weniger Eigenkapital

Magazine
Go Back   Computer-Saft > Computer Software > Viren, Spyware und Sicherheit
Reload this Page

Malware-Log

Registrieren Website Spy Member List Spenden Suche Die heutige Beiträge Alle Foren als gelesen markieren Forum-Regeln

Register


 Default 

Malware-Log




Reply
 
Thread Tools
  #1  
Old 1. März 2008, 05:05
Mitglied Fraktion
  
Default Malware-Log

Logfile von Trend Micro HijackThis V2.0.2
Scan gespeichert um 12:00:44 am 01/03/2008
Plattform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot-Modus: Normal
Laufenden Prozesse:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ winlogon.exe
C: \ WINDOWS \ system32 \ services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ WINDOWS \ system32 \ spoolsv.exe
C: \ Program Files \ McAfee \ MBK \ MBackMonitor.exe
C: \ PROGRA ~ 1 \ McAfee \ MSC \ mcmscsvc.exe
C: \ Programme \ Gemeinsame Dateien \ McAfee \ MNA \ McNASvc.exe
c: \ PROGRA ~ 1 \ COMMON ~ 1 \ McAfee \ mcproxy \ mcproxy.exe
C: \ PROGRA ~ 1 \ McAfee \ VIRUSS ~ 1 \ mcshield.exe
C: \ Program Files \ McAfee \ MPF \ MPFSrv.exe
C: \ Program Files \ McAfee \ MSK \ MskSrver.exe
C: \ WINDOWS \ system32 \ HPZipm12.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ Explorer.EXE
c: \ PROGRA ~ 1 \ mcafee.com \ agent \ mcagent.exe
C: \ Program Files \ TomTom HOME 2 \ HOMERunner.exe
C: \ PROGRA ~ 1 \ MYWEBS ~ 1 \ bar \ 1.bin \ m3SrchMn.exe
C: \ PROGRA ~ 1 \ MYWEBS ~ 1 \ bar \ 1.bin \ mwsoemon.exe
C: \ Program Files \ Java \ jre1.5.0_09 \ bin \ jusched.exe
C: \ WINDOWS \ System32 \ Rundll32.exe
C: \ WINDOWS \ system32 \ ctfmon.exe
C: \ Program Files \ CyberLink \ Power2Go \ power2goexpress.exe
C: \ Program Files \ Internet Explorer \ iexplore.exe
C: \ Program Files \ Belkin \ F5D8053 \ Belkinwcui.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ Program Files \ Internet Explorer \ iexplore.exe
C: \ PROGRA ~ 1 \ McAfee \ VIRUSS ~ 1 \ mcsysmon.exe
C: \ Program Files \ Java \ jre1.5.0_09 \ bin \ jucheck.exe
C: \ WINDOWS \ system32 \ rundll32.exe
C: \ Program Files \ Internet Explorer \ iexplore.exe
C: \ Program Files \ CCleaner \ CCleaner.exe
C: \ Program Files \ Trend Micro \ HijackThis \ HijackThis.exe
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://uk.yahoo.com
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://uk.yahoo.com
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://uk.yahoo.com
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ SearchURL, (Default) = http://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Local Page =
R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Int ernet Settings, ProxyOverride = 127.0.0.1
R3 - URLSearchHook: (no name) - (00A6FAF6-072E-44cf-8957-5838F569A31D) - C: \ Program Files \ MyWebSearch \ SrchAstt \ 1.bin \ MWSSRCAS.DLL
R3 - URLSearchHook: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - C: \ Program Files \ Yahoo! \ Companion \ Installs \ CPN \ yt.dll
O3 - Toolbar: My Web Search - (07B18EA9-A523-4961-B6BB-170DE4475CCA) - C: \ Program Files \ MyWebSearch \ bar \ 1.bin \ MWSBAR.DLL
O3 - Toolbar: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - C: \ Program Files \ Yahoo! \ Companion \ Installs \ CPN \ yt.dll
O4 - HKLM \ .. \ Run: [MBkLogOnHook] C: \ Program Files \ McAfee \ MBK \ LogOnHook.exe
O4 - HKLM \ .. \ Run: [TomTomHOME.exe] "C: \ Program Files \ TomTom HOME 2 \ HOMERunner.exe"-s
O4 - HKLM \ .. \ Run: [My Web Search Bar Suche Geltungsbereich Monitor] "C: \ PROGRA ~ 1 \ MYWEBS ~ 1 \ bar \ 1.bin \ m3SrchMn.exe" / m = 2 / w
O4 - HKLM \ .. \ Run: [MyWebSearch Email Plugin] C: \ PROGRA ~ 1 \ MYWEBS ~ 1 \ bar \ 1.bin \ mwsoemon.exe
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ jre1.5.0_09 \ bin \ jusched.exe"
O4 - HKLM \ .. \ Run: [mcagent_exe] C: \ Program Files \ McAfee.com \ Agent \ mcagent.exe / runkey
O4 - HKLM \ .. \ Run: [postSetupCheck] C: \ WINDOWS \ System32 \ Rundll32.exe "C: \ WINDOWS \ system32 \ gzmrt.dll" DllStart
