HILFEEE

Dieses Thema im Forum "Viren, Würmer, Spyware" wurde erstellt von derfreak, 25.05.2008.

  1. #1 derfreak, 25.05.2008
    derfreak

    derfreak Neuer Benutzer

    Dabei seit:
    25.05.2008
    Beiträge:
    28
    Zustimmungen:
    0
    Ich habe schon seit längerem ein problem.... ich weiß nicht wann es passiert ist und und wie... ich kann mein internet explorer nicht benutzen und andere browser dergleichen auch, mit wmplayer kann ich keine internetstreams hören(dies geht nur mit winamp), keine fotos mehr ins internet hochladen... und vieles mehr nicht, was ich früher konnte und was mir jetzt nicht einfällt. Momentan benutz ich firefox, da ich mit diesem Browser als einziges surfen kann...
    Ich hoffe ihr könnt mir helfen... Ist mit der zeit echt lästig geworden!!
    habe es jetzt unter virenprobleme gepackt weil ich nicht wirklich weiß was es ist...

    DANKESCHÖN IM VORRAUS
     
  2. AdMan

    schau mal hier: Windows-Wartungs-Tool. Viele Probleme lassen sich damit einfach beheben. Oftmals ist der PC dann auch schneller!
    Registrieren bzw. einloggen, um diese und auch andere Anzeigen zu deaktivieren.
  3. #2 Ostseesand, 25.05.2008
    Ostseesand

    Ostseesand .

    Dabei seit:
    01.05.2006
    Beiträge:
    7.726
    Zustimmungen:
    0
    Hi,

    mach doch mal einen virencheck.
    lade dir hijackthis und führe es aus. das erstellte logfile poste hier rein.
     
  4. #3 derfreak, 25.05.2008
    derfreak

    derfreak Neuer Benutzer

    Dabei seit:
    25.05.2008
    Beiträge:
    28
    Zustimmungen:
    0
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 16:42:28, on 25.05.2008
    Platform: Windows Vista (WinNT 6.00.1904)
    MSIE: Internet Explorer v7.00 (7.00.6000.16473)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\Winamp\winampa.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\FlashGet\flashget.exe
    C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
    C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
    C:\Windows\vsnp2std.exe
    C:\Users\lothar\Program Files\BitTorrent_DNA\dna.exe
    C:\Program Files\Picasa2\PicasaMediaDetector.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
    C:\Program Files\TomTom HOME 2\HOMERunner.exe
    C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
    C:\Program Files\Sun\StarOffice 8\program\soffice.exe
    C:\Program Files\Sun\StarOffice 8\program\soffice.BIN
    C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    C:\Program Files\ICQ6\ICQ.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Winamp\winamp.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=localhost:5002
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: (no name) - {D73F49B6-B51B-4d32-A3B7-BD04B8342F53} - C:\Program Files\MorpheusBar\SrchAstt\1.bin\MBSRCAS.DLL (file missing)
    R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
    R3 - URLSearchHook: Techno4ever Toolbar - {fb7d98cb-b228-4ecb-acac-e7101156338e} - C:\Program Files\Techno4ever\tbTech.dll
    O1 - Hosts: ::1 localhost
    O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
    O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
    O2 - BHO: MorpheusToolbar BHO - {3F3714A1-89A4-46be-8AF3-D0C9D1FB03F9} - C:\Program Files\MorpheusBar\bar\1.bin\MORPHBAR.DLL
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
    O2 - BHO: (no name) - {D73F49B1-B51B-4d32-A3B7-BD04B8342F53} - C:\Program Files\MorpheusBar\SrchAstt\1.bin\MBSRCAS.DLL (file missing)
    O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
    O2 - BHO: Techno4ever Toolbar - {fb7d98cb-b228-4ecb-acac-e7101156338e} - C:\Program Files\Techno4ever\tbTech.dll
    O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
    O3 - Toolbar: Morpheus Toolbar - {3F3714A9-89A4-46be-8AF3-D0C9D1FB03F9} - C:\Program Files\MorpheusBar\bar\1.bin\MORPHBAR.DLL
    O3 - Toolbar: Techno4ever Toolbar - {fb7d98cb-b228-4ecb-acac-e7101156338e} - C:\Program Files\Techno4ever\tbTech.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
    O4 - HKLM\..\Run: [BearShare] "C:\Program Files\BearShare\BearShare.exe" /pause
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [Flashget] "C:\Program Files\FlashGet\FlashGet.exe" /min
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
    O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe"
    O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe"
    O4 - HKLM\..\Run: [PPort11reminder] "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini
    O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
    O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
    O4 - HKLM\..\Run: [snp2std] C:\Windows\vsnp2std.exe
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe
    O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
    O4 - HKCU\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
    O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Users\lothar\Program Files\BitTorrent_DNA\dna.exe"
    O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [WindowsWelcomeObserver] C:\Users\lothar\AppData\Roaming\Microsoft Connect Driver.exe
    O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST')
    O4 - Startup: Morpheus.lnk = C:\Program Files\Morpheus\Morpheus.exe
    O4 - Startup: StarOffice 8.lnk = C:\Program Files\Sun\StarOffice 8\program\quickstart.exe
    O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm
    O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe
    O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe
    O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
    O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
    O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
    O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
    O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
    O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
    O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe
    O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O13 - Gopher Prefix:
    O17 - HKLM\System\CCS\Services\Tcpip\..\{A1B0518E-E422-440B-8347-3C51B8802062}: NameServer = 62.220.18.8 89.246.64.8
    O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: PsExec (PSEXESVC) - Sysinternals - C:\Windows\PSEXESVC.EXE
     
  5. #4 Humdinger, 25.05.2008
    Humdinger

    Humdinger Erfahrener Benutzer

    Dabei seit:
    31.01.2008
    Beiträge:
    476
    Zustimmungen:
    0
  6. #5 derfreak, 25.05.2008
    derfreak

    derfreak Neuer Benutzer

    Dabei seit:
    25.05.2008
    Beiträge:
    28
    Zustimmungen:
    0
    ich werds jetzt machen ... hoffe mal dass das problem später behoben ist ... !
    danke!
     
  7. #6 derfreak, 25.05.2008
    derfreak

    derfreak Neuer Benutzer

    Dabei seit:
    25.05.2008
    Beiträge:
    28
    Zustimmungen:
    0
    habe counter spy runtergeladen und er zeigt mir folgende fehlermeldung an wenn ich ihn installieren will:
    Error 2738. Could not access VBScript run time for custom action .
     
  8. #7 derfreak, 25.05.2008
    derfreak

    derfreak Neuer Benutzer

    Dabei seit:
    25.05.2008
    Beiträge:
    28
    Zustimmungen:
    0
    Malwarebytes' Anti-Malware 1.12
    Datenbank Version: 722

    Scan Art: Komplett Scan (C:\|D:\|)
    Objekte gescannt: 139992
    Scan Dauer: 47 minute(s), 40 second(s)

    Infizierte Speicher Prozesse: 0
    Infizierte Speicher Module: 0
    Infizierte Registrierungsschlüssel: 2
    Infizierte Registrierungswerte: 0
    Infizierte Datei Objekte der Registrierung: 0
    Infizierte Verzeichnisse: 0
    Infizierte Dateien: 0

    Infizierte Speicher Prozesse:
    (Keine Malware Objekte gefunden)

    Infizierte Speicher Module:
    (Keine Malware Objekte gefunden)

    Infizierte Registrierungsschlüssel:
    HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{9afb8248-617f-460d-9366-d71cdeda3179} (Adware.MyWebSearch) -> No action taken.

    Infizierte Registrierungswerte:
    (Keine Malware Objekte gefunden)

    Infizierte Datei Objekte der Registrierung:
    (Keine Malware Objekte gefunden)

    Infizierte Verzeichnisse:
    (Keine Malware Objekte gefunden)

    Infizierte Dateien:
    (Keine Malware Objekte gefunden)
     
  9. #8 derfreak, 25.05.2008
    derfreak

    derfreak Neuer Benutzer

    Dabei seit:
    25.05.2008
    Beiträge:
    28
    Zustimmungen:
    0
    ComboFix 08-05-24.1 - lothar 2008-05-25 20:08:06.1 - NTFSx86
    Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1031.18.137 [GMT 2:00]
    ausgeführt von:: C:\Users\lothar\Desktop\ComboFix.exe
    * Neuer Wiederherstellungspunkt wurde erstellt
    .

    ((((((((((((((((((((((( Dateien erstellt von 2008-04-25 bis 2008-05-25 ))))))))))))))))))))))))))))))
    .

    2008-05-25 19:34 . 2008-05-25 19:34 <DIR> d-------- C:\Program Files\Yahoo!
    2008-05-25 19:34 . 2008-05-25 19:34 <DIR> d-------- C:\Program Files\CCleaner
    2008-05-25 18:15 . 2008-05-25 18:15 <DIR> d-------- C:\Users\lothar\AppData\Roaming\Malwarebytes
    2008-05-25 18:15 . 2008-05-25 18:15 <DIR> d-------- C:\Users\All Users\Malwarebytes
    2008-05-25 18:15 . 2008-05-25 18:15 <DIR> d-------- C:\ProgramData\Malwarebytes
    2008-05-25 18:15 . 2008-05-25 18:15 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
    2008-05-25 18:15 . 2008-05-05 20:46 27,048 --a------ C:\Windows\System32\drivers\mbamcatchme.sys
    2008-05-25 18:15 . 2008-05-05 20:46 15,864 --a------ C:\Windows\System32\drivers\mbam.sys
    2008-05-25 16:41 . 2008-05-25 16:41 <DIR> d-------- C:\Program Files\Trend Micro
    2008-05-01 23:19 . 2008-05-01 23:19 <DIR> d-------- C:\Program Files\Trust Webcam 14881
    2008-05-01 23:19 . 2007-01-20 11:37 12,028,800 --a------ C:\Windows\System32\drivers\snp2sxp.sys
    2008-05-01 23:19 . 2006-12-04 11:58 675,840 --a------ C:\Windows\vsnp2std.exe
    2008-05-01 23:19 . 2004-11-29 19:43 458,752 --a------ C:\Windows\amcap.exe
    2008-05-01 23:19 . 2006-10-04 11:33 151,552 --a------ C:\Windows\rsnp2std.dll
    2008-05-01 23:19 . 2005-11-24 09:46 114,672 --a------ C:\Windows\kacha.wav
    2008-05-01 23:19 . 2006-12-05 11:02 65,536 --a------ C:\Windows\System32\vsnp2std.dll
    2008-05-01 23:19 . 2005-11-23 13:55 53,248 --a------ C:\Windows\System32\csnp2std.dll
    2008-05-01 23:19 . 2007-01-25 18:48 25,472 --a------ C:\Windows\System32\drivers\sncamd.sys
    2008-05-01 23:19 . 2004-12-09 17:23 15,497 --a------ C:\Windows\snp2std.ini
    2008-05-01 23:19 . 2004-12-09 17:23 13,022 --a------ C:\Windows\snp2std.src
    2008-05-01 22:55 . 2008-05-01 22:55 <DIR> d-------- C:\Windows\PAC207
    2008-05-01 22:55 . 2008-05-01 22:55 <DIR> d-------- C:\Program Files\Trust
    2008-05-01 22:55 . 2008-05-01 22:55 <DIR> d-------- C:\Program Files\Common Files\RemoveC
    2008-05-01 22:55 . 2008-05-01 22:55 <DIR> d-------- C:\Program Files\Common Files\Remove64C
    2008-05-01 22:55 . 2008-05-01 22:55 <DIR> d-------- C:\Program Files\Common Files\PAC207
    2008-05-01 22:54 . 2008-05-01 23:18 <DIR> d-------- C:\download
    2008-04-30 15:45 . 2008-04-30 15:45 <DIR> d-------- C:\Windows\666CF04177BE414E9A9D0A227E9B48F8.TMP
    2008-04-30 15:45 . 2008-04-30 15:46 <DIR> d-------- C:\Program Files\Norton Security Scan
    2008-04-25 23:56 . 2008-04-25 23:56 <DIR> d-------- C:\Users\lothar\AppData\Roaming\TomTom
    2008-04-25 23:55 . 2008-04-25 23:56 <DIR> d-------- C:\Program Files\TomTom HOME 2

