| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: virus alert neben der uhrWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
23.07.2009, 21:38
| #1 |
| |  virus alert neben der uhr seid etwar 10 taagen läuft mein system sehr langsam und esist eine Virus Alert meldung neben der uhr. Es ist sogar bei kaspersky neben der Uhranzeige die Virusalert meldung  sehr merkwürdig vlt könntet ihr mir helfen.info Code:
ATTFilter info.txt logfile of random's system information tool 1.06 2009-07-23 22:27:58
======Uninstall list======
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
ABBYY FineReader 8.0 Professional Edition-->MsiExec.exe /I{AAF80000-22B9-4CE9-98D6-2CCF359BAC07}
Ad-Aware 2007-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
Adobe Color Common Settings-->C:\Programme\Gemeinsame Dateien\Adobe\Installers\6c8e2cb4fd241c55406016127a6ab2e\Setup.exe
Adobe Color Common Settings-->MsiExec.exe /I{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe GoLive 9-->C:\Programme\Gemeinsame Dateien\Adobe\Installers\a7223e4b8dff4f6a5bb90518a80851d\Setup.exe
Adobe GoLive 9-->MsiExec.exe /I{458CD97D-56E5-4330-81DB-5829500BBF7A}
Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
Adobe Reader 6.0 - Deutsch-->MsiExec.exe /I{AC76BA86-7AD7-1031-7646-000000000001}
Adobe Reader 8.1.3 - Deutsch-->MsiExec.exe /I{AC76BA86-7AD7-1031-7B44-A81300000003}
Adobe Setup-->MsiExec.exe /I{4086BCA1-9B64-498B-8B8B-CA236029C816}
Adobe Setup-->MsiExec.exe /I{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}
Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
Adobe XMP Panels CS3-->MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923}
Adobe® Photoshop® Album Starter Edition 3.0-->MsiExec.exe /I{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}
ADS Tech Master Installer V3.8-->C:\PROGRA~3\ADSTech\UNWISE.EXE C:\PROGRA~3\ADSTech\INSTALL.LOG
ADS Tech V3.8 VideoXpress CapWiz-->C:\PROGRA~3\ADSTEC~1\UNWISE.EXE C:\PROGRA~3\ADSTEC~1\INSTALL.LOG
AgileMessenger-->C:\Programme\Microsoft ActiveSync\AgileMessenger\Uninstall.exe AgileMessenger
AIM-->C:\Programme\AIM6\uninst.exe
AOL Coach Version 1.0(Build:20040229.1 de)-->"C:\Programme\Gemeinsame Dateien\aolshare\Coach\AolCInUn.exe" -lang="de-de"
AOL Deinstallation-->C:\Programme\Gemeinsame Dateien\AOL\uninstaller.exe
Application Suite-->RunDll32 C:\PROGRA~3\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{119B91A7-1984-4256-BC34-348BA84143B1}\Setup.exe" -l0x7
Application Suite-->RunDll32 C:\PROGRA~3\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{3068A7E9-981E-4F4E-AB2F-005E3964D890}\Setup.exe" -l0x7
Application Suite-->RunDll32 C:\PROGRA~3\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{313DA046-87BB-4DBD-9B23-E11D3EB9D74F}\Setup.exe" -l0x7
Application Suite-->RunDll32 C:\PROGRA~3\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{BD9E8482-6662-4580-BCF6-1A790A91FFA2}\Setup.exe" -l0x7
Application Suite-->RunDll32 C:\PROGRA~3\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{FCABCA0D-6DDC-43ED-82B6-A918FBB43766}\Setup.exe" -l0x7
Artweaver-->"C:\Programme\Artweaver 0.4\unins000.exe"
BestCrypt 7.0-->"C:\WINDOWS\BCUnInstall.exe" C:\Programme\Jetico\BestCrypt\UnInstall.log
CorelDRAW Graphics Suite X4 - Capture-->MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF012}
CorelDRAW Graphics Suite X4 - Content-->MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF016}
CorelDRAW Graphics Suite X4 - Draw-->MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF013}
CorelDRAW Graphics Suite X4 - Filters-->MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF017}
CorelDRAW Graphics Suite X4 - FontNav-->MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF019}
CorelDRAW Graphics SUite X4 - ICA-->MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF010}
CorelDRAW Graphics Suite X4 - IPM-->MsiExec.exe /I{9D0798D0-AF6C-4E62-94B1-AEBF1A43E00A}
CorelDRAW Graphics Suite X4 - Lang DE-->MsiExec.exe /I{AEFBAC58-2DDD-4CEF-BDFD-52A5A5F432ED}
CorelDRAW Graphics Suite X4 - PP-->MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF014}
CorelDRAW Graphics Suite X4 - VBA-->MsiExec.exe /I{BF439B41-0252-48DE-8B8B-0430CB26A181}
CorelDRAW Graphics Suite X4-->MsiExec.exe /I{44A27085-0616-4181-A0C3-81C7ECA17F73}
CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension-->c:\Programme\Gemeinsame Dateien\Corel\Shared\Shell Extension\Uninst.exe
CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension-->MsiExec.exe /X{CE2DA11A-917F-4CF5-AB55-755EC115DD10}
CorelDRAW(R) Graphics Suite X4-->c:\Programme\Corel\CorelDRAW Graphics Suite X4\Setup\SetupARP.exe /arp
devolo dLAN-Konfigurationsassistent-->C:\Programme\devolo\setup.exe /remove:dlanconf
devolo Informer-->C:\Programme\devolo\setup.exe /remove:dslmon
Dexpot 1.4-->"C:\Programme\Dexpot\uninstall.exe"
Dragon NaturallySpeaking 9-->MsiExec.exe /I{DDDD90B2-80F2-413A-8A8E-38C5076A7DBA}
eMule.de 0.48a v18-->"C:\Programme\eMule.de 0.48a v18\unins000.exe"
F-Recovery for SD-->"C:\Programme\F-Recovery for SD\uninstall.exe"
Google SketchUp 6-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{98736A65-3C79-49EC-B7E9-A3C77774B0E6}\setup.exe" -l0x7 -removeonly
Google SketchUp 6-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{B3D8B2F8-3C2C-45BC-933E-8B60E78F6684}\setup.exe" -l0x7 -removeonly
Google Toolbar for Internet Explorer-->"C:\Programme\Google\Google Toolbar\Component\GoogleToolbarManager_0531C63A913CC9D1.exe" /uninstall
HijackThis 2.0.2-->"C:\Programme\trend micro\HijackThis.exe" /uninstall
Hitman Pro-->"C:\Programme\Hitman Pro\unins000.exe"
Home Media Server 4.0.0.0072-->C:\Programme\SimpleCenter\uninstall.exe
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix für Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
HP Document Viewer 5.3-->C:\Programme\HP\Digital Imaging\DocumentViewer\hpzscr01.exe -datfile hpqbud04.dat
