Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Wie werde ich "TR/Agent.ruo" los? (https://www.trojaner-board.de/84270-tr-agent-ruo-los.html)

DevilTribe 30.03.2010 02:19
Wie werde ich "TR/Agent.ruo" los?
 
Hallo,
ich habe seit einigen Tagen "TR/Agent.ruo" Virus auf meinen Rechner. Wie kann ich den löschen?

Danke im voraus.

Osam Log:
Report of OSAM: Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 03:10:53 on 30.03.2010

OS: Windows XP Professional Service Pack 2 (Build 2600)
Default Browser: Mozilla Corporation Firefox 3.6.2

Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures

Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries


[Common]
-----( %SystemRoot%\Tasks )-----
"AppleSoftwareUpdate.job" - "Apple Inc." - C:\Programme\Apple Software Update\SoftwareUpdate.exe
"FRU Task #Hewlett-Packard#hp psc 1200 series#1228528499.job" - ? - C:\Programme\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe

[Control Panel Objects]
-----( %SystemRoot%\system32 )-----
"alsndmgr.cpl" - ? - C:\WINDOWS\system32\alsndmgr.cpl (File found, but it contains no detailed information)
"infocardcpl.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\infocardcpl.cpl
"javacpl.cpl" - "Sun Microsystems, Inc." - C:\WINDOWS\system32\javacpl.cpl
"nvcpl.cpl" - "NVIDIA Corporation" - C:\WINDOWS\system32\nvcpl.cpl
"nvtuicpl.cpl" - "NVIDIA Corporation" - C:\WINDOWS\system32\nvtuicpl.cpl
"RDCP1045.CPL" - ? - C:\WINDOWS\system32\RDCP1045.CPL (File found, but it contains no detailed information)
"vp6dec_settings.cpl" - ? - C:\WINDOWS\system32\vp6dec_settings.cpl (File found, but it contains no detailed information)
"vp7dec_settings.cpl" - ? - C:\WINDOWS\system32\vp7dec_settings.cpl (File found, but it contains no detailed information)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )-----
"Avira AntiVir Personal - Free Antivirus " - "Avira GmbH" - C:\PROGRA~1\Avira\ANTIVI~1\avconfig.cpl
"QuattroCPL" - "M-Audio" - C:\Programme\M-Audio USB Quattro\Quattro.cpl
"QuickTime" - "Apple Inc." - C:\Programme\QuickTime\QTSystem\QuickTime.cpl

[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"acedrv11" (acedrv11) - "Protect Software GmbH" - C:\WINDOWS\system32\drivers\acedrv11.sys
"AFS2k" (AFS2K) - "Oak Technology Inc." - C:\WINDOWS\system32\drivers\AFS2K.sys
"Asapi" (Asapi) - "VOB Computersysteme GmbH" - C:\WINDOWS\system32\drivers\Asapi.sys
"avgio" (avgio) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\avgio.sys
"avgntflt" (avgntflt) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\avgntflt.sys
"avipbb" (avipbb) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\avipbb.sys
"AVM FRITZ! Box" (AVMUNET) - "AVM GmbH" - C:\WINDOWS\System32\DRIVERS\avmunet.sys
"AVM FRITZ!web PPP over ISDN" (NETFRITZ) - "AVM Berlin" - C:\WINDOWS\System32\DRIVERS\NETFRITZ.SYS
"AVMCOWAN" (AVMCOWAN) - "AVM GmbH" - C:\WINDOWS\System32\DRIVERS\AVMCOWAN.sys
"Bluetooth Audio Device" (btaudio) - ? - C:\WINDOWS\System32\drivers\btaudio.sys (File not found)
"Bluetooth LAN Access Server" (BTWDNDIS) - ? - C:\WINDOWS\System32\DRIVERS\btwdndis.sys (File not found)
"Bluetooth Virtual Communications Driver" (BTDriver) - ? - C:\WINDOWS\System32\DRIVERS\btport.sys (File not found)
"Changer" (Changer) - ? - C:\WINDOWS\system32\drivers\Changer.sys (File not found)
"Dritek HotKey Keyboard Filter Driver" (KBFiltr) - ? - C:\WINDOWS\System32\Drivers\KBFiltr.sys (File not found)
"EnTech softEngine" (se32) - "EnTech Taiwan" - C:\WINDOWS\System32\Drivers\se32.sys
"fasttrak" (fasttrak) - "Promise Technology, Inc." - C:\WINDOWS\System32\DRIVERS\fasttrak.sys
"GMSIPCI" (GMSIPCI) - ? - D:\INSTALL\GMSIPCI.SYS (File not found)
"i2omgmt" (i2omgmt) - ? - C:\WINDOWS\system32\drivers\i2omgmt.sys (File not found)
"KORG USB-MIDI Driver for Windows XP" (KORGUMDS) - "KORG Inc." - C:\WINDOWS\System32\Drivers\KORGUMDS.SYS
"lbrtfdc" (lbrtfdc) - ? - C:\WINDOWS\system32\drivers\lbrtfdc.sys (File not found)
"LMASFltr" (LMASFltr) - "Nemesis" - C:\WINDOWS\System32\drivers\LMASFltr.sys
"Logitech SetPoint Keyboard Driver" (L8042Kbd) - "Logitech, Inc." - C:\WINDOWS\System32\DRIVERS\L8042Kbd.sys
"M Audio USB ASIO Driver" (MMAUSB) - "Nemesis" - C:\WINDOWS\System32\Drivers\MMAUSB.SYS
"M Audio USB Quattro Midi Driver" (USBAS4X4) - "Doug Fetter Software Wizardry" - C:\WINDOWS\System32\drivers\usbas4x4.sys
"M-Audio Quattro" (ma763001) - "Nemesis" - C:\WINDOWS\System32\drivers\MA763001.sys
"M-Audio Quattro Base Driver" (m763001b) - "Nemesis" - C:\WINDOWS\System32\drivers\m763001b.sys
"M-Audio Quattro Legacy Driver" (m763001d) - "Nemesis" - C:\WINDOWS\System32\drivers\m763001d.sys
"M-Audio USB Quattro Midi" (USBNS4X4) - "Doug Fetter Software Wizardry" - C:\WINDOWS\System32\drivers\usbns4x4.sys
"naecd" (naecd) - ? - C:\DOKUME~1\Kerim\LOKALE~1\Temp\naecd.sys (File not found)
"Nsynas32" (Nsynas32) - ? - C:\WINDOWS\system32\drivers\Nsynas32.sys (File not found)
"NTACCESS" (NTACCESS) - ? - D:\NTACCESS.sys (File not found)
"ntnpcs" (ntnpcs) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\ntnpcs.sys
"nVidia WDM TVAudio Crossbar" (nvtvSND) - ? - C:\WINDOWS\System32\DRIVERS\nvtvsnd.sys (File not found)
"PCIDump" (PCIDump) - ? - C:\WINDOWS\system32\drivers\PCIDump.sys (File not found)
"PDCOMP" (PDCOMP) - ? - C:\WINDOWS\system32\drivers\PDCOMP.sys (File not found)
"PDFRAME" (PDFRAME) - ? - C:\WINDOWS\system32\drivers\PDFRAME.sys (File not found)
"PDRELI" (PDRELI) - ? - C:\WINDOWS\system32\drivers\PDRELI.sys (File not found)
"PDRFRAME" (PDRFRAME) - ? - C:\WINDOWS\system32\drivers\PDRFRAME.sys (File not found)
"PQNTDrv" (PQNTDrv) - "PowerQuest Corporation" - C:\WINDOWS\system32\drivers\PQNTDrv.sys
"PxHelp20" (PxHelp20) - "Sonic Solutions" - C:\WINDOWS\System32\Drivers\PxHelp20.sys
"QuickCam Orbit/Sphere MP(UVC)" (LVUVC) - "Logitech Inc." - C:\WINDOWS\System32\DRIVERS\lvuvc.sys
"Roland FANTOM-X" (RDID1045) - "Roland Corporation" - C:\WINDOWS\System32\Drivers\RDWM1045.SYS
"SAMSUNG Mobile USB Device 1.0 driver (WDM)" (ss_bus) - "MCCI Corporation" - C:\WINDOWS\System32\DRIVERS\ss_bus.sys
"SAMSUNG Mobile USB Modem 1.0 Drivers" (ss_mdm) - "MCCI Corporation" - C:\WINDOWS\System32\DRIVERS\ss_mdm.sys
"SAMSUNG Mobile USB Modem 1.0 Filter" (ss_mdfl) - "MCCI Corporation" - C:\WINDOWS\System32\DRIVERS\ss_mdfl.sys
"Secdrv" (Secdrv) - ? - C:\WINDOWS\System32\DRIVERS\secdrv.sys (File signed by Microsoft | File found, but it contains no detailed information)
"Service for Realtek AC97 Audio (WDM)" (ALCXWDM) - "Realtek Semiconductor Corp." - C:\WINDOWS\System32\drivers\ALCXWDM.SYS
"Service for WDM 3D Audio Driver" (ALCXSENS) - "Sensaura Ltd" - C:\WINDOWS\System32\drivers\ALCXSENS.SYS
"SetPoint Mouse Filter Driver" (LMouKE) - "Logitech, Inc." - C:\WINDOWS\System32\DRIVERS\LMouKE.Sys
"SetPoint PS/2 Mouse Filter Driver" (L8042mou) - "Logitech, Inc." - C:\WINDOWS\System32\DRIVERS\L8042mou.Sys
"ssmdrv" (ssmdrv) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\ssmdrv.sys
"StarForce Protection Environment Driver v6" (prodrv06) - "Protection Technology" - C:\WINDOWS\System32\drivers\prodrv06.sys
"StarForce Protection Helper Driver" (sfhlp01) - "Protection Technology" - C:\WINDOWS\System32\drivers\sfhlp01.sys
"StarForce Protection Helper Driver v2" (prohlp02) - "Protection Technology" - C:\WINDOWS\System32\drivers\prohlp02.sys
"StarForce Protection Synchronization Driver v1" (prosync1) - "Protection Technology" - C:\WINDOWS\System32\drivers\prosync1.sys
"StarOpen" (StarOpen) - ? - C:\WINDOWS\system32\drivers\StarOpen.sys (File found, but it contains no detailed information)
"UF USB MIDI Driver" (USBMIDI) - ? - C:\WINDOWS\System32\Drivers\Mdusb.sys (File not found)
"VIA AGP Filter" (viaagp1) - "VIA Technologies, Inc." - C:\WINDOWS\System32\DRIVERS\viaagp1.sys
"VIAPFD" (VIAPFD) - "VIA Technologies. Inc." - C:\WINDOWS\System32\Drivers\VIAPFD.SYS
"videX32" (videX32) - "VIA Technologies, Inc." - C:\WINDOWS\System32\DRIVERS\videX32.sys
"WDICA" (WDICA) - ? - C:\WINDOWS\system32\drivers\WDICA.sys (File not found)
"WIDCOMM USB Bluetooth Driver" (BTWUSB) - ? - C:\WINDOWS\System32\Drivers\btwusb.sys (File not found)

