|
Plagegeister aller Art und deren Bekämpfung: def_win32.exe u. msnmsgsr.exe was ist das?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
30.05.2010, 07:32 | #1 |
| def_win32.exe u. msnmsgsr.exe was ist das? huhu benötige Hilfe, habe die 7 goldenen Regeln zum Teil befolgt, doch bin ich nicht sehr versiert in der Anwendung aller Massnahmen. aus diesem Grund poste ich hier dennoch meine Fragen! Danke für alles schon einmal im Voraus! Szenario: Start meines Pc (Win XP Sp3) Nach dem Hochfahren meldet Scotty= " WinPatrol v. BillP " das sich folgende Programme ins Startup laden möchten: 1. def_win32.exe aus /windows/system32/ 2. msnmsgsr.exe aus /Benutzer/anwendungsdaten/msnmsgsr/ habe das starten nicht erlaubt( WinPatrol bietet diese Option durch Klickbox) da ich beide Programme nicht kenne. danach Start v. CCleaner; AntiMalware v.Malwarebytes; Virenscan mit Avast4.8 v. Alwil> ergebnislos ! suche über Google und in eurem Board zu 1. kein Ergebnis zu 2. soll lt. F-secure zu Trojan-Spy:W32/Banbra.RM gehören wenn diese .exe-Datei in einem anderen Ordner als /MSN ist Auswertung von HijackLogfile leider fehlgeschlagen > Meldung im Browser GatewayTimeout Error 504, ?? Manuelles Löschen( beide Dateien werden als System-Datei dargestellt) macht wohl keinen Sinn , da bestimmt der Urheber nicht betroffen ist. wie kann/soll ich nun am besten vorgehen? viele grüsse Anhang:RSIT Logfile: Code:
ATTFilter Logfile of random's system information tool 1.07 (written by random/random) Run by Benutzer at 2010-05-30 09:02:43 Microsoft Windows XP Home Edition Service Pack 3 System drive C: has 24 GB (8%) free of 302 GB Total RAM: 3582 MB (86% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 09:02:54, on 30.05.2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Programme\Alwil Software\Avast4\aswUpdSv.exe C:\Programme\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\CTsvcCDA.EXE C:\Programme\Intel\Intel Matrix Storage Manager\iaantmon.exe C:\Programme\Java\jre6\bin\jqs.exe C:\Programme\Spyware Terminator\sp_rsser.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\Programme\Alwil Software\Avast4\ashMaiSv.exe C:\Programme\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Programme\BillP Studios\WinPatrol\winpatrol.exe C:\WINDOWS\stsystra.exe C:\Programme\ScanSoft\OmniPageSE4\OpwareSE4.exe C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe C:\Programme\Intel\Intel Matrix Storage Manager\iaanotif.exe C:\Programme\CyberLink\PowerDVD\DVDLauncher.exe C:\Programme\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe C:\WINDOWS\system32\CTHELPER.EXE C:\Programme\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Programme\phonostar\ps_agent.exe C:\Programme\DNA\btdna.exe C:\WINDOWS\system32\ctfmon.exe C:\Programme\phonostar-Player\phonostarTimer.exe C:\Programme\OpenOffice.org 3\program\soffice.exe C:\Programme\OpenOffice.org 3\program\soffice.bin C:\Dokumente und Einstellungen\Benutzer\Eigene Dateien\Downloads Firefox\RSIT.exe C:\Programme\trend micro\benutzer.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Laptops, PCs, Desktop Computers, Monitors, Printers & PC Accessories | Dell UK R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Nachrichten - Service - Shopping bei t-online.de R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN, Messenger und Hotmail sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN, Messenger und Hotmail sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Programme\Ask.com\GenericAskToolbar.dll O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Programme\Winamp Toolbar\winamptb.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Programme\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Programme\Free Download Manager\iefdm2.dll O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: DVDVideoSoft Toolbar - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Programme\DVDVideoSoft\tbDVDV.dll O3 - Toolbar: Veoh Video Compass - {52836EB0-631A-47B1-94A6-61F9D9112DAE} - C:\Programme\Veoh Networks\Veoh Video Compass\SearchRecsPlugin.dll O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Programme\Winamp Toolbar\winamptb.dll O3 - Toolbar: DVDVideoSoft Toolbar - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Programme\DVDVideoSoft\tbDVDV.dll O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [WinPatrol] C:\Programme\BillP Studios\WinPatrol\winpatrol.exe -expressboot O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe O4 - HKLM\..\Run: [OpwareSE4] "C:\Programme\ScanSoft\OmniPageSE4\OpwareSE4.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [ISUSScheduler] "C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\isuspm.exe" -startup O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE O4 - HKLM\..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [DVDLauncher] "C:\Programme\CyberLink\PowerDVD\DVDLauncher.exe" O4 - HKLM\..\Run: [CtxfiReg] CTXFIREG.EXE O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE O4 - HKLM\..\Run: [CTSysVol] C:\Programme\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe /r O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [CTDVDDET] C:\Programme\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Programme\Canon\SolutionMenu\CNSLMAIN.exe /logon O4 - HKLM\..\Run: [CanonMyPrinter] C:\Programme\Canon\MyPrinter\BJMyPrt.exe /logon O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKCU\..\Run: [PhonostarAgent] C:\Programme\phonostar\ps_agent.exe O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Programme\DNA\btdna.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [phonostarTimer] C:\Programme\phonostar-Player\phonostarTimer.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST') O4 - HKUS\S-1-5-19\..\Run: [InfoCockpit] C:\Programme\T-Online\T-Online_Software_6\Info-Cockpit\IC_START.EXE /nosplash (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user') O4 - Startup: OpenOffice.org 3.1.