O4 - HKCU \ .. \ Run: [ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe
O4 - HKCU \ .. \ Run: [msnmsgr] "C: \ Program Files \ MSN Messenger \ msnmsgr.exe" / Hintergrund
O4 - HKCU \ .. \ Run: [MyWebSearch Email Plugin] C: \ PROGRA ~ 1 \ MYWEBS ~ 1 \ bar \ 1.bin \ mwsoemon.exe
O4 - HKCU \ .. \ Run: [Power2GoExpress] "C: \ Program Files \ CyberLink \ Power2Go \ power2goexpress.exe" / Startup
O4 - HKUS \ S-1-5-18 \ .. \ Run: [CTFMON.EXE] C: \ WINDOWS \ system32 \ CTFMON.EXE (User 'SYSTEM')
O4 - HKUS \. DEFAULT \ .. \ Run: [CTFMON.EXE] C: \ WINDOWS \ system32 \ CTFMON.EXE (User 'Default User ")
O4 - Global Startup: Adobe Reader Speed Launch.lnk = "C: \ Program Files \ Adobe \ Acrobat 7.0 \ Reader \ reader_sl.exe
O4 - Global Startup: Belkin F5D8053 N Wireless USB-Adapter Utility.lnk = "C: \ Program Files \ Belkin \ F5D8053 \ Belkinwcui.exe
O4 - Global Startup: Microsoft Office.lnk = C: \ Program Files \ Microsoft Office \ Office10 \ OSA.EXE
O8 - Extra Kontext Menüpunkt: & Suche -- http://edits.mywebsearch.com/toolbar...rch.jhtml?p=ZJ
O8 - Extra Kontext Menüpunkt: E & Xport auf Microsoft Excel - res: / / C: \ PROGRA ~ 1 \ MICROS ~ 3 \ Office10 \ EXCEL.EXE/3000
O9 - Extra Knopf: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.5.0_09 \ bin \ ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.5.0_09 \ bin \ ssv.dll
O9 - Extra Knopf: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @ xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra-Taste: Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL = http://www.pcservicecall.co.uk
O16 - DPF: (30528230-99f7-4bb4-88d8-fa1d4f56a2ab) (YInstStarter Class) - C: \ Program Files \ Yahoo! \ Common \ yinsthelper.dll
O16 - DPF: (4C39376E-FA9D-4349-BACC-D305C1750EF3) (EPUImageControl Class) -- http://sell-vehicle.ebay.co.uk/image..._v1-0-3-50.cab
O16 - DPF: (56762DEC-6B0D-4AB4-A8AD-989993B5D08B) -- http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: (A90A5822-F108-45AD-8482-9BC8B12DD539) (Crucial cpcScan) -- http://www.crucial.com/controls/cpcScanner.cab
O16 - DPF: (F04A8AE2-A59D-11D2-8792-00C04F8EF29D) (Hotmail Attachments Control) -- http://by121fd.bay121.hotmail.msn.co...x/HMAtchmt.ocx
O17 - HKLM \ System \ CCS \ Services \ Tcpip \ .. \ (5D3D0EC7-51D8-414D-81B8-BB319A5A73C4): NameServer = 192.168.0.1
O23 - Service: McAfee Application Installer Cleanup (0287341204362868) (0287341204362868mcinstcleanup) - McAfee, Inc. - C: \ WINDOWS \ TEMP \ 028734 ~ 1.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C: \ Program Files \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C: \ Programme \ Gemeinsame Dateien \ InstallShield \ Driver \ 11 \ Intel 32 \ IDriverT.exe
O23 - Service: MBackMonitor - McAfee - C: \ Program Files \ McAfee \ MBK \ MBackMonitor.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C: \ PROGRA ~ 1 \ McAfee \ MSC \ mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C: \ Programme \ Gemeinsame Dateien \ McAfee \ MNA \ McNASvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C: \ PROGRA ~ 1 \ McAfee \ VIRUSS ~ 1 \ mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C: \ PROGRA ~ 1 \ COMMON ~ 1 \ McAfee \ mcproxy \ mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C: \ PROGRA ~ 1 \ McAfee \ VIRUSS ~ 1 \ mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C: \ PROGRA ~ 1 \ McAfee \ VIRUSS ~ 1 \ mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C: \ Program Files \ McAfee \ MPF \ MPFSrv.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C: \ Program Files \ McAfee \ MSK \ MskSrver.exe
O23 - Service: MSSQLServerADHelper - Unbekannte Eigentümer - C: \ Program Files \ Microsoft SQL Server \ 80 \ Tools \ Binn \ sqladhlp.exe (file missing)
O23 - Service: pml Driver HPZ12 - HP - C: \ WINDOWS \ system32 \ HPZipm12.exe
--
Ende der Datei - 7858 bytes

REINIGUNG COMPLETE - (3,135 Sek.)
-------------------------------------------------- ----------------------------------------
5.71MB entfernt.
-------------------------------------------------- ----------------------------------------
Details der gelöschten Dateien
-------------------------------------------------- ----------------------------------------
IE Temporary Internet Files (421 Dateien) 5.70MB
C: \ Dokumente und Einstellungen \ bann \ Cookies \ bann@int.sitestat [1]. Txt 103 bytes
C: \ Dokumente und Einstellungen \ bann \ Cookies \ bann @ Mediaplex [2]. Txt 85 bytes
C: \ Dokumente und Einstellungen \ bann \ Cookies \ bann @ Computer-Saft [2]. Txt 808 bytes
C: \ Dokumente und Einstellungen \ bann \ Cookies \ bann@www.burstnet [2]. Txt 77 bytes
C: \ Dokumente und Einstellungen \ bann \ Cookies \ bann @ live [2]. Txt 504 Bytes
C: \ Dokumente und Einstellungen \ bann \ Cookies \ bann@rad.live [2]. Txt 690 bytes
C: \ Dokumente und Einstellungen \ bann \ Cookies \ bann @ tribalfusion [2]. Txt 330 bytes
C: \ Dokumente und Einstellungen \ bann \ Cookies \ bann @ msn [1]. Txt 345 bytes
C: \ Dokumente und Einstellungen \ bann \ Cookies \ bann @ adecn [1]. Txt 214 bytes
C: \ Dokumente und Einstellungen \ bann \ Cookies \ @ bann Werbung [1]. Txt 283 bytes
C: \ Dokumente und Einstellungen \ bann \ Cookies \ bann@d3.zedo [1]. Txt 72 bytes
C: \ Dokumente und Einstellungen \ bann \ Cookies \ bann@ads.pointroll [1]. Txt 668 bytes
C: \ Dokumente und Einstellungen \ bann \ Cookies \ bann @ Zedo [1]. Txt 408 bytes
C: \ Dokumente und Einstellungen \ bann \ Cookies \ bann @ 888 [2]. Txt 155 bytes
C: \ Dokumente und Einstellungen \ bann \ Cookies \ bann@eas.apm.emediate [1]. Txt 289 bytes
C: \ Dokumente und Einstellungen \ bann \ Cookies \ bann @ interclick [2]. Txt 414 bytes
C: \ Dokumente und Einstellungen \ bann \ Cookies \ bann@rotator.its.adjuggler [1]. Txt 113 bytes
C: \ Dokumente und Einstellungen \ bann \ Cookies \ bann@p.live [1]. Txt 102 bytes
C: \ Dokumente und Einstellungen \ bann \ Cookies \ bann @ yahoo [1]. Txt 82 bytes
C: \ Dokumente und Einstellungen \ bann \ Cookies \ bann @ DoubleClick [1]. Txt 89 bytes
C: \ Dokumente und Einstellungen \ bann \ Cookies \ bann@int.sitestat [2]. Txt 99 bytes
C: \ Dokumente und Einstellungen \ bann \ Cookies \ bann@login.live [2]. Txt 180 bytes
C: \ Dokumente und Einstellungen \ bann \ Cookies \ bann@h.live [1]. Txt 68 Byte
C: \ Dokumente und Einstellungen \ bann \ Cookies \ bann@rotator.adjuggler [2]. Txt 205 bytes
C: \ Dokumente und Einstellungen \ bann \ Cookies \ bann@www.iefjios [1]. Txt 90 bytes
C: \ Dokumente und Einstellungen \ bann \ Cookies \ bann @ atdmt [2]. Txt 101 bytes
C: \ Dokumente und Einstellungen \ bann \ Cookies \ bann@ad.yieldmanager [2]. Txt 1.06KB
C: \ Dokumente und Einstellungen \ bann \ Application Data \ Sun \ Java \ Deployment \ cache \ javapi \ v1.0 \ jar \ JVM impro.jar-51fad18-787f377f.idx 153 Bytes
C: \ Dokumente und Einstellungen \ bann \ Application Data \ Sun \ Java \ Deployment \ cache \ javapi \ v1.0 \ jar \ JVM vers.jar-4b6e6f5b-4dc46c65.idx 152 Bytes
C: \ Dokumente und Einstellungen \ bann \ Application Data \ Macromedia \ Flash Player \ # SharedObjects \ 99SH2MHK \ interclick.com \ ud.s ol 139 Bytes
C: \ Dokumente und Einstellungen \ bann \ Application Data \ Macromedia \ Flash Player \ macromedia.com \ support \ flashplayer \ sys \ # int erclick.com \ settings.sol 84 bytes
C: \ Dokumente und Einstellungen \ bann \ Application Data \ Macromedia \ Flash Player \ macromedia.com \ support \ flashplayer \ sys \ Einst ings.sol 380 Bytes
-------------------------------------------------- ----------------------------------------
  #2  
Old 1. März 2008, 09:14
Mitglied Fraktion
  
Default Malware-Log

Sie haben MyWebSearch installiert die Adware / Spyware, sehen Sie, wenn Sie können es von Add / Remove Programs. Ist dies nicht der Fall

Setzen Sie ein Häkchen neben diesen und klicken Sie auf "Fix checked"

O4 - HKLM \ .. \ Run: [My Web Search Bar Suche Geltungsbereich Monitor] "C: \ PROGRA ~ 1 \ MYWEBS ~ 1 \ bar \ 1.bin \ m3SrchMn.exe" / m = 2 / w
O4 - HKLM \ .. \ Run: [MyWebSearch Email Plugin] C: \ PROGRA ~ 1 \ MYWEBS ~ 1 \ bar \ 1.bin \ mwsoemon.exe
R3 - URLSearchHook: (no name) - (00A6FAF6-072E-44cf-8957-5838F569A31D) - C: \ Program Files \ MyWebSearch \ SrchAstt \ 1.bin \ MWSSRCAS.DLL
O4 - HKLM \ .. \ Run: [postSetupCheck] C: \ WINDOWS \ System32 \ Rundll32.exe "C: \ WINDOWS \ system32 \ gzmrt.dll" DllStart
  #3  
Old 1. März 2008, 11:23
Moderator Group
  
Default Malware-Log

Dann ein neues HijackThis-Log.
__________________
  #4  
Old 1. März 2008, 14:19
Mitglied Fraktion
  
