOWS\erdnt\subs\ERDNT.EXE
+ 2007-12-29 09:07:37 10,134 ----a-r C:\WINDOWS\Installer\{D70695CB-47C3-4F0F-A4CD-63AE82B5F850}\ARPPRODUCTICON.exe
+ 2007-12-29 09:07:39 45,056 ----a-r
C:\WINDOWS\Installer\{D70695CB-47C3-4F0F-A4CD-63AE82B5F850}\NewShortcut1_3DCF80C72CFA42DDBFC87B538EE92661.exe
+ 2007-12-29 09:07:38 45,056 ----a-r
C:\WINDOWS\Installer\{D70695CB-47C3-4F0F-A4CD-63AE82B5F850}\NewShortcut11_3DCF80C72CFA42DDBFC87B538EE92661.exe
+ 2006-03-31 10:40:58 2,388,176 ----a-w C:\WINDOWS\LastGood\System32\d3dx9_30.dll
+ 2006-09-28 15:03:28 15,128 ----a-w C:\WINDOWS\LastGood\System32\x3daudio1_1.dll
- 2007-06-16 23:11:58 51,200 ----a-w C:\WINDOWS\NirCmd.exe
+ 2000-08-31 07:00:00 51,200 ----a-w C:\WINDOWS\NirCmd.exe
- 2004-07-09 02:27:28 1,201,152 -c--a-w C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\d3d8.dll
+ 2004-07-09 03:27:28 1,201,152 ----a-w C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\d3d8.dll
- 2003-05-30 07:00:02 797,184 -c--a-w C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\d3dim700.dll
+ 2003-05-30 08:00:02 797,184 ----a-w C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\d3dim700.dll
- 2004-07-09 02:27:28 292,864 -c--a-w C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\ddraw.dll
+ 2004-07-09 03:27:28 292,864 ----a-w C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\ddraw.dll
- 2003-05-30 07:00:02 132,608 -c--a-w C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\devenum.dll
+ 2003-05-30 08:00:02 132,608 ----a-w C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\devenum.dll
- 2004-07-09 02:27:28 181,248 -c--a-w C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dmime.dll
+ 2004-07-09 03:27:28 181,248 ----a-w C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dmime.dll
- 2004-07-09 02:27:28 122,880 -c--a-w C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dmusic.dll
+ 2004-07-09 03:27:28 122,880 ----a-w C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dmusic.dll
- 2004-07-09 02:27:28 230,400 -c--a-w C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dplayx.dll
+ 2004-07-09 03:27:28 230,400 ----a-w C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dplayx.dll
- 2003-03-24 07:00:02 32,768 -c--a-w C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpnhpast.dll
+ 2003-03-24 08:00:02 32,768 ----a-w C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpnhpast.dll
- 2003-03-24 07:00:02 68,096 -c--a-w C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpnhupnp.dll
+ 2003-03-24 08:00:02 68,096 ----a-w C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpnhupnp.dll
- 2004-07-09 02:27:28 79,360 -c--a-w C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpwsockx.dll
+ 2004-07-09 03:27:28 79,360 ----a-w C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpwsockx.dll
- 2004-07-09 02:27:28 381,952 -c--a-w C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dsound.dll
+ 2004-07-09 03:27:28 381,952 ----a-w C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dsound.dll
- 2003-05-30 07:00:02 1,189,888 -c--a-w
C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dx8vb.dll
+ 2003-05-30 08:00:02 1,189,888 ----a-w
