Win32/RBot.3eu, W32/Gaobot.worm.gen.u, win32/renos.n, win32/renos.jt

Frederick

Und Teil 3

======Scheduled tasks folder======

C:\Windows\tasks\1-Klick-Wartung.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1535161163-2985667061-1605147419-1003Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1535161163-2985667061-1605147419-1003UA.job
C:\Windows\tasks\SupBackGroundTask.job
C:\Windows\tasks\{7B02EF0B-A410-4938-8480-9BA26420A627}.job
C:\Windows\tasks\{BB65B0FB-5712-401b-B616-E69AC55E2757}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2009-08-17 312928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4BE8B65B-EE14-40C1-B6BB-31E494FE6EBA}]
Netviewer Support - C:\PROGRA~1\NETVIE~1\Support\Plugin\IEPLUG~1\NVIEPL~1.DLL [2009-03-26 216888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{500BCA15-57A7-4eaf-8143-8C619470B13D}]
XML Class - C:\Windows\system32\msxml71.dll [2009-09-28 228868]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask.com Toolbar - C:\Program Files\Ask.com\Supertoolbar\GenericAskToolbar.dll [2008-10-21 741768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-09 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2008-08-08 691656]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask.com Toolbar - C:\Program Files\Ask.com\Supertoolbar\GenericAskToolbar.dll [2008-10-21 741768]
{E1F9EDE7-EF90-4A65-A5A4-D2FFEEA5D469} - &Netviewer Support - C:\PROGRA~1\NETVIE~1\Support\Plugin\IEPLUG~1\NVIEPL~1.DLL [2009-03-26 216888]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-07-08 6273568]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-10-26 1029416]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"PopRock"=C:\Users\Bratwurst \AppData\Local\Temp\b.exe [2009-09-28 146944]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TVTip]
C:\Program Files\TV Movie\TV Movie ClickFinder\tvstart.exe [2008-09-28 94208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Bratwurst ^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^DSL-Manager.lnk]
C:\PROGRA~1\T-Online\DSL-MA~1\DslMgr.exe [2007-11-26 1085440]

C:\Users\Bratwurst \AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
DSL-Manager.lnk - C:\Program Files\T-Online\DSL-Manager\DslMgr.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"NoHotStart"=0
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=00000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.reg - open - "regedit.exe" "%1"

======List of files/folders created in the last 1 months======

2009-09-29 22:37:45 ----D---- C:\rsit
2009-09-29 15:20:57 ----D---- C:\Program Files\Trend Micro
2009-09-28 15:59:47 ----A---- C:\Windows\msa.exe
2009-09-28 15:59:37 ----A---- C:\Windows\system32\msxml71.dll
2009-09-27 18:06:34 ----D---- C:\Program Files\CAPCOM
2009-09-27 18:05:34 ----D---- C:\Program Files\Microsoft Games for Windows - LIVE
2009-09-23 13:19:51 ----D---- C:\Temp
2009-09-23 13:18:57 ----D---- C:\Program Files\4Media
2009-09-10 03:01:35 ----A---- C:\Windows\system32\wdigest.dll
2009-09-10 03:01:35 ----A---- C:\Windows\system32\msv1_0.dll
2009-09-10 03:01:35 ----A---- C:\Windows\system32\kerberos.dll
2009-09-10 03:01:34 ----A---- C:\Windows\system32\schannel.dll
2009-09-10 03:01:32 ----A---- C:\Windows\system32\secur32.dll
2009-09-10 03:01:32 ----A---- C:\Windows\system32\lsass.exe
2009-09-10 03:01:32 ----A---- C:\Windows\system32\lsasrv.dll
2009-09-09 20:59:26 ----A---- C:\Windows\system32\jscript.dll
2009-09-09 20:59:19 ----A---- C:\Windows\system32\netiohlp.dll
2009-09-09 20:59:18 ----A---- C:\Windows\system32\TCPSVCS.EXE
2009-09-09 20:59:18 ----A---- C:\Windows\system32\ROUTE.EXE
2009-09-09 20:59:18 ----A---- C:\Windows\system32\NETSTAT.EXE
2009-09-09 20:59:18 ----A---- C:\Windows\system32\MRINFO.EXE
2009-09-09 20:59:18 ----A---- C:\Windows\system32\HOSTNAME.EXE
2009-09-09 20:59:18 ----A---- C:\Windows\system32\finger.exe
2009-09-09 20:59:18 ----A---- C:\Windows\system32\ARP.EXE
2009-09-09 20:59:17 ----A---- C:\Windows\system32\netevent.dll
2009-09-09 20:59:02 ----A---- C:\Windows\system32\wlansec.dll
2009-09-09 20:59:02 ----A---- C:\Windows\system32\wlanmsm.dll
2009-09-09 20:59:02 ----A---- C:\Windows\system32\L2SecHC.dll
2009-09-09 20:59:01 ----A---- C:\Windows\system32\wlansvc.dll
2009-09-09 20:59:01 ----A---- C:\Windows\system32\wlanapi.dll
2009-09-09 20:58:59 ----A---- C:\Windows\system32\WMVCORE.DLL
2009-09-09 20:58:58 ----A---- C:\Windows\system32\mf.dll
2009-09-03 05:27:30 ----A---- C:\Windows\system32\Apphlpdm.dll
2009-09-03 05:27:29 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll

======List of files/folders modified in the last 1 months======

2009-09-29 22:37:48 ----D---- C:\Windows\Temp
2009-09-29 22:00:01 ----D---- C:\Windows\Tasks
2009-09-29 19:00:03 ----D---- C:\Windows\system32\Tasks
2009-09-29 15:20:57 ----RD---- C:\Program Files
2009-09-29 14:41:16 ----SHD---- C:\System Volume Information
2009-09-28 18:38:07 ----D---- C:\Windows\System32
2009-09-28 18:38:07 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-09-28 18:38:06 ----D---- C:\Windows\inf
2009-09-28 17:06:43 ----D---- C:\Windows\Prefetch
2009-09-28 15:59:47 ----D---- C:\Windows
2009-09-28 15:44:54 ----SHD---- C:\Windows\Installer
2009-09-27 18:07:18 ----RSD---- C:\Windows\assembly
2009-09-23 01:27:51 ----D---- C:\Program Files\VstPlugins
2009-09-22 01:03:08 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2009-09-22 01:03:07 ----D---- C:\Program Files\AGEIA Technologies
2009-09-22 00:51:50 ----D---- C:\Users\Bratwurst \AppData\Roaming\dvdcss
2009-09-18 10:18:47 ----D---- C:\Windows\system32\catroot2
2009-09-11 14:26:06 ----HD---- C:\ProgramData
2009-09-10 23:27:46 ----D---- C:\Program Files\Mozilla Firefox
2009-09-10 10:34:47 ----D---- C:\Windows\rescache
2009-09-10 10:29:25 ----D---- C:\Windows\winsxs
2009-09-10 10:16:48 ----D---- C:\Windows\system32\de-DE
2009-09-10 10:16:47 ----D---- C:\Windows\system32\drivers
2009-09-10 03:03:33 ----D---- C:\Windows\system32\catroot
2009-09-10 03:03:18 ----D---- C:\Program Files\Windows Mail
2009-09-10 03:02:54 ----D---- C:\Windows\ehome
2009-09-05 19:38:30 ----D---- C:\Windows\system32\config
2009-09-03 22:23:38 ----D---- C:\Windows\AppPatch

