Probleme mit Internetseiten aufrufen.

amina · 09.04.2010, 22:41

Hallo Zusammen ! Habe folgendes Problem: Wenn ich eine Seite in der Adresszeile eingeben und sie aufrufen will,dann kommt anstatt meine gewünschte eine andere,meist mit Werbung...Bei der viele Seiten eben ist mir das auch passiert:

P.S: Gestern ging noch alles wunderbar !

Hier mein HijackThis und RSIT LOG:

Hijackthis:

Code:

ATTFilter

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:39:50, on 09.04.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Gemeinsame Dateien\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Programme\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Avira\AntiVir Desktop\avgnt.exe
C:\Programme\Ad Muncher\AdMunch.exe
C:\Programme\Microsoft Xbox 360 Accessories\XboxStat.exe
C:\Programme\a-squared Free\a2service.exe
C:\Programme\Acunetix\Web Vulnerability Scanner 5\WVSScheduler.exe
C:\Programme\Avira\AntiVir Desktop\avguard.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\Programme\Java\jre6\bin\jqs.exe
C:\Programme\Gemeinsame Dateien\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\Programme\Gemeinsame Dateien\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Opera\Opera.exe
C:\Programme\Trend Micro\HijackThis\HijackThis.exe
C:\Programme\WinRAR\WinRAR.exe
C:\Programme\UnHackMe\hackmon.exe
C:\PROGRA~1\POCOMA~1\Poco.exe
C:\WINDOWS\system32\NOTEPAD.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot
O4 - HKLM\..\Run: [avgnt] "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Ad Muncher] "C:\Programme\Ad Muncher\AdMunch.exe" /bt
O4 - HKLM\..\Run: [XboxStat] "C:\Programme\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
O4 - HKCU\..\Run: [UnHackMe Monitor] C:\Programme\UnHackMe\hackmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Block frame with Ad Muncher - hxxp://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=0.4&pass=K5PN70AI&id=menu_ie_frame
O8 - Extra context menu item: Block image with Ad Muncher - hxxp://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=0.4&pass=K5PN70AI&id=menu_ie_image
O8 - Extra context menu item: Block link with Ad Muncher - hxxp://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=0.4&pass=K5PN70AI&id=menu_ie_link
O8 - Extra context menu item: Don't filter page with Ad Muncher - hxxp://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=0.4&pass=K5PN70AI&id=menu_ie_exclude
O8 - Extra context menu item: Download Video on This Page - res://C:\Programme\Tomato\TubeDownload\MDIEEx.dll/211
O8 - Extra context menu item: Download Video This Links To - res://C:\Programme\Tomato\TubeDownload\MDIEEx.dll/212
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Report page to the Ad Muncher developers - hxxp://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=0.4&pass=K5PN70AI&id=menu_ie_report
O9 - Extra button: Download Video - {45B79C91-E9B5-4551-8C43-03EF82B4BC63} - res://C:\Programme\Tomato\TubeDownload\MDIEEx.dll/211 (file missing)
O9 - Extra 'Tools' menuitem: Download Video on This Page - {45B79C91-E9B5-4551-8C43-03EF82B4BC63} - res://C:\Programme\Tomato\TubeDownload\MDIEEx.dll/211 (file missing)
O9 - Extra button: Run YoukuDownloader - {612F6E5C-B314-4bab-93D1-D266AAFBE700} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Youku Downloader - {612F6E5C-B314-4bab-93D1-D266AAFBE700} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O16 - DPF: {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} (Dldrv2 Control) - hxxp://download.gigabyte.com.tw/object/Dldrv.ocx
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Programme\a-squared Free\a2service.exe
O23 - Service: Acunetix WVS Scheduler v5 (AcuWVSSchedulerv5) - Acunetix Ltd. - C:\Programme\Acunetix\Web Vulnerability Scanner 5\WVSScheduler.exe
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Programme\Gemeinsame Dateien\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Programme\Gemeinsame Dateien\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Programme\Gemeinsame Dateien\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programme\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 7172 bytes

RSIT LOG:

Code:

ATTFilter

Logfile of random's system information tool 1.06 (written by random/random)
Run by Goldberg at 2010-04-09 23:39:20
Microsoft Windows XP Professional Service Pack 3
System drive C: has 192 GB (81%) free of 238 GB
Total RAM: 2046 MB (74% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:39:24, on 09.04.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Gemeinsame Dateien\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Programme\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Avira\AntiVir Desktop\avgnt.exe
C:\Programme\Ad Muncher\AdMunch.exe
C:\Programme\Microsoft Xbox 360 Accessories\XboxStat.exe
C:\Programme\a-squared Free\a2service.exe
C:\Programme\Acunetix\Web Vulnerability Scanner 5\WVSScheduler.exe
C:\Programme\Avira\AntiVir Desktop\avguard.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\Programme\Java\jre6\bin\jqs.exe
C:\Programme\Gemeinsame Dateien\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\Programme\Gemeinsame Dateien\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Opera\Opera.exe
C:\Programme\Trend Micro\HijackThis\HijackThis.exe
C:\Programme\WinRAR\WinRAR.exe
C:\Programme\UnHackMe\hackmon.exe
C:\PROGRA~1\POCOMA~1\Poco.exe
C:\Dokumente und Einstellungen\Goldberg\Eigene Dateien\RSIT.exe
C:\Programme\Trend Micro\HijackThis\Goldberg.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot
O4 - HKLM\..\Run: [avgnt] "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Ad Muncher] "C:\Programme\Ad Muncher\AdMunch.exe" /bt
O4 - HKLM\..\Run: [XboxStat] "C:\Programme\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
O4 - HKCU\..\Run: [UnHackMe Monitor] C:\Programme\UnHackMe\hackmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Block frame with Ad Muncher - hxxp://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=0.4&pass=K5PN70AI&id=menu_ie_frame
O8 - Extra context menu item: Block image with Ad Muncher - hxxp://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=0.4&pass=K5PN70AI&id=menu_ie_image
O8 - Extra context menu item: Block link with Ad Muncher - hxxp://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=0.4&pass=K5PN70AI&id=menu_ie_link
O8 - Extra context menu item: Don't filter page with Ad Muncher - hxxp://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=0.4&pass=K5PN70AI&id=menu_ie_exclude
O8 - Extra context menu item: Download Video on This Page - res://C:\Programme\Tomato\TubeDownload\MDIEEx.dll/211
O8 - Extra context menu item: Download Video This Links To - res://C:\Programme\Tomato\TubeDownload\MDIEEx.dll/212
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Report page to the Ad Muncher developers - hxxp://www.admuncher.com/request_will_be_intercepted_by/Ad_Muncher/browserextensions.pl?exbrowser=ie&exversion=0.4&pass=K5PN70AI&id=menu_ie_report
O9 - Extra button: Download Video - {45B79C91-E9B5-4551-8C43-03EF82B4BC63} - res://C:\Programme\Tomato\TubeDownload\MDIEEx.dll/211 (file missing)
O9 - Extra 'Tools' menuitem: Download Video on This Page - {45B79C91-E9B5-4551-8C43-03EF82B4BC63} - res://C:\Programme\Tomato\TubeDownload\MDIEEx.dll/211 (file missing)
O9 - Extra button: Run YoukuDownloader - {612F6E5C-B314-4bab-93D1-D266AAFBE700} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Youku Downloader - {612F6E5C-B314-4bab-93D1-D266AAFBE700} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O16 - DPF: {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} (Dldrv2 Control) - hxxp://download.gigabyte.com.tw/object/Dldrv.ocx
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Programme\a-squared Free\a2service.exe
O23 - Service: Acunetix WVS Scheduler v5 (AcuWVSSchedulerv5) - Acunetix Ltd. - C:\Programme\Acunetix\Web Vulnerability Scanner 5\WVSScheduler.exe
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Programme\Gemeinsame Dateien\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Programme\Gemeinsame Dateien\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Programme\Gemeinsame Dateien\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programme\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 7254 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 1100 series#1264179519.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Anmelde-Hilfsprogramm - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Programme\Java\jre6\bin\jp2ssv.dll [2010-01-04 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-01-04 73728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"=C:\WINDOWS\RaidTool\xInsIDE.exe [2007-03-20 36864]
"36X Raid Configurer"=C:\WINDOWS\system32\xRaidSetup.exe [2007-05-25 1953792]
"avgnt"=C:\Programme\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"Ad Muncher"=C:\Programme\Ad Muncher\AdMunch.exe [2007-11-03 779776]