C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dx8vb.dll
- 2004-07-09 02:27:28 974,848 -c--a-w C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dxdiag.exe
+ 2004-07-09 03:27:28 974,848 ----a-w C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dxdiag.exe
- 2002-12-11 22:14:32 46,592 -c--a-w C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dxdllreg.exe
+ 2002-12-11 23:14:32 46,592 ----a-w C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dxdllreg.exe
- 2004-07-09 02:27:28 316,928 -c--a-w C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\qdv.dll
+ 2004-07-09 03:27:28 316,928 ----a-w C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\qdv.dll
- 2004-07-09 02:27:28 470,528 -c--a-w C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\qdvd.dll
+ 2004-07-09 03:27:28 470,528 ----a-w C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\qdvd.dll
- 2003-05-30 07:00:02 1,962,496 -c--a-w
C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\quartz.dll
+ 2003-05-30 08:00:02 1,962,496 ----a-w
C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\quartz.dll
- 2004-07-09 02:27:28 48,512 -c--a-w C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\stream.sys
+ 2004-07-09 03:27:28 48,512 ----a-w C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\stream.sys
- 2004-07-09 02:26:38 11,392 -c--a-w C:\WINDOWS\RegisteredPackages\{AA936DF4-2B08-4B1F-B071-72192E287704}\bdasup.sys
+ 2004-07-09 03:26:38 11,392 ----a-w C:\WINDOWS\RegisteredPackages\{AA936DF4-2B08-4B1F-B071-72192E287704}\bdasup.sys
- 2004-07-09 02:26:38 16,384 -c--a-w C:\WINDOWS\RegisteredPackages\{AA936DF4-2B08-4B1F-B071-72192E287704}\ccdecode.sys
+ 2004-07-09 03:26:38 16,384 ----a-w C:\WINDOWS\RegisteredPackages\{AA936DF4-2B08-4B1F-B071-72192E287704}\ccdecode.sys
- 2004-07-09 02:26:38 15,104 -c--a-w C:\WINDOWS\RegisteredPackages\{AA936DF4-2B08-4B1F-B071-72192E287704}\mpe.sys
+ 2004-07-09 03:26:38 15,104 ----a-w C:\WINDOWS\RegisteredPackages\{AA936DF4-2B08-4B1F-B071-72192E287704}\mpe.sys
- 2004-07-09 02:26:38 1,230,336 -c--a-w
C:\WINDOWS\RegisteredPackages\{AA936DF4-2B08-4B1F-B071-72192E287704}\msvidctl.dll
+ 2004-07-09 03:26:38 1,230,336 ----a-w
C:\WINDOWS\RegisteredPackages\{AA936DF4-2B08-4B1F-B071-72192E287704}\msvidctl.dll
- 2004-07-09 02:26:38 16,896 -c--a-w C:\WINDOWS\RegisteredPackages\{AA936DF4-2B08-4B1F-B071-72192E287704}\msyuv.dll
+ 2004-07-09 03:26:38 16,896 ----a-w C:\WINDOWS\RegisteredPackages\{AA936DF4-2B08-4B1F-B071-72192E287704}\msyuv.dll
- 2004-07-09 02:26:38 83,968 -c--a-w C:\WINDOWS\RegisteredPackages\{AA936DF4-2B08-4B1F-B071-72192E287704}\nabtsfec.sys
+ 2004-07-09 03:26:38 83,968 ----a-w C:\WINDOWS\RegisteredPackages\{AA936DF4-2B08-4B1F-B071-72192E287704}\nabtsfec.sys
- 2004-07-09 02:26:38 10,112 -c--a-w C:\WINDOWS\RegisteredPackages\{AA936DF4-2B08-4B1F-B071-72192E287704}\ndisip.sys
+ 2004-07-09 03:26:38 10,112 ----a-w C:\WINDOWS\RegisteredPackages\{AA936DF4-2B08-4B1F-B071-72192E287704}\ndisip.sys
- 2004-07-09 02:26:40 354,816 -c--a-w C:\WINDOWS\RegisteredPackages\{AA936DF4-2B08-4B1F-B071-72192E287704}\psisdecd.dll
+ 2004-07-09 03:26:40 354,816 ----a-w C:\WINDOWS\RegisteredPackages\{AA936DF4-2B08-4B1F-B071-72192E287704}\psisdecd.dll
- 2004-07-09 02:26:40 10,880 -c--a-w C:\WINDOWS\RegisteredPackages\{AA936DF4-2B08-4B1F-B071-72192E287704}\slip.sys
+ 2004-07-09 03:26:40 10,880 ----a-w C:\WINDOWS\RegisteredPackages\{AA936DF4-2B08-4B1F-B071-72192E287704}\slip.sys
- 2004-07-09 02:26:40 14,976 -c--a-w C:\WINDOWS\RegisteredPackages\{AA936DF4-2B08-4B1F-B071-72192E287704}\streamip.sys
+ 2004-07-09 03:26:40 14,976 ----a-w C:\WINDOWS\RegisteredPackages\{AA936DF4-2B08-4B1F-B071-72192E287704}\streamip.sys
- 2004-07-09 02:26:40 18,688 -c--a-w C:\WINDOWS\RegisteredPackages\{AA936DF4-2B08-4B1F-B071-72192E287704}\wstcodec.sys
+ 2004-07-09 03:26:40 18,688 ----a-w C:\WINDOWS\RegisteredPackages\{AA936DF4-2B08-4B1F-B071-72192E287704}\wstcodec.sys
- 2004-07-09 02:26:40 47,104 -c--a-w C:\WINDOWS\RegisteredPackages\{AA936DF4-2B08-4B1F-B071-72192E287704}\wstdecod.dll
+ 2004-07-09 03:26:40 47,104 ----a-w C:\WINDOWS\RegisteredPackages\{AA936DF4-2B08-4B1F-B071-72192E287704}\wstdecod.dll
+ 2008-01-09 16:09:20 86,016 ----a-w C:\WINDOWS\system32\AppCert\hb13a.dll
+ 2008-01-08 20:27:53 118,784 ----a-w C:\WINDOWS\system32\AppCert\prx97w.dll
+ 2001-08-23 12:00:00 67,492 ----a-w C:\WINDOWS\system32\AppCert\wnl32.dll
+ 2001-08-23 12:00:00 24,576 ----a-w C:\WINDOWS\system32\AppCert\wsil32.dll
- 2004-07-09 02:27:28 1,201,152 ----a-w C:\WINDOWS\system32\d3d8.dll
+ 2004-07-09 03:27:28 1,201,152 ----a-w C:\WINDOWS\system32\d3d8.dll
- 2004-07-09 02:27:28 1,703,936 ----a-w C:\WINDOWS\system32\d3d9.dll
+ 2004-07-09 03:27:28 1,703,936 ----a-w C:\WINDOWS\system32\d3d9.dll
- 2003-05-30 07:00:02 797,184 ----a-w C:\WINDOWS\system32\d3dim700.dll
+ 2003-05-30 08:00:02 797,184 ----a-w C:\WINDOWS\system32\d3dim700.dll
- 2005-02-05 17:45:26 2,222,800 -c--a-w C:\WINDOWS\system32\d3dx9_24.dll
+ 2005-02-05 18:45:26 2,222,800 ----a-w C:\WINDOWS\system32\d3dx9_24.dll
- 2005-03-18 15:19:58 2,337,488 -c--a-w C:\WINDOWS\system32\d3dx9_25.dll
+ 2005-03-18 16:19:58 2,337,488 ----a-w C:\WINDOWS\system32\d3dx9_25.dll
- 2005-07-22 17:59:04 2,319,568 -c--a-w C:\WINDOWS\system32\d3dx9_27.dll
+ 2005-07-22 18:59:04 2,319,568 ----a-w C:\WINDOWS\system32\d3dx9_27.dll
- 2005-12-05 16:09:18 2,323,664 -c--a-w C:\WINDOWS\system32\d3dx9_28.dll
+ 2005-12-05 17:09:18 2,323,664 ----a-w C:\WINDOWS\system32\d3dx9_28.dll
- 2006-02-03 06:43:16 2,332,368 -c--a-w C:\WINDOWS\system32\d3dx9_29.dll
+ 2006-02-03 07:43:16 2,332,368 ----a-w C:\WINDOWS\system32\d3dx9_29.dll
- 2006-03-31 10:40:58 2,388,176 ----a-w C:\WINDOWS\system32\d3dx9_30.dll
+ 2006-03-31 11:40:58 2,388,176 ----a-w C:\WINDOWS\system32\d3dx9_30.dll
+ 2006-09-28 15:05:20 2,414,360 ----a-w C:\WINDOWS\system32\d3dx9_31.dll
+ 2006-11-29 12:06:18 3,426,072 ----a-w C:\WINDOWS\system32\d3dx9_32.dll
- 2003-05-30 07:00:02 132,608 ----a-w C:\WINDOWS\system32\devenum.dll
+ 2003-05-30 08:00:02 132,608 ----a-w C:\WINDOWS\system32\devenum.dll
+ 2004-07-09 03:26:38 11,392 -c--a-w C:\WINDOWS\system32\dllcache\bdasup.sys
+ 2004-07-09 03:26:38 16,384 -c--a-w C:\WINDOWS\system32\dllcache\ccdecode.sys
- 2004-07-09 02:27:28 1,201,152 -c--a-w C:\WINDOWS\system32\dllcache\d3d8.dll
+ 2004-07-09 03:27:28 1,201,152 -c--a-w C:\WINDOWS\system32\dllcache\d3d8.dll
