Fund des Trojaners TR/Trash.Gen und TR/Drop.Softomat.AN

kaninchen · 12.04.2009, 09:48

Hi,

Guten Morgen. Entschuldigung, dass ich gestern dann so schnell weg war, aber es gab noch etwas im TV und ich hatte das mit dem ZHPDiag Scan ganz vergessen. Habe aber heute Morgen meinen Computer nochmal mit diesem Programm durchsuchen lassen, möchte hier das Ergebnis posten, aber es besteht aus zu vielen Zeichen. Und du hast gesagt, dass ich noch auf # klicken soll, allerdings finde ich das nirgendswo.

Kate3011 · 12.04.2009, 09:53

hui, etwas wo ich auch mal helfen kann, lol

das habe ich am anfang auch nicht gecheckt, dieses #, dachte er meint das auf der tastatur, lol
aber das ist wenn du auf antworten klickst und deine antwort verfasst, ein kleiner button über dem eingabefeld (da wo du reinschreibst), der 4.button von rechts. also dort wo du deine schrift auch kursiv, fett usw machen kannst.

hoffe das war jetzt verständlich

lg Kate

SkyFire · 12.04.2009, 10:01

genauso ist es!!! ;-)

mfg SkyFire

kaninchen · 12.04.2009, 11:08

Achso, vielen Dank.
Hier nun die Logfiles von ZHPDiag:

Code:

ATTFilter

Rapport de ZHPDiag v1.17 par Nicolas Coolman
Enregistré le 12.04.2009 12:02:48
Platform : Microsoft Windows XP (5.1.2600) Service Pack 3
MSIE: Internet Explorer v7.0.5730.11
MFIE: Mozilla Firefox (3.0.8)

---\\ Running Processes
C:\WINDOWS\system32\nvraidservice.exe
C:\WINDOWS\system32\NeroCheck.exe
C:\Programme\Monitor.exe
C:\Programme\Winamp\winampa.exe
nwiz.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Avira\AntiVir Desktop\sched.exe
C:\Programme\Avira\AntiVir Desktop\avguard.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Canon\CAL\CALMAIN.exe
C:\WINDOWS\system32\services.exe
C:\Programme\Gemeinsame Dateien\InterVideo\RegMgr\iviRegMgr.exe
C:\Programme\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\lsass.exe
C:\Programme\Gemeinsame Dateien\Protexis\License Service\PSIService.exe
C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe

---\\ Internet Explorer Start Page (R0)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com

---\\ Internet Explorer Search Page (R1)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

---\\ Browser Helper Objects (O2)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

---\\ Internet Explorer toolbars (O3)
O3 - Toolbar: &Save Flash - {4064EA35-578D-4073-A834-C96D82CBCF40} - C:\Programme\Save Flash\SaveFlash.dll

---\\ Auto loading programs from Registry (O4)
O4 - HKLM\..\Run: [NVRaidService] C:\WINDOWS\system32\nvraidservice.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Ulead AutoDetector] C:\Programme\Monitor.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Programme\Winamp\winampa.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avgnt] "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Programme\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKLM\..\policies\Explorer: [HonorAutoRunSetting] Data="1"

---\\ Extra buttons on main IE button toolbar, or extra items in IE 'Tools' menu (O9)
O9 - Extra button: In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll,201
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe,1040
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe,302

---\\ 'Reset Web Settings' hijack (O14)
O14 - IERESET.INF: SAFESITE_VALUE=SAFESITE_VALUE="ie.search.msn.com"

---\\ ActiveX Objects (Downloaded Program Files) (O16)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/DE-DE/a-UNO1/GAME_UNO1.cab

---\\ Extra protocols and protocol Hijackers (O18)
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL

---\\ AppInit_DLLs Registry value Autorun (O20)
O20 - Winlogon Notify: WlDimsStartup - C:\WINDOWS\System32\%SystemRoot%\System32\dimsntfy.dll
O20 - Winlogon Notify: WLEventStartup - C:\WINDOWS\System32\WgaLogon.dll

---\\ SharedTaskScheduler (O22)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1}
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030}

---\\ non Microsoft non disabled Windows XP/NT/2000 Services (O23)
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - C:\Programme\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - C:\Programme\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - C:\Programme\Canon\CAL\CALMAIN.exe
O23 - Service: IviRegMgr (IviRegMgr) - C:\Programme\Gemeinsame Dateien\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - C:\Programme\Java\jre6\bin\jqs.exe -service -config C:\Programme\Java\jre6\lib\deploy\jqs\jqs.conf
O23 - Service: NVIDIA Display Driver Service (NVSvc) - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ProtexisLicensing (ProtexisLicensing) - C:\Programme\Gemeinsame Dateien\Protexis\License Service\PSIService.exe
O23 - Service: SeaPort (SeaPort) - C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
O23 - Service: Druckwarteschlange (Spooler) - C:\WINDOWS\system32\spoolsv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe

---\\ Windows Active Desktop Components (O24)
O24 - Desktop Component 0: Die derzeitige Homepage - file:About:Home

