Trojaner-Board
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Rechner friert bei Virenchek, Defragmentierung, CHKDSK ein (https://www.trojaner-board.de/77686-rechner-friert-virenchek-defragmentierung-chkdsk.html)

lalischen 04.10.2009 15:30
d3dx10_42.dll

Code:
Antivirus        Version        letzte aktualisierung        Ergebnis
a-squared        4.5.0.24        2009.10.04        -
AhnLab-V3        5.0.0.2        2009.10.03        -
AntiVir        7.9.1.27        2009.10.02        -
Antiy-AVL        2.0.3.7        2009.10.04        -
Authentium        5.1.2.4        2009.10.03        -
Avast        4.8.1351.0        2009.10.03        -
AVG        8.5.0.420        2009.10.04        -
BitDefender        7.2        2009.10.04        -
CAT-QuickHeal        10.00        2009.10.03        -
ClamAV        0.94.1        2009.10.03        -
Comodo        2511        2009.10.04        -
DrWeb        5.0.0.12182        2009.10.04        -
eSafe        7.0.17.0        2009.10.04        -
eTrust-Vet        31.6.6774        2009.10.02        -
F-Prot        4.5.1.85        2009.10.03        -
F-Secure        8.0.14470.0        2009.10.03        -
Fortinet        3.120.0.0        2009.10.04        -
GData        19        2009.10.04        -
Ikarus        T3.1.1.72.0        2009.10.04        -
Jiangmin        11.0.800        2009.10.04        -
K7AntiVirus        7.10.861        2009.10.03        -
Kaspersky        7.0.0.125        2009.10.04        -
McAfee        5760        2009.10.03        -
McAfee+Artemis        5760        2009.10.03        -
McAfee-GW-Edition        6.8.5        2009.10.04        -
Microsoft        1.5101        2009.10.04        -
NOD32        4478        2009.10.03        -
Norman        6.01.09        2009.10.04        -
nProtect        2009.1.8.0        2009.10.04        -
Panda        10.0.2.2        2009.10.04        -
PCTools        4.4.2.0        2009.10.04        -
Prevx        3.0        2009.10.04        -
Rising        21.49.22.00        2009.09.30        -
Sophos        4.45.0        2009.10.04        -
Sunbelt        3.2.1858.2        2009.10.03        -
Symantec        1.4.4.12        2009.10.04        -
TheHacker        6.5.0.2.028        2009.10.03        -
TrendMicro        8.950.0.1094        2009.10.04        -
VBA32        3.12.10.11        2009.10.03        -
ViRobot        2009.10.2.1968        2009.10.02        -
VirusBuster        4.6.5.0        2009.10.03        -
weitere Informationen
File size: 453456 bytes
MD5...: 501ac862517c5445742bee8a2b88414e
SHA1..: 49f3f2df66d357aa84a5e7a0eb368ea595b7d95a
SHA256: 46429c4affe041b08a7acfda0e9162ba42de966acb2cbcaf09ef976232073b51
ssdeep: 12288:LVUU2K/lYzobQ7yHJjgpqUMiuJRGODIPjxoula:Zt2K/lYzlNmRGODIPOu
la
PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x5f5ab
timedatestamp.....: 0x4a6d1033 (Mon Jul 27 02:25:55 2009)
machinetype.......: 0x14c (I386)

( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x63a05 0x63c00 6.74 b6ad39d67019b576cce57051bbc61079
.data 0x65000 0x5d10 0x5600 3.97 7e098dd37a645bb0bf5f28c632e3fc6b
.rsrc 0x6b000 0x3a8 0x400 3.20 84c3478f60c8802867e4a909b865fe95
.reloc 0x6c000 0x3970 0x3a00 6.15 78e5efa87e345fa11103c7b71764a419

( 5 imports )
> msvcrt.dll: __1type_info@@UAE@XZ, _onexit, _lock, __dllonexit, _unlock, _terminate@@YAXXZ, _amsg_exit, _initterm, free, malloc, _XcptFilter, tolower, _stricmp, _CxxThrowException, _isnan, floor, _controlfp, _purecall, _CIatan, _CIcos, _CIasin, _finite, _CIsin, _CIatan2, _CIacos, _CIsqrt, iswspace, iswalpha, iswdigit, iswpunct, memmove, qsort, memset, __2@YAPAXI@Z, memcpy, __3@YAXPAX@Z, _vsnprintf, _vsnwprintf, __CxxFrameHandler
> GDI32.dll: GetCharacterPlacementA, GetCharacterPlacementW, SetTextColor, DeleteDC, DeleteObject, SelectObject, CreateDIBSection, GetGlyphOutlineA, GetTextMetricsA, GetObjectW, GetObjectA, SetBkMode, GetTextMetricsW, GetFontLanguageInfo, CreateFontIndirectA, CreateFontIndirectW, SetTextAlign, SetMapMode, CreateCompatibleDC, ExtTextOutA, MoveToEx, ExtTextOutW, TranslateCharsetInfo, SetBkColor
> KERNEL32.dll: WideCharToMultiByte, CreateFileW, GetFileSizeEx, ReadFile, MultiByteToWideChar, GetFullPathNameW, GetLastError, GetModuleHandleA, FreeLibrary, GetCurrentProcess, GetProcessAffinityMask, CreateThread, InterlockedIncrement, Sleep, WaitForSingleObject, InterlockedDecrement, DebugBreak, IsProcessorFeaturePresent, ReleaseSemaphore, ReleaseMutex, CloseHandle, CreateSemaphoreA, CreateMutexA, LoadLibraryA, LeaveCriticalSection, EnterCriticalSection, GetVersion, GetProcAddress, DisableThreadLibraryCalls, CreateFileA, InitializeCriticalSection, DeleteCriticalSection, GetFileSize, GetModuleFileNameA, InterlockedExchange, InterlockedCompareExchange, OutputDebugStringA, RtlUnwind, QueryPerformanceCounter, GetTickCount, GetCurrentThreadId, GetCurrentProcessId, GetSystemTimeAsFileTime, TerminateProcess, UnhandledExceptionFilter, SetUnhandledExceptionFilter, WriteFile, LockResource, FindResourceW, LoadResource, SizeofResource, FindResourceA, WaitForMultipleObjects
> ADVAPI32.dll: RegCloseKey, RegEnumKeyExA, RegOpenKeyExA, RegQueryValueExA
> ole32.dll: CreateStreamOnHGlobal

( 176 exports )
D3DX10CheckVersion, D3DX10CompileFromFileA, D3DX10CompileFromFileW, D3DX10CompileFromMemory, D3DX10CompileFromResourceA, D3DX10CompileFromResourceW, D3DX10ComputeNormalMap, D3DX10CreateAsyncCompilerProcessor, D3DX10CreateAsyncEffectCreateProcessor, D3DX10CreateAsyncEffectPoolCreateProcessor, D3DX10CreateAsyncFileLoaderA, D3DX10CreateAsyncFileLoaderW, D3DX10CreateAsyncMemoryLoader, D3DX10CreateAsyncResourceLoaderA, D3DX10CreateAsyncResourceLoaderW, D3DX10CreateAsyncShaderPreprocessProcessor, D3DX10CreateAsyncShaderResourceViewProcessor, D3DX10CreateAsyncTextureInfoProcessor, D3DX10CreateAsyncTextureProcessor, D3DX10CreateDevice, D3DX10CreateDeviceAndSwapChain, D3DX10CreateEffectFromFileA, D3DX10CreateEffectFromFileW, D3DX10CreateEffectFromMemory, D3DX10CreateEffectFromResourceA, D3DX10CreateEffectFromResourceW, D3DX10CreateEffectPoolFromFileA, D3DX10CreateEffectPoolFromFileW, D3DX10CreateEffectPoolFromMemory, D3DX10CreateEffectPoolFromResourceA, D3DX10CreateEffectPoolFromResourceW, D3DX10CreateFontA, D3DX10CreateFontIndirectA, D3DX10CreateFontIndirectW, D3DX10CreateFontW, D3DX10CreateMesh, D3DX10CreateShaderResourceViewFromFileA, D3DX10CreateShaderResourceViewFromFileW, D3DX10CreateShaderResourceViewFromMemory, D3DX10CreateShaderResourceViewFromResourceA, D3DX10CreateShaderResourceViewFromResourceW, D3DX10CreateSkinInfo, D3DX10CreateSprite, D3DX10CreateTextureFromFileA, D3DX10CreateTextureFromFileW, D3DX10CreateTextureFromMemory, D3DX10CreateTextureFromResourceA, D3DX10CreateTextureFromResourceW, D3DX10CreateThreadPump, D3DX10FilterTexture, D3DX10GetFeatureLevel1, D3DX10GetImageInfoFromFileA, D3DX10GetImageInfoFromFileW, D3DX10GetImageInfoFromMemory, D3DX10GetImageInfoFromResourceA, D3DX10GetImageInfoFromResourceW, D3DX10LoadTextureFromTexture, D3DX10PreprocessShaderFromFileA, D3DX10PreprocessShaderFromFileW, D3DX10PreprocessShaderFromMemory, D3DX10PreprocessShaderFromResourceA, D3DX10PreprocessShaderFromResourceW, D3DX10SHProjectCubeMap, D3DX10SaveTextureToFileA, D3DX10SaveTextureToFileW, D3DX10SaveTextureToMemory, D3DX10UnsetAllDeviceObjects, D3DXBoxBoundProbe, D3DXColorAdjustContrast, D3DXColorAdjustSaturation, D3DXComputeBoundingBox, D3DXComputeBoundingSphere, D3DXCpuOptimizations, D3DXCreateMatrixStack, D3DXFloat16To32Array, D3DXFloat32To16Array, D3DXFresnelTerm, D3DXIntersectTri, D3DXMatrixAffineTransformation, D3DXMatrixAffineTransformation2D, D3DXMatrixDecompose, D3DXMatrixDeterminant, D3DXMatrixInverse, D3DXMatrixLookAtLH, D3DXMatrixLookAtRH, D3DXMatrixMultiply, D3DXMatrixMultiplyTranspose, D3DXMatrixOrthoLH, D3DXMatrixOrthoOffCenterLH, D3DXMatrixOrthoOffCenterRH, D3DXMatrixOrthoRH, D3DXMatrixPerspectiveFovLH, D3DXMatrixPerspectiveFovRH, D3DXMatrixPerspectiveLH, D3DXMatrixPerspectiveOffCenterLH, D3DXMatrixPerspectiveOffCenterRH, D3DXMatrixPerspectiveRH, D3DXMatrixReflect, D3DXMatrixRotationAxis, D3DXMatrixRotationQuaternion, D3DXMatrixRotationX, D3DXMatrixRotationY, D3DXMatrixRotationYawPitchRoll, D3DXMatrixRotationZ, D3DXMatrixScaling, D3DXMatrixShadow, D3DXMatrixTransformation, D3DXMatrixTransformation2D, D3DXMatrixTranslation, D3DXMatrixTranspose, D3DXPlaneFromPointNormal, D3DXPlaneFromPoints, D3DXPlaneIntersectLine, D3DXPlaneNormalize, D3DXPlaneTransform, D3DXPlaneTransformArray, D3DXQuaternionBaryCentric, D3DXQuaternionExp, D3DXQuaternionInverse, D3DXQuaternionLn, D3DXQuaternionMultiply, D3DXQuaternionNormalize, D3DXQuaternionRotationAxis, D3DXQuaternionRotationMatrix, D3DXQuaternionRotationYawPitchRoll, D3DXQuaternionSlerp, D3DXQuaternionSquad, D3DXQuaternionSquadSetup, D3DXQuaternionToAxisAngle, D3DXSHAdd, D3DXSHDot, D3DXSHEvalConeLight, D3DXSHEvalDirection, D3DXSHEvalDirectionalLight, D3DXSHEvalHemisphereLight, D3DXSHEvalSphericalLight, D3DXSHMultiply2, D3DXSHMultiply3, D3DXSHMultiply4, D3DXSHMultiply5, D3DXSHMultiply6, D3DXSHRotate, D3DXSHRotateZ, D3DXSHScale, D3DXSphereBoundProbe, D3DXVec2BaryCentric, D3DXVec2CatmullRom, D3DXVec2Hermite, D3DXVec2Normalize, D3DXVec2Transform, D3DXVec2TransformArray, D3DXVec2TransformCoord, D3DXVec2TransformCoordArray, D3DXVec2TransformNormal, D3DXVec2TransformNormalArray, D3DXVec3BaryCentric, D3DXVec3CatmullRom, D3DXVec3Hermite, D3DXVec3Normalize, D3DXVec3Project, D3DXVec3ProjectArray, D3DXVec3Transform, D3DXVec3TransformArray, D3DXVec3TransformCoord, D3DXVec3TransformCoordArray, D3DXVec3TransformNormal, D3DXVec3TransformNormalArray, D3DXVec3Unproject, D3DXVec3UnprojectArray, D3DXVec4BaryCentric, D3DXVec4CatmullRom, D3DXVec4Cross, D3DXVec4Hermite, D3DXVec4Normalize, D3DXVec4Transform, D3DXVec4TransformArray
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: Win64 Executable Generic (59.6%)
Win32 Executable MS Visual C++ (generic) (26.2%)
Win32 Executable Generic (5.9%)
Win32 Dynamic Link Library (generic) (5.2%)
Generic Win/DOS Executable (1.3%)
sigcheck:
publisher....: Microsoft Corporation
copyright....: Copyright (c) Microsoft Corp. 1994-2007
product......: Microsoft_ DirectX for Windows_
description..: Direct3D 10.1 Extensions
original name: D3DX10.dll
internal name: D3DX10.dll
file version.: 9.27.952.3001
comments.....: n/a
signers......: Microsoft Corporation
Microsoft Code Signing PCA
Microsoft Root Authority
signing date.: 6:16 AM 7/27/2009
verified.....: -
c:\windows\system32\XAudio2_5.dll

Code:
Antivirus        Version        letzte aktualisierung        Ergebnis
a-squared        4.5.0.24        2009.10.04        -
AhnLab-V3        5.0.0.2        2009.10.03        -
AntiVir        7.9.1.27        2009.10.02        -
Antiy-AVL        2.0.3.7        2009.10.04        -
Authentium        5.1.2.4        2009.10.03        -
Avast        4.8.1351.0        2009.10.03        -
AVG        8.5.0.420        2009.10.04        -
BitDefender        7.2        2009.10.04        -
CAT-QuickHeal        10.00        2009.10.03        -
ClamAV        0.94.1        2009.10.03        -
Comodo        2511        2009.10.04        -
DrWeb        5.0.0.12182        2009.10.04        -
eSafe        7.0.17.0        2009.10.04        -
eTrust-Vet        31.6.6774        2009.10.02        -
F-Prot        4.5.1.85        2009.10.03        -
F-Secure        8.0.14470.0        2009.10.03        -
Fortinet        3.120.0.0        2009.10.04        -
GData        19        2009.10.04        -
Ikarus        T3.1.1.72.0        2009.10.04        -
Jiangmin        11.0.800        2009.10.04        -
K7AntiVirus        7.10.861        2009.10.03        -
Kaspersky        7.0.0.125        2009.10.04        -
McAfee        5760        2009.10.03        -
McAfee+Artemis        5760        2009.10.03        -
McAfee-GW-Edition        6.8.5        2009.10.04        -
Microsoft        1.5101        2009.10.04        -
NOD32        4478        2009.10.03        -
Norman        6.01.09        2009.10.04        -
nProtect        2009.1.8.0        2009.10.04        -
Panda        10.0.2.2        2009.10.04        -
PCTools        4.4.2.0        2009.10.04        -
Prevx        3.0        2009.10.04        -
Rising        21.49.22.00        2009.09.30        -
Sophos        4.45.0        2009.10.04        -
Sunbelt        3.2.1858.2        2009.10.03        -
Symantec        1.4.4.12        2009.10.04        -
TheHacker        6.5.0.2.028        2009.10.03        -
TrendMicro        8.950.0.1094        2009.10.04        -
VBA32        3.12.10.11        2009.10.03        -
ViRobot        2009.10.2.1968        2009.10.02        -
VirusBuster        4.6.5.0        2009.10.03        -
weitere Informationen
File size: 515416 bytes
MD5...: 8b01fb723f3b30ab3debddbf97cfe577
SHA1..: e379c3b7d0a66da06b6a381deea19bc541ee0689
SHA256: c596de2ab8394fb62538fef0b4657317f4ead50a6d798c5d066e25e334576c27
ssdeep: 12288:Mp6zTNTlhHZIrT0MwCyJQgk8N/q1aifw9CSvo:MVMXJQgkj1amw9xvo
PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x31485
timedatestamp.....: 0x4aa1b293 (Sat Sep 05 00:36:35 2009)
machinetype.......: 0x14c (I386)

