Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
viele trojaner (drooper, alureon) und umleitung über ukrainische seite, was tun?

viele trojaner (drooper, alureon) und umleitung über ukrainische seite, was tun?


Log-Analyse und Auswertung: viele trojaner (drooper, alureon) und umleitung über ukrainische seite, was tun?

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 12.03.2010, 23:46   #1
hamburger84
 
viele trojaner (drooper, alureon) und umleitung über ukrainische seite, was tun? - Standard

viele trojaner (drooper, alureon) und umleitung über ukrainische seite, was tun?


Logfile of random's system information tool 1.06 (written by random/random)
Run by Admin at 2010-03-12 23:04:03
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 37 GB (48%) free of 76 GB
Total RAM: 511 MB (43% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:04:17, on 12.03.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Avira\AntiVir Desktop\sched.exe
C:\Programme\Gemeinsame Dateien\EPSON\EBAPI\eEBSVC.exe
C:\Programme\Avira\AntiVir Desktop\avguard.exe
C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Programme\Bonjour\mDNSResponder.exe
C:\PROGRA~1\WinTV\EPG Services\System\EPGService.exe
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EPSON\EPW!3 SSRP\E_S40ST7.EXE
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EPSON\EPW!3 SSRP\E_S40RP7.EXE
C:\Programme\ICQ6Toolbar\ICQ Service.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\RegSrvc.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZCfgSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\1XConfig.exe
C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Programme\Synaptics\SynTP\SynTPLpr.exe
C:\Programme\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\ATK0100\Hcontrol.exe
C:\Programme\SAMSUNG\Keydefin\KeyDefin.exe
C:\Programme\Notebook Hardware Control\nhc.exe
C:\Programme\Microsoft IntelliType Pro\itype.exe
C:\Programme\Microsoft IntelliPoint\ipoint.exe
C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe
C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
C:\Programme\Gemeinsame Dateien\Nokia\MPlatform\NokiaMServer.exe
C:\Programme\iTunes\iTunesHelper.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe
C:\Programme\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIFIE.EXE
C:\Programme\Ulead Systems\Ulead Photo Express 3.0 SE\CalCheck.exe
C:\WINDOWS\twain_32\S6U12BX\WATCH.exe
C:\Programme\iPod\bin\iPodService.exe
C:\Programme\Nokia\PC Connectivity Solution\ServiceLayer.exe
C:\Programme\Nokia\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Programme\Nokia\PC Connectivity Solution\Transports\NclIrSrv.exe
C:\Programme\Nokia\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Dokumente und Einstellungen\Admin\Eigene Dateien\Downloads\RSIT.exe
C:\Programme\Trend Micro\HijackThis\Admin.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = ****://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = ****://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = ****://www.google.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = ****://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = ****://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = ht****p://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = h****p://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Programme\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Programme\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar1.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programme\Norton AntiVirus\NavShExt.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Programme\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programme\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar1.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programme\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Programme\Epson Software\Easy Photo Print\EPTBL.dll
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Programme\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programme\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Hcontrol] C:\WINDOWS\ATK0100\Hcontrol.exe
O4 - HKLM\..\Run: [SAMSUNG Keydefin] C:\Programme\SAMSUNG\Keydefin\KeyDefin.exe
O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Programme\Intel\PROSetWireless\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [ccApp] "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NotebookHardwareControl] "C:\Programme\Notebook Hardware Control\nhc.exe" -quiet
