D!xxx
Ich hab seit ein paar Tagen irgendeine Art von Virus auf meinem PC. Da ich mich damit nicht so genau damit auskenne, hab ich genau die Anweisungen in einem der Threads befolgt. Ich hoffe, dass mir jemand helfen kann. Danke schon mal im vorraus. Das hier ist die Logdatei:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:53:53, on 12.07.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\AntiVir PersonalEdition Classic\sched.exe
C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe
C:\Programme\iTunes\iTunesHelper.exe
C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
C:\Programme\ICQ6\ICQ.exe
C:\Programme\iPod\bin\iPodService.exe
C:\PROGRA~2\Altnet\DOWNLO~1\asm.exe
C:\WINDOWS\system32\P2P Networking\P2P Networking.exe
C:\Programme\Internet Explorer\IEXPLORE.EXE
C:\Programme\Internet Explorer\IEXPLORE.EXE
C:\Programme\Real\RealPlayer\RealPlay.exe
C:\Programme\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://softwarereferral.com/jump.php?wmi...=MjI6Ojg5&lid=2
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
F2 - REG:system.ini: Shell=explorer.exe "C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\ibm00003.exe"
O1 - Hosts: localhost 127.0.0.1
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SearchToolbar - {08BEC6AA-49FC-4379-3587-4B21E286C19E} - (no file)
O2 - BHO: MSVPS System - {4118A625-1B64-4ED1-A2E9-76DEC529D2D2} - C:\WINDOWS\qnxplugin.dll
O2 - BHO: Need2Find Bar BHO - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} - C:\Programme\Need2Find\bar\1.bin\ND2FNBAR.DLL
O2 - BHO: InstaFinder_K - {4E7BD74F-2B8D-469E-90F0-F66AB581A933} - C:\Programme\INSTAFINK\instafink.dll
O2 - BHO: (no name) - {59879FA4-4790-461c-A1CC-4EC4DE4CA483} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar3.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O3 - Toolbar: SearchToolbar - {08BEC6AA-49FC-4379-3587-4B21E286C19E} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar3.dll
O3 - Toolbar: RX Toolbar - {25D8BACF-3DE2-4B48-AE22-D659B8D835B0} - (no file)
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avgnt] "C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programme\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AltnetPointsManager] c:\program files\altnet\points manager\points manager.exe -s
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ICQ] "C:\Programme\ICQ6\ICQ.exe" silent
O4 - HKLM\..\Policies\Explorer\Run: [SystemManager] C:\WINDOWS\system32\bootvid.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader - Schnellstart.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &ICQ Toolbar Search - res://D:\Programme\Icq\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: &Search - http://kp.bar.need2find.com/KP/menusearch.html?p=KP
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6\ICQ.exe
O16 - DPF: RaptisoftGameLoader - http://www.miniclip.com/hamsterball/raptisoftgameloader.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
O17 - HKLM\System\CCS\Services\Tcpip\..\{22F410F1-F2FF-4B98-ABC2-1523340CB57D}: NameServer = 85.255.114.40,85.255.112.15
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.114.40 85.255.112.15
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.114.40 85.255.112.15
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.114.40 85.255.112.15
O18 - Filter hijack: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - (no file)
O21 - SSODL: msddx - {6604D0B9-80BF-4BD8-9DFE-68D0F3A0B701} - C:\WINDOWS\msddx.dll
O21 - SSODL: msqnx - {097352B1-1955-4B7F-9D64-A9F4182D2C53} - C:\WINDOWS\msqnx.dll
O23 - Service: AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Service (AntiVirService) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Programme\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Programme\TuneUp Utilities 2004\WinStylerThemeSvc.exe
O24 - Desktop Component 0: Privacy Protection - file:///C:\WINDOWS\privacy_danger\index.htm
--
End of file - 7512 bytes
Und das die Datei aus WindowsScan:
Die 30 neuesten Dateien im Ordner Windows:
12.07.2007 dat.txt 19 58:1.057
12.07.2007 rs.txt 19 38:18.250
12.07.2007 smdat32m.sys 19 37:10
12.07.2007 wiadebug.log 19 36:159
12.07.2007 WindowsUpdate.log 19 36:1.116.185
12.07.2007 wiaservc.log 19 36:50
12.07.2007 0.log 19 36:0
12.07.2007 bootstat.dat 19 36:2.048
08.07.2007 wmsetup.log 17 00:99.015
07.07.2007 qnxplugin.dll 18 33:204.800
07.07.2007 msqnx.dll 18 33:173.056
07.07.2007 msddx.dll 18 33:172.032
06.07.2007 cdplayer.ini 23 02:12.289
02.07.2007 NeroDigital.ini 13 45:135
09.06.2007 setupapi.log 18 27:355.305
Error 29.05.2007 IE4 19 57:1.395
02.05.2007 ALCFDRTM.VER 18 21:60.416
30.04.2007 setupact.log 18 40:177.173
22.04.2007 Directx.log 14 36:159
08.04.2007 smdat32a.sys 17 43:0
02.02.2007 spupdsvc.log 21 21:36.494
02.02.2007 wmsetup10.log 21 20:510
02.02.2007 comsetup.log 21 03:178.278
02.02.2007 ntdtcsetup.log 21 03:106.563
02.02.2007 iis6.log 21 03:577.866
02.02.2007 ocmsn.log 21 03:28.030
02.02.2007 tabletoc.log 21 03:25.821
Die 50 neuesten Dateien im Ordner Windows\system32:
12.07.2007 d3d9caps.dat 19 37:664
12.07.2007 nvapps.xml 19 37:39.291
12.07.2007 wpa.dbl 19 36:2.206
28.03.2007 rmoc3260.dll 17 45:185.952
28.03.2007 pndx5032.dll 17 45:5.632
28.03.2007 pndx5016.dll 17 45:6.656
28.03.2007 pncrt.dll 17 45:278.528
25.03.2007 perfc009.dat 11 02:40.836
25.03.2007 perfh007.dat 11 02:320.094
25.03.2007 perfh009.dat 11 02:314.508
25.03.2007 perfc007.dat 11 02:49.174
25.03.2007 PerfStringBackup.INI 11 02:732.342
02.02.2007 amcompat.tlb 21 03:16.832
02.02.2007 nscompat.tlb 21 03:23.392
26.12.2006 CmdLineExt.dll 00 26:98.304
12.12.2006 LegitCheckControl.DLL 11 45:1.474.864
08.11.2006 inetcomm.dll 07 06:679.424
03.11.2006 wmploc.dll 11 02:8.282.112
03.11.2006 wmpshell.dll 10 56:99.840
03.11.2006 wmerror.dll 10 55:275.968
03.11.2006 asferror.dll 10 54:8.192
02.11.2006 wpdshextres.dll 12 51:43.008
23.10.2006 wininet.dll 17 17:664.576
23.10.2006 urlmon.dll 17 17:615.936
23.10.2006 shlwapi.dll 17 17:474.624
23.10.2006 shdocvw.dll 17 17:1.494.528
23.10.2006 pngfilt.dll 17 17:39.424
23.10.2006 mshtmled.dll 17 17:448.512
23.10.2006 msrating.dll 17 17:146.432
23.10.2006 mstime.dll 17 17:532.480
23.10.2006 mshtml.dll 17 17:3.076.096
23.10.2006 browseui.dll 17 17:1.022.976
23.10.2006 iepeers.dll 17 17:251.392
23.10.2006 danim.dll 17 17:1.056.256
23.10.2006 dxtmsft.dll 17 17:357.888
23.10.2006 dxtrans.dll 17 17:205.312
23.10.2006 extmgr.dll 17 17:55.808
23.10.2006 cdfview.dll 17 17:152.064
23.10.2006 jsproxy.dll 17 17:16.384
23.10.2006 inseng.dll 17 17:96.768
23.10.2006 xpsp3res.dll 13 42:123.392
20.10.2006 sxs.dll 03 38:715.776
18.10.2006 wdfmgr.exe 22 58:8.704
18.10.2006 uwdf.exe 22 58:8.704
