Home » Viren, Trojaner & Malware Forum » Ebay Account gehackt » Themenansicht

Ebay Account gehackt
#0
18.02.2010, 13:33
Sarah86
Member

Themenstarter

Beiträge: 71
#16 Logfile of random's system information tool 1.06 (written by random/random)
Run by Administrator at 2010-02-18 13:30:47
Microsoft Windows XP Professional Service Pack 3
System drive C: has 69 GB (91%) free of 76 GB
Total RAM: 1279 MB (54% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:31:05, on 18.02.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINXP\System32\smss.exe
C:\WINXP\system32\winlogon.exe
C:\WINXP\system32\services.exe
C:\WINXP\system32\lsass.exe
C:\WINXP\system32\svchost.exe
C:\WINXP\System32\svchost.exe
C:\WINXP\system32\svchost.exe
C:\WINXP\system32\spoolsv.exe
C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
C:\WINXP\system32\FsUsbExService.Exe
C:\Programme\Java\jre6\bin\jqs.exe
C:\WINXP\system32\svchost.exe
C:\WINXP\Explorer.EXE
C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
C:\WINXP\system32\ctfmon.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\klwtblfs.exe
C:\Dokumente und Einstellungen\Administrator.BIE\Desktop\RSIT.exe
C:\Programme\trend micro\Administrator.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - (no file)
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Programme\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - (no file)
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AVP] "C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINXP\system32\ctfmon.exe
O4 - HKCU\..\Run: [ICQ] "C:\Programme\ICQ7.0\ICQ.exe" silent loginmode=4
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Programme\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Programme\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
O9 - Extra button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINXP\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINXP\bdoscandel.exe (file missing)
O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Programme\ICQ7.0\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Programme\ICQ7.0\ICQ.exe
O9 - Extra button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINXP\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINXP\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Programme\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: ASKService - Unknown owner - C:\Programme\AskBarDis\bar\bin\AskService.exe (file missing)
O23 - Service: ASKUpgrade - Unknown owner - C:\Programme\AskBarDis\bar\bin\ASKUpgrade.exe (file missing)
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
O23 - Service: FsUsbExService - Teruten - C:\WINXP\system32\FsUsbExService.Exe
O23 - Service: getPlus(R) Helper - Unknown owner - C:\Programme\NOS\bin\getPlus_HelperSvc.exe (file missing)
O23 - Service: Google Desktop Manager 5.7.802.22438 (GoogleDesktopManager-022208-143751) - Unknown owner - C:\Programme\Google\Google Desktop Search\GoogleDesktop.exe (file missing)
O23 - Service: Google Update Service (gupdate1ca16619cb3ebda) (gupdate1ca16619cb3ebda) - Unknown owner - C:\Programme\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Google Software Updater (gusvc) - Google - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe
O23 - Service: SearchAnonymizer - Unknown owner - C:\Dokumente und Einstellungen\TEMP\Anwendungsdaten\OCS\SM\SearchAnonymizerHelper.exe (file missing)
O23 - Service: ServiceLayer - Unknown owner - C:\Programme\PC Connectivity Solution\ServiceLayer.exe (file missing)
O23 - Service: Windows Media Player-Netzwerkfreigabedienst (WMPNetworkSvc) - Unknown owner - C:\Programme\Windows Media Player\WMPNetwk.exe (file missing)

--
End of file - 7070 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Programme\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [2001-04-16 37808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
AskBar BHO

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
IEVkbdBHO Class - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll [2009-10-20 68112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll [2009-08-07 259696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Programme\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-12-05 764912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Programme\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll [2009-04-25 470512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Programme\Java\jre6\bin\jp2ssv.dll [2010-01-11 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]
FilterBHO Class - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll [2009-10-20 268816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-01-11 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{3041d03e-fd4b-44e0-b742-2d9b88305f98} - []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe [2010-01-11 246504]
"AVP"=C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [2009-10-20 340456]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINXP\system32\ctfmon.exe [2008-04-14 15360]
"ICQ"=C:\Programme\ICQ7.0\ICQ.exe [2010-02-11 133368]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner]
C:\Programme\CCleaner\CCleaner.exe [2009-11-24 1738040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
C:\WINXP\system32\klogon.dll [2009-10-20 219664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINXP\system32\wpdshserviceobj.dll [2008-05-09 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\WINXP\system32\sessmgr.exe"="C:\WINXP\system32\sessmgr.exe:*;)isabled:@xpsp2res.dll,-22019"
"C:\Programme\ICQ7.0\ICQ.exe"="C:\Programme\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"C:\Programme\ICQ7.0\aolload.exe"="C:\Programme\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Programme\MSN Messenger\livecall.exe"="C:\Programme\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Programme\ICQ7.0\ICQ.exe"="C:\Programme\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"C:\Programme\ICQ7.0\aolload.exe"="C:\Programme\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"

======List of files/folders created in the last 1 months======

2010-02-18 13:30:49 ----D---- C:\Programme\trend micro
2010-02-18 13:30:47 ----D---- C:\rsit
2010-02-17 22:03:13 ----SD---- C:\test
2010-02-17 22:01:55 ----D---- C:\Qoobox
2010-02-17 13:26:40 ----A---- C:\WINXP\system32\nv4_disp.dll
2010-02-15 16:05:07 ----A---- C:\WINXP\system32\xactengine2_9.dll
2010-02-15 16:05:06 ----A---- C:\WINXP\system32\d3dx9_35.dll
2010-02-15 16:05:06 ----A---- C:\WINXP\system32\d3dx10_35.dll
2010-02-15 16:05:06 ----A---- C:\WINXP\system32\D3DCompiler_35.dll
2010-02-15 16:05:05 ----A---- C:\WINXP\system32\xactengine2_8.dll
2010-02-15 16:05:05 ----A---- C:\WINXP\system32\x3daudio1_2.dll
2010-02-15 16:05:04 ----A---- C:\WINXP\system32\xinput1_3.dll
2010-02-15 16:05:04 ----A---- C:\WINXP\system32\d3dx9_34.dll
2010-02-15 16:05:04 ----A---- C:\WINXP\system32\d3dx10_34.dll
2010-02-15 16:05:04 ----A---- C:\WINXP\system32\D3DCompiler_34.dll
2010-02-15 16:05:01 ----A---- C:\WINXP\system32\xactengine2_7.dll
2010-02-15 16:04:57 ----A---- C:\WINXP\system32\d3dx10_33.dll
2010-02-15 16:04:57 ----A---- C:\WINXP\system32\D3DCompiler_33.dll
2010-02-15 16:04:54 ----A---- C:\WINXP\system32\d3dx9_33.dll
2010-02-15 16:04:53 ----A---- C:\WINXP\system32\xactengine2_6.dll
2010-02-15 16:04:52 ----A---- C:\WINXP\system32\xactengine2_5.dll
2010-02-15 16:04:51 ----A---- C:\WINXP\system32\xactengine2_4.dll
2010-02-15 16:04:51 ----A---- C:\WINXP\system32\x3daudio1_1.dll
2010-02-15 16:04:51 ----A---- C:\WINXP\system32\d3dx9_31.dll
2010-02-15 16:04:50 ----A---- C:\WINXP\system32\xinput1_2.dll
2010-02-15 16:04:50 ----A---- C:\WINXP\system32\xactengine2_3.dll
2010-02-15 16:04:49 ----A---- C:\WINXP\system32\xinput1_1.dll
2010-02-15 16:04:49 ----A---- C:\WINXP\system32\xactengine2_2.dll
2010-02-15 16:04:48 ----A---- C:\WINXP\system32\xactengine2_1.dll
2010-02-15 16:04:37 ----A---- C:\WINXP\system32\d3dx9_30.dll
2010-02-15 16:04:36 ----A---- C:\WINXP\system32\xactengine2_0.dll
2010-02-15 16:04:36 ----A---- C:\WINXP\system32\x3daudio1_0.dll
2010-02-15 16:04:36 ----A---- C:\WINXP\system32\d3dx9_29.dll
2010-02-15 16:04:35 ----A---- C:\WINXP\system32\xinput9_1_0.dll
2010-02-15 16:04:35 ----A---- C:\WINXP\system32\d3dx9_28.dll
2010-02-15 16:04:34 ----A---- C:\WINXP\system32\d3dx9_27.dll
2010-02-15 16:04:33 ----A---- C:\WINXP\system32\d3dx9_26.dll
2010-02-15 16:04:33 ----A---- C:\WINXP\system32\d3dx9_25.dll
2010-02-15 16:04:30 ----A---- C:\WINXP\system32\d3dx9_24.dll
2010-02-14 16:24:47 ----D---- C:\WINXP\Logs
2010-02-14 16:24:28 ----D---- C:\Programme\Winamp Detect
2010-02-13 20:25:12 ----D---- C:\Programme\Malwarebytes' Anti-Malware
2010-02-12 12:03:27 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Sun
2010-02-12 12:03:26 ----D---- C:\Programme\Gemeinsame Dateien\Java
2010-02-12 12:02:21 ----A---- C:\WINXP\system32\javaws.exe
2010-02-12 12:02:21 ----A---- C:\WINXP\system32\javaw.exe
2010-02-12 12:02:21 ----A---- C:\WINXP\system32\java.exe
2010-02-09 18:57:46 ----D---- C:\Programme\ICQ6Toolbar
2010-02-09 18:56:48 ----D---- C:\Dokumente und Einstellungen\Administrator.BIE\Anwendungsdaten\ICQ
2010-02-09 18:56:24 ----D---- C:\Programme\ICQ7.0
2010-02-09 13:19:39 ----D---- C:\Programme\Mozilla Firefox

