Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Malware verschickt Spam an komplettes Email-kontakte Kontingent

Malware verschickt Spam an komplettes Email-kontakte Kontingent


Plagegeister aller Art und deren Bekämpfung: Malware verschickt Spam an komplettes Email-kontakte Kontingent

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 05.04.2010, 15:37   #1
SteelWolf
 
Malware verschickt Spam an komplettes Email-kontakte Kontingent - Standard

Malware verschickt Spam an komplettes Email-kontakte Kontingent


Durch google bin ich auf folgenden Thread gestoßen:
http://www.trojaner-board.de/81680-e...m-mails-3.html

Bezugnehmend zu diesem habe ich nun ebenfalls einige der Tools benutzt inklusive der CCleaner,AntiMalware und RSIT routine

zuerst einmal aber das Ergebnis von GMER:
Code:
ATTFilter
GMER 1.0.15.15281 - hxxp://www.gmer.net
Rootkit quick scan 2010-04-05 15:33:51
Windows 5.1.2600 Service Pack 2
Running: xs9tv4s4.exe; Driver: C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\pwriapow.sys


---- System - GMER 1.0.15 ----

SSDT            a347bus.sys (Plug and Play BIOS Extension/ )  ZwEnumerateKey [0xBA7815DC]
SSDT            a347bus.sys (Plug and Play BIOS Extension/ )  ZwEnumerateValueKey [0xBA78D120]

---- Devices - GMER 1.0.15 ----

Device          \FileSystem\Ntfs \Ntfs                        8A902D60
Device          \FileSystem\Fastfat \Fat                      892CB938

AttachedDevice  \FileSystem\Fastfat \Fat                      fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice  \Driver\Tcpip \Device\Tcp                     Lbd.sys (Boot Driver/Lavasoft AB)
AttachedDevice  \Driver\Tcpip \Device\Tcp                     pxrts.sys (Prevx Realtime Security/Prevx)

---- EOF - GMER 1.0.15 ----
Anti-Malware hat nichts gefunden im Quick Scan

RSIT Log:
Code:
ATTFilter
Logfile of random's system information tool 1.06 (written by random/random)
Run by Administrator at 2010-04-05 16:19:12
Microsoft Windows XP Professional Service Pack 2
System drive C: has 2 GB (8%) free of 30 GB
Total RAM: 2047 MB (54% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:19:27, on 05.04.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Analog Devices\Core\smax4pnp.exe
C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe
C:\Programme\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Programme\AntiVir PersonalEdition Classic\sched.exe
C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\ATKKBService.exe
C:\Programme\Gemeinsame Dateien\Autodesk Shared\Service\AdskScSrv.exe
C:\Programme\Prevx\prevx.exe
C:\Programme\LogMeIn Hamachi\hamachi-2.exe
C:\Programme\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
D:\Programme\Tunngle\TnglCtrl.exe
D:\Programme\Virtual CD v8\System\VC8SecS.exe
C:\Programme\Prevx\prevx.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programme\Lavasoft\Ad-Aware\AAWTray.exe
C:\Programme\Windows Live\Contacts\wlcomm.exe
C:\Programme\Internet Explorer\IEXPLORE.EXE
C:\Programme\Internet Explorer\IEXPLORE.EXE
C:\Programme\Internet Explorer\IEXPLORE.EXE
C:\Programme\Internet Explorer\IEXPLORE.EXE
C:\Programme\Windows Media Player\wmplayer.exe
C:\Dokumente und Einstellungen\Administrator\Desktop\RSIT.exe
C:\Programme\trend micro\Administrator.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.at/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = ftp=proxy.aon.at:8080;http=proxy.aon.at:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.aon.at;<local>;*.local
R3 - URLSearchHook: DVDVideoSoft Toolbar - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Programme\DVDVideoSoft\tbDVDV.dll
O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Programme\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: CrazyBids Toolbar - {90cf98eb-d2f9-46b6-bf33-5069ac334cfc} - C:\Programme\CrazyBids\tbCra1.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Programme\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: DVDVideoSoft Toolbar - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Programme\DVDVideoSoft\tbDVDV.dll
O3 - Toolbar: ImageShack Toolbar - {6932D140-ABC4-4073-A44C-D4A541665E35} - C:\Programme\ImageShackToolbar\ImageShackToolbar.dll
O3 - Toolbar: CrazyBids Toolbar - {90cf98eb-d2f9-46b6-bf33-5069ac334cfc} - C:\Programme\CrazyBids\tbCra1.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: DVDVideoSoft Toolbar - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Programme\DVDVideoSoft\tbDVDV.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Programme\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [avgnt] "C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Launch Ai Booster] "D:\Programme\ASUS\AI Booster\OverClk.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ Malwarebytes Anti-Malware  (reboot)] "D:\Programme\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [msnmsgr] "C:\Programme\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Post Image to Blog - res://C:\Programme\ImageShackToolbar\ImageShackToolbar.dll/5003
O8 - Extra context menu item: Tag This Image - res://C:\Programme\ImageShackToolbar\ImageShackToolbar.dll/5002
O8 - Extra context menu item: Transload Image to ImageShack - res://C:\Programme\ImageShackToolbar\ImageShackToolbar.dll/5004
O8 - Extra context menu item: Upload All Images to ImageShack - res://C:\Programme\ImageShackToolbar\ImageShackToolbar.dll/5000
O8 - Extra context menu item: Upload Image to ImageShack - res://C:\Programme\ImageShackToolbar\ImageShackToolbar.dll/5001
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Programme\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O15 - Trusted Zone: hxxp://toolbar.imageshack.us
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - hxxp://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.6.108.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - hxxp://messenger.zone.msn.com/DE-AT/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1198525750328
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - hxxp://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab
O16 - DPF: {6932D140-ABC4-4073-A44C-D4A541665E35} (ImageShack Toolbar) - hxxp://toolbar.imageshack.us/toolbar/ImageShackToolbar.cab
O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} (Battlefield Heroes Updater) - https://www.battlefieldheroes.com/static/updater/BFHUpdater_4.0.21.0.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - hxxp://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Programme\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Programme\Gemeinsame Dateien\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: CSIScanner - Prevx - C:\Programme\Prevx\prevx.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Programme\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Programme\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Programme\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Lookout Citadel Server (LkCitadelServer) - National Instruments, Inc. - C:\WINDOWS\system32\lkcitdl.exe
O23 - Service: NI-Motion Device Manager (nimcdldu) - National Instruments Corporation - C:\WINDOWS\system32\nipalsm.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TunngleService - Tunngle.net GmbH - D:\Programme\Tunngle\TnglCtrl.exe
O23 - Service: Virtual CD v8 Management Service (VC8SecS) - H+H Software GmbH - D:\Programme\Virtual CD v8\System\VC8SecS.exe

--
End of file - 11372 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\OGALogon.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{273C3A1A-7AF6-4F60-8F85-2E982BD4FDB7}.job
C:\WINDOWS\tasks\WGASetup.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Programme\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2007-12-07 1377576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Anmelde-Hilfsprogramm - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{90cf98eb-d2f9-46b6-bf33-5069ac334cfc}]
CrazyBids Toolbar - C:\Programme\CrazyBids\tbCra1.dll [2010-02-19 2349080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll [2009-11-01 259696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Programme\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-11-18 764912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Programme\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll [2009-11-01 470512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Programme\Java\jre6\bin\jp2ssv.dll [2010-02-20 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-02-20 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}]
DVDVideoSoft Toolbar - C:\Programme\DVDVideoSoft\tbDVDV.dll [2009-12-31 2349080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{6932D140-ABC4-4073-A44C-D4A541665E35} - ImageShack Toolbar - C:\Programme\ImageShackToolbar\ImageShackToolbar.dll [2008-01-29 626688]
{90cf98eb-d2f9-46b6-bf33-5069ac334cfc} - CrazyBids Toolbar - C:\Programme\CrazyBids\tbCra1.dll [2010-02-19 2349080]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll [2009-11-01 259696]
{e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - DVDVideoSoft Toolbar - C:\Programme\DVDVideoSoft\tbDVDV.dll [2009-12-31 2349080]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"=C:\Programme\Analog Devices\Core\smax4pnp.exe [2006-05-01 843776]
"avgnt"=C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe [2008-07-19 266497]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-12-05 8523776]
"Launch Ai Booster"=D:\Programme\ASUS\AI Booster\OverClk.exe [2006-07-24 3712512]
"QuickTime Task"=C:\Programme\QuickTime\qttask.exe [2009-11-11 417792]
" Malwarebytes Anti-Malware  (reboot)"=D:\Programme\Malwarebytes' Anti-Malware\mbam.exe [2010-03-29 1086856]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"=C:\Programme\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883840]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-11-11 15360]
"swg"=C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-11-01 39408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe [2007-05-11 40048]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
C:\Programme\Gemeinsame Dateien\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeUpdater]
C:\Programme\Gemeinsame Dateien\Adobe\Updater5\AdobeUpdater.exe [2007-03-01 2321600]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS SmartDoctor]
C:\Program Files\ASUS\SmartDoctor\SmartDoctor.exe [2006-03-24 1073152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AsusServiceProvider]
C:\Programme\ASUS\AASP\1.00.00\aaCenter.exe [2006-06-28 581632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
bthprops.cpl,,BluetoothAuthenticationAgent []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
C:\WINDOWS\system32\ctfmon.exe [2004-11-11 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
D:\Programme\iTunes\iTunesHelper.exe [2010-01-22 141608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\JMB36X Configure]
C:\WINDOWS\system32\JMRaidTool.exe [2006-06-02 385024]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
C:\WINDOWS\system32\dumprep 0 -k []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
C:\Programme\LogMeIn Hamachi\hamachi-2-ui.exe [2010-03-30 1820040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MessengerPlus3]
C:\Programme\MessengerPlus! 3\MsgPlus.exe [2007-12-25 190024]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Programme\Messenger\msmsgs.exe [2004-10-13 1694208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
C:\PROGRA~1\WINDOW~4\MESSEN~1\msnmsgr.exe [2009-07-26 3883840]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\niDevMon]
H:\Programme\National Instruments\NI-DAQ\HWConfig\nidevmon.exe [2007-07-14 106064]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
C:\WINDOWS\system32\NvCpl.dll [2007-12-05 8523776]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
C:\WINDOWS\system32\NvMcTray.dll [2007-12-05 81920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OnlineFestplatte]
C:\Programme\aon\Onlinefestplatte\OnlineFestplatte.exe [2008-01-25 253976]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Programme\QuickTime\qttask.exe [2009-11-11 417792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Start WingMan Profiler]
C:\Programme\Logitech\Gaming Software\LWEMon.exe [2007-09-25 93208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
D:\Programme\Valve\Steam\Steam.exe [2010-02-21 1217872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe [2010-01-11 246504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-11-01 39408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe [2008-08-18 185896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VC8Player]
D:\Programme\Virtual CD v8\System\VC8Play.exe [2006-09-01 289912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive]
C:\Programme\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2006-04-29 94208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Programme\Winamp\winampa.exe [2006-06-21 35328]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^Administrator^Startmenü^Programme^Autostart^ikowin32.exe]
C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Autostart\ikowin32.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^Administrator^Startmenü^Programme^Autostart^OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk]
C:\PROGRA~1\MICROS~2\Office12\ONENOTEM.EXE [2008-10-25 98696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Alerter.lnk]
C:\PROGRA~1\VAMPIR~1\VFALER~1.EXE [2007-11-26 9716224]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^ASUS Smartdoctor.lnk]
C:\PROGRA~2\ASUS\SMARTD~1\SMARTD~1.EXE [2006-03-24 1073152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^AutoCAD Startup Accelerator.lnk]
C:\PROGRA~1\GEMEIN~1\AUTODE~1\ACSTAR~1.EXE [2006-03-05 11000]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^GetRight.lnk]
D:\PROGRA~1\GetRight\GetRight.exe  []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Start DSO.lnk]
C:\PROGRA~1\LeCroy\XStream\LECROY~1.EXE [2009-06-02 157184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WMPNetworkSvc"=3
"WLSetupSvc"=3
"rpcapd"=3
"PnkBstrB"=2
"PnkBstrA"=2
"odserv"=3
"Microsoft Office Groove Audit Service"=3
"mi-raysat_3dsmax9_32"=2
"mi-raysat_3dsMax2009_32"=2
"Bonjour Service"=2
"PortmapSvc"=2
"NITaggerService"=2
"niSvcLoc"=2
"nipxirmu"=2
"NILM License Manager"=3
"NIDomainService"=2
"nidevldu"=2
"ni488enumsvc"=2
"mxssvr"=2
"lkTimeSync"=2
"lkClassAds"=2
"LightScribeService"=2
"LecTouchScreenCtrl"=2
"FLEXnet Licensing Service"=3
"usnjsvc"=3
"OpcEnum"=3
"idsvc"=3
"Crypkey License"=2
"aawservice"=2
"gusvc"=3

