Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Überprüfung HiJackThis Log

Überprüfung HiJackThis Log


Log-Analyse und Auswertung: Überprüfung HiJackThis Log

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 11.12.2009, 00:37   #1
kleinelisi
 
Überprüfung HiJackThis Log - Standard

Überprüfung HiJackThis Log


Hallo,

ich sitzte hier allein in Spanien und Avira sagt mir, dass ich 2 Trojaner hab. Ich habe also HijackThis durchlaufen lassen und dies ist das Resultat:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:07:00, on 11.12.2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\PACKARD BELL\SetUpMyPC\SmpSys.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\TEXTware\HotKey\TWALINK.EXE
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0407&s=2&o=vp32&d=0109&m=easynote_ml65
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0407&s=2&o=vp32&d=0109&m=easynote_ml65
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0407&s=2&o=vp32&d=0109&m=easynote_ml65
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0407&s=2&o=vp32&d=0109&m=easynote_ml65
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetupMyPC\SmpSys.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\PACKARD BELL\SetUpMyPC\SmpSys.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST')
O4 - Startup: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: HotKey.lnk = C:\Program Files\TEXTware\HotKey\TWALINK.EXE
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Packard Bell\Packard Bell Recovery Management\Service\ETService.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Desktop Manager 5.7.808.7150 (GoogleDesktopManager-080708-050100) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: O2FLASH (o2flash) - O2Micro International - C:\Windows\system32\DRIVERS\o2flash.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe

--
End of file - 8415 bytes


Ich bin zu blöd für so was, kann mir bitte jemand Schlaues dabei helfen?

Alt 11.12.2009, 10:19   #2
kleinelisi
 
Überprüfung HiJackThis Log - Standard

Überprüfung HiJackThis Log


Ich hab jetzt CCleaner und Malwarebytes und RSIT durchlaufen lassen.
Hier das Ergebnis:

Malwarebytes:

Malwarebytes' Anti-Malware 1.42
Datenbank Version: 3344
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18865

11.12.2009 10:12:23
mbam-log-2009-12-11 (10-12-23).txt

Scan-Methode: Vollständiger Scan (C:\|)
Durchsuchte Objekte: 228706
Laufzeit: 42 minute(s), 47 second(s)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 1
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_CURRENT_USER\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2} (Adware.DoubleD) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)



RSIT hat dieses Ergebnis gebracht:

Logfile of random's system information tool 1.06 (written by random/random)
Run by Elisabeth at 2009-12-11 10:14:00
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 230 GB (79%) free of 292 GB
Total RAM: 3322 MB (55% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:14:02, on 11.12.2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\PACKARD BELL\SetUpMyPC\SmpSys.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\TEXTware\HotKey\TWALINK.EXE
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Elisabeth\Downloads\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Elisabeth.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0407&s=2&o=vp32&d=0109&m=easynote_ml65
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0407&s=2&o=vp32&d=0109&m=easynote_ml65
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0407&s=2&o=vp32&d=0109&m=easynote_ml65
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0407&s=2&o=vp32&d=0109&m=easynote_ml65
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetupMyPC\SmpSys.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\PACKARD BELL\SetUpMyPC\SmpSys.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST')
O4 - Startup: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: HotKey.lnk = C:\Program Files\TEXTware\HotKey\TWALINK.EXE
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Packard Bell\Packard Bell Recovery Management\Service\ETService.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Desktop Manager 5.7.808.7150 (GoogleDesktopManager-080708-050100) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: O2FLASH (o2flash) - O2Micro International - C:\Windows\system32\DRIVERS\o2flash.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe

--
End of file - 8620 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-12-10 263280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-11-15 764912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-12-10 263280]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2008-04-15 178712]
"SmpcSys"=C:\Program Files\Packard Bell\SetupMyPC\SmpSys.exe [2008-07-07 1038136]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-09-18 6294048]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]
"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2009-01-09 24064]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-06-08 894512]
"eRecoveryService"= []
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"Adobe Photo Downloader"=C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe [2005-06-23 57344]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"Skytel"=C:\Windows\Skytel.exe [2008-09-18 1833504]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-11-10 417792]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2009-12-03 429392]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SmpcSys"=C:\Program Files\PACKARD BELL\SetUpMyPC\SmpSys.exe [2008-07-07 1038136]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-02-05 68856]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2009-06-26 25604904]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe [2008-04-28 1828136]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HotKey.lnk - C:\Program Files\TEXTware\HotKey\TWALINK.EXE

C:\Users\Elisabeth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableLockWorkstation"=0
"DisableTaskMgr"=0
"DisableChangePassword"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
"HideFastUserSwitching"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoLogoff"=0
"NoClose"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{414d3e13-df67-11de-a04f-00238b4d6ae8}]
shell\AutoRun\command - xAVx\ReleAsE\xAVy.exe
shell\open\command - xAVx\ReleAsE\xAVy.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{873d98f4-50de-11de-b17b-00238b4d6ae8}]
shell\AutoRun\command - ctu8r.exe
shell\open\command - ctu8r.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c2436406-de9f-11de-956f-00238b4d6ae8}]
shell\AutoRun\command - ngp8l.exe
shell\open\command - ngp8l.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ea49b74e-71ff-11de-b504-00238b4d6ae8}]
shell\AutoRun\command - E:\EasySuite.exe


======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2009-12-11 10:14:00 ----D---- C:\rsit
2009-12-11 09:23:23 ----D---- C:\Users\Elisabeth\AppData\Roaming\Malwarebytes
2009-12-11 09:23:18 ----D---- C:\ProgramData\Malwarebytes
2009-12-11 09:23:18 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-12-11 09:00:57 ----D---- C:\Program Files\CCleaner
2009-12-11 00:04:54 ----D---- C:\Program Files\Trend Micro
2009-12-10 22:52:50 ----D---- C:\Windows\Profiles
2009-12-10 04:44:31 ----A---- C:\Windows\system32\nshhttp.dll
2009-12-10 04:44:30 ----A---- C:\Windows\system32\httpapi.dll
2009-12-09 17:56:40 ----A---- C:\Windows\system32\winhttp.dll
2009-12-09 17:56:36 ----A---- C:\Windows\system32\mshtml.dll
2009-12-09 17:56:36 ----A---- C:\Windows\system32\ieframe.dll
2009-12-09 17:56:35 ----A---- C:\Windows\system32\iertutil.dll
2009-12-09 17:56:34 ----A---- C:\Windows\system32\wininet.dll
2009-12-09 17:56:34 ----A---- C:\Windows\system32\urlmon.dll
2009-12-09 17:56:34 ----A---- C:\Windows\system32\occache.dll
2009-12-09 17:56:34 ----A---- C:\Windows\system32\msfeedssync.exe
2009-12-09 17:56:34 ----A---- C:\Windows\system32\msfeedsbs.dll
2009-12-09 17:56:34 ----A---- C:\Windows\system32\msfeeds.dll
2009-12-09 17:56:34 ----A---- C:\Windows\system32\jsproxy.dll
2009-12-09 17:56:34 ----A---- C:\Windows\system32\ieUnatt.exe
2009-12-09 17:56:34 ----A---- C:\Windows\system32\ieui.dll
2009-12-09 17:56:34 ----A---- C:\Windows\system32\iesysprep.dll
2009-12-09 17:56:34 ----A---- C:\Windows\system32\iesetup.dll
2009-12-09 17:56:34 ----A---- C:\Windows\system32\iernonce.dll
2009-12-09 17:56:34 ----A---- C:\Windows\system32\iepeers.dll
2009-12-09 17:56:34 ----A---- C:\Windows\system32\iedkcs32.dll
2009-12-09 17:56:34 ----A---- C:\Windows\system32\ie4uinit.exe
2009-12-09 17:55:54 ----A---- C:\Windows\system32\rastls.dll
2009-12-02 22:46:06 ----A---- C:\Windows\system32\javaws.exe
2009-12-02 22:46:06 ----A---- C:\Windows\system32\javaw.exe
2009-12-02 22:46:06 ----A---- C:\Windows\system32\java.exe
2009-11-25 09:11:39 ----A---- C:\Windows\system32\tzres.dll
2009-11-24 19:30:55 ----A---- C:\Windows\system32\msxml6.dll
2009-11-24 19:30:54 ----A---- C:\Windows\system32\msxml3.dll
2009-11-23 19:01:12 ----D---- C:\Program Files\Common Files\Apple
2009-11-23 19:00:41 ----D---- C:\Program Files\QuickTime
2009-11-17 19:45:34 ----D---- C:\Program Files\Windows Portable Devices
2009-11-17 14:22:28 ----A---- C:\Windows\system32\UIRibbonRes.dll
2009-11-17 14:22:28 ----A---- C:\Windows\system32\UIRibbon.dll
2009-11-17 14:22:28 ----A---- C:\Windows\system32\UIAnimation.dll
2009-11-17 14:22:10 ----A---- C:\Windows\system32\WMPhoto.dll
2009-11-17 14:22:09 ----A---- C:\Windows\system32\XpsRasterService.dll
2009-11-17 14:22:09 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2009-11-17 14:22:09 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2009-11-17 14:22:09 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2009-11-17 14:22:09 ----A---- C:\Windows\system32\d3d10warp.dll
2009-11-17 14:22:09 ----A---- C:\Windows\system32\d2d1.dll
2009-11-17 14:22:09 ----A---- C:\Windows\system32\cdd.dll
2009-11-17 14:22:08 ----A---- C:\Windows\system32\xpsservices.dll
2009-11-17 14:22:08 ----A---- C:\Windows\system32\XpsPrint.dll
2009-11-17 14:22:08 ----A---- C:\Windows\system32\WindowsCodecs.dll
2009-11-17 14:22:08 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2009-11-17 14:22:08 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2009-11-17 14:22:08 ----A---- C:\Windows\system32\OpcServices.dll
2009-11-17 14:22:08 ----A---- C:\Windows\system32\FntCache.dll
2009-11-17 14:22:08 ----A---- C:\Windows\system32\dxgi.dll
2009-11-17 14:22:08 ----A---- C:\Windows\system32\dxdiagn.dll
2009-11-17 14:22:08 ----A---- C:\Windows\system32\dxdiag.exe
2009-11-17 14:22:08 ----A---- C:\Windows\system32\DWrite.dll
2009-11-17 14:22:08 ----A---- C:\Windows\system32\d3d11.dll
2009-11-17 14:22:08 ----A---- C:\Windows\system32\d3d10level9.dll
2009-11-17 14:22:08 ----A---- C:\Windows\system32\d3d10core.dll
2009-11-17 14:22:08 ----A---- C:\Windows\system32\d3d10_1core.dll
2009-11-17 14:22:08 ----A---- C:\Windows\system32\d3d10_1.dll
2009-11-17 14:22:08 ----A---- C:\Windows\system32\d3d10.dll
2009-11-17 14:21:44 ----A---- C:\Windows\system32\WPDShextAutoplay.exe
2009-11-17 14:21:44 ----A---- C:\Windows\system32\wpdbusenum.dll
2009-11-17 14:21:44 ----A---- C:\Windows\system32\BthMtpContextHandler.dll
2009-11-17 14:21:43 ----A---- C:\Windows\system32\PortableDeviceConnectApi.dll
2009-11-17 14:21:42 ----A---- C:\Windows\system32\WpdMtpUS.dll
2009-11-17 14:21:42 ----A---- C:\Windows\system32\WpdConns.dll
2009-11-17 14:21:41 ----A---- C:\Windows\system32\WPDSp.dll
2009-11-17 14:21:41 ----A---- C:\Windows\system32\WPDShServiceObj.dll
2009-11-17 14:21:41 ----A---- C:\Windows\system32\wpdshext.dll
2009-11-17 14:21:41 ----A---- C:\Windows\system32\WpdMtp.dll
2009-11-17 14:21:41 ----A---- C:\Windows\system32\wpd_ci.dll
2009-11-17 14:21:41 ----A---- C:\Windows\system32\PortableDeviceWMDRM.dll
2009-11-17 14:21:41 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2009-11-17 14:21:41 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2009-11-17 14:21:41 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2009-11-17 14:20:49 ----A---- C:\Windows\system32\UIAutomationCore.dll
2009-11-17 14:20:49 ----A---- C:\Windows\system32\oleaccrc.dll
2009-11-17 14:20:49 ----A---- C:\Windows\system32\oleacc.dll
2009-11-14 18:06:37 ----D---- C:\ProgramData\TVU Networks
2009-11-14 18:05:46 ----D---- C:\Windows\system32\TVUAx

======List of files/folders modified in the last 1 months======

2009-12-11 10:13:48 ----D---- C:\Windows\Temp
2009-12-11 10:12:52 ----D---- C:\Users\Elisabeth\AppData\Roaming\Skype
2009-12-11 09:23:20 ----D---- C:\Windows\system32\drivers
2009-12-11 09:23:18 ----RD---- C:\Program Files
2009-12-11 09:23:18 ----HD---- C:\ProgramData
2009-12-11 09:14:45 ----D---- C:\Windows\Debug
2009-12-11 09:14:44 ----D---- C:\Windows\Minidump
2009-12-11 09:14:44 ----D---- C:\Windows
2009-12-11 08:58:51 ----D---- C:\Windows\System32
2009-12-11 08:58:51 ----D---- C:\Windows\inf
2009-12-11 08:58:51 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-12-11 08:53:34 ----D---- C:\Users\Elisabeth\AppData\Roaming\skypePM
2009-12-11 00:52:59 ----A---- C:\Windows\TEXTWARE.INI
2009-12-10 22:17:21 ----SHD---- C:\Windows\Installer
2009-12-10 17:32:09 ----D---- C:\Windows\winsxs
2009-12-10 17:24:14 ----SHD---- C:\System Volume Information
2009-12-10 09:10:56 ----D---- C:\Windows\rescache
2009-12-10 08:42:41 ----A---- C:\Windows\NeroDigital.ini
2009-12-10 08:38:04 ----D---- C:\Windows\system32\catroot
2009-12-10 05:17:41 ----D---- C:\Windows\system32\migration
2009-12-10 05:17:40 ----D---- C:\Windows\system32\de-DE
2009-12-10 05:17:40 ----D---- C:\Program Files\Windows Mail
2009-12-10 05:17:40 ----D---- C:\Program Files\Internet Explorer
2009-12-10 04:45:07 ----D---- C:\Windows\system32\catroot2
2009-12-10 04:44:23 ----D---- C:\ProgramData\Microsoft Help
2009-12-09 18:05:01 ----D---- C:\Users\Elisabeth\AppData\Roaming\CameraWindowDC
2009-12-09 18:00:23 ----D---- C:\Users\Elisabeth\AppData\Roaming\ZoomBrowser EX
2009-12-02 22:46:05 ----D---- C:\Program Files\Java
2009-12-01 21:06:19 ----A---- C:\Windows\system32\mrt.exe
2009-11-23 19:01:12 ----D---- C:\Program Files\Common Files
2009-11-23 19:00:41 ----D---- C:\ProgramData\Apple Computer
2009-11-17 19:48:00 ----D---- C:\Windows\system32\Tasks
2009-11-17 19:45:34 ----D---- C:\Windows\system32\wbem
2009-11-17 19:45:31 ----D---- C:\Windows\system32\zh-TW
2009-11-17 19:45:31 ----D---- C:\Windows\system32\zh-HK
2009-11-17 19:45:31 ----D---- C:\Windows\system32\uk-UA
2009-11-17 19:45:31 ----D---- C:\Windows\system32\tr-TR
2009-11-17 19:45:31 ----D---- C:\Windows\system32\th-TH
2009-11-17 19:45:31 ----D---- C:\Windows\system32\sv-SE
2009-11-17 19:45:31 ----D---- C:\Windows\system32\sr-Latn-CS
2009-11-17 19:45:31 ----D---- C:\Windows\system32\sl-SI
2009-11-17 19:45:31 ----D---- C:\Windows\system32\sk-SK
2009-11-17 19:45:31 ----D---- C:\Windows\system32\pt-PT
2009-11-17 19:45:31 ----D---- C:\Windows\system32\pt-BR
2009-11-17 19:45:31 ----D---- C:\Windows\system32\pl-PL
2009-11-17 19:45:31 ----D---- C:\Windows\system32\nl-NL
2009-11-17 19:45:31 ----D---- C:\Windows\system32\lv-LV
2009-11-17 19:45:31 ----D---- C:\Windows\system32\lt-LT
2009-11-17 19:45:31 ----D---- C:\Windows\system32\ko-KR
2009-11-17 19:45:31 ----D---- C:\Windows\system32\it-IT
2009-11-17 19:45:31 ----D---- C:\Windows\system32\hu-HU
2009-11-17 19:45:31 ----D---- C:\Windows\system32\hr-HR
2009-11-17 19:45:31 ----D---- C:\Windows\system32\he-IL
2009-11-17 19:45:31 ----D---- C:\Windows\system32\fr-FR
2009-11-17 19:45:31 ----D---- C:\Windows\system32\fi-FI
2009-11-17 19:45:31 ----D---- C:\Windows\system32\et-EE
2009-11-17 19:45:31 ----D---- C:\Windows\system32\es-ES
2009-11-17 19:45:31 ----D---- C:\Windows\system32\el-GR
2009-11-17 19:45:31 ----D---- C:\Windows\system32\bg-BG
2009-11-17 19:45:30 ----D---- C:\Windows\system32\zh-CN
2009-11-17 19:45:30 ----D---- C:\Windows\system32\ru-RU
2009-11-17 19:45:30 ----D---- C:\Windows\system32\ro-RO
2009-11-17 19:45:30 ----D---- C:\Windows\system32\nb-NO
2009-11-17 19:45:30 ----D---- C:\Windows\system32\ja-JP
2009-11-17 19:45:30 ----D---- C:\Windows\system32\en-US
2009-11-17 19:45:30 ----D---- C:\Windows\system32\da-DK
2009-11-17 19:45:30 ----D---- C:\Windows\system32\cs-CZ
2009-11-17 19:45:30 ----D---- C:\Windows\system32\ar-SA
2009-11-15 22:37:18 ----D---- C:\Windows\system32\WDI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2009-04-27 96104]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-06-26 28520]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2009-12-07 56816]
R2 int15;int15; \??\C:\Windows\system32\drivers\int15.sys [2008-07-16 15392]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-07-04 3847168]
R3 CmBatt;Treiber für Microsoft-ACPI-Kontrollmethodenkompatible Batterie; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-09-18 2169944]
R3 netr28;Ralink 802.11n Wireless Driver for Windows Vista; C:\Windows\system32\DRIVERS\netr28.sys [2007-11-21 327168]
R3 O2MDRDR;O2MDRDR; C:\Windows\system32\DRIVERS\o2media.sys [2008-08-22 51288]
R3 O2SDRDR;O2SDRDR; C:\Windows\system32\DRIVERS\o2sd.sys [2008-06-12 43608]
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIV.sys [2008-06-18 147168]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-08-06 124928]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-06-08 187448]
R3 usbvideo;USB-Videogerät (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 drmkaud;Microsoft Kernel-DRM-Audioentschlüsselung; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Microsoft 1.1 UAA-Funktionstreiber für High Definition Audio-Dienst; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Proxy für Streaming Clock; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Proxy für Streaming Quality Manager; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2008-01-21 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeActiveFileMonitor6.0;Adobe Active File Monitor V6; C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [2007-09-11 124832]
R2 AntiVirSchedulerService;Avira AntiVir Planer; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-06-26 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-08-10 185089]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2008-07-04 692224]
R2 ETService;Empowering Technology Service; C:\Program Files\Packard Bell\Packard Bell Recovery Management\Service\ETService.exe [2008-07-16 24576]
R2 ezSharedSvc;Easybits Shared Services for Windows; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2008-04-15 354840]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-02-18 877864]
R2 o2flash;O2FLASH; C:\Windows\system32\DRIVERS\o2flash.exe [2008-08-22 71512]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [2006-12-19 81920]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-04-28 529704]
S3 aspnet_state;ASP.NET-Zustandsdienst; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-03-30 31048]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-11-13 654848]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 GoogleDesktopManager-080708-050100;Google Desktop Manager 5.7.808.7150; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2009-01-09 24064]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-27 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

