Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: iwseu.exe: unbekannte Datei öffnet Werbung!

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 31.05.2009, 15:51   #1
omapeter
 
iwseu.exe: unbekannte Datei öffnet Werbung! - Standard

iwseu.exe: unbekannte Datei öffnet Werbung!



Hallo!

Seit neustem öffnen sich bei mir Fenster mit Werbung(Jamba,...). Nach beenden der Datei iwseu.exe(Finde weder hier, noch in Google Informationen) schließt sich das Fenster und es werden keine weiteren aufgerufen.

Durch den Suchvorgang kann die Datei nicht gefunden werden, habe aber auf eigene Faust gesucht und habe das Programm in
C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\
gefunden.

iwseu-Dateien:
iwseu.dat
iwseu.exe
iwseu_nav.dat
iwseu_navps.dat

Habe iwseu.exe bei VirusTotal testen lassen: 2 Treffer von 40 Antivirus-Programmen

McAfee-GW-Edition Trojan.LooksLike.Dropper
Panda Suspicious file

Ist jemand dieser Fall bekannt??
Wie soll ich vorgehen? Löschen?

Freue mich auf Antworten

Oma Peter

PS: Antivir, Adaware und spybot sagten: SAUBER!

Geändert von omapeter (31.05.2009 um 15:53 Uhr) Grund: Was vergessen!

Alt 31.05.2009, 16:29   #2
Angel21
 
iwseu.exe: unbekannte Datei öffnet Werbung! - Standard

iwseu.exe: unbekannte Datei öffnet Werbung!



Hallo,

poste ein HijackThis logfile.

Danach lässt du Navilog laufen.
Navilog
Starte navilog1.exe und installiere die Anwendung, eventuelle Fehlermeldungen Deines
Virescanners sind zu ignorieren (Anwendung erlauben!)
Alle anderen Anwendungen bitte beenden!
Danach sollte navilog automatisch starten, sonst per Doppelklick dem Desktop starten.
Im Sprachmenü bitte Englisch auswählen.
Wähle 1 im nächsten Menü um "Suche" auszuwählen. Bestätige mit Enter.
Während der Suche nichts am Rechner machen, nur auf Programmaufforderung!
Nach dem Durchlauf sollte sich der Editor mit dem Log (fixnavi.txt) öffnen,
Inhalt kopieren und in Thread einfügen.
Das Log findest Du auch im Hauptverzeichnis (z.B.: "C:\").
http://pagesperso-orange.fr/il.mafio...x/Navilog1.exe
__________________

__________________

Alt 31.05.2009, 17:30   #3
omapeter
 
iwseu.exe: unbekannte Datei öffnet Werbung! - Standard

iwseu.exe: unbekannte Datei öffnet Werbung!



Erstmal HijackThis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:27:38, on 31.05.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Java\jre6\bin\jusched.exe
C:\Programme\VIA\VIAudioi\HDADeck\HDeck.exe
C:\Programme\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Programme\DAEMON Tools Lite\daemon.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programme\Lion\Lion.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Programme\Electronic Arts\EADM\Core.exe
C:\dokumente und einstellungen\***\lokale einstellungen\anwendungsdaten\iwseu.exe
C:\Programme\Hamachi\hamachi.exe
D:\eigene3\mousometer.exe
C:\Programme\Outlook Express\msimn.exe
C:\Programme\Avira\AntiVir Desktop\avguard.exe
C:\Programme\Bonjour\mDNSResponder.exe
C:\Programme\Google\Update\GoogleUpdate.exe
C:\Programme\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Tunngle\TnglCtrl.exe
C:\Programme\HP\Digital Imaging\bin\hpqnrs08.exe
C:\Programme\HHVcdV5Sys\VC5SecS.exe
C:\Programme\HHVcdV7Sys\VC7SecS.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Programme\Lavasoft\Ad-Aware\AAWTray.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\Programme\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Programme\TechSmith\SnagIt 8\SnagItIEAddin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [HDAudDeck] C:\Programme\VIA\VIAudioi\HDADeck\HDeck.exe 1
O4 - HKLM\..\Run: [avgnt] "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Programme\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [Lion] "C:\Programme\Lion\Lion.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [EA Core] "C:\Programme\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [iwseu] "c:\dokumente und einstellungen\***\lokale einstellungen\anwendungsdaten\iwseu.exe" iwseu
O4 - Startup: hamachi.lnk = C:\Programme\Hamachi\hamachi.exe
O4 - Startup: Mousometer.lnk = C:\Dokumente und Einstellungen\***\Eigene Dateien\mousometer.exe
O4 - Startup: Outlook Express.lnk = C:\Programme\Outlook Express\msimn.exe
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{31778FC6-FEB4-4B3B-930F-3CDAA58F47FF}: NameServer = 192.168.0.1
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. - C:\Programme\Bonjour\mDNSResponder.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - D:\Programme\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: Google Update Service (gupdate1c994123999325f) (gupdate1c994123999325f) - Google Inc. - C:\Programme\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Programme\Ahead\InCD\InCDsrv.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Programme\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Programme\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: TuneUp Drive Defrag-Dienst (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Programme\Tunngle\TnglCtrl.exe
O23 - Service: Virtual CD v5 Security service (VC5SecS) - H+H Software GmbH - C:\Programme\HHVcdV5Sys\VC5SecS.exe
O23 - Service: Virtual CD v7 Management Service (VC7SecS) - H+H Software GmbH - C:\Programme\HHVcdV7Sys\VC7SecS.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 7723 bytes

Navilog kommt gleich!
__________________

Geändert von omapeter (31.05.2009 um 18:16 Uhr)

Alt 31.05.2009, 17:35   #4
omapeter
 
iwseu.exe: unbekannte Datei öffnet Werbung! - Standard

iwseu.exe: unbekannte Datei öffnet Werbung!



Search Navipromo version 3.7.7 began on 31.05.2009 at 17:29:56,00

!!! Warning, this report may include legitimate files/programs !!!
!!! Post this report on the forum you are being helped !!!
!!! Don't continue with removal unless instructed by an authorized helper !!!

Fix running from C:\Programme\navilog1

Updated on 12.05.2009 at 18h00 by IL-MAFIOSO

Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz )
BIOS : Default System BIOS
USER : *** ( Administrator )
BOOT : Normal boot

Antivirus : AntiVir Desktop 9.0.1.26 (Activated)
Firewall : ZoneAlarm Firewall 7.0.483.000 (Not Activated)

A:\ (USB)
C:\ (Local Disk) - NTFS - Total:127 Go (Free:38 Go)
D:\ (Local Disk) - NTFS - Total:337 Go (Free:111 Go)
E:\ (CD or DVD)
F:\ (CD or DVD)
G:\ (CD or DVD)
H:\ (CD or DVD)


Search done in normal mode


*** Search folders in "C:\WINDOWS" ***


*** Search folders in "C:\Programme" ***


*** Search folders in "C:\Dokumente und Einstellungen\All Users\startm~1\progra~1" ***

...\Live-Player found !

*** Search folders in "C:\Dokumente und Einstellungen\All Users\startm~1" ***


*** Search folders in "c:\dokume~1\alluse~1\anwend~1" ***


*** Search folders in "C:\Dokumente und Einstellungen\***\anwend~1" ***

...\Live-Player found !

*** Search folders in "C:\Dokumente und Einstellungen\***\lokale~1\anwend~1" ***


*** Search folders in "C:\Dokumente und Einstellungen\***\startm~1\progra~1" ***


*** Search with Catchme-rootkit/stealth malware detector by gmer ***
for more info : http://www.gmer.net



*** Search with GenericNaviSearch ***
!!! Possibility of legitimate files in the result !!!
!!! Must always be checked before manually deleting !!!

* Scan in "C:\WINDOWS\system32" *

* Scan in "C:\Dokumente und Einstellungen\***\lokale~1\anwend~1" *



*** Search files ***



*** Search specific Registry keys ***
!! Following keys are not certainly all infected !!


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"iwseu"="\"c:\\dokumente und einstellungen\\***\\lokale einstellungen\\anwendungsdaten\\iwseu.exe\" iwseu"


*** Complementary Search ***
(Search specific files)

1)Search new Instant Access files :


2)Heuristic Search :

* In "C:\WINDOWS\system32" :


* In "C:\Dokumente und Einstellungen\***\lokale~1\anwend~1" :

iwseu.exe found !
iwseu.dat found !
iwseu_nav.dat found !
iwseu_navps.dat found !

3)Certificates Search :

Egroup certificate not found !
Electronic-Group certificate not found !
Montorgueil certificate not found !
OOO-Favorit certificate not found !
Sunny-Day-Design-Ltd certificate not found !

4)Search others known folders and files :



*** Search completed on 31.05.2009 at 17:33:33,34 ***

Geändert von omapeter (31.05.2009 um 18:15 Uhr)

Alt 31.05.2009, 20:11   #5
Angel21
 
iwseu.exe: unbekannte Datei öffnet Werbung! - Standard

iwseu.exe: unbekannte Datei öffnet Werbung!



Navilog nochmal mit Option 2 durchlaufen lassen.
Log posten.

__________________
Avira Upgrade 10 ist auf dem Markt!
Agressive Einstellung von Avira

What goes around comes around!

Alt 31.05.2009, 21:03   #6
omapeter
 
iwseu.exe: unbekannte Datei öffnet Werbung! - Standard

iwseu.exe: unbekannte Datei öffnet Werbung!



Navipromo Removal version 3.7.7 started on 31.05.2009 at 20:53:27,90

Fix running from C:\Programme\navilog1

Updated on 12.05.2009 at 18h00 by IL-MAFIOSO

Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz )
BIOS : Default System BIOS
USER : *** ( Administrator )
BOOT : Normal boot

Antivirus : AntiVir Desktop 9.0.1.26 (Activated)
Firewall : ZoneAlarm Firewall 7.0.483.000 (Not Activated)

A:\ (USB)
C:\ (Local Disk) - NTFS - Total:127 Go (Free:38 Go)
D:\ (Local Disk) - NTFS - Total:337 Go (Free:111 Go)
E:\ (CD or DVD)
F:\ (CD or DVD)
G:\ (CD or DVD)
H:\ (CD or DVD)


Automatic removal
with Catchme and GNS results


Cleanning stage done on Reboot


*** fsbl1.txt not found ***
(Check that Catchme found nothing in Search Mode)


*** Deleting with Backups GenericNaviSearch results ***

* Deletion in "C:\WINDOWS\System32" *


* Deletion in "C:\Dokumente und Einstellungen\***\lokale~1\anwend~1" *



*** Deleting folders in "C:\WINDOWS" ***


*** Deleting folders in "C:\Programme" ***


*** Deleting folders in "C:\Dokumente und Einstellungen\All Users\startm~1\progra~1" ***

...\Live-Player ...deleting...
...\Live-Player deleted !


*** Deleting folders in "C:\Dokumente und Einstellungen\All Users\startm~1" ***


*** Deleting folders in "c:\dokume~1\alluse~1\anwend~1" ***


*** Deleting folders in "C:\Dokumente und Einstellungen\***\anwend~1" ***

...\Live-Player ...deleting...
...\Live-Player deleted !


*** Deleting folders in "C:\Dokumente und Einstellungen\***\lokale~1\anwend~1" ***


*** Deleting folders in "C:\Dokumente und Einstellungen\***\startm~1\progra~1" ***



*** Deleting files ***


*** Deleting temporary files ***

Cleaning of C:\WINDOWS\Temp done !
Cleaning of C:\Dokumente und Einstellungen\***\lokale~1\Temp done !

*** Complementary Search ***
(Search specific files)

1)Deletion with backups new Instant Access files:

2)Heuristic search and deletion with backups :


* In "C:\WINDOWS\system32" *



* In "C:\Dokumente und Einstellungen\***\lokale~1\anwend~1" *


iwseu.exe found !
Copy iwseu.exe done !
iwseu.exe deleted !

iwseu.dat found !
Copy iwseu.dat done !
iwseu.dat deleted !

iwseu_nav.dat found !
Copy iwseu_nav.dat done !
iwseu_nav.dat deleted !

iwseu_navps.dat found !
Copy iwseu_navps.dat done !
iwseu_navps.dat deleted !


*** Copy Registry to Safebackup folder ***

Backing up Registry done !

*** Cleaning Registry ***

Registry cleaned


*** Certificates ***

Egroup Certificate not found !
Electronic-Group Certificate not found !
Montorgueil Certificate not found !
OOO-Favorit Certificate not found !
Sunny-Day-Design-Ltd Certificate not found !

*** Search others known folders and files ***



*** Cleaning stage complete on 31.05.2009 at 20:57:32,14 ***

Nächstes Problem:

Seit dem Neustart kommen nichtendende Meldungen:

Das System wird nach einem schwerwiegenden Fehler wieder ausgeführt!

Problemberichtinhalt:
C:\DOKUME~1\Janis\LOKALE~1\Temp\WERca43.dir00\Mini042609-01.dmp
C:\DOKUME~1\Janis\LOKALE~1\Temp\WERca43.dir00\sysdata.xml

Was ist den jetzt los??

Alt 31.05.2009, 22:02   #7
Angel21
 
iwseu.exe: unbekannte Datei öffnet Werbung! - Standard

iwseu.exe: unbekannte Datei öffnet Werbung!



Systemdetails mit RSIT prüfen
  • Lade Random's System Information Tool (RSIT) von random/random herunter,
  • speichere es auf Deinem Desktop.
  • Starte mit Doppelklick die RSIT.exe.
  • Klicke auf Continue, um die Nutzungsbedingungen zu akzeptieren.
  • Der Scan startet automatisch, RSIT checkt nun einige wichtige System-Bereiche und produziert Logfiles als Analyse-Grundlage.
  • Wenn der Scan beendet ist, werden zwei Logfiles erstellt und in Deinem Editor geöffnet.
  • Bitte poste den Inhalt von C:\rsit\log.txt und C:\rsit\info.txt (<= minimiert) hier in den Thread.

Poste erstmal alle Logs.

Danach schließe alle Anwendungen und lass folgendes laufen:

Rootkitscan mit RootRepeal
  • Gehe hierhin, scrolle runter und downloade RootRepeal.zip.
  • Entpacke die Datei auf Deinen Desktop.
  • Doppelklicke die RootRepeal.exe, um den Scanner zu starten.
  • Klicke auf den Reiter Report und dann auf den Button Scan.
  • Mache einen Haken bei den folgenden Elementen und klicke Ok.
    .
    Drivers
    Files
    Processes
    SSDT
    Stealth Objects
    Hidden Services

    .
  • Im Anschluss wirst Du gefragt, welche Laufwerke gescannt werden sollen.
  • Wähle C:\ und klicke wieder Ok.
  • Der Suchlauf beginnt automatisch, es wird eine Weile dauern, bitte Geduld.
  • Wenn der Suchlauf beendet ist, klicke auf Save Report.
  • Speichere das Logfile als RootRepeal.txt auf dem Desktop.
  • Kopiere den Inhalt hier in den Thread.
__________________
Avira Upgrade 10 ist auf dem Markt!
Agressive Einstellung von Avira

What goes around comes around!

Alt 01.06.2009, 09:28   #8
omapeter
 
iwseu.exe: unbekannte Datei öffnet Werbung! - Standard

iwseu.exe: unbekannte Datei öffnet Werbung!



Datei zu groß ^^ also Part 1: log.txt
PS: MELDUNGEN HABEN NACH NEUSTART AUFGEHÖRT!

Logfile of random's system information tool 1.06 (written by random/random)
Run by *** at 2009-06-01 09:24:34
Microsoft Windows XP Professional Service Pack 3
System drive C: has 42 GB (32%) free of 131 GB
Total RAM: 3327 MB (83% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:24:35, on 01.06.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Java\jre6\bin\jusched.exe
C:\Programme\VIA\VIAudioi\HDADeck\HDeck.exe
C:\Programme\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Programme\DAEMON Tools Lite\daemon.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programme\Lion\Lion.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Programme\Electronic Arts\EADM\Core.exe
D:\eigene3\mousometer.exe
C:\Programme\Outlook Express\msimn.exe
C:\Programme\Avira\AntiVir Desktop\avguard.exe
C:\Programme\Bonjour\mDNSResponder.exe
C:\Programme\Google\Update\GoogleUpdate.exe
C:\Programme\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Tunngle\TnglCtrl.exe
C:\Programme\HP\Digital Imaging\bin\hpqnrs08.exe
C:\Programme\HHVcdV5Sys\VC5SecS.exe
C:\Programme\HHVcdV7Sys\VC7SecS.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Programme\Lavasoft\Ad-Aware\AAWTray.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Dokumente und Einstellungen\***\Desktop\RSIT.exe
C:\Programme\Trend Micro\HijackThis\***.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Programme\TechSmith\SnagIt 8\SnagItIEAddin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [HDAudDeck] C:\Programme\VIA\VIAudioi\HDADeck\HDeck.exe 1
O4 - HKLM\..\Run: [avgnt] "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Programme\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [Lion] "C:\Programme\Lion\Lion.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [EA Core] "C:\Programme\Electronic Arts\EADM\Core.exe" -silent
O4 - Startup: hamachi.lnk = C:\Programme\Hamachi\hamachi.exe
O4 - Startup: Mousometer.lnk = C:\Dokumente und Einstellungen\***\Eigene Dateien\mousometer.exe
O4 - Startup: Outlook Express.lnk = C:\Programme\Outlook Express\msimn.exe
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{31778FC6-FEB4-4B3B-930F-3CDAA58F47FF}: NameServer = 192.168.0.1
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. - C:\Programme\Bonjour\mDNSResponder.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - D:\Programme\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: Google Update Service (gupdate1c994123999325f) (gupdate1c994123999325f) - Google Inc. - C:\Programme\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Programme\Ahead\InCD\InCDsrv.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Programme\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Programme\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: TuneUp Drive Defrag-Dienst (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Programme\Tunngle\TnglCtrl.exe
O23 - Service: Virtual CD v5 Security service (VC5SecS) - H+H Software GmbH - C:\Programme\HHVcdV5Sys\VC5SecS.exe
O23 - Service: Virtual CD v7 Management Service (VC7SecS) - H+H Software GmbH - C:\Programme\HHVcdV7Sys\VC7SecS.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 7535 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachine.job
C:\WINDOWS\tasks\WGASetup.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Programme\Java\jre6\bin\ssv.dll [2009-01-12 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Programme\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-03-24 668656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Programme\Java\jre6\bin\jp2ssv.dll [2009-01-12 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-01-12 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - SnagIt - C:\Programme\TechSmith\SnagIt 8\SnagItIEAddin.dll [2007-05-16 161352]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-10-07 13574144]
"SunJavaUpdateSched"=C:\Programme\Java\jre6\bin\jusched.exe [2009-01-12 136600]
"HDAudDeck"=C:\Programme\VIA\VIAudioi\HDADeck\HDeck.exe [2008-06-17 29835264]
"avgnt"=C:\Programme\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-10-07 86016]
"Adobe Reader Speed Launcher"=C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
"QuickTime Task"=C:\Programme\QuickTime\qttask.exe [2008-09-06 413696]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Programme\DAEMON Tools Lite\daemon.exe [2008-08-08 490952]
"Lion"=C:\Programme\Lion\Lion.exe [2009-01-03 227378]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"swg"=C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-05-30 68856]
"EA Core"=C:\Programme\Electronic Arts\EADM\Core.exe [2009-04-29 3338240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
C:\Programme\Ahead\InCD\InCD.exe [2004-04-06 1298542]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM]
C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\isuspm.exe [2006-05-16 213936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Programme\iTunes\iTunesHelper.exe [2008-09-10 289576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Programme\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray]
C:\WINDOWS\system32\oodtray.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Programme\QuickTime\QTTask.exe [2008-09-06 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
C:\Programme\CyberLink DVD Solution\PowerDVD\PDVDServ.exe [2003-12-08 32768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
C:\Programme\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe [2008-07-02 397312]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Programme\Java\jre1.6.0_06\bin\jusched.exe [2008-03-25 144784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-05-30 68856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe [2008-06-30 185896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VC5Player]
C:\Programme\HHVcdV5Sys\VC5Play.exe [2003-11-07 176128]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Programme\Winamp\winampa.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Adobe Reader Speed Launch.lnk]
C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE []

C:\Dokumente und Einstellungen\***\Startmenü\Programme\Autostart
hamachi.lnk - C:\Programme\Hamachi\hamachi.exe
Mousometer.lnk - D:\eigene3\mousometer.exe
Outlook Express.lnk - C:\Programme\Outlook Express\msimn.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-06 267304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLUA"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0
"NoDrives"=03000000
"NoSharedDocuments"=01000000
"NoActiveDesktop"=0
"NoUserNameInStartMenu"=1
"StartMenuLogOff"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Programme\VIA\VIAudioi\HDADeck\HDeck.exe"="C:\Programme\VIA\VIAudioi\HDADeck\HDeck.exe:*:Enabled:HDeck"
"C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Temp\RarSFX2\haloce.exe"="C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Temp\RarSFX2\haloce.exe:*:Enabled:Halo"
"C:\Programme\Fritz und Fertig\Internetschach\PlayChess.exe"="C:\Programme\Fritz und Fertig\Internetschach\PlayChess.exe:*:Enabled:PlayChess"
"D:\Programme\Battle for Wesnoth 1.4\wesnothd.exe"="D:\Programme\Battle for Wesnoth 1.4\wesnothd.exe:*:Enabled:wesnothd"
"C:\Programme\Firaxis Games\Civilization IV\Civilization4.exe"="C:\Programme\Firaxis Games\Civilization IV\Civilization4.exe:*:Enabled:Sid Meier's Civilization 4"
"C:\Programme\iTunes\iTunes.exe"="C:\Programme\iTunes\iTunes.exe:*:Enabled:iTunes"
"D:\Programme\Firefly Studios\Stronghold Legends\StrongholdLegends.exe"="D:\Programme\Firefly Studios\Stronghold Legends\StrongholdLegends.exe:*:Enabled:Stronghold Legends"
"C:\Programme\uTorrent\uTorrent.exe"="C:\Programme\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Programme\Zattoo\Zattoo2.exe"="C:\Programme\Zattoo\Zattoo2.exe:*:Enabled: "
"C:\Programme\Zattoo\Zattoo.exe"="C:\Programme\Zattoo\Zattoo.exe:*:Enabled: "
"D:\Programme\EA GAMES\Battlefield 2\BF2.exe"="D:\Programme\EA GAMES\Battlefield 2\BF2.exe:*:Enabled:Battlefield 2"
"C:\Dokumente und Einstellungen\***\Desktop\WoW-deDE-Installer-downloader.exe"="C:\Dokumente und Einstellungen\***\Desktop\WoW-deDE-Installer-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Dokumente und Einstellungen\***\Desktop\WoW-BurningCrusade-deDE-Installer-downloader.exe"="C:\Dokumente und Einstellungen\***\Desktop\WoW-BurningCrusade-deDE-Installer-downloader.exe:*:Enabled:Blizzard Downloader"
"D:\Programme\World of Warcraft\Repair.exe"="D:\Programme\World of Warcraft\Repair.exe:*:Enabled:Blizzard Repair Utility"
"D:\Programme\Electronic Arts\Command & Conquer 3\RetailExe\1.9\cnc3game.dat"="D:\Programme\Electronic Arts\Command & Conquer 3\RetailExe\1.9\cnc3game.dat:*:Enabled:Command & Conquer 3 Tiberium Wars"
"C:\Programme\Mozilla Firefox\firefox.exe"="C:\Programme\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Programme\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Programme\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\Programme\HP\Digital Imaging\bin\hpoews01.exe"="C:\Programme\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Programme\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Programme\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"E:\setup\HPONICIFS01.EXE"="E:\setup\HPONICIFS01.EXE:*:Enabled:hponicifs01.exe"
"C:\Programme\HP\Digital Imaging\bin\hposfx08.exe"="C:\Programme\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Programme\HP\Digital Imaging\bin\hposid01.exe"="C:\Programme\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Programme\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Programme\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\Programme\HP\Digital Imaging\Unload\HpqDIA.exe"="C:\Programme\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\Programme\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Programme\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Programme\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\Programme\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"C:\Programme\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Programme\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\Programme\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Programme\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Programme\HP\Digital Imaging\bin\hpqste08.exe"="C:\Programme\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"E:\setup\HPZNET01.EXE"="E:\setup\HPZNET01.EXE:*:Enabled:hpznet01.exe"
"C:\Programme\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Programme\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Programme\ICQ6\ICQ.exe"="C:\Programme\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"C:\Programme\Internet Explorer\iexplore.exe"="C:\Programme\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"C:\Programme\mIRC\mirc.exe"="C:\Programme\mIRC\mirc.exe:*:Enabled:mIRC"
"C:\Programme\Teamspeak2_RC2\server_windows.exe"="C:\Programme\Teamspeak2_RC2\server_windows.exe:*:Enabled:Server"
"C:\Programme\Zattoo\zattood.exe"="C:\Programme\Zattoo\zattood.exe:*:Enabled:zattood"
"C:\Dokumente und Einstellungen\***\Desktop\soldier.of.fortune.2-WwW.PalDDL.Com\soldier.of.fortune.2-WwW.PalDDL.Com\SoF2MP.exe"="C:\Dokumente und Einstellungen\***\Desktop\soldier.of.fortune.2-WwW.PalDDL.Com\soldier.of.fortune.2-WwW.PalDDL.Com\SoF2MP.exe:*:Enabled:SoF2MP"
"D:\Programme\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe"="D:\Programme\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe:*:Enabled:Rockstar Games Social Club"
"C:\Programme\Electronic Arts\EADM\Core.exe"="C:\Programme\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager"
"D:\Programme\Sony Ericsson\Sony Ericsson Media Manager\MediaManager.exe"="D:\Programme\Sony Ericsson\Sony Ericsson Media Manager\MediaManager.exe:*:Enabled:Sony Ericsson Media Manager 1.2"
"C:\Programme\Skype\Phone\Skype.exe"="C:\Programme\Skype\Phone\Skype.exe:*:Enabled:Skype"
"D:\Programme\World of Warcraft\WoW-3.0.8.9506-to-3.0.9.9551-deDE-downloader.exe"="D:\Programme\World of Warcraft\WoW-3.0.8.9506-to-3.0.9.9551-deDE-downloader.exe:*:Enabled:Blizzard Downloader"
"D:\Programme\World of Warcraft\Launcher.exe"="D:\Programme\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher"
"D:\Programme\World of Warcraft\WoW-3.0.9.9551-to-3.1.0.9767-deDE-downloader.exe"="D:\Programme\World of Warcraft\WoW-3.0.9.9551-to-3.1.0.9767-deDE-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Programme\Bonjour\mDNSResponder.exe"="C:\Programme\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Rune\System\Rune.exe"="C:\Rune\System\Rune.exe:*:Enabled:Rune"
"D:\Programme\Wolfenstein - Enemy Territory\ET.exe"="D:\Programme\Wolfenstein - Enemy Territory\ET.exe:*:Enabled:ET"
"D:\Programme\Rockstar Games\Grand Theft Auto IV\GTAIV.exe"="D:\Programme\Rockstar Games\Grand Theft Auto IV\GTAIV.exe:*isabled:Grand Theft Auto IV"
"D:\Programme\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe"="D:\Programme\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe:*:Enabled:Grand Theft Auto IV"
"C:\Programme\Tunngle\TnglCtrl.exe"="C:\Programme\Tunngle\TnglCtrl.exe:*:Enabled:Tunngle Service"
"C:\Programme\Tunngle\Tunngle.exe"="C:\Programme\Tunngle\Tunngle.exe:*:Enabled:Tunngle Client"
"D:\Programme\EA Sports\Madden NFL 08\Updater.exe"="D:\Programme\EA Sports\Madden NFL 08\Updater.exe:*:Enabled:Updater"
"D:\Programme\EA Sports\FIFA 09\FIFA09.exe"="D:\Programme\EA Sports\FIFA 09\FIFA09.exe:*:Enabled:FIFA09"
"C:\Programme\PPMate\ppmate.exe"="C:\Programme\PPMate\ppmate.exe:*:Enabled:PPMate"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2a549cb6-2e50-11dd-9a45-eae8b4e650b5}]
shell\AutoRun\command - M:\pushinst.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ca87e00b-595b-11dd-9aad-001a4f9c0a10}]
shell\AutoRun\command - I:\WD_Windows_Tools\Setup.exe

Geändert von omapeter (01.06.2009 um 09:36 Uhr)

Alt 01.06.2009, 09:30   #9
omapeter
 
iwseu.exe: unbekannte Datei öffnet Werbung! - Standard

iwseu.exe: unbekannte Datei öffnet Werbung!



Part 2:

======List of files/folders created in the last 1 months======

2009-06-01 09:12:44 ----D---- C:\rsit
2009-05-31 20:53:27 ----A---- C:\cleannavi.txt
2009-05-31 17:29:56 ----A---- C:\fixnavi.txt
2009-05-31 17:29:10 ----D---- C:\Programme\Navilog1
2009-05-23 16:38:04 ----D---- C:\Dokumente und Einstellungen\***\Anwendungsdaten\PPMate
2009-05-23 16:38:03 ----D---- C:\Programme\Gemeinsame Dateien\Synacast
2009-05-23 16:38:01 ----D---- C:\Programme\PPMate
2009-05-23 16:35:02 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TVU Networks
2009-05-23 16:34:42 ----D---- C:\Programme\TVUPlayer
2009-05-18 20:23:29 ----D---- C:\ConverterOutput
2009-05-18 20:22:48 ----A---- C:\WINDOWS\system32\cdga.dll
2009-05-18 20:22:48 ----A---- C:\WINDOWS\system32\cdg.dll
2009-05-07 14:21:53 ----D---- C:\Programme\HooTech
2009-05-05 18:42:53 ----A---- C:\WINDOWS\system32\kbdkor.dll
2009-05-05 18:42:53 ----A---- C:\WINDOWS\system32\kbdjpn.dll
2009-05-05 18:42:53 ----A---- C:\WINDOWS\system32\kbd103.dll
2009-05-05 18:42:53 ----A---- C:\WINDOWS\system32\kbd101c.dll
2009-05-05 18:42:53 ----A---- C:\WINDOWS\system32\kbd101b.dll
2009-05-05 18:42:51 ----A---- C:\WINDOWS\system32\kbd106.dll
2009-05-02 12:50:42 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Tunngle
2009-05-02 12:50:18 ----D---- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Tunngle
2009-05-02 12:50:14 ----D---- C:\Programme\Tunngle