HP Extended Capabilities 5.3-->C:\Programme\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Image Zone 5.3-->C:\Programme\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP Image Zone Express-->MsiExec.exe /X{FE64AE29-0883-4C70-8388-DC026019C900}
HP Imaging Device Functions 5.3-->C:\Programme\HP\Digital Imaging\DigitalImagingMonitor\hpzscr01.exe -datfile hpqbud01.dat
HP PSC & OfficeJet 5.3.B-->"C:\Programme\HP\Digital Imaging\{5B79CFD1-6845-4158-9D7D-6BE89DF2C135}\setup\hpzscr01.exe" -datfile hposcr07.dat
HP Software Update-->MsiExec.exe /X{15EE79F4-4ED1-4267-9B0F-351009325D7D}
HP Solution Center & Imaging Support Tools 5.3-->C:\Programme\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
HP Wireless Adapter-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{D1DDE912-03B9-4C1C-A7EB-C60693820E18}\Setup.exe" -l0x9 REMOVE -removeonly
HP Wireless Printer Adapter-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{991C5595-5151-4D70-B6CC-90633AC69076}\Setup.exe" -l0x7 -removeonly
ICQ Toolbar-->regsvr32 /u /s "C:\PROGRA~1\ICQTOO~1\toolbaru.dll"
ICQ6-->C:\Programme\InstallShield Installation Information\{60DE4033-9503-48D1-A483-7846BD217CA9}\setup.exe -runfromtemp -l0x0009 -removeonly
Intel(R) Extreme Graphics Driver-->RUNDLL32.EXE C:\WINDOWS\System32\ialmrem.dll,UninstallW2KIGfx PCI\VEN_8086&DEV_3582
InterVideo WinDVR 3-->"C:\Programme\InstallShield Installation Information\{6BF4613C-0A46-43AA-8FA8-0CB9F2C1A548}\setup.exe" REMOVEALL
IPView Pro-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{DE2DA32A-F8C7-4E8E-B41D-E5031185CE3F}\Setup.exe" -l0x9
IrfanView (remove only)-->C:\Programme\IrfanView\iv_uninstall.exe
J2SE Runtime Environment 5.0 Update 10-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150100}
J2SE Runtime Environment 5.0 Update 11-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150110}
JAP-->C:\Programme\JAP\uninstall.exe
Java 2 Runtime Environment, SE v1.4.2_03-->MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142030}
Java(TM) 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Java(TM) SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
Kaspersky Security Suite CBE-->MsiExec.exe /I{C774410D-3EF9-4DE7-AC01-332613163ECF}
Kaspersky Security Suite CBE-->MsiExec.exe /I{C774410D-3EF9-4DE7-AC01-332613163ECF}
K-Lite Codec Pack 3.4.5 Full-->"C:\Programme\K-Lite Codec Pack\unins000.exe"
Launch Manager V1.0.8-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{D0846526-66DD-4DC9-A02C-98F9A2806812}\setup.exe" -l0x7 -uninst
Logitech QuickCam-Software-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{C43048A9-742C-4DAD-90D2-E3B53C9DB825}\setup.exe" -l0x7
Logitech® Camera-Treiber-->"C:\Programme\Gemeinsame Dateien\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT
Malwarebytes' Anti-Malware-->"C:\Programme\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 1.1 German Language Pack-->MsiExec.exe /X{E78BFA60-5393-4C38-82AB-E8019E464EB4}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU-->MsiExec.exe /I{C314CE45-3392-3B73-B4E1-139CD41CA933}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU-->MsiExec.exe /I{C2C284D2-6BD7-3B34-B0C5-B2CAED168DF7}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU-->c:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - deu\setup.exe
Microsoft .NET Framework 3.5 Language Pack SP1 - deu-->MsiExec.exe /I{052FDD78-A6EA-3187-8386-C82F4CA3A929}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft ActiveSync-->MsiExec.exe /I{99052DB7-9592-4522-A558-5417BBAD48EE}
Microsoft Office 2000 Premium-->MsiExec.exe /I{00000407-78E1-11D2-B60F-006097C998E7}
Microsoft Outlook 2002-->MsiExec.exe /I{911A0407-6000-11D3-8CFE-0050048383C9}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Voice Command DE PPC 1.60 for M2M-->MsiExec.exe /X{D654B29B-4F7C-4AE3-B837-5B124B375D1A}
Mozilla Firefox (2.0.0.20)-->C:\Programme\Mozilla Firefox\uninstall\helper.exe
MSVC80_x86-->MsiExec.exe /I{212748BB-0DA5-46DE-82A1-403736DC9F27}
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
MSXML 6.0 Parser-->MsiExec.exe /I{AEB9948B-4FF2-47C9-990E-47014492A0FE}
MultiWindow Version 1.1.2.1-->"C:\Programme\IPCameraSearcher\unins000.exe"
muvee autoProducer 6.1-->C:\Programme\InstallShield Installation Information\{3070EC1C-EC0E-45AB-AAE0-55C332CA0D0C}\setup.exe -runfromtemp -l0x0007 -removeonly
MySpaceIM-->C:\Programme\MySpace\IM\Uninstall.exe
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NetObjects Fusion 7-->C:\WINDOWS\IsUn0407.exe -f"C:\NetObjects Fusion 7\Uninst.isu" -c"C:\NetObjects Fusion 7\uninst.dll"
Nokia Connectivity Cable Driver-->MsiExec.exe /X{6882DD11-33B8-4DEA-8305-7E765BF74BD3}
Nokia MTP driver-->MsiExec.exe /I{0E94871C-623C-464F-A117-B8474BFF84E1}
Nokia PC Connectivity Solution-->MsiExec.exe /I{0D80391C-0A72-43BB-9BC2-143F63CC111D}
OpenOffice.org Installer 1.0-->MsiExec.exe /X{E728E952-DD4F-4BCD-A5C8-40FBFEFF91FE}
Opera 9.51-->MsiExec.exe /X{179624B1-2683-45ED-965A-B72189EB5820}
PAW Setup-->MsiExec.exe /I{69F2FC63-8EDB-4F72-B888-45D590D40347}
PC Camer@-->C:\PROGRA~1\GEMEIN~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{A6903FF6-895A-4EA6-BDCC-BE1DD911103A} /l1031
PC Inspector File Recovery-->RunDll32 C:\PROGRA~3\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{0DD140D3-9563-481E-AA75-BA457CBDAEF2}\Setup.exe" -l0x7
PC Inspector smart recovery-->RunDll32 C:\PROGRA~3\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{C9A87D86-FDFD-418B-BF96-EF09320973B3}\Setup.exe" -l0x7
PDF Settings-->MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}
Private Message Plus-->"C:\Programme\Private Message Plus\unins000.exe"
QuickTime-->C:\WINDOWS\unvise32qt.exe C:\WINDOWS\system32\QuickTime\Uninstall.log
RAR Password Cracker 4.12-->C:\Programme\RAR Password Cracker\uninstall.exe
RAR Password Recovery v1.1 RC17 (remove only)-->C:\Programme\Intelore\RAR Password Recovery\uninstall.exe
RealPlayer Basic-->C:\Programme\Gemeinsame Dateien\Real\Update\\rnuninst.exe RealNetworks|RealPlayer|6.0
SecondLife (remove only)-->"C:\Programme\SecondLife\uninst.exe" /P="SecondLife"
Setup Wizard-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{665C721C-49A3-49E9-AED0-EBEDC1327D57}\Setup.exe" -l0x9
Shop for HP Supplies-->C:\Programme\HP\Digital Imaging\HPSSupply\hpzscr01.exe -datfile hpqbud16.dat
Sicherheitsupdate für Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Sitecom Multi-Function Printserver Control Center -->MsiExec.exe /X{E1CEDC02-D64B-4DF9-8BD1-E16122424433}
Spb Brain Evolution-->C:\Programme\Microsoft ActiveSync\Spb Brain Evolution\Uninstall.exe Spb Brain Evolution
Spb Mobile Shell-->C:\Programme\Microsoft ActiveSync\Spb Mobile Shell\Uninstall.exe Spb Mobile Shell
Sprite Backup HTC-->RunDll32 C:\PROGRA~3\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{52D3199D-2858-4216-AA1D-B2A9BB9FA31B}\setup.exe" -l0x7
Sprite Backup-->RunDll32 C:\PROGRA~3\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{ABC5404F-F0F3-4221-8DB9-5D34DD866E50}\setup.exe" -l0x7
Spybot - Search & Destroy 1.4-->"C:\Programme\Spybot - Search & Destroy\unins000.exe"
SpywareBlaster v3.5.1-->"C:\Programme\SpywareBlaster\unins000.exe"
Synaptics Pointing Device Driver-->rundll32.exe "C:\Programme\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
System Requirements Lab-->C:\Programme\SystemRequirementsLab\Uninstall.exe
TomTom HOME-->C:\Programme\InstallShield Installation Information\{CE325D55-FCAF-4273-BB79-069BB8747270}\setup.exe -runfromtemp -l0x0007 -removeonly -removeonly
Trillian-->C:\Programme\Trillian\trillian.exe /uninstall
Ulead VideoStudio 7 SE VCD-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{757AD3D4-036B-42FA-B0A4-96BD6F4605A0}\setup.exe" -l0x7
Update für Windows XP (KB932823-v3)-->"C:\WINDOWS\$NtUninstallKB932823-v3$\spuninst\spuninst.exe"
Video Converter 3-->C:\Programme\Xilisoft\Video Converter 3\Uninstall.exe
VideoReDo/Plus Version 2.5.5.512-->"C:\Programme\VideoReDoPlus\unins000.exe"
Viewpoint Media Player-->C:\Programme\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
VLC media player 0.9.2-->C:\Programme\VideoLAN\VLC\uninstall.exe
Windows Commander (Remove only)-->c:\wincmd\wcuninst.exe
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Installer Clean Up-->MsiExec.exe /X{121634B0-2F4B-11D3-ADA3-00C04F52DD52}
Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe"
Windows Live Messenger-->MsiExec.exe /I{279DB581-239C-4E13-97F8-0F48E40BE75C}
Windows Live Sign-in Assistant-->MsiExec.exe /I{49672EC2-171B-47B4-8CE7-50D7806360D7}
Windows Media Encoder 9-Reihe-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Windows Media Encoder 9-Reihe-->MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Windows Media Format 11 runtime-->"C:\Programme\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Player 11-->"C:\Programme\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Mobile®-Gerätehandbuch-->C:\Programme\Windows Mobile Device Handbook\Windows Mobile Device Handbook\Bin\DHUninstall.exe
WinPatrol 2009-->C:\PROGRA~3\BILLPS~1\WINPAT~1\Setup.exe /remove /q0
WinRAR Archivierer-->C:\Programme\WinRAR\uninstall.exe
WinZip 12.0-->MsiExec.exe /X{CD95F661-A5C4-44F5-A6AA-ECDD91C240B7}
XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"
Yahoo! Photos Easy Upload Tool-->C:\WINDOWS\system32\regsvr32 /u /s "C:\WINDOWS\cache\YDropper.dll"
======Hosts File======
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
======Security center information======
AV: Kaspersky Security Suite CBE
FW: Kaspersky Security Suite CBE
======System event log======
Computer Name: ELLI
Event Code: 7
Message: Fehlerhafter Block bei Gerät \Device\Harddisk0\D.
Record Number: 96922
Source Name: Disk
Time Written: 20090716004026.000000+120
Event Type: Fehler
User:
Computer Name: ELLI
Event Code: 7
Message: Fehlerhafter Block bei Gerät \Device\Harddisk0\D.
Record Number: 96921
Source Name: Disk
Time Written: 20090716004022.000000+120
Event Type: Fehler
User:
Computer Name: ELLI
Event Code: 7
Message: Fehlerhafter Block bei Gerät \Device\Harddisk0\D.
Record Number: 96920
Source Name: Disk
Time Written: 20090716004019.000000+120
Event Type: Fehler
User:
Computer Name: ELLI
Event Code: 7
Message: Fehlerhafter Block bei Gerät \Device\Harddisk0\D.
Record Number: 96919
Source Name: Disk
Time Written: 20090716004017.000000+120
Event Type: Fehler
User:
Computer Name: ELLI
Event Code: 7
Message: Fehlerhafter Block bei Gerät \Device\Harddisk0\D.
Record Number: 96918
Source Name: Disk
Time Written: 20090716004014.000000+120
Event Type: Fehler
User:
=====Application event log=====
Computer Name: +++
Event Code: 1004
Message: Erkennung von Produkt "{99052DB7-9592-4522-A558-5417BBAD48EE}", Funktion "ActiveSync" und Komponente "{13611E77-B9F9-43C7-85A6-1CB12FD67A1D}" fehlgeschlagen. Die Ressource "HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows CE Services\Defname" ist nicht vorhanden.
Record Number: 5
Source Name: MsiInstaller
Time Written: 20080527182358.000000+120
Event Type: Warnung
User: ELLI\internet
Computer Name: +++
Event Code: 2002
Message: Der EAPOL-Dienst wurde erfolgreich beendet.
Record Number: 4
Source Name: EAPOL
Time Written: 20080527182344.000000+120
Event Type: Informationen
User:
Computer Name: +++
Event Code: 2003
Message: EAPOL-Dienst wird ausgeführt
Record Number: 3
Source Name: EAPOL
Time Written: 20080527182344.000000+120
Event Type: Informationen
User:
Computer Name: +++
Event Code: 4096
Message:
Record Number: 2
Source Name: Avira AntiVir
Time Written: 20080527182341.000000+120
Event Type: Informationen
User: NT-AUTORITÄT\SYSTEM
Computer Name: +++
Event Code: 1800
Message: Der Windows-Sicherheitscenterdienst wurde gestartet.