"XboxStat"=C:\Programme\Microsoft Xbox 360 Accessories\XboxStat.exe [2007-09-27 734264]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"UnHackMe Monitor"=C:\Programme\UnHackMe\hackmon.exe [2008-12-22 231648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe [2009-12-12 948672]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
C:\WINDOWS\ALCMTR.EXE [2010-02-08 64032]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcWzrd]
C:\WINDOWS\ALCWZRD.EXE [2010-02-08 2815520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoStartNPSAgent]
C:\Programme\Samsung\Samsung New PC Studio\NPSAgent.exe [2009-04-02 102400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe [2010-03-08 24064]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechCommunicationsManager]
C:\Programme\Gemeinsame Dateien\LogiShrd\LComMgr\Communications_Helper.exe [2007-10-25 563984]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]
C:\Programme\Logitech\QuickCam\Quickcam.exe [2007-10-25 2178832]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MMAgent]
C:\Programme\Mobile Master\MMAgent.exe [2010-01-18 1371584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
C:\Programme\Windows Live\Messenger\MsnMsgr.Exe [2010-01-04 3883840]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NPSStartup]
 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
C:\WINDOWS\RTHDCPL.EXE [2010-02-08 18790432]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-02-03 98304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Programme\Java\jre6\bin\jusched.exe [2010-01-04 149280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe [2010-01-04 198160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^hp psc 1000 series.lnk]
C:\PROGRA~1\HEWLET~1\DIGITA~1\bin\hpohmr08.exe [2003-04-09 147456]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^hpoddt01.exe.lnk]
C:\PROGRA~1\HEWLET~1\DIGITA~1\bin\hpotdd01.exe [2003-04-09 28672]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^LNSS Status Monitor.lnk]
 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Microsoft Office.lnk]
C:\PROGRA~1\MICROS~3\Office10\OSA.EXE [2001-02-13 83360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^Goldberg^Startmenü^Programme^Autostart^FIFA 10-Registrierung.lnk]
 []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2010-02-03 159744]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutorun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Programme\Opera\opera.exe"="C:\Programme\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Programme\Windows Live\Messenger\wlcsdk.exe"="C:\Programme\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Programme\Windows Live\Messenger\msnmsgr.exe"="C:\Programme\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Programme\uTorrent\uTorrent.exe"="C:\Programme\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Dokumente und Einstellungen\Goldberg\Eigene Dateien\eMule-0.49c-Xtreme-7.2-bin\emule.exe"="C:\Dokumente und Einstellungen\Goldberg\Eigene Dateien\eMule-0.49c-Xtreme-7.2-bin\emule.exe:*:Enabled:emule"
"D:\fsetup.exe"="D:\fsetup.exe:*:Enabled:AVM FSetup Application"
"C:\Programme\Tirminal\Tirminal_Service_Process.exe"="C:\Programme\Tirminal\Tirminal_Service_Process.exe:*:Enabled:Tirminal Service Process"
"C:\Programme\CCFile\ccfile.exe"="C:\Programme\CCFile\ccfile.exe:*:Enabled:CCFile"
"C:\Programme\GigaTribe\gigatribe.exe"="C:\Programme\GigaTribe\gigatribe.exe:*:Enabled:GigaTribe"
"C:\WINDOWS\system32\ftp.exe"="C:\WINDOWS\system32\ftp.exe:*:Enabled:File Transfer Protocol"
"C:\Programme\BearShare Applications\BearShare\BearShare.exe"="C:\Programme\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare"
"C:\Programme\Java\jre6\bin\javaw.exe"="C:\Programme\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Programme\KONAMI\Pro Evolution Soccer 2010\pes2010.exe"="C:\Programme\KONAMI\Pro Evolution Soccer 2010\pes2010.exe:*:Enabled:Pro Evolution Soccer 2010"
"C:\Programme\Cyanide\Winter Challenge\WinterApp.exe"="C:\Programme\Cyanide\Winter Challenge\WinterApp.exe:*:Enabled:WinterChallenge"
"C:\Programme\Cyanide\GameCenter\GameCenter.exe"="C:\Programme\Cyanide\GameCenter\GameCenter.exe:*:Enabled:GameCenter"
"C:\Programme\Samsung\Samsung New PC Studio\npsasvr.exe"="C:\Programme\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server"
"C:\Programme\Samsung\Samsung New PC Studio\npsvsvr.exe"="C:\Programme\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server"
"C:\Programme\Lphant Applications\Lphant\Lphant.exe"="C:\Programme\Lphant Applications\Lphant\Lphant.exe:*:Enabled:Lphant"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Programme\Windows Live\Messenger\wlcsdk.exe"="C:\Programme\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Programme\Windows Live\Messenger\msnmsgr.exe"="C:\Programme\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

