title image


Smiley Virus!!!!!!
Hallo cosinus



hier ist der Log vom RootkitRevealer ich hoffe Du kannst da was rauslesen, ich habe unten die Datei gesehen, die ich suchte, zweite von unten.







HKLM\S-1-5-21-1004336348-261478967-725345543-1003\RemoteAccess\InternetProfile 03.04.2004 17:00 21 bytes Data mismatch between Windows API and raw hive data.

HKLM\SOFTWARE\Classes\Installer\Products\32418F9EE1126B64A90E8365B85CFCF6\ProductName 19.11.2004 22:41 26 bytes Data mismatch between Windows API and raw hive data.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E9F81423-211E-46B6-9AE0-38568BC5CF6F}\DisplayName 19.11.2004 22:41 26 bytes Data mismatch between Windows API and raw hive data.

HKLM\SYSTEM\ControlSet001\Services\a347scsi\Config\jdgg40 20.11.2004 17:01 0 bytes Hidden from Windows API.

HKLM\SYSTEM\ControlSet001\Services\d347prt\Cfg\0Jf40 10.04.2006 06:37 0 bytes Hidden from Windows API.

HKLM\SYSTEM\ControlSet001\Services\d347prt\Cfg\0Jf41 13.11.2005 17:22 0 bytes Hidden from Windows API.

HKLM\SYSTEM\ControlSet001\Services\d347prt\Cfg\0Jf42 13.11.2005 17:22 0 bytes Hidden from Windows API.

HKLM\SYSTEM\ControlSet001\Services\d347prt\Cfg\0Jf43 13.11.2005 17:22 0 bytes Hidden from Windows API.

C:\Programme\Common Files\Microsoft Shared\TriEdit\ Dhtmled.ocx 20.07.1661 14:06 128.88 KB Visible in Windows API, but not in MFT or directory index.

C:\Programme\Common Files\Microsoft Shared\TriEdit\ Triedit.dll 20.07.1661 14:06 153.59 KB Visible in Windows API, but not in MFT or directory index.

C:\Programme\Common Files\Microsoft Shared\TriEdit\Dhtmled.ocx 03.04.12194 22:56 128.88 KB Hidden from Windows API.

C:\Programme\Common Files\Microsoft Shared\TriEdit\Triedit.dll 17.07.12208 12:08 153.59 KB Hidden from Windows API.

C:\Programme\IncrediMail\bin\ Im3D.dll 20.07.1661 14:06 80.04 KB Visible in Windows API, but not in MFT or directory index.

C:\Programme\IncrediMail\bin\ ImLc.exe 20.07.1661 14:06 284.04 KB Visible in Windows API, but not in MFT or directory index.

C:\Programme\IncrediMail\bin\ ssce5432.dll 20.07.1661 14:06 208.00 KB Visible in Windows API, but not in MFT or directory index.

C:\Programme\IncrediMail\bin\ xaudio.dll 20.07.1661 14:06 249.00 KB Visible in Windows API, but not in MFT or directory index.

C:\Programme\IncrediMail\bin\Im3D.dll 16.07.12165 07:59 80.04 KB Hidden from Windows API.

C:\Programme\IncrediMail\bin\ImLc.exe 11.04.12193 08:45 284.04 KB Hidden from Windows API.

C:\Programme\IncrediMail\bin\ssce5432.dll 23.01.29092 09:27 208.00 KB Hidden from Windows API.

C:\Programme\IncrediMail\bin\xaudio.dll 23.01.29092 09:27 249.00 KB Hidden from Windows API.

C:\WINDOWS\system32\cdscsix3.dll 09.04.2006 17:08 17.72 KB Hidden from Windows API.

C:\WINDOWS\system32\cdscsix3r.sys 06.04.2006 19:41 6.77 KB Hidden from Windows API.



geschrieben von

Login

E-Mail:
  

Passwort:
  

Beitrag anfügen

Symbol:
 
 
 
 
 
 
 
 
 
 
 
 
 

Überschrift: