| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Trojanerfund, nun Antivierenprogramme blockiertWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
23.12.2009, 15:11
| #1 |
| |  Trojanerfund, nun Antivierenprogramme blockiert Hallo, Vor ein paar Tagen fand Antivir ein Trojaner, den ich dann mit klick auf den Löschenbutton gelöscht hab, die Meldung kam gleich darauf aber wieder, so ging das eine Weile bis dann Ruhe war. Am nächsten Tag hab ich Spybot drüberlaufen lassen, der hatt nochmal was Trojanermäßiges gefunden, was ich mit "beheben" auch behoben hab. Antivir hat im nächsten Durchlauf nix mehr gefunden. Heute wollte ich nochmal einen Systemcheck machen, aber weder Antivir noch Spybot reagieren, wenn ich sie öffnen will. Nach der Anleitung hier hab ich CCleaner drüberlaufen lassen. Malwarebytes-Anti-Malware lässt sich nichtmal installieren, die Setup datei krieg ich nicht auf. RSIT - Randoms System Information Tool liefert folgendes: LOG: Code:
ATTFilter Logfile of random's system information tool 1.06 (written by random/random) Run by Administrator at 2009-12-23 15:25:58 Microsoft Windows XP Professional Service Pack 2 System drive C: has 16 GB (11%) free of 142 GB Total RAM: 1014 MB (52% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 15:26:01, on 23.12.2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\svchost.exe C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Programme\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe C:\Programme\Bonjour\mDNSResponder.exe C:\Programme\Gemeinsame Dateien\Portrait Displays\Shared\DTSRVC.exe C:\WINDOWS\system32\FsUsbExService.Exe C:\Programme\Gemeinsame Dateien\InterVideo\RegMgr\iviRegMgr.exe C:\Programme\PDF Complete\pdfsvc.exe C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe c:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\WINDOWS\system32\svchost.exe C:\Programme\Canon\CAL\CALMAIN.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Programme\PDF Complete\pdfsty.exe C:\WINDOWS\SMINST\Scheduler.exe C:\Programme\Portrait Displays\Pivot Software\wpctrl.exe C:\Programme\Portrait Displays\HP My Display\DTHtml.exe C:\Programme\HP\HP Software Update\HPWuSchd2.exe C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe C:\Programme\avmwlanstick\FRITZWLANMini.exe C:\WINDOWS\system32\ctfmon.exe C:\Programme\Portrait Displays\Pivot Software\floater.exe C:\Programme\Windows Live\Messenger\MsnMsgr.Exe C:\Programme\Gemeinsame Dateien\Portrait Displays\Shared\HookManager.exe C:\Programme\Picasa2\PicasaMediaDetector.exe C:\Programme\Samsung\Samsung New PC Studio\NPSAgent.exe C:\Programme\Siemens\Gigaset USB Adapter 108\Gcc.exe C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe C:\Programme\OpenOffice.org 2.4\program\soffice.exe C:\Programme\OpenOffice.org 2.4\program\soffice.BIN C:\Programme\Siemens\Gigaset USB Adapter 108\OdHost.exe C:\Programme\HP\Digital Imaging\bin\hpqgalry.exe C:\WINDOWS\system32\wuauclt.exe C:\Programme\Mozilla Firefox\firefox.exe C:\Dokumente und Einstellungen\Administrator\Desktop\RSIT.exe C:\Programme\trend micro\Administrator.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=DE_DE&c=74&bd=smb&pf=desktop R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=DE_DE&c=74&bd=smb&pf=desktop R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=DE_DE&c=74&bd=smb&pf=desktop R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=DE_DE&c=74&bd=smb&pf=desktop R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=DE_DE&c=74&bd=smb&pf=desktop R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_04\bin\ssv.dll O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Programme\AOL\AOL Toolbar 5.0\aoltb.dll O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programme\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Programme\AOL\AOL Toolbar 5.0\aoltb.dll O3 - Toolbar: TerraTec Home Cinema - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\PROGRA~1\TerraTec\TERRAT~1\THCDES~1.DLL O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [PDF Complete] "C:\Programme\PDF Complete\pdfsty.exe" O4 - HKLM\..\Run: [SetRefresh] C:\Programme\Compaq\SetRefresh\SetRefresh.exe O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\Sminst\Recguard.exe O4 - HKLM\..\Run: [Reminder] C:\WINDOWS\Creator\Remind_XP.exe O4 - HKLM\..\Run: [Scheduler] C:\WINDOWS\SMINST\Scheduler.exe O4 - HKLM\..\Run: [PivotSoftware] "C:\Programme\Portrait Displays\Pivot Software\wpctrl.exe" O4 - HKLM\..\Run: [DT HPW] C:\Programme\Portrait Displays\HP My Display\DTHtml.exe -startup_folder O4 - HKLM\..\Run: [avgnt] "C:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [HP Software Update] "C:\Programme\HP\HP Software Update\HPWuSchd2.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [AVMWlanClient] C:\Programme\avmwlanstick\FRITZWLANMini.exe O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Programme\Gemeinsame Dateien\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Programme\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [Picasa Media Detector] C:\Programme\Picasa2\PicasaMediaDetector.exe O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Programme\Samsung\Samsung New PC Studio\NPSAgent.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: OpenOffice.org 2.4.lnk = C:\Programme\OpenOffice.org 2.4\program\quickstart.exe O4 - Global Startup: Gigaset WLAN Adapter Monitor.lnk = C:\Programme\Siemens\Gigaset USB Adapter 108\Gcc.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: HP Image Zone Schnellstart.lnk = C:\Programme\HP\Digital Imaging\bin\hpqthb08.exe O8 - Extra context menu item: &AOL Toolbar-Suche - c:\programme\aol\aol toolbar 5.0\resources\de-de\local\search.html O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_04\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_04\bin\ssv.dll O9 - Extra button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Programme\AOL\AOL Toolbar 5.0\aoltb.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL O23 - Service: Avira AntiVir Personal – Free Antivirus Planer (AntiVirScheduler) - Avira GmbH - C:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. - C:\Programme\Bonjour\mDNSResponder.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Programme\Canon\CAL\CALMAIN.exe O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Unknown owner - C:\Programme\Gemeinsame Dateien\Portrait Displays\Shared\DTSRVC.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iPod Service - Apple Inc. - C:\Programme\iPod\bin\iPodService.exe O23 - Service: IviRegMgr - InterVideo - C:\Programme\Gemeinsame Dateien\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: PC Angel (PCA) - SoftThinks - C:\WINDOWS\SMINST\PCAngel.exe O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Programme\PDF Complete\pdfsvc.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: ServiceLayer - Nokia. - C:\Programme\PC Connectivity Solution\ServiceLayer.exe -- End of file - 11023 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\AppleSoftwareUpdate.job C:\WINDOWS\tasks\Google Software Updater.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}] RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2008-10-12 308832] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\Programme\Spybot - Search & Destroy\SDHelper.dll [2008-09-15 1562960] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}] Search Helper - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] SSVHelper Class - C:\Programme\Java\jre1.6.0_04\bin\ssv.dll [2007-12-14 509328] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C554162-8CB7-45A4-B8F4-8EA1C75885F9}] AOL Toolbar Launcher - C:\Programme\AOL\AOL Toolbar 5.0\aoltb.dll [2007-07-30 1086816] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live Anmelde-Hilfsprogramm - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}] Windows Live Toolbar Helper - C:\Programme\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {DE9C389F-3316-41A7-809B-AA305ED9D922} - AOL Toolbar - C:\Programme\AOL\AOL Toolbar 5.0\aoltb.dll [2007-07-30 1086816] {AD6E6555-FB2C-47D4-8339-3E2965509877} - TerraTec Home Cinema - C:\PROGRA~1\TerraTec\TERRAT~1\THCDES~1.DLL [2009-05-26 526336] {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Programme\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2006-09-25 98304] "HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2006-09-25 114688] "Persistence"=C:\WINDOWS\system32\igfxpers.exe [2006-09-25 94208] "PDF Complete"=C:\Programme\PDF Complete\pdfsty.exe [2007-08-07 331288] "SetRefresh"=C:\Programme\Compaq\SetRefresh\SetRefresh.exe [2003-11-20 525824] "Recguard"=C:\WINDOWS\Sminst\Recguard.exe [2006-05-12 1138688] "Reminder"=C:\WINDOWS\Creator\Remind_XP.exe [2006-03-31 761856] "Scheduler"=C:\WINDOWS\SMINST\Scheduler.exe [2006-07-10 872448] "PivotSoftware"=C:\Programme\Portrait Displays\Pivot Software\wpctrl.exe [2007-02-09 694008] "DT HPW"=C:\Programme\Portrait Displays\HP My Display\DTHtml.exe [2007-04-25 280064] "avgnt"=C:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-07-18 266497] "HP Software Update"=C:\Programme\HP\HP Software Update\HPWuSchd2.exe [2004-09-13 49152] "TkBellExe"=C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe [2008-10-12 185872] "AVMWlanClient"=C:\Programme\avmwlanstick\FRITZWLANMini.exe [2006-06-23 343552] "NPSStartup"= [] "AdobeCS4ServiceManager"=C:\Programme\Gemeinsame Dateien\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360] "MsnMsgr"=C:\Programme\Windows Live\Messenger\MsnMsgr.Exe [2009-07-26 3883840] "SpybotSD TeaTimer"=C:\Programme\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480] "Picasa Media Detector"=C:\Programme\Picasa2\PicasaMediaDetector.exe [2008-08-21 443968] "AutoStartNPSAgent"=C:\Programme\Samsung\Samsung New PC Studio\NPSAgent.exe [2009-04-16 102400] "AdobeBridge"= [] C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart Gigaset WLAN Adapter Monitor.lnk - C:\Programme\Siemens\Gigaset USB Adapter 108\Gcc.exe HP Digital Imaging Monitor.lnk - C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe HP Image Zone Schnellstart.lnk - C:\Programme\HP\Digital Imaging\bin\hpqthb08.exe C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Autostart OpenOffice.org 2.4.lnk - C:\Programme\OpenOffice.org 2.4\program\quickstart.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\WINDOWS\system32\igfxdev.dll [2006-09-25 155648] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\WINDOWS\SMINST\Scheduler.exe"="C:\WINDOWS\SMINST\Scheduler.exe:*:Enabled:Scheduler " "C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook" "C:\Programme\Messenger\msmsgs.exe"="C:\Programme\Messenger\msmsgs.exe:*:Enabled:Windows Messenger" "C:\Programme\mIRC\mirc.exe"="C:\Programme\mIRC\mirc.exe:*:Enabled:mIRC" "C:\Programme\Bonjour\mDNSResponder.exe"="C:\Programme\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour" "C:\Programme\iTunes\iTunes.exe"="C:\Programme\iTunes\iTunes.exe:*:Enabled:iTunes" "C:\Programme\Mozilla Firefox\firefox.exe"="C:\Programme\Mozilla Firefox\firefox.exe:*:Enabled:Firefox" "C:\Program Files\Real\RealPlayer\realplay.exe"="C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer" "C:\Programme\Samsung\Samsung New PC Studio\npsasvr.exe"="C:\Programme\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server" "C:\Programme\Samsung\Samsung New PC Studio\npsvsvr.exe"="C:\Programme\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server" "C:\Programme\TerraTec\TerraTec Home Cinema\InstTool.exe"="C:\Programme\TerraTec\TerraTec Home Cinema\InstTool.exe:*:Enabled:TerraTec Home Cinema Basic (Setup)" "C:\Programme\TerraTec\TerraTec Home Cinema\tvtvSetup\tvtv_Wizard.exe"="C:\Programme\TerraTec\TerraTec Home Cinema\tvtvSetup\tvtv_Wizard.exe:*:Enabled:TerraTec Home Cinema Basic (tvtv Setup)" "C:\Programme\TerraTec\TerraTec Home Cinema\CinergyDvr.exe"="C:\Programme\TerraTec\TerraTec Home Cinema\CinergyDvr.exe:*:Enabled:TerraTec Home Cinema Basic" "C:\Programme\TerraTec\TerraTec Home Cinema\VersionCheck\VersionCheck.exe"="C:\Programme\TerraTec\TerraTec Home Cinema\VersionCheck\VersionCheck.exe:*:Enabled:TerraTec Home Cinema Basic (Auto Update)" "C:\Programme\Windows Live\Messenger\wlcsdk.exe"="C:\Programme\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Programme\Windows Live\Messenger\msnmsgr.exe"="C:\Programme\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Programme\Windows Live\Sync\WindowsLiveSync.exe"="C:\Programme\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync" "C:\Programme\Skype\Phone\Skype.exe"="C:\Programme\Skype\Phone\Skype.exe:*:Enabled:Skype" "C:\Programme\Gemeinsame Dateien\Adobe\CS4ServiceManager\CS4ServiceManager.exe"="C:\Programme\Gemeinsame Dateien\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Programme\Windows Live\Messenger\wlcsdk.exe"="C:\Programme\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Programme\Windows Live\Messenger\msnmsgr.exe"="C:\Programme\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Programme\Windows Live\Sync\WindowsLiveSync.exe"="C:\Programme\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2b9bec9c-7770-11de-b1ae-0001e3cab535}] shell\AutoRun\command - F:\pushinst.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{76e50dbb-2136-11dd-ae30-806d6172696f}] shell\AutoRun\command - D:\setupSNK.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{77a4f5ff-40fc-11dd-ae72-0001e3cab535}] shell\AutoRun\command - G:\LaunchU3.exe -a ======List of files/folders created in the last 1 months====== 2009-12-23 14:54:24 ----D---- C:\rsit 2009-12-23 14:54:24 ----D---- C:\Programme\trend micro 2009-12-22 10:56:47 ----A---- C:\WINDOWS\system32\krl32mainweq.dll 2009-12-22 10:37:33 ----A---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\sysReserve.ini 2009-12-17 19:04:57 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\FLEXnet 2009-12-17 18:59:52 ----D---- C:\Programme\Adobe Media Player 2009-12-17 18:57:34 ----D---- C:\Programme\Gemeinsame Dateien\Adobe AIR 2009-12-17 18:53:12 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Adobe 2009-12-17 18:52:50 ----D---- C:\Programme\Adobe 2009-12-17 18:51:28 ----D---- C:\Programme\Gemeinsame Dateien\Macrovision Shared 2009-12-17 16:58:26 ----D---- C:\Programme\Gemeinsame Dateien\Akamai 2009-12-09 13:41:41 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$ 2009-12-09 13:41:32 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$ 2009-12-09 13:40:54 ----HDC---- C:\WINDOWS\$NtUninstallKB976325$ 2009-12-09 13:40:43 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$ 2009-12-09 13:40:14 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$ 2009-12-09 13:40:03 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$ 2009-11-26 18:48:37 ----HDC---- C:\WINDOWS\$NtUninstallKB976098-v2$ 2009-11-26 18:48:28 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$ ======List of files/folders modified in the last 1 months====== 2009-12-23 14:55:03 ----D---- C:\Programme\Mozilla Firefox 2009-12-23 14:54:24 ----D---- C:\Programme 2009-12-23 14:48:35 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy 2009-12-23 14:48:34 ----D---- C:\WINDOWS\Temp 2009-12-23 14:48:34 ----D---- C:\WINDOWS\Debug 2009-12-23 14:48:34 ----D---- C:\WINDOWS 2009-12-23 14:44:31 ----D---- C:\WINDOWS\system32 2009-12-23 