Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Virus TR\hiolti?

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 01.07.2010, 15:13   #1
Opfergott
 
Virus TR\hiolti? - Icon34

Virus TR\hiolti?



Heyho Liebe Leute,

habe da einige Probleme mit nem virus der komischerweise auf meinem pc is
am anfang kam von avira TR\hiolto + noch irgendwelche zahlen
habs mir abba ned genau gemerkt. dann habe ich alles gelöscht jetz bin ich ned sicha ob es nur befall is odda schon alles infiziert is.
helft mir bitte

MFG ICH


RSIT:RSIT Logfile:
Code:
ATTFilter
Logfile of random's system information tool 1.07 (written by random/random)
Run by ++++ at 2010-07-01 16:07:32
Microsoft Windows XP Professional Service Pack 3
System drive C: has 84 GB (82%) free of 102 GB
Total RAM: 3071 MB (79% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:07:35, on 01.07.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Avira\AntiVir Desktop\sched.exe
C:\Programme\Avira\AntiVir Desktop\avguard.exe
C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
C:\Programme\Avira\AntiVir Desktop\avshadow.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\RUNDLL32.EXE
D:\programme\steam\steam.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\Programme\Mozilla Firefox\plugin-container.exe
C:\Dokumente und Einstellungen\+++\Desktop\RSIT.exe
C:\Programme\trend micro\++++.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [avgnt] "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [nwiz] C:\Programme\NVIDIA Corporation\nView\nwiz.exe /installquiet
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [Steam] "d:\programme\steam\steam.exe" -silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Fiddler2 - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "C:\Programme\Fiddler2\Fiddler.exe" (file missing)
O9 - Extra 'Tools' menuitem: Fiddler2 - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "C:\Programme\Fiddler2\Fiddler.exe" (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\avguard.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
O23 - Service: NBService - Nero AG - C:\Programme\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 5344 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Driver Robot.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Programme\Java\jre6\bin\jp2ssv.dll [2010-04-12 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-04-12 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avgnt"=C:\Programme\Avira\AntiVir Desktop\avgnt.exe [2010-03-02 282792]
"nwiz"=C:\Programme\NVIDIA Corporation\nView\nwiz.exe [2010-06-03 1753192]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-06-07 13902440]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2010-06-07 110696]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"=d:\programme\steam\steam.exe [2010-05-07 1238352]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe [2010-03-24 952768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-04-04 36272]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\amd_dc_opt]
C:\Programme\AMD\Dual-Core Optimizer\amd_dc_opt.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Programme\DAEMON Tools Lite\daemon.exe -autorun []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
C:\PROGRA~1\GEMEIN~1\INSTAL~1\UPDATE~1\isuspm.exe [2004-04-17 196608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe [2004-04-13 69632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Programme\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
C:\WINDOWS\system32\NvMcTray.dll [2010-06-07 110696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
C:\Programme\NVIDIA Corporation\nView\nwiz.exe [2010-06-03 1753192]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Programme\QuickTime\QTTask.exe -atboottime []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoboForm]
C:\Programme\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
C:\WINDOWS\RTHDCPL.EXE [2007-04-10 16126464]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
C:\WINDOWS\SkyTel.EXE [2007-04-04 1822720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe [2010-02-18 248040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive]
C:\Programme\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe /s []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WMPNetworkSvc"=3
"PnkBstrB"=2
"PnkBstrA"=2
"NMIndexingService"=3
"JavaQuickStarterService"=2
"nSvcIp"=2
"idsvc"=3
"Hamachi2Svc"=2
"ose"=3
"IDriverT"=3