[Explorer]
-----( HKCU\Software\Microsoft\Internet Explorer\Desktop\Components )-----
"AquaRealOcx Control" - ? - 7db39a0d-580f-4be9-9195-8bfcd226f6c2 (File not found)
-----( HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components )-----
{89B4C1CD-B018-4511-B0A1-5476DBF70820} "StubPath" - "Microsoft Corporation" - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----
{0561EC90-CE54-4f0c-9C55-E226110A740C} "Haali Column Provider" - ? - C:\WINDOWS\system32\mmfinfo.dll (File found, but it contains no detailed information)
{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.dll
-----( HKLM\Software\Classes\Protocols\Filter )-----
{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
-----( HKLM\Software\Classes\Protocols\Handler )-----
{9462A756-7B47-47BC-8C80-C34B9B80B32B} "BackWeb GA Pluggable Protocol" - "Logitech Inc." - C:\Programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
{3D9F03FA-7A94-11D3-BE81-0050048385D1} "Data Page Pluggable Protocol mso-offdap Handler" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBCOM~1\10\OWC10.DLL
{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
{828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
{CD00020A-8B95-11D1-82DB-00C04FB1625D} "Microsoft PKM KnowledgePluggable Class" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\PKMCDO.DLL
{828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{42071714-76d4-11d1-8b24-00a0c9068ff3} "CPL-Erweiterung für Anzeigeverschiebung" - ? - deskpan.dll (File not found)
{1CDB2949-8F65-4355-8456-263E7C208A5D} "Desktop Explorer" - "NVIDIA Corporation" - C:\WINDOWS\System32\nvshell.dll
{1E9B04FB-F9E5-4718-997B-B8DA88302A47} "Desktop Explorer Menu" - "NVIDIA Corporation" - C:\WINDOWS\System32\nvshell.dll
{A70C977A-BF00-412C-90B7-034C51DA2439} "DesktopContext Class" - "NVIDIA Corporation" - C:\WINDOWS\System32\nvcpl.dll
{1D2680C9-0E2A-469d-B787-065558BC7D43} "Fusion Cache" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
{0561EC90-CE54-4f0c-9C55-E226110A740C} "Haali Column Provider" - ? - C:\WINDOWS\system32\mmfinfo.dll (File found, but it contains no detailed information)
{5574006C-28F5-4a65-A28C-74DE6BFBE0BB} "Haali Matroska Shell Property Page" - ? - C:\WINDOWS\system32\mmfinfo.dll (File found, but it contains no detailed information)
{327669A0-59A7-4be9-B99E-1C9F3A57611A} "Haali Matroska Thumbnail Extractor" - ? - C:\WINDOWS\system32\mmfinfo.dll (File found, but it contains no detailed information)
{FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist" - ? - (File not found | COM-object registry key not found)
{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} "iTunes" - "Apple Inc." - C:\Programme\iTunes\iTunesMiniPlayer.dll
{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} "Kontextmenü für die Verschlüsselung" - ? - (File not found | COM-object registry key not found)
{73B24247-042E-4EF5-ADC2-42F62E6FD654} "MCLiteShellExt Class" - ? - C:\Programme\ICQLite\ICQLiteShell.dll (File not found)
{32683183-48a0-441b-a342-7c2a440a9478} "Media Band" - ? - (File not found | COM-object registry key not found)
{42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Programme\Microsoft Office\Office10\msohev.dll
{1E9B04FB-F9E5-4718-997B-B8DA88302A48} "nView Desktop Context Menu" - "NVIDIA Corporation" - C:\WINDOWS\System32\nvshell.dll
{0006F045-0000-0000-C000-000000000046} "Outlook-Dateisymbolerweiterung" - "Microsoft Corporation" - C:\Programme\Microsoft Office\Office10\OLKFSTUB.DLL
{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} "RealOne Player Context Menu Class" - "RealNetworks, Inc." - c:\program files\real\realplayer\rpshell.dll
{59403EC0-EA55-11d5-954A-9A53884D6E09} "SecureDoc" - "msi" - C:\PROGRA~1\MSI\SECURE~1\SecDoc.dll
{45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\shlext.dll
{E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} "Shell Icon Handler for Application References" - "Microsoft Corporation" - C:\WINDOWS\system32\dfshim.dll
{764BF0E1-F219-11ce-972D-00AA00A14F56} "Shellerweiterungen für die Dateikomprimierung" - ? - (File not found | COM-object registry key not found)
{e82a2d71-5b2f-43a0-97b8-81be15854de8} "ShellLink for Application References" - "Microsoft Corporation" - C:\WINDOWS\system32\dfshim.dll
{BDEADF00-C265-11D0-BCED-00A0C90AB50F} "Webordner" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL
{45670FA8-ED97-4F44-BC93-305082590BFB} "Windows XPS Document Metadata Handler" - "Microsoft Corporation" - C:\WINDOWS\System32\XPSSHHDR.DLL
{44121072-A222-48f2-A58A-6D9AD51EBBE9} "Windows XPS Document Thumbnail Handler" - "Microsoft Corporation" - C:\WINDOWS\System32\XPSSHHDR.DLL
{B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - ? - C:\Programme\WinRAR\rarext.dll (File found, but it contains no detailed information)
{E0D79300-84BE-11CE-9641-444553540000} "WinZip" - ? - C:\PROGRA~1\WinZip\wzshlext.dll
{E0D79301-84BE-11CE-9641-444553540000} "WinZip" - ? - C:\PROGRA~1\WinZip\wzshlext.dll
{E0D79302-84BE-11CE-9641-444553540000} "WinZip" - ? - C:\PROGRA~1\WinZip\wzshlext.dll
{E0D79304-84BE-11CE-9641-444553540000} "WinZip" - "WinZip Computing, Inc." - C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
{E0D79305-84BE-11CE-9641-444553540000} "WinZip" - "WinZip Computing, Inc." - C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
{E0D79306-84BE-11CE-9641-444553540000} "WinZip" - "WinZip Computing, Inc." - C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
{E0D79307-84BE-11CE-9641-444553540000} "WinZip" - "WinZip Computing, Inc." - C:\PROGRA~1\WINZIP\WZSHLSTB.DLL

[Internet Explorer]
-----( HKCU\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars )-----
{32683183-48a0-441b-a342-7c2a440a9478} "{32683183-48a0-441b-a342-7c2a440a9478}" - ? - (File not found | COM-object registry key not found)
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
<binary data> "&Yahoo! Toolbar" - ? - (File not found | COM-object registry key not found)
<binary data> "ICQ Toolbar" - ? - (File not found | COM-object registry key not found)
ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found)
<binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found)
<binary data> "ITBarLayout" - ? - (File not found | COM-object registry key not found)
<binary data> "Winamp Toolbar" - "AOL LLC." - C:\Programme\Winamp Toolbar\winamptb.dll
<binary data> "{2318C2B1-4965-11D4-9B18-009027A5CD4F}" - ? - (File not found | COM-object registry key not found)
<binary data> "{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}" - ? - (File not found | COM-object registry key not found)
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
DirectAnimation Java Classes "DirectAnimation Java Classes" - ? - (File not found | COM-object registry key not found) / file://C:\WINDOWS\Java\classes\dajava.cab
{E55FD215-A32E-43FE-A777-A7E8F165F551} "Flatcast Viewer 4.15" - "1 mal 1 Software GmbH" - C:\WINDOWS\DOWNLO~1\NpFv415.dll / hxxp://www.flatcast.com/de/download/NpFv415.dll
{DC6FEBC5-0A2D-458A-A01B-5DB15EEC4305} "IlosoftImageUploadCtl Class" - ? - C:\WINDOWS\Downloaded Program Files\IlosoftImageUpload.dll / hxxp://webc.krm-audio.com/controls/IlosoftImageUpload.dll
{4E330863-6A11-11D0-BFD8-006097237877} "InstallFromTheWeb ActiveX Control" - "InstallShield Software Corporation" - C:\WINDOWS\Downloaded Program Files\iftw.dll / hxxp://tw.msi.com.tw/autobios/client/iftwclix.cab
{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_18" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_18.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} "Java Plug-in 1.6.0_18" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_18.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_18" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_18.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
Microsoft XML Parser for Java "Microsoft XML Parser for Java" - ? - (File not found | COM-object registry key not found) / file://C:\WINDOWS\Java\classes\xmldso.cab
{B38870E4-7ECB-40DA-8C6A-595F0A5519FF} "MsnMessengerSetupDownloadControl Class" - "Microsoft Corporation" - C:\WINDOWS\Downloaded Program Files\MsnMessengerSetupDownloader.ocx / hxxp://messenger.msn.com/download/msnmessengersetupdownloader.cab
{166B1BCA-3F9C-11CF-8075-444553540000} "Shockwave ActiveX Control" - "Macromedia, Inc." - C:\WINDOWS\system32\Macromed\Director\SwDir.dll / hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
{2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} "Symantec AntiVirus scanner" - "Symantec Corporation" - C:\WINDOWS\Downloaded Program Files\avsniff.dll / hxxp://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
{644E432F-49D3-41A1-8DD5-E099162EEEC5} "Symantec RuFSI Utility Class" - "Symantec Corporation" - C:\WINDOWS\Downloaded Program Files\rufsi.dll / hxxp://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
{67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} "System Requirements Lab Class" - "Husdawg, LLC" - C:\WINDOWS\Downloaded Program Files\sysreqlab2.dll / hxxp://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab
{8167C273-DF59-4416-B647-C8BB2C7EE83E} "WebSDev Control" - "MICRO-STAR INT'L CO., LTD." - C:\PROGRA~2\MSI\MSIWDev\WebSDev.ocx / hxxp://liveupdate.msi.com.tw/autobios/LOnline/install.cab
{40BF816B-D862-41B9-9445-ECA36D5F67F9} "{40BF816B-D862-41B9-9445-ECA36D5F67F9}" - ? - (File not found | COM-object registry key not found) /
{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} "{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}" - ? - (File not found | COM-object registry key not found) /
{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} "{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}" - ? - (File not found | COM-object registry key not found) / hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab
{CT id=e codeBase=hxxp://www.www2.p0rt2.com/files/epl29bf2.cab classid=clsid:33331111-1111-1111-1111-615111193427} "{CT id=e codeBase=hxxp://www.www2.p0rt2.com/files/epl29bf2.cab classid=clsid:33331111-1111-1111-1111-615111193427}" - ? - (File not found | COM-object registry key not found) /
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
{53707962-6F74-2D53-2644-206D7942484F} "ClsidExtension" - "Safer Networking Limited" - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
"ICQ6" - "ICQ, LLC." - C:\Programme\ICQ6.5\ICQ.exe
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )-----
{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} "Winamp Toolbar" - "AOL LLC." - C:\Programme\Winamp Toolbar\winamptb.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\jp2ssv.dll
{E7E6F031-17CE-4C07-BC86-EABFE594F69C} "JQSIEStartDetectorImpl Class" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
{53707962-6F74-2D53-2644-206D7942484F} "Spybot-S&D IE Protection" - "Safer Networking Limited" - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} "Winamp Toolbar Loader" - "AOL LLC." - C:\Programme\Winamp Toolbar\winamptb.dll
{9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live Anmelde-Hilfsprogramm" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

[Logon]
-----( %AllUsersProfile%\Startmenü\Programme\Autostart )-----
"desktop.ini" - ? - C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\desktop.ini
"hp psc 1000 series.lnk" - "Hewlett-Packard Co." - C:\Programme\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe (Shortcut exists | File exists)
"hpoddt01.exe.lnk" - "Hewlett-Packard" - C:\Programme\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe (Shortcut exists | File exists)
"Microsoft Office.lnk" - "Microsoft Corporation" - C:\Programme\Microsoft Office\Office10\OSA.EXE (Shortcut exists | File exists)
-----( %UserProfile%\Startmenü\Programme\Autostart )-----
"desktop.ini" - ? - C:\Dokumente und Einstellungen\Kerim\Startmenü\Programme\Autostart\desktop.ini
"M-Audio Quattro Control Panel Launcher.lnk" - "M-Audio" - C:\Programme\M-Audio USB Quattro\QuatTask.exe (Shortcut exists | File exists)
"OnScreen Manager.lnk" - "EnTech Taiwan" - C:\Programme\softOSD\softOSM.exe (Shortcut exists | File exists)
-----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )-----
"SpybotSD TeaTimer" - "Safer-Networking Ltd." - C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
"TomTomHOME.exe" - "TomTom" - "C:\Programme\TomTom HOME 2\TomTomHOMERunner.exe"
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"Adobe ARM" - "Adobe Systems Incorporated" - "C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe"
"Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"avgnt" - "Avira GmbH" - "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min
"Corel File Shell Monitor" - "Corel, Inc." - C:\Programme\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
"Corel Photo Downloader" - "Corel, Inc." - "C:\Programme\Gemeinsame Dateien\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" -startup
"iTunesHelper" - "Apple Inc." - "C:\Programme\iTunes\iTunesHelper.exe"
"LogitechQuickCamRibbon" - "Logitech Inc." - "C:\Programme\Logitech\Logitech WebCam Software\LWS.exe" /hide
"Microsoft WinUpdates" - ? - serm32.exe (File not found)
"Microsoft-Updates" - ? - svxhost.exe (File not found)
"NeroCheck" - "Ahead Software Gmbh" - C:\WINDOWS\System32\NeroCheck.exe
"NvMediaCenter" - "NVIDIA Corporation" - RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
"PDFPrint" - "Geek Software GmbH" - C:\Programme\pdf24\pdf24.exe
"QuickTime Task" - "Apple Inc." - "C:\Programme\QuickTime\qttask.exe" -atboottime
"SoundMan" - "Realtek Semiconductor Corp." - SOUNDMAN.EXE
"SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe"
"TkBellExe" - "RealNetworks, Inc." - "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx )-----
"Flag" - ? - „ (File not found)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices )-----
"Microsoft WinUpdates" - ? - serm32.exe (File not found)
"Microsoft-Updates" - ? - svxhost.exe (File not found)

[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
".NET Runtime Optimization Service v2.0.50727_X86" (clr_optimization_v2.0.50727_32) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
"Apple Mobile Device" (Apple Mobile Device) - "Apple Inc." - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
"ASP.NET State Service" (aspnet_state) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
"Avira AntiVir Guard" (AntiVirService) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\avguard.exe
"Avira AntiVir Planer" (AntiVirSchedulerService) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\sched.exe
"Bonjour-Dienst" (Bonjour Service) - "Apple Inc." - C:\Programme\Bonjour\mDNSResponder.exe
"DATA BECKER Update Service" (DBService) - "DATA BECKER GmbH & Co KG" - C:\Programme\Gemeinsame Dateien\DATA BECKER Shared\DBService.exe
"EPSON Printer Status Agent2" (EPSONStatusAgent2) - "SEIKO EPSON CORPORATION" - C:\Programme\Gemeinsame Dateien\EPSON\EBAPI\SAgent2.exe
"InstallDriver Table Manager" (IDriverT) - "Macrovision Corporation" - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
"iPod-Dienst" (iPod Service) - "Apple Inc." - C:\Programme\iPod\bin\iPodService.exe
"Java Quick Starter" (JavaQuickStarterService) - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\jqs.exe
"Process Monitor" (LVPrcSrv) - "Logitech Inc." - C:\Programme\Gemeinsame Dateien\LogiShrd\LVMVFM\LVPrcSrv.exe
"Protexis Licensing V2" (PSI_SVC_2) - "Protexis Inc." - C:\Programme\Gemeinsame Dateien\Protexis\License Service\PsiService_2.exe
"Quattro Installer" (QuattroInstallerService) - "M-Audio" - C:\Programme\M-Audio USB Quattro\Install\QuatInst.exe
"Servicio de uso compartido de red del Reproductor de Windows Media" (WMPNetworkSvc) - ? - "C:\Programme\Windows Media Player\WMPNetwk.exe" (File not found)
"softOSD" (softOSD) - "EnTech Taiwan" - C:\Programme\softOSD\softOSD.exe
"TomTomHOMEService" (TomTomHOMEService) - "TomTom" - C:\Programme\TomTom HOME 2\TomTomHOMEService.exe
"Windows CardSpace" (idsvc) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

[Winlogon]
-----( HKCU\Control Panel\IOProcs )-----
"MVB" - ? - mvfs32.dll (File not found)

[Winsock Providers]
-----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )-----
"mdnsNSP" - "Apple Inc." - C:\Programme\Bonjour\mdnsNSP.dll

===[ Logfile end ]=========================================[ Logfile end ]===

If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru

cosinus 30.03.2010 12:43
hallo und :hallo:

Code:
[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"naecd" (naecd) - ? - C:\DOKUME~1\Kerim\LOKALE~1\Temp\naecd.sys (File not found)
"Nsynas32" (Nsynas32) - ? - C:\WINDOWS\system32\drivers\Nsynas32.sys (File not found)
"NTACCESS" (NTACCESS) - ? - D:\NTACCESS.sys (File not found)
"ntnpcs" (ntnpcs) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\ntnpcs.sys
"WDICA" (WDICA) - ? - C:\WINDOWS\system32\drivers\WDICA.sys (File not found)
Bitte mit OSAM deaktivieren (siehe Anleitung zu OSAM). Poste danach ein neues Log von OSAM und lass die Datei

C:\WINDOWS\system32\drivers\ntnpcs.sys

bei Virustotal auswerten. Bitte dann Ergebnislink posten.

DevilTribe 30.03.2010 21:58
Erstmal vielen vielen dank für die schnelle Antwort.

OSAM Ergebnis:
Report of OSAM: Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 22:58:01 on 30.03.2010

OS: Windows XP Professional Service Pack 2 (Build 2600)
Default Browser: Mozilla Corporation Firefox 3.6.2

Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures

Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries


[Common]
-----( %SystemRoot%\Tasks )-----
"AppleSoftwareUpdate.job" - "Apple Inc." - C:\Programme\Apple Software Update\SoftwareUpdate.exe
"FRU Task #Hewlett-Packard#hp psc 1200 series#1228528499.job" - ? - C:\Programme\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe

[Control Panel Objects]
-----( %SystemRoot%\system32 )-----
"alsndmgr.cpl" - ? - C:\WINDOWS\system32\alsndmgr.cpl (File found, but it contains no detailed information)
"infocardcpl.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\infocardcpl.cpl
"javacpl.cpl" - "Sun Microsystems, Inc." - C:\WINDOWS\system32\javacpl.cpl
"nvcpl.cpl" - "NVIDIA Corporation" - C:\WINDOWS\system32\nvcpl.cpl
"nvtuicpl.cpl" - "NVIDIA Corporation" - C:\WINDOWS\system32\nvtuicpl.cpl
"RDCP1045.CPL" - ? - C:\WINDOWS\system32\RDCP1045.CPL (File found, but it contains no detailed information)
"vp6dec_settings.cpl" - ? - C:\WINDOWS\system32\vp6dec_settings.cpl (File found, but it contains no detailed information)
"vp7dec_settings.cpl" - ? - C:\WINDOWS\system32\vp7dec_settings.cpl (File found, but it contains no detailed information)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )-----
"Avira AntiVir Personal - Free Antivirus " - "Avira GmbH" - C:\PROGRA~1\Avira\ANTIVI~1\avconfig.cpl
"QuattroCPL" - "M-Audio" - C:\Programme\M-Audio USB Quattro\Quattro.cpl
"QuickTime" - "Apple Inc." - C:\Programme\QuickTime\QTSystem\QuickTime.cpl

[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"acedrv11" (acedrv11) - "Protect Software GmbH" - C:\WINDOWS\system32\drivers\acedrv11.sys
"AFS2k" (AFS2K) - "Oak Technology Inc." - C:\WINDOWS\system32\drivers\AFS2K.sys
"Asapi" (Asapi) - "VOB Computersysteme GmbH" - C:\WINDOWS\system32\drivers\Asapi.sys
"avgio" (avgio) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\avgio.sys
"avgntflt" (avgntflt) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\avgntflt.sys
"avipbb" (avipbb) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\avipbb.sys
"AVM FRITZ! Box" (AVMUNET) - "AVM GmbH" - C:\WINDOWS\System32\DRIVERS\avmunet.sys
"AVM FRITZ!web PPP over ISDN" (NETFRITZ) - "AVM Berlin" - C:\WINDOWS\System32\DRIVERS\NETFRITZ.SYS
"AVMCOWAN" (AVMCOWAN) - "AVM GmbH" - C:\WINDOWS\System32\DRIVERS\AVMCOWAN.sys
"Bluetooth Audio Device" (btaudio) - ? - C:\WINDOWS\System32\drivers\btaudio.sys (File not found)
"Bluetooth LAN Access Server" (BTWDNDIS) - ? - C:\WINDOWS\System32\DRIVERS\btwdndis.sys (File not found)
"Bluetooth Virtual Communications Driver" (BTDriver) - ? - C:\WINDOWS\System32\DRIVERS\btport.sys (File not found)
"Changer" (Changer) - ? - C:\WINDOWS\system32\drivers\Changer.sys (File not found)
"Dritek HotKey Keyboard Filter Driver" (KBFiltr) - ? - C:\WINDOWS\System32\Drivers\KBFiltr.sys (File not found)
"EnTech softEngine" (se32) - "EnTech Taiwan" - C:\WINDOWS\System32\Drivers\se32.sys
"fasttrak" (fasttrak) - "Promise Technology, Inc." - C:\WINDOWS\System32\DRIVERS\fasttrak.sys
"GMSIPCI" (GMSIPCI) - ? - D:\INSTALL\GMSIPCI.SYS (File not found)
"i2omgmt" (i2omgmt) - ? - C:\WINDOWS\system32\drivers\i2omgmt.sys (File not found)
"KORG USB-MIDI Driver for Windows XP" (KORGUMDS) - "KORG Inc." - C:\WINDOWS\System32\Drivers\KORGUMDS.SYS
"lbrtfdc" (lbrtfdc) - ? - C:\WINDOWS\system32\drivers\lbrtfdc.sys (File not found)
"LMASFltr" (LMASFltr) - "Nemesis" - C:\WINDOWS\System32\drivers\LMASFltr.sys
"Logitech SetPoint Keyboard Driver" (L8042Kbd) - "Logitech, Inc." - C:\WINDOWS\System32\DRIVERS\L8042Kbd.sys
"M Audio USB ASIO Driver" (MMAUSB) - "Nemesis" - C:\WINDOWS\System32\Drivers\MMAUSB.SYS
"M Audio USB Quattro Midi Driver" (USBAS4X4) - "Doug Fetter Software Wizardry" - C:\WINDOWS\System32\drivers\usbas4x4.sys
"M-Audio Quattro" (ma763001) - "Nemesis" - C:\WINDOWS\System32\drivers\MA763001.sys
"M-Audio Quattro Base Driver" (m763001b) - "Nemesis" - C:\WINDOWS\System32\drivers\m763001b.sys
"M-Audio Quattro Legacy Driver" (m763001d) - "Nemesis" - C:\WINDOWS\System32\drivers\m763001d.sys
"M-Audio USB Quattro Midi" (USBNS4X4) - "Doug Fetter Software Wizardry" - C:\WINDOWS\System32\drivers\usbns4x4.sys
"nVidia WDM TVAudio Crossbar" (nvtvSND) - ? - C:\WINDOWS\System32\DRIVERS\nvtvsnd.sys (File not found)
"PCIDump" (PCIDump) - ? - C:\WINDOWS\system32\drivers\PCIDump.sys (File not found)
"PDCOMP" (PDCOMP) - ? - C:\WINDOWS\system32\drivers\PDCOMP.sys (File not found)
"PDFRAME" (PDFRAME) - ? - C:\WINDOWS\system32\drivers\PDFRAME.sys (File not found)
"PDRELI" (PDRELI) - ? - C:\WINDOWS\system32\drivers\PDRELI.sys (File not found)
"PDRFRAME" (PDRFRAME) - ? - C:\WINDOWS\system32\drivers\PDRFRAME.sys (File not found)
"PQNTDrv" (PQNTDrv) - "PowerQuest Corporation" - C:\WINDOWS\system32\drivers\PQNTDrv.sys
"PxHelp20" (PxHelp20) - "Sonic Solutions" - C:\WINDOWS\System32\Drivers\PxHelp20.sys
"QuickCam Orbit/Sphere MP(UVC)" (LVUVC) - "Logitech Inc." - C:\WINDOWS\System32\DRIVERS\lvuvc.sys
"Roland FANTOM-X" (RDID1045) - "Roland Corporation" - C:\WINDOWS\System32\Drivers\RDWM1045.SYS
"SAMSUNG Mobile USB Device 1.0 driver (WDM)" (ss_bus) - "MCCI Corporation" - C:\WINDOWS\System32\DRIVERS\ss_bus.sys
"SAMSUNG Mobile USB Modem 1.0 Drivers" (ss_mdm) - "MCCI Corporation" - C:\WINDOWS\System32\DRIVERS\ss_mdm.sys
"SAMSUNG Mobile USB Modem 1.0 Filter" (ss_mdfl) - "MCCI Corporation" - C:\WINDOWS\System32\DRIVERS\ss_mdfl.sys
"Secdrv" (Secdrv) - ? - C:\WINDOWS\System32\DRIVERS\secdrv.sys (File signed by Microsoft | File found, but it contains no detailed information)
"Service for Realtek AC97 Audio (WDM)" (ALCXWDM) - "Realtek Semiconductor Corp." - C:\WINDOWS\System32\drivers\ALCXWDM.SYS
"Service for WDM 3D Audio Driver" (ALCXSENS) - "Sensaura Ltd" - C:\WINDOWS\System32\drivers\ALCXSENS.SYS
"SetPoint Mouse Filter Driver" (LMouKE) - "Logitech, Inc." - C:\WINDOWS\System32\DRIVERS\LMouKE.Sys
"SetPoint PS/2 Mouse Filter Driver" (L8042mou) - "Logitech, Inc." - C:\WINDOWS\System32\DRIVERS\L8042mou.Sys
"ssmdrv" (ssmdrv) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\ssmdrv.sys
"StarForce Protection Environment Driver v6" (prodrv06) - "Protection Technology" - C:\WINDOWS\System32\drivers\prodrv06.sys
"StarForce Protection Helper Driver" (sfhlp01) - "Protection Technology" - C:\WINDOWS\System32\drivers\sfhlp01.sys
"StarForce Protection Helper Driver v2" (prohlp02) - "Protection Technology" - C:\WINDOWS\System32\drivers\prohlp02.sys
"StarForce Protection Synchronization Driver v1" (prosync1) - "Protection Technology" - C:\WINDOWS\System32\drivers\prosync1.sys
"StarOpen" (StarOpen) - ? - C:\WINDOWS\system32\drivers\StarOpen.sys (File found, but it contains no detailed information)
"UF USB MIDI Driver" (USBMIDI) - ? - C:\WINDOWS\System32\Drivers\Mdusb.sys (File not found)
"VIA AGP Filter" (viaagp1) - "VIA Technologies, Inc." - C:\WINDOWS\System32\DRIVERS\viaagp1.sys
"VIAPFD" (VIAPFD) - "VIA Technologies. Inc." - C:\WINDOWS\System32\Drivers\VIAPFD.SYS
"videX32" (videX32) - "VIA Technologies, Inc." - C:\WINDOWS\System32\DRIVERS\videX32.sys
"WIDCOMM USB Bluetooth Driver" (BTWUSB) - ? - C:\WINDOWS\System32\Drivers\btwusb.sys (File not found)
(Disabled) "naecd" (naecd) - ? - C:\DOKUME~1\Kerim\LOKALE~1\Temp\naecd.sys (File not found)
(Disabled) "Nsynas32" (Nsynas32) - ? - C:\WINDOWS\system32\drivers\Nsynas32.sys (File not found)
(Disabled) "NTACCESS" (NTACCESS) - ? - D:\NTACCESS.sys (File not found)
(Disabled) "ntnpcs" (ntnpcs) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\ntnpcs.sys (File is exclusively opened, access blocked)
(Disabled) "WDICA" (WDICA) - ? - C:\WINDOWS\system32\drivers\WDICA.sys (File not found)

