| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: antimalware doctorWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
18.09.2010, 12:46
| #1 |
| |  antimalware doctor Hey alle zusammen  ich habe seit gestern ein problem mit antimalware doctor-.- ich habe soweit alles gemacht aber es bleibt beim start immer noch etwas übrig leider (screens kommen gleich nach) edit:  ich benutze die rkill.com datei und habe auch schon mehrere scanns mit Malwarebytes hinter mir (Bs: xp sp3) RSIT Logfile: Code:
ATTFilter Logfile of random's system information tool 1.08 (written by random/random) Run by xxx at 2010-09-17 13:39:57 Microsoft Windows XP Professional Service Pack 3 System drive C: has 60 GB (20%) free of 300 GB Total RAM: 3327 MB (78% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 13:40:01, on 17.09.2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Programme\AVG\AVG9\avgchsvx.exe C:\Programme\AVG\AVG9\avgrsx.exe C:\Programme\AVG\AVG9\avgcsrvx.exe C:\WINDOWS\System32\svchost.exe C:\Programme\AVG\AVG9\avgwdsvc.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\svchost.exe C:\PROGRA~1\AVG\AVG9\avgtray.exe C:\WINDOWS\system32\ctfmon.exe C:\Programme\Logitech\SetPoint\SetPoint.exe C:\Programme\Gemeinsame Dateien\Logishrd\KHAL2\KHALMNPR.EXE C:\Programme\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe C:\Programme\AVG\AVG9\avgnsx.exe C:\Programme\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe C:\WINDOWS\explorer.exe C:\Programme\Mozilla Firefox\firefox.exe C:\Programme\Mozilla Firefox\plugin-container.exe C:\WINDOWS\System32\svchost.exe C:\Dokumente und Einstellungen\xxx\Desktop\RSIT.exe C:\Programme\trend micro\xxx.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2567732 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R3 - URLSearchHook: (no name) - - (no file) R3 - URLSearchHook: Messenger Plus Live Germany Toolbar - {542e4d79-1970-4e95-9862-fdb96f61b280} - C:\Programme\Messenger_Plus_Live_Germany\tbMes1.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Messenger Plus Live Germany Toolbar - {542e4d79-1970-4e95-9862-fdb96f61b280} - C:\Programme\Messenger_Plus_Live_Germany\tbMes1.dll O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: (no name) - {ecdee021-0d17-467f-a1ff-c7a115230949} - (no file) O3 - Toolbar: Messenger Plus Live Germany Toolbar - {542e4d79-1970-4e95-9862-fdb96f61b280} - C:\Programme\Messenger_Plus_Live_Germany\tbMes1.dll O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe O4 - HKLM\..\RunOnce: [*upd_debug.exe] "C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\9B687DFC107C936FADDA2E3C2532432E\upd_debug.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [handlerfix70700en00.exe] C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\9B687DFC107C936FADDA2E3C2532432E\handlerfix70700en00.exe O4 - HKCU\..\Run: [PCFix] C:\Programme\PCFix\PCFix.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST') O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'LOKALER DIENST') O4 - HKUS\S-1-5-19\..\RunOnce: [*upd_debug.exe] "C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\9B687DFC107C936FADDA2E3C2532432E\upd_debug.exe" (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user') O4 - Global Startup: Logitech SetPoint.lnk = C:\Programme\Logitech\SetPoint\SetPoint.exe O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe (file missing) O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe (file missing) O16 - DPF: CabBuilder - hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - hxxp://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/de/uno1/GAME_UNO1.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1256376323234 O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - hxxp://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{D229D5C1-4777-4646-B7C6-5852E7FEE61C}: NameServer = 192.168.178.1 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programme\AVG\AVG9\avgpp.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing) O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Programme\AVG\AVG9\avgwdsvc.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Programme\Google\Update\GoogleUpdate.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Programme\Gemeinsame Dateien\Logishrd\Bluetooth\LBTServ.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Programme\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe -- End of file - 8654 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{542e4d79-1970-4e95-9862-fdb96f61b280}] Messenger Plus Live Germany Toolbar - C:\Programme\Messenger_Plus_Live_Germany\tbMes1.dll [2010-08-08 2734688] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live Anmelde-Hilfsprogramm - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Programme\Java\jre6\bin\jp2ssv.dll [2010-02-19 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-02-19 79648] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {ecdee021-0d17-467f-a1ff-c7a115230949} {542e4d79-1970-4e95-9862-fdb96f61b280} - Messenger Plus Live Germany Toolbar - C:\Programme\Messenger_Plus_Live_Germany\tbMes1.dll [2010-08-08 2734688] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632] "AVG9_TRAY"=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2010-07-16 2065760] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce] "*upd_debug.exe"=C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\9B687DFC107C936FADDA2E3C2532432E\upd_debug.exe [2010-09-16 155136] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] "handlerfix70700en00.exe"=C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\9B687DFC107C936FADDA2E3C2532432E\handlerfix70700en00.exe [2005-02-24 1055744] "PCFix"=C:\Programme\PCFix\PCFix.exe [] C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart Logitech SetPoint.lnk - C:\Programme\Logitech\SetPoint\SetPoint.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] C:\WINDOWS\system32\Ati2evxx.dll [2008-12-01 143360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter] C:\WINDOWS\system32\avgrsstx.dll [2010-07-16 12536] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn] c:\programme\gemeinsame dateien\logishrd\bluetooth\LBTWlgn.dll [2008-05-02 72208] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2007-10-09 133632] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=157 "NoUserNameInStartMenu"=1 "StartMenuLogOff"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Programme\Skype\Plugin Manager\skypePM.exe"="C:\Programme\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager" "C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook" "C:\Programme\Microsoft Office\Office12\GROOVE.EXE"="C:\Programme\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove" "C:\Programme\Microsoft Office\Office12\ONENOTE.EXE"="C:\Programme\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote" "C:\Programme\AVG\AVG9\avgupd.exe"="C:\Programme\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe" "C:\Programme\AVG\AVG9\avgnsx.exe"="C:\Programme\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe" "C:\Programme\LogMeIn Hamachi\hamachi-2-ui.exe"="C:\Programme\LogMeIn Hamachi\hamachi-2-ui.exe:*:Enabled:LogMeIn Hamachi" "C:\Programme\Java\jre6\bin\java.exe"="C:\Programme\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary" "C:\Programme\FlashFXP\FlashFXP.exe"="C:\Programme\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3" "C:\Programme\Internet Explorer\iexplore.exe"="C:\Programme\Internet Explorer\iexplore.exe:*:Disabled:Internet Explorer" "C:\Programme\Opera\opera.exe"="C:\Programme\Opera\opera.exe:*:Enabled:Opera Internet Browser" "C:\Programme\IVT Corporation\BlueSoleil\BlueSoleil.exe"="C:\Programme\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil" "C:\Programme\Intuwave\Shared\mRouterRuntime\mRouterRuntime.exe"="C:\Programme\Intuwave\Shared\mRouterRuntime\mRouterRuntime.exe:*:Enabled:mRouterRuntime Module" "C:\Programme\Sony Ericsson\Update Service\Update Service.exe"="C:\Programme\Sony Ericsson\Update Service\Update Service.exe:*:Enabled:Update Service" "C:\Programme\Java\jre6\bin\javaw.exe"="C:\Programme\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary" "C:\Programme\Left 4 Dead\left4dead.exe"="C:\Programme\Left 4 Dead\left4dead.exe:*:Enabled:left4dead" "C:\Programme\Garena\Garena.exe"="C:\Programme\Garena\Garena.exe:*:Enabled:Garena" "C:\Programme\Left 4 Dead\srcds.exe"="C:\Programme\Left 4 Dead\srcds.exe:*:Enabled:srcds" "C:\Programme\2K Games\BioShock 2\SP\Builds\Binaries\Bioshock2.exe"="C:\Programme\2K Games\BioShock 2\SP\Builds\Binaries\Bioshock2.exe:*:Enabled:BioShock 2" "C:\Programme\2K Games\BioShock 2\MP\Builds\Binaries\Bioshock2.exe"="C:\Programme\2K Games\BioShock 2\MP\Builds\Binaries\Bioshock2.exe:*:Enabled:BioShock 2 Multiplayer" "D:\Crack\Dead Space.exe"="D:\Crack\Dead Space.exe:*:Enabled:Dead Space ™" "C:\Programme\Electronic Arts\Dead Space\Dead Space.exe"="C:\Programme\Electronic Arts\Dead Space\Dead Space.exe:*:Enabled:Dead Space ™" "C:\Programme\Left 4 Dead 2\left4dead2.exe"="C:\Programme\Left 4 Dead 2\left4dead2.exe:*:Enabled:left4dead2" "F:\Call Of Duty Modern Warfare 2\iw4mp.exe"="F:\Call Of Duty Modern Warfare 2\iw4mp.exe:*:Enabled:iw4mp" "H:\Left4Dead\Left4Dead\left4dead.exe"="H:\Left4Dead\Left4Dead\left4dead.exe:*:Enabled:left4dead" "H:\Left4Dead\left4dead.exe"="H:\Left4Dead\left4dead.exe:*:Enabled:left4dead" "F:\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe"="F:\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe:*:Enabled:Battlefield: Bad Company™ 2" "C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA" "C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB" "F:\Mass Effect 2\Binaries\MassEffect2.exe"="F:\Mass Effect 2\Binaries\MassEffect2.exe:*:Enabled:Mass Effect 2 -Spiel" "F:\Mass Effect 2\MassEffect2Launcher.exe"="F:\Mass Effect 2\MassEffect2Launcher.exe:*:Enabled:Mass Effect 2 -Launcher" "C:\Programme\AutoIt3\Aut2Exe\Aut2exe.exe"="C:\Programme\AutoIt3\Aut2Exe\Aut2exe.exe:*:Enabled:Compile Script to .exe" "C:\Programme\AutoIt3\SciTE\SciTE.exe"="C:\Programme\AutoIt3\SciTE\SciTE.exe:*:Enabled:SciTE Script Editor" "C:\Programme\AutoIt3\Au3Info.exe"="C:\Programme\AutoIt3\Au3Info.exe:*:Enabled:AutoIt Window Info" "C:\Programme\AutoIt3\AutoIt3.exe"="C:\Programme\AutoIt3\AutoIt3.exe:*:Enabled:Run Script" "C:\Programme\BÄÄM\update.exe"="C:\Programme\BÄÄM\update.exe:*:Enabled:update.exe" "C:\Programme\BÄÄM\BÄÄMe.exe"="C:\Programme\BÄÄM\BÄÄMe.exe:*:Enabled:BÄÄMe.exe" "C:\Programme\BÄÄM\BÄÄM.exe"="C:\Programme\BÄÄM\BÄÄM.exe:*:Enabled:BÄÄM.exe" "C:\Programme\BÄÄM\sich\02.06.2010_14-29-37\update.exe"="C:\Programme\BÄÄM\sich\02.06.2010_14-29-37\update.exe:*:Enabled:update.exe" "C:\Programme\Counter-Strike\hl.exe"="C:\Programme\Counter-Strike\hl.exe:*:Enabled:Half-Life Launcher" "C:\WINDOWS\system32\java.exe"="C:\WINDOWS\system32\java.exe:*:Enabled:Java(TM) Platform SE binary" "C:\Programme\ICQ7.2\ICQ.exe"="C:\Programme\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2" "C:\Programme\ICQ7.2\aolload.exe"="C:\Programme\ICQ7.2\aolload.exe:*:Enabled:aolload.exe" "C:\Programme\TeamViewer\Version5\TeamViewer.exe"="C:\Programme\TeamViewer\Version5\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application" "F:\Programme\Microsoft Games\Age of Empires III\age3x.exe"="F:\Programme\Microsoft Games\Age of Empires III\age3x.exe:*:Enabled:Age of Empires III - The WarChiefs" "F:\Programme\Microsoft Games\Age of Empires III\age3y.exe"="F:\Programme\Microsoft Games\Age of Empires III\age3y.exe:*:Enabled:Age of Empires III - The Asian Dynasties" "C:\Programme\Skype\Phone\Skype.exe"="C:\Programme\Skype\Phone\Skype.exe:*:Enabled:Skype" "C:\Programme\ICQ6.5\ICQ.exe"="C:\Programme\ICQ6.5\ICQ.exe:*:Enabled:ICQ" "C:\Programme\Windows Live\Messenger\msnmsgr.exe"="C:\Programme\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Programme\FlashFXP\FlashFXP.exe"="C:\Programme\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3" "C:\Programme\ICQ7.0\ICQ.exe"="C:\Programme\ICQ7.0\ICQ.exe:*:Enabled:ICQ7" "C:\Programme\ICQ7.0\aolload.exe"="C:\Programme\ICQ7.0\aolload.exe:*:Enabled:aolload.exe" "C:\Programme\ICQ7.2\ICQ.exe"="C:\Programme\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2" "C:\Programme\ICQ7.2\aolload.exe"="C:\Programme\ICQ7.2\aolload.exe:*:Enabled:aolload.exe" "C:\Programme\Windows Live\Messenger\msnmsgr.exe"="C:\Programme\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options] "Debugger=""C:\Programme\TuneUp Utilities 2011\TUAutoReactivator32.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options] "Debugger=""C:\Programme\TuneUp Utilities 2011\TUAutoReactivator32.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options] "Debugger=""C:\Programme\TuneUp Utilities 2011\TUAutoReactivator32.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options] "Debugger=""C:\Programme\TuneUp Utilities 2011\TUAutoReactivator32.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options] "Debugger=""C:\Programme\TuneUp Utilities 2011\TUAutoReactivator32.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options] "Debugger=""C:\Programme\TuneUp Utilities 2011\TUAutoReactivator32.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options] "Debugger=""C:\Programme\TuneUp Utilities 2011\TUAutoReactivator32.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options] "Debugger=""C:\Programme\TuneUp Utilities 2011\TUAutoReactivator32.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options] "Debugger=""C:\Programme\TuneUp Utilities 2011\TUAutoReactivator32.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options] "Debugger=""C:\Programme\TuneUp Utilities 2011\TUAutoReactivator32.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options] "Debugger=""C:\Programme\TuneUp Utilities 2011\TUAutoReactivator32.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options] "Debugger=""C:\Programme\TuneUp Utilities 2011\TUAutoReactivator32.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options] "Debugger=""C:\Programme\TuneUp Utilities 2011\TUAutoReactivator32.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options] "Debugger=""C:\Programme\TuneUp Utilities 2011\TUAutoReactivator32.exe" ======List of files/folders created in the last 1 months====== 2010-09-17 13:05:26 ----D---- C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\PCFix 2010-09-17 13:03:45 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Tools 2010-09-17 13:01:44 ----D---- C:\Programme\trend micro 2010-09-17 13:01:43 ----D---- C:\rsit 2010-09-17 12:56:52 ----D---- C:\Programme\CCleaner 2010-09-17 12:04:56 ----A---- C:\WINDOWS\system32\EuEpmGdi.dll 2010-09-17 12:04:55 ----A---- C:\WINDOWS\system32\setupempdrv03.exe 2010-09-17 12:04:55 ----A---- C:\WINDOWS\system32\EuGdiDrv.sys 2010-09-17 12:04:55 ----A---- C:\WINDOWS\system32\epmntdrv.sys 2010-09-17 12:04:55 ----A---- C:\WINDOWS\system32\BootMan.exe 2010-09-17 12:04:39 ----D---- C:\Programme\EASEUS 2010-09-16 22:14:45 ----D---- C:\Programme\Enigma Software Group 2010-09-16 22:14:22 ----D---- C:\WINDOWS\95431C66CF9A4913BFFF6050785AFB65.TMP 2010-09-16 14:19:58 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys 2010-09-16 14:19:57 ----D---- C:\Programme\Malwarebytes' Anti-Malware 2010-09-16 14:19:57 ----A---- C:\WINDOWS\system32\drivers\mbam.sys 2010-09-15 16:06:48 ----HDC---- C:\WINDOWS\$NtUninstallKB2259922$ 2010-09-15 16:06:44 ----HDC---- C:\WINDOWS\$NtUninstallKB975558_WM8$ 2010-09-15 16:06:13 ----HDC---- C:\WINDOWS\$NtUninstallKB2347290$ 2010-09-15 16:06:07 ----HDC---- C:\WINDOWS\$NtUninstallKB2121546$ 2010-09-15 16:06:00 ----HDC---- C:\WINDOWS\$NtUninstallKB982802$ 2010-09-15 16:05:19 ----HDC---- C:\WINDOWS\$NtUninstallKB981322$ 2010-09-15 16:01:41 ----HDC---- C:\WINDOWS\$NtUninstallKB2141007$ 2010-09-14 16:16:43 ----D---- C:\Programme\Windows Live SkyDrive 2010-09-13 19:43:34 ----D---- C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Dev-Cpp 2010-09-13 19:43:09 ----D---- C:\Programme\Dev-Cpp 2010-09-12 18:43:16 ----D---- C:\Programme\Eternia Games 2010-09-08 21:07:10 ----A---- C:\WINDOWS\system32\TURegOpt.exe 2010-09-08 21:07:09 ----A---- C:\WINDOWS\system32\uxtuneup.dll 2010-09-08 21:06:38 ----D---- C:\Programme\TuneUp Utilities 2011 2010-09-08 21:05:26 ----SHD---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16} 2010-09-07 15:49:37 ----A---- C:\CPU-DATA.INI 2010-08-27 16:15:27 ----D---- C:\Programme\Neffy 2010-08-25 00:11:03 ----D---- C:\WINDOWS\uninstall 2010-08-25 00:11:03 ----D---- C:\Programme\Wecker 2.2 2010-08-22 21:19:51 ----D---- C:\Programme\Oracle 2010-08-20 03:20:20 ----D---- C:\Programme\Microsoft Games ======List of files/folders modified in the last 1 months====== 2010-09-17 13:23:26 ----D---- C:\WINDOWS\Temp 2010-09-17 13:18:08 ----D---- C:\WINDOWS\Prefetch 2010-09-17 13:14:01 ----D---- C:\Programme\Gemeinsame Dateien\Akamai 2010-09-17 13:13:50 ----D---- C:\WINDOWS 2010-09-17 13:12:28 ----A---- C:\WINDOWS\SchedLgU.Txt 2010-09-17 13:09:05 ----D---- C:\Programme 2010-09-17 13:02:00 ----D---- C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\ICQ 2010-09-17 12:58:32 ----D---- C:\WINDOWS\Debug 2010-09-17 12:31:17 ----D---- C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\vlc 2010-09-17 12:30:44 ----D---- C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\dvdcss 2010-09-17 11:15:21 ----D---- C:\WINDOWS\system32\drivers\Avg 2010-09-17 09:09:36 ----D---- C:\Programme\Mozilla Firefox 2010-09-16 22:37:35 ----SHD---- C:\WINDOWS\Installer 2010-09-16 22:17:07 ----D---- C:\WINDOWS\system32\CatRoot2 2010-09-16 22:14:21 ----D---- C:\Programme\Gemeinsame Dateien\Wise Installation Wizard 2010-09-16 22:05:42 ----D---- C:\WINDOWS\system32\drivers 2010-09-16 20:40:18 ----D---- C:\WINDOWS\system32 2010-09-16 20:40:17 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2010-09-16 20:38:08 ----HDC---- C:\WINDOWS\$NtUninstallKB981997$ 2010-09-16 20:38:08 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$ 2010-09-16 20:33:12 ----D---- C:\Programme\Garena 2010-09-16 13:10:24 ----D---- C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\9B687DFC107C936FADDA2E3C2532432E 2010-09-15 16:06:51 ----HD---- C:\WINDOWS\inf 2010-09-15 16:06:48 ----HD---- C:\WINDOWS\$hf_mig$ 2010-09-15 16:06:46 ----D---- C:\WINDOWS\system32\dllcache 2010-09-15 16:06:39 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft Help 2010-09-15 16:01:50 ----A---- C:\WINDOWS\system32\MRT.exe 2010-09-14 16:16:49 ----D---- C:\Programme\Gemeinsame Dateien\Microsoft Shared 2010-09-14 16:07:39 ----D---- C:\WINDOWS\Minidump 2010-09-14 15:36:23 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Electronic Arts 2010-09-14 15:33:34 ----D---- C:\Programme\ICQ-Banner-Remover 2010-09-12 15:42:50 ----D---- C:\WINDOWS\system32\Macromed 2010-09-12 10:48:42 ----D---- C:\Programme\Left 4 Dead 2 2010-09-11 13:13:54 ----D---- C:\Programme\Electronic Arts 2010-09-10 20:09:21 ----D---- C:\Programme\Opera 2010-09-10 14:39:58 ----D---- C:\WINDOWS\WinSxS 2010-09-09 15:49:10 ----D---- C:\Programme\TrueCrypt 2010-09-08 21:23:39 ----D---- C:\Programme\Zattoo 2010-09-08 21:07:31 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software 2010-09-08 21:06:48 ----D---- C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\TuneUp Software 2010-09-08 21:06:03 ----SD---- C:\WINDOWS\Tasks 2010-09-08 17:01:24 ----D---- C:\Programme\Mozilla Thunderbird 2010-09-08 15:52:13 ----D---- C:\Programme\Counter-Strike 2010-09-08 14:45:23 ----D---- C:\Programme\Left 4 Dead 2010-09-07 20:04:33 ----D---- C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Skype 2010-09-07 20:03:25 ----D---- C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\skypePM 2010-08-30 16:10:39 ----D---- C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Thunderbird 2010-08-29 20:06:33 ----AD---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP 2010-08-28 17:15:13 ----D---- C:\Programme\JDownloader 2010-08-28 14:33:47 ----D---- C:\downloads 2010-08-28 13:53:37 ----D---- C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Hamachi 2010-08-28 13:49:39 ----D---- C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\PriceGong 2010-08-26 01:37:13 ----D---- C:\Programme\Cheat Engine 2010-08-25 17:39:47 ----D---- C:\$WINDOWS.~BT 2010-08-22 21:19:57 ----DC---- C:\WINDOWS\system32\DRVSTORE 2010-08-21 18:47:12 ----RSD---- C:\WINDOWS\assembly 2010-08-21 18:47:12 ----D---- C:\WINDOWS\system32\DirectX 2010-08-21 18:15:49 ----D---- C:\Programme\Unlocker 2010-08-21 14:22:35 ----HD---- C:\Programme\InstallShield Installation Information 2010-08-20 03:38:05 ----D---- C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\TeamViewer 2010-08-20 03:31:52 ----D---- C:\Programme\TeamViewer 2010-08-20 03:29:31 ----D---- C:\Programme\TeamViewer3 ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 BTHidMgr;Bluetooth HID Manager Service; C:\WINDOWS\System32\Drivers\BTHidMgr.sys [2005-04-30 28271] R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2009-04-28 44944] R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-08-21 697328] R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2007-10-09 77568] R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2010-07-16 216400] R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2010-06-03 29584] R1 AvgTdiX;AVG Free Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2010-07-16 243024] R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2009-12-18 26024] R1 kbdhid;Tastatur-HID-Treiber; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720] R1 VBoxDrv;VirtualBox Service; C:\WINDOWS\system32\DRIVERS\VBoxDrv.sys [2010-08-05 143184] R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys [2010-08-05 41936] R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.5.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2010-01-30 21035] R2 EAPPkt;Realtek EAPPkt Protocol; C:\WINDOWS\system32\DRIVERS\EAPPkt.sys [2006-11-15 38144] R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2008-12-02 3452928] R3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys [2008-10-31 93184] R3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys [2005-05-31 20480] R3 BTHidEnum;Bluetooth HID Enumerator; C:\WINDOWS\system32\DRIVERS\vbtenum.sys [2005-04-30 11860] R3 HDAudBus;Microsoft UAA-Bustreiber für High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384] R3 hidusb;Microsoft HID Class-Treiber; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-11-14 4625408] R3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2008-02-29 20240] R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2008-02-29 35344] R3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\WINDOWS\System32\Drivers\LUsbFilt.Sys [2008-02-29 28944] R3 mouhid;Maus-HID-Treiber; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-18 12288] R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-08-23 5888] R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2007-09-19 101504] R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Programme\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys [] R3 usbccgp;Microsoft Standard-USB-Haupttreiber; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp.sys [2010-08-05 100496] R3 VBoxNetFlt;VBoxNetFlt Service; C:\WINDOWS\system32\DRIVERS\VBoxNetFlt.sys [2010-08-05 111312] R3 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys [2009-08-09 29696] R3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys [2004-10-19 61312] R3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys [2005-03-25 82148] R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000] R3 zebrceb;Sony Ericsson Cable Emulation Bus (WDM); C:\WINDOWS\system32\DRIVERS\zebrceb.sys [2009-12-24 63360] S1 AmdPPM;AMD HwPState Prozessortreiber; C:\WINDOWS\system32\DRIVERS\AmdPPM.sys [2007-04-16 33792] S1 MIPFSv332;MIPFSv332; \??\C:\WINDOWS\system32\drivers\MIPFSv332.sys [] S1 MIPv332;MIPv332; \??\C:\WINDOWS\system32\drivers\MIPv332.sys [] S3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys [2005-04-30 10804] S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys [2005-05-31 23000] S3 CCDECODE;Untertiteldecoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024] S3 CEDRIVER55;CEDRIVER55; \??\C:\Programme\Cheat Engine\dbk32.sys [] S3 CrystalSysInfo;CrystalSysInfo; \??\C:\Programme\MediaCoder\SysInfo.sys [] S3 epmntdrv;epmntdrv; \??\C:\WINDOWS\system32\epmntdrv.sys [] S3 esgiguard;esgiguard; \??\C:\Programme\Enigma Software Group\SpyHunter\esgiguard.sys [] S3 EuGdiDrv;EuGdiDrv; \??\C:\WINDOWS\system32\EuGdiDrv.sys [] S3 GarenaPEngine;GarenaPEngine; \??\C:\DOKUME~1\xxx~1\LOKALE~1\Temp\ATF13.tmp [] S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Programme\Garena\plugins\UI\safedrv.sys [] S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2010-04-12 17480] S3 L8042mou;SetPoint PS/2 Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\L8042mou.Sys [2008-02-29 63120] S3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2008-02-29 36880] S3 LMouKE;SetPoint Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouKE.Sys [2008-02-29 79120] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504] S3 NABTSFEC;NABTS/FEC VBI-Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248] S3 NdisIP;Microsoft TV-/Videoverbindung; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880] S3 ovt519;%USB\vid_054c&pid_0155.DeviceDesc%; C:\WINDOWS\System32\Drivers\ov519vid.sys [2003-10-15 174530] S3 Razerlow;Razer Copperhead Driver; C:\WINDOWS\System32\Drivers\Razerlow.sys [2005-08-12 19020] S3 rtl8185;Realtek RTL8185 54M Wireless LAN Network Adapter Driver; C:\WINDOWS\system32\DRIVERS\rtl8185.sys [] S3 RTLWUSB;Realtek RTL8187 Wireless 802.11g 54Mbps USB 2.0 Network Adapter; C:\WINDOWS\system32\DRIVERS\RTL8187.sys [2007-05-21 235648] S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136] S3 streamip;BDA-IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232] S3 usbaudio;USB-Audiotreiber (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032] S3 usbscan;USB-Scannertreiber; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 USBSTOR;USB-Massenspeichertreiber; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2007-10-09 38528] S3 WSTCODEC;World Standard Teletext-Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2007-10-09 82944] S3 zebrbus;Sony Ericsson Composite Device driver; C:\WINDOWS\system32\DRIVERS\zebrbus.sys [2009-12-24 83200] S3 zebrmdfl;Sony Ericsson Modem Filter; C:\WINDOWS\system32\DRIVERS\zebrmdfl.sys [2007-04-13 15112] S3 zebrmdm;Sony Ericsson Port (WDM); C:\WINDOWS\system32\DRIVERS\zebrmdm.sys [2007-04-13 108296] S3 zebrmdmc;Sony Ericsson mRouter Port (WDM); C:\WINDOWS\system32\DRIVERS\zebrmdmc.sys [2007-04-13 108424] S3 zebrsce;Sony Ericsson PC-Connect Port; C:\WINDOWS\system32\DRIVERS\zebrsce.sys [2007-04-13 90888] S4 exFat;exFat; C:\WINDOWS\system32\drivers\exFat.sys [2008-09-29 133632] S4 WS2IFSL;Windows Socket 2.0 Non-IFS-Dienstanbieter-Unterstützungsumgebung; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-08-23 12032] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 Akamai;Akamai NetSession Interface; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336] R2 avg9wd;AVG Free WatchDog; C:\Programme\AVG\AVG9\avgwdsvc.exe [2010-07-16 308136] R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2010-03-10 75064] R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Programme\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe [2010-09-02 1471808] R2 UxTuneUp;TuneUp Designerweiterung (beta); C:\WINDOWS\System32\svchost.exe [2008-04-14 14336] R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2008-12-01 593920] S2 gupdate;Google Update Service (gupdate); C:\Programme\Google\Update\GoogleUpdate.exe [2010-07-16 135664] S3 aspnet_state;ASP.NET-Zustandsdienst; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 IDriverT;InstallDriver Table Manager; C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632] S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 LBTServ;Logitech Bluetooth Service; C:\Programme\Gemeinsame Dateien\Logishrd\Bluetooth\LBTServ.exe [2008-05-02 121360] S3 odserv;Microsoft Office Diagnostics Service; C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712] S3 ose;Office Source Engine; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 WMPNetworkSvc;Windows Media Player-Netzwerkfreigabedienst; C:\Programme\Windows Media Player\WMPNetwk.exe [2006-11-03 920576] S4 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2008-12-01 598016] S4 BlueSoleil Hid Service;BlueSoleil Hid Service; C:\Programme\IVT Corporation\BlueSoleil\BTNtService.exe [2005-04-06 110592] S4 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; C:\Programme\LogMeIn Hamachi\hamachi-2.exe [2009-10-09 1078664] S4 JavaQuickStarterService;Java Quick Starter; C:\Programme\Java\jre6\bin\jqs.exe [2009-12-17 153376] S4 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Programme\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF----------------- Geändert von BlackRepid (18.09.2010 um 13:15 Uhr) |
|
18.09.2010, 14:43
| #2 |
| | antimalware doctor kann geclosed werden....
__________________ |
|
| Themen zu antimalware doctor |
| avg, avg free, bho, browser, call of duty, desktop, device driver, diagnostics, einstellungen, enigma, exe.exe, firefox, fontcache, google, hijack, hijackthis, hkus\s-1-5-18, iexplore.exe, installation, internet, internet browser, internet explorer, monitor, mozilla, opera.exe, plug-in, problem, prozessor, realtek, registry, remote control, rkill.com, scan, senden, skype.exe, software, sptd.sys, system, usb 2.0, virtualbox, windows, windows xp, wireless lan |
