Trojaner/Würmer/Dropper

ebayfreak · 24.07.2009, 14:53

Hallo,

habe seit langem mal wieder ein Virusscan gemacht (AVIRA). und war echt erschrocken was er alles gefunden hat.

Malwarebytes Anti-Malware Bericht:

Zitat:

Malwarebytes' Anti-Malware 1.39
Datenbank Version: 2492
Windows 5.1.2600 Service Pack 2

24.07.2009 15:39:21
mbam-log-2009-07-24 (15-39-21).txt

Scan-Methode: Vollständiger Scan (A:\|C:\|D:\|E:\|)
Durchsuchte Objekte: 241559
Laufzeit: 2 hour(s), 36 minute(s), 17 second(s)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 47
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 26
Infizierte Dateien: 166

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_CLASSES_ROOT\videoegg.activexloader (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{168dc258-1455-4e61-8590-9dac2f27b675} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1a8642f1-dc80-4edc-a39d-0fb62a58b455} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3f91eb90-ef62-44ee-a685-fac29af111cd} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{5c29c7e4-5321-4cad-be2e-877666bed5df} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{83dfb6ee-ab18-41b5-86d4-b544a141d67e} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{88d6cf0e-cf70-4c24-bf6e-e4e414bc649c} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8f6a82a2-d7b1-443e-bb9f-f7dc887dd618} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9856e2d8-ffb2-4fe5-8cad-d5ad6a35a804} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a3d06987-c35e-49e4-8fe2-ac67b9fbfb4c} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a58c497b-3ee2-45e7-9594-daca6be2a0d0} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ad0a3058-fd49-4f98-a514-fd055201835e} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ad5915ea-b61a-4dba-b5c8-ef4b2df0a3c7} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{af2e62b6-f9e1-4d4f-a10a-9dc8e6dcbcc0} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{bb187c0d-6f53-4f3e-9590-98fd3a7364a2} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c5041fd9-4819-4dc4-b20e-c950b5b03d2a} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d17726cc-d4dd-4c4a-9671-471d56e413b5} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{db8cce99-59c6-4552-8bfc-058feb38d6ce} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{dc3a04ee-cdd7-4407-915c-a5502f97eecd} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e1a63484-a022-4d42-830a-fbd411514440} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e282c728-189d-419e-8ee2-1601f4b39ba5} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\videoegg.activexloader.1 (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{d518921a-4a03-425e-9873-b9a71756821e} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videoegg.com/publisher,version=1.5 (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWay) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\MediaHoldings (Adware.PlayMP3Z) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\PlayMP3 (Adware.PlayMP3Z) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\FBrowsingAdvisor (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Trymedia Systems (Adware.Trymedia) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\IGB (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055fd26d-3a88-4e15-963d-dc8493744b1d} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{055fd26d-3a88-4e15-963d-dc8493744b1d} (Adware.BHO) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
C:\Programme\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\programme\mywebsearch\bar (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\programme\mywebsearch\bar\History (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\programme\mywebsearch\bar\Settings (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Programme\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\programme\funwebproducts\ScreenSaver (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\programme\funwebproducts\screensaver\Images (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\programme\funwebproducts\Shared (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Programme\PlayMP3z (Adware.PlayMP3Z) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\Christian.WERNER-B72F4A9C\Anwendungsdaten\FunWebProducts (Adware.MyWay) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\funwebproducts\Data (Adware.MyWay) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\funwebproducts\Data\Christian (Adware.MyWay) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\Christian.WERNER-B72F4A9C\Anwendungsdaten\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\Data (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\Loader (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\Loader\4665 (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\Publisher (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520 (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\messages (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4665 (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\Updater (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\Updater\4665 (Adware.VideoEgg) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\Christian.WERNER-B72F4A9C\Startmenü\Programme\Spyware-Secure (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

Infizierte Dateien:
C:\Dokumente und Einstellungen\Christian.WERNER-B72F4A9C\Anwendungsdaten\VideoEgg\Loader\4665\npvideoegg-loader.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\WINDOWS\downloaded program files\VideoEggPublisher.exe (Malware.Tool) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian\anwendungsdaten\errorsafegermannewreleaseinstall[1].exe (Rogue.Installer) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\Updater\updater.exe (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\Updater\VideoEggBroker.exe (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\Updater\VideoEggBroker.exe.old (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\eigene dateien\eigene bilder\christian2\Desktop\Ordner\sonstiges\RPS Online.exe (Backdoor.SdBot) -> Quarantined and deleted successfully.
c:\programme\mywebsearch\bar\History\search2 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\programme\mywebsearch\bar\Settings\s_pid.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\programme\funwebproducts\Shared\002715DC.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\programme\PlayMP3z\PlayMP3.exe (Adware.PlayMP3Z) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\DataLOCKED (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\Uninstall.exe (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\Data\report.log (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\Loader\loader.ver (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\publisher.ver (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\avcodec.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\crashRpt.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\FLVEncoder.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\lame_enc.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\LevelMeter.ax (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\libcurlve.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\libpng.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\npvideoegg-publisher.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\VideoEgg_FLVWriter.ax (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\zlib.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\aol_watermark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\audio_combo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\audio_source.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\big_gray_logo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\big_logo_cropped.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\blank_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\button_browse_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\button_browse_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\button_browse_up.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\camcorders_title.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\camcorder_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\camcorder_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\corners_bottom_left.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\corners_bottom_left_curve.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\corners_bottom_right.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\corners_top_right.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\done.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\done_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\done_capture_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\done_capture_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\done_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.

ebayfreak · 24.07.2009, 14:54

teil2:

Zitat:

c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\done_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\dropshadow_bottom_left.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\dropshadow_horiz.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\dropshadow_vertical.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\dropzone.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\dv_fast_forward.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\dv_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\dv_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\dv_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\dv_stop.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\email_instructions.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\email_sent.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\email_sent_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\email_sent_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\eraser.CUR (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\eraser_cursor.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\file_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\file_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\help.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\icon_camcorder.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\icon_camcorders.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\icon_camcorder_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\icon_camcorder_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\icon_ff.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\icon_file_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\icon_file_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\icon_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\icon_phone_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\icon_phone_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\icon_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\icon_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\icon_stop.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\icon_webcam.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\icon_webcams.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\icon_webcam_dark.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\icon_webcam_light.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\loading.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\loading_movie.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\locating.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\logo.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\logo_bottom.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\logo_middle.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\logo_top.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\mobile_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\mobile_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\mobile_slide_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\movie_placeholder.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\ok.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\ok_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\ok_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\player_fast_forward.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\player_fast_forward_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\player_fill.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\player_pause.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\player_play.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\player_rewind.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\player_rewind_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\player_rewind_to_start.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\playhead.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\powered_by.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\progress.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\refresh_list_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\refresh_list_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\refresh_list_up.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\restart.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\restart_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\start_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\start_capture_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\start_capture_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\start_capture_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\start_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\start_over_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\start_slider.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\stop_capture.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\stop_capture_disabled.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\stop_capture_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\stop_capture_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\stop_slider.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\tab_slide_deselected.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\tape_control.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\text_camcorder.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\text_camcorder_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\text_file.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\text_file_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\text_phone.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\text_phone_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\text_webcam.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\text_webcam_highlight.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\title.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\upload.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\uploading.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\uploading_fill.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\uploading_high.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\uploading_low.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\uploading_medium.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\uploading_thumbnail.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\upload_down.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\upload_from.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\upload_over.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\volume_gray.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\volume_green.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\volume_high.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\volume_low.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\volume_orange.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\volume_red.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\volume_slider.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\waiting_for_email.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\webcams_title.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\webcam_btn_highlighted.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\images\webcam_slide.png (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\publisher\4520\resources\VideoEgg\messages\messages.en-US.bundle (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\Updater\updater.ver (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\Updater\4665\libcurlve.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\anwendungsdaten\VideoEgg\Updater\4665\updater.dll (Adware.VideoEgg) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\startmenü\programme\spyware-secure\Spyware-Secure trial.lnk (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\startmenü\programme\spyware-secure\Website.lnk (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christian.werner-b72f4a9c\Desktop\Spyware-Secure trial.lnk (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nvs2.inf (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Programme\ICQToolbar\1331\toolbaru.dll (Adware.BHO) -> Delete on reboot.

ich hoffe man kann da noch was machen

Danke im vorraus

Mellosun · 24.07.2009, 15:58

Mahlzeit,

Zitat:

Zitat von ebayfreak

Hallo,

habe seit langem mal wieder ein Virusscan gemacht (AVIRA). und war echt erschrocken was er alles gefunden hat.

Und, was willst du jetzt von uns?

Zitat:

Zitat von ebayfreak

ich hoffe man kann da noch was machen

Man kann immer......

Vorallem kann ich Dir was ans herz legen: Klick mich mal und Lese aufmerksam

ebayfreak · 24.07.2009, 18:40

ich habe das gelesen
habe die drei sachen auch gemacht

ich hätte gerne hilfe, um die viren zu entfernen

Mellosun · 24.07.2009, 18:43

Zitat:

Zitat von ebayfreak

ich hätte gerne hilfe, um die viren zu entfernen

Zitat: Quarantined and deleted successfully

Das hat Malwarebytes schon gemacht....
Allerdings ist darunter ein Trojan Agent.....da sollte man etwas tiefer ins System schauen!
Hast du irgendwelche Probleme mit dem Rechner?

ebayfreak · 24.07.2009, 18:48

der ist extrem langsam geworden
ansonsten sind mir keine aufgefallen

Mellosun · 24.07.2009, 18:50

Poste bitte ein HijackThis Log!

Ebenfalls hätte ich gern ein log von RSIT

ebayfreak · 24.07.2009, 18:57

Hijackthis

Zitat:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:54:43, on 24.07.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16850)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\AppCore\AppSvc32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Programme\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Bonjour\mDNSResponder.exe
C:\Programme\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Programme\FRITZ!DSL\IGDCTRL.EXE
C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Programme\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Dokumente und Einstellungen\Supervisor\Lokale Einstellungen\Apps\2.0\XC064DRW.J93\0H8OJ4E8.40V\frit..tion_f8d772dfbb3f7453_0002.0001_0db5bf149dd7a141\fritzbox-usb-fernanschluss.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Programme\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://red.clientapps.yahoo.com/customize/ie/defaults/stp/yme/*http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://red.clientapps.yahoo.com/customize/ie/defaults/su/yme/*http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ie/defaults/sb/yme/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/ie/defaults/sp/yme/*http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://red.clientapps.yahoo.com/customize/ie/defaults/stp/yme/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ie/defaults/su/yme/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\1331\toolbaru.dll (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Programme\Gemeinsame Dateien\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Programme\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Norton-Symbolleiste anzeigen - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Programme\Gemeinsame Dateien\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\1331\toolbaru.dll (file missing)
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programme\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Programme\Gemeinsame Dateien\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Programme\Gemeinsame Dateien\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [avgnt] "C:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AVMUSBFernanschluss] C:\Dokumente und Einstellungen\Supervisor\Lokale Einstellungen\Apps\2.0\XC064DRW.J93\0H8OJ4E8.40V\frit..tion_f8d772dfbb3f7453_0002.0001_0db5bf149dd7a141\AVMAutoStart.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Easy-WebPrint - Drucken - res://C:\Programme\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint - Schnelldruck - res://C:\Programme\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint - Vorschau - res://C:\Programme\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint - Zu Druckliste hinzufügen - res://C:\Programme\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Programme\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Programme\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O16 - DPF: {4BFD075D-C36E-4F28-BB0A-5D472795197A} (PowerLoader Class) - http://www.powerchallenge.com/applet/PowerLoader.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1187355767015
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
O23 - Service: Avira AntiVir Personal - Free Antivirus Planer (AntiVirScheduler) - Avira GmbH - C:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatisches LiveUpdate - Scheduler - Symantec Corporation - C:\Programme\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. - C:\Programme\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\VAScanner\comHost.exe
O23 - Service: CyberLink Live Monitor Service - Unknown owner - C:\Dokumente und Einstellungen\Christian.WERNER-B72F4A9C\Desktop\tv\CLSomaMonitorService.exe (file missing)
O23 - Service: CyberLink Live Service - Unknown owner - C:\Dokumente und Einstellungen\Christian.WERNER-B72F4A9C\Desktop\tv\CLSomaService.exe (file missing)
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Programme\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: AVM IGD CTRL Service (IGDCTRL) - AVM Berlin - C:\Programme\FRITZ!DSL\IGDCTRL.EXE
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Programme\iPod\bin\iPodService.exe
O23 - Service: Symantec IS Kennwortprüfung (ISPwdSvc) - Symantec Corporation - C:\Programme\Norton Internet Security\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\AppCore\AppSvc32.exe

--
End of file - 10914 bytes

ebayfreak · 24.07.2009, 19:01

RSIT log::

Zitat:

Logfile of random's system information tool 1.06 (written by random/random)
Run by Supervisor at 2009-07-24 19:58:13
Microsoft Windows XP Home Edition Service Pack 2
System drive C: has 8 GB (21%) free of 40 GB
Total RAM: 447 MB (26% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:58:16, on 24.07.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16850)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\AppCore\AppSvc32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Programme\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Bonjour\mDNSResponder.exe
C:\Programme\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Programme\FRITZ!DSL\IGDCTRL.EXE
C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Programme\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Dokumente und Einstellungen\Supervisor\Lokale Einstellungen\Apps\2.0\XC064DRW.J93\0H8OJ4E8.40V\frit..tion_f8d772dfbb3f7453_0002.0001_0db5bf149dd7a141\fritzbox-usb-fernanschluss.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Dokumente und Einstellungen\Supervisor\Desktop\RSIT.exe
C:\Programme\Trend Micro\HijackThis\Supervisor.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://red.clientapps.yahoo.com/customize/ie/defaults/stp/yme/*http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://red.clientapps.yahoo.com/customize/ie/defaults/su/yme/*http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ie/defaults/sb/yme/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/ie/defaults/sp/yme/*http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://red.clientapps.yahoo.com/customize/ie/defaults/stp/yme/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ie/defaults/su/yme/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\1331\toolbaru.dll (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Programme\Gemeinsame Dateien\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Programme\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Norton-Symbolleiste anzeigen - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Programme\Gemeinsame Dateien\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\1331\toolbaru.dll (file missing)
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programme\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Programme\Gemeinsame Dateien\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Programme\Gemeinsame Dateien\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [avgnt] "C:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AVMUSBFernanschluss] C:\Dokumente und Einstellungen\Supervisor\Lokale Einstellungen\Apps\2.0\XC064DRW.J93\0H8OJ4E8.40V\frit..tion_f8d772dfbb3f7453_0002.0001_0db5bf149dd7a141\AVMAutoStart.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Easy-WebPrint - Drucken - res://C:\Programme\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint - Schnelldruck - res://C:\Programme\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint - Vorschau - res://C:\Programme\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint - Zu Druckliste hinzufügen - res://C:\Programme\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Programme\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Programme\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O16 - DPF: {4BFD075D-C36E-4F28-BB0A-5D472795197A} (PowerLoader Class) - http://www.powerchallenge.com/applet/PowerLoader.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1187355767015
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
O23 - Service: Avira AntiVir Personal - Free Antivirus Planer (AntiVirScheduler) - Avira GmbH - C:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatisches LiveUpdate - Scheduler - Symantec Corporation - C:\Programme\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. - C:\Programme\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\VAScanner\comHost.exe
O23 - Service: CyberLink Live Monitor Service - Unknown owner - C:\Dokumente und Einstellungen\Christian.WERNER-B72F4A9C\Desktop\tv\CLSomaMonitorService.exe (file missing)
O23 - Service: CyberLink Live Service - Unknown owner - C:\Dokumente und Einstellungen\Christian.WERNER-B72F4A9C\Desktop\tv\CLSomaService.exe (file missing)
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Programme\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: AVM IGD CTRL Service (IGDCTRL) - AVM Berlin - C:\Programme\FRITZ!DSL\IGDCTRL.EXE
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Programme\iPod\bin\iPodService.exe
O23 - Service: Symantec IS Kennwortprüfung (ISPwdSvc) - Symantec Corporation - C:\Programme\Norton Internet Security\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\AppCore\AppSvc32.exe

--
End of file - 10974 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Norton Internet Security Online - Vollständige Systemprüfung ausführen - Werner.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Programme\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [2001-04-16 37808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1E8A6170-7264-4D0F-BEAE-D42A53123C75}]
C:\Programme\Gemeinsame Dateien\Symantec Shared\coShared\Browser\1.0\NppBho.dll [2006-10-13 93400]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{68F9551E-0411-48E4-9AAF-4BC42A6A46BE}]
EWPBrowseObject Class - C:\Programme\Canon\Easy-WebPrint\EWPBrowseLoader.dll [2005-10-20 34304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll [2008-02-22 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Anmelde-Hilfsprogramm - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{90222687-F593-4738-B738-FBEE9C7B26DF} - Norton-Symbolleiste anzeigen - C:\Programme\Gemeinsame Dateien\Symantec Shared\coShared\Browser\1.0\UIBHO.dll [2006-10-13 510152]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQ Toolbar - C:\PROGRA~1\ICQTOO~1\1331\toolbaru.dll []
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - C:\Programme\Canon\Easy-WebPrint\Toolband.dll [2005-10-20 552960]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-08-01 16049664]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2007-12-05 81920]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-12-05 8523776]
"Symantec PIF AlertEng"=C:\Programme\Gemeinsame Dateien\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
"avgnt"=C:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2006-02-28 15360]
"AVMUSBFernanschluss"=C:\Dokumente und Einstellungen\Supervisor\Lokale Einstellungen\Apps\2.0\XC064DRW.J93\0H8OJ4E8.40V\frit..tion_f8d772dfbb3f7453_0002.0001_0db5bf149dd7a141\AVMAutoStart.exe [2009-01-10 139264]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
C:\Dokumente und Einstellungen\Christian.WERNER-B72F4A9C\Desktop\3.0\Apps\apdproxy.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe [2007-01-09 115816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
C:\WINDOWS\system32\ctfmon.exe [2006-02-28 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\DOKUME~1\ALLUSE~1\ICQ6\ICQ.exe silent []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
C:\Programme\Nero\Nero8\Nero BackItUp\NBKeyScan.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
C:\WINDOWS\system32\NvCpl.dll [2007-12-05 8523776]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE2]
C:\Programme\ScanSoft\OmniPageSE2.0\OpwareSE2.exe [2003-05-08 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\osCheck]
C:\Programme\Norton Internet Security\osCheck.exe [2006-10-13 26248]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Dokumente und Einstellungen\Christian.WERNER-B72F4A9C.000\Desktop\QTTask.exe -atboottime []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
C:\Programme\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe /startoptions []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Programme\Java\jre1.6.0_05\bin\jusched.exe [2008-02-22 144784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\T-Online_Software_6]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ToADiMon.exe]
C:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis1\ToADiMon.exe -TOnlineAutodialStart []

ebayfreak · 24.07.2009, 19:02

Teil2 RSIT log:

Zitat:

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^Supervisor^Startmenü^Programme^Autostart^OpenOffice.org 2.0.lnk]
C:\PROGRA~1\OPENOF~1.0\program\QUICKS~1.EXE [2006-01-25 61440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=91000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Programme\ICQ6\ICQ.exe"="C:\Programme\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"C:\Programme\Yahoo!\Messenger\YPager.exe"="C:\Programme\Yahoo!\Messenger\YPager.exe:*:Enabled:Yahoo! Messenger"
"C:\Programme\Yahoo!\Messenger\YServer.exe"="C:\Programme\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\Programme\Gemeinsame Dateien\ICQ6\ICQ.exe"="C:\Programme\Gemeinsame Dateien\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"C:\Dokumente und Einstellungen\Christian\ICQ6\ICQ.exe"="C:\Dokumente und Einstellungen\Christian\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"C:\Programme\Yahoo!\Yahoo! Music Engine\YahooMusicEngine.exe"="C:\Programme\Yahoo!\Yahoo! Music Engine\YahooMusicEngine.exe:*:Enabled:Yahoo! Music Engine"
"C:\Dokumente und Einstellungen\christian2_2.WERNER-B72F4A9C\Desktop\ICQ6\ICQ.exe"="C:\Dokumente und Einstellungen\christian2_2.WERNER-B72F4A9C\Desktop\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"C:\Programme\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe"="C:\Programme\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe:*:Enabled:Apache HTTP Server"
"C:\Dokumente und Einstellungen\All Users\Desktop\ICQ6\ICQ.exe"="C:\Dokumente und Einstellungen\All Users\Desktop\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"C:\Dokumente und Einstellungen\Christian.WERNER-B72F4A9C\Eigene Dateien\pplive\PPLive.exe"="C:\Dokumente und Einstellungen\Christian.WERNER-B72F4A9C\Eigene Dateien\pplive\PPLive.exe:*:Enabled:PPLive"
"C:\Dokumente und Einstellungen\Christian.WERNER-B72F4A9C\Desktop\tv\CLSomaService.exe"="C:\Dokumente und Einstellungen\Christian.WERNER-B72F4A9C\Desktop\tv\CLSomaService.exe:*:Enabled:CyberLink Live Service"
"C:\Dokumente und Einstellungen\Christian.WERNER-B72F4A9C\Desktop\tv\CLHomeMediaServer.exe"="C:\Dokumente und Einstellungen\Christian.WERNER-B72F4A9C\Desktop\tv\CLHomeMediaServer.exe:*:Enabled:CyberLink Live"
"C:\Dokumente und Einstellungen\Christian.WERNER-B72F4A9C\Desktop\tv\CLSomaMonitorService.exe"="C:\Dokumente und Einstellungen\Christian.WERNER-B72F4A9C\Desktop\tv\CLSomaMonitorService.exe:*:Enabled:CyberLink Live Monitor Service"
"C:\Dokumente und Einstellungen\Christian.WERNER-B72F4A9C\Desktop\ICQ6\ICQ.exe"="C:\Dokumente und Einstellungen\Christian.WERNER-B72F4A9C\Desktop\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"C:\Dokumente und Einstellungen\Christian.WERNER-B72F4A9C\Eigene Dateien\Neuer Ordner (9)\LimeWire\LimeWire.exe"="C:\Dokumente und Einstellungen\Christian.WERNER-B72F4A9C\Eigene Dateien\Neuer Ordner (9)\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Dokumente und Einstellungen\Supervisor\Desktop\ICQ6\ICQ.exe"="C:\Dokumente und Einstellungen\Supervisor\Desktop\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"C:\Dokumente und Einstellungen\Christian.WERNER-B72F4A9C.000\Desktop\ICQ6\ICQ.exe"="C:\Dokumente und Einstellungen\Christian.WERNER-B72F4A9C.000\Desktop\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"C:\Dokumente und Einstellungen\All Users\Dokumente\LimeWire\LimeWire.exe"="C:\Dokumente und Einstellungen\All Users\Dokumente\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Dokumente und Einstellungen\Christian.WERNER-B72F4A9C.000\Eigene Dateien\Eigene Bilder\LimeWire\LimeWire.exe"="C:\Dokumente und Einstellungen\Christian.WERNER-B72F4A9C.000\Eigene Dateien\Eigene Bilder\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Dokumente und Einstellungen\Christian.WERNER-B72F4A9C.000\Eigene Dateien\Eigene Bilder\ICQ6\ICQ.exe"="C:\Dokumente und Einstellungen\Christian.WERNER-B72F4A9C.000\Eigene Dateien\Eigene Bilder\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"C:\Dokumente und Einstellungen\Christian.WERNER-B72F4A9C.000\Desktop\LimeWire\LimeWire.exe"="C:\Dokumente und Einstellungen\Christian.WERNER-B72F4A9C.000\Desktop\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"D:\fsetup.exe"="D:\fsetup.exe:*:Enabled:AVM FSetup Application"
"C:\Dokumente und Einstellungen\Supervisor\Lokale Einstellungen\Apps\2.0\XC064DRW.J93\0H8OJ4E8.40V\frit..tion_f8d772dfbb3f7453_0002.0001_0db5bf0f9b5c5281\fritzbox-usb-fernanschluss.exe"="C:\Dokumente und Einstellungen\Supervisor\Lokale Einstellungen\Apps\2.0\XC064DRW.J93\0H8OJ4E8.40V\frit..tion_f8d772dfbb3f7453_0002.0001_0db5bf0f9b5c5281\fritzbox-usb-fernanschluss.exe:*:Enabled:FRITZ!Box USB-Fernanschluss"
"C:\Dokumente und Einstellungen\Werner\Lokale Einstellungen\Apps\2.0\RVHC1O1R.YY6\6G94K5PG.7RE\frit..tion_f8d772dfbb3f7453_0002.0001_0db5bf0f9b5c5281\fritzbox-usb-fernanschluss.exe"="C:\Dokumente und Einstellungen\Werner\Lokale Einstellungen\Apps\2.0\RVHC1O1R.YY6\6G94K5PG.7RE\frit..tion_f8d772dfbb3f7453_0002.0001_0db5bf0f9b5c5281\fritzbox-usb-fernanschluss.exe:*

