| |
| |||||||
Log-Analyse und Auswertung: Alles wieder ok?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
02.08.2009, 18:23
| #1 |
 |  Alles wieder ok? Hallo Zusammen =) Ich weiß von Computern nicht viel mehr, als wie ich sie an & dann kaputt mache. Nun hat mein Antivir gestern Alarm geschlagen. Unter anderem wurden TR/Proxy.Koobface.33792C, BDS.Backdoor.Gen, Backdoor.Bot, TR/Spy.Amber.BZ, TR/BHO.Agent.UA gefunden.  Angeblich wurden sie alle entfernt.Ich habe den CCleaner, Malwarebytes, Antivir und RSIT drüber laufen lassen, dennoch bin ich mir nicht sicher, ob ich es geschafft habe, alles los zu werden. Code:
ATTFilter Logfile of random's system information tool 1.06 (written by random/random) Run by *** at 2009-08-02 18:48:45 Microsoft Windows XP Home Edition Service Pack 2 System drive C: has 53 GB (69%) free of 76 GB Total RAM: 511 MB (37% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:48:57, on 02.08.2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Programme\Avira\AntiVir Desktop\sched.exe C:\Programme\Avira\AntiVir Desktop\avguard.exe C:\Programme\CA\SharedComponents\CA_LIC\LogWatNT.exe C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\wanmpsvc.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\Dit.exe C:\Programme\Medion Home Cinema XL II\PowerCinema\PCMService.exe C:\WINDOWS\DitExp.exe C:\Programme\Logitech\Video\LogiTray.exe C:\Programme\Java\jre1.5.0_06\bin\jusched.exe C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe C:\WINDOWS\system32\PRISMSTA.EXE C:\Programme\Winamp\winampa.exe C:\WINDOWS\system32\ctfmon.exe C:\Programme\Spybot - Search & Destroy\TeaTimer.exe C:\WINDOWS\system32\LVComS.exe C:\WINDOWS\CNYHKey.exe C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe C:\Programme\Mozilla Firefox\firefox.exe C:\Dokumente und Einstellungen\***\Desktop\RSIT.exe C:\Programme\trend micro\***.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = h**p://google.icq.com/search/search_frame.php R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = h**p://google.icq.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = h**p://www.freenet.de/freenet/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = h**p://www.freenet.de R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = h**p://search.msn.de/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = h**p://www.msn.de/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_03\bin\ssv.dll O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [Dit] Dit.exe O4 - HKLM\..\Run: [CHotkey] mHotkey.exe O4 - HKLM\..\Run: [PCMService] "C:\Programme\Medion Home Cinema XL II\PowerCinema\PCMService.exe" O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Programme\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Programme\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe O4 - HKLM\..\Run: [PMXInit] C:\WINDOWS\system32\pmxinit.exe -SetupRunOnce O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [PRISMSTA.EXE] PRISMSTA.EXE START O4 - HKLM\..\Run: [WinampAgent] C:\Programme\Winamp\winampa.exe O4 - HKLM\..\Run: [KAVPersonal50] "C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kav.exe" /minimize O4 - HKLM\..\Run: [kav] "C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" O4 - HKLM\..\Run: [ATIPTA] C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [Pando] "C:\Programme\Pando Networks\Pando\Pando.exe" /Automation O4 - HKLM\..\Run: [AWatch] C:\Programme\FRITZ!DSL\Awatch.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [scvhost.exe] scvhost.exe O4 - HKLM\..\Run: [sysldtray] C:\windows\ld12.exe O4 - HKLM\..\RunServices: [scvhost.exe] scvhost.exe O4 - HKLM\..\RunOnce: [PMXInit] C:\WINDOWS\system32\pmxinit.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Programme\MSN Messenger\msnmsgr.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Reader - Schnellstart.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Kontrollfeld für die kabellose Tastatur.lnk = C:\WINDOWS\CNYHKey.exe O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O9 - Extra button: MedionShop - {84FAA847-1400-4400-BC93-D338EF03127B} - h**p://www.medionshop.de/ (file missing) (HKCU) O14 - IERESET.INF: START_PAGE_URL=h**p://www.freenet.de O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - h**p://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - h**p://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\avguard.exe O23 - Service: CA-Lizenz-Client (CA_LIC_CLNT) - Computer Associates - C:\Programme\CA\SharedComponents\CA_LIC\lic98rmt.exe O23 - Service: CA-Lizenzserver (CA_LIC_SRVR) - Computer Associates - C:\Programme\CA\SharedComponents\CA_LIC\lic98rmtd.exe O23 - Service: AVM FRITZ!web Routing Service (de_serv) - Unknown owner - C:\Programme\Gemeinsame Dateien\AVM\de_serv.exe (file missing) O23 - Service: Ereignisprotokoll-Überwachung (LogWatch) - Computer Associates - C:\Programme\CA\SharedComponents\CA_LIC\LogWatNT.exe O23 - Service: NBService - Nero AG - C:\Programme\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe -- End of file - 7860 bytes ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader Link Helper - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2005-05-31 853672] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] SSVHelper Class - C:\Programme\Java\jre1.6.0_03\bin\ssv.dll [2007-09-25 501136] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Cmaudio"=RunDll32 cmicnfg.cpl,CMICtrlWnd [] "Dit"=C:\WINDOWS\Dit.exe [2002-08-28 73728] "CHotkey"=C:\WINDOWS\mHotkey.exe [2003-06-27 506368] "PCMService"=C:\Programme\Medion Home Cinema XL II\PowerCinema\PCMService.exe [2003-06-24 61440] "PinnacleDriverCheck"=C:\WINDOWS\System32\PSDrvCheck.exe [2003-05-28 394240] "LogitechVideoRepair"=C:\Programme\Logitech\Video\ISStart.exe [2004-02-12 188416] "LogitechVideoTray"=C:\Programme\Logitech\Video\LogiTray.exe [2004-02-12 77824] "SunJavaUpdateSched"=C:\Programme\Java\jre1.5.0_06\bin\jusched.exe [2005-11-10 36975] "Microsoft Works Update Detection"=C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe [2003-06-17 50688] ""= [] "PMXInit"=C:\WINDOWS\system32\pmxinit.exe [2001-04-20 700176] "KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k [] "PRISMSTA.EXE"=PRISMSTA.EXE START [] "WinampAgent"=C:\Programme\Winamp\winampa.exe [2007-02-13 35328] "KAVPersonal50"=C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kav.exe /minimize [] "kav"=C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe [] "ATIPTA"=C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe [] "Pando"=C:\Programme\Pando Networks\Pando\Pando.exe /Automation [] "AWatch"=C:\Programme\FRITZ!DSL\Awatch.exe [] "NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [] "scvhost.exe"=scvhost.exe [] "sysldtray"=C:\windows\ld12.exe [] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce] "PMXInit"=C:\WINDOWS\system32\pmxinit.exe [2001-04-20 700176] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360] "SpybotSD TeaTimer"=C:\Programme\Spybot - Search & Destroy\TeaTimer.exe [2005-05-31 1415824] "msnmsgr"=C:\Programme\MSN Messenger\msnmsgr.exe /background [] C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart Adobe Gamma Loader.exe.lnk - C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe Adobe Reader - Schnellstart.lnk - C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe Kontrollfeld für die kabellose Tastatur.lnk - C:\WINDOWS\CNYHKey.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Programme\Real\RealPlayer\realplay.exe"="C:\Programme\Real\RealPlayer\realplay.exe:*:Disabled:RealOne Player" "C:\Programme\frnDSL\frnDSL.exe"="C:\Programme\frnDSL\frnDSL.exe:*:Disabled:WisDev Dialer" "C:\Programme\NetMeeting\conf.exe"="C:\Programme\NetMeeting\conf.exe:*:Enabled:Windows® NetMeeting®" "C:\Programme\Messenger\msmsgs.exe"="C:\Programme\Messenger\msmsgs.exe:*:Enabled:Windows Messenger" "C:\Programme\Internet Explorer\iexplore.exe"="C:\Programme\Internet Explorer\iexplore.exe:*:Disabled:Internet Explorer" "C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Eine DLL-Datei als Anwendung ausführen" "C:\Programme\FileZilla\FileZilla.exe"="C:\Programme\FileZilla\FileZilla.exe:*:Enabled:FileZilla" "C:\Programme\BitTorrent\bittorrent.exe"="C:\Programme\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent" "C:\Programme\Mozilla Firefox\firefox.exe"="C:\Programme\Mozilla Firefox\firefox.exe:*:Enabled:Firefox" "C:\Programme\MSN Messenger\msnmsgr.exe"="C:\Programme\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.0" "C:\Programme\MSN Messenger\msncall.exe"="C:\Programme\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)" "C:\Programme\Reallusion\CrazyTalk for Skype\CT4Skype.exe"="C:\Programme\Reallusion\CrazyTalk for Skype\CT4Skype.exe:*:Enabled:CrazyTalk" "C:\Programme\BitLord\BitLord.exe"="C:\Programme\BitLord\BitLord.exe:*:Disabled:BitLord" "C:\Programme\Pando Networks\Pando\pando.exe"="C:\Programme\Pando Networks\Pando\pando.exe:*:Disabled:pando" "C:\Programme\ICQ\Icq.exe"="C:\Programme\ICQ\Icq.exe:*:Disabled:ICQ" "C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Disabled:Microsoft DirectPlay Voice Test" "C:\Programme\SecondLife\SecondLife.exe"="C:\Programme\SecondLife\SecondLife.exe:*:Disabled:Second Life" "C:\Programme\Gizmoz Talking Headz\TalkingHeadz.exe"="C:\Programme\Gizmoz Talking Headz\TalkingHeadz.exe:*:Disabled:TalkingHeadz" "C:\Programme\Gemeinsame Dateien\aol\Loader\aolload.exe"="C:\Programme\Gemeinsame Dateien\aol\Loader\aolload.exe:*:Enabled:AOL Loader" "C:\Programme\AIM6\aim6.exe"="C:\Programme\AIM6\aim6.exe:*:Enabled:AIM" "C:\Programme\eMule\emule.exe"="C:\Programme\eMule\emule.exe:*:Enabled:eMule" "C:\Programme\Java\jre1.6.0_03\bin\javaw.exe"="C:\Programme\Java\jre1.6.0_03\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary" "C:\Programme\Veoh Networks\Veoh\VeohClient.exe"="C:\Programme\Veoh Networks\Veoh\VeohClient.exe:*:Enabled:Veoh Client" "C:\Programme\Skype\Phone\Skype.exe"="C:\Programme\Skype\Phone\Skype.exe:*:Enabled:Skype" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Programme\MSN Messenger\msnmsgr.exe"="C:\Programme\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.0" "C:\Programme\MSN Messenger\msncall.exe"="C:\Programme\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)" ======List of files/folders created in the last 1 months====== 2009-08-02 15:40:21 ----D---- C:\Programme\trend micro 2009-08-02 15:40:16 ----D---- C:\rsit 2009-08-02 14:09:38 ----D---- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Malwarebytes 2009-08-02 14:09:19 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes 2009-08-02 14:09:18 ----D---- C:\Programme\Malwarebytes' Anti-Malware 2009-08-02 03:06:22 ----D---- C:\Programme\CCleaner 2009-08-01 00:35:21 ----D---- C:\Programme\Misc. Support Library (Spybot - Search & Destroy) 2009-08-01 00:35:21 ----D---- C:\Programme\File Scanner Library (Spybot - Search & Destroy) 2009-07-21 00:03:35 ----D---- C:\Programme\Avira 2009-07-15 02:23:18 ----D---- C:\Programme\sFX ======List of files/folders modified in the last 1 months====== 2009-08-02 18:43:27 ----SHD---- C:\System Volume Information 2009-08-02 18:43:27 ----D---- C:\WINDOWS\system32\Restore 2009-08-02 18:40:11 ----D---- C:\WINDOWS\system32 2009-08-02 15:57:24 ----D---- C:\WINDOWS\Prefetch 2009-08-02 15:40:21 ----RD---- C:\Programme 2009-08-02 15:37:54 ----D---- C:\Programme\Mozilla Firefox 2009-08-02 15:37:21 ----AD---- C:\WINDOWS\Temp 2009-08-02 15:37:08 ----D---- C:\WINDOWS\system32\CatRoot2 2009-08-02 15:37:04 ----D---- C:\WINDOWS 2009-08-02 15:36:52 ----A---- C:\WINDOWS\ModemLog_Creatix V.9X DSP Data Fax Modem.txt 2009-08-02 15:36:16 ----AD---- C:\WINDOWS\system32\drivers 2009-08-02 15:33:07 ----A---- C:\WINDOWS\SchedLgU.Txt 2009-08-02 13:07:34 ----D---- C:\WINDOWS\Debug 2009-08-02 13:07:26 ----D---- C:\WINDOWS\Minidump 2009-08-02 04:09:54 ----D---- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Skype 2009-08-02 01:01:04 ----D---- C:\Ebooks 2009-08-02 00:25:53 ----A---- C:\WINDOWS\NeroDigital.ini 2009-08-02 00:06:04 ----D---- C:\Dokumente und Einstellungen\***\Anwendungsdaten\skypePM 2009-08-01 09:40:48 ----SD---- C:\WINDOWS\Downloaded Program Files 2009-07-21 00:03:50 ----HD---- C:\WINDOWS\inf 2009-07-21 00:03:35 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira 2009-07-21 00:01:55 ----SHD---- C:\WINDOWS\Installer 2009-07-21 00:01:55 ----D---- C:\WINDOWS\WinSxS 2009-07-21 00:01:53 ----D---- C:\Programme\Gemeinsame Dateien\Microsoft Shared 2009-07-19 22:13:55 ----A---- C:\WINDOWS\ODBC.INI 2009-07-19 09:28:00 ----D---- C:\Programme\eMule ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 avgio;avgio; \??\C:\Programme\Avira\AntiVir Desktop\avgio.sys [] R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104] R1 intelppm;Intel-Prozessortreiber; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2004-08-04 40192] R1 kbdhid;Tastatur-HID-Treiber; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2004-08-04 14848] R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520] R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-03-24 55640] R3 ASAPIW2K;ASAPIW2K; C:\WINDOWS\System32\Drivers\ASAPIW2K.sys [2002-04-17 11264] R3 AVMDSLPPPOE;AVM DSL PPPoE CAPI Treiber; C:\WINDOWS\System32\DRIVERS\avmdsloe.sys [2005-06-03 45440] R3 AVMNDSL;AVM DSL NDIS WAN CAPI Treiber; C:\WINDOWS\System32\DRIVERS\avmndsl.sys [2005-06-03 38992] R3 Cap7134;MEDION (7134) WDM Video Capture; C:\WINDOWS\System32\DRIVERS\Cap7134.sys [2003-06-05 350752] R3 cmuda;C-Media WDM Audio Interface; C:\WINDOWS\system32\drivers\cmuda.sys [2004-12-16 804800] R3 FET5X86V;VIA Rhine-Family Fast-Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2008-09-22 43520] R3 hidusb;Microsoft HID Class-Treiber; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2002-08-29 9600] R3 Intels51;Creatix V.9X DSP Data Fax Modem; C:\WINDOWS\System32\DRIVERS\ctxs51.sys [2003-05-22 670203] R3 mouhid;Maus-HID-Treiber; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2002-08-29 12288] R3 ms_mpu401;Microsoft MPU-401 MIDI UART-Treiber; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944] R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-03-20 9856] R3 PhTVTune;MEDION TV-TUNER 7134 MK2/3; C:\WINDOWS\System32\DRIVERS\PhTVTune.sys [2003-06-12 24704] R3 powervr;powervr; C:\WINDOWS\system32\DRIVERS\powervr.sys [2001-04-20 675984] R3 PRISM_A00;PRISM 802.11g Driver; C:\WINDOWS\System32\DRIVERS\PRISMA00.sys [2003-08-07 362688] R3 StillCam;Treiber für serielle Digitalkamera; C:\WINDOWS\System32\DRIVERS\serscan.sys [2001-08-18 7040] R3 usbccgp;Microsoft Standard-USB-Haupttreiber; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2004-08-04 31616] R3 usbehci;Miniporttreiber für erweiterten Microsoft USB 2.0-Hostcontroller; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2004-08-04 26624] R3 usbhub;USB2-aktivierter Hub; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2004-08-04 57600] R3 usbstor;USB-Massenspeichertreiber; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2004-08-04 26496] R3 usbuhci;Miniporttreiber für universellen Microsoft USB-Hostcontroller; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2004-08-04 20480] R3 wanatw;WAN Miniport (ATW); C:\WINDOWS\System32\DRIVERS\wanatw4.sys [2003-04-23 33588] S3 AF15BDA;TrekStor DVB-T Stick; C:\WINDOWS\system32\DRIVERS\AF15BDA.sys [2009-01-12 300544] S3 Arp1394;1394-ARP-Clientprotokoll; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2004-08-04 60800] S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2004-08-04 