14:42:44 ----D---- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\OpenOffice.org2 2009-12-23 14:42:00 ----D---- C:\WINDOWS\SMINST 2009-12-23 14:41:48 ----SD---- C:\WINDOWS\Tasks 2009-12-23 14:31:04 ----N---- C:\WINDOWS\SchedLgU.Txt 2009-12-23 11:40:24 ----D---- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Adobe 2009-12-23 11:05:19 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Google Updater 2009-12-22 11:29:17 ----A---- C:\WINDOWS\wininit.ini 2009-12-22 11:14:13 ----SHD---- C:\WINDOWS\Installer 2009-12-22 11:14:13 ----HD---- C:\Config.Msi 2009-12-22 11:14:12 ----SD---- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft 2009-12-22 10:40:44 ----D---- C:\WINDOWS\system32\drivers 2009-12-17 20:15:00 ----D---- C:\WINDOWS\system32\CatRoot2 2009-12-17 19:00:59 ----D---- C:\Programme\Gemeinsame Dateien\Adobe 2009-12-17 18:59:21 ----RSD---- C:\WINDOWS\Fonts 2009-12-17 18:57:34 ----D---- C:\Programme\Gemeinsame Dateien 2009-12-17 17:08:39 ----D---- C:\WINDOWS\Prefetch 2009-12-15 17:40:53 ----D---- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\gtk-2.0 2009-12-14 16:33:11 ----HD---- C:\WINDOWS\inf 2009-12-09 14:16:41 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2009-12-09 13:41:43 ----RSHD---- C:\WINDOWS\system32\dllcache 2009-12-09 13:41:24 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft Help 2009-12-09 13:41:01 ----D---- C:\Programme\Internet Explorer 2009-12-09 13:40:38 ----HD---- C:\WINDOWS\$hf_mig$ 2009-12-01 21:06:19 ----A---- C:\WINDOWS\system32\MRT.exe 2009-11-28 11:57:18 ----D---- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Skype 2009-11-28 09:39:23 ----D---- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\skypePM 2009-11-26 18:47:44 ----D---- C:\WINDOWS\WinSxS ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 avgio;avgio; \??\C:\Programme\Avira\AntiVir PersonalEdition Classic\avgio.sys [] R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-05-28 75096] R1 intelppm;Intel-Prozessortreiber; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-04 40192] R1 Pivot;Pivot; C:\WINDOWS\System32\drivers\pivot.sys [2007-02-09 17465] R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-11-08 21248] R2 adfs;adfs; C:\WINDOWS\system32\drivers\adfs.sys [2008-08-14 74720] R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752] R3 AR5523;Gigaset USB Adapter 108; C:\WINDOWS\system32\DRIVERS\ar5523.sys [2005-07-27 360256] R3 CBTNDIS5;CBTNDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\CBTNDIS5.SYS [] R3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS [] R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-01-29 16168] R3 HDAudBus;Microsoft UAA-Bustreiber für High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752] R3 HDAudBus;Microsoft UAA-Bustreiber für High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752] R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2006-09-25 1109568] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-01-30 4474368] R3 odysseyIM4;Odyssey Network Agent Miniport; C:\WINDOWS\system32\DRIVERS\odysseyIM4.sys [2004-09-24 173056] R3 PdiPorts;Portrait Displays low level device driver; C:\WINDOWS\System32\Drivers\PdiPorts.sys [2006-11-16 15920] R3 pivotmou;Pivot Mouse/Pointers Filter Driver; \??\C:\WINDOWS\system32\drivers\pivotmou.sys [] R3 usbehci;Miniporttreiber für erweiterten Microsoft USB 2.0-Hostcontroller; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624] R3 usbhub;Microsoft USB-Standardhubtreiber; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600] R3 USBSTOR;USB-Massenspeichertreiber; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496] R3 usbuhci;Miniporttreiber für universellen Microsoft USB-Hostcontroller; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480] S1 kbdhid;Tastatur-HID-Treiber; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-03 14848] S1 P3;Intel PentiumIII-Prozessortreiber; C:\WINDOWS\system32\DRIVERS\p3.sys [2004-08-04 46592] S3 ac97intc;Intel(r) 82801 Audiotreiber-Installationsdienst (WDM); C:\WINDOWS\system32\drivers\ac97intc.sys [2001-08-17 96256] S3 AF9035BDA;Cinergy T-Stick service; C:\WINDOWS\system32\DRIVERS\AF9035BDA.sys [2009-02-18 245720] S3 avgntflt;avgntflt; \??\C:\Programme\Avira\AntiVir PersonalEdition Classic\avgntflt.sys [] S3 CCDECODE;Untertiteldecoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024] S3 E100B;Intel(R) PRO Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2006-10-31 165760] S3 FWLANUSB;AVM FRITZ!WLAN; C:\WINDOWS\system32\DRIVERS\fwlanusb.sys [2006-04-06 264704] S3 HidUsb;Microsoft HID Class-Treiber; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600] S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-07-15 51120] S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-07-15 16496] S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-07-15 21744] S3 i81x;i81x; C:\WINDOWS\system32\DRIVERS\i81xnt5.sys [2004-08-03 161020] S3 iAimFP0;iAimFP0; C:\WINDOWS\system32\DRIVERS\wADV01nt.sys [2004-08-03 12415] S3 iAimFP1;iAimFP1; C:\WINDOWS\system32\DRIVERS\wADV02NT.sys [2004-08-03 12127] S3 iAimFP2;iAimFP2; C:\WINDOWS\system32\DRIVERS\wADV05NT.sys [2004-08-03 11775] S3 iAimFP3;iAimFP3; C:\WINDOWS\system32\DRIVERS\wSiINTxx.sys [2004-08-03 12063] S3 iAimFP4;iAimFP4; C:\WINDOWS\system32\DRIVERS\wVchNTxx.sys [2004-08-03 19455] S3 iAimFP5;iAimFP5; C:\WINDOWS\system32\DRIVERS\wADV07nt.sys [2004-08-03 11807] S3 iAimFP6;iAimFP6; C:\WINDOWS\system32\DRIVERS\wADV08nt.sys [2004-08-03 11295] S3 iAimFP7;iAimFP7; C:\WINDOWS\system32\DRIVERS\wADV09nt.sys [2004-08-03 11871] S3 iAimTV0;iAimTV0; C:\WINDOWS\system32\DRIVERS\wATV01nt.sys [2004-08-03 29311] S3 iAimTV1;iAimTV1; C:\WINDOWS\system32\DRIVERS\wATV02NT.sys [2004-08-03 19551] S3 iAimTV3;iAimTV3; C:\WINDOWS\system32\DRIVERS\wATV04nt.sys [2004-08-03 33599] S3 iAimTV4;iAimTV4; C:\WINDOWS\system32\DRIVERS\wCh7xxNT.sys [2004-08-03 23615] S3 iAimTV5;iAimTV5; C:\WINDOWS\system32\DRIVERS\wATV10nt.sys [2004-08-03 25471] S3 iAimTV6;iAimTV6; C:\WINDOWS\system32\DRIVERS\wATV06nt.sys [2004-08-03 22271] S3 MPE;BDA MPE-Filter; C:\WINDOWS\system32\DRIVERS\MPE.sys [2004-08-03 15360] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504] S3 NABTSFEC;NABTS/FEC VBI-Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376] S3 NdisIP;Microsoft TV-/Videoverbindung; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880] S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632] S3 pdiddcci;DDC/CI monitor; C:\WINDOWS\System32\DRIVERS\pdiddcci.sys [2007-04-24 11776] S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136] S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\sscdbus.sys [2008-02-22 87936] S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys [2008-02-22 14976] S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\WINDOWS\system32\DRIVERS\sscdmdm.sys [2008-02-22 114304] S3 streamip;BDA-IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360] S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2008-07-22 32000] S3 usbccgp;Microsoft Standard-USB-Haupttreiber; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616] S3 usbprint;Microsoft USB-Druckerklasse; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856] S3 usbscan;USB-Scannertreiber; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104] S3 VirtDisk;XSS Virtual Disk Driver; \??