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-10-16 3584]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Programme\eMule\emule.exe"="C:\Programme\eMule\emule.exe:*:Enabled:eMule"
"D:\Programme\Valve\Steam\steamapps\peter.metznik@gmx.net\counter-strike source\hl2.exe"="D:\Programme\Valve\Steam\steamapps\peter.metznik@gmx.net\counter-strike source\hl2.exe:*:Enabled:hl2"
"D:\Programme\OpenTTD\openttd.exe"="D:\Programme\OpenTTD\openttd.exe:*:Enabled:OpenTTD"
"C:\Programme\uTorrent\uTorrent.exe"="C:\Programme\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Programme\The All-Seeing Eye\eye.exe"="C:\Programme\The All-Seeing Eye\eye.exe:*:Enabled:Yahoo! All-Seeing Eye"
"C:\WINDOWS\system32\rtcshare.exe"="C:\WINDOWS\system32\rtcshare.exe:*:Enabled:RTC-Gemeinsame Nutzung von Anwendungen"
"D:\Programme\Valve\Steam\steamapps\peter.metznik@gmx.net\half-life 2 deathmatch\hl2.exe"="D:\Programme\Valve\Steam\steamapps\peter.metznik@gmx.net\half-life 2 deathmatch\hl2.exe:*:Enabled:hl2"
"D:\Programme\Spring\spring.exe"="D:\Programme\Spring\spring.exe:*:Enabled:spring"
"D:\Programme\EA GAMES\Battlefield 1942\BF1942.exe"="D:\Programme\EA GAMES\Battlefield 1942\BF1942.exe:*:Enabled:BF1942"
"D:\Programme\Valve\Steam\steamapps\peter.metznik@gmx.net\source dedicated server\srcds.exe"="D:\Programme\Valve\Steam\steamapps\peter.metznik@gmx.net\source dedicated server\srcds.exe:*:Enabled:srcds"
"D:\Programme\Warcraft III\war3.exe"="D:\Programme\Warcraft III\war3.exe:*:Enabled:Warcraft III"
"D:\Westwood\AR2\gamemd.exe"="D:\Westwood\AR2\gamemd.exe:*:Enabled:Main executable for Yuri's Revenge"
"D:\Westwood\AR2\mphmd.exe"="D:\Westwood\AR2\mphmd.exe:*:Enabled:mphmd"
"C:\Program\EA GAMES\Command & Conquer Generals\Zero Hour\game.dat"="C:\Program\EA GAMES\Command & Conquer Generals\Zero Hour\game.dat:*:Enabled:game"
"C:\Program\EA GAMES\Command and Conquer Generals\game.dat"="C:\Program\EA GAMES\Command and Conquer Generals\game.dat:*:Enabled:game"
"C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"C:\Programme\UltraVNC\vncviewer.exe"="C:\Programme\UltraVNC\vncviewer.exe:*:Enabled:VNCViewer"
"D:\Programme\THQ\Dawn of War\W40k.exe"="D:\Programme\THQ\Dawn of War\W40k.exe:*:Enabled:W40k"
"D:\Programme\Warcraft III\Warcraft III.exe"="D:\Programme\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III"
"D:\Programme\National Instruments\LabVIEW 8.5\LabVIEW.exe"="D:\Programme\National Instruments\LabVIEW 8.5\LabVIEW.exe:*:Enabled:LabVIEW 8.5 Development System"
"D:\Programme\Valve\Steam\steamapps\peter.metznik@gmx.net\source sdk base\hl2.exe"="D:\Programme\Valve\Steam\steamapps\peter.metznik@gmx.net\source sdk base\hl2.exe:*:Enabled:hl2"
"C:\WINDOWS\pchealth\helpctr\binaries\HelpCtr.exe"="C:\WINDOWS\pchealth\helpctr\binaries\HelpCtr.exe:*:Enabled:Remoteunterstützung - Windows Messenger und Voice"
"C:\Program Files\Real\RealPlayer\realplay.exe"="C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"D:\Programme\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe"="D:\Programme\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) "
"C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Programme\Microsoft Office\Office12\GROOVE.EXE"="C:\Programme\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Programme\Microsoft Office\Office12\ONENOTE.EXE"="C:\Programme\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"D:\3dsmax7\3dsmax.exe"="D:\3dsmax7\3dsmax.exe:*:Enabled:3ds max 7"
"C:\Programme\backburner 2\monitor.exe"="C:\Programme\backburner 2\monitor.exe:*:Enabled:backburner 2.3 monitor"
"C:\Programme\backburner 2\manager.exe"="C:\Programme\backburner 2\manager.exe:*:Enabled:backburner 2.3 manager"
"C:\Programme\backburner 2\server.exe"="C:\Programme\backburner 2\server.exe:*:Enabled:backburner 2.3 server"
"D:\Programme\Autodesk\3ds Max 2009\3dsmax.exe"="D:\Programme\Autodesk\3ds Max 2009\3dsmax.exe:*:Enabled:Autodesk 3ds Max 2009 32-bit"
"D:\Programme\Autodesk\3ds Max 9\3dsmax.exe"="D:\Programme\Autodesk\3ds Max 9\3dsmax.exe:*:Enabled:Autodesk 3ds Max 9 32-bit"
"D:\Programme\Autodesk\Backburner\monitor.exe"="D:\Programme\Autodesk\Backburner\monitor.exe:*:Enabled:backburner 2.3 monitor"
"D:\Programme\Autodesk\Backburner\manager.exe"="D:\Programme\Autodesk\Backburner\manager.exe:*:Enabled:backburner 2.3 manager"
"D:\Programme\Autodesk\Backburner\server.exe"="D:\Programme\Autodesk\Backburner\server.exe:*:Enabled:backburner 2.3 server"
"D:\Programme\Chaos Group\V-Ray\3dsmax R9 for x86\vrlserver.exe"="D:\Programme\Chaos Group\V-Ray\3dsmax R9 for x86\vrlserver.exe:*:Enabled:VRLServer"
"D:\Programme\Lavasoft\Ad-Aware\aawservice.exe"="D:\Programme\Lavasoft\Ad-Aware\aawservice.exe:*:Enabled:aawservice"
"C:\Programme\Messenger\msmsgs.exe"="C:\Programme\Messenger\msmsgs.exe:*:Enabled:msmsgs"
"C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe"="C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe:*:Enabled:avgnt"
"C:\Programme\Last.fm\LastFM.exe"="C:\Programme\Last.fm\LastFM.exe:*:Enabled:LastFM"
"C:\Programme\Analog Devices\Core\smax4pnp.exe"="C:\Programme\Analog Devices\Core\smax4pnp.exe:*:Enabled:smax4pnp"
"C:\Programme\Telekom Austria\aonController\aonController.exe"="C:\Programme\Telekom Austria\aonController\aonController.exe:*:Enabled:Controller"
"C:\Programme\Telekom Austria\Breitband-Internet-Installation\fixnet installer\Installer.exe"="C:\Programme\Telekom Austria\Breitband-Internet-Installation\fixnet installer\Installer.exe:*:Enabled:Breitband-Internet-Installation"
"D:\Programme\Sierra Entertainment\WORLD IN CONFLICT\wic.exe"="D:\Programme\Sierra Entertainment\WORLD IN CONFLICT\wic.exe:*:Enabled:WORLD IN CONFLICT"
"D:\Programme\Sierra Entertainment\WORLD IN CONFLICT\wic_online.exe"="D:\Programme\Sierra Entertainment\WORLD IN CONFLICT\wic_online.exe:*:Enabled:WORLD IN CONFLICT - Nur Online"
"D:\Programme\Sierra Entertainment\WORLD IN CONFLICT\wic_ds.exe"="D:\Programme\Sierra Entertainment\WORLD IN CONFLICT\wic_ds.exe:*:Enabled:WORLD IN CONFLICT - Dedizierter Server"
"C:\Programme\Gemeinsame Dateien\Adobe\CS4ServiceManager\CS4ServiceManager.exe"="C:\Programme\Gemeinsame Dateien\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4"
"D:\Programme\World of Warcraft\Launcher.exe"="D:\Programme\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher"
"D:\Programme\World of Warcraft\WoW-3.1.3.9947-to-3.2.0.10192-deDE-downloader.exe"="D:\Programme\World of Warcraft\WoW-3.1.3.9947-to-3.2.0.10192-deDE-downloader.exe:*:Enabled:Blizzard Downloader"
"D:\Programme\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-deDE-downloader.exe"="D:\Programme\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-deDE-downloader.exe:*:Enabled:Blizzard Downloader"
"D:\Programme\World of Warcraft\WoW-3.2.0.10314-to-3.2.2.10482-deDE-downloader.exe"="D:\Programme\World of Warcraft\WoW-3.2.0.10314-to-3.2.2.10482-deDE-downloader.exe:*:Enabled:Blizzard Downloader"
"D:\Programme\World of Warcraft\WoW-3.2.2.10482-to-3.2.2.10505-deDE-downloader.exe"="D:\Programme\World of Warcraft\WoW-3.2.2.10482-to-3.2.2.10505-deDE-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Programme\Windows Live\Messenger\wlcsdk.exe"="C:\Programme\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Programme\Windows Live\Messenger\msnmsgr.exe"="C:\Programme\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"D:\Programme\Valve\Steam\Steam.exe"="D:\Programme\Valve\Steam\Steam.exe:*:Enabled:Steam 732897"
"D:\Programme\World of Warcraft\BackgroundDownloader.exe"="D:\Programme\World of Warcraft\BackgroundDownloader.exe:*:Enabled:Blizzard Downloader"
"D:\Programme\Sierra\Homeworld2\Bin\Release\Homeworld2.exe"="D:\Programme\Sierra\Homeworld2\Bin\Release\Homeworld2.exe:*:Enabled:Homeworld2"
"C:\WINDOWS\system32\dpnsvr.exe"="C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8-Server"
"C:\Programme\IDA\idag.exe"="C:\Programme\IDA\idag.exe:*:Enabled:Interactive Disassembler (32-bit)"
"C:\Programme\IDA\idag64.exe"="C:\Programme\IDA\idag64.exe:*:Enabled:Interactive Disassembler (64-bit)"
"C:\Programme\Bonjour\mDNSResponder.exe"="C:\Programme\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"D:\Programme\iTunes\iTunes.exe"="D:\Programme\iTunes\iTunes.exe:*:Enabled:iTunes"
"D:\Programme\Valve\Steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe"="D:\Programme\Valve\Steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe:*:Enabled:Call of Duty: Modern Warfare 2"
"D:\Programme\Valve\Steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe"="D:\Programme\Valve\Steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe:*:Enabled:Call of Duty: Modern Warfare 2 - Multiplayer"
"H:\Torrents\Altium Designer Summer 09.exe"="H:\Torrents\Altium Designer Summer 09.exe:*:Enabled:Altium Designer Summer 09"
"C:\Programme\IVI\Drivers\niScope\NI-SCOPE Soft Front Panel.exe"="C:\Programme\IVI\Drivers\niScope\NI-SCOPE Soft Front Panel.exe:*:Enabled:NI-SCOPE Soft Front Panel"
"C:\Programme\Microsoft Games\Halo Trial\halo.exe"="C:\Programme\Microsoft Games\Halo Trial\halo.exe:*:Enabled:Halo"
"D:\Programme\Ubisoft\Related Designs\ANNO 1404\Anno4.exe"="D:\Programme\Ubisoft\Related Designs\ANNO 1404\Anno4.exe:*:Enabled:ANNO 1404"
"D:\Programme\Ubisoft\Related Designs\ANNO 1404\tools\Anno4Web.exe"="D:\Programme\Ubisoft\Related Designs\ANNO 1404\tools\Anno4Web.exe:*:Enabled:Anno 1404 Web"
"D:\Programme\Ubisoft\Related Designs\ANNO 1404\Addon.exe"="D:\Programme\Ubisoft\Related Designs\ANNO 1404\Addon.exe:*:Enabled:ANNO 1404 - Venedig"
"D:\Programme\Ubisoft\Related Designs\ANNO 1404\tools\AddonWeb.exe"="D:\Programme\Ubisoft\Related Designs\ANNO 1404\tools\AddonWeb.exe:*:Enabled:ANNO 1404 - Venedig Web"
"D:\Programme\Tunngle\TnglCtrl.exe"="D:\Programme\Tunngle\TnglCtrl.exe:*:Enabled:Tunngle Service"
"D:\Programme\Tunngle\Tunngle.exe"="D:\Programme\Tunngle\Tunngle.exe:*:Enabled:Tunngle Client"
"C:\Programme\Skype\Phone\Skype.exe"="C:\Programme\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Programme\Windows Live\Messenger\wlcsdk.exe"="C:\Programme\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Programme\Windows Live\Messenger\msnmsgr.exe"="C:\Programme\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5c2f71f3-acd9-11de-8ebe-0000cb61a39e}]
shell\AutoRun\command - GROMOVI///motoriii.exe
shell\open\command - GROMOVI///motoriii.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{dcf5ced9-39ae-11df-8feb-0000cb61a39e}]
shell\AutoRun\command - M:\wd_windows_tools\setup.exe


======File associations======

.js - edit - "D:\Programme\Macromedia\Dreamweaver 8\dreamweaver.exe" "%1"
.scr - open - "C:\WINDOWS\system32\NOTEPAD.EXE" "%1"
.scr - install - 
.scr - config - 

======List of files/folders created in the last 1 months======

2010-04-05 16:19:13 ----D---- C:\Programme\trend micro
2010-04-05 16:19:12 ----D---- C:\rsit
2010-04-05 15:27:06 ----D---- C:\mbr
2010-04-05 15:26:20 ----D---- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Malwarebytes
2010-04-05 15:26:04 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
2010-04-05 15:17:29 ----A---- C:\WINDOWS\system32\PxSecure.dll
2010-04-05 15:17:24 ----D---- C:\Programme\Prevx
2010-04-05 15:17:12 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PrevxCSI
2010-04-05 15:17:12 ----A---- C:\WINDOWS\wininit.ini
2010-04-01 23:30:18 ----D---- C:\VXIPnp
2010-03-30 17:57:33 ----D---- C:\Programme\LogMeIn Hamachi
2010-03-21 14:39:37 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Tunngle
2010-03-21 14:39:37 ----D---- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Tunngle
2010-03-19 01:01:01 ----D---- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Ubisoft
2010-03-19 00:59:01 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Solidshield
2010-03-11 16:06:47 ----HDC---- C:\WINDOWS\$NtUninstallKB975561$
2010-03-06 16:01:30 ----HDC---- C:\WINDOWS\$NtUninstallKB977165-v2$

======List of files/folders modified in the last 1 months======

2010-04-05 16:19:20 ----D---- C:\WINDOWS\Prefetch
2010-04-05 16:19:13 ----RD---- C:\Programme
2010-04-05 16:17:52 ----RSD---- C:\WINDOWS\Fonts
2010-04-05 16:17:52 ----D---- C:\WINDOWS\system32\drivers
2010-04-05 15:57:14 ----D---- C:\WINDOWS\temp
2010-04-05 15:57:14 ----D---- C:\WINDOWS\Minidump
2010-04-05 15:57:14 ----D---- C:\WINDOWS\Debug
2010-04-05 15:57:14 ----D---- C:\WINDOWS
2010-04-05 15:38:48 ----SD---- C:\WINDOWS\Tasks
2010-04-05 15:37:17 ----D---- C:\WINDOWS\system32\CatRoot2
2010-04-05 15:17:29 ----D---- C:\WINDOWS\system32
2010-04-05 02:07:35 ----N---- C:\WINDOWS\SchedLgU.Txt
2010-04-04 19:19:34 ----D---- C:\Programme\AntiVir PersonalEdition Classic
2010-04-04 19:19:32 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AntiVir PersonalEdition Classic
2010-04-03 02:57:51 ----D---- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Skype
2010-04-03 01:05:40 ----A---- C:\WINDOWS\system32\PnkBstrA.exe
2010-04-02 20:25:51 ----A---- C:\WINDOWS\win.ini
2010-04-02 16:09:29 ----D---- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\skypePM
2010-04-01 22:54:22 ----D---- C:\Config.Msi
2010-04-01 22:49:34 ----D---- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\uTorrent
2010-04-01 22:49:15 ----SHD---- C:\WINDOWS\Installer
2010-04-01 22:49:14 ----RSD---- C:\WINDOWS\assembly
2010-04-01 22:49:03 ----HD---- C:\WINDOWS\inf
2010-04-01 17:20:41 ----A---- C:\WINDOWS\NeroDigital.ini
2010-04-01 11:40:02 ----ASH---- C:\boot.ini
2010-04-01 11:40:02 ----A---- C:\WINDOWS\system.ini
2010-04-01 11:39:05 ----A---- C:\WINDOWS\pxisys.ini
2010-04-01 11:39:05 ----A---- C:\WINDOWS\pxiesys.ini
2010-03-31 22:38:06 ----D---- C:\Programme\Mozilla Firefox
2010-03-31 22:38:00 ----D---- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla
2010-03-31 15:21:26 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-03-31 15:21:25 ----D---- C:\Programme\Internet Explorer
2010-03-31 15:10:18 ----HD---- C:\WINDOWS\$hf_mig$
2010-03-30 21:15:59 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Skype
2010-03-29 22:32:29 ----HD---- C:\Programme\InstallShield Installation Information
2010-03-28 15:30:01 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-03-27 21:59:32 ----D---- C:\Programme\eMule
2010-03-18 23:43:19 ----D---- C:\WINDOWS\system32\DirectX
2010-03-16 22:21:44 ----D---- C:\Programme\Winamp
2010-03-15 21:08:27 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft Help
2010-03-11 16:06:49 ----D---- C:\Programme\Movie Maker