-----------------EOF-----------------
__________________
Antwort

Themen zu Überprüfung HiJackThis Log
adobe, antivir, antivir guard, avg, avira, bho, defender, desktop, downloader, firefox, google, hijack, hijackthis, hijackthis log, internet, internet explorer, monitor, mozilla, packard bell, photoshop, plug-in, rundll, senden, software, system, trojaner, vista, windows


« Verdacht auf Keylogger | Ständig neue Browserfenster und CPU-Auslastung bei 100% »


Ähnliche Themen: Überprüfung HiJackThis Log


  1. Hijackthis File überprüfung
    Log-Analyse und Auswertung - 17.05.2011 (7)
  2. Genaue HiJackThis Überprüfung!
    Log-Analyse und Auswertung - 09.08.2010 (2)
  3. HiJackThis-Logfile - PC-Überprüfung
    Log-Analyse und Auswertung - 06.08.2010 (7)
  4. Hijackthis Logfile Überprüfung
    Log-Analyse und Auswertung - 09.10.2009 (4)
  5. Bitte um Überprüfung der HIJackThis Log-File
    Mülltonne - 29.12.2008 (1)
  6. hijackthis logfile, bitte um überprüfung
    Mülltonne - 25.11.2008 (0)
  7. Bitte um Überprüfung hijackthis.log
    Mülltonne - 08.12.2007 (0)
  8. HiJackThis-Log | Bitte um Überprüfung
    Log-Analyse und Auswertung - 16.05.2007 (4)
  9. HijackThis erbitte Überprüfung!!!
    Log-Analyse und Auswertung - 18.02.2007 (1)
  10. HiJackThis Zur Überprüfung -Danke
    Mülltonne - 11.01.2007 (4)
  11. Überprüfung von HiJackThis
    Mülltonne - 01.09.2006 (4)
  12. Überprüfung: HiJackThis Log-File
    Plagegeister aller Art und deren Bekämpfung - 22.06.2006 (2)
  13. kurzes HiJackThis Log-File zur Überprüfung
    Log-Analyse und Auswertung - 11.05.2006 (7)
  14. HijackThis Log-File zur Überprüfung
    Log-Analyse und Auswertung - 11.05.2006 (3)
  15. Bitte um Überprüfung meines HiJackThis Log`s
    Log-Analyse und Auswertung - 18.12.2005 (1)
  16. Überprüfung HiJackThis Log
    Log-Analyse und Auswertung - 25.03.2005 (6)
  17. Bitte um Überprüfung des Logfile vom HijackThis
    Log-Analyse und Auswertung - 09.12.2004 (11)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Überprüfung HiJackThis Log - Hallo, ich sitzte hier allein in Spanien und Avira sagt mir, dass ich 2 Trojaner hab. Ich habe also HijackThis durchlaufen lassen und dies ist das Resultat: Logfile of Trend - Überprüfung HiJackThis Log...
Archiv
Du betrachtest: Überprüfung HiJackThis Log auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55