    .
    (((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-05-25 18:07 --------- d-----w C:\Users\lothar\AppData\Roaming\BitTorrent DNA
    2008-05-25 15:48 --------- d-----w C:\ProgramData\Google Updater
    2008-05-25 15:38 --------- d-----w C:\Users\lothar\AppData\Roaming\StarOffice8
    2008-05-25 15:38 --------- d-----w C:\Program Files\Steam
    2008-05-25 12:18 385,024 ----a-w C:\Windows\System32\Uninstall Netlog Photo Tool.exe
    2008-05-23 19:47 --------- d-----w C:\Program Files\BearShare
    2008-05-23 19:46 2,560 ----a-w C:\Windows\_MSRSTRT.EXE
    2008-05-17 13:00 --------- d-----w C:\Users\lothar\AppData\Roaming\ICQ
    2008-05-01 21:19 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-04-30 13:45 --------- d-----w C:\ProgramData\Symantec
    2008-04-10 20:50 --------- d-----w C:\ProgramData\ScanSoft
    2008-04-10 17:34 --------- d-----w C:\Program Files\Brother
    2008-04-10 17:27 --------- d-----w C:\Program Files\Nuance
    2008-04-10 17:26 --------- d-----w C:\ProgramData\InstallShield
    2008-04-10 17:23 --------- d-----w C:\Program Files\Common Files\ScanSoft Shared
    2008-04-10 17:22 --------- d-----w C:\Program Files\ScanSoft
    2008-04-10 17:22 --------- d-----w C:\Program Files\Common Files\InstallShield
    2008-04-10 17:20 --------- d-----w C:\ProgramData\Brother
    2008-04-10 12:57 --------- d-----w C:\Program Files\Sun
    2008-04-10 12:56 --------- d-----w C:\Program Files\Java
    2008-04-10 12:25 --------- d-----w C:\Program Files\Common Files\Adobe
    2008-04-10 12:18 --------- d-----w C:\Program Files\Google
    2008-03-30 11:01 --------- d-----w C:\Program Files\Common Files\Symantec Shared
    2008-03-25 23:21 --------- d-----w C:\Users\lothar\AppData\Roaming\teamspeak2
    2006-11-02 12:50 174 --sha-w C:\Program Files\desktop.ini
    .

    ------- Sigcheck -------

    .
    (((((((((((((((((((((((((((( Autostart Punkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Hinweis* leere Eintrage & legitime Standardeintrage werden nicht angezeigt.

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{fb7d98cb-b228-4ecb-acac-e7101156338e}]
    2007-03-11 15:39 1293336 --a------ C:\Program Files\Techno4ever\tbTech.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    "{FB7D98CB-B228-4ECB-ACAC-E7101156338E}"= "C:\Program Files\Techno4ever\tbTech.dll" [2007-03-11 15:39 1293336]

    [HKEY_CLASSES_ROOT\clsid\{fb7d98cb-b228-4ecb-acac-e7101156338e}]

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
    "{FB7D98CB-B228-4ECB-ACAC-E7101156338E}"= C:\Program Files\Techno4ever\tbTech.dll [2007-03-11 15:39 1293336]

    [HKEY_CLASSES_ROOT\clsid\{fb7d98cb-b228-4ecb-acac-e7101156338e}]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2006-11-02 14:35 1196032]
    "Steam"="c:\program files\steam\steam.exe" [2008-03-30 03:41 1271032]
    "StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 12:35 90112]
    "BitTorrent DNA"="C:\Users\lothar\Program Files\BitTorrent_DNA\dna.exe" [2007-08-06 21:05 232448]
    "Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2008-02-26 03:23 443968]
    "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 12:34 5724184]
    "TomTomHOME.exe"="C:\Program Files\TomTom HOME 2\HOMERunner.exe" [2008-04-23 21:43 202088]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2007-02-13 20:29 35328]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
    "avgnt"="C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" [2008-04-23 21:11 262401]
    "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-06-29 06:24 286720]
    "Flashget"="C:\Program Files\FlashGet\FlashGet.exe" [2007-08-16 09:56 1994800]
    "TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2008-02-10 13:51 185896]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
    "SSBkgdUpdate"="C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 09:03 210472]
    "PaperPort PTD"="C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe" [2007-01-29 21:12 30248]
    "IndexSearch"="C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe" [2007-01-29 21:10 46632]
    "PPort11reminder"="C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" [2007-02-01 13:46 255528]
    "BrMfcWnd"="C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe" [2007-03-12 14:51 663552]
    "ControlCenter3"="C:\Program Files\Brother\ControlCenter3\brctrcen.exe" [2007-01-26 15:58 65536]
    "snp2std"="C:\Windows\vsnp2std.exe" [2006-12-04 11:58 675840]
    "MSConfig"="C:\Windows\system32\msconfig.exe" [2006-11-02 11:45 222208]

