|
Redirekt Browser / Eingeschränkte Netzverbindung / Antir und Malwareohne Wirkung sry doppelpost |
Logfile of random's system information tool 1.06 (written by random/random) Run by Max Mustermann at 2010-01-06 15:14:55 Microsoft Windows XP Professional Service Pack 3 System drive C: has 12 GB (38%) free of 31 GB Total RAM: 2046 MB (70% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 15:15:04, on 06.01.2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16945) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe D:\Programme\System\Avira\AntiVir Desktop\sched.exe D:\Programme\System\Avira\AntiVir Desktop\avguard.exe D:\Programme\System\Java\jre6\bin\jqs.exe C:\Programme\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\STacSV.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Programme\SigmaTel\C-Major Audio\WDM\stsystra.exe C:\Programme\Synaptics\SynTP\SynTPEnh.exe C:\Programme\Google\Google Desktop Search\GoogleDesktop.exe D:\Programme\System\Avira\AntiVir Desktop\avgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\Programme\Google\Google Desktop Search\GoogleDesktop.exe D:\Programme\Office\Office_2007\Office12\WINWORD.EXE D:\PROGRA~1\System\FREEDO~1\fdm.exe D:\Programme\System\Firefox\firefox.exe D:\Programme\System\Malwarebytes' Anti-Malware\mbam.exe C:\WINDOWS\system32\NOTEPAD.EXE D:\Programme\Office\Office_2007\Office12\OUTLOOK.EXE C:\Dokumente und Einstellungen\Max Mustermann\Desktop\RSIT.exe C:\Programme\trend micro\Max Mustermann.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - (no file) O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file) O2 - BHO: CmjBrowserHelperObject Object - {AC41D38F-B56D-40AD-94E0-B493D130C959} - (no file) O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - (no file) O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - (no file) O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file) O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - (no file) O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\stsystra.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Programme\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [Google Desktop Search] "C:\Programme\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [avgnt] "D:\Programme\System\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: Download all with Free Download Manager - file://D:\Programme\System\Free Download Manager\dlall.htm O8 - Extra context menu item: Download selected with Free Download Manager - file://D:\Programme\System\Free Download Manager\dlselected.htm O8 - Extra context menu item: Download video with Free Download Manager - file://D:\Programme\System\Free Download Manager\dlfvideo.htm O8 - Extra context menu item: Download with Free Download Manager - file://D:\Programme\System\Free Download Manager\dllink.htm O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://D:\PROGRA~1\Office\OFFICE~1\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Programme\System\Java\jre6\bin\jp2iexp.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Programme\System\Java\jre6\bin\jp2iexp.dll O9 - Extra button: Send to Mindjet MindManager - {531B9DC0-D8EE-4c76-A6EE-6C1E50569655} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Programme\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\Office\OFFICE~1\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O15 - Trusted Zone: *.windowsupdate.com O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab O16 - DPF: {588031A3-94BF-4CDD-86D0-939F6F93910F} (FixItClient Class) - https://fixit.support.microsoft.com/ActiveX/FixItClient.CAB O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://w*w.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1261480743046 O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://w*w.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1258822589890 O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F557} (Flatcast Viewer 5.0) - http://80.237.209.20/objects/NpFv501.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - D:\Programme\System\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - D:\Programme\System\Avira\AntiVir Desktop\avguard.exe O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Programme\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Programme\System\Java\jre6\bin\jqs.exe O23 - Service: ServiceLayer - Nokia - C:\Programme\PC Connectivity Solution\ServiceLayer.exe O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Programme\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\STacSV.exe -- End of file - 7579 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\1-Klick-Wartung.job C:\WINDOWS\tasks\Google Software Updater.job C:\WINDOWS\tasks\User_Feed_Synchronization-{7C7C1F46-99C4-4630-AF9F-FCC7859F0494}.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}] Skype add-on (mastermind) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] SSVHelper Class [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AC41D38F-B56D-40AD-94E0-B493D130C959}] CmjBrowserHelperObject Object [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}] FDMIECookiesBHO Class [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "SigmatelSysTrayApp"=C:\Programme\SigmaTel\C-Major Audio\WDM\stsystra.exe [2007-05-10 405504] "SynTPEnh"=C:\Programme\Synaptics\SynTP\SynTPEnh.exe [2007-10-26 1024000] "Google Desktop Search"=C:\Programme\Google\Google Desktop Search\GoogleDesktop.exe [2009-11-29 30192] "avgnt"=D:\Programme\System\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0] D:\Programme\Grafik\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] D:\Programme\Sonstiges\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe_ID0EYTHM] C:\PROGRA~1\GEMEIN~1\Adobe\ADOBEV~2\Server\bin\VERSIO~2.EXE [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier] C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelWireless] C:\Programme\Gemeinsame Dateien\Intel\WirelessCommon\iFrmewrk.exe [2008-10-16 1191936] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelZeroConfig] D:\Programme\Intel\WiFi\bin\ZCfgSvc.exe [2008-10-16 1368064] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] D:\Programme\Medien\itunes\iTunesHelper.exe [2009-04-02 342312] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck] C:\WINDOWS\system32\dumprep 0 -k [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LexwareInfoService] C:\Programme\Gemeinsame Dateien\Lexware\Update Manager\LxUpdateManager.exe [2007-09-25 532776] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer] C:\Programme\Gemeinsame Dateien\Nokia\MPlatform\NokiaMServer /watchfiles startup [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaOviSuite2] C:\Programme\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe [2009-12-10 401728] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] C:\Programme\QuickTime\qttask.exe [2009-01-05 413696] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray] D:\Programme\Medien\Real\RealPlayer\realplay.exe [2008-09-27 20480] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\routcnf] D:\Programme\Telekom\Eumex 504PC USB\routcnf.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] D:\Programme\System\Java\jre6\bin\jusched.exe [2009-12-23 149280] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^CAPIControl.lnk] D:\PROGRA~1\Telekom\EUMEX5~1\Capictrl.exe [2004-04-28 278528] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Lexware Info Service.lnk] C:\PROGRA~1\GEMEIN~1\Lexware\UPDATE~1\LXUPDA~1.EXE [2007-09-25 532776] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "odserv"=3 "ose"=3 "WLANKEEPER"=2 "S24EventMonitor"=2 "RegSrvc"=2 "NVSvc"=2 "EvtEng"=2 "WMPNetworkSvc"=3 "FLEXnet Licensing Service"=3 "Bonjour Service"=2 "Adobe Version Cue CS3"=3 "RUS"=2 "iPod Service"=3 "Apple Mobile Device"=2 "NMIndexingService"=3 "NBService"=3 "dblhost"=3 "PSI_SVC_2"=2 "gusvc"=2 "gupdate1c98acd7d5d5b2e"=2 "idsvc"=3 "WPEServ"=3 "RichVideo"=2 "FirebirdServerMAGIXInstance"=3 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLS"="C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=180 "NoDriveAutoRun"=33554528 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "D:\Programme\Office\Office_2007\Office12\OUTLOOK.EXE"="D:\Programme\Office\Office_2007\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook" "D:\Programme\Sonstiges\Miranda IM\miranda32.exe"="D:\Programme\Sonstiges\Miranda IM\miranda32.exe:*:Enabled:Miranda IM" "C:\Temp\FileZilla\FileZilla.exe"="C:\Temp\FileZilla\FileZilla.exe:*:Enabled:FileZilla" "D:\Programme\System\FileZilla\FileZilla.exe"="D:\Programme\System\FileZilla\FileZilla.exe:*:Enabled:FileZilla" "D:\Programme\Medien\Real\RealPlayer\realplay.exe"="D:\Programme\Medien\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer" "C:\Programme\Internet Explorer\iexplore.exe"="C:\Programme\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer" "D:\Programme\Medien\Sony Ericsson PC Suite\Medien\MediaManager.exe"="D:\Programme\Medien\Sony Ericsson PC Suite\Medien\MediaManager.exe:*:Enabled:Sony Ericsson Media Manager 1.2" "D:\Programme\Sony Ericsson\Update Service\Update Service.exe"="D:\Programme\Sony Ericsson\Update Service\Update Service.exe:*:Enabled:Update Service" "C:\Programme\Bonjour\mDNSResponder.exe"="C:\Programme\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour" "D:\Programme\Medien\itunes\iTunes.exe"="D:\Programme\Medien\itunes\iTunes.exe:*:Enabled:iTunes" "C:\Programme\Nokia\Nokia Software Updater\nsu_ui_client.exe"="C:\Programme\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater" "C:\Programme\Gemeinsame Dateien\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Programme\Gemeinsame Dateien\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process " "C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test" "C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Eine DLL-Datei als Anwendung ausführen" "D:\Programme\Grafik\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe"="D:\Programme\Grafik\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe:*:Enabled:Adobe Dreamweaver CS3" "C:\Programme\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe"="C:\Programme\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe:*:Enabled:Nokia Ovi Suite 2" "D:\Programme\Medien\VLC\vlc.exe"="D:\Programme\Medien\VLC\vlc.exe:*:Enabled:VLC media player" "C:\Programme\Skype\Phone\Skype.exe"="C:\Programme\Skype\Phone\Skype.exe:*:Enabled:Skype" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\##Rage#BE2009 (F)] shell\AutoRun\command - Z:\LxSetup.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G] shell\AutoRun\command - G:\LaunchU3.exe -a [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{84a62284-ced4-11de-8d4c-001de05fb3f9}] shell\AutoRun\command - G:\LaunchU3.exe -a ======File associations====== .js - open - "D:\Programme\Grafik\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe","%1" ======List of files/folders created in the last 1 months====== 2010-01-06 13:04:13 ----D---- C:\Programme\trend micro 2010-01-06 13:04:12 ----D---- C:\rsit 2010-01-02 14:42:09 ----D---- C:\Programme\Enigma Software Group 2009-12-23 10:55:56 ----D---- C:\Dokumente und Einstellungen\Max Mustermann\Anwendungsdaten\Malwarebytes 2009-12-23 10:55:49 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes 2009-12-23 10:55:08 ----A---- C:\WINDOWS\system32\javaws.exe 2009-12-23 10:55:08 ----A---- C:\WINDOWS\system32\javaw.exe 2009-12-23 10:55:08 ----A---- C:\WINDOWS\system32\java.exe 2009-12-23 10:55:08 ----A---- C:\WINDOWS\system32\deploytk.dll 2009-12-22 12:25:06 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$ 2009-12-22 12:24:59 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$ 2009-12-22 12:24:53 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$ 2009-12-22 12:24:47 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$ 2009-12-22 12:24:41 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$ 2009-12-22 12:24:35 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$ 2009-12-22 12:24:30 ----HDC---- C:\WINDOWS\$NtUninstallKB976098-v2$ 2009-12-22 12:24:04 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$ 2009-12-21 15:32:16 ----D---- C:\Programme\PC Connectivity Solution 2009-12-21 12:53:58 ----A---- C:\WINDOWS\system32\stu2.exe 2009-12-20 14:42:35 ----D---- C:\Dokumente und Einstellungen\Max Mustermann\Anwendungsdaten\Amazon 2009-12-08 15:06:41 ----D---- C:\Dokumente und Einstellungen\Max Mustermann\Anwendungsdaten\vlc ======List of files/folders modified in the last 1 months====== 2010-01-06 15:12:30 ----D---- C:\Dokumente und Einstellungen\Max Mustermann\Anwendungsdaten\Free Download Manager 2010-01-06 15:08:51 ----D---- C:\WINDOWS\Prefetch 2010-01-06 14:56:22 ----D---- C:\WINDOWS\Temp 2010-01-06 14:39:41 ----D---- C:\WINDOWS\system32 2010-01-06 14:25:03 ----D---- C:\WINDOWS\system32\CatRoot2 2010-01-06 14:25:00 ----SD---- C:\WINDOWS\Tasks 2010-01-06 14:22:41 ----A---- C:\WINDOWS\SchedLgU.Txt 2010-01-06 13:13:15 ----D---- C:\WINDOWS 2010-01-06 13:11:36 ----D---- C:\WINDOWS\system32\drivers 2010-01-06 13:10:14 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Google Updater 2010-01-06 13:04:13 ----RD---- C:\Programme 2010-01-06 12:58:33 ----A---- C:\WINDOWS\NeroDigital.ini 2010-01-06 11:13:00 ----D---- C:\WINDOWS\Minidump 2010-01-06 11:13:00 ----D---- C:\WINDOWS\Debug 2010-01-06 