---\\ ActiveSetup Installed Components (040)
O40 - ASIC: IE7 Uninstall Stub - <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
O40 - ASIC: Windows Media Player - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
O40 - ASIC: Internet Explorer - {26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\shmgrate.exe OCInstallUserConfigIE
O40 - ASIC: Browseranpassungen - {7A5FD5EE-D6B7-4837-B573-8B7789A1C61D} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
O40 - ASIC: Outlook Express - {881dd1c5-3dcf-431b-b061-f3f88e8be88a} - C:\WINDOWS\system32\shmgrate.exe OCInstallUserConfigOE
O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - (not file)
O40 - ASIC: Vektorgrafik-Rendering (VML) - {10072CEC-8CC1-11D1-986E-00A0C955B42F} - (not file)
O40 - ASIC: Macromedia Shockwave Director 10.1 - {166B1BCA-3F9C-11CF-8075-444553540000} - C:\WINDOWS\system32\Adobe\Director\SwDir.dll
O40 - ASIC: Microsoft NetShow Player - {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - C:\WINDOWS\system32\wmpdxm.dll
O40 - ASIC: Microsoft Windows Media Player 6.4 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\system32\wmpdxm.dll
O40 - ASIC: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (not file)
O40 - ASIC: Adobe Shockwave Director 11.0 - {233C1507-6A77-46A4-9443-F871F945D258} - C:\WINDOWS\system32\Adobe\Director\SwDir.dll
O40 - ASIC: DirectAnimation - {283807B5-2C60-11D0-A31D-00AA00B92C03} - (not file)
O40 - ASIC: Adobe Shockwave Director 11.0 - {2A202491-F00D-11cf-87CC-0020AFEECF20} - (not file)
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - C:\WINDOWS\system32\regsvr32.exe /s /n /i:/UserInstall C:\WINDOWS\system32\themeui.dll
O40 - ASIC: Dynamic HTML-Datenbindung für Java - {36f8ec70-c29a-11d1-b5c7-0000f8051515} - (not file)
O40 - ASIC: Offline Browsing Pack - {3af36230-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Uniscribe - {3bf42070-b3b1-11d1-b5c5-0000f8051515} - (not file)
O40 - ASIC: Erweitertes Authoring - {4278c270-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Microsoft Outlook Express 6 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
O40 - ASIC: DirectShow - {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - (not file)
O40 - ASIC: DirectDrawEx - {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - (not file)
O40 - ASIC: Internet Explorer Help - {45ea75a0-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: DirectAnimation Java Classes - {4f216970-c90c-11d1-b5c7-0000f8051515} - (not file)
O40 - ASIC: Microsoft Windows Script 5.6 - {4f645220-306d-11d2-995d-00c04f98bbc9} - (not file)
O40 - ASIC: Windows Messenger 4.7 - {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
O40 - ASIC: (no name) - {5A8D6EE0-3E18-11D0-821E-444553540000} - (not file)
O40 - ASIC: Internet Explorer Setup Tools - {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub
O40 - ASIC: MSN Site Access - {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - (not file)
O40 - ASIC: .NET Framework - {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - (not file)
O40 - ASIC: Adressbuch 6 - {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
O40 - ASIC: Windows Desktop-Update - {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
O40 - ASIC: Internet Explorer - {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
O40 - ASIC: Dynamic HTML Data Binding - {9381D8F2-0288-11D0-9501-00AA00B911A5} - (not file)
O40 - ASIC: Internet Explorer - {9AE8235B-B7ED-DEDE-4322-381512471055} - (not file)
O40 - ASIC: (no name) - {A8315674-D8D6-F584-DEF9-419D24710287} - (not file)
O40 - ASIC: Internet Explorer Core Fonts - {C9E9A340-D1F1-11D0-821E-444553540600} - (not file)
O40 - ASIC: Taskplaner - {CC2A9BA0-3BDD-11D0-821E-444553540000} - (not file)
O40 - ASIC: (no name) - {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - (not file)
O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11cf-96B8-444553540000} - C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx
O40 - ASIC: HTML Help - {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Active Directory Service Interface - {E92B03AB-B707-11d2-9CBD-0000F87A369E} - (not file)
O40 - ASIC: Installation Helper - {F4B2380F-9F83-482B-B51F-FD18C7EDD923} - (not file)

---\\ Drivers launched at startup (O41)
O41 - Driver: Microsoft Kernel-Echounterdrückung (aec) - C:\WINDOWS\system32\drivers\aec.sys
O41 - Driver: Umgebung für die AFD-Netzwerkunterstützung (AFD) - C:\WINDOWS\System32\drivers\afd.sys
O41 - Driver: Asynchroner RAS -Medientreiber (AsyncMac) - C:\WINDOWS\System32\DRIVERS\asyncmac.sys
O41 - Driver: Protokoll für ATM ARP-Client (Atmarpc) - C:\WINDOWS\System32\DRIVERS\atmarpc.sys
O41 - Driver: Audiostubtreiber (audstub) - C:\WINDOWS\System32\DRIVERS\audstub.sys
O41 - Driver: avgio (avgio) - C:\Programme\Avira\AntiVir Desktop\avgio.sys
O41 - Driver: avgntflt (avgntflt) - C:\WINDOWS\system32\DRIVERS\avgntflt.sys
O41 - Driver: avipbb (avipbb) - C:\WINDOWS\system32\DRIVERS\avipbb.sys
O41 - Driver: JDC 3.0S Webcam (Ca533av) - C:\WINDOWS\System32\Drivers\Ca533av.sys
O41 - Driver: Untertiteldecoder (CCDECODE) - C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
O41 - Driver: C-Media PCI Audio Driver (WDM) (cmpci) - C:\WINDOWS\system32\drivers\cmaudio.sys
O41 - Driver: (no object) (dmboot) - C:\WINDOWS\System32\drivers\dmboot.sys
O41 - Driver: (no object) (dmio) - C:\WINDOWS\System32\drivers\dmio.sys
O41 - Driver: (no object) (dmload) - C:\WINDOWS\System32\drivers\dmload.sys
O41 - Driver: Microsoft Kernel-DLS-Synthesizer (DMusic) - C:\WINDOWS\system32\drivers\DMusic.sys
O41 - Driver: Microsoft Kernel-DRM-Audioentschlüsselung (drmkaud) - C:\WINDOWS\system32\drivers\drmkaud.sys
O41 - Driver: (no object) (dtscsi) - C:\WINDOWS\System32\Drivers\dtscsi.sys
O41 - Driver: FssFltr (fssfltr) - C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys
O41 - Driver: Gameport-Enumerator (gameenum) - C:\WINDOWS\system32\DRIVERS\gameenum.sys
O41 - Driver: Standardpaketklassifizierung (Gpc) - C:\WINDOWS\System32\DRIVERS\msgpc.sys
O41 - Driver: Microsoft HID Class-Treiber (HidUsb) - C:\WINDOWS\system32\DRIVERS\hidusb.sys
O41 - Driver: i8042-Tastatur- und PS/2-Mausanschluss-Treiber (i8042prt) - C:\WINDOWS\System32\DRIVERS\i8042prt.sys
O41 - Driver: Filtertreiber für IP-Verkehr (IpFilterDriver) - C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys
O41 - Driver: IP/IP-Tunneltreiber (IpInIp) - C:\WINDOWS\System32\DRIVERS\ipinip.sys
O41 - Driver: Übersetzer für IP-Netzwerkadressen (IpNat) - C:\WINDOWS\System32\DRIVERS\ipnat.sys
O41 - Driver: IPSEC-Treiber (IPSec) - C:\WINDOWS\System32\DRIVERS\ipsec.sys
O41 - Driver: IR-Enumeratordienst (IRENUM) - C:\WINDOWS\System32\DRIVERS\irenum.sys
O41 - Driver: IVI ASPI Shell (Iviaspi) - C:\WINDOWS\system32\drivers\iviaspi.sys
O41 - Driver: Tastatur-HID-Treiber (kbdhid) - C:\WINDOWS\system32\DRIVERS\kbdhid.sys
O41 - Driver: Microsoft Kernel-Waveaudiomixer (kmixer) - C:\WINDOWS\system32\drivers\kmixer.sys
O41 - Driver: Redirector für WebDav-Client (MRxDAV) - C:\WINDOWS\System32\DRIVERS\mrxdav.sys
O41 - Driver: MRXSMB (MRxSmb) - C:\WINDOWS\System32\DRIVERS\mrxsmb.sys
O41 - Driver: Microsoft Streaming Service Proxy (MSKSSRV) - C:\WINDOWS\system32\drivers\MSKSSRV.sys
O41 - Driver: Microsoft Proxy für Streaming Clock (MSPCLOCK) - C:\WINDOWS\system32\drivers\MSPCLOCK.sys
O41 - Driver: Microsoft Proxy für Streaming Quality Manager (MSPQM) - C:\WINDOWS\system32\drivers\MSPQM.sys
O41 - Driver: Microsoft-Systemverwaltungs-BIOS-Treiber (mssmbios) - C:\WINDOWS\System32\DRIVERS\mssmbios.sys
O41 - Driver: Microsoft Streaming Tee/Sink-to-Sink-Konvertierung (MSTEE) - C:\WINDOWS\system32\drivers\MSTEE.sys
O41 - Driver: NABTS/FEC VBI-Codec (NABTSFEC) - C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
O41 - Driver: Microsoft TV-/Videoverbindung (NdisIP) - C:\WINDOWS\system32\DRIVERS\NdisIP.sys
O41 - Driver: RAS-NDIS-TAPI-Treiber (NdisTapi) - C:\WINDOWS\System32\DRIVERS\ndistapi.sys
O41 - Driver: NDIS-Benutzermodus-E/A-Protokoll (Ndisuio) - C:\WINDOWS\System32\DRIVERS\ndisuio.sys
O41 - Driver: RAS-NDIS-WAN-Treiber (NdisWan) - C:\WINDOWS\System32\DRIVERS\ndiswan.sys
O41 - Driver: NetBIOS-Schnittstelle (NetBIOS) - C:\WINDOWS\System32\DRIVERS\netbios.sys
O41 - Driver: NetBios über TCP/IP (NetBT) - C:\WINDOWS\System32\DRIVERS\netbt.sys
O41 - Driver: NPPTNT2 (NPPTNT2) - C:\WINDOWS\system32\npptNT2.sys
O41 - Driver: (no object) (nv) - C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
O41 - Driver: NVIDIA NForce(tm) ATA RAID Class Driver (nvraid) - C:\WINDOWS\system32\DRIVERS\nvraid.sys
O41 - Driver: Filtertreiber für IPX-Verkehr (NwlnkFlt) - C:\WINDOWS\System32\DRIVERS\nwlnkflt.sys
O41 - Driver: Treiber für IPX-Verkehrsweiterleitung (NwlnkFwd) - C:\WINDOWS\System32\DRIVERS\nwlnkfwd.sys
O41 - Driver: PCAMPR5 NDIS Protocol Driver (PCAMPR5) - C:\WINDOWS\system32\PCAMPR5.SYS
O41 - Driver: PLCNDIS5 NDIS Protocol Driver (PLCNDIS5) - C:\WINDOWS\system32\PLCNDIS5.SYS
O41 - Driver: WAN-Miniport (PPTP) (PptpMiniport) - C:\WINDOWS\System32\DRIVERS\raspptp.sys
O41 - Driver: Prozessortreiber (Processor) - C:\WINDOWS\System32\DRIVERS\processr.sys
O41 - Driver: StarForce Protection Environment Driver v6 (prodrv06) - C:\WINDOWS\System32\drivers\prodrv06.sys
O41 - Driver: StarForce Protection Helper Driver v2 (prohlp02) - C:\WINDOWS\System32\drivers\prohlp02.sys
O41 - Driver: StarForce Protection Synchronization Driver v1 (prosync1) - C:\WINDOWS\System32\drivers\prosync1.sys
O41 - Driver: QoS-Paketplaner (PSched) - C:\WINDOWS\System32\DRIVERS\psched.sys
O41 - Driver: Treiber für direkte Parallelverbindung (Ptilink) - C:\WINDOWS\System32\DRIVERS\ptilink.sys
O41 - Driver: PxHelp20 (PxHelp20) - C:\WINDOWS\System32\Drivers\PxHelp20.sys
O41 - Driver: Treiber für automatische RAS-Verbindung (RasAcd) - C:\WINDOWS\System32\DRIVERS\rasacd.sys
O41 - Driver: WAN-Miniport (L2TP) (Rasl2tp) - C:\WINDOWS\System32\DRIVERS\rasl2tp.sys
O41 - Driver: Remotezugriff-PPPOE-Treiber (RasPppoe) - C:\WINDOWS\System32\DRIVERS\raspppoe.sys
O41 - Driver: Parallelanschluss (direkt) (Raspti) - C:\WINDOWS\System32\DRIVERS\raspti.sys
O41 - Driver: Rdbss (Rdbss) - C:\WINDOWS\System32\DRIVERS\rdbss.sys
O41 - Driver: Filtertreiber für digitale CD-Audiowiedergabe (redbook) - C:\WINDOWS\System32\DRIVERS\redbook.sys
O41 - Driver: Secdrv (Secdrv) - C:\WINDOWS\System32\DRIVERS\secdrv.sys
O41 - Driver: Serenum-Filtertreiber (serenum) - C:\WINDOWS\System32\DRIVERS\serenum.sys
O41 - Driver: StarForce Protection Helper Driver (sfhlp01) - C:\WINDOWS\System32\drivers\sfhlp01.sys
O41 - Driver: BDA Slip De-Framer (SLIP) - C:\WINDOWS\system32\DRIVERS\SLIP.sys
O41 - Driver: Microsoft Kernel-Audiosplitter (splitter) - C:\WINDOWS\system32\drivers\splitter.sys
O41 - Driver: (no object) (sptd) - C:\WINDOWS\System32\Drivers\sptd.sys
O41 - Driver: Filtertreiber für Systemwiederherstellung (sr) - C:\WINDOWS\System32\DRIVERS\sr.sys
O41 - Driver: Srv (Srv) - C:\WINDOWS\System32\DRIVERS\srv.sys
O41 - Driver: ssmdrv (ssmdrv) - C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
O41 - Driver: Samsung Mobile USB Device 1.0 driver (WDM) (ss_bus) - C:\WINDOWS\system32\DRIVERS\ss_bus.sys
O41 - Driver: SAMSUNG Mobile USB Modem 1.0 Filter (ss_mdfl) - C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys
O41 - Driver: SAMSUNG Mobile USB Modem 1.0 Drivers (ss_mdm) - C:\WINDOWS\system32\DRIVERS\ss_mdm.sys
O41 - Driver: BDA-IPSink (streamip) - C:\WINDOWS\system32\DRIVERS\StreamIP.sys
O41 - Driver: Software-Bus-Treiber (swenum) - C:\WINDOWS\System32\DRIVERS\swenum.sys
O41 - Driver: Microsoft Kernel GS Wavetablesynthesizer (swmidi) - C:\WINDOWS\system32\drivers\swmidi.sys
O41 - Driver: Microsoft Kernel-Systemaudiogerät (sysaudio) - C:\WINDOWS\system32\drivers\sysaudio.sys
O41 - Driver: TCP/IP-Protokolltreiber (Tcpip) - C:\WINDOWS\System32\DRIVERS\tcpip.sys
O41 - Driver: Microcode Updatetreiber (Update) - C:\WINDOWS\System32\DRIVERS\update.sys
O41 - Driver: JDC 3.0S Camera (USBCamera) - C:\WINDOWS\System32\Drivers\Bulk533.sys
O41 - Driver: Microsoft Standard-USB-Haupttreiber (usbccgp) - C:\WINDOWS\system32\DRIVERS\usbccgp.sys
O41 - Driver: Miniporttreiber für erweiterten Microsoft USB 2.0-Hostcontroller (usbehci) - C:\WINDOWS\System32\DRIVERS\usbehci.sys
O41 - Driver: Microsoft USB-Standardhubtreiber (usbhub) - C:\WINDOWS\System32\DRIVERS\usbhub.sys
O41 - Driver: Miniporttreiber für Microsoft USB Open Host-Controller (usbohci) - C:\WINDOWS\System32\DRIVERS\usbohci.sys
O41 - Driver: USB-Scannertreiber (usbscan) - C:\WINDOWS\system32\DRIVERS\usbscan.sys
O41 - Driver: USB-Massenspeichertreiber (USBSTOR) - C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
O41 - Driver: RAS-IP-ARP-Treiber (Wanarp) - C:\WINDOWS\System32\DRIVERS\wanarp.sys
O41 - Driver: Treiber für Microsoft WINMM-WDM-Audiokompatibilität (wdmaud) - C:\WINDOWS\system32\drivers\wdmaud.sys
O41 - Driver: World Standard Teletext-Codec (WSTCODEC) - C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
O41 - Driver: Windows Driver Foundation - User-mode Driver Framework Platform Driver (WudfPf) - C:\WINDOWS\system32\DRIVERS\WudfPf.sys
O41 - Driver: XDva004 (XDva004) - C:\WINDOWS\system32\XDva004.sys
O41 - Driver: NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller (yukonwxp) - C:\WINDOWS\system32\DRIVERS\yk51x86.sys
O41 - Driver: Spyware Terminator Driver 2 (sp_rsdrv2) - C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
O41 - Driver: Windows Driver Foundation - User-mode Driver Framework Reflector (WudfRd) - C:\WINDOWS\system32\DRIVERS\wudfrd.sys