C:\Dokumente und Einstellungen\++++\Startmenü\Programme\Autostart
RocketDock.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
TransBar.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0x91000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\Programme\Call of Duty\Call of Duty 4 - Modern Warfare\iw3mp.exe"="D:\Programme\Call of Duty\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) "
"C:\Programme\Steam\steamapps\+++++\team fortress 2\hl2.exe"="C:\Programme\Steam\steamapps\+++++\team fortress 2\hl2.exe:*:Enabled:hl2""C:\Programme\Steam\steamapps\+++++\counter-strike source\hl2.exe"="C:\Programme\Steam\steamapps\4\counter-strike source\hl2.exe:*:Enabled:hl2"
"C:\Programme\ICQ6.5\ICQ.exe"="C:\Programme\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Programme\Steam\steamapps\common\prototype\prototypef.exe"="C:\Programme\Steam\steamapps\common\prototype\prototypef.exe:*:Enabled:Prototype"
"D:\Programme\Steam 2\steam.exe"="D:\Programme\Steam 2\steam.exe:*:Enabled:Steam"
"D:\Programme\Steam2\steamapps\common\prototype\prototypef.exe"="D:\Programme\Steam2\steamapps\common\prototype\prototypef.exe:*:Enabled:Prototype"
"D:\Programme\Farcry 2\Far Cry 2\bin\farcry2.exe"="D:\Programme\Farcry 2\Far Cry 2\bin\farcry2.exe:*:Enabled:Far Cry® 2"
"D:\Programme\Call of Duty\Call of Duty 2\CoD2MP_s.exe"="D:\Programme\Call of Duty\Call of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s"
"C:\Dokumente und Einstellungen\++++\Eigene Dateien\Alles\TF2 Items Generator nur verwenden mit geschlossenen tf2\SteamStats.exe"="C:\Dokumente und Einstellungen\Marzl\Eigene Dateien\Alles\TF2 Items Generator nur verwenden mit geschlossenen tf2\SteamStats.exe:*:Enabled:SteamStats"
"D:\Programme\Diablo II\Game.exe"="D:\Programme\Diablo II\Game.exe:*:Enabled:Diablo II"
"C:\Programme\Garena\Garena.exe"="C:\Programme\Garena\Garena.exe:*:Enabled:Garena"
"C:\Dokumente und Einstellungen\++++\temp\TeamViewer\Version4\TeamViewer.exe"="C:\Dokumente und Einstellungen\Marzl\temp\TeamViewer\Version4\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application"
"D:\Programme\Valve\hltv.exe"="D:\Programme\Valve\hltv.exe:*:Enabled:HLTV Launcher"
"D:\Programme\Valve\hl.exe"="D:\Programme\Valve\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Programme\Steam\steamapps\+++++\source dedicated server\srcds.exe"="C:\Programme\Steam\steamapps\+++++\source dedicated server\srcds.exe:*:Enabled:srcds"
"C:\Programme\Steam\steamapps\++++\source sdk base\hl2.exe"="C:\Programme\Steam\steamapps\+++++\source sdk base\hl2.exe:*:Enabled:hl2"
"C:\Programme\Steam\steamapps\+++++\zombie panic! source\hl2.exe"="C:\Programme\Steam\steamapps\+++++\zombie panic! source\hl2.exe:*:Enabled:hl2"
"C:\Programme\Mumble\murmur.exe"="C:\Programme\Mumble\murmur.exe:*:Enabled:Murmur - Low-latency VoIP server"
"C:\Programme\Steam\steamapps\common\left 4 dead 2 demo\left4dead2.exe"="C:\Programme\Steam\steamapps\common\left 4 dead 2 demo\left4dead2.exe:*:Enabled:left4dead2"
"C:\Programme\Steam\Steam.exe"="C:\Programme\Steam\Steam.exe:*:Enabled:Steam"
"C:\Programme\Steam\steamapps\common\trackmania nations forever\TmForever.exe"="C:\Programme\Steam\steamapps\common\trackmania nations forever\TmForever.exe:*:Enabled:TrackMania Nations Forever"
"C:\Programme\Steam\steamapps\common\trackmania nations forever\TmForeverLauncher.exe"="C:\Programme\Steam\steamapps\common\trackmania nations forever\TmForeverLauncher.exe:*:Enabled:TrackMania Nations Forever"
"C:\Programme\Steam\steamapps\common\unreal tournament 3\Binaries\UT3.exe"="C:\Programme\Steam\steamapps\common\unreal tournament 3\Binaries\UT3.exe:*:Enabled:Unreal Tournament 3"
"C:\Programme\Steam\steamapps\+++++\half-life 2 deathmatch\hl2.exe"="C:\Programme\Steam\steamapps\+++++\half-life 2 deathmatch\hl2.exe:*:Enabled:hl2"
"C:\Programme\Steam\steamapps\common\left 4 dead\left4dead.exe"="C:\Programme\Steam\steamapps\common\left 4 dead\left4dead.exe:*:Enabled:Left 4 Dead"
"D:\Programme\Steam\Steam.exe"="D:\Programme\Steam\Steam.exe:*:Enabled:Steam"
"D:\Programme\Steam\steamapps\common\left 4 dead 2 demo\left4dead2.exe"="D:\Programme\Steam\steamapps\common\left 4 dead 2 demo\left4dead2.exe:*:Enabled:left4dead2"
"D:\Programme\Steam\steamapps\+++++\half-life 2 deathmatch\hl2.exe"="D:\Programme\Steam\steamapps\++++\half-life 2 deathmatch\hl2.exe:*:Enabled:hl2"
"D:\Programme\Steam\steamapps\++++++\team fortress 2\hl2.exe"="D:\Programme\Steam\steamapps\++++\team fortress 2\hl2.exe:*:Enabled:hl2"
"C:\Dokumente und Einstellungen\++++\Eigene Dateien\Alles\SteamStats\SteamStats.exe"="C:\Dokumente und Einstellungen\+++++\Eigene Dateien\Alles\SteamStats\SteamStats.exe:*:Disabled:Drunken F00l's Steam Stats Modifier and Tools"
"C:\Dokumente und Einstellungen\++++\Desktop\SteamStats\SteamStats.exe"="C:\Dokumente und Einstellungen\++++\Desktop\SteamStats\SteamStats.exe:*:Disabled:Drunken F00l's Steam Stats Modifier and Tools"
"C:\Dokumente und Einstellungen\++++\Desktop\Worms Armageddon\Worms Armageddon\WA.exe"="C:\Dokumente und Einstellungen\++++\Desktop\Worms Armageddon\Worms Armageddon\WA.exe:*:Enabled:Worms Armageddon"
"D:\Programme\Worms Armageddon\Worms Armageddon\WA.exe"="D:\Programme\Worms Armageddon\Worms Armageddon\WA.exe:*:Enabled:Worms Armageddon"
"D:\Programme\Call of Duty\Call of Duty Modern Warfare 2\iw4mp.exe"="D:\Programme\Call of Duty\Call of Duty Modern Warfare 2\iw4mp.exe:*:Enabled:iw4mp"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"D:\Programme\Battlefield\Battlefield 1942 Desert Combat\BF1942.exe"="D:\Programme\Battlefield\Battlefield 1942 Desert Combat\BF1942.exe:*:Enabled:BF1942"
"I:\Games\crusader\Stronghold Crusader.exe"="I:\Games\crusader\Stronghold Crusader.exe:*:Enabled:Stronghold Crusader"
"C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"D:\Programme\Serious Sam - The Second Encounter\Bin\SeriousSam.exe"="D:\Programme\Serious Sam - The Second Encounter\Bin\SeriousSam.exe:*:Enabled:SeriousSam"
"D:\Programme\doom3\Doom3.exe"="D:\Programme\doom3\Doom3.exe:*:Disabled:DOOM 3"
"I:\Counter-Strike Source\hl2.exe"="I:\Counter-Strike Source\hl2.exe:*:Enabled:hl2"
"I:\Games\Counter-Strike Source\hl2.exe"="I:\Games\Counter-Strike Source\hl2.exe:*:Enabled:hl2"
"C:\Programme\VideoLAN\VLC\vlc.exe"="C:\Programme\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
"F:\perl\win32\wperl.exe"="F:\perl\win32\wperl.exe:127.0.0.1,LocalSubnet:Enabled:Perl interpreter - part of Stunnix Web Server"