O4 - HKLM\..\Run: [EPSON Stylus C46 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0T1.EXE /P23 "EPSON Stylus C46 Series" /O6 "USB002" /M "Stylus C46"
O4 - HKLM\..\Run: [itype] "C:\Programme\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Programme\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NokiaMServer] C:\Programme\Gemeinsame Dateien\Nokia\MPlatform\NokiaMServer /watchfiles
O4 - HKLM\..\Run: [Nokia FastStart] "C:\Programme\Nokia\Nokia Music\NokiaMusic.exe" /command:faststart
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programme\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [EEventManager] C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe
O4 - HKLM\..\Run: [avgnt] "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Programme\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [Epson Stylus SX510W(Netzwerk)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIFIE.EXE /FU "C:\WINDOWS\TEMP\E_S374.tmp" /EF "HKCU"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: AutoStart IR.lnk = C:\Programme\WinTV\Ir.exe
O4 - Global Startup: Nokia Ovi Suite.lnk = C:\Programme\Nokia\Ovi\Suite\RunLauncher.exe
O4 - Global Startup: Ulead Photo Express SE Calendar Checker.lnk = C:\Programme\Ulead Systems\Ulead Photo Express 3.0 SE\CalCheck.exe
O4 - Global Startup: Watch.lnk = C:\WINDOWS\twain_32\S6U12BX\WATCH.exe
O8 - Extra context menu item: Download Video on This Page - C:\Programme\YOUTUBEDOWNLOADER\YouTube Video Downloader\IEPage.html
O8 - Extra context menu item: Download Video This Links To - C:\Programme\YOUTUBEDOWNLOADER\YouTube Video Downloader\IELink.html
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Save YouTube Video - res://C:\Programme\Gemeinsame Dateien\DVDVideoSoft\Dll\IEContextMenuY.dll/scriptY2MP4.htm
O8 - Extra context menu item: Save YouTube Video as MP3 - res://C:\Programme\Gemeinsame Dateien\DVDVideoSoft\Dll\IEContextMenuY.dll/scriptY2MP3.htm
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Programme\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Download Video - {7966A32A-5783-4F0B-824C-09077C023080} - C:\Programme\YOUTUBEDOWNLOADER\YouTube Video Downloader\IEPage.html
O9 - Extra 'Tools' menuitem: Download Video on This Page - {7966A32A-5783-4F0B-824C-09077C023080} - C:\Programme\YOUTUBEDOWNLOADER\YouTube Video Downloader\IEPage.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Programme\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - h****p://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1180206344251
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - h****tp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1180258751455
O16 - DPF: {D1548A26-B8F6-4E86-AE74-E7062CCC2E2A} (igLoader Content on Demand) - Games at Miniclip.com - Play Free Games
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. - C:\Programme\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccPwdSvc.exe
O23 - Service: EPGService - Hauppauge Computer Works - C:\PROGRA~1\WinTV\EPG Services\System\EPGService.exe
O23 - Service: EpsonBidirectionalService - SEIKO EPSON CORPORATION - C:\Programme\Gemeinsame Dateien\EPSON\EBAPI\eEBSVC.exe
O23 - Service: EPSON V5 Service4(01) (EPSON_EB_RPCV4_01) - SEIKO EPSON CORPORATION - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EPSON\EPW!3 SSRP\E_S40ST7.EXE
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EPSON\EPW!3 SSRP\E_S40RP7.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HauppaugeTVServer - Hauppauge Computer Works - C:\PROGRA~1\WinTV\HCWTVS~1.EXE
O23 - Service: ICQ Service - Unknown owner - C:\Programme\ICQ6Toolbar\ICQ Service.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Programme\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto-Protect-Dienst (navapsvc) - Symantec Corporation - C:\Programme\Norton AntiVirus\navapsvc.exe
O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\System32\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\System32\S24EvMon.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\GEMEIN~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programme\Nokia\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: TwonkyMedia - PacketVideo - C:\Programme\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe

--
End of file - 14543 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Epson Printer Software Downloader.job
C:\WINDOWS\tasks\Microsoft_Hardware_Launch_IPoint_exe.job
C:\WINDOWS\tasks\Microsoft_Hardware_Launch_IType_exe.job
C:\WINDOWS\tasks\Norton AntiVirus - Meinen Computer prüfen.job
C:\WINDOWS\tasks\Norton Security Scan for Admin.job
C:\WINDOWS\tasks\Symantec NetDetect.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Programme\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008-02-01 1377576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2009-01-04 304736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}]
Easy Photo Print - C:\Programme\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02 266240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\programme\google\googletoolbar1.dll [2008-03-28 2427968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDF3E430-B101-42AD-A544-FADC6B084872}]
CNavExtBho Class - C:\Programme\Norton AntiVirus\NavShExt.dll [2002-11-19 112248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]
EpsonToolBandKicker Class - C:\Programme\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - Norton AntiVirus - C:\Programme\Norton AntiVirus\NavShExt.dll [2002-11-19 112248]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Programme\ICQ6Toolbar\ICQToolBar.dll [2008-06-12 958712]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\programme\google\googletoolbar1.dll [2008-03-28 2427968]
{EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Programme\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640]
{9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Programme\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02 266240]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATIModeChange"=C:\WINDOWS\system32\Ati2mdxx.exe [2004-02-24 28672]
"ATIPTA"=C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe [2004-02-03 335872]
"AGRSMMSG"=C:\WINDOWS\AGRSMMSG.exe [2003-06-10 87751]
"SynTPLpr"=C:\Programme\Synaptics\SynTP\SynTPLpr.exe [2003-06-17 126976]
"SynTPEnh"=C:\Programme\Synaptics\SynTP\SynTPEnh.exe [2003-06-17 561152]
"Hcontrol"=C:\WINDOWS\ATK0100\Hcontrol.exe [2003-09-08 61440]
"SAMSUNG Keydefin"=C:\Programme\SAMSUNG\Keydefin\KeyDefin.exe [2004-01-15 28672]
"PRONoMgr.exe"=C:\Programme\Intel\PROSetWireless\NCS\PROSet\PRONoMgr.exe [2004-02-05 86016]
"ccApp"=C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe [2002-11-19 54984]
"ccRegVfy"=C:\Programme\Gemeinsame Dateien\Symantec Shared\ccRegVfy.exe [2002-11-19 59080]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"NotebookHardwareControl"=C:\Programme\Notebook Hardware Control\nhc.exe [2007-05-04 2629632]
"EPSON Stylus C46 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0T1.EXE [2004-01-14 99840]
"itype"=C:\Programme\Microsoft IntelliType Pro\itype.exe [2006-11-22 813912]
"IntelliPoint"=C:\Programme\Microsoft IntelliPoint\ipoint.exe [2007-02-06 849280]
"GrooveMonitor"=C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"TkBellExe"=C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe [2009-01-04 185872]
"NokiaMServer"=C:\Programme\Gemeinsame Dateien\Nokia\MPlatform\NokiaMServer /watchfiles []
"Nokia FastStart"=C:\Programme\Nokia\Nokia Music\NokiaMusic.exe [2008-12-03 2372840]
"Adobe Reader Speed Launcher"=C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"QuickTime Task"=C:\Programme\QuickTime\QTTask.exe [2009-09-05 417792]
"iTunesHelper"=C:\Programme\iTunes\iTunesHelper.exe [2009-10-28 141600]
"EEventManager"=C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe [2009-01-12 669520]
"avgnt"=C:\Programme\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MSMSGS"=C:\Programme\Messenger\msmsgs.exe [2008-04-14 1695232]
"DAEMON Tools Lite"=C:\Programme\DAEMON Tools Lite\daemon.exe [2008-04-01 486856]
"Epson Stylus SX510W(Netzwerk)"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIFIE.EXE [2008-11-20 199680]

C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart
AutoStart IR.lnk - C:\Programme\WinTV\Ir.exe
Nokia Ovi Suite.lnk - C:\Programme\Nokia\Ovi\Suite\RunLauncher.exe
Ulead Photo Express SE Calendar Checker.lnk - C:\Programme\Ulead Systems\Ulead Photo Express 3.0 SE\CalCheck.exe
Watch.lnk - C:\WINDOWS\twain_32\S6U12BX\WATCH.exe

C:\Dokumente und Einstellungen\Admin\Startmenü\Programme\Autostart
OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk - C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Sebring]
C:\WINDOWS\System32\LgNotify.dll [2004-03-03 110592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SYMTDI]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Programme\ICQLite\ICQLite.exe"="C:\Programme\ICQLite\ICQLite.exe:*:Enabled:ICQ Lite"
"C:\Programme\Internet Explorer\iexplore.exe"="C:\Programme\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"C:\Programme\Kazaa Lite\clean.kmd"="C:\Programme\Kazaa Lite\clean.kmd:*:Enabled:clean"
"C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Programme\Microsoft Office\Office12\GROOVE.EXE"="C:\Programme\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Programme\Microsoft Office\Office12\ONENOTE.EXE"="C:\Programme\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Programme\ICQ6\ICQ.exe"="C:\Programme\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"C:\Programme\Messenger\msmsgs.exe"="C:\Programme\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Programme\Zattoo\zattood.exe"="C:\Programme\Zattoo\zattood.exe:*:Enabled:zattood"
"C:\Programme\Zattoo\Zattoo2.exe"="C:\Programme\Zattoo\Zattoo2.exe:*:Enabled: "
"C:\WINDOWS\explorer.exe"="C:\WINDOWS\explorer.exe:*:Enabled:Windows Explorer"
"C:\Programme\Nokia\Nokia Home Media Server\Media Server\twonkymedia.exe"="C:\Programme\Nokia\Nokia Home Media Server\Media Server\twonkymedia.exe:*:Enabled:TwonkyMedia"
"C:\Programme\Nokia\Nokia Home Media Server\Media Server\twonkymediaserver.exe"="C:\Programme\Nokia\Nokia Home Media Server\Media Server\twonkymediaserver.exe:*:Enabled:TwonkyMediaServer"
"C:\Programme\Bonjour\mDNSResponder.exe"="C:\Programme\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Programme\Skype\Phone\Skype.exe"="C:\Programme\Skype\Phone\Skype.exe:*:Enabled:Skype. Take a deep breath "
"C:\Programme\iTunes\iTunes.exe"="C:\Programme\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Programme\EpsonNet\EpsonNet Setup\tool09\ENEasyApp.exe"="C:\Programme\EpsonNet\EpsonNet Setup\tool09\ENEasyApp.exe:*:Enabled:EpsonNet Setup"
"C:\Programme\Epson Software\Event Manager\EEventManager.exe"="C:\Programme\Epson Software\Event Manager\EEventManager.exe:*isabled:EEventManager Application"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2010-03-12 23:04:03 ----D---- C:\rsit
2010-03-12 16:29:03 ----D---- C:\Programme\CCleaner
2010-03-12 13:48:51 ----D---- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Malwarebytes
2010-03-12 13:48:35 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
2010-03-12 13:48:30 ----D---- C:\Programme\Malwarebytes' Anti-Malware
2010-03-11 22:06:38 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2010-03-11 22:06:26 ----HDC---- C:\WINDOWS\$NtUninstallKB975561$
2010-03-11 22:03:47 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2010-03-11 22:01:53 ----HDC---- C:\WINDOWS\$NtUninstallKB979306$
2010-03-11 21:53:03 ----N---- C:\WINDOWS\system32\browserchoice.exe
2010-03-11 16:53:32 ----D---- C:\Programme\Avira
2010-03-11 16:53:32 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira
2010-02-14 18:05:20 ----HDC---- C:\WINDOWS\$NtUninstallKB978262$
2010-02-14 18:05:07 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2010-02-14 17:59:47 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2010-02-14 17:59:40 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2010-02-14 17:59:22 ----HDC---- C:\WINDOWS\$NtUninstallKB976098-v2$
2010-02-14 17:59:09 ----A---- C:\WINDOWS\system32\MRT.INI
2010-02-14 17:55:26 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2010-02-14 17:55:18 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2010-02-14 17:55:10 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2010-02-14 17:55:00 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$
2010-02-14 17:53:28 ----D---- C:\WINDOWS\ie8updates
2010-02-14 17:49:04 ----HDC---- C:\WINDOWS\ie8
2010-02-14 17:48:41 ----D---- C:\WINDOWS\system32\MpEngineStore
2010-02-14 17:42:06 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2010-02-14 17:41:58 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2010-02-14 17:40:53 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2010-02-14 17:39:43 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2010-02-14 17:39:37 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2010-02-14 17:39:28 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2010-02-14 17:39:19 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2010-02-14 17:39:08 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2010-02-14 17:37:21 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2010-02-14 17:36:31 ----HDC---- C:\WINDOWS\$NtUninstallKB978251$
2010-02-14 17:36:24 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2010-02-14 17:36:16 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2010-02-14 17:36:07 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2010-02-14 17:35:58 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2010-02-14 17:35:40 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2010-02-14 17:34:10 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2010-02-14 17:31:39 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
2010-02-14 17:31:31 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2010-02-14 17:31:08 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2010-02-14 17:30:55 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2010-02-14 17:28:49 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2010-02-14 17:28:40 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2010-02-14 17:27:10 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2010-02-14 17:27:01 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2010-02-14 17:26:49 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2010-02-14 17:26:36 ----HDC---- C:\WINDOWS\$NtUninstallKB977165$
2010-02-14 17:24:38 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2010-02-14 17:19:54 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
2010-02-14 17:19:46 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2010-02-14 17:19:34 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2010-02-14 17:19:17 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$

