Trojaner-Board - Spyware Problem!

Seite 1 von 3

100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)

- Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)

- - Spyware Problem! (https://www.trojaner-board.de/52080-spyware-problem.html)

Lukerunner

03.05.2008 21:52

Spyware Problem!

Hallo Forummitglieder,
ich hab ein rießen Problem. Bei mir werden andauernd ungewollt Werbeseiten geöffnet bzw. Seiten wo mir gesagt wird das mein Computer infiziert ist.
Da kommt dann in den Firefox Browser ein WindowsXP fenster wo der virtuel nach Spyware sucht und ca. 42 oder so findet. Meisten fordert er mich auch auf irgendetwas herunterzuladen.
Bitte helft mir diese Spyware loszuwerden. Sodass keine Werbefenster mehr geöffnet werden.
Hier meine Logfile Datei:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:23:13, on 03/05/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe
C:\Spiele\Program Files (x86)\Steam\Steam.exe
C:\Windows\System32\spool\drivers\x64\3\E_FATIBVE.EXE
C:\Windows\System32\spool\drivers\x64\3\E_FATIBVE.EXE
C:\Program Files (x86)\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Anwendungen\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Anwendungen\Program Files (x86)\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Anwendungen\Program Files (x86)\Xfire\xfire.exe
C:\Anwendungen\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware 2007\Ad-Aware2007.exe
C:\Anwendungen\Program Files (x86)\HiJackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = h**p://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = h**p://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = h**p://google.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = h**p://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = h**p://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = h**p://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = h**p://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=ZillaPopupKiller:8100
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~2\ICQTOO~1\toolbaru.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: Techno4ever Toolbar - {fb7d98cb-b228-4ecb-acac-e7101156338e} - C:\Program Files (x86)\Techno4ever\tbTec1.dll
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~2\ICQTOO~1\toolbaru.dll
O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\ANWEND~1\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files (x86)\google\googletoolbar1.dll
O2 - BHO: Techno4ever Toolbar - {fb7d98cb-b228-4ecb-acac-e7101156338e} - C:\Program Files (x86)\Techno4ever\tbTec1.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~2\ICQTOO~1\toolbaru.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Techno4ever Toolbar - {fb7d98cb-b228-4ecb-acac-e7101156338e} - C:\Program Files (x86)\Techno4ever\tbTec1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files (x86)\google\googletoolbar1.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [avgnt] "C:\Anwendungen\Program Files (x86)\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [ICQ Lite] "C:\Program Files (x86)\ICQLite\ICQLite.exe" -minimize
O4 - HKLM\..\RunOnce: [InnoSetupRegFile.0000000001] "C:\Windows\is-2SANG.exe" /REG
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files (x86)\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Steam] "c:\spiele\program files (x86)\steam\steam.exe" -silent
O4 - HKCU\..\Run: [\\ARBEIT\EPSON Stylus DX5000 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIBVE.EXE /FU "C:\Users\***\AppData\Local\Temp\E_SF5D2.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [\\CK-FKK55XSWHDCY\EPSON Stylus DX5000 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIBVE.EXE /FU "C:\Users\***\AppData\Local\Temp\E_SDA0E.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [EPSON Stylus DX5000 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIBVE.EXE /FU "C:\Windows\TEMP\E_SF0F9.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Anwendungen\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [\ARBEIT\EPSON Stylus DX5000 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIBVE.EXE /FU "C:\Users\***\AppData\Local\Temp\E_SF5D2.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [Zilla Popup Killer] C:\Program Files (x86)\Zilla Popup Killer\ZillaPop.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Program Files (x86)\ICQLite\ICQLite.exe -trayboot
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST')
O4 - Startup: Xfire.lnk = C:\Anwendungen\Program Files (x86)\Xfire\xfire.exe
O8 - Extra context menu item: &Winamp Toolbar Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: In Windows Live Writer in &Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: eBay Startseite - {8B69DB2E-015D-4c4f-B97E-95EF5326BDA8} - h**p://adfarm.mediaplex.com/ad/ck/707-1170-5704-77?RedirectEnter&partner=36420&loc=h**p://pages.ebay.de (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files (x86)\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files (x86)\ICQLite\ICQLite.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ANWEND~1\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ANWEND~1\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O15 - Trusted Zone: http://www.google.de
O15 - Trusted Zone: http://download.windowsupdate.com
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - h**p://static.ak.schuelervz.net/photouploader/ImageUploader4.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - h**p://treff-mogelpower.spaces.live.com/PhotoUpload/VistaMsnPUpldde-de.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - h**p://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: bw+0 - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

Fortsetzung folgt...

Lukerunner

03.05.2008 21:53

...Hier der restliche Teil!:schmoll:

O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: offline-8876480 - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files (x86)\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - C:\Anwendungen\Program Files (x86)\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Anwendungen\Program Files (x86)\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files (x86)\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVCSer64.exe
O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Anwendungen\Program Files (x86)\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\SysWOW64\PSIService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Anwendungen\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 27085 bytes

mfg Luke

Sunny

03.05.2008 21:59

Hallo Lukerunner und

http://www.mysmilie.de/generator/ablage/156/257.png

Dateien Online überprüfen lassen:

Suche die Seite Virtustotal auf, klicke auf den Button „Durchsuchen“ und suche folgende Datei/Dateien:

lass auch die versteckten Dateien anzeigen!

Code:

C:\Windows\is-2SANG.exe

Lade nun nacheinander jede/alle Datei/Dateien hoch, und warte bis der Scan vorbei ist. (kann bis zu 2 Minuten dauern.)

Poste im Anschluss das Ergebnis der Auswertung, alles abkopieren und in einen Beitrag einfügen.

(Wichtig: Auch die Größenangabe sowie den HASH mit kopieren!)

ComboFix

Lade dir das Tool hier herunter auf den Desktop -> KLICK

Das Programm jedoch noch nicht starten sondern zuerst folgendes tun:

Schliesse alle Anwendungen und Programme, vor allem deine Antiviren-Software und andere Hintergrundwächter, sowie deinen Internetbrowser.
Vermeide es auch explizit während das Combofix läuft die Maus und Tastatur zu benutzen.

Starte nun die combofix.exe von deinem Desktop aus, bestätige die Warnmeldungen und lass dein System durchsuchen.

Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte abkopieren und in deinen Beitrag einfügen.

Lukerunner

03.05.2008 22:24

Antivirus Version letzte aktualisierung Ergebnis
AhnLab-V3 2008.5.3.0 2008.05.02 -
AntiVir 7.8.0.11 2008.05.02 -
Authentium 4.93.8 2008.05.02 -
Avast 4.8.1169.0 2008.05.03 -
AVG 7.5.0.516 2008.05.03 -
BitDefender 7.2 2008.05.03 -
CAT-QuickHeal 9.50 2008.05.03 -
ClamAV 0.92.1 2008.05.03 -
DrWeb 4.44.0.09170 2008.05.03 -
eSafe 7.0.15.0 2008.04.28 -
eTrust-Vet 31.3.5755 2008.05.03 -
Ewido 4.0 2008.05.03 -
F-Prot 4.4.2.54 2008.05.02 -
F-Secure 6.70.13260.0 2008.05.03 -
Fortinet 3.14.0.0 2008.05.03 -
Ikarus T3.1.1.26 2008.05.03 -
Kaspersky 7.0.0.125 2008.05.03 -
McAfee 5287 2008.05.02 -
Microsoft 1.3408 2008.04.22 -
NOD32v2 3072 2008.05.03 -
Norman 5.80.02 2008.05.02 -
Panda 9.0.0.4 2008.05.03 -
Prevx1 V2 2008.05.03 -
Rising 20.42.22.00 2008.04.30 -
Sophos 4.29.0 2008.05.03 -
Sunbelt 3.0.1097.0 2008.05.03 -
Symantec 10 2008.05.03 -
TheHacker 6.2.92.300 2008.05.03 -
VBA32 3.12.6.5 2008.05.03 -
VirusBuster 4.3.26:9 2008.05.03 -
Webwasher-Gateway 6.6.2 2008.05.03 -

weitere Informationen
File size: 27087 bytes
MD5...: 26de3115ecc395f059324f8005f1eafb
SHA1..: 1e1c31741b8bd2a2e67b85031ad2e6dc028edbfe
SHA256: 61ed26941288ed8c29c09ee0633059ccf05338c745a7b53b940fe20876fe8093
SHA512: 1e59068ffbe545e436f4467479946aa18b0cfae31ee0eba36c2d5b5083d35c1b<br>debc2e43590b0c24bde3728c3b3b7fa46db370634d8b8a265aa1a613ad44cdde
PEiD..: -
PEInfo: -

Lukerunner

03.05.2008 22:30

Es gibt ein Problem... ComboFix läuft nur unter Windows 2000 oder XP und ich hab Vista x64.

mfg Luke

Sunny

03.05.2008 22:33

Zitat:

Zitat von Lukerunner (Beitrag 336427)

Es gibt ein Problem... ComboFix läuft nur unter Windows 2000 oder XP und ich hab Vista x64.

Combofix läuft auch unter Vista. Du bist definitv nicht der Erste mit einem Vista-System... ;)
Oder kommt diese Meldung direkt vom Programm Combofix?

Lukerunner

03.05.2008 22:56

Zitat:

Zitat von [GC]Sunny (Beitrag 336428)

Combofix läuft auch unter Vista. Du bist definitv nicht der Erste mit einem Vista-System... ;)
Oder kommt diese Meldung direkt vom Programm Combofix?

Ja, wenn ich Combofix starte öffnet sich ein Fenster wo da steht: Nur für Windows XP und 2000

Edit:
Das wäre dann die Fehlermeldung:
http://www.trojaner-board.de/attachm...1&d=1209851643

Sunny

03.05.2008 23:03

Scheint ein Fehler im Programm zu sein, oder aber es wurde was an der Software Combofix erneuert...

dann halt so weiter:

Deckards System Scanner (DSS)

Hier gibt es das Tool -> dss.exe

* Schließe alle Anwendungen
* Doppelklicke dss.exe um das Programm zu starten
* Wenn der Scan abgeschlossen ist wird sich ein Notepad mit dem Inhalt
der main.txt öffnen.
Ein weiteres Logfile, die extra.txt liegt im Verzeichnis
c:\Deckard\SystemScanner\extra.txt
* Kopiere den Inhalt der beiden Logfiles in diesen Thread, bitte als ['CODE]['/CODE]

Was Deckards System Scanner macht:

* Es Erstellt einen System Wiederherstellungspunkt
* es säubert die temporären Dateien, Downloaded Program Files, Internet
Cache Dateien und es leert den Mülleimer auf allen Lauferken.

Malwarebytes' Anti-Malware

Lies dir die Entfernungsanleitung durch und lass alles entfernen was gefunden wurde:

Download von Malwarebytes' Anti-Malware

Lukerunner

03.05.2008 23:30

Wie meinst das mit ['CODE]['/CODE]? Die Inhalte der main.txt ist zu groß sind über 65000Zeichen.