======List of files/folders modified in the last 1 months======

2009-06-01 09:19:12 ----D---- C:\Programme\Mozilla Firefox
2009-06-01 09:18:50 ----D---- C:\WINDOWS\Temp
2009-06-01 09:18:48 ----D---- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Hamachi
2009-06-01 09:18:47 ----D---- C:\WINDOWS\system32\CatRoot2
2009-06-01 09:18:20 ----D---- C:\WINDOWS\Minidump
2009-06-01 09:18:20 ----D---- C:\WINDOWS
2009-06-01 09:12:50 ----D---- C:\WINDOWS\Prefetch
2009-06-01 00:15:25 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-05-31 20:57:32 ----D---- C:\WINDOWS\system32
2009-05-31 17:29:10 ----RD---- C:\Programme
2009-05-31 15:27:14 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Google Updater
2009-05-30 18:02:25 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-05-30 14:54:52 ----HD---- C:\WINDOWS\inf
2009-05-30 14:54:52 ----D---- C:\WINDOWS\system32\drivers
2009-05-30 14:54:49 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-05-30 14:54:30 ----A---- C:\WINDOWS\system32\lsdelete.exe
2009-05-23 16:38:03 ----D---- C:\Programme\Gemeinsame Dateien
2009-05-23 16:05:01 ----D---- C:\Programme\Winamp
2009-05-21 16:05:32 ----A---- C:\WINDOWS\scummvm.ini
2009-05-19 22:03:56 ----A---- C:\Cucu_Video_log.txt
2009-05-17 15:48:10 ----A---- C:\WINDOWS\NeroDigital.ini
2009-05-17 14:02:11 ----HD---- C:\Programme\InstallShield Installation Information
2009-05-16 21:32:56 ----A---- C:\WINDOWS\Robota.INI
2009-05-16 21:32:56 ----A---- C:\WINDOWS\BeatBox.INI
2009-05-16 19:33:43 ----D---- C:\Dokumente und Einstellungen\***\Anwendungsdaten\uTorrent
2009-05-16 19:31:42 ----D---- C:\ppwork
2009-05-14 21:40:01 ----SHD---- C:\WINDOWS\Installer
2009-05-12 20:29:49 ----D---- C:\Dokumente und Einstellungen\***\Anwendungsdaten\dvdcss
2009-05-09 09:58:43 ----RSD---- C:\WINDOWS\assembly
2009-05-09 09:58:26 ----D---- C:\WINDOWS\system32\DirectX
2009-05-09 08:42:01 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-05-07 18:35:51 ----SD---- C:\WINDOWS\Tasks
2009-05-07 09:16:29 ----A---- C:\WINDOWS\system32\MRT.exe
2009-05-05 18:43:16 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-05-05 18:43:00 ----D---- C:\WINDOWS\Help
2009-05-05 18:42:57 ----RSD---- C:\WINDOWS\Fonts
2009-05-03 11:25:00 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2009-05-02 14:18:09 ----A---- C:\WINDOWS\win.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Programme\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-04-27 96104]
R1 InCDPass;InCDPass; C:\WINDOWS\System32\DRIVERS\InCDPass.sys [2004-04-06 25600]
R1 intelppm;Intel-Prozessortreiber; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40448]
R1 ISODisk;ISODisk; C:\WINDOWS\system32\drivers\ISODisk.sys [2006-04-26 9600]
R1 KLIF;KLIF; C:\WINDOWS\system32\DRIVERS\klif.sys [2007-07-19 127768]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-01-26 52224]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-02-13 28376]
R1 WmiAcpi;Microsoft Windows-Verwaltungsschnittstelle für ACPI; C:\WINDOWS\System32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS-Dienstanbieter-Unterstützungsumgebung; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-08-18 12032]
R2 acedrv10;acedrv10; \??\C:\WINDOWS\system32\drivers\acedrv10.sys []
R2 acehlp10;acehlp10; \??\C:\WINDOWS\system32\drivers\acehlp10.sys []
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-04-27 55640]
R3 FWLANUSB;AVM FRITZ!WLAN; C:\WINDOWS\System32\DRIVERS\fwlanusb.sys [2006-07-31 264704]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-04-23 25280]
R3 HDAudBus;Microsoft UAA-Bustreiber für High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Microsoft HID Class-Treiber; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 monfilt;monfilt; C:\WINDOWS\system32\drivers\monfilt.sys [2008-02-14 1389056]
R3 mouhid;Maus-HID-Treiber; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-18 12288]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2008-10-07 6133856]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\System32\DRIVERS\nvnetbus.sys [2007-09-20 22016]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-12-05 10368]
R3 StillCam;Treiber für serielle Digitalkamera; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-08-18 7040]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\WINDOWS\system32\DRIVERS\tap0901t.sys [2008-09-18 25600]
R3 tenCapture;tenCapture; C:\WINDOWS\system32\DRIVERS\tenCapture.sys [2007-04-21 9344]
R3 usbehci;Miniporttreiber für erweiterten Microsoft USB 2.0-Hostcontroller; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;USB2-aktivierter Hub; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbohci;Miniporttreiber für Microsoft USB Open Host-Controller; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-14 17152]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\WINDOWS\system32\drivers\viahduaa.sys [2008-05-21 277376]
R4 InCDfs;InCD File System; C:\WINDOWS\system32\drivers\InCDfs.sys [2004-04-06 89472]
S1 kbdhid;Tastatur-HID-Treiber; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
S1 SysTool;SysTool Overclocking Utility; C:\WINDOWS\system32\DRIVERS\SysTool.sys [2006-11-10 24064]
S3 aqicgnbv;aqicgnbv; C:\WINDOWS\system32\drivers\aqicgnbv.sys []
S3 BthEnum;Bluetooth-Auflistungsdienst; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-14 17024]
S3 BTHMODEM;Serieller Kommunikationstreiber für Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-14 37888]
S3 BthPan;Bluetooth-Gerät (PAN); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-14 101120]
S3 BTHPORT;Bluetooth-Porttreiber; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 273024]
S3 BTHUSB;USB-Treiber für Bluetooth-Funkgerät; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-14 18944]
S3 catchme;catchme; \??\C:\DOKUME~1\***\LOKALE~1\Temp\catchme.sys []
S3 ggflt;SEMC USB Flash Driver Filter; C:\WINDOWS\system32\DRIVERS\ggflt.sys [2009-01-12 10976]
S3 ggsemc;SEMC USB Flash Driver; C:\WINDOWS\system32\DRIVERS\ggsemc.sys [2009-01-12 22368]
S3 HidBth;Microsoft Bluetooth-HID-Miniport; C:\WINDOWS\system32\DRIVERS\hidbth.sys [2008-04-14 25856]
S3 nocashio;nocashio; C:\WINDOWS\system32\drivers\nocashio.sys [2008-10-05 4096]
S3 NPF;WinPcap Packet Driver (NPF); C:\WINDOWS\system32\drivers\NPF.sys []
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\System32\DRIVERS\NVENETFD.sys [2007-09-20 53632]
S3 RFCOMM;Bluetooth-Gerät (RFCOMM-Protokoll-TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-14 59136]
S3 s116bus;Sony Ericsson Device 116 driver (WDM); C:\WINDOWS\system32\DRIVERS\s116bus.sys [2007-04-03 83336]
S3 s116mdfl;Sony Ericsson Device 116 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s116mdfl.sys [2007-04-03 15112]
S3 s116mdm;Sony Ericsson Device 116 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s116mdm.sys [2007-04-03 108680]
S3 s116mgmt;Sony Ericsson Device 116 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s116mgmt.sys [2007-04-03 100488]
S3 s116nd5;Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (NDIS); C:\WINDOWS\system32\DRIVERS\s116nd5.sys [2007-04-03 23176]
S3 s116obex;Sony Ericsson Device 116 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s116obex.sys [2007-04-03 98696]
S3 s116unic;Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (WDM); C:\WINDOWS\system32\DRIVERS\s116unic.sys [2007-04-03 99080]
S3 s217bus;Sony Ericsson Device 217 driver (WDM); C:\WINDOWS\system32\DRIVERS\s217bus.sys [2007-11-02 83496]
S3 s217mdfl;Sony Ericsson Device 217 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s217mdfl.sys [2007-11-02 15016]
S3 s217mdm;Sony Ericsson Device 217 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s217mdm.sys [2007-11-02 109992]
S3 s217mgmt;Sony Ericsson Device 217 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s217mgmt.sys [2007-11-02 103976]
S3 s217nd5;Sony Ericsson Device 217 USB Ethernet Emulation SEMC217 (NDIS); C:\WINDOWS\system32\DRIVERS\s217nd5.sys [2007-11-02 24872]
S3 s217obex;Sony Ericsson Device 217 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s217obex.sys [2007-11-02 100008]
S3 s217unic;Sony Ericsson Device 217 USB Ethernet Emulation SEMC217 (WDM); C:\WINDOWS\system32\DRIVERS\s217unic.sys [2007-11-02 105896]
S3 s816bus;Sony Ericsson Device 816 driver (WDM); C:\WINDOWS\system32\DRIVERS\s816bus.sys [2007-06-19 81832]
S3 s816mdfl;Sony Ericsson Device 816 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s816mdfl.sys [2007-06-19 13864]
S3 s816mdm;Sony Ericsson Device 816 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s816mdm.sys [2007-06-19 107304]
S3 s816mgmt;Sony Ericsson Device 816 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s816mgmt.sys [2007-06-19 99112]
S3 s816nd5;Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (NDIS); C:\WINDOWS\system32\DRIVERS\s816nd5.sys [2007-06-19 21928]
S3 s816obex;Sony Ericsson Device 816 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s816obex.sys [2007-06-19 97320]
S3 s816unic;Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (WDM); C:\WINDOWS\system32\DRIVERS\s816unic.sys [2007-06-19 97704]
S3 SCREAMINGBDRIVER;Screaming Bee Audio; C:\WINDOWS\system32\drivers\ScreamingBAudio.sys []
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys []
S3 usbccgp;Microsoft Standard-USB-Haupttreiber; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Microsoft USB-Druckerklasse; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;USB-Scannertreiber; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;USB-Massenspeichertreiber; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 VBoxNetFlt;VBoxNetFlt Service; C:\WINDOWS\system32\DRIVERS\VBoxNetFlt.sys []
S3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\WINDOWS\system32\DRIVERS\vmnetadapter.sys []
S3 vsdatant;vsdatant; \??\C:\WINDOWS\system32\vsdatant.sys []
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 mchInjDrv;mchInjDrv; C:\WINDOWS\system32\drivers\mchInjDrv.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirSchedulerService;Avira AntiVir Planer; C:\Programme\Avira\AntiVir Desktop\sched.exe [2009-04-27 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Programme\Avira\AntiVir Desktop\avguard.exe [2009-03-02 185089]
R2 Bonjour Service;Bonjour-Dienst; C:\Programme\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 InCDsrv;InCD Helper; C:\Programme\Ahead\InCD\InCDsrv.exe [2004-04-06 929904]
R2 JavaQuickStarterService;Java Quick Starter; C:\Programme\Java\jre6\bin\jqs.exe [2009-01-12 152984]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Programme\Lavasoft\Ad-Aware\AAWService.exe [2009-05-30 1005904]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-10-07 163908]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2006-03-03 69632]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-02-26 66872]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2009-05-03 201440]
R2 TunngleService;TunngleService; C:\Programme\Tunngle\TnglCtrl.exe [2009-04-30 667896]
R2 UxTuneUp;TuneUp Designerweiterung; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 VC5SecS;Virtual CD v5 Security service; C:\Programme\HHVcdV5Sys\VC5SecS.exe [2003-11-07 147456]
R2 VC7SecS;Virtual CD v7 Management Service; C:\Programme\HHVcdV7Sys\VC7SecS.exe [2005-11-24 106496]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 gupdate1c994123999325f;Google Update Service (gupdate1c994123999325f); C:\Programme\Google\Update\GoogleUpdate.exe [2009-02-21 133104]
S2 gusvc;Google Software Updater; C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-24 183280]
S3 aspnet_state;ASP.NET-Zustandsdienst; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance; D:\Programme\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 1527900]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2007-10-09 36864]
S3 IDriverT;InstallDriver Table Manager; C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2007-10-11 864256]
S3 iPod Service;iPod-Dienst; C:\Programme\iPod\bin\iPodService.exe [2008-09-10 536872]
S3 ose;Office Source Engine; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 TuneUp.Defrag;TuneUp Drive Defrag-Dienst; C:\WINDOWS\System32\TuneUpDefragService.exe [2008-07-19 355584]
S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2008-07-09 75304]
S3 WMPNetworkSvc;Windows Media Player-Netzwerkfreigabedienst; C:\Programme\Windows Media Player\WMPNetwk.exe [2006-11-03 920576]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2007-10-11 122880]

-----------------EOF-----------------

Alt 01.06.2009, 09:33   #10
omapeter
 
iwseu.exe: unbekannte Datei öffnet Werbung! - Standard

iwseu.exe: unbekannte Datei öffnet Werbung!



