Trojanerproblem!!! vundo!!! |
||
|---|---|---|
| #0
| ||
|
04.03.2008, 16:11
...neu hier
Beiträge: 1 |
||
 
|
|
|
|
04.03.2008, 16:51
Ehrenmitglied
 Beiträge: 6028 |
#2
CombiFix entfernen
Start > Ausführen>Kopiere rein Combofix /U OK Entferne auf C:\combofix.txt Schliesse alle Fenster und starte Hijack This Klicke: Do a Systemscan only Setze ein Häckchen in das Kästchen vor den genannten Eintrag bei Zitat O2 - BHO: {327d088f-c314-604a-34c4-b4fdb3c03003} - {30030c3b-df4b-4c43-a406-413cf880d723} - C:\Windows\system32\tvkphjsx.dll (file missing)klicke: Fix checked Dein Internet Explorer muss geschlossen wenn Du Fix Checked klickst ___________________________________________________ OTMoveIt.exe Download OTMoveIt2 zum Desktop Oeffne:OTMoveIt.exe Kopiere (selektiere en klick Ctrl-C) alle unterstehende Zitat C:\Windows\wininit.iniim linken Fenster,wo steht "Paste List of Files/Folders to be moved" Klicke auf den Roten MoveIt! knopf Wenn das Tool fertig ist wird ein log erstellt (*******_******.log *steht fuer datum und zeit In Datei C:\_OTMoveIt\MovedFiles\ Mit rechtem Mausklick abkopieren und ins Forum mit rechtem Mausklick "einfügen" OTMoveIt.exe Und druecke die “CleanUp” Taste Im naeschten Fenster “Begin cleanup process?” klicke Yes Im naechsten Fenster “Do you want to reboot?” klicke Yes Weil du schon Windows Defender benutzt solltest du Teatimer von Spybot s&d abschalten __________ MfG Argus |
|
|
|
|
|
Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!
bitte erst » hier kostenlos registrieren!!
Folgende Themen könnten Dich auch interessieren:
Seite(n): 1
Copyright © 2024, Protecus.de - Protecus Team - Impressum / Mediadaten
ich habe seid ca einem monat probleme mit dem trojaner vundo.gen und vundo.dwb.
leider kenne ich mich nicht mit solchen problemen aus und bin nun auf hilfe angewiesen. ich bin jetzt nach vorgegebenen problemfindung vorgegangen und hoffe das mir hier geholfen werden kann.
ComboFix 08-03-04.2 - Mike 2008-03-04 15:38:03.1 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1031.18.1091 [GMT 1:00]
ausgeführt von:: C:\Users\Mike\Desktop\ComboFix.exe
* Neuer Wiederherstellungspunkt wurde erstellt
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documentation\Documentation\CS\_desktop.ini
C:\Documentation\Documentation\DE\_desktop.ini
C:\Documentation\Documentation\EN\_desktop.ini
C:\Documentation\Documentation\ES\_desktop.ini
C:\Documentation\Documentation\FI\_desktop.ini
C:\Documentation\Documentation\FR\_desktop.ini
C:\Documentation\Documentation\GR\_desktop.ini
C:\Documentation\Documentation\IT\_desktop.ini
C:\Documentation\Documentation\NL\_desktop.ini
C:\Documentation\Documentation\PO\_desktop.ini
C:\Documentation\Documentation\RU\_desktop.ini
C:\Documentation\Documentation\SV\_desktop.ini
C:\Documentation\Leaflets\CS\_desktop.ini
C:\Documentation\Leaflets\DE\_desktop.ini
C:\Documentation\Leaflets\EN\_desktop.ini
C:\Documentation\Leaflets\ES\_desktop.ini
C:\Documentation\Leaflets\FI\_desktop.ini
C:\Documentation\Leaflets\FR\_desktop.ini
C:\Documentation\Leaflets\GR\_desktop.ini
C:\Documentation\Leaflets\IT\_desktop.ini
C:\Documentation\Leaflets\NL\_desktop.ini
C:\Documentation\Leaflets\PO\_desktop.ini
C:\Documentation\Leaflets\RU\_desktop.ini
C:\Documentation\Leaflets\SV\_desktop.ini
C:\Program Files\version.txt
C:\Windows\System32\aycdd.ini
C:\Windows\System32\aycdd.ini2
C:\Windows\system32\ddcya.dll
C:\Windows\system32\yayyy.dll
.
((((((((((((((((((((((( Dateien erstellt von 2008-02-04 bis 2008-03-04 ))))))))))))))))))))))))))))))
.
2008-03-03 21:40 . 2008-03-04 14:44 <DIR> d-------- C:\VundoFix Backups
2008-03-03 20:46 . 2008-03-03 20:46 <DIR> d-------- C:\Program Files\Enigma Software Group
2008-03-03 20:27 . 2008-03-03 20:27 <DIR> d-------- C:\Program Files\SigmaTel
2008-03-03 20:24 . 2008-03-03 20:24 1,712,984 --a------ C:\Windows\System32\wuaueng.dll
2008-03-03 20:24 . 2008-03-03 20:24 1,524,224 --a------ C:\Windows\System32\wucltux.dll
2008-03-03 20:24 . 2008-03-03 20:24 549,720 --a------ C:\Windows\System32\wuapi.dll
2008-03-03 20:24 . 2008-03-03 20:24 80,896 --a------ C:\Windows\System32\wudriver.dll
2008-03-03 20:24 . 2008-03-03 20:24 53,080 --a------ C:\Windows\System32\wuauclt.exe
2008-03-03 20:24 . 2008-03-03 20:24 43,352 --a------ C:\Windows\System32\wups2.dll
2008-03-03 20:24 . 2008-03-03 20:24 33,624 --a------ C:\Windows\System32\wups.dll
2008-03-03 20:23 . 2008-03-03 20:23 163,000 --a------ C:\Windows\System32\wuwebv.dll
2008-03-03 20:23 . 2008-03-03 20:23 31,232 --a------ C:\Windows\System32\wuapp.exe
2008-03-03 19:35 . 2008-03-03 19:35 <DIR> d-------- C:\Users\Default\video
2008-03-03 19:35 . 2008-03-03 19:35 <DIR> d-------- C:\Users\Default\Searches
2008-03-03 19:35 . 2008-03-03 19:35 <DIR> d-------- C:\Users\Default\contacts
2008-03-03 19:06 . 2008-03-03 19:34 <DIR> dr------- C:\Users\Mike\Videos
2008-03-03 19:06 . 2008-03-03 19:34 <DIR> dr------- C:\Users\Mike\Saved Games
2008-03-03 19:06 . 2008-03-03 20:10 <DIR> dr------- C:\Users\Mike\Pictures
2008-03-03 19:06 . 2008-03-03 20:10 <DIR> dr------- C:\Users\Mike\Music
2008-03-03 19:06 . 2008-03-03 20:10 <DIR> dr------- C:\Users\Mike\Links
2008-03-03 19:06 . 2008-03-03 19:34 <DIR> dr------- C:\Users\Mike\Downloads
2008-03-03 19:06 . 2008-03-03 19:34 <DIR> dr------- C:\Users\Mike\Documents
2008-03-03 19:06 . 2006-11-02 13:37 <DIR> d-------- C:\Users\Mike\AppData\Roaming\Media Center Programs
2008-03-03 19:06 . 2008-03-03 19:33 <DIR> d--h----- C:\Users\Mike\AppData
2008-03-03 19:05 . 2008-03-03 19:05 <DIR> d-------- C:\Windows\System32\URTTEMP
2008-03-03 19:05 . 2008-03-03 21:17 <DIR> d--hs---- C:\Windows\Installer
2008-03-03 19:02 . 2008-03-03 19:02 <DIR> d-------- C:\Program Files\CONEXANT
2008-03-03 19:02 . 2008-03-03 19:02 <DIR> d-------- C:\Program Files\Apoint
2008-03-03 19:02 . 2008-03-03 19:02 0 --ah----- C:\Windows\System32\drivers\Msft_Kernel_Apfiltr_01001.Wdf
2008-03-03 19:00 . 2008-03-04 14:57 <DIR> d-------- C:\Windows\System32\catroot2
2008-03-03 18:53 . 2008-03-03 19:48 <DIR> d-------- C:\Windows\Panther
2008-03-03 18:51 . 2008-03-03 19:04 <DIR> d-------- C:\Windows\Debug
2008-03-03 18:51 . 2006-09-29 03:59 250,368 --a------ C:\Windows\System32\drivers\iaStor.sys
2008-03-03 18:32 . 2008-03-03 18:32 <DIR> d--h----- C:\$WINDOWS.~Q
2008-02-21 20:26 . 2008-03-03 19:17 <DIR> d-------- C:\Users\All Users\Installations
2008-02-21 20:26 . 2008-03-03 19:17 <DIR> d-------- C:\ProgramData\Installations
2008-02-19 15:22 . 2008-02-19 16:30 288 --a------ C:\Windows\wininit.ini
2008-02-19 14:50 . 2008-02-19 15:13 <DIR> d-a------ C:\Users\All Users\TEMP
2008-02-19 14:50 . 2008-02-19 15:13 <DIR> d-a------ C:\ProgramData\TEMP
2008-02-19 14:49 . 2008-03-03 19:16 <DIR> d-------- C:\Program Files\Spyware Doctor
2008-02-19 14:44 . 2008-03-03 19:18 <DIR> d-------- C:\Users\All Users\Spybot - Search & Destroy
2008-02-19 14:44 . 2008-03-03 19:18 <DIR> d-------- C:\ProgramData\Spybot - Search & Destroy
2008-02-19 14:44 . 2008-03-03 19:16 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
2008-02-12 15:59 . 2008-03-03 19:33 <DIR> d-------- C:\Users\Mike\AppData\Roaming\InterVideo
2008-02-11 20:27 . 2008-02-11 20:27 917,504 --a------ C:\Windows\System32\FLASH.OCX
2008-02-08 18:19 . 2008-03-03 19:11 <DIR> d-------- C:\Program Files\GameSpy Arcade
2008-02-08 16:34 . 2008-03-03 19:17 <DIR> d-------- C:\Users\All Users\Media Center Programs
2008-02-08 16:34 . 2008-03-03 19:17 <DIR> d-------- C:\ProgramData\Media Center Programs
2008-02-08 16:06 . 2008-03-03 19:10 <DIR> d-------- C:\Program Files\Electronic Arts
2008-02-06 17:45 . 2008-03-03 19:12 <DIR> d-------- C:\Program Files\Mediafour
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-04 13:50 --------- d-----w C:\Users\Mike\AppData\Roaming\Skype
2008-03-03 19:26 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-03-03 19:26 --------- d-----w C:\Program Files\Sony
2008-03-03 18:53 --------- d-sh--w C:\ProgramData\Vorlagen
2008-03-03 18:53 --------- d-sh--w C:\ProgramData\Startmenü
2008-03-03 18:53 --------- d-sh--w C:\ProgramData\Favoriten
2008-03-03 18:53 --------- d-sh--w C:\ProgramData\Dokumente
2008-03-03 18:53 --------- d-sh--w C:\ProgramData\Anwendungsdaten
2008-03-03 18:53 --------- d-sh--w C:\Program Files\Gemeinsame Dateien
2008-03-03 18:33 --------- d--h--r C:\Users\Mike\AppData\Roaming\SecuROM
2008-03-03 18:33 --------- d-----w C:\Users\Mike\AppData\Roaming\Winamp
2008-03-03 18:33 --------- d-----w C:\Users\Mike\AppData\Roaming\vlc
2008-03-03 18:33 --------- d-----w C:\Users\Mike\AppData\Roaming\Sony Corporation
2008-03-03 18:33 --------- d-----w C:\Users\Mike\AppData\Roaming\Nero
2008-03-03 18:33 --------- d-----w C:\Users\Mike\AppData\Roaming\InstallShield
2008-03-03 18:33 --------- d-----w C:\Users\Mike\AppData\Roaming\ICQLite
2008-03-03 18:33 --------- d-----w C:\Users\Mike\AppData\Roaming\ICQ
2008-03-03 18:33 --------- d-----w C:\Users\Mike\AppData\Roaming\DAEMON Tools
2008-03-03 18:33 --------- d-----w C:\Users\Mike\AppData\Roaming\Ahead
2008-03-03 18:18 --------- d-----w C:\ProgramData\Symantec
2008-03-03 18:18 --------- d-----w C:\ProgramData\Sony Corporation
2008-03-03 18:17 --------- d-----w C:\ProgramData\Sony
2008-03-03 18:17 --------- d-----w C:\ProgramData\SonicStage
2008-03-03 18:17 --------- d-----w C:\ProgramData\NVIDIA
2008-03-03 18:17 --------- d-----w C:\ProgramData\Nero
2008-03-03 18:17 --------- d-----w C:\ProgramData\MumboJumbo
2008-03-03 18:17 --------- d-----w C:\ProgramData\Microsoft Help
2008-03-03 18:17 --------- d-----w C:\ProgramData\Avira
2008-03-03 18:17 --------- d-----w C:\ProgramData\Ahead
2008-03-03 18:16 --------- d-----w C:\Program Files\Winamp