Sunny

03.05.2008 23:42

Zitat:

Zitat von Lukerunner (Beitrag 336443)

Wie meinst das mit ['CODE]['/CODE]? Die Inhalte der main.txt ist zu groß sind über 65000Zeichen.

Dann teile es auf zwei Beiträge auf, und mit den dem Code ist so gemeint:

x ist der Report von DSS und du schreibst sowohl davor als auch danach:

[code]
xxxxxxxxxxxxxxx
[+/code]

(das + Zeichen dann nicht mitschreiben!)

Lukerunner

03.05.2008 23:48

main.txt muss ich in 3threads aufteilen.

Code:

Deckard's System Scanner v20071014.68

Run by name on 2008-05-04 00:00:52

Computer is in Normal Mode.

--------------------------------------------------------------------------------
 

-- Last 5 Restore Point(s) --

42: 2008-05-03 20:08:00 UTC - RP412 - Installed Ad-Aware 2007

41: 2008-05-03 11:30:05 UTC - RP411 - Entfernt Ulead PhotoImpact

40: 2008-05-02 19:55:50 UTC - RP410 - Windows Update

39: 2008-05-01 15:39:13 UTC - RP409 - Windows Update

38: 2008-04-27 08:22:49 UTC - RP408 - Installed Java(TM) 6 Update 5
 
 

-- First Restore Point -- 

1: 2008-03-28 13:23:06 UTC - RP371 - Windows Update
 
 

Backed up registry hives.

Performed disk cleanup.
 
 
 

-- HijackThis (run as name.exe) -----------------------------------------------
 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 00:08:30, on 04/05/2008

Platform: Windows Vista  (WinNT 6.00.1904)

MSIE: Internet Explorer v7.00 (7.00.6000.16643)

Boot mode: Normal
 

Running processes:

C:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe

C:\Windows\System32\spool\drivers\x64\3\E_FATIBVE.EXE

C:\Windows\System32\spool\drivers\x64\3\E_FATIBVE.EXE

C:\Program Files (x86)\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

C:\Anwendungen\Program Files (x86)\Avira\AntiVir PersonalEdition Classic\avgnt.exe

C:\Windows\SysWOW64\conime.exe

C:\Users\name\Desktop\dss.exe

C:\ANWEND~1\PROGRA~1\HIJACK~1\name.exe
 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = h**p://google.icq.com/search/search_frame.php

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = h**p://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = h**p://google.de/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = h**p://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = h**p://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=ZillaPopupKiller:8100

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 

R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~2\ICQTOO~1\toolbaru.dll

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll

R3 - URLSearchHook: Techno4ever Toolbar - {fb7d98cb-b228-4ecb-acac-e7101156338e} - C:\Program Files (x86)\Techno4ever\tbTec1.dll

F2 - REG:system.ini: UserInit=userinit.exe

O1 - Hosts: ::1 localhost

O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~2\ICQTOO~1\toolbaru.dll

O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\ANWEND~1\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.6.0_05\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files (x86)\google\googletoolbar1.dll

O2 - BHO: Techno4ever Toolbar - {fb7d98cb-b228-4ecb-acac-e7101156338e} - C:\Program Files (x86)\Techno4ever\tbTec1.dll

O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~2\ICQTOO~1\toolbaru.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll

O3 - Toolbar: Techno4ever Toolbar - {fb7d98cb-b228-4ecb-acac-e7101156338e} - C:\Program Files (x86)\Techno4ever\tbTec1.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files (x86)\google\googletoolbar1.dll

O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll

O4 - HKLM\..\Run: [avgnt] "C:\Anwendungen\Program Files (x86)\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min

O4 - HKLM\..\Run: [ICQ Lite] "C:\Program Files (x86)\ICQLite\ICQLite.exe" -minimize

O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files (x86)\Windows Live\Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [Steam] "c:\spiele\program files (x86)\steam\steam.exe" -silent

O4 - HKCU\..\Run: [\\ARBEIT\EPSON Stylus DX5000 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIBVE.EXE /FU "C:\Users\name\AppData\Local\Temp\E_SF5D2.tmp" /EF "HKCU"

O4 - HKCU\..\Run: [\\CK-FKK55XSWHDCY\EPSON Stylus DX5000 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIBVE.EXE /FU "C:\Users\name\AppData\Local\Temp\E_SDA0E.tmp" /EF "HKCU"

O4 - HKCU\..\Run: [EPSON Stylus DX5000 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIBVE.EXE /FU "C:\Windows\TEMP\E_SF0F9.tmp" /EF "HKCU"

O4 - HKCU\..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Anwendungen\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKCU\..\Run: [\ARBEIT\EPSON Stylus DX5000 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIBVE.EXE /FU "C:\Users\name\AppData\Local\Temp\E_SF5D2.tmp" /EF "HKCU"

O4 - HKCU\..\Run: [Zilla Popup Killer] C:\Program Files (x86)\Zilla Popup Killer\ZillaPop.exe

O4 - HKCU\..\Run: [gtdppe] c:\users\lukas\appdata\local\gtdppe.exe gtdppe

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Program Files (x86)\ICQLite\ICQLite.exe -trayboot

O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST')

O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST')

O4 - Startup: Xfire.lnk = C:\Anwendungen\Program Files (x86)\Xfire\xfire.exe

O8 - Extra context menu item: &Winamp Toolbar Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html

O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre1.6.0_05\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre1.6.0_05\bin\ssv.dll

O9 - Extra button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: In Windows Live Writer in &Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra button: eBay Startseite - {8B69DB2E-015D-4c4f-B97E-95EF5326BDA8} - http://adfarm.mediaplex.com/ad/ck/707-1170-5704-77?RedirectEnter&partner=36420&loc=http://pages.ebay.de  (file missing)

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL

O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files (x86)\ICQLite\ICQLite.exe

O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files (x86)\ICQLite\ICQLite.exe

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ANWEND~1\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ANWEND~1\PROGRA~1\SPYBOT~1\SDHelper.dll

O13 - Gopher Prefix: 

O15 - Trusted Zone: h**p://www.google.de

O15 - Trusted Zone: h**p://download.windowsupdate.com

O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - h**p://static.ak.schuelervz.net/photouploader/ImageUploader4.cab

O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://treff-mogelpower.spaces.live.com/PhotoUpload/VistaMsnPUpldde-de.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - h**p://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O18 - Protocol: bw+0 - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw+0s - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0 - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0s - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00 - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00s - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10 - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10s - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20 - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20s - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30 - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30s - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40 - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40s - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50 - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50s - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60 - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60s - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70 - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70s - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80 - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80s - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90 - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90s - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0 - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0s - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0 - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0s - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0 - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0s - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0 - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0s - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0 - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0s - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0 - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0s - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O18 - Protocol: bwg0 - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwg0s - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0 - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0s - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0 - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0s - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0 - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0s - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0 - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0s - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0 - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0s - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0 - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0s - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0 - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0s - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0 - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0s - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0 - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0s - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0 - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0s - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0 - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0s - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0 - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0s - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0 - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0s - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0 - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0s - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0 - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0s - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0 - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0s - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0 - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0s - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0 - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0s - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0 - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0s - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: offline-8876480 - {5DECA9CA-BC61-4C3A-89BA-A67A03379B74} - C:\Anwendungen\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

Lukerunner

03.05.2008 23:51

2.Teil:

Code:

O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files (x86)\Lavasoft\Ad-Aware 2007\aawservice.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - C:\Anwendungen\Program Files (x86)\Avira\AntiVir PersonalEdition Classic\sched.exe

O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Anwendungen\Program Files (x86)\Avira\AntiVir PersonalEdition Classic\avguard.exe

O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files (x86)\iPod\bin\iPodService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVCSer64.exe

O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe

O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: NBService - Nero AG - C:\Anwendungen\Program Files (x86)\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe

O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\SysWOW64\PSIService.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Anwendungen\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe

O23 - Service: ServiceLayer - Nokia. - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
 

--

End of file - 26755 bytes
 

-- HijackThis Fixed Entries (C:\ANWEND~1\PROGRA~1\HIJACK~1\backups\) -----------
 

backup-20080501-234915-567 O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

backup-20080501-235323-967 O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
 

-- File Associations -----------------------------------------------------------
 

All associations okay.
 
 

-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
 

R0 ACPI (Microsoft ACPI-Treiber) - c:\windows\system32\drivers\acpi.sys (file missing)

R0 atapi (IDE-Kanal) - c:\windows\system32\drivers\atapi.sys (file missing)

R0 CLFS (Common Log (CLFS)) - c:\windows\system32\clfs.sys (file missing)

R0 crcdisk (Crcdisk Filter Driver) - c:\windows\system32\drivers\crcdisk.sys (file missing)

R0 disk (Laufwerktreiber) - c:\windows\system32\drivers\disk.sys (file missing)

R0 Ecache (ReadyBoost Caching Driver) - c:\windows\system32\drivers\ecache.sys (file missing)

R0 FileInfo (File Information FS MiniFilter) - c:\windows\system32\drivers\fileinfo.sys (file missing)

R0 FltMgr - c:\windows\system32\drivers\fltmgr.sys (file missing)

R0 fvevol (BitLocker Drive Encryption Filter Driver) - c:\windows\system32\drivers\fvevol.sys (file missing)

R0 KSecDD - c:\windows\system32\drivers\ksecdd.sys (file missing)

R0 MountMgr (Mount Point Manager) - c:\windows\system32\drivers\mountmgr.sys (file missing)

R0 msisadrv (ISA/EISA-Klassentreiber) - c:\windows\system32\drivers\msisadrv.sys (file missing)

R0 Mup - c:\windows\system32\drivers\mup.sys (file missing)

R0 NDIS (NDIS System Driver) - c:\windows\system32\drivers\ndis.sys (file missing)

R0 partmgr (Partition Manager) - c:\windows\system32\drivers\partmgr.sys (file missing)

R0 pci (PCI-Bus-Treiber) - c:\windows\system32\drivers\pci.sys (file missing)

R0 sfdrv01 (StarForce Protection Environment Driver (version 1.x)) - c:\windows\system32\drivers\sfdrv01.sys (file missing)

R0 sfhlp02 (StarForce Protection Helper Driver (version 2.x)) - c:\windows\system32\drivers\sfhlp02.sys (file missing)

R0 sfvfs02 (StarForce Protection VFS Driver (version 2.x)) - c:\windows\system32\drivers\sfvfs02.sys (file missing)

R0 spldr (Security Processor Loader Driver) - c:\windows\system32\drivers\spldr.sys (file missing)

R0 uagp35 (Microsoft AGPv3.5-Filter) - c:\windows\system32\drivers\uagp35.sys (file missing)