isabled:FRITZ!Box USB-Fernanschluss"
"C:\Dokumente und Einstellungen\Christian.WERNER-B72F4A9C.000\Desktop\teeworlds-0.4.2-win32\teeworlds_srv.exe"="C:\Dokumente und Einstellungen\Christian.WERNER-B72F4A9C.000\Desktop\teeworlds-0.4.2-win32\teeworlds_srv.exe:*:Enabled:teeworlds_srv"
"C:\Dokumente und Einstellungen\Supervisor\Desktop\teeworlds-0.4.2-win32\teeworlds_srv.exe"="C:\Dokumente und Einstellungen\Supervisor\Desktop\teeworlds-0.4.2-win32\teeworlds_srv.exe:*:Enabled:teeworlds_srv"
"C:\Dokumente und Einstellungen\Supervisor\Desktop\teeworlds-0.4.3-win32\teeworlds_srv.exe"="C:\Dokumente und Einstellungen\Supervisor\Desktop\teeworlds-0.4.3-win32\teeworlds_srv.exe:*:Enabled:teeworlds_srv"
"C:\Dokumente und Einstellungen\Christian.WERNER-B72F4A9C.000\Desktop\teeworlds-0.4.3-win32\teeworlds_srv.exe"="C:\Dokumente und Einstellungen\Christian.WERNER-B72F4A9C.000\Desktop\teeworlds-0.4.3-win32\teeworlds_srv.exe:*:Enabled:teeworlds_srv"
"C:\Dokumente und Einstellungen\Christian.WERNER-B72F4A9C.000\Desktop\30.September\Templater.exe"="C:\Dokumente und Einstellungen\Christian.WERNER-B72F4A9C.000\Desktop\30.September\Templater.exe:*:Enabled:Vorlagen-Generator"
"C:\Programme\Mozilla Firefox\firefox.exe"="C:\Programme\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Dokumente und Einstellungen\Christian.WERNER-B72F4A9C.000\Lokale Einstellungen\Anwendungsdaten\Skype\Phone\Skype.exe"="C:\Dokumente und Einstellungen\Christian.WERNER-B72F4A9C.000\Lokale Einstellungen\Anwendungsdaten\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Programme\Bonjour\mDNSResponder.exe"="C:\Programme\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Dokumente und Einstellungen\Christian.WERNER-B72F4A9C.000\Desktop\xFire\xfire.exe"="C:\Dokumente und Einstellungen\Christian.WERNER-B72F4A9C.000\Desktop\xFire\xfire.exe:*:Enabled:Xfire"
"C:\Dokumente und Einstellungen\Supervisor\Lokale Einstellungen\Apps\2.0\XC064DRW.J93\0H8OJ4E8.40V\frit..tion_f8d772dfbb3f7453_0002.0001_0db5bf139d589181\fritzbox-usb-fernanschluss.exe"="C:\Dokumente und Einstellungen\Supervisor\Lokale Einstellungen\Apps\2.0\XC064DRW.J93\0H8OJ4E8.40V\frit..tion_f8d772dfbb3f7453_0002.0001_0db5bf139d589181\fritzbox-usb-fernanschluss.exe:*:Enabled:FRITZ!Box USB-Fernanschluss"
"C:\Programme\Windows Live\Messenger\msnmsgr.exe"="C:\Programme\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Programme\Windows Live\Messenger\livecall.exe"="C:\Programme\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Dokumente und Einstellungen\Christian.WERNER-B72F4A9C.000\Desktop\TvGiant\TVTower_Win.exe"="C:\Dokumente und Einstellungen\Christian.WERNER-B72F4A9C.000\Desktop\TvGiant\TVTower_Win.exe:*:Enabled:TVTower_Win"
"C:\Dokumente und Einstellungen\Christian.WERNER-B72F4A9C.000\Desktop\Brauch\LimeWire\LimeWire.exe"="C:\Dokumente und Einstellungen\Christian.WERNER-B72F4A9C.000\Desktop\Brauch\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Programme\FRITZ!DSL\FBOXUPD.EXE"="C:\Programme\FRITZ!DSL\FBOXUPD.EXE:*:Enabled:AVM FRITZ!Box Firmware-Update"
"C:\Dokumente und Einstellungen\Supervisor\Lokale Einstellungen\Apps\2.0\XC064DRW.J93\0H8OJ4E8.40V\frit..tion_f8d772dfbb3f7453_0002.0001_0db5bf149dd7a141\fritzbox-usb-fernanschluss.exe"="C:\Dokumente und Einstellungen\Supervisor\Lokale Einstellungen\Apps\2.0\XC064DRW.J93\0H8OJ4E8.40V\frit..tion_f8d772dfbb3f7453_0002.0001_0db5bf149dd7a141\fritzbox-usb-fernanschluss.exe:*:Enabled:FRITZ!Box USB-Fernanschluss"
"C:\Dokumente und Einstellungen\Werner\Lokale Einstellungen\Apps\2.0\RVHC1O1R.YY6\6G94K5PG.7RE\frit..tion_f8d772dfbb3f7453_0002.0001_0db5bf149dd7a141\fritzbox-usb-fernanschluss.exe"="C:\Dokumente und Einstellungen\Werner\Lokale Einstellungen\Apps\2.0\RVHC1O1R.YY6\6G94K5PG.7RE\frit..tion_f8d772dfbb3f7453_0002.0001_0db5bf149dd7a141\fritzbox-usb-fernanschluss.exe:*:Enabled:FRITZ!Box USB-Fernanschluss"
"E:\Fahren Lernen\Vogel.FahrenLernenMax.exe"="E:\Fahren Lernen\Vogel.FahrenLernenMax.exe:*:Enabled:Fahren Lernen"
"C:\Dokumente und Einstellungen\Christian.WERNER-B72F4A9C.000\Desktop\iTunes\iTunes.exe"="C:\Dokumente und Einstellungen\Christian.WERNER-B72F4A9C.000\Desktop\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Dokumente und Einstellungen\Werner\Lokale Einstellungen\Apps\2.0\RVHC1O1R.YY6\6G94K5PG.7RE\frit..tion_f8d772dfbb3f7453_0002.0001_0db5bf169ed5c0c1\fritzbox-usb-fernanschluss.exe"="C:\Dokumente und Einstellungen\Werner\Lokale Einstellungen\Apps\2.0\RVHC1O1R.YY6\6G94K5PG.7RE\frit..tion_f8d772dfbb3f7453_0002.0001_0db5bf169ed5c0c1\fritzbox-usb-fernanschluss.exe:*

isabled:FRITZ!Box Audio- und USB-Fernanschluss"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Programme\Windows Live\Messenger\msnmsgr.exe"="C:\Programme\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Programme\Windows Live\Messenger\livecall.exe"="C:\Programme\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"E:\Fahren Lernen\Vogel.FahrenLernenMax.exe"="E:\Fahren Lernen\Vogel.FahrenLernenMax.exe:*:Enabled:Fahren Lernen"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cfb6fb56-985b-11dc-bf2e-00138fe380bf}]
shell\AutoRun\command - F:\LaunchU3.exe -a

