ComboFix Log

Dieses Thema im Forum "Viren, Würmer, Spyware" wurde erstellt von Zrs, 16.09.2008.

  1. Zrs

    Zrs Erfahrener Benutzer

    Dabei seit:
    25.06.2008
    Beiträge:
    117
    Zustimmungen:
    0
    Hallo,

    kann mir da jemand behilflich sein; bei diesem Log? Danke!!!



    ComboFix 08-09-14.06 - asterix 2008-09-15 22:45:58.1 - NTFSx86
    Running from: C:\Documents and Settings\asterix\Desktop\ComboFix.exe

    WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
    .

    ((((((((((((((((((((((((( Files Created from 2008-08-15 to 2008-09-15 )))))))))))))))))))))))))))))))
    .

    2008-09-14 15:52 . 2008-09-14 15:55 <DIR> d-------- C:\Program Files\LimeWire
    2008-09-14 15:52 . 2008-09-14 15:55 <DIR> d-------- C:\Documents and Settings\asterix\Application Data\LimeWire
    2008-09-13 15:23 . 2008-09-13 17:07 <DIR> d-------- C:\Documents and Settings\asterix\.housecall6.6
    2008-09-13 15:21 . 2008-09-13 15:21 <DIR> d-------- C:\WINDOWS\Sun
    2008-09-13 14:05 . 2008-09-13 14:05 <DIR> d-------- C:\fsaua.data
    2008-09-13 10:41 . 2008-09-13 10:41 <DIR> d-------- C:\Program Files\Trend Micro
    2008-09-12 18:45 . 2008-09-12 18:45 410,976 --a------ C:\WINDOWS\system32\deploytk.dll
    2008-09-12 18:45 . 2008-09-12 18:45 73,728 --a------ C:\WINDOWS\system32\javacpl.cpl
    2008-09-11 21:48 . 2008-09-15 08:21 <DIR> d-------- C:\Program Files\Panda Security
    2008-09-09 17:24 . 2008-09-09 17:24 <DIR> d-------- C:\Documents and Settings\asterix\Application Data\Sunbelt
    2008-09-09 17:24 . 2008-09-09 17:24 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Sunbelt
    2008-09-09 17:23 . 2008-09-09 17:34 <DIR> d-------- C:\Program Files\Sunbelt Software
    2008-09-04 14:47 . 2008-09-04 15:28 <DIR> d-------- C:\Program Files\Secunia
    2008-09-04 13:42 . 2008-09-04 13:43 <DIR> d-------- C:\Program Files\Chrome
    2008-08-29 10:32 . 2008-08-29 10:32 <DIR> d--hs---- C:\Documents and Settings\asterix\PrivacIE
    2008-08-29 10:17 . 2008-08-29 10:21 <DIR> d--h-c--- C:\WINDOWS\ie8
    2008-08-28 10:03 . 2008-08-28 10:03 <DIR> d-------- C:\Program Files\Winamp Toolbar
    2008-08-28 10:03 . 2008-08-28 10:03 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Winamp Toolbar
    2008-08-26 17:20 . 2008-08-26 17:20 59,176 --a------ C:\WINDOWS\system32\sbbd.exe
    2008-08-25 13:24 . 2008-08-25 13:29 <DIR> d-------- C:\Program Files\Lavalys
    2008-08-22 03:05 . 2008-08-22 03:05 48,640 --------- C:\WINDOWS\system32\PrivacIE.dll
    2008-08-16 19:22 . 2008-08-16 19:22 <DIR> d-------- C:\Documents and Settings\asterix\Application Data\KC Softwares
    2008-08-16 18:18 . 2008-08-27 16:31 <DIR> d-------- C:\Program Files\KC Softwares

    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-09-15 20:25 --------- d-----w C:\Program Files\PeerGuardian2
    2008-09-15 20:23 --------- d-----w C:\Program Files\MedalFolders
    2008-09-14 13:50 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
    2008-09-13 08:55 --------- d-----w C:\Program Files\ANTI_VIRUS
    2008-09-13 08:28 --------- d-----w C:\Program Files\Java
    2008-09-10 20:39 --------- d-----w C:\Program Files\Malwarebytes' Anti-Malware
    2008-09-09 22:04 38,528 ----a-w C:\WINDOWS\system32\drivers\mbamswissarmy.sys
    2008-09-09 22:03 17,200 ----a-w C:\WINDOWS\system32\drivers\mbam.sys
    2008-08-28 08:05 --------- d-----w C:\Program Files\Winamp
    2008-08-27 15:36 --------- d-----w C:\Program Files\Avira
    2008-08-22 01:08 878,592 ----a-w C:\WINDOWS\system32\wininet.dll
    2008-08-22 01:08 43,008 ----a-w C:\WINDOWS\system32\licmgr10.dll
    2008-08-22 01:07 18,944 ----a-w C:\WINDOWS\system32\corpol.dll
    2008-08-22 01:06 72,704 ----a-w C:\WINDOWS\system32\admparse.dll
    2008-08-22 01:06 71,680 ----a-w C:\WINDOWS\system32\iesetup.dll
    2008-08-22 01:06 434,176 ----a-w C:\WINDOWS\system32\vbscript.dll
    2008-08-22 01:05 48,128 ----a-w C:\WINDOWS\system32\mshtmler.dll
    2008-08-22 01:05 35,840 ----a-w C:\WINDOWS\system32\imgutil.dll
    2008-08-22 01:04 45,568 ----a-w C:\WINDOWS\system32\mshta.exe
    2008-08-22 00:57 156,160 ----a-w C:\WINDOWS\system32\msls31.dll
    2008-08-11 18:43 --------- d-----w C:\Documents and Settings\asterix\Application Data\dvdcss
    2008-08-05 15:55 265,720 ----a-w C:\WINDOWS\system32\msdbg2.dll
    2008-07-29 11:58 --------- d-----w C:\Documents and Settings\asterix\Application Data\Winamp
    2008-07-28 22:14 --------- d-----w C:\Documents and Settings\asterix\Application Data\vlc
    2008-07-28 15:49 65,536 ----a-w C:\WINDOWS\IFinst27.exe
    2008-07-28 13:10 --------- d-----w C:\Program Files\Shock Utility
    2008-07-28 12:49 --------- d-----w C:\Program Files\Windows Tools
    2008-07-28 07:14 --------- d-----w C:\Program Files\VisualTaskTips
    2008-07-28 07:13 --------- d-----w C:\Program Files\RocketDock
    2008-07-28 07:12 --------- d-----w C:\Program Files\FolderSize
    2008-07-28 07:10 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-07-28 07:10 --------- d-----w C:\Program Files\Avira GmbH
    2008-07-28 06:48 --------- d-----w C:\Program Files\Spybot - Search & Destroy
    2008-07-28 06:41 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2008-07-28 06:35 --------- d-----w C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
    2008-07-27 15:38 --------- d-----w C:\Documents and Settings\All Users\Application Data\Avira
    2008-07-25 19:11 --------- d-----w C:\Documents and Settings\asterix\Application Data\Malwarebytes
    2008-07-25 19:11 --------- d-----w C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2008-07-24 08:15 --------- d-----w C:\Program Files\XLS to DBF
    2008-07-21 10:15 --------- d-----w C:\Program Files\GooglePreview
    2008-07-21 09:57 5,940 --sha-w C:\WINDOWS\system32\drivers\5ec1B2.DAT
    2008-07-21 09:57 5,940 --sha-w C:\WINDOWS\system32\drivers\5431B3.DAT
    2008-07-21 09:57 5,940 --sha-w C:\WINDOWS\system32\drivers\0261B1.DAT
    2008-07-20 19:19 --------- d-----w C:\Program Files\Google
    2008-07-20 19:18 --------- d-----w C:\Program Files\Common Files\InstallShield
    2008-07-07 20:32 253,952 ----a-w C:\WINDOWS\system32\es.dll
    2008-06-24 16:23 74,240 ----a-w C:\WINDOWS\system32\mscms.dll
    2008-06-20 17:41 245,248 ----a-w C:\WINDOWS\system32\mswsock.dll
    2008-05-22 12:03 2,673 ----a-w C:\Program Files\Sony Ericsson PC Suite.lnk
    .

    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
    "{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}"= "C:\Program Files\Winamp Toolbar\winamptb.dll" [2008-07-16 1266992]

    [HKEY_CLASSES_ROOT\clsid\{57bca5fa-5dbb-45a2-b558-1755c3f6253b}]
    [HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch.1]
    [HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]
    [HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Duden Korrektor SysTray"="C:\Program Files\Duden\Duden Korrektor\dktray.exe" [2007-06-22 565976]
    "PeerGuardian"="C:\Program Files\PeerGuardian2\pg2.exe" [2005-09-18 1421824]
    "VisualTaskTips"="C:\Program Files\VisualTaskTips\VisualTaskTips.exe" [2008-06-22 65536]
    "RocketDock"="C:\Program Files\RocketDock\RocketDock.exe" [2007-09-02 495616]
    "Shock4Way3D"="C:\Program Files\Shock Utility\Shock4Way3D\Shock4Way3D.exe" [2008-06-08 1222144]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 15360]
    "ShockAero3D"="C:\Program Files\Shock Utility\ShockAero3D\ShockAero3D.exe" [2008-05-14 1181696]
    "Google Update"="C:\Documents and Settings\asterix\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2008-09-03 133104]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
    "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 155648]
    "HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-05-11 49152]
    "Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2006-11-24 487424]
    "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
    "SBAMTray"="C:\Program Files\Sunbelt Software\CounterSpy\SBAMTray.exe" [2008-08-26 677160]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre6\bin\jusched.exe" [2008-09-12 136600]
    "SigmatelSysTrayApp"="stsystra.exe" [2006-07-27 C:\WINDOWS\stsystra.exe]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 15360]

    C:\Documents and Settings\asterix\Start Menu\Programs\Startup\
    MedalFolders.lnk - C:\Program Files\MedalFolders\MedalFolders.exe [2005-11-24 965120]
    Secunia PSI (RC3).lnk - C:\Program Files\Secunia\PSI (RC3)\psi.exe [2008-06-16 663552]

    C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
    HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2005-05-11 282624]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBAMS
    vc]
    @="Service"

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\Aut
    horizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "C:\\Program Files\\Azureus\\Azureus.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "C:\\Documents and Settings\\All Users\\Application Data\\Kaspersky Lab Setup Files\\Kaspersky Internet Security 2009\\German\\setup.exe"=
    "C:\\Program Files\\LimeWire\\LimeWire.exe"=

    R2 JavaQuickStarterService;Java Quick Starter;C:\Program Files\Java\jre6\bin\jqs.exe [2008-09-12 152984]
    S0 0261B1;0261B1;C:\WINDOWS\system32\drivers\0261B1.SYS [ ]
    S1 5ec1B2;5ec1B2;C:\WINDOWS\system32\drivers\5ec1B2.SYS [ ]
    S2 5431B3;5431B3;C:\WINDOWS\system32\drivers\5431B3.SYS [ ]
    S2 SBAMSvc;Sunbelt VIPRE Antivirus Service;C:\Program Files\Sunbelt Software\CounterSpy\SBAMSvc.exe [2008-08-26 869672]
    S3 PSI;PSI;C:\WINDOWS\system32\DRIVERS\psi_mf.sys [2008-06-16 7808]
    S3 SBRE;SBRE;C:\WINDOWS\system32\drivers\SBREdrv.sys [2007-11-06 87848]
    S3 se46bus;Sony Ericsson Device 070 driver (WDM);C:\WINDOWS\system32\DRIVERS\se46bus.sys [2006-11-30 61536]
    S3 se46mdfl;Sony Ericsson Device 070 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\se46mdfl.sys [2006-11-30 9360]
    S3 se46mdm;Sony Ericsson Device 070 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\se46mdm.sys [2006-11-30 97088]
    S3 se46mgmt;Sony Ericsson Device 070 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\se46mgmt.sys [2006-11-30 88624]
    S3 se46nd5;Sony Ericsson Device 070 USB Ethernet Emulation SEMC46 (NDIS);C:\WINDOWS\system32\DRIVERS\se46nd5.sys [2006-11-30 18704]
    S3 se46obex;Sony Ericsson Device 070 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\se46obex.sys [2006-11-30 86432]
    S3 se46unic;Sony Ericsson Device 070 USB Ethernet Emulation SEMC46 (WDM);C:\WINDOWS\system32\DRIVERS\se46unic.sys [2006-11-30 90800]

    *Newly Created Service* - PROCEXP90
    .
    Contents of the 'Scheduled Tasks' folder
    .
    - - - - ORPHANS REMOVED - - - -

    HKLM-Run-WinampAgent - C:\Program Files\Winamp\winampa.exe


    .
    ------- Supplementary Scan -------
    .
    FireFox -: Profile - C:\Documents and Settings\asterix\Application Data\Mozilla\Firefox\Profiles\ns0s736m.default\
    FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://***.google.ch/
    FF -: plugin - C:\Documents and Settings\asterix\Local Settings\Application Data\Google\Update\1.2.131.11\npGoogleOneClick5.dll
    FF -: plugin - C:\Program Files\Java\jre6\bin\new_plugin\npdeploytk.dll
    FF -: plugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
    FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll
    FF -: plugin - C:\Program Files\Yahoo!\Common\npyaxmpb.dll
    .

    **************************************************************************

    catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://***.gmer.net
    Rootkit scan 2008-09-15 22:48:41
    Windows 5.1.2600 Service Pack 2 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************
    .
    Completion time: 2008-09-15 22:50:04
    ComboFix-quarantined-files.txt 2008-09-15 20:49:48

    Pre-Run: 84,776,894,464 bytes free
    Post-Run: 84,946,231,296 bytes free

    183 --- E O F --- 2008-08-16 18:03:32



    Mfg Zrs
     
  2. AdMan

    schau mal hier: Windows-Wartungs-Tool. Viele Probleme lassen sich damit einfach beheben. Oftmals ist der PC dann auch schneller!
    Registrieren bzw. einloggen, um diese und auch andere Anzeigen zu deaktivieren.
Thema: ComboFix Log
Besucher kamen mit folgenden Suchen
  1. combofix log beispiel

Die Seite wird geladen...

ComboFix Log - Ähnliche Themen

  1. .php Login - Benutzer festlegen/log in benötigen!

    .php Login - Benutzer festlegen/log in benötigen!: Ja, hallo liebes Forum. Ich habe vor kurzem meine Homepage von HTML auf PHP geändert, sodas ich anfangen konnte einen log in bereich zu...
  2. Ping log Batch

    Ping log Batch: Hallo zusammen, ich wollte eine Batch Datei schreiben die folgendes kann. Wenn ein Router nicht über Ping erreichbar ist, soll mir das Batch...
  3. Kann sich mal jemand den Hijackthis log ansehen?...

    Kann sich mal jemand den Hijackthis log ansehen?...: ..und mir sagen was ich hier fixen kann? Mein PC ist voll lahm und so Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19:36:20, on...