"D:\Programme\Battlefield Bad Company 2\BFBC2BetaUpdater.exe"="D:\Programme\Battlefield Bad Company 2\BFBC2BetaUpdater.exe:*:Enabled:Battlefield Bad Company 2 - BETA"
"I:\Games\Assassin's Creed\AssassinsCreed_Dx9.exe"="I:\Games\Assassin's Creed\AssassinsCreed_Dx9.exe:*:Enabled:Assassin's Creed Dx9"
"I:\Games\Assassin's Creed\AssassinsCreed_Dx10.exe"="I:\Games\Assassin's Creed\AssassinsCreed_Dx10.exe:*:Enabled:Assassin's Creed Dx10"
"I:\Games\Assassin's Creed\AssassinsCreed_Launcher.exe"="I:\Games\Assassin's Creed\AssassinsCreed_Launcher.exe:*:Enabled:Assassin's Creed Update"
"I:\Games\Need for Speed Most Wanted\speed.exe"="I:\Games\Need for Speed Most Wanted\speed.exe:*:Enabled:speed"
"I:\Games\GTA IV\Rockstar Games Social Club\RGSCLauncher.exe"="I:\Games\GTA IV\Rockstar Games Social Club\RGSCLauncher.exe:*:Enabled:Rockstar Games Social Club"
"D:\Programme\Steam\steamapps\common\trackmania nations forever\TmForever.exe"="D:\Programme\Steam\steamapps\common\trackmania nations forever\TmForever.exe:*:Enabled:TrackMania Nations Forever"
"D:\Programme\Steam\steamapps\common\trackmania nations forever\TmForeverLauncher.exe"="D:\Programme\Steam\steamapps\common\trackmania nations forever\TmForeverLauncher.exe:*:Enabled:TrackMania Nations Forever"
"D:\Programme\Steam\steamapps\common\unreal tournament 3\Binaries\UT3.exe"="D:\Programme\Steam\steamapps\common\unreal tournament 3\Binaries\UT3.exe:*:Enabled:Unreal Tournament 3"
"D:\Programme\Steam\steamapps\common\left 4 dead\left4dead.exe"="D:\Programme\Steam\steamapps\common\left 4 dead\left4dead.exe:*:Enabled:Left 4 Dead"
"I:\Games\Serious Sam 2\Bin\Sam2.exe"="I:\Games\Serious Sam 2\Bin\Sam2.exe:*:Enabled:Sam2"
"I:\Games\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe"="I:\Games\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe:*:Enabled:S.T.A.L.K.E.R. - Shadow of Chernobyl (CLI)"
"I:\Games\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe"="I:\Games\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe:*:Enabled:S.T.A.L.K.E.R. - Shadow of Chernobyl (SRV)"
"F:\httpd\httpd-x86-windows\apache.exe"="F:\httpd\httpd-x86-windows\apache.exe:LocalSubNet,127.0.0.1/255.255.255.255:Disabled:Apache web server"
"D:\Programme\Battlefield Bad Company 2\BFBC2Game.exe"="D:\Programme\Battlefield Bad Company 2\BFBC2Game.exe:*:Disabled:EA Battlefield: Bad Company™ 2 - BETA"
"I:\Games\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe"="I:\Games\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe:*:Enabled:Grand Theft Auto IV"
"I:\Games\Rockstar Games\Grand Theft Auto IV\GTAIV.exe"="I:\Games\Rockstar Games\Grand Theft Auto IV\GTAIV.exe:*:Enabled:Grand Theft Auto IV"
"I:\Games\Call of Duty 5\CoDWaWmp.exe"="I:\Games\Call of Duty 5\CoDWaWmp.exe:*:Enabled:Call of Duty(R): World at War Multiplayer"
"I:\Games\Call of Duty 5\CoDWaW.exe"="I:\Games\Call of Duty 5\CoDWaW.exe:*:Enabled:Call of Duty(R): World at War Campaign/Coop"
"D:\Programme\Call of Duty\Call of Duty 5\CoDWaW.exe"="D:\Programme\Call of Duty\Call of Duty 5\CoDWaW.exe:*:Enabled:Call of Duty(R) - World at War(TM) "
"D:\Programme\Call of Duty\Call of Duty 5\CoDWaWmp.exe"="D:\Programme\Call of Duty\Call of Duty 5\CoDWaWmp.exe:*:Enabled:Call of Duty(R) - World at War(TM) "