======List of files/folders created in the last 1 months======

2009-07-24 15:46:51 ----D---- C:\Programme\trend micro
2009-07-24 15:46:48 ----D---- C:\rsit
2009-07-24 11:31:52 ----D---- C:\Dokumente und Einstellungen\Supervisor\Anwendungsdaten\Malwarebytes
2009-07-24 11:31:36 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
2009-07-24 11:31:34 ----D---- C:\Programme\Malwarebytes' Anti-Malware
2009-07-24 11:26:05 ----D---- C:\Programme\CCleaner
2009-07-15 21:20:00 ----HDC---- C:\WINDOWS\$NtUninstallKB973346$
2009-07-15 21:19:47 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
2009-07-15 21:16:43 ----HDC---- C:\WINDOWS\$NtUninstallKB961371$

======List of files/folders modified in the last 1 months======

2009-07-24 19:54:40 ----D---- C:\WINDOWS\Prefetch
2009-07-24 19:48:13 ----D---- C:\WINDOWS\Temp
2009-07-24 19:45:47 ----D---- C:\WINDOWS
2009-07-24 17:20:16 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-07-24 15:46:51 ----D---- C:\Programme
2009-07-24 15:41:23 ----D---- C:\WINDOWS\system32\drivers
2009-07-24 15:39:19 ----D---- C:\WINDOWS\system32
2009-07-24 15:39:17 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-07-24 11:29:19 ----D---- C:\WINDOWS\Debug
2009-07-24 11:29:18 ----D---- C:\WINDOWS\Minidump
2009-07-23 19:36:43 ----HD---- C:\Programme\InstallShield Installation Information
2009-07-23 18:06:56 ----SHD---- C:\WINDOWS\Installer
2009-07-23 18:06:49 ----SHD---- C:\RECYCLER
2009-07-23 18:06:48 ----D---- C:\Dokumente und Einstellungen
2009-07-15 21:20:03 ----HD---- C:\WINDOWS\inf
2009-07-15 21:19:58 ----HD---- C:\WINDOWS\$hf_mig$
2009-07-15 21:19:50 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-07-15 21:16:45 ----D---- C:\WINDOWS\system32\CatRoot2
2009-07-07 17:10:56 ----A---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK8;AMD-Prozessortreiber; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-06-19 43520]
R1 avgio;avgio; \??\C:\Programme\Avira\AntiVir PersonalEdition Classic\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-05-28 75096]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\eeCtrl.sys []
R1 SPBBCDrv;SPBBCDrv; \??\C:\Programme\Gemeinsame Dateien\Symantec Shared\SPBBC\SPBBCDrv.sys []
R1 SRTSPX;SRTSPX; C:\WINDOWS\System32\Drivers\SRTSPX.SYS [2007-09-18 43696]
R1 SSHDRV86;SSHDRV86; \??\C:\WINDOWS\system32\drivers\SSHDRV86.sys []
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-11-08 21248]
R1 SYMTDI;SYMTDI; C:\WINDOWS\System32\Drivers\SYMTDI.SYS [2006-10-13 186048]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS-Dienstanbieter-Unterstützungsumgebung; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2006-02-28 12032]
R2 irda;IrDA-Protokoll; C:\WINDOWS\system32\DRIVERS\irda.sys [2004-08-04 87424]
R3 avgntflt;avgntflt; \??\C:\Programme\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []
R3 avmaura;AVM USB-Fernanschluss; C:\WINDOWS\system32\DRIVERS\avmaura.sys [2009-01-10 101248]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-08-01 4356608]
R3 NAVENG;NAVENG; \??\C:\PROGRA~1\GEMEIN~1\SYMANT~1\VIRUSD~1\20060908.041\NAVENG.SYS []
R3 NAVEX15;NAVEX15; \??\C:\PROGRA~1\GEMEIN~1\SYMANT~1\VIRUSD~1\20060908.041\NAVEX15.SYS []
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-12-05 7435392]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-07-11 57856]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-07-11 20480]
R3 Rasirda;WAN-Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 SRTSP;SRTSP; C:\WINDOWS\System32\Drivers\SRTSP.SYS [2007-09-18 278576]
R3 SYMDNS;SYMDNS; C:\WINDOWS\System32\Drivers\SYMDNS.SYS [2006-10-13 11968]
R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
R3 SYMFW;SYMFW; C:\WINDOWS\System32\Drivers\SYMFW.SYS [2006-10-13 144832]
R3 SYMIDS;SYMIDS; C:\WINDOWS\System32\Drivers\SYMIDS.SYS [2006-10-13 39104]
R3 SYMIDSCO;SYMIDSCO; \??\C:\PROGRA~1\GEMEIN~1\SYMANT~1\SymcData\idsdefs\20060901.084\SymIDSCo.sys []
R3 SYMNDIS;SYMNDIS; C:\WINDOWS\System32\Drivers\SYMNDIS.SYS [2006-10-13 33216]
R3 SYMREDRV;SYMREDRV; C:\WINDOWS\System32\Drivers\SYMREDRV.SYS [2006-10-13 26432]
R3 usbehci;Miniporttreiber für erweiterten Microsoft USB 2.0-Hostcontroller; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2006-02-28 26624]
R3 usbhub;USB2-aktivierter Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2006-02-28 57600]
R3 usbohci;Miniporttreiber für Microsoft USB Open Host-Controller; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2006-02-28 17024]
S1 OMCI;OMCI; C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS []
S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys []
S3 HidUsb;Microsoft HID Class-Treiber; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
S3 irsir;Microsoft serieller Infrarottreiber; C:\WINDOWS\system32\DRIVERS\irsir.sys [2001-08-17 18688]
S3 ms_mpu401;Microsoft MPU-401 MIDI UART-Treiber; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
S3 nm;Netzwerkmonitortreiber; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2006-02-28 40320]
S3 SRTSPL;SRTSPL; C:\WINDOWS\System32\Drivers\SRTSPL.SYS [2007-09-18 317616]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2008-10-01 32000]
S3 usbaudio;USB-Audiotreiber (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-04 59264]
