Logfile of random's system information tool 1.05 (written by random/random)
Run by x at 2009-01-05 22:29:43
Microsoft® Windows Vista™ Home Premium Service Pack 1
System drive C: has 40 GB (42%) free of 97 GB
Total RAM: 1013 MB (26% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:30:17, on 05.01.2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Home Cinema\PowerDVD\PDVDServ.exe
C:\Program Files\Sceneo\Bonavista\Services\ODSBC\ODSBCApp.exe
C:\Program Files\Lexmark X1100 Series\LXBKbmgr.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Windows\VM_STI.EXE
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Nonoh.net\Nonoh\nonoh.exe
C:\Program Files\ICQ6.5\ICQ.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Safari\Safari.exe
C:\Program Files\MessengerDiscovery\MessengerDiscovery Live.exe
C:\Users\RICHARD\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\RICHARD.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = htp://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = htp://www.google.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = htp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = htp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Share_Accelerator_MM toolbar - {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Program Files\Share_Accelerator_MM\tbShar.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Share_Accelerator_MM toolbar - {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Program Files\Share_Accelerator_MM\tbShar.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Peer2Peer-DE Toolbar - {97ac393a-a525-4cd0-95cf-019b028cc7a4} - C:\Program Files\Peer2Peer-DE\tbPee0.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: Share_Accelerator_MM toolbar - {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Program Files\Share_Accelerator_MM\tbShar.dll
O3 - Toolbar: Peer2Peer-DE Toolbar - {97ac393a-a525-4cd0-95cf-019b028cc7a4} - C:\Program Files\Peer2Peer-DE\tbPee0.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\Home Cinema\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\Home Cinema\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [TVBroadcast] C:\Program Files\Sceneo\Bonavista\SERVICES\ODSBC\ODSBCApp.exe
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [lxbkbmgr.exe] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [BigDogPath] C:\Windows\VM_STI.EXE Philips SPC 200NC PC Camera
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Nonoh] "C:\Program Files\Nonoh.net\Nonoh\nonoh.exe" -nosplash -minimized
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ6.5\ICQ.exe" silent
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O13 - Gopher Prefix:
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - htp://www.musicnotes.com/download/mnviewer.cab
O16 - DPF: {17D667BA-5675-4AAB-9221-08B9379384D4} (Image Uploader Control) - htp://cdnimg.piczo.com/images/uploader/piczo_fast_uploader.cab
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - htp://static.ak.schuelervz.net/photouploader/ImageUploader4.cab?nocache=20071219-1
O16 - DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} (Image Uploader Control) - htp://static.pe.schuelervz.net/photouploader/ImageUploader5.cab?nocache=1215634447
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} - htp://a532.g.akamai.net/f/532/6712/5m/virtools.download.akamai.com/6712/player/install/installer.exe
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - htp://arcade.icq.com/online/online2/bejeweled2/popcaploader_v6.cab
O16 - DPF: {EA6246B4-F380-443F-8727-9AEA3371146C} (CPlayFirstWeddingDashControl Object) - htp://webgames.d.tmsrv.com/c=1e1687785935a05e4d45b708851b80e1/aff=t_25oa_deca_wg/p/release/playfirst/wg_weddingdash/weddingdash/WeddingDash.1.0.0.47.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Avira AntiVir Personal - Free Antivirus Planer (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\Windows\System32\LEXBCES.EXE
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: lxbk_device - - C:\Windows\system32\lxbkcoms.exe
O23 - Service: NBService - Unknown owner - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Sceneo PVR Service (srvcPVR) - Buhl Data Service GmbH - C:\Program Files\Sceneo\Bonavista\Services\PVR\PVRService.exe
O23 - Service: UPnPService - Magix AG - C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

