C:\Windows\System32\giljabiunis.exe' ist TR/Agent.42552' [trojan]

MarbleArch · 19.08.2009, 16:40

Die Daten von RSIT:

Logfile of random's system information tool 1.06 (written by random/random)
Run by Sophie at 2009-08-19 17:13:04
Microsoft® Windows Vista™ Home Premium Service Pack 1
System drive C: has 64 GB (56%) free of 113 GB
Total RAM: 1013 MB (35% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:13:09, on 19.08.2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18294)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\LG Software\LG Magnifier\MagnifyingGlass.exe
C:\Program Files\LG Software\LG Magnifier\Maglev.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\LG Software\On Screen Display\HotKey.exe
C:\Program Files\LG Software\BatteryMiser\BatteryMiser5.exe
C:\Program Files\lg_swupdate\GiljabiStart.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\Samsung\PanelMgr\SSMMgr.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Spybot\TeaTimer.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\***\Downloads\RSIT.exe
C:\Users\***\Downloads\RSIT.exe
C:\Program Files\trend micro\***.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\Spybot\SDHelper.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [LG Magnifier] %ProgramFiles%\LG Software\LG Magnifier\MagnifyingGlass.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [KeybdUtility] C:\Program Files\LG Software\On Screen Display\HotKey.exe
O4 - HKLM\..\Run: [BatteryMiser 5] C:\Program Files\LG Software\BatteryMiser\BatteryMiser5.exe
O4 - HKLM\..\Run: [LG Intelligent Update] "C:\Program Files\lg_swupdate\giljabistart.exe" Gilautouc
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe /autorun
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot\TeaTimer.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Spybot\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Spybot\SDHelper.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O13 - Gopher Prefix:
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot\SDWinSec.exe

--
End of file - 7052 bytes

======Scheduled tasks folder======

C:\Windows\tasks\User_Feed_Synchronization-{357EEA98-C5F0-497C-A0A2-65B0791C4256}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008-09-23 1088296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\Spybot\SDHelper.dll [2008-01-28 1554256]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [2007-02-12 174872]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-03-14 4399104]
"LG Magnifier"=C:\Program Files\LG Software\LG Magnifier\MagnifyingGlass.exe [2007-03-02 112184]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-02-09 845360]
"KeybdUtility"=C:\Program Files\LG Software\On Screen Display\HotKey.exe [2007-03-21 2655800]
"BatteryMiser 5"=C:\Program Files\LG Software\BatteryMiser\BatteryMiser5.exe [2007-02-22 337464]
"LG Intelligent Update"=C:\Program Files\lg_swupdate\giljabistart.exe [2007-10-03 239160]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2007-01-31 131072]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2007-01-31 151552]
"Persistence"=C:\Windows\system32\igfxpers.exe [2007-01-31 126976]
"Skytel"=C:\Windows\Skytel.exe [2007-03-13 1822720]
"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2008-09-03 111936]
"Samsung PanelMgr"=C:\Windows\Samsung\PanelMgr\SSMMgr.exe [2007-01-03 520192]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
"LogitechQuickCamRibbon"=C:\Program Files\Logitech\QuickCam\Quickcam.exe [2008-12-20 2656528]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2009-03-22 198160]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-05-26 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-07-13 292128]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"=C:\Program Files\Spybot\TeaTimer.exe [2008-01-28 2097488]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2008-09-23 21755688]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2007-01-31 200704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{26F5978F-6493-4ee3-B114-C0C3ACCF9D4D}"=C:\Windows\system32\bmpsap.dll [2006-12-11 114688]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 1 months======