- 2003-05-30 07:00:02 797,184 -c--a-w C:\WINDOWS\system32\dllcache\d3dim700.dll
+ 2003-05-30 08:00:02 797,184 -c--a-w C:\WINDOWS\system32\dllcache\d3dim700.dll
- 2004-07-09 02:27:28 292,864 -c--a-w C:\WINDOWS\system32\dllcache\ddraw.dll
+ 2004-07-09 03:27:28 292,864 -c--a-w C:\WINDOWS\system32\dllcache\ddraw.dll
- 2003-05-30 07:00:02 132,608 -c--a-w C:\WINDOWS\system32\dllcache\devenum.dll
+ 2003-05-30 08:00:02 132,608 -c--a-w C:\WINDOWS\system32\dllcache\devenum.dll
- 2004-07-09 02:27:28 181,248 -c--a-w C:\WINDOWS\system32\dllcache\dmime.dll
+ 2004-07-09 03:27:28 181,248 -c--a-w C:\WINDOWS\system32\dllcache\dmime.dll
- 2004-07-09 02:27:28 122,880 -c--a-w C:\WINDOWS\system32\dllcache\dmusic.dll
+ 2004-07-09 03:27:28 122,880 -c--a-w C:\WINDOWS\system32\dllcache\dmusic.dll
- 2004-07-09 02:27:28 230,400 -c--a-w C:\WINDOWS\system32\dllcache\dplayx.dll
+ 2004-07-09 03:27:28 230,400 -c--a-w C:\WINDOWS\system32\dllcache\dplayx.dll
- 2003-03-24 07:00:02 32,768 -c--a-w C:\WINDOWS\system32\dllcache\dpnhpast.dll
+ 2003-03-24 08:00:02 32,768 -c--a-w C:\WINDOWS\system32\dllcache\dpnhpast.dll
- 2003-03-24 07:00:02 68,096 -c--a-w C:\WINDOWS\system32\dllcache\dpnhupnp.dll
+ 2003-03-24 08:00:02 68,096 -c--a-w C:\WINDOWS\system32\dllcache\dpnhupnp.dll
- 2004-07-09 02:27:28 79,360 -c--a-w C:\WINDOWS\system32\dllcache\dpwsockx.dll
+ 2004-07-09 03:27:28 79,360 -c--a-w C:\WINDOWS\system32\dllcache\dpwsockx.dll
- 2004-07-09 02:27:28 381,952 -c--a-w C:\WINDOWS\system32\dllcache\dsound.dll
+ 2004-07-09 03:27:28 381,952 -c--a-w C:\WINDOWS\system32\dllcache\dsound.dll
- 2003-05-30 07:00:02 1,189,888 -c--a-w C:\WINDOWS\system32\dllcache\dx8vb.dll
+ 2003-05-30 08:00:02 1,189,888 -c--a-w C:\WINDOWS\system32\dllcache\dx8vb.dll
- 2004-07-09 02:27:28 974,848 -c--a-w C:\WINDOWS\system32\dllcache\dxdiag.exe
+ 2004-07-09 03:27:28 974,848 -c--a-w C:\WINDOWS\system32\dllcache\dxdiag.exe
+ 2004-07-09 03:26:38 15,104 -c--a-w C:\WINDOWS\system32\dllcache\mpe.sys
+ 2004-07-09 03:26:38 52,096 -c--a-w C:\WINDOWS\system32\dllcache\msdv.sys
- 2004-07-09 02:26:38 1,230,336 -c--a-w C:\WINDOWS\system32\dllcache\msvidctl.dll
+ 2004-07-09 03:26:38 1,230,336 -c--a-w C:\WINDOWS\system32\dllcache\msvidctl.dll
+ 2004-07-09 03:26:38 16,896 -c--a-w C:\WINDOWS\system32\dllcache\msyuv.dll
+ 2004-07-09 03:26:38 83,968 -c--a-w C:\WINDOWS\system32\dllcache\nabtsfec.sys
+ 2004-07-09 03:26:38 10,112 -c--a-w C:\WINDOWS\system32\dllcache\ndisip.sys
+ 2004-07-09 03:26:40 354,816 -c--a-w C:\WINDOWS\system32\dllcache\psisdecd.dll
- 2004-07-09 02:27:28 316,928 -c--a-w C:\WINDOWS\system32\dllcache\qdv.dll
+ 2004-07-09 03:27:28 316,928 -c--a-w C:\WINDOWS\system32\dllcache\qdv.dll
- 2004-07-09 02:27:28 470,528 -c--a-w C:\WINDOWS\system32\dllcache\qdvd.dll
+ 2004-07-09 03:27:28 470,528 -c--a-w C:\WINDOWS\system32\dllcache\qdvd.dll
- 2003-05-30 07:00:02 1,962,496 -c--a-w C:\WINDOWS\system32\dllcache\quartz.dll
+ 2003-05-30 08:00:02 1,962,496 -c--a-w C:\WINDOWS\system32\dllcache\quartz.dll
+ 2004-07-09 03:26:40 10,880 -c--a-w C:\WINDOWS\system32\dllcache\slip.sys
+ 2004-07-09 03:27:28 48,512 -c--a-w C:\WINDOWS\system32\dllcache\stream.sys
+ 2004-07-09 03:26:40 14,976 -c--a-w C:\WINDOWS\system32\dllcache\streamip.sys
+ 2004-07-09 03:26:40 18,688 -c--a-w C:\WINDOWS\system32\dllcache\wstcodec.sys
- 2004-07-09 02:26:40 47,104 -c--a-w C:\WINDOWS\system32\dllcache\wstdecod.dll
+ 2004-07-09 03:26:40 47,104 -c--a-w C:\WINDOWS\system32\dllcache\wstdecod.dll
- 2004-07-09 02:27:28 181,248 -c--a-w C:\WINDOWS\system32\dmime.dll
+ 2004-07-09 03:27:28 181,248 ----a-w C:\WINDOWS\system32\dmime.dll
- 2004-07-09 02:27:28 122,880 -c--a-w C:\WINDOWS\system32\dmusic.dll
+ 2004-07-09 03:27:28 122,880 ----a-w C:\WINDOWS\system32\dmusic.dll
- 2004-07-09 02:27:28 230,400 ----a-w C:\WINDOWS\system32\dplayx.dll
+ 2004-07-09 03:27:28 230,400 ----a-w C:\WINDOWS\system32\dplayx.dll
- 2003-03-24 07:00:02 32,768 ----a-w C:\WINDOWS\system32\dpnhpast.dll
+ 2003-03-24 08:00:02 32,768 ----a-w C:\WINDOWS\system32\dpnhpast.dll
- 2003-03-24 07:00:02 68,096 ----a-w C:\WINDOWS\system32\dpnhupnp.dll
+ 2003-03-24 08:00:02 68,096 ----a-w C:\WINDOWS\system32\dpnhupnp.dll
- 2004-07-09 02:27:28 79,360 ----a-w C:\WINDOWS\system32\dpwsockx.dll
+ 2004-07-09 03:27:28 79,360 ----a-w C:\WINDOWS\system32\dpwsockx.dll
- 2004-07-09 02:26:38 11,392 -c--a-w C:\WINDOWS\system32\drivers\bdasup.sys
+ 2004-07-09 03:26:38 11,392 ----a-w C:\WINDOWS\system32\drivers\bdasup.sys
- 2004-07-09 02:26:38 16,384 ----a-w C:\WINDOWS\system32\drivers\ccdecode.sys
+ 2004-07-09 03:26:38 16,384 ----a-w C:\WINDOWS\system32\drivers\ccdecode.sys
- 2004-07-09 02:26:38 15,104 -c--a-w C:\WINDOWS\system32\drivers\mpe.sys
+ 2004-07-09 03:26:38 15,104 ----a-w C:\WINDOWS\system32\drivers\mpe.sys
- 2004-07-09 02:26:38 52,096 ----a-w C:\WINDOWS\system32\drivers\msdv.sys
+ 2004-07-09 03:26:38 52,096 ----a-w C:\WINDOWS\system32\drivers\msdv.sys
- 2004-07-09 02:26:38 83,968 ----a-w C:\WINDOWS\system32\drivers\nabtsfec.sys
+ 2004-07-09 03:26:38 83,968 ----a-w C:\WINDOWS\system32\drivers\nabtsfec.sys
- 2004-07-09 02:26:38 10,112 ----a-w C:\WINDOWS\system32\drivers\ndisip.sys
+ 2004-07-09 03:26:38 10,112 ----a-w C:\WINDOWS\system32\drivers\ndisip.sys
- 2004-07-09 02:26:40 10,880 ----a-w C:\WINDOWS\system32\drivers\slip.sys
+ 2004-07-09 03:26:40 10,880 ----a-w C:\WINDOWS\system32\drivers\slip.sys
- 2004-07-09 02:27:28 48,512 -c--a-w C:\WINDOWS\system32\drivers\stream.sys
+ 2004-07-09 03:27:28 48,512 ----a-w C:\WINDOWS\system32\drivers\stream.sys
- 2004-07-09 02:26:40 14,976 ----a-w C:\WINDOWS\system32\drivers\streamip.sys
+ 2004-07-09 03:26:40 14,976 ----a-w C:\WINDOWS\system32\drivers\streamip.sys
- 2004-07-09 02:26:40 18,688 ----a-w C:\WINDOWS\system32\drivers\wstcodec.sys
+ 2004-07-09 03:26:40 18,688 ----a-w C:\WINDOWS\system32\drivers\wstcodec.sys
- 2004-07-09 02:27:28 381,952 ----a-w C:\WINDOWS\system32\dsound.dll
+ 2004-07-09 03:27:28 381,952 ----a-w C:\WINDOWS\system32\dsound.dll
- 2004-07-09 02:27:28 974,848 -c--a-w C:\WINDOWS\system32\dxdiag.exe
+ 2004-07-09 03:27:28 974,848 ----a-w C:\WINDOWS\system32\dxdiag.exe
- 2004-07-09 02:27:28 1,769,472 ----a-w C:\WINDOWS\system32\dxdiagn.dll
+ 2004-07-09 03:27:28 1,769,472 ----a-w C:\WINDOWS\system32\dxdiagn.dll
- 2006-02-03 06:41:40 63,696 -c--a-w C:\WINDOWS\system32\dxdllreg.exe
+ 2006-12-08 10:58:34 63,768 -c--a-w C:\WINDOWS\system32\dxdllreg.exe
- 2004-07-09 02:26:38 1,230,336 -c--a-w C:\WINDOWS\system32\msvidctl.dll
+ 2004-07-09 03:26:38 1,230,336 ----a-w C:\WINDOWS\system32\msvidctl.dll
- 2004-07-09 02:26:38 16,896 ----a-w C:\WINDOWS\system32\msyuv.dll
+ 2004-07-09 03:26:38 16,896 ----a-w C:\WINDOWS\system32\msyuv.dll
- 2006-10-29 19:36:33 81,920 -c--a-w C:\WINDOWS\system32\OpenAL32.dll
+ 2007-12-27 11:58:02 81,920 ----a-w C:\WINDOWS\system32\OpenAL32.dll
- 2007-11-26 17:45:33 48,156 ----a-w C:\WINDOWS\system32\perfc007.dat
+ 2007-12-01 08:46:15 48,156 ----a-w C:\WINDOWS\system32\perfc007.dat
- 2007-11-26 17:45:33 39,992 ----a-w C:\WINDOWS\system32\perfc009.dat
+ 2007-12-01 08:46:15 39,992 ----a-w C:\WINDOWS\system32\perfc009.dat
- 2007-11-26 17:45:33 316,594 ----a-w C:\WINDOWS\system32\perfh007.dat
+ 2007-12-01 08:46:15 316,594 ----a-w C:\WINDOWS\system32\perfh007.dat
- 2007-11-26 17:45:33 311,604 ----a-w C:\WINDOWS\system32\perfh009.dat
+ 2007-12-01 08:46:15 311,604 ----a-w C:\WINDOWS\system32\perfh009.dat
- 2004-07-09 02:26:40 354,816 -c--a-w C:\WINDOWS\system32\psisdecd.dll
+ 2004-07-09 03:26:40 354,816 ----a-w C:\WINDOWS\system32\psisdecd.dll
- 2004-07-09 02:27:28 316,928 -c--a-w C:\WINDOWS\system32\qdv.dll
+ 2004-07-09 03:27:28 316,928 ----a-w C:\WINDOWS\system32\qdv.dll
- 2004-07-09 02:27:28 470,528 ----a-w C:\WINDOWS\system32\qdvd.dll
+ 2004-07-09 03:27:28 470,528 ----a-w C:\WINDOWS\system32\qdvd.dll
- 2003-05-30 07:00:02 1,962,496 ----a-w C:\WINDOWS\system32\quartz.dll
+ 2003-05-30 08:00:02 1,962,496 ----a-w C:\WINDOWS\system32\quartz.dll
- 2007-07-22 17:39:27 279,552 ----a-w C:\WINDOWS\system32\swreg.exe
+ 2000-08-31 07:00:00 156,160 ----a-w C:\WINDOWS\system32\swreg.exe
+ 2003-06-23 01:44:36 1,415,680 ----a-w C:\WINDOWS\system32\wmv9vcm.dll
- 2006-10-29 19:36:34 233,472 -c--a-w C:\WINDOWS\system32\wrap_oal.dll
+ 2007-12-27 11:58:02 233,472 ----a-w C:\WINDOWS\system32\wrap_oal.dll
- 2004-07-09 02:26:40 47,104 -c--a-w C:\WINDOWS\system32\wstdecod.dll
+ 2004-07-09 03:26:40 47,104 ----a-w C:\WINDOWS\system32\wstdecod.dll
- 2006-02-03 06:41:26 14,032 -c--a-w C:\WINDOWS\system32\x3daudio1_0.dll
+ 2006-02-03 07:41:26 14,032 ----a-w C:\WINDOWS\system32\x3daudio1_0.dll
+ 2006-11-15 10:38:22 15,128 ----a-w C:\WINDOWS\system32\x3daudio1_1.dll
- 2006-02-03 06:42:06 230,096 -c--a-w C:\WINDOWS\system32\xactengine2_0.dll
+ 2006-02-03 07:42:06 230,096 ----a-w C:\WINDOWS\system32\xactengine2_0.dll
+ 2006-03-31 11:39:48 229,584 ----a-w C:\WINDOWS\system32\xactengine2_1.dll
+ 2006-05-31 06:24:16 230,168 ----a-w C:\WINDOWS\system32\xactengine2_2.dll
+ 2006-07-28 08:30:32 236,824 ----a-w C:\WINDOWS\system32\xactengine2_3.dll
+ 2006-09-28 15:05:56 237,848 ----a-w C:\WINDOWS\system32\xactengine2_4.dll
+ 2006-12-08 11:02:00 251,672 ----a-w C:\WINDOWS\system32\xactengine2_5.dll
+ 2006-03-31 11:39:24 62,672 ----a-w C:\WINDOWS\system32\xinput1_1.dll
+ 2006-07-28 08:30:14 62,744 ----a-w C:\WINDOWS\system32\xinput1_2.dll
+ 2006-09-28 15:04:02 68,888 ----a-w C:\WINDOWS\system32\xinput1_3.dll
- 2005-12-05 16:07:30 61,136 -c--a-w C:\WINDOWS\system32\xinput9_1_0.dll
+ 2005-12-05 17:07:30 61,136 ----a-w C:\WINDOWS\system32\xinput9_1_0.dll
.
-- Snapshot reset to current date --
.
(((((((((((((((((((((((((((( Autostart Punkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Hinweis* leere Eintrage & legitime Standardeintrage werden nicht angezeigt.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1B724C47-1FD9-4AF1-BC54-80BFDC4AF727}]
2001-08-23 13:00 84992 --a------ C:\WINDOWS\System32\cryptuic.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{DA39029C-D291-A968-3FF4-D0990D5CB5FC}]
C:\Programme\LinkOptimizer\LinkOptimizer.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"gcdef"="C:\WINDOWS\System32\gcdef.exe" [ ]
"swg"="C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-09 22:14 68856]
"ctfmon.exe"="C:\WINDOWS\System32\ctfmon.exe" [2001-08-23 13:00 13312]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"nzgmhkbk"="C:\WINDOWS\System32\ureepd.exe" [ ]
"ypeperft"="C:\WINDOWS\System32\ypeperft.exe" [ ]
"dpdx32o"="C:\WINDOWS\System32\dpdx32o.exe" [ ]
"Share-to-Web Namespace Daemon"="C:\Programme\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe" [2001-07-03 08:11 57344]
"NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [2004-07-15 10:42 4112384]
"SunJavaUpdateSched"="C:\Programme\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11 132496]
"avgnt"="C:\Programme\AntiVir PersonalEdition Premium\avgnt.exe" [2007-10-10 17:16 249896]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\ctfmon.exe" [2001-08-23 13:00 13312]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=NVDESK32.DLL
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, zwebauth.dll
[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Erinnerungen für Microsoft
Works-Kalender.lnk]
path=C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Erinnerungen für Microsoft Works-Kalender.lnk
backup=C:\WINDOWS\pss\Erinnerungen für Microsoft Works-Kalender.lnkCommon Startup
[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^GStartup.lnk]
path=C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\GStartup.lnk
backup=C:\WINDOWS\pss\GStartup.lnkCommon Startup
[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Program Neighborhood Agent.lnk]
path=C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Program Neighborhood Agent.lnk
backup=C:\WINDOWS\pss\Program Neighborhood Agent.lnkCommon Startup
[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^Häßelbarth^Startmenü^Programme^Autostart^PowerReg Scheduler V3.exe]
path=C:\Dokumente und Einstellungen\Häßelbarth\Startmenü\Programme\Autostart\PowerReg Scheduler V3.exe
backup=C:\WINDOWS\pss\PowerReg Scheduler V3.exeStartup
[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^Häßelbarth^Startmenü^Programme^Autostart^Produktumfrage von
Hewlett-Packard.lnk]
path=C:\Dokumente und Einstellungen\Häßelbarth\Startmenü\Programme\Autostart\Produktumfrage von Hewlett-Packard.lnk
backup=C:\WINDOWS\pss\Produktumfrage von Hewlett-Packard.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOLDialer]
--a------ 2004-11-09 21:36 497240 C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLDial.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent]
C:\Programme\BitTorrent\bittorrent.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EbatesMoeMoneyMaker]
wjview /cp:p C:\Programme\EbatesMoeMoneyMaker\System\Code Main lp: C:\Programme\EbatesMoeMoneyMaker
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\F-StopW]
C:\Programme\FSI\F-Prot\F-StopW.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ Lite]
--a------ 2006-07-11 11:15 3144800 C:\Programme\ICQLite\ICQLite.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IE Redir]
C:\WINDOWS\ieredir.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
C:\Programme\ahead\InCD\InCD.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Programme\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MGBSetup.exe]
C:\DOKUME~1\HELBAR~1\EIGENE~1\Download\MGBSET~1.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck]
C:\WINDOWS\system32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2007-03-09 17:53 153136 C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
--a------ 2004-07-15 10:42 4112384 C:\WINDOWS\System32\NvCpl.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
--a--c--- 2004-07-15 10:42 81920 C:\WINDOWS\System32\NvMcTray.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
--a--c--- 2004-07-15 10:42 843776 C:\WINDOWS\system32\nwiz.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Programme\QuickTime\qttask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpyKiller]
C:\Programme\SpyKiller\spykiller.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpySheriff]
C:\Program Files\SpySheriff\SpySheriff.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2005-11-10 13:03 36975 C:\Programme\Java\jre1.5.0_06\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\sys024372518015]
C:\WINDOWS\sys024372518015.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tpcupdater]
C:\WINDOWS\updatetc.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updater]
C:\Programme\Common files\updater\wupdater.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Programme\Winamp\Winampa.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows installer]
C:\winstall.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"iPodService"=3 (0x3)
"ImapiService"=3 (0x3)
"Boonty Games"=3 (0x3)
"WZCSVC"=2 (0x2)
"wuauserv"=2 (0x2)
"WYxENx"=2 (0x2)
R0 avgntmgr;avgntmgr;C:\WINDOWS\System32\drivers\avgntmgr.sys [2007-10-05 19:59]
R0 FPA_RTP;FPA_RTP;C:\WINDOWS\System32\Drivers\FSTOPW.SYS [2003-09-29 14:16]
R0 PDDSLHND;PDDSLHND;C:\WINDOWS\System32\drivers\PDDSLHND.sys [2005-05-05 21:38]
R0 prohlp01;StarForce Protection Helper Driver v1;C:\WINDOWS\System32\drivers\prohlp01.sys [2002-12-10 17:42]
R1 avgntdd;avgntdd;C:\WINDOWS\System32\DRIVERS\avgntdd.sys [2007-10-05 19:59]
R1 prodrv05;StarForce Protection Environment Driver v5;C:\WINDOWS\System32\drivers\prodrv05.sys [2002-12-10 17:35]
R1 SSHDRV65;SSHDRV65;C:\WINDOWS\System32\drivers\SSHDRV65.sys [2007-06-28 20:18]
R2 AntiVirMailService;AntiVir PersonalEdition Premium MailGuard;C:\Programme\AntiVir PersonalEdition Premium\avmailc.exe
[2007-10-10 17:16]
R2 AVEService;AntiVir PersonalEdition Premium MailGuard Hilfsdienst;C:\Programme\AntiVir PersonalEdition Premium\avesvc.exe
[2007-10-10 17:16]
R3 PDDSLADP;ProDyne DSL Adapter;C:\WINDOWS\System32\DRIVERS\PDDSLADP.SYS [2005-05-05 21:35]
S0 ElbyVCD;ElbyVCD;C:\WINDOWS\System32\DRIVERS\ElbyVCD.sys []
S2 MKEMUSB;Panasonic Digital Palmcorder;C:\WINDOWS\System32\Drivers\Mkemusb.sys [2001-08-08 18:52]
S2 MSWinLogonProcService;Windows Logon Process Service;"C:\WINDOWS\winlogon.exe" []
S2 WYxENx;WYxENx;"C:\Programme\wJkl.exe" [2006-06-04 21:42]
S3 ATWPKT;ATWPKT;C:\WINDOWS\system32\Drivers\ATWPKT.SYS [2002-05-15 15:11]
S3 DCamUSBMke;USB Video Camera for Panasonic Digital Palmcorder;C:\WINDOWS\System32\Drivers\Mkeusbi.sys [2002-09-02 11:10]
S3 DCamUSBMke2;Panasonic USB Video Camera;C:\WINDOWS\System32\Drivers\Mkeusbi2.sys [2002-11-06 09:48]
S3 idrmkl;idrmkl;C:\DOKUME~1\HELBAR~1\LOKALE~1\Temp\idrmkl.sys []
S3 ids0004C;ids0004C;C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Kaspersky Anti-Virus
Personal\5.0\bases\ids0004C.sys []
S3 ids0005c;ids0005c;C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Kaspersky Anti-Virus
Personal\5.0\bases\ids0005c.sys []
S3 ids00118;ids00118;C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Kaspersky Anti-Virus
Personal\5.0\bases\ids00118.sys []
S3 ids0014f;ids0014f;C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Kaspersky Anti-Virus
Personal\5.0\bases\ids0014f.sys []
S3 ids0015d;ids0015d;C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Kaspersky Anti-Virus
Personal\5.0\bases\ids0015d.sys []
S3 ids00180;ids00180;C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Kaspersky Anti-Virus
Personal\5.0\bases\ids00180.sys []
S3 ids0018a;ids0018a;C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Kaspersky Anti-Virus
Personal\5.0\bases\ids0018a.sys []
S3 PDNETCTL;ProDyne MicroPPPoE;C:\WINDOWS\System32\DRIVERS\pdnetctl.sys [2005-09-07 23:09]
S3 TIGLUSB;TiglUsb.Sys TI-GRAPH/DIRECT LINK USB driver;C:\WINDOWS\System32\Drivers\TIGLUSB.sys [2005-07-24 13:09]
S3 XDva002;XDva002;C:\WINDOWS\System32\XDva002.sys []
S4 Boonty Games;Boonty Games;"C:\Programme\Gemeinsame Dateien\BOONTY Shared\Service\Boonty.exe" [2005-05-26 22:56]
.
Inhalt des "geplante Tasks" Ordners
"2002-09-22 15:19:23 C:\WINDOWS\Tasks\Symantec NetDetect.job"
- C:\Programme\Symantec\LiveUpdate\NDETECT.EXE
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-10 22:32:58
Windows 5.1.2600 NTFS
Scanne versteckte Prozesse...
Scanne versteckte Autostart Eintr„ge...
Scanne versteckte Dateien...
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
**************************************************************************
.
Zeit der Fertigstellung: 2008-01-10 22:48:04 - machine was rebooted
ComboFix-quarantined-files.txt 2008-01-10 21:47:56
ComboFix2.txt 2007-11-30 19:27:40
ComboFix3.txt 2006-10-02 20:22:50