======List of files/folders modified in the last 1 months======

2010-03-12 23:00:04 ----D---- C:\Programme\Mozilla Firefox
2010-03-12 22:27:31 ----D---- C:\WINDOWS\system32
2010-03-12 22:20:37 ----D---- C:\WINDOWS\Microsoft.NET
2010-03-12 21:54:44 ----D---- C:\Dokumente und Einstellungen
2010-03-12 21:49:29 ----RD---- C:\Programme
2010-03-12 21:36:48 ----D---- C:\WINDOWS\Temp
2010-03-12 20:10:00 ----D---- C:\WINDOWS\Minidump
2010-03-12 20:10:00 ----D---- C:\WINDOWS\Debug
2010-03-12 20:10:00 ----D---- C:\WINDOWS
2010-03-12 19:59:42 ----D---- C:\Programme\Gemeinsame Dateien\Symantec Shared
2010-03-12 19:59:02 ----D---- C:\WINDOWS\system32\CatRoot2
2010-03-12 19:58:19 ----D---- C:\Programme\WinTV
2010-03-12 16:07:27 ----D---- C:\WINDOWS\system32\drivers
2010-03-12 16:06:52 ----N---- C:\WINDOWS\SchedLgU.Txt
2010-03-12 13:40:59 ----SHD---- C:\WINDOWS\Installer
2010-03-12 13:40:59 ----SHD---- C:\Config.Msi
2010-03-12 13:40:57 ----D---- C:\WINDOWS\WinSxS
2010-03-11 22:13:53 ----D---- C:\Programme\Adobe
2010-03-11 22:13:29 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-03-11 22:07:23 ----HD---- C:\WINDOWS\inf
2010-03-11 22:07:19 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-03-11 22:07:06 ----HD---- C:\WINDOWS\$hf_mig$
2010-03-11 22:06:29 ----D---- C:\Programme\Movie Maker
2010-03-11 22:05:57 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft Help
2010-03-11 19:08:36 ----D---- C:\WINDOWS\Prefetch
2010-03-11 18:30:20 ----SHD---- C:\RECYCLER
2010-03-11 16:48:05 ----AD---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP
2010-03-04 10:24:14 ----A---- C:\WINDOWS\ULEAD32.INI
2010-03-01 21:30:14 ----A---- C:\WINDOWS\system32\MRT.exe
2010-02-26 20:16:47 ----SD---- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Microsoft
2010-02-15 09:27:50 ----RSD---- C:\WINDOWS\assembly
2010-02-15 00:27:39 ----D---- C:\WINDOWS\system32\de-de
2010-02-15 00:27:39 ----D---- C:\WINDOWS\Media
2010-02-15 00:27:39 ----D---- C:\WINDOWS\AppPatch
2010-02-15 00:27:39 ----D---- C:\Programme\Internet Explorer
2010-02-15 00:27:38 ----D---- C:\WINDOWS\Help
2010-02-14 17:31:41 ----D---- C:\Programme\Outlook Express
2010-02-14 17:25:43 ----D---- C:\WINDOWS\ie7updates
2010-02-13 18:25:39 ----D---- C:\MP3 von Youtube

