| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Trojan.Win32.Agent.ixjWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
27.03.2008, 22:53
| #5 |
 |  Trojan.Win32.Agent.ixj Hallo, schön, dass noch was geht. Ich fühle mich unwohl, dass ich die Firewall für das Combofix deaktivieren musste. (cccleaner ist auch vorher durch). Jetzt ist aber mein Desktop schwarz im Hintergrund. Da nur der log-editor noch offen ist, werde ich jetzt einfach versuchen, den PC neu zu starten. Hier schnell das Logfile (und falls gleich nichts mehr geht, geh ich jetzt erst mal hundmüde und entnervt ins Bett, danke nochmal fürs Antworten): ComboFix 08-03-26.3 - MUSTERFRAU 2008-03-27 22:42:10.1 - NTFSx86 Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1031.18.1196 [GMT 1:00] ausgeführt von:: C:\Users\MUSTERFRAU\Desktop\ComboFix.exe * Neuer Wiederherstellungspunkt wurde erstellt . (((((((((((((((((((((((((((((((((((( Weitere Löschungen )))))))))))))))))))))))))))))))))))))))))))))))) . C:\Windows\system32\lsprst7.dll C:\Windows\system32\nsprs.dll C:\Windows\system32\serauth1.dll C:\Windows\system32\serauth2.dll C:\Windows\system32\ssprs.dll . ((((((((((((((((((((((( Dateien erstellt von 2008-02-27 bis 2008-03-27 )))))))))))))))))))))))))))))) . 2008-03-27 22:15 . 2008-03-27 22:15 <DIR> d-------- C:\Program Files\CCleaner 2008-03-23 21:37 . 2008-03-23 21:37 <DIR> d-------- C:\Users\MUSTERFRAU\AppData\Roaming\Ulead Systems 2008-03-22 16:28 . 2008-03-22 16:29 <DIR> d-------- C:\Users\MUSTERFRAU\AppData\Roaming\TVU networks 2008-03-22 16:28 . 2008-03-22 16:28 <DIR> d-------- C:\Users\All Users\TVU networks 2008-03-22 16:28 . 2008-03-22 16:28 <DIR> d-------- C:\ProgramData\TVU networks 2008-03-22 16:28 . 2008-03-22 16:28 <DIR> d-------- C:\Program Files\TVUPlayer 2008-03-19 15:12 . 2008-03-19 15:20 <DIR> d-------- C:\Users\MUSTERFRAU\AppData\Roaming\FileZilla 2008-03-19 15:10 . 2008-03-19 15:10 <DIR> d-------- C:\Program Files\FileZilla FTP Client 2008-03-12 12:08 . 2007-12-16 23:50 1,060,920 --a------ C:\Windows\System32\drivers\ntfs.sys 2008-03-12 12:08 . 2007-12-16 10:56 41,984 --a------ C:\Windows\System32\drivers\monitor.sys 2008-03-11 21:57 . 2008-03-14 09:37 14 --a------ C:\Windows\System32\ssprs.tgz 2008-03-11 21:41 . 2006-05-10 11:15 1,929,216 --a------ C:\Windows\System32\cdintf250.dll 2008-03-11 21:41 . 2008-03-11 21:41 1,024 --a------ C:\Windows\System32\clauth2.dll 2008-03-11 21:41 . 2008-03-11 21:41 1,024 --a------ C:\Windows\System32\clauth1.dll 2008-03-11 21:41 . 2008-03-11 21:41 0 --a------ C:\Windows\System32\nsprs.tgz 2008-03-11 21:33 . 2008-03-11 21:33 1,025 --a------ C:\Windows\System32\sysprs7.tgz 2008-03-11 21:33 . 2008-03-11 21:33 1,025 --a------ C:\Windows\System32\sysprs7.dll 2008-03-11 21:33 . 2008-03-14 09:37 219 --a------ C:\Windows\System32\lsprst7.tgz 2008-03-11 21:33 . 2008-03-14 10:06 16 ---h----- C:\Windows\System32\servdat.slm 2008-03-10 11:54 . 2008-03-10 11:54 <DIR> d-------- C:\Users\MUSTERFRAU\AppData\Roaming\Printer Info Cache 2008-03-10 11:54 . 2008-03-14 09:20 <DIR> d-------- C:\Users\MUSTERFRAU\AppData\Roaming\Image Zone Express 2008-03-05 21:17 . 2008-03-05 21:19 <DIR> d-------- C:\Users\All Users\Lexware 2008-03-05 21:17 . 2008-03-05 21:24 <DIR> d-------- C:\Users\All Users\BTrieve 2008-03-05 21:17 . 2008-03-05 21:19 <DIR> d-------- C:\ProgramData\Lexware 2008-03-05 21:17 . 2008-03-05 21:24 <DIR> d-------- C:\ProgramData\BTrieve 2008-03-05 21:17 . 2008-03-05 21:17 <DIR> d-------- C:\Program Files\Lexware 2008-03-05 21:16 . 2008-03-05 21:16 <DIR> d-------- C:\Users\MUSTERFRAU\AppData\Roaming\InstallShield 2008-03-05 21:16 . 2008-03-05 21:16 <DIR> d-------- C:\Users\All Users\Haufe 2008-03-05 21:16 . 2008-03-05 21:16 <DIR> d-------- C:\ProgramData\Haufe 2008-03-05 21:16 . 2008-03-05 21:16 <DIR> d-------- C:\Program Files\Haufe 2008-03-05 21:14 . 2008-03-05 21:23 <DIR> d-------- C:\Program Files\Common Files\Lexware 2008-02-27 12:01 . 2008-02-27 12:01 <DIR> d-------- C:\Program Files\GPower 3.0 . (((((((((((((((((((((((((((((((((((( Find3M Bericht )))))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-03-27 21:40 20,565,024 --sha-w C:\Windows\system32\drivers\fidbox.dat 2008-03-27 05:45 --------- d-----w C:\Users\MUSTERFRAU\AppData\Roaming\OpenOffice.org2 2008-03-27 05:44 350,494 ---ha-w C:\Windows\system32\drivers\vsconfig.xml 2008-03-26 22:17 272,060 --sha-w C:\Windows\system32\drivers\fidbox.idx 2008-03-26 05:43 4,084,948 ----a-w C:\Windows\Internet Logs\tvDebug.zip 2008-03-24 14:30 --------- d-----w C:\Users\MUSTERFRAU\AppData\Roaming\phonostar-Player 2008-03-24 11:31 512 ----a-w C:\ScanSectorLog.dat 2008-03-19 22:03 --------- d-----w C:\Program Files\No23 Recorder 2008-03-19 05:59 3,753,984 ----a-w C:\Windows\Internet Logs\xDB7E62.tmp 2008-03-13 06:11 --------- d-----w C:\Program Files\Windows Mail 2008-03-05 22:51 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-03-05 20:16 --------- d-----w C:\Program Files\Common Files\InstallShield 2008-03-04 21:10 --------- d-----w C:\Users\MUSTERFRAU\AppData\Roaming\Azureus 2008-02-23 21:59 --------- d-----w C:\ProgramData\Microsoft Help 2008-02-23 12:05 --------- d-----w C:\Users\MUSTERFRAU\AppData\Roaming\Nokia 2008-02-23 11:59 --------- d-----w C:\Users\MUSTERFRAU\AppData\Roaming\PC Suite 2008-02-23 11:59 --------- d-----w C:\ProgramData\PC Suite 2008-02-23 11:46 --------- d-----w C:\Program Files\DIFX 2008-02-23 11:44 --------- d-----w C:\Program Files\Nokia 2008-02-23 11:44 --------- d-----w C:\Program Files\Common Files\PCSuite 2008-02-23 11:44 --------- d-----w C:\Program Files\Common Files\Nokia 2008-02-23 11:43 --------- d-----w C:\Program Files\PC Connectivity Solution 2008-02-23 11:40 --------- d-----w C:\ProgramData\Installations 2008-02-23 09:31 --------- d-----w C:\Users\MUSTERFRAU\AppData\Roaming\WEB.DE 2008-02-23 09:25 --------- d-----w C:\ProgramData\WEB.DE 2008-02-23 09:25 --------- d-----w C:\Program Files\WEB.DE 2008-02-23 06:48 --------- d-----w C:\Program Files\MSECache 2008-02-23 06:45 --------- d-----w C:\ProgramData\Office Genuine Advantage 2008-02-23 06:27 --------- d-----w C:\Program Files\Microsoft Works 2008-02-23 06:26 --------- d-----w C:\Program Files\Microsoft.NET 2008-02-19 21:36 --------- d-----w C:\Program Files\Moss Bay Software 2008-02-16 15:47 --------- d-----w C:\Program Files\Common Files\Adobe 2008-02-13 13:44 3,069,952 ----a-w C:\Windows\Internet Logs\xDB6ED8.tmp 2008-02-13 07:16 943,800 ----a-w C:\Windows\System32\winload.exe 2008-02-13 07:16 905,400 ----a-w C:\Windows\System32\winresume.exe 2008-02-13 07:16 595,456 ----a-w C:\Windows\System32\schedsvc.dll 2008-02-13 07:16 54,784 ----a-w C:\Windows\system32\drivers\i8042prt.sys 2008-02-13 07:16 39,424 ----a-w C:\Windows\System32\lodctr.exe 2008-02-13 07:16 35,384 ----a-w C:\Windows\system32\drivers\kbdclass.sys 2008-02-13 07:16 32,256 ----a-w C:\Windows\System32\unlodctr.exe 2008-02-13 07:16 23,552 ----a-w C:\Windows\System32\nshhttp.dll 2008-02-13 07:16 17,408 ----a-w C:\Windows\System32\prflbmsg.dll 2008-02-13 07:16 15,872 ----a-w C:\Windows\system32\drivers\kbdhid.sys 2008-02-13 07:16 115,200 ----a-w C:\Windows\System32\loadperf.dll 2008-02-13 07:15 806,400 ----a-w C:\Windows\system32\drivers\tcpip.sys 2008-02-13 07:15 45,112 ----a-w C:\Windows\system32\drivers\pciidex.sys 2008-02-13 07:15 3,504,696 ----a-w C:\Windows\System32\ntkrnlpa.exe 2008-02-13 07:15 3,470,392 ----a-w C:\Windows\System32\ntoskrnl.exe 2008-02-13 07:15 24,064 ----a-w C:\Windows\System32\netcfg.exe 2008-02-13 07:15 22,016 ----a-w C:\Windows\System32\netiougc.exe 2008-02-13 07:15 217,144 ----a-w C:\Windows\system32\drivers\netio.sys 2008-02-13 07:15 21,560 ----a-w C:\Windows\system32\drivers\atapi.sys 2008-02-13 07:15 167,424 ----a-w C:\Windows\System32\tcpipcfg.dll 2008-02-13 07:15 154,624 ----a-w C:\Windows\system32\drivers\nwifi.sys 2008-02-13 07:15 15,928 ----a-w C:\Windows\system32\drivers\pciide.sys 2008-02-13 07:15 110,136 ----a-w C:\Windows\system32\drivers\ataport.sys 2008-02-13 07:14 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll 2008-02-13 07:14 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll 2008-02-13 07:14 4,247,552 ----a-w C:\Windows\System32\GameUXLegacyGDFs.dll 2008-02-13 07:14 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.dll 2008-02-13 07:14 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll 2008-02-13 07:14 1,686,528 ----a-w C:\Windows\System32\gameux.dll 2008-02-13 07:13 824,832 ----a-w C:\Windows\System32\wininet.dll 2008-02-13 07:13 56,320 ----a-w C:\Windows\System32\iesetup.dll 2008-02-13 07:13 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll 2008-02-13 07:13 26,624 ----a-w C:\Windows\System32\ieUnatt.exe 2008-02-12 22:32 --------- d-----w C:\Users\MUSTERFRAU\AppData\Roaming\CyberLink 2008-02-12 22:32 --------- d-----w C:\ProgramData\CyberLink 2008-02-11 14:42 --------- d-----w C:\Users\MUSTERFRAU\AppData\Roaming\vlc 2008-02-11 14:26 --------- d-----w C:\Program Files\VideoLAN 2008-02-11 12:00 177,152 ----a-w C:\Windows\Internet Logs\xDB8268.tmp 2008-02-11 08:57 --------- d-----w C:\Program Files\OpenOffice.org 2.3 2008-02-11 08:55 --------- d-----w C:\Program Files\readmes 