--
End of file - 10272 bytes

======Scheduled tasks folder======

C:\Windows\tasks\User_Feed_Synchronization-{A231AF6E-5BE4-472A-95EB-AA58394136DC}.job
C:\Windows\tasks\User_Feed_Synchronization-{C8E540D1-FFB8-415D-8E1C-0AB7FD4BF0CE}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4596013b-6c31-408b-a266-deae5c086dc2}]
Share_Accelerator_MM toolbar - C:\Program Files\Share_Accelerator_MM\tbShar.dll [2007-05-27 1326104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre6\bin\ssv.dll [2008-12-13 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{97ac393a-a525-4cd0-95cf-019b028cc7a4}]
Peer2Peer-DE Toolbar - C:\Program Files\Peer2Peer-DE\tbPee0.dll [2008-09-15 1784856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-12-13 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
SingleInstance Class - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll [2008-07-28 160496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{4596013b-6c31-408b-a266-deae5c086dc2} - Share_Accelerator_MM toolbar - C:\Program Files\Share_Accelerator_MM\tbShar.dll [2007-05-27 1326104]
{97ac393a-a525-4cd0-95cf-019b028cc7a4} - Peer2Peer-DE Toolbar - C:\Program Files\Peer2Peer-DE\tbPee0.dll [2008-09-15 1784856]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2006-11-20 4018176]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-11-22 815104]
"RemoteControl"=C:\Program Files\Home Cinema\PowerDVD\PDVDServ.exe [2006-11-23 56928]
"LanguageShortcut"=C:\Program Files\Home Cinema\PowerDVD\Language\Language.exe [2006-12-05 54832]
"TVBroadcast"=C:\Program Files\Sceneo\Bonavista\SERVICES\ODSBC\ODSBCApp.exe [2007-01-10 824320]
"Lexmark X1100 Series"=C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe [2007-01-25 74672]
"PCSuiteTrayApplication"=C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe [2007-03-23 227328]
"lxbkbmgr.exe"=C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe [2007-01-25 74672]
"BigDogPath"=C:\Windows\VM_STI.EXE [2004-06-09 40960]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-01-02 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2008-01-02 166424]
"Persistence"=C:\Windows\system32\igfxpers.exe [2008-01-02 133656]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]
"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2008-09-03 111936]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-11-04 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-11-20 290088]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-12-13 136600]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184]
"Nonoh"=C:\Program Files\Nonoh.net\Nonoh\nonoh.exe [2008-11-07 8945952]
"ICQ"=C:\Program Files\ICQ6.5\ICQ.exe [2008-11-30 172792]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ Lite]
C:\Program Files\ICQLite\ICQLite\ICQLite.exe -minimize []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2008-01-02 200704]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 1 months======

2009-01-05 22:29:43 ----D---- C:\rsit
2009-01-05 21:31:04 ----D---- C:\Users\RICHARD\AppData\Roaming\Yahoo!
2009-01-05 21:31:04 ----D---- C:\ProgramData\Yahoo! Companion
2009-01-05 21:31:01 ----D---- C:\Program Files\Yahoo!
2009-01-05 21:30:54 ----D---- C:\Program Files\CCleaner
2009-01-04 23:11:28 ----D---- C:\Program Files\Navilog1
2009-01-04 21:38:58 ----D---- C:\Program Files\Trend Micro
2008-12-29 03:42:46 ----D---- C:\Program Files\UltraStar Deluxe
2008-12-28 02:11:06 ----D---- C:\Program Files\MSECache
2008-12-19 11:59:25 ----A---- C:\Windows\system32\mshtml.dll
2008-12-14 15:22:27 ----A---- C:\MDL 2.0 Debug.txt
2008-12-14 01:29:49 ----D---- C:\Program Files\MessengerDiscovery
2008-12-13 22:50:10 ----A---- C:\Windows\system32\deploytk.dll
2008-12-13 22:50:09 ----A---- C:\Windows\system32\javaws.exe
2008-12-13 22:50:09 ----A---- C:\Windows\system32\javaw.exe
2008-12-13 22:50:09 ----A---- C:\Windows\system32\java.exe
2008-12-13 22:12:53 ----D---- C:\Program Files\Fake Webcam
2008-12-13 22:12:29 ----D---- C:\Program Files\Conduit
2008-12-13 22:12:28 ----D---- C:\Program Files\Peer2Peer-DE
2008-12-13 11:45:48 ----D---- C:\Program Files\ICQ6.5
2008-12-12 12:34:53 ----A---- C:\Windows\system32\urlmon.dll
2008-12-12 12:34:51 ----A---- C:\Windows\system32\ieframe.dll
2008-12-12 12:34:50 ----A---- C:\Windows\system32\wininet.dll
2008-12-12 12:34:50 ----A---- C:\Windows\system32\mstime.dll
2008-12-12 12:34:47 ----A---- C:\Windows\system32\iertutil.dll
2008-12-12 12:34:44 ----A---- C:\Windows\system32\jsproxy.dll
2008-12-11 12:06:09 ----A---- C:\Windows\system32\tzres.dll
2008-12-10 06:33:07 ----A---- C:\Windows\system32\shell32.dll
2008-12-10 06:32:38 ----A---- C:\Windows\system32\gameux.dll
2008-12-10 06:32:38 ----A---- C:\Windows\system32\Apphlpdm.dll
2008-12-10 06:32:37 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2008-12-10 06:32:19 ----A---- C:\Windows\system32\gdi32.dll
2008-12-10 06:32:13 ----A---- C:\Windows\explorer.exe
2008-12-10 06:32:01 ----A---- C:\Windows\system32\mf.dll
2008-12-10 06:32:00 ----A---- C:\Windows\system32\WMVCORE.DLL
2008-12-10 06:31:57 ----A---- C:\Windows\system32\WMNetMgr.dll
2008-12-10 06:31:56 ----A---- C:\Windows\system32\logagent.exe

