| |
| |||||||
Log-Analyse und Auswertung: ntos.exe usw. brauche hilfeWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
03.08.2008, 09:44
| #1 |
 |  ntos.exe usw. brauche hilfe Hi erstmal - klasse forum hier!  ich hatte bis vor kurzem(?) folgenden virus: http://www.trojaner-board.de/50537-b...-computer.html Diesen habe ich mit SDFIX denke ich erfolgreich gelöscht. Hier der Report: Code:
ATTFilter SDFix: Version 1.212
Run by xxxx on 03.08.2008 at 07:16
Microsoft Windows XP [Version 5.1.2600]
Running From: C:\SDFix
Checking Services :
Restoring Default Security Values
Restoring Default Hosts File
Restoring Default Desktop Wallpaper
Rebooting
Checking Files :
Trojan Files Found:
C:\WINDOWS\SYSTEM32\PHC3F8~1.BMP - Deleted
C:\WINDOWS\system32\ntos.exe - Deleted
C:\WINDOWS\system32\nvrsul32.dll - Deleted
C:\WINDOWS\system32\wsnpoem\video.dll - Deleted
C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\wsnpoem\audio.dll - Deleted
C:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\wsnpoem\audio.dll - Deleted
C:\WINDOWS\system32\wsnpoem\audio.dll - Deleted
Folder C:\WINDOWS\system32\wsnpoem - Removed
Removing Temp Files
ADS Check :
Final Check :
catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-03 07:39:02
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
scanning hidden registry entries ...
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Prefetcher]
"TracesProcessed"=dword:0000004f
"TracesSuccessful"=dword:00000003
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
Remaining Services :
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Programme\\Yahoo!\\Messenger\\YPager.exe"="C:\\Programme\\Yahoo!\\Messenger\\YPager.exe:*:Enabled:Yahoo! Messenger"
"C:\\Programme\\Yahoo!\\Messenger\\YServer.exe"="C:\\Programme\\Yahoo!\\Messenger\\YServer.exe:*:Enabled:Yahoo! FT Server"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Programme\\HP\\Digital Imaging\\bin\\hpqste08.exe"="C:\\Programme\\HP\\Digital Imaging\\bin\\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\\Programme\\HP\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Programme\\HP\\Digital Imaging\\bin\\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\\Programme\\HP\\Digital Imaging\\bin\\hposfx08.exe"="C:\\Programme\\HP\\Digital Imaging\\bin\\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\\Programme\\HP\\Digital Imaging\\bin\\hposid01.exe"="C:\\Programme\\HP\\Digital Imaging\\bin\\hposid01.exe:*:Enabled:hposid01.exe"
"C:\\Programme\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"="C:\\Programme\\HP\\Digital Imaging\\bin\\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\\Programme\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"="C:\\Programme\\HP\\Digital Imaging\\bin\\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\\Programme\\HP\\Digital Imaging\\bin\\hpqCopy.exe"="C:\\Programme\\HP\\Digital Imaging\\bin\\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\\Programme\\HP\\Digital Imaging\\bin\\hpfccopy.exe"="C:\\Programme\\HP\\Digital Imaging\\bin\\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\\Programme\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"="C:\\Programme\\HP\\Digital Imaging\\bin\\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\\Programme\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"="C:\\Programme\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\\Programme\\HP\\Digital Imaging\\bin\\hpoews01.exe"="C:\\Programme\\HP\\Digital Imaging\\bin\\hpoews01.exe:*:Enabled:hpoews01.exe"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
Remaining Files :
File Backups: - C:\SDFix\backups\backups.zip
Files with Hidden Attributes :
Mon 14 Apr 2008 1,695,232 ..SH. --- "C:\Programme\Messenger\msmsgs.exe"
Sun 20 Apr 2008 497,392 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\032e2bc91e33b0de1cd346a7034b406f\BIT4.tmp"
Sun 20 Apr 2008 153,821 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\254922ac494510fbc664d954e6ce4045\BIT1.tmp"
Sun 20 Apr 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\2ec09aa6b277f9bf93d328ab8b83d988\BIT15.tmp"
Sun 20 Apr 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\2fcb4772b4a4e88a6268d23ebac6fd18\BIT10.tmp"
Sun 20 Apr 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\4ad270de1e9a168e77c846b5514ba6a9\BIT5.tmp"
Sun 20 Apr 2008 749,096 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\520152765f84469f7e6edc89a048bbf7\BIT14.tmp"
Sun 20 Apr 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\58c47ee6ef5ef54035643e71f6a8f7cf\BIT8.tmp"
Sun 20 Apr 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\6b174b0f6e5297be995fb5ced34e629f\BITE.tmp"
Sun 20 Apr 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\77e84c2cc6ccfcf2ca072a8d440af5c8\BIT12.tmp"
Sun 20 Apr 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\85340112bbd6e8e87cd2b06a5a061295\BIT16.tmp"
Sun 20 Apr 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\9df5b5ae0e37d4de6aa55dcad50daf42\BITD.tmp"
Sun 20 Apr 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\a563987288b8553e1da1fda32c4145f6\BITF.tmp"
Sun 20 Apr 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\c05f111b41a352c6b7fb811423684c06\BIT19.tmp"
Sun 20 Apr 2008 2,570,144 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\ca025650f6e8427968ff054c88aa8010\BIT1.tmp"
Sun 20 Apr 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\caae6fcacf4b0650c69ae4c6d240ffb0\BIT11.tmp"
Sun 20 Apr 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\e4c09e907811fc4c3fafcc970c1720b3\BIT18.tmp"
Finished!
Dann habe ich das ganze nochmal durchlaufen lassen zur Sicherheit. Hier der nachfolgende 2. SDFIX Report: Code:
ATTFilter
SDFix: Version 1.212
Run by XXXX on 03.08.2008 at 08:10
Microsoft Windows XP [Version 5.1.2600]
Running From: C:\SDFix
Checking Services :
Restoring Default Security Values
Restoring Default Hosts File
Rebooting
Checking Files :
Trojan Files Found:
C:\WINDOWS\system32\nvrsul32.dll - Deleted
Removing Temp Files
ADS Check :
Final Check :
catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-03 08:18:04
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
scanning hidden registry entries ...
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Prefetcher]
"TracesProcessed"=dword:00000049
"TracesSuccessful"=dword:00000003
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
Remaining Services :
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Programme\\Yahoo!\\Messenger\\YPager.exe"="C:\\Programme\\Yahoo!\\Messenger\\YPager.exe:*:Enabled:Yahoo! Messenger"
"C:\\Programme\\Yahoo!\\Messenger\\YServer.exe"="C:\\Programme\\Yahoo!\\Messenger\\YServer.exe:*:Enabled:Yahoo! FT Server"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Programme\\HP\\Digital Imaging\\bin\\hpqste08.exe"="C:\\Programme\\HP\\Digital Imaging\\bin\\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\\Programme\\HP\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Programme\\HP\\Digital Imaging\\bin\\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\\Programme\\HP\\Digital Imaging\\bin\\hposfx08.exe"="C:\\Programme\\HP\\Digital Imaging\\bin\\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\\Programme\\HP\\Digital Imaging\\bin\\hposid01.exe"="C:\\Programme\\HP\\Digital Imaging\\bin\\hposid01.exe:*:Enabled:hposid01.exe"
"C:\\Programme\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"="C:\\Programme\\HP\\Digital Imaging\\bin\\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\\Programme\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"="C:\\Programme\\HP\\Digital Imaging\\bin\\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\\Programme\\HP\\Digital Imaging\\bin\\hpqCopy.exe"="C:\\Programme\\HP\\Digital Imaging\\bin\\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\\Programme\\HP\\Digital Imaging\\bin\\hpfccopy.exe"="C:\\Programme\\HP\\Digital Imaging\\bin\\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\\Programme\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"="C:\\Programme\\HP\\Digital Imaging\\bin\\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\\Programme\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"="C:\\Programme\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\\Programme\\HP\\Digital Imaging\\bin\\hpoews01.exe"="C:\\Programme\\HP\\Digital Imaging\\bin\\hpoews01.exe:*:Enabled:hpoews01.exe"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
Remaining Files :
File Backups: - C:\SDFix\backups\backups.zip
Files with Hidden Attributes :
Mon 14 Apr 2008 1,695,232 ..SH. --- "C:\Programme\Messenger\msmsgs.exe"
Sun 20 Apr 2008 497,392 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\032e2bc91e33b0de1cd346a7034b406f\BIT4.tmp"
Sun 20 Apr 2008 153,821 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\254922ac494510fbc664d954e6ce4045\BIT1.tmp"
Sun 20 Apr 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\2ec09aa6b277f9bf93d328ab8b83d988\BIT15.tmp"
Sun 20 Apr 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\2fcb4772b4a4e88a6268d23ebac6fd18\BIT10.tmp"
Sun 20 Apr 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\4ad270de1e9a168e77c846b5514ba6a9\BIT5.tmp"
Sun 20 Apr 2008 749,096 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\520152765f84469f7e6edc89a048bbf7\BIT14.tmp"
Sun 20 Apr 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\58c47ee6ef5ef54035643e71f6a8f7cf\BIT8.tmp"
Sun 20 Apr 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\6b174b0f6e5297be995fb5ced34e629f\BITE.tmp"
Sun 20 Apr 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\77e84c2cc6ccfcf2ca072a8d440af5c8\BIT12.tmp"
Sun 20 Apr 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\85340112bbd6e8e87cd2b06a5a061295\BIT16.tmp"
Sun 20 Apr 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\9df5b5ae0e37d4de6aa55dcad50daf42\BITD.tmp"
Sun 20 Apr 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\a563987288b8553e1da1fda32c4145f6\BITF.tmp"
Sun 20 Apr 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\c05f111b41a352c6b7fb811423684c06\BIT19.tmp"
Sun 20 Apr 2008 2,570,144 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\ca025650f6e8427968ff054c88aa8010\BIT1.tmp"
Sun 20 Apr 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\caae6fcacf4b0650c69ae4c6d240ffb0\BIT11.tmp"
Sun 20 Apr 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\e4c09e907811fc4c3fafcc970c1720b3\BIT18.tmp"
Finished!
Code:
ATTFilter Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 07:52:06, on 03.08.2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16674) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programme\Intel\Wireless\Bin\EvtEng.exe C:\WINDOWS\Explorer.EXE C:\Programme\Intel\Wireless\Bin\S24EvMon.exe C:\WINDOWS\system32\spoolsv.exe C:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Programme\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe C:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe C:\WINDOWS\system32\nvsvc32.exe C:\Programme\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe C:\Programme\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\system32\svchost.exe C:\Programme\Sony\VAIO Event Service\VESMgr.exe C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe C:\Programme\Apoint\Apoint.exe C:\WINDOWS\system32\ICO.EXE C:\Programme\Sony\VAIO Power Management\SPMgr.exe C:\Programme\Sony\ISB Utility\ISBMgr.exe C:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\RTHDCPL.EXE C:\Programme\HP\HP Software Update\HPWuSchd2.exe C:\WINDOWS\dit.exe C:\Programme\Java\jre1.5.0_01\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\DitExp.exe C:\Programme\Google\Google Updater\GoogleUpdater.exe C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe C:\Programme\Apoint\Apntex.exe C:\Programme\HP\Digital Imaging\bin\hpqSTE08.exe C:\Programme\Mozilla Firefox\firefox.exe C:\Programme\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar2.dll O4 - HKLM\..\Run: [Apoint] C:\Programme\Apoint\Apoint.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [SonyPowerCfg] C:\Programme\Sony\VAIO Power Management\SPMgr.exe O4 - HKLM\..\Run: [ISBMgr.exe] C:\Programme\Sony\ISB Utility\ISBMgr.exe O4 - HKLM\..\Run: [avgnt] "C:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [HP Software Update] C:\Programme\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [dit] dit.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_01\bin\jusched.exe O4 - HKCU\..\Run: [Yahoo! Pager] C:\Programme\Yahoo!\Messenger\ypager.exe -quiet O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Google Updater.lnk = C:\Programme\Google\Google Updater\GoogleUpdater.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_01\bin\npjpi150_01.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_01\bin\npjpi150_01.dll O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.com/de/ O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Programme\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - C:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Programme\Intel\Wireless\Bin\EvtEng.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Programme\Gemeinsame Dateien\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PACSPTISVR - Unknown owner - C:\Programme\Gemeinsame Dateien\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Programme\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Programme\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Programme\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Programme\Gemeinsame Dateien\Sony Shared\AVLib\SsBeSvc.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Programme\Gemeinsame Dateien\Sony Shared\AVLib\SPTISRV.exe O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Programme\Gemeinsame Dateien\Sony Shared\AVLib\SSScsiSV.exe O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe O23 - Service: VAIO Event Service - Sony Corporation - C:\Programme\Sony\VAIO Event Service\VESMgr.exe O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Programme\Sony\VAIO Media Integrated Server\VMISrv.exe O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Programme\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Programme\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Programme\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe O23 - Service: VAIO Cooporated Initialisation (VCI) - Sony Corporation - C:\Programme\Sony\VAIO Cooperated Initialisation\VCI_SVC.exe O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe -- End of file - 9447 bytes Geändert von KuniP (03.08.2008 um 09:52 Uhr) |
| Themen zu ntos.exe usw. brauche hilfe |
| 1.exe, 1.tmp, 8.tmp, adobe, antivir, application, avira, bho, brauche hilfe, desktop, einstellungen, excel, firefox, google, hijack, hijackthis, hijackthis log, hkus\s-1-5-18, internet, internet explorer, malware, mozilla, mozilla firefox, registry, rundll, scan, security, software, system, virus, windows, windows xp, windows xp sp3, xp sp3 |
Baum-Darstellung