2008-03-03 18:16 --------- d-----w C:\Program Files\VolumeWatcher
2008-03-03 18:16 --------- d-----w C:\Program Files\VLC
2008-03-03 18:16 --------- d-----w C:\Program Files\Toshiba
2008-03-03 18:16 --------- d-----w C:\Program Files\Symantec
2008-03-03 18:16 --------- d-----w C:\Program Files\Support
2008-03-03 18:15 --------- d-----w C:\Program Files\Skype
2008-03-03 18:15 --------- d-----w C:\Program Files\Shared
2008-03-03 18:15 --------- d-----w C:\Program Files\Roxio
2008-03-03 18:14 --------- d-----w C:\Program Files\Nero
2008-03-03 18:14 --------- d-----w C:\Program Files\MusicTransfer
2008-03-03 18:14 --------- d-----w C:\Program Files\MSBuild
2008-03-03 18:14 --------- d-----w C:\Program Files\Mindjet
2008-03-03 18:14 --------- d-----w C:\Program Files\Microsoft.NET
2008-03-03 18:14 --------- d-----w C:\Program Files\Microsoft Works
2008-03-03 18:13 --------- d-----w C:\Program Files\Microsoft Visual Studio 8
2008-03-03 18:13 --------- d-----w C:\Program Files\Microsoft SQL Server
2008-03-03 18:12 --------- d-----w C:\Program Files\Mapview
2008-03-03 18:12 --------- d-----w C:\Program Files\Java
2008-03-03 18:12 --------- d-----w C:\Program Files\InterVideo
2008-03-03 18:12 --------- d-----w C:\Program Files\Intel
2008-03-03 18:12 --------- d-----w C:\Program Files\InitTool
2008-03-03 18:12 --------- d-----w C:\Program Files\Importer
2008-03-03 18:12 --------- d-----w C:\Program Files\ICQ6
2008-03-03 18:11 --------- d-----w C:\Program Files\GPSMatch
2008-03-03 18:11 --------- d-----w C:\Program Files\Google BAE
2008-03-03 18:11 --------- d-----w C:\Program Files\Google
2008-03-03 18:11 --------- d-----w C:\Program Files\GameSpy
2008-03-03 18:10 --------- d-----w C:\Program Files\devolo
2008-03-03 18:10 --------- d-----w C:\Program Files\DAEMON Tools Lite
2008-03-03 18:10 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-03-03 18:10 --------- d-----w C:\Program Files\Common Files\Sony Shared
2008-03-03 18:10 --------- d-----w C:\Program Files\Common Files\Nero
2008-03-03 18:10 --------- d-----w C:\Program Files\Common Files\Java
2008-03-03 18:10 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-03-03 18:10 --------- d-----w C:\Program Files\Common Files\Ahead
2008-03-03 18:10 --------- d-----w C:\Program Files\Common Files\Adobe
2008-03-03 18:10 --------- d-----w C:\Program Files\Browser
2008-03-03 18:10 --------- d-----w C:\Program Files\Avira
2008-03-03 18:10 --------- d-----w C:\Program Files\Ahead
2008-03-03 18:09 --------- d-----w C:\Program Files\Activision
2008-02-15 16:30 22,328 ----a-w C:\Windows\system32\drivers\PnkBstrK.sys
2008-02-08 15:35 22,328 ----a-w C:\Users\Mike\AppData\Roaming\PnkBstrK.sys
2008-01-10 06:50 715,248 ----a-w C:\Windows\system32\drivers\sptd.sys
2007-05-10 11:56 0 ----a-w C:\Users\Mike\AppData\Roaming\wklnhst.dat
2007-05-08 10:56 1,207,068 ----a-w C:\Users\Mike\wrar37b8.exe
2006-11-02 12:50 174 --sha-w C:\Program Files\desktop.ini
2006-10-25 19:47 561,152 ----a-w C:\Program Files\stupdaterapp.exe
2006-10-25 19:46 98,304 ----a-w C:\Program Files\regdll.dll
