| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: DCOM-Server-Prozessstart wurde unerwartet beendet und PC friert einWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
04.05.2010, 13:42
| #1 | |
| |  DCOM-Server-Prozessstart wurde unerwartet beendet und PC friert ein Hallo Zusammen, seit einigen Tagen kommt in unregelmäßigen Abständen die Fehlermeldung, daß svchost beendet worden ist und anschließend der "DCOM-Server-Prozessstart wurde unerwartet beendet". Nachdem der Rechner neu gestartet wird, friert das System oft ein. Zuerst bin ich auf eine EXE aufmerksam geworden "SRVAJU32.EXE", das Löschen dieser Datei im abgesicherten Modus hat funktioniert, jedoch nicht das Problem behoben. Meine weiteren Recherchen innerhalb des Forums und Google haben mich bisher nicht weitergebracht, da die dort beschriebenen, schuldigen Dateien oder Programme bei mir nicht vorhanden waren. Also hab ich jetzt die im Thread "Für alle Hilfesuchenden ...." (h**p://www.trojaner-board.de/69886-fuer-alle-hilfesuchenden-muss-ich-vor-der-eroeffnung-eines-themas-beachten.html) beschriebenen Programme ausgeführt. Dafür habe ich den DCOM-Server-Prozessstart angewiesen bei Fehlern nicht neu zu starten. Jetzt Friert der Rechner auch nicht mehr ein. Zitat:
Grüße fuxius Die Logs der Programme: Malwarebytes' Anti-Malware 1.46 w*w.malwarebytes.org Datenbank Version: 4052 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 04.05.2010 12:57:19 mbam-log-2010-05-04 (12-57-19).txt Art des Suchlaufs: Quick-Scan Durchsuchte Objekte: 131023 Laufzeit: 6 Minute(n), 21 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 1 Infizierte Verzeichnisse: 0 Infizierte Dateien: 1 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken. Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: C:\Dokumente und Einstellungen\***\Anwendungsdaten\avdrn.dat (Malware.Trace) -> No action taken. =============================================== Die Dateiobjekte/Dateien habe ich entfernt. =============================================== Logfile von RSIT: Logfile of random's system information tool 1.06 (written by random/random) Run by *** at 2010-05-04 13:08:17 Microsoft Windows XP Professional Service Pack 3 System drive C: has 26 GB (29%) free of 90 GB Total RAM: 2046 MB (63% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 13:08:23, on 04.05.2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\ibmpmsvc.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programme\Intel\Wireless\Bin\EvtEng.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Programme\Intel\Wireless\Bin\S24EvMon.exe C:\Programme\Gemeinsame Dateien\Symantec Shared\ccProxy.exe C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe C:\Programme\Symantec Client Security\Symantec Client Firewall\ISSVC.exe C:\Programme\Gemeinsame Dateien\Symantec Shared\SNDSrvc.exe C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\IPSSVC.EXE C:\Programme\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe C:\Programme\ThinkPad\Bluetooth Software\bin\btwdins.exe C:\Programme\Symantec Client Security\Symantec AntiVirus\DefWatch.exe C:\Programme\Diskeeper Corporation\Diskeeper\DkService.exe C:\Programme\Java\jre6\bin\jqs.exe C:\Programme\Nuance\PaperPort\PDFProFiltSrvPP.exe C:\Programme\Intel\Wireless\Bin\RegSrvc.exe C:\Programme\Symantec Client Security\Symantec AntiVirus\Rtvscan.exe C:\Programme\Symantec Client Security\Symantec Client Firewall\SymSPort.exe C:\Programme\Gemeinsame Dateien\Lenovo\tvt_reg_monitor_svc.exe C:\WINDOWS\System32\TPHDEXLG.EXE C:\WINDOWS\system32\TpKmpSVC.exe C:\Programme\Lenovo\Rescue and Recovery\rrservice.exe C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\tvtsched.exe C:\Programme\Lenovo\Rescue and Recovery\ADM\IUService.exe C:\Programme\Gemeinsame Dateien\Lenovo\Logger\logmon.exe C:\Programme\ThinkPad\ConnectUtilities\AcSvc.exe c:\programme\lenovo\system update\suservice.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Programme\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe C:\WINDOWS\system32\rundll32.exe C:\Programme\Synaptics\SynTP\SynTPLpr.exe C:\Programme\Synaptics\SynTP\SynTPEnh.exe C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe C:\WINDOWS\system32\TpShocks.exe C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe C:\Programme\Analog Devices\Core\smax4pnp.exe C:\Programme\Lenovo\PkgMgr\HOTKEY\TPONSCR.exe C:\Programme\Lenovo\PkgMgr\HOTKEY_1\TpScrex.exe C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe C:\Programme\ATI Technologies\ATI.ACE\CLI.EXE C:\WINDOWS\System32\DLA\DLACTRLW.EXE C:\Programme\Lenovo\AwayTask\AwaySch.EXE C:\Programme\Intel\Wireless\Bin\Dot1XCfg.exe C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\scheduler_proxy.exe C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe C:\Programme\Lenovo\SafeGuard PrivateDisk\pdservice.exe C:\Programme\Lenovo\Client Security Solution\cssauth.exe C:\Programme\LENOVO\Message Center Plus\MCPLaunch.exe C:\Programme\ThinkPad\ConnectUtilities\ACTray.exe C:\Programme\ThinkPad\ConnectUtilities\ACWLIcon.exe C:\Programme\FreePDF_XP\fpassist.exe C:\Programme\T-Mobile\T-Mobile Internet Manager\DataCardMonitor.exe C:\PROGRA~1\THINKV~2\PrdCtr\LPMLCHK.exe C:\Programme\TPFanControl\TPFanControl.exe C:\PROGRA~1\SYMANT~1\SYMANT~2\vptray.exe C:\WINDOWS\system32\ctfmon.exe C:\Programme\DAEMON Tools Lite\daemon.exe C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\FLEXnet\Connect\11\ISUSPM.exe C:\Programme\Nokia\Nokia PC Suite 7\PCSuite.exe C:\Programme\ThinkPad\Bluetooth Software\BTTray.exe C:\Program Files\Digital Line Detect\DLG.exe C:\Programme\ATI Technologies\ATI.ACE\cli.exe C:\Programme\ATI Technologies\ATI.ACE\cli.exe C:\Programme\PC Connectivity Solution\ServiceLayer.exe C:\Programme\PC Connectivity Solution\Transports\NclUSBSrv.exe C:\Programme\PC Connectivity Solution\Transports\NclIrSrv.exe C:\Programme\PC Connectivity Solution\Transports\NclRSSrv.exe C:\Programme\PC Connectivity Solution\Transports\NclBCBTSrv.exe C:\Programme\Diskeeper Corporation\Diskeeper\DkIcon.exe C:\Dokumente und Einstellungen\***\Desktop\RSIT.exe C:\Programme\Trend Micro\HijackThis\***.