======List of files/folders modified in the last 1 months======

2009-01-05 22:30:10 ----D---- C:\Windows\Temp
2009-01-05 22:29:54 ----D---- C:\Windows\Prefetch
2009-01-05 21:56:29 ----D---- C:\Windows\system32\LogFiles
2009-01-05 21:40:55 ----D---- C:\Windows\Debug
2009-01-05 21:40:55 ----D---- C:\Windows
2009-01-05 21:40:54 ----D---- C:\Windows\Minidump
2009-01-05 21:31:04 ----HD---- C:\ProgramData
2009-01-05 21:31:01 ----RD---- C:\Program Files
2009-01-05 16:06:18 ----SHD---- C:\System Volume Information
2009-01-05 02:13:07 ----D---- C:\Windows\System32
2009-01-05 02:13:07 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-01-05 02:13:06 ----D---- C:\Windows\inf
2009-01-04 21:08:20 ----D---- C:\Users\RICHARD\AppData\Roaming\ICQ
2008-12-31 13:58:27 ----SHD---- C:\Windows\Installer
2008-12-31 13:54:24 ----D---- C:\Program Files\Common Files
2008-12-31 13:51:01 ----D---- C:\Program Files\DVDVideoSoft
2008-12-30 18:06:12 ----D---- C:\Windows\system32\catroot2
2008-12-25 22:48:02 ----D---- C:\Users\RICHARD\AppData\Roaming\Skype
2008-12-25 21:48:32 ----D---- C:\Users\RICHARD\AppData\Roaming\skypePM
2008-12-19 12:00:46 ----D---- C:\Windows\winsxs
2008-12-19 12:00:30 ----D---- C:\Windows\system32\catroot
2008-12-14 01:03:38 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2008-12-14 01:02:58 ----D---- C:\Windows\Tasks
2008-12-14 00:52:30 ----D---- C:\Program Files\Common Files\DVDVideoSoft
2008-12-13 22:43:20 ----D---- C:\Program Files\Java
2008-12-13 22:15:53 ----A---- C:\Windows\NeroDigital.ini
2008-12-13 18:39:02 ----D---- C:\Program Files\ICQ6Toolbar
2008-12-13 11:47:59 ----D---- C:\ProgramData\ICQ
2008-12-11 12:36:20 ----D---- C:\Windows\rescache
2008-12-11 12:16:27 ----D---- C:\Windows\AppPatch
2008-12-11 12:16:26 ----D---- C:\Windows\system32\de-DE
2008-12-10 00:24:37 ----A---- C:\Windows\system32\mrt.exe
2008-12-09 20:04:34 ----D---- C:\Program Files\ICQ6

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys [2007-02-27 11840]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2008-11-12 75072]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2007-11-08 21248]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2006-11-15 32256]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2006-11-15 43520]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2006-11-15 37376]
R3 athrusb;Atheros Wireless LAN USB device driver; C:\Windows\system32\DRIVERS\athrusb.sys [2007-01-08 449024]
R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys [2008-05-20 52032]
R3 CmBatt;Treiber für Microsoft-ACPI-Kontrollmethodenkompatible Batterie; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-19 14208]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-01-02 2016256]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2006-11-23 1652968]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2006-12-20 67072]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-19 88576]
R3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2006-11-02 1010560]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2006-11-22 179896]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-19 11264]
R3 X10Hid;X10 Hid Device; C:\Windows\System32\Drivers\x10hid.sys [2006-11-17 13976]
R3 XUIF;X10 USB Wireless Transceiver; C:\Windows\System32\Drivers\x10ufx2.sys [2006-11-30 27416]
S3 61883;61883-Einheitsgerät; C:\Windows\system32\DRIVERS\61883.sys [2008-01-19 45696]
S3 Avc;AVC-Gerät; C:\Windows\system32\DRIVERS\avc.sys [2008-01-19 40448]
S3 drmkaud;Microsoft Kernel-DRM-Audioentschlüsselung; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 FETNDIS;VIA Rhine-Familie--Fast-Ethernet-Adaptertreiberdienst; C:\Windows\system32\DRIVERS\fetnd5.sys [2006-11-02 45568]
S3 HdAudAddService;Microsoft 1.1 UAA-Funktionstreiber für High Definition Audio-Dienst; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-01-02 2016256]
S3 MSDV;Microsoft DV Camera and VCR; C:\Windows\system32\DRIVERS\msdv.sys [2008-01-19 52608]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Microsoft Proxy für Streaming Clock; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Microsoft Proxy für Streaming Quality Manager; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\nmwcd.sys [2007-02-22 137216]
S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\nmwcdc.sys [2007-02-22 8320]
S3 nmwcdcj;Nokia USB Port; C:\Windows\system32\drivers\nmwcdcj.sys [2007-02-22 12288]
S3 nmwcdcm;Nokia USB Modem; C:\Windows\system32\drivers\nmwcdcm.sys [2007-02-22 12288]
S3 PhilCap;PhilCap service; C:\Windows\system32\DRIVERS\PhilCap.sys [2006-10-12 1053824]
S3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2006-11-02 2028032]
S3 Ser2pl;Prolific Serial port driver; C:\Windows\system32\DRIVERS\ser2pl.sys [2007-07-31 76800]
S3 usbscan;USB-Scannertreiber; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-19 39936]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S3 zlportio;zlportio; \??\C:\Program Files\UltraStar Deluxe\zlportio.sys []
S3 ZSMC301b;Philips SPC 200NC PC Camera; C:\Windows\System32\Drivers\usbVM31b.sys [2005-02-26 91527]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Planer; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-23 68865]
R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-23 151297]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
R2 Bonjour Service;Bonjour-Dienst; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 LexBceS;LexBce Server; C:\Windows\System32\LEXBCES.EXE [2003-08-18 303104]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-10-19 61440]
R2 lxbk_device;lxbk_device; C:\Windows\system32\lxbkcoms.exe [2007-01-25 537520]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2006-12-19 272024]
R2 srvcPVR;Sceneo PVR Service; C:\Program Files\Sceneo\Bonavista\Services\PVR\PVRService.exe [2007-01-03 1468928]
R2 x10nets;X10 Device Network Service; C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe [2001-11-12 20480]
R3 iPod Service;iPod-Dienst; C:\Program Files\iPod\bin\iPodService.exe [2008-11-20 536872]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2007-03-26 292864]
R3 usnjsvc;Messenger USN Journal Reader-Service für freigegebene Ordner; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance; C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 1527900]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe []
S3 UPnPService;UPnPService; C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [2006-12-14 544768]
S3 usprserv;User Privilege Service; C:\Windows\System32\svchost.exe [2008-01-19 21504]
S4 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe []

-----------------EOF-----------------



so hier??