kaninchen · 12.04.2009, 11:14

Und Teil 2:

Code:

ATTFilter

---\\ Software installed (O42)
O42 - Logiciel: Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin
O42 - Logiciel: Adobe Shockwave Player 11
O42 - Logiciel: Avira AntiVir Personal - Free Antivirus
O42 - Logiciel: AVS Cover Editor 1.2.1.63
O42 - Logiciel: Blue Byte Game Channel
O42 - Logiciel: Canon Camera Access Library
O42 - Logiciel: Canon Camera Window DC_DV 5 for ZoomBrowser EX
O42 - Logiciel: Canon Camera Window DC_DV 6 for ZoomBrowser EX
O42 - Logiciel: Canon Camera Window MC 6 for ZoomBrowser EX
O42 - Logiciel: Canon G.726 WMP-Decoder
O42 - Logiciel: CANON iMAGE GATEWAY Task for ZoomBrowser EX
O42 - Logiciel: Canon Internet Library for ZoomBrowser EX
O42 - Logiciel: Canon Camera Support Core Library
O42 - Logiciel: Crawler Toolbar with Web Security Guard
O42 - Logiciel: DivX Content Uploader
O42 - Logiciel: CANON IMAGE GATEWAY Registrierungsanleitung
O42 - Logiciel: Microsoft DirectX Transform optional components
O42 - Logiciel: Enable S3 for USB Device
O42 - Logiciel: Canon Utilities EOS Utility
O42 - Logiciel: Nostale Online DE (Remove)
O42 - Logiciel: Google Video Player
O42 - Logiciel: HijackThis 2.0.2
O42 - Logiciel: Microsoft Internationalized Domain Names Mitigation APIs
O42 - Logiciel: Windows Internet Explorer 7
O42 - Logiciel: Canon Utilities PhotoStitch 3.1
O42 - Logiciel: InterVideo WinDVD SE
O42 - Logiciel: Corel GuideMenu
O42 - Logiciel: Canon RAW Image Task for ZoomBrowser EX
O42 - Logiciel: Sicherheitsupdate für Windows Media Player 10 (KB911565)
O42 - Logiciel: Sicherheitsupdate für Windows Media Player 10 (KB917734)
O42 - Logiciel: Hotfix for Windows Media Format 11 SDK (KB929399)
O42 - Logiciel: Security Update for CAPICOM (KB931906)
O42 - Logiciel: Sicherheitsupdate für Windows Media Player 10 (KB936782)
O42 - Logiciel: Sicherheitsupdate für Windows Media Player 11 (KB936782)
O42 - Logiciel: Sicherheitsupdate für Windows Internet Explorer 7 (KB938127)
O42 - Logiciel: Sicherheitsupdate für Windows XP (KB938464)
O42 - Logiciel: Sicherheitsupdate für Windows XP (KB938464-v2)
O42 - Logiciel: Hotfix für Windows Media Player 11 (KB939683)
O42 - Logiciel: Sicherheitsupdate für Windows XP (KB941569)
O42 - Logiciel: Update für Windows XP (KB942763)
O42 - Logiciel: Sicherheitsupdate für Windows XP (KB946648)
O42 - Logiciel: Sicherheitsupdate für Windows XP (KB950759)
O42 - Logiciel: Sicherheitsupdate für Windows XP (KB950760)
O42 - Logiciel: Sicherheitsupdate für Windows XP (KB950762)
O42 - Logiciel: Sicherheitsupdate für Windows XP (KB950974)
O42 - Logiciel: Sicherheitsupdate für Windows XP (KB951066)
O42 - Logiciel: Update für Windows XP (KB951072-v2)
O42 - Logiciel: Sicherheitsupdate für Windows XP (KB951376-v2)
O42 - Logiciel: Sicherheitsupdate für Windows XP (KB951698)
O42 - Logiciel: Sicherheitsupdate für Windows XP (KB951748)
O42 - Logiciel: Update für Windows XP (KB951978)
O42 - Logiciel: Sicherheitsupdate für Windows Media Player (KB952069)
O42 - Logiciel: Hotfix für Windows XP (KB952287)
O42 - Logiciel: Sicherheitsupdate für Windows XP (KB952954)
O42 - Logiciel: Sicherheitsupdate für Windows Internet Explorer 7 (KB953838)
O42 - Logiciel: Sicherheitsupdate für Windows XP (KB953839)
O42 - Logiciel: Sicherheitsupdate für Windows Media Player 11 (KB954154)
O42 - Logiciel: Sicherheitsupdate für Windows XP (KB954211)
O42 - Logiciel: Sicherheitsupdate für Windows XP (KB954459)
O42 - Logiciel: Sicherheitsupdate für Windows XP (KB954600)
O42 - Logiciel: Sicherheitsupdate für Windows XP (KB955069)
O42 - Logiciel: Update für Windows XP (KB955839)
O42 - Logiciel: Sicherheitsupdate für Windows Internet Explorer 7 (KB956390)
O42 - Logiciel: Sicherheitsupdate für Windows XP (KB956391)
O42 - Logiciel: Sicherheitsupdate für Windows XP (KB956802)
O42 - Logiciel: Sicherheitsupdate für Windows XP (KB956803)
O42 - Logiciel: Sicherheitsupdate für Windows XP (KB956841)
O42 - Logiciel: Sicherheitsupdate für Windows XP (KB957095)
O42 - Logiciel: Sicherheitsupdate für Windows XP (KB957097)
O42 - Logiciel: Sicherheitsupdate für Windows Internet Explorer 7 (KB958215)
O42 - Logiciel: Sicherheitsupdate für Windows XP (KB958644)
O42 - Logiciel: Sicherheitsupdate für Windows XP (KB958687)
O42 - Logiciel: Sicherheitsupdate für Windows XP (KB958690)
O42 - Logiciel: Wichtiges Update für Windows Media Player 11 (KB959772)
O42 - Logiciel: Sicherheitsupdate für Windows XP (KB960225)
O42 - Logiciel: Sicherheitsupdate für Windows Internet Explorer 7 (KB960714)
O42 - Logiciel: Sicherheitsupdate für Windows XP (KB960715)
O42 - Logiciel: Sicherheitsupdate für Windows Internet Explorer 7 (KB961260)
O42 - Logiciel: Update für Windows XP (KB967715)
O42 - Logiciel: Malwarebytes' Anti-Malware
O42 - Logiciel: Microsoft .NET Framework 2.0
O42 - Logiciel: MSN Gaming Zone
O42 - Logiciel: Canon MovieEdit Task for ZoomBrowser EX
O42 - Logiciel: Mozilla Firefox (3.0.8)
O42 - Logiciel: Microsoft Compression Client Pack 1.0 for Windows XP
O42 - Logiciel: Nero OEM
O42 - Logiciel: Microsoft National Language Support Downlevel APIs
O42 - Logiciel: NVIDIA Drivers
O42 - Logiciel: PCI Audio Applications
O42 - Logiciel: PCI Audio Driver
O42 - Logiciel: Prism Video Converter
O42 - Logiciel: QuickTime
O42 - Logiciel: Canon RemoteCapture Task for ZoomBrowser EX
O42 - Logiciel: SAMSUNG Mobile USB Modem 1.0 Software
O42 - Logiciel: Save Flash 3.0
O42 - Logiciel: Settlers3
O42 - Logiciel: Macromedia Flash Player 8
O42 - Logiciel: System Requirements Lab
O42 - Logiciel: Ulead COOL 360 1.0
O42 - Logiciel: Windows Genuine Advantage Notifications (KB905474)
O42 - Logiciel: Winamp (remove only)
O42 - Logiciel: Windows Media Format 11 runtime
O42 - Logiciel: Windows Media Player 11
O42 - Logiciel: Windows XP Service Pack 3
O42 - Logiciel: Windows Live Essentials
O42 - Logiciel: WinRAR archiver
O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.0
O42 - Logiciel: Canon Utilities ZoomBrowser EX
O42 - Logiciel: MSXML4 Parser
O42 - Logiciel: OpenOffice.org 3.0
O42 - Logiciel: Windows Live Fotogalerie
O42 - Logiciel: Windows Live-Uploadtool
O42 - Logiciel: MSVCRT
O42 - Logiciel: Java(TM) 6 Update 13
O42 - Logiciel: MSXML 4.0 SP2 (KB927978)
O42 - Logiciel: Windows Live Communications Platform
O42 - Logiciel: Junk Mail filter update
O42 - Logiciel: Windows Live Anmelde-Assistent
O42 - Logiciel: Windows Live Family Safety
O42 - Logiciel: Windows Live Mail
O42 - Logiciel: Windows Live Call
O42 - Logiciel: ICQ6.5
O42 - Logiciel: Windows Live Toolbar
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable
O42 - Logiciel: DivX Codec
O42 - Logiciel: Windows Live Writer
O42 - Logiciel: Windows Live Messenger
O42 - Logiciel: Canon PhotoRecord
O42 - Logiciel: MSXML 4.0 SP2 (KB954430)
O42 - Logiciel: Microsoft Silverlight
O42 - Logiciel: Microsoft Sync Framework Runtime Native v1.0 (x86)
O42 - Logiciel: DivX Player
O42 - Logiciel: Choice Guard
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
O42 - Logiciel: Microsoft Search Enhancement Pack
O42 - Logiciel: Segoe UI
O42 - Logiciel: Adobe Reader 9.1 - Deutsch
O42 - Logiciel: DivX Converter
O42 - Logiciel: DivX Web Player
O42 - Logiciel: Microsoft Sync Framework Services Native v1.0 (x86)
O42 - Logiciel: MSXML 4.0 SP2 (KB936181)
O42 - Logiciel: JDC 3.0S Camera
O42 - Logiciel: Samsung PC Studio
O42 - Logiciel: Marvell Miniport Driver
O42 - Logiciel: Ulead Photo Explorer 8.0 SE Basic
O42 - Logiciel: Full Tilt Poker
O42 - Logiciel: Ulead DVD MovieFactory SE
O42 - Logiciel: ALL1682 Powerline Utilities
O42 - Logiciel: Samsung PC Studio 3 USB Driver Installer
O42 - Logiciel: Windows Live Sync
O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU]