======Uninstall list======

-->C:\Programme\DivX\DivXConverterUninstall.exe /CONVERTER
-->C:\Programme\Gemeinsame Dateien\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->MsiExec /X{DD1865F0-AD73-40FB-B23E-1822E02396FF}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
7 Sins-->C:\Programme\Monte Cristo\7 Sins\uninst.exe
7-Zip 4.57-->"C:\Programme\7-Zip\Uninstall.exe"
Ad-Aware-->"C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}\Ad-AwareAE.exe" REMOVE=TRUE MODIFY=FALSE
Ad-Aware-->C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}\Ad-AwareAE.exe
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8.1.5-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81300000003}
Adobe Shockwave Player 11-->C:\WINDOWS\system32\adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
ArtMoney SE v7.28-->"C:\Programme\ArtMoney\Uninstall\unins000.exe"
Audacity 1.2.6-->"C:\Programme\Audacity\unins000.exe"
Avanquest update-->C:\Programme\InstallShield Installation Information\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}\Setup.exe -runfromtemp -l0x0009 -removeonly
AVI Screen Saver-->RunDll32 syssetup.dll,SetupInfObjectInstallAction Uninstall.NT 4 AVISS.INF
AVI-MPG-WMV Screensaver Trial-->"C:\Programme\AVI-MPG-WMV Screensaver Trial\unins000.exe"
Avira AntiVir Personal - Free Antivirus-->C:\Programme\Avira\AntiVir Desktop\setup.exe /REMOVE
Battlefield 2: Deluxe-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}\setup.exe" -l0x7 -removeonly
BF2142 Editor-->C:\WINDOWS\st6unst.exe -n "C:\Programme\BF2142 Editor\ST6UNST.LOG"
Big Mutha Truckers 2-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{FA075505-EFF6-4006-8E9F-921E09774684}\setup.exe" -l0x7
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
Canon IXY 200a, PowerShot S200, IXUS v2 WIA-Treiber-->C:\PROGRA~1\GEMEIN~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{E6EB54E2-3FEB-4C45-B817-B8BD40E9642C}
CasinoSoft Permanenzdruck-->MsiExec.exe /I{54491063-3093-45DD-9DBB-3AC5075CC18E}
CCleaner (remove only)-->"C:\Programme\CCleaner\uninst.exe"
Civilization IV-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{1487C7D1-AFBC-6EA4-AD70-45AAC049DA74}\setup.exe" -l0x7 -removeonly
Command & Conquer 3-->MsiExec.exe /I{B0C30E93-D3D9-4F04-A2AC-54749B573275}
Creation Master 09 Rel 1.00-->"C:\Programme\Fifa Master\Creation Master 09\unins000.exe"
Cucusoft Ultimate DVD + Video Converter Suite 7.13.7.7-->"d:\Programme\Cucusoft\Ultimate-Converter\unins000.exe"
DeFal's CD Menü Designer 1.6.4.1-->"C:\Programme\DeFal\DeFal's CD Menü Designer 1.6\unins000.exe"
DivX Codec-->C:\Programme\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter-->C:\Programme\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Programme\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Plus DirectShow Filters-->C:\Programme\DivX\DivXDSFiltersUninstall.exe /DSFILTERS
DivX Web Player-->C:\Programme\DivX\DivXWebPlayerUninstall.exe /PLUGIN
DreamStripper Cabaret-->MsiExec.exe /I{57EAD830-1C8D-4206-BC4A-C9C19B7B4E6A}
Drome Racers-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{EC1DCD6C-3AE0-42CE-8EAA-6886CC4400DC}\Setup.exe" -l0x7
DVD Solution-->C:\Programme\Uninstall_CDS.exe
DVR-Studio Pro-->"C:\Programme\DVR-Studio Pro\Uninstall.exe" "C:\Programme\DVR-Studio Pro\install.log"
EA Download Manager-->C:\Programme\Electronic Arts\EADM\Uninstall.exe
Far Manager FTP Password recovery-->"C:\Programme\GeeOS FarFTP\uninstall.exe"
FastStone Image Viewer 3.7-->C:\Programme\FastStone Image Viewer\uninst.exe
ffdshow [rev 1909] [2008-03-20]-->"C:\Programme\K-Lite Codec Pack\ffdshow\unins000.exe"
Fiesta Online(EU_German) 1.02.004-->d:\Programme\Gamigo Games\Fiesta Online(EU_German)\uninst.exe
FIFA 09 Music Changer-->C:\Program Files\FIFA Tools\FIFA 09 Music Changer\uninstall.exe
FIFA 09-->MsiExec.exe /X{2315B23D-3E21-4920-837D-AE6460934ECB}
FIFA Fussball-Weltmeisterschaft 2006 (TM)-->C:\Programme\EA SPORTS\FIFA Fussball-Weltmeisterschaft 2006 (TM)\EAUninstall.exe
Firebird SQL Server - MAGIX Edition-->D:\Programme\MAGIX\Common\Database\instslct.exe /p
FlatOut2-->MsiExec.exe /I{7E641E46-81DB-4D1D-906A-48342523051C}
Forgotten FTP Password 1.0-->C:\Programme\ZZEE\FFP\remove.exe
Free DVD Video Burner version 1.1-->"C:\Programme\DVDVideoSoft\Free DVD Video Burner\unins000.exe"
Free iPod Video Converter 1.34-->"C:\Programme\Free iPod Video Converter\unins000.exe"
Free Video to DVD Converter version 1.1-->"C:\Programme\DVDVideoSoft\Free Video to DVD Converter\unins000.exe"
Free Video to iPod Converter version 3.1-->"C:\Programme\DVDVideoSoft\Free Video to iPod Converter\unins000.exe"
FreeStar Burner-DVD Software 1.0.2-->C:\Programme\freestar\bd\uninst.exe
GameWiz32-->C:\WINDOWS\system32\GKSUI18.EXE C:\Programme\GameWiz32\Uninstall2EC1.DAT
Gigaflat-->"C:\Programme\Gigaflat\unins000.exe"
Google Earth-->MsiExec.exe /X{548EAC70-EE00-11DD-908C-005056806466}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Google Updater-->"C:\Programme\Google\Google Updater\GoogleUpdater.exe" -uninstall
Grand Theft Auto IV-->"C:\Programme\InstallShield Installation Information\{579BA58C-F33D-4970-9953-B94B43768AC3}\setup.exe" -runfromtemp -l0x0007 -removeonly
GTA2-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{2987EE84-C4EE-4FF5-8160-32DE00D6ABC6}\Setup.exe" -l0x9
Gubb-->d:\Programme\Gubble 2\uninstal.exe 0
Hamachi 1.0.3.0-->C:\Programme\Hamachi\uninstall.exe
HammerHead Rhythm Station-->C:\Programme\HammerHead\Uninstall.exe
Hex-Editor MX-->"C:\Programme\Hex-Editor MX\unins000.exe"
High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HijackThis 2.0.2-->"C:\Programme\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hitman 2: Silent Assassin-->C:\PROGRA~1\EIDOSI~1\HITMAN~1\uninstall.exe
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix für Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Hotfix für Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Hotfix für Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
HP Customer Participation Program 7.0-->C:\Programme\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Document Viewer 7.0-->C:\Programme\HP\Digital Imaging\DocumentViewer\hpzscr01.exe -datfile hpqbud04.dat
HP Imaging Device Functions 7.0-->C:\Programme\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart Premier Software 6.5-->C:\Programme\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP Photosmart, Officejet and Deskjet 7.0.A-->C:\Programme\HP\Digital Imaging\{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}\setup\hpzscr01.exe -datfile hposcr11.dat
HP Software Update-->MsiExec.exe /X{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E}
HP Solution Center 7.0-->C:\Programme\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
ICQ6-->"C:\Programme\InstallShield Installation Information\{60DE4033-9503-48D1-A483-7846BD217CA9}\setup.exe" -runfromtemp -l0x0009 -removeonly
Inno Setup Version 5.2.3-->"C:\Programme\Inno Setup 5\unins000.exe"
InterActual Player-->C:\Program Files\InterActual\InterActual Player\inuninst.exe
ISODisk 1.1-->"C:\Programme\ISODisk\unins000.exe"
iTunes-->MsiExec.exe /I{41B9E2CF-0B3F-442A-B5B3-592A4A355634}
Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Java(TM) 6 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160060}
Jazz Jackrabbit 2-->C:\Games\Jazz2\UnInst.exe C:\Games\Jazz2\UnInst.j2
Journeyman Project 3 - Legacy of Time-->C:\WINDOWS\unin0407.exe -f"d:\Programme\Red Orb Entertainment\Journeyman Project 3 - Legacy of Time\DeIsL1.isu"
KishKish SAM-->C:\Programme\SAM\uninst.exe
K-Lite Codec Pack 3.9.0 Full-->"C:\Programme\K-Lite Codec Pack\unins000.exe"
L&H TTS3000 Deutsch-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\LHTTSGED.inf, Uninstall
LEGO Star Wars II-->C:\Programme\InstallShield Installation Information\{578FA426-47C0-4A3F-98A4-01ACD26B7556}\setup.exe -runfromtemp -l0x0407
Lernout & Hauspie TruVoice American English TTS Engine-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\tv_enua.inf, Uninstall
Lion 3.0.1-->"C:\Programme\Lion\unins000.exe"
Madden NFL 08 -->d:\Programme\EA Sports\Madden NFL 08\EAUninstall.exe
MAGIX 3D Maker Download-Version 6.0.0.2 (D)-->C:\Programme\MAGIX\3D_Maker_Download-Version\unwise.exe
MAGIX Music Maker 2008 13.0.0.16 (D)-->D:\Programme\MAGIX\MusicMaker2008\instslct.exe
MAGIX PC Visit-->D:\Programme\MAGIX\PCVisit\instslct.exe
Max Payne-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{39930321-4C58-4B8B-BCBF-342698C9801D}\setup.exe" uninstall uninstall
MediaFocus II-->C:\WINDOWS\unin0407.exe -f"C:\Programme\TechniSat\MediaFocus II\DeIsL1.isu" -c"C:\Programme\TechniSat\MediaFocus II\_ISREG32.DLL"
Mediaport-->C:\PROGRA~1\TECHNI~1\MEDIAP~1\UNWISE.EXE C:\PROGRA~1\TECHNI~1\MEDIAP~1\INSTALL.LOG
MediaSaver-->C:\WINDOWS\uninst.exe -f"C:\Program Files\GTI Software\MediaSaver\DeIsL1.isu"
Microsoft .NET Framework 1.1 German Language Pack-->MsiExec.exe /X{E78BFA60-5393-4C38-82AB-E8019E464EB4}
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - DEU-->MsiExec.exe /I{9309DD7E-EBFE-3C95-8B47-30D3A012F606}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - DEU-->MsiExec.exe /I{A1071AEB-B0EF-3F5F-BC84-83A270EBE496}
Microsoft .NET Framework 3.0 Service Pack 1-->MsiExec.exe /I{2BA00471-0328-3743-93BD-FA813353A783}
Microsoft .NET Framework 3.5 Language Pack - DEU-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - deu\setup.exe
Microsoft .NET Framework 3.5 Language Pack - deu-->MsiExec.exe /I{1545207E-C6F3-31D7-9918-BDBB65075FBF}
Microsoft .NET Framework 3.5-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setup.exe
Microsoft .NET Framework 3.5-->MsiExec.exe /I{2FC099BD-AC9B-33EB-809C-D332E1B27C40}
Microsoft Application Compatibility Toolkit 5.0-->MsiExec.exe /X{BBB3F622-D848-4CDA-B282-CC53627432F0}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Games for Windows - LIVE -->MsiExec.exe /X{4AA3D64E-9EC3-4B0F-AB91-5885AC55641F}
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{FD052FB9-FE90-4438-B355-15EDC89D8FB1}
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7-->"C:\WINDOWS\$NtUninstallWdf01007$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110407-6000-11D3-8CFE-0150048383C9}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Express Edition - DEU-->C:\Programme\Microsoft Visual Studio 8\Microsoft Visual C++ 2005 Express Edition - DEU\setup.exe
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Windows Media Video 9 VCM-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmv9vcm.inf, Uninstall
Midi Maker-->C:\WINDOWS\iun506.exe C:\Programme\Midi Maker\irunin.ini
Mozilla Firefox (3.0.10)-->C:\Programme\Mozilla Firefox\uninstall\helper.exe
Mp3tag v2.43-->C:\Programme\Mp3tag\Mp3tagUninstall.EXE
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 6 Service Pack 2 (KB954459)-->MsiExec.exe /I{1A528690-6A2D-4BC5-B143-8C4AE8D19D96}
Multimedia Launcher-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\setup.exe" -uninstall
MyReader-->MsiExec.exe /X{861C203D-5163-4BE3-BB5A-2561C61888DB}
MySQL Connector/ODBC 3.51-->MsiExec.exe /I{0CB3C535-1171-4A20-B549-E2CB5DEB9723}
Name Maker Studio G2 v6.3-->C:\WINDOWS\st6unst.exe -n "C:\Programme\Name Maker Studio G2\ST6UNST.LOG"
Navilog1 3.7.7-->"C:\Programme\Navilog1\unins000.exe"
Nero 6 Ultra Edition-->C:\Programme\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
Novo's Easy WoW Server 0.2.6-->C:\Programme\Novo's Easy WoW Server\0.2.6\Uninstall.exe
NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
NVIDIA PhysX-->MsiExec.exe /X{DD1865F0-AD73-40FB-B23E-1822E02396FF}
OCR Software by I.R.I.S 7.0-->C:\Programme\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat
Oxin's Style! 3D Sexvilla 2.055.001-->"C:\Program Files\Oxin's Style!\3D Sexvilla 2\Binaries\unins000.exe"
Photo Transport-->MsiExec.exe /X{63CFD835-FF50-4F8B-91CD-5662A8C640F8}
PKR-->"d:\Programme\PKR\uninstall-pkr.exe"
Populous 3-->"C:\Programme\InstallShield Installation Information\{96A48468-E42F-489E-9A18-B4EC48780523}\setup.exe" -runfromtemp -l0x0009 -removeonly
PowerDVD-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
PowerProducer-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\setup.exe" -uninstall
PPMate Network TV 2.3.2.0-->C:\Programme\PPMate\uninst.exe
Project64 1.6-->MsiExec.exe /X{9559F7CA-5E34-4237-A2D9-D856464AD727}
ProtectDisc Helper Driver 10-->C:\Programme\ProtectDisc Driver Installer\uninstall_v10.exe
QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB}
RAD Video Tools-->"C:\Programme\RADVideo\uninstall.exe"
RanGen 1.0.2.x-->C:\Programme\RanGen\unins000.exe
RAR Password Recovery v1.1 RC16 (remove only)-->C:\Programme\Intelore\RAR-PR\uninstall.exe
Rayman 3-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{15F52B39-04CB-4EDB-9A8C-496C4A5588E2}\setup.exe" -l0x7
RealPlayer-->C:\Programme\Gemeinsame Dateien\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x7 -removeonly
Rockstar Games Social Club-->"C:\Programme\InstallShield Installation Information\{08B3869E-D282-424C-9AFC-870E04A4BA14}\setup.exe" -runfromtemp -l0x0007 -removeonly
RollerCoaster Tycoon 3-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{907B4640-266B-4A21-92FB-CD1A86CD0F63}\Setup.exe" -l0x7
Rune Halls of Valhalla 1.08-->"C:\Rune\unins000.exe"
Rune-->C:\Rune\System\Setup.exe uninstall "Rune - Halls of Valhalla"
Sataan - Das Spiel-->"C:\Programme\rondomedia\Sataan - Das Spiel\unins001.exe"
ScummVM 0.8.0-->"C:\Programme\ScummVM\unins000.exe"
Setupbuilder Std-->C:\Programme\Setupbuilder Std\uninstall.exe "C:\Programme\Setupbuilder Std\uninstall.sbu"
Shockwave-->C:\WINDOWS\system32\Macromed\SHOCKW~2\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~2\Install.log
Sicherheitsupdate für Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Media Player 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Media Player 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Sicherheitsupdate für Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"

Alt 01.06.2009, 09:34   #11
omapeter
 
iwseu.exe: unbekannte Datei öffnet Werbung! - Standard

iwseu.exe: unbekannte Datei öffnet Werbung!



