| |
| |||||||
Log-Analyse und Auswertung: virenprogramme scannen nicht weiter (freeav, rising antivirus)Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
21.10.2008, 20:59
| #3 |
| |  virenprogramme scannen nicht weiter (freeav, rising antivirus) teil 2 combo fix
__________________. (((((((((((((((((((((((((((((((((((( Find3M Bericht )))))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-10-21 19:52 34,973,728 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat 2008-10-21 17:53 --------- d-----w C:\Programme\SpeedFan 2008-10-21 17:23 426,260 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx 2008-10-21 17:21 62,448 ----a-w C:\WINDOWS\system32\drivers\HookNtos.sys 2008-10-21 17:21 499,712 ----a-w C:\WINDOWS\system32\msvcp71.dll 2008-10-21 17:21 38,128 ----a-w C:\WINDOWS\system32\drivers\HOOKREG.sys 2008-10-21 17:21 30,320 ----a-w C:\WINDOWS\system32\drivers\HookHelp.sys 2008-10-21 17:21 237,168 ----a-w C:\WINDOWS\system32\bsmain.exe 2008-10-21 17:21 163,824 ----a-w C:\WINDOWS\system32\drivers\HookSys.sys 2008-10-21 17:21 13,680 ----a-w C:\WINDOWS\system32\drivers\HookCont.sys 2008-10-21 17:21 113,264 ----a-w C:\WINDOWS\system32\RavExt.dll 2008-10-21 17:21 10,640 ----a-w C:\WINDOWS\system32\drivers\RsNTGdi.sys 2008-10-21 17:17 --------- d-----w C:\Dokumente und Einstellungen\Shadow\Anwendungsdaten\Vista Start Menu 2008-10-21 13:04 --------- d-----w C:\Programme\Spybot - Search & Destroy 2008-10-21 13:03 --------- d-----w C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy 2008-10-20 21:42 --------- d-----w C:\Dokumente und Einstellungen\Shadow\Anwendungsdaten\Xfire 2008-10-20 21:38 --------- d-----w C:\Dokumente und Einstellungen\Shadow\Anwendungsdaten\Hamachi 2008-10-19 07:20 2,383,469 ----a-w C:\WINDOWS\Internet Logs\tvDebug.zip 2008-10-17 06:55 --------- d--h--w C:\Programme\InstallShield Installation Information 2008-10-17 06:55 --------- d-----w C:\Programme\VID_0E8F&PID_0012 2008-10-16 09:41 --------- d-----w C:\Programme\Xfire 2008-10-15 14:16 8,882 ----a-w C:\Dokumente und Einstellungen\Shadow\Anwendungsdaten\wklnhst.dat 2008-10-15 09:10 319,488 ----a-w C:\WINDOWS\HideWin.exe 2008-10-15 08:19 73,216 ----a-w C:\WINDOWS\Internet Logs\xDBF.tmp 2008-10-15 08:19 3,098,112 ----a-w C:\WINDOWS\Internet Logs\xDB10.tmp 2008-10-13 21:15 66,560 ----a-w C:\WINDOWS\Internet Logs\xDBD.tmp 2008-10-13 21:15 3,096,064 ----a-w C:\WINDOWS\Internet Logs\xDBE.tmp 2008-10-13 02:37 --------- d-----w C:\Programme\Wondershare 2008-10-12 21:05 26,624 ----a-w C:\WINDOWS\Internet Logs\xDBC.tmp 2008-10-12 18:15 3,046,912 ----a-w C:\WINDOWS\Internet Logs\xDB8.tmp 2008-10-12 18:15 29,696 ----a-w C:\WINDOWS\Internet Logs\xDB7.tmp 2008-10-12 12:39 91,648 ----a-w C:\WINDOWS\Internet Logs\xDB5.tmp 2008-10-12 12:39 3,046,912 ----a-w C:\WINDOWS\Internet Logs\xDB6.tmp 2008-10-12 09:58 --------- d-----w C:\Dokumente und Einstellungen\Shadow\Anwendungsdaten\ICQ 2008-10-09 19:35 --------- d-----w C:\Programme\Windows Media Connect 2 2008-10-09 12:16 84,992 ----a-w C:\WINDOWS\Internet Logs\xDB3.tmp 2008-10-09 12:16 3,006,976 ----a-w C:\WINDOWS\Internet Logs\xDB4.tmp 2008-10-08 17:40 --------- d-----w C:\Programme\Gemeinsame Dateien\Apple 2008-10-07 14:02 3,030,528 ----a-w C:\WINDOWS\Internet Logs\xDB2.tmp 2008-10-07 14:02 220,160 ----a-w C:\WINDOWS\Internet Logs\xDB1.tmp 2008-10-06 