S3 usbccgp;Microsoft Standard-USB-Haupttreiber; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-04 31616]
S3 usbprint;Microsoft USB-Druckerklasse; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-04 25856]
S3 usbscan;USB-Scannertreiber; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;USB-Massenspeichertreiber; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 w200bus;Sony Ericsson W200 driver (WDM); C:\WINDOWS\system32\DRIVERS\w200bus.sys [2006-11-07 61504]
S3 w200mdfl;Sony Ericsson W200 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\w200mdfl.sys [2006-11-07 9328]
S3 w200mdm;Sony Ericsson W200 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\w200mdm.sys [2006-11-07 97056]
S3 w200mgmt;Sony Ericsson W200 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\w200mgmt.sys [2006-11-07 88560]
S3 w200obex;Sony Ericsson W200 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\w200obex.sys [2006-11-07 86368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Planer; C:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-23 68865]
R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-23 151297]
R2 Apple Mobile Device;Apple Mobile Device; C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-10-01 116040]
R2 Automatisches LiveUpdate - Scheduler;Automatisches LiveUpdate - Scheduler; C:\Programme\Symantec\LiveUpdate\ALUSchedulerSvc.exe [2006-10-13 198336]
R2 Bonjour Service;Bonjour-Dienst; C:\Programme\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 ccEvtMgr;Symantec Event Manager; C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe [2007-01-09 108648]
R2 ccSetMgr;Symantec Settings Manager; C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe [2007-01-09 108648]
R2 CLTNetCnService;Symantec Lic NetConnect service; C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe [2007-01-09 108648]
R2 ForcewareWebInterface;Forceware Web Interface; C:\Programme\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe [2006-04-03 20543]
R2 IGDCTRL;AVM IGD CTRL Service; C:\Programme\FRITZ!DSL\IGDCTRL.EXE [2007-09-04 87344]
R2 Irmon;Infrarotüberwachung; C:\WINDOWS\system32\svchost.exe [2006-02-28 14336]
R2 LiveUpdate Notice Ex;LiveUpdate Notice Service Ex; C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe [2007-01-09 108648]
R2 nSvcIp;ForceWare IP service; C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe [2006-07-13 131131]
R2 nSvcLog;ForceWare user log service; C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe [2006-07-13 65599]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-12-05 155716]
R2 SNMP;SNMP-Dienst; C:\WINDOWS\System32\snmp.exe [2006-11-21 33280]
R2 SymAppCore;Symantec AppCore Service; C:\Programme\Gemeinsame Dateien\Symantec Shared\AppCore\AppSvc32.exe [2006-10-13 46736]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2006-02-28 14336]
R3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2006-10-13 2528960]
S2 CyberLink Live Monitor Service;CyberLink Live Monitor Service; C:\Dokumente und Einstellungen\Christian.WERNER-B72F4A9C\Desktop\tv\CLSomaMonitorService.exe []
S2 CyberLink Live Service;CyberLink Live Service; C:\Dokumente und Einstellungen\Christian.WERNER-B72F4A9C\Desktop\tv\CLSomaService.exe []
S2 LiveUpdate Notice Service;LiveUpdate Notice Service; C:\Programme\Gemeinsame Dateien\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 comHost;COM Host; C:\Programme\Gemeinsame Dateien\Symantec Shared\VAScanner\comHost.exe [2006-10-13 48272]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2006-10-20 36864]
S3 IDriverT;InstallDriver Table Manager; C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2006-10-30 741376]
S3 iPod Service;iPod-Dienst; C:\Programme\iPod\bin\iPodService.exe [2008-10-01 536872]
S3 ISPwdSvc;Symantec IS Kennwortprüfung; C:\Programme\Norton Internet Security\isPwdSvc.exe [2006-10-13 79496]
S3 LPDSVC;TCP/IP-Druckserver; C:\WINDOWS\system32\tcpsvcs.exe [2006-02-28 19456]
S3 ose;Office Source Engine; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 SNMPTRAP;SNMP-Trap-Dienst; C:\WINDOWS\System32\snmptrap.exe [2006-02-28 8704]
S3 Symantec Core LC;Symantec Core LC; C:\Programme\Gemeinsame Dateien\Symantec Shared\CCPD-LC\symlcsvc.exe [2007-08-15 1176256]
S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2006-02-28 14336]
S3 WMPNetworkSvc;Windows Media Player-Netzwerkfreigabedienst; C:\Programme\Windows Media Player\WMPNetwk.exe [2006-11-03 920576]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2006-10-30 122880]

-----------------EOF---------------

Mellosun · 25.07.2009, 04:46

Guten Morgen,

du nutzt Software von Symantec? Was verbirgt sich dahinter? Ein AV Wächter bzw. Programm?
Wenn ja, bitte Deinstallieren, da du Antivir ebenfalls nutzen tust!
Du hast weiter ne menge altes Zeug auf dem Rechner.....das muss auf den neuesten Stand gebracht werden!

Ich stelle Dir heut Nachmittag die Liste zusammen,da ich jetzt Arbeiten gehen muss....

MFG

ebayfreak · 25.07.2009, 09:54

ok danke

ich weiß nicht was das bringen soll
ist der rechner von meinem vater -.-

Trojaner/Würmer/Dropper

Plagegeister aller Art und deren Bekämpfung: Trojaner/Würmer/Dropper