Windows update geht nicht, Iexploprer Fenster gehen auf usw.

AndiHH · 08.08.2010, 12:22

hier die benötigten daten.

gmer:

GMER Logfile:

Code:

ATTFilter

GMER 1.0.15.15281 - hxxp://www.gmer.net
Rootkit scan 2010-08-08 13:08:39
Windows 5.1.2600 Service Pack 3
Running: dvknzkwc.exe; Driver: C:\DOKUME~1\Andi\LOKALE~1\Temp\fwrdipod.sys


---- System - GMER 1.0.15 ----

SSDT            B80F799E                                                                           ZwCreateKey
SSDT            B80F7994                                                                           ZwCreateThread
SSDT            B80F79A3                                                                           ZwDeleteKey
SSDT            B80F79AD                                                                           ZwDeleteValueKey
SSDT            B80F79B2                                                                           ZwLoadKey
SSDT            \??\C:\WINDOWS\system32\drivers\wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.)  ZwMapViewOfSection [0xF77508D0]
SSDT            B80F7980                                                                           ZwOpenProcess
SSDT            B80F7985                                                                           ZwOpenThread
SSDT            B80F79BC                                                                           ZwReplaceKey
SSDT            B80F79B7                                                                           ZwRestoreKey
SSDT            B80F79A8                                                                           ZwSetValueKey
SSDT            \??\C:\WINDOWS\system32\drivers\wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.)  ZwShutdownSystem [0xF7750E70]
SSDT            B80F798F                                                                           ZwTerminateProcess

---- Kernel code sections - GMER 1.0.15 ----

LCODE           C:\WINDOWS\system32\DRIVERS\PCX504.sys                                             entry point in "LCODE" section [0xB95B90CC]
.text           tcpip.sys!IPTransmit + 10FC                                                        B7FC6D3A 2 Bytes  CALL F7417200 Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
.text           tcpip.sys!IPTransmit + 10FF                                                        B7FC6D3D 3 Bytes  [45, 3F, 90] {INC EBP; AAS ; NOP }
.text           tcpip.sys!IPTransmit + 2A52                                                        B7FC8690 6 Bytes  CALL F7417200 Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
.text           tcpip.sys!IPRegisterProtocol + 930                                                 B7FDE454 6 Bytes  CALL F7417200 Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
.text           wanarp.sys                                                                         BA7353FD 7 Bytes  CALL F7417350 Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)