[Explorer]
-----( HKCU\Software\Microsoft\Internet Explorer\Desktop\Components )-----
"AquaRealOcx Control" - ? - 7db39a0d-580f-4be9-9195-8bfcd226f6c2 (File not found)
-----( HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components )-----
{89B4C1CD-B018-4511-B0A1-5476DBF70820} "StubPath" - "Microsoft Corporation" - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----
{0561EC90-CE54-4f0c-9C55-E226110A740C} "Haali Column Provider" - ? - C:\WINDOWS\system32\mmfinfo.dll (File found, but it contains no detailed information)
{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.dll
-----( HKLM\Software\Classes\Protocols\Filter )-----
{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
-----( HKLM\Software\Classes\Protocols\Handler )-----
{9462A756-7B47-47BC-8C80-C34B9B80B32B} "BackWeb GA Pluggable Protocol" - "Logitech Inc." - C:\Programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
{3D9F03FA-7A94-11D3-BE81-0050048385D1} "Data Page Pluggable Protocol mso-offdap Handler" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBCOM~1\10\OWC10.DLL
{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
{828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
{CD00020A-8B95-11D1-82DB-00C04FB1625D} "Microsoft PKM KnowledgePluggable Class" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\PKMCDO.DLL
{828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{42071714-76d4-11d1-8b24-00a0c9068ff3} "CPL-Erweiterung für Anzeigeverschiebung" - ? - deskpan.dll (File not found)
{1CDB2949-8F65-4355-8456-263E7C208A5D} "Desktop Explorer" - "NVIDIA Corporation" - C:\WINDOWS\System32\nvshell.dll
{1E9B04FB-F9E5-4718-997B-B8DA88302A47} "Desktop Explorer Menu" - "NVIDIA Corporation" - C:\WINDOWS\System32\nvshell.dll
{A70C977A-BF00-412C-90B7-034C51DA2439} "DesktopContext Class" - "NVIDIA Corporation" - C:\WINDOWS\System32\nvcpl.dll
{1D2680C9-0E2A-469d-B787-065558BC7D43} "Fusion Cache" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
{0561EC90-CE54-4f0c-9C55-E226110A740C} "Haali Column Provider" - ? - C:\WINDOWS\system32\mmfinfo.dll (File found, but it contains no detailed information)
{5574006C-28F5-4a65-A28C-74DE6BFBE0BB} "Haali Matroska Shell Property Page" - ? - C:\WINDOWS\system32\mmfinfo.dll (File found, but it contains no detailed information)
{327669A0-59A7-4be9-B99E-1C9F3A57611A} "Haali Matroska Thumbnail Extractor" - ? - C:\WINDOWS\system32\mmfinfo.dll (File found, but it contains no detailed information)
{FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist" - ? - (File not found | COM-object registry key not found)
{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} "iTunes" - "Apple Inc." - C:\Programme\iTunes\iTunesMiniPlayer.dll
{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} "Kontextmenü für die Verschlüsselung" - ? - (File not found | COM-object registry key not found)
{73B24247-042E-4EF5-ADC2-42F62E6FD654} "MCLiteShellExt Class" - ? - C:\Programme\ICQLite\ICQLiteShell.dll (File not found)
{32683183-48a0-441b-a342-7c2a440a9478} "Media Band" - ? - (File not found | COM-object registry key not found)
{42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Programme\Microsoft Office\Office10\msohev.dll
{1E9B04FB-F9E5-4718-997B-B8DA88302A48} "nView Desktop Context Menu" - "NVIDIA Corporation" - C:\WINDOWS\System32\nvshell.dll
{0006F045-0000-0000-C000-000000000046} "Outlook-Dateisymbolerweiterung" - "Microsoft Corporation" - C:\Programme\Microsoft Office\Office10\OLKFSTUB.DLL
{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} "RealOne Player Context Menu Class" - "RealNetworks, Inc." - c:\program files\real\realplayer\rpshell.dll
{59403EC0-EA55-11d5-954A-9A53884D6E09} "SecureDoc" - "msi" - C:\PROGRA~1\MSI\SECURE~1\SecDoc.dll
{45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\shlext.dll
{E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} "Shell Icon Handler for Application References" - "Microsoft Corporation" - C:\WINDOWS\system32\dfshim.dll
{764BF0E1-F219-11ce-972D-00AA00A14F56} "Shellerweiterungen für die Dateikomprimierung" - ? - (File not found | COM-object registry key not found)
{e82a2d71-5b2f-43a0-97b8-81be15854de8} "ShellLink for Application References" - "Microsoft Corporation" - C:\WINDOWS\system32\dfshim.dll
{BDEADF00-C265-11D0-BCED-00A0C90AB50F} "Webordner" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL
{45670FA8-ED97-4F44-BC93-305082590BFB} "Windows XPS Document Metadata Handler" - "Microsoft Corporation" - C:\WINDOWS\System32\XPSSHHDR.DLL
{44121072-A222-48f2-A58A-6D9AD51EBBE9} "Windows XPS Document Thumbnail Handler" - "Microsoft Corporation" - C:\WINDOWS\System32\XPSSHHDR.DLL
{B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - ? - C:\Programme\WinRAR\rarext.dll (File found, but it contains no detailed information)
{E0D79300-84BE-11CE-9641-444553540000} "WinZip" - ? - C:\PROGRA~1\WinZip\wzshlext.dll
{E0D79301-84BE-11CE-9641-444553540000} "WinZip" - ? - C:\PROGRA~1\WinZip\wzshlext.dll
{E0D79302-84BE-11CE-9641-444553540000} "WinZip" - ? - C:\PROGRA~1\WinZip\wzshlext.dll
{E0D79304-84BE-11CE-9641-444553540000} "WinZip" - "WinZip Computing, Inc." - C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
{E0D79305-84BE-11CE-9641-444553540000} "WinZip" - "WinZip Computing, Inc." - C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
{E0D79306-84BE-11CE-9641-444553540000} "WinZip" - "WinZip Computing, Inc." - C:\PROGRA~1\WINZIP\WZSHLSTB.DLL
{E0D79307-84BE-11CE-9641-444553540000} "WinZip" - "WinZip Computing, Inc." - C:\PROGRA~1\WINZIP\WZSHLSTB.DLL