2006-10-25 19:46 71,539 ----a-w C:\Program Files\StMp3Rec.sys
2006-10-25 19:46 360 ----a-w C:\Program Files\stmp3recnt.cat
2006-10-25 19:46 262,144 ----a-w C:\Program Files\stmpres.dll
2006-10-05 09:24 4,628 ----a-w C:\Program Files\stmp3rec.inf
2006-09-18 07:47 3,231,252 ----a-w C:\Program Files\resource.bin
2006-09-18 07:47 276,400 ----a-w C:\Program Files\updater.sb
2006-09-18 07:47 276,400 ----a-w C:\Program Files\hostlink.sb
2006-09-18 07:47 245,408 ----a-w C:\Program Files\stunicow.dll
2006-09-18 07:47 22,486 ----a-w C:\Program Files\uninstall.ico
2006-09-18 07:47 21,098 ----a-w C:\Program Files\hostrsc.bin
2006-09-18 07:47 131,578 ----a-w C:\Program Files\stmpsys.sb
2006-09-18 07:47 13,536 ----a-w C:\Program Files\bootmanager.sb
.
(((((((((((((((((((((((((((( Autostart Punkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Hinweis* leere Eintrage & legitime Standardeintrage werden nicht angezeigt.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30030c3b-df4b-4c43-a406-413cf880d723}]
C:\Windows\system32\tvkphjsx.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2006-11-02 13:35 1196032]
"WindowsWelcomeCenter"="oobefldr.dll" [2006-11-02 13:34 2159104 C:\Windows\System32\oobefldr.dll]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe" [2007-08-03 12:51 202024]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [2008-01-03 14:54 486856]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2006-11-02 13:35 125440]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2006-09-29 13:41 20053544]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2005-05-31 01:04 1415824]
"SsAAD.exe"="C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe" [2006-11-13 18:43 472632]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 13:36 201728]
"ICQ"="C:\Program Files\ICQ6\ICQ.exe" [2007-12-19 15:48 172280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2006-11-02 13:34 1004136]
"Apoint"="C:\Program Files\Apoint\Apoint.exe" [2006-09-11 08:23 118784]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2006-12-19 05:38 7766016]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2006-12-19 05:38 81920]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
"AppMon Utility"="C:\Program Files\Sony\AppMonUtil\AppMonUtility.exe" [2006-11-15 15:48 415864]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-01-24 18:09 249896]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 23:47 31016]
"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2006-09-29 12:39 151552]
"ISBMgr.exe"="C:\Program Files\Sony\ISB Utility\ISBMgr.exe" [2006-11-11 15:35 43128]
"NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-08-08 09:25 1828136]
"NeroFilterCheck"="C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 15:57 153136]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
"VAIOCameraUtility"="C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe" [2006-11-14 10:46 411768]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2007-05-14 23:22 35328]
C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Audio Filter.lnk - C:\Program Files\Sony\SonicStage Mastering Studio\Audio Filter\SSMSFilter.exe [2007-01-17 13:30:07 6173752]