---\\ Last modified or created files under System32 (O44)
O44 - LFC:Last File Created - C:\WINDOWS\System32\deploytk.dll -->11.04.2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\FNTCACHE.DAT -->12.04.2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\java.exe -->11.04.2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\javacpl.cpl -->11.04.2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\javaw.exe -->11.04.2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\javaws.exe -->11.04.2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\MRT.exe -->25.02.2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\mshtml.dll -->16.01.2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\nvapps.xml -->12.04.2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\perfc007.dat -->29.03.2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\perfc009.dat -->29.03.2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\perfh007.dat -->29.03.2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\perfh009.dat -->29.03.2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\PerfStringBackup.INI -->29.03.2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\sirenacm.dll -->06.02.2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\win32k.sys -->09.02.2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\wpa.dbl -->12.04.2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\drivers\avgntdd.sys -->13.02.2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\drivers\avgntflt.sys -->13.02.2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\drivers\avgntmgr.sys -->13.02.2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\drivers\avipbb.sys -->13.02.2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\drivers\fssfltr_tdi.sys -->06.02.2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\drivers\iviaspi.sys -->15.03.2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\drivers\mbam.sys -->26.03.2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\drivers\mbamswissarmy.sys -->26.03.2009
O44 - LFC:Last File Created - C:\WINDOWS\System32\drivers\ssmdrv.sys -->13.02.2009