2008-02-11 08:55 --------- d-----w C:\Program Files\licenses 2008-02-11 07:39 --------- d-----w C:\Program Files\Bonjour 2008-02-11 07:34 --------- d-----w C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3} 2008-02-11 07:34 --------- d-----w C:\Program Files\QuickTime 2008-02-11 07:34 --------- d-----w C:\Program Files\phonostar 2008-02-11 07:34 --------- d-----w C:\Program Files\iTunes 2008-02-11 07:33 --------- d---a-w C:\Program Files\GoogleEULA 2008-02-11 07:33 --------- d-----w C:\Program Files\HomeCinema 2008-02-11 07:33 --------- d-----w C:\Program Files\Google 2008-02-11 07:33 --------- d-----w C:\Program Files\Common Files\Buhl Data Service 2008-02-11 07:33 --------- d-----w C:\Program Files\Common Files\aolshare 2008-02-11 07:33 --------- d-----w C:\Program Files\Common Files\aol 2008-02-11 07:33 --------- d-----w C:\Program Files\Azureus 2008-02-11 07:33 --------- d-----w C:\Program Files\Apple Software Update 2008-02-11 07:33 --------- d-----w C:\Program Files\AOL 9.0 VR 2008-02-11 07:33 --------- d-----w C:\Program Files\Aldi Sued Fotoservice 2008-02-11 07:33 --------- d-----w C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites 2008-02-11 07:30 --------- d-----w C:\ProgramData\AOL 2008-02-11 07:29 --------- d-----w C:\ProgramData\InstallShield 2008-02-11 07:29 --------- d-----w C:\ProgramData\Apple Computer 2008-02-11 07:29 --------- d-----w C:\Program Files\Windows Sidebar 2008-02-11 07:29 --------- d-----w C:\Program Files\Windows Photo Gallery 2008-02-11 07:29 --------- d-----w C:\Program Files\Windows Journal 2008-02-11 07:29 --------- d-----w C:\Program Files\Windows Defender 2008-02-11 07:29 --------- d-----w C:\Program Files\Windows Collaboration 2008-02-11 07:29 --------- d-----w C:\Program Files\Windows Calendar 2008-02-11 07:29 --------- d-----w C:\Program Files\Microsoft Games . (((((((((((((((((((((((((((( Autostart Punkte der Registrierung )))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Hinweis* leere Eintrage & legitime Standardeintrage werden nicht angezeigt. [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-09 14:57 1232896] "PhonostarTimer"="C:\Program Files\phonostar\ps_timer.exe" [2007-12-05 16:14 126976] "ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2006-11-02 13:35 125440] "WEB.DE_WEB.DE SmartDrive Manager"="C:\Program Files\WEB.DE\WEB.DE SmartDrive Manager\DAVSRV.exe" [2007-03-15 17:38 1146880] "AOL Fast Start"="C:\Program Files\AOL 9.0 VR\AOL.exe" [2007-06-21 15:11 50480] "PC Suite Tray"="C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" [2007-12-10 10:12 695808] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007-11-14 23:05 1006264] "NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-12-03 14:21 2213160] "NeroFilterCheck"="C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 14:57 153136] "TVBroadcast"="C:\Program Files\Sceneo\AbsolutTV\SERVICES\ODSBC\ODSBCApp.exe" [2007-08-08 00:12 797696] "RtHDVCpl"="RtHDVCpl.exe" [2007-11-14 15:50 4706304 C:\Windows\RtHDVCpl.exe] "Skytel"="Skytel.exe" [2007-10-11 11:04 1826816 C:\Windows\SkyTel.exe] "NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-12-14 03:28 86016] "NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-12-14 03:28 8530464] "NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-12-14 03:28 81920] "Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-02-10 14:33 220160] "toolbar_eula_launcher"="C:\Program Files\GoogleEULA\EULALauncher.exe" [2007-02-09 15:54 16896] "HostManager"="C:\Program Files\Common Files\AOL\1202655797\ee\AOLSoftware.exe" [2006-09-26 01:52 50736] "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-01-10 15:27 385024] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-01-15 03:22 267048] "HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-10 21:52 49152] "ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-06-28 05:17 959976] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-11-07 17:35 1294336] C:\Users\MUSTERFRAU\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OpenOffice.org 2.3.lnk - C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe [2007-08-17 21:57:56 393216] ThinkRightNow.lnk - C:\Program Files\Moss Bay Software\Think Right Now 1.7\ThinkRightNow.exe [2001-07-17 07:25:56 217192] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2007-01-02 21:40:10 210520] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{0BE04582-A3D0-4724-B1D1-18F701998C19}"= C:\Program Files\HomeCinema\MakeDisc\MakeDisc.exe:CyberLink MakeDisc "{42C4C4AB-ED99-4011-B9A9-0F6C60630F1C}"= C:\Program Files\HomeCinema\PowerDirector\PDR.EXE:CyberLink PowerDirector "{F1101A87-0E34-472D-8164-19D1ADF188E2}"= C:\Program Files\HomeCinema\PowerDVD\PowerDVD.EXE:CyberLink PowerDVD "{E4674A07-22D2-40AE-83A2-1DB183F831C2}"= UDP:C:\Program Files\Common Files\aol\acs\AOLDial.exe:AOL Optimized Dial-In "{F7022B47-4F12-41A3-BEBE-5480F1FB23F0}"= TCP:C:\Program Files\Common Files\aol\acs\AOLDial.exe:AOL Optimized Dial-In "{E58C8634-248D-4171-8986-6D5021D886A6}"= UDP:C:\Program Files\Common Files\aol\acs\AOLacsd.exe:AOL Optimized Dial-In "{7573DC46-2966-40BD-B046-F6F32800BDB1}"= TCP:C:\Program Files\Common Files\aol\acs\AOLacsd.exe:AOL Optimized Dial-In "{F260F43C-AA55-40B1-A6A6-C52BB31AD498}"= UDP:C:\Program Files\Common Files\aol\1202655797\ee\aolsoftware.exe:AOL Shared Components "{652A8D0E-5938-42F0-A587-1A6823E7B03F}"= TCP:C:\Program Files\Common Files\aol\1202655797\ee\aolsoftware.exe:AOL Shared Components "{7958B74F-08C1-4F5B-8E5C-008D3B268E72}"= UDP:C:\Program Files\AOL 9.0 VR\waol.exe:AOL "{4390B6F4-C3CD-46C0-9197-5C8FED7AECF2}"= TCP:C:\Program Files\AOL 9.0 VR\waol.exe:AOL "{EDBFB3CE-92AB-48BB-9382-8C316676A6C1}"= UDP:C:\Program Files\Common Files\aol\TopSpeed\3.0\aoltpsd3.exe:AOL TopSpeed "{459F1139-C2E6-4C7B-B5A6-398C3B02412C}"= TCP:C:\Program Files\Common Files\aol\TopSpeed\3.0\aoltpsd3.exe:AOL TopSpeed "{120FFD42-CDB3-4C36-83E7-E7A575A57D41}"= UDP:C:\Program Files\Common Files\aol\Loader\aolload.exe:AOL Loader "{AE9A42AA-5FE7-4A5C-923F-2A932D17B304}"= TCP:C:\Program Files\Common Files\aol\Loader\aolload.exe:AOL Loader "{7B5F00A3-32A6-445C-8F25-6ACE4EDDAF46}"= UDP:C:\Program Files\Common Files\aol\System Information\sinf.exe:AOL System Information "{D0B2CDE3-CFF5-488D-A89C-FE0C98D186FE}"= TCP:C:\Program Files\Common Files\aol\System Information\sinf.exe:AOL System Information "{D1472261-41F7-4355-86BB-2FE9C6667AD9}"= UDP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour "{AF0915E3-209D-4C57-AFF4-5A59DB1BCD5C}"= TCP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour "{5DBA4B33-46BA-411D-A4C3-24D76B3FF388}"= UDP:C:\Program Files\iTunes\iTunes.exe:iTunes "{6BF849F4-B8B8-4CD4-8E89-3B78CE03F217}"= TCP:C:\Program Files\iTunes\iTunes.exe:iTunes "{9A791E28-07C0-4649-81A5-AEE2D1B07427}"= TCP:6004|C:\Program Files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook [HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System] "DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic| [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile] "EnableFirewall"= 0 (0x0) R1 uiwbrdr;uiwbrdr;C:\Windows\system32\DRIVERS\uiwbrdr.sys [2007-03-15 17:37] R2 GnabService;GnabService;c:\program files\common files\gnab\service\servicecontroller.exe [2007-04-13 18:14] R2 srvcPVR;Sceneo PVR Service;C:\Program Files\Sceneo\AbsolutTV\Services\PVR\PVRService.exe [2007-08-16 10:31] R3 3xHybrid;Philips SAA713x PCI Card;C:\Windows\system32\DRIVERS\3xHybrid.sys [2008-01-08 08:17] R3 netr28u;RT2870 USB Wireless LAN Card Driver for Vista;C:\Windows\system32\DRIVERS\netr28u.sys [2007-09-21 10:38] R3 nvsmu;nvsmu;C:\Windows\system32\DRIVERS\nvsmu.sys [2007-07-07 14:13] R3 X10Hid;X10 Hid Device;C:\Windows\system32\Drivers\x10hid.sys [2006-11-17 10:31] S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;C:\Program Files\ALDI Sued Foto Service\Common\Database\bin\fbserver.exe [2005-11-17 15:18] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f9ed628f-d7dc-11dc-8771-001d9260dfa0}] \shell\AutoRun\command - .\MigWiz\migsetup.exe . ************************************************************************** catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, h**p://www.gmer.net Rootkit scan 2008-03-27 22:45:01 Windows 6.0.6000 NTFS Scanne versteckte Prozesse... Scanne versteckte Autostart Einträge... Scanne versteckte Dateien... Scan erfolgreich abgeschlossen versteckte Dateien: 0 ************************************************************************** . Zeit der Fertigstellung: 2008-03-27 22:45:46 ComboFix-quarantined-files.txt 2008-03-27 21:45:43 7 Verzeichnis(se), 337,846,284,288 Bytes frei 15 Verzeichnis(se), 337,816,817,664 Bytes frei . 2008-03-26 05:54:58 --- E O F --- PS: Thinkrightnow ist eine Kauf-Software, die ich für OK halte, aber ich werde sie natürlich scannen lassen. |
| Themen zu Trojan.Win32.Agent.ixj |
| aktiv, explorer, file, fix, google, helfen, hijack this, home, infiziert., internet, internet explorer, internet security, microsoft, namen, nicht mehr, not, programm, security, security suite, seiten, software, start, system, viren, virus, vista, windows, windows vista, windows vista home, write |
Baum-Darstellung