======File associations======

.inf - open - 
.inf - install - 

======List of files/folders created in the last 1 months======

2020-05-29 18:20:40 ----D---- C:\WINDOWS\Time Stopper
2020-05-29 18:12:15 ----D---- C:\daykill
2020-05-29 18:11:27 ----A---- C:\WINDOWS\DateWiz.ini
2020-05-29 18:11:26 ----D---- C:\Programme\AmoK
2010-04-09 23:29:16 ----A---- C:\WINDOWS\system32\Partizan.exe
2010-04-09 23:29:10 ----RASHOT---- C:\WINDOWS\winstart.bat
2010-04-09 23:28:59 ----D---- C:\Programme\UnHackMe
2010-04-09 23:26:18 ----A---- C:\WINDOWS\system32\tmp.txt
2010-04-09 23:26:15 ----A---- C:\rapport.txt
2010-04-09 23:16:55 ----SD---- C:\ComboFix
2010-04-09 23:02:36 ----RASHD---- C:\cmdcons
2010-04-09 23:01:47 ----A---- C:\WINDOWS\zip.exe
2010-04-09 23:01:47 ----A---- C:\WINDOWS\SWXCACLS.exe
2010-04-09 23:01:47 ----A---- C:\WINDOWS\SWSC.exe
2010-04-09 23:01:47 ----A---- C:\WINDOWS\SWREG.exe
2010-04-09 23:01:47 ----A---- C:\WINDOWS\sed.exe
2010-04-09 23:01:47 ----A---- C:\WINDOWS\PEV.exe
2010-04-09 23:01:47 ----A---- C:\WINDOWS\NIRCMD.exe
2010-04-09 23:01:47 ----A---- C:\WINDOWS\MBR.exe
2010-04-09 23:01:47 ----A---- C:\WINDOWS\grep.exe
2010-04-09 23:01:38 ----D---- C:\WINDOWS\ERDNT
2010-04-09 23:01:09 ----D---- C:\Qoobox
2010-04-09 18:37:31 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Software4u
2010-04-09 18:37:23 ----D---- C:\Dokumente und Einstellungen\Goldberg\Anwendungsdaten\Software4u
2010-04-09 18:37:05 ----D---- C:\Programme\Software4u
2010-04-09 18:31:50 ----D---- C:\rsit
2010-04-09 18:13:10 ----D---- C:\Programme\Malwarebytes' Anti-Malware
2010-04-09 17:29:46 ----HDC---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
2010-04-09 17:29:34 ----D---- C:\Programme\Lavasoft
2010-04-09 17:29:34 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Lavasoft
2010-04-09 17:26:37 ----D---- C:\Programme\Trojancheck 6
2010-04-09 14:29:05 ----D---- C:\Programme\a-squared Free
2010-04-09 12:34:59 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SUPERAntiSpyware.com
2010-04-09 12:34:47 ----D---- C:\Programme\SUPERAntiSpyware
2010-04-09 12:34:47 ----D---- C:\Dokumente und Einstellungen\Goldberg\Anwendungsdaten\SUPERAntiSpyware.com
2010-04-09 12:25:18 ----D---- C:\Programme\Spybot - Search & Destroy
2010-04-09 12:25:18 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy
2010-04-09 12:09:46 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\XoftSpySE
2010-04-09 12:09:43 ----D---- C:\Programme\XoftSpySE6
2010-04-09 11:14:43 ----D---- C:\Dokumente und Einstellungen\Goldberg\Anwendungsdaten\Malwarebytes
2010-04-09 11:14:34 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
2010-04-09 10:56:47 ----D---- C:\Programme\Trend Micro
2010-04-08 19:58:41 ----D---- C:\WINDOWS\system32\Adobe
2010-04-08 19:58:34 ----D---- C:\WINDOWS\system32\wdfs20093d
2010-04-08 19:58:29 ----A---- C:\WINDOWS\system32\unicows.dll
2010-04-08 19:58:29 ----A---- C:\WINDOWS\system32\Control.dll
2010-04-08 19:28:09 ----D---- C:\Programme\fahrschule-weichert.de
2010-04-08 19:24:03 ----A---- C:\WINDOWS\system32\FluidKit_nat.dll
2010-04-08 19:22:00 ----A---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft.SqlServer.Compact.351.32.bc
2010-04-08 19:21:57 ----A---- C:\WINDOWS\system32\ShowroomFramework_nat.dll
2010-04-08 19:21:57 ----A---- C:\WINDOWS\system32\ShowroomControls_nat.dll
2010-04-08 19:21:55 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\IsolatedStorage
2010-04-08 11:25:44 ----D---- C:\Programme\Acoustica Shared Effects