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Programme\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\eeCtrl.sys []
R1 intelppm;Intel-Prozessortreiber; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40448]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2006-07-24 5632]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-11-25 56816]
R2 irda;IrDA-Protokoll; C:\WINDOWS\System32\DRIVERS\irda.sys [2008-04-13 88192]
R2 MASPINT;MASPINT; C:\WINDOWS\system32\drivers\MASPINT.sys [2000-03-29 8096]
R2 MDC8021X;AEGIS Protocol (IEEE 802.1x) v2.2.1.0; C:\WINDOWS\System32\DRIVERS\mdc8021x.sys [2007-05-26 14037]
R2 s24trans;WLAN Transport; C:\WINDOWS\System32\DRIVERS\s24trans.sys [2003-09-15 11258]
R2 SAVRTPEL;SAVRTPEL; \??\C:\WINDOWS\System32\Drivers\SAVRTPEL.SYS []
R2 SYMTDI;SYMTDI; \??\C:\WINDOWS\System32\Drivers\SYMTDI.SYS []
R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\System32\DRIVERS\AGRSM.sys [2003-06-10 1164576]
R3 Arp1394;1394-ARP-Clientprotokoll; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2004-02-24 670208]
R3 CmBatt;Microsoft-Netzteiltreiber; C:\WINDOWS\System32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2009-05-18 26600]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\WINDOWS\System32\DRIVERS\ATKACPI.sys [2003-09-08 5786]
R3 nhcDriverDevice;Notebook Hardware Control Driver; \??\C:\WINDOWS\system32\drivers\nhcDriver.sys []
R3 NIC1394;1394-Netzwerktreiber; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 NSCIRDA;NSC-Infrarotgerätetreiber; C:\WINDOWS\System32\DRIVERS\nscirda.sys [2008-04-13 28672]
R3 PDDSLADP;ProDyne DSL Adapter; C:\WINDOWS\system32\DRIVERS\PDDSLADP.SYS [2005-10-09 15571]
R3 Rasirda;WAN-Miniport (IrDA); C:\WINDOWS\System32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 rtl8139;Realtek RTL8139/810x Family Fast Ethernet NIC NT Driver; C:\WINDOWS\System32\DRIVERS\R8139n51.SYS [2002-06-13 45568]
R3 STAC97;Audio Driver (WDM) - SigmaTel CODEC; C:\WINDOWS\system32\drivers\STAC97.sys [2003-05-16 220048]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\System32\DRIVERS\SynTP.sys [2003-06-17 264528]
R3 usbehci;Miniporttreiber für erweiterten Microsoft USB 2.0-Hostcontroller; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2-aktivierter Hub; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Miniporttreiber für universellen Microsoft USB-Hostcontroller; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 w22n51;Intel(R) PRO/Wireless 2200 Adapter-Treiber; C:\WINDOWS\System32\DRIVERS\w22n51.sys [2004-03-16 1657344]
S1 gnqedceh;gnqedceh; \??\C:\WINDOWS\system32\drivers\gnqedceh.sys []
S1 kbdhid;Tastatur-HID-Treiber; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
S3 alg37x2t;alg37x2t; C:\WINDOWS\system32\drivers\alg37x2t.sys []
S3 CCDECODE;Untertiteldecoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 DOSMEMIO;MEMIO; \??\D:\Application\SmartScreen\MEMIO.SYS []
S3 GT680x;Grand Tech GT680x NT; C:\WINDOWS\system32\DRIVERS\GT680x.SYS [2000-08-18 17524]
S3 gv3;Intel GV3-Prozessortreiber; C:\WINDOWS\System32\DRIVERS\gv3.sys [2002-11-19 33664]
S3 hcw95bda;Hauppauge MOD7700 Tuner Driver; C:\WINDOWS\System32\Drivers\hcw95bda.sys [2007-04-04 467456]
S3 hcw95rc;Hauppauge MOD7700 IR Driver; C:\WINDOWS\system32\DRIVERS\hcw95rc.sys [2007-04-04 15488]
S3 HidUsb;Microsoft HID Class-Treiber; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 mouhid;Maus-HID-Treiber; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-18 12288]
S3 MPE;BDA MPE-Filter; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI-Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NAVENG;NAVENG; \??\C:\PROGRA~1\GEMEIN~1\SYMANT~1\VIRUSD~1\20070523.018\NAVENG.Sys []
S3 NAVEX15;NAVEX15; \??\C:\PROGRA~1\GEMEIN~1\SYMANT~1\VIRUSD~1\20070523.018\NavEx15.Sys []
S3 NdisIP;Microsoft TV-/Videoverbindung; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2008-05-07 17536]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2008-05-07 20864]
S3 PAC207;SoC PC-Camera; C:\WINDOWS\system32\DRIVERS\pfc027.sys [2005-04-08 162176]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 Point32;Microsoft IntelliPoint Filter Driver; C:\WINDOWS\system32\DRIVERS\point32.sys [2006-11-08 21760]
S3 SAVRT;SAVRT; \??\C:\WINDOWS\System32\Drivers\SAVRT.SYS []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SONYPVU1;Sony USB-Filtertreiber (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2007-05-02 83592]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2007-05-02 15112]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2007-05-02 109704]
S3 streamip;BDA-IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 SymEvent;SymEvent; \??\C:\Programme\Symantec\SYMEVENT.SYS []
S3 SYMREDRV;SYMREDRV; \??\C:\WINDOWS\System32\Drivers\SYMREDRV.SYS []
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2008-06-06 8064]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-03-26 36864]
S3 usbccgp;Microsoft Standard-USB-Haupttreiber; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Microsoft USB-Druckerklasse; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB-Scannertreiber; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2008-05-07 8064]
S3 USBSTOR;USB-Massenspeichertreiber; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext-Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirSchedulerService;Avira AntiVir Planer; C:\Programme\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Programme\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089]
R2 Apple Mobile Device;Apple Mobile Device; C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\System32\Ati2evxx.exe [2004-02-24 397312]
R2 Bonjour Service;Bonjour-Dienst; C:\Programme\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 EPGService;EPGService; C:\PROGRA~1\WinTV\EPG Services\System\EPGService.exe [2006-11-28 361984]
R2 EPSON_EB_RPCV4_01;EPSON V5 Service4(01); C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EPSON\EPW!3 SSRP\E_S40ST7.EