Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Mülltonne (https://www.trojaner-board.de/muelltonne/)
-   -   abnow.com nervt auf Windows Vista (https://www.trojaner-board.de/110188-abnow-com-nervt-windows-vista.html)

Tow 19.02.2012 20:29
abnow.com nervt auf Windows Vista
 
ABER jetzt. Tut mir leid.


.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421
Run by Tobias at 21:01:08 on 2012-02-19
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.43.1031.18.3325.1867 [GMT 1:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
C:\Windows\system32\Dwm.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Windows\explorer.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Windows\system32\IoctlSvc.exe
C:\Windows\system32\PnkBstrA.exe
C:\Windows\system32\PnkBstrB.exe
C:\Windows\system32\PSIService.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\Pen_Tablet.exe
C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
C:\Windows\system32\WTablet\Pen_TabletUser.exe
C:\Windows\system32\Pen_Tablet.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Windows\system32\rstrui.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Windows\vsnp2uvc.exe
C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
C:\Windows\System32\p2phost.exe
C:\Program Files\Steam\steam.exe
C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Windows\System32\spool\drivers\w32x86\3\E_FATIFIE.EXE
C:\Program Files\Autodesk\SketchBookPro2011\SketchBookSnapshot.exe
C:\Program Files\Lavasoft\Ad-Aware\AWSC.exe
C:\Program Files\Lavasoft\Ad-Aware\AWSC.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Common Files\Steam\SteamService.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
C:\Program Files\Lavasoft\Ad-Aware\AWSC.exe
C:\Program Files\Lavasoft\Ad-Aware\AWSC.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil11f_ActiveX.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.at/
uDefault_Page_URL = hxxp://www.aldi.com/
mDefault_Page_URL = hxxp://www.aldi.com/
uInternet Settings,ProxyOverride = *.local
mSearchAssistant = hxxp://start.facemoods.com/?a=ddr&s={searchTerms}&f=4
uURLSearchHooks: DVDVideoSoftTB Toolbar: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - c:\program files\dvdvideosofttb\tbDVDV.dll
uURLSearchHooks: Brothersoft Toolbar: {e8de9422-3b2c-4243-bf6f-235da84d8ef8} - c:\program files\brothersoft\tbBrot.dll
uURLSearchHooks: H - No File
uURLSearchHooks: H - No File
mURLSearchHooks: DVDVideoSoftTB Toolbar: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - c:\program files\dvdvideosofttb\tbDVDV.dll
mURLSearchHooks: Brothersoft Toolbar: {e8de9422-3b2c-4243-bf6f-235da84d8ef8} - c:\program files\brothersoft\tbBrot.dll
uWinlogon: Shell=c:\users\tobias\appdata\local\e788e630\X
BHO: AC-Pro: {0fb6a909-6086-458f-bd92-1f8ee10042a0} - c:\program files\autocompletepro\AutocompletePro.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: CBAbzockschutz.InitToolbarBHO: {2e250b90-0e7a-42a3-9d65-e39f9f227fa4} - mscoree.dll
BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngine.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: facemoods Helper: {64182481-4f71-486b-a045-b233bd0da8fc} - CescrtHlpr Object
BHO: DVDVideoSoftTB Toolbar: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - c:\program files\dvdvideosofttb\tbDVDV.dll
BHO: Windows Live ID-Anmelde-Hilfsprogramm: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Brothersoft Toolbar: {e8de9422-3b2c-4243-bf6f-235da84d8ef8} - c:\program files\brothersoft\tbBrot.dll
TB: COMPUTERBILD-Abzockschutz: {353e2a48-6254-4bd3-88f4-3b51a0ca7870} - mscoree.dll
TB: DVDVideoSoftTB Toolbar: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - c:\program files\dvdvideosofttb\tbDVDV.dll
TB: Brothersoft Toolbar: {e8de9422-3b2c-4243-bf6f-235da84d8ef8} - c:\program files\brothersoft\tbBrot.dll
TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngine.dll
TB: facemoods Toolbar: {db4e9724-f518-4dfd-9c7c-78b52103cab9} -
TB: Perfect PDF 5: {9de41fb9-aca7-4847-982b-d984042588fc} - c:\program files\soft xpansion\perfect pdf 5\PDF4ie.dll
TB: {472734EA-242A-422B-ADF8-83D1E48CC825} - No File
TB: {07B18EA9-A523-4961-B6BB-170DE4475CCA} - No File
TB: {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - No File
uRun: [CollaborationHost] c:\windows\system32\p2phost.exe -s
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRun: [Xvid] c:\program files\xvid\CheckUpdate.exe
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
uRun: [Steam] "c:\program files\steam\Steam.exe" -silent
uRun: [KiesHelper] c:\program files\samsung\kies\KiesHelper.exe /s
uRun: [KiesPDLR] c:\program files\samsung\kies\external\firmwareupdate\KiesPDLR.exe
uRun: [EPSON SX510W Series] c:\windows\system32\spool\drivers\w32x86\3\e_fatifie.exe /fu "c:\users\tobias\appdata\local\temp\E_SF71B.tmp" /EF "HKCU"
uRun: [MyWebSearch Email Plugin] c:\progra~1\mywebs~1\bar\1.bin\mwsoemon.exe
uRunOnce: [Shockwave Updater] c:\windows\system32\adobe\shockw~1\SWHELP~3.EXE -Update -1103472 -"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident/4.0; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.5.30729; InfoPath.2; Tablet PC 2.0; .NET4.0C; OfficeLiveConnector.1.5; OfficeLivePatch.1.3; .NET CLR 3.0.30729)" -"hxxp://www.myfootballgames.co.uk/game/141/3D-Penalty.html"
uRunOnce: [SpybotDeletingD6314] cmd.exe /c del "c:\program files\mywebsearch\bar\1.bin\F3PSSAVR.SCR"
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe
mRun: [snp2uvc] c:\windows\vsnp2uvc.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [XboxStat] "c:\program files\microsoft xbox 360 accessories\XboxStat.exe" silentrun
mRun: [EPSON Stylus Photo R240 Series] c:\windows\system32\spool\drivers\w32x86\3\e_fatiahe.exe /f "c:\windows\temp\E_S711A.tmp" /EF "HKLM"
mRun: [KiesTrayAgent] c:\program files\samsung\kies\KiesTrayAgent.exe
mRun: [amd_dc_opt] c:\program files\amd\dual-core optimizer\amd_dc_opt.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [facemoods] "c:\program files\facemoods.com\facemoods\1.4.17.5\facemoodssrv.exe" /md I
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [My Web Search Bar Search Scope Monitor] "c:\progra~1\mywebs~1\bar\1.bin\m3SrchMn.exe" /m=2 /w /h
mRun: [MyWebSearch Email Plugin] c:\progra~1\mywebs~1\bar\1.bin\mwsoemon.exe
mRun: [ISTray] "c:\program files\spyware doctor\pctsGui.exe" /hideGUI
StartupFolder: c:\users\tobias\appdata\roaming\micros~1\windows\startm~1\programs\startup\dropbox.lnk - c:\users\tobias\appdata\roaming\dropbox\bin\Dropbox.exe
StartupFolder: c:\users\tobias\appdata\roaming\microsoft\windows\start menu\programs\startup\FIFA 11-Registrierung.lnk.disabled
StartupFolder: c:\programdata\microsoft\windows\start menu\programs\startup\Philips GoGear VIBE Device Manager.lnk.disabled
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\sketch~1.lnk - c:\program files\autodesk\sketchbookpro2011\SketchBookSnapshot.exe
StartupFolder: c:\programdata\microsoft\windows\start menu\programs\startup\w98Eject.lnk.disabled
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: &Search - ?s=100000346&p=ZVxdm008YYAT&si=&a=DGwcn1hJbE5DIpWDpZ5XkQ&n=2010062909
IE: Download with Xilisoft Download YouTube Video - c:\program files\xilisoft\download youtube video\upod_link.HTM
IE: Free YouTube Download - c:\users\tobias\appdata\roaming\dvdvideosoftiehelpers\freeyoutubedownload.htm
IE: Free YouTube to Mp3 Converter - c:\users\tobias\appdata\roaming\dvdvideosoftiehelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: Save YouTube Video - c:\program files\common files\dvdvideosoft\dll\IEContextMenuY.dll/scriptY2MP4.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
LSP: c:\windows\system32\wpclsp.dll
LSP: mswsock.dll
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab
TCP: DhcpNameServer = 10.0.0.138
TCP: Interfaces\{378ACBA9-4F04-4329-8F2E-456D59FDACD2} : DhcpNameServer = 10.0.0.138
TCP: Interfaces\{56DC7FAB-27D8-448E-95BD-A991075D90C3} : DhcpNameServer = 10.0.0.138
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
mASetup: {9C450606-ED24-4958-92BA-B8940C99D441} - c:\program files\pixiepack codec pack\InstallerHelper.exe
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\tobias\appdata\roaming\mozilla\firefox\profiles\uq18rkgu.default\
FF - prefs.js: browser.startup.homepage - hxxp://search.babylon.com/?AF=109130&tt=090212_noffx&babsrc=HP_ss&mntrId=b416cc2e00000000000000ff6253248f
FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?AF=109130&tt=090212_noffx&babsrc=adbartrp&mntrId=b416cc2e00000000000000ff6253248f&q=
FF - prefs.js: browser.search.selectedEngine - Search the web (Babylon)
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.3.21.53\npGoogleUpdate3.dll
FF - plugin: c:\program files\microsoft silverlight\4.0.60310.0\npctrlui.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\users\tobias\appdata\roaming\facebook\npfbplugin_1_0_1.dll
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.BabylonToolbar_i.id - b416cc2e00000000000000ff6253248f
FF - user.js: extensions.BabylonToolbar_i.hardId - b416cc2e00000000000000ff6253248f
FF - user.js: extensions.BabylonToolbar_i.instlDay - 15385
FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1720:22:53
FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar_i.tlbrId - base
FF - user.js: extensions.BabylonToolbar_i.newTab - false
FF - user.js: extensions.BabylonToolbar_i.babTrack - tt=090212_noffx
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
.
============= SERVICES / DRIVERS ===============
.
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2010-11-10 64288]
R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2009-4-26 11608]
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2012-1-3 63928]
R2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files\avira\antivir desktop\sched.exe [2009-4-26 136360]
R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2009-4-26 269480]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2009-4-26 66616]
R2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files\common files\magix services\database\bin\FABS.exe [2009-8-27 1253376]
R2 FontCache;Windows-Dienst für Schriftartencache;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 21504]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\nvidia corporation\nvidia updatus\daemonu.exe [2012-1-29 2253120]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\nvidia corporation\3d vision\nvSCPAPISvr.exe [2011-10-15 381248]
R2 TabletServicePen;TabletServicePen;c:\windows\system32\Pen_Tablet.exe [2009-9-29 2789160]
R2 TeamViewer5;TeamViewer 5;c:\program files\teamviewer\version5\TeamViewer_Service.exe [2010-10-7 1960744]
R2 TeamViewer6;TeamViewer 6;c:\program files\teamviewer\version6\TeamViewer_Service.exe [2011-6-1 2337144]
R3 netr28u;RT2870 USB Wireless LAN Card Driver for Vista;c:\windows\system32\drivers\netr28u.sys [2009-1-22 554496]
R3 RRNetCapMP;RRNetCapMP;c:\windows\system32\drivers\rrnetcap.sys [2011-11-17 31848]
R3 rt61x86;Linksys Wireless-G PCI Adapter Driver;c:\windows\system32\drivers\WMP54Gv41x86.sys [2009-4-26 286208]
R3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\drivers\teamviewervpn.sys [2010-10-7 25088]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S2 AGV;SiSRaid;c:\windows\system32\svchost.exe -k netsvcs [2008-1-21 21504]
S2 avg7rsw;HECI;c:\windows\system32\svchost.exe -k netsvcs [2008-1-21 21504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 DivisCTP;As32svc;c:\windows\system32\svchost.exe -k netsvcs [2008-1-21 21504]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-3-9 135664]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2010-9-23 2152152]
S2 mcdetect.exe;Kwatchsvc;c:\windows\system32\svchost.exe -k netsvcs [2008-1-21 21504]
S2 mcsysmon;USB11LDR;c:\windows\system32\svchost.exe -k netsvcs [2008-1-21 21504]
S2 mctaskmanager;SMTPSVC;c:\windows\system32\svchost.exe -k netsvcs [2008-1-21 21504]
S2 pavreport;Spcstb;c:\windows\system32\svchost.exe -k netsvcs [2008-1-21 21504]
S2 pctfw1;LVRS;c:\windows\system32\svchost.exe -k netsvcs [2008-1-21 21504]
S2 Radio.fx;Radio.fx Server;c:\program files\tobit radio.fx\server\rfx-server.exe [2011-9-2 3665752]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2010-11-6 1153368]
S3 CGVPNCliSrvc;CyberGhost VPN Client;c:\program files\s.a.d\cyberghost vpn\CGVPNCliService.exe [2010-4-14 2428968]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\common files\magix services\database\bin\fbserver.exe [2008-8-7 3276800]
S3 gupdatem;Google Update-Dienst (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-3-9 135664]
S3 RRNetCap;RRNetCap Service;c:\windows\system32\drivers\rrnetcap.sys [2011-11-17 31848]
S3 SXDS10;soft Xpansion Dispatch Service;c:\program files\common files\soft xpansion\SXDS10.exe [2011-9-2 160768]
S3 UPnPService;UPnPService;c:\program files\common files\magix shared\upnpservice\UPnPService.exe [2009-8-12 544768]
S3 wacmoumonitor;Wacom Mode Helper;c:\windows\system32\drivers\wacmoumonitor.sys [2009-9-29 15656]
S3 WSDPrintDevice;WSD-Druckunterstützung durch UMB;c:\windows\system32\drivers\WSDPrint.sys [2008-1-21 16896]
S3 WSDScan;WSD-Scanunterstützung durch UMB;c:\windows\system32\drivers\WSDScan.sys [2009-8-3 19968]
S4 MSSQLServerADHelper100;SQL Server Hilfsdienst für Active Directory;c:\program files\microsoft sql server\100\shared\sqladhlp.exe [2008-7-11 47128]
S4 RsFx0103;RsFx0103 Driver;c:\windows\system32\drivers\RsFx0103.sys [2009-3-30 239336]
S4 SQLAgent$SQLEXPRESS;SQL Server-Agent (SQLEXPRESS);c:\program files\microsoft sql server\mssql10.sqlexpress\mssql\binn\SQLAGENT.EXE [2009-3-30 366936]
.
=============== Created Last 30 ================
.
2012-02-19 17:12:21 159608 ----a-w- c:\windows\system32\mfevtps.exe.a63b.deleteme
2012-02-19 16:37:33 14664 ----a-w- c:\windows\stinger.sys
2012-02-19 16:36:24 159608 ----a-w- c:\windows\system32\mfevtps.exe.d2a5.deleteme
2012-02-19 16:36:11 -------- d-----w- c:\program files\stinger
2012-02-19 10:52:15 -------- d-sh--w- c:\windows\system32\%APPDATA%
2012-02-19 10:47:49 0 --sha-w- c:\windows\system32\dds_log_trash.cmd
2012-02-19 10:46:33 -------- d-sh--w- c:\users\tobias\appdata\local\e788e630
2012-02-19 10:40:43 -------- d-----w- c:\users\tobias\appdata\roaming\Enterbrain
2012-02-19 10:39:45 -------- d-----w- c:\program files\common files\Enterbrain
2012-02-19 10:09:19 -------- d-----w- c:\program files\RPG Maker VX Ace FR
2012-02-18 19:18:16 56200 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{eb3340d7-4834-4ace-92ee-0cca495620bc}\offreg.dll
2012-02-17 10:12:06 6557240 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{eb3340d7-4834-4ace-92ee-0cca495620bc}\mpengine.dll
2012-02-15 19:36:00 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-02-15 19:20:50 -------- d-----w- c:\users\tobias\appdata\local\Ilivid Player
2012-02-15 19:19:40 -------- d-----w- c:\users\tobias\appdata\local\PackageAware
2012-02-15 12:07:12 680448 ----a-w- c:\windows\system32\msvcrt.dll
2012-02-15 12:07:10 2044416 ----a-w- c:\windows\system32\win32k.sys
2012-02-15 12:07:09 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat
2012-01-29 17:24:02 -------- d-----w- c:\users\tobias\appdata\roaming\NVIDIA
2012-01-29 14:55:21 123712 ----a-w- c:\windows\system32\nvshext.dll
2012-01-29 14:55:18 602432 ----a-w- c:\windows\system32\easyupdatusapiu.dll
2012-01-29 14:54:27 -------- d-----w- c:\programdata\NVIDIA Corporation
2012-01-29 14:49:16 7041856 ----a-w- c:\windows\system32\nvwgf2um.dll
2012-01-29 14:49:16 61248 ----a-w- c:\windows\system32\OpenCL.dll
2012-01-29 14:49:16 18871616 ----a-w- c:\windows\system32\nvoglv32.dll
2012-01-29 14:49:15 919872 ----a-w- c:\windows\system32\nvdispco32.dll
2012-01-29 14:49:15 877376 ----a-w- c:\windows\system32\nvgenco32.dll
2012-01-29 14:49:15 5578560 ----a-w- c:\windows\system32\nvcuda.dll
2012-01-29 14:49:15 2401088 ----a-w- c:\windows\system32\nvcuvid.dll
2012-01-29 14:49:15 2099520 ----a-w- c:\windows\system32\nvcuvenc.dll
2012-01-29 14:49:15 10327360 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2012-01-29 14:49:14 17248576 ----a-w- c:\windows\system32\nvcompiler.dll
2012-01-29 14:48:54 -------- d-----w- c:\program files\NVIDIA Corporation
2012-01-29 14:48:26 -------- d-----w- C:\NVIDIA
2012-01-29 13:40:15 -------- d-----w- c:\users\tobias\appdata\local\ElevatedDiagnostics
2012-01-29 12:50:54 -------- d-sh--w- c:\programdata\DSS
2012-01-29 12:20:21 -------- d-----w- c:\program files\WB Games
2012-01-29 11:47:46 440192 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-01-29 11:47:46 278528 ----a-w- c:\windows\system32\schannel.dll
2012-01-29 11:47:45 9728 ----a-w- c:\windows\system32\lsass.exe
2012-01-29 11:47:45 72704 ----a-w- c:\windows\system32\secur32.dll
2012-01-29 11:47:45 377344 ----a-w- c:\windows\system32\winhttp.dll
2012-01-29 11:47:45 1259008 ----a-w- c:\windows\system32\lsasrv.dll
2012-01-29 11:15:32 -------- d-----w- c:\program files\Free Window Registry Repair
2012-01-29 11:11:10 3584 ----a-r- c:\users\tobias\appdata\roaming\microsoft\installer\{121634b0-2f4b-11d3-ada3-00c04f52dd52}\Icon386ED4E3.exe
2012-01-29 11:11:07 -------- d-----w- c:\program files\Windows Installer Clean Up
2012-01-29 11:09:32 -------- d-----w- c:\program files\MSECACHE
2012-01-29 10:43:09 -------- d-----w- c:\programdata\Martau
2012-01-29 10:42:58 -------- d-----w- c:\program files\Total Uninstall 5
2012-01-29 10:35:37 -------- d-----w- c:\program files\RegCleaner
2012-01-28 21:29:45 -------- d-----w- c:\users\tobias\appdata\local\Babylon
2012-01-28 21:29:44 -------- d-----w- c:\programdata\Babylon
2012-01-28 20:49:40 -------- d-----w- c:\users\tobias\appdata\roaming\PCPro
2012-01-28 20:49:40 -------- d-----w- c:\users\tobias\appdata\roaming\PC Cleaners
2012-01-28 20:49:17 5276432 ----a-w- c:\windows\uninst.exe
2012-01-28 20:49:06 -------- d-----w- c:\programdata\PC1Data
2012-01-28 15:46:12 34304 ----a-w- c:\windows\system32\drivers\AmdLLD.sys
2012-01-28 15:46:10 -------- d-----w- c:\program files\AMD
2012-01-23 18:32:24 -------- d-----w- c:\users\tobias\appdata\local\Samsung
2012-01-23 18:28:11 4659712 ----a-w- c:\windows\system32\Redemption.dll
2012-01-23 18:27:42 821824 ----a-w- c:\windows\system32\dgderapi.dll
2012-01-23 18:27:42 319456 ----a-w- c:\windows\system32\DIFxAPI.dll
2012-01-23 18:27:42 20032 ----a-w- c:\windows\system32\drivers\dgderdrv.sys
2012-01-23 18:27:42 -------- d-----w- c:\program files\MarkAny
2012-01-23 18:25:32 -------- d-----w- c:\programdata\Samsung
2012-01-22 10:59:56 -------- d-----w- c:\program files\EPSON
2012-01-22 10:58:34 79679 ----a-w- c:\windows\system32\E_FLMAHE.DLL
2012-01-22 10:58:34 64000 ----a-w- c:\windows\system32\E_FBCBAHE.DLL
2012-01-22 10:58:34 34304 ----a-w- c:\windows\system32\E_FBCHAHE.DLL
.
==================== Find3M ====================
.
2012-02-19 10:47:11 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-01-26 23:21:24 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-01-19 11:15:52 3537752 ----a-w- c:\windows\RXSUnins.exe
2012-01-19 11:15:52 3537752 ----a-w- c:\windows\RXCUnins.exe
2011-12-14 03:04:54 1798656 ----a-w- c:\windows\system32\jscript9.dll
2011-12-14 02:57:18 1127424 ----a-w- c:\windows\system32\wininet.dll
2011-12-14 02:56:58 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2011-12-09 13:27:31 39016 ----a-w- c:\windows\system32\drivers\tbhsd.sys
2011-11-25 15:59:48 376320 ----a-w- c:\windows\system32\winsrv.dll
.
============= FINISH: 21:02:45,01 ===============

Hab die Anhänge vergessen.:stirn:

Master Boot Record wird gerade überschrieben und es wurden nur Daten gesichert, die nicht ausführbar sind.
Kann geschlossen werden, danke.:party:


Alle Zeitangaben in WEZ +1. Es ist jetzt 11:56 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131