2010-04-07 23:37:04 ----D---- C:\Programme\Astroconnect
2010-04-07 23:37:04 ----D---- C:\Dokumente und Einstellungen\Goldberg\Anwendungsdaten\Astroconnect
2010-04-07 22:20:53 ----A---- C:\WINDOWS\Apollon.INI
2010-04-07 22:20:34 ----A---- C:\WINDOWS\SNKSYDRW.DLL
2010-04-07 22:19:56 ----D---- C:\APOLLON
2010-04-07 21:38:01 ----D---- C:\Programme\Your Company Name
2010-04-07 21:38:01 ----D---- C:\Programme\Galiastro Light
2010-04-07 21:10:04 ----D---- C:\StaRoWiLi
2010-04-06 23:43:59 ----D---- C:\WINDOWS\Minidump
2010-04-06 20:12:58 ----A---- C:\WINDOWS\system32\CmdLineExt03.dll
2010-04-05 19:04:58 ----D---- C:\Programme\Microids
2010-04-05 17:37:14 ----D---- C:\Dokumente und Einstellungen\Goldberg\Anwendungsdaten\Paludour
2010-04-05 14:47:28 ----D---- C:\Programme\CombiTech
2010-04-05 13:12:22 ----D---- C:\Programme\Chiron
2010-04-05 10:15:31 ----D---- C:\Programme\Astro22 V75
2010-04-04 21:57:36 ----A---- C:\WINDOWS\system32\vorbisenc.dll
2010-04-04 21:57:36 ----A---- C:\WINDOWS\system32\vorbis.dll
2010-04-04 21:57:36 ----A---- C:\WINDOWS\system32\OggDS.dll
2010-04-04 21:57:36 ----A---- C:\WINDOWS\system32\ogg.dll
2010-04-04 18:05:44 ----D---- C:\Dokumente und Einstellungen\Goldberg\Anwendungsdaten\UseNeXT
2010-04-04 18:05:42 ----D---- C:\Programme\UseNeXT
2010-04-04 16:54:57 ----D---- C:\Dokumente und Einstellungen\Goldberg\Anwendungsdaten\N-Stalker
2010-04-04 15:16:44 ----A---- C:\WINDOWS\pro.INI
2010-04-04 13:03:43 ----A---- C:\WINDOWS\SUN2SOLA.EXE
2010-04-04 11:00:43 ----D---- C:\Programme\Safer Networking
2010-04-03 17:06:09 ----D---- C:\Programme\Teleport Pro
2010-04-03 16:32:56 ----A---- C:\WINDOWS\system32\midas.dll
2010-04-03 12:55:47 ----D---- C:\Programme\Pythagoras
2010-04-03 12:30:14 ----D---- C:\Decoz
2010-04-03 09:07:19 ----D---- C:\SOLANOVA
2010-04-02 21:10:35 ----D---- C:\Programme\Tronics
2010-04-02 14:05:18 ----D---- C:\Programme\Lenormand
2010-04-01 23:32:56 ----D---- C:\Programme\Shareaza
2010-04-01 18:23:36 ----A---- C:\Dokumente und Einstellungen\Goldberg\Anwendungsdaten\bf.exe
2010-03-31 21:08:31 ----D---- C:\Programme\Gemini Puzzles
2010-03-31 20:52:09 ----D---- C:\Programme\TAROTPRO992
2010-03-31 19:23:24 ----D---- C:\TAROT
2010-03-28 20:23:26 ----D---- C:\Programme\PKS-Soft
2010-03-28 19:11:23 ----D---- C:\Programme\Numeroskop
2010-03-28 13:35:01 ----D---- C:\Programme\numeyoga
2010-03-28 12:40:22 ----D---- C:\Programme\SYBEX
2010-03-27 23:25:59 ----D---- C:\Programme\directx
2010-03-27 12:35:39 ----D---- C:\CC-TAROT
2010-03-27 12:08:15 ----D---- C:\AVP-DEMO
2010-03-26 23:59:43 ----D---- C:\Programme\CC-Tarot für Windows
2010-03-26 23:40:03 ----D---- C:\Programme\Atari
2010-03-26 22:35:04 ----D---- C:\Programme\Red Mile Entertainment
2010-03-26 17:30:14 ----AC---- C:\WINDOWS\system32\DBCLIENT.DLL
2010-03-26 17:30:13 ----D---- C:\Programme\Gemeinsame Dateien\Borland Shared
2010-03-26 17:30:02 ----D---- C:\Programme\PC-BIO32
2010-03-26 10:58:49 ----D---- C:\Programme\Duden
2010-03-26 00:02:59 ----D---- C:\Programme\CTM
2010-03-25 22:51:40 ----D---- C:\Delemme
2010-03-25 15:42:46 ----D---- C:\universa
2010-03-25 15:34:02 ----D---- C:\WINDOWS\Crystal
2010-03-25 15:08:02 ----D---- C:\ORAKEL
2010-03-24 13:56:57 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Codemasters
2010-03-24 13:56:19 ----D---- C:\Programme\OpenAL
2010-03-24 13:56:19 ----AC---- C:\WINDOWS\system32\wrap_oal.dll
2010-03-24 13:56:18 ----RAC---- C:\WINDOWS\system32\tmpC4.tmp
2010-03-24 13:56:18 ----RAC---- C:\WINDOWS\system32\tmpC3.tmp
