Laptop langsamer geworden!

cipiripi · 24.02.2010, 08:35

Hallo!

Seit kurzer Zeit arbeitet mein Laptop viel langsamer und Seitenaufbau im Internet dauert viel mehr als sonst.

Hier ein paar Auswertungen:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:08:20, on 23.02.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\brss01a.exe
C:\Programme\Gemeinsame Dateien\G DATA\AVKProxy\AVKProxy.exe
C:\Programme\G DATA\InternetSecurity\AVK\AVKService.exe
C:\Programme\G DATA\InternetSecurity\AVK\AVKWCtl.exe
C:\Programme\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Gemeinsame Dateien\G DATA\GDScan\GDScan.exe
C:\Programme\G DATA\InternetSecurity\Firewall\GDFwSvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Brother\ControlCenter2\brctrcen.exe
C:\Programme\G DATA\InternetSecurity\Firewall\GDFirewallTray.exe
C:\Programme\G DATA\InternetSecurity\AVKTray\AVKTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\Programme\Trend Micro\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar mit Pop-Up-Blocker - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
F2 - REG:system.ini: UserInit=C:\WINDOWS\SYSTEM32\userinit.exe,c:\programme\g data\internetsecurity\avkkid\avkcks.exe,
O2 - BHO: G Data WebFilter Class - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Programme\G DATA\InternetSecurity\Webfilter\AVKWebIE.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: G Data WebFilter - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Programme\G DATA\InternetSecurity\Webfilter\AVKWebIE.dll
O4 - HKLM\..\Run: [ControlCenter2.0] C:\Programme\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKLM\..\Run: [Adobe ARM] "C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [GDFirewallTray] C:\Programme\G DATA\InternetSecurity\Firewall\GDFirewallTray.exe
O4 - HKLM\..\Run: [G DATA AntiVirus Trayapplication] C:\Programme\G DATA\InternetSecurity\AVKTray\AVKTray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-796845957-1085031214-682003330-1006\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Internet')
O4 - HKUS\S-1-5-21-796845957-1085031214-682003330-1007\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'INTERNET1')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Hinzufügen zu Kaspersky Anti-Banner - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre6\bin\npjpi160_18.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre6\bin\npjpi160_18.dll
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1236853612765
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{15E20960-6F4A-4DE6-95CB-0F35C71DE46A}: NameServer = 213.191.92.86 62.109.123.7
O17 - HKLM\System\CCS\Services\Tcpip\..\{46D70B4E-4492-4F3A-88D1-6FD61BCE4F12}: NameServer = 192.168.0.254
O17 - HKLM\System\CS5\Services\Tcpip\..\{15E20960-6F4A-4DE6-95CB-0F35C71DE46A}: NameServer = 213.191.92.86 62.109.123.7
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: haufereader - (no CLSID) - (no file)
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: G Data AntiVirus Proxy (AVKProxy) - G Data Software AG - C:\Programme\Gemeinsame Dateien\G DATA\AVKProxy\AVKProxy.exe
O23 - Service: G Data Scheduler (AVKService) - G Data Software AG - C:\Programme\G DATA\InternetSecurity\AVK\AVKService.exe
O23 - Service: G Data Dateisystem Wächter (AVKWCtl) - G Data Software AG - C:\Programme\G DATA\InternetSecurity\AVK\AVKWCtl.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: G Data Personal Firewall (GDFwSvc) - G Data Software AG - C:\Programme\G DATA\InternetSecurity\Firewall\GDFwSvc.exe
O23 - Service: G Data Scanner (GDScan) - G Data Software AG - C:\Programme\Gemeinsame Dateien\G DATA\GDScan\GDScan.exe
O23 - Service: Haufe iDesk-Service in c:\Programme\Haufe\iDesk\iDeskService\Zope (HRService) - Unknown owner - c:\Programme\Haufe\iDesk\iDeskService\iDeskService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe
O23 - Service: MWAgent - Unknown owner - C:\PROGRA~1\GEMEIN~1\MICROW~1\Agent\MWASER.EXE (file missing)

--
End of file - 7622 bytes

und noch eins:

Malwarebytes' Anti-Malware 1.44
Datenbank Version: 3510
Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

23.02.2010 18:39:15
mbam-log-2010-02-23 (18-39-15).txt

Scan-Methode: Vollständiger Scan (C:\|E:\|)
Durchsuchte Objekte: 277174
Laufzeit: 1 hour(s), 46 minute(s), 20 second(s)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 10

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\gnc.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\ZoranStanojevic\Lokale Einstellungen\Anwendungsdaten\gnc.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\32788R22FWJFW\Combo-Fix.sys (Malware.Trace) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{CBE769AD-ABA9-4040-B550-E8315E23FACE}\RP124\A0034699.sys (Malware.Trace) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{CBE769AD-ABA9-4040-B550-E8315E23FACE}\RP124\A0034773.sys (Malware.Trace) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{CBE769AD-ABA9-4040-B550-E8315E23FACE}\RP124\A0034847.sys (Malware.Trace) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{CBE769AD-ABA9-4040-B550-E8315E23FACE}\RP124\A0034922.sys (Malware.Trace) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{CBE769AD-ABA9-4040-B550-E8315E23FACE}\RP124\A0034997.sys (Malware.Trace) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{CBE769AD-ABA9-4040-B550-E8315E23FACE}\RP59\A0015665.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{CBE769AD-ABA9-4040-B550-E8315E23FACE}\RP64\A0016062.exe (Trojan.Dropper) -> Quarantined and deleted successfully.

danke!

cosinus · 24.02.2010, 20:39

Zitat:

Datenbank Version: 3510

Die MBAM-Sigs waren nicht aktuell. MBAM bitte starten, aktualisieren und den Vollscan wiederholen. Poste auch RSIT Logfiles.

cipiripi · 24.02.2010, 23:09

HAllo!

hier nochmal mbam log file:

Malwarebytes' Anti-Malware 1.44
Database version: 3786
Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

24.2.2010 22:14:36
mbam-log-2010-02-24 (22-14-36).txt

Scan type: Full Scan (C:\|)
Objects scanned: 191191
Time elapsed: 1 hour(s), 15 minute(s), 35 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

und das andere logfile:

Logfile of random's system information tool 1.06 (written by random/random)
Run by Z.S. at 2010-02-24 23:00:24
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 70 GB (61%) free of 114 GB
Total RAM: 894 MB (56% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:00:26, on 24.02.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\brss01a.exe
C:\Programme\Gemeinsame Dateien\G DATA\AVKProxy\AVKProxy.exe
C:\Programme\G DATA\InternetSecurity\AVK\AVKService.exe
C:\Programme\G DATA\InternetSecurity\AVK\AVKWCtl.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Programme\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Gemeinsame Dateien\G DATA\GDScan\GDScan.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Programme\G DATA\InternetSecurity\Firewall\GDFwSvc.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Brother\ControlCenter2\brctrcen.exe
C:\Programme\G DATA\InternetSecurity\Firewall\GDFirewallTray.exe
C:\Programme\G DATA\InternetSecurity\AVKTray\AVKTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Dokumente und Einstellungen\All Users\Dokumente\RSIT.exe
C:\Programme\Trend Micro\HJT\ZoranStanojevic.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar mit Pop-Up-Blocker - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
F2 - REG:system.ini: UserInit=C:\WINDOWS\SYSTEM32\userinit.exe,c:\programme\g data\internetsecurity\avkkid\avkcks.exe,
O2 - BHO: G Data WebFilter Class - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Programme\G DATA\InternetSecurity\Webfilter\AVKWebIE.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: G Data WebFilter - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Programme\G DATA\InternetSecurity\Webfilter\AVKWebIE.dll
O4 - HKLM\..\Run: [ControlCenter2.0] C:\Programme\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKLM\..\Run: [Adobe ARM] "C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [GDFirewallTray] C:\Programme\G DATA\InternetSecurity\Firewall\GDFirewallTray.exe
O4 - HKLM\..\Run: [G DATA AntiVirus Trayapplication] C:\Programme\G DATA\InternetSecurity\AVKTray\AVKTray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-796845957-1085031214-682003330-1007\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'INTERNET1')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Hinzufügen zu Kaspersky Anti-Banner - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre6\bin\npjpi160_18.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre6\bin\npjpi160_18.dll
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1236853612765
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{15E20960-6F4A-4DE6-95CB-0F35C71DE46A}: NameServer = 213.191.92.86 62.109.123.7
O17 - HKLM\System\CCS\Services\Tcpip\..\{46D70B4E-4492-4F3A-88D1-6FD61BCE4F12}: NameServer = 192.168.0.254
O17 - HKLM\System\CS5\Services\Tcpip\..\{15E20960-6F4A-4DE6-95CB-0F35C71DE46A}: NameServer = 213.191.92.86 62.109.123.7
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: haufereader - (no CLSID) - (no file)
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: G Data AntiVirus Proxy (AVKProxy) - G Data Software AG - C:\Programme\Gemeinsame Dateien\G DATA\AVKProxy\AVKProxy.exe
O23 - Service: G Data Scheduler (AVKService) - G Data Software AG - C:\Programme\G DATA\InternetSecurity\AVK\AVKService.exe
O23 - Service: G Data Dateisystem Wächter (AVKWCtl) - G Data Software AG - C:\Programme\G DATA\InternetSecurity\AVK\AVKWCtl.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: G Data Personal Firewall (GDFwSvc) - G Data Software AG - C:\Programme\G DATA\InternetSecurity\Firewall\GDFwSvc.exe
O23 - Service: G Data Scanner (GDScan) - G Data Software AG - C:\Programme\Gemeinsame Dateien\G DATA\GDScan\GDScan.exe
O23 - Service: Haufe iDesk-Service in c:\Programme\Haufe\iDesk\iDeskService\Zope (HRService) - Unknown owner - c:\Programme\Haufe\iDesk\iDeskService\iDeskService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe
O23 - Service: MWAgent - Unknown owner - C:\PROGRA~1\GEMEIN~1\MICROW~1\Agent\MWASER.EXE (file missing)

--
End of file - 7602 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0124123D-61B4-456f-AF86-78C53A0790C5}]
G Data WebFilter - C:\Programme\G DATA\InternetSecurity\Webfilter\AVKWebIE.dll [2009-09-18 594504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Programme\Java\jre6\bin\jp2ssv.dll [2010-01-11 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-01-11 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{0124123D-61B4-456f-AF86-78C53A0790C5} - G Data WebFilter - C:\Programme\G DATA\InternetSecurity\Webfilter\AVKWebIE.dll [2009-09-18 594504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ControlCenter2.0"=C:\Programme\Brother\ControlCenter2\brctrcen.exe [2005-05-17 933888]
"Adobe ARM"=C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672]
"GDFirewallTray"=C:\Programme\G DATA\InternetSecurity\Firewall\GDFirewallTray.exe [2009-09-24 1124424]
"G DATA AntiVirus Trayapplication"=C:\Programme\G DATA\InternetSecurity\AVKTray\AVKTray.exe [2009-09-18 924232]
"RegistryMechanic"= []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-04-04 61440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
C:\WINDOWS\system32\mlJyWMdc

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TDSSserv.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TDSSserv.sys]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"NoDispCPL"=0
"DisableClock"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SynchronousMachineGroupPolicy"=0
"SynchronousUserGroupPolicy"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoRun"=0
"NoFind"=0
"NoDrives"=0
"RestrictRun"=0
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Programme\Microsoft Office\Office12\GROOVE.EXE"="C:\Programme\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Programme\Microsoft Office\Office12\ONENOTE.EXE"="C:\Programme\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\PROGRA~1\GEMEIN~1\MICROW~1\Agent\MWAGENT.EXE"="C:\PROGRA~1\GEMEIN~1\MICROW~1\Agent\MWAGENT.EXE:*:Enabled:MicroWorld Management Agent"
"E:\zoki\eScan\DOWNLOAD.EXE"="E:\zoki\eScan\DOWNLOAD.EXE:*:Enabled:eScan Update Downloader"
"E:\zoki\eScan\TRAYICOS.EXE"="E:\zoki\eScan\TRAYICOS.EXE:*:Enabled:eScan Server Updater"
"E:\zoki\eScan\ESERV.EXE"="E:\zoki\eScan\ESERV.EXE:*:Enabled:eScan Management Console"
"C:\Programme\Skype\Plugin Manager\skypePM.exe"="C:\Programme\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Programme\Skype\Phone\Skype.exe"="C:\Programme\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\PROGRA~1\GEMEIN~1\MICROW~1\Agent\MWAGENT.EXE"="C:\PROGRA~1\GEMEIN~1\MICROW~1\Agent\MWAGENT.EXE:*:Enabled:MicroWorld Management Agent"
"E:\zoki\eScan\DOWNLOAD.EXE"="E:\zoki\eScan\DOWNLOAD.EXE:*:Enabled:eScan Update Downloader"
"E:\zoki\eScan\TRAYICOS.EXE"="E:\zoki\eScan\TRAYICOS.EXE:*:Enabled:eScan Server Updater"
"E:\zoki\eScan\ESERV.EXE"="E:\zoki\eScan\ESERV.EXE:*:Enabled:eScan Management Console"

======File associations======

.ini - open - C:\WINDOWS\SYSTEM32\NOTEPAD.EXE %1
.reg - open - regedit.exe "%1" %*
.txt - open - C:\WINDOWS\SYSTEM32\NOTEPAD.EXE %1

======List of files/folders created in the last 1 months======

2010-02-24 22:56:20 ----D---- C:\rsit
2010-02-24 20:52:47 ----HDC---- C:\WINDOWS\$NtUninstallKB979306$
2010-02-23 22:51:34 ----D---- C:\Programme\Gemeinsame Dateien\ODBC
2010-02-23 22:49:46 ----D---- C:\Programme\Registry Mechanic
2010-02-23 16:00:24 ----D---- C:\Programme\Malwarebytes' Anti-Malware
2010-02-23 14:45:47 ----D---- C:\32788R22FWJFW
2010-02-23 14:43:15 ----A---- C:\WINDOWS\ntbtlog.txt
2010-02-23 13:06:23 ----A---- C:\WINDOWS\zip.exe
2010-02-23 13:06:23 ----A---- C:\WINDOWS\SWXCACLS.exe
2010-02-23 13:06:23 ----A---- C:\WINDOWS\SWSC.exe
2010-02-23 13:06:23 ----A---- C:\WINDOWS\SWREG.exe
2010-02-23 13:06:23 ----A---- C:\WINDOWS\sed.exe
2010-02-23 13:06:23 ----A---- C:\WINDOWS\PEV.exe
2010-02-23 13:06:23 ----A---- C:\WINDOWS\NIRCMD.exe
2010-02-23 13:06:23 ----A---- C:\WINDOWS\MBR.exe
2010-02-23 13:06:23 ----A---- C:\WINDOWS\grep.exe
2010-02-23 13:05:18 ----D---- C:\WINDOWS\ERDNT
2010-02-23 13:03:47 ----D---- C:\Qoobox
2010-02-23 08:41:33 ----D---- C:\Dokumente und Einstellungen\ZoranStanojevic\Anwendungsdaten\Uniblue
2010-02-20 22:02:19 ----D---- C:\Programme\G DATA
2010-02-11 13:39:18 ----SHD---- C:\#GDATA.Trash.Store#
2010-02-11 10:30:29 ----A---- C:\WINDOWS\Backup.INI
2010-02-11 09:07:55 ----D---- C:\Programme\Gemeinsame Dateien\G DATA
2010-02-11 09:07:55 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\G DATA
2010-02-10 22:13:46 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Kaspersky Lab Setup Files
2010-02-10 12:11:36 ----D---- C:\Dokumente und Einstellungen\ZoranStanojevic\Anwendungsdaten\MSNInstaller
2010-02-10 10:47:14 ----AD---- C:\WINDOWS\rundll16.exe
2010-02-10 10:47:14 ----AD---- C:\WINDOWS\logo1_.exe
2010-02-10 08:36:44 ----HDC---- C:\WINDOWS\$NtUninstallKB978262$
2010-02-10 08:36:28 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2010-02-10 08:31:59 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2010-02-10 08:31:51 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2010-02-10 08:31:41 ----HDC---- C:\WINDOWS\$NtUninstallKB978251$
2010-02-10 08:31:25 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2010-02-10 08:29:48 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2010-02-10 08:29:32 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2010-02-10 08:29:04 ----HDC---- C:\WINDOWS\$NtUninstallKB977165$
2010-02-09 22:57:02 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SecTaskMan
2010-02-09 16:51:01 ----D---- C:\Programme\Gemeinsame Dateien\ATI Technologies
2010-02-09 16:41:49 ----A---- C:\WINDOWS\system32\Oemdspif.dll
2010-02-09 16:41:49 ----A---- C:\WINDOWS\system32\ativcoxx.dll
2010-02-09 16:41:49 ----A---- C:\WINDOWS\system32\atitvo32.dll
2010-02-09 16:41:49 ----A---- C:\WINDOWS\system32\atipdlxx.dll
2010-02-09 16:41:49 ----A---- C:\WINDOWS\system32\atioglxx.dll
2010-02-09 16:41:49 ----A---- C:\WINDOWS\system32\atioglx1.dll
2010-02-09 16:41:49 ----A---- C:\WINDOWS\system32\atikvmag.dll
2010-02-09 16:41:49 ----A---- C:\WINDOWS\system32\atiiiexx.dll
2010-02-09 16:41:49 ----A---- C:\WINDOWS\system32\ATIDEMGR.dll
2010-02-09 16:41:49 ----A---- C:\WINDOWS\system32\ATIDDC.DLL
2010-02-09 16:41:49 ----A---- C:\WINDOWS\system32\Ati2mdxx.exe
2010-02-09 16:41:49 ----A---- C:\WINDOWS\system32\ati2evxx.exe
2010-02-09 16:41:49 ----A---- C:\WINDOWS\system32\ati2evxx.dll
2010-02-09 16:41:49 ----A---- C:\WINDOWS\system32\ati2edxx.dll
2010-02-09 16:08:36 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Sun
2010-02-09 16:08:05 ----A---- C:\WINDOWS\system32\javaws.exe
2010-02-09 16:08:05 ----A---- C:\WINDOWS\system32\javaw.exe
2010-02-09 16:08:05 ----A---- C:\WINDOWS\system32\java.exe
2010-02-09 09:18:05 ----A---- C:\WINDOWS\system32\eempty.exe.47119998.mwt
2010-02-09 08:29:20 ----D---- C:\WINDOWS\Motorola
2010-02-09 08:29:11 ----A---- C:\WINDOWS\system32\sm56co.dll
2010-02-09 08:29:11 ----A---- C:\WINDOWS\sm56spn.dll
2010-02-09 08:29:11 ----A---- C:\WINDOWS\sm56jpn.dll
2010-02-09 08:29:11 ----A---- C:\WINDOWS\sm56itl.dll
2010-02-09 08:29:11 ----A---- C:\WINDOWS\sm56hlpr.exe
2010-02-09 08:29:11 ----A---- C:\WINDOWS\sm56ger.dll
2010-02-09 08:29:11 ----A---- C:\WINDOWS\sm56fra.dll
2010-02-09 08:29:11 ----A---- C:\WINDOWS\sm56eng.dll
2010-02-09 08:29:11 ----A---- C:\WINDOWS\sm56cht.dll
2010-02-09 08:29:11 ----A---- C:\WINDOWS\sm56chs.dll
2010-02-09 08:29:11 ----A---- C:\WINDOWS\sm56brz.dll
2010-02-09 01:06:26 ----SHD---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2010-02-08 22:48:47 ----AD---- C:\WINDOWS\VDLL.DLL
2010-02-08 22:48:47 ----AD---- C:\WINDOWS\system32\runouce.exe
2010-02-08 22:48:47 ----AD---- C:\WINDOWS\system32\regsvr.exe
2010-02-08 22:48:47 ----AD---- C:\WINDOWS\RUNDL132.EXE
2010-02-08 22:48:47 ----AD---- C:\WINDOWS\logo_1.exe

======List of files/folders modified in the last 1 months======

2010-02-24 22:55:31 ----D---- C:\WINDOWS\Temp
2010-02-24 21:12:58 ----D---- C:\WINDOWS\system32\CatRoot2
2010-02-24 20:55:14 ----AD---- C:\WINDOWS
2010-02-24 20:53:44 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-02-24 20:52:54 ----HD---- C:\WINDOWS\inf
2010-02-24 20:52:50 ----D---- C:\WINDOWS\system32
2010-02-23 22:52:29 ----SHD---- C:\WINDOWS\Installer
2010-02-23 22:52:07 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft Help
2010-02-23 22:51:35 ----RSD---- C:\WINDOWS\Fonts
2010-02-23 22:51:34 ----D---- C:\Programme\Gemeinsame Dateien
2010-02-23 22:49:46 ----SD---- C:\Programme
2010-02-23 22:42:11 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Adobe
2010-02-23 18:42:07 ----HDC---- C:\WINDOWS\$NtUninstallKB952287_0$
2010-02-23 18:42:07 ----D---- C:\WINDOWS\system32\drivers
2010-02-23 14:19:59 ----AH---- C:\boot.ini
2010-02-23 14:19:58 ----A---- C:\WINDOWS\win.ini
2010-02-23 14:19:58 ----A---- C:\WINDOWS\system.ini
2010-02-23 14:06:34 ----D---- C:\WINDOWS\Prefetch
2010-02-23 13:06:47 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-02-23 12:45:49 ----D---- C:\Programme\Trend Micro
2010-02-23 10:56:40 ----D---- C:\WINDOWS\system32\config
2010-02-23 08:48:41 ----AD---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP
2010-02-23 00:54:28 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-02-21 15:12:33 ----SD---- C:\WINDOWS\Tasks
2010-02-21 00:34:18 ----D---- C:\WINDOWS\system
2010-02-20 22:02:35 ----D---- C:\WINDOWS\WinSxS
2010-02-20 21:32:48 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira
2010-02-20 12:56:49 ----A---- C:\WINDOWS\ODBCINST.INI
2010-02-15 15:44:47 ----D---- C:\Programme\Gemeinsame Dateien\Adobe
2010-02-15 15:43:56 ----D---- C:\Programme\Adobe
2010-02-11 10:26:53 ----HD---- C:\Programme\InstallShield Installation Information
2010-02-10 20:34:43 ----D---- C:\WINDOWS\system32\CatRoot
2010-02-10 12:13:10 ----D---- C:\WINDOWS\Debug
2010-02-10 12:11:40 ----D---- C:\Programme\MSN
2010-02-10 12:07:18 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-02-10 10:51:22 ----D---- C:\Programme\Mozilla Firefox
2010-02-10 08:36:43 ----HD---- C:\WINDOWS\$hf_mig$
2010-02-10 00:48:36 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MicroWorld
2010-02-09 16:43:58 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-02-09 16:13:07 ----A---- C:\WINDOWS\wininit.ini
2010-02-09 16:12:09 ----D---- C:\Programme\Java
2010-02-09 16:12:08 ----D---- C:\Programme\Gemeinsame Dateien\Java
2010-02-09 08:29:26 ----D---- C:\WINDOWS\Help
2010-02-09 01:06:38 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software
2010-02-09 00:00:56 ----D---- C:\WINDOWS\network diagnostic
2010-02-08 22:49:04 ----A---- C:\WINDOWS\system32\contfilt.dll
2010-02-08 22:49:01 ----A---- C:\WINDOWS\system32\mwnsp.dll
2010-02-08 22:49:00 ----A---- C:\WINDOWS\system32\mwtsp.dll
2010-02-01 20:26:20 ----A---- C:\WINDOWS\system32\MRT.exe
2010-01-31 11:36:23 ----D---- C:\Dokumente und Einstellungen\ZoranStanojevic\Anwendungsdaten\Skype
2010-01-31 11:35:26 ----D---- C:\WINDOWS\pss
2010-01-31 11:23:06 ----D---- C:\Dokumente und Einstellungen\ZoranStanojevic\Anwendungsdaten\skypePM

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 cdrbsvsd;cdrbsvsd; C:\WINDOWS\system32\drivers\cdrbsvsd.sys [2003-12-03 13566]
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2008-07-21 24392]
R1 GRD;G Data Rootkit Detector Driver; \??\C:\WINDOWS\system32\drivers\GRD.sys []
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2006-07-24 5632]
R2 GDTdiInterceptor;GDTdiInterceptor; \??\C:\WINDOWS\system32\drivers\GDTdiIcpt.sys []
R3 AnyDVD;AnyDVD; C:\WINDOWS\System32\Drivers\AnyDVD.sys [2008-09-22 99648]
R3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2006-03-23 488992]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-04-04 1536000]
R3 CmBatt;Treiber für Microsoft-ACPI-Kontrollmethodenkompatible Batterie; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 ElbyDelay;ElbyDelay; C:\WINDOWS\System32\Drivers\ElbyDelay.sys [2007-02-16 11984]
R3 GDMnIcpt;GDMnIcpt; \??\C:\WINDOWS\system32\drivers\MiniIcpt.sys []
R3 GearAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\drivers\GEARAspiWDM.sys [2008-02-22 16168]
R3 HDAudBus;Microsoft UAA-Bustreiber für High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HookCentre;HookCentre; \??\C:\WINDOWS\system32\drivers\HookCentre.sys []
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-04-17 4262912]
R3 NIC1394;1394-Netzwerktreiber; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 rtl8139;NT-Treiber für Realtek RTL8139(A/B/C)-basierten PCI-Fast Ethernet-Adapter; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
R3 smserial;smserial; C:\WINDOWS\system32\DRIVERS\smserial.sys [2006-01-20 862340]
R3 usbehci;Miniporttreiber für erweiterten Microsoft USB 2.0-Hostcontroller; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2-aktivierter Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Miniporttreiber für Microsoft USB Open Host-Controller; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
S3 61883;61883-Einheitsgerät; C:\WINDOWS\system32\DRIVERS\61883.sys [2008-04-13 48128]
S3 Arp1394;1394-ARP-Clientprotokoll; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 Avc;AVC-Gerät; C:\WINDOWS\system32\DRIVERS\avc.sys [2008-04-13 38912]
S3 bdfsfltr;bdfsfltr; C:\WINDOWS\system32\DRIVERS\bdfsfltr.sys [2009-02-03 245896]
S3 BrScnUsb;Brother USB Still Image driver; C:\WINDOWS\System32\Drivers\BrScnUsb.sys [2004-10-15 15295]
S3 BthEnum;Bluetooth-Auflistungsdienst; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BTHMODEM;Serieller Kommunikationstreiber für Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-13 37888]
S3 BthPan;Bluetooth-Gerät (PAN); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Bluetooth-Porttreiber; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 273024]
S3 BTHUSB;USB-Treiber für Bluetooth-Funkgerät; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 CCDECODE;Untertiteldecoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 econceal;MicroWorld Technologies Network Service; C:\WINDOWS\system32\DRIVERS\econceal.sys []
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2008-04-13 51200]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI-Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV-/Videoverbindung; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2008-09-19 47360]
S3 qcusbmdm;Qualcomm Proprietary USB Driver (PID 3197); C:\WINDOWS\system32\DRIVERS\qcusbmdm.sys [2003-03-10 59632]
S3 qcusbser;Qualcomm Diagnostic Port 3197; C:\WINDOWS\system32\DRIVERS\qcusbser.sys [2003-03-10 59632]
S3 RFCOMM;Bluetooth-Gerät (RFCOMM-Protokoll-TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 sonypvs1;Sony Digital Imaging Video2; C:\WINDOWS\system32\DRIVERS\sonypvs1.sys [2002-10-15 102220]
S3 SONYPVU1;Sony USB-Filtertreiber (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\sscdbus.sys [2007-07-03 80552]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys [2007-07-03 11944]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\WINDOWS\system32\DRIVERS\sscdmdm.sys [2007-07-03 106792]
S3 streamip;BDA-IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 tap0801;TAP-Win32 Adapter V8; C:\WINDOWS\system32\DRIVERS\tap0801.sys [2006-10-01 26624]
S3 usbaudio;USB-Audiotreiber (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbccgp;Microsoft Standard-USB-Haupttreiber; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Microsoft USB-Druckerklasse; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 USBSTOR;USB-Massenspeichertreiber; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 usbvideo;USB-Videogerät (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 WSTCODEC;World Standard Teletext-Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 WS2IFSL;Windows Socket 2.0 Non-IFS-Dienstanbieter-Unterstützungsumgebung; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-04 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-04-04 405504]
R2 AVKProxy;G Data AntiVirus Proxy; C:\Programme\Gemeinsame Dateien\G DATA\AVKProxy\AVKProxy.exe [2009-12-07 1128008]
R2 AVKService;G Data Scheduler; C:\Programme\G DATA\InternetSecurity\AVK\AVKService.exe [2009-08-08 397896]
R2 AVKWCtl;G Data Dateisystem Wächter; C:\Programme\G DATA\InternetSecurity\AVK\AVKWCtl.exe [2009-11-25 1251488]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Programme\Java\jre6\bin\jqs.exe [2009-12-17 153376]
R3 GDFwSvc;G Data Personal Firewall; C:\Programme\G DATA\InternetSecurity\Firewall\GDFwSvc.exe [2009-11-25 1547104]
R3 GDScan;G Data Scanner; C:\Programme\Gemeinsame Dateien\G DATA\GDScan\GDScan.exe [2009-11-26 302152]
S2 Brother XP spl Service;BrSplService; C:\WINDOWS\system32\brsvc01a.exe [2002-04-11 57344]
S2 HRService;Haufe iDesk-Service in c:\Programme\Haufe\iDesk\iDeskService\Zope; c:\Programme\Haufe\iDesk\iDeskService\iDeskService.exe [2007-09-07 71208]
S2 MWAgent;MWAgent; C:\PROGRA~1\GEMEIN~1\MICROW~1\Agent\MWASER.EXE []
S3 aspnet_state;ASP.NET-Zustandsdienst; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Programme\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
S4 NetTcpPortSharing;Net.Tcp-Portfreigabedienst; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

cosinus · 26.02.2010, 00:13

Die Logs sind okay. Hast Du erst vor kurzem GDATA Internet Security Suite installiert? Suites sind meist Systembremsen und absolut nicht notwendig um die Sicherheit des PCs zu gewährleisten.

cipiripi · 26.02.2010, 13:06

Ja GData ist drauf aber trotzdem laufen viele Prozesse im Hintergrund ist das der Grund warum der Rechner langsam ist!?

gruß

cosinus · 27.02.2010, 18:15

Das war nicht meine Frage. Ich wollte wissen ob Du GDATA erst vor kurzem installiert hast.
Wieviele Prozesse sind bei Dir denn aktiv? So besonders viele sehe ich da nämlich nicht.

26.02.2010, 00:13	#4
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Laptop langsamer geworden! Die Logs sind okay. Hast Du erst vor kurzem GDATA Internet Security Suite installiert? Suites sind meist Systembremsen und absolut nicht notwendig um die Sicherheit des PCs zu gewährleisten. __________________ Logfiles bitte immer in CODE-Tags posten

27.02.2010, 18:15	#6
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Laptop langsamer geworden! Das war nicht meine Frage. Ich wollte wissen ob Du GDATA erst vor kurzem installiert hast. Wieviele Prozesse sind bei Dir denn aktiv? So besonders viele sehe ich da nämlich nicht. __________________ --> Laptop langsamer geworden!

Laptop langsamer geworden!

Plagegeister aller Art und deren Bekämpfung: Laptop langsamer geworden!