( 5 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x77994 0x77a00 6.23 fa73a6419de9467805ad487fc59e6a65
.no_bbt 0x79000 0x493 0x600 5.04 083d8523bb14330916b0789c04d58893
.data 0x7a000 0xb8c0 0x600 5.77 dce3e15b4e17891030dec9e61f5398b1
.rsrc 0x86000 0x3f8 0x400 3.42 51d77ad78829cb332564c473bcd98e00
.reloc 0x87000 0x3710 0x3800 4.30 0335c6fce801f2e1068d3f17babe0529

( 7 imports )
> msvcrt.dll: memset, _adjust_fdiv, _amsg_exit, _initterm, free, malloc, _XcptFilter, ceil, _CIpow, _control87, strlen, _purecall, memmove, _vsnprintf, memcmp, memcpy, _aligned_malloc, _aligned_free, strcmp, wcslen, _vsnwprintf, sin, cos, floor, sqrt
> KERNEL32.dll: SetThreadPriority, WaitForSingleObjectEx, CreateThread, ResumeThread, GetProcessAffinityMask, SetThreadAffinityMask, lstrcmpW, FreeLibrary, GetVersionExA, ResetEvent, SetEvent, CreateEventA, CreateSemaphoreA, GetProcAddress, ReleaseSemaphore, GetProcessHeap, HeapSize, GetSystemInfo, GetVersion, SetUnhandledExceptionFilter, UnhandledExceptionFilter, GetCurrentProcess, TerminateProcess, GetSystemTimeAsFileTime, GetCurrentProcessId, GetTickCount, QueryPerformanceCounter, RtlUnwind, InterlockedCompareExchange, Sleep, InterlockedExchange, DisableThreadLibraryCalls, LoadLibraryA, WaitForSingleObject, DuplicateHandle, WaitForMultipleObjects, CloseHandle, GetCurrentThread, IsProcessorFeaturePresent, GetModuleFileNameA, GetCurrentThreadId, HeapDestroy, TryEnterCriticalSection, DeleteCriticalSection, InitializeCriticalSection, QueryPerformanceFrequency, LeaveCriticalSection, EnterCriticalSection, HeapAlloc, HeapFree, HeapCreate, OutputDebugStringA, InterlockedIncrement, InterlockedDecrement, GetLastError, GetThreadPriority
> ole32.dll: PropVariantClear, CoTaskMemAlloc, CoTaskMemFree, CoCreateInstance, CLSIDFromString
> USER32.dll: GetDesktopWindow, MessageBoxA
> RPCRT4.dll: UuidToStringA, RpcStringFreeA
> ADVAPI32.dll: RegCloseKey, RegCreateKeyExA, RegDeleteKeyA, RegEnumKeyA, RegOpenKeyExA, RegSetValueExA, RegQueryValueExA
> WINMM.dll: timeBeginPeriod, timeEndPeriod

( 4 exports )
DllCanUnloadNow, DllGetClassObject, DllRegisterServer, DllUnregisterServer
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: DirectShow filter (77.7%)
Win32 Executable MS Visual C++ (generic) (14.5%)
Win32 Executable Generic (3.2%)
Win32 Dynamic Link Library (generic) (2.9%)
Generic Win/DOS Executable (0.7%)
sigcheck:
publisher....: Microsoft Corporation
copyright....: Copyright (c) Microsoft Corporation. All rights reserved.
product......: Microsoft_ DirectX for Windows_
description..: XAudio2 Game Audio API
original name: xaudio2_5.dll
internal name: xaudio2_5.dll
file version.: 9.27 (DXSDK_AUG09.090904-1620)
comments.....: n/a
signers......: Microsoft Corporation
Microsoft Code Signing PCA
Microsoft Root Authority
signing date.: 2:45 AM 9/5/2009
verified.....: -