19:24 --------- d-----w C:\Programme\Java 2008-10-06 10:11 --------- d-----w C:\Programme\PrintMaster 2008-10-06 10:11 --------- d-----w C:\Programme\Microsoft Works 2008-10-06 10:11 --------- d-----w C:\Dokumente und Einstellungen\Shadow\Anwendungsdaten\Skype 2008-10-06 10:11 --------- d-----w C:\Dokumente und Einstellungen\Shadow\Anwendungsdaten\Player 2008-10-06 10:10 --------- d-----w C:\Programme\TuneUp Utilities 2007 2008-10-06 09:33 2,847,232 ----a-w C:\WINDOWS\Internet Logs\xDBB.tmp 2008-10-06 09:28 107,888 ----a-w C:\WINDOWS\system32\CmdLineExt.dll 2008-10-04 11:55 --------- d-----w C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Bluetooth 2008-10-02 17:01 4,878,336 ----a-w C:\WINDOWS\system32\drivers\RtkHDAud.sys 2008-10-02 13:19 82,432 ----a-w C:\WINDOWS\Internet Logs\xDB9.tmp 2008-10-02 13:19 2,783,744 ----a-w C:\WINDOWS\Internet Logs\xDBA.tmp 2008-10-01 18:58 --------- d-----w C:\Programme\Zattoo 2008-09-30 16:01 16,864,768 ----a-w C:\WINDOWS\RTHDCPL.EXE 2008-09-30 14:38 2,168,320 ----a-w C:\WINDOWS\MicCal.exe 2008-09-26 07:00 --------- d-----w C:\Programme\ICQ6 2008-09-24 18:50 --------- d-----w C:\Programme\Ahead 2008-09-24 07:50 --------- d-----w C:\Programme\IncrediMail 2008-09-23 11:52 --------- d-----w C:\Programme\OO Software 2008-09-23 11:51 --------- d-----w C:\Programme\Elaborate Bytes 2008-09-23 11:50 --------- d-----w C:\Programme\SlySoft 2008-09-23 11:06 --------- d-----w C:\Dokumente und Einstellungen\Shadow\Anwendungsdaten\Ahead 2008-09-23 09:02 --------- d-----w C:\Programme\Intel 2008-09-22 20:59 --------- d-----w C:\Programme\ArtMoney 2008-09-21 16:25 --------- d-----w C:\Programme\Windows Desktop Search 2008-09-21 08:31 --------- d-----w C:\Programme\Nero 2008-09-21 06:51 --------- d-----w C:\Programme\Gemeinsame Dateien\Ahead 2008-09-21 06:24 --------- d-----w C:\Programme\xp-Iso-Builder 2008-09-20 07:16 170,496 ----a-w C:\WINDOWS\system32\BootMan.exe 2008-09-19 19:27 --------- d-----w C:\Programme\DivX 2008-09-19 19:25 --------- d-----w C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SlySoft 2008-09-19 18:42 86,408 ----a-w C:\WINDOWS\system32\setupempdrv03.exe 2008-09-19 18:42 8,704 ----a-w C:\WINDOWS\system32\epmntdrv.sys 2008-09-19 18:42 3,072 ----a-w C:\WINDOWS\system32\EuGdiDrv.sys 2008-09-19 18:42 14,848 ----a-w C:\WINDOWS\system32\EuEpmGdi.dll 2008-09-19 18:07 --------- d-----w C:\Dokumente und Einstellungen\Shadow\Anwendungsdaten\SuperEasy 2008-09-19 16:10 86,016 ----a-w C:\WINDOWS\system32\ResizeNTFS.dll 2008-09-19 16:10 61,952 ----a-w C:\WINDOWS\system32\FatResizeMove.dll 2008-09-19 16:10 472,576 ----a-w C:\WINDOWS\system32\NTFSFormat.dll 2008-09-19 16:10 22,016 ----a-w C:\WINDOWS\system32\FatFormat.dll 2008-09-19 16:09 92,672 ----a-w C:\WINDOWS\system32\Partition.dll 2008-09-19 16:09 31,744 ----a-w C:\WINDOWS\system32\FatLib.dll 2008-09-19 16:09 179,200 ----a-w C:\WINDOWS\system32\DeviceManager.dll 2008-09-19 16:09 124,416 ----a-w C:\WINDOWS\system32\NTFSCopy.dll 2008-09-19 16:08 86,528 ----a-w C:\WINDOWS\system32\NTFSLib.dll 2008-09-19 16:08 68,096 ----a-w C:\WINDOWS\system32\Device.dll 2008-09-19 16:08 6,144 ----a-w C:\WINDOWS\system32\CallbackOperator.dll 2008-09-19 16:08 44,032 ----a-w C:\WINDOWS\system32\FileSystemCheck.dll 2008-09-19 16:08 25,088 ----a-w C:\WINDOWS\system32\FATFileSystemAnalyser.dll 2008-09-19 