"I:\Games\Call of Duty Modern Warfare 2\iw4mp.exe"="I:\Games\Call of Duty Modern Warfare 2\iw4mp.exe:*:Enabled:iw4mp"
"I:\Games\Battlefield 2\BF2.exe"="I:\Games\Battlefield 2\BF2.exe:*:Enabled:Battlefield 2"
"D:\Programme\Call of Duty\Call Of Duty World at War\CoDWaW.exe"="D:\Programme\Call of Duty\Call Of Duty World at War\CoDWaW.exe:*:Enabled:Call of Duty(R) - World at War(TM) "
"D:\Programme\Call of Duty\Call Of Duty World at War\CoDWaWmp.exe"="D:\Programme\Call of Duty\Call Of Duty World at War\CoDWaWmp.exe:*:Enabled:Call of Duty(R) - World at War(TM) "
"C:\Programme\Ustream\Ustream Producer\rsrc\Desktop Presenter.exe"="C:\Programme\Ustream\Ustream Producer\rsrc\Desktop Presenter.exe:*:Enabled:Desktop Presenter"
"D:\Programme\Steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe"="D:\Programme\Steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe:*:Enabled:Call of Duty: Modern Warfare 2"
"D:\Programme\Steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe"="D:\Programme\Steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe:*:Enabled:Call of Duty: Modern Warfare 2 - Multiplayer"
"D:\Programme\2K Games\Gearbox Software\Borderlands\Binaries\Borderlands.exe"="D:\Programme\2K Games\Gearbox Software\Borderlands\Binaries\Borderlands.exe:*:Enabled:Borderlands"
"C:\Programme\Java\jre6\bin\javaw.exe"="C:\Programme\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Programme\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe"="C:\Programme\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher"
"D:\Programme\Ubisoft\Assassin's Creed II\AssassinsCreedIIGame.exe"="D:\Programme\Ubisoft\Assassin's Creed II\AssassinsCreedIIGame.exe:*:Enabled:Assassin's Creed II"
"D:\Programme\Ubisoft\Assassin's Creed II\AssassinsCreedII.exe"="D:\Programme\Ubisoft\Assassin's Creed II\AssassinsCreedII.exe:*:Enabled:Assassin's Creed II Update"
"D:\Programme\Ubisoft\Assassin's Creed II\UPlayBrowser.exe"="D:\Programme\Ubisoft\Assassin's Creed II\UPlayBrowser.exe:*:Enabled:Assassin's Creed II Uplay"
"I:\Games\Call of Duty 2\CoD2MP_s.exe"="I:\Games\Call of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s"
"I:\Games\Valve\hl.exe"="I:\Games\Valve\hl.exe:*:Enabled:Half-Life Launcher"
"D:\Programme\Steam\steamapps\common\left 4 dead 2\left4dead2.exe"="D:\Programme\Steam\steamapps\common\left 4 dead 2\left4dead2.exe:*:Enabled:Left 4 Dead 2"
"D:\Programme\Steam\steamapps\+++++\day of defeat source\hl2.exe"="D:\Programme\Steam\steamapps\++++\day of defeat source\hl2.exe:*:Enabled:Day of Defeat: Source"
"D:\Programme\Steam\steamapps\+++++\counter-strike source\hl2.exe"="D:\Programme\Steam\steamapps\++++\counter-strike source\hl2.exe:*:Enabled:Counter-Strike: Source"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"F:\httpd\httpd-x86-windows\apache.exe"="F:\httpd\httpd-x86-windows\apache.exe:127.0.0.1,LocalSubnet:Enabled:Apache web server"
"F:\perl\win32\wperl.exe"="F:\perl\win32\wperl.exe:127.0.0.1,LocalSubnet:Enabled:Perl interpreter - part of Stunnix Web Server"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d048141e-88ce-11de-be1c-002215761750}]
shell\AutoRun\command - F:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d0481420-88ce-11de-be1c-002215761750}]
shell\AutoRun\command - F:\pushinst.exe


======List of files/folders created in the last 1 months======

2010-06-30 15:55:45 ----D---- C:\WINDOWS\CSC
2010-06-30 15:55:38 ----A---- C:\WINDOWS\ntbtlog.txt
2010-06-29 20:43:42 ----D---- C:\rsit
2010-06-27 09:37:21 ----SHD---- C:\Config.Msi
2010-06-21 18:09:10 ----D---- C:\Dokumente und Einstellungen\+++++\Anwendungsdaten\fltk.org
2010-06-21 17:56:05 ----D---- C:\Dokumente und Einstellungen\+++++\Anwendungsdaten\flightgear.org
2010-06-11 15:02:51 ----HDC---- C:\WINDOWS\$NtUninstallKB980218$
2010-06-11 15:02:47 ----HDC---- C:\WINDOWS\$NtUninstallKB980195$
2010-06-11 15:02:43 ----HDC---- C:\WINDOWS\$NtUninstallKB979559$
2010-06-11 15:00:30 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$
2010-06-11 15:00:27 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$
2010-06-11 15:00:20 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$
2010-06-07 17:35:38 ----A---- C:\WINDOWS\system32\nvwddi.dll
2010-06-07 17:35:30 ----A---- C:\WINDOWS\system32\nvrsth.dll
2010-06-07 17:35:30 ----A---- C:\WINDOWS\system32\nvrseng.dll
2010-06-07 17:35:28 ----A---- C:\WINDOWS\system32\nvrszht.dll
2010-06-07 17:35:28 ----A---- C:\WINDOWS\system32\nvrsnl.dll
2010-06-07 17:35:28 ----A---- C:\WINDOWS\system32\nvrshe.dll
2010-06-07 17:35:28 ----A---- C:\WINDOWS\system32\nvrsfi.dll
2010-06-07 17:35:28 ----A---- C:\WINDOWS\system32\nvrsesm.dll
2010-06-07 17:35:28 ----A---- C:\WINDOWS\system32\nvrsel.dll
2010-06-07 17:35:28 ----A---- C:\WINDOWS\system32\nvrsda.dll
2010-06-07 17:35:26 ----A---- C:\WINDOWS\system32\nvrszhc.dll
2010-06-07 17:35:26 ----A---- C:\WINDOWS\system32\nvrstr.dll
2010-06-07 17:35:26 ----A---- C:\WINDOWS\system32\nvrssv.dll
2010-06-07 17:35:26 ----A---- C:\WINDOWS\system32\nvrssl.dll
2010-06-07 17:35:26 ----A---- C:\WINDOWS\system32\nvrssk.dll
2010-06-07 17:35:26 ----A---- C:\WINDOWS\system32\nvrsru.dll
2010-06-07 17:35:26 ----A---- C:\WINDOWS\system32\nvrsptb.dll
2010-06-07 17:35:26 ----A---- C:\WINDOWS\system32\nvrspt.dll
2010-06-07 17:35:26 ----A---- C:\WINDOWS\system32\nvrspl.dll
2010-06-07 17:35:26 ----A---- C:\WINDOWS\system32\nvrsno.dll
2010-06-07 17:35:26 ----A---- C:\WINDOWS\system32\nvrsko.dll
2010-06-07 17:35:26 ----A---- C:\WINDOWS\system32\nvrsja.dll
2010-06-07 17:35:26 ----A---- C:\WINDOWS\system32\nvrsit.dll
2010-06-07 17:35:26 ----A---- C:\WINDOWS\system32\nvrshu.dll
2010-06-07 17:35:26 ----A---- C:\WINDOWS\system32\nvrsfr.dll
2010-06-07 17:35:26 ----A---- C:\WINDOWS\system32\nvrses.dll
2010-06-07 17:35:26 ----A---- C:\WINDOWS\system32\nvrsde.dll
2010-06-07 17:35:26 ----A---- C:\WINDOWS\system32\nvrscs.dll
2010-06-07 17:35:26 ----A---- C:\WINDOWS\system32\nvrsar.dll
2010-06-07 17:35:24 ----A---- C:\WINDOWS\system32\nvmctray.dll
2010-06-07 17:35:24 ----A---- C:\WINDOWS\system32\nvmccs.dll
2010-06-07 17:35:22 ----A---- C:\WINDOWS\system32\nvsvc32.exe
2010-06-07 17:35:22 ----A---- C:\WINDOWS\system32\nvcpl.dll
2010-06-07 17:35:22 ----A---- C:\WINDOWS\system32\nvcolor.exe

======List of files/folders modified in the last 1 months======

2010-07-01 16:07:34 ----D---- C:\Programme\Trend Micro
2010-07-01 15:59:53 ----D---- C:\WINDOWS\Prefetch
2010-07-01 15:53:23 ----D---- C:\WINDOWS\Temp
2010-07-01 15:51:46 ----D---- C:\WINDOWS\system32\CatRoot2
2010-06-30 20:35:35 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-06-30 17:27:34 ----D---- C:\WINDOWS\system32\NtmsData
2010-06-30 17:26:55 ----SHD---- C:\System Volume Information
2010-06-30 17:26:49 ----D---- C:\WINDOWS\Registration
2010-06-30 17:12:48 ----D---- C:\WINDOWS\system32
2010-06-30 15:55:45 ----D---- C:\WINDOWS
2010-06-30 15:38:34 ----D---- C:\Dokumente und Einstellungen\+++++\Anwendungsdaten\vlc
2010-06-30 14:22:51 ----D---- C:\Dokumente und Einstellungen
2010-06-30 06:13:36 ----RD---- C:\WINDOWS\Web
2010-06-30 06:13:36 ----D---- C:\WINDOWS\system32\drivers
2010-06-29 20:27:03 ----D---- C:\WINDOWS\Minidump
2010-06-27 17:21:55 ----D---- C:\Programme\Mozilla Firefox
2010-06-27 12:32:30 ----D---- C:\WINDOWS\Microsoft.NET
2010-06-27 12:32:29 ----RSD---- C:\WINDOWS\assembly
2010-06-27 09:51:08 ----RSH---- C:\boot.ini
2010-06-27 09:51:08 ----A---- C:\WINDOWS\win.ini
2010-06-27 09:51:08 ----A---- C:\WINDOWS\system.ini
2010-06-27 09:45:28 ----SHD---- C:\WINDOWS\Installer
2010-06-27 09:45:04 ----RD---- C:\Programme
2010-06-27 09:40:45 ----D---- C:\Programme\Microsoft Visual Studio 10.0
2010-06-24 17:04:40 ----A---- C:\WINDOWS\NeroDigital.ini
2010-06-24 14:18:27 ----D---- C:\Programme\ICQ6.5
2010-06-23 15:33:47 ----D---- C:\Programme\Cheat Engine
2010-06-22 15:58:48 ----A---- C:\WINDOWS\ODBC.INI
2010-06-21 17:56:02 ----D---- C:\WINDOWS\WinSxS
2010-06-20 14:33:26 ----D---- C:\WINDOWS\Help
2010-06-20 14:32:29 ----D---- C:\Programme\NVIDIA Corporation
2010-06-20 14:31:56 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-06-20 14:31:54 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-06-20 14:31:43 ----HD---- C:\WINDOWS\inf
2010-06-19 09:26:48 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-06-11 15:02:50 ----A---- C:\WINDOWS\imsins.BAK
2010-06-11 15:02:47 ----HD---- C:\WINDOWS\$hf_mig$
2010-06-11 15:02:37 ----D---- C:\Programme\Internet Explorer
2010-06-11 15:02:29 ----D---- C:\WINDOWS\ie8updates
2010-06-10 19:17:10 ----D---- C:\Programme\Garena
2010-06-08 01:57:00 ----A---- C:\WINDOWS\system32\OpenCL.dll
2010-06-08 01:57:00 ----A---- C:\WINDOWS\system32\nvudisp.exe
2010-06-08 01:57:00 ----A---- C:\WINDOWS\system32\nvoglnt.dll
2010-06-08 01:57:00 ----A---- C:\WINDOWS\system32\nvcuvid.dll
2010-06-08 01:57:00 ----A---- C:\WINDOWS\system32\nvcuvenc.dll
2010-06-08 01:57:00 ----A---- C:\WINDOWS\system32\nvcuda.dll
2010-06-08 01:57:00 ----A---- C:\WINDOWS\system32\nvcompiler.dll
2010-06-08 01:57:00 ----A---- C:\WINDOWS\system32\nvcodins.dll
2010-06-08 01:57:00 ----A---- C:\WINDOWS\system32\nvcod.dll
2010-06-08 01:57:00 ----A---- C:\WINDOWS\system32\nvapi.dll
2010-06-08 01:57:00 ----A---- C:\WINDOWS\system32\nv4_disp.dll
2010-06-03 18:17:49 ----D---- C:\WINDOWS\system32\wbem
2010-06-03 18:17:47 ----SD---- C:\Dokumente und Einstellungen\++++\Anwendungsdaten\Microsoft
2010-06-03 16:09:25 ----D---- C:\WINDOWS\system32\Restore
2010-06-03 02:52:43 ----D---- C:\Programme\Gemeinsame Dateien