2010-03-24 13:56:18 ----AC---- C:\WINDOWS\system32\OpenAL32.dll
2010-03-23 23:04:24 ----D---- C:\Programme\EA SPORTS
2010-03-23 21:31:06 ----D---- C:\Programme\Omen
2010-03-23 10:54:08 ----D---- C:\My Web Sites
2010-03-23 00:50:11 ----A---- C:\Iea-Horoskop.txt
2010-03-22 13:16:09 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\IProt
2010-03-22 11:53:52 ----D---- C:\Programme\Portrait Professional 9
2010-03-21 20:05:02 ----D---- C:\Programme\Numex3
2010-03-21 18:50:30 ----D---- C:\Programme\Kabbala
2010-03-21 17:37:20 ----D---- C:\WINDOWS\system32\Hermetika Soft
2010-03-21 17:37:20 ----D---- C:\Programme\Hermetika Soft
2010-03-20 20:14:57 ----AC---- C:\WINDOWS\system32\BASSMOD.dll
2010-03-20 15:20:18 ----D---- C:\Dokumente und Einstellungen\Goldberg\Anwendungsdaten\TT111
2010-03-19 21:48:43 ----AC---- C:\WINDOWS\system32\dxtmeta2.dll
2010-03-18 20:56:36 ----D---- C:\Dokumente und Einstellungen\Goldberg\Anwendungsdaten\Mobile Master
2010-03-18 20:56:19 ----D---- C:\Programme\Mobile Master
2010-03-18 20:56:19 ----D---- C:\Programme\Gemeinsame Dateien\Jumping Bytes
2010-03-18 20:56:07 ----D---- C:\Dokumente und Einstellungen\Goldberg\Anwendungsdaten\Jumping Bytes
2010-03-18 20:50:21 ----D---- C:\Dokumente und Einstellungen\Goldberg\Anwendungsdaten\PC Suite
2010-03-18 20:50:21 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Suite
2010-03-18 20:49:07 ----AC---- C:\WINDOWS\system32\nmwcdcls.dll
2010-03-18 20:48:43 ----D---- C:\WINDOWS\system32\Samsung_USB_Drivers
2010-03-18 20:48:42 ----D---- C:\Programme\DIFX
2010-03-18 20:48:39 ----AC---- C:\WINDOWS\system32\FsUsbExDevice.Dll
2010-03-18 20:48:39 ----A---- C:\WINDOWS\system32\FsUsbExService.Exe
2010-03-18 20:48:32 ----D---- C:\Dokumente und Einstellungen\Goldberg\Anwendungsdaten\Samsung
2010-03-18 20:48:16 ----D---- C:\Programme\MarkAny
2010-03-18 20:48:15 ----D---- C:\Programme\PC Connectivity Solution
2010-03-18 20:48:01 ----D---- C:\Programme\Samsung
2010-03-18 20:40:50 ----D---- C:\Dokumente und Einstellungen\Goldberg\Anwendungsdaten\MOBILedit
2010-03-18 20:38:49 ----D---- C:\Programme\MOBILedit!
2010-03-18 15:23:43 ----D---- C:\Games
2010-03-17 22:55:20 ----D---- C:\Programme\Software2000
2010-03-17 13:13:32 ----D---- C:\Dokumente und Einstellungen\Goldberg\Anwendungsdaten\SmartDraw
2010-03-17 11:48:15 ----D---- C:\Programme\Yves Pflieger
2010-03-17 11:20:57 ----D---- C:\numeyoga
2010-03-16 22:21:21 ----AC---- C:\WINDOWS\disney.ini
2010-03-15 19:46:36 ----D---- C:\Programme\Ski Jump International
2010-03-14 22:13:53 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Trymedia
2010-03-14 21:26:48 ----D---- C:\Programme\Electronic Arts
2010-03-14 16:13:59 ----D---- C:\Programme\UltraISO
2010-03-14 16:13:59 ----D---- C:\Programme\Gemeinsame Dateien\EZB Systems
2010-03-14 13:04:38 ----D---- C:\Programme\2K Sports
2010-03-14 11:52:02 ----D---- C:\Programme\GFI
2010-03-14 11:37:21 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Applications
2010-03-14 00:26:40 ----AC---- C:\WINDOWS\iun6002ev.exe
2010-03-13 23:37:58 ----D---- C:\Programme\Recuva
2010-03-13 18:47:33 ----D---- C:\Programme\FantasticTV
2010-03-13 18:09:49 ----D---- C:\Programme\Deluxe Ski Jump 3
2010-03-13 00:06:54 ----AC---- C:\WINDOWS\system32\psisdecd.dll
2010-03-13 00:06:50 ----AC---- C:\WINDOWS\system32\dxdllreg.exe
2010-03-11 20:52:52 ----D---- C:\Programme\Gemeinsame Dateien\DirectX
2010-03-11 19:24:31 ----D---- C:\Programme\JoWooD
2010-03-11 12:29:07 ----D---- C:\Programme\Infinity USB