Part 2:

Singles Patch 1.4-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{5628829F-3318-4DDA-988D-D301832F1611}\Setup.exe" -l0x7
Skype™ 4.0-->MsiExec.exe /X{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}
Smart Install Maker 5.02-->C:\Programme\Smart Install Maker\Uninstall.exe
Smart Virtual CD v5-->"C:\WINDOWS\system32\VCDSCDUI.EXE" 1
SnagIt 8-->MsiExec.exe /I{DA0BF7AB-88EB-4675-8FA1-531EAD938821}
Sony Ericsson Media Manager 1.2-->MsiExec.exe /X{98EA51C9-B0B0-45BC-8641-3E119EA47D7B}
Sony Ericsson PC Suite 4.010.00-->C:\Programme\InstallShield Installation Information\{2FFE93F0-BB72-4E52-8761-354D1AAA9387}\Setup.exe -runfromtemp -l0x0007 -removeonly
Sound Master 09 Beta 1-->"C:\Programme\Fifa Master\Sound Master 09\unins000.exe"
Spybot - Search & Destroy-->"C:\Programme\Spybot - Search & Destroy\unins000.exe"
Star Wars Battlefront II-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{3D374523-CFDE-461A-827E-2A102E2AB365}\Setup.exe" -l0x7 -removeonly
Star Wars(TM): Knights of the Old Republic (TM)-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{2A9A40C7-6670-4D5F-8F41-D12E2E08B48B}\setup.exe" -l0x7
Stronghold Legends-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{66A405D2-BA14-4594-BF36-B3B544F0754E}\setup.exe" -l0x7 -removeonly
SUPER © Version 2008.bld.30 (Mar 22, 2008)-->C:\PROGRA~1\ERIGHT~1\SUPER\Setup.exe /remove /q0
Sveglia 2.1-->C:\Programme\Sveglia\uninst.exe
System Requirements Lab-->C:\Programme\SystemRequirementsLab\Uninstall.exe
TeamSpeak 2 RC2-->C:\Programme\Teamspeak2_RC2\unins001.exe
TeamSpeak 2 Server RC2-->"C:\Programme\Teamspeak2_RC2\unins000.exe"
Text-To-Speech-Runtime-->MsiExec.exe /X{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}
The Movies(TM) Stunts & Spezialeffekte-->C:\PROGRA~1\GEMEIN~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{0556F885-2415-4666-B53E-33727E46AEA1}
The Sims Deluxe Edition-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{10798AE3-DCBB-43C3-9C93-C23512427E25}\setup.exe" -l0009
Thrustmaster Calibration Tool-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{44B660BB-EAC5-4D4F-9890-C607DD5F7630}\setup.exe" -l0x7 -removeonly
Thrustmaster Force Feedback Driver-->C:\Programme\InstallShield Installation Information\{8F5A0981-5CDC-41D0-BCA2-AD3B777FC358}\setup.exe -runfromtemp -l0x0007 -removeonly
Tony Hawk's Underground 2-->C:\PROGRA~1\GEMEIN~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{EF1394D4-9FB6-4F1F-9A09-20FF3033AE14} /l1031
TuneUp Utilities 2008-->MsiExec.exe /I{5888428E-699C-4E71-BF71-94EE06B497DA}
Tunngle beta-->"C:\Programme\Tunngle\unins000.exe"
TVUPlayer 2.4.5.3-->C:\Programme\TVUPlayer\uninst.exe
Tweak UI-->"C:\WINDOWS\system32\mshta.exe" "res://C:\WINDOWS\system32\TweakUI.exe/uninstall.hta"
UltraMixer 2.3.5.1-->"C:\Programme\UltraMixer\unins000.exe"
Uninstall 1.0.0.1-->"C:\Programme\Gemeinsame Dateien\DVDVideoSoft\unins000.exe"
Update für Windows XP (KB942763)-->"C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe"
Update für Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Update für Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Update für Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Update für Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Update Service-->d:\Programme\Sony Ericsson\Update Service\uninst.exe
VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
VIA Plattform-Geräte-Manager-->C:\PROGRA~1\GEMEIN~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169}
Virtual CD v7-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{D026E10A-798A-4E54-8471-1016B968AEBB}\setup.exe" -l0x7 -removeonly
VLC media player 0.9.6-->C:\Programme\VideoLAN\VLC\uninstall.exe
Wichtiges Update für Windows Media Player 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
Winamp-->"C:\Programme\Winamp\UninstWA.exe"
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Media Format 11 runtime-->"C:\Programme\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Programme\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinRAR-->C:\Programme\WinRAR\uninstall.exe
WinUHA 2.0 RC1 (2005.02.27)-->C:\Programme\WinUHA\unins000.exe
Wolfenstein - Enemy Territory-->D:\PROGRA~1\WOLFEN~1\Uninstall\Unwise.exe /u D:\PROGRA~1\WOLFEN~1\Uninstall\Install.log
World of Warcraft-->C:\Programme\Gemeinsame Dateien\Blizzard Entertainment\WORLD OF WARCRAFT (3)\Uninstall.exe
WWE RAW - Total Edition-->MsiExec.exe /I{BECD7781-1BA0-461B-8389-237B3142868B}
WWE RAW-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{689838DE-8467-45AE-A7FF-087B7C0E48C6}\Setup.exe" -l0x9
XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"
YouTube Uploader for CASIO-->MsiExec.exe /X{E90040E4-98E2-40C8-AAC9-1E7B768F1A65}
Zattoo 3.3.4 Beta-->C:\Programme\Zattoo\uninst.exe
ZoneAlarm-->C:\Programme\Zone Labs\ZoneAlarm\zauninst.exe

=====HijackThis Backups=====

O4 - Global Startup: Reboot.exe [2008-05-30]
O4 - HKLM\..\RunOnce: [Execute] C:\WINDOWS\System32\Tools\DelFolders.exe [2008-05-30]
O16 - DPF: {2E4A92AB-F2C0-456A-9935-B715439790D7} (Setup Class) - https://www.permissionresearch.com/C...pr/prsetup.cab [2008-07-28]
O4 - HKCU\..\Run: [Biassign] C:\DOKUME~1\***\ANWEND~1\THUNKP~1\SafeDrive.exe [2008-07-29]
O4 - HKLM\..\Run: [NetPumper] "C:\Programme\NetPumper\\NetPumperIEProxy.exe" [2008-07-29]

======Hosts File======

192.168.0.101 cilantro.gotdns.com

======Security center information======

AV: AntiVir Desktop
FW: ZoneAlarm Firewall (disabled)

======System event log======

Computer Name: ***-2
Event Code: 4201
Message: Netzwerkadapter "AVM FRITZ!WLAN USB Stick v1.1 - Paketplaner-Miniport" wurde mit dem Netzwerk verbunden, und das
System wurde über das Netzwerk im normalen Zustand gestartet.

Record Number: 59788
Source Name: Tcpip
Time Written: 20090426142823.000000+120
Event Type: Informationen
User:

Computer Name: ***-2
Event Code: 17
Message: AVGNTFLT successfully loaded

Record Number: 59787
Source Name: avgntflt
Time Written: 20090426142823.000000+120
Event Type: Informationen
User:

Computer Name: ***-2
Event Code: 10
Message: Die digitale Audiowiedergabe wird von diesem Laufwerk nicht unterstützt.

Record Number: 59786
Source Name: redbook
Time Written: 20090426142823.000000+120
Event Type: Informationen
User:

Computer Name: ***-2
Event Code: 10
Message: Die digitale Audiowiedergabe wird von diesem Laufwerk nicht unterstützt.

Record Number: 59785
Source Name: redbook
Time Written: 20090426142823.000000+120
Event Type: Informationen
User:

Computer Name: ***-2
Event Code: 10
Message: Die digitale Audiowiedergabe wird von diesem Laufwerk nicht unterstützt.

Record Number: 59784
Source Name: redbook
Time Written: 20090426142823.000000+120
Event Type: Informationen
User:

=====Application event log=====

Computer Name: ***-2
Event Code: 0
Message:
Record Number: 1829
Source Name: gusvc
Time Written: 20090210142243.000000+060
Event Type: Informationen
User:

Computer Name: ***-2
Event Code: 1
Message:
Record Number: 1828
Source Name: Bonjour Service
Time Written: 20090210142243.000000+060
Event Type: Informationen
User:

Computer Name: ***-2
Event Code: 1800
Message: Der Windows-Sicherheitscenterdienst wurde gestartet.

Record Number: 1827
Source Name: SecurityCenter
Time Written: 20090210141905.000000+060
Event Type: Informationen
User:

Computer Name: ***-2
Event Code: 4096
Message: Der AntiVir Dienst wurde erfolgreich gestartet!

Record Number: 1826
Source Name: Avira AntiVir
Time Written: 20090210141902.000000+060
Event Type: Informationen
User: NT-AUTORITÄT\SYSTEM

Computer Name: ***-2
Event Code: 0
Message:
Record Number: 1825
Source Name: gusvc
Time Written: 20090210141856.000000+060
Event Type: Informationen
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Programme\QuickTime\QTSystem\;C:\Programme\Gemeinsame Dateien\DivX Shared\
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 11, GenuineIntel
"PROCESSOR_REVISION"=0f0b
"NUMBER_OF_PROCESSORS"=4
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK"=NO
"VS80COMNTOOLS"=C:\Programme\Microsoft Visual Studio 8\Common7\Tools\
"CLASSPATH"=.;C:\Programme\Java\jre1.6.0_06\lib\ext\QTJava.zip
"QTJAVA"=C:\Programme\Java\jre1.6.0_06\lib\ext\QTJava.zip
"tvdumpflags"=8
"RGSCLauncher"=d:\Programme\Rockstar Games\Rockstar Games Social Club
"RGSC"=d:\Programme\Rockstar Games\Rockstar Games Social Club\1_0_0_0

-----------------EOF-----------------

Geändert von omapeter (01.06.2009 um 09:35 Uhr) Grund: Zensierung vergessen!

Alt 01.06.2009, 09:46   #12
omapeter
 
iwseu.exe: unbekannte Datei öffnet Werbung! - Standard

iwseu.exe: unbekannte Datei öffnet Werbung!



Kann zu RootRepeal nichts sagen! Stürzt immer beim suchlauf ab!

Alt 01.06.2009, 09:50   #13
Angel21
 
iwseu.exe: unbekannte Datei öffnet Werbung! - Standard

iwseu.exe: unbekannte Datei öffnet Werbung!



GMER - Rootkit Detection
  • Lade GMER von hier
  • entpacke es auf den Dektop
  • Doppelklicke die gmer.exe
  • Der Reiter Rootkit oben ist schon angewählt
  • Drücke Scan, Der Vorgang kann je nach System 3 - 10min dauern
  • nach Beendigung des Scan, drücke "Copy"
  • nun kannst Du das Ergebnis hier posten
  • Sollte GMER sagen "Gmer hasen´t found any System Modifikation", so hat GMER keine Einträge gefunden.

Versuche es mal hiermit.