2009-08-19 17:03:52 ----D---- C:\Program Files\trend micro
2009-08-19 17:03:51 ----D---- C:\rsit
2009-08-19 02:50:57 ----D---- C:\Users\***\AppData\Roaming\Malwarebytes
2009-08-19 02:50:46 ----D---- C:\ProgramData\Malwarebytes
2009-08-19 02:50:45 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-08-19 02:35:54 ----D---- C:\Program Files\CCleaner
2009-08-16 22:01:41 ----A---- C:\Windows\system32\kerberos.dll
2009-08-16 22:01:40 ----A---- C:\Windows\system32\wdigest.dll
2009-08-16 22:01:40 ----A---- C:\Windows\system32\msv1_0.dll
2009-08-16 22:01:39 ----A---- C:\Windows\system32\schannel.dll
2009-08-16 22:01:39 ----A---- C:\Windows\system32\lsasrv.dll
2009-08-16 22:01:38 ----A---- C:\Windows\system32\secur32.dll
2009-08-16 22:01:38 ----A---- C:\Windows\system32\lsass.exe
2009-08-15 23:25:15 ----D---- C:\ProgramData\WindowsSearch
2009-08-11 19:42:55 ----A---- C:\Windows\system32\atl.dll
2009-08-11 19:42:51 ----A---- C:\Windows\system32\wkssvc.dll
2009-08-11 19:42:43 ----A---- C:\Windows\system32\mstscax.dll
2009-08-11 19:42:35 ----A---- C:\Windows\system32\avifil32.dll
2009-08-11 19:42:19 ----A---- C:\Windows\system32\wmp.dll
2009-08-11 19:42:17 ----A---- C:\Windows\system32\wmpdxm.dll
2009-08-11 19:42:16 ----A---- C:\Windows\system32\spwmp.dll
2009-08-11 19:42:13 ----A---- C:\Windows\system32\dxmasf.dll
2009-08-11 19:42:11 ----A---- C:\Windows\system32\wmploc.DLL
2009-07-30 01:04:02 ----A---- C:\Windows\system32\mshtml.dll
2009-07-30 01:04:01 ----A---- C:\Windows\system32\occache.dll
2009-07-30 01:03:58 ----A---- C:\Windows\system32\ieframe.dll
2009-07-30 01:03:56 ----A---- C:\Windows\system32\urlmon.dll
2009-07-30 01:03:55 ----A---- C:\Windows\system32\wininet.dll
2009-07-30 01:03:55 ----A---- C:\Windows\system32\iertutil.dll
2009-07-30 01:03:54 ----A---- C:\Windows\system32\msfeeds.dll
2009-07-30 01:03:54 ----A---- C:\Windows\system32\iedkcs32.dll
2009-07-30 01:03:52 ----A---- C:\Windows\system32\ieaksie.dll
2009-07-30 01:03:51 ----A---- C:\Windows\system32\ieUnatt.exe
2009-07-30 01:03:50 ----A---- C:\Windows\system32\ieencode.dll
2009-07-30 01:03:49 ----A---- C:\Windows\system32\mstime.dll
2009-07-30 01:03:48 ----A---- C:\Windows\system32\jsproxy.dll
2009-07-27 17:11:02 ----A---- C:\Windows\system32\infocardapi.dll
2009-07-27 17:11:01 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-07-27 17:11:00 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2009-07-27 17:11:00 ----A---- C:\Windows\system32\icardres.dll
2009-07-27 17:11:00 ----A---- C:\Windows\system32\icardagt.exe
2009-07-27 17:10:57 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2009-07-27 17:10:51 ----A---- C:\Windows\system32\PresentationHost.exe
2009-07-27 17:00:02 ----A---- C:\Windows\system32\dfshim.dll
2009-07-27 16:59:58 ----A---- C:\Windows\system32\mscoree.dll
2009-07-27 16:59:56 ----A---- C:\Windows\system32\netfxperf.dll
2009-07-27 16:59:43 ----A---- C:\Windows\system32\mscorier.dll
2009-07-27 16:59:37 ----A---- C:\Windows\system32\mscories.dll

======List of files/folders modified in the last 1 months======

2009-08-19 17:13:05 ----D---- C:\Windows\Temp
2009-08-19 17:04:05 ----D---- C:\Windows\Prefetch
2009-08-19 17:03:57 ----D---- C:\Users\Sophie\AppData\Roaming\Skype
2009-08-19 17:03:52 ----RD---- C:\Program Files
2009-08-19 16:08:30 ----D---- C:\Windows\System32
2009-08-19 16:08:30 ----D---- C:\Windows\inf
2009-08-19 16:08:30 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-08-19 16:04:25 ----D---- C:\Users\***\AppData\Roaming\skypePM
2009-08-19 16:01:49 ----D---- C:\Windows\system32\drivers
2009-08-19 16:01:49 ----D---- C:\Windows
2009-08-19 13:26:07 ----SHD---- C:\System Volume Information
2009-08-19 02:50:46 ----HD---- C:\ProgramData
2009-08-19 02:38:21 ----D---- C:\ProgramData\Spybot - Search & Destroy
2009-08-19 02:38:12 ----D---- C:\Windows\Minidump
2009-08-19 02:38:12 ----D---- C:\Windows\Debug
2009-08-18 02:08:24 ----D---- C:\Windows\system32\catroot2
2009-08-16 22:08:39 ----D---- C:\Windows\winsxs
2009-08-16 21:59:58 ----D---- C:\Windows\system32\catroot
2009-08-16 15:33:27 ----D---- C:\Program Files\Mozilla Firefox
2009-08-16 01:55:47 ----A---- C:\Windows\lgcenter.ini
2009-08-16 01:55:45 ----D---- C:\Program Files\lg_swupdate
2009-08-16 01:55:40 ----A---- C:\Windows\lg_up.ini
2009-08-13 19:02:13 ----D---- C:\Program Files\Mozilla Thunderbird
2009-08-11 21:53:28 ----D---- C:\Program Files\Windows Media Player
2009-08-11 21:52:50 ----D---- C:\Program Files\Windows Mail
2009-07-30 17:00:12 ----D---- C:\Program Files\Internet Explorer
2009-07-30 02:49:14 ----A---- C:\Windows\system32\mrt.exe
2009-07-27 21:33:11 ----D---- C:\Windows\Microsoft.NET
2009-07-27 21:32:53 ----RSD---- C:\Windows\assembly
2009-07-27 17:59:35 ----D---- C:\Windows\rescache
2009-07-27 17:40:27 ----D---- C:\Windows\system32\de-DE
2009-07-27 17:40:13 ----D---- C:\Windows\system32\XPSViewer
2009-07-27 17:40:13 ----D---- C:\Windows\system32\wbem
2009-07-27 17:40:13 ----D---- C:\Windows\system32\en-US
2009-07-27 17:19:43 ----SHD---- C:\Windows\Installer

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2009-04-27 96104]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-06-10 28520]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2009-08-05 55656]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2006-12-08 5120]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2006-10-05 1161152]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2007-01-31 690176]
R3 CmBatt;Treiber für Microsoft-ACPI-Kontrollmethodenkompatible Batterie; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-19 14208]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2009-03-19 23400]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2007-01-31 1608192]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-03-14 1749152]
R3 LVPr2Mon;LVPr2Mon Driver; C:\Windows\system32\Drivers\LVPr2Mon.sys [2008-12-16 25624]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-02-09 182456]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-19 11264]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2006-11-22 195072]
S2 DgiVecp;DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [2006-12-08 41984]
S3 BthEnum;Bluetooth-Auflistungsdienst; C:\Windows\system32\DRIVERS\BthEnum.sys [2006-11-02 19456]
S3 BthPan;Bluetooth-Gerät (PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2006-11-02 92160]
S3 BTHPORT;Bluetooth-Porttreiber; C:\Windows\System32\Drivers\BTHport.sys [2006-11-02 220160]
S3 BTHUSB;USB-Treiber für Bluetooth-Funkgerät; C:\Windows\System32\Drivers\BTHUSB.sys [2006-11-02 29184]
S3 drmkaud;Microsoft Kernel-DRM-Audioentschlüsselung; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 HdAudAddService;Microsoft 1.1 UAA-Funktionstreiber für High Definition Audio-Dienst; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2007-01-31 1608192]
S3 lgodd_filter;lgodd_filter; C:\Windows\system32\drivers\lgodd_filter.sys []
S3 lgsnd_filter;lgsnd_filter; C:\Windows\system32\drivers\lgsnd_filter.sys [2005-12-14 7552]
S3 LVcKap;Logitech AEC Driver; C:\Windows\system32\DRIVERS\LVcKap.sys []
S3 LVMVDrv;Logitech Machine Vision Engine Loader; C:\Windows\system32\DRIVERS\LVMVDrv.sys []
S3 lvpopflt;Logitech POP Suppression Filter; C:\Windows\system32\DRIVERS\lvpopflt.sys [2008-12-17 114712]
S3 LVRS;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs.sys [2008-12-17 768024]
S3 lvselsus;Logitech Selective Suspend Filter; C:\Windows\system32\DRIVERS\lvselsus.sys [2006-11-11 65312]
S3 LVUSBSta;Logitech USB Monitor Filter; C:\Windows\system32\drivers\LVUSBSta.sys [2008-12-17 41752]
S3 LVUVC;QuickCam for Notebooks Pro(UVC); C:\Windows\system32\DRIVERS\lvuvc.sys [2008-12-17 6364440]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Microsoft Proxy für Streaming Clock; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Microsoft Proxy für Streaming Quality Manager; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 NETw3v32;Intel(R) PRO/Wireless 3945ABG-Adaptertreiber für Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-11-02 1781760]
S3 RFCOMM;Bluetooth-Gerät (RFCOMM-Protokoll-TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2006-11-02 49664]
S3 tapvpn;TAP VPN Adapter; C:\Windows\system32\DRIVERS\tapvpn.sys [2008-01-23 27136]
S3 usbaudio;USB-Audiotreiber (WDM); C:\Windows\system32\drivers\usbaudio.sys [2008-01-19 73088]
S3 usbvideo;USB-Videogerät (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2006-11-02 132352]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2006-10-05 9216]
R2 AntiVirSchedulerService;Avira AntiVir Planer; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-06-10 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-08-05 185089]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-05-29 144712]
R2 Bonjour Service;Bonjour-Dienst; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2007-02-12 355096]
R2 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2008-12-16 150040]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot\SDWinSec.exe [2007-08-31 600912]
R3 iPod Service;iPod-Dienst; C:\Program Files\iPod\bin\iPodService.exe [2009-07-13 542496]

-----------------EOF-----------------

C:\Windows\System32\giljabiunis.exe' ist TR/Agent.42552' [trojan]

Plagegeister aller Art und deren Bekämpfung: C:\Windows\System32\giljabiunis.exe' ist TR/Agent.42552' [trojan]

C:\Windows\System32\giljabiunis.exe' ist TR/Agent.42552' [trojan]

Ähnliche Themen: C:\Windows\System32\giljabiunis.exe' ist TR/Agent.42552' [trojan]