16:08 24,576 ----a-w C:\WINDOWS\system32\NTFSFileSystemAnalyser.dll 2008-09-19 16:08 21,504 ----a-w C:\WINDOWS\system32\Fixup.dll 2008-09-19 16:08 14,848 ----a-w C:\WINDOWS\system32\FileSystemAnalyser.dll 2008-09-19 16:08 10,752 ----a-w C:\WINDOWS\system32\DeviceAdapter.dll 2008-09-19 15:48 1,200,128 ----a-w C:\WINDOWS\RtlUpd.exe 2008-09-19 14:06 65,517 ----a-w C:\WINDOWS\BricoPackUninst.cmd 2008-09-19 14:06 6,116 ----a-w C:\WINDOWS\BricoPackFoldersDelete.cmd 2008-09-18 19:35 0 ---ha-w C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf 2008-09-18 19:35 0 ---ha-w C:\WINDOWS\system32\drivers\Msft_Kernel_ggsemc_01005.Wdf 2008-09-18 19:04 --------- d-----w C:\Programme\Mobile Master 2008-09-18 18:09 --------- d-----w C:\Programme\Vista Start Menu . ------- Sigcheck ------- 2008-04-14 07:53 111616 65e60c18ddb0215c201ff75e32d564c8 C:\WINDOWS\ServicePackFiles\i386\wuauclt.exe 2008-07-18 22:10 68808 136896c2cdc3f689876e0d44485153ea C:\WINDOWS\system32\wuauclt.exe 2008-07-18 22:10 53448 d316e28958873859b88d72cf47ad1ea5 C:\WINDOWS\system32\dllcache\wuauclt.exe . (((((((((((((((((((((((((((( Autostartpunkte der Registrierung )))))))))))))))))))))))))))))))))))))))) . . *Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SteganosAntiSpam"="C:\Programme\Steganos AntiSpam 7\antispam.exe" [2004-12-01 1760085] "IncrediMail"="C:\Programme\IncrediMail\bin\IncMail.exe" [2008-09-22 243072] "speedfan"="C:\Programme\SpeedFan\speedfan.exe" [2008-04-22 3287552] "VistaStartMenu"="C:\Programme\Vista Start Menu\VistaStartMenu.exe" [2008-07-09 2136064] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "KernelFaultCheck"="C:\WINDOWS\system32\dumprep 0 -k" [X] "Trust Gaming mouse"="C:\Programme\Trust\GM-4200 Gamer Mouse Optical\Panel.exe" [2006-12-28 1232896] "ZoneAlarm Client"="C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe" [2008-07-09 919016] "QuickTime Task"="C:\Programme\QuickTime\qttask.exe" [2008-09-06 413696] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2008-09-17 13574144] "TrojanScanner"="C:\Programme\Trojan Remover\Trjscan.exe" [2008-10-09 967048] "RavTask"="C:\Programme\Rising\Rav\RavTask.exe" [2008-10-21 211568] "BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 C:\WINDOWS\system32\bthprops.cpl] "RTHDCPL"="RTHDCPL.EXE" [2008-09-30 C:\WINDOWS\RTHDCPL.EXE] "Alcmtr"="ALCMTR.EXE" [2008-06-19 C:\WINDOWS\ALCMTR.EXE] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 15360] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{32CD708B-60A7-4C00-9377-D73EAA495F0F}"= "C:\WINDOWS\system32\RavExt.dll" [2008-10-21 113264] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "VIDC.XFR1"= xfcodec.dll [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Notification Packages REG_MULTI_SZ scecli scecli scecli scecli scecli scecli [HKLM\~\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Windows Search.lnk] backup=C:\WINDOWS\pss\Windows Search.lnkCommon Startup [HKLM\~\startupfolder\C:^Dokumente und Einstellungen^Shadow^Startmenü^Programme^Autostart^Ereigniserinnerung.lnk] backup=C:\WINDOWS\pss\Ereigniserinnerung.lnkStartup HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BtTray HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminator [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] --a------ 2008-04-14 07:52 15360 C:\WINDOWS\system32\ctfmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] --a------ 2006-01-12 15:40 155648 C:\WINDOWS\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon] --a------ 2008-09-17 09:55 13574144 C:\WINDOWS\system32\nvcpl.