======List of files/folders modified in the last 1 months======

2010-02-18 13:31:01 ----D---- C:\WINXP\Prefetch
2010-02-18 13:30:49 ----RD---- C:\Programme
2010-02-18 12:32:16 ----D---- C:\WINXP\Temp
2010-02-18 09:51:29 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Kaspersky Lab
2010-02-18 09:50:49 ----D---- C:\WINXP
2010-02-18 09:48:40 ----A---- C:\WINXP\SchedLgU.Txt
2010-02-18 08:39:27 ----D---- C:\WINXP\system32
2010-02-18 08:19:58 ----D---- C:\WINXP\Minidump
2010-02-18 07:47:13 ----SHD---- C:\WINXP\CSC
2010-02-17 22:07:39 ----D---- C:\WINXP\system32\drivers
2010-02-17 22:07:39 ----D---- C:\WINXP\AppPatch
2010-02-17 22:07:34 ----D---- C:\Programme\Gemeinsame Dateien
2010-02-17 22:03:59 ----D---- C:\WINXP\system32\CatRoot2
2010-02-17 13:26:51 ----RSHDC---- C:\WINXP\system32\dllcache
2010-02-17 13:26:34 ----HD---- C:\WINXP\inf
2010-02-15 16:09:21 ----HD---- C:\Programme\InstallShield Installation Information
2010-02-15 16:05:32 ----SHD---- C:\WINXP\Installer
2010-02-15 16:05:16 ----SHD---- C:\Config.Msi
2010-02-15 16:05:09 ----D---- C:\WINXP\system32\DirectX
2010-02-15 16:04:48 ----RSD---- C:\WINXP\assembly
2010-02-15 16:04:39 ----D---- C:\WINXP\Microsoft.NET
2010-02-15 15:57:44 ----D---- C:\Dokumente und Einstellungen\Administrator.BIE\Anwendungsdaten\Microsoft
2010-02-15 15:42:44 ----SD---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft
2010-02-15 13:11:24 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software
2010-02-15 13:10:39 ----SD---- C:\WINXP\Tasks
2010-02-15 12:08:13 ----D---- C:\Dokumente und Einstellungen\Administrator.BIE\Anwendungsdaten\Winamp
2010-02-14 22:46:33 ----D---- C:\Dokumente und Einstellungen\Administrator.BIE\Anwendungsdaten\Azureus
2010-02-14 16:25:34 ----D---- C:\Programme\Winamp
2010-02-13 09:10:07 ----SHD---- C:\System Volume Information
2010-02-13 09:07:08 ----D---- C:\Programme\Kaspersky Lab
2010-02-13 09:05:24 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Kaspersky Lab Setup Files
2010-02-12 12:01:54 ----D---- C:\Programme\Java
2010-02-09 18:57:41 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ICQ
2010-02-09 18:54:29 ----D---- C:\Programme\Common Files
2010-02-07 20:17:11 ----SD---- C:\WINXP\Downloaded Program Files
2010-02-07 19:52:56 ----D---- C:\Programme\Google
2010-02-07 16:26:38 ----D---- C:\Programme\Windows Media Player