---\\ Last files created in Windows Prefetcher (O45)
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\AVCENTER.EXE-1D2DB8A2.pf -->11.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\AVCONFIG.EXE-18FA6095.pf -->11.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\AVGNT.EXE-39CD89BF.pf -->10.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\AVNOTIFY.EXE-31D7686A.pf -->11.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\AVSCAN.EXE-25724B6E.pf -->11.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\AVWSC.EXE-24612965.pf -->12.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\AVWSC.EXE-3AC95876.pf -->17.03.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\BHCA.EXE-2EC16342.pf -->11.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CCSVCHST.EXE-251B0316.pf -->11.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CCSVCHST.EXE-251B0317.pf -->11.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CLTLMH.EXE-0FF2BC4E.pf -->11.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\COINST.EXE-0582BEC0.pf -->11.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CRASHREPORTER.EXE-38DC7BD9.pf -->10.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CTFMON.EXE-0E17969B.pf -->11.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CTOOLBAR.EXE-0BF84028.pf -->12.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CTOOLBAR.EXE-35101320.pf -->11.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DEFRAG.EXE-273F131E.pf -->11.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DFRGNTFS.EXE-269967DF.pf -->11.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\EFAINST.EXE-23DED32C.pf -->11.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\EXPLORER.EXE-082F38A9.pf -->12.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\FIREFOX.EXE-1D57670A.pf -->12.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\FULLTILTPOKER.EXE-38442184.pf -->10.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\GMER.EXE-255BF697.pf -->11.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\GOOGLETOOLBARMANAGER_0531C63A-10D3E1CF.pf -->11.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\GOOGLETOOLBARNOTIFIER.EXE-09E6E9C6.pf -->11.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\GOOGLEUPDATERSERVICE.EXE-19F5FCF4.pf -->11.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\GUARDGUI.EXE-147E0160.pf -->11.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\GUS1E.TMP-2D208942.pf -->11.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\HELPSVC.EXE-2878DDA2.pf -->10.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\HIJACKTHIS.EXE-39024128.pf -->11.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\HJTINSTALL.EXE-3274E07D.pf -->11.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\IEXPLORE.EXE-2CA9778D.pf -->12.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\IMAPI.EXE-0BF740A4.pf -->12.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\INSTSTUB.EXE-17C35D75.pf -->11.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\JAVAW.EXE-0159D575.pf -->11.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\JAVAW.EXE-3AE013C1.pf -->11.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\JAVAWS.EXE-1714DD62.pf -->11.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\JAVAWS.EXE-2322289E.pf -->11.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\JQS.EXE-352796B1.pf -->11.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\JQSNOTIFY.EXE-1E60A522.pf -->12.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\JRE-6U13-WINDOWS-I586-P-IFTW.-02B756C1.pf -->11.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\JUCHECK.EXE-1AFF62E6.pf -->11.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\JUSCHED.EXE-07D7A15E.pf -->11.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\Layout.ini -->12.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\LOGON.SCR-151EFAEA.pf -->10.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\LOGONUI.EXE-0AF22957.pf -->12.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MBAM.EXE-11D8BBD8.pf -->11.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MIXER.EXE-3A40481D.pf -->10.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MONITOR.EXE-0C2CAAF4.pf -->12.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MSHTA.EXE-331DF029.pf -->11.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MSI14.TMP-284832A4.pf -->11.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MSI16.TMP-22FBDA5A.pf -->11.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MSI19.TMP-15827FEB.pf -->12.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MSI1E.TMP-2FAED962.pf -->11.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MSI23.TMP-059A7DE6.pf -->11.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MSI2C.TMP-15303C83.pf -->11.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MSI39.TMP-13E41365.pf -->11.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MSIB.TMP-1E0DC17C.pf -->11.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MSIE.TMP-081E927E.pf -->11.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MSIEXEC.EXE-2F8A8CAE.pf -->12.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MSIMN.EXE-0B61806C.pf -->11.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MSMSGS.EXE-32066BA5.pf -->11.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MSNMSGR.EXE-3ACF7E89.pf -->12.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\NEROCHECK.EXE-092C6DFA.pf -->12.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\NIS_2009.EXE-0FD6D9E5.pf -->11.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\NORTON_REMOVAL_TOOL.EXE-261B02B8.pf -->11.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\NOTEPAD.EXE-336351A9.pf -->11.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\NTOSBOOT-B00DFAAD.pf -->12.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\NVRAIDSERVICE.EXE-1C06C75A.pf -->12.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\NWIZ.EXE-2D0F9FBC.pf -->12.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\OCSCTL.EXE-3B66DB50.pf -->11.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\QTTASK.EXE-2D7EEF34.pf -->10.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\REGEDIT.EXE-1B606482.pf -->11.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\REGSVR32.EXE-25EEFE2F.pf -->11.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-132911CD.pf -->11.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-13404D23.pf -->12.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-1340EF7F.pf -->11.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-19F507BE.pf -->11.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-35A483DA.pf -->12.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-3AF10E20.pf -->11.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-415F88EC.pf -->12.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-44A0B4BC.pf -->11.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-451FC2C0.pf -->11.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNONCE.EXE-2803F297.pf -->11.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SEVINST.EXE-15F3B743.pf -->11.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SEVINST.EXE-2958F60D.pf -->11.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SOFFICE.BIN-1E52E616.pf -->10.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SOFFICE.EXE-26427B3D.pf -->10.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SPYWARETERMINATOR.EXE-018F43AF.pf -->11.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SSUPDATE.EXE-281C8F4D.pf -->11.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SUPERANTISPYWARE.EXE-033808EC.pf -->12.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SUPERANTISPYWARE.EXE-1CDD4133.pf -->12.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SVCHOST.EXE-3530F672.pf -->11.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SWRITER.EXE-232617FC.pf -->10.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SYMIMINS.EXE-321109C6.pf -->11.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SYMNRT.EXE-18FC9325.pf -->11.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SYSOCMGR.EXE-31169C54.pf -->11.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\UNINS000.EXE-1007FF56.pf -->11.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\UNPACK200.EXE-2EC8AA61.pf -->11.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\UNSECAPP.EXE-1A95A33B.pf -->12.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\UPDATE.EXE-3398FCD6.pf -->11.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\USERINIT.EXE-30B18140.pf -->12.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\VCINST.EXE-2D7B515A.pf -->11.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\VCSETUP.EXE-11787630.pf -->11.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\VERCLSID.EXE-3667BD89.pf -->12.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WGATRAY.EXE-0ED38BED.pf -->12.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WINAMPA.EXE-2BDF6A16.pf -->12.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WINRAR.EXE-3588DFE8.pf -->12.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WMIAPSRV.EXE-1E2270A5.pf -->11.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WMIPRVSE.EXE-28F301A9.pf -->12.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WUAUCLT.EXE-399A8E72.pf -->12.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ZHPDIAG.EXE-0DE44CE4.pf -->12.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ZHPDIAG.EXE-1D9611A8.pf -->12.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ZIPPER.EXE-33428278.pf -->11.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\_IU14D2N.TMP-233781B2.pf -->11.04.2009
O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\{0C55C096-0F1D-4F28-AAA2-85EF-01BDB3D6.pf -->11.04.2009

