Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
a.exe,f.exe, g.exe und kein inet-zugang

a.exe,f.exe, g.exe und kein inet-zugang


Log-Analyse und Auswertung: a.exe,f.exe, g.exe und kein inet-zugang

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 18.07.2009, 13:13   #1
helena2
 
a.exe,f.exe, g.exe und kein inet-zugang - Unglücklich

a.exe,f.exe, g.exe und kein inet-zugang


Hallo Liebes trojaner-board-Team und Mitleser.

Gestern auf vorgestern abend hat sich mein PC wohl was eingefangen, nur adaware meldete den geblockten prozess f.exe . symantec ist still geblieben.
danach bluescreen, kurze zeit lief etwas durch mit "crashdump files".
Danach nach jedem normalen Bootvorgang erfolgt ein Aufhngen oder Bluescreen+Reboot. Mein Mozilla meldet nur noch "Seiten-Ladefehler".
CCleanre und Malware haben beide Sachen gefunden und gefixt, aber das löste mein Problem nicht. Anbei das Log von HijackThis und Malwarebytes, beide aus dem abgsicherten Modus erstellt. Malwareytes hängt sich inzwischen auch auf, deswegen der log von gestern abend!
Würde mich sehr freuen wenn da mal jemand rübersehen könnte

Malwarebytes' Anti-Malware 1.39
Datenbank Version: 2421
Windows 6.0.6001 Service Pack 1

18.07.2009 02:12:43
mbam-log-2009-07-18 (02-12-43).txt

Scan-Methode: Vollständiger Scan (A:\|C:\|D:\|E:\|F:\|G:\|H:\|I:\|J:\|K:\|L:\|M:\|)
Durchsuchte Objekte: 196379
Laufzeit: 25 minute(s), 39 second(s)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 9
Infizierte Registrierungswerte: 1
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 1
Infizierte Dateien: 14

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d032570a-5f63-4812-a094-87d007c23012} (Trojan.BHO.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d032570a-5f63-4812-a094-87d007c23012} (Trojan.BHO.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\xml.xml (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{500bca15-57a7-4eaf-8143-8c619470b13d} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{500bca15-57a7-4eaf-8143-8c619470b13d} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\xml.xml.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Cognac (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\UAC (Rootkit.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\ColdWare (Malware.Trace) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Cognac (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
C:\Windows\System32\lowsec (Stolen.data) -> Quarantined and deleted successfully.

Infizierte Dateien:
C:\Windows\System32\iebho.dll (Trojan.BHO.H) -> Quarantined and deleted successfully.
C:\Windows\System32\msxml71.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\Users\Ole\AppData\Local\Temp\f.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Users\Ole\AppData\Local\Temp\manxrocwes.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\Users\Ole\AppData\Local\Temp\saemwncoxr.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Windows\System32\lowsec\local.ds (Stolen.data) -> Quarantined and deleted successfully.
c:\Windows\System32\lowsec\user.ds (Stolen.data) -> Quarantined and deleted successfully.
C:\Windows\msa.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\system32\uacinit.dll (Trojan.Agent) -> Delete on reboot.
c:\Windows\Tasks\{5B57CF47-0BFA-43c6-ACF9-3B3653DCADBA}.job (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Windows\System32\sdra64.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Users\Ole\AppData\Local\Temp\b.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Windows\System32\drivers\str.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\Windows\Tasks\{783AF354-B514-42d6-970E-3E8BF0A5279C}.job (Trojan.Downloader) -> Quarantined and deleted successfully.





-------------------------------------


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:12:11, on 18.07.2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Safe mode

Running processes:
C:\Windows\Explorer.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\wbem\unsecapp.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\pdfforgeToolbarIE.dll
O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll
O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\pdfforgeToolbarIE.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\pdfforge Toolbar\SearchSettings.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST')
O4 - Startup: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate1c98d20746de0a0) (gupdate1c98d20746de0a0) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe

--
End of file - 7175 bytes


VIELEN vielen Dank, bin echt am Verzweifeln

Alt 18.07.2009, 14:22   #2
helena2
 
a.exe,f.exe, g.exe und kein inet-zugang - Standard

a.exe,f.exe, g.exe und kein inet-zugang


Achja, wer es benötigt, hier noch das log von RSIT:

Logfile of random's system information tool 1.06 (written by random/random)
Run by xxx at 2009-07-18 15:16:22
Microsoft® Windows Vista™ Ultimate Service Pack 1
System drive C: has 25 GB (50%) free of 50 GB
Total RAM: 3326 MB (87% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:16:23, on 18.07.2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Safe mode

Running processes:
C:\Windows\Explorer.EXE
C:\Windows\system32\wbem\unsecapp.exe
C:\Users\xxx\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\xxx.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\pdfforgeToolbarIE.dll
O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll
O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\pdfforgeToolbarIE.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\pdfforge Toolbar\SearchSettings.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST')
O4 - Startup: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate1c98d20746de0a0) (gupdate1c98d20746de0a0) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe

--
End of file - 7199 bytes
__________________

Geändert von helena2 (18.07.2009 um 14:48 Uhr)

Alt 18.07.2009, 14:23   #3
helena2
 
a.exe,f.exe, g.exe und kein inet-zugang - Standard

a.exe,f.exe, g.exe und kein inet-zugang


======Scheduled tasks folder======

C:\Windows\tasks\Ad-Aware Update (Weekly).job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\User_Feed_Synchronization-{8B5FEA08-5448-4741-9759-BD4D76688BB9}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll [2008-02-22 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Anmelde-Hilfsprogramm - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}]
pdfforge Toolbar - C:\Program Files\pdfforge Toolbar\pdfforgeToolbarIE.dll [2009-06-25 688640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]
C:\Program Files\pdfforge Toolbar\SearchSettings.dll [2009-06-12 1122816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{B922D405-6D13-4A2B-AE89-08A030DA4402} - pdfforge Toolbar - C:\Program Files\pdfforge Toolbar\pdfforgeToolbarIE.dll [2009-06-25 688640]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-03-23 4423680]
"ccApp"=C:\Program Files\Common Files\Symantec Shared\ccApp.exe [2006-11-22 107112]
"vptray"=C:\PROGRA~1\SYMANT~1\VPTray.exe [2007-01-05 135216]
"Kernel and Hardware Abstraction Layer"=C:\Windows\KHALMNPR.EXE [2008-02-29 76304]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
"AdobeCS4ServiceManager"=C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-11-12 13675040]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-11-12 92704]
"Ad-Watch"=C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe [2009-07-13 520024]
"SearchSettings"=C:\Program Files\pdfforge Toolbar\SearchSettings.exe [2009-06-12 998400]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe [2008-06-24 132392]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe [2008-06-24 1840424]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
C:\Program Files\DAEMON Tools\daemon.exe [2007-09-18 171464]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechCommunicationsManager]
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe [2008-08-14 565008]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]
C:\Program Files\Logitech\QuickCam\Quickcam.exe [2008-08-14 2407184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2009-02-06 3885408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-06-25 1414144]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC]
D:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe /nosplash /minimized []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMSTray]
C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe /systray /nologon []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
D:\Program Files\Valve\Steam\\Steam.exe -silent []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe [2008-02-22 144784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe [2008-04-01 36352]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe

C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll [2007-11-28 233888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{88485281-8b4b-4f8d-9ede-82e29a064277}"= []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 1 months======

2009-07-18 15:16:22 ----D---- C:\rsit
2009-07-18 13:06:28 ----A---- C:\Windows\ntbtlog.txt
2009-07-18 12:51:06 ----A---- C:\Windows\wininit.ini
2009-07-18 12:21:24 ----D---- C:\ProgramData\Spybot - Search & Destroy
2009-07-18 12:21:24 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-07-18 01:45:09 ----D---- C:\Users\xxx\AppData\Roaming\Malwarebytes
2009-07-18 01:45:03 ----D---- C:\ProgramData\Malwarebytes
2009-07-18 01:45:02 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-07-18 01:39:02 ----D---- C:\Program Files\CCleaner
2009-07-17 17:49:56 ----D---- C:\Program Files\Trend Micro
2009-07-17 17:28:17 ----A---- C:\Windows\system32\geyekrnqcmgpxq.dll
2009-07-17 17:28:14 ----A---- C:\Windows\system32\geyekrunkiceoi.dll
2009-07-17 10:51:13 ----A---- C:\Windows\system32\stu2.exe
2009-07-16 14:22:04 ----D---- C:\Program Files\pdfforge Toolbar
2009-07-16 14:21:46 ----A---- C:\Windows\system32\pdfcmnnt.dll
2009-07-16 14:21:44 ----A---- C:\Windows\system32\VB6DE.DLL
2009-07-16 14:21:44 ----A---- C:\Windows\system32\MSMPIDE.DLL
2009-07-16 14:21:44 ----A---- C:\Windows\system32\MSCC2DE.DLL
2009-07-15 19:29:07 ----D---- C:\Program Files\Common Files\DivX Shared
2009-07-11 08:43:20 ----D---- C:\Program Files\Common Files\PCSuite

======List of files/folders modified in the last 1 months======

2009-07-18 14:19:48 ----D---- C:\Windows\System32
2009-07-18 14:19:48 ----D---- C:\Windows\inf
2009-07-18 14:19:48 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-07-18 13:10:53 ----D---- C:\Windows\Temp
2009-07-18 13:06:34 ----D---- C:\Windows\Minidump
2009-07-18 13:06:28 ----D---- C:\Windows
2009-07-18 12:58:43 ----D---- C:\Windows\Prefetch
2009-07-18 12:56:34 ----D---- C:\Program Files\Mozilla Firefox
2009-07-18 12:56:15 ----D---- C:\Windows\system32\drivers
2009-07-18 12:21:24 ----RD---- C:\Program Files
2009-07-18 12:21:24 ----HD---- C:\ProgramData
2009-07-18 12:15:58 ----D---- C:\Windows\Tasks
2009-07-18 01:41:35 ----D---- C:\Windows\Debug
2009-07-18 01:22:24 ----D---- C:\Windows\system32\Tasks
2009-07-16 23:45:59 ----SHD---- C:\System Volume Information
2009-07-16 23:45:22 ----A---- C:\Windows\NeroDigital.ini
2009-07-16 14:22:12 ----SHD---- C:\Windows\Installer
2009-07-16 14:22:11 ----D---- C:\Windows\winsxs
2009-07-15 19:29:13 ----D---- C:\Program Files\DivX
2009-07-15 19:29:07 ----D---- C:\Program Files\Common Files
2009-07-11 08:44:18 ----D---- C:\Program Files\DIFX
2009-07-11 08:44:17 ----D---- C:\Windows\system32\catroot
2009-07-11 08:43:18 ----D---- C:\Program Files\Nokia
2009-07-11 08:43:18 ----D---- C:\Program Files\Common Files\Nokia
2009-07-11 08:40:56 ----D---- C:\ProgramData\Installations
2009-07-10 13:32:06 ----D---- C:\Program Files\Messenger Plus! Live
2009-07-04 20:47:32 ----D---- C:\Windows\system32\catroot2
2009-07-01 21:08:18 ----D---- C:\Users\xxx\AppData\Roaming\Mozilla
2009-06-21 12:40:04 ----A---- C:\Windows\system32\lsdelete.exe
2009-06-20 19:48:02 ----D---- C:\Users\xxx\AppData\Roaming\Nokia

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\Windows\system32\DRIVERS\L8042Kbd.sys [2008-02-29 20240]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2008-02-29 35344]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2008-02-29 36880]
R3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\Windows\System32\Drivers\LUsbFilt.Sys [2008-02-29 28944]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2006-10-19 7680]
S1 AsIO;AsIO; C:\Windows\system32\drivers\AsIO.sys [2006-10-19 12664]
S1 CSC;Offline Files Driver; C:\Windows\system32\drivers\csc.sys [2008-01-18 350720]
S1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2009-02-27 371248]
S1 SRTSP;SRTSP; C:\Windows\System32\Drivers\SRTSP.SYS [2006-11-22 247144]
S1 SRTSPX;SRTSPX; C:\Windows\System32\Drivers\SRTSPX.SYS [2006-11-22 25448]
S1 SYMTDI;SYMTDI; C:\Windows\System32\Drivers\SYMTDI.SYS [2006-10-26 185744]
S2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-08-14 74720]
S2 jpzkcxzadky;jpzkcxzadky; \??\C:\Windows\system32\drivers\glepgbqrhtry.sys [2009-07-17 71168]
S2 slzf;slzf; C:\Windows\system32\drivers\dsaeewk.sys []
S3 61883;61883-Einheitsgerät; C:\Windows\system32\DRIVERS\61883.sys [2008-01-18 45696]
S3 aqyqigh4;aqyqigh4; C:\Windows\system32\drivers\aqyqigh4.sys []
S3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller; C:\Windows\system32\DRIVERS\atl01v32.sys [2007-03-15 48128]
S3 Avc;AVC-Gerät; C:\Windows\system32\DRIVERS\avc.sys [2008-01-18 40448]
S3 BthEnum;Bluetooth-Auflistungsdienst; C:\Windows\system32\DRIVERS\BthEnum.sys [2008-01-18 19456]
S3 BthPan;Bluetooth-Gerät (PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-18 92160]
S3 BTHPORT;Bluetooth-Porttreiber; C:\Windows\System32\Drivers\BTHport.sys [2008-04-29 220160]
S3 BTHUSB;USB-Treiber für Bluetooth-Funkgerät; C:\Windows\System32\Drivers\BTHUSB.sys [2008-04-29 29184]
S3 drmkaud;Microsoft Kernel-DRM-Audioentschlüsselung; C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2009-03-16 101936]
S3 HdAudAddService;Microsoft 1.1 UAA-Funktionstreiber für High Definition Audio-Dienst; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-03-23 1761376]
S3 LVcKap;Logitech AEC Driver; C:\Windows\system32\DRIVERS\LVcKap.sys [2007-10-19 2109976]
S3 LVMVDrv;Logitech Machine Vision Engine Loader; C:\Windows\system32\DRIVERS\LVMVDrv.sys [2007-10-11 2142488]
S3 LVPr2Mon;LVPr2Mon Driver; C:\Windows\system32\Drivers\LVPr2Mon.sys [2008-07-26 25624]
S3 LVRS;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs.sys [2008-07-26 627864]
S3 LVUSBSta;Logitech USB Monitor Filter; C:\Windows\system32\drivers\LVUSBSta.sys [2008-07-26 41752]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\mbamswissarmy.sys [2009-07-13 38160]
S3 MSDV;Microsoft DV Camera and VCR; C:\Windows\system32\DRIVERS\msdv.sys [2008-01-18 52608]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192]
S3 MSPCLOCK;Microsoft Proxy für Streaming Clock; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888]
S3 MSPQM;Microsoft Proxy für Streaming Quality Manager; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016]
S3 NAVENG;NAVENG; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20090717.006\NAVENG.SYS [2009-07-17 87888]
S3 NAVEX15;NAVEX15; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20090717.006\NAVEX15.SYS [2009-07-17 875728]
S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmb.sys [2009-02-09 17664]
S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbo.sys [2009-02-09 22016]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsu.sys [2009-03-19 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsuc.sys [2009-03-19 8320]
S3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-11-12 7611360]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pepifilter;Volume Adapter; C:\Windows\system32\DRIVERS\lv302af.sys [2008-07-26 13848]
S3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:\Windows\system32\DRIVERS\LV302V32.SYS [2008-07-26 2570520]
S3 RFCOMM;Bluetooth-Gerät (RFCOMM-Protokoll-TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2008-01-18 49664]
S3 RT73;D-Link USB Wireless LAN Card Driver; C:\Windows\system32\DRIVERS\Dr71WU.sys [2005-11-03 245504]
S3 s117bus;Sony Ericsson Device 117 driver (WDM); C:\Windows\system32\DRIVERS\s117bus.sys [2007-06-25 82984]
S3 s117mdfl;Sony Ericsson Device 117 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s117mdfl.sys [2007-06-25 14888]
S3 s117mdm;Sony Ericsson Device 117 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s117mdm.sys [2007-06-25 108456]
S3 s117mgmt;Sony Ericsson Device 117 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s117mgmt.sys [2007-06-25 100264]
S3 s117nd5;Sony Ericsson Device 117 USB Ethernet Emulation SEMC117 (NDIS); C:\Windows\system32\DRIVERS\s117nd5.sys [2007-06-25 22952]
S3 s117obex;Sony Ericsson Device 117 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s117obex.sys [2007-06-25 98344]
S3 s117unic;Sony Ericsson Device 117 USB Ethernet Emulation SEMC117 (WDM); C:\Windows\system32\DRIVERS\s117unic.sys [2007-06-25 98856]
S3 SPBBCDrv;SPBBCDrv; \??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys [2006-10-06 406672]
S3 SRTSPL;SRTSPL; C:\Windows\System32\Drivers\SRTSPL.SYS [2006-11-22 274328]
S3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2007-11-18 109744]
S3 SYMREDRV;SYMREDRV; C:\Windows\System32\Drivers\SYMREDRV.SYS [2006-10-26 26384]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2009-02-09 7808]
S3 usbaudio;USB-Audiotreiber (WDM); C:\Windows\system32\drivers\usbaudio.sys [2008-01-18 73088]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2008-01-18 28160]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2009-02-09 7808]
S3 usbvideo;USB-Videogerät (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-18 134016]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-18 39936]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-18 83328]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-07-13 1029456]
S2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S2 ccEvtMgr;Symantec Event Manager; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2006-11-22 107624]
S2 ccSetMgr;Symantec Settings Manager; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2006-11-22 107624]
S2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2008-01-19 21504]
S2 DefWatch;Symantec AntiVirus Definition Watcher; C:\Program Files\Symantec AntiVirus\DefWatch.exe [2007-01-05 30768]
S2 gupdate1c98d20746de0a0;Google Update Service (gupdate1c98d20746de0a0); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-02-12 133104]
S2 LVCOMSer;LVCOMSer; C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe [2008-07-26 186904]
S2 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2008-07-26 150040]
S2 LVSrvLauncher;LVSrvLauncher; C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe [2008-07-26 141848]
S2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-11-12 207392]
S2 Symantec AntiVirus;Symantec AntiVirus; C:\Program Files\Symantec AntiVirus\Rtvscan.exe [2007-01-05 1985584]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\Windows\system32\fxssvc.exe [2008-01-19 523776]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-11-26 655624]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe [2008-05-02 121360]
S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2006-11-08 2541248]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-06-24 537896]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SavRoam;SAVRoam; C:\Program Files\Symantec AntiVirus\SavRoam.exe [2007-01-05 126000]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-06-02 637952]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2008-01-19 21504]
S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\Windows\system32\wbengine.exe [2008-01-19 917504]
S4 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe /RunAsService []

-----------------EOF-----------------
__________________
Geändert von helena2 (18.07.2009 um 14:45 Uhr)

Antwort

Themen zu a.exe,f.exe, g.exe und kein inet-zugang
ad-aware, ad-watch, adobe, antivirus, bluescree, bluescreen, bootvorgang, browser, defender, explorer, google, google update, gupdate, helper, hijack, hijackthis, hängt, internet, internet explorer, local\temp, malware, malware.trace, mozilla, nmindexstoresvr.exe, pdfforge toolbar, problem, prozess, registrierungsschlüssel, rogue.multiple, rootkit.agent, rootkit.trace, rundll, sdra64.exe, seiten-ladefehler, senden, software, solution, stolen.data, symantec, system, temp, trojan.downloader, trojan.dropper, vista


« Wurm Malware.Trace was tun | AntiVir meldet viele Trojaner »


Ähnliche Themen: a.exe,f.exe, g.exe und kein inet-zugang


  1. Bluescreen nach hochfahren von Windows 7 - Kein Zugang zum Desktop!
    Log-Analyse und Auswertung - 13.03.2014 (7)
  2. SaferSurf kein Internet zugang mehr
    Netzwerk und Hardware - 06.10.2013 (1)
  3. Kein Zugang zum Internet mehr möglich
    Alles rund um Windows - 12.05.2013 (26)
  4. Ukash Bundestrojaner --- kein Inet; kein Taskmanager
    Plagegeister aller Art und deren Bekämpfung - 25.09.2012 (19)
  5. BKA-Virus entfernen - kein Zugang zum Abgesicherten Modus
    Plagegeister aller Art und deren Bekämpfung - 06.04.2012 (11)
  6. kein installieren und kein internet zugang möglich.
    Plagegeister aller Art und deren Bekämpfung - 25.06.2010 (3)
  7. Kein Zugang auf AV-Seiten, hidden driver im GMER-Log
    Plagegeister aller Art und deren Bekämpfung - 17.03.2009 (10)
  8. Kein Zugang mehr zum Internet/email funktioniert
    Log-Analyse und Auswertung - 20.11.2008 (0)
  9. Kein Zugang zu Orkut
    Log-Analyse und Auswertung - 09.04.2008 (1)
  10. Kein AOL-Zugang nach Crash
    Alles rund um Windows - 14.03.2008 (2)
  11. Kein Zugriff mehr auf Router & kein Inet
    Alles rund um Windows - 27.11.2007 (12)
  12. XP: Nach fehlerhaften Herunterfahren: Kein Inet, kein AntiVir..
    Alles rund um Windows - 26.02.2006 (5)
  13. Netzwerk OK - aber kein Inet zugriff vom Client
    Netzwerk und Hardware - 10.10.2005 (1)
  14. Kein Zugriff auf Inet und Emails mehr!
    Plagegeister aller Art und deren Bekämpfung - 04.10.2005 (6)
  15. prefs.js - kein Zugang! Administrator fragen?
    Alles rund um Windows - 14.05.2005 (5)
  16. Kein Zugang zum E-Banking
    Plagegeister aller Art und deren Bekämpfung - 21.02.2005 (7)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema a.exe,f.exe, g.exe und kein inet-zugang - Hallo Liebes trojaner-board-Team und Mitleser. Gestern auf vorgestern abend hat sich mein PC wohl was eingefangen, nur adaware meldete den geblockten prozess f.exe . symantec ist still geblieben. danach bluescreen, - a.exe,f.exe, g.exe und kein inet-zugang...
Archiv
Du betrachtest: a.exe,f.exe, g.exe und kein inet-zugang auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131