---- Kernel IAT/EAT - GMER 1.0.15 ----

IAT             \SystemRoot\System32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisCloseAdapter]                [F7417DB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\System32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisOpenAdapter]                 [F7417D50] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\System32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisDeregisterProtocol]          [F7417CB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\System32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisRegisterProtocol]            [F7417B30] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\System32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisRegisterProtocol]           [F7417B30] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\System32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisOpenAdapter]                [F7417D50] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\System32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisCloseAdapter]               [F7417DB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\System32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisDeregisterProtocol]         [F7417CB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\System32\DRIVERS\psched.sys[NDIS.SYS!NdisDeregisterProtocol]           [F7417CB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\System32\DRIVERS\psched.sys[NDIS.SYS!NdisRegisterProtocol]             [F7417B30] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\System32\DRIVERS\psched.sys[NDIS.SYS!NdisOpenAdapter]                  [F7417D50] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\System32\DRIVERS\psched.sys[NDIS.SYS!NdisCloseAdapter]                 [F7417DB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisRegisterProtocol]            [F7417B30] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisDeregisterProtocol]          [F7417CB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisCloseAdapter]                [F7417DB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisOpenAdapter]                 [F7417D50] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\System32\DRIVERS\tcpip.sys[NDIS.SYS!NdisCloseAdapter]                  [F7417DB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\System32\DRIVERS\tcpip.sys[NDIS.SYS!NdisOpenAdapter]                   [F7417D50] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\System32\DRIVERS\tcpip.sys[NDIS.SYS!NdisRegisterProtocol]              [F7417B30] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\System32\DRIVERS\wanarp.sys[NDIS.SYS!NdisDeregisterProtocol]           [F7417CB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\System32\DRIVERS\wanarp.sys[NDIS.SYS!NdisRegisterProtocol]             [F7417B30] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\System32\DRIVERS\wanarp.sys[NDIS.SYS!NdisOpenAdapter]                  [F7417D50] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\System32\DRIVERS\wanarp.sys[NDIS.SYS!NdisCloseAdapter]                 [F7417DB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\System32\DRIVERS\arp1394.sys[NDIS.SYS!NdisCloseAdapter]                [F7417DB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\System32\DRIVERS\arp1394.sys[NDIS.SYS!NdisOpenAdapter]                 [F7417D50] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\System32\DRIVERS\arp1394.sys[NDIS.SYS!NdisDeregisterProtocol]          [F7417CB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\System32\DRIVERS\arp1394.sys[NDIS.SYS!NdisRegisterProtocol]            [F7417B30] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\System32\DRIVERS\irda.sys[NDIS.SYS!NdisOpenAdapter]                    [F7417D50] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\System32\DRIVERS\irda.sys[NDIS.SYS!NdisRegisterProtocol]               [F7417B30] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\System32\DRIVERS\irda.sys[NDIS.SYS!NdisCloseAdapter]                   [F7417DB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\System32\DRIVERS\irda.sys[NDIS.SYS!NdisDeregisterProtocol]             [F7417CB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\System32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisRegisterProtocol]            [F7417B30] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\System32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisDeregisterProtocol]          [F7417CB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\System32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisCloseAdapter]                [F7417DB0] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)
IAT             \SystemRoot\System32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisOpenAdapter]                 [F7417D50] Teefer.sys (Teefer Driver/Sygate Technologies, Inc.)

---- Devices - GMER 1.0.15 ----

Device          \Driver\Tcpip \Device\Ip                                                           wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.)
Device          \Driver\Tcpip \Device\Tcp                                                          wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.)
Device          \Driver\Tcpip \Device\Udp                                                          wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.)
Device          \Driver\Tcpip \Device\RawIp                                                        wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.)
Device          \Driver\Tcpip \Device\IPMULTICAST                                                  wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.)

AttachedDevice  \FileSystem\Fastfat \Fat                                                           fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

---- Registry - GMER 1.0.15 ----

Reg             HKCU\Software\Microsoft\Windows\CurrentVersion\@Í\x2039í\x2039T\x20acó`            1
Reg             HKCU\Software\Microsoft\Windows\CurrentVersion\@Í\x2039í\x2039\x201c\x008feQ       1
Reg             HKCU\Software\Microsoft\Windows\CurrentVersion\@\20\x90\20nÐc:y                    1
Reg             HKCU\Software\Microsoft\Windows\CurrentVersion\@\26Y\1xÐc:y                        1
Reg             HKCU\Software\Microsoft\Windows\CurrentVersion\@Òczz<h                             0
Reg             HKCU\Software\Microsoft\Windows\CurrentVersion\@IQ\ahß\x8d\x8f\x2013               1

---- EOF - GMER 1.0.15 ----

--- --- ---

und OSAM

OSAM Logfile:

Code:

ATTFilter

Report of OSAM: Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 13:25:35 on 08.08.2010

OS: Windows XP Professional Service Pack 3 (Build 2600)
Default Browser: Microsoft Corporation Internet Explorer 8.00.6001.18702

Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures

Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries


[Common]
-----( %SystemRoot%\Tasks )-----
"BMMTask.job" - ? - C:\PROGRA~1\ThinkPad\UTILIT~1\BMMTASK.EXE  (File found, but it contains no detailed information)

[Control Panel Objects]
-----( %SystemRoot%\system32 )-----
"CiscoACU.cpl" - "Cisco Systems, Inc." - C:\WINDOWS\system32\CiscoACU.cpl
"infocardcpl.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\infocardcpl.cpl
"javacpl.cpl" - "Sun Microsystems, Inc." - C:\WINDOWS\system32\javacpl.cpl
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )-----
"Avira AntiVir Personal - Free Antivirus " - "Avira GmbH" - C:\PROGRA~1\Avira\ANTIVI~1\avconfig.cpl
"SMAX4CP" - "Analog Devices, Inc." - C:\Programme\Analog Devices\SoundMAX\SMax4.cpl

[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"ati2mtag" (ati2mtag) - "ATI Technologies Inc." - C:\WINDOWS\System32\DRIVERS\ati2mtag.sys
"avgio" (avgio) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\avgio.sys
"avgntflt" (avgntflt) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\avgntflt.sys
"avipbb" (avipbb) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\avipbb.sys
"catchme" (catchme) - ? - C:\DOKUME~1\Andi\LOKALE~1\Temp\catchme.sys  (File not found)
"Changer" (Changer) - ? - C:\WINDOWS\system32\drivers\Changer.sys  (File not found)
"DSC Still Image Capture (CA100)" (USBCamera) - "USB BULK" - C:\WINDOWS\System32\Drivers\Bulk100.sys
"DsiUsb" (DsiUsb) - "Meade Instruments Corporation" - C:\WINDOWS\System32\DRIVERS\DsiUsb.sys
"hwinterface" (hwinterface) - "Logix4u" - C:\WINDOWS\System32\Drivers\hwinterface.sys
"i2omgmt" (i2omgmt) - ? - C:\WINDOWS\system32\drivers\i2omgmt.sys  (File not found)
"IBMPMDRV" (IBMPMDRV) - "Lenovo." - C:\WINDOWS\System32\DRIVERS\ibmpmdrv.sys
"lbrtfdc" (lbrtfdc) - ? - C:\WINDOWS\system32\drivers\lbrtfdc.sys  (File not found)
"PCDRNDISUIO Usermode I/O Protocol" (PcdrNdisuio) - ? - C:\WINDOWS\System32\DRIVERS\pcdrndisuio.sys  (File not found)
"PCIDump" (PCIDump) - ? - C:\WINDOWS\system32\drivers\PCIDump.sys  (File not found)
"PDCOMP" (PDCOMP) - ? - C:\WINDOWS\system32\drivers\PDCOMP.sys  (File not found)
"PDFRAME" (PDFRAME) - ? - C:\WINDOWS\system32\drivers\PDFRAME.sys  (File not found)
"PDRELI" (PDRELI) - ? - C:\WINDOWS\system32\drivers\PDRELI.sys  (File not found)
"PDRFRAME" (PDRFRAME) - ? - C:\WINDOWS\system32\drivers\PDRFRAME.sys  (File not found)
"PMEM" (PMEM) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\PMEMNT.SYS
"Smart Cam, WDM Video Capture" (Ca100v) - "Digital Camera" - C:\WINDOWS\System32\Drivers\Ca100v.sys
"ssmdrv" (ssmdrv) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\ssmdrv.sys
"SyGate for NT, wg3n" (wg3n) - "Sygate Technologies, Inc." - C:\WINDOWS\SYSTEM32\Drivers\wg3n.sys
"Teefer for NT" (Teefer) - "Sygate Technologies, Inc." - C:\WINDOWS\System32\Drivers\Teefer.sys
"Telescope Driver" (PAC7302) - "PixArt Imaging Inc." - C:\WINDOWS\System32\DRIVERS\PAC7302.SYS
"TPPWR" (TPPWR) - "IBM Corp." - C:\WINDOWS\System32\drivers\Tppwr.sys
"WDICA" (WDICA) - ? - C:\WINDOWS\system32\drivers\WDICA.sys  (File not found)
"wpsdrvnt" (wpsdrvnt) - "Sygate Technologies, Inc." - C:\WINDOWS\system32\drivers\wpsdrvnt.sys

[Explorer]
-----( HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components )-----
{89B4C1CD-B018-4511-B0A1-5476DBF70820} "StubPath" - "Microsoft Corporation" - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----
{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.dll
-----( HKLM\Software\Classes\Protocols\Filter )-----
{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{42071714-76d4-11d1-8b24-00a0c9068ff3} "CPL-Erweiterung für Anzeigeverschiebung" - ? - deskpan.dll  (File not found)
{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} "Kontextmenü für die Verschlüsselung" - ? -   (File not found | COM-object registry key not found)
{32683183-48a0-441b-a342-7c2a440a9478} "Media Band" - ? -   (File not found | COM-object registry key not found)
{45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\shlext.dll
{E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} "Shell Icon Handler for Application References" - "Microsoft Corporation" - C:\WINDOWS\system32\dfshim.dll
{764BF0E1-F219-11ce-972D-00AA00A14F56} "Shellerweiterungen für die Dateikomprimierung" - ? -   (File not found | COM-object registry key not found)
{e82a2d71-5b2f-43a0-97b8-81be15854de8} "ShellLink for Application References" - "Microsoft Corporation" - C:\WINDOWS\system32\dfshim.dll
{B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - ? - d:\utility\WinRAR\rarext.dll  (File found, but it contains no detailed information)

[Internet Explorer]
-----( HKCU\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars )-----
{32683183-48a0-441b-a342-7c2a440a9478} "{32683183-48a0-441b-a342-7c2a440a9478}" - ? -   (File not found | COM-object registry key not found)
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
ITBar7Height "ITBar7Height" - ? -   (File not found | COM-object registry key not found)
<binary data> "ITBar7Layout" - ? -   (File not found | COM-object registry key not found)
<binary data> "ITBarLayout" - ? -   (File not found | COM-object registry key not found)
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_20" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_20.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} "Java Plug-in 1.6.0_20" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_20.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_20" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_20.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} "MUWebControl Class" - "Microsoft Corporation" - C:\WINDOWS\system32\muweb.dll / hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1279050907512
{17492023-C23A-453E-A040-C7C580BBF700} "Windows Genuine Advantage Validation Tool" - "Microsoft Corporation" - C:\WINDOWS\system32\LegitCheckControl.DLL / hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
{7530BFB8-7293-4D34-9923-61A11451AFC5} "{7530BFB8-7293-4D34-9923-61A11451AFC5}" - ? -   (File not found | COM-object registry key not found) / hxxp://download.eset.com/special/eos/OnlineScanner.cab
{8FFBE65D-2C9C-4669-84BD-5829DC0B603C} "{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}" - ? -   (File not found | COM-object registry key not found) / hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
{53707962-6F74-2D53-2644-206D7942484F} "ClsidExtension" - "Safer Networking Limited" - D:\utility\SPYBOT~1\SDHelper.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\jp2ssv.dll
{E7E6F031-17CE-4C07-BC86-EABFE594F69C} "JQSIEStartDetectorImpl Class" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
{53707962-6F74-2D53-2644-206D7942484F} "Spybot-S&D IE Protection" - "Safer Networking Limited" - D:\utility\SPYBOT~1\SDHelper.dll

[Logon]
-----( %AllUsersProfile%\Startmenü\Programme\Autostart )-----
"desktop.ini" - ? - C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\desktop.ini
-----( %UserProfile%\Startmenü\Programme\Autostart )-----
"desktop.ini" - ? - C:\Dokumente und Einstellungen\Andi\Startmenü\Programme\Autostart\desktop.ini
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"ACUMon" - "Cisco Systems, Inc." - "C:\Program Files\Cisco Systems\Aironet Client Monitor\ACUMon.Exe" -a
"Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "D:\utility\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"ATIPTA" - "ATI Technologies, Inc." - C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
"avgnt" - "Avira GmbH" - "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min
"BLOG" - ? - rundll32.exe C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog  (File found, but it contains no detailed information)
"BMMGAG" - "IBM Corp." - RunDll32 C:\PROGRA~1\ThinkPad\UTILIT~1\pwrmonit.dll,StartPwrMonitor
"BMMLREF" - ? - C:\Programme\ThinkPad\Utilities\BMMLREF.EXE  (File found, but it contains no detailed information)
"BMMMONWND" - "IBM Corp." - rundll32.exe C:\PROGRA~1\ThinkPad\UTILIT~1\BatInfEx.dll,BMMAutonomicMonitor
"EZEJMNAP" - "Lenovo Group Ltd." - C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
"MSPY2002" - ? - C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC  (File signed by Microsoft | File found, but it contains no detailed information)
"PAC7302_Monitor" - "PixArt Imaging Incorporation" - C:\WINDOWS\PixArt\PAC7302\Monitor.exe
"SmcService" - "Sygate Technologies, Inc." - C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
"SoundMAXPnP" - "Analog Devices, Inc." - C:\Programme\Analog Devices\SoundMAX\SMax4PNP.exe
"SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe"
"TPHOTKEY" - "Lenovo Group Limited" - C:\Programme\Lenovo\HOTKEY\TPOSDSVC.exe

[Network Providers]
-----( HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order )-----
"Cisco Wireless Logon Module" - "Cisco Systems, Inc." - C:\WINDOWS\system32\cswgina.dll

[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
".NET Runtime Optimization Service v2.0.50727_X86" (clr_optimization_v2.0.50727_32) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
"ASP.NET-Zustandsdienst" (aspnet_state) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
"Ati HotKey Poller" (Ati HotKey Poller) - "ATI Technologies Inc." - C:\WINDOWS\system32\Ati2evxx.exe
"Avira AntiVir Guard" (AntiVirService) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\avguard.exe
"Avira AntiVir Planer" (AntiVirSchedulerService) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\sched.exe
"HID Input Service" (HidServ) - ? -  C:\WINDOWS\System32\hidserv.dll  (File not found)
"Java Quick Starter" (JavaQuickStarterService) - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\jqs.exe
"SoundMAX Agent Service" (SoundMAX Agent Service (default)) - "Analog Devices, Inc." - C:\Programme\Analog Devices\SoundMAX\SMAgent.exe
"Sygate Personal Firewall" (SmcService) - "Sygate Technologies, Inc." - C:\Programme\Sygate\SPF\smc.exe
"ThinkPad PM Service" (IBMPMSVC) - "Lenovo" - C:\WINDOWS\system32\ibmpmsvc.exe
"Windows CardSpace" (idsvc) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
"Windows Presentation Foundation Font Cache 3.0.0.0" (FontCache3.0.0.0) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

[Winlogon]
-----( HKCU\Control Panel\IOProcs )-----
"MVB" - ? - mvfs32.dll  (File not found)
-----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon )-----
"GinaDLL" - "Cisco Systems, Inc." - C:\WINDOWS\system32\cswGina.dll
-----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify )-----
"AtiExtEvent" - "ATI Technologies Inc." - C:\WINDOWS\system32\Ati2evxx.dll
"tpfnf2" - ? - C:\Programme\Lenovo\HOTKEY\notifyf2.dll  (File found, but it contains no detailed information)
"tphotkey" - "Lenovo Group Limited" - C:\Programme\Lenovo\HOTKEY\tphklock.dll
"WgaLogon" - "Microsoft Corporation" - C:\WINDOWS\system32\WgaLogon.dll

===[ Logfile end ]=========================================[ Logfile end ]===

--- --- ---

If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru

gruß
andi

Windows update geht nicht, Iexploprer Fenster gehen auf usw.

Plagegeister aller Art und deren Bekämpfung: Windows update geht nicht, Iexploprer Fenster gehen auf usw.

Windows update geht nicht, Iexploprer Fenster gehen auf usw.

Ähnliche Themen: Windows update geht nicht, Iexploprer Fenster gehen auf usw.