---\\ Operations and functions at Windows Explorer startup (O46)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll

---\\ Export authorized application key (O47)
O47 - AAKE:Key Export - "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
O47 - AAKE:Key Export - "C:\Programme\Messenger\msmsgs.exe"="C:\Programme\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
O47 - AAKE:Key Export - "C:\Programme\Java\jre1.5.0_02\bin\javaw.exe"="C:\Programme\Java\jre1.5.0_02\bin\javaw.exe:*:Enabled:Java(TM) 2 Platform Standard Edition binary"
O47 - AAKE:Key Export - "C:\Programme\Codemasters\Colin McRae Rally 2005\CMR5.EXE"="C:\Programme\Codemasters\Colin McRae Rally 2005\CMR5.EXE:*:Enabled:Colin McRae Rally 2005 Application"
O47 - AAKE:Key Export - "C:\Programme\Microsoft Games\Age of Mythology\aom.exe"="C:\Programme\Microsoft Games\Age of Mythology\aom.exe:*:Enabled:Age of Mythology"
O47 - AAKE:Key Export - "C:\Programme\Microsoft Games\Age of Mythology\aomx.exe"="C:\Programme\Microsoft Games\Age of Mythology\aomx.exe:*:Enabled:Age of Mythology - The Titans Expansion"
O47 - AAKE:Key Export - "C:\NeverwinterNights\NWN\nwmain.exe"="C:\NeverwinterNights\NWN\nwmain.exe:*:Enabled:Neverwinter Nights"
O47 - AAKE:Key Export - "C:\Programme\ICQLite\ICQLite.exe"="C:\Programme\ICQLite\ICQLite.exe:*:Enabled:ICQ Lite"
O47 - AAKE:Key Export - "C:\Programme\EA SPORTS\FIFA 2005\fifa2005.exe"="C:\Programme\EA SPORTS\FIFA 2005\fifa2005.exe:*:Enabled:fifa2005"
O47 - AAKE:Key Export - "C:\Programme\BearShare\BearShare.exe"="C:\Programme\BearShare\BearShare.exe:*:Enabled:BearShare"
O47 - AAKE:Key Export - "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
O47 - AAKE:Key Export - "C:\Programme\Pinnacle\VideoSpin\Programs\RM.exe"="C:\Programme\Pinnacle\VideoSpin\Programs\RM.exe:*:Enabled:Render Manager"
O47 - AAKE:Key Export - "C:\Programme\Pinnacle\VideoSpin\Programs\umi.exe"="C:\Programme\Pinnacle\VideoSpin\Programs\umi.exe:*:Enabled:umi"
O47 - AAKE:Key Export - "C:\Programme\Pinnacle\VideoSpin\Programs\VideoSpin.exe"="C:\Programme\Pinnacle\VideoSpin\Programs\VideoSpin.exe:*:Enabled:Pinnacle VideoSpin"
O47 - AAKE:Key Export - "C:\Programme\Windows Live\Messenger\wlcsdk.exe"="C:\Programme\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
O47 - AAKE:Key Export - "C:\Programme\Windows Live\Sync\WindowsLiveSync.exe"="C:\Programme\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
O47 - AAKE:Key Export - "C:\Programme\Windows Live\Messenger\msnmsgr.exe"="C:\Programme\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
O47 - AAKE:Key Export - "C:\Programme\ICQ6.5\ICQ.exe"="C:\Programme\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
O47 - AAKE:Key Export - "C:\Dokumente und Einstellungen\Michi\Lokale Einstellungen\Temp\7zS6.tmp\SymNRT.exe"="C:\Dokumente und Einstellungen\Michi\Lokale Einstellungen\Temp\7zS6.tmp\SymNRT.exe:*:Enabled:Norton Removal Tool"
O47 - AAKE:Key Export - "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
O47 - AAKE:Key Export - "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

kaninchen · 12.04.2009, 11:18

Der letzte Teil:

Code:

ATTFilter

O47 - AAKE:Key Export - "C:\Programme\Windows Live\Messenger\wlcsdk.exe"="C:\Programme\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
O47 - AAKE:Key Export - "C:\Programme\Windows Live\Sync\WindowsLiveSync.exe"="C:\Programme\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
O47 - AAKE:Key Export - "C:\Programme\Windows Live\Messenger\msnmsgr.exe"="C:\Programme\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

---\\ Local Security Authority-LSA Deny (O48)
O48 - LSA:Local Security Authority Authentication Packages - C:\WINDOWS\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages - C:\WINDOWS\System32\scecli.dll

---\\ Safe Boot Control (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\dmboot.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\dmio.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\dmload.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\ip6fw.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\rdpcdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\rdpdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\rdpwd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\sr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\tdpipe.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\tdtcp.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\vgasave.sys

---\\ Image File Execution Options (IFEO) (O50)
O50 - IEFO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d


End of the scan:

john.doe · 12.04.2009, 14:48

Log ist sauber. Wie geht es dem Rechner?

Frohe Ostern,
andreas

kaninchen · 12.04.2009, 15:38

Dem Rechner geht es sehr gut und vielen Dank für deine Hilfe.

Liebe Grüße

kaninchen

SkyFire · 12.04.2009, 19:33

ich würde mal an deiner stelle nochmal ccleaner über dein system laufen lassen!!!!

du hast ziemlich viele cookies!!!!!

mfg SkyFire

Fund des Trojaners TR/Trash.Gen und TR/Drop.Softomat.AN

Plagegeister aller Art und deren Bekämpfung: Fund des Trojaners TR/Trash.Gen und TR/Drop.Softomat.AN