[Internet Explorer]
-----( HKCU\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars )-----
{32683183-48a0-441b-a342-7c2a440a9478} "{32683183-48a0-441b-a342-7c2a440a9478}" - ? - (File not found | COM-object registry key not found)
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
<binary data> "&Yahoo! Toolbar" - ? - (File not found | COM-object registry key not found)
<binary data> "ICQ Toolbar" - ? - (File not found | COM-object registry key not found)
ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found)
<binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found)
<binary data> "ITBarLayout" - ? - (File not found | COM-object registry key not found)
<binary data> "Winamp Toolbar" - "AOL LLC." - C:\Programme\Winamp Toolbar\winamptb.dll
<binary data> "{2318C2B1-4965-11D4-9B18-009027A5CD4F}" - ? - (File not found | COM-object registry key not found)
<binary data> "{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}" - ? - (File not found | COM-object registry key not found)
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
DirectAnimation Java Classes "DirectAnimation Java Classes" - ? - (File not found | COM-object registry key not found) / file://C:\WINDOWS\Java\classes\dajava.cab
{E55FD215-A32E-43FE-A777-A7E8F165F551} "Flatcast Viewer 4.15" - "1 mal 1 Software GmbH" - C:\WINDOWS\DOWNLO~1\NpFv415.dll / hxxp://www.flatcast.com/de/download/NpFv415.dll
{DC6FEBC5-0A2D-458A-A01B-5DB15EEC4305} "IlosoftImageUploadCtl Class" - ? - C:\WINDOWS\Downloaded Program Files\IlosoftImageUpload.dll / hxxp://webc.krm-audio.com/controls/IlosoftImageUpload.dll
{4E330863-6A11-11D0-BFD8-006097237877} "InstallFromTheWeb ActiveX Control" - "InstallShield Software Corporation" - C:\WINDOWS\Downloaded Program Files\iftw.dll / hxxp://tw.msi.com.tw/autobios/client/iftwclix.cab
{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_18" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_18.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} "Java Plug-in 1.6.0_18" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_18.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_18" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_18.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
Microsoft XML Parser for Java "Microsoft XML Parser for Java" - ? - (File not found | COM-object registry key not found) / file://C:\WINDOWS\Java\classes\xmldso.cab
{B38870E4-7ECB-40DA-8C6A-595F0A5519FF} "MsnMessengerSetupDownloadControl Class" - "Microsoft Corporation" - C:\WINDOWS\Downloaded Program Files\MsnMessengerSetupDownloader.ocx / hxxp://messenger.msn.com/download/msnmessengersetupdownloader.cab
{166B1BCA-3F9C-11CF-8075-444553540000} "Shockwave ActiveX Control" - "Macromedia, Inc." - C:\WINDOWS\system32\Macromed\Director\SwDir.dll / hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
{2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} "Symantec AntiVirus scanner" - "Symantec Corporation" - C:\WINDOWS\Downloaded Program Files\avsniff.dll / hxxp://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
{644E432F-49D3-41A1-8DD5-E099162EEEC5} "Symantec RuFSI Utility Class" - "Symantec Corporation" - C:\WINDOWS\Downloaded Program Files\rufsi.dll / hxxp://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
{67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} "System Requirements Lab Class" - "Husdawg, LLC" - C:\WINDOWS\Downloaded Program Files\sysreqlab2.dll / hxxp://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab
{8167C273-DF59-4416-B647-C8BB2C7EE83E} "WebSDev Control" - "MICRO-STAR INT'L CO., LTD." - C:\PROGRA~2\MSI\MSIWDev\WebSDev.ocx / hxxp://liveupdate.msi.com.tw/autobios/LOnline/install.cab
{40BF816B-D862-41B9-9445-ECA36D5F67F9} "{40BF816B-D862-41B9-9445-ECA36D5F67F9}" - ? - (File not found | COM-object registry key not found) /
{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} "{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}" - ? - (File not found | COM-object registry key not found) /
{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} "{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}" - ? - (File not found | COM-object registry key not found) / hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab
{CT id=e codeBase=hxxp://www.www2.p0rt2.com/files/epl29bf2.cab classid=clsid:33331111-1111-1111-1111-615111193427} "{CT id=e codeBase=hxxp://www.www2.p0rt2.com/files/epl29bf2.cab classid=clsid:33331111-1111-1111-1111-615111193427}" - ? - (File not found | COM-object registry key not found) /
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
{53707962-6F74-2D53-2644-206D7942484F} "ClsidExtension" - "Safer Networking Limited" - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
"ICQ6" - "ICQ, LLC." - C:\Programme\ICQ6.5\ICQ.exe
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )-----
{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} "Winamp Toolbar" - "AOL LLC." - C:\Programme\Winamp Toolbar\winamptb.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\jp2ssv.dll
{E7E6F031-17CE-4C07-BC86-EABFE594F69C} "JQSIEStartDetectorImpl Class" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
{53707962-6F74-2D53-2644-206D7942484F} "Spybot-S&D IE Protection" - "Safer Networking Limited" - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} "Winamp Toolbar Loader" - "AOL LLC." - C:\Programme\Winamp Toolbar\winamptb.dll
{9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live Anmelde-Hilfsprogramm" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