R0 viaide - c:\windows\system32\drivers\viaide.sys (file missing)

R0 volmgr (Treiber für Volume-Manager) - c:\windows\system32\drivers\volmgr.sys (file missing)

R0 volmgrx (Dynamic Volume Manager) - c:\windows\system32\drivers\volmgrx.sys (file missing)

R0 volsnap (Speichervolumes) - c:\windows\system32\drivers\volsnap.sys (file missing)

R0 Wdf01000 (Kernel Mode Driver Frameworks service) - c:\windows\system32\drivers\wdf01000.sys (file missing)

R1 AFD (Ancilliary Function Driver for Winsock) - c:\windows\system32\drivers\afd.sys (file missing)

R1 cdrom (CD-ROM-Laufwerktreiber) - c:\windows\system32\drivers\cdrom.sys (file missing)

R1 CSC (Offline Files Driver) - c:\windows\system32\drivers\csc.sys (file missing)

R1 DfsC (Dfs Client Driver) - c:\windows\system32\drivers\dfsc.sys (file missing)

R1 kbdclass (Tastaturklassentreiber) - c:\windows\system32\drivers\kbdclass.sys (file missing)

R1 kbdhid (Tastatur-HID-Treiber) - c:\windows\system32\drivers\kbdhid.sys (file missing)

R1 mouclass (Mausklassentreiber) - c:\windows\system32\drivers\mouclass.sys (file missing)

R1 Msfs - c:\windows\system32\drivers\msfs.sys (file missing)

R1 NetBIOS (NetBIOS Interface) - c:\windows\system32\drivers\netbios.sys (file missing)

R1 netbt - c:\windows\system32\drivers\netbt.sys (file missing)

R1 Npfs - c:\windows\system32\drivers\npfs.sys (file missing)

R1 nsiproxy (NSI proxy service) - c:\windows\system32\drivers\nsiproxy.sys (file missing)

R1 Null - c:\windows\system32\drivers\null.sys (file missing)

R1 PSched (QoS-Paketplaner) - c:\windows\system32\drivers\pacer.sys (file missing)

R1 RasAcd (Remote Access Auto Connection Driver) - c:\windows\system32\drivers\rasacd.sys (file missing)

R1 rdbss (Redirected Buffering Sub Sysytem) - c:\windows\system32\drivers\rdbss.sys (file missing)

R1 RDPCDD - c:\windows\system32\drivers\rdpcdd.sys (file missing)

R1 RDPENCDD (RDP Encoder Mirror Driver) - c:\windows\system32\drivers\rdpencdd.sys (file missing)

R1 Serial (Treiber für seriellen Anschluss) - c:\windows\system32\drivers\serial.sys (file missing)

R1 Smb (Nachrichtenorientiertes TCP/IP- und TCP/IPv6-Protokoll (SMB-Sitzung)) - c:\windows\system32\drivers\smb.sys (file missing)

R1 Tcpip (TCP/IP-Protokolltreiber) - c:\windows\system32\drivers\tcpip.sys (file missing)

R1 tdx (NetIO-Legacy-TDI-Supporttreiber) - c:\windows\system32\drivers\tdx.sys (file missing)

R1 TermDD (Terminal-Gerätetreiber) - c:\windows\system32\drivers\termdd.sys (file missing)

R1 VgaSave - c:\windows\system32\drivers\vga.sys (file missing)

R1 Wanarpv6 (Remote Access IPv6 ARP Driver) - c:\windows\system32\drivers\wanarp.sys (file missing)

R2 atksgt - c:\windows\system32\drivers\atksgt.sys (file missing)

R2 avgntflt - c:\windows\system32\drivers\avgntflt.sys (file missing)

R2 lirsgt - c:\windows\system32\drivers\lirsgt.sys (file missing)

R2 lltdio (Link-Layer Topology Discovery Mapper I/O Driver) - c:\windows\system32\drivers\lltdio.sys (file missing)

R2 luafv (UAC File Virtualization) - c:\windows\system32\drivers\luafv.sys (file missing)

R2 PEAUTH - c:\windows\system32\drivers\peauth.sys (file missing)

R2 rspndr (Link-Layer Topology Discovery Responder) - c:\windows\system32\drivers\rspndr.sys (file missing)

R2 secdrv (Security Driver) - c:\windows\system32\drivers\secdrv.sys (file missing)

R2 tcpipreg (TCP/IP Registry Compatibility) - c:\windows\system32\drivers\tcpipreg.sys (file missing)

R3 AsyncMac (Asynchroner RAS -Medientreiber) - c:\windows\system32\drivers\asyncmac.sys (file missing)

R3 bowser - c:\windows\system32\drivers\bowser.sys (file missing)

R3 DXGKrnl (LDDM Graphics Subsystem) - c:\windows\system32\drivers\dxgkrnl.sys (file missing)

R3 fastfat (FAT12/16/32 File System Driver) - c:\windows\system32\drivers\fastfat.sys (file missing)

R3 fdc (Diskettencontrollertreiber) - c:\windows\system32\drivers\fdc.sys (file missing)

R3 FET5A64 (VIA Rhine-Familie-Fast-Ethernet-Adaptertreiberdienst) - c:\windows\system32\drivers\fet5a64.sys (file missing)

R3 flpydisk (Diskettenlaufwerktreiber) - c:\windows\system32\drivers\flpydisk.sys (file missing)

R3 HDAudBus (Microsoft-UAA-Bustreiber für High Definition Audio) - c:\windows\system32\drivers\hdaudbus.sys (file missing)

R3 HidUsb (Microsoft HID Class-Treiber) - c:\windows\system32\drivers\hidusb.sys (file missing)

R3 HTTP - c:\windows\system32\drivers\http.sys (file missing)

R3 IntcAzAudAddService (Service for Realtek HD Audio (WDM)) - c:\windows\system32\drivers\rtkvhd64.sys (file missing)

R3 intelppm (Intel-Prozessortreiber) - c:\windows\system32\drivers\intelppm.sys (file missing)

R3 iScsiPrt (iScsiPort-Treiber) - c:\windows\system32\drivers\msiscsi.sys (file missing)

R3 ksthunk (Kernel Streaming Thunks) - c:\windows\system32\drivers\ksthunk.sys (file missing)

R3 LHidFilt (Logitech SetPoint KMDF HID Filter Driver) - c:\windows\system32\drivers\lhidfilt.sys (file missing)

R3 LMouFilt (Logitech SetPoint KMDF Mouse Filter Driver) - c:\windows\system32\drivers\lmoufilt.sys (file missing)

R3 LVcKap64 (Logitech AEC Driver) - c:\windows\system32\drivers\lvckap64.sys (file missing)

R3 LVMVDrv (Logitech Machine Vision Engine Loader) - c:\windows\system32\drivers\lvmvdrv.sys (file missing)

R3 lvpopf64 (Logitech POP Suppression Filter) - c:\windows\system32\drivers\lvpopf64.sys (file missing)

R3 LVPr2M64 (Logitech LVPr2M64 Driver) - c:\windows\system32\drivers\lvpr2m64.sys (file missing)

R3 LVUSBS64 (Logitech USB Monitor Filter) - c:\windows\system32\drivers\lvusbs64.sys (file missing)

R3 LVUVC64 (Logitech QuickCam Pro 5000(UVC)) - c:\windows\system32\drivers\lvuvc64.sys (file missing)

R3 monitor (Microsoft Monitor-Klassenfunktionstreiber-Dienst) - c:\windows\system32\drivers\monitor.sys (file missing)

R3 mouhid (Maus-HID-Treiber) - c:\windows\system32\drivers\mouhid.sys (file missing)

R3 mpsdrv (Windows-Firewallautorisierungstreiber) - c:\windows\system32\drivers\mpsdrv.sys (file missing)

R3 MRxDAV (WebDav Client Redirector Driver) - c:\windows\system32\drivers\mrxdav.sys (file missing)

R3 mrxsmb (SMB MiniRedirector Wrapper and Engine) - c:\windows\system32\drivers\mrxsmb.sys (file missing)

R3 mrxsmb10 (SMB 1.x MiniRedirector) - c:\windows\system32\drivers\mrxsmb10.sys (file missing)

R3 mrxsmb20 (SMB 2.0 MiniRedirector) - c:\windows\system32\drivers\mrxsmb20.sys (file missing)

R3 mssmbios (Microsoft-Systemverwaltungs-BIOS-Treiber) - c:\windows\system32\drivers\mssmbios.sys (file missing)

R3 NdisTapi (RAS-NDIS-TAPI-Treiber) - c:\windows\system32\drivers\ndistapi.sys (file missing)

R3 NdisWan (RAS-NDIS-WAN-Treiber) - c:\windows\system32\drivers\ndiswan.sys (file missing)

R3 NDProxy (NDIS Proxy) - c:\windows\system32\drivers\ndproxy.sys (file missing)

R3 Ntfs - c:\windows\system32\drivers\ntfs.sys (file missing)

R3 nvlddmkm - c:\windows\system32\drivers\nvlddmkm.sys (file missing)

R3 Parport (Treiber für parallelen Anschluss) - c:\windows\system32\drivers\parport.sys (file missing)

R3 PptpMiniport (WAN-Miniport (PPTP)) - c:\windows\system32\drivers\raspptp.sys (file missing)

R3 Rasl2tp (WAN-Miniport (L2TP)) - c:\windows\system32\drivers\rasl2tp.sys (file missing)

R3 RasPppoe (Remotezugriff-PPPOE-Treiber) - c:\windows\system32\drivers\raspppoe.sys (file missing)

R3 rdpdr (Treiber für Terminalserver-Geräteumleitung) - c:\windows\system32\drivers\rdpdr.sys (file missing)

R3 Serenum (Serenum-Filtertreiber) - c:\windows\system32\drivers\serenum.sys (file missing)

R3 srv - c:\windows\system32\drivers\srv.sys (file missing)

R3 srv2 - c:\windows\system32\drivers\srv2.sys (file missing)

R3 srvnet - c:\windows\system32\drivers\srvnet.sys (file missing)

R3 swenum (Software-Bus-Treiber) - c:\windows\system32\drivers\swenum.sys (file missing)

R3 tunmp (Microsoft Tun-Miniportadaptertreiber) - c:\windows\system32\drivers\tunmp.sys (file missing)

R3 tunnel (Microsoft-IPv6-Tunnelminiport-Adaptertreiber) - c:\windows\system32\drivers\tunnel.sys (file missing)

R3 umbus (UMBus-Enumerator-Treiber) - c:\windows\system32\drivers\umbus.sys (file missing)

R3 usbaudio (USB-Audiotreiber (WDM)) - c:\windows\system32\drivers\usbaudio.sys (file missing)

R3 usbccgp (Microsoft Standard-USB-Haupttreiber) - c:\windows\system32\drivers\usbccgp.sys (file missing)

R3 usbehci (Miniporttreiber für erweiterten Microsoft USB 2.0-Hostcontroller) - c:\windows\system32\drivers\usbehci.sys (file missing)

R3 usbhub (USB2-aktivierter Hub) - c:\windows\system32\drivers\usbhub.sys (file missing)

R3 usbuhci (Miniporttreiber für universellen Microsoft USB-Hostcontroller) - c:\windows\system32\drivers\usbuhci.sys (file missing)

R4 cdfs (CD/DVD File System Reader) - c:\windows\system32\drivers\cdfs.sys (file missing)
 

S3 BrFiltLo (Brother USB Mass-Storage Lower Filter Driver) - c:\windows\system32\drivers\brfiltlo.sys (file missing)

S3 BrFiltUp (Brother USB Mass-Storage Upper Filter Driver) - c:\windows\system32\drivers\brfiltup.sys (file missing)

S3 BrUsbSer (Brother MFC USB Serial WDM Driver) - c:\windows\system32\drivers\brusbser.sys (file missing)

S3 drmkaud (Microsoft Kernel-DRM-Audioentschlüsselung) - c:\windows\system32\drivers\drmkaud.sys (file missing)

S3 E1G60 (Intel(R) PRO/1000 NDIS 6 Adapter Driver) - c:\windows\system32\drivers\e1g6032e.sys (file missing)

S3 Filetrace - c:\windows\system32\drivers\filetrace.sys (file missing)

S3 gagp30kx (Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms) - c:\windows\system32\drivers\gagp30kx.sys (file missing)

S3 HdAudAddService (Microsoft 1.1 UAA-Funktionstreiber für High Definition Audio-Dienst) - c:\windows\system32\drivers\hdaudio.sys (file missing)

S3 IpFilterDriver (IP Traffic Filter Driver) - c:\windows\system32\drivers\ipfltdrv.sys (file missing)

S3 IPNAT (IP Network Address Translator) - c:\windows\system32\drivers\ipnat.sys (file missing)

S3 IRENUM (IR Bus Enumerator) - c:\windows\system32\drivers\irenum.sys (file missing)

S3 Modem - c:\windows\system32\drivers\modem.sys (file missing)

S3 MSKSSRV (Microsoft Streaming Service Proxy) - c:\windows\system32\drivers\mskssrv.sys (file missing)

S3 MSPCLOCK (Microsoft Proxy für Streaming Clock) - c:\windows\system32\drivers\mspclock.sys (file missing)

S3 MSPQM (Microsoft Proxy für Streaming Quality Manager) - c:\windows\system32\drivers\mspqm.sys (file missing)

S3 MsRPC - c:\windows\system32\drivers\msrpc.sys (file missing)

S3 MSTEE (Microsoft Streaming Tee/Sink-to-Sink-Konvertierung) - c:\windows\system32\drivers\mstee.sys (file missing)

S3 NativeWifiP (NativeWiFi Filter) - c:\windows\system32\drivers\nwifi.sys (file missing)

S3 Ndisuio (NDIS Usermode I/O Protocol) - c:\windows\system32\drivers\ndisuio.sys (file missing)

S3 nmwcdcx64 (Nokia USB Generic) - c:\windows\system32\drivers\ccdcmbox64.sys (file missing)

S3 nmwcdnsucx64 (Nokia USB Flashing Generic) - c:\windows\system32\drivers\nmwcdnsucx64.sys (file missing)

S3 nmwcdnsux64 (Nokia USB Flashing Phone Parent) - c:\windows\system32\drivers\nmwcdnsux64.sys (file missing)

S3 nmwcdx64 (Nokia USB Phone Parent) - c:\windows\system32\drivers\ccdcmbx64.sys (file missing)

S3 nv_agp (NVIDIA nForce AGP Bus Filter) - c:\windows\system32\drivers\nv_agp.sys (file missing)

S3 Ph3xIB64 (Philips 713x Inbox PCI TV Card) - c:\windows\system32\drivers\ph3xib64.sys (file missing)

S3 QWAVEdrv (QWAVE-Treiber) - c:\windows\system32\drivers\qwavedrv.sys (file missing)

S3 RDPWD (RDP Winstation Driver) - c:\windows\system32\drivers\rdpwd.sys (file missing)

S3 s115bus (Sony Ericsson Device 115 driver (WDM)) - c:\windows\system32\drivers\s115bus.sys (file missing)

S3 s115mdfl (Sony Ericsson Device 115 USB WMC Modem Filter) - c:\windows\system32\drivers\s115mdfl.sys (file missing)

S3 s115mdm (Sony Ericsson Device 115 USB WMC Modem Driver) - c:\windows\system32\drivers\s115mdm.sys (file missing)

S3 s115mgmt (Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM)) - c:\windows\system32\drivers\s115mgmt.sys (file missing)

S3 s115obex (Sony Ericsson Device 115 USB WMC OBEX Interface) - c:\windows\system32\drivers\s115obex.sys (file missing)

S3 sffp_mmc (SFF Storage Protocol Driver for MMC) - c:\windows\system32\drivers\sffp_mmc.sys (file missing)

S3 sffp_sd (SFF Storage Protocol Driver for SDBus) - c:\windows\system32\drivers\sffp_sd.sys (file missing)

S3 Tcpip6 (Microsoft IPv6 Protocol Driver) - c:\windows\system32\drivers\tcpip.sys (file missing)

S3 TDPIPE - c:\windows\system32\drivers\tdpipe.sys (file missing)

S3 TDTCP - c:\windows\system32\drivers\tdtcp.sys (file missing)

S3 tssecsrv (Terminal Services Security Filter Driver) - c:\windows\system32\drivers\tssecsrv.sys (file missing)

S3 uliagpkx (Uli AGP Bus Filter) - c:\windows\system32\drivers\uliagpkx.sys (file missing)

S3 upperdev - c:\windows\system32\drivers\usbser_lowerfltx64.sys (file missing)

S3 usbser (Nokia USB Serial Port) - c:\windows\system32\drivers\usbser.sys (file missing)

S3 UsbserFilt - c:\windows\system32\drivers\usbser_lowerfltx64j.sys (file missing)

S3 USBSTOR (USB-Massenspeichertreiber) - c:\windows\system32\drivers\usbstor.sys (file missing)

S3 vga - c:\windows\system32\drivers\vgapnp.sys (file missing)

Lukerunner

03.05.2008 23:52

3.Teil:

Code:

S3 Wanarp (Remote Access IP ARP Driver) - c:\windows\system32\drivers\wanarp.sys (file missing)

S3 WpdUsb - c:\windows\system32\drivers\wpdusb.sys (file missing)

S3 WUDFRd - c:\windows\system32\drivers\wudfrd.sys (file missing)

S4 adp94xx - c:\windows\system32\drivers\adp94xx.sys (file missing)

S4 adpahci - c:\windows\system32\drivers\adpahci.sys (file missing)

S4 adpu160m - c:\windows\system32\drivers\adpu160m.sys (file missing)

S4 adpu320 - c:\windows\system32\drivers\adpu320.sys (file missing)

S4 aic78xx - c:\windows\system32\drivers\djsvs.sys (file missing)

S4 aliide - c:\windows\system32\drivers\aliide.sys (file missing)

S4 amdide - c:\windows\system32\drivers\amdide.sys (file missing)

S4 AmdK8 (AMD K8 Processor Driver) - c:\windows\system32\drivers\amdk8.sys (file missing)

S4 arc - c:\windows\system32\drivers\arc.sys (file missing)

S4 arcsas - c:\windows\system32\drivers\arcsas.sys (file missing)

S4 Brserid (Brother MFC Serial Port Interface Driver (WDM)) - c:\windows\system32\drivers\brserid.sys (file missing)

S4 BrSerWdm (Brother WDM Serial driver) - c:\windows\system32\drivers\brserwdm.sys (file missing)

S4 BrUsbMdm (Brother MFC USB Fax Only Modem) - c:\windows\system32\drivers\brusbmdm.sys (file missing)

S4 BTHMODEM (Bluetooth Serial Communications Driver) - c:\windows\system32\drivers\bthmodem.sys (file missing)

S4 circlass (Consumer IR Devices) - c:\windows\system32\drivers\circlass.sys (file missing)

S4 cmdide - c:\windows\system32\drivers\cmdide.sys (file missing)

S4 Compbatt (Microsoft Composite Battery Driver) - c:\windows\system32\drivers\compbatt.sys (file missing)

S4 elxstor - c:\windows\system32\drivers\elxstor.sys (file missing)

S4 HidBth (Microsoft Bluetooth HID Miniport) - c:\windows\system32\drivers\hidbth.sys (file missing)

S4 HidIr (Microsoft Infrared HID Driver) - c:\windows\system32\drivers\hidir.sys (file missing)

S4 HpCISSs - c:\windows\system32\drivers\hpcisss.sys (file missing)

S4 i2omp - c:\windows\system32\drivers\i2omp.sys (file missing)

S4 i8042prt (i8042 Keyboard and PS/2 Mouse Port Driver) - c:\windows\system32\drivers\i8042prt.sys (file missing)

S4 iaStorV (Intel RAID Controller Vista) - c:\windows\system32\drivers\iastorv.sys (file missing)

S4 iirsp - c:\windows\system32\drivers\iirsp.sys (file missing)

S4 intelide - c:\windows\system32\drivers\intelide.sys (file missing)

S4 IPMIDRV - c:\windows\system32\drivers\ipmidrv.sys (file missing)

S4 isapnp (PnP ISA/EISA Bus Driver) - c:\windows\system32\drivers\isapnp.sys (file missing)

S4 iteatapi (ITEATAPI_Service_Install) - c:\windows\system32\drivers\iteatapi.sys (file missing)

S4 iteraid (ITERAID_Service_Install) - c:\windows\system32\drivers\iteraid.sys (file missing)

S4 LSI_FC - c:\windows\system32\drivers\lsi_fc.sys (file missing)

S4 LSI_SAS - c:\windows\system32\drivers\lsi_sas.sys (file missing)

S4 LSI_SCSI - c:\windows\system32\drivers\lsi_scsi.sys (file missing)

S4 megasas - c:\windows\system32\drivers\megasas.sys (file missing)

S4 mpio (Microsoft Multi-Path Bus Driver) - c:\windows\system32\drivers\mpio.sys (file missing)

S4 Mraid35x - c:\windows\system32\drivers\mraid35x.sys (file missing)

S4 msahci - c:\windows\system32\drivers\msahci.sys (file missing)

S4 msdsm (Microsoft Multi-Path Device Specific Module) - c:\windows\system32\drivers\msdsm.sys (file missing)

S4 nfrd960 - c:\windows\system32\drivers\nfrd960.sys (file missing)

S4 nvraid - c:\windows\system32\drivers\nvraid.sys (file missing)

S4 nvstor - c:\windows\system32\drivers\nvstor.sys (file missing)