ach gott, musste alles mehr mals aufteilen, da es sonst nicht gepasst hätte

======Scheduled tasks folder======

C:\Windows\tasks\User_Feed_Synchronization-{A231AF6E-5BE4-472A-95EB-AA58394136DC}.job
C:\Windows\tasks\User_Feed_Synchronization-{C8E540D1-FFB8-415D-8E1C-0AB7FD4BF0CE}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4596013b-6c31-408b-a266-deae5c086dc2}]
Share_Accelerator_MM toolbar - C:\Program Files\Share_Accelerator_MM\tbShar.dll [2007-05-27 1326104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre6\bin\ssv.dll [2008-12-13 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{97ac393a-a525-4cd0-95cf-019b028cc7a4}]
Peer2Peer-DE Toolbar - C:\Program Files\Peer2Peer-DE\tbPee0.dll [2008-09-15 1784856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-12-13 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
SingleInstance Class - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll [2008-07-28 160496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{4596013b-6c31-408b-a266-deae5c086dc2} - Share_Accelerator_MM toolbar - C:\Program Files\Share_Accelerator_MM\tbShar.dll [2007-05-27 1326104]
{97ac393a-a525-4cd0-95cf-019b028cc7a4} - Peer2Peer-DE Toolbar - C:\Program Files\Peer2Peer-DE\tbPee0.dll [2008-09-15 1784856]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2006-11-20 4018176]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-11-22 815104]
"RemoteControl"=C:\Program Files\Home Cinema\PowerDVD\PDVDServ.exe [2006-11-23 56928]
"LanguageShortcut"=C:\Program Files\Home Cinema\PowerDVD\Language\Language.exe [2006-12-05 54832]
"TVBroadcast"=C:\Program Files\Sceneo\Bonavista\SERVICES\ODSBC\ODSBCApp.exe [2007-01-10 824320]
"Lexmark X1100 Series"=C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe [2007-01-25 74672]
"PCSuiteTrayApplication"=C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe [2007-03-23 227328]
"lxbkbmgr.exe"=C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe [2007-01-25 74672]
"BigDogPath"=C:\Windows\VM_STI.EXE [2004-06-09 40960]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-01-02 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2008-01-02 166424]
"Persistence"=C:\Windows\system32\igfxpers.exe [2008-01-02 133656]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]
"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2008-09-03 111936]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-11-04 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-11-20 290088]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-12-13 136600]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184]
"Nonoh"=C:\Program Files\Nonoh.net\Nonoh\nonoh.exe [2008-11-07 8945952]
"ICQ"=C:\Program Files\ICQ6.5\ICQ.exe [2008-11-30 172792]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ Lite]
C:\Program Files\ICQLite\ICQLite\ICQLite.exe -minimize []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2008-01-02 200704]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 1 months======

2009-01-05 22:29:43 ----D---- C:\rsit
2009-01-05 21:31:04 ----D---- C:\Users\RICHARD\AppData\Roaming\Yahoo!
2009-01-05 21:31:04 ----D---- C:\ProgramData\Yahoo! Companion
2009-01-05 21:31:01 ----D---- C:\Program Files\Yahoo!
2009-01-05 21:30:54 ----D---- C:\Program Files\CCleaner
2009-01-04 23:11:28 ----D---- C:\Program Files\Navilog1
2009-01-04 21:38:58 ----D---- C:\Program Files\Trend Micro
2008-12-29 03:42:46 ----D---- C:\Program Files\UltraStar Deluxe
2008-12-28 02:11:06 ----D---- C:\Program Files\MSECache
2008-12-19 11:59:25 ----A---- C:\Windows\system32\mshtml.dll
2008-12-14 15:22:27 ----A---- C:\MDL 2.0 Debug.txt
2008-12-14 01:29:49 ----D---- C:\Program Files\MessengerDiscovery
2008-12-13 22:50:10 ----A---- C:\Windows\system32\deploytk.dll
2008-12-13 22:50:09 ----A---- C:\Windows\system32\javaws.exe
2008-12-13 22:50:09 ----A---- C:\Windows\system32\javaw.exe
2008-12-13 22:50:09 ----A---- C:\Windows\system32\java.exe
2008-12-13 22:12:53 ----D---- C:\Program Files\Fake Webcam
2008-12-13 22:12:29 ----D---- C:\Program Files\Conduit
2008-12-13 22:12:28 ----D---- C:\Program Files\Peer2Peer-DE
2008-12-13 11:45:48 ----D---- C:\Program Files\ICQ6.5
2008-12-12 12:34:53 ----A---- C:\Windows\system32\urlmon.dll
2008-12-12 12:34:51 ----A---- C:\Windows\system32\ieframe.dll
2008-12-12 12:34:50 ----A---- C:\Windows\system32\wininet.dll
2008-12-12 12:34:50 ----A---- C:\Windows\system32\mstime.dll
2008-12-12 12:34:47 ----A---- C:\Windows\system32\iertutil.dll
2008-12-12 12:34:44 ----A---- C:\Windows\system32\jsproxy.dll
2008-12-11 12:06:09 ----A---- C:\Windows\system32\tzres.dll
2008-12-10 06:33:07 ----A---- C:\Windows\system32\shell32.dll
2008-12-10 06:32:38 ----A---- C:\Windows\system32\gameux.dll
2008-12-10 06:32:38 ----A---- C:\Windows\system32\Apphlpdm.dll
2008-12-10 06:32:37 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2008-12-10 06:32:19 ----A---- C:\Windows\system32\gdi32.dll
2008-12-10 06:32:13 ----A---- C:\Windows\explorer.exe
2008-12-10 06:32:01 ----A---- C:\Windows\system32\mf.dll
2008-12-10 06:32:00 ----A---- C:\Windows\system32\WMVCORE.DLL
2008-12-10 06:31:57 ----A---- C:\Windows\system32\WMNetMgr.dll
2008-12-10 06:31:56 ----A---- C:\Windows\system32\logagent.exe