17024] S3 FDLUBASE;AVM FRITZ!Card DSL SL USB (WinXP/2000); C:\WINDOWS\System32\DRIVERS\fdlubase.sys [2005-06-03 704128] S3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\System32\DRIVERS\fetnd5b.sys [2002-10-29 40960] S3 MPE;BDA MPE-Filter; C:\WINDOWS\system32\DRIVERS\MPE.sys [2004-08-04 15360] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-04 5504] S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2004-08-04 85376] S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2004-08-04 10880] S3 NETFWDSL;AVM FRITZ!web DSL PPP; C:\WINDOWS\System32\DRIVERS\NETFWDSL.SYS [] S3 NIC1394;1394-Netzwerktreiber; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2004-08-04 61824] S3 pepifilter;Volume Adapter; C:\WINDOWS\System32\DRIVERS\lv302af.sys [2004-01-21 5915] S3 PID_08A0;Labtec WebCam Pro(PID_08A0); C:\WINDOWS\System32\DRIVERS\LV302AV.SYS [2004-01-21 271360] S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2004-08-04 11136] S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2004-08-04 15360] S3 TSP;TSP; \??\C:\WINDOWS\system32\drivers\klif.sys [] S3 usbaudio;USB-Audiotreiber (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-04 59264] S3 usbprint;Microsoft USB-Druckerklasse; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2004-08-04 25856] S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2004-08-04 19328] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S3 X10UIF;%DESCRIPTION%; C:\WINDOWS\System32\Drivers\x10uif.sys [2001-11-14 10761] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] S4 WS2IFSL;Windows Socket 2.0 Non-IFS-Dienstanbieter-Unterstützungsumgebung; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2002-08-29 12032] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AntiVirSchedulerService;Avira AntiVir Planer; C:\Programme\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289] R2 AntiVirService;Avira AntiVir Guard; C:\Programme\Avira\AntiVir Desktop\avguard.exe [2009-05-11 185089] R2 LogWatch;Ereignisprotokoll-Überwachung; C:\Programme\CA\SharedComponents\CA_LIC\LogWatNT.exe [2002-09-20 53248] R2 MDM;Machine Debug Manager; C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe [2003-06-19 322120] R2 WANMiniportService;WAN Miniport (ATW) Service; C:\WINDOWS\wanmpsvc.exe [2003-04-23 65536] R3 x10nets;X10 Device Network Service; C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe [2001-11-12 20480] S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2004-08-04 268800] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2003-02-20 32768] S3 CA_LIC_CLNT;CA-Lizenz-Client; C:\Programme\CA\SharedComponents\CA_LIC\lic98rmt.exe [2002-09-20 77824] S3 CA_LIC_SRVR;CA-Lizenzserver; C:\Programme\CA\SharedComponents\CA_LIC\lic98rmtd.exe [2002-09-20 77824] S3 de_serv;AVM FRITZ!web Routing Service; C:\Programme\Gemeinsame Dateien\AVM\de_serv.exe [] S3 NBService;NBService; C:\Programme\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-05-24 792112] S3 NMIndexingService;NMIndexingService; C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe [2007-04-04 271920] S3 ose;Office Source Engine; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 WMPNetworkSvc;Windows Media Player-Netzwerkfreigabedienst; C:\Programme\Windows Media Player\WMPNetwk.exe [2006-11-03 920576] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336]  Danke schon mal für eure Mühen, Alisa |
| Themen zu Alles wieder ok? |
| antivir, antivir guard, antivirus, antivirus scan, avgntflt.sys, avira, avp.exe, browser, c:\windows\system32\rundll32.exe, computer, computern, converter, desktop, excel, firefox, gservice, helper, hijack, hijackthis, hkus\s-1-5-18, home, iexplore.exe, kaspersky, logfile, mozilla, neu aufsetzen, nicht sicher, registry, skype.exe, software, stick, symantec, system, torrent.exe, windows, windows live messenger, windows xp |
Baum-Darstellung