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 intelppm;Intel-Prozessortreiber; C:\WINXP\system32\DRIVERS\intelppm.sys [2008-04-14 40448]
R1 kl1;Kl1; \??\C:\WINXP\system32\drivers\kl1.sys []
R1 KLIF;Kaspersky Lab Driver; C:\WINXP\system32\DRIVERS\klif.sys [2010-02-13 315408]
R2 atksgt;atksgt; C:\WINXP\system32\DRIVERS\atksgt.sys [2010-02-15 278984]
R2 CdaC15BA;CdaC15BA; \??\C:\WINXP\system32\drivers\CDAC15BA.SYS []
R2 lirsgt;lirsgt; C:\WINXP\system32\DRIVERS\lirsgt.sys [2008-11-29 18048]
R3 ac97intc;Intel(r) 82801 Audiotreiber-Installationsdienst (WDM); C:\WINXP\system32\drivers\ac97intc.sys [2001-08-17 96256]
R3 E100B;Intel(R) PRO-Adaptertreiber; C:\WINXP\system32\DRIVERS\e100b325.sys [2001-08-18 117760]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINXP\system32\FsUsbExDisk.SYS []
R3 GearAspiWDM;GEARAspiWDM; C:\WINXP\System32\drivers\GEARAspiWDM.sys [2008-02-22 16168]
R3 HidUsb;Microsoft HID Class-Treiber; C:\WINXP\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINXP\system32\DRIVERS\klim5.sys [2009-09-14 32272]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\WINXP\system32\DRIVERS\klmouflt.sys [2009-10-02 19472]
R3 mouhid;Maus-HID-Treiber; C:\WINXP\system32\DRIVERS\mouhid.sys [2001-08-18 12288]
R3 nv;nv; C:\WINXP\system32\DRIVERS\nv4_mini.sys [2008-04-13 1897408]
R3 usbhub;USB2-aktivierter Hub; C:\WINXP\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbuhci;Miniporttreiber für universellen Microsoft USB-Hostcontroller; C:\WINXP\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S1 kbdhid;Tastatur-HID-Treiber; C:\WINXP\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
S3 Ad-Watch Connect Filter;Ad-Watch Connect Kernel Filter; \??\C:\WINXP\system32\drivers\NSDriver.sys []
S3 ati2mtag;ati2mtag; C:\WINXP\system32\DRIVERS\ati2mtag.sys [2008-04-14 701952]
S3 avfc8nug;avfc8nug; C:\WINXP\system32\drivers\avfc8nug.sys []
S3 catchme;catchme; \??\C:\DOKUME~1\ADMINI~1.BIE\LOKALE~1\Temp\catchme.sys []
S3 CCDECODE;Untertiteldecoder; C:\WINXP\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 ggflt;SEMC USB Flash Driver Filter; C:\WINXP\system32\DRIVERS\ggflt.sys []
S3 ggsemc;SEMC USB Flash Driver; C:\WINXP\system32\DRIVERS\ggsemc.sys []
S3 k600bus;Sony Ericsson 600i driver (WDM); C:\WINXP\system32\DRIVERS\k600bus.sys [2006-03-13 52384]
S3 k600mdfl;Sony Ericsson 600i USB WMC Modem Filter; C:\WINXP\system32\DRIVERS\k600mdfl.sys [2006-03-13 6096]
S3 k600mdm;Sony Ericsson 600i USB WMC Modem Drivers; C:\WINXP\system32\DRIVERS\k600mdm.sys [2006-03-13 87456]
S3 k600mgmt;Sony Ericsson 600i USB WMC Device Management Drivers; C:\WINXP\system32\DRIVERS\k600mgmt.sys [2006-03-13 79248]
S3 k600obex;Sony Ericsson 600i USB WMC OBEX Interface Drivers; C:\WINXP\system32\DRIVERS\k600obex.sys [2006-03-13 77072]
S3 LVUVC;Logitech QuickCam E3500(UVC); C:\WINXP\system32\DRIVERS\lvuvc.sys [2009-04-30 6754712]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\WINXP\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI-Codec; C:\WINXP\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV-/Videoverbindung; C:\WINXP\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINXP\system32\drivers\ccdcmb.sys [2009-02-09 17664]
S3 nmwcdc;Nokia USB Generic; C:\WINXP\system32\drivers\ccdcmbo.sys [2009-02-09 22016]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINXP\system32\drivers\nmwcdnsu.sys [2009-03-19 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\WINXP\system32\drivers\nmwcdnsuc.sys [2009-03-19 8320]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINXP\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 SE2Bbus;Sony Ericsson Device 043 Driver driver (WDM); C:\WINXP\system32\DRIVERS\SE2Bbus.sys [2006-05-01 61600]
S3 SE2Bmdfl;Sony Ericsson Device 043 USB WMC Modem Filter; C:\WINXP\system32\DRIVERS\SE2Bmdfl.sys [2006-11-10 9360]
S3 SE2Bmdm;Sony Ericsson Device 043 USB WMC Modem Driver; C:\WINXP\system32\DRIVERS\SE2Bmdm.sys [2006-11-10 97184]
S3 SE2Bmgmt;Sony Ericsson Device 043 USB WMC Device Management Drivers (WDM); C:\WINXP\system32\DRIVERS\SE2Bmgmt.sys [2006-11-10 88688]
S3 se2Bnd5;Sony Ericsson Device 043 USB Ethernet Emulation SEMC43 (NDIS); C:\WINXP\system32\DRIVERS\se2Bnd5.sys [2006-11-10 18704]
S3 SE2Bobex;Sony Ericsson Device 043 USB WMC OBEX Interface; C:\WINXP\system32\DRIVERS\SE2Bobex.sys [2006-11-10 86560]
S3 se2Bunic;Sony Ericsson Device 043 USB Ethernet Emulation SEMC43 (WDM); C:\WINXP\system32\DRIVERS\se2Bunic.sys [2006-11-10 90800]
S3 SE30bus;Sony Ericsson Device 048 Driver driver (WDM); C:\WINXP\system32\DRIVERS\SE30bus.sys [2006-11-10 61600]