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: &Clean Traces - C:\Programme\DAP\Privacy Package\dapcleanerie.htm O8 - Extra context menu item: &Download with &DAP - C:\Programme\DAP\dapextie.htm O8 - Extra context menu item: &Winamp Search - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html O8 - Extra context menu item: Crawler Search - tbr:iemenu O8 - Extra context menu item: Download &all with DAP - C:\Programme\DAP\dapextie2.htm O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - hxxp://www.creative.com/su/ocx/15026/CTSUEng.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - hxxp://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - hxxp://download.ewido.net/ewidoOnlineScan.cab O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - https://www-secure.symantec.com/techsupp/asa/LSSupCtl.cab O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - hxxp://download.mcafee.com/molbin/shared/mcinsctl/de/4,0,0,90/mcinsctl.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - Free Online Virus Scan | BitDefender Online Scanner O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1169925047765 O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - hxxp://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} (Creative Software AutoUpdate) - hxxp://www.creative.com/softwareupdate/su/ocx/15101/CTSUEng.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1204132317984 O16 - DPF: {78AEEDE8-7345-4FB5-A8FE-4BFF16EF25FC} (McAfee Virtual Technician Control Class) - hxxp://mvt.mcafee.com/mvt/bin/3,0,1,0/mvt.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - hxxp://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} (F-Secure Online Scanner 3.0) - hxxp://support.f-secure.com/ols/fscax.cab O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - hxxp://download.mcafee.com/molbin/shared/mcgdmgr/de/1,0,0,23/mcgdmgr.cab O16 - DPF: {E856B973-45FD-4559-8F82-EAB539144667} (Dell PC Checkup Installer Control) - hxxp://pccheckup.dellfix.com/rel/41/install/gtdownde.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15111/CTPID.cab O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programme\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Programme\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programme\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programme\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE O23 - Service: Google Update Service (gupdate1c9f2b178801384) (gupdate1c9f2b178801384) - Google Inc. - C:\Programme\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Programme\Intel\Intel Matrix Storage Manager\iaantmon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe O23 - Service: T-Online WLAN Adapter Steuerungsdienst (MZCCntrl) - Deutsche Telekom AG, Marmiko IT-Solutions GmbH - C:\Programme\Gemeinsame Dateien\Marmiko Shared\MZCCntrl.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Dokumente und Einstellungen\Arno\Eigene Dateien\SiSoftware Sandra Lite 2007.SP1\RpcSandraSrv.exe O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Programme\Spyware Terminator\sp_rsser.exe -- End of file - 13878 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\Google Software Updater.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}] Winamp Toolbar Loader - C:\Programme\Winamp Toolbar\winamptb.dll [2009-05-06 1262888] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}] RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2009-06-21 312928] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll [2009-02-25 251504] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Programme\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2009-09-13 761840] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}] Google Dictionary Compression sdch - C:\Programme\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll [2009-02-25 522224] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}] FDMIECookiesBHO Class - C:\Programme\Free Download Manager\iefdm2.dll [2008-12-30 98304] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] Ask Toolbar - C:\Programme\Ask.com\GenericAskToolbar.dll [2010-02-04 1197448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Programme\Java\jre6\bin\jp2ssv.dll [2010-04-12 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-04-12 79648] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}] DVDVideoSoft Toolbar - C:\Programme\DVDVideoSoft\tbDVDV.dll [2009-12-31 2349080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {52836EB0-631A-47B1-94A6-61F9D9112DAE} - Veoh Video Compass - C:\Programme\Veoh Networks\Veoh Video Compass\SearchRecsPlugin.dll [2009-09-15 474872] {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - Winamp Toolbar - C:\Programme\Winamp Toolbar\winamptb.dll [2009-05-06 1262888] {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - DVDVideoSoft Toolbar - C:\Programme\DVDVideoSoft\tbDVDV.dll [2009-12-31 2349080] {D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Programme\Ask.com\GenericAskToolbar.dll [2010-02-04 1197448] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000] "WinPatrol"=C:\Programme\BillP Studios\WinPatrol\winpatrol.exe [2008-10-09 333120] "UpdReg"=C:\WINDOWS\UpdReg.EXE [2000-05-11 90112] "SSBkgdUpdate"=C:\Programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25 210472] "SigmatelSysTrayApp"=C:\WINDOWS\stsystra.exe [2005-03-23 339968] "OpwareSE4"=C:\Programme\ScanSoft\OmniPageSE4\OpwareSE4.exe [2007-02-04 79400] "NWEReboot"= [] "NeroFilterCheck"=C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe [2006-01-12 155648] "ISUSScheduler"=C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe [2005-08-11 81920] "ISUSPM Startup"=C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\isuspm.exe [2005-08-11 249856] "IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-04 208952] "IMEKRMIG6.1"=C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE [2004-08-04 44032] "IAAnotif"=C:\Programme\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-02-11 186904] "DVDLauncher"=C:\Programme\CyberLink\PowerDVD\DVDLauncher.exe [2005-02-23 53248] "CtxfiReg"=C:\WINDOWS\system32\CTXFIREG.EXE [2006-08-11 42496] "CTxfiHlp"=C:\WINDOWS\system32\CTXFIHLP.EXE [2006-08-11 18944] "CTSysVol"=C:\Programme\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe [2003-09-17 57344] "CTHelper"=C:\WINDOWS\system32\CTHELPER.EXE [2008-06-27 19456] "CTDVDDET"=C:\Programme\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE [2003-06-18 45056] "CanonSolutionMenu"=C:\Programme\Canon\SolutionMenu\CNSLMAIN.exe [2007-05-14 644696] "CanonMyPrinter"=C:\Programme\Canon\MyPrinter\BJMyPrt.exe [2007-04-03 1603152] "Adobe Reader Speed Launcher"=C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-04-04 36272] "Adobe ARM"=C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe [2010-03-24 952768] "NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2010-04-03 110696] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-04-03 13670504] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "PhonostarAgent"=C:\Programme\phonostar\ps_agent.exe [2009-05-13 98304] "BitTorrent DNA"=C:\Programme\DNA\btdna.exe [2009-11-07 323392] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] "swg"=C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-12-27 68856] "phonostarTimer"=C:\Programme\phonostar-Player\phonostarTimer.exe [2009-10-07 37376] "fsm"= [] "Start WingMan Profiler"= [] C:\Dokumente und Einstellungen\Benutzer\Startmenü\Programme\Autostart OpenOffice.org 3.1.lnk - C:\Programme\OpenOffice.org 3\program\quickstart.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2007-02-15 236928] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{93994DE8-8239-4655-B1D1-5F4E91300429}"=C:\PROGRA~1\DVDREG~1\DVDShell.dll [2003-08-26 49152] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System] "NoDispCPL"=0 "NoDispAppearancePage"=0 "NoDispSettingsPage"=0 "NoDispScrSavPage"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "undockwithoutlogon"=1 "DisableCAD"=1 "ShutdownWithoutLogon"=1 "NoDispCPL"=0 "NoDispSettingsPage"=0 "NoDispScrSavPage"=0 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoViewContextMenu"=0 "NoWinKeys"=0 "NoFileAssociate"=0 "NoFolderOptions"=0 "NoFind"=0 "NoRun"=0 "NoClose"=0 "NoCommonGroups"=0 "StartMenuLogoff"=0 "NoTrayContextMenu"=0 "NoSimpleStartMenu"=0 "HideClock"=0 "NoDriveTypeAutoRun"=145 "NoActiveDesktop"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= "NoViewContextMenu"= "NoFileAssociate"= "NoFind"= "NoRun"= "NoClose"= "StartMenuLogoff"= "NoResolveTrack"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "C:\Programme\The Rasmus Player\bin\Update.exe"="C:\Programme\The Rasmus Player\bin\Update.exe:*:Enabled:The Rasmus Player" "C:\Programme\T-Online\T-Online_Software_6\Browser\browser.exe"="C:\Programme\T-Online\T-Online_Software_6\Browser\browser.exe:*:Enabled:T-Online Browser" "C:\Programme\T-Online\T-Online_Software_6\eMail\Mail.exe"="C:\Programme\T-Online\T-Online_Software_6\eMail\Mail.exe:*:Enabled:T-Online eMail" "C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019" "C:\Dokumente und Einstellungen\Arno\Eigene Dateien\Neuer Ordner (2)\DigiCams.exe"="C:\Dokumente und Einstellungen\Arno\Eigene Dateien\Neuer Ordner (2)\DigiCams.exe:*:Disabled:DigiCams" "C:\Programme\Google\Google Earth\GoogleEarth.exe"="C:\Programme\Google\Google Earth\GoogleEarth.exe:*:Disabled:Google Earth" "C:\Programme\Messenger\msmsgs.exe"="C:\Programme\Messenger\msmsgs.exe:*:Disabled:Windows Messenger" "C:\Programme\NASA\World Wind 1.3\WorldWind.exe"="C:\Programme\NASA\World Wind 1.3\WorldWind.exe:*:Disabled:World Wind 1.3" "C:\Programme\Winter Sports Extreme\Winter Sports Extreme.exe"="C:\Programme\Winter Sports Extreme\Winter Sports Extreme.exe:*:Disabled: Winter Sports Extreme" "C:\Sierra\Empire Earth\Empire Earth.exe"="C:\Sierra\Empire Earth\Empire Earth.exe:*:Disabled:Empire Earth" "C:\Programme\JoWooD\SpellForce\SpellForce.exe"="C:\Programme\JoWooD\SpellForce\SpellForce.exe:*:Enabled:SpellForce - Shadow of the Phoenix spielen" "C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"="C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe:*:Disabled:Kaspersky Anti-Virus" "C:\Programme\T-Online\T-Online_Software_6\Browser\dlman.exe"="C:\Programme\T-Online\T-Online_Software_6\Browser\dlman.exe:*:Enabled:T-Online Browser 6.0 Download Manager" "C:\Programme\T-Online\T-Online_Software_6\Internet-Telefon\Phone.exe"="C:\Programme\T-Online\T-Online_Software_6\Internet-Telefon\Phone.exe:*:Disabled:Phone" "C:\Programme\Nero\Nero 7\Nero BackItUp\BackItUp.exe"="C:\Programme\Nero\Nero 7\Nero BackItUp\BackItUp.exe:*:Disabled:Nero BackItUp" "C:\Programme\Nero\Nero 7\Core\nero.exe"="C:\Programme\Nero\Nero 7\Core\nero.exe:*:Disabled:Nero Burning ROM" "C:\Programme\Nero\Nero 7\Nero Toolkit\CDSpeed.exe"="C:\Programme\Nero\Nero 7\Nero Toolkit\CDSpeed.exe:*:Disabled:Nero CD-DVD Speed" "C:\Programme\Nero\Nero 7\Nero CoverDesigner\CoverDes.exe"="C:\Programme\Nero\Nero 7\Nero CoverDesigner\CoverDes.exe:*:Disabled:Nero CoverDesigner" "C:\Programme\Nero\Nero 7\Nero Toolkit\DriveSpeed.exe"="C:\Programme\Nero\Nero 7\Nero Toolkit\DriveSpeed.exe:*:Disabled:Nero DriveSpeed" "C:\Programme\Nero\Nero 7\Nero Home\NeroHome.exe"="C:\Programme\Nero\Nero 7\Nero Home\NeroHome.exe:*:Disabled:Nero Home" "C:\Programme\Nero\Nero 7\Nero ImageDrive\ImageDrive.exe"="C:\Programme\Nero\Nero 7\Nero ImageDrive\ImageDrive.exe:*:Disabled:Nero ImageDrive" "C:\Programme\Nero\Nero 7\Nero Toolkit\InfoTool.exe"="C:\Programme\Nero\Nero 7\Nero Toolkit\InfoTool.exe:*:Disabled:Nero InfoTool" "C:\Programme\Nero\Nero 7\Nero MediaHome\NeroMediaHome.exe"="C:\Programme\Nero\Nero 7\Nero MediaHome\NeroMediaHome.exe:*:Disabled:Nero MediaHome" "C:\Programme\Nero\Nero 7\Nero PhotoSnap\PhotoSnap.exe"="C:\Programme\Nero\Nero 7\Nero PhotoSnap\PhotoSnap.exe:*:Disabled:Nero PhotoSnap" "C:\Programme\Nero\Nero 7\Nero Recode\Recode.exe"="C:\Programme\Nero\Nero 7\Nero Recode\Recode.exe:*:Disabled:Nero Recode" "C:\Programme\Nero\Nero 7\Nero ShowTime\ShowTime.exe"="C:\Programme\Nero\Nero 7\Nero