Record Number: 1
Source Name: SecurityCenter
Time Written: 20080527182339.000000+120
Event Type: Informationen
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Programme\Gemeinsame Dateien\Ulead Systems\MPEG
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 9 Stepping 5, GenuineIntel
"PROCESSOR_REVISION"=0905
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK"=NO
-----------------EOF-----------------
Geändert von kotaro (23.07.2009 um 21:47 Uhr) |
|
23.07.2009, 21:42
| #2 |
| | virus alert neben der uhr log
__________________Code:
ATTFilter Logfile of random's system information tool 1.06 (written by random/random) Run by sirius at 2009-07-23 22:27:37 Microsoft Windows XP Home Edition Service Pack 2 System drive C: has 6 GB (5%) free of 114 GB Total RAM: 758 MB (35% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:27: VIRUS ALERT!, on 23.07.2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16674) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLAcsd.exe C:\Programme\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\ctfmon.exe C:\Programme\Launch Manager\HotkeyApp.exe C:\Programme\Launch Manager\CtrlVol.exe C:\Programme\Launch Manager\LaunchAp.exe C:\Programme\Launch Manager\WButton.exe C:\Programme\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe C:\Programme\BillP Studios\WinPatrol\WinPatrol.exe C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Programme\Messenger\msmsgs.exe C:\Programme\MySpace\IM\MySpaceIM.exe C:\WINDOWS\system32\wuauclt.exe C:\Programme\MySpace\IM\MySpaceIM.exe C:\WINDOWS\System32\svchost.exe C:\Programme\Malwarebytes' Anti-Malware\mbam.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Programme\Internet Explorer\iexplore.exe C:\Dokumente und Einstellungen\sirius\Desktop\matze virus suche\RSIT.exe C:\Programme\trend micro\sirius.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://softwarereferral.com/jump.php?wmid=6010&mid=MjI6Ojg5&lid=2 R3 - URLSearchHook: (no name) - {0A94B116-4504-4e26-AB05-E61E474AA38B} - C:\Programme\AskPBar\SrchAstt\1.bin\A9SRCHAS.DLL R3 - URLSearchHook: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file) O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - (no file) O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Ask Search Assistant BHO - {0A94B111-4504-4e26-AB05-E61E474AA38B} - C:\Programme\AskPBar\SrchAstt\1.bin\A9SRCHAS.DLL O2 - BHO: (no name) - {35D3B4B9-52D3-4B21-921F-7FB1F73C5C55} - (no file) O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Programme\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll O2 - BHO: Ask Toolbar BHO - {F4D76F01-7896-458a-890F-E1F05C46069F} - C:\Programme\AskPBar\bar\1.bin\ASKPBAR.DLL O3 - Toolbar: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file) O3 - Toolbar: Ask Toolbar - {F4D76F09-7896-458a-890F-E1F05C46069F} - C:\Programme\AskPBar\bar\1.bin\ASKPBAR.DLL O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll O4 - HKLM\..\Run: [HotkeyApp] C:\Programme\Launch Manager\HotkeyApp.exe O4 - HKLM\..\Run: [CtrlVol] C:\Programme\Launch Manager\CtrlVol.exe O4 - HKLM\..\Run: [LaunchAp] C:\Programme\Launch Manager\LaunchAp.exe O4 - HKLM\..\Run: [Wbutton] C:\Programme\Launch Manager\WButton.exe O4 - HKLM\..\Run: [AVP] "C:\Programme\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe" O4 - HKLM\..\Run: [WinPatrol] C:\Programme\BillP Studios\WinPatrol\winpatrol.exe -expressboot O4 - HKCU\..\Run: [swg] C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [MySpaceIM] C:\Programme\MySpace\IM\MySpaceIM.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Programme\MySpace\IM\MySpaceIM.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Programme\MySpace\IM\MySpaceIM.exe (User 'Default user') O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O8 - Extra context menu item: Hinzufügen zu Kaspersky Anti-Banner - C:\Programme\Kaspersky Lab\Kaspersky Security Suite CBE\ie_banner_deny.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Statistik für Web-Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Programme\Kaspersky Lab\Kaspersky Security Suite CBE\SCIEPlgn.dll O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file) O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~3\MICROS~1\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~3\MICROS~1\INetRepl.dll O9 - Extra 'Tools' menuitem: Mobilen Favoriten erstellen... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~3\MICROS~1\INetRepl.dll O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6\ICQ.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - http://gfx2.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab O16 - DPF: {51433439-1036-42EC-8B59-327B20C26648} (XPlugLite3 Class) - http://welpencam.homeip.net:8000/XPlugLite3.cab O16 - DPF: {63DF43C2-469A-41F3-B119-17B1ACE8BB34} (Sony SNC-RZ30 Image Viewer) - http://webcam.calstatela.edu/home/SonySncRz30View.cab O16 - DPF: {66D393D5-4D80-497C-9F4F-F3839E090202} - http://www.pysoft.com/Downloads/WebCamPlayerOCX.cab O16 - DPF: {A8482EAF-A1F3-4934-AE3F-56EB195A50BF} - http://support.fujitsu-siemens.de/DeskUpdate/isapi/activex.cab O16 - DPF: {C6A03519-BA6F-438E-AF3A-878F11521CA5} (JpgView Control) - http://lrtronic.dyndns.org/jpgview.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab O16 - DPF: {E62D1A95-8299-4B94-85D0-731DC125A60D} (IMMP4Control Control) - http://192.168.1.129/ocx/IMMP4.cab O16 - DPF: {EFFDEEEC-F9E1-4461-91D2-DAEB8CC595F1} - http://polkernnet.dyndns.org/CSViewer.cab O20 - AppInit_DLLs: hplun.dll,C:\PROGRA~3\KASPER~1\KASPER~1\adialhk.dll O20 - Winlogon Notify: qoMfgGvw - qoMfgGvw.dll (file missing) O21 - SSODL: xvorfwbd - {BF7B3FBA-7DE5-4886-9848-E4AA0F19D17F} - (no file) O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLAcsd.exe O23 - Service: Kaspersky Security Suite CBE (AVP) - Kaspersky Lab - C:\Programme\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- End of file - 8324 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\{3B060EED-04BF-45C8-97BC-13F1060B5394}_LAPTOP_zwinger.job C:\WINDOWS\tasks\{88164293-2277-410F-BF98-C773283C3C2D}_LAPTOP_zwinger.job C:\WINDOWS\tasks\{ADE099FE-3B0C-4CD2-9CE6-291B708A4E9A}_LAPTOP_zwinger.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0A94B111-4504-4e26-AB05-E61E474AA38B}] Ask Search Assistant BHO - C:\Programme\AskPBar\SrchAstt\1.bin\A9SRCHAS.DLL [2007-12-11 61440] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{35D3B4B9-52D3-4B21-921F-7FB1F73C5C55}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] SSVHelper Class - C:\Programme\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live Sign-in Helper - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-25 322368] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll [2009-03-27 251504] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Programme\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll [2009-07-20 669168] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}] Google Dictionary Compression sdch - C:\Programme\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll [2009-03-27 522224] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4D76F01-7896-458a-890F-E1F05C46069F}] Ask Toolbar BHO - C:\Programme\AskPBar\bar\1.bin\ASKPBAR.DLL [2007-12-11 241664] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {855F3B16-6D32-4fe6-8A56-BBB695989046} {F4D76F09-7896-458a-890F-E1F05C46069F} - Ask Toolbar - C:\Programme\AskPBar\bar\1.bin\ASKPBAR.DLL [2007-12-11 241664] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google Toolbar - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll [2009-03-27 251504] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "HotkeyApp"=C:\Programme\Launch Manager\HotkeyApp.exe [2003-01-09 57418] "CtrlVol"=C:\Programme\Launch Manager\CtrlVol.exe [2002-10-23 163840] "LaunchAp"=C:\Programme\Launch Manager\LaunchAp.exe [2002-12-02 32768] "Wbutton"=C:\Programme\Launch Manager\WButton.exe [2003-01-09 53248] "AVP"=C:\Programme\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe [2008-05-01 221184] "WinPatrol"=C:\Programme\BillP Studios\WinPatrol\winpatrol.exe [2009-07-22 341312] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "swg"=C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-06-17 68856] "MSMSGS"=C:\Programme\Messenger\msmsgs.exe [2004-10-13 1694208] "MySpaceIM"=C:\Programme\MySpace\IM\MySpaceIM.exe [2008-02-26 8699904] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acronis Scheduler2 Service] C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AcronisTimounterMonitor] C:\Programme\Acronis\TrueImageHome\TimounterMonitor.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader] C:\Programme\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe [2007-05-15 57344] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOLDialer] C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLDial.exe [2006-12-18 70952] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt] C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe /min [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVP] C:\Programme\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe [2008-05-01 221184] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCWipeTM Startup] C:\Programme\Jetico\BestCrypt\BCWipeTM.exe [2006-12-17 294912] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMBgMonitor.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent] bthprops.cpl,,BluetoothAuthenticationAgent [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CtrlVol] C:\Programme\Launch Manager\CtrlVol.exe [2002-10-23 163840] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools] C:\Programme\DAEMON Tools\daemon.exe [2008-02-06 171464] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dexpot 1.4] C:\Programme\Dexpot\dexpot.exe [2007-12-30 1286144] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent] C:\Programme\Microsoft ActiveSync\wcescomm.exe [2006-11-13 1289000] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager] C:\Programme\Gemeinsame Dateien\AOL\1202367744\ee\AOLSoftware.exe [2008-02-07 50736] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe [2003-04-07 114688] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update] C:\Programme\HP\HP Software Update\HPWuSchd2.exe [2008-01-08 49152] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPWireless] C:\Programme\HP Wireless Adapter\HPWLAN.exe [2006-10-04 618496] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray] C:\WINDOWS\System32\igfxtray.exe [2003-04-07 155648] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup] C:\PROGRA~1\GEMEIN~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler] C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe [2008-02-06 81920] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LaunchAp] C:\Programme\Launch Manager\LaunchAp.exe [2002-12-02 32768] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair] C:\Programme\Logitech\Video\ISStart.exe [2005-06-08 458752] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MySpaceIM] C:\Programme\MySpace\IM\MySpaceIM.exe [2008-02-26 8699904] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NSLauncher] C:\Programme\Nokia\Nokia Software Launcher\NSLauncher.exe /startup [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PcSync] C:\Programme\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Performance Center] C:\Programme\Ascentive\Performance Center\ApcMain.exe -m [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] C:\Programme\QuickTime\qttask.exe [2006-12-17 98304] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray] C:\Programme\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpriteService] C:\Programme\Sprite Software\Sprite Backup\SpriteService.exe [2008-06-03 9808872] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate] C:\Programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2008-02-06 155648] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] C:\Programme\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-06-17 68856] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Synchronization Manager] C:\WINDOWS\system32\mobsync.exe [2004-08-04 144384] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh] C:\Programme\Synaptics\SynTP\SynTPEnh.exe [2003-04-24 610304] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPLpr] C:\Programme\Synaptics\SynTP\SynTPLpr.exe [2003-04-24 110592] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe] C:\Programme\TomTom HOME\TomTomHOME.exe [2007-03-14 3770024] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrueImageMonitor.exe] C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wbutton] C:\Programme\Launch Manager\Wbutton.exe [2003-01-09 53248] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinDVR SchSvr] C:\Programme\Gemeinsame Dateien\InterVideo\SchSvr\SchSvr.exe [2005-02-17 106496] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^desktop.ini] C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\desktop.ini [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^HP Digital Imaging Monitor.lnk] C:\PROGRA~3\HP\DIGITA~1\bin\hpqtra08.exe [2008-01-08 282624] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^HP Image Zone Schnellstart.lnk] C:\PROGRA~3\HP\DIGITA~1\bin\hpqthb08.exe [2008-01-10 73728] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^InterVideo WinCinema Manager.lnk] C:\PROGRA~3\INTERV~1\Common\Bin\WINCIN~1.EXE [2005-02-17 204800] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Microsoft Office.lnk] C:\PROGRA~3\MICROS~3\Office10\OSA.EXE [2006-12-20 83360] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^zwinger^Startmenü^Programme^Autostart^desktop.ini] C:\Dokumente und Einstellungen\zwinger\Startmenü\Programme\Autostart\desktop.ini [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^zwinger^Startmenü^Programme^Autostart^Dragon NaturallySpeaking.lnk] C:\PROGRA~3\Nuance\NATURA~1\Program\natspeak.exe [2008-02-06 2297856] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^zwinger^Startmenü^Programme^Autostart^Microsoft ActiveSync.lnk] C:\WINDOWS\Installer\{99052DB7-9592-4522-A558-5417BBAD48EE}\WCESMgrIcon.exe [2008-08-27 22486] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "WMPNetworkSvc"=3 "usnjsvc"=3 "STI Simulator"=2 "ServiceLayer"=3 "PSI_SVC_2"=2 "Pml Driver HPZ12"=2 "IDriverT"=3 "gusvc"=3 "FLEXnet Licensing Service"=3 "Bonjour Service"=2 "AntiVirService"=2 "AntiVirScheduler"=2 "AcrSch2Svc"=2 "aawservice"=2 "MDM"=2 "AOL ACS"=2 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLS"="hplun.dll,C:\PROGRA~3\KASPER~1\KASPER~1\adialhk.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\WINDOWS\system32\igfxsrvc.dll [2003-04-07 315392] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon] C:\WINDOWS\system32\klogon.dll [2008-02-08 219664] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\qoMfgGvw] qoMfgGvw.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2004-08-04 240128] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] xvorfwbd - {BF7B3FBA-7DE5-4886-9848-E4AA0F19D17F} [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa] "authentication packages"=msv1_0 C:\WINDOWS\system32\yayyWqPI [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DisableTaskMgr"=1 "NoDispCPL"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 "NoToolbarCustomize"=1 "NoDrives"=12 "StartMenuLogoff"=1 "NoStartMenuMorePrograms"=1 "NoSetFolders"=1 |
|
23.07.2009, 21:43
| #3 |
| | virus alert neben der uhr log 2. teil
__________________Code:
ATTFilter
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Programme\Trillian\trillian.exe"="C:\Programme\Trillian\trillian.exe:*:Enabled:Trillian"
"C:\Programme\AOL 9.0 VR\waol.exe"="C:\Programme\AOL 9.0 VR\waol.exe:*:Enabled:AOL"
"C:\Programme\Gemeinsame Dateien\AOL\TopSpeed\3.0\aoltpsd3.exe"="C:\Programme\Gemeinsame Dateien\AOL\TopSpeed\3.0\aoltpsd3.exe:*:Enabled:AOL TopSpeed"
"C:\Programme\Gemeinsame Dateien\AOL\Loader\aolload.exe"="C:\Programme\Gemeinsame Dateien\AOL\Loader\aolload.exe:*:Enabled:AOL Loader"
"C:\Programme\Gemeinsame Dateien\AOL\System Information\sinf.exe"="C:\Programme\Gemeinsame Dateien\AOL\System Information\sinf.exe:*:Enabled:AOL System Information"
"C:\Programme\Private Message Plus\privmsg.exe"="C:\Programme\Private Message Plus\privmsg.exe:*:Enabled:Private Message Plus"
"C:\Programme\Gemeinsame Dateien\AOL\1166367862\ee\aolsoftware.exe"="C:\Programme\Gemeinsame Dateien\AOL\1166367862\ee\aolsoftware.exe:*:Enabled:AOL Services"
"C:\Programme\Gemeinsame Dateien\AOL\1166367862\ee\aim6.exe"="C:\Programme\Gemeinsame Dateien\AOL\1166367862\ee\aim6.exe:*:Enabled:AIM"
"C:\Programme\AOL 9.0\waol.exe"="C:\Programme\AOL 9.0\waol.exe:*:Enabled:AOL 9.0"
"C:\NetObjects Fusion 7\Fusion.exe"="C:\NetObjects Fusion 7\Fusion.exe:*:Enabled:NetObjects Fusion"
"C:\Programme\Yahoo!\Messenger\YahooMessenger.exe"="C:\Programme\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\Programme\Yahoo!\Messenger\YServer.exe"="C:\Programme\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\Programme\Nero\Nero 7\Nero Home\NeroHome.exe"="C:\Programme\Nero\Nero 7\Nero Home\NeroHome.exe:*:Enabled:Nero Home"
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"C:\Programme\Messenger\msmsgs.exe"="C:\Programme\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Programme\Mozilla Firefox\firefox.exe"="C:\Programme\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Programme\ICQ6\ICQ.exe"="C:\Programme\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"C:\wincmd\WINCMD32.EXE"="C:\wincmd\WINCMD32.EXE:*:Enabled:Windows Commander 32 bit international version, file manager replacement for Windows"
"C:\Programme\Hitman Pro\wget.exe"="C:\Programme\Hitman Pro\wget.exe:*:Enabled:wget"
"C:\Programme\Nokia\Nokia Software Updater\nsu_ui_client.exe"="C:\Programme\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater"
"C:\Programme\Gemeinsame Dateien\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Programme\Gemeinsame Dateien\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"C:\Programme\SecondLife\SLVoice.exe"="C:\Programme\SecondLife\SLVoice.exe:*:Enabled:SLVoice"
"C:\Programme\NetMeeting\conf.exe"="C:\Programme\NetMeeting\conf.exe:*:Enabled:Windows® NetMeeting®"
"C:\Programme\eMule.de 0.48a v18\emule.exe"="C:\Programme\eMule.de 0.48a v18\emule.exe:*:Enabled:eMule"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Programme\MSN Messenger\msnmsgr.exe"="C:\Programme\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Programme\MSN Messenger\livecall.exe"="C:\Programme\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Programme\Internet Explorer\iexplore.exe"="C:\Programme\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"C:\Programme\Kopie von Trillian\trillian.exe"="C:\Programme\Kopie von Trillian\trillian.exe:*:Enabled:Trillian"
"C:\Programme\Trillianoriginal\trillian.exe"="C:\Programme\Trillianoriginal\trillian.exe:*:Enabled:Trillian"
"C:\Programme\Setup Wizard\Setup Wizard.exe"="C:\Programme\Setup Wizard\Setup Wizard.exe:*:Enabled:Setup Wizard"
"C:\Programme\IPView Pro\IPView Pro.exe"="C:\Programme\IPView Pro\IPView Pro.exe:*:Enabled:IPView Pro"
"C:\Programme\HP\Digital Imaging\bin\hpqste08.exe"="C:\Programme\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Programme\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Programme\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Programme\HP\Digital Imaging\bin\hposfx08.exe"="C:\Programme\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Programme\HP\Digital Imaging\bin\hposid01.exe"="C:\Programme\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Programme\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Programme\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Programme\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Programme\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Programme\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Programme\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\Programme\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Programme\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\Programme\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Programme\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Programme\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Programme\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\Programme\HP\Digital Imaging\bin\hpoews01.exe"="C:\Programme\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Programme\Bonjour\mDNSResponder.exe"="C:\Programme\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLDial.exe"="C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLDial.exe:*:Enabled:AOL"
"C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLAcsd.exe"="C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLAcsd.exe:*:Enabled:AOL"
"C:\Programme\Gemeinsame Dateien\aol\1202367744\ee\aolsoftware.exe"="C:\Programme\Gemeinsame Dateien\aol\1202367744\ee\aolsoftware.exe:*:Enabled:AOL Shared Components"
"C:\Programme\Sprite Software\Sprite Backup\SpriteService.exe"="C:\Programme\Sprite Software\Sprite Backup\SpriteService.exe:*:Enabled:Sprite Backup PC Service"
"C:\Programme\MySpace\IM\MySpaceIM.exe"="C:\Programme\MySpace\IM\MySpaceIM.exe:*:Enabled:MySpace Instant Messenger"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Programme\Microsoft ActiveSync\rapimgr.exe"="C:\Programme\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Programme\Microsoft ActiveSync\wcescomm.exe"="C:\Programme\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Programme\Microsoft ActiveSync\WCESMgr.exe"="C:\Programme\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\Programme\devolo\informer\devinf.exe"="C:\Programme\devolo\informer\devinf.exe:*:Enabled:devolo Informer"
"C:\Programme\IPCameraSearcher\MultiWindow.exe"="C:\Programme\IPCameraSearcher\MultiWindow.exe:*:Enabled:IP Camera Player"
"C:\Programme\IPCameraSearcher\IPCameraSearcher.exe"="C:\Programme\IPCameraSearcher\IPCameraSearcher.exe:*:Enabled:IPCameraSearcher"
"C:\Dokumente und Einstellungen\zwinger\Desktop\My Mobile\MyMobiler\MyMobiler.exe"="C:\Dokumente und Einstellungen\zwinger\Desktop\My Mobile\MyMobiler\MyMobiler.exe:*:Enabled:My Mobile - My Mobiler"
"C:\Programme\Sitecom\MFP Server Control Center\Control Center.exe"="C:\Programme\Sitecom\MFP Server Control Center\Control Center.exe:*:Enabled:Control Center"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Programme\AOL 9.0\waol.exe"="C:\Programme\AOL 9.0\waol.exe:*:Enabled:AOL 9.0"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Programme\MSN Messenger\msnmsgr.exe"="C:\Programme\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Programme\MSN Messenger\livecall.exe"="C:\Programme\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLDial.exe"="C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLDial.exe:*:Enabled:AOL"
"C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLAcsd.exe"="C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLAcsd.exe:*:Enabled:AOL"
"C:\Programme\Microsoft ActiveSync\rapimgr.exe"="C:\Programme\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Programme\Microsoft ActiveSync\wcescomm.exe"="C:\Programme\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Programme\Microsoft ActiveSync\WCESMgr.exe"="C:\Programme\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
======List of files/folders created in the last 1 months======
2009-07-23 22:27:40 ----D---- C:\Programme\trend micro
2009-07-23 22:27:37 ----D---- C:\rsit
2009-07-23 20:57:34 ----D---- C:\Dokumente und Einstellungen\sirius\Anwendungsdaten\Malwarebytes
2009-07-23 20:57:06 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
2009-07-23 20:57:04 ----D---- C:\Programme\Malwarebytes' Anti-Malware
2009-07-23 19:12:32 ----D---- C:\Dokumente und Einstellungen\sirius\Anwendungsdaten\WinPatrol
======List of files/folders modified in the last 1 months======
2009-07-23 22:27:41 ----D---- C:\WINDOWS\Temp
2009-07-23 22:27:40 ----D---- C:\Programme
2009-07-23 21:48:46 ----D---- C:\WINDOWS\system32\CatRoot2
2009-07-23 21:48:28 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Kaspersky Lab
2009-07-23 21:46:57 ----D---- C:\WINDOWS
2009-07-23 21:43:07 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-07-23 20:57:34 ----D---- C:\WINDOWS\Prefetch
2009-07-23 20:57:08 ----D---- C:\WINDOWS\system32\drivers
2009-07-23 20:50:07 ----D---- C:\WINDOWS\Debug
2009-07-23 20:50:06 ----SHD---- C:\RECYCLER
2009-07-23 20:15:44 ----D---- C:\Dokumente und Einstellungen\sirius\Anwendungsdaten\Adobe
2009-07-23 20:03:34 ----D---- C:\Programme\Mozilla Firefox
2009-07-23 19:11:43 ----SHD---- C:\WINDOWS\Installer
2009-07-23 19:11:43 ----D---- C:\Config.Msi
2009-07-21 12:43:56 ----D---- C:\rec
2009-07-18 16:07:20 ----D---- C:\Programme\IPCameraSearcher
2009-07-15 13:06:52 ----A---- C:\WINDOWS\win.ini
2009-06-28 14:52:59 ----D---- C:\WINDOWS\system32
2009-06-28 11:32:14 ----D---- C:\WINDOWS\system32\Macromed
2009-06-25 08:28:01 ----D---- C:\WINDOWS\Downloaded Program Files
2009-06-25 08:27:53 ----D---- C:\WINDOWS\inf
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 BC_BF448;BC_BF448; C:\WINDOWS\system32\drivers\BC_BF448.sys [2006-12-17 12779]
R1 BC_BFish;BC_BFish; C:\WINDOWS\system32\drivers\BC_BFish.sys [2006-12-17 12747]
R1 BC_DES;BC_DES; C:\WINDOWS\system32\drivers\BC_DES.sys [2006-12-17 17991]
R1 BC_Gost;BC_Gost; C:\WINDOWS\system32\drivers\BC_Gost.sys [2006-12-17 14013]
R1 BC_RIJN;BC_RIJN; C:\WINDOWS\system32\drivers\BC_RIJN.sys [2006-12-17 43101]
R1 BC_TFISH;BC_TFISH; C:\WINDOWS\system32\drivers\BC_TFISH.sys [2006-12-17 31639]
R1 bcbus;BestCrypt bus driver; C:\WINDOWS\system32\DRIVERS\bcbus.sys [2003-10-31 27631]
R1 fsh;fsh; C:\WINDOWS\system32\drivers\fsh.sys [2006-12-17 8448]
R1 Hotkey;Hotkey; C:\WINDOWS\system32\drivers\Hotkey.sys [2002-10-29 8843]
R1 intelppm;Intel-Prozessortreiber; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2004-08-04 40192]
R1 klif;Klif; \??\C:\WINDOWS\system32\drivers\klif.sys []
R1 Wbutton;Wbutton; C:\WINDOWS\system32\drivers\Wbutton.sys [2002-10-23 2920]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS-Dienstanbieter-Unterstützungsumgebung; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2006-12-17 12032]
R2 HPEAPPkt;Realtek EAPPkt Protocol(HP); C:\WINDOWS\system32\DRIVERS\HPEAPPkt.sys [2006-05-12 68864]
R2 irda;IrDA-Protokoll; C:\WINDOWS\System32\DRIVERS\irda.sys [2004-08-04 87424]
R2 NPF_devolo;NetGroup Packet Filter Driver (devolo); C:\WINDOWS\system32\drivers\npf_devolo.sys [2008-11-28 35840]
R3 {6080A529-897E-4629-A488-ABA0C29B635E};Intel(R) Graphics Platform (SoftBIOS) Driver; C:\WINDOWS\system32\drivers\ialmsbw.sys [2003-04-23 113504]
R3 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91};Intel(R) Graphics Chipset (KCH) Driver; C:\WINDOWS\system32\drivers\ialmkchw.sys [2003-04-23 78752]
R3 {E2B953A6-195A-44F9-9BA3-3D5F4E32BB55};AIM 3.0 Part 01 Codec Driver CH-7009-A/CH-7011; C:\WINDOWS\system32\drivers\wA301a.sys [2003-04-23 33335]
R3 Arp1394;1394-ARP-Clientprotokoll; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2004-08-03 60800]
R3 CmBatt;Treiber für Microsoft-ACPI-Kontrollmethodenkompatible Batterie; C:\WINDOWS\System32\DRIVERS\CmBatt.sys [2004-08-04 14080]
R3 cs429x;Cirrus Logic WDM Audio Codec Driver; C:\WINDOWS\system32\drivers\cwawdm.sys [2003-07-14 111168]
R3 hpnuhst;HP NUSB Host; C:\WINDOWS\system32\DRIVERS\hpnuhst.sys [2006-12-19 11136]
R3 HPNUHUB;HP NUSB Hub; C:\WINDOWS\system32\DRIVERS\hpnuhub.sys [2006-12-19 37248]
R3 ialm;ialm; C:\WINDOWS\System32\DRIVERS\ialmnt5.sys [2003-04-23 90907]
R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINDOWS\system32\DRIVERS\klim5.sys [2007-12-13 24592]
R3 KUSBusByTCPMasterBus;Master Bus of Kernel USB Software Bus by TCP; C:\WINDOWS\System32\Drivers\KUSBusByTCPMasterBus.sys [2007-08-30 49664]
R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [2007-06-13 22016]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
R3 mhk;mhk; C:\WINDOWS\system32\drivers\mhk.sys [2006-12-17 6272]
R3 moh;moh; C:\WINDOWS\system32\drivers\moh.sys [2006-12-17 3328]
R3 NIC1394;1394-Netzwerktreiber; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2004-08-03 61824]
R3 NSCIRDA;NSC-Infrarotgerätetreiber; C:\WINDOWS\System32\DRIVERS\nscirda.sys [2004-08-04 28672]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2002-09-27 9856]
R3 Rasirda;WAN-Miniport (IrDA); C:\WINDOWS\System32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\System32\DRIVERS\SynTP.sys [2003-04-24 270448]
R3 usbehci;Miniporttreiber für erweiterten Microsoft USB 2.0-Hostcontroller; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2004-08-04 26624]
R3 usbhub;USB2-aktivierter Hub; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2004-08-04 57600]
R3 usbscan;USB-Scannertreiber; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
R3 usbuhci;Miniporttreiber für universellen Microsoft USB-Hostcontroller; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2004-08-04 20480]
R3 w70n51;Intel(R) PRO/Wireless 7100 Adapter-Treiber; C:\WINDOWS\System32\DRIVERS\w70n51.sys [2003-10-13 2479104]
R3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys [2003-01-10 33588]
R3 WBMS;Winbond Memory Stick Storage (MS) Device Driver; C:\WINDOWS\System32\Drivers\WBMS.SYS [2002-11-07 30208]
R3 WBSD;Winbond Secure Digital Storage (SD/MMC) Device Driver; C:\WINDOWS\System32\Drivers\WBSD.SYS [2002-11-28 25600]
S1 mailKmd;mailKmd; C:\WINDOWS\system32\drivers\mailKmd.sys []
S3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\System32\DRIVERS\AGRSM.sys []
S3 azdc0dfz;azdc0dfz; C:\WINDOWS\system32\drivers\azdc0dfz.sys []
S3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\WINDOWS\System32\DRIVERS\bcm4sbxp.sys [2002-12-17 42368]
S3 BthEnum;Bluetooth-Anforderungsblocktreiber; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2004-08-04 17024]
S3 BthPan;Bluetooth-Gerät (PAN); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2004-08-03 100992]
S3 BTHPORT;Bluetooth-Porttreiber; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 273024]
S3 BTHUSB;USB-Treiber für Bluetooth-Funkgerät; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2004-08-04 18944]
S3 CamDrL;Logitech QuickCam Pro 3000(CamDrl); C:\WINDOWS\system32\DRIVERS\Camdrl.sys [2004-10-08 326656]
S3 CCDECODE;Untertiteldecoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-04 17024]
S3 gv3;Intel GV3-Prozessortreiber; C:\WINDOWS\System32\DRIVERS\gv3.sys [2002-11-20 33664]
S3 HidUsb;Microsoft HID Class-Treiber; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
S3 HPNUCMP;HP NUSB Composite; C:\WINDOWS\system32\DRIVERS\hpnucmp.sys [2006-12-19 11648]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-03-08 51120]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-03-08 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-03-08 21744]
S3 KUSBusByTCP;KUSBusByTCP; C:\WINDOWS\System32\Drivers\KUSBusByTCP.sys [2007-08-30 88576]
S3 mouhid;Maus-HID-Treiber; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-18 12288]
S3 MPE;BDA MPE-Filter; C:\WINDOWS\system32\DRIVERS\MPE.sys [2004-08-03 15360]
S3 MSIRCOMM;Microsoft IR Communications Driver; C:\WINDOWS\system32\DRIVERS\MSIRCOMM.sys [2004-08-03 22016]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI-Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-04 85376]
S3 NdisIP;Microsoft TV-/Videoverbindung; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-04 10880]
S3 Nokia USB Generic;Nokia USB Generic; C:\WINDOWS\system32\drivers\nmwcdc.sys [2006-05-29 8704]
S3 Nokia USB Modem;Nokia USB Modem; C:\WINDOWS\system32\drivers\nmwcdcm.sys [2006-05-29 13312]
S3 Nokia USB Phone Parent;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\nmwcd.sys [2006-05-29 127488]
S3 Nokia USB Port;Nokia USB Port; C:\WINDOWS\system32\drivers\nmwcdcj.sys [2006-05-29 13312]
S3 PAC207;SoC PC-Camer@; C:\WINDOWS\system32\DRIVERS\pfc027.sys [2007-11-14 162304]
S3 RFCOMM;Bluetooth-Gerät (RFCOMM-Protokoll-TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2004-08-04 59648]
S3 RTLWUSB;Wireless Adapter; C:\WINDOWS\system32\DRIVERS\hpl8187.sys [2006-08-15 189440]
S3 SjyPkt;SjyPkt; \??\C:\WINDOWS\System32\Drivers\SjyPkt.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-04 11136]
S3 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-11-08 21248]
S3 streamip;BDA-IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-04 15360]
S3 usb_rndisx;USB RNDIS Adapter; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2005-10-21 12800]
S3 usbaudio;USB-Audiotreiber (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-04 59264]
S3 USBAV192.X86;Instant VideoXpress; C:\WINDOWS\SYSTEM32\DRIVERS\USBAV192.X86.SYS [2006-11-17 320256]
S3 usbccgp;Microsoft Standard-USB-Haupttreiber; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-04 31616]
S3 usbprint;Microsoft USB-Druckerklasse; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-04 25856]
S3 USBSTOR;USB-Massenspeichertreiber; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2006-11-06 28672]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext-Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-04 19328]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 BCSWAP;BCSWAP; C:\WINDOWS\system32\drivers\BCSWAP.sys [2006-12-17 83456]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AOL ACS;AOL Connectivity Service; C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLAcsd.exe [2006-12-18 46640]
R2 AVP;Kaspersky Security Suite CBE; C:\Programme\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe [2008-05-01 221184]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336]
R2 Irmon;Infrarotüberwachung; C:\WINDOWS\System32\svchost.exe [2004-08-04 14336]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Updater Service; C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-27 137200]
S3 IDriverT;InstallDriver Table Manager; C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2008-02-06 73728]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S4 aawservice;Ad-Aware 2007 Service; C:\Programme\Lavasoft\Ad-Aware 2007\aawservice.exe [2008-07-05 607576]
S4 AcrSch2Svc;Acronis Scheduler2 Service; C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe []
S4 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Programme\Bonjour\mDNSResponder.exe [2008-01-28 229376]
S4 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-01-28 654848]
S4 MDM;Machine Debug Manager; C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe [2006-12-20 270336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 NMIndexingService;NMIndexingService; C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe []
S4 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-09-29 73728]
S4 PSI_SVC_2;Protexis Licensing V2; c:\Programme\Gemeinsame Dateien\Protexis\License Service\PsiService_2.exe [2008-06-16 185632]
S4 ServiceLayer;ServiceLayer; C:\Programme\Gemeinsame Dateien\PCSuite\Services\ServiceLayer.exe [2008-02-21 174080]
S4 STI Simulator;STI Simulator; C:\WINDOWS\System32\PAStiSvc.exe [2007-11-14 53248]
S4 usnjsvc;Messenger USN Journal Reader-Service für freigegebene Ordner; C:\Programme\MSN Messenger\usnsvc.exe [2007-11-06 97136]
S4 WMPNetworkSvc;Windows Media Player-Netzwerkfreigabedienst; C:\Programme\Windows Media Player\WMPNetwk.exe [2006-11-03 920576]
-----------------EOF-----------------
Code:
ATTFilter Malwarebytes' Anti-Malware 1.39
Datenbank Version: 2489
Windows 5.1.2600 Service Pack 2
23.07.2009 22:21:49
mbam-log-2009-07-23 (22-21-49).txt
Scan-Methode: Vollständiger Scan (C:\|)
Durchsuchte Objekte: 41528
Laufzeit: 29 minute(s), 52 second(s)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 2
Infizierte Registrierungswerte: 1
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{e55e1c86-434d-46f9-a253-2de4ab3f9734} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e55e1c86-434d-46f9-a253-2de4ab3f9734} (Trojan.Vundo) -> Quarantined and deleted successfully.
Infizierte Registrierungswerte:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{e55e1c86-434d-46f9-a253-2de4ab3f9734} (Trojan.Vundo) -> Quarantined and deleted successfully.
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
|
|
23.07.2009, 21:45
| #4 |
| | virus alert neben der uhr auch wenn alles FAlsch herrum ist, hoffe ich mir kann jemand helfen bitte |
|
| Themen zu virus alert neben der uhr |
| alert, avira, components, control center, converter, cracker, dll, document, firefox, flash player, help, install.exe, internet, kaspersky, langsam, logfile, msiexec.exe, officejet, pdf, programme, rundll, security, security suite, sehr langsam, server, sketchup, software, solution, system, updates, virus, virus alert, virusalert, windows, windows internet, windows internet explorer, windows xp, windows-sicherheitscenterdienst |
Linear-Darstellung