S3 SE30mdfl;Sony Ericsson Device 048 USB WMC Modem Filter; C:\WINXP\system32\DRIVERS\SE30mdfl.sys [2006-11-10 9360]
S3 SE30mdm;Sony Ericsson Device 048 USB WMC Modem Driver; C:\WINXP\system32\DRIVERS\SE30mdm.sys [2006-11-10 97184]
S3 SE30mgmt;Sony Ericsson Device 048 USB WMC Device Management Drivers (WDM); C:\WINXP\system32\DRIVERS\SE30mgmt.sys [2006-11-10 88688]
S3 se30nd5;Sony Ericsson Device 048 USB Ethernet Emulation SEMC48 (NDIS); C:\WINXP\system32\DRIVERS\se30nd5.sys [2006-11-10 18704]
S3 SE30obex;Sony Ericsson Device 048 USB WMC OBEX Interface; C:\WINXP\system32\DRIVERS\SE30obex.sys [2006-11-10 86560]
S3 se30unic;Sony Ericsson Device 048 USB Ethernet Emulation SEMC48 (WDM); C:\WINXP\system32\DRIVERS\se30unic.sys [2006-11-10 90800]
S3 se44bus;Sony Ericsson Device 068 driver (WDM); C:\WINXP\system32\DRIVERS\se44bus.sys [2006-11-30 61536]
S3 se44mdfl;Sony Ericsson Device 068 USB WMC Modem Filter; C:\WINXP\system32\DRIVERS\se44mdfl.sys [2006-11-30 9360]
S3 se44mdm;Sony Ericsson Device 068 USB WMC Modem Driver; C:\WINXP\system32\DRIVERS\se44mdm.sys [2006-11-30 97088]
S3 se44mgmt;Sony Ericsson Device 068 USB WMC Device Management Drivers (WDM); C:\WINXP\system32\DRIVERS\se44mgmt.sys [2006-11-30 88624]
S3 se44nd5;Sony Ericsson Device 068 USB Ethernet Emulation SEMC44 (NDIS); C:\WINXP\system32\DRIVERS\se44nd5.sys [2006-11-30 18704]
S3 se44obex;Sony Ericsson Device 068 USB WMC OBEX Interface; C:\WINXP\system32\DRIVERS\se44obex.sys [2006-11-30 86432]
S3 se44unic;Sony Ericsson Device 068 USB Ethernet Emulation SEMC44 (WDM); C:\WINXP\system32\DRIVERS\se44unic.sys [2006-11-30 90800]
S3 SLIP;BDA Slip De-Framer; C:\WINXP\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA-IPSink; C:\WINXP\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 upperdev;upperdev; C:\WINXP\system32\DRIVERS\usbser_lowerflt.sys [2009-02-09 7808]
S3 usbccgp;Microsoft Standard-USB-Haupttreiber; C:\WINXP\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbscan;USB-Scannertreiber; C:\WINXP\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; C:\WINXP\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINXP\system32\DRIVERS\usbser_lowerfltj.sys [2009-02-09 7808]
S3 USBSTOR;USB-Massenspeichertreiber; C:\WINXP\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINXP\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WpdUsb;WpdUsb; C:\WINXP\system32\DRIVERS\wpdusb.sys [2008-05-09 38528]
S3 WSTCODEC;World Standard Teletext-Codec; C:\WINXP\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINXP\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]
S4 WS2IFSL;Windows Socket 2.0 Non-IFS-Dienstanbieter-Unterstützungsumgebung; C:\WINXP\System32\drivers\ws2ifsl.sys [2008-04-14 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AVP;Kaspersky Internet Security; C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [2009-10-20 340456]
R2 FsUsbExService;FsUsbExService; C:\WINXP\system32\FsUsbExService.Exe [2009-03-12 233472]
R2 JavaQuickStarterService;Java Quick Starter; C:\Programme\Java\jre6\bin\jqs.exe [2009-12-17 153376]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINXP\system32\svchost.exe [2008-04-14 14336]
S2 ASKService;ASKService; C:\Programme\AskBarDis\bar\bin\AskService.exe []
S2 ASKUpgrade;ASKUpgrade; C:\Programme\AskBarDis\bar\bin\ASKUpgrade.exe []
S2 gupdate1ca16619cb3ebda;Google Update Service (gupdate1ca16619cb3ebda); C:\Programme\Google\Update\GoogleUpdate.exe /svc []
S2 SearchAnonymizer;SearchAnonymizer; C:\Dokumente und Einstellungen\TEMP\Anwendungsdaten\OCS\SM\SearchAnonymizerHelper.exe []
S3 aspnet_state;ASP.NET State Service; C:\WINXP\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINXP\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINXP\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 getPlus(R) Helper;getPlus(R) Helper; C:\Programme\NOS\bin\getPlus_HelperSvc.exe []
S3 GoogleDesktopManager-022208-143751;Google Desktop Manager 5.7.802.22438; C:\Programme\Google\Google Desktop Search\GoogleDesktop.exe []
S3 gusvc;Google Software Updater; C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-08-06 190448]
S3 IDriverT;InstallDriver Table Manager; C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2005-02-24 73728]
S3 idsvc;Windows CardSpace; c:\WINXP\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Programme\PC Connectivity Solution\ServiceLayer.exe []
S3 WMPNetworkSvc;Windows Media Player-Netzwerkfreigabedienst; C:\Programme\Windows Media Player\WMPNetwk.exe []
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINXP\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------
Seitenanfang Seitenende
18.02.2010, 14:12
virenfinder
Member

Beiträge: 3716
#17 überspringe die meldung von combofix.
Seitenanfang Seitenende
18.02.2010, 14:14
Sarah86
Member

Themenstarter

Beiträge: 71
#18 COMBOFIX stürzt auch im ABGESICHERTEN Modus ab!
Seitenanfang Seitenende
18.02.2010, 14:30
virenfinder
Member

Beiträge: 3716
#19 ok, versuch mal drweb cureit im abgesicherten modus:

http://www.paules-pc-forum.de/forum/4-pc-sicherheit/125060-dr-web-cureit.html
den schnellscan gleich überspringen und zum komplett scan kommen.
hast du übrigens ebay erreicht?
Seitenanfang Seitenende
18.02.2010, 15:05
Sarah86
Member

Themenstarter

Beiträge: 71
#20 ja, ebay habe ich erreicht, haben sich noch nicht zurück gemeldet!
Mache jetzt den Scan
Seitenanfang Seitenende
18.02.2010, 17:21
Sarah86
Member

Themenstarter

Beiträge: 71
#21 Habe mit Doktor Web im Abgesicherten Modus gescannt, nichts gefunden!

Ist mein Pc noch Infiziert?
Seitenanfang Seitenende
18.02.2010, 17:30
virenfinder
Member

Beiträge: 3716
#22 hmm die hälfte der programme funktioniert ja nicht. du sagtest ja dein pc arbeitet ungewöhnlich viel, tritt das noch auf? ich würde sicherheitshalber den pc nach folgender anleitung neu aufsetzen:
http://board.protecus.de/t13020.htm
endere dann alle passwörter etc. verzichte auf unnötige toolbars und so weiter
Seitenanfang Seitenende
Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!

Folgende Themen könnten Dich auch interessieren:
Seite(n): 12