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK8;AMD-Prozessortreiber; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43520]
R1 avgio;avgio; \??\C:\Programme\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2010-03-01 124784]
R1 kbdhid;Tastatur-HID-Treiber; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2008-04-14 14720]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R1 WmiAcpi;Microsoft Windows-Verwaltungsschnittstelle für ACPI; C:\WINDOWS\System32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS-Dienstanbieter-Unterstützungsumgebung; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-08-18 12032]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2010-02-16 60936]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Microsoft HID Class-Treiber; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-04-10 4397568]
R3 mouhid;Maus-HID-Treiber; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-18 12288]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-11 5810]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-06-08 10531200]
R3 NVENETFD;NVIDIA nForce 10/100/1000 Mbps Ethernet ; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2008-08-01 54784]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2008-08-01 22016]
R3 usbccgp;Microsoft Standard-USB-Haupttreiber; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Miniporttreiber für erweiterten Microsoft USB 2.0-Hostcontroller; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Microsoft USB-Standardhubtreiber; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Miniporttreiber für Microsoft USB Open Host-Controller; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 VCSVADHWSer;Avnex Virtual Audio Device (WDM); C:\WINDOWS\system32\DRIVERS\vcsvad.sys [2008-12-10 17792]
S2 adfs;adfs; C:\WINDOWS\system32\drivers\adfs.sys []
S3 a6c6v1oy;a6c6v1oy; C:\WINDOWS\system32\drivers\a6c6v1oy.sys []
S3 AmdLLD;AMD Low Level Device Driver; C:\WINDOWS\system32\DRIVERS\AmdLLD.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-07-09 16384]
S3 EagleNT;EagleNT; \??\C:\DOKUME~1\Marzl\LOKALE~1\Temp\EagleNT.sys []
S3 FWLANUSB;AVM FRITZ!WLAN; C:\WINDOWS\system32\DRIVERS\fwlanusb.sys [2006-07-31 264704]
S3 GarenaPEngine;GarenaPEngine; \??\C:\DOKUME~1\Marzl\LOKALE~1\Temp\AEG57.tmp []
S3 ggsemc;SEMC USB Flash Driver; C:\WINDOWS\system32\DRIVERS\ggsemc.sys [2006-09-28 11648]
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-09-23 26176]
S3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver; C:\WINDOWS\system32\DRIVERS\ManyCam.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2002-12-12 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-07-09 83968]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-07-09 10112]
S3 PnkBstrK;PnkBstrK; \??\C:\WINDOWS\system32\drivers\PnkBstrK.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-07-09 10880]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-07-09 14976]
S3 USBSTOR;USB-Massenspeichertreiber; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys [2009-05-23 29696]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-07-09 18688]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirSchedulerService;Avira AntiVir Planer; C:\Programme\Avira\AntiVir Desktop\sched.exe [2010-02-24 135336]
R2 AntiVirService;Avira AntiVir Guard; C:\Programme\Avira\AntiVir Desktop\avguard.exe [2010-04-20 267432]
R2 ForceWare Intelligent Application Manager (IAM);ForceWare Intelligent Application Manager (IAM); C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [2008-09-08 450560]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-06-07 154728]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 aspnet_state;ASP.NET-Zustandsdienst; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 NBService;NBService; C:\Programme\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 IDriverT;InstallDriver Table Manager; C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S4 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S4 JavaQuickStarterService;Java Quick Starter; C:\Programme\Java\jre6\bin\jqs.exe [2010-04-12 153376]
S4 NetTcpPortSharing;Net.Tcp-Portfreigabedienst; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 NMIndexingService;NMIndexingService; C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S4 nSvcIp;ForceWare IP service; C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [2008-09-08 184320]
S4 ose;Office Source Engine; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S4 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2010-05-01 75064]
S4 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2010-05-03 215152]
S4 WMPNetworkSvc;Windows Media Player-Netzwerkfreigabedienst; C:\Programme\Windows Media Player\WMPNetwk.exe [2006-11-03 920576]

-----------------EOF-----------------
         
--- --- ---
Maleware:
hxxp://nopaste.info/e20a1f27e6.html

Geändert von Opfergott (01.07.2010 um 15:24 Uhr) Grund: namen geändert

Alt 01.07.2010, 16:55   #2
Opfergott
 
Virus TR\hiolti? - Standard

Virus TR\hiolti?



und wenn ich hier falsch bin mit dem thread dann bitte ich darum dass es ins richtige forum verschoben wird (
__________________


Antwort

Themen zu Virus TR\hiolti?
anfang, antivir, antivir guard, avgntflt.sys, avira, bho, browser, browseui preloader, call of duty, converter, counter-strike source, desktop, device driver, einstellungen, excel, firefox, fontcache, grand theft auto, hijack, hijackthis, hkus\s-1-5-18, internet, internet explorer, jusched.exe, most wanted, mozilla, need for speed, plug-in, realtek, registry, remote control, rundll, server, software, studio, system, virus, vista, visual studio, vlc media player, windows, windows xp, world at war




Zum Thema Virus TR\hiolti? - Heyho Liebe Leute, habe da einige Probleme mit nem virus der komischerweise auf meinem pc is am anfang kam von avira TR\hiolto + noch irgendwelche zahlen habs mir abba ned - Virus TR\hiolti?...
Archiv
Du betrachtest: Virus TR\hiolti? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.