S4 ohci1394 (NEC FireWarden OHCI Compliant IEEE 1394 Host Controller) - c:\windows\system32\drivers\ohci1394.sys (file missing)

S4 pciide - c:\windows\system32\drivers\pciide.sys (file missing)

S4 pcmcia - c:\windows\system32\drivers\pcmcia.sys (file missing)

S4 Processor (Processor Driver) - c:\windows\system32\drivers\processr.sys (file missing)

S4 ql2300 (QLogic Fibre Channel Miniport Driver) - c:\windows\system32\drivers\ql2300.sys (file missing)

S4 ql40xx (QLogic iSCSI Miniport Driver) - c:\windows\system32\drivers\ql40xx.sys (file missing)

S4 sbp2port (SBP-2 Transport/Protocol Bus Driver) - c:\windows\system32\drivers\sbp2port.sys (file missing)

S4 sermouse (Serial Mouse Driver) - c:\windows\system32\drivers\sermouse.sys (file missing)

S4 sffdisk (SFF Storage Class Driver) - c:\windows\system32\drivers\sffdisk.sys (file missing)

S4 sfloppy (High-Capacity Floppy Disk Drive) - c:\windows\system32\drivers\sfloppy.sys (file missing)

S4 SiSRaid2 - c:\windows\system32\drivers\sisraid2.sys (file missing)

S4 SiSRaid4 - c:\windows\system32\drivers\sisraid4.sys (file missing)

S4 Sym_hi - c:\windows\system32\drivers\sym_hi.sys (file missing)

S4 Sym_u3 - c:\windows\system32\drivers\sym_u3.sys (file missing)

S4 Symc8xx - c:\windows\system32\drivers\symc8xx.sys (file missing)

S4 udfs - c:\windows\system32\drivers\udfs.sys (file missing)

S4 uliahci - c:\windows\system32\drivers\uliahci.sys (file missing)

S4 UlSata - c:\windows\system32\drivers\ulsata.sys (file missing)

S4 ulsata2 - c:\windows\system32\drivers\ulsata2.sys (file missing)

S4 usbcir (eHome Infrared Receiver (USBCIR)) - c:\windows\system32\drivers\usbcir.sys (file missing)

S4 usbohci (Microsoft USB Open Host Controller Miniport Driver) - c:\windows\system32\drivers\usbohci.sys (file missing)

S4 usbprint (Microsoft USB PRINTER Class) - c:\windows\system32\drivers\usbprint.sys (file missing)

S4 vsmraid - c:\windows\system32\drivers\vsmraid.sys (file missing)

S4 WacomPen (Wacom Serial Pen HID Driver) - c:\windows\system32\drivers\wacompen.sys (file missing)

S4 Wd (Microsoft Watchdog Timer Driver) - c:\windows\system32\drivers\wd.sys (file missing)

S4 WmiAcpi (Microsoft Windows Management Interface for ACPI) - c:\windows\system32\drivers\wmiacpi.sys (file missing)

S4 ws2ifsl (Winsock IFS driver) - c:\windows\system32\drivers\ws2ifsl.sys (file missing)
 
 

-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
 

R2 AntiVirScheduler (AntiVir PersonalEdition Classic Planer) - "c:\anwendungen\program files (x86)\avira\antivir personaledition classic\sched.exe" <Not Verified; Avira GmbH; AntiVir Workstation>

R2 ProtexisLicensing - c:\windows\syswow64\psiservice.exe <Not Verified; ; PSIService>

R2 SamSs (Sicherheitskonto-Manager) - c:\windows\system32\lsass.exe (file missing)

R2 SBSDWSCService (SBSD Security Center Service) - c:\anwendungen\program files (x86)\spybot - search & destroy\sdwinsec.exe

R2 slsvc (Softwarelizenzierung) - c:\windows\system32\slsvc.exe (file missing)

R2 Spooler (Druckwarteschlange) - c:\windows\system32\spoolsv.exe (file missing)
 

S3 ALG (Gatewaydienst auf Anwendungsebene) - c:\windows\system32\alg.exe (file missing)

S3 DFSR (DFS-Replikation) - c:\windows\system32\dfsr.exe (file missing)

S3 Fax - c:\windows\system32\fxssvc.exe (file missing)

S3 KeyIso (CNG-Schlüsselisolation) - c:\windows\system32\lsass.exe (file missing)

S3 MSDTC (Distributed Transaction Coordinator) - c:\windows\system32\msdtc.exe (file missing)

S3 NBService - c:\anwendungen\program files (x86)\nero 7\nero backitup\nbservice.exe

S3 Netlogon (Anmeldedienst) - c:\windows\system32\lsass.exe (file missing)

S3 ProtectedStorage (Geschützter Speicher) - c:\windows\system32\lsass.exe (file missing)

S3 RpcLocator (RPC-Locator) - c:\windows\system32\locator.exe (file missing)

S3 ServiceLayer - "c:\program files (x86)\pc connectivity solution\servicelayer.exe" <Not Verified; Nokia.; PC Connectivity Solution>

S3 SNMPTRAP (SNMP-Trap) - c:\windows\system32\snmptrap.exe (file missing)

S3 Steam Client Service - c:\program files (x86)\common files\steam\steamservice.exe /runasservice

S3 UI0Detect (Erkennung interaktiver Dienste) - c:\windows\system32\ui0detect.exe (file missing)

S3 vds (Virtueller Datenträger) - c:\windows\system32\vds.exe (file missing)

S3 VSS (Volumeschattenkopie) - c:\windows\system32\vssvc.exe (file missing)

S3 wbengine (Block Level Backup Engine Service) - "c:\windows\system32\wbengine.exe" (file missing)

S3 wmiApSrv (WMI-Leistungsadapter) - c:\windows\system32\wbem\wmiapsrv.exe (file missing)
 
 

-- Device Manager: Disabled ----------------------------------------------------
 

Class GUID: 

Description: Videocontroller für Multimedia

Device ID: PCI\VEN_14F1&DEV_8800&SUBSYS_34010070&REV_03\3&267A616A&0&58

Manufacturer: 

Name: Videocontroller für Multimedia

PNP Device ID: PCI\VEN_14F1&DEV_8800&SUBSYS_34010070&REV_03\3&267A616A&0&58

Service: 
 

Class GUID: 

Description: Multimediacontroller

Device ID: PCI\VEN_14F1&DEV_8811&SUBSYS_34010070&REV_03\3&267A616A&0&59

Manufacturer: 

Name: Multimediacontroller

PNP Device ID: PCI\VEN_14F1&DEV_8811&SUBSYS_34010070&REV_03\3&267A616A&0&59

Service: 
 

Class GUID: {eec5ad98-8080-425f-922a-dabf3de3f69a}

Description: Nokia N95 8GB

Device ID: ROOT\WPD\0000

Manufacturer: Nokia

Name: Nokia N95 8GB

PNP Device ID: ROOT\WPD\0000

Service: WUDFRd
 
 

-- Scheduled Tasks -------------------------------------------------------------
 

2008-05-03 22:45:24       418 --ah----- C:\Windows\Tasks\User_Feed_Synchronization-{537A681B-4268-44B2-B77A-F6CDEEC075F8}.job
 
 

-- Files created between 2008-04-04 and 2008-05-04 -----------------------------
 

2008-05-03 22:08:47         0 d-------- C:\Program Files (x86)\Lavasoft

2008-05-03 22:08:46         0 d-------- C:\Users\All Users\Lavasoft

2008-05-03 17:30:22         0 d-------- C:\Program Files (x86)\SignSIS-GUI

2008-05-02 10:35:03         0 d-------- C:\Program Files (x86)\Zilla Popup Killer

2008-05-02 10:34:51    101888 --a------ C:\Windows\system32\VB6STKIT.DLL <Not Verified; Microsoft Corporation; Microsoft® Visual Basic for Windows>

2008-05-01 23:50:48         0 d-------- C:\Users\All Users\SecTaskMan

2008-05-01 23:28:54         0 d-------- C:\Program Files (x86)\Enigma Software Group

2008-04-28 17:04:03         0 d-------- C:\Users\All Users\Spybot - Search & Destroy

2008-04-27 10:16:32         0 d-------- C:\Program Files (x86)\DNA

2008-04-23 21:03:21         0 d-------- C:\Program Files (x86)\DivX

2008-04-22 15:42:31         0 d-------- C:\Users\All Users\Nokia

2008-04-22 15:31:52         0 d-------- C:\Program Files (x86)\Common Files\Nokia

2008-04-22 15:31:16         0 d-------- C:\Users\All Users\Installations

2008-04-22 15:07:19         0 d-------- C:\Users\All Users\PC Suite

2008-04-22 15:05:53         0 d-------- C:\Program Files (x86)\Common Files\PCSuite

2008-04-22 15:03:53         0 d-------- C:\Program Files (x86)\PC Connectivity Solution

2008-04-22 15:00:07         0 d-------- C:\Program Files (x86)\Nokia

2008-04-19 15:40:39         0 d-------- C:\Users\All Users\TrackMania

2008-04-17 18:26:47         0 d-------- C:\Program Files (x86)\Common Files\LightScribe

2008-04-17 18:15:00         0 d-------- C:\Users\All Users\Ahead

2008-04-17 18:11:06         0 d-------- C:\Users\All Users\Nero

2008-04-17 18:11:06         0 d-------- C:\Program Files (x86)\Common Files\Ahead

2008-04-17 14:23:04         0 d-------- C:\Program Files (x86)\Apple Software Update

2008-04-17 14:23:03         0 d-------- C:\Users\All Users\Apple

2008-04-15 18:09:20      3766 --ahs---- C:\Windows\system32\KGyGaAvL.sys

2008-04-15 18:09:20        88 -r-hs---- C:\Windows\system32\2C6B885687.sys

2008-04-15 18:05:51         0 d-------- C:\Windows\system32\Spool

2008-04-15 18:04:58         0 d-------- C:\Program Files (x86)\Common Files\Corel

2008-04-06 11:39:44         0 d-------- C:\Windows\system32\en

2008-04-06 11:39:44         0 d-------- C:\Windows\system32\drivers\en-US

2008-04-06 11:39:44         0 d-------- C:\Windows\system32\0409

2008-04-04 14:00:52    413696 --a------ C:\Windows\system32\wrap_oal.dll <Not Verified; Creative Labs; Creative Labs OpenAL32>

2008-04-04 14:00:52    110592 --a------ C:\Windows\system32\OpenAL32.dll <Not Verified; Portions (C) Creative Labs Inc. and NVIDIA Corp.; Standard OpenAL(TM) Library>

2008-04-04 14:00:52         0 d-------- C:\Program Files (x86)\OpenAL

2008-04-04 13:54:28         0 d-------- C:\Windows\system32\Futuremark

2008-04-04 13:54:28      3972 --a------ C:\Windows\system32\drivers\PciBus.sys
 
 

