Sulimo.dat

TheUlrich · 18.10.2007, 20:21

und Teil 3:

- 2005-01-28 07:53:18 1,594,880 -c--a-w C:\WINDOWS\system32\wmpencen.dll
+ 2006-10-18 19:47:20 1,661,440 ----a-w C:\WINDOWS\system32\wmpencen.dll
- 2005-01-28 14:23:22 3,407,872 -c--a-w C:\WINDOWS\system32\wmploc.dll
+ 2006-11-03 08:02:58 8,282,112 ----a-w C:\WINDOWS\system32\wmploc.dll
+ 2006-10-18 19:47:20 613,376 ------w C:\WINDOWS\system32\wmpmde.dll
+ 2006-10-18 19:47:20 130,048 ------w C:\WINDOWS\system32\wmpps.dll
- 2005-01-28 14:23:26 86,016 ----a-w C:\WINDOWS\system32\wmpshell.dll
+ 2006-11-03 07:56:20 99,840 ----a-w C:\WINDOWS\system32\wmpshell.dll
- 2005-01-28 07:53:18 175,104 -c--a-w C:\WINDOWS\system32\wmpsrcwp.dll
+ 2006-10-18 19:47:20 204,288 ----a-w C:\WINDOWS\system32\wmpsrcwp.dll
- 2005-01-28 12:32:56 774,904 -c--a-w C:\WINDOWS\system32\wmsdmod.dll
+ 2006-10-18 19:47:22 4,096 ----a-w C:\WINDOWS\system32\wmsdmod.dll
- 2005-01-28 07:53:18 1,119,744 -c--a-w C:\WINDOWS\system32\wmsdmoe2.dll
+ 2006-10-18 19:47:22 4,096 ----a-w C:\WINDOWS\system32\wmsdmoe2.dll
- 2005-01-28 12:32:44 413,944 -c--a-w C:\WINDOWS\system32\wmspdmod.dll
+ 2006-10-18 19:47:22 603,648 ----a-w C:\WINDOWS\system32\WMSPDMOD.dll
- 2005-01-28 07:53:18 940,544 -c--a-w C:\WINDOWS\system32\wmspdmoe.dll
+ 2006-10-18 19:47:22 1,329,152 ----a-w C:\WINDOWS\system32\WMSPDMOE.dll
- 2005-01-28 12:32:56 1,218,808 -c--a-w C:\WINDOWS\system32\wmvadvd.dll
+ 2006-10-18 19:47:22 4,096 ----a-w C:\WINDOWS\system32\WMVADVD.dll
- 2005-01-28 07:53:20 1,512,448 -c--a-w C:\WINDOWS\system32\WMVADVE.DLL
+ 2006-10-18 19:47:22 4,096 ----a-w C:\WINDOWS\system32\WMVADVE.DLL
- 2006-12-07 05:29:34 2,374,472 ----a-w C:\WINDOWS\system32\wmvcore.dll
+ 2006-10-18 19:47:22 2,450,944 ----a-w C:\WINDOWS\system32\wmvcore.dll
+ 2006-10-18 19:47:22 1,543,680 ------w C:\WINDOWS\system32\WMVDECOD.dll
- 2005-01-28 12:32:58 895,736 -c--a-w C:\WINDOWS\system32\wmvdmod.dll
+ 2006-10-18 19:47:22 4,096 ----a-w C:\WINDOWS\system32\wmvdmod.dll
- 2005-01-28 07:53:18 1,003,008 -c--a-w C:\WINDOWS\system32\wmvdmoe2.dll
+ 2006-10-18 19:47:22 4,096 ----a-w C:\WINDOWS\system32\wmvdmoe2.dll
+ 2006-10-18 19:47:22 1,574,912 ------w C:\WINDOWS\system32\WMVENCOD.dll
+ 2006-10-18 19:47:22 1,382,912 ------w C:\WINDOWS\system32\WMVSDECD.dll
+ 2006-10-18 19:47:22 767,488 ------w C:\WINDOWS\system32\WMVSENCD.dll
+ 2006-10-18 19:47:22 656,896 ------w C:\WINDOWS\system32\WMVXENCD.dll
- 2005-01-28 00:36:28 38,912 -c--a-w C:\WINDOWS\system32\wpd_ci.dll
+ 2006-10-18 19:47:22 629,760 ----a-w C:\WINDOWS\system32\wpd_ci.dll
- 2005-01-28 00:36:20 61,952 -c--a-w C:\WINDOWS\system32\wpdconns.dll
+ 2006-10-18 19:47:22 35,840 ----a-w C:\WINDOWS\system32\wpdconns.dll
- 2005-01-28 00:36:24 114,176 -c--a-w C:\WINDOWS\system32\wpdmtp.dll
+ 2006-10-18 19:47:22 154,624 ----a-w C:\WINDOWS\system32\wpdmtp.dll
- 2005-01-28 00:36:22 66,560 -c--a-w C:\WINDOWS\system32\wpdmtpus.dll
+ 2006-10-18 19:47:22 63,488 ----a-w C:\WINDOWS\system32\wpdmtpus.dll
+ 2006-10-18 19:47:22 2,603,008 ------w C:\WINDOWS\system32\WpdShext.dll
+ 2006-10-18 18:00:14 17,408 ------w C:\WINDOWS\system32\wpdshextautoplay.exe
+ 2006-11-02 09:51:52 43,008 ------w C:\WINDOWS\system32\wpdshextres.dll
+ 2006-10-18 19:47:22 133,632 ------w C:\WINDOWS\system32\WPDShServiceObj.dll
- 2005-01-28 00:36:28 331,264 -c--a-w C:\WINDOWS\system32\wpdsp.dll
+ 2006-10-18 19:47:22 356,352 ----a-w C:\WINDOWS\system32\wpdsp.dll
+ 2006-09-28 18:13:26 95,344 ------w C:\WINDOWS\system32\WUDFCoinstaller.dll
+ 2006-09-28 16:56:38 146,432 ------w C:\WINDOWS\system32\WudfHost.exe
+ 2006-09-28 16:56:16 165,376 ------w C:\WINDOWS\system32\WudfPlatform.dll
+ 2006-09-28 16:56:14 55,808 ------w C:\WINDOWS\system32\WudfSvc.dll
+ 2006-09-28 16:56:38 316,416 ------w C:\WINDOWS\system32\WUDFx.dll
- 2007-03-09 11:51:21 270,336 ----a-w C:\WINDOWS\system32\xpsp3res.dll
+ 2007-06-18 22:24:36 373,760 ----a-w C:\WINDOWS\system32\xpsp3res.dll
+ 2000-04-03 20:00:00 130,560 ----a-w C:\WINDOWS\system32\ZIPDLL.DLL
+ 2006-06-05 12:14:28 479,232 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcm80.dll
+ 2006-06-05 12:14:28 548,864 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcp80.dll
+ 2006-06-05 12:14:28 626,688 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcr80.dll
.
-- Snapshot reset to current date --
.
(((((((((((((((((((((((((((( Autostart Punkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Eintrage & legitime Standardeintrage werden nicht angezeigt.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Programme\Java\j2re1.4.2_04\bin\jusched.exe" [2004-02-23 00:44]
"QuickTime Task"="C:\Programme\QuickTime\qttask.exe" [2006-03-09 22:29]
"PMXInit"="C:\WINDOWS\System32\pmxinit.exe" [2002-08-22 01:00]
"MailScan Dispatcher"="C:\PROGRA~1\eScan\LAUNCH.EXE" [2007-04-17 16:02]
"HydraVisionDesktopManager"="C:\Programme\ATI Technologies\ATI HydraVision\HydraDM.exe" [2003-04-01 17:41]
"eScan Updater"="C:\PROGRA~1\eScan\TRAYICOS.exe" [2007-04-18 16:27]
"eScan Server"="C:\PROGRA~1\eScan\ESERV.exe" [2007-05-15 10:38]
"eScan Monitor"="C:\PROGRA~1\eScan\AVPMWrap.EXE" [2007-04-19 15:25]
"eScan Install-checker"="C:\WINDOWS\system32\eInstall.exe" [2005-01-24 12:50]
"avgnt"="C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe" [2007-10-11 02:08]
"ATIPTA"="C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-09-29 08:15]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 09:57]
"SpybotSD TeaTimer"="C:\Programme\Spybot - Search & Destroy\TeaTimer.exe" [2005-05-31 01:04]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"SynchronousMachineGroupPolicy"=0 (0x0)
"SynchronousUserGroupPolicy"=0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"=0 (0x0)
"NoFileAssociate"=0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoCommonGroups"=0 (0x0)
"NoSimpleStartMenu"=0 (0x0)
"NoToolbarsOnTaskbar"=0 (0x0)
"NoTrayContextMenu"=0 (0x0)
"NoWinKeys"=0 (0x0)
"NoShellSearchButton"=0 (0x0)
"NoFileAssociate"=0 (0x0)
"NoRecentDocsHistory"=0 (0x0)
"NoTrayItemsDisplay"=0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"WMPNSCFG"=C:\Programme\Windows Media Player\WMPNSCFG.exe
"MsnMsgr"="C:\Programme\MSN Messenger\MsnMsgr.Exe" /background