======List of files/folders modified in the last 1 months======

2009-01-05 22:30:10 ----D---- C:\Windows\Temp
2009-01-05 22:29:54 ----D---- C:\Windows\Prefetch
2009-01-05 21:56:29 ----D---- C:\Windows\system32\LogFiles
2009-01-05 21:40:55 ----D---- C:\Windows\Debug
2009-01-05 21:40:55 ----D---- C:\Windows
2009-01-05 21:40:54 ----D---- C:\Windows\Minidump
2009-01-05 21:31:04 ----HD---- C:\ProgramData
2009-01-05 21:31:01 ----RD---- C:\Program Files
2009-01-05 16:06:18 ----SHD---- C:\System Volume Information
2009-01-05 02:13:07 ----D---- C:\Windows\System32
2009-01-05 02:13:07 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-01-05 02:13:06 ----D---- C:\Windows\inf
2009-01-04 21:08:20 ----D---- C:\Users\RICHARD\AppData\Roaming\ICQ
2008-12-31 13:58:27 ----SHD---- C:\Windows\Installer
2008-12-31 13:54:24 ----D---- C:\Program Files\Common Files
2008-12-31 13:51:01 ----D---- C:\Program Files\DVDVideoSoft
2008-12-30 18:06:12 ----D---- C:\Windows\system32\catroot2
2008-12-25 22:48:02 ----D---- C:\Users\RICHARD\AppData\Roaming\Skype
2008-12-25 21:48:32 ----D---- C:\Users\RICHARD\AppData\Roaming\skypePM
2008-12-19 12:00:46 ----D---- C:\Windows\winsxs
2008-12-19 12:00:30 ----D---- C:\Windows\system32\catroot
2008-12-14 01:03:38 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2008-12-14 01:02:58 ----D---- C:\Windows\Tasks
2008-12-14 00:52:30 ----D---- C:\Program Files\Common Files\DVDVideoSoft
2008-12-13 22:43:20 ----D---- C:\Program Files\Java
2008-12-13 22:15:53 ----A---- C:\Windows\NeroDigital.ini
2008-12-13 18:39:02 ----D---- C:\Program Files\ICQ6Toolbar
2008-12-13 11:47:59 ----D---- C:\ProgramData\ICQ
2008-12-11 12:36:20 ----D---- C:\Windows\rescache
2008-12-11 12:16:27 ----D---- C:\Windows\AppPatch
2008-12-11 12:16:26 ----D---- C:\Windows\system32\de-DE
2008-12-10 00:24:37 ----A---- C:\Windows\system32\mrt.exe
2008-12-09 20:04:34 ----D---- C:\Program Files\ICQ6