    C:\Users\lothar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    StarOffice 8.lnk - C:\Program Files\Sun\StarOffice 8\program\quickstart.exe [2007-08-17 21:58:18 122880]

    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
    Google Updater.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2008-04-10 14:14:07 124400]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
    "LogonHoursAction"= 2 (0x2)
    "DontDisplayLogonHoursWarnings"= 1 (0x1)

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "VIDC.IV41"= ir41_32.dll
    "vidc.DIV3"= DivXc32.dll
    "vidc.DIV4"= DivXc32f.dll
    "vidc.DIVF"= DivX412.dll
    "msacm.divxa32"= DivXa32.acm
    "msacm.l3codec"= L3codecp.acm

    [HKLM\~\startupfolder\C:^Users^lothar^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Morpheus.lnk]
    path=C:\Users\lothar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Morpheus.lnk
    backup=C:\Windows\pss\Morpheus.lnk.Startup
    backupExtension=.Startup

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
    "TCP Query User{F0FB0D39-D517-4FDD-966C-AC298CB695EB}C:\\program files\\icqlite\\icqlite.exe"= UDP:C:\program files\icqlite\icqlite.exe:ICQLite
    "UDP Query User{28B6AC83-A083-4A58-BC15-BC25BA68CB95}C:\\program files\\icqlite\\icqlite.exe"= TCP:C:\program files\icqlite\icqlite.exe:ICQLite
    "TCP Query User{C9B9F2FB-ECB4-4015-8507-94226A2AFC79}C:\\program files\\morpheus\\morpheus.exe"= UDP:C:\program files\morpheus\morpheus.exe:Morpheus
    "UDP Query User{3ED3D620-EB29-4BC3-9262-45ED42C398C4}C:\\program files\\morpheus\\morpheus.exe"= TCP:C:\program files\morpheus\morpheus.exe:Morpheus
    "TCP Query User{42B5F72D-ADC4-45B7-8B6F-E94D4C6E555D}C:\\program files\\internet explorer\\iexplore.exe"= UDP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
    "UDP Query User{67CFD412-9BA8-4621-8F3E-4C2F09ADED17}C:\\program files\\internet explorer\\iexplore.exe"= TCP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
    "TCP Query User{F12F23C7-EA41-4D25-8069-0FA8E1621EF8}C:\\program files\\icq6\\icq.exe"= UDP:C:\program files\icq6\icq.exe:ICQ Library
    "UDP Query User{EDCA05B4-22B9-4B24-B8AF-D5BF606309B1}C:\\program files\\icq6\\icq.exe"= TCP:C:\program files\icq6\icq.exe:ICQ Library
    "TCP Query User{C05B07BB-B5A7-4E61-9EE4-F36C58ADEFE8}C:\\program files\\steam\\steamapps\\hihoga\\counter-strike source\\hl2.exe"= UDP:C:\program files\steam\steamapps\hihoga\counter-strike source\hl2.exe:hl2
    "UDP Query User{ED747C6B-B466-4A64-B49B-79AD8C294FEC}C:\\program files\\steam\\steamapps\\hihoga\\counter-strike source\\hl2.exe"= TCP:C:\program files\steam\steamapps\hihoga\counter-strike source\hl2.exe:hl2
    "TCP Query User{5D620980-7A9E-46B1-9BE7-59786D86356C}C:\\program files\\bearshare\\bearshare.exe"= UDP:C:\program files\bearshare\bearshare.exe:BearShare
    "UDP Query User{2E32373A-BB85-4608-B24F-020399E8C324}C:\\program files\\bearshare\\bearshare.exe"= TCP:C:\program files\bearshare\bearshare.exe:BearShare
    "TCP Query User{8FAC4E9D-28D3-473A-A21C-F6428FAFDF22}C:\\program files\\gamers.irc\\mirc.exe"= UDP:C:\program files\gamers.irc\mirc.exe:mIRC
    "UDP Query User{837FC853-52FF-4088-8BF9-256F232015E6}C:\\program files\\gamers.irc\\mirc.exe"= TCP:C:\program files\gamers.irc\mirc.exe:mIRC
    "TCP Query User{9A3FF8CF-FFF2-4A04-97C2-FCDF10836047}C:\\program files\\mozilla firefox\\firefox.exe"= UDP:C:\program files\mozilla firefox\firefox.exe:Firefox
    "UDP Query User{E7E1C0D7-D69A-4C35-AA55-2D12CE2CBCA9}C:\\program files\\mozilla firefox\\firefox.exe"= TCP:C:\program files\mozilla firefox\firefox.exe:Firefox
    "TCP Query User{010D6422-4640-4C9D-9EDD-18CC1245A7AF}D:\\gta san andreas an rts-uqnt4o1nk7u\\gta_sa.exe"= UDP:D:\gta san andreas an rts-uqnt4o1nk7u\gta_sa.exe:gta_sa
    "UDP Query User{FABA393C-F463-44E0-B9A3-DD8E7AFA2D8E}D:\\gta san andreas an rts-uqnt4o1nk7u\\gta_sa.exe"= TCP:D:\gta san andreas an rts-uqnt4o1nk7u\gta_sa.exe:gta_sa
    "TCP Query User{8E4912A9-504B-4204-BECF-B5162947EE25}C:\\program files\\hlsw\\hlsw.exe"= UDP:C:\program files\hlsw\hlsw.exe:hlsw
    "UDP Query User{3E0D4FEE-6F1F-4A48-906D-6C93918760B8}C:\\program files\\hlsw\\hlsw.exe"= TCP:C:\program files\hlsw\hlsw.exe:hlsw
    "TCP Query User{7F9109D5-70E9-4380-AB25-B3AD8D07BDF3}C:\\program files\\icqlite\\icqlite.exe"= UDP:C:\program files\icqlite\icqlite.exe:ICQLite
    "UDP Query User{7AC93793-2AB6-40F7-9F5B-1F96C9D31C0E}C:\\program files\\icqlite\\icqlite.exe"= TCP:C:\program files\icqlite\icqlite.exe:ICQLite
    "TCP Query User{CB5486CB-9C25-445E-A42E-B18CD6B8706E}C:\\program files\\internet explorer\\iexplore.exe"= UDP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
    "UDP Query User{B2F8925C-FF9E-4DA8-B239-83BCADA8BDE3}C:\\program files\\internet explorer\\iexplore.exe"= TCP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
    "TCP Query User{DE19F20B-1789-4B1A-91FE-A38D12E88A3A}C:\\program files\\steam\\steamapps\\hihoga\\counter-strike source\\hl2.exe"= UDP:C:\program files\steam\steamapps\hihoga\counter-strike source\hl2.exe:hl2
    "UDP Query User{31E24151-8035-4E80-A088-8A21F7A3A1C8}C:\\program files\\steam\\steamapps\\hihoga\\counter-strike source\\hl2.exe"= TCP:C:\program files\steam\steamapps\hihoga\counter-strike source\hl2.exe:hl2
    "{7EA32DA9-3B2A-4349-A0D5-646A7BE190CA}"= UDP:C:\Program Files\BitTorrent_DNA\dna.exe:BitTorrent DNA
    "{5C57B53A-9DF8-426A-A26A-B4009361AB3B}"= TCP:C:\Program Files\BitTorrent_DNA\dna.exe:BitTorrent DNA
    "{4D38E638-754F-44D0-8115-F5D4E410DBDF}"= UDP:C:\Program Files\BitTorrent\bittorrent.exe:BitTorrent
    "{6D74C28A-DAB0-436A-AAA5-CD9F2EF00886}"= TCP:C:\Program Files\BitTorrent\bittorrent.exe:BitTorrent
    "TCP Query User{7CB1E600-DB18-44CD-99D1-66400247524F}C:\\program files\\steam\\steamapps\\counterlee086\\counter-strike\\hl.exe"= UDP:C:\program files\steam\steamapps\counterlee086\counter-strike\hl.exe:Half-Life Launcher
    "UDP Query User{026BCAA5-157C-4E01-9855-C473BEA57523}C:\\program files\\steam\\steamapps\\counterlee086\\counter-strike\\hl.exe"= TCP:C:\program files\steam\steamapps\counterlee086\counter-strike\hl.exe:Half-Life Launcher
    "TCP Query User{ABE7BCB9-30AA-47BB-B8F8-1175E040B4B8}C:\\program files\\real\\realplayer\\realplay.exe"= UDP:C:\program files\real\realplayer\realplay.exe:RealPlayer
    "UDP Query User{0F1AABC3-43E4-44D1-90DD-8ABA202185A7}C:\\program files\\real\\realplayer\\realplay.exe"= TCP:C:\program files\real\realplayer\realplay.exe:RealPlayer
    "{4739100E-CD50-4C3C-9517-958046DCC037}"= UDP:C:\Program Files\PPLive\PPLive.exe:pPLive
    "{0AEDC0D3-254E-49A7-8D7A-878555A31D17}"= TCP:C:\Program Files\PPLive\PPLive.exe:pPLive
    "{EBB797BB-0506-4DA8-940D-1D8029CACC80}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
    "{29862163-2883-4400-9F18-43585BA8688C}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
    "{879EF577-5DB5-45ED-837C-60E539A2F284}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
    "{8019782E-7D19-4600-BC8C-25C76741E266}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
    "{4E8D1FA7-6CE7-4F2F-BAC5-B5603A16F572}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
    "{03E47EAF-64DE-4777-B350-F0A67CE3F8BC}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
    "DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
    "C:\\Program Files\\BitTorrent\\bittorrent.exe"= C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent

    R0 AtiPcie;ATI PCI Express (3GIO) Filter;C:\Windows\system32\DRIVERS\AtiPcie.sys [2006-10-30 17:23]
    R3 atikmdag;atikmdag;C:\Windows\system32\DRIVERS\atikmdag.sys [2007-03-15 04:04]
    R3 BCM43XV;Broadcom Extensible 802.11-Netzwerkadaptertreiber;C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-11-02 09:30]
    S3 R300;R300;C:\Windows\system32\DRIVERS\atikmdag.sys [2007-03-15 04:04]
    S3 SNP2STD;USB2.0 PC Camera (SNP2STD);C:\Windows\system32\DRIVERS\snp2sxp.sys [2007-01-20 11:37]

    *Newly Created Service* - CATCHME
    .
    Inhalt des "geplante Tasks" Ordners
    "2008-04-30 13:46:09 C:\Windows\Tasks\Norton Security Scan.job"
    - C:\Program Files\Norton Security Scan\Nss.exe
    "2008-05-24 18:16:38 C:\Windows\Tasks\User_Feed_Synchronization-{0D101CEC-52BB-4A85-ADE7-F4B9FE9DD043}.job"
    - C:\Windows\system32\msfeedssync.exe
    .
    **************************************************************************

    catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-05-25 20:11:47
    Windows 6.0.6000 NTFS

    Scanne versteckte Prozesse...

    Scanne versteckte Autostart Einträge...

    Scanne versteckte Dateien...


    **************************************************************************
    .
    Zeit der Fertigstellung: 2008-05-25 20:14:56
    ComboFix-quarantined-files.txt 2008-05-25 18:13:45

    20 Verzeichnis(se), 3,900,518,400 Bytes frei
    28 Verzeichnis(se), 3,896,115,200 Bytes frei

    198 --- E O F --- 2007-06-15 13:06:58
     
  10. AdMan

    Es ist generell erstmal empfehlenswert alle ggf. veralteten oder fehlerhaften Treiber zu scannen und auf neue zu aktualisieren. Hier kannst du einen Treiber-Scanner downloaden. Das erspart oftmals viel Ärger und hilft gegen diverse Probleme.
    Registrieren bzw. einloggen, um diese und auch andere Anzeigen zu deaktivieren.
  11. #9 derfreak, 25.05.2008
    derfreak

    derfreak Neuer Benutzer

    Dabei seit:
    25.05.2008
    Beiträge:
    28
    Zustimmungen:
    0
    Logfile of Trend Micro HijackThis v2.0.0 (BETA)
    Scan saved at 20:20:53, on 25.05.2008
    Platform: Windows Vista (WinNT 6.00.1904)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\Winamp\winampa.exe
    C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
    C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
    C:\Windows\vsnp2std.exe
    C:\Users\lothar\Program Files\BitTorrent_DNA\dna.exe
    C:\Program Files\Picasa2\PicasaMediaDetector.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
    C:\Program Files\Sun\StarOffice 8\program\soffice.exe
    C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
    C:\Program Files\Sun\StarOffice 8\program\soffice.BIN
    C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    C:\Program Files\ICQ6\ICQ.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Windows\Explorer.exe
    C:\Users\lothar\Desktop\HiJackThis_v2.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=localhost:5002
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: (no name) - {D73F49B6-B51B-4d32-A3B7-BD04B8342F53} - (no file)
    R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
    R3 - URLSearchHook: Techno4ever Toolbar - {fb7d98cb-b228-4ecb-acac-e7101156338e} - C:\Program Files\Techno4ever\tbTech.dll
    R3 - URLSearchHook: Yahoo! Toolbar mit Pop-Up-Blocker - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O1 - Hosts: ::1 localhost
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: XTTBPos00 Class - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
    O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: FGCatchUrl - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
    O2 - BHO: MorpheusToolbar BHO - {3F3714A1-89A4-46be-8AF3-D0C9D1FB03F9} - C:\Program Files\MorpheusBar\bar\1.bin\MORPHBAR.DLL
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
    O2 - BHO: (no name) - {D73F49B1-B51B-4d32-A3B7-BD04B8342F53} - (no file)
    O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
    O2 - BHO: Techno4ever Toolbar - {fb7d98cb-b228-4ecb-acac-e7101156338e} - C:\Program Files\Techno4ever\tbTech.dll
    O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
    O3 - Toolbar: Morpheus Toolbar - {3F3714A9-89A4-46be-8AF3-D0C9D1FB03F9} - C:\Program Files\MorpheusBar\bar\1.bin\MORPHBAR.DLL
    O3 - Toolbar: Techno4ever Toolbar - {fb7d98cb-b228-4ecb-acac-e7101156338e} - C:\Program Files\Techno4ever\tbTech.dll
    O3 - Toolbar: Yahoo! Toolbar mit Pop-Up-Blocker - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [Flashget] "C:\Program Files\FlashGet\FlashGet.exe" /min
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
    O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe"
    O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe"
    O4 - HKLM\..\Run: [PPort11reminder] "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini
    O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
    O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
    O4 - HKLM\..\Run: [snp2std] C:\Windows\vsnp2std.exe
    O4 - HKLM\..\Run: [MSConfig] "C:\Windows\system32\msconfig.exe" /auto
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe
    O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
    O4 - HKCU\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
    O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Users\lothar\Program Files\BitTorrent_DNA\dna.exe"
    O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
    O4 - Startup: StarOffice 8.lnk = C:\Program Files\Sun\StarOffice 8\program\quickstart.exe
    O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm
    O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe
    O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe
    O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
    O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
    O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
    O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
    O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
    O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
    O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe
    O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O13 - Gopher Prefix:
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O17 - HKLM\System\CCS\Services\Tcpip\..\{A1B0518E-E422-440B-8347-3C51B8802062}: NameServer = 62.220.18.8 89.246.64.8
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
    O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

    --
    End of file - 9952 bytes
     
  12. #10 derfreak, 25.05.2008
    derfreak

    derfreak Neuer Benutzer

    Dabei seit:
    25.05.2008
    Beiträge:
    28
    Zustimmungen:
    0
    Die 30 neuesten Dateien im Ordner Windows:

    ***** ***** ***** ***** *****
    ***** Scanning C:\Windows *****
    ***** ***** ***** ***** *****

    25.05.2008 PSEXESVC.EXE 20 14:53.248
    25.05.2008 system.ini 20 11:243
    25.05.2008 WindowsUpdate.log 20 04:1.543.239
    25.05.2008 bootstat.dat 19 40:67.584
    23.05.2008 _MSRSTRT.EXE 21 46:2.560
    01.05.2008 win.ini 22 56:244
    10.04.2008 BRPP2KA.INI 19 36:27
    10.04.2008 BRWMARK.INI 19 36:425
    10.04.2008 brpcfx.ini 19 35:93
    10.04.2008 Brpfx04a.ini 19 35:212
    23.12.2007 psnetwork.ini 21 38:52
    06.10.2007 NeoSetup.INI 23 16:26
    23.07.2007 Qiii.INI 14 19:700
    20.06.2007 PowerReg.dat 21 11:0
    18.05.2007 nsreg.dat 20 49:0
    15.05.2007 Setup1.exe 15 09:253.952
    15.05.2007 ST6UNST.EXE 15 09:74.752
    15.02.2007 brunin03.dll 13 54:131.072
    05.02.2007 NeoUninstall.exe 13 11:139.264
    06.01.2007 atiogl.xml 00 21:11.441
    04.12.2006 vsnp2std.exe 11 58:675.840
    02.11.2006 WindowsShell.Manifest 14 50:749
    02.11.2006 WMSysPr9.prx 14 35:316.640
    02.11.2006 twunk_16.exe 14 34:49.680
    02.11.2006 twunk_32.exe 14 34:31.232
    02.11.2006 twain_32.dll 14 34:50.688
    02.11.2006 twain.dll 14 34:94.784


    Die 50 neuesten Dateien im Ordner Windows\system32:

    ***** ***** ***** ***** *****
    ***** Scanning C:\Windows\system32 *****
    ***** ***** ***** ***** *****

    25.05.2008 7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 19 36:4.064
    25.05.2008 7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 19 36:4.064
    Netlog 25.05.2008 Uninstall 14 18:385.024
    23.05.2008 perfh009.dat 15 32:610.142
    23.05.2008 perfc009.dat 15 32:103.924
    23.05.2008 perfh007.dat 15 32:641.344
    23.05.2008 perfc007.dat 15 32:116.706
    23.05.2008 PerfStringBackup.INI 15 32:1.461.736
    10.04.2008 FNTCACHE.DAT 20 04:259.584
    10.04.2008 bridf07a.dat 19 35:50
    10.04.2008 jupdate-1.6.0_03-b05.log 14 56:5.636
    10.02.2008 rmoc3260.dll 13 51:185.944
    10.02.2008 pndx5032.dll 13 51:5.632
    10.02.2008 pndx5016.dll 13 51:6.656
    10.02.2008 msvcp71.dll 13 51:499.712
    10.02.2008 pncrt.dll 13 51:278.528
    03.12.2007 PSNetwork.dll 17 13:652.448
    03.12.2007 PowerPlayer.dll 17 12:418.464
    18.10.2007 sirenacm.dll 12 31:51.224
    11.10.2007 LegitCheckControl.DLL 15 12:1.468.968
    24.09.2007 javacpl.cpl 23 31:69.632
    24.09.2007 javaws.exe 23 31:139.264
    24.09.2007 javaw.exe 22 30:135.168
    24.09.2007 java.exe 22 30:135.168
    18.09.2007 divxdec.ax 14 24:729.088
    17.09.2007 divx_xx07.dll 20 23:823.296
    17.09.2007 divx_xx0c.dll 20 23:823.296
    17.09.2007 DivX.dll 20 22:739.840
    17.09.2007 divx_xx11.dll 20 22:802.816
    12.09.2007 DivXCodecVersionChecker.exe 01 14:156.992
    21.08.2007 dpl100.dll 02 26:81.920
    21.08.2007 dpl100.dll.manifest 02 26:416
    21.08.2007 dtu100.dll.manifest 02 26:416
    21.08.2007 dtu100.dll 02 26:196.608
    16.08.2007 dsm_de.qm 00 33:10.152
    16.08.2007 DivXsm.exe 00 33:524.288
    16.08.2007 divxsm.tlb 00 33:4.816
    16.08.2007 qt-dx331.dll 00 33:3.596.288
    16.08.2007 pxmas.dll 00 33:187.128
    16.08.2007 pxwave.dll 00 33:379.640
    16.08.2007 pxhpinst.exe 00 33:72.440
    16.08.2007 pxafs.dll 00 33:129.784
    16.08.2007 pxinsi64.exe 00 33:118.520
    16.08.2007 pxsfs.dll 00 33:1.628.920
    16.08.2007 pxcpyi64.exe 00 33:120.056
    16.08.2007 px.dll 00 33:551.672
    16.08.2007 pxdrv.dll 00 33:518.904


    ***** ***** ***** ***** *****
    ***** Scanning C:\Windows\system32\drivers\etc\hosts *****
    ***** ***** ***** ***** *****

    # Copyright (c) 1993-2006 Microsoft Corp.
    #
    # This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
    #
    # This file contains the mappings of IP addresses to host names. Each
    # entry should be kept on an individual line. The IP address should
    # be placed in the first column followed by the corresponding host name.
    # The IP address and the host name should be separated by at least one
    # space.
    #
    # Additionally, comments (such as these) may be inserted on individual
    # lines or following the machine name denoted by a '#' symbol.
    #
    # For example:
    #
    # 102.54.94.97 rhino.acme.com # source server
    # 38.25.63.10 x.acme.com # x client host

    127.0.0.1 localhost
    ::1 localhost



    ***** ***** ***** ***** *****
    ***** Scanning Processe *****
    ***** ***** ***** ***** *****


    Abbildname PID Sitzungsname Sitz.-Nr. Speichernutzung
    ========================= ======== ================ =========== ===============
    System Idle Process 0 Services 0 28 K
    System 4 Services 0 3.884 K
    smss.exe 352 Services 0 88 K
    csrss.exe 424 Services 0 1.840 K
    wininit.exe 476 Services 0 196 K
    csrss.exe 488 Console 1 6.820 K
    services.exe 524 Services 0 3.508 K
    winlogon.exe 552 Console 1 1.608 K
    lsass.exe 568 Services 0 3.180 K
    lsm.exe 580 Services 0 1.332 K
    svchost.exe 740 Services 0 4.056 K
    svchost.exe 796 Services 0 4.084 K
    svchost.exe 832 Services 0 16.136 K
    Ati2evxx.exe 912 Services 0 804 K
    svchost.exe 948 Services 0 6.260 K
    svchost.exe 1000 Services 0 56.320 K
    svchost.exe 1012 Services 0 18.148 K
    audiodg.exe 1116 Services 0 7.476 K
    SLsvc.exe 1152 Services 0 1.444 K
    svchost.exe 1184 Services 0 7.656 K
    svchost.exe 1364 Services 0 14.804 K
    Ati2evxx.exe 1444 Console 1 2.284 K
    spoolsv.exe 1640 Services 0 3.696 K
    avguard.exe 1664 Services 0 1.956 K
    svchost.exe 1680 Services 0 7.100 K
    dwm.exe 732 Console 1 43.960 K
    MSASCui.exe 1352 Console 1 11.284 K
    winampa.exe 716 Console 1 972 K
    avgnt.exe 1672 Console 1 1.900 K
    realsched.exe 728 Console 1 592 K
    pptd40nt.exe 892 Console 1 748 K
    BrMfcWnd.exe 1048 Console 1 1.480 K
    vsnp2std.exe 1268 Console 1 1.020 K
    dna.exe 876 Console 1 2.648 K
    PicasaMediaDetector.exe 264 Console 1 1.256 K
    msnmsgr.exe 292 Console 1 14.776 K
    GoogleUpdater.exe 2060 Console 1 1.036 K
    MOM.exe 2076 Console 1 5.284 K
    soffice.exe 2116 Console 1 132 K
    BrccMCtl.exe 2140 Console 1 3.048 K
    soffice.bin 2148 Console 1 4.092 K
    BrMfcMon.exe 2204 Console 1 1.900 K
    sched.exe 2408 Services 0 828 K
    GoogleUpdaterService.exe 2492 Services 0 996 K
    svchost.exe 2720 Services 0 1.536 K
    svchost.exe 2760 Services 0 2.004 K
    svchost.exe 2800 Services 0 516 K
    taskeng.exe 3100 Services 0 1.012 K
    taskeng.exe 3252 Console 1 4.536 K
    unsecapp.exe 3508 Console 1 2.164 K
    WmiPrvSE.exe 3584 Services 0 2.348 K
    CCC.exe 1432 Console 1 7.588 K
    ICQ.exe 3768 Console 1 51.432 K
    firefox.exe 5852 Console 1 93.452 K
    conime.exe 4316 Console 1 3.468 K
    SearchIndexer.exe 5832 Services 0 20.564 K
    explorer.exe 3544 Console 1 39.956 K
    HijackThis.exe 2644 Console 1 14.772 K
    SearchProtocolHost.exe 5408 Services 0 8.620 K
    SearchFilterHost.exe 5608 Services 0 5.344 K
    WinRAR.exe 4516 Console 1 14.936 K
    cmd.exe 5448 Console 1 2.976 K
    tasklist.exe 1524 Console 1 4.544 K
    WmiPrvSE.exe 5716 Services 0 5.616 K



    Microsoft Windows [Version 6.0.6000]


    http://www.paules-pc-forum.de
    ***** Malware Team *****


    ***** Ende des Scans 25.05.2008 um 20:23:05,36 ***
     
Thema: HILFEEE
Besucher kamen mit folgenden Suchen
  1. winsock lsp 010

Die Seite wird geladen...

HILFEEE - Ähnliche Themen

  1. Hilfeee

    Hilfeee: Erstmal sorry falls mein Beitrag hier nicht rein passt .... Folgendes Problem : am Freitag hab ich mein Sohn abgeholt da dieser am Freitag...
  2. HILFEEE !!! Verdammt Wichtig

    HILFEEE !!! Verdammt Wichtig: Ich habe ein Mahnschreiben über Youtube gekriegt ( komisch ) Guten Tag, laut Untersuchungen Ihrer IP Logs, hat unserer Mandant "Universal...
  3. Bluescreen IRQL_NOT_LESS_EQUAL Hilfeee

    Bluescreen IRQL_NOT_LESS_EQUAL Hilfeee: Hallo ich habe ein ganz großes Problem, hab mir (bzw. fr meine Tochter) vor ein paar Tagen einen neuen PC gekauft mit einem Motherboard von...
  4. PC lässt sich nicht hochfahren, HILFEEE !!!

    PC lässt sich nicht hochfahren, HILFEEE !!!: Hallo Ihr Lieben, ich hoffe, mir kann jemand helfen. Mein PC lässt sich nicht mehr hochfahren. Er kommt immer wieder auf eine Seite, wo ich...