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "WMPNetworkSvc"=3 (0x3) "sp_rssrv"=2 (0x2) "iPod Service"=3 (0x3) "NMIndexingService"=3 (0x3) "Nero BackItUp Scheduler 3"=2 (0x2) "IDriverT"=3 (0x3) "Bonjour Service"=2 (0x2) "BlueSoleil Hid Service"=2 (0x2) "WinDefend"=2 (0x2) "BlueSoleilCS"=2 (0x2) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe "Google Update"="C:\Dokumente und Einstellungen\Shadow\Lokale Einstellungen\Anwendungsdaten\Google\Update\GoogleUpdate.exe" /c "Sony Ericsson PC Suite"="C:\Programme\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon "RegistryMechanic"=C:\Programme\Registry Mechanic\RegMech.exe /H [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "QuickTime Task"="C:\Programme\QuickTime\QTTask.exe" -atboottime "Adobe Reader Speed Launcher"="C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe" "EPSON Stylus D68 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAAE.EXE /P23 "EPSON Stylus D68 Series" /O6 "USB001" /M "Stylus D68" "iTunesHelper"="C:\Programme\iTunes\iTunesHelper.exe" "vspdfprsrv.exe"=C:\Programme\Visagesoft\eXPert PDF\vspdfprsrv.exe --background "C-Media Mixer"=Mixer.exe /startup "NvCplDaemon"=RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup "nwiz"=nwiz.exe /install "NvMediaCenter"=RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit "BluetoothAuthenticationAgent"=rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent "Alcmtr"=ALCMTR.EXE "SunJavaUpdateSched"="C:\Programme\Java\jre1.6.0_07\bin\jusched.exe" [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Programme\\IncrediMail\\bin\\IncMail.exe"= "C:\\Programme\\IncrediMail\\bin\\ImApp.exe"= "C:\\Programme\\IncrediMail\\bin\\ImpCnt.exe"= "C:\\Programme\\ICQ6\\ICQ.exe"= "C:\\Programme\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"= "C:\\Programme\\Bonjour\\mDNSResponder.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "C:\\Programme\\iTunes\\iTunes.exe"= "C:\\Programme\\ICQLite\\ICQLite.exe"= "E:\\Spiele\\FlatOut Ultimate Carnage\\Fouc.exe"= R2 BT848;Conexant's BtPCI WDM Video Capture;C:\WINDOWS\system32\DRIVERS\BT848.sys [2008-09-14 00:04] R2 pr2ah4nb;DiRT Drivers Auto Removal (pr2ah4nb);C:\WINDOWS\system32\pr2ah4nb.exe svc [] R2 RsRavMon;Rising RealTime Monitor;C:\PROGRAMME\RISING\RAV\Ravmond.exe [2008-10-21 19:21] R3 epmntdrv;epmntdrv;C:\WINDOWS\system32\epmntdrv.sys [2008-09-19 20:42] R3 EuGdiDrv;EuGdiDrv;C:\WINDOWS\system32\EuGdiDrv.sys [2008-09-19 20:42] R3 ggflt;SEMC USB Flash Driver Filter;C:\WINDOWS\system32\DRIVERS\ggflt.sys [2008-09-15 11:24] R3 IvtBtBUs;IVT Bluetooth Bus Service;C:\WINDOWS\system32\Drivers\IvtBtBus.sys [2008-07-02 14:58] R3 Usbfilt;Usbfilt;C:\WINDOWS\SYSTEM32\DRIVERS\usbfilt.sys [2004-02-01 05:53] S0 BtHidBus;Bluetooth HID Bus Service;C:\WINDOWS\System32\Drivers\BtHidBus.sys [2008-07-31 20:45] S0 pe3ah4nb;DiRT Environment Driver (pe3ah4nb);C:\WINDOWS\system32\drivers\pe3ah4nb.sys [2007-07-19 16:45] S0 ps6ah4nb;DiRT Synchronization Driver (ps6ah4nb);C:\WINDOWS\system32\drivers\ps6ah4nb.sys [2007-07-19 16:43] S0 RsNTGDI;RsNTGDI;C:\WINDOWS\system32\Drivers\RsNTGdi.sys [2008-10-21 19:21] S1 HookCont;HookCont;C:\WINDOWS\system32\drivers\HookCont.sys [2008-10-21 19:21] S1 HookNtos;HookNtos;C:\WINDOWS\system32\drivers\HookNtos.sys [2008-10-21 19:21] S1 HookReg;HookReg;C:\WINDOWS\system32\drivers\HookReg.sys [2008-10-21 19:21] S1 HookSys;HookSys;C:\WINDOWS\system32\drivers\HookSys.sys [2008-10-21 19:21] S2 RsCCenter;Rising Process Communication Center;C:\Programme\Rising\Rav\CCenter.exe [2008-10-21 19:21] S2 UxTuneUp;TuneUp Designerweiterung;C:\WINDOWS\System32\svchost.exe [2008-04-14 07:53] S3 GMFilter Filter;GMFilter Filter;C:\WINDOWS\system32\Drivers\GMFilter.sys [2006-12-29 16:49] S3 PAC207;SoC PC-Camera;C:\WINDOWS\system32\DRIVERS\pfc027.sys [2005-04-08 10:46] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp *Newly Created Service* - HOOKCONT *Newly Created Service* - HOOKNTOS *Newly Created Service* - HOOKREG *Newly Created Service* - HOOKSYS *Newly Created Service* - PROCEXP90 *Newly Created Service* - RSNTGDI *Newly Created Service* - RSRAVMON . Inhalt des "geplante Tasks" Ordners 2008-10-17 C:\WINDOWS\Tasks\1-Klick-Wartung.job - C:\Programme\TuneUp Utilities 2007\SystemOptimizer.exe [2007-04-27 05:08] 2008-10-20 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job - C:\Programme\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34] 2008-10-21 C:\WINDOWS\Tasks\GoogleUpdateTaskUser.job - C:\Dokumente und Einstellungen\Shadow\Lokale Einstellungen\Anwendungsdaten\Google\Update\GoogleUpdate.exe [2008-09-03 12:33] . - - - - Entfernte verwaiste Registrierungseinträge - - - - WebBrowser-{32099AAC-C132-4136-9E9A-4E364A424E17} - (no file) . ------- Zusätzlicher Suchlauf ------- . FireFox -: Profile - C:\Dokumente und Einstellungen\Shadow\Anwendungsdaten\Mozilla\Firefox\Profiles\nl5um30a.default\ FireFox -: prefs.js - STARTUP.HOMEPAGE - www.google.de FF -: plugin - C:\Dokumente und Einstellungen\Shadow\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.2.131.11\npGoogleOneClick5.dll FF -: plugin - C:\Programme\iTunes\Mozilla Plugins\npitunes.dll FF -: plugin - C:\Programme\Microsoft Silverlight\2.0.31005.0\npctrl.1.0.30716.0.dll FF -: plugin - C:\Programme\Microsoft Silverlight\2.0.31005.0\npctrl.dll FF -: plugin - C:\Programme\Mozilla Firefox\plugins\npijjiFFPlugin1.dll FF -: plugin - C:\Programme\Mozilla Firefox\plugins\npsnapfish.dll FF -: plugin - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-10-21 21:52:02 Windows 5.1.2600 Service Pack 3 NTFS Scanne versteckte Prozesse... Scanne versteckte Autostarteinträge... Scanne versteckte Dateien... ************************************************************************** . Zeit der Fertigstellung: 2008-10-21 21:53:18 ComboFix-quarantined-files.txt 2008-10-21 19:53:16 Vor Suchlauf: 18 Verzeichnis(se), 44.324.126.720 Bytes frei Nach Suchlauf: 18 Verzeichnis(se), 44,300,677,120 Bytes frei WindowsXP-KB310994-SP2-Home-BootDisk-DEU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect 369 --- E O F --- 2008-10-21 15:31:57 |
| Themen zu virenprogramme scannen nicht weiter (freeav, rising antivirus) |
| adobe, antivirus, bho, dll, explorer, firefox, hijack, hijackthis, hkus\s-1-5-18, icq, internet, internet explorer, langsam, microsoft, monitor, mozilla, need for speed, nvidia, pdf, programme, rundll, scan, software, start menu, system, vista, windows, windows xp, windows xp sp3, xp sp3 |
Baum-Darstellung