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 DslMNLwf;DSL-Manager NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\dslmnlwf.sys [2007-08-01 16448]
R1 SSHDRV79;SSHDRV79; \??\C:\Windows\system32\drivers\SSHDRV79.sys [2008-09-10 75264]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R1 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys [2009-03-21 5632]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2009-07-20 281760]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2009-07-28 55656]
R2 KMDFMEMIO;SAMSUNG Kernel Driver; C:\Windows\system32\DRIVERS\kmdfmemio.sys [2008-04-16 13312]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2009-07-20 25888]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2008-05-07 767488]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-03-18 3542016]
R3 CmBatt;Treiber für Microsoft-ACPI-Kontrollmethodenkompatible Batterie; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-19 14208]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-07-07 2152088]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-10-26 193456]
R3 VMC302;Vimicro Camera Service VMC302; C:\Windows\System32\Drivers\VMC302.sys [2007-10-17 242560]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2007-12-06 298496]
S1 InCDPass;InCDPass; C:\Windows\system32\drivers\InCDPass.sys []
S1 InCDRm;InCD Reader; C:\Windows\system32\drivers\InCDRm.sys []
S3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2006-11-28 1161888]
S3 atxljdal;atxljdal; C:\Windows\system32\drivers\atxljdal.sys []
S3 BthEnum;Bluetooth-Auflistungsdienst; C:\Windows\system32\DRIVERS\BthEnum.sys [2008-04-16 19456]
S3 BthPan;Bluetooth-Gerät (PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2006-11-02 92160]
S3 BTHPORT;Bluetooth-Porttreiber; C:\Windows\System32\Drivers\BTHport.sys [2008-04-16 220160]
S3 BTHUSB;USB-Treiber für Bluetooth-Funkgerät; C:\Windows\System32\Drivers\BTHUSB.sys [2008-04-16 29184]
S3 btwaudio;Bluetooth-Audiogerät; C:\Windows\system32\drivers\btwaudio.sys [2007-03-29 79664]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2007-02-27 81200]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2007-02-27 16432]
S3 drmkaud;Microsoft Kernel-DRM-Audioentschlüsselung; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 dsltestSp5;dsltestSp5 NDIS Protocol Driver; C:\Windows\System32\Drivers\dsltestSp5.sys [2007-09-12 26816]
S3 ENTECH;ENTECH; \??\C:\Windows\system32\DRIVERS\ENTECH.sys [2007-08-20 27672]
S3 HdAudAddService;Microsoft 1.1 UAA-Funktionstreiber für High Definition Audio-Dienst; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 L6UX2;Service - Line 6 UX2; C:\Windows\System32\Drivers\L6UX2.sys []
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Microsoft Proxy für Streaming Clock; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Microsoft Proxy für Streaming Quality Manager; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 NETw2v32;Intel(R) PRO/Wireless 2915ABG Network Connection Driver for Windows Vista; C:\Windows\system32\DRIVERS\NETw2v32.sys [2006-11-02 2589184]
S3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-03-18 3542016]
S3 RFCOMM;Bluetooth-Gerät (RFCOMM-Protokoll-TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2006-11-02 49664]
S3 RTL8023xp;Realtek 10/100 NIC Family NDIS x86 Driver; C:\Windows\system32\DRIVERS\Rtnicxp.sys [2006-11-02 47104]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2005-08-17 58352]
S3 sscdmdfl;SAMSUNG CDMA Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys [2005-08-17 8272]
S3 sscdmdm;SAMSUNG CDMA Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys [2005-08-17 93872]
S3 usbaudio;USB-Audiotreiber (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-11 73216]
S3 usbvideo;USB-Videogerät (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2006-11-02 132352]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-19 39936]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S4 InCDFs;InCD File System; C:\Windows\system32\drivers\InCDFs.sys []
S4 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2006-11-02 82432]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirSchedulerService;Avira AntiVir Planer; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2008-03-18 663552]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2007-04-24 441136]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-07-25 79136]
R2 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2006-04-14 28933976]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2009-03-07 66872]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2006-12-19 272024]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 TuneUp.ProgramStatisticsSvc;@%SystemRoot%\System32\TUProgSt.exe,-1; C:\Windows\System32\TUProgSt.exe [2009-07-13 604416]
R2 Winstep Xtreme Service;Winstep Xtreme Service; C:\Program Files\Winstep\WsxService []
R3 TDslMgrService;DSL-Manager; C:\Program Files\T-Online\DSL-Manager\DslMgrSvc.exe [2008-10-23 307200]
S2 gupdate1c985e8534dfbcd;Google Update Service (gupdate1c985e8534dfbcd); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-02-03 133104]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2008-10-24 72704]
S3 aspnet_state;ASP.NET-Zustandsdienst; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-03-30 31048]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-04-17 654848]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2006-04-14 87840]
S3 TuneUp.Defrag;@%SystemRoot%\System32\TuneUpDefragService.exe,-1; C:\Windows\System32\TuneUpDefragService.exe [2009-07-14 361216]
S3 usprserv;User Privilege Service; C:\Windows\System32\svchost.exe [2008-01-19 21504]
S4 MSSQLServerADHelper;Hilfsdienst von SQL Server für Active Directory; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2005-10-13 45272]
S4 SQLBrowser;SQL Server-Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2006-04-14 240416]

-----------------EOF-----------------


Ja, das dachte ich mir auch schon. Stand bei google glaube ich etwas darüber.

Da liegt das Problem.... Ich brauche eine stetige Internetverbindung, weil ich gerade krank zu Hause bin und mein Laptop für meine Masterarbeit und meine richtige Arbeit benötige...

Was meinst du mit fixen?

OK, hab ich deinstalliert.

Also nicht das ich wüsste. Sagt mir gar nix.
Virus Total scheint gerade überlastet zu sein, deswegen hab ich die Datein mal bei Jotti hochgeladen und da hat er bei den ersten beiden bei einigen Scannern was gefunden, allerdings sagt er mir, dass dieProgramm.exe nicht vorhanden ist... Bei Jotti kann man sich den Ergebnis Link anzeigen lassen... das sind die URL's für die ersten beiden Dateien, oder ist es verboten das zu posten?
h--p://virusscan.jotti.org/de/scanresult/54ffbf874a9681fc9cb1e6525ed9302e9bf204c3
h--p://virusscan.jotti.org/de/scanresult/32f8cb5efbf792bf5347f27d89ec32636eedabbf

Also wie gesagt, den Tool kenne ich nicht...
OK, hab ich deinstalliert.

Scheint ein wenig zu dauern, mach ich also gleich.
Erstmal danke!