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys [2007-02-27 11840]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2008-11-12 75072]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2007-11-08 21248]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2006-11-15 32256]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2006-11-15 43520]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2006-11-15 37376]
R3 athrusb;Atheros Wireless LAN USB device driver; C:\Windows\system32\DRIVERS\athrusb.sys [2007-01-08 449024]
R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys [2008-05-20 52032]
R3 CmBatt;Treiber für Microsoft-ACPI-Kontrollmethodenkompatible Batterie; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-19 14208]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-01-02 2016256]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2006-11-23 1652968]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2006-12-20 67072]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-19 88576]
R3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2006-11-02 1010560]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2006-11-22 179896]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-19 11264]
R3 X10Hid;X10 Hid Device; C:\Windows\System32\Drivers\x10hid.sys [2006-11-17 13976]
R3 XUIF;X10 USB Wireless Transceiver; C:\Windows\System32\Drivers\x10ufx2.sys [2006-11-30 27416]
S3 61883;61883-Einheitsgerät; C:\Windows\system32\DRIVERS\61883.sys [2008-01-19 45696]
S3 Avc;AVC-Gerät; C:\Windows\system32\DRIVERS\avc.sys [2008-01-19 40448]
S3 drmkaud;Microsoft Kernel-DRM-Audioentschlüsselung; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 FETNDIS;VIA Rhine-Familie--Fast-Ethernet-Adaptertreiberdienst; C:\Windows\system32\DRIVERS\fetnd5.sys [2006-11-02 45568]
S3 HdAudAddService;Microsoft 1.1 UAA-Funktionstreiber für High Definition Audio-Dienst; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-01-02 2016256]
S3 MSDV;Microsoft DV Camera and VCR; C:\Windows\system32\DRIVERS\msdv.sys [2008-01-19 52608]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Microsoft Proxy für Streaming Clock; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Microsoft Proxy für Streaming Quality Manager; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\nmwcd.sys [2007-02-22 137216]
S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\nmwcdc.sys [2007-02-22 8320]
S3 nmwcdcj;Nokia USB Port; C:\Windows\system32\drivers\nmwcdcj.sys [2007-02-22 12288]
S3 nmwcdcm;Nokia USB Modem; C:\Windows\system32\drivers\nmwcdcm.sys [2007-02-22 12288]
S3 PhilCap;PhilCap service; C:\Windows\system32\DRIVERS\PhilCap.sys [2006-10-12 1053824]
S3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2006-11-02 2028032]
S3 Ser2pl;Prolific Serial port driver; C:\Windows\system32\DRIVERS\ser2pl.sys [2007-07-31 76800]
S3 usbscan;USB-Scannertreiber; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-19 39936]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S3 zlportio;zlportio; \??\C:\Program Files\UltraStar Deluxe\zlportio.sys []
S3 ZSMC301b;Philips SPC 200NC PC Camera; C:\Windows\System32\Drivers\usbVM31b.sys [2005-02-26 91527]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Planer; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-23 68865]
R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-23 151297]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
R2 Bonjour Service;Bonjour-Dienst; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 LexBceS;LexBce Server; C:\Windows\System32\LEXBCES.EXE [2003-08-18 303104]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-10-19 61440]
R2 lxbk_device;lxbk_device; C:\Windows\system32\lxbkcoms.exe [2007-01-25 537520]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2006-12-19 272024]
R2 srvcPVR;Sceneo PVR Service; C:\Program Files\Sceneo\Bonavista\Services\PVR\PVRService.exe [2007-01-03 1468928]
R2 x10nets;X10 Device Network Service; C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe [2001-11-12 20480]
R3 iPod Service;iPod-Dienst; C:\Program Files\iPod\bin\iPodService.exe [2008-11-20 536872]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2007-03-26 292864]
R3 usnjsvc;Messenger USN Journal Reader-Service für freigegebene Ordner; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance; C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 1527900]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe []
S3 UPnPService;UPnPService; C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [2006-12-14 544768]
S3 usprserv;User Privilege Service; C:\Windows\System32\svchost.exe [2008-01-19 21504]
S4 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe []

-----------------EOF-----------------



so hier??


ach gott, musste alles mehr mals aufteilen, da es sonst nicht gepasst hätte

oh nein, jetzt habe ich manche irgendwie doppelt gepostet und ich weiß nicht wie ich sie löschen kann ! ich hoffe, du kannst dich durchfinden, ansonsten sag bescheid und ich poste die ergebnisse noch einmal der reihe nach !

Ja, das war der erste Teil, immer weiter. Meine Arbeitsliste ist lang.

Ich bin sicher, wenn ich dich nach einigen Programmen fragen würde, die da installiert sind, du nicht einmal weißt, wozu die überhaupt gut sind.

Du musst dringend entrümpeln, sprich deinstallieren.

ciao, andreas

Wie war der Spruch? Der Ordentliche räumt auf, das Genie beherrscht das Chaos.

p.s.: Eine wichtige Frage noch. Kannst du sagen, ab wann die Werbefenster kamen? Oder irgendeine Installation, nach der sie erschienen?

Malwarebytes' Anti-Malware 1.32
Datenbank Version: 1620
Windows 6.0.6001 Service Pack 1

06.01.2009 03:25:26
mbam-log-2009-01-06 (03-25-25).txt

Scan-Methode: Vollständiger Scan (C:\|D:\|)
Durchsuchte Objekte: 196188
Laufzeit: 3 hour(s), 15 minute(s), 48 second(s)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)


hab zuerst den short scan gemacht und es wurden 17 dateien gefunden, die ich dann aber gelöscht habe. danach habe ich einen vollständigen scan durchgeführt und nun wurden keine bösartigen gefunden.

blacklight hat bei mir leider nicht funktioniert.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:27:55, on 06.01.2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Home Cinema\PowerDVD\PDVDServ.exe
C:\Program Files\Sceneo\Bonavista\Services\ODSBC\ODSBCApp.exe
C:\Program Files\Lexmark X1100 Series\LXBKbmgr.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Windows\VM_STI.EXE
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Nonoh.net\Nonoh\nonoh.exe
C:\Program Files\ICQ6.5\ICQ.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\MessengerDiscovery\MessengerDiscovery Live.exe
C:\Program Files\Safari\Safari.exe
C:\Users\RICHARD\Desktop\qlketzd.com

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = htp://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = htp://www.google.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = htp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = htp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = htp://search.bearshare.com/sidebar.html?src=ssb
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Share_Accelerator_MM toolbar - {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Program Files\Share_Accelerator_MM\tbShar.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Share_Accelerator_MM toolbar - {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Program Files\Share_Accelerator_MM\tbShar.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Peer2Peer-DE Toolbar - {97ac393a-a525-4cd0-95cf-019b028cc7a4} - C:\Program Files\Peer2Peer-DE\tbPee0.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: Share_Accelerator_MM toolbar - {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Program Files\Share_Accelerator_MM\tbShar.dll
O3 - Toolbar: Peer2Peer-DE Toolbar - {97ac393a-a525-4cd0-95cf-019b028cc7a4} - C:\Program Files\Peer2Peer-DE\tbPee0.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: (no name) - {D0943516-5076-4020-A3B5-AEFAF26AB263} - (no file)
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\Home Cinema\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\Home Cinema\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [TVBroadcast] C:\Program Files\Sceneo\Bonavista\SERVICES\ODSBC\ODSBCApp.exe
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [lxbkbmgr.exe] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [BigDogPath] C:\Windows\VM_STI.EXE Philips SPC 200NC PC Camera
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Nonoh] "C:\Program Files\Nonoh.net\Nonoh\nonoh.exe" -nosplash -minimized
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ6.5\ICQ.exe" silent
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O13 - Gopher Prefix:
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - htp://www.musicnotes.com/download/mnviewer.cab
O16 - DPF: {17D667BA-5675-4AAB-9221-08B9379384D4} (Image Uploader Control) - htp://cdnimg.piczo.com/images/uploader/piczo_fast_uploader.cab
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - htp://static.ak.schuelervz.net/photouploader/ImageUploader4.cab?nocache=20071219-1
O16 - DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} (Image Uploader Control) - htp://static.pe.schuelervz.net/photouploader/ImageUploader5.cab?nocache=1215634447
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} - htp://a532.g.akamai.net/f/532/6712/5m/virtools.download.akamai.com/6712/player/install/installer.exe
O16 - DPF: {EA6246B4-F380-443F-8727-9AEA3371146C} (CPlayFirstWeddingDashControl Object) - htp://webgames.d.tmsrv.com/c=1e1687785935a05e4d45b708851b80e1/aff=t_25oa_deca_wg/p/release/playfirst/wg_weddingdash/weddingdash/WeddingDash.1.0.0.47.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Avira AntiVir Personal - Free Antivirus Planer (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\Windows\System32\LEXBCES.EXE
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: lxbk_device - - C:\Windows\system32\lxbkcoms.exe
O23 - Service: NBService - Unknown owner - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Sceneo PVR Service (srvcPVR) - Buhl Data Service GmbH - C:\Program Files\Sceneo\Bonavista\Services\PVR\PVRService.exe
O23 - Service: UPnPService - Magix AG - C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

--
End of file - 10089 bytes

Zitat:

hab zuerst den short scan gemacht und es wurden 17 dateien gefunden, die ich dann aber gelöscht habe.

Das Log von den Funden ist wichtig. Bitte posten.

Wo ist das Log von Superantispyware?

Es fehlt auch noch die info.txt von rsit.

Das letzte HJT-Log sieht schon etwas freundlicher aus. Installiere http://www.trojaner-board.de/51464-a...-ccleaner.html und säubere dein System. Deinstalliere die Peer2peer und Share Accelerator Toolbars sowie alle Programme, die du nicht unbedingt benötigst.

ciao, andreas

na toll. jetzt hatte ich aus versehn "intel graphics media accelerator driver" deinstalliert, was dazu geführt hat, dass die grafik viel zu groß war. hm. dann habe ich das system zurückgesetzt, weil ich glücklicherweise etwa 2 std davor einen neuen systemwiederherstellungspunkt festgelegt hatte.

aber als ich nun wieder die peer-to-peer toolbar löschen wollte, was vor der systemwiederherstellung einwandfrei geklappt hat, erscheint nun eine fehlermeldung

"die datei istall.log konnte nicht geöffnet werden" oder so.
die logs schicke ich gleich dazu.