======List of files/folders modified in the last 1 months======

2010-04-09 23:39:01 ----D---- C:\WINDOWS\Temp
2010-04-09 23:37:49 ----D---- C:\Programme\PocoMail3
2010-04-09 23:29:16 ----D---- C:\WINDOWS\system32\drivers
2010-04-09 23:29:16 ----D---- C:\WINDOWS\system32
2010-04-09 23:29:10 ----D---- C:\WINDOWS
2010-04-09 23:28:59 ----D---- C:\Programme
2010-04-09 23:18:20 ----D---- C:\WINDOWS\system32\CatRoot2
2010-04-09 23:14:51 ----D---- C:\WINDOWS\Prefetch
2010-04-09 23:13:24 ----D---- C:\WINDOWS\Registration
2010-04-09 23:12:09 ----N---- C:\WINDOWS\SchedLgU.Txt
2010-04-09 23:11:51 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-04-09 23:11:49 ----SHD---- C:\WINDOWS\Installer
2010-04-09 23:11:25 ----D---- C:\Programme\Mozilla Firefox
2010-04-09 23:05:49 ----D---- C:\WINDOWS\AppPatch
2010-04-09 23:05:47 ----D---- C:\Programme\Gemeinsame Dateien
2010-04-09 23:02:45 ----RASH---- C:\boot.ini
2010-04-09 18:50:31 ----SD---- C:\WINDOWS\Tasks
2010-04-09 18:49:12 ----D---- C:\WINDOWS\system32\CatRoot
2010-04-09 18:41:39 ----D---- C:\WINDOWS\system32\config
2010-04-09 17:31:13 ----HD---- C:\WINDOWS\inf
2010-04-09 17:29:29 ----D---- C:\WINDOWS\WinSxS
2010-04-09 13:59:06 ----SHD---- C:\System Volume Information
2010-04-09 13:59:06 ----D---- C:\WINDOWS\system32\Restore
2010-04-09 13:55:34 ----HD---- C:\Programme\InstallShield Installation Information
2010-04-09 13:53:11 ----RSD---- C:\WINDOWS\Fonts
2010-04-09 13:53:10 ----A---- C:\WINDOWS\win.ini
2010-04-09 13:52:08 ----D---- C:\Programme\Astrosoft
2010-04-09 13:37:24 ----D---- C:\WINDOWS\Performance
2010-04-09 13:22:59 ----D---- C:\Dokumente und Einstellungen\Goldberg\Anwendungsdaten\Shareaza
2010-04-09 12:24:28 ----D---- C:\Dokumente und Einstellungen\Goldberg\Anwendungsdaten\uTorrent
2010-04-09 12:21:59 ----D---- C:\Dokumente und Einstellungen\Goldberg\Anwendungsdaten\Thinstall
2010-04-09 11:11:53 ----A---- C:\WINDOWS\system.ini
2010-04-09 10:38:24 ----D---- C:\temp
2010-04-08 19:58:41 ----D---- C:\WINDOWS\system32\Macromed
2010-04-08 19:58:41 ----D---- C:\Dokumente und Einstellungen\Goldberg\Anwendungsdaten\Adobe
2010-04-08 14:07:27 ----AC---- C:\WINDOWS\winamp.ini
2010-04-08 11:50:30 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-04-08 11:50:30 ----D---- C:\WINDOWS\system32\RTCOM
2010-04-08 11:50:20 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-04-08 11:25:47 ----D---- C:\Programme\Acoustica Mixcraft 3
2010-04-07 22:20:21 ----D---- C:\WINDOWS\system
2010-04-07 21:28:37 ----AD---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP
2010-04-05 23:24:57 ----D---- C:\Dokumente und Einstellungen\Goldberg\Anwendungsdaten\vlc
2010-04-05 10:12:35 ----RSD---- C:\WINDOWS\assembly
2010-04-05 10:12:12 ----D---- C:\WINDOWS\system32\DirectX
2010-04-03 16:32:44 ----D---- C:\Programme\Gemeinsame Dateien\InstallShield
2010-04-02 17:31:51 ----D---- C:\Dokumente und Einstellungen\Goldberg\Anwendungsdaten\Help
2010-04-02 14:06:02 ----D---- C:\Dokumente und Einstellungen\Goldberg\Anwendungsdaten\Sun
2010-04-01 14:03:07 ----D---- C:\Programme\SEGA
2010-03-31 14:32:29 ----AC---- C:\WINDOWS\ODBC.INI
2010-03-31 10:23:30 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-03-29 21:19:40 ----AC---- C:\WINDOWS\Epi40.ini
2010-03-28 20:22:49 ----AC---- C:\WINDOWS\astplus.ini
2010-03-28 20:22:48 ----AC---- C:\WINDOWS\astagctl.ini
2010-03-28 19:11:52 ----AC---- C:\WINDOWS\ODBCINST.INI
2010-03-27 23:56:32 ----D---- C:\Dokumente und Einstellungen\Goldberg\Anwendungsdaten\GetRightToGo
2010-03-26 10:58:49 ----D---- C:\Programme\Gemeinsame Dateien\Microsoft Shared
2010-03-20 18:39:37 ----D---- C:\OutputFolder
2010-03-20 17:53:46 ----D---- C:\Programme\JDownloader
2010-03-18 21:00:13 ----SD---- C:\Dokumente und Einstellungen\Goldberg\Anwendungsdaten\Microsoft
2010-03-18 20:44:28 ----D---- C:\Programme\Gemeinsame Dateien\Adobe
2010-03-16 22:56:12 ----AC---- C:\WINDOWS\system32\winsusrx.dll
2010-03-16 22:56:12 ----AC---- C:\WINDOWS\system32\winsusrm.dll
2010-03-16 10:03:22 ----D---- C:\WINDOWS\pss
2010-03-14 11:53:02 ----D---- C:\Dokumente und Einstellungen
2010-03-14 11:51:01 ----D---- C:\WINDOWS\Downloaded Installations
2010-03-13 18:47:20 ----A---- C:\crtdbg.txt
2010-03-13 00:07:22 ----D---- C:\WINDOWS\RegisteredPackages
2010-03-11 16:41:05 ----D---- C:\Programme\MyDefrag v4.2.8

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Programme\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 intelppm;Intel-Prozessortreiber; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40448]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R2 ACEDRV07;ACEDRV07; \??\C:\WINDOWS\system32\drivers\ACEDRV07.sys []
R2 acedrv10;acedrv10; \??\C:\WINDOWS\system32\drivers\acedrv10.sys []
R2 acedrv11;acedrv11; \??\C:\WINDOWS\system32\drivers\acedrv11.sys []
R2 acehlp10;acehlp10; \??\C:\WINDOWS\system32\drivers\acehlp10.sys []
R2 athsgt;athsgt; C:\WINDOWS\system32\DRIVERS\athsgt.sys [2010-03-12 164992]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2010-03-16 278728]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-11-25 56816]
R2 limsgt;limsgt; C:\WINDOWS\system32\DRIVERS\limsgt.sys [2010-03-12 12544]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2010-03-16 25416]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2010-02-03 4605952]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
R3 HDAudBus;Microsoft UAA-Bustreiber für High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Microsoft HID Class-Treiber; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2010-02-08 5860384]
R3 LVcKap;Logitech AEC Driver; C:\WINDOWS\system32\DRIVERS\LVcKap.sys [2007-10-19 2109976]
R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys [2007-10-11 25624]
R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\LVUSBSta.sys [2007-10-12 41752]
R3 mouhid;Maus-HID-Treiber; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-04 12288]
R3 pepifilter;Volume Adapter; C:\WINDOWS\system32\DRIVERS\lv302af.sys [2007-10-12 13848]
R3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:\WINDOWS\system32\DRIVERS\LV302V32.SYS [2007-10-12 1279000]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2007-08-07 98944]
R3 usbaudio;USB-Audiotreiber (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]
R3 usbccgp;Microsoft Standard-USB-Haupttreiber; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbehci;Miniporttreiber für erweiterten Microsoft USB 2.0-Hostcontroller; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;USB2-aktivierter Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbuhci;Miniporttreiber für universellen Microsoft USB-Hostcontroller; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S1 pcigyngw;pcigyngw; \??\C:\WINDOWS\system32\drivers\pcigyngw.sys []
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 BVRPMPR5;BVRPMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\drivers\BVRPMPR5.SYS []
S3 catchme;catchme; \??\C:\DOKUME~1\Goldberg\LOKALE~1\Temp\catchme.sys []
S3 CCDECODE;Untertiteldecoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2003-03-09 51024]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2003-03-09 16080]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2003-03-09 21456]
S3 INFUSB;INFUSB; C:\WINDOWS\system32\drivers\infusb.sys [2002-09-30 11520]
S3 LtcyCfgWDM;PCI Latency Tool Driver Service; C:\WINDOWS\system32\DRIVERS\LtcyCfgWDM.sys [2005-12-26 6656]
S3 LVMVDrv;Logitech Machine Vision Engine Loader; C:\WINDOWS\system32\DRIVERS\LVMVDrv.sys [2007-10-11 2142488]
S3 MagixASIODrv;MAGIX_ASIO_BoostDriver; \??\C:\Programme\MAGIX\Samplitude_SE_No9\mxasio.sys []
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI-Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV-/Videoverbindung; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 RET55;RET55 NDIS Protocol Driver; \??\C:\Programme\eEye Digital Security\Retina 5\Scanner\RET55.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\WINDOWS\system32\DRIVERS\ss_bbus.sys [2009-03-20 90112]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\WINDOWS\system32\DRIVERS\ss_bmdfl.sys [2009-03-20 14976]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\WINDOWS\system32\DRIVERS\ss_bmdm.sys [2009-03-20 121856]
S3 streamip;BDA-IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbprint;Microsoft USB-Druckerklasse; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;USB-Scannertreiber; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;USB-Massenspeichertreiber; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys [2009-08-09 29696]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-04-20 479200]
S3 WSTCODEC;World Standard Teletext-Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\WINDOWS\system32\DRIVERS\xusb21.sys [2007-02-27 61984]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 a2free;a-squared Free Service; C:\Programme\a-squared Free\a2service.exe [2009-10-01 1858144]
R2 AcuWVSSchedulerv5;Acunetix WVS Scheduler v5; C:\Programme\Acunetix\Web Vulnerability Scanner 5\WVSScheduler.exe [2007-10-26 655360]
R2 AntiVirSchedulerService;Avira AntiVir Planer; C:\Programme\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Programme\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2010-02-03 602112]
R2 FsUsbExService;FsUsbExService; C:\WINDOWS\system32\FsUsbExService.Exe [2009-03-31 233472]
R2 JavaQuickStarterService;Java Quick Starter; C:\Programme\Java\jre6\bin\jqs.exe [2010-01-04 153376]
R2 LVCOMSer;LVCOMSer; C:\Programme\Gemeinsame Dateien\LogiShrd\LVCOMSER\LVComSer.exe [2007-10-19 186904]
R2 LVPrcSrv;Process Monitor; C:\Programme\Gemeinsame Dateien\LogiShrd\LVMVFM\LVPrcSrv.exe [2007-10-19 141848]
R2 Tirminal.Client.iComObject;Tirminal.Client.iComObject; C:\WINDOWS\system32\dllhost.exe [2008-04-14 5120]
S2 LVSrvLauncher;LVSrvLauncher; C:\Programme\Gemeinsame Dateien\LogiShrd\SrvLnch\SrvLnch.exe [2007-10-19 141848]
S3 aspnet_state;ASP.NET-Zustandsdienst; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2003-03-09 65795]
S3 ServiceLayer;ServiceLayer; C:\Programme\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp-Portfreigabedienst; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Sion · 10.04.2010, 10:31

1. http://www.trojaner-board.de/51187-a...i-malware.html
Log posten.

2. http://www.trojaner-board.de/74908-a...t-scanner.html
Log posten.

3. Hol dir OTL
Starte OTL
Kopiere unten in das Skript-Feld rein:

Zitat:

netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
/md5stop
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav

Schließe alle anderen Programme.
Klicke auf Quick Scan.
Poste die beiden Logs - OTL.txt und Extras.txt

Hast du Combofix scannen lassen? Poste das Log. Kein neuer Scan, das alte Log posten.

Probleme mit Internetseiten aufrufen.

Log-Analyse und Auswertung: Probleme mit Internetseiten aufrufen.

Probleme mit Internetseiten aufrufen.

Probleme mit Internetseiten aufrufen.

Ähnliche Themen: Probleme mit Internetseiten aufrufen.