Picture Motion Browser Medienprfung.lnk - C:\Program Files\VolumeWatcher\SPUVolumeWatcher.exe [2007-05-03 20:32:46 229376]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
w98Eject.lnk - C:\Windows\System\w98eject.exe [2007-04-10 14:49:08 61440]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
VESWinlogon.dll 2006-12-14 15:06 73728 C:\Windows\System32\VESWinlogon.dll
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{B582AD67-3E33-4209-B258-6DDF61EB340F}"= Disabled:TCP:C:\Program Files\Skype\Phone\Skype.exe:Skype
"{14867EC9-137D-47FE-9FAA-E1ACCF981227}"= Disabled:UDP:C:\Program Files\Skype\Phone\Skype.exe:Skype
"{B70DD75F-5558-4722-B51C-672C2F6EC48E}"= Disabled:TCP:C:\Program Files\Skype\Phone\Skype.exe:Skype
"{79756899-DE82-45A2-BB83-BCDBB75F0117}"= Disabled:UDP:C:\Program Files\Skype\Phone\Skype.exe:Skype
"{76CC757A-6014-4D2B-A190-B1AD8E226580}"= TCP:C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe:CrysisDedicatedServer_32
"{9392DC8F-5AC8-4D2F-8ED2-0135E2DC0F6B}"= UDP:C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe:CrysisDedicatedServer_32
"{A20E2CF9-CB8E-4FD0-9ED9-B09D25B852FA}"= TCP:C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe:Crysis_32
"{2387586D-867A-4658-807C-E7DDB49FB115}"= UDP:C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe:Crysis_32
"{0E4BFA17-DE8E-4149-A47B-206D06121911}"= TCP:C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM)
"{DF8C03AA-2ADD-4070-81DF-45D9A0134338}"= UDP:C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM)
"{81999BE4-7DE8-48E6-98DE-7162417C8C01}"= TCP:C:\Windows\System32\PnkBstrB.exe
"{F3E389DD-A1B0-4F37-815C-E3E2F71AA7A8}"= UDP:C:\Windows\System32\PnkBstrB.exe
"{F7786C66-7058-40AA-8EDE-93BE63FAD5AF}"= TCP:C:\Windows\System32\PnkBstrA.exe
"{60558F98-73A0-411E-8D06-A222438A83F0}"= UDP:C:\Windows\System32\PnkBstrA.exe
"UDP Query User{C9FC74D3-FB2C-4905-9A43-84099C242A3F}C:\program files\icq6\icq.exe"= TCP:C:\program files\icq6\icq.exe:ICQ Library|Desc=ICQ Library
"TCP Query User{2F80F96B-DE2A-4D3F-94C3-4925754F3F66}C:\program files\icq6\icq.exe"= UDP:C:\program files\icq6\icq.exe:ICQ Library|Desc=ICQ Library
"TCP Query User{FD6FD02E-1CE0-45A5-84B2-997C40C54325}C:\program files\icqlite\icqlite.exe"= UDP:C:\program files\icqlite\icqlite.exe:ICQLite|Desc=ICQLite
"UDP Query User{DF72239B-C185-400E-8F3A-EE979C9ADCC3}C:\program files\icqlite\icqlite.exe"= TCP:C:\program files\icqlite\icqlite.exe:ICQLite|Desc=ICQLite
"TCP Query User{6E6C26BF-4DF6-4127-9AAD-3C8D470AA649}C:\program files\icqlite\icqlite.exe"= UDP:C:\program files\icqlite\icqlite.exe:ICQLite|Desc=ICQLite
"UDP Query User{DD5F222E-DBEB-451A-9CD2-C4F882FBD326}C:\program files\icqlite\icqlite.exe"= TCP:C:\program files\icqlite\icqlite.exe:ICQLite|Desc=ICQLite
"{6B338883-D4FA-470A-9D98-E1D58A152428}"= Disabled:UDP:C:\Program Files\devolo\informer\devinf.exe:devolo Informer
"{495D9996-73FE-4ADC-8AD5-D2739F5EE710}"= Disabled:TCP:C:\Program Files\devolo\informer\devinf.exe:devolo Informer