Was zeigt Windows an wenn RootRepeal abstürzt?
Fehlermeldung?
__________________
Avira Upgrade 10 ist auf dem Markt!
Agressive Einstellung von Avira

What goes around comes around!

Alt 01.06.2009, 09:56   #14
omapeter
 
iwseu.exe: unbekannte Datei öffnet Werbung! - Standard

iwseu.exe: unbekannte Datei öffnet Werbung!



Zitat:
Zitat von Angel21 Beitrag anzeigen
Was zeigt Windows an wenn RootRepeal abstürzt?
Fehlermeldung?
Windows-Fehlermeldung!
Ich probiers nochmal!

Alt 01.06.2009, 10:01   #15
omapeter
 
iwseu.exe: unbekannte Datei öffnet Werbung! - Standard

iwseu.exe: unbekannte Datei öffnet Werbung!



Komisch plötzleich geht's

ROOTREPEAL (c) AD, 2007-2008
==================================================
Scan Time: 2009/06/01 09:54
Program Version: Version 1.2.3.0
Windows Version: Windows XP SP3
==================================================

Drivers
-------------------
Name: dump_atapi.sys
Image Path: C:\WINDOWS\System32\Drivers\dump_atapi.sys
Address: 0xB607C000 Size: 98304 File Visible: No
Status: -

Name: dump_WMILIB.SYS
Image Path: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS
Address: 0xBA090000 Size: 8192 File Visible: No
Status: -

Name: PCI_PNP2030
Image Path: \Driver\PCI_PNP2030
Address: 0x00000000 Size: 0 File Visible: No
Status: -

Name: rootrepeal.sys
Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys
Address: 0xB4EE8000 Size: 45056 File Visible: No
Status: -

Name: spfg.sys
Image Path: spfg.sys
Address: 0xF74D6000 Size: 1048576 File Visible: No
Status: -

Name: sptd
Image Path: \Driver\sptd
Address: 0x00000000 Size: 0 File Visible: No
Status: -

Name: srescan.sys
Image Path: srescan.sys
Address: 0xBA708000 Size: 81920 File Visible: No
Status: -

Hidden/Locked Files
-------------------
Path: C:\Dokumente und Einstellungen\***\ntuser.dat.LOG
Status: Size mismatch (API: 1024, Raw: 167936)

Path: C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Temp\etilqs_KEvt1rIg3Ed4c8lz7tXx
Status: Allocation size mismatch (API: 32768, Raw: 0)

SSDT
-------------------
#: 041 Function Name: NtCreateKey
Status: Hooked by "<unknown>" at address 0xb905287e

#: 053 Function Name: NtCreateThread
Status: Hooked by "<unknown>" at address 0xb9052874

#: 063 Function Name: NtDeleteKey
Status: Hooked by "<unknown>" at address 0xb9052883

#: 065 Function Name: NtDeleteValueKey
Status: Hooked by "<unknown>" at address 0xb905288d

#: 071 Function Name: NtEnumerateKey
Status: Hooked by "spfg.sys" at address 0xf74f5ca2

#: 073 Function Name: NtEnumerateValueKey
Status: Hooked by "spfg.sys" at address 0xf74f6030

#: 098 Function Name: NtLoadKey
Status: Hooked by "<unknown>" at address 0xb9052892

#: 119 Function Name: NtOpenKey
Status: Hooked by "spfg.sys" at address 0xf74d70c0

#: 122 Function Name: NtOpenProcess
Status: Hooked by "<unknown>" at address 0xb9052860

#: 128 Function Name: NtOpenThread
Status: Hooked by "<unknown>" at address 0xb9052865

#: 160 Function Name: NtQueryKey
Status: Hooked by "spfg.sys" at address 0xf74f6108

#: 177 Function Name: NtQueryValueKey
Status: Hooked by "spfg.sys" at address 0xf74f5f88

#: 193 Function Name: NtReplaceKey
Status: Hooked by "<unknown>" at address 0xb905289c

#: 204 Function Name: NtRestoreKey
Status: Hooked by "<unknown>" at address 0xb9052897

#: 247 Function Name: NtSetValueKey
Status: Hooked by "<unknown>" at address 0xb9052888

#: 257 Function Name: NtTerminateProcess
Status: Hooked by "<unknown>" at address 0xb905286f

Stealth Objects
-------------------
Object: Hidden Code [Driver: Ntfs, IRP_MJ_CREATE]
Process: System Address: 0x8af421f8 Size: -

Object: Hidden Code [Driver: Ntfs, IRP_MJ_CLOSE]
Process: System Address: 0x8af421f8 Size: -

Object: Hidden Code [Driver: Ntfs, IRP_MJ_READ]
Process: System Address: 0x8af421f8 Size: -

Object: Hidden Code [Driver: Ntfs, IRP_MJ_WRITE]
Process: System Address: 0x8af421f8 Size: -

Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_INFORMATION]
Process: System Address: 0x8af421f8 Size: -

Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_INFORMATION]
Process: System Address: 0x8af421f8 Size: -

Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_EA]
Process: System Address: 0x8af421f8 Size: -

Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_EA]
Process: System Address: 0x8af421f8 Size: -

Object: Hidden Code [Driver: Ntfs, IRP_MJ_FLUSH_BUFFERS]
Process: System Address: 0x8af421f8 Size: -

Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_VOLUME_INFORMATION]
Process: System Address: 0x8af421f8 Size: -

Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_VOLUME_INFORMATION]
Process: System Address: 0x8af421f8 Size: -

Object: Hidden Code [Driver: Ntfs, IRP_MJ_DIRECTORY_CONTROL]
Process: System Address: 0x8af421f8 Size: -

Object: Hidden Code [Driver: Ntfs, IRP_MJ_FILE_SYSTEM_CONTROL]
Process: System Address: 0x8af421f8 Size: -

Object: Hidden Code [Driver: Ntfs, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x8af421f8 Size: -

Object: Hidden Code [Driver: Ntfs, IRP_MJ_SHUTDOWN]
Process: System Address: 0x8af421f8 Size: -

Object: Hidden Code [Driver: Ntfs, IRP_MJ_LOCK_CONTROL]
Process: System Address: 0x8af421f8 Size: -

Object: Hidden Code [Driver: Ntfs, IRP_MJ_CLEANUP]
Process: System Address: 0x8af421f8 Size: -

Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_SECURITY]
Process: System Address: 0x8af421f8 Size: -

Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_SECURITY]
Process: System Address: 0x8af421f8 Size: -

Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_QUOTA]
Process: System Address: 0x8af421f8 Size: -

Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_QUOTA]
Process: System Address: 0x8af421f8 Size: -

Object: Hidden Code [Driver: Ntfs, IRP_MJ_PNP]
Process: System Address: 0x8af421f8 Size: -

Object: Hidden Code [Driver: Cdrom, IRP_MJ_CREATE]
Process: System Address: 0x8ace81f8 Size: -

Object: Hidden Code [Driver: Cdrom, IRP_MJ_CLOSE]
Process: System Address: 0x8ace81f8 Size: -

Object: Hidden Code [Driver: Cdrom, IRP_MJ_READ]
Process: System Address: 0x8ace81f8 Size: -

Object: Hidden Code [Driver: Cdrom, IRP_MJ_WRITE]
Process: System Address: 0x8ace81f8 Size: -

Object: Hidden Code [Driver: Cdrom, IRP_MJ_FLUSH_BUFFERS]
Process: System Address: 0x8ace81f8 Size: -

Object: Hidden Code [Driver: Cdrom, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x8ace81f8 Size: -

Object: Hidden Code [Driver: Cdrom, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x8ace81f8 Size: -

Object: Hidden Code [Driver: Cdrom, IRP_MJ_SHUTDOWN]
Process: System Address: 0x8ace81f8 Size: -

Object: Hidden Code [Driver: Cdrom, IRP_MJ_POWER]
Process: System Address: 0x8ace81f8 Size: -

Object: Hidden Code [Driver: Cdrom, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x8ace81f8 Size: -

Object: Hidden Code [Driver: Cdrom, IRP_MJ_PNP]
Process: System Address: 0x8ace81f8 Size: -

Object: Hidden Code [Driver: {460, IRP_MJ_CREATE]
Process: System Address: 0x8ac3b1f8 Size: -

Object: Hidden Code [Driver: {460, IRP_MJ_CLOSE]
Process: System Address: 0x8ac3b1f8 Size: -

Object: Hidden Code [Driver: {460, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x8ac3b1f8 Size: -

Object: Hidden Code [Driver: {460, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x8ac3b1f8 Size: -

Object: Hidden Code [Driver: {460, IRP_MJ_POWER]
Process: System Address: 0x8ac3b1f8 Size: -

Object: Hidden Code [Driver: {460, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x8ac3b1f8 Size: -

Object: Hidden Code [Driver: {460, IRP_MJ_PNP]
Process: System Address: 0x8ac3b1f8 Size: -

Object: Hidden Code [Driver: dmio, IRP_MJ_CREATE]
Process: System Address: 0x8aecd1f8 Size: -

Object: Hidden Code [Driver: dmio, IRP_MJ_CLOSE]
Process: System Address: 0x8aecd1f8 Size: -

Object: Hidden Code [Driver: dmio, IRP_MJ_READ]
Process: System Address: 0x8aecd1f8 Size: -

Object: Hidden Code [Driver: dmio, IRP_MJ_WRITE]
Process: System Address: 0x8aecd1f8 Size: -

Object: Hidden Code [Driver: dmio, IRP_MJ_FLUSH_BUFFERS]
Process: System Address: 0x8aecd1f8 Size: -

Object: Hidden Code [Driver: dmio, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x8aecd1f8 Size: -

Object: Hidden Code [Driver: dmio, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x8aecd1f8 Size: -

Object: Hidden Code [Driver: dmio, IRP_MJ_SHUTDOWN]
Process: System Address: 0x8aecd1f8 Size: -

Object: Hidden Code [Driver: dmio, IRP_MJ_POWER]
Process: System Address: 0x8aecd1f8 Size: -

Object: Hidden Code [Driver: dmio, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x8aecd1f8 Size: -

Object: Hidden Code [Driver: dmio, IRP_MJ_PNP]
Process: System Address: 0x8aecd1f8 Size: -

Object: Hidden Code [Driver: usbohci, IRP_MJ_CREATE]
Process: System Address: 0x8ad001f8 Size: -

Object: Hidden Code [Driver: usbohci, IRP_MJ_CLOSE]
Process: System Address: 0x8ad001f8 Size: -

Object: Hidden Code [Driver: usbohci, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x8ad001f8 Size: -

Object: Hidden Code [Driver: usbohci, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x8ad001f8 Size: -

Object: Hidden Code [Driver: usbohci, IRP_MJ_POWER]
Process: System Address: 0x8ad001f8 Size: -

Object: Hidden Code [Driver: usbohci, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x8ad001f8 Size: -

Object: Hidden Code [Driver: usbohci, IRP_MJ_PNP]
Process: System Address: 0x8ad001f8 Size: -

Object: Hidden Code [Driver: vdrv7000ȅ捃䙐ȁఇ浍浓觡Ā, IRP_MJ_CREATE]
Process: System Address: 0x8ab231f8 Size: -

Object: Hidden Code [Driver: vdrv7000ȅ捃䙐ȁఇ浍浓觡Ā, IRP_MJ_CLOSE]
Process: System Address: 0x8ab231f8 Size: -

Object: Hidden Code [Driver: vdrv7000ȅ捃䙐ȁఇ浍浓觡Ā, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x8ab231f8 Size: -

Object: Hidden Code [Driver: vdrv7000ȅ捃䙐ȁఇ浍浓觡Ā, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x8ab231f8 Size: -

Object: Hidden Code [Driver: vdrv7000ȅ捃䙐ȁఇ浍浓觡Ā, IRP_MJ_POWER]
Process: System Address: 0x8ab231f8 Size: -

Object: Hidden Code [Driver: vdrv7000ȅ捃䙐ȁఇ浍浓觡Ā, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x8ab231f8 Size: -

Object: Hidden Code [Driver: vdrv7000ȅ捃䙐ȁఇ浍浓觡Ā, IRP_MJ_PNP]
Process: System Address: 0x8ab231f8 Size: -

Object: Hidden Code [Driver: prodrv06ࠅఇ䵃慖, IRP_MJ_CREATE]
Process: System Address: 0xe1f46008 Size: -

Object: Hidden Code [Driver: prodrv06ࠅఇ䵃慖, IRP_MJ_CLOSE]
Process: System Address: 0xe1f46008 Size: -

Object: Hidden Code [Driver: prodrv06ࠅఇ䵃慖, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0xe1f46008 Size: -

Object: Hidden Code [Driver: vbev5mp, IRP_MJ_CREATE]
Process: System Address: 0x8ab221f8 Size: -

Object: Hidden Code [Driver: vbev5mp, IRP_MJ_CLOSE]
Process: System Address: 0x8ab221f8 Size: -

Object: Hidden Code [Driver: vbev5mp, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x8ab221f8 Size: -

Object: Hidden Code [Driver: vbev5mp, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x8ab221f8 Size: -

Object: Hidden Code [Driver: vbev5mp, IRP_MJ_POWER]
Process: System Address: 0x8ab221f8 Size: -

Object: Hidden Code [Driver: vbev5mp, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x8ab221f8 Size: -

Object: Hidden Code [Driver: vbev5mp, IRP_MJ_PNP]
Process: System Address: 0x8ab221f8 Size: -

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_CREATE]
Process: System Address: 0x8af441f8 Size: -

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_READ]
Process: System Address: 0x8af441f8 Size: -

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_WRITE]
Process: System Address: 0x8af441f8 Size: -

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_FLUSH_BUFFERS]
Process: System Address: 0x8af441f8 Size: -

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x8af441f8 Size: -

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x8af441f8 Size: -

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_SHUTDOWN]
Process: System Address: 0x8af441f8 Size: -

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_CLEANUP]
Process: System Address: 0x8af441f8 Size: -

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_POWER]
Process: System Address: 0x8af441f8 Size: -

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x8af441f8 Size: -

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_PNP]
Process: System Address: 0x8af441f8 Size: -

Object: Hidden Code [Driver: prohlp02, IRP_MJ_CREATE]
Process: System Address: 0xe1012128 Size: -

Object: Hidden Code [Driver: prohlp02, IRP_MJ_CLOSE]
Process: System Address: 0xe1012128 Size: -

Object: Hidden Code [Driver: prohlp02, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0xe1012128 Size: -

Object: Hidden Code [Driver: NetBT, IRP_MJ_CREATE]
Process: System Address: 0x8ac821f8 Size: -

Object: Hidden Code [Driver: NetBT, IRP_MJ_CLOSE]
Process: System Address: 0x8ac821f8 Size: -

Object: Hidden Code [Driver: NetBT, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x8ac821f8 Size: -

Object: Hidden Code [Driver: NetBT, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x8ac821f8 Size: -

Object: Hidden Code [Driver: NetBT, IRP_MJ_CLEANUP]
Process: System Address: 0x8ac821f8 Size: -

Object: Hidden Code [Driver: NetBT, IRP_MJ_PNP]
Process: System Address: 0x8ac821f8 Size: -

Object: Hidden Code [Driver: usbehci, IRP_MJ_CREATE]
Process: System Address: 0x8acf41f8 Size: -

Object: Hidden Code [Driver: usbehci, IRP_MJ_CLOSE]
Process: System Address: 0x8acf41f8 Size: -

Object: Hidden Code [Driver: usbehci, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x8acf41f8 Size: -

Object: Hidden Code [Driver: usbehci, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x8acf41f8 Size: -

Object: Hidden Code [Driver: usbehci, IRP_MJ_POWER]
Process: System Address: 0x8acf41f8 Size: -

Object: Hidden Code [Driver: usbehci, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x8acf41f8 Size: -

Object: Hidden Code [Driver: usbehci, IRP_MJ_PNP]
Process: System Address: 0x8acf41f8 Size: -

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_CREATE]
Process: System Address: 0x8ab8e500 Size: -

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_CREATE_NAMED_PIPE]
Process: System Address: 0x8ab8e500 Size: -

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_CLOSE]
Process: System Address: 0x8ab8e500 Size: -

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_READ]
Process: System Address: 0x8ab8e500 Size: -

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_WRITE]
Process: System Address: 0x8ab8e500 Size: -

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_QUERY_INFORMATION]
Process: System Address: 0x8ab8e500 Size: -

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SET_INFORMATION]
Process: System Address: 0x8ab8e500 Size: -

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_QUERY_EA]
Process: System Address: 0x8ab8e500 Size: -

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SET_EA]
Process: System Address: 0x8ab8e500 Size: -

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_FLUSH_BUFFERS]
Process: System Address: 0x8ab8e500 Size: -

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_QUERY_VOLUME_INFORMATION]
Process: System Address: 0x8ab8e500 Size: -

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SET_VOLUME_INFORMATION]
Process: System Address: 0x8ab8e500 Size: -

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_DIRECTORY_CONTROL]
Process: System Address: 0x8ab8e500 Size: -

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_FILE_SYSTEM_CONTROL]
Process: System Address: 0x8ab8e500 Size: -

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x8ab8e500 Size: -

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x8ab8e500 Size: -

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SHUTDOWN]
Process: System Address: 0x8ab8e500 Size: -

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_LOCK_CONTROL]
Process: System Address: 0x8ab8e500 Size: -

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_CLEANUP]
Process: System Address: 0x8ab8e500 Size: -

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_CREATE_MAILSLOT]
Process: System Address: 0x8ab8e500 Size: -

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_QUERY_SECURITY]
Process: System Address: 0x8ab8e500 Size: -

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SET_SECURITY]
Process: System Address: 0x8ab8e500 Size: -

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_POWER]
Process: System Address: 0x8ab8e500 Size: -

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x8ab8e500 Size: -

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_DEVICE_CHANGE]
Process: System Address: 0x8ab8e500 Size: -

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_QUERY_QUOTA]
Process: System Address: 0x8ab8e500 Size: -

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SET_QUOTA]
Process: System Address: 0x8ab8e500 Size: -

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_PNP]
Process: System Address: 0x8ab8e500 Size: -

Object: Hidden Code [Driver: Cdfsȅఠ浍†, IRP_MJ_CREATE]
Process: System Address: 0x8a927500 Size: -

Object: Hidden Code [Driver: Cdfsȅఠ浍†, IRP_MJ_CLOSE]
Process: System Address: 0x8a927500 Size: -

Object: Hidden Code [Driver: Cdfsȅఠ浍†, IRP_MJ_READ]
Process: System Address: 0x8a927500 Size: -

Object: Hidden Code [Driver: Cdfsȅఠ浍†, IRP_MJ_QUERY_INFORMATION]
Process: System Address: 0x8a927500 Size: -

Object: Hidden Code [Driver: Cdfsȅఠ浍†, IRP_MJ_SET_INFORMATION]
Process: System Address: 0x8a927500 Size: -

Object: Hidden Code [Driver: Cdfsȅఠ浍†, IRP_MJ_QUERY_VOLUME_INFORMATION]
Process: System Address: 0x8a927500 Size: -

Object: Hidden Code [Driver: Cdfsȅఠ浍†, IRP_MJ_DIRECTORY_CONTROL]
Process: System Address: 0x8a927500 Size: -

Object: Hidden Code [Driver: Cdfsȅఠ浍†, IRP_MJ_FILE_SYSTEM_CONTROL]
Process: System Address: 0x8a927500 Size: -

Object: Hidden Code [Driver: Cdfsȅఠ浍†, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x8a927500 Size: -

Object: Hidden Code [Driver: Cdfsȅఠ浍†, IRP_MJ_SHUTDOWN]
Process: System Address: 0x8a927500 Size: -

Object: Hidden Code [Driver: Cdfsȅఠ浍†, IRP_MJ_LOCK_CONTROL]
Process: System Address: 0x8a927500 Size: -

Object: Hidden Code [Driver: Cdfsȅఠ浍†, IRP_MJ_CLEANUP]
Process: System Address: 0x8a927500 Size: -

Object: Hidden Code [Driver: Cdfsȅఠ浍†, IRP_MJ_PNP]
Process: System Address: 0x8a927500 Size: -

Hidden Services
-------------------
Service Name: vbev5mp
Image Path: system32\DRIVERS\vbev5mp.sys

Service Name: vdrv7000.ini
Image Path: system32\DRIVERS\vdrv7000.sys

Antwort

Themen zu iwseu.exe: unbekannte Datei öffnet Werbung!
adaware, beenden, datei, dokumente, einstellungen, faust, fenster, gesuch, gesucht, google, jamba, lokale, löschen, nicht gefunden, programm, sauber, schließt, spybot, testen, unbekannte, unbekannte datei, virus, virustotal, werbung, worte, öffnen, öffnet, öffnet werbung



Ähnliche Themen: iwseu.exe: unbekannte Datei öffnet Werbung!


  1. Unbekannte Datei hat versucht auf meinen PC zu zugreifen
    Plagegeister aller Art und deren Bekämpfung - 30.06.2013 (11)
  2. Unbekannte Datei auf USB-Stick - Virus?
    Plagegeister aller Art und deren Bekämpfung - 19.02.2013 (15)
  3. Unbekannte Datei, Schadsoftware enthalten?
    Antiviren-, Firewall- und andere Schutzprogramme - 22.10.2011 (4)
  4. Firefox öffnet Tabs mit Werbung / Anstelle einer verlinkten URL öffnet sich Werbung
    Plagegeister aller Art und deren Bekämpfung - 08.08.2010 (4)
  5. Firefox öffnet Werbung bei Links, IE öffnet selbstständig Werbung
    Plagegeister aller Art und deren Bekämpfung - 09.05.2010 (1)
  6. mir unbekannte Datei in der Auswertung von hjt wclean.exe
    Log-Analyse und Auswertung - 01.11.2009 (10)
  7. Unbekannte/gefährliche (?) Datei: etvtppryiw.exe
    Plagegeister aller Art und deren Bekämpfung - 12.09.2009 (1)
  8. Unbekannte Datei im Autostart
    Antiviren-, Firewall- und andere Schutzprogramme - 11.04.2009 (2)
  9. Unbekannte .exe Datei
    Plagegeister aller Art und deren Bekämpfung - 25.12.2008 (12)
  10. Unbekannte .exe Datei
    Mülltonne - 24.12.2008 (0)
  11. Unbekannte .scr datei
    Plagegeister aller Art und deren Bekämpfung - 23.12.2008 (12)
  12. Seltsame unbekannte Datei
    Mülltonne - 23.12.2008 (0)
  13. Internet Explorer öffnet sich ungewollt durch eine unbekannte Datei
    Plagegeister aller Art und deren Bekämpfung - 15.07.2008 (0)
  14. Unbekannte Datei: JET*.tmp
    Plagegeister aller Art und deren Bekämpfung - 04.03.2005 (4)
  15. unbekannte dll datei
    Log-Analyse und Auswertung - 25.08.2004 (2)
  16. Unbekannte Datei
    Plagegeister aller Art und deren Bekämpfung - 04.04.2004 (2)
  17. Unbekannte Datei
    Plagegeister aller Art und deren Bekämpfung - 10.07.2003 (1)

Zum Thema iwseu.exe: unbekannte Datei öffnet Werbung! - Hallo! Seit neustem öffnen sich bei mir Fenster mit Werbung(Jamba,...). Nach beenden der Datei iwseu.exe(Finde weder hier, noch in Google Informationen) schließt sich das Fenster und es werden keine weiteren - iwseu.exe: unbekannte Datei öffnet Werbung!...
Archiv
Du betrachtest: iwseu.exe: unbekannte Datei öffnet Werbung! auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.