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = h**p://g.msn.de/0SEDEDE/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = h**p://g.msn.de/0SEDEDE/SAOS01?FORM=TOOLBR R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = h**p://lenovo.live.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = h**p://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = h**p://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = h**p://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = h**p://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = h**p://g.msn.de/0SEDEDE/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = h**p://go.microsoft.com/fwlink/?LinkId=74005 O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Programme\Nuance\PDFViewerPlus\Bin\PlusIEContextMenu.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL O2 - BHO: ZeonIEEventHelper Class - {DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9} - C:\Programme\Nuance\PDFViewerPlus\Bin\ZeonIEFavClient.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: ThinkVantage Password Manager - {F040E541-A427-4CF7-85D8-75E3E0F476C5} - C:\Programme\Lenovo\Client Security Solution\tvtpwm_ie_com.dll O3 - Toolbar: Nuance PDF - {E3286BF1-E654-42FF-B4A6-5E111731DF6B} - C:\Programme\Nuance\PDFViewerPlus\Bin\ZeonIEFavClient.dll O4 - HKLM\..\Run: [PWRMGRTR] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor O4 - HKLM\..\Run: [BLOG] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog O4 - HKLM\..\Run: [SynTPLpr] C:\Programme\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Programme\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe O4 - HKLM\..\Run: [TPKMAPHELPER] C:\Programme\ThinkPad\Utilities\TpKmapAp.exe -helper O4 - HKLM\..\Run: [TpShocks] TpShocks.exe O4 - HKLM\..\Run: [TPHOTKEY] C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe O4 - HKLM\..\Run: [TP4EX] tp4ex.exe O4 - HKLM\..\Run: [SoundMAXPnP] C:\Programme\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [SoundMAX] C:\Programme\Analog Devices\SoundMAX\Smax4.exe /tray O4 - HKLM\..\Run: [ATICCC] "C:\Programme\ATI Technologies\ATI.ACE\CLIStart.exe" O4 - HKLM\..\Run: [LPManager] C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE O4 - HKLM\..\Run: [AwaySch] C:\Programme\Lenovo\AwayTask\AwaySch.EXE O4 - HKLM\..\Run: [TVT Scheduler Proxy] C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\scheduler_proxy.exe O4 - HKLM\..\Run: [ccApp] "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Programme\Diskeeper Corporation\Diskeeper\DkIcon.exe" O4 - HKLM\..\Run: [PDService.exe] "C:\Programme\Lenovo\SafeGuard PrivateDisk\pdservice.exe" O4 - HKLM\..\Run: [cssauth] "C:\Programme\Lenovo\Client Security Solution\cssauth.exe" silent O4 - HKLM\..\Run: [Message Center Plus] C:\Programme\LENOVO\Message Center Plus\MCPLaunch.exe /start O4 - HKLM\..\Run: [ACTray] C:\Programme\ThinkPad\ConnectUtilities\ACTray.exe O4 - HKLM\..\Run: [ACWLIcon] C:\Programme\ThinkPad\ConnectUtilities\ACWLIcon.exe O4 - HKLM\..\Run: [FreePDF Assistant] C:\Programme\FreePDF_XP\fpassist.exe O4 - HKLM\..\Run: [DataCardMonitor] C:\Programme\T-Mobile\T-Mobile Internet Manager\DataCardMonitor.exe O4 - HKLM\..\Run: [LPMailChecker] C:\PROGRA~1\THINKV~2\PrdCtr\LPMLCHK.exe O4 - HKLM\..\Run: [TPFanControl] C:\Programme\TPFanControl\TPFanControl.exe O4 - HKLM\..\Run: [PPort12reminder] "C:\Programme\Nuance\PaperPort\Ereg\Ereg.exe" -r "C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ScanSoft\PaperPort\12\Config\Ereg\Ereg.ini" O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\SYMANT~2\\vptray.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Programme\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKCU\..\Run: [ISUSPM] C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\FLEXnet\Connect\11\ISUSPM.exe -scheduler O4 - HKCU\..\Run: [PC Suite Tray] "C:\Programme\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Reader - Schnellstart.