"{ED89831F-9427-42D7-9DD2-BBC3C34A6497}"= Disabled:UDP:C:\Program Files\devolo\easyshare\easyshare.exe:devolo EasyShare
"{B810054C-4290-4A5B-94DB-F96C1C76CB69}"= Disabled:TCP:C:\Program Files\devolo\easyshare\easyshare.exe:devolo EasyShare
"{320C48A0-B74F-4F91-967F-CDF5E5F8B6EC}"= Disabled:UDP:C:\Program Files\Adobe\Photoshop Elements 5.0\AdobePhotoshopElementsMediaServer.exe:Adobe Photoshop Elements Media Server
"{6A0653F4-9965-4ABF-9C02-82158EBC80D9}"= Disabled:TCP:C:\Program Files\Adobe\Photoshop Elements 5.0\AdobePhotoshopElementsMediaServer.exe:Adobe Photoshop Elements Media Server
"{03C8EEEA-364A-4765-AFDC-D03632AEEA58}"= TCP:6004|C:\Program Files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{72665FC4-C1A1-408D-BE3F-5B8FBA6A8349}"= UDP:C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{A4E53947-EF65-455A-BF0E-8B3B2DCA24FE}"= TCP:C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{F88CDC84-236E-40F4-A498-2ECFD17B9BAF}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{66BEC52E-958A-4DA1-A948-AB90F958791C}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|
R2 Automatisches LiveUpdate - Scheduler;Automatisches LiveUpdate - Scheduler;"C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe" [2007-09-26 10:53]
R2 MSSQL$VAIO_VEDB;SQL Server (VAIO_VEDB);"C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sVAIO_VEDB []
R2 PLCNDIS5;PLCNDIS5 NDIS Protocol Driver;C:\Windows\system32\plcndis5.sys [2004-05-17 09:21]
R2 SQLWriter;SQL Server VSS Writer;"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe" [2007-02-10 05:29]
R2 XAudio;XAudio;C:\Windows\system32\DRIVERS\xaudio.sys [2006-08-04 09:39]
R3 NETw3v32;Intel(R) PRO/Wireless 3945ABG Adaptertreiber für Windows Vista 32 Bit;C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-10-30 01:42]
R3 R5U870FLx86;R5U870 UVC Lower Filter ;C:\Windows\system32\Drivers\R5U870FLx86.sys [2006-10-27 14:08]
R3 R5U870FUx86;R5U870 UVC Upper Filter ;C:\Windows\system32\Drivers\R5U870FUx86.sys [2006-10-27 14:08]
R3 SonyImgF;Sony Image Conversion Filter Driver;C:\Windows\system32\DRIVERS\SonyImgF.sys [2006-09-06 10:44]
R3 ti21sony;ti21sony;C:\Windows\system32\drivers\ti21sony.sys [2006-11-06 14:56]
S3 AVerM115S;AVerM115S service;C:\Windows\system32\DRIVERS\AVerM115S.sys [2006-12-19 02:46]
S3 VAIOMediaPlatform-UCLS-AppServer;VAIO Media Content Collection;C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe [2007-01-10 15:51]
S3 VAIOMediaPlatform-UCLS-HTTP;VAIO Media Content Collection (HTTP);"C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-UCLS-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\UCLS\HTTP" []
S3 VAIOMediaPlatform-UCLS-UPnP;VAIO Media Content Collection (UPnP);C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [2007-01-08 16:06]
.
Inhalt des "geplante Tasks" Ordners
"2008-03-04 14:45:00 C:\Windows\Tasks\User_Feed_Synchronization-{067609EE-1B15-4694-A752-31B76F1F873A}.job"
- C:\Windows\system32\msfeedssync.exe
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-04 15:44:37
Windows 6.0.6000 NTFS
Scanne versteckte Prozesse...
Scanne versteckte Autostart Einträge...
Scanne versteckte Dateien...