-- Find3M Report ---------------------------------------------------------------
 

2008-05-03 23:20:49         0 d-------- C:\Users\name\AppData\Roaming\Xfire

2008-05-03 22:48:57         0 d-------- C:\Users\name\AppData\Roaming\BitTorrent

2008-05-03 22:06:57         0 d-------- C:\Program Files (x86)\Common Files\Wise Installation Wizard

2008-05-03 22:01:58       425 --a------ C:\Users\name\AppData\Roaming\TheLastRipper.xml

2008-05-03 13:33:53         0 d-------- C:\Program Files (x86)\Ulead Systems

2008-05-03 13:31:34         0 d-------- C:\Users\name\AppData\Roaming\Ulead Systems

2008-05-03 13:31:25         0 d--h----- C:\Program Files (x86)\InstallShield Installation Information

2008-05-03 00:26:47         0 d-------- C:\Users\name\AppData\Roaming\Windows Live Writer

2008-05-02 10:39:38         0 d-------- C:\Program Files (x86)\Common Files\Steam

2008-05-01 22:03:58         0 d-------- C:\Program Files (x86)\ICQToolbar

2008-04-27 20:01:55         0 d-------- C:\Users\name\AppData\Roaming\DNA

2008-04-27 11:14:27         0 d-------- C:\Users\name\AppData\Roaming\Skype

2008-04-27 10:28:02         0 d-------- C:\Program Files (x86)\Java

2008-04-27 10:16:55         0 d-------- C:\Users\name\AppData\Roaming\skypePM

2008-04-27 10:16:12         0 d-------- C:\Users\name\AppData\Roaming\BitTorrent DNA

2008-04-26 15:42:08         0 d-------- C:\Users\name\AppData\Roaming\OpenOffice.org2

2008-04-26 15:25:55         0 d-------- C:\Users\name\AppData\Roaming\Ahead

2008-04-25 21:55:52         0 d-------- C:\Users\name\AppData\Roaming\Nokia Multimedia Player

2008-04-23 20:29:13         0 d-------- C:\Users\name\AppData\Roaming\Nokia

2008-04-23 19:34:06         0 d-------- C:\Users\name\AppData\Roaming\NSeries

2008-04-23 18:39:05         0 d-------- C:\Users\name\AppData\Roaming\SlySoft

2008-04-23 17:40:38         0 d-------- C:\Users\name\AppData\Roaming\PC Suite

2008-04-22 15:31:52         0 d-------- C:\Program Files (x86)\Common Files

2008-04-22 15:08:45         0 d-------- C:\Users\name\AppData\Roaming\Adobe

2008-04-17 14:41:04         0 d-------- C:\Users\name\AppData\Roaming\LimeWire

2008-04-17 14:24:36         0 d-------- C:\Program Files (x86)\Safari

2008-04-15 18:20:15         0 d-------- C:\Users\name\AppData\Roaming\Corel

2008-04-15 18:15:40         0 d-------- C:\Program Files (x86)\Common Files\PX Storage Engine

2008-04-15 18:11:28         0 d-------- C:\Program Files (x86)\Corel

2008-04-11 14:37:26         0 d-------- C:\Users\name\AppData\Roaming\Winamp

2008-04-10 16:55:52         0 d-------- C:\Program Files (x86)\Windows Mail

2008-04-06 11:39:44         0 d-------- C:\Program Files (x86)\Windows Sidebar

2008-04-06 11:39:44         0 d-------- C:\Program Files (x86)\Windows Photo Gallery

2008-04-06 11:39:44         0 d-------- C:\Program Files (x86)\Windows Defender

2008-04-06 11:39:44         0 d-------- C:\Program Files (x86)\Windows Calendar

2008-04-01 21:53:00         0 d-------- C:\Program Files (x86)\Microsoft Works

2008-04-01 21:52:34         0 d-------- C:\Program Files (x86)\MSBuild

2008-04-01 21:50:10         0 d-------- C:\Program Files (x86)\Microsoft.NET

2008-04-01 21:47:15         0 d-------- C:\Program Files (x86)\Microsoft Visual Studio 8

2008-03-31 23:25:48    823296 --a------ C:\Windows\system32\divx_xx0c.dll <Not Verified; DivX, Inc.; DivX®>

2008-03-31 23:25:48    823296 --a------ C:\Windows\system32\divx_xx07.dll <Not Verified; DivX, Inc.; DivX®>

2008-03-31 23:25:46    802816 --a------ C:\Windows\system32\divx_xx11.dll <Not Verified; DivX, Inc.; DivX?>

2008-03-31 23:25:46    831488 --a------ C:\Windows\system32\divx_xx0a.dll

2008-03-31 23:25:46    682496 --a------ C:\Windows\system32\DivX.dll <Not Verified; DivX, Inc.; DivX®>

2008-03-29 18:27:07         0 d-------- C:\Users\name\AppData\Roaming\Apple Computer

2008-03-21 22:30:08   3596288 --a------ C:\Windows\system32\qt-dx331.dll

2008-03-21 22:28:54    196608 --a------ C:\Windows\system32\dtu100.dll <Not Verified; DivX, Inc.; DivX, Inc. dtu100>

2008-03-21 22:28:54     81920 --a------ C:\Windows\system32\dpl100.dll <Not Verified; DivX, Inc.; DivX, Inc. dpl100>

2008-03-21 22:28:20     12288 --a------ C:\Windows\system32\DivXWMPExtType.dll

2008-03-18 18:46:49         0 d-------- C:\Program Files (x86)\Windows Live Favorites

2008-03-18 18:46:40         0 d-------- C:\Program Files (x86)\Windows Live Toolbar

2008-03-17 19:28:35         0 d-------- C:\Program Files (x86)\Sony Ericsson USB

2008-03-17 12:56:22         0 d-------- C:\Users\name\AppData\Roaming\Google

2008-03-17 12:55:00         0 d-------- C:\Program Files (x86)\Google

2008-03-15 00:46:24         0 d-------- C:\Users\name\AppData\Roaming\Unyte

2008-03-14 23:58:25         0 d-------- C:\Users\name\AppData\Roaming\teamspeak2

2008-03-14 23:18:51         0 d-------- C:\Program Files (x86)\Skype

2008-03-14 23:18:46         0 d-------- C:\Program Files (x86)\Common Files\Skype

2008-03-12 17:22:32         0 d-------- C:\Program Files (x86)\Microsoft Silverlight

2008-03-11 17:40:12         0 d-------- C:\Users\name\AppData\Roaming\FileZilla

2008-03-06 21:51:33         0 d-------- C:\Users\name\AppData\Roaming\phonostar-Player
 
 

-- Registry Dump ---------------------------------------------------------------
 
 
 

-- End of Deckard's System Scanner: finished at 2008-05-04 00:11:28 ------------

Lukerunner

03.05.2008 23:57

extra.txt

Code:

Deckard's System Scanner v20071014.68

Extra logfile - please post this as an attachment with your post.

--------------------------------------------------------------------------------
 

-- System Information ----------------------------------------------------------
 

Microsoft® Windows Vista™ Ultimate  (build 6000)

Architecture: X64; Language: German
 

CPU 0: Intel(R) Pentium(R) D CPU 2.80GHz

Percentage of Memory in Use: 54%

Physical Memory (total/avail): 2046.69 MiB / 937.75 MiB

Pagefile Memory (total/avail): 4309.56 MiB / 2853.43 MiB

Virtual Memory (total/avail): 4095.88 MiB / 3952.67 MiB
 

A: is Removable (No Media)

C: is Fixed (NTFS) - 465.76 GiB total, 210.11 GiB free. 

D: is Fixed (NTFS) - 19.53 GiB total, 18.6 GiB free. 

E: is CDROM (No Media)

F: is Fixed (NTFS) - 19.53 GiB total, 13.02 GiB free. 

G: is Fixed (NTFS) - 58.59 GiB total, 58.51 GiB free. 

H: is Fixed (FAT32) - 31.84 GiB total, 30.28 GiB free. 
 

\\.\PHYSICALDRIVE1 - SAMSUNG HD501LJ ATA Device - 465.76 GiB - 1 partition

  \PARTITION0 (bootable) - Installierbares Dateisystem - 465.76 GiB - C:
 

\\.\PHYSICALDRIVE0 - SAMSUNG SP1604N ATA Device - 149.05 GiB - 5 partitions

  \PARTITION0 - Unknown - 19.53 GiB

  \PARTITION1 (bootable) - Installierbares Dateisystem - 19.53 GiB - D:

  \PARTITION2 - Erweitert mit Int 13 (erweitert) - 109.98 GiB - F: - G: - H:
 
 
 

-- Security Center -------------------------------------------------------------
 

Windows Internal Firewall is enabled.
 

AV: Avira AntiVir PersonalEdition v8.0.1.15 (Avira GmbH)

AS: Avira AntiVir PersonalEdition v 7.0.3.158

 (Avira GmbH)

AS: Spybot - Search and Destroy v1.0.0.5 (Safer Networking Ltd.) Disabled

AS: Windows-Defender v1.1.1505.0 (Microsoft Corporation)
 

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"C:\\Anwendungen\\Program Files (x86)\\BitTorrent\\bittorrent.exe"="C:\\Anwendungen\\Program Files (x86)\\BitTorrent\\bittorrent.exe:*:Enabled:BitTorrent"
 
 

-- Environment Variables -------------------------------------------------------
 

ALLUSERSPROFILE=C:\ProgramData

APPDATA=C:\Users\name\AppData\Roaming

CLASSPATH=.;C:\Program Files (x86)\Java\jre1.6.0_02\lib\ext\QTJava.zip

CommonProgramFiles=C:\Program Files (x86)\Common Files

CommonProgramFiles(x86)=C:\Program Files (x86)\Common Files

CommonProgramW6432=C:\Program Files\Common Files

COMPUTERNAME=NAME-PC

ComSpec=C:\Windows\system32\cmd.exe

DEFAULT_CA_NR=CA8

FP_NO_HOST_CHECK=NO

HOMEDRIVE=C:

HOMEPATH=\Users\name

LANG=de

LOCALAPPDATA=C:\Users\name\AppData\Local

LOGONSERVER=\\NAME-PC

NUMBER_OF_PROCESSORS=2

OS=Windows_NT

Path=C:\Program Files (x86)\PC Connectivity Solution\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Program Files (x86)\Common Files\Ulead Systems\MPEG;C:\Program Files (x86)\Common Files\Ulead Systems\DVD;C:\Anwendungen\Program Files (x86)\Common Files\GTK\2.0\bin;C:\Program Files (x86)\Common Files\Teleca Shared;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Anwendungen\Program Files (x86)\Smart Projects\IsoBuster

PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC

PROCESSOR_ARCHITECTURE=x86

PROCESSOR_ARCHITEW6432=AMD64

PROCESSOR_IDENTIFIER=EM64T Family 15 Model 4 Stepping 7, GenuineIntel

PROCESSOR_LEVEL=15

PROCESSOR_REVISION=0407

ProgramData=C:\ProgramData

ProgramFiles=C:\Program Files (x86)

ProgramFiles(x86)=C:\Program Files (x86)

ProgramW6432=C:\Program Files

PROMPT=$P$G

PUBLIC=C:\Users\Public

QTJAVA=C:\Program Files (x86)\Java\jre1.6.0_02\lib\ext\QTJava.zip

SESSIONNAME=Console

SystemDrive=C:

SystemRoot=C:\Windows

TEMP=C:\Users\name\AppData\Local\Temp

TMP=C:\Users\name\AppData\Local\Temp

USERDOMAIN=NAME-PC

USERNAME=name

USERPROFILE=C:\Users\name

windir=C:\Windows
 
 

-- User Profiles ---------------------------------------------------------------
 

Name (admin)

Name (new local, net ready)

Name (new local, guest, net ready)
 
 

-- Add/Remove Programs ---------------------------------------------------------
 

 -->  -c"C:\Anwendungen\Program Files (x86)\Ulead Systems\Ulead COOL 360\IS32Inst.dll"

 --> C:\Anwendungen\Program Files (x86)\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL

 --> C:\Program Files (x86)\DivX\DivXConverterUninstall.exe /CONVERTER

 --> C:\Windows\UNNeroBackItUp.exe /UNINSTALL

 --> C:\Windows\UNNeroMediaHome.exe /UNINSTALL

 --> C:\Windows\UNNeroShowTime.exe /UNINSTALL

 --> C:\Windows\UNNeroVision.exe /UNINSTALL

 --> C:\Windows\UNRecode.exe /UNINSTALL

[00]CSS PCA Mappack - Summerfeelings --> C:\Windows\[00]CSS PCA Mappack - Summerfeelings Uninstaller.exe

2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0015-0407-0000-0000000FF1CE} /uninstall {DCBECE36-8F23-4B33-925E-A1C6183C0DBD}

2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0016-0407-0000-0000000FF1CE} /uninstall {DCBECE36-8F23-4B33-925E-A1C6183C0DBD}

2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0018-0407-0000-0000000FF1CE} /uninstall {DCBECE36-8F23-4B33-925E-A1C6183C0DBD}

2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0019-0407-0000-0000000FF1CE} /uninstall {DCBECE36-8F23-4B33-925E-A1C6183C0DBD}

2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001A-0407-0000-0000000FF1CE} /uninstall {DCBECE36-8F23-4B33-925E-A1C6183C0DBD}

2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001B-0407-0000-0000000FF1CE} /uninstall {DCBECE36-8F23-4B33-925E-A1C6183C0DBD}

2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}

2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}

2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}

2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0410-0000-0000000FF1CE} /uninstall {58FC5E37-DD28-4D4A-A549-125744C6763C}

2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {00C5525B-3CB3-467D-8100-2E6FB306CD86}

2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-002A-0407-1000-0000000FF1CE} /uninstall {888B9AC7-8F5C-456B-A27A-157A6C310E52}

2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}

2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0044-0407-0000-0000000FF1CE} /uninstall {DCBECE36-8F23-4B33-925E-A1C6183C0DBD}

2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-006E-0407-0000-0000000FF1CE} /uninstall {888B9AC7-8F5C-456B-A27A-157A6C310E52}

2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-00A1-0407-0000-0000000FF1CE} /uninstall {DCBECE36-8F23-4B33-925E-A1C6183C0DBD}

2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-00BA-0407-0000-0000000FF1CE} /uninstall {DCBECE36-8F23-4B33-925E-A1C6183C0DBD}

3DMark06 --> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{7F3AD00A-1819-4B15-BB7D-08B3586336D7}\setup.exe" -l0x9  -removeonly

Ad-Aware 2007 --> MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}

Adobe Flash Player ActiveX --> C:\Windows\SysWOW64\Macromed\Flash\uninstall_activeX.exe

Adobe Flash Player Plugin --> C:\Windows\SysWOW64\Macromed\Flash\uninstall_plugin.exe

Adobe Reader 8.1.2 - Deutsch --> MsiExec.exe /I{AC76BA86-7AD7-1031-7B44-A81200000003}

Adobe® Photoshop® Album Starter Edition 3.0 --> MsiExec.exe /I{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}

AGEIA PhysX v6.10.05 --> MsiExec.exe /X{582876EC-A178-44D4-9823-C10D6C62EAFF}

Alive Video Converter (version 3.1.9.2) --> "C:\Anwendungen\Program Files (x86)\AliveMedia\Video Converter\unins000.exe"

Apple Software Update --> MsiExec.exe /I{02DFF6B1-1654-411C-8D7B-FD6052EF016F}

Avira AntiVir Personal – Free Antivirus --> C:\Anwendungen\Program Files (x86)\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE

Battlefield 2(TM) --> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}\setup.exe" -l0x7  -removeonly

Battlefield 2: Special Forces --> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{50D4CB89-AF34-4978-96DC-C3034062E901}\setup.exe" -l0x7  -removeonly

BitTorrent --> "C:\Anwendungen\Program Files (x86)\BitTorrent\BitTorrent.exe" /UNINSTALL

Call of Duty(R) 4 - Modern Warfare(TM) --> C:\Program Files (x86)\InstallShield Installation Information\{E48469CC-635E-4FD5-A122-1497C286D217}\setup.exe -runfromtemp -l0x0407

Carom3D --> C:\Windows\NeoUninstall.exe "C:\Spiele\Program Files\Neoact\Carom3D\Uninstall.ini"

CloneDVDmobile --> "C:\Anwendungen\Program Files (x86)\SlySoft\CloneDVDmobile\CloneDVDmobile-uninst.exe" /D="C:\Anwendungen\Program Files (x86)\SlySoft\CloneDVDmobile"

DebugMode Wink --> "C:\Anwendungen\Program Files (x86)\DebugMode\Wink\uninst.exe"

DHTML Editing Component --> MsiExec.exe /I{2EA870FA-585F-4187-903D-CB9FFD21E2E0}

DIE SIEDLER - Aufstieg eines Königreichs Demo --> "C:\Program Files (x86)\InstallShield Installation Information\{29EA790B-D222-4ABF-8DF4-3DA5EB11791B}\Setup.exe" -runfromtemp -l0x0007 -removeonly

DivX Codec --> C:\Program Files (x86)\DivX\DivXCodecUninstall.exe /CODEC

DivX Converter --> C:\Program Files (x86)\DivX\DivXConverterUninstall.exe /CONVERTER

DivX Player --> C:\Program Files (x86)\DivX\DivXPlayerUninstall.exe /PLAYER

DivX Web Player --> C:\Program Files (x86)\DivX\DivXWebPlayerUninstall.exe /PLUGIN

DNA --> "C:\Program Files (x86)\DNA\btdna.exe" /UNINSTALL

Duden Rechtschreibtrainer --> MsiExec.exe /X{90D1201F-2B53-45A5-B940-B7DE21B995FC}

Duden Tipptrainer 2.0 --> MsiExec.exe /I{7036A07A-FE2A-4920-A944-19B73D16F106}

eMusic - 50 Free MP3 offer --> "C:\Anwendungen\Program Files (x86)\Winamp\eMusic\Uninst-eMusic-promotion.exe"

EPSON Scan --> C:\Program Files (x86)\epson\escndv\setup\setup.exe /r

FEAR --> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{2B653229-9854-4989-B780-D978F5F13EAB}\setup.exe" -l0x7  /zU -removeonly

FileZilla Client 3.0.7.1 --> C:\Anwendungen\Program Files (x86)\FileZilla Client\uninstall.exe

FlatOut2 --> "C:\Spiele\Program Files (x86)\Steam\steam.exe" steam://uninstall/2990

Free WMA to MP3 Converter 1.16 --> "C:\Anwendungen\Program Files (x86)\Free WMA to MP3 Converter\unins000.exe"

Google Earth --> MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72}

Google Toolbar for Internet Explorer --> MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}

Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files (x86)\google\googletoolbar1.dll"

Gothic III --> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{02B244A2-7F6A-42E8-A36F-8C385D7A1625}\setup.exe" -l0x7  -removeonly

GTK+ 2.10.13 runtime environment --> "C:\Anwendungen\Program Files (x86)\Common Files\GTK\2.0\setup\unins000.exe"

Half-Life 2 Awakening 1.1 --> c:\Spiele\Program Files (x86)\Steam\steamapps\SourceMods\Uninstal.exe

Hauppauge WinTV-PVR 150 Drivers --> C:\PROGRA~2\WinTV\UNpvr48.EXE C:\PROGRA~2\WinTV\pvr26xxx.LOG

Hervorhebe-Funktion (Windows Live Toolbar) --> MsiExec.exe /X{00D0200F-3B4D-4A2F-869E-533ED835A943}

HijackThis 2.0.2 --> "C:\Anwendungen\Program Files (x86)\HiJackThis\HijackThis.exe" /uninstall

ICQ 5.1 --> C:\Program Files (x86)\ICQLite\ICQLiteUninstall.EXE

ICQ Toolbar --> regsvr32 /u /s "C:\PROGRA~2\ICQTOO~1\toolbaru.dll" 

Infernal --> "C:\Spiele\Program Files (x86)\Steam\steam.exe" steam://uninstall/7060

InfraRecorder --> C:\Anwendungen\Program Files (x86)\InfraRecorder\uninstall.exe

InternetGameBox --> C:\Anwendungen\Program Files (x86)\InternetGameBox\uninst.exe

IsoBuster 2.3 --> "C:\Anwendungen\Program Files (x86)\Smart Projects\IsoBuster\Uninst\unins000.exe"

iTunes --> MsiExec.exe /I{B045B608-4A47-4C77-9EAD-06C394503306}

J2SE Runtime Environment 5.0 Update 9 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150090}

Java(TM) 6 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}

Java(TM) 6 Update 5 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}

LimeWire 4.16.6 --> "C:\Anwendungen\Program Files (x86)\LimeWire\uninstall.exe"

Logitech Desktop Messenger --> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\SETUP.exe" -l0x7 UNINSTALL -removeonly

Logitech SetPoint --> C:\Program Files (x86)\InstallShield Installation Information\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}\setup.exe -runfromtemp -l0x0007 -removeonly

Logitech® Camera-Treiber --> "C:\Program Files (x86)\Common Files\LogiShrd\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT

Mozilla Firefox (2.0.0.14) --> C:\Anwendungen\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe

MP3 and WAV Solutions 1 --> C:\Windows\cadkasdeinst01.exe "C:\Anwendungen\Program Files (x86)\MP3 and WAV Solutions 1\"

MSXML 4.0 SP2 (KB927978) --> MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}

MSXML 4.0 SP2 (KB936181) --> MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}

MSXML 4.0 SP2 (KB941833) --> MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}

Nero 7 Essentials --> MsiExec.exe /X{1A6A6531-08FC-47AD-BAC4-C41497E71031}

neroxml --> MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}

Nvu 1.0 --> "C:\Anwendungen\Program Files (x86)\Nvu\unins000.exe"

Oblivion --> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{35CB6715-41F8-4F99-8881-6FC75BF054B0}\setup.exe" -l0x7  -removeonly

OpenAL --> "C:\Program Files (x86)\OpenAL\oalinst.exe" /U

OpenOffice.org 2.3 --> MsiExec.exe /I{DD5B65F7-7CA5-4DE4-AEE7-7E8F26BF78F5}

Painkiller Overdose Demo --> "C:\Spiele\Program Files (x86)\Steam\steam.exe" steam://uninstall/3280

PC Connectivity Solution --> MsiExec.exe /I{6094AB91-4CC8-498E-9DFF-134CC0B159DE}

phonostar-Player Version 2.01.0 --> "C:\Anwendungen\Program Files (x86)\phonostar\unins000.exe"

Phonostar eBay-Icon 1.0.000 --> C:\Windows\uninstall\Phonostar eBay-Icon\setup.exe

Presentation To Video Converter --> "C:\Anwendungen\Program Files (x86)\GeoVid\Presentation To Video Converter\unins000.exe"

Privoxy 3.0.6 --> "C:\Anwendungen\Program Files (x86)\Vidalia Bundle\Uninstall.exe"

QuickTime --> MsiExec.exe /I{95A890AA-B3B1-44B6-9C18-A8F7AB3EE7FC}

Realtek High Definition Audio Driver --> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x7  -removeonly

Safari --> MsiExec.exe /I{40589552-3892-409E-B92C-9F5032A4B2F0}

ShotOnline --> C:\Spiele\Program Files (x86)\ShotOnline\uninst.exe

SHOUTcast Source DSP 1.9.0 (remove only) --> C:\Anwendungen\Program Files (x86)\Winamp\uninst-dsp.exe

Skype™ 3.6 --> MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}

Smart Menus (Windows Live Toolbar) --> MsiExec.exe /X{2DD6C198-FA9A-40B4-8DE5-CE5206E3EB34}

Spybot - Search & Destroy --> "C:\Anwendungen\Program Files (x86)\Spybot - Search & Destroy\unins000.exe"

Steam --> MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}

SUPER © Version 2007.bld.23 (July 4, 2007) --> C:\ANWEND~1\PROGRA~1\ERIGHT~1\SUPER\Setup.exe /remove /q0

Team Fortress 2 --> "C:\Spiele\Program Files (x86)\Steam\steam.exe" steam://uninstall/440

TeamSpeak 2 RC2 --> "C:\Anwendungen\Program Files (x86)\Teamspeak2_RC2\unins000.exe"

Techno4ever Player --> C:\Anwendungen\Program Files (x86)\T4E\Player\T4E_Uninstaller.exe

Techno4ever Toolbar --> C:\PROGRA~2\TECHNO~1\UNWISE.EXE C:\PROGRA~2\TECHNO~1\INSTALL.LOG

The GIMP 2.2.17 --> "C:\Anwendungen\Program Files (x86)\GIMP-2.0\unins000.exe"

The Matrix - Path of Neo --> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{E571E8B1-9771-465D-9DE0-3BA2D1BDAE99}\SETUP.EXE" -l0x7  -removeonly

The Movies Demo --> "C:\Spiele\Program Files (x86)\Steam\steam.exe" steam://uninstall/7920

TheLastRipper 1.1.0 --> C:\Anwendungen\Program Files (x86)\TheLastRipper\uninst.exe

TMPGEnc 4.0 XPress Testversion --> MsiExec.exe /I{1BF4C621-8016-48B3-AF4A-107277FCBF83}

Tor 0.1.2.19 --> "C:\Anwendungen\Program Files (x86)\Vidalia Bundle\Uninstall.exe"

Update for Outlook 2007 Junk Email Filter (kb949037) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B4F188C6-6DBF-42A5-A8A3-3086D1A384F2}

Vidalia 0.0.16 --> "C:\Anwendungen\Program Files (x86)\Vidalia Bundle\Uninstall.exe"

VideoLAN VLC media player 0.8.6d --> C:\Anwendungen\Program Files (x86)\VideoLAN\VLC\uninstall.exe

Virtual DJ - Atomix Productions --> C:\ANWEND~1\PROGRA~1\VIRTUA~1\UNWISE.EXE C:\ANWEND~1\PROGRA~1\VIRTUA~1\INSTALL.LOG

Virtual Me Character Creator --> MsiExec.exe /X{EEC002BD-E0FB-46DF-B724-0521A5170E02}

WebDialogs Unyte --> C:\ProgramData\Skype\Plugins\Plugins\F09C3B9060684346A02C2F528049D062\uninstall.exe

Winamp --> "C:\Anwendungen\Program Files (x86)\Winamp\UninstWA.exe"

Winamp Remote --> "C:\Program Files (x86)\Winamp Remote\uninstall.exe"

Winamp Toolbar for Internet Explorer --> "C:\Program Files (x86)\Winamp Toolbar\uninstall.exe"

Windows Live Writer --> MsiExec.exe /X{B8D42C3A-3CFF-4A8A-A7DA-4F44474D12C5}

Windows Media Player Firefox Plugin --> MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}

WinRAR --> C:\Program Files (x86)\WinRAR\uninstall.exe

Xfire (remove only) --> "C:\Anwendungen\Program Files (x86)\Xfire\uninst.exe"

Yahoo! Toolbar --> C:\PROGRA~2\Yahoo!\Common\unyt.exe
 
 

-- Application Event Log -------------------------------------------------------
 

Event Record #/Type25391 / Success

Event Submitted/Written: 05/03/2008 09:44:39 PM

Event ID/Source: 12001 / usnjsvc

Event Description:

The Messenger Sharing USN Journal Reader service started successfully.
 

Event Record #/Type25386 / Success

Event Submitted/Written: 05/03/2008 09:43:59 PM

Event ID/Source: 5617 / WinMgmt

Event Description:
 
 

Event Record #/Type25385 / Success

Event Submitted/Written: 05/03/2008 09:43:58 PM

Event ID/Source: 5615 / WinMgmt

Event Description:
 
 

Event Record #/Type25379 / Success

Event Submitted/Written: 05/03/2008 09:43:51 PM

Event ID/Source: 902 / Software Licensing Service

Event Description:

Der Softwarelizenzierungsdienst wurde gestartet.
 

Event Record #/Type25368 / Warning

Event Submitted/Written: 05/03/2008 09:41:46 PM

Event ID/Source: 1530 / profsvc

Event Description:

1 user registry handles leaked from \Registry\User\S-1-5-21-3676559067-3133431721-2156353584-1000_Classes:

Process 988 (\Device\HarddiskVolume1\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-3676559067-3133431721-2156353584-1000_CLASSES
 
 
 

-- Security Event Log ----------------------------------------------------------
 

No Errors/Warnings found.
 
 

-- System Event Log ------------------------------------------------------------
 

Event Record #/Type98136 / Warning

Event Submitted/Written: 05/03/2008 09:45:11 PM

Event ID/Source: 3004 / WinDefend

Event Description:

%%8271.1.1505.0{A46B7FBA-532C-49E9-A35F-D05E3531DD73}Name-PCNameS-1-5-21-3676559067-3133431721-2156353584-1000Unknown%%832runonce:HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce\\InnoSetupRegFile.00000000010%%807
 

Event Record #/Type98085 / Warning

Event Submitted/Written: 05/03/2008 07:01:35 PM

Event ID/Source: 3004 / WinDefend

Event Description:

%%8271.1.1505.0{61A6A8B6-95B2-4604-BCDA-EFB8AEDAF7EF}Name-PCNameS-1-5-21-3676559067-3133431721-2156353584-1000Unknown%%832runonce:HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce\\InnoSetupRegFile.00000000010%%807
 

Event Record #/Type97960 / Warning

Event Submitted/Written: 05/03/2008 03:49:47 PM

Event ID/Source: 3004 / WinDefend

Event Description:

%%8271.1.1505.0{140F1128-6320-4CFF-A2E2-D166B97A8314}Name-PCNameS-1-5-21-3676559067-3133431721-2156353584-1000Unknown%%832runonce:HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce\\InnoSetupRegFile.00000000010%%807
 

Event Record #/Type97839 / Warning

Event Submitted/Written: 05/03/2008 01:37:40 PM

Event ID/Source: 3004 / WinDefend

Event Description:

%%8271.1.1505.0{AF220412-B04B-4A67-B104-2D2C56855025}Name-PCNameS-1-5-21-3676559067-3133431721-2156353584-1000Unknown%%832runonce:HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce\\InnoSetupRegFile.00000000010%%807
 

Event Record #/Type97711 / Warning

Event Submitted/Written: 05/03/2008 00:14:52 PM

Event ID/Source: 4226 / Tcpip

Event Description:

TCP/IP hat das Sicherheitslimit erreicht, das für die Anzahl gleichzeitiger TCP-Verbindungsversuche festgelegt wurde.
 
 
 

-- End of Deckard's System Scanner: finished at 2008-05-04 00:11:28 ------------

Lukerunner

04.05.2008 00:07

Malwarebytes auswertung (bei Schnellsuche) Komplett mach ich später!

Code:

Malwarebytes' Anti-Malware 1.11

Datenbank Version: 712
 

Scan Art: Schnell Scan

Objekte gescannt: 32249

Scan Dauer: 6 minute(s), 26 second(s)
 

Infizierte Speicher Prozesse: 0

Infizierte Speicher Module: 0

Infizierte Registrierungsschlüssel: 1

Infizierte Registrierungswerte: 0

Infizierte Datei Objekte der Registrierung: 0

Infizierte Verzeichnisse: 0

Infizierte Dateien: 1
 

Infizierte Speicher Prozesse:

(Keine Malware Objekte gefunden)
 

Infizierte Speicher Module:

(Keine Malware Objekte gefunden)
 

Infizierte Registrierungsschlüssel:

HKEY_CLASSES_ROOT\ensfolr.toolbar.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
 

Infizierte Registrierungswerte:

(Keine Malware Objekte gefunden)
 

Infizierte Datei Objekte der Registrierung:

(Keine Malware Objekte gefunden)
 

Infizierte Verzeichnisse:

(Keine Malware Objekte gefunden)
 

Infizierte Dateien:

C:\Windows\System32\nvs2.inf (Adware.EGDAccess) -> Quarantined and deleted successfully.

Alle Zeitangaben in WEZ +1. Es ist jetzt 14:12 Uhr.

Seite 1 von 3

100 Beiträge dieses Themas auf einer Seite anzeigen

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55