Default Malware-Log

Logfile von Trend Micro HijackThis V2.0.2
Scan gespeichert um 17:37:28 am 01/03/2008
Plattform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot-Modus: Normal
Laufenden Prozesse:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ winlogon.exe
C: \ WINDOWS \ system32 \ services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ WINDOWS \ system32 \ spoolsv.exe
C: \ Program Files \ McAfee \ MBK \ MBackMonitor.exe
C: \ PROGRA ~ 1 \ McAfee \ MSC \ mcmscsvc.exe
C: \ Programme \ Gemeinsame Dateien \ McAfee \ MNA \ McNASvc.exe
c: \ PROGRA ~ 1 \ COMMON ~ 1 \ McAfee \ mcproxy \ mcproxy.exe
C: \ PROGRA ~ 1 \ McAfee \ VIRUSS ~ 1 \ mcshield.exe
C: \ Program Files \ McAfee \ MPF \ MPFSrv.exe
C: \ Program Files \ McAfee \ MSK \ MskSrver.exe
C: \ WINDOWS \ system32 \ HPZipm12.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ Explorer.EXE
c: \ PROGRA ~ 1 \ mcafee.com \ agent \ mcagent.exe
C: \ Program Files \ TomTom HOME 2 \ HOMERunner.exe
C: \ Program Files \ Java \ jre1.5.0_09 \ bin \ jusched.exe
C: \ PROGRA ~ 1 \ MYWEBS ~ 1 \ bar \ 1.bin \ m3SrchMn.exe
C: \ WINDOWS \ System32 \ Rundll32.exe
C: \ WINDOWS \ system32 \ ctfmon.exe
C: \ Program Files \ Internet Explorer \ iexplore.exe
C: \ Program Files \ CyberLink \ Power2Go \ power2goexpress.exe
C: \ Program Files \ Belkin \ F5D8053 \ Belkinwcui.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ PROGRA ~ 1 \ McAfee \ VIRUSS ~ 1 \ mcsysmon.exe
C: \ Program Files \ Internet Explorer \ iexplore.exe
C: \ Program Files \ Java \ jre1.5.0_09 \ bin \ jucheck.exe
C: \ Program Files \ Trend Micro \ HijackThis \ HijackThis.exe
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://uk.yahoo.com
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://uk.yahoo.com
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://uk.yahoo.com
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ SearchURL, (Default) = http://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Local Page =
R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Int ernet Settings, ProxyOverride = 127.0.0.1
O4 - HKLM \ .. \ Run: [MBkLogOnHook] C: \ Program Files \ McAfee \ MBK \ LogOnHook.exe
O4 - HKLM \ .. \ Run: [TomTomHOME.exe] "C: \ Program Files \ TomTom HOME 2 \ HOMERunner.exe"-s
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ jre1.5.0_09 \ bin \ jusched.exe"
O4 - HKLM \ .. \ Run: [mcagent_exe] C: \ Program Files \ McAfee.com \ Agent \ mcagent.exe / runkey
O4 - HKLM \ .. \ Run: [My Web Search Bar Suche Geltungsbereich Monitor] "C: \ PROGRA ~ 1 \ MYWEBS ~ 1 \ bar \ 1.bin \ m3SrchMn.exe" / m = 2 / w
O4 - HKLM \ .. \ Run: [postSetupCheck] C: \ WINDOWS \ System32 \ Rundll32.exe "C: \ WINDOWS \ system32 \ gzmrt.dll" DllStart
O4 - HKCU \ .. \ Run: [ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe
O4 - HKCU \ .. \ Run: [msnmsgr] "C: \ Program Files \ MSN Messenger \ msnmsgr.exe" / Hintergrund
O4 - HKCU \ .. \ Run: [Power2GoExpress] "C: \ Program Files \ CyberLink \ Power2Go \ power2goexpress.exe" / Startup
O4 - HKUS \ S-1-5-18 \ .. \ Run: [CTFMON.EXE] C: \ WINDOWS \ system32 \ CTFMON.EXE (User 'SYSTEM')
O4 - HKUS \. DEFAULT \ .. \ Run: [CTFMON.EXE] C: \ WINDOWS \ system32 \ CTFMON.EXE (User 'Default User ")
O4 - Global Startup: Adobe Reader Speed Launch.lnk = "C: \ Program Files \ Adobe \ Acrobat 7.0 \ Reader \ reader_sl.exe
O4 - Global Startup: Belkin F5D8053 N Wireless USB-Adapter Utility.lnk = "C: \ Program Files \ Belkin \ F5D8053 \ Belkinwcui.exe
O4 - Global Startup: Microsoft Office.lnk = C: \ Program Files \ Microsoft Office \ Office10 \ OSA.EXE