Und wie mache ich das, dass der Recycler bzw. recycler.bin ordner wieder als ausgeblendeter systemordner betrachtet wird? Kann ich den found.000 Ordner loeschen? Hab gelesen, dass das nur was von Windows nach ScanDisk ist.

lali

undoreal 04.10.2009 17:06
Hast du mal MWAV laufen lassen oder so?

Das bei dir Ordner vorhanden sind die .exe heissen ist nämlich nicht so alltäglich.

Könnte an irgendwelchen Immunisierungsversuchen liegen.

Überprüfe den Rechner mit SuperAntiSpyware und Anti-Malware und poste die logs.

lalischen 04.10.2009 18:11
Also wenn deiner Meinung nach nur noch auf C Schadsoftware ist, dann formatier ich einfach und spare uns beiden damit zeit.

Ansonsten werde ich dei schritte demnaechst ausfuehren

undoreal 05.10.2009 06:37
Neuaufsetzen ist sicher immmer die beste Variante. Liegt bei dir die Entscheidung..

lalischen 05.10.2009 11:01
Ja, ich denke das passt. Aber ich werde nicht alles formatieren. die Externe bspw. nicht, da sonst meine daten alle weg sind und das kann ich mir uni technisch nicht erlauben. (oder meinst dann sind die viren sofort wieder da?)

Ich mach C,D,E platt. das ist eine platte bei mir!

ich danke dir fuer deine hilfe und betreuung. ich melde mich, sollte es danach immer noch probleme geben.

Nixidee 11.02.2010 14:58
Hallo ihr netten Helfer.

Nachdem der Pc meiner Frau mehreremal bei verschiedenen Anwendungen einfach eingefroren ist habe ich mir überlegt einen Virenscan durchzuführen bei dieser Anwendung schmierte er direkt nach ein paar Minuten ab. Anschließend führte ich Malewarebytes Anti-Maleware aus.Auch bei dieser Anwendung friert er ein. :headbang: Er friert meist dann ein wenn, Windows\ServicePackFiles\i386\osuunist.dll und gleicher Ordner nur mit der Endung \osk.exe , überprüft wird. Habe an Neuaufsetzten des Systems gedacht :pfui:, aber vielleicht könnt ihr mir ja weiterhelfen ohne das ich das tun muss. :confused:

Ein aktueller HijackThis - Scan

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:54:19, on 11.02.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
F:\Programme\iTunesHelper.exe
C:\Programme\Java\jre6\bin\jusched.exe
F:\Programme\HomeCinema\PlayMovie\PMVService.exe
C:\Programme\COMODO\COMODO Internet Security\cfp.exe
C:\Programme\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Programme\Bonjour\mDNSResponder.exe
C:\Programme\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\iPod\bin\iPodService.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\Programme\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://de.ask.com?o=14909&l=dis
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "F:\Programme\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [LanguageShortcut] f:\Programme\HomeCinema\PowerDVD\Language\Language.exe
O4 - HKLM\..\Run: [PlayMovie] "f:\Programme\HomeCinema\PlayMovie\PMVService.exe"
O4 - HKLM\..\Run: [NBKeyScan] "C:\Programme\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [StartCCC] "C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Programme\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://f:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - f:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1255772204405
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1255781926656
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{51F18A60-39CD-4EEB-BAD6-CDDDFDCCDEC5}: NameServer = 194.8.194.60,81.173.194.77
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. - C:\Programme\Bonjour\mDNSResponder.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Programme\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Programme\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe
O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - C:\Programme\SiSoftware\SiSoftware Sandra Lite 2010c\RpcAgentSrv.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

--
End of file - 6378 bytes


Alle Zeitangaben in WEZ +1. Es ist jetzt 13:43 Uhr.
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131