\c:\windows\sminst\VirtDisk.sys [] S3 WSTCODEC;World Standard Teletext-Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S4 adpu320;adpu320; C:\WINDOWS\system32\DRIVERS\adpu320.sys [2002-05-08 105472] S4 IntelIde;IntelIde; C:\WINDOWS\system32\DRIVERS\intelide.sys [2004-08-03 5504] S4 Symmpi;Symmpi; C:\WINDOWS\system32\DRIVERS\symmpi.sys [2002-04-04 28416] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 Akamai;Akamai NetSession Interface; C:\WINDOWS\System32\svchost.exe [2004-08-04 14336] R2 Apple Mobile Device;Apple Mobile Device; C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-07-22 116040] R2 BcmSqlStartupSvc;SQL Server-Startdienst für Business Contact Manager; C:\Programme\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [2008-01-16 30312] R2 Bonjour Service;Bonjour-Dienst; C:\Programme\Bonjour\mDNSResponder.exe [2007-07-24 229376] R2 CCALib8;Canon Camera Access Library 8; C:\Programme\Canon\CAL\CALMAIN.exe [2007-01-31 96370] R2 DTSRVC;Portrait Displays Display Tune Service; C:\Programme\Gemeinsame Dateien\Portrait Displays\Shared\DTSRVC.exe [2007-04-25 73728] R2 FsUsbExService;FsUsbExService; C:\WINDOWS\system32\FsUsbExService.Exe [2009-04-07 233472] R2 IviRegMgr;IviRegMgr; C:\Programme\Gemeinsame Dateien\InterVideo\RegMgr\iviRegMgr.exe [2007-01-04 112152] R2 pdfcDispatcher;PDF Document Manager; C:\Programme\PDF Complete\pdfsvc.exe [2007-08-07 540184] R2 SeaPort;SeaPort; C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512] R2 SQLBrowser;SQL Server-Browser; c:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2008-11-24 239968] R2 SQLWriter;SQL Server VSS Writer; c:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-11-24 87904] S2 AntiVirScheduler;Avira AntiVir Personal – Free Antivirus Planer; C:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-23 68865] S2 AntiVirService;Avira AntiVir Personal – Free Antivirus Guard; C:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-23 151297] S2 gusvc;Google Software Updater; C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-23 183280] S2 PCA;PC Angel; C:\WINDOWS\SMINST\PCAngel.exe [2006-06-13 364544] S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-09-29 69632] S3 aspnet_state;ASP.NET-Zustandsdienst; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-12-17 655624] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 fsssvc;Windows Live Family Safety-Dienst; C:\Programme\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864] S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 iPod Service;iPod Service; C:\Programme\iPod\bin\iPodService.exe [2008-07-30 532264] S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ); c:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2009-05-27 29262680] S3 odserv;Microsoft Office Diagnostics Service; C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712] S3 ose;Office Source Engine; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 ServiceLayer;ServiceLayer; C:\Programme\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592] S3 WMPNetworkSvc;Windows Media Player-Netzwerkfreigabedienst; C:\Programme\Windows Media Player\WMPNetwk.exe [2006-11-03 920576] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336] S4 MSSQLServerADHelper;Hilfsdienst von SQL Server für Active Directory; c:\Programme\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2008-11-24 45408] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF----------------- Wäre nett, wenn jemand ne Idee hat, was ich tun kann  Geändert von johnny cash (23.12.2009 um 15:29 Uhr) |
| Themen zu Trojanerfund, nun Antivierenprogramme blockiert |
| antivir, avgnt, avgnt.exe, avgntflt.sys, blockiert, canon, converter, device driver, diagnostics, document, einstellungen, email, entfernen, excel, firefox, flash player, fontcache, help, hkus\s-1-5-18, home, installation, internet, internet explorer, logfile, mssql, picasa, programme blockiert, refresh, rundll, security, server, skype.exe, software, studio, symantec, systemcheck, trojaner, trojanerfund, updates, usb, windows, windows live messenger, windows xp |
Baum-Darstellung