18.10.2006 WMVSDECD.dll 22 47:1.382.912
18.10.2006 WMVENCOD.dll 22 47:1.574.912
18.10.2006 wmvdmoe2.dll 22 47:4.096
localhost 127.0.0.1
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:53:53, on 12.07.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\AntiVir PersonalEdition Classic\sched.exe
C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe
C:\Programme\iTunes\iTunesHelper.exe
C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
C:\Programme\ICQ6\ICQ.exe
C:\Programme\iPod\bin\iPodService.exe
C:\PROGRA~2\Altnet\DOWNLO~1\asm.exe
C:\WINDOWS\system32\P2P Networking\P2P Networking.exe
C:\Programme\Internet Explorer\IEXPLORE.EXE
C:\Programme\Internet Explorer\IEXPLORE.EXE
C:\Programme\Real\RealPlayer\RealPlay.exe
C:\Programme\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://softwarereferral.com/jump.php?wmi...=MjI6Ojg5&lid=2
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
F2 - REG:system.ini: Shell=explorer.exe "C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\ibm00003.exe"
O1 - Hosts: localhost 127.0.0.1
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SearchToolbar - {08BEC6AA-49FC-4379-3587-4B21E286C19E} - (no file)
O2 - BHO: MSVPS System - {4118A625-1B64-4ED1-A2E9-76DEC529D2D2} - C:\WINDOWS\qnxplugin.dll
O2 - BHO: Need2Find Bar BHO - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} - C:\Programme\Need2Find\bar\1.bin\ND2FNBAR.DLL
O2 - BHO: InstaFinder_K - {4E7BD74F-2B8D-469E-90F0-F66AB581A933} - C:\Programme\INSTAFINK\instafink.dll
O2 - BHO: (no name) - {59879FA4-4790-461c-A1CC-4EC4DE4CA483} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar3.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O3 - Toolbar: SearchToolbar - {08BEC6AA-49FC-4379-3587-4B21E286C19E} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar3.dll
O3 - Toolbar: RX Toolbar - {25D8BACF-3DE2-4B48-AE22-D659B8D835B0} - (no file)
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avgnt] "C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programme\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AltnetPointsManager] c:\program files\altnet\points manager\points manager.exe -s
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ICQ] "C:\Programme\ICQ6\ICQ.exe" silent
O4 - HKLM\..\Policies\Explorer\Run: [SystemManager] C:\WINDOWS\system32\bootvid.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader - Schnellstart.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &ICQ Toolbar Search - res://D:\Programme\Icq\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: &Search - http://kp.bar.need2find.com/KP/menusearch.html?p=KP
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6\ICQ.exe
O16 - DPF: RaptisoftGameLoader - http://www.miniclip.com/hamsterball/raptisoftgameloader.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
O17 - HKLM\System\CCS\Services\Tcpip\..\{22F410F1-F2FF-4B98-ABC2-1523340CB57D}: NameServer = 85.255.114.40,85.255.112.15
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.114.40 85.255.112.15
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.114.40 85.255.112.15
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.114.40 85.255.112.15
O18 - Filter hijack: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - (no file)
O21 - SSODL: msddx - {6604D0B9-80BF-4BD8-9DFE-68D0F3A0B701} - C:\WINDOWS\msddx.dll
O21 - SSODL: msqnx - {097352B1-1955-4B7F-9D64-A9F4182D2C53} - C:\WINDOWS\msqnx.dll
O23 - Service: AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Service (AntiVirService) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Programme\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Programme\TuneUp Utilities 2004\WinStylerThemeSvc.exe
O24 - Desktop Component 0: Privacy Protection - file:///C:\WINDOWS\privacy_danger\index.htm
--
End of file - 7512 bytes
Und das die Datei aus WindowsScan:
Die 30 neuesten Dateien im Ordner Windows:
12.07.2007 dat.txt 19 58:1.057
12.07.2007 rs.txt 19 38:18.250
12.07.2007 smdat32m.sys 19 37:10
12.07.2007 wiadebug.log 19 36:159
12.07.2007 WindowsUpdate.log 19 36:1.116.185
12.07.2007 wiaservc.log 19 36:50
12.07.2007 0.log 19 36:0
12.07.2007 bootstat.dat 19 36:2.048
08.07.2007 wmsetup.log 17 00:99.015
07.07.2007 qnxplugin.dll 18 33:204.800
07.07.2007 msqnx.dll 18 33:173.056
07.07.2007 msddx.dll 18 33:172.032
06.07.2007 cdplayer.ini 23 02:12.289
02.07.2007 NeroDigital.ini 13 45:135
09.06.2007 setupapi.log 18 27:355.305
Error 29.05.2007 IE4 19 57:1.395
02.05.2007 ALCFDRTM.VER 18 21:60.416
30.04.2007 setupact.log 18 40:177.173
22.04.2007 Directx.log 14 36:159
08.04.2007 smdat32a.sys 17 43:0
02.02.2007 spupdsvc.log 21 21:36.494
02.02.2007 wmsetup10.log 21 20:510
02.02.2007 comsetup.log 21 03:178.278
02.02.2007 ntdtcsetup.log 21 03:106.563
02.02.2007 iis6.log 21 03:577.866
02.02.2007 ocmsn.log 21 03:28.030
02.02.2007 tabletoc.log 21 03:25.821
Die 50 neuesten Dateien im Ordner Windows\system32:
12.07.2007 d3d9caps.dat 19 37:664
12.07.2007 nvapps.xml 19 37:39.291
12.07.2007 wpa.dbl 19 36:2.206
28.03.2007 rmoc3260.dll 17 45:185.952
28.03.2007 pndx5032.dll 17 45:5.632
28.03.2007 pndx5016.dll 17 45:6.656
28.03.2007 pncrt.dll 17 45:278.528
25.03.2007 perfc009.dat 11 02:40.836
25.03.2007 perfh007.dat 11 02:320.094
25.03.2007 perfh009.dat 11 02:314.508
25.03.2007 perfc007.dat 11 02:49.174
25.03.2007 PerfStringBackup.INI 11 02:732.342
02.02.2007 amcompat.tlb 21 03:16.832
02.02.2007 nscompat.tlb 21 03:23.392
26.12.2006 CmdLineExt.dll 00 26:98.304
12.12.2006 LegitCheckControl.DLL 11 45:1.474.864
08.11.2006 inetcomm.dll 07 06:679.424
03.11.2006 wmploc.dll 11 02:8.282.112
03.11.2006 wmpshell.dll 10 56:99.840
03.11.2006 wmerror.dll 10 55:275.968
03.11.2006 asferror.dll 10 54:8.192
02.11.2006 wpdshextres.dll 12 51:43.008
23.10.2006 wininet.dll 17 17:664.576
23.10.2006 urlmon.dll 17 17:615.936
23.10.2006 shlwapi.dll 17 17:474.624
23.10.2006 shdocvw.dll 17 17:1.494.528
23.10.2006 pngfilt.dll 17 17:39.424
23.10.2006 mshtmled.dll 17 17:448.512
23.10.2006 msrating.dll 17 17:146.432
23.10.2006 mstime.dll 17 17:532.480
23.10.2006 mshtml.dll 17 17:3.076.096
23.10.2006 browseui.dll 17 17:1.022.976
23.10.2006 iepeers.dll 17 17:251.392
23.10.2006 danim.dll 17 17:1.056.256
23.10.2006 dxtmsft.dll 17 17:357.888
23.10.2006 dxtrans.dll 17 17:205.312
23.10.2006 extmgr.dll 17 17:55.808
23.10.2006 cdfview.dll 17 17:152.064
23.10.2006 jsproxy.dll 17 17:16.384
23.10.2006 inseng.dll 17 17:96.768
23.10.2006 xpsp3res.dll 13 42:123.392
20.10.2006 sxs.dll 03 38:715.776
18.10.2006 wdfmgr.exe 22 58:8.704
18.10.2006 uwdf.exe 22 58:8.704
18.10.2006 WMVSDECD.dll 22 47:1.382.912
18.10.2006 WMVENCOD.dll 22 47:1.574.912
18.10.2006 wmvdmoe2.dll 22 47:4.096
localhost 127.0.0.1