10:51:56 ----A---- C:\WINDOWS\win.ini 2010-01-06 10:51:56 ----A---- C:\WINDOWS\system.ini 2010-01-06 10:51:56 ----A---- C:\boot.ini 2010-01-06 10:46:00 ----D---- C:\Dokumente und Einstellungen\Max Mustermann\Anwendungsdaten\Mozilla 2010-01-06 10:14:46 ----D---- C:\Programme\Windows Media Player 2010-01-06 10:13:32 ----RSHDC---- C:\WINDOWS\system32\dllcache 2010-01-06 10:13:24 ----HD---- C:\WINDOWS\inf 2010-01-06 10:13:21 ----D---- C:\WINDOWS\Help 2010-01-06 10:13:20 ----D---- C:\Programme\Windows Media Connect 2 2010-01-06 10:07:19 ----D---- C:\Dokumente und Einstellungen\Max Mustermann\Anwendungsdaten\Skype 2010-01-04 13:43:31 ----SHD---- C:\WINDOWS\Installer 2010-01-04 13:43:30 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft Help 2010-01-04 13:43:30 ----D---- C:\Config.Msi 2010-01-04 11:09:07 ----A---- C:\WINDOWS\system32\userinit.exe 2010-01-02 14:58:57 ----D---- C:\WINDOWS\ime 2010-01-02 14:36:22 ----SHD---- C:\System Volume Information 2009-12-27 13:17:42 ----D---- C:\Dokumente und Einstellungen\Max Mustermann\Anwendungsdaten\Adobe 2009-12-25 21:36:00 ----HD---- C:\WINDOWS\PIF 2009-12-23 18:22:54 ----RSD---- C:\WINDOWS\Fonts 2009-12-23 11:25:55 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$ 2009-12-23 11:00:10 ----D---- C:\Programme\Gemeinsame Dateien 2009-12-22 13:57:18 ----D---- C:\Programme\Internet Explorer 2009-12-22 13:57:17 ----D---- C:\WINDOWS\AppPatch 2009-12-22 12:31:20 ----D---- C:\WINDOWS\system32\de-de 2009-12-22 12:31:10 ----D---- C:\WINDOWS\ie7updates 2009-12-22 12:25:05 ----HD---- C:\WINDOWS\$hf_mig$ 2009-12-22 12:24:28 ----D---- C:\WINDOWS\WinSxS 2009-12-22 12:19:19 ----SD---- C:\WINDOWS\Downloaded Program Files 2009-12-21 15:34:27 ----D---- C:\Programme\Gemeinsame Dateien\Nokia 2009-12-21 15:32:24 ----DC---- C:\WINDOWS\system32\DRVSTORE 2009-12-21 15:31:27 ----D---- C:\Programme\Nokia 2009-12-21 15:30:54 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\OviInstallerCache 2009-12-18 11:41:57 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Adobe 2009-12-18 11:38:30 ----RSD---- C:\WINDOWS\assembly 2009-12-18 11:37:49 ----D---- C:\Programme\Bonjour 2009-12-18 10:38:43 ----D---- C:\Programme\Gemeinsame Dateien\Adobe ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 avgio;avgio; \??\D:\Programme\System\Avira\AntiVir Desktop\avgio.sys [] R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104] R1 intelppm;Intel-Prozessortreiber; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40448] R1 kbdhid;Tastatur-HID-Treiber; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720] R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520] R1 WmiAcpi;Microsoft Windows-Verwaltungsschnittstelle für ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832] R2 ACEDRV07;ACEDRV07; \??\C:\WINDOWS\system32\drivers\ACEDRV07.sys [] R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-12-08 56816] R2 CAPI20;Eumex 504PC USB; C:\WINDOWS\System32\Drivers\CAPI20.SYS [2004-04-05 966352] R2 DETEWECP;Telekom CapiPort; C:\WINDOWS\System32\drivers\detewecp.sys [2003-03-19 37696] R2 rimmptsk;rimmptsk; C:\WINDOWS\system32\DRIVERS\rimmptsk.sys [2006-11-15 32256] R2 rimsptsk;rimsptsk; C:\WINDOWS\system32\DRIVERS\rimsptsk.sys [2006-11-14 43520] R2 rismxdp;Ricoh xD-Picture Card Driver; C:\WINDOWS\system32\DRIVERS\rixdptsk.sys [2006-11-14 37376] R2 s24trans;WLAN-Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2008-08-13 11904] R3 Arp1394;1394-ARP-Clientprotokoll; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800] R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2007-02-27 160256] R3 CmBatt;Microsoft-Netzteiltreiber; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2009-03-19 23400] R3 HDAudBus;Microsoft UAA-Bustreiber für High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384] R3 hidusb;Microsoft HID Class-Treiber; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 mouhid;Maus-HID-Treiber; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-04 12288] R3 NETw5x32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETw5x32.sys [2008-11-17 3636864] R3 NIC1394;1394-Netzwerktreiber; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824] R3 NuidFltr;NUID filter driver; C:\WINDOWS\system32\DRIVERS\NuidFltr.sys [2009-05-09 14736] R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-11-17 6864064] R3 NWADI;NWADI Bus Enumerator; C:\WINDOWS\system32\DRIVERS\NWADIenum.sys [2008-02-09 155264] R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-04 5888] R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232] R3 STHDA;SigmaTel High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2007-05-10 1222840] R3 swivsp;AC8xx Virtual Serial Port; C:\WINDOWS\system32\DRIVERS\swivspnt.sys [2007-08-29 20352] R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2007-10-26 216800] R3 usbccgp;Microsoft Standard-USB-Haupttreiber; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] R3 usbehci;Miniporttreiber für erweiterten Microsoft USB 2.0-Hostcontroller; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Microsoft USB-Standardhubtreiber; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbprint;Microsoft USB-Druckerklasse; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] R3 usbuhci;Miniporttreiber für universellen Microsoft USB-Hostcontroller; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] R3 usbvideo;USB-Videogerät (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984] R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008] S3 Bridge;MAC-Brücke; C:\WINDOWS\system32\DRIVERS\bridge.sys [2008-04-13 71552] S3 BridgeMP;MAC-Brückenminiport; C:\WINDOWS\system32\DRIVERS\bridge.sys [2008-04-13 71552] S3 CCDECODE;Untertiteldecoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024] S3 ggflt;SEMC USB Flash Driver Filter; C:\WINDOWS\system32\DRIVERS\ggflt.sys [2009-02-13 13224] S3 ggsemc;SEMC USB Flash Driver; C:\WINDOWS\system32\DRIVERS\ggsemc.sys [2009-02-13 24616] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504] S3 NABTSFEC;NABTS/FEC VBI-Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] S3 NdisIP;Microsoft TV-/Videoverbindung; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880] S3 NETw4x32;Intel(R) Wireless WiFi Link Adaptertreiber für Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETw4x32.sys [2007-09-26 2236032] S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2009-10-06 17664] S3 NPF;NetGroup Packet Filter Driver; \??\C:\WINDOWS\system32\drivers\npf.sys [] S3 NWUSBModem;Novatel Wireless USB Modem Driver; C:\WINDOWS\system32\DRIVERS\nwusbmdm.sys [2008-02-09 77952] S3 NWUSBPort;Novatel Wireless USB Status Port Driver; C:\WINDOWS\system32\DRIVERS\nwusbser.sys [2007-03-28 92160] S3 PCASp50;PCASp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\PCASp50.sys [2007-05-30 27072] S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816] S3 PEEK5;PEEK5 Protocol Driver; \??\C:\DOKUME~1\RAPHAE~1\Desktop\WINAIR~1\WINAIR~1\files\PEEK5.SYS [] S3 s0017bus;Sony Ericsson Device 0017 driver (WDM); C:\WINDOWS\system32\DRIVERS\s0017bus.sys [2008-05-27 90536] S3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s0017mdfl.sys [2008-05-27 15016] S3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s0017mdm.sys [2008-05-27 122152] S3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s0017mgmt.sys [2008-05-27 115496] S3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS); C:\WINDOWS\system32\DRIVERS\s0017nd5.sys [2008-05-27 25768] S3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s0017obex.sys [2008-05-27 111912] S3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM); C:\WINDOWS\system32\DRIVERS\s0017unic.sys [2008-05-27 117672] S3 sffdisk;SFF-Speicherklassentreiber; C:\WINDOWS\system32\DRIVERS\sffdisk.sys [2008-04-13 11904] S3 sffp_sd;SFF-Speicherprotokolltreiber für SDBus; C:\WINDOWS\system32\DRIVERS\sffp_sd.sys [2008-04-13 11008] S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 streamip;BDA-IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232] S3 ulisa;Telekom ISDN-Adapter (USB); C:\WINDOWS\System32\Drivers\ulisa.sys [2003-04-17 120732] S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-10-06 7936] S3 usbaudio;USB-Audiotreiber (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032] S3 usbscan;USB-Scannertreiber; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112] S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2009-10-06 7936] S3 USBSTOR;USB-Massenspeichertreiber; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528] S3 WSTCODEC;World Standard Teletext-Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-18 83328] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] S4 sr;Filtertreiber für Systemwiederherstellung; C:\WINDOWS\system32\DRIVERS\sr.sys [2008-04-14 73472] S4 WS2IFSL;Windows Socket 2.0 Non-IFS-Dienstanbieter-Unterstützungsumgebung; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-04 12032] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AntiVirSchedulerService;Avira AntiVir Planer; D:\Programme\System\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289] R2 AntiVirService;Avira AntiVir Guard; D:\Programme\System\Avira\AntiVir Desktop\avguard.exe [2009-08-05 185089] R2 JavaQuickStarterService;Java Quick Starter; D:\Programme\System\Java\jre6\bin\jqs.exe [2009-12-23 153376] R2 STacSV;SigmaTel Audio Service; C:\Programme\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\STacSV.exe [2007-05-10 94208] R2 UxTuneUp;TuneUp Designerweiterung; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336] R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] S2 gusvc;Google Software Updater; C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-25 183280] S3 aspnet_state;ASP.NET-Zustandsdienst; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589; C:\Programme\Google\Google Desktop Search\GoogleDesktop.exe [2009-11-29 30192] S3 ServiceLayer;ServiceLayer; C:\Programme\PC Connectivity Solution\ServiceLayer.exe [2009-10-27 657408] S4 Apple Mobile Device;Apple Mobile Device; C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-03-26 132424] S4 dblhost;Diginext DBL Hosting Service; D:\Programme\System\Diginext\dblhost.exe [] S4 EvtEng;Intel® PROSet/Wireless Event Log; D:\Programme\Intel\WiFi\bin\EvtEng.exe [2008-10-16 860160] S4 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance; D:\Programme\Medien\Common\Database\bin\fbserver.exe [2005-11-17 1527900] S4 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-07-16 654848] S4 gupdate1c98acd7d5d5b2e;Google Update Service (gupdate1c98acd7d5d5b2e); C:\Programme\Google\Update\GoogleUpdate.exe [2009-02-09 133104] S4 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S4 iPod Service;iPod Service; C:\Programme\iPod\bin\iPodService.exe [2009-04-02 656168] S4 NBService;NBService; D:\Programme\Medien\Nero 7\Nero BackItUp\NBService.exe [2007-03-14 779824] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] S4 NMIndexingService;NMIndexingService; C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe [2007-03-12 271920] S4 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-11-17 155716] S4 odserv;Microsoft Office Diagnostics Service; C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712] S4 ose;Office Source Engine; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S4 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Programme\Gemeinsame Dateien\Intel\WirelessCommon\RegSrvc.exe [2008-10-16 466944] S4 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Programme\Cyberlink\Shared files\RichVideo.exe [2009-04-17 247152] S4 S24EventMonitor;Intel® PROSet/Wireless WiFi Service; D:\Programme\Intel\WiFi\bin\S24EvMon.exe [2008-10-16 905216] S4 WLANKEEPER;Intel(R) PROSet/Wireless SSO Service; D:\Programme\Intel\WiFi\bin\WLKeeper.exe [2008-10-16 348160] S4 WPEServ;soft Xpansion Print2Document; D:\Programme\Office\elo\ELO Pdf Drucker\wpe\wpeserv.exe [2007-11-07 323584] -----------------EOF----------------- |
Sorry wegen der verdrehten Reihenfolge der Posts, das passiert, wenn man nur einmal im Jahr in nem Forum unterwegs ist. Ich hoffejetzt mal, dass es trotzdem so in Ordnung ist, Vielen Dank schon mal im Voraus :taenzer: Logfile of random's system information tool 1.06 (written by random/random) Run by Max Mustermann at 2010-01-06 13:14:18 Microsoft Windows XP Professional Service Pack 3 System drive C: has 12 GB (38%) free of 31 GB Total RAM: 2046 MB (74% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 13:14:34, on 06.01.2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16945) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe D:\Programme\System\Avira\AntiVir Desktop\sched.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Programme\SigmaTel\C-Major Audio\WDM\stsystra.exe C:\Programme\Synaptics\SynTP\SynTPEnh.exe C:\Programme\Google\Google Desktop Search\GoogleDesktop.exe D:\Programme\System\Avira\AntiVir Desktop\avgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\Programme\Google\Google Desktop Search\GoogleDesktop.exe D:\Programme\System\Avira\AntiVir Desktop\avguard.exe D:\Programme\System\Java\jre6\bin\jqs.exe C:\Programme\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\STacSV.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wuauclt.exe D:\Programme\System\Firefox\firefox.exe D:\Programme\System\FileZilla\FileZilla.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Dokumente und Einstellungen\Max Mustermann\Desktop\RSIT.exe C:\Programme\trend micro\Max Mustermann.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = h**p://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = h**p://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = h**p://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = h**p://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - (no file) O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file) O2 - BHO: CmjBrowserHelperObject Object - {AC41D38F-B56D-40AD-94E0-B493D130C959} - (no file) O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - (no file) O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - (no file) O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file) O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - (no file) O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\stsystra.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Programme\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [Google Desktop Search] "C:\Programme\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [avgnt] "D:\Programme\System\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: Download all with Free Download Manager - file://D:\Programme\System\Free Download Manager\dlall.htm O8 - Extra context menu item: Download selected with Free Download Manager - file://D:\Programme\System\Free Download Manager\dlselected.htm O8 - Extra context menu item: Download video with Free Download Manager - file://D:\Programme\System\Free Download Manager\dlfvideo.htm O8 - Extra context menu item: Download with Free Download Manager - file://D:\Programme\System\Free Download Manager\dllink.htm O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://D:\PROGRA~1\Office\OFFICE~1\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Programme\System\Java\jre6\bin\jp2iexp.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Programme\System\Java\jre6\bin\jp2iexp.dll O9 - Extra button: Send to Mindjet MindManager - {531B9DC0-D8EE-4c76-A6EE-6C1E50569655} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Programme\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\Office\OFFICE~1\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O15 - Trusted Zone: *.windowsupdate.com O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - h**p://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab O16 - DPF: {588031A3-94BF-4CDD-86D0-939F6F93910F} (FixItClient Class) - h**ps://fixit.support.microsoft.com/ActiveX/FixItClient.CAB O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - h**p://w*w.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1261480743046 O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - h**p://download.divx.com/player/DivXBrowserPlugin.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - h**p://w*w.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1258822589890 O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - h**p://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F557} (Flatcast Viewer 5.0) - h**p://80.237.209.20/objects/NpFv501.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - D:\Programme\System\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - D:\Programme\System\Avira\AntiVir Desktop\avguard.exe O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Programme\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Programme\System\Java\jre6\bin\jqs.exe O23 - Service: ServiceLayer - Nokia - C:\Programme\PC Connectivity Solution\ServiceLayer.exe O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Programme\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\STacSV.exe -- End of file - 7422 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\1-Klick-Wartung.job C:\WINDOWS\tasks\Google Software Updater.job C:\WINDOWS\tasks\User_Feed_Synchronization-{7C7C1F46-99C4-4630-AF9F-FCC7859F0494}.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}] Skype add-on (mastermind) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] SSVHelper Class [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AC41D38F-B56D-40AD-94E0-B493D130C959}] CmjBrowserHelperObject Object [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}] FDMIECookiesBHO Class [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "SigmatelSysTrayApp"=C:\Programme\SigmaTel\C-Major Audio\WDM\stsystra.exe [2007-05-10 405504] "SynTPEnh"=C:\Programme\Synaptics\SynTP\SynTPEnh.exe [2007-10-26 1024000] "Google Desktop Search"=C:\Programme\Google\Google Desktop Search\GoogleDesktop.exe [2009-11-29 30192] "avgnt"=D:\Programme\System\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0] D:\Programme\Grafik\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] D:\Programme\Sonstiges\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe_ID0EYTHM] C:\PROGRA~1\GEMEIN~1\Adobe\ADOBEV~2\Server\bin\VERSIO~2.EXE [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier] C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelWireless] C:\Programme\Gemeinsame Dateien\Intel\WirelessCommon\iFrmewrk.exe [2008-10-16 1191936] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelZeroConfig] D:\Programme\Intel\WiFi\bin\ZCfgSvc.exe [2008-10-16 1368064] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] D:\Programme\Medien\itunes\iTunesHelper.exe [2009-04-02 342312] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck] C:\WINDOWS\system32\dumprep 0 -k [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LexwareInfoService] C:\Programme\Gemeinsame Dateien\Lexware\Update Manager\LxUpdateManager.exe [2007-09-25 532776] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer] C:\Programme\Gemeinsame Dateien\Nokia\MPlatform\NokiaMServer /watchfiles startup [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaOviSuite2] C:\Programme\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe [2009-12-10 401728] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] C:\Programme\QuickTime\qttask.exe [2009-01-05 413696] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray] D:\Programme\Medien\Real\RealPlayer\realplay.exe [2008-09-27 20480] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\routcnf] D:\Programme\Telekom\Eumex 504PC USB\routcnf.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] D:\Programme\System\Java\jre6\bin\jusched.exe [2009-12-23 149280] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^CAPIControl.lnk] D:\PROGRA~1\Telekom\EUMEX5~1\Capictrl.exe [2004-04-28 278528] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Lexware Info Service.lnk] C:\PROGRA~1\GEMEIN~1\Lexware\UPDATE~1\LXUPDA~1.EXE [2007-09-25 532776] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "odserv"=3 "ose"=3 "WLANKEEPER"=2 "S24EventMonitor"=2 "RegSrvc"=2 "NVSvc"=2 "EvtEng"=2 "WMPNetworkSvc"=3 "FLEXnet Licensing Service"=3 "Bonjour Service"=2 "Adobe Version Cue CS3"=3 "RUS"=2 "iPod Service"=3 "Apple Mobile Device"=2 "NMIndexingService"=3 "NBService"=3 "dblhost"=3 "PSI_SVC_2"=2 "gusvc"=2 "gupdate1c98acd7d5d5b2e"=2 "idsvc"=3 "WPEServ"=3 "RichVideo"=2 "FirebirdServerMAGIXInstance"=3 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLS"="C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=180 "NoDriveAutoRun"=33554528 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "D:\Programme\Office\Office_2007\Office12\OUTLOOK.EXE"="D:\Programme\Office\Office_2007\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook" "D:\Programme\Sonstiges\Miranda IM\miranda32.exe"="D:\Programme\Sonstiges\Miranda IM\miranda32.exe:*:Enabled:Miranda IM" "C:\Temp\FileZilla\FileZilla.exe"="C:\Temp\FileZilla\FileZilla.exe:*:Enabled:FileZilla" "D:\Programme\System\FileZilla\FileZilla.exe"="D:\Programme\System\FileZilla\FileZilla.exe:*:Enabled:FileZilla" "D:\Programme\Medien\Real\RealPlayer\realplay.exe"="D:\Programme\Medien\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer" "C:\Programme\Internet Explorer\iexplore.exe"="C:\Programme\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer" "D:\Programme\Medien\Sony Ericsson PC Suite\Medien\MediaManager.exe"="D:\Programme\Medien\Sony Ericsson PC Suite\Medien\MediaManager.exe:*:Enabled:Sony Ericsson Media Manager 1.2" "D:\Programme\Sony Ericsson\Update Service\Update Service.exe"="D:\Programme\Sony Ericsson\Update Service\Update Service.exe:*:Enabled:Update Service" "C:\Programme\Bonjour\mDNSResponder.exe"="C:\Programme\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour" "D:\Programme\Medien\itunes\iTunes.exe"="D:\Programme\Medien\itunes\iTunes.exe:*:Enabled:iTunes" "C:\Programme\Nokia\Nokia Software Updater\nsu_ui_client.exe"="C:\Programme\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater" "C:\Programme\Gemeinsame Dateien\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Programme\Gemeinsame Dateien\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process " "C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test" "C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Eine DLL-Datei als Anwendung ausführen" "D:\Programme\Grafik\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe"="D:\Programme\Grafik\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe:*:Enabled:Adobe Dreamweaver CS3" "C:\Programme\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe"="C:\Programme\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe:*:Enabled:Nokia Ovi Suite 2" "D:\Programme\Medien\VLC\vlc.exe"="D:\Programme\Medien\VLC\vlc.exe:*:Enabled:VLC media player" "C:\Programme\Skype\Phone\Skype.exe"="C:\Programme\Skype\Phone\Skype.exe:*:Enabled:Skype" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\##Rage#BE2009 (F)] shell\AutoRun\command - Z:\LxSetup.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G] shell\AutoRun\command - G:\LaunchU3.exe -a [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{84a62284-ced4-11de-8d4c-001de05fb3f9}] shell\AutoRun\command - G:\LaunchU3.exe -a ======File associations====== .js - open - "D:\Programme\Grafik\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe","%1" ======List of files/folders created in the last 1 months====== 2010-01-06 13:04:13 ----D---- C:\Programme\trend micro 2010-01-06 13:04:12 ----D---- C:\rsit 2010-01-02 14:42:09 ----D---- C:\Programme\Enigma Software Group 2009-12-23 10:55:56 ----D---- C:\Dokumente und Einstellungen\Max Mustermann\Anwendungsdaten\Malwarebytes 2009-12-23 10:55:49 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes 2009-12-23 10:55:08 ----A---- C:\WINDOWS\system32\javaws.exe 2009-12-23 10:55:08 ----A---- C:\WINDOWS\system32\javaw.exe 2009-12-23 10:55:08 ----A---- C:\WINDOWS\system32\java.exe 2009-12-23 10:55:08 ----A---- C:\WINDOWS\system32\deploytk.dll 2009-12-22 12:25:06 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$ 2009-12-22 12:24:59 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$ 2009-12-22 12:24:53 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$ 2009-12-22 12:24:47 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$ 2009-12-22 12:24:41 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$ 2009-12-22 12:24:35 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$ 2009-12-22 12:24:30 ----HDC---- C:\WINDOWS\$NtUninstallKB976098-v2$ 2009-12-22 12:24:04 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$ 2009-12-21 15:32:16 ----D---- C:\Programme\PC Connectivity Solution 2009-12-21 12:53:58 ----A---- C:\WINDOWS\system32\stu2.exe 2009-12-20 14:42:35 ----D---- C:\Dokumente und Einstellungen\Max Mustermann\Anwendungsdaten\Amazon 2009-12-08 15:06:41 ----D---- C:\Dokumente und Einstellungen\Max Mustermann\Anwendungsdaten\vlc ======List of files/folders modified in the last 1 months====== 2010-01-06 13:13:36 ----D---- C:\WINDOWS\Prefetch 2010-01-06 13:13:34 ----D---- C:\WINDOWS\Temp 2010-01-06 13:13:18 ----D---- C:\WINDOWS\system32\CatRoot2 2010-01-06 13:13:15 ----D---- C:\WINDOWS 2010-01-06 13:12:29 ----SD---- C:\WINDOWS\Tasks 2010-01-06 13:11:36 ----D---- C:\WINDOWS\system32\drivers 2010-01-06 13:11:36 ----D---- C:\WINDOWS\system32 2010-01-06 13:11:01 ----A---- C:\WINDOWS\SchedLgU.Txt 2010-01-06 13:10:48 ----D---- C:\Dokumente und Einstellungen\Max Mustermann\Anwendungsdaten\Free Download Manager 2010-01-06 13:10:14 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Google Updater 2010-01-06 13:04:13 ----RD---- C:\Programme 2010-01-06 12:58:33 ----A---- C:\WINDOWS\NeroDigital.ini 2010-01-06 11:13:00 ----D---- C:\WINDOWS\Minidump 2010-01-06 11:13:00 ----D---- C:\WINDOWS\Debug 2010-01-06 10:51:56 ----A---- C:\WINDOWS\win.ini 2010-01-06 10:51:56 ----A---- C:\WINDOWS\system.ini 2010-01-06 10:51:56 ----A---- C:\boot.ini 2010-01-06 10:46:00 ----D---- C:\Dokumente und Einstellungen\Max Mustermann\Anwendungsdaten\Mozilla 2010-01-06 10:14:46 ----D---- C:\Programme\Windows Media Player 2010-01-06 10:13:32 ----RSHDC---- C:\WINDOWS\system32\dllcache 2010-01-06 10:13:24 ----HD---- C:\WINDOWS\inf 2010-01-06 10:13:21 ----D---- C:\WINDOWS\Help 2010-01-06 10:13:20 ----D---- C:\Programme\Windows Media Connect 2 2010-01-06 10:07:19 ----D---- C:\Dokumente und Einstellungen\Max Mustermann\Anwendungsdaten\Skype 2010-01-04 13:43:31 ----SHD---- C:\WINDOWS\Installer 2010-01-04 13:43:30 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft Help 2010-01-04 13:43:30 ----D---- C:\Config.Msi 2010-01-04 11:09:07 ----A---- C:\WINDOWS\system32\userinit.exe 2010-01-02 14:58:57 ----D---- C:\WINDOWS\ime 2010-01-02 14:36:22 ----SHD---- C:\System Volume Information 2009-12-27 13:17:42 ----D---- C:\Dokumente und Einstellungen\Max Mustermann\Anwendungsdaten\Adobe 2009-12-25 21:36:00 ----HD---- C:\WINDOWS\PIF 2009-12-23 18:22:54 ----RSD---- C:\WINDOWS\Fonts 2009-12-23 11:25:55 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$ 2009-12-23 11:00:10 ----D---- C:\Programme\Gemeinsame Dateien 2009-12-22 13:57:18 ----D---- C:\Programme\Internet Explorer 2009-12-22 13:57:17 ----D---- C:\WINDOWS\AppPatch 2009-12-22 12:31:20 ----D---- C:\WINDOWS\system32\de-de 2009-12-22 12:31:10 ----D---- C:\WINDOWS\ie7updates 2009-12-22 12:25:05 ----HD---- C:\WINDOWS\$hf_mig$ 2009-12-22 12:24:28 ----D---- C:\WINDOWS\WinSxS 2009-12-22 12:19:19 ----SD---- C:\WINDOWS\Downloaded Program Files 2009-12-21 15:34:27 ----D---- C:\Programme\Gemeinsame Dateien\Nokia 2009-12-21 15:32:24 ----DC---- C:\WINDOWS\system32\DRVSTORE 2009-12-21 15:31:27 ----D---- C:\Programme\Nokia 2009-12-21 15:30:54 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\OviInstallerCache 2009-12-18 11:41:57 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Adobe 2009-12-18 11:38:30 ----RSD---- C:\WINDOWS\assembly 2009-12-18 11:37:49 ----D---- C:\Programme\Bonjour 2009-12-18 10:38:43 ----D---- C:\Programme\Gemeinsame Dateien\Adobe ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 avgio;avgio; \??\D:\Programme\System\Avira\AntiVir Desktop\avgio.sys [] R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104] R1 intelppm;Intel-Prozessortreiber; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40448] R1 kbdhid;Tastatur-HID-Treiber; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720] R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520] R1 WmiAcpi;Microsoft Windows-Verwaltungsschnittstelle für ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832] R2 ACEDRV07;ACEDRV07; \??\C:\WINDOWS\system32\drivers\ACEDRV07.sys [] R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-12-08 56816] R2 CAPI20;Eumex 504PC USB; C:\WINDOWS\System32\Drivers\CAPI20.SYS [2004-04-05 966352] R2 DETEWECP;Telekom CapiPort; C:\WINDOWS\System32\drivers\detewecp.sys [2003-03-19 37696] R2 rimmptsk;rimmptsk; C:\WINDOWS\system32\DRIVERS\rimmptsk.sys [2006-11-15 32256] R2 rimsptsk;rimsptsk; C:\WINDOWS\system32\DRIVERS\rimsptsk.sys [2006-11-14 43520] R2 rismxdp;Ricoh xD-Picture Card Driver; C:\WINDOWS\system32\DRIVERS\rixdptsk.sys [2006-11-14 37376] R2 s24trans;WLAN-Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2008-08-13 11904] R3 Arp1394;1394-ARP-Clientprotokoll; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800] R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2007-02-27 160256] R3 CmBatt;Microsoft-Netzteiltreiber; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2009-03-19 23400] R3 HDAudBus;Microsoft UAA-Bustreiber für High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384] R3 hidusb;Microsoft HID Class-Treiber; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 mouhid;Maus-HID-Treiber; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-04 12288] R3 NETw5x32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETw5x32.sys [2008-11-17 3636864] R3 NIC1394;1394-Netzwerktreiber; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824] R3 NuidFltr;NUID filter driver; C:\WINDOWS\system32\DRIVERS\NuidFltr.sys [2009-05-09 14736] R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-11-17 6864064] R3 NWADI;NWADI Bus Enumerator; C:\WINDOWS\system32\DRIVERS\NWADIenum.sys [2008-02-09 155264] R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-04 5888] R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232] R3 STHDA;SigmaTel High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2007-05-10 1222840] R3 swivsp;AC8xx Virtual Serial Port; C:\WINDOWS\system32\DRIVERS\swivspnt.sys [2007-08-29 20352] R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2007-10-26 216800] R3 usbccgp;Microsoft Standard-USB-Haupttreiber; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] R3 usbehci;Miniporttreiber für erweiterten Microsoft USB 2.0-Hostcontroller; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Microsoft USB-Standardhubtreiber; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbuhci;Miniporttreiber für universellen Microsoft USB-Hostcontroller; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] R3 usbvideo;USB-Videogerät (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984] R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008] S3 Bridge;MAC-Brücke; C:\WINDOWS\system32\DRIVERS\bridge.sys [2008-04-13 71552] S3 BridgeMP;MAC-Brückenminiport; C:\WINDOWS\system32\DRIVERS\bridge.sys [2008-04-13 71552] S3 CCDECODE;Untertiteldecoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024] S3 ggflt;SEMC USB Flash Driver Filter; C:\WINDOWS\system32\DRIVERS\ggflt.sys [2009-02-13 13224] S3 ggsemc;SEMC USB Flash Driver; C:\WINDOWS\system32\DRIVERS\ggsemc.sys [2009-02-13 24616] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504] S3 NABTSFEC;NABTS/FEC VBI-Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] S3 NdisIP;Microsoft TV-/Videoverbindung; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880] S3 NETw4x32;Intel(R) Wireless WiFi Link Adaptertreiber für Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETw4x32.sys [2007-09-26 2236032] S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2009-10-06 17664] S3 NPF;NetGroup Packet Filter Driver; \??\C:\WINDOWS\system32\drivers\npf.sys [] S3 NWUSBModem;Novatel Wireless USB Modem Driver; C:\WINDOWS\system32\DRIVERS\nwusbmdm.sys [2008-02-09 77952] S3 NWUSBPort;Novatel Wireless USB Status Port Driver; C:\WINDOWS\system32\DRIVERS\nwusbser.sys [2007-03-28 92160] S3 PCASp50;PCASp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\PCASp50.sys [2007-05-30 27072] S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816] S3 PEEK5;PEEK5 Protocol Driver; \??\C:\DOKUME~1\RAPHAE~1\Desktop\WINAIR~1\WINAIR~1\files\PEEK5.SYS [] S3 s0017bus;Sony Ericsson Device 0017 driver (WDM); C:\WINDOWS\system32\DRIVERS\s0017bus.sys [2008-05-27 90536] S3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s0017mdfl.sys [2008-05-27 15016] S3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s0017mdm.sys [2008-05-27 122152] S3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s0017mgmt.sys [2008-05-27 115496] S3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS); C:\WINDOWS\system32\DRIVERS\s0017nd5.sys [2008-05-27 25768] S3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s0017obex.sys [2008-05-27 111912] S3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM); C:\WINDOWS\system32\DRIVERS\s0017unic.sys [2008-05-27 117672] S3 sffdisk;SFF-Speicherklassentreiber; C:\WINDOWS\system32\DRIVERS\sffdisk.sys [2008-04-13 11904] S3 sffp_sd;SFF-Speicherprotokolltreiber für SDBus; C:\WINDOWS\system32\DRIVERS\sffp_sd.sys [2008-04-13 11008] S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 streamip;BDA-IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232] S3 ulisa;Telekom ISDN-Adapter (USB); C:\WINDOWS\System32\Drivers\ulisa.sys [2003-04-17 120732] S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-10-06 7936] S3 usbaudio;USB-Audiotreiber (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032] S3 usbprint;Microsoft USB-Druckerklasse; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] S3 usbscan;USB-Scannertreiber; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112] S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2009-10-06 7936] S3 USBSTOR;USB-Massenspeichertreiber; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528] S3 WSTCODEC;World Standard Teletext-Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-18 83328] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] S4 sr;Filtertreiber für Systemwiederherstellung; C:\WINDOWS\system32\DRIVERS\sr.sys [2008-04-14 73472] S4 WS2IFSL;Windows Socket 2.0 Non-IFS-Dienstanbieter-Unterstützungsumgebung; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-04 12032] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AntiVirSchedulerService;Avira AntiVir Planer; D:\Programme\System\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289] R2 AntiVirService;Avira AntiVir Guard; D:\Programme\System\Avira\AntiVir Desktop\avguard.exe [2009-08-05 185089] R2 JavaQuickStarterService;Java Quick Starter; D:\Programme\System\Java\jre6\bin\jqs.exe [2009-12-23 153376] R2 STacSV;SigmaTel Audio Service; C:\Programme\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\STacSV.exe [2007-05-10 94208] R2 UxTuneUp;TuneUp Designerweiterung; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336] R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] S2 gusvc;Google Software Updater; C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-25 183280] S3 aspnet_state;ASP.NET-Zustandsdienst; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589; C:\Programme\Google\Google Desktop Search\GoogleDesktop.exe [2009-11-29 30192] S3 ServiceLayer;ServiceLayer; C:\Programme\PC Connectivity Solution\ServiceLayer.exe [2009-10-27 657408] S4 Apple Mobile Device;Apple Mobile Device; C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-03-26 132424] S4 dblhost;Diginext DBL Hosting Service; D:\Programme\System\Diginext\dblhost.exe [] S4 EvtEng;Intel® PROSet/Wireless Event Log; D:\Programme\Intel\WiFi\bin\EvtEng.exe [2008-10-16 860160] S4 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance; D:\Programme\Medien\Common\Database\bin\fbserver.exe [2005-11-17 1527900] S4 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-07-16 654848] S4 gupdate1c98acd7d5d5b2e;Google Update Service (gupdate1c98acd7d5d5b2e); C:\Programme\Google\Update\GoogleUpdate.exe [2009-02-09 133104] S4 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S4 iPod Service;iPod Service; C:\Programme\iPod\bin\iPodService.exe [2009-04-02 656168] S4 NBService;NBService; D:\Programme\Medien\Nero 7\Nero BackItUp\NBService.exe [2007-03-14 779824] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] S4 NMIndexingService;NMIndexingService; C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe [2007-03-12 271920] S4 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-11-17 155716] S4 odserv;Microsoft Office Diagnostics Service; C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712] S4 ose;Office Source Engine; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S4 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Programme\Gemeinsame Dateien\Intel\WirelessCommon\RegSrvc.exe [2008-10-16 466944] S4 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Programme\Cyberlink\Shared files\RichVideo.exe [2009-04-17 247152] S4 S24EventMonitor;Intel® PROSet/Wireless WiFi Service; D:\Programme\Intel\WiFi\bin\S24EvMon.exe [2008-10-16 905216] S4 WLANKEEPER;Intel(R) PROSet/Wireless SSO Service; D:\Programme\Intel\WiFi\bin\WLKeeper.exe [2008-10-16 348160] S4 WPEServ;soft Xpansion Print2Document; D:\Programme\Office\elo\ELO Pdf Drucker\wpe\wpeserv.exe [2007-11-07 323584] -----------------EOF----------------- |
Redirekt Browser / Eingeschränkte Netzverbindung / Antir und Malwareohne Wirkung allo Zusammen, jetzt hat es ganz offensichtlich auch mich erwischt. MAlware findet Trojan.BHO.H und Trojan.Agent. Nach mehreren Durchgängen mit Antivir und Malware scheint sich das Problem zu verschlimmbessern, trotz jeweiliger Erfolgsmeldung der Programme. Die Browser reagieren mit einem Redirekt auf fremde Seiten. Streaming mit z.B. VLC Player geht nicht mehr, FTP-Client meldet Probleme mit dem Application layer gateway service und verweigert die Verbindung zum Server. Wo der Spaß her ist kann ich nicht mit Sicherheit sagen, da ich über die Feiertage viele Daten beruflich und privat von verschiedenen Rechnern überspielt habe. Ich habe Java auf die neuste Version gebracht, alte Softwareversionen soweit möglich gelöscht / aktualisiert und die Systemwiederherstellung schon deaktiviert. Alle Maßnahmen sind aber ohne Erfolg. Es wäre sehr nett, wenn mir jemand einen TIpp geben könnte. Malwarebytes' Anti-Malware 1.42 Datenbank Version: 3414 Windows 5.1.2600 Service Pack 3 Internet Explorer 7.0.5730.13 06.01.2010 13:03:02 mbam-log-2010-01-06 (13-03-02).txt Scan-Methode: Vollständiger Scan (C:\|D:\|E:\|H:\|) Durchsuchte Objekte: 361460 Laufzeit: 1 hour(s), 45 minute(s), 1 second(s) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 3 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 1 Infizierte Verzeichnisse: 0 Infizierte Dateien: 2 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d032570a-5f63-4812-a094-87d007c23012} (Trojan.BHO.H) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{d032570a-5f63-4812-a094-87d007c23012} (Trojan.BHO.H) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{d032570a-5f63-4812-a094-87d007c23012} (Trojan.FakeAlert) -> Quarantined and deleted successfully. Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Not selected for removal. Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: C:\WINDOWS\system32\iebho07.dll (Trojan.BHO.H) -> Delete on reboot. C:\WINDOWS\system32\iebho.dll (Trojan.Agent) -> Quarantined and deleted successfully. Sorry wegen der Reihenfolge - passiert, wenn man nur einmal im Jahr in nem Forum unterwegs ist |
| Alle Zeitangaben in WEZ +1. Es ist jetzt 04:24 Uhr. |
Copyright ©2000-2025, Trojaner-Board