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"DAEMON Tools-1033"="C:\Programme\D-Tools\daemon.exe" -lang 1033

R0 avgntmgr;avgntmgr;C:\WINDOWS\system32\drivers\avgntmgr.sys
R1 avgntdd;avgntdd;C:\WINDOWS\system32\DRIVERS\avgntdd.sys
R1 SSHDRV84;SSHDRV84;\??\C:\WINDOWS\system32\drivers\SSHDRV84.sys
R2 eScan-eServ;eScan Management-Console;C:\PROGRA~1\eScan\TRAYESER.EXE
R2 eScan-trayicos;eScan Server-Updater;C:\PROGRA~1\eScan\TRAYSSER.EXE
R2 KAVMonitorService;eScan Monitor Service;C:\PROGRA~1\eScan\avpm.exe /service
R3 DKbFltr;Dritek HotKey Filter Driver;C:\WINDOWS\system32\DRIVERS\DKbFltr.sys
S3 powervr;powervr;C:\WINDOWS\system32\DRIVERS\powervr.sys
S3 Probe;Probe;C:\WINDOWS\system32\DRIVERS\probe.sys
S3 SiS7012;Service for AC'97 Sample Driver (WDM);C:\WINDOWS\system32\drivers\sis7012.sys

.
**************************************************************************

catchme 0.3.1169 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-10-18 21:36:21
Windows 5.1.2600 Service Pack 2 NTFS

Scanne versteckte Prozesse...

Scanne versteckte Autostart Einträge...

Scanne versteckte Dateien...

Scan erfolgreich abgeschlossen
versteckte Dateien: 0

**************************************************************************
.
Zeit der Fertigstellung: 2007-10-18 21:36:52
C:\ComboFix-quarantined-files.txt ... 2007-10-18 01:20
C:\ComboFix2.txt ... 2007-10-18 01:20
C:\ComboFix3.txt ... 2007-09-19 20:43
.
--- E O F ---

Soll ich die von eScan angegebenen Dateien von VirusTotal scannen lassen?

Sulimo.dat

Plagegeister aller Art und deren Bekämpfung: Sulimo.dat

Sulimo.dat

Ähnliche Themen: Sulimo.dat