O8 - Extra Kontext Menüpunkt: & Suche -- http://edits.mywebsearch.com/toolbar...rch.jhtml?p=ZJ
O8 - Extra Kontext Menüpunkt: E & Xport auf Microsoft Excel - res: / / C: \ PROGRA ~ 1 \ MICROS ~ 3 \ Office10 \ EXCEL.EXE/3000
O9 - Extra Knopf: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.5.0_09 \ bin \ ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.5.0_09 \ bin \ ssv.dll
O9 - Extra Knopf: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @ xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra-Taste: Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL = http://www.pcservicecall.co.uk
O16 - DPF: (30528230-99f7-4bb4-88d8-fa1d4f56a2ab) (YInstStarter Class) - C: \ Program Files \ Yahoo! \ Common \ yinsthelper.dll
O16 - DPF: (4C39376E-FA9D-4349-BACC-D305C1750EF3) (EPUImageControl Class) -- http://sell-vehicle.ebay.co.uk/image..._v1-0-3-50.cab
O16 - DPF: (56762DEC-6B0D-4AB4-A8AD-989993B5D08B) -- http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: (A90A5822-F108-45AD-8482-9BC8B12DD539) (Crucial cpcScan) -- http://www.crucial.com/controls/cpcScanner.cab
O16 - DPF: (F04A8AE2-A59D-11D2-8792-00C04F8EF29D) (Hotmail Attachments Control) -- http://by121fd.bay121.hotmail.msn.co...x/HMAtchmt.ocx
O17 - HKLM \ System \ CCS \ Services \ Tcpip \ .. \ (5D3D0EC7-51D8-414D-81B8-BB319A5A73C4): NameServer = 192.168.0.1
O23 - Service: Google Updater Service (gusvc) - Google - C: \ Program Files \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C: \ Programme \ Gemeinsame Dateien \ InstallShield \ Driver \ 11 \ Intel 32 \ IDriverT.exe
O23 - Service: MBackMonitor - McAfee - C: \ Program Files \ McAfee \ MBK \ MBackMonitor.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C: \ PROGRA ~ 1 \ McAfee \ MSC \ mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C: \ Programme \ Gemeinsame Dateien \ McAfee \ MNA \ McNASvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C: \ PROGRA ~ 1 \ McAfee \ VIRUSS ~ 1 \ mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C: \ PROGRA ~ 1 \ COMMON ~ 1 \ McAfee \ mcproxy \ mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C: \ PROGRA ~ 1 \ McAfee \ VIRUSS ~ 1 \ mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C: \ PROGRA ~ 1 \ McAfee \ VIRUSS ~ 1 \ mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C: \ Program Files \ McAfee \ MPF \ MPFSrv.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C: \ Program Files \ McAfee \ MSK \ MskSrver.exe
O23 - Service: MSSQLServerADHelper - Unbekannte Eigentümer - C: \ Program Files \ Microsoft SQL Server \ 80 \ Tools \ Binn \ sqladhlp.exe (file missing)
O23 - Service: pml Driver HPZ12 - HP - C: \ WINDOWS \ system32 \ HPZipm12.exe
--
Ende der Datei - 6847 bytes
  #5  
Old 1. März 2008, 14:31
Moderator Group
  
Default Malware-Log

Sind Sie über die Entsendung gleichen logs / Computer in zwei Threads?
__________________
Reply

Register

Lesezeichen

Ähnliche Themen
Faden Thread Starter Forum Antworten Last Post
Helfen Sie mit Malware Antivirus jjohan Viren, Spyware und Sicherheit 2 20. Oktober 2009 07:05
Autorun-Malware? sungod000 Viren, Spyware und Sicherheit 5 23. Jun. 2009 12:14
Thread Tools



Arabic Bulgarian Chinese (Simplified) Chinese (Traditional) Croatian Czech Danish Dutch English Finnish French German Greek Hebrew Hungarian Italian Japanese Korean Latvian Lithuanian Norwegian Polish Portuguese Romanian Russian Serbian Slovak Spanish Swedish Thai Turkish Ukrainian

Copyright © 2006 - 2009 Computer-Saft.
Kontakt -- Privatsphäre und Datenschutz -- Sitemap -- Spitze

Powered by vBulletin ® Copyright © 2000 - 2009 Jelsoft Enterprises Ltd SEO by vBSEO © 2009, Crawlability, Inc.