[Logon]
-----( %AllUsersProfile%\Startmenü\Programme\Autostart )-----
"desktop.ini" - ? - C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\desktop.ini
"hp psc 1000 series.lnk" - "Hewlett-Packard Co." - C:\Programme\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe (Shortcut exists | File exists)
"hpoddt01.exe.lnk" - "Hewlett-Packard" - C:\Programme\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe (Shortcut exists | File exists)
"Microsoft Office.lnk" - "Microsoft Corporation" - C:\Programme\Microsoft Office\Office10\OSA.EXE (Shortcut exists | File exists)
-----( %UserProfile%\Startmenü\Programme\Autostart )-----
"desktop.ini" - ? - C:\Dokumente und Einstellungen\Kerim\Startmenü\Programme\Autostart\desktop.ini
"M-Audio Quattro Control Panel Launcher.lnk" - "M-Audio" - C:\Programme\M-Audio USB Quattro\QuatTask.exe (Shortcut exists | File exists)
"OnScreen Manager.lnk" - "EnTech Taiwan" - C:\Programme\softOSD\softOSM.exe (Shortcut exists | File exists)
-----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )-----
"SpybotSD TeaTimer" - "Safer-Networking Ltd." - C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
"TomTomHOME.exe" - "TomTom" - "C:\Programme\TomTom HOME 2\TomTomHOMERunner.exe"
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"Adobe ARM" - "Adobe Systems Incorporated" - "C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe"
"Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"avgnt" - "Avira GmbH" - "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min
"Corel File Shell Monitor" - "Corel, Inc." - C:\Programme\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
"Corel Photo Downloader" - "Corel, Inc." - "C:\Programme\Gemeinsame Dateien\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" -startup
"iTunesHelper" - "Apple Inc." - "C:\Programme\iTunes\iTunesHelper.exe"
"LogitechQuickCamRibbon" - "Logitech Inc." - "C:\Programme\Logitech\Logitech WebCam Software\LWS.exe" /hide
"Microsoft WinUpdates" - ? - serm32.exe (File not found)
"Microsoft-Updates" - ? - svxhost.exe (File not found)
"NeroCheck" - "Ahead Software Gmbh" - C:\WINDOWS\System32\NeroCheck.exe
"NvMediaCenter" - "NVIDIA Corporation" - RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
"PDFPrint" - "Geek Software GmbH" - C:\Programme\pdf24\pdf24.exe
"QuickTime Task" - "Apple Inc." - "C:\Programme\QuickTime\qttask.exe" -atboottime
"SoundMan" - "Realtek Semiconductor Corp." - SOUNDMAN.EXE
"SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe"
"TkBellExe" - "RealNetworks, Inc." - "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx )-----
"Flag" - ? - „ (File not found)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices )-----
"Microsoft WinUpdates" - ? - serm32.exe (File not found)
"Microsoft-Updates" - ? - svxhost.exe (File not found)

[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
".NET Runtime Optimization Service v2.0.50727_X86" (clr_optimization_v2.0.50727_32) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
"Apple Mobile Device" (Apple Mobile Device) - "Apple Inc." - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
"ASP.NET State Service" (aspnet_state) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
"Avira AntiVir Guard" (AntiVirService) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\avguard.exe
"Avira AntiVir Planer" (AntiVirSchedulerService) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\sched.exe
"Bonjour-Dienst" (Bonjour Service) - "Apple Inc." - C:\Programme\Bonjour\mDNSResponder.exe
"DATA BECKER Update Service" (DBService) - "DATA BECKER GmbH & Co KG" - C:\Programme\Gemeinsame Dateien\DATA BECKER Shared\DBService.exe
"EPSON Printer Status Agent2" (EPSONStatusAgent2) - "SEIKO EPSON CORPORATION" - C:\Programme\Gemeinsame Dateien\EPSON\EBAPI\SAgent2.exe
"InstallDriver Table Manager" (IDriverT) - "Macrovision Corporation" - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
"iPod-Dienst" (iPod Service) - "Apple Inc." - C:\Programme\iPod\bin\iPodService.exe
"Java Quick Starter" (JavaQuickStarterService) - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\jqs.exe
"Process Monitor" (LVPrcSrv) - "Logitech Inc." - C:\Programme\Gemeinsame Dateien\LogiShrd\LVMVFM\LVPrcSrv.exe
"Protexis Licensing V2" (PSI_SVC_2) - "Protexis Inc." - C:\Programme\Gemeinsame Dateien\Protexis\License Service\PsiService_2.exe
"Quattro Installer" (QuattroInstallerService) - "M-Audio" - C:\Programme\M-Audio USB Quattro\Install\QuatInst.exe
"Servicio de uso compartido de red del Reproductor de Windows Media" (WMPNetworkSvc) - ? - "C:\Programme\Windows Media Player\WMPNetwk.exe" (File not found)
"softOSD" (softOSD) - "EnTech Taiwan" - C:\Programme\softOSD\softOSD.exe
"TomTomHOMEService" (TomTomHOMEService) - "TomTom" - C:\Programme\TomTom HOME 2\TomTomHOMEService.exe
"Windows CardSpace" (idsvc) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

[Winlogon]
-----( HKCU\Control Panel\IOProcs )-----
"MVB" - ? - mvfs32.dll (File not found)

[Winsock Providers]
-----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )-----
"mdnsNSP" - "Apple Inc." - C:\Programme\Bonjour\mdnsNSP.dll

===[ Logfile end ]=========================================[ Logfile end ]===

If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru


VirusTotal Link:
https://www.virustotal.com/de/analisis/711e2fb8095b458d17c34c6fdbfbff212b1f1e264ddaec72dc7aab552f3b8499-1269982077

cosinus 31.03.2010 08:38
Bitte nun diese Liste beachten und abarbeiten. Beim Scan mit MalwareBytes auch alle externen Speicher (ext. Platten, USB-Sticks, ... mit anklemmen!! )

Falls Du Probleme mit Malwarebytes hast (startet nicht, Updates laden nicht etc.), das hier beachten > http://www.trojaner-board.de/82699-m...tet-nicht.html

Wichtig für Benutzer mit Windows Vista und Windows 7: Bitte alle Tools per Rechtsklick => Als Admin ausführen!

Falls RSIT nicht startet: im Kompatibilitätsmodus ausführen (Rechtsklick auf RSIT.exe, Reiter Kompatibilität) => Windows XP einstellen und ausführen

Die Logfiles kannst Du zB alle in eine Datei zippen und auf File-Upload.net hochladen und hier verlinken, denn 1. sind manche Logfiles fürs Board nämlich zu groß und 2. kann ich mit einem Klick mir gleich alle auf einmal runterladen.


Alle Zeitangaben in WEZ +1. Es ist jetzt 23:13 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19