ShowTime\ShowTime.exe:*:Disabled:Nero ShowTime" "C:\Programme\Nero\Nero 7\Nero SoundTrax\SoundTrax.exe"="C:\Programme\Nero\Nero 7\Nero SoundTrax\SoundTrax.exe:*:Disabled:Nero SoundTrax" "C:\Programme\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe"="C:\Programme\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe:*:Disabled:Nero StartSmart" "C:\Programme\Nero\Nero 7\Nero Vision\NeroVision.exe"="C:\Programme\Nero\Nero 7\Nero Vision\NeroVision.exe:*:Disabled:Nero Vision" "C:\Programme\Nero\Nero 7\Nero WaveEditor\waveedit.exe"="C:\Programme\Nero\Nero 7\Nero WaveEditor\waveedit.exe:*:Disabled:Nero WaveEditor" "C:\Programme\Team17 Software Ltd\Worms Forts Under Siege\WF.exe"="C:\Programme\Team17 Software Ltd\Worms Forts Under Siege\WF.exe:*:Disabled:WF" "C:\Programme\Anno 1701\Anno1701.exe"="C:\Programme\Anno 1701\Anno1701.exe:*:Disabled:Anno 1701" "C:\Sierra\EE-ZDE\EE-AOC.exe"="C:\Sierra\EE-ZDE\EE-AOC.exe:*:Disabled:EE-AOC" "C:\Programme\Ahead\SIPPS\SIPPS.exe"="C:\Programme\Ahead\SIPPS\SIPPS.exe:*:Disabled:SIPPS" "C:\Programme\CCP\EVE\eve.exe"="C:\Programme\CCP\EVE\eve.exe:*:Enabled:Play EVE" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Dokumente und Einstellungen\Arno\Eigene Dateien\SiSoftware Sandra Lite 2007.SP1\Win32\RpcDataSrv.exe"="C:\Dokumente und Einstellungen\Arno\Eigene Dateien\SiSoftware Sandra Lite 2007.SP1\Win32\RpcDataSrv.exe:*:Disabled:SiSoftware Sandra Lite" "C:\Dokumente und Einstellungen\Arno\Eigene Dateien\SiSoftware Sandra Lite 2007.SP1\sandra.exe"="C:\Dokumente und Einstellungen\Arno\Eigene Dateien\SiSoftware Sandra Lite 2007.SP1\sandra.exe:*:Disabled:SiSoftware Sandra Lite" "C:\Dokumente und Einstellungen\Arno\Eigene Dateien\SiSoftware Sandra Lite 2007.SP1\RpcSandraSrv.exe"="C:\Dokumente und Einstellungen\Arno\Eigene Dateien\SiSoftware Sandra Lite 2007.SP1\RpcSandraSrv.exe:*:Disabled:SiSoftware Sandra Lite" "C:\Programme\Codemasters\Worms 4 Mayhem\WORMS 4 MAYHEM.EXE"="C:\Programme\Codemasters\Worms 4 Mayhem\WORMS 4 MAYHEM.EXE:*:Disabled:Worms 4 Mayhem" "C:\WINDOWS\system32\mmc.exe"="C:\WINDOWS\system32\mmc.exe:*:Disabled:Microsoft Management Console" "C:\WINDOWS\Network Diagnostic\xpnetdiag.exe"="C:\WINDOWS\Network Diagnostic\xpnetdiag.exe:*:Disabled:@xpsp3res.dll,-20000" "C:\Programme\Atari\Neverwinter Nights 2\nwn2main.exe"="C:\Programme\Atari\Neverwinter Nights 2\nwn2main.exe:*:Enabled:Neverwinter Nights 2 Main" "C:\Programme\Atari\Neverwinter Nights 2\nwn2main_amdxp.exe"="C:\Programme\Atari\Neverwinter Nights 2\nwn2main_amdxp.exe:*:Enabled:Neverwinter Nights 2 AMD" "C:\Programme\Atari\Neverwinter Nights 2\nwupdate.exe"="C:\Programme\Atari\Neverwinter Nights 2\nwupdate.exe:*:Enabled:Neverwinter Nights 2 Updater" "C:\Programme\Atari\Neverwinter Nights 2\nwn2server.exe"="C:\Programme\Atari\Neverwinter Nights 2\nwn2server.exe:*:Enabled:Neverwinter Nights 2 Server" "C:\Programme\Ascaron Entertainment\Sacred\Sacred.exe"="C:\Programme\Ascaron Entertainment\Sacred\Sacred.exe:*:Enabled:Sacred" "C:\Programme\LucasArts\Star Wars Empire at War\GameData\sweaw.exe"="C:\Programme\LucasArts\Star Wars Empire at War\GameData\sweaw.exe:*:Enabled:Star Wars: Empire at War" "C:\Programme\THQ\Hot Wheels Stunt Track Challenge\hwstc.exe"="C:\Programme\THQ\Hot Wheels Stunt Track Challenge\hwstc.exe:*:Enabled:Hot Wheels™ Stunt Track Challenge™" "C:\Dokumente und Einstellungen\Arno\Eigene Dateien\youtubegrabberv31\Youtube Grabber v31.exe"="C:\Dokumente und Einstellungen\Arno\Eigene Dateien\youtubegrabberv31\Youtube Grabber v31.exe:*:Enabled:Youtube Grabber v31.exe" "C:\Programme\Codemasters\DiRT Demo\DiRTDemo.exe"="C:\Programme\Codemasters\DiRT Demo\DiRTDemo.exe:*:Disabled:DiRT Demo Executable" "C:\Programme\Gemeinsame Dateien\Ahead\Nero Web\SetupX.exe"="C:\Programme\Gemeinsame Dateien\Ahead\Nero Web\SetupX.exe:*:Disabled:MSI starter" "C:\Programme\CCP\EVE\bin\ExeFile.exe"="C:\Programme\CCP\EVE\bin\ExeFile.exe:*:Enabled:CCP ExeFile" "C:\Programme\THQ\Gas Powered Games\Supreme Commander\bin\SupremeCommander.exe"="C:\Programme\THQ\Gas Powered Games\Supreme Commander\bin\SupremeCommander.exe:*:Enabled:Supreme Commander" "C:\Programme\UBISOFT\Heroes of Might and Magic V\bin\H5_Game.exe"="C:\Programme\UBISOFT\Heroes of Might and Magic V\bin\H5_Game.exe:*:Enabled:Heroes of Might and Magic V" "C:\Programme\Cyanide\Winter Challenge\WinterApp.exe"="C:\Programme\Cyanide\Winter Challenge\WinterApp.exe:*:Enabled:WinterChallenge" "C:\Programme\THQ\Gas Powered Games\Supreme Commander - Forged Alliance\bin\ForgedAlliance.exe"="C:\Programme\THQ\Gas Powered Games\Supreme Commander - Forged Alliance\bin\ForgedAlliance.exe:*:Enabled:Supreme Commander - Forged Alliance" "C:\Programme\THQ\Gas Powered Games\GPGNet\GPG.Multiplayer.Client.exe"="C:\Programme\THQ\Gas Powered Games\GPGNet\GPG.Multiplayer.Client.exe:*:Enabled:GPGNet - Supreme Commander - Forged Alliance" "C:\Programme\TrackMania Sunrise\TmSunrise.exe"="C:\Programme\TrackMania Sunrise\TmSunrise.exe:*:Enabled:TmSunrise" "C:\Programme\NAMCO BANDAI Games\Warhammer® Mark of Chaos\Warhammer.exe"="C:\Programme\NAMCO BANDAI Games\Warhammer® Mark of Chaos\Warhammer.exe:*:Enabled:Warhammer®: Mark of Chaos™" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Programme\LucasArts\Star Wars Empire at War Forces of Corruption\swfoc.exe"="C:\Programme\LucasArts\Star Wars Empire at War Forces of Corruption\swfoc.exe:*:Enabled:Star Wars(R): Empire at War(TM): Forces of Corruption(TM)" "C:\Programme\Microsoft Games\Rise Of Legends\legends.exe"="C:\Programme\Microsoft Games\Rise Of Legends\legends.exe:*:Enabled:Rise Of Legends" "C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMBgMonitor.exe"="C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMBgMonitor.exe:*:Disabled:Nero Home" "C:\Programme\Gemeinsame Dateien\Ahead\Nero Web\SetupXu.exe"="C:\Programme\Gemeinsame Dateien\Ahead\Nero Web\SetupXu.exe:*:Disabled:Nero ProductSetup" "C:\Dokumente und Einstellungen\Arno\Lokale Einstellungen\Temp\Nero Web\SetupXu.exe"="C:\Dokumente