| |
| |||||||
Log-Analyse und Auswertung: Keylogger, WoW - Account gehackt :XWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
14.12.2009, 00:12
| #1 |
 |  Keylogger, WoW - Account gehackt :X Hallo erstmal! Ich hab heute schon ganz viel gemacht, da ich schon 2 mal! in einer Woche gehackt wurde. Antivir, AVG, Norton Security Scan (Hat was ausgespuckt, aber nur eine IluPak.exe, die ich entfernt hab (Log post ich aber noch). A-squared hat auch nix gefunden. Die Datei, die Norton gefunden hat, war unter: C:\Windows\MRLH\IluPak.exe Hier erstmal der Log von Malwarebytes: Code:
ATTFilter Malwarebytes' Anti-Malware 1.42
Datenbank Version: 3355
Windows 6.0.6002 Service Pack 2
Internet Explorer 7.0.6002.18005
14.12.2009 00:05:00
mbam-log-2009-12-14 (00-05-00).txt
Scan-Methode: Vollständiger Scan (C:\|D:\|I:\|)
Durchsuchte Objekte: 267837
Laufzeit: 1 hour(s), 48 minute(s), 50 second(s)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
Code:
ATTFilter info.txt logfile of random's system information tool 1.06 2009-12-13 23:16:27
======Uninstall list======
-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
-->MsiExec /X{B83FC356-B7C0-441F-8A4D-D71E088E7974}
Adobe AIR-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player 9 ActiveX-->C:\Windows\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
Adobe Reader 7.0.8 - Deutsch-->MsiExec.exe /I{AC76BA86-7AD7-1031-7B44-A70800000002}
Apple Application Support-->MsiExec.exe /I{3FA365DF-2D68-45ED-8F83-8C8A33E65143}
Apple Mobile Device Support-->MsiExec.exe /I{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
a-squared Anti-Malware 4.5-->"C:\Program Files\a-squared Anti-Malware\unins000.exe"
Avira AntiVir Premium-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE
Batch Renamer 2.1.1 (uninstall)-->C:\Program Files\Batch Renamer\remove_batchRenamer.exe
Benutzerhandbuch-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}\setup.exe"
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
Broadcom Management Programs-->MsiExec.exe /X{D6771E19-1BB6-43B1-811E-ECC5A4613579}
Call of Duty: Modern Warfare 2 - Multiplayer-->"C:\Program Files\Steam\steam.exe" steam://uninstall/10190
Call of Duty: Modern Warfare 2-->"C:\Program Files\Steam\steam.exe" steam://uninstall/10180
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Digital Line Detect-->C:\Program Files\InstallShield Installation Information\{E646DCF0-5A68-11D5-B229-002078017FBF}\setup.exe -runfromtemp -l0x0007 -removeonly
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Plus DirectShow Filters-->C:\Program Files\DivX\DivXDSFiltersUninstall.exe /DSFILTERS
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Fraps (remove only)-->"C:\Fraps\uninstall.exe"
Glitchys MES-->"C:\Program Files\Glitchy's Model Editing Suite\unins000.exe"
Haali Media Splitter-->"C:\Program Files\Haali\MatroskaSplitter\uninstall.exe"
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
I8kfanGUI V3.1-->"C:\Program Files\I8kfanGUI\uninstall.exe"
Java(TM) 6 Update 17-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216013FF}
Java(TM) SE Runtime Environment 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160000}
JDownloader-->C:\Program Files\JDownloader\uninstall.exe
Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}
KeyScrambler-->C:\Program Files\KeyScrambler\uninstall.exe
Left 4 Dead 2-->"C:\Program Files\Steam\steam.exe" steam://uninstall/550
Left 4 Dead-->"C:\Program Files\Steam\steam.exe" steam://uninstall/500
Livestream Procaster-->MsiExec.exe /I{0E323ECF-FA5B-454A-B79C-508419AC2538}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
MediaDirect-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}\Setup.exe" -l0x7 -cluninstall
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - deu\setup.exe
Microsoft .NET Framework 3.5 Language Pack SP1 - deu-->MsiExec.exe /I{052FDD78-A6EA-3187-8386-C82F4CA3A929}
Microsoft .NET Framework 3.5 SP1-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft AppLocale-->MsiExec.exe /I{394BE3D9-7F57-4638-A8D1-1D88671913B7}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0044-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0407-0000-0000000FF1CE} /uninstall {26454C26-D259-4543-AA60-3189E09C5F76}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00BA-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office Access MUI (German) 2007-->MsiExec.exe /X{90120000-0015-0407-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISER /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{91120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (German) 2007-->MsiExec.exe /X{90120000-0016-0407-0000-0000000FF1CE}
Microsoft Office Groove MUI (German) 2007-->MsiExec.exe /X{90120000-00BA-0407-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (German) 2007-->MsiExec.exe /X{90120000-0044-0407-0000-0000000FF1CE}
Microsoft Office OneNote MUI (German) 2007-->MsiExec.exe /X{90120000-00A1-0407-0000-0000000FF1CE}
Microsoft Office Outlook MUI (German) 2007-->MsiExec.exe /X{90120000-001A-0407-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (German) 2007-->MsiExec.exe /X{90120000-0018-0407-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Italian) 2007-->MsiExec.exe /X{90120000-001F-0410-0000-0000000FF1CE}
Microsoft Office Proofing (German) 2007-->MsiExec.exe /X{90120000-002C-0407-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0410-0000-0000000FF1CE} /uninstall {322296D4-1EAE-4030-9FBC-D2787EB25FA2}
Microsoft Office Publisher MUI (German) 2007-->MsiExec.exe /X{90120000-0019-0407-0000-0000000FF1CE}
Microsoft Office Shared MUI (German) 2007-->MsiExec.exe /X{90120000-006E-0407-0000-0000000FF1CE}
Microsoft Office Word MUI (German) 2007-->MsiExec.exe /X{90120000-001B-0407-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Windows Application Compatibility Database-->C:\Windows\system32\sdbinst.exe -u "C:\Windows\AppPatch\Custom\{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb"
Mozilla Firefox (3.5.5)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MSXML4 Parser-->MsiExec.exe /I{01501EBA-EC35-4F9F-8889-3BE346E5DA13}
NCsoft Launcher-->"C:\Program Files\InstallShield Installation Information\{C9FB868B-2086-4EE2-BD4F-BFBA36B131F4}\setup.exe" -runfromtemp -l0x0009 -removeonly
NetWaiting-->C:\Program Files\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\setup.exe -runfromtemp -l0x0007 -removeonly
Norton Security Scan-->C:\Program Files\NortonInstaller\{397E31AA-0D78-4649-A01C-339D73A2ED35}\NSS\LicenseType\2.3.0.44\InstStub.exe /X
NVIDIA Drivers-->C:\Windows\system32\NVUNINST.EXE UninstallGUI
NVIDIA PhysX-->MsiExec.exe /X{B83FC356-B7C0-441F-8A4D-D71E088E7974}
OGA Notifier 2.0.0048.0-->MsiExec.exe /I{B2544A03-10D0-4E5E-BA69-0362FFC20D18}
Online Armor 4.0-->"C:\Program Files\Tall Emu\Online Armor\unins000.exe"
OutlookAddinSetup-->MsiExec.exe /I{9BDEF074-020E-458D-ADC5-8FF68E0C9B56}
PC Connectivity Solution-->MsiExec.exe /I{AC599724-5755-48C1-ABE7-ABB857652930}
QuickTime-->MsiExec.exe /I{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}
RunAlyzer-->"C:\Program Files\Safer Networking\RunAlyzer\unins000.exe"
Safari-->MsiExec.exe /I{D6E4E5D6-7693-4BB4-95BA-21F38FAFEE90}
SAMSUNG Android USB Modem Software-->C:\Windows\system32\Samsung_USB_Drivers\Shrewsbury\SSADUninstall.exe
SAMSUNG Mobile Composite Device Software-->C:\Windows\system32\Samsung_USB_Drivers\6_old\SSBCUninstall.exe
Samsung Mobile Modem Device Software-->C:\Windows\system32\Samsung_USB_Drivers\7\SSECUninstall.exe
SAMSUNG Mobile Modem Driver Set-->C:\Windows\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
Samsung Mobile phone USB driver Software-->C:\Windows\system32\Samsung_USB_Drivers\5\SSSDUninstall.exe
SAMSUNG Mobile USB Download Driver Software-->C:\Windows\system32\Samsung_USB_Drivers\NXP_Driver\SSDUUninstall.exe
SAMSUNG Mobile USB Driver-->MsiExec.exe /I{7184F382-8A6C-4B85-A3AC-B63734B1E241}
SAMSUNG Mobile USB Modem 1.0 Software-->C:\Windows\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe
Samsung Mobile USB Modem Device Software-->C:\Windows\system32\Samsung_USB_Drivers\7_681B\SECUUninstall.exe
SAMSUNG Mobile USB Modem Software-->C:\Windows\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe
SAMSUNG USB Mobile Device Software-->C:\Windows\system32\Samsung_USB_Drivers\6\SS_BUninstall.exe
SamsungConnectivityCableDriver-->MsiExec.exe /X{7E84FAC8-C518-40F9-9807-7455301D6D25}
Security Task Manager 1.7h-->C:\Program Files\Security Task Manager\Uninstal.exe "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Task Manager"
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB973704)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {E626DC89-A787-4553-9BB3-DC2EC7E1593F}
Security Update for Microsoft Office Excel 2007 (KB973593)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {7D6255E3-3423-4D8B-A328-F6F8D28DD5FE}
Security Update for Microsoft Office Outlook 2007 (KB972363)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {120BE9A0-9B09-4855-9E0C-7DEE45CB03C0}
Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}
Security Update for Microsoft Office Publisher 2007 (KB969693)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {7BE67088-1EB3-4569-8E75-DDAFBF61BC4E}
Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C}
Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
SigmaTel Audio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}\setup.exe" -l0x7 -remove -removeonly
Skype™ 4.1-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
Sonic Activation Module-->MsiExec.exe /I{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
Sun Java (TM) Wireless Toolkit 2.5.2_01 for CLDC-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8CB1BFD3-82B0-4C3E-A586-0A5472158E9E}\setup.exe" -l0x9 -removeonly
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
TeamSpeak 2 RC2-->"C:\Program Files\Teamspeak2_RC2\unins000.exe"
Trillian-->C:\Program Files\Trillian\Trillian.exe /uninstall
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Microsoft Office InfoPath 2007 (KB976416)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {432C5EE4-8096-4FF1-95E1-65219365DFF7}
Update for Microsoft Office Word 2007 (KB974561)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {0CDDBAA2-2111-4A0E-A1B0-76C40C635331}
Update for Outlook 2007 Junk Email Filter (kb976884)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {FB60F280-C70F-4174-BADB-471412AA42F0}
Update für Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0407-0000-0000000FF1CE} /uninstall {BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}
Update für Microsoft Office Outlook 2007 Help (KB963677)-->msiexec /package {90120000-001A-0407-0000-0000000FF1CE} /uninstall {F6828576-6F79-470D-AB50-69D1BBADBD30}
Update für Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0407-0000-0000000FF1CE} /uninstall {EA160DA3-E9B5-4D03-A518-21D306665B96}
Update für Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0407-0000-0000000FF1CE} /uninstall {38472199-D7B6-4833-A949-10E4EE6365A1}
VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
Ventrilo Client-->MsiExec.exe /I{789289CA-F73A-4A16-A331-54D498CE069F}
VirtualCom driver-->MsiExec.exe /I{1943A043-5C85-4A16-A0D0-D687B2C1A40F}
VLC media player 1.0.1-->C:\Program Files\VideoLAN\VLC\uninstall.exe
WIDCOMM Bluetooth Software 6.0.1.3100-->MsiExec.exe /X{A13E07E1-A423-44FB-9DEE-B24C75C1BAF2}
Windows Live Anmelde-Assistent-->MsiExec.exe /I{52B97218-98CB-4B8B-9283-D213C85E1AA4}
Windows Live Call-->MsiExec.exe /I{5FC68772-6D56-41C6-9DF1-24E868198AE6}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Essentials-->C:\Program Files\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}
Windows Live Fotogalerie-->MsiExec.exe /X{2BA722D1-48D1-406E-9123-8AE5431D63EF}
Windows Live Mail-->MsiExec.exe /I{C4D738F7-996A-4C81-B8FA-C4E26D767E41}
Windows Live Messenger-->MsiExec.exe /X{41E654A9-26D0-4EAC-854B-0FA824FFFABB}
Windows Live Movie Maker-->MsiExec.exe /X{3EFEF049-23D4-4B46-8903-4592FEA51018}
Windows Live Sync-->MsiExec.exe /X{76618402-179D-4699-A66B-D351C59436BC}
Windows Live-Uploadtool-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
WinRAR-->C:\Program Files\WinRAR\uninstall.exe
World of Warcraft-->C:\Program Files\Common Files\Blizzard Entertainment\World of Warcraft Public Test-PTR\Uninstall.exe
Xfire (remove only)-->"C:\Program Files\Xfire\uninst.exe"
======Hosts File======
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
======Security center information======
AS: Spybot - Search and Destroy (disabled)
AS: Windows-Defender (disabled)
======System event log======
Computer Name: ***-PC
Event Code: 10029
Message: DCOM hat den Dienst swprv mit den Argumenten "" gestartet, um den Server auszuführen:
{65EE1DBA-8FF4-4A58-AC1C-3470EE2F376A}
Record Number: 47926
Source Name: Microsoft-Windows-DistributedCOM
Time Written: 20090625082111.000000-000
Event Type: Informationen
User:
Computer Name: ***-PC
Event Code: 10029
Message: DCOM hat den Dienst VSS mit den Argumenten "" gestartet, um den Server auszuführen:
{E579AB5F-1CC4-44B4-BED9-DE0991FF0623}
Record Number: 47925
Source Name: Microsoft-Windows-DistributedCOM
Time Written: 20090625082111.000000-000
Event Type: Informationen
User:
Computer Name: ***-PC
Event Code: 7036
Message: Dienst "WinHTTP-Web Proxy Auto-Discovery-Dienst" befindet sich jetzt im Status "Beendet".
Record Number: 47924
Source Name: Service Control Manager
Time Written: 20090625075039.000000-000
Event Type: Informationen
User:
Computer Name: ***-PC
Event Code: 7036
Message: Dienst "Windows Update" befindet sich jetzt im Status "Ausgeführt".
Record Number: 47923
Source Name: Service Control Manager
Time Written: 20090625073614.000000-000
Event Type: Informationen
User:
Computer Name: ***-PC
Event Code: 7036
Message: Dienst "Startprogramm für Windows Media Center" befindet sich jetzt im Status "Beendet".
Record Number: 47922
Source Name: Service Control Manager
Time Written: 20090625073613.000000-000
Event Type: Informationen
User:
=====Application event log=====
Computer Name: D95R2T2J
Event Code: 6001
Message: Der Winlogon-Benachrichtigungsabonnent <GPClient> ist bei einem Benachrichtigungsereignis fehlgeschlagen.
Record Number: 350
Source Name: Microsoft-Windows-Winlogon
Time Written: 20070310105506.000000-000
Event Type: Warnung
User:
Computer Name: D95R2T2J
Event Code: 6000
Message: Der Winlogon-Benachrichtigungsabonnent <SessionEnv> war nicht verfügbar, um das Benachrichtigungsereignis zu verarbeiten.
Record Number: 349
Source Name: Microsoft-Windows-Winlogon
Time Written: 20070310105506.000000-000
Event Type: Informationen
User:
Computer Name: D95R2T2J
Event Code: 9009
Message: Der Desktopfenster-Manager wurde mit dem Code (0x40010004) abgebrochen.
Record Number: 348
Source Name: Desktop Window Manager
Time Written: 20070310105506.000000-000
Event Type: Informationen
User:
Computer Name: D95R2T2J
Event Code: 1013
Message: Der Windows-Suchdienst wurde normal beendet.
Record Number: 347
Source Name: Microsoft-Windows-Search
Time Written: 20070310105450.000000-000
Event Type: Informationen
User:
Computer Name: D95R2T2J
Event Code: 1
Message: Der Windows-Sicherheitscenterdienst wurde gestartet.
Record Number: 346
Source Name: SecurityCenter
Time Written: 20070310105448.000000-000
Event Type: Informationen
User:
=====Security event log=====
Computer Name: ***-PC
Event Code: 1101
Message: Überwachungsereignisse wurden vom Transport gelöscht. Die Echtzeit-Sicherungsdatei war beschädigt, da das System nicht ordnungsgemäß heruntergefahren wurde.
Record Number: 298
Source Name: Microsoft-Windows-Eventlog
Time Written: 20090603153521.960910-000
Event Type: Überwachung erfolgreich
User:
Computer Name: D95R2T2J
Event Code: 4616
Message: Die Systemzeit wurde geändert.
Antragsteller:
Sicherheits-ID: S-1-5-19
Kontoname: LOKALER DIENST
Kontodomäne: NT-AUTORITÄT
Anmelde-ID: 0x3e5
Prozessinformationen:
Prozess-ID: 0x4ec
Name: C:\Windows\System32\svchost.exe
Vorherige Zeit: 10:55:20 10.03.2007
Neue Zeit: 10:55:20 10.03.2007
Dieses Ereignis wird generiert, wenn die Systemzeit geändert wird. Es ist normal, dass der mit Systemberechtigung ausgeführte Windows-Zeitdienst die Systemzeit regelmäßig ändert. Andere Änderungen der Systemzeit können darauf hinweisen, dass der Computer manipuliert wird.
Record Number: 297
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20070310105520.712400-000
Event Type: Überwachung erfolgreich
User:
Computer Name: D95R2T2J
Event Code: 1100
Message: Der Ereignisprotokollierungsdienst wurde heruntergefahren.
Record Number: 296
Source Name: Microsoft-Windows-Eventlog
Time Written: 20070310105520.790400-000
Event Type: Überwachung erfolgreich
User:
Computer Name: D95R2T2J
Event Code: 4647
Message: Benutzerinitiierte Abmeldung:
Antragsteller:
Sicherheits-ID: S-1-5-21-2754731202-3281619189-719602998-500
Kontoname: Administrator
Kontodomäne: D95R2T2J
Anmelde-ID: 0x50a95
Dieses Ereignis wird generiert, wenn eine Abmeldung initiiert wird, aber die Anzahl der Tokenreferenzen nicht Null ist und die Anmeldesitzung nicht zerstört werden kann. Es kann keiner Benutzerinitiierte Aktion erfolgen. Dieses Ereignis kann als Abmeldeereignis interpretiert werden.
Record Number: 295
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20070310105506.282891-000
Event Type: Überwachung erfolgreich
User:
Computer Name: D95R2T2J
Event Code: 1102
Message: Das Überwachungsprotokoll wurde gelöscht.
Subjekt:
Sicherheits- ID: S-1-5-21-2754731202-3281619189-719602998-500
Kontoname: Administrator
Domänenname: D95R2T2J
Logon-ID: 0x50a95
Record Number: 294
Source Name: Microsoft-Windows-Eventlog
Time Written: 20070310105439.872091-000
Event Type: Überwachung erfolgreich
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\;C:\Program Files\Common Files\DivX Shared\;C:\Program Files\QuickTime\QTSystem\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 6, GenuineIntel
"PROCESSOR_REVISION"=0f06
"NUMBER_OF_PROCESSORS"=2
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"tvdumpflags"=8
-----------------EOF-----------------
Code:
ATTFilter Logfile of random's system information tool 1.06 (written by random/random) Run by ***at 2009-12-13 23:15:56 Microsoft® Windows Vista™ Home Premium Service Pack 2 System drive C: has 28 GB (28%) free of 102 GB Total RAM: 3326 MB (43% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 23:16:22, on 13.12.2009 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v7.00 (7.00.6002.18005) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\rundll32.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Windows\ehome\ehtray.exe C:\Program Files\I8kfanGUI\I8kfanGUI.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\DAEMON Tools Lite\daemon.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files\Trillian\trillian.exe C:\Users\***\AppData\Local\Google\Update\1.2.183.13\GoogleCrashHandler.exe C:\Program Files\Xfire\Xfire.exe C:\Windows\system32\conime.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Users\***\Desktop\Aklog\aklog.exe C:\Users\***\Desktop\RSIT.exe C:\Users\***\Desktop\***.exe C:\Windows\system32\SearchFilterHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.de/ig/dell?hl=de&client=dell-row&channel=de&ibd=2070310 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/ig/dell?hl=de&client=dell-row&channel=de&ibd=2070310 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.de/ig/dell?hl=de&client=dell-row&channel=de&ibd=2070310 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer bereitgestellt von Dell R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=c:\windows\system32\userinit.exe O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NVHotkey] rundll32.exe C:\Windows\system32\nvHotkey.dll,Start O4 - HKLM\..\Run: [Livestream Procaster] "C:\Program Files\Livestream Procaster\Procaster.exe" -autorun O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [@OnlineArmor GUI] "C:\Program Files\Tall Emu\Online Armor\oaui.exe" O4 - HKLM\..\Run: [a-squared] "C:\Program Files\a-squared Anti-Malware\a2guard.exe" O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [i8kfangui] C:\Program Files\I8kfanGUI\I8kfanGUI.exe /startup O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [Google Update] "C:\Users\***\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST') O4 - Startup: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Startup: Trillian.lnk = C:\Program Files\Trillian\trillian.exe O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe O4 - Global Startup: Adobe Reader - Schnellstart.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O13 - Gopher Prefix: O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: Online Armor Helper Service (OAcat) - Tall Emu - C:\Program Files\Tall Emu\Online Armor\OAcat.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: stllssvr - Unknown owner - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe (file missing) O23 - Service: Online Armor (SvcOnlineArmor) - Tall Emu - C:\Program Files\Tall Emu\Online Armor\oasrv.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 8739 bytes ======Scheduled tasks folder====== C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2754731202-3281619189-719602998-1000Core.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2754731202-3281619189-719602998-1000UA.job C:\Windows\tasks\Norton Security Scan for ***.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-01-12 63128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live Anmelde-Hilfsprogramm - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {CCC7A320-B3CA-4199-B1A6-9F516DD69829} [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-11-20 815104] "ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2006-10-03 81920] "SigmatelSysTrayApp"=C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe [2007-09-13 405504] "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184] "NPSStartup"= [] "NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-01-30 13605408] "NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2009-01-30 92704] "NVHotkey"=C:\Windows\system32\nvHotkey.dll [2009-01-30 96800] "Livestream Procaster"=C:\Program Files\Livestream Procaster\Procaster.exe [2009-10-12 6415648] "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280] "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-11-10 417792] "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153] "@OnlineArmor GUI"=C:\Program Files\Tall Emu\Online Armor\oaui.exe [2009-12-05 6622920] "a-squared"=C:\Program Files\a-squared Anti-Malware\a2guard.exe [2009-11-05 3279192] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2009-12-03 429392] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Steam"=c:\program files\steam\steam.exe [2009-10-24 1217808] "ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952] "i8kfangui"=C:\Program Files\I8kfanGUI\I8kfanGUI.exe [2007-02-16 856064] "PlayNC Launcher"= [] "DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2009-04-23 691656] "Skype"=C:\Program Files\Skype\Phone\Skype.exe [2009-10-09 25623336] "SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480] "Google Update"=C:\Users\***\AppData\Local\Google\Update\GoogleUpdate.exe [2009-12-09 135664] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel Photo Downloader] C:\Program Files\Corel\Corel Snapfire Plus\PhotoDownloader.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update] C:\Users\***\AppData\Local\Google\Update\GoogleUpdate.exe [2009-12-09 135664] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ] C:\Program Files\ICQ6.5\ICQ.exe silent [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMService] C:\Program Files\Dell\MediaDirect\PCMService.exe [2006-10-13 184320] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] C:\Program Files\Skype\Phone\Skype.exe [2009-10-09 25623336] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uniblue RegistryBooster 2009] c:\program files\uniblue\registrybooster\StartRegistryBooster.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BTTray.lnk] C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe [2006-11-03 703280] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Digital Line Detect.lnk] C:\PROGRA~1\DIGITA~1\DLG.exe [2006-11-03 50688] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup Adobe Reader - Schnellstart.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE Trillian.lnk - C:\Program Files\Trillian\trillian.exe Xfire.lnk - C:\Program Files\Xfire\Xfire.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{4F07DA45-8170-4859-9B5F-037EF2970034}"=C:\PROGRA~1\TALLEM~1\ONLINE~1\oaevent.dll [2009-12-05 923336] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "EnableLUA"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "BindDirectlyToPropertySetStorage"= "EnableShellExecuteHooks"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bd4fbe28-59c3-11de-aaac-d5d5b33bf892}] shell\AutoRun\command - F:\LaunchU3.exe -a ======List of files/folders created in the last 1 months====== 2009-12-13 23:15:56 ----D---- C:\rsit 2009-12-13 22:15:12 ----D---- C:\Users\***\AppData\Roaming\Malwarebytes 2009-12-13 22:15:06 ----D---- C:\ProgramData\Malwarebytes 2009-12-13 22:15:05 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2009-12-13 22:11:56 ----D---- C:\Program Files\CCleaner 2009-12-13 17:08:01 ----D---- C:\Program Files\a-squared Anti-Malware 2009-12-13 16:42:11 ----D---- C:\Windows\Internet Logs 2009-12-13 16:07:43 ----D---- C:\Users\***\AppData\Roaming\OnlineArmor 2009-12-13 16:07:43 ----D---- C:\ProgramData\OnlineArmor 2009-12-13 16:04:47 ----D---- C:\Program Files\Tall Emu 2009-12-13 16:00:49 ----D---- C:\ProgramData\Application Data 2009-12-13 15:54:32 ----D---- C:\Program Files\Common Files\Symantec Shared 2009-12-13 15:48:08 ----D---- C:\ProgramData\Symantec 2009-12-13 15:48:08 ----D---- C:\ProgramData\Norton 2009-12-13 15:48:08 ----D---- C:\Program Files\Norton Security Scan 2009-12-13 15:48:04 ----D---- C:\ProgramData\NortonInstaller 2009-12-13 15:48:04 ----D---- C:\Program Files\NortonInstaller 2009-12-13 14:17:45 ----D---- C:\Program Files\KeyScrambler 2009-12-13 13:46:47 ----D---- C:\Users\***\AppData\Roaming\CheckPoint 2009-12-13 13:46:34 ----D---- C:\Program Files\CheckPoint 2009-12-13 13:44:18 ----D---- C:\ProgramData\CheckPoint 2009-12-13 13:29:33 ----D---- C:\Users\***\AppData\Roaming\Avira 2009-12-13 13:19:06 ----D---- C:\ProgramData\Avira 2009-12-13 13:19:06 ----D---- C:\Program Files\Avira 2009-12-13 12:48:35 ----D---- C:\Users\***\AppData\Roaming\QuickScan 2009-12-13 12:30:53 ----D---- C:\ProgramData\SecTaskMan 2009-12-13 12:30:48 ----D---- C:\Program Files\Security Task Manager 2009-12-10 23:51:08 ----D---- C:\cygwin 2009-12-10 23:13:25 ----D---- C:\Program Files\QuickTime 2009-12-10 23:05:17 ----D---- C:\ProgramData\Apple Computer 2009-12-10 23:05:17 ----D---- C:\Program Files\Safari 2009-12-10 23:03:21 ----D---- C:\ProgramData\Apple 2009-12-10 23:03:21 ----D---- C:\Program Files\Common Files\Apple 2009-12-09 15:37:15 ----A---- C:\Windows\system32\nshhttp.dll 2009-12-09 15:37:14 ----A---- C:\Windows\system32\httpapi.dll 2009-12-09 15:22:48 ----A---- C:\Windows\system32\wininet.dll 2009-12-09 15:22:47 ----A---- C:\Windows\system32\urlmon.dll 2009-12-09 15:22:47 ----A---- C:\Windows\system32\mshtml.dll 2009-12-09 15:22:46 ----A---- C:\Windows\system32\ieframe.dll 2009-12-09 15:22:44 ----A---- C:\Windows\system32\ieui.dll 2009-12-09 15:22:43 ----A---- C:\Windows\system32\ieencode.dll 2009-12-09 15:22:42 ----A---- C:\Windows\system32\ieapfltr.dll 2009-12-09 15:22:39 ----A---- C:\Windows\system32\winhttp.dll 2009-12-09 15:20:55 ----A---- C:\Windows\system32\rastls.dll 2009-12-08 14:18:06 ----D---- C:\Program Files\AVG 2009-11-30 20:33:46 ----A---- C:\Windows\system32\xfcodec.dll 2009-11-29 19:24:35 ----D---- C:\Program Files\Haali 2009-11-28 01:34:29 ----A---- C:\tracert.txt 2009-11-28 00:27:42 ----D---- C:\Users\***\AppData\Roaming\Trillian 2009-11-28 00:27:10 ----D---- C:\Program Files\Trillian 2009-11-27 17:16:16 ----D---- C:\Users\***\AppData\Roaming\Safer Networking 2009-11-27 17:12:40 ----D---- C:\Program Files\Safer Networking 2009-11-27 17:11:24 ----D---- C:\Program Files\Trend Micro 2009-11-27 00:33:16 ----A---- C:\Windows\system32\msxml6.dll 2009-11-27 00:33:15 ----A---- C:\Windows\system32\msxml3.dll 2009-11-27 00:29:40 ----A---- C:\Windows\system32\tzres.dll 2009-11-27 00:29:12 ----D---- C:\Program Files\MSXML 4.0 2009-11-23 16:36:45 ----A---- C:\Windows\system32\devil.dll 2009-11-23 16:36:45 ----A---- C:\Windows\system32\avisynth.dll 2009-11-23 16:36:44 ----A---- C:\Windows\system32\yv12vfw.dll 2009-11-23 16:36:44 ----A---- C:\Windows\system32\i420vfw.dll 2009-11-23 16:36:44 ----A---- C:\Windows\system32\AVSredirect.dll 2009-11-23 16:36:43 ----D---- C:\Program Files\AviSynth 2.5 2009-11-22 14:01:44 ----A---- C:\Windows\system32\XAudio2_5.dll 2009-11-22 14:01:44 ----A---- C:\Windows\system32\xactengine3_5.dll 2009-11-22 14:01:44 ----A---- C:\Windows\system32\D3DCompiler_42.dll 2009-11-22 14:01:43 ----A---- C:\Windows\system32\D3DX9_42.dll 2009-11-22 14:01:43 ----A---- C:\Windows\system32\d3dx11_42.dll 2009-11-22 14:01:43 ----A---- C:\Windows\system32\d3dx10_42.dll 2009-11-22 14:01:43 ----A---- C:\Windows\system32\d3dcsx_42.dll 2009-11-22 14:01:41 ----A---- C:\Windows\system32\XAPOFX1_3.dll 2009-11-22 14:01:37 ----A---- C:\Windows\system32\XAudio2_2.dll 2009-11-22 14:01:37 ----A---- C:\Windows\system32\XAPOFX1_1.dll 2009-11-22 14:01:37 ----A---- C:\Windows\system32\xactengine3_2.dll 2009-11-21 19:26:44 ----D---- C:\Users\***\AppData\Roaming\dvdcss 2009-11-21 19:23:07 ----D---- C:\Program Files\Alcohol Soft 2009-11-21 18:46:40 ----D---- C:\Users\***\AppData\Roaming\Any Video Converter 2009-11-20 21:23:59 ----D---- C:\Program Files\JDownloader 2009-11-20 14:38:50 ----A---- C:\Windows\system32\javaws.exe 2009-11-20 14:38:50 ----A---- C:\Windows\system32\javaw.exe 2009-11-20 14:38:50 ----A---- C:\Windows\system32\java.exe 2009-11-17 19:59:22 ----D---- C:\Program Files\World of Warcraft ======List of files/folders modified in the last 1 months====== 2009-12-13 23:16:05 ----D---- C:\Windows\Temp 2009-12-13 23:14:59 ----D---- C:\Users\***\AppData\Roaming\Skype 2009-12-13 22:56:58 ----D---- C:\Users\***\AppData\Roaming\Xfire 2009-12-13 22:40:24 ----D---- C:\Windows\MRLH 2009-12-13 22:26:23 ----D---- C:\Windows 2009-12-13 22:25:26 ----SHD---- C:\System Volume Information 2009-12-13 22:15:08 ----D---- C:\Windows\system32\drivers 2009-12-13 22:15:06 ----D---- C:\ProgramData 2009-12-13 22:15:05 ----D---- C:\Program Files 2009-12-13 22:14:07 ----D---- C:\Program Files\Mozilla Firefox 2009-12-13 22:13:59 ----D---- C:\ProgramData\Spybot - Search & Destroy 2009-12-13 22:13:28 ----D---- C:\Windows\Debug 2009-12-13 19:41:34 ----D---- C:\Program Files\Steam 2009-12-13 19:35:57 ----D---- C:\Windows\Logs 2009-12-13 16:40:20 ----D---- C:\Windows\System32 2009-12-13 16:06:57 ----D---- C:\Windows\inf 2009-12-13 16:05:35 ----D---- C:\Windows\system32\catroot2 2009-12-13 16:01:00 ----D---- C:\Windows\system32\catroot 2009-12-13 16:00:56 ----D---- C:\Users\***\AppData\Roaming\skypePM 2009-12-13 15:54:32 ----D---- C:\Program Files\Common Files 2009-12-13 15:48:11 ----D---- C:\Windows\Tasks 2009-12-13 15:48:11 ----D---- C:\Windows\system32\Tasks 2009-12-13 13:18:12 ----SHD---- C:\Windows\Installer 2009-12-13 12:35:45 ----D---- C:\Program Files\BAE 2009-12-12 16:32:24 ----DC---- C:\Windows\system32\DRVSTORE 2009-12-12 16:29:02 ----HD---- C:\Program Files\InstallShield Installation Information 2009-12-10 23:54:02 ----D---- C:\Users\***\AppData\Roaming\uTorrent 2009-12-10 23:15:31 ----D---- C:\Program Files\Bonjour 2009-12-10 23:07:57 ----D---- C:\Users\***\AppData\Roaming\Apple Computer 2009-12-10 14:29:07 ----D---- C:\ProgramData\Xfire 2009-12-09 16:13:16 ----D---- C:\Windows\rescache 2009-12-09 16:08:19 ----D---- C:\Windows\winsxs 2009-12-09 15:55:04 ----D---- C:\Windows\system32\de-DE 2009-12-09 15:55:04 ----D---- C:\Program Files\Windows Mail 2009-12-09 15:40:32 ----D---- C:\ProgramData\Microsoft Help 2009-12-09 15:37:04 ----RSD---- C:\Windows\assembly 2009-12-07 03:32:34 ----D---- C:\Users\***\AppData\Roaming\vlc 2009-12-02 17:14:39 ----D---- C:\Users\***\AppData\Roaming\teamspeak2 2009-12-02 14:57:18 ----D---- C:\Program Files\Xfire 2009-12-01 21:06:19 ----A---- C:\Windows\system32\mrt.exe 2009-11-27 23:33:24 ----D---- C:\Program Files\Spybot - Search & Destroy 2009-11-23 16:36:41 ----RSD---- C:\Windows\Fonts 2009-11-22 11:28:45 ----D---- C:\Users\***\AppData\Roaming\DivX 2009-11-21 19:27:30 ----A---- C:\Windows\system32\PerfStringBackup.INI 2009-11-20 14:38:49 ----D---- C:\Program Files\Java 2009-11-18 00:15:17 ----SD---- C:\Users\***\AppData\Roaming\Microsoft 2009-11-16 00:10:12 ----A---- C:\Users\***\AppData\Roaming\MPQEditor.ini 2009-11-15 14:31:45 ----D---- C:\Windows\AppPatch ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608] R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2009-03-30 96104] R1 fanio;FanIO driver; \??\C:\Windows\system32\drivers\fanio.sys [2007-02-16 14464] R1 OADevice;OADriver; \??\C:\Windows\system32\drivers\OADriver.sys [2009-12-05 223312] R1 OAmon;OAmon; \??\C:\Windows\system32\drivers\OAmon.sys [2009-12-05 24656] R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520] R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2009-07-30 281760] R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2009-12-13 56816] R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2009-07-30 25888] R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-11-12 12672] R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2006-11-20 32256] R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2006-11-20 43520] R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2006-11-20 37376] R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2006-11-12 8192] R3 b57nd60x;%SvcDispName%; C:\Windows\system32\DRIVERS\b57nd60x.sys [2008-01-19 179712] R3 CmBatt;Treiber für Microsoft-ACPI-Kontrollmethodenkompatible Batterie; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-19 14208] R3 KeyScrambler;KeyScrambler; C:\Windows\System32\drivers\keyscrambler.sys [2008-03-22 113896] R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\mbamswissarmy.sys [2009-12-03 38224] R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw5v32.sys [2009-05-29 4233728] R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-01-30 7544832] R3 OAnet;OnlineArmor Service; C:\Windows\system32\DRIVERS\oanet.sys [2009-12-05 30800] R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088] R3 STHDA;SigmaTel High Definition Audio CODEC; C:\Windows\system32\drivers\stwrt.sys [2007-09-13 330240] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2006-11-20 179256] R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-19 11264] S3 a0zmv1re;a0zmv1re; C:\Windows\system32\drivers\a0zmv1re.sys [] S3 BthEnum;Bluetooth-Auflistungsdienst; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528] S3 BthPan;Bluetooth-Gerät (PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-19 92160] S3 BTHPORT;Bluetooth-Porttreiber; C:\Windows\System32\Drivers\BTHport.sys [2009-04-11 507904] S3 BTHUSB;USB-Treiber für Bluetooth-Funkgerät; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-11 29696] S3 btwaudio;Bluetooth-Audiogerät; C:\Windows\system32\drivers\btwaudio.sys [2006-11-07 78128] S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2006-11-07 80176] S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2006-11-07 16560] S3 drmkaud;Microsoft Kernel-DRM-Audioentschlüsselung; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632] S3 e1express;Intel(R) PRO/1000 PCI Express-Netzwerkverbindungstreiber; C:\Windows\system32\DRIVERS\e1e6032.sys [2006-11-02 200704] S3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2009-09-21 36608] S3 guardian2;guardian2; C:\Windows\System32\Drivers\oz776.sys [2007-01-29 61312] S3 HdAudAddService;Microsoft 1.1 UAA-Funktionstreiber für High Definition Audio-Dienst; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544] S3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2006-11-12 986624] S3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2006-11-12 206848] S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192] S3 MSPCLOCK;Microsoft Proxy für Streaming Clock; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888] S3 MSPQM;Microsoft Proxy für Streaming Quality Manager; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016] S3 NETw3v32;Intel(R) PRO/Wireless 3945ABG Adaptertreiber für Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-10-30 1786880] S3 NETw4v32;Intel(R) Wireless WiFi Link Adaptertreiber für Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-09-26 2251776] S3 NSNDIS5;NSNDIS5 NDIS Protocol Driver; \??\C:\Windows\system32\NSNDIS5.SYS [] S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632] S3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2006-11-02 2028032] S3 RFCOMM;Bluetooth-Gerät (RFCOMM-Protokoll-TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992] S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2005-08-17 58352] S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys [2007-07-03 11944] S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys [2007-07-03 106792] S3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2006-11-12 659968] S3 WSDPrintDevice;WSD-Druckunterstützung durch UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2008-01-19 16896] S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 a2AntiMalware;a-squared Anti-Malware Service; C:\Program Files\a-squared Anti-Malware\a2service.exe [2009-10-01 1858144] R2 AntiVirMailService;Avira AntiVir MailGuard; C:\Program Files\Avira\AntiVir Desktop\avmailc.exe [2009-05-11 194817] R2 AntiVirSchedulerService;Avira AntiVir Planer; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289] R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089] R2 AntiVirWebService;Avira AntiVir WebGuard; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [2009-05-12 434945] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672] R2 Bonjour Service;Bonjour-Dienst; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-01-30 203296] R2 OAcat;Online Armor Helper Service; C:\Program Files\Tall Emu\Online Armor\OAcat.exe [2009-12-05 1282248] R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368] R2 STacSV;SigmaTel Audio Service; C:\Windows\system32\STacSV.exe [2007-09-13 102400] R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2006-11-12 386560] S2 SvcOnlineArmor;Online Armor; C:\Program Files\Tall Emu\Online Armor\oasrv.exe [2009-12-05 3291336] S3 BthServ;Bluetooth-Unterstützungsdienst; C:\Windows\system32\svchost.exe [2008-01-19 21504] S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592] S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2009-11-01 320760] S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [] -----------------EOF----------------- Ich wäre euch verdammt dankbar, falls ihr mir irgendwie helfen könnt  |
| Themen zu Keylogger, WoW - Account gehackt :X |
| 32 bit, antivir, antivir guard, avgntflt.sys, bho, browser, desktop, diagnostics, email, excel, firefox, flash player, fontcache, google, hdaudio.sys, home, home premium, install.exe, installation, logfile, malwarebytes' anti-malware, media center, msiexec, msiexec.exe, nvlddmkm.sys, office 2007, plug-in, programdata, programm, proxy, registrierungsschlüssel, registry, safer networking, scan, security, security scan, senden, server, software, start menu, symantec, system, usb, vista 32, vista 32 bit, windows, windows-defender, windows-sicherheitscenterdienst |
Baum-Darstellung