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe O8 - Extra context menu item: An vorhandene PDF-Datei anhängen - res://C:\Programme\Nuance\PDFViewerPlus\Bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML O8 - Extra context menu item: Inhalt der ausgewählten Links an vorhandene PDF-Datei anhängen - res://C:\Programme\Nuance\PDFViewerPlus\Bin\ZeonIEFavClient.dll/ZeonIEAppendSelLinks.HTML O8 - Extra context menu item: Linkinhalt an vorhandene PDF-Datei anhängen - res://C:\Programme\Nuance\PDFViewerPlus\Bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML O8 - Extra context menu item: Mit PDF Viewer Plus öffnen - res://C:\Programme\Nuance\PDFViewerPlus\Bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: PDF-Datei aus Linkinhalt erstellen - res://C:\Programme\Nuance\PDFViewerPlus\Bin\ZeonIEFavClient.dll/ZeonIECapture.HTML O8 - Extra context menu item: PDF-Datei erstellen - res://C:\Programme\Nuance\PDFViewerPlus\Bin\ZeonIEFavClient.dll/ZeonIECapture.HTML O8 - Extra context menu item: PDF-Dateien aus den ausgewählten Links erstellen - res://C:\Programme\Nuance\PDFViewerPlus\Bin\ZeonIEFavClient.dll/ZeonIECaptureSelLinks.HTML O8 - Extra context menu item: Senden an &Bluetooth-Gerät... - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: (no name) - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Programme\Lenovo\Client Security Solution\tvtpwm_ie_com.dll O9 - Extra 'Tools' menuitem: ThinkVantage Password Manager... - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Programme\Lenovo\Client Security Solution\tvtpwm_ie_com.dll O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - h**p://download.divx.com/player/DivXBrowserPlugin.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - h**p://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O20 - Winlogon Notify: AwayNotify - C:\Programme\Lenovo\AwayTask\AwayNotify.dll O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Unknown owner - C:\Programme\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Programme\ThinkPad\ConnectUtilities\AcSvc.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Programme\ThinkPad\Bluetooth Software\bin\btwdins.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccProxy.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Programme\Symantec Client Security\Symantec AntiVirus\DefWatch.exe O23 - Service: Diskeeper - Diskeeper Corporation - C:\Programme\Diskeeper Corporation\Diskeeper\DkService.exe O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Programme\Intel\Wireless\Bin\EvtEng.exe O23 - Service: ThinkPad PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: IPS-Basisservice (IPSSVC) - Lenovo Group Limited - C:\WINDOWS\system32\IPSSVC.EXE O23 - Service: IS Service (ISSVC) - Symantec Corporation - C:\Programme\Symantec Client Security\Symantec Client Firewall\ISSVC.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe O23 - Service: PDFProFiltSrvPP - Nuance Communications, Inc. - C:\Programme\Nuance\PaperPort\PDFProFiltSrvPP.exe O23 - Service: IBM PSA Access Driver Control (PsaSrv) - Unknown owner - C:\WINDOWS\system32\PsaSrv.exe (file missing) O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Programme\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Programme\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: SAVRoam (SavRoam) - symantec - C:\Programme\Symantec Client Security\Symantec AntiVirus\SavRoam.exe O23 - Service: ServiceLayer - Nokia - C:\Programme\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: System Update (SUService) - Lenovo Group Limited - c:\programme\lenovo\system update\suservice.exe O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Programme\Symantec Client Security\Symantec AntiVirus\Rtvscan.exe O23 - Service: Symantec SecurePort (SymSecurePort) - Symantec Corporation - C:\Programme\Symantec Client Security\Symantec Client Firewall\SymSPort.exe O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - C:\Programme\Gemeinsame Dateien\Lenovo\tvt_reg_monitor_svc.exe O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\WINDOWS\System32\TPHDEXLG.EXE O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe O23 - Service: TSS Core Service (TSSCoreService) - IBM - C:\Programme\Lenovo\Client Security Solution\tvttcsd.exe O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Programme\Lenovo\Rescue and Recovery\rrservice.exe O23 - Service: TVT Scheduler - Lenovo Group Limited - C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\tvtsched.exe O23 - Service: tvtnetwk - Unknown owner - C:\Programme\Lenovo\Rescue and Recovery\ADM\IUService.exe -- End of file - 17052 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\PMTask.job C:\WINDOWS\tasks\Symantec NetDetect.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] AcroIEHlprObj Class - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{551A852F-39A6-44A7-9C13-AFBEC9185A9D}] PlusIEEventHelper Class - C:\Programme\Nuance\PDFViewerPlus\Bin\PlusIEContextMenu.dll [2009-02-06 249856] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5CA3D70E-1895-11CF-8E15-001234567890}] DriveLetterAccess - C:\WINDOWS\System32\DLA\DLASHX_W.DLL [2006-02-02 110652] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9}] ZeonIEEventHelper Class - C:\Programme\Nuance\PDFViewerPlus\Bin\ZeonIEFavClient.dll [2009-08-12 471040] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Programme\Java\jre6\bin\jp2ssv.dll [2010-04-12 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-04-12 79648] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F040E541-A427-4CF7-85D8-75E3E0F476C5}] CPwmIEBrowserHelper Object - C:\Programme\Lenovo\Client Security Solution\tvtpwm_ie_com.dll [2006-07-14 719616] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {E3286BF1-E654-42FF-B4A6-5E111731DF6B} - Nuance PDF - C:\Programme\Nuance\PDFViewerPlus\Bin\ZeonIEFavClient.dll [2009-08-12 471040] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "PWRMGRTR"=rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor [] "BLOG"=rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog [] "SynTPLpr"=C:\Programme\Synaptics\SynTP\SynTPLpr.exe [2006-02-14 110592] "SynTPEnh"=C:\Programme\Synaptics\SynTP\SynTPEnh.exe [2006-02-14 512000] "EZEJMNAP"=C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe [2006-02-23 237568] "TPKMAPHELPER"=C:\Programme\ThinkPad\Utilities\TpKmapAp.exe [2006-06-02 856064] "TpShocks"=C:\WINDOWS\system32\TpShocks.exe [2006-03-15 106496] "TPHOTKEY"=C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe [2006-07-25 94208] "TP4EX"=C:\WINDOWS\system32\tp4ex.exe [2005-10-17 65536] "SoundMAXPnP"=C:\Programme\Analog Devices\Core\smax4pnp.exe [2005-05-20 925696] "SoundMAX"=C:\Programme\Analog Devices\SoundMAX\Smax4.exe [2005-05-06 716800] "ATICCC"=C:\Programme\ATI Technologies\ATI.ACE\CLIStart.exe [2006-05-10 90112] "LPManager"=C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe [2009-07-23 185688] "SunJavaUpdateSched"=C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe [2010-02-18 248040] "DLA"=C:\WINDOWS\System32\DLA\DLACTRLW.EXE [2006-02-02 122940] "AwaySch"=C:\Programme\Lenovo\AwayTask\AwaySch.EXE [2006-08-16 69632] "TVT Scheduler Proxy"=C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\scheduler_proxy.exe [2008-03-04 487424] "ccApp"=C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe [2005-07-12 48752] "DiskeeperSystray"=C:\Programme\Diskeeper Corporation\Diskeeper\DkIcon.exe [2006-05-18 196696] "PDService.exe"=C:\Programme\Lenovo\SafeGuard PrivateDisk\pdservice.exe [2006-03-13 41472] "cssauth"=C:\Programme\Lenovo\Client Security Solution\cssauth.exe [2006-07-14 2341632] "Message Center Plus"=C:\Programme\LENOVO\Message Center Plus\MCPLaunch.exe [2009-05-27 49976] "ACTray"=C:\Programme\ThinkPad\ConnectUtilities\ACTray.exe [2007-02-19 409600] "ACWLIcon"=C:\Programme\ThinkPad\ConnectUtilities\ACWLIcon.exe [2007-02-19 110592] "FreePDF Assistant"=C:\Programme\FreePDF_XP\fpassist.exe [2009-08-06 381440] "DataCardMonitor"=C:\Programme\T-Mobile\T-Mobile Internet Manager\DataCardMonitor.exe [2009-10-15 253952] "LPMailChecker"=C:\PROGRA~1\THINKV~2\PrdCtr\LPMLCHK.exe [2009-07-23 124248] "TPFanControl"=C:\Programme\TPFanControl\TPFanControl.exe [2009-10-15 153088] "PPort12reminder"=C:\Programme\Nuance\PaperPort\Ereg\Ereg.exe [2008-11-03 328992] "KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k [] "vptray"=C:\PROGRA~1\SYMANT~1\SYMANT~2\\vptray.exe [2005-08-30 86112] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] "DAEMON Tools Lite"=C:\Programme\DAEMON Tools Lite\daemon.exe [2009-04-23 691656] "ISUSPM"=C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\FLEXnet\Connect\11\ISUSPM.exe [2009-05-05 222496] "PC Suite Tray"=C:\Programme\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-11-11 1451520] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HW_OPENEYE_OUC_T-Mobile Internet Manager] C:\Programme\T-Mobile\T-Mobile Internet Manager\UpdateDog\ouc.exe [2009-06-23 110592] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndexSearch] C:\Programme\Nuance\PaperPort\IndexSearch.exe [2009-09-10 44120] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup] C:\PROGRA~1\GEMEIN~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-07-27 221184] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler] C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe [2004-07-27 81920] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PaperPort PTD] C:\Programme\Nuance\PaperPort\pptd40nt.exe [2009-09-10 27736] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDF5 Registry Controller] C:\Programme\Nuance\PDFViewerPlus\RegistryController.exe [2009-09-04 62752] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDFHook] C:\Programme\Nuance\PDFViewerPlus\pdfpro5hook.exe [2009-09-04 1365280] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector] C:\Programme\Picasa2\PicasaMediaDetector.exe [2006-03-16 421888] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "JavaQuickStarterService"=2 C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart Adobe Reader - Schnellstart.lnk - C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe BTTray.lnk - C:\Programme\ThinkPad\Bluetooth Software\BTTray.exe Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] C:\WINDOWS\system32\Ati2evxx.dll [2008-11-10 143360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AwayNotify] C:\Programme\Lenovo\AwayTask\AwayNotify.dll [2006-08-16 49152] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon] C:\WINDOWS\system32\NavLogon.dll [2005-08-30 43616] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\psfus] C:\Programme\ThinkVantage Fingerprint Software\psqlpwd.dll [2009-12-01 100104] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\tpfnf2] C:\WINDOWS\system32\notifyf2.dll [2005-07-05 28672] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\tphotkey] C:\WINDOWS\system32\tphklock.dll [2005-11-30 24576] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa] "notification packages"=scecli ACGina C:\Programme\ThinkVantage Fingerprint Software\psqlpwd.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Programme\uTorrent\uTorrent.exe"="C:\Programme\uTorrent\uTorrent.exe:*:Enabled:µTorrent" "C:\Programme\SoulseekNS\slsk.exe"="C:\Programme\SoulseekNS\slsk.exe:*:Enabled:SoulSeek" "C:\Programme\Microsoft Office\Office12\ONENOTE.EXE"="C:\Programme\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote" "C:\Programme\Firaxis Games\Sid Meier's Civilization 4\Civilization4.exe"="C:\Programme\Firaxis Games\Sid Meier's Civilization 4\Civilization4.exe:*:Enabled:Sid Meier's Civilization 4" "C:\Programme\Nokia\Nokia Software Updater\nsu_ui_client.exe"="C:\Programme\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater" "C:\Programme\Gemeinsame Dateien\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Programme\Gemeinsame Dateien\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process " [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{21192ff4-8903-11de-8787-001cbf91d659}] shell\AutoRun\command - F:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{21192ff6-8903-11de-8787-001cbf91d659}] shell\AutoRun\command - F:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3731363a-b451-11de-879e-001cbf91d659}] shell\AutoRun\command - F:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3731363b-b451-11de-879e-001cbf91d659}] shell\AutoRun\command - F:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6b9c963c-de20-11de-87c8-001a6bd4b53a}] shell\AutoRun\command - F:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6b9c963d-de20-11de-87c8-001a6bd4b53a}] shell\AutoRun\command - F:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{907baf8c-8919-11de-8788-001cbf91d659}] shell\AutoRun\command - F:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ae655794-b8b9-11de-87a5-001cbf91d659}] shell\AutoRun\command - F:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c07073a3-b84d-11de-87a4-001cbf91d659}] shell\AutoRun\command - F:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c07073a4-b84d-11de-87a4-001cbf91d659}] shell\AutoRun\command - F:\AutoRun.exe ======List of files/folders created in the last 1 months====== 2010-05-04 13:08:17 ----D---- C:\rsit 2010-05-04 12:46:35 ----D---- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Malwarebytes 2010-05-04 12:46:27 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes 2010-05-04 12:46:26 ----D---- C:\Programme\Malwarebytes' Anti-Malware 2010-05-04 12:37:06 ----D---- C:\Programme\CCleaner 2010-05-03 14:37:02 ----A---- C:\WINDOWS\ModemLog_ThinkPad Modem.txt 2010-05-03 13:33:46 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Sun 2010-05-03 13:33:35 ----A---- C:\WINDOWS\system32\javaws.exe 2010-05-03 13:33:35 ----A---- C:\WINDOWS\system32\javaw.exe 2010-05-03 13:33:35 ----A---- C:\WINDOWS\system32\java.exe 2010-05-03 13:33:35 ----A---- C:\WINDOWS\system32\deployJava1.dll 2010-04-29 12:43:53 ----D---- C:\Programme\Gemeinsame Dateien\DVDVideoSoft 2010-04-29 12:43:53 ----D---- C:\Programme\DVDVideoSoft 2010-04-27 12:27:51 ----D---- C:\Programme\Gemeinsame Dateien\PCSuite 2010-04-23 12:58:44 ----HDC---- C:\WINDOWS\$NtUninstallWdf01009$ 2010-04-22 16:06:00 ----D---- C:\WINDOWS\system32\NtmsData 2010-04-21 14:31:06 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Nokia 2010-04-21 14:27:21 ----D---- C:\Programme\PC Connectivity Solution 2010-04-21 14:26:38 ----A---- C:\WINDOWS\system32\wdfcoinstaller01009.dll 2010-04-21 14:26:38 ----A---- C:\WINDOWS\system32\nmwcdcocls.dll 2010-04-14 13:54:49 ----HDC---- C:\WINDOWS\$NtUninstallKB979683$ 2010-04-14 13:54:40 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$ 2010-04-14 13:50:40 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$ 2010-04-14 13:50:32 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$ 2010-04-14 13:50:26 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$ 2010-04-14 13:50:11 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$ 2010-04-13 18:44:15 ----A---- C:\WINDOWS\system32\hidserv.dll ======List of files/folders modified in the last 1 months====== 2010-05-04 13:06:03 ----D---- C:\WINDOWS\system32\CatRoot2 2010-05-04 13:06:03 ----AD---- C:\WINDOWS 2010-05-04 13:02:31 ----A---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\tvt_userinfo.ini 2010-05-04 13:01:57 ----D---- C:\Programme 2010-05-04 13:01:43 ----A---- C:\WINDOWS\system32\PROCDB.INI 2010-05-04 13:01:37 ----D---- C:\WINDOWS\Temp 2010-05-04 13:00:25 ----D---- C:\WINDOWS\system32\drivers 2010-05-04 12:59:33 ----A---- C:\WINDOWS\SchedLgU.Txt 2010-05-04 12:57:16 ----D---- C:\WINDOWS\Prefetch 2010-05-04 12:39:00 ----D---- C:\WINDOWS\Minidump 2010-05-04 12:39:00 ----D---- C:\WINDOWS\Debug 2010-05-04 11:41:38 ----AD---- C:\WINDOWS\system32 2010-05-04 11:41:38 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2010-05-04 11:34:27 ----SHD---- C:\RECYCLER 2010-05-03 16:36:14 ----D---- C:\Dokumente und Einstellungen\***\Anwendungsdaten\vlc 2010-05-03 14:38:11 ----HD---- C:\WINDOWS\inf 2010-05-03 13:33:46 ----SHD---- C:\WINDOWS\Installer 2010-05-03 13:33:45 ----D---- C:\Programme\Gemeinsame Dateien\Java 2010-05-03 13:33:29 ----D---- C:\Programme\Java 2010-05-03 13:32:15 ----D---- C:\WINDOWS\SoftwareDistribution 2010-05-03 11:21:33 ----D---- C:\SWSHARE 2010-05-02 20:39:19 ----D---- C:\Dokumente und Einstellungen\***\Anwendungsdaten\uTorrent 2010-04-29 12:43:53 ----D---- C:\Programme\Gemeinsame Dateien 2010-04-29 10:36:30 ----AD---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP 2010-04-27 12:29:57 ----D---- C:\Programme\uTorrent 2010-04-27 12:28:09 ----DC---- C:\WINDOWS\system32\DRVSTORE 2010-04-27 12:27:48 ----D---- C:\Programme\Nokia 2010-04-27 12:27:38 ----D---- C:\Programme\Gemeinsame Dateien\Nokia 2010-04-27 12:21:51 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Installations 2010-04-23 12:59:05 ----D---- C:\WINDOWS\security 2010-04-21 19:56:01 ----RASH---- C:\boot.ini 2010-04-21 19:56:01 ----A---- C:\WINDOWS\win.ini 2010-04-21 19:56:01 ----A---- C:\WINDOWS\system.ini 2010-04-21 14:33:08 ----D---- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Nokia 2010-04-14 13:54:53 ----ASHD---- C:\WINDOWS\system32\dllcache 2010-04-14 13:54:46 ----HD---- C:\WINDOWS\$hf_mig$ 2010-04-13 00:56:16 ----D---- C:\Programme\Picasa2 2010-04-06 19:52:54 ----A---- C:\WINDOWS\system32\MRT.exe 2010-04-06 15:49:30 ----D---- C:\Programme\Internet Explorer ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 ANC;ANC; C:\WINDOWS\System32\drivers\ANC.SYS [2005-11-08 11520] R1 DLACDBHM;DLACDBHM; C:\WINDOWS\System32\Drivers\DLACDBHM.SYS [2005-11-18 5660] R1 DLARTL_N;DLARTL_N; C:\WINDOWS\System32\Drivers\DLARTL_N.SYS [2005-11-18 22684] R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\eeCtrl.sys [] R1 IBMTPCHK;IBMTPCHK; \??\C:\WINDOWS\system32\Drivers\IBMBLDID.sys [] R1 intelppm;Intel-Prozessortreiber; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40448] R1 SAVRT;SAVRT; \??\C:\Programme\Symantec Client Security\Symantec AntiVirus\savrt.sys [] R1 SAVRTPEL;SAVRTPEL; \??\C:\Programme\Symantec Client Security\Symantec AntiVirus\Savrtpel.sys [] R1 ShockMgr;ShockMgr; C:\WINDOWS\system32\drivers\ShockMgr.sys [2005-06-20 4736] R1 Smapint;Smapint; C:\WINDOWS\System32\drivers\Smapint.sys [2006-08-02 14848] R1 SYMTDI;SYMTDI; C:\WINDOWS\System32\Drivers\SYMTDI.SYS [2005-04-05 267192] R1 tcpipBM;Bytemobile Kernel Network Provider; C:\WINDOWS\system32\drivers\tcpipBM.sys [2008-10-09 18816] R1 TDSMAPI;TDSMAPI; C:\WINDOWS\System32\drivers\TDSMAPI.SYS [2006-08-02 9343] R1 TPHKDRV;TPHKDRV; C:\WINDOWS\system32\drivers\TPHKDRV.sys [2005-07-05 17699] R1 TPPWRIF;TPPWRIF; C:\WINDOWS\System32\drivers\Tppwrif.sys [2006-05-25 4442] R1 TSMAPIP;TSMAPIP; C:\WINDOWS\System32\drivers\TSMAPIP.SYS [2006-07-20 7168] R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.5.3.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2009-08-14 21419] R2 DLABOIOM;DLABOIOM; C:\WINDOWS\System32\DLA\DLABOIOM.SYS [2006-02-02 25628] R2 DLADResN;DLADResN; C:\WINDOWS\System32\DLA\DLADResN.SYS [2006-02-02 2496] R2 DLAIFS_M;DLAIFS_M; C:\WINDOWS\System32\DLA\DLAIFS_M.SYS [2006-02-02 86652] R2 DLAOPIOM;DLAOPIOM; C:\WINDOWS\System32\DLA\DLAOPIOM.SYS [2006-02-02 14684] R2 DLAPoolM;DLAPoolM; C:\WINDOWS\System32\DLA\DLAPoolM.SYS [2006-02-02 6364] R2 DLAUDF_M;DLAUDF_M; C:\WINDOWS\System32\DLA\DLAUDF_M.SYS [2006-02-02 87036] R2 DLAUDFAM;DLAUDFAM; C:\WINDOWS\System32\DLA\DLAUDFAM.SYS [2006-02-02 94332] R2 DRVNDDM;DRVNDDM; C:\WINDOWS\System32\Drivers\DRVNDDM.SYS [2005-11-18 40544] R2 EGATHDRV;IBM eGatherer; \??\C:\WINDOWS\SYSTEM32\EGATHDRV.SYS [] R2 irda;IrDA-Protokoll; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-14 88192] R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672] R2 pmem;pmem; \??\C:\WINDOWS\System32\drivers\pmemnt.sys [] R2 PrivateDisk;PrivateDisk; \??\C:\Programme\Lenovo\SafeGuard PrivateDisk\PrivateDiskM.sys [] R2 PROCDD;IPS-Helper-Treiber; C:\WINDOWS\system32\DRIVERS\PROCDD.SYS [2006-08-16 5120] R2 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2006-08-02 12544] R2 smi2;smi2; \??\C:\Programme\SMI2\smi2.sys [] R2 smihlp2;SMI Helper Driver (smihlp2); \??\C:\Programme\ThinkVantage Fingerprint Software\smihlp.sys [] R2 TVicPort;TVicPort; C:\WINDOWS\system32\drivers\TVicPort.sys [2006-10-13 20512] R2 tvtfilter;tvtfilter; \??\C:\WINDOWS\system32\drivers\tvtfilter.sys [] R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2006-01-31 176128] R3 AEAudioService;AEAudio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2006-04-26 93824] R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2008-11-11 3301888] R3 atmeltpm;atmeltpm; C:\WINDOWS\system32\DRIVERS\atmeltpm.sys [2005-05-17 15872] R3 btaudio;Bluetooth-Audiogerät; C:\WINDOWS\system32\drivers\btaudio.sys [2006-05-31 328285] R3 BTKRNL;Bluetooth-Bus-Enumerator; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2006-05-31 851434] R3 CmBatt;Microsoft-Netzteiltreiber; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-14 13952] R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1e5132.sys [2009-03-18 241296] R3 HDAudBus;Microsoft UAA-Bustreiber für High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384] R3 HidUsb;Microsoft HID Class-Treiber; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368] R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2007-11-01 989696] R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2007-11-01 211456] R3 IBMPMDRV;IBMPMDRV; C:\WINDOWS\system32\DRIVERS\ibmpmdrv.sys [2005-11-10 10112] R3 Iviaspi;IVI ASPI Shell; C:\WINDOWS\system32\drivers\iviaspi.sys [2003-09-10 21060] R3 mouhid;Maus-HID-Treiber; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-18 12288] R3 NAVENG;NAVENG; \??\C:\PROGRA~1\GEMEIN~1\SYMANT~1\VIRUSD~1\20091204.006\naveng.sys [] R3 NAVEX15;NAVEX15; \??\C:\PROGRA~1\GEMEIN~1\SYMANT~1\VIRUSD~1\20091204.006\navex15.sys [] R3 NETw3x32;Intel(R) PRO/Wireless 3945ABG Adaptertreiber für Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETw3x32.sys [2006-09-27 1709696] R3 NSCIRDA;NSC-Infrarotgerätetreiber; C:\WINDOWS\system32\DRIVERS\nscirda.sys [2008-04-14 28672] R3 psadd;Lenovo Parties Service Access Device Driver; C:\WINDOWS\system32\DRIVERS\psadd.sys [2009-08-14 30144] R3 Rasirda;WAN-Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584] R3 SYMDNS;SYMDNS; C:\WINDOWS\System32\Drivers\SYMDNS.SYS [2005-04-05 11512] R3 SymEvent;SymEvent; \??\C:\Programme\Symantec\SYMEVENT.SYS [] R3 SYMFW;SYMFW; C:\WINDOWS\System32\Drivers\SYMFW.SYS [2005-04-05 173208] R3 SYMIDS;SYMIDS; C:\WINDOWS\System32\Drivers\SYMIDS.SYS [2005-04-05 36984] R3 SYMIDSCO;SYMIDSCO; \??\C:\PROGRA~1\GEMEIN~1\SYMANT~1\SymcData\SCFIDS~1\20091121.001\symidsco.sys [] R3 SYMNDIS;SYMNDIS; C:\WINDOWS\System32\Drivers\SYMNDIS.SYS [2005-04-05 47192] R3 SYMREDRV;SYMREDRV; C:\WINDOWS\System32\Drivers\SYMREDRV.SYS [2005-04-05 17976] R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-02-14 177664] R3 TcUsb;TC USB Kernel Driver; C:\WINDOWS\System32\Drivers\tcusb.sys [2008-12-09 50832] R3 TVTPktFilter;TVT Packet Filter Service; C:\WINDOWS\system32\DRIVERS\tvtpktfilter.sys [2006-07-14 17664] R3 usbehci;Miniporttreiber für erweiterten Microsoft USB 2.0-Hostcontroller; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208] R3 usbhub;Microsoft USB-Standardhubtreiber; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520] R3 usbuhci;Miniporttreiber für universellen Microsoft USB-Hostcontroller; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608] R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2007-11-01 731520] S1 kbdhid;Tastatur-HID-Treiber; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720] S3 ac97intc;Intel(r) 82801 Audiotreiber-Installationsdienst (WDM); C:\WINDOWS\system32\drivers\ac97intc.sys [2001-08-17 96256] S3 ank7fei3;ank7fei3; C:\WINDOWS\system32\drivers\ank7fei3.sys [] S3 BTDriver;Virtueller Bluetooth-Kommunikationstreiber; C:\WINDOWS\system32\DRIVERS\btport.sys [2006-05-31 30427] S3 BTWDNDIS;Bluetooth-LAN-Zugangsserver; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2006-05-31 148996] S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2006-05-31 67384] S3 E100B;Intel(R) PRO-Adaptertreiber; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2001-08-18 117760] S3 EraserUtilDrvI9;EraserUtilDrvI9; \??\C:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\EraserUtilDrvI9.sys [] S3 filtertdidriver;filtertdidriver; C:\WINDOWS\system32\drivers\ewfiltertdidriver.sys [2009-02-27 7552] S3 G400;G400; C:\WINDOWS\system32\DRIVERS\G400m.sys [2001-08-18 322432] S3 HSXHWAZL;HSXHWAZL; C:\WINDOWS\system32\DRIVERS\hsxhwazl.sys [2005-12-06 192512] S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2008-12-13 102400] S3 motmodem;Motorola USB CDC ACM Driver; C:\WINDOWS\system32\DRIVERS\motmodem.sys [2009-10-27 23936] S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2010-02-26 18176] S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2010-02-26 22528] S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2010-02-26 137344] S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2010-02-26 8320] S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-08-03 1897408] S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816] S3 PcdrNdisuio;PCDRNDISUIO Usermode I/O Protocol; C:\WINDOWS\system32\DRIVERS\pcdrndisuio.sys [] S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-04 5888] S3 serusb;Motorola USB Comm Port; C:\WINDOWS\system32\DRIVERS\usbser.sys [2008-04-14 26112] S3 SPBBCDrv;SPBBCDrv; \??\C:\Programme\Gemeinsame Dateien\Symantec Shared\SPBBC\SPBBCDrv.sys [] S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2010-02-26 8192] S3 usbccgp;Microsoft Standard-USB-Haupttreiber; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128] S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-14 26112] S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2010-02-26 8192] S3 USBSTOR;USB-Massenspeichertreiber; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368] S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136] S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2005-01-28 18944] S4 agp440;Intel AGP-Bus-Filter; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-14 42368] S4 agpCPQ;Compaq AGP-Bus-Filter; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2008-04-14 44928] S4 alim1541;ALI AGP-Bus-Filter; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2008-04-14 42752] S4 amdagp;AMD AGP-Bus-Filtertreiber; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2008-04-14 43008] S4 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2001-08-17 13952] S4 IntelIde;IntelIde; C:\WINDOWS\system32\DRIVERS\intelide.sys [2008-04-14 5504] S4 sisagp;SIS AGP-Bus-Filter; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2008-04-14 40960] S4 viaagp;VIA AGP-Bus-Filter; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-14 42240] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AcPrfMgrSvc;Ac Profile Manager Service; C:\Programme\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe [2007-02-19 53248] R2 AcSvc;Access Connections Main Service; C:\Programme\ThinkPad\ConnectUtilities\AcSvc.exe [2007-02-19 172032] R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2008-11-10 573440] R2 btwdins;Bluetooth Service; C:\Programme\ThinkPad\Bluetooth Software\bin\btwdins.exe [2006-05-31 266295] R2 ccEvtMgr;Symantec Event Manager; C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe [2005-07-12 185968] R2 ccProxy;Symantec Network Proxy; C:\Programme\Gemeinsame Dateien\Symantec Shared\ccProxy.exe [2005-07-12 239216] R2 ccSetMgr;Symantec Settings Manager; C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe [2005-07-12 161392] R2 DefWatch;Symantec AntiVirus Definition Watcher; C:\Programme\Symantec Client Security\Symantec AntiVirus\DefWatch.exe [2005-08-30 19552] R2 Diskeeper;Diskeeper; C:\Programme\Diskeeper Corporation\Diskeeper\DkService.exe [2006-05-23 622700] R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Programme\Intel\Wireless\Bin\EvtEng.exe [2006-08-02 434176] R2 IBMPMSVC;ThinkPad PM Service; C:\WINDOWS\system32\ibmpmsvc.exe [2005-11-10 73782] R2 IPSSVC;IPS-Basisservice; C:\WINDOWS\system32\IPSSVC.EXE [2006-08-16 73728] R2 Irmon;Infrarotüberwachung; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] R2 ISSVC;IS Service; C:\Programme\Symantec Client Security\Symantec Client Firewall\ISSVC.exe [2005-07-20 79488] R2 JavaQuickStarterService;Java Quick Starter; C:\Programme\Java\jre6\bin\jqs.exe [2010-04-12 153376] R2 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ); c:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2006-04-14 28933976] R2 PDFProFiltSrvPP;PDFProFiltSrvPP; C:\Programme\Nuance\PaperPort\PDFProFiltSrvPP.exe [2009-09-10 142424] R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Programme\Intel\Wireless\Bin\RegSrvc.exe [2006-08-02 327680] R2 S24EventMonitor;Intel(R) PROSet/Wireless Service; C:\Programme\Intel\Wireless\Bin\S24EvMon.exe [2006-08-02 937984] R2 SNDSrvc;Symantec Network Drivers Service; C:\Programme\Gemeinsame Dateien\Symantec Shared\SNDSrvc.exe [2005-04-05 206552] R2 SUService;System Update; c:\programme\lenovo\system update\suservice.exe [2009-06-12 28672] R2 Symantec AntiVirus;Symantec AntiVirus; C:\Programme\Symantec Client Security\Symantec AntiVirus\Rtvscan.exe [2005-08-30 1751136] R2 SymSecurePort;Symantec SecurePort; C:\Programme\Symantec Client Security\Symantec Client Firewall\SymSPort.exe [2005-08-26 202328] R2 ThinkVantage Registry Monitor Service;ThinkVantage Registry Monitor Service; C:\Programme\Gemeinsame Dateien\Lenovo\tvt_reg_monitor_svc.exe [2007-09-26 644408] R2 TPHDEXLGSVC;ThinkPad HDD APS Logging Service; C:\WINDOWS\System32\TPHDEXLG.EXE [2005-06-20 77824] R2 TpKmpSVC;IBM KCU Service; C:\WINDOWS\system32\TpKmpSVC.exe [2005-06-06 32768] R2 TSSCoreService;TSS Core Service; C:\Programme\Lenovo\Client Security Solution\tvttcsd.exe [2006-07-14 723712] R2 TVT Backup Service;TVT Backup Service; C:\Programme\Lenovo\Rescue and Recovery\rrservice.exe [2006-07-14 1974272] R2 TVT Scheduler;TVT Scheduler; C:\Programme\Gemeinsame Dateien\Lenovo\Scheduler\tvtsched.exe [2008-03-04 1122304] R2 tvtnetwk;tvtnetwk; C:\Programme\Lenovo\Rescue and Recovery\ADM\IUService.exe [2006-07-14 45056] R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912] R3 ServiceLayer;ServiceLayer; C:\Programme\PC Connectivity Solution\ServiceLayer.exe [2010-02-26 652800] S3 aspnet_state;ASP.NET-Zustandsdienst; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 ccPwdSvc;Symantec Password Validation; C:\Programme\Gemeinsame Dateien\Symantec Shared\ccPwdSvc.exe [2005-07-12 83568] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 IDriverT;InstallDriver Table Manager; C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728] S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 odserv;Microsoft Office Diagnostics Service; C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136] S3 ose;Office Source Engine; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 PsaSrv;IBM PSA Access Driver Control; C:\WINDOWS\system32\PsaSrv.exe [] S3 SavRoam;SAVRoam; C:\Programme\Symantec Client Security\Symantec AntiVirus\SavRoam.exe [2005-08-30 128608] S3 SPBBCSvc;Symantec SPBBCSvc; C:\Programme\Gemeinsame Dateien\Symantec Shared\SPBBC\SPBBCSvc.exe [2005-03-30 992864] S3 SQLWriter;SQL Server VSS Writer; c:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe [2006-04-14 87840] S3 WMConnectCDS;Windows Media Connect-Dienst; C:\Programme\Windows Media Connect 2\wmccds.exe [2005-10-06 856064] S4 MSSQLServerADHelper;Hilfsdienst von SQL Server für Active Directory; c:\Programme\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2005-10-14 45272] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] S4 SQLBrowser;SQL Server-Browser; c:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2006-04-14 240416] -----------------EOF----------------- info.txt von RSIT folgt im nächsten Thread |
| Themen zu DCOM-Server-Prozessstart wurde unerwartet beendet und PC friert ein |
| 32 bit, adobe, antivirus, beendet, bho, dcom-server-prozessstart, desktop, device driver, diagnostics, einfrieren, einstellungen, eraser, exe, explorer, fehlermeldung, fontcache, gerätetreiber, google, hijack, hijackthis, hkus\s-1-5-18, hängen, lenovo, monitor, mssql, nicht vorhanden, notification, nt.exe, object, pdf-datei, picasa, plug-in, problem, registry, rundll, security, senden, software, srvaju32.exe, starten., svchost, symantec, system, t-mobile, thinkvantage registry monitor service, unerwartet, windows xp, wlan |
Baum-Darstellung