und Einstellungen\Arno\Lokale Einstellungen\Temp\Nero Web\SetupXu.exe:*:Disabled:Nero ProductSetup" "C:\Programme\Dreamlords\dreamlords.exe"="C:\Programme\Dreamlords\dreamlords.exe:*:Enabled:Dreamlords Game Client" "C:\Programme\Reality Pump\Two Worlds\TwoWorlds.exe"="C:\Programme\Reality Pump\Two Worlds\TwoWorlds.exe:*:Enabled:Two Worlds" "C:\Programme\Reality Pump\Two Worlds\TwoWorlds_RADEON.exe"="C:\Programme\Reality Pump\Two Worlds\TwoWorlds_RADEON.exe:*:Enabled:Two Worlds" "C:\Programme\DAP\DAP.exe"="C:\Programme\DAP\DAP.exe:*:Enabled:Download Accelerator Plus (DAP)" "C:\Programme\World of Warcraft\Repair.exe"="C:\Programme\World of Warcraft\Repair.exe:*:Disabled:Blizzard Repair Utility" "C:\Programme\Samsung\EasyStudio\1.0\PIMS & File Manager\PIMS & File Manager.exe"="C:\Programme\Samsung\EasyStudio\1.0\PIMS & File Manager\PIMS & File Manager.exe:*:Disabled:EasyStudio PIMS & File Manager" "C:\Dokumente und Einstellungen\Arno\Eigene Dateien\emule\emule.exe"="C:\Dokumente und Einstellungen\Arno\Eigene Dateien\emule\emule.exe:*:Disabled:eMule" "C:\Programme\Ventrilo\Ventrilo.exe"="C:\Programme\Ventrilo\Ventrilo.exe:*:Enabled:Ventrilo.exe" "C:\Program Files\Davilex\Taxi Raser\Taxi Raser.exe"="C:\Program Files\Davilex\Taxi Raser\Taxi Raser.exe:*:Disabled:Taxi" "C:\Programme\DNA\btdna.exe"="C:\Programme\DNA\btdna.exe:*:Enabled:DNA" "C:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis2\kernel.exe"="C:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis2\kernel.exe:*:Enabled:T-Online 6.0" "C:\Programme\Electronic Arts\BattleForge\Bootstrapper.exe"="C:\Programme\Electronic Arts\BattleForge\Bootstrapper.exe:*:Enabled:BattleForge™ Launcher" "C:\Programme\Electronic Arts\BattleForge\BattleForge.exe"="C:\Programme\Electronic Arts\BattleForge\BattleForge.exe:*:Enabled:BattleForge™" "C:\Programme\Activision\Transformers - Die Rache\Transformers2.exe"="C:\Programme\Activision\Transformers - Die Rache\Transformers2.exe:*:Enabled:Transformers - Die Rache-Spiel" "C:\Programme\Microsoft Games\Age of Empires II\age2_x1\age2_x1.exe"="C:\Programme\Microsoft Games\Age of Empires II\age2_x1\age2_x1.exe:*:Enabled:Age of Empires II Expansion" "C:\Programme\Microsoft Games\Age of Empires II\EMPIRES2.EXE"="C:\Programme\Microsoft Games\Age of Empires II\EMPIRES2.EXE:*:Enabled:Age of Empires II" "C:\Programme\Java\jre6\launch4j-tmp\frd.exe"="C:\Programme\Java\jre6\launch4j-tmp\frd.exe:*:Enabled:Java(TM) Platform SE binary" "C:\Programme\UseNeXT\UseNeXT.exe"="C:\Programme\UseNeXT\UseNeXT.exe:*:Disabled:UseNeXT" "C:\Programme\UBISOFT\Related Designs\ANNO 1404\Anno4.exe"="C:\Programme\UBISOFT\Related Designs\ANNO 1404\Anno4.exe:*:Enabled:ANNO 1404" "C:\Programme\UBISOFT\Related Designs\ANNO 1404\tools\Anno4Web.exe"="C:\Programme\UBISOFT\Related Designs\ANNO 1404\tools\Anno4Web.exe:*:Enabled:Anno 1404 Web" "C:\Programme\Opera\opera.exe"="C:\Programme\Opera\opera.exe:*:Enabled:Opera Internet Browser" "C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test" "C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Disabled:Eine DLL-Datei als Anwendung ausführen" "C:\Programme\Runes of Magic\Runes of Magic.exe"="C:\Programme\Runes of Magic\Runes of Magic.exe:*:Enabled:Runes of Magic" "C:\Programme\Samsung\Samsung PC Studio\PIM & File Manager 1.0\PCStudio.exe"="C:\Programme\Samsung\Samsung PC Studio\PIM & File Manager 1.0\PCStudio.exe:*:Enabled:PIM & File Manager 1.0" "C:\Programme\Samsung\Samsung PC Studio II 2.0\PIMS & File Manager\PIMS & File Manager.exe"="C:\Programme\Samsung\Samsung PC Studio II 2.0\PIMS & File Manager\PIMS & File Manager.exe:*:Enabled:PIMS & File Manager" "C:\Programme\Runes of Magic\launcher.exe"="C:\Programme\Runes of Magic\launcher.exe:*:Enabled:BaseUpda Application" "C:\Programme\Skype\Phone\Skype.exe"="C:\Programme\Skype\Phone\Skype.exe:*:Enabled:Skype" "C:\Downloads\Software\EVE_Premium_Setup_84609_m.exe"="C:\Downloads\Software\EVE_Premium_Setup_84609_m.exe:*:Disabled:EVE_Premium_Setup_84609_m.exe" "C:\Programme\BitTorrent\bittorrent.exe"="C:\Programme\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent" "C:\Programme\UBISOFT\Related Designs\ANNO 1404\tools\WorldEditor2.exe"="C:\Programme\UBISOFT\Related Designs\ANNO 1404\tools\WorldEditor2.exe:*:Enabled:WorldEditor2" "C:\Programme\UBISOFT\Related Designs\ANNO 1404\tools\ToolOne.exe"="C:\Programme\UBISOFT\Related Designs\ANNO 1404\tools\ToolOne.exe:*:Enabled:ToolOne" "C:\Programme\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"="C:\Programme\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:*:Enabled:Veoh Web Player " "C:\Programme\Runes of Magic\Client.exe"="C:\Programme\Runes of Magic\Client.exe:*:Enabled:Runes of Magic" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Dokumente und Einstellungen\benutzer\Eigene Dateien\SiSoftware Sandra Lite 2007.SP1\sandra.exe"="C:\Dokumente und Einstellungen\Arno\Eigene Dateien\SiSoftware Sandra Lite 2007.SP1\sandra.exe:*:Enabled:SiSoftware Sandra Lite" "C:\Dokumente und Einstellungen\Benutzer\Eigene Dateien\SiSoftware Sandra Lite 2007.SP1\RpcSandraSrv.exe"="C:\Dokumente und Einstellungen\Arno\Eigene Dateien\SiSoftware Sandra Lite 2007.SP1\RpcSandraSrv.exe:*:Enabled:SiSoftware Sandra Lite" "C:\Dokumente und Einstellungen\benutzer\Eigene Dateien\SiSoftware Sandra Lite 2007.SP1\Win32\RpcDataSrv.exe"="C:\Dokumente und Einstellungen\Arno\Eigene Dateien\SiSoftware Sandra Lite 2007.SP1\Win32\RpcDataSrv.exe:*:Enabled:SiSoftware Sandra Lite" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D] shell\AutoRun\command - D:\AUTORUN.EXE [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E] shell\AutoRun\command - E:\autorun.exe ======List of files/folders created in the last 1 months====== 2010-05-30 08:56:48 ----A---- C:\WINDOWS\{00000005-00000000-00000004-00001102-00000004-20061102}.BAK 2010-05-30 07:33:34 ----D---- C:\Programme\trend micro 2010-05-30 07:33:33 ----D---- C:\rsit 2010-05-30 06:14:02 ----RSHD---- C:\Dokumente und Einstellungen\benutzer\Anwendungsdaten\msnmsgsr 2010-05-30 03:47:40 ----A---- C:\WINDOWS\system32\Optix_ScreenCapS.dll 2010-05-30 02:19:21 ----A---- C:\WINDOWS\system32\def_win32.exe 2010-05-29 09:14:39 ----D---- C:\Programme\NVIDIA Corporation 2010-05-29 09:14:06 ----A---- C:\WINDOWS\system32\OpenCL.dll 2010-05-29 09:14:06 ----A---- C:\WINDOWS\system32\nvoglnt.dll 2010-05-29 09:14:06 ----A---- C:\WINDOWS\system32\nvcuvid.dll 2010-05-29 09:14:06 ----A---- C:\WINDOWS\system32\nvcuvenc.dll 2010-05-29 09:14:03 ----A---- C:\WINDOWS\system32\nvcuda.dll 2010-05-29 09:14:03 ----A---- C:\WINDOWS\system32\nvcompiler.dll 2010-05-29 09:14:03 ----A---- C:\WINDOWS\system32\nvcodins.dll 2010-05-29 09:14:03 ----A---- C:\WINDOWS\system32\nvcod.dll 2010-05-29 09:14:03 ----A---- C:\WINDOWS\system32\nvapi.dll 2010-05-26 13:37:33 ----HDC---- C:\WINDOWS\$NtUninstallKB981793$ 2010-05-25 06:47:21 ----D---- C:\Dokumente und Einstellungen\benutzer\Anwendungsdaten\SecondLife 2010-05-13 19:32:22 ----D---- C:\Programme\Microsoft WSE 2010-05-13 19:30:18 ----D---- C:\Programme\Deutsche Telekom 2010-05-12 18:36:13 ----A---- C:\WINDOWS\system32\javaws.exe 2010-05-12 18:36:13 ----A---- C:\WINDOWS\system32\javaw.exe 2010-05-12 18:36:13 ----A---- C:\WINDOWS\system32\java.exe 2010-05-12 18:36:13 ----A---- C:\WINDOWS\system32\deployJava1.dll 2010-05-12 12:00:37 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$ ======List of files/folders modified in the last 1 months====== 2010-05-30 09:00:06 ----D---- C:\WINDOWS\Temp 2010-05-30 08:59:31 ----D---- C:\Programme\DNA 2010-05-30 08:59:31 ----D---- C:\Dokumente und Einstellungen\benutzer\Anwendungsdaten\DNA 2010-05-30 08:58:46 ----D---- C:\WINDOWS 2010-05-30 08:58:42 ----SD---- C:\WINDOWS\Tasks 2010-05-30 08:58:01 ----D---- C:\WINDOWS\system32\drivers 2010-05-30 08:56:55 ----A---- C:\WINDOWS\SchedLgU.Txt 2010-05-30 07:33:34 ----RD---- C:\Programme 2010-05-30 07:24:58 ----A---- C:\WINDOWS\Filzip.ini 2010-05-30 07:23:36 ----A---- C:\WINDOWS\system.ini 2010-05-30 06:47:26 ----D---- C:\Dokumente und Einstellungen\benutzer\Anwendungsdaten\WinPatrol 2010-05-30 06:21:56 ----D---- C:\Dokumente und Einstellungen\benutzer\Anwendungsdaten\Spyware Terminator 2010-05-30 06:21:50 ----D---- C:\Programme\Spyware Terminator 2010-05-30 04:20:44 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spyware Terminator 2010-05-30 04:12:35 ----A---- C:\WINDOWS\NeroDigital.ini 2010-05-30 03:49:40 ----RD---- C:\WINDOWS\Web 2010-05-30 03:47:40 ----D---- C:\WINDOWS\system32 2010-05-30 02:22:34 ----AD---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP 2010-05-29 17:34:26 ----D---- C:\WINDOWS\system32\CatRoot2 2010-05-29 09:17:33 ----HD---- C:\WINDOWS\inf 2010-05-29 09:15:30 ----SHD---- C:\WINDOWS\Installer 2010-05-29 09:15:30 ----SHD---- C:\Config.Msi 2010-05-29 09:15:12 ----D---- C:\WINDOWS\Help 2010-05-29 09:14:46 ----RSHDC---- C:\WINDOWS\system32\dllcache 2010-05-29 09:14:36 ----D---- C:\WINDOWS\system32\CatRoot 2010-05-29 07:35:10 ----D---- C:\WINDOWS\Prefetch 2010-05-28 08:22:43 ----D---- C:\WINDOWS\system32\FxsTmp 2010-05-27 20:24:03 ----D---- C:\Programme\Mozilla Firefox 2010-05-27 14:06:53 ----D---- C:\Programme\DVDVideoSoft 2010-05-27 12:40:52 ----RSD---- C:\WINDOWS\assembly 2010-05-24 10:05:48 ----D---- C:\Programme\Runes of Magic 2010-05-23 22:20:11 ----A---- C:\WINDOWS\client.config.ini 2010-05-23 06:45:10 ----D---- C:\Programme\UBISOFT 2010-05-23 06:44:50 ----HD---- C:\Programme\InstallShield Installation Information 2010-05-21 18:44:05 ----D---- C:\WINDOWS\system32\ReinstallBackups 2010-05-21 18:32:05 ----D---- C:\Programme\USB Vibration Joystick 2010-05-21 15:49:32 ----A---- C:\WINDOWS\system32\CmdLineExt.dll 2010-05-16 22:13:32 ----A---- C:\WINDOWS\DVDRegionFree.INI 2010-05-15 11:04:58 ----D---- C:\Programme\Google 2010-05-13 23:07:42 ----D---- C:\WINDOWS\Microsoft.NET 2010-05-13 22:29:45 ----A---- C:\TO_InstallLog.txt 2010-05-13 21:46:12 ----D---- C:\Programme\Gemeinsame Dateien\Marmiko Shared 2010-05-13 19:35:23 ----A---- C:\WINDOWS\win.ini 2010-05-13 19:17:06 ----D---- C:\Programme\Gemeinsame Dateien 2010-05-13 19:17:02 ----RSD---- C:\WINDOWS\Fonts 2010-05-12 23:58:09 ----D---- C:\WINDOWS\Debug 2010-05-12 18:37:16 ----D---- C:\Programme\Apple Software Update 2010-05-12 18:36:11 ----D---- C:\Programme\Java 2010-05-12 12:00:40 ----D---- C:\Programme\Outlook Express 2010-05-12 09:52:26 ----HD---- C:\WINDOWS\$hf_mig$ 2010-05-11 06:00:59 ----D---- C:\WINDOWS\UI 2010-05-11 05:58:18 ----A---- C:\WINDOWS\DFC.INI 2010-05-04 15:04:20 ----D---- C:\Programme\Pingus 2010-05-03 00:17:30 ----A---- C:\WINDOWS\cdplayer.ini 2010-05-02 01:51:44 ----D---- C:\Programme\Mozilla Thunderbird 2010-05-01 17:29:28 ----D---- C:\Programme\Black Isle 2010-05-01 17:26:07 ----D---- C:\Dokumente und Einstellungen\benutzer\Anwendungsdaten\SpieleEntwicklungsKombinat 2010-05-01 17:22:48 ----SD---- C:\Dokumente und Einstellungen\benutzer\Anwendungsdaten\Microsoft 2010-05-01 17:15:03 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Firefly Studios 2010-05-01 17:13:47 ----D---- C:\Programme\Garfield 2 2010-05-01 01:17:00 ----D---- C:\Dokumente und Einstellungen ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408] R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-11-25 114768] R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560] R1 intelppm;Intel-Prozessortreiber; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40448] R1 kbdhid;Tastatur-HID-Treiber; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720] R1 omci;OMCI WDM Device Driver; C:\WINDOWS\system32\DRIVERS\omci.sys [2002-11-08 17217] R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-03-09 77184] R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys [] R2 ACEDRV09;ACEDRV09; \??\C:\WINDOWS\system32\drivers\ACEDRV09.sys [] R2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [1999-09-10 25244] R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560] R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-11-25 94160] R2 atjsgt;atjsgt; C:\WINDOWS\system32\DRIVERS\atjsgt.sys [2008-07-21 165504] R2 ithsgt;ithsgt; C:\WINDOWS\system32\DRIVERS\ithsgt.sys [2006-02-16 162432] R2 lilsgt;lilsgt; C:\WINDOWS\system32\DRIVERS\lilsgt.sys [2006-02-16 12032] R2 linsgt;linsgt; C:\WINDOWS\system32\DRIVERS\linsgt.sys [2008-07-21 16000] R2 PfModNT;PfModNT; \??\C:\WINDOWS\system32\drivers\PfModNT.sys [] R2 STEC3;STEC3; \??\C:\WINDOWS\system32\STEC3.sys [] R2 SVKP;SVKP; \??\C:\WINDOWS\system32\SVKP.sys [] R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120] R3 COMMONFX.SYS;COMMONFX.SYS; C:\WINDOWS\System32\drivers\COMMONFX.SYS [2008-06-27 99352] R3 ctac32k;Creative AC3 Software Decoder; C:\WINDOWS\system32\drivers\ctac32k.sys [2008-07-07 511000] R3 ctaud2k;Creative Audio Driver (WDM); C:\WINDOWS\system32\drivers\ctaud2k.sys [2008-07-07 532376] R3 CTAUDFX.SYS;CTAUDFX.SYS; C:\WINDOWS\System32\drivers\CTAUDFX.SYS [2008-06-27 555032] R3 ctprxy2k;Creative Proxy Driver; C:\WINDOWS\system32\drivers\ctprxy2k.sys [2008-07-07 14360] R3 CTSBLFX.SYS;CTSBLFX.SYS; C:\WINDOWS\System32\drivers\CTSBLFX.SYS [2008-06-27 566296] R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\system32\drivers\ctsfm2k.sys [2008-07-07 157208] R3 E100B;Intel(R) PRO Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2004-10-14 155648] R3 emupia;E-mu Plug-in Architecture Driver; C:\WINDOWS\system32\drivers\emupia2k.sys [2008-07-07 92696] R3 ha10kx2k;Creative Hardware Abstract Layer Driver; C:\WINDOWS\system32\drivers\ha10kx2k.sys [2008-07-07 797720] R3 hap16v2k;Creative P16V HAL Driver; C:\WINDOWS\system32\drivers\hap16v2k.sys [2008-07-07 162840] R3 HDAudBus;Microsoft UAA-Bustreiber für High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384] R3 HidUsb;Microsoft HID Class-Treiber; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368] R3 mouhid;Maus-HID-Treiber; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-08-05 12288] R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-04-04 10232128] R3 ossrv;Creative OS Services Driver; C:\WINDOWS\system32\drivers\ctoss2k.sys [2008-07-07 127512] R3 STHDA;High Definition Audio Driver (WDM) - SigmaTel CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2005-03-31 180096] R3 TDSLAdapter;T-DSL-Adapter (T-Online); C:\WINDOWS\system32\DRIVERS\TDSLAdap.sys [2001-02-12 47616] R3 usbccgp;Microsoft Standard-USB-Haupttreiber; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128] R3 usbehci;Miniporttreiber für erweiterten Microsoft USB 2.0-Hostcontroller; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208] R3 usbhub;Microsoft USB-Standardhubtreiber; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520] R3 USBSTOR;USB-Massenspeichertreiber; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368] R3 usbuhci;Miniporttreiber für universellen Microsoft USB-Hostcontroller; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608] R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\WINDOWS\system32\drivers\WmBEnum.sys [2008-01-24 19336] R3 WmFilter;Logitech Gaming HID Filter Driver; C:\WINDOWS\system32\drivers\WmFilter.sys [2008-01-24 28168] R3 WmXlCore;Logitech Translation Layer Driver; C:\WINDOWS\system32\drivers\WmXlCore.sys [2008-01-24 48904] S3 Arp1394;1394-ARP-Clientprotokoll; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800] S3 CCDECODE;Untertiteldecoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024] S3 COMMONFX;COMMONFX; C:\WINDOWS\system32\drivers\COMMONFX.SYS [2008-06-27 99352] S3 CTAUDFX;CTAUDFX; C:\WINDOWS\system32\drivers\CTAUDFX.SYS [2008-06-27 555032] S3 ctdvda2k;Creative DVD-Audio Device Driver; C:\WINDOWS\system32\drivers\ctdvda2k.sys [2008-07-07 347080] S3 CTERFXFX.SYS;CTERFXFX.SYS; C:\WINDOWS\System32\drivers\CTERFXFX.SYS [2008-06-27 100888] S3 CTERFXFX;CTERFXFX; C:\WINDOWS\system32\drivers\CTERFXFX.SYS [2008-06-27 100888] S3 CTSBLFX;CTSBLFX; C:\WINDOWS\system32\drivers\CTSBLFX.SYS [2008-06-27 566296] S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys [] S3 GWHid;VL807 Hidmini driver; C:\WINDOWS\system32\DRIVERS\GWHid.sys [2008-11-04 18992] S3 hap17v2k;Creative P17V HAL Driver; C:\WINDOWS\system32\drivers\hap17v2k.sys [2008-07-07 189464] S3 hidgame;Microsoft HID-zu-Joystickanschlussaktivierung; C:\WINDOWS\system32\DRIVERS\hidgame.sys [2001-08-17 8576] S3 MACNDIS5;MACNDIS5 NDIS Protocol Driver; \??\C:\PROGRA~1\GEMEIN~1\MARMIK~1\MACNDIS5.SYS [] S3 MIINPazX;MIINPazX NDIS Protocol Driver; \??\C:\PROGRA~1\GEMEIN~1\MARMIK~1\MInfraIS\MIINPazX.SYS [] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504] S3 MTOnlPktAlyX;MTOnlPktAlyX NDIS Protocol Driver; \??\C:\PROGRA~1\T-Online\T-ONLI~2\BASIS-~1\Basis1\MTOnlPktAlyX.SYS [] S3 musbehco;musbehco; \??\C:\DOKUME~1\Arno\LOKALE~1\Temp\musbehco.sys [] S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248] S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880] S3 NIC1394;1394-Netzwerktreiber; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824] S3 nm;Netzwerkmonitortreiber; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-14 40320] S3 PCANDIS5;PCANDIS5; \??\C:\PROGRA~1\T-Online\DSL-MA~1\PCANDIS5.SYS [] S3 RivaTuner32;RivaTuner32; \??\C:\Programme\RivaTuner v2.0 Final Release\RivaTuner32.sys [] S3 slabbus;USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\slabbus.sys [2005-01-05 51040] S3 slabser;USB Data Cable Drivers; C:\WINDOWS\system32\DRIVERS\slabser.sys [2005-01-05 82768] S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136] S3 ssm_bus;Samsung Mobile USB Device II 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ssm_bus.sys [2005-05-20 52416] S3 ssm_mdfl;Samsung Mobile USB Modem II 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ssm_mdfl.sys [2005-05-20 6096] S3 ssm_mdm;Samsung Mobile USB Modem II 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ssm_mdm.sys [2005-05-20 84512] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232] S3 TBPanel;TBPanel; C:\WINDOWS\system32\drivers\TBPanel.sys [2007-03-16 12256] S3 TDSLProtocol;T-DSL-Protocol (T-Online); C:\WINDOWS\system32\DRIVERS\TDSLProt.sys [2001-02-12 6688] S3 TVICHW32;TVICHW32; \??\C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS [] S3 usbprint;Microsoft USB-Druckerklasse; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856] S3 usbscan;USB-Scannertreiber; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104] S3 VL807;VL807 Filter; C:\WINDOWS\system32\DRIVERS\VL807.sys [2008-11-04 24936] S3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\WINDOWS\system32\DRIVERS\vmnetadapter.sys [] S3 w810bus;Sony Ericsson W810 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\w810bus.sys [] S3 w810mdfl;Sony Ericsson W810 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\w810mdfl.sys [] S3 w810mdm;Sony Ericsson W810 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\w810mdm.sys [] S3 w810mgmt;Sony Ericsson W810 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\w810mgmt.sys [] S3 w810obex;Sony Ericsson W810 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\w810obex.sys [] S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\WINDOWS\system32\drivers\WmVirHid.sys [2008-01-24 14728] S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S3 ZSMC301b;Philips SPC 300NC PC Camera; C:\WINDOWS\System32\Drivers\usbVM31b.sys [] S4 agp440;Intel AGP-Bus-Filter; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-14 42368] S4 agpCPQ;Compaq AGP-Bus-Filter; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2008-04-14 44928] S4 alim1541;ALI AGP-Bus-Filter; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2008-04-14 42752] S4 amdagp;AMD AGP-Bus-Filtertreiber; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2008-04-14 43008] S4 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2006-08-05 13952] S4 IntelIde;IntelIde; C:\WINDOWS\system32\DRIVERS\intelide.sys [2008-04-14 5504] S4 sisagp;SIS AGP-Bus-Filter; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2008-04-14 40960] S4 viaagp;VIA AGP-Bus-Filter; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-14 42240] S4 WS2IFSL;Windows Socket 2.0 Non-IFS-Dienstanbieter-Unterstützungsumgebung; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2006-08-05 12032] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 aswUpdSv;avast! iAVS4 Control Service; C:\Programme\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752] R2 avast! Antivirus;avast! Antivirus; C:\Programme\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680] R2 Creative Service for CDROM Access;Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.EXE [1999-12-13 44032] R2 IAANTMon;Intel(R) Matrix Storage Event Monitor; C:\Programme\Intel\Intel Matrix Storage Manager\iaantmon.exe [2009-02-11 354840] R2 JavaQuickStarterService;Java Quick Starter; C:\Programme\Java\jre6\bin\jqs.exe [2010-04-12 153376] R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-04-03 154216] R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Programme\Spyware Terminator\sp_rsser.exe [2009-12-19 488960] R3 avast! Mail Scanner;avast! Mail Scanner; C:\Programme\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040] R3 avast! Web Scanner;avast! Web Scanner; C:\Programme\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920] S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800] S2 gupdate1c9f2b178801384;Google Update Service (gupdate1c9f2b178801384); C:\Programme\Google\Update\GoogleUpdate.exe [2009-06-21 133104] S2 gusvc;Google Software Updater; C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-09-13 194032] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 IDriverT;InstallDriver Table Manager; C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728] S3 MatSvc;Microsoft Automated Troubleshooting Service; C:\Programme\Microsoft Fix it Center\Matsvc.exe [2010-04-10 266544] S3 MZCCntrl;T-Online WLAN Adapter Steuerungsdienst; C:\Programme\Gemeinsame Dateien\Marmiko Shared\MZCCntrl.exe [2007-01-09 61440] S3 SandraTheSrv;Sandra Service; C:\Dokumente und Einstellungen\benutzer\Eigene Dateien\SiSoftware Sandra Lite 2007.SP1\RpcSandraSrv.exe [2006-08-01 1156096] S4 aspnet_state;ASP.NET-Zustandsdienst; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S4 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S4 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S4 msnmsgsr;msnmsgsr; C:\Dokumente und Einstellungen\benutzer\Anwendungsdaten\msnmsgsr\msnmsgsr.exe [2010-05-30 782336] S4 NetTcpPortSharing;Net.Tcp-Portfreigabedienst; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] S4 NMSAccessU;NMSAccessU; C:\Programme\Gemeinsame Dateien\NMSAccessU.exe [2007-01-25 65536] S4 SandraDataSrv;Sandra Data Service; C:\Dokumente und Einstellungen\benutzer\Eigene Dateien\SiSoftware Sandra Lite 2007.SP1\Win32\RpcDataSrv.exe [2006-08-01 119800] S4 WMPNetworkSvc;Windows Media Player-Netzwerkfreigabedienst; C:\Programme\Windows Media Player\WMPNetwk.exe [2006-11-03 920576] S4 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] -----------------EOF----------------- Geändert von ichweissnich (30.05.2010 um 08:30 Uhr) Grund: zusätzliche Info |
30.05.2010, 19:27 | #2 |
/// Winkelfunktion /// TB-Süch-Tiger™ | def_win32.exe u. msnmsgsr.exe was ist das? Hallo und
__________________bitte nen Vollscan mit malwarebytes (und aktuellen Signaturen) machen und Log posten. Danach OTL: Systemscan mit OTL Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
__________________ |
Themen zu def_win32.exe u. msnmsgsr.exe was ist das? |
antimalware, anwendung, ask toolbar, ask.com, avast, avast!, avira, avp.exe, black, browser, browser.exe, browseui preloader, ccleaner, dateien, dell pc, device driver, error, folge, fontcache, frage, free download, google, google earth, gupdate, hkus\s-1-5-18, internet browser, kernel.exe, laden, löschen, meldung, microsoft fix it, mmc.exe, online virus, opera.exe, ordner, plug-in, programme, rache, scan, sierra, skype.exe, sp3, spielen, spyware terminator, starten, starten nicht, torrent.exe, traces, trojan-spy, usenext, win, win xp, win xp sp3, winpatrol |