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Windows\system32\PnkBstrA.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
C:\Windows\system32\conime.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Apoint\ApMsgFwd.exe
C:\Program Files\Apoint\Apntex.exe
C:\\?\C:\Windows\system32\wbem\WMIADAP.EXE
.
**************************************************************************
.
Zeit der Fertigstellung: 2008-03-04 15:48:41 - machine was rebooted
ComboFix-quarantined-files.txt 2008-03-04 14:48:37
Hijackthis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:55:21, on 04.03.2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16386)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Sony\AppMonUtil\AppMonUtility.exe
C:\Windows\Explorer.exe
C:\Windows\System\w98eject.exe
C:\Program Files\Sony\SonicStage Mastering Studio\Audio Filter\SSMSFilter.exe
C:\Program Files\VolumeWatcher\SPUVolumeWatcher.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Mike\Desktop\hijack\HJT.exe
C:\Windows\system32\DllHost.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gmx.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.89.181:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: {327d088f-c314-604a-34c4-b4fdb3c03003} - {30030c3b-df4b-4c43-a406-413cf880d723} - C:\Windows\system32\tvkphjsx.dll (file missing)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\PROGRA~1\GOOGLE~1\BAE.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AppMon Utility] "C:\Program Files\Sony\AppMonUtil\AppMonUtility.exe" @@@Start
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [VAIOCameraUtility] "C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ6\ICQ.exe" silent
O4 - Startup: Audio Filter.lnk = C:\Program Files\Sony\SonicStage Mastering Studio\Audio Filter\SSMSFilter.exe
O4 - Startup: Picture Motion Browser Medienprüfung.lnk = C:\Program Files\VolumeWatcher\SPUVolumeWatcher.exe
O4 - Global Startup: w98Eject.lnk = ?
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O13 - Gopher Prefix:
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://static.ak.studivz.net/photouploader/ImageUploader4.cab?nocache=20071219-1
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://icq.oberon-media.com/online//online2/luxor/mjolauncher.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll
O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Automatisches LiveUpdate - Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AvLib\MSCSPTISRV.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AvLib\PACSPTISVR.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AvLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AvLib\SSScsiSV.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Media Content Collection (VAIOMediaPlatform-UCLS-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe
O23 - Service: VAIO Media Content Collection (HTTP) (VAIOMediaPlatform-UCLS-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Content Collection (UPnP) (VAIOMediaPlatform-UCLS-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 10382 bytes
datfind:
Verzeichnis von C:\Windows\system32
04.03.2008 15:51 665.178 perfh009.dat
04.03.2008 15:51 708.320 perfh007.dat
04.03.2008 15:51 125.196 perfc009.dat
04.03.2008 15:51 144.700 perfc007.dat
04.03.2008 15:51 1.636.472 PerfStringBackup.INI
04.03.2008 15:44 5.056 7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
04.03.2008 15:44 5.056 7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
03.03.2008 20:24 1.524.224 wucltux.dll
03.03.2008 20:24 43.352 wups2.dll
03.03.2008 20:24 53.080 wuauclt.exe
03.03.2008 20:24 1.712.984 wuaueng.dll
03.03.2008 20:24 80.896 wudriver.dll
03.03.2008 20:24 33.624 wups.dll
03.03.2008 20:24 549.720 wuapi.dll
03.03.2008 20:23 163.000 wuwebv.dll
03.03.2008 20:23 31.232 wuapp.exe
03.03.2008 19:48 54.990 license.rtf
03.03.2008 19:42 22.236 emptyregdb.dat
03.03.2008 19:38 382.896 FNTCACHE.DAT
15.02.2008 17:30 66.872 PnkBstrA.exe
15.02.2008 17:29 103.736 PnkBstrB.exe
11.02.2008 20:27 917.504 FLASH.OCX
08.02.2008 16:35 669.184 pbsvc.exe
30.01.2008 16:02 107.888 CmdLineExt.dll
04.12.2007 12:04 5.636 jupdate-1.6.0_03-b05.log
26.09.2007 10:53 511.328 capicom.dll