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AsIO;AsIO; C:\WINDOWS\system32\drivers\AsIO.sys [2005-12-22 5685]
R1 asuskbnt;Enhanced Display Driver Helper Service; C:\WINDOWS\system32\drivers\atkkbnt.sys [2005-10-18 11008]
R1 avgio;avgio; \??\C:\Programme\AntiVir PersonalEdition Classic\avgio.sys []
R1 intelppm;Intel-Prozessortreiber; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-11-11 40192]
R1 kbdhid;Tastatur-HID-Treiber; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-11-11 14848]
R1 LPT_Driver;LPT_Driver; \??\C:\WINDOWS\system32\Drivers\LPT_Driver.sys []
R1 NetworkX;NetworkX; C:\WINDOWS\system32\ckldrv.sys [2006-01-10 31846]
R1 SAVRKBootTasks;Boot Tasks Driver; \??\C:\WINDOWS\system32\SAVRKBootTasks.sys []
R1 vdrv8000;vdrv8000; C:\WINDOWS\system32\DRIVERS\vdrv8000.sys [2006-06-20 100352]
R2 adfs;adfs; C:\WINDOWS\system32\drivers\adfs.sys [2008-08-14 74720]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2010-03-18 281760]
R2 cvintdrv;cvintdrv; C:\WINDOWS\system32\drivers\cvintdrv.sys [2007-07-24 4096]
R2 EIO;EIO; \??\C:\WINDOWS\system32\drivers\EIO.sys []
R2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2006-04-22 8064]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2010-03-18 25888]
R2 nicanpk;nicanpk; C:\WINDOWS\system32\DRIVERS\nicanpkl.sys [2007-07-17 11336]
R2 nipxirmk;nipxirmk; \??\C:\WINDOWS\system32\drivers\nipxirmkl.sys []
R2 NiViPxiK;NI-VISA PXI Driver; C:\WINDOWS\System32\drivers\NiViPxiKl.sys [2008-01-10 11360]
R2 pxrts;pxrts; C:\WINDOWS\System32\drivers\pxrts.sys [2010-04-05 53088]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2006-05-02 229376]
R3 AEAudio;AE Audio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2006-04-27 93824]
R3 avgntflt;avgntflt; \??\C:\Programme\AntiVir PersonalEdition Classic\avgntflt.sys []
R3 ElbyDelay;ElbyDelay; C:\WINDOWS\System32\Drivers\ElbyDelay.sys [2005-04-12 4608]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-09-23 26176]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2004-10-27 138240]
R3 hidusb;Microsoft HID Class-Treiber; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 mouhid;Maus-HID-Treiber; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-11-11 12288]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-12-05 7435392]
R3 pxkbf;pxkbf; C:\WINDOWS\System32\drivers\pxkbf.sys [2010-04-05 24368]
R3 rtl8139;NT-Treiber für Realtek RTL8139(A/B/C)-basierten PCI-Fast Ethernet-Adapter; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2006-06-13 83840]
R3 SenFiltService;SenFilt Service; C:\WINDOWS\system32\drivers\Senfilt.sys [2006-03-17 392960]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\WINDOWS\system32\DRIVERS\tap0901t.sys [2009-09-16 27136]
R3 usbccgp;Microsoft Standard-USB-Haupttreiber; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-11-11 31616]
R3 usbehci;Miniporttreiber für erweiterten Microsoft USB 2.0-Hostcontroller; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-04 26624]
R3 usbhub;USB2-aktivierter Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-04 57600]
R3 usbuhci;Miniporttreiber für universellen Microsoft USB-Hostcontroller; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-04 20480]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\WINDOWS\system32\drivers\WmBEnum.sys [2007-09-13 19352]
R3 WmXlCore;Logitech Translation Layer Driver; C:\WINDOWS\system32\drivers\WmXlCore.sys [2007-09-13 51608]
S3 Bridge;MAC-Brücke; C:\WINDOWS\system32\DRIVERS\bridge.sys [2004-11-11 71552]
S3 BridgeMP;MAC-Brückenminiport; C:\WINDOWS\system32\DRIVERS\bridge.sys [2004-11-11 71552]
S3 BthEnum;Bluetooth-Anforderungsblocktreiber; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2004-08-04 17024]
S3 BTHMODEM;Serieller Kommunikationstreiber für Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2004-08-04 38016]
S3 BthPan;Bluetooth-Gerät (PAN); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2004-08-03 100992]
S3 BTHPORT;Bluetooth-Porttreiber; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 273024]
S3 BTHUSB;USB-Treiber für Bluetooth-Funkgerät; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2004-08-04 18944]
S3 catchme;catchme; \??\C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\catchme.sys []
S3 ggflt;SEMC USB Flash Driver Filter; C:\WINDOWS\system32\DRIVERS\ggflt.sys [2009-01-29 10976]
S3 ggsemc;SEMC USB Flash Driver; C:\WINDOWS\system32\DRIVERS\ggsemc.sys [2009-01-29 22368]
S3 HHCDHelp.sys;HHCDHelp.sys; \??\C:\WINDOWS\system32\drivers\HHCDHelp.sys []
S3 HidBth;Microsoft Bluetooth-HID-Miniport; C:\WINDOWS\system32\DRIVERS\hidbth.sys [2004-08-04 25856]
S3 k750bus;Sony Ericsson 750 driver (WDM); C:\WINDOWS\system32\DRIVERS\k750bus.sys [2005-07-07 55216]
S3 k750mdfl;Sony Ericsson 750 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\k750mdfl.sys [2005-07-07 6576]
S3 k750mdm;Sony Ericsson 750 USB WMC Modem Drivers; C:\WINDOWS\system32\DRIVERS\k750mdm.sys [2005-07-07 89872]
S3 k750mgmt;Sony Ericsson 750 USB WMC Device Management Drivers; C:\WINDOWS\system32\DRIVERS\k750mgmt.sys [2005-07-07 81728]
S3 k750obex;Sony Ericsson 750 USB WMC OBEX Interface Drivers; C:\WINDOWS\system32\DRIVERS\k750obex.sys [2005-07-07 79488]
S3 lvalarmk;lvalarmk; \??\C:\WINDOWS\system32\drivers\lvalarmk.sys []
S3 MEMSWEEP2;MEMSWEEP2; \??\C:\WINDOWS\system32\E72.tmp []
S3 ni1006k;NI PXI-1006 Chassis Pilot; \??\C:\WINDOWS\system32\drivers\ni1006k.sys []
S3 ni1045k;NI PXI-1045 Chassis Pilot; \??\C:\WINDOWS\system32\drivers\ni1045kl.sys []
S3 ni1065k;NI PXIe-1065 Chassis Pilot; \??\C:\WINDOWS\system32\drivers\ni1065k.sys []
S3 ni488lock;NI-488.2 Locking Service; \??\C:\WINDOWS\system32\drivers\ni488lock.sys []
S3 nicdrk;nicdrk; \??\C:\WINDOWS\system32\drivers\nicdrkl.sys []
S3 nidimk;nidimk; \??\C:\WINDOWS\system32\drivers\nidimkl.sys []
S3 nidmxfk;nidmxfk; \??\C:\WINDOWS\system32\drivers\nidmxfkl.sys []
S3 nidsark;nidsark; \??\C:\WINDOWS\system32\drivers\nidsarkl.sys []
S3 niemrk;niemrk; \??\C:\WINDOWS\system32\drivers\niemrkl.sys []
S3 niesrk;niesrk; \??\C:\WINDOWS\system32\drivers\niesrkl.sys []
S3 nifslk;nifslk; \??\C:\WINDOWS\system32\drivers\nifslkl.sys []
S3 niimaqk;NI-IMAQ Driver; C:\WINDOWS\system32\drivers\niimaqk.sys []
S3 nimcdfxk;nimcdfxk; \??\C:\WINDOWS\system32\drivers\nimcdfxkl.sys []
S3 nimdbgk;nimdbgk; \??\C:\WINDOWS\system32\drivers\nimdbgkl.sys []
S3 nimru2k;nimru2k; \??\C:\WINDOWS\system32\drivers\nimru2kl.sys []
S3 nimsdrk;nimsdrk; \??\C:\WINDOWS\system32\drivers\nimsdrkl.sys []
S3 nimslk;nimslk; \??\C:\WINDOWS\system32\drivers\nimslk.dll []
S3 nimsrlk;nimsrlk; \??\C:\WINDOWS\system32\drivers\nimsrlk.dll []
S3 nimstsk;nimstsk; \??\C:\WINDOWS\system32\drivers\nimstskl.sys []
S3 nimxdfk;nimxdfk; \??\C:\WINDOWS\system32\drivers\nimxdfkl.sys []
S3 nimxpk;nimxpk; \??\C:\WINDOWS\system32\drivers\nimxpkl.sys []
S3 ninshsdk;ninshsdk; \??\C:\WINDOWS\system32\drivers\ninshsdkl.sys []
S3 niorbk;niorbk; \??\C:\WINDOWS\system32\drivers\niorbkl.sys []
S3 nipalfwedl;nipalfwedl; C:\WINDOWS\System32\drivers\nipalfwedl.sys [2007-07-18 11904]
S3 nipalusbedl;nipalusbedl; C:\WINDOWS\System32\drivers\nipalusbedl.sys [2007-07-18 11896]
S3 nipxigpk;NI PXI Generic Chassis Pilot; \??\C:\WINDOWS\system32\drivers\nipxigpk.sys []
S3 niscdk;niscdk; \??\C:\WINDOWS\system32\drivers\niscdkl.sys []
S3 nisdigk;nisdigk; \??\C:\WINDOWS\system32\drivers\nisdigkl.sys []
S3 nisftk;nisftk; \??\C:\WINDOWS\system32\drivers\nisftkl.sys []
S3 nispdk;nispdk; \??\C:\WINDOWS\system32\drivers\nispdkl.sys []
S3 nissrk;nissrk; \??\C:\WINDOWS\system32\drivers\nissrkl.sys []
S3 nistc2k;nistc2k; \??\C:\WINDOWS\system32\drivers\nistc2kl.sys []
S3 nistcrk;nistcrk; \??\C:\WINDOWS\system32\drivers\nistcrkl.sys []
S3 niswdk;niswdk; \??\C:\WINDOWS\system32\drivers\niswdkl.sys []
S3 nitiork;nitiork; \??\C:\WINDOWS\system32\drivers\nitiorkl.sys []
S3 NiViFWK;NI-VISA FireWire Driver; C:\WINDOWS\System32\drivers\NiViFWKl.sys [2007-07-19 11384]
S3 NiViPciK;NI-VISA PCI Driver; C:\WINDOWS\System32\drivers\NiViPciKl.sys [2008-01-10 11360]
S3 niwdk;niwdk; C:\WINDOWS\system32\drivers\niwdk.sys [2007-07-14 19456]
S3 niwfrk;niwfrk; \??\C:\WINDOWS\system32\drivers\niwfrkl.sys []
S3 nixsrk;nixsrk; \??\C:\WINDOWS\system32\drivers\nixsrkl.sys []
S3 nm;Netzwerkmonitortreiber; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2004-11-11 40320]
S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2005-08-02 32512]
S3 PnkBstrK;PnkBstrK; \??\C:\WINDOWS\system32\drivers\PnkBstrK.sys []
S3 RFCOMM;Bluetooth-Gerät (RFCOMM-Protokoll-TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2004-08-04 59648]
S3 SPCommand;SPCommand.sys; \??\C:\WINDOWS\system32\drivers\Plugin\i386\SPCommand.sys []
S3 usb6xxxk;usb6xxxk; \??\C:\WINDOWS\system32\drivers\usb6xxxkl.sys []
S3 usbprint;Microsoft USB-Druckerklasse; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-04 25856]
S3 usbscan;USB-Scannertreiber; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;USB-Massenspeichertreiber; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
S3 v800bus;Sony Ericsson V800-Vodafone 802SE driver (WDM); C:\WINDOWS\system32\DRIVERS\v800bus.sys [2004-08-09 52416]
S3 v800mdfl;Sony Ericsson V800-Vodafone 802SE USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\v800mdfl.sys [2004-08-09 6160]
S3 v800mdm;Sony Ericsson V800-Vodafone 802SE USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\v800mdm.sys [2004-08-09 84544]
S3 v800mgmt;Sony Ericsson V800-Vodafone 802SE USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\v800mgmt.sys [2004-08-09 77760]
S3 v800obex;Sony Ericsson V800-Vodafone 802SE USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\v800obex.sys [2004-08-09 75584]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WmFilter;Logitech Gaming HID Filter Driver; C:\WINDOWS\system32\drivers\WmFilter.sys [2007-09-13 29976]
S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\WINDOWS\system32\drivers\WmVirHid.sys [2007-09-13 14744]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirScheduler;AntiVir PersonalEdition Classic Planer; C:\Programme\AntiVir PersonalEdition Classic\sched.exe [2008-10-25 68865]
R2 AntiVirService;AntiVir PersonalEdition Classic Guard; C:\Programme\AntiVir PersonalEdition Classic\avguard.exe [2008-10-25 151297]
R2 Apple Mobile Device;Apple Mobile Device; C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672]
R2 ATKKeyboardService;ATK Keyboard Service; C:\WINDOWS\ATKKBService.exe [2005-10-18 241152]
R2 Autodesk Licensing Service;Autodesk Licensing Service; C:\Programme\Gemeinsame Dateien\Autodesk Shared\Service\AdskScSrv.exe [2008-12-02 79360]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2004-11-11 14336]
R2 CSIScanner;CSIScanner; C:\Programme\Prevx\prevx.exe [2010-04-05 6349008]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; C:\Programme\LogMeIn Hamachi\hamachi-2.exe [2010-03-30 1107336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Programme\Java\jre6\bin\jqs.exe [2010-02-20 153376]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Programme\Lavasoft\Ad-Aware\AAWService.exe [2010-03-30 1265264]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-12-05 155716]
R2 TunngleService;TunngleService; D:\Programme\Tunngle\TnglCtrl.exe [2010-03-20 704760]
R2 VC8SecS;Virtual CD v8 Management Service; D:\Programme\Virtual CD v8\System\VC8SecS.exe [2006-09-01 109688]
S2 LkCitadelServer;Lookout Citadel Server; C:\WINDOWS\system32\lkcitdl.exe [2007-03-21 695136]
S2 nimcdldu;NI-Motion Device Manager; C:\WINDOWS\system32\nipalsm.exe [2007-02-16 12696]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 iPod Service;iPod-Dienst; C:\Programme\iPod\bin\iPodService.exe [2010-01-22 545576]
S3 ose;Office Source Engine; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2004-11-11 14336]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-11-11 14336]
S4 Bonjour Service;Bonjour-Dienst; C:\Programme\Bonjour\mDNSResponder.exe [2008-12-12 238888]
S4 Crypkey License;Crypkey License; crypserv.exe []
S4 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-07-14 655624]
S4 gusvc;Google Software Updater; C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-11-01 182768]
S4 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S4 LecTouchScreenCtrl;LeCroy Touch Screen Controller; C:\Programme\LeCroy\XStream\LecTouchScreenCtrl.exe [2009-06-02 78336]
S4 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe [2005-09-22 53248]
S4 lkClassAds;National Instruments PSP Server Locator; C:\WINDOWS\system32\lkads.exe [2007-07-16 40488]
S4 lkTimeSync;National Instruments Time Synchronization; C:\WINDOWS\system32\lktsrv.exe [2007-07-16 50736]
S4 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Programme\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S4 mi-raysat_3dsMax2009_32;mental ray 3.6 Satellite for Autodesk 3ds Max 2009 32-bit 32-bit; D:\Programme\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe [2008-03-10 65536]
S4 mi-raysat_3dsmax9_32;mental ray 3.5 Satellite (32-bit); D:\Programme\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe [2006-09-29 65536]
S4 mxssvr;NI Configuration Manager; H:\Programme\National Instruments\MAX\nimxs.exe [2007-03-08 12696]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 ni488enumsvc;NI-488.2 Enumeration Service; C:\WINDOWS\system32\nipalsm.exe [2007-02-16 12696]
S4 nidevldu;NI Device Loader; C:\WINDOWS\system32\nipalsm.exe [2007-02-16 12696]
S4 NIDomainService;National Instruments Domain Service; D:\Programme\National Instruments\Shared\Security\nidmsrv.exe [2007-07-16 213040]
S4 NILM License Manager;NILM License Manager; D:\Programme\National Instruments\Shared\License Manager\Bin\lmgrd.exe [2007-01-29 1007616]
S4 nipxirmu;NI PXI Resource Manager; C:\WINDOWS\system32\nipalsm.exe [2007-02-16 12696]
S4 niSvcLoc;NI Service Locator; C:\WINDOWS\system32\nisvcloc.exe [2007-07-19 48704]
S4 NITaggerService;National Instruments Variable Engine; D:\Programme\National Instruments\Shared\Tagger\tagsrv.exe [2007-07-23 609384]
S4 odserv;Microsoft Office Diagnostics Service; C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S4 OpcEnum;OpcEnum; C:\WINDOWS\system32\OpcEnum.exe [2007-05-09 98304]
S4 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2010-04-03 66872]
S4 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2009-08-18 202040]
S4 PortmapSvc;PortmapSvc; C:\Programme\LeCroy\XStream\ONCRPC\portmap.exe [2009-05-25 13312]
S4 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Programme\WinPcap\rpcapd.exe [2005-08-02 86016]
S4 WMPNetworkSvc;Windows Media Player-Netzwerkfreigabedienst; C:\Programme\Windows Media Player\WMPNetwk.exe [2006-10-24 920576]

-----------------EOF-----------------
RSIT Info im nächsten Post

Also ich nehme mal an das was GMER geliefert hat ist am aussagekräftigsten?
Weiter weiß ich allerdings auch nicht..
Combo Fix hab ich noch nicht laufen lassen

Hoffe jemand weiß hier rat
Danke jedenfalls schonmal

MfG
SteelWolf

 

Themen zu Malware verschickt Spam an komplettes Email-kontakte Kontingent
32-bit, 64-bit, ad-aware, addon.exe, antivir, avgntflt.sys, avira, bho, bonjour, browser, call of duty, citadel, computer, counter-strike source, desktop, device driver, diagnostics, excel, fontcache, geliefert, gmx.net, google, hijack, hijackthis, hkus\s-1-5-18, internet, internet explorer, jusched.exe, launch, logfile, malware, malwarebytes' anti-malware, mozilla, national, nodrives, notepad.exe, object, plug-in, realtek, registry, scan, senden, sierra, skype.exe, software, system, windows xp


« Total PC Defender 2010 Maleware - System wieder sauber? | TR/DLdr.Agent.cgzd - Bitte um Hijack.this Auswertung »


Ähnliche Themen: Malware verschickt Spam an komplettes Email-kontakte Kontingent


  1. web.de Spam Email an alle Kontakte
    Plagegeister aller Art und deren Bekämpfung - 30.09.2015 (9)
  2. AOL Email gehackt, geklaut? Spam an Kontakte verschickt!
    Überwachung, Datenschutz und Spam - 12.09.2014 (1)
  3. Private E-Mail Adresse verschickt ungewollt SPAM an Kontakte
    Plagegeister aller Art und deren Bekämpfung - 01.08.2014 (8)
  4. Anknüpfung Sassi1988 - Yahoo Mail verschickt Spam Mails an Kontakte
    Plagegeister aller Art und deren Bekämpfung - 17.06.2014 (3)
  5. Hotmail-Account verschickt Spam an alle Kontakte
    Plagegeister aller Art und deren Bekämpfung - 08.06.2014 (7)
  6. Mein yahoo email-account verschickt SPAM an meine Kontakte
    Plagegeister aller Art und deren Bekämpfung - 08.06.2014 (9)
  7. AOL Email-Konto verschichickt Spam-Mails (auch an FB Kontakte)
    Plagegeister aller Art und deren Bekämpfung - 10.05.2013 (3)
  8. Hotmail-Account verschickt eigenständig Spam-Mails an Kontakte
    Log-Analyse und Auswertung - 29.04.2013 (13)
  9. Email-Account verschickt selbstständig emails an Kontakte
    Log-Analyse und Auswertung - 31.03.2013 (2)
  10. Yahoo Mail Acc verschickt Spam Mails an persönliche Kontakte
    Plagegeister aller Art und deren Bekämpfung - 20.08.2012 (37)
  11. Mein yahoo mail account verschickt spam emails an alle Kontakte
    Plagegeister aller Art und deren Bekämpfung - 08.06.2012 (1)
  12. AOL-Account verschickt Spam an alle Kontakte
    Plagegeister aller Art und deren Bekämpfung - 24.03.2012 (1)
  13. EMAIL versendet SPAM an Kontakte
    Plagegeister aller Art und deren Bekämpfung - 15.03.2012 (3)
  14. Hotmail verschickt Email's automatisch an alle Kontakte, auch wenn der Pc aus ist!
    Plagegeister aller Art und deren Bekämpfung - 20.10.2011 (23)
  15. MSN Hotmail verschickt Spam an Kontakte
    Plagegeister aller Art und deren Bekämpfung - 07.05.2011 (18)
  16. Über meine email-Adresse wurde Spam an Kontakte versendet! Malware gefunden!
    Log-Analyse und Auswertung - 16.11.2010 (12)
  17. MSN e-mail konto verschickt eigenständig spam mails an kontakte.. WORM/kido.XI gefunden
    Plagegeister aller Art und deren Bekämpfung - 18.06.2010 (2)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Malware verschickt Spam an komplettes Email-kontakte Kontingent - Durch google bin ich auf folgenden Thread gestoßen: http://www.trojaner-board.de/81680-e...m-mails-3.html Bezugnehmend zu diesem habe ich nun ebenfalls einige der Tools benutzt inklusive der CCleaner,AntiMalware und RSIT routine zuerst einmal aber das - Malware verschickt Spam an komplettes Email-kontakte Kontingent...
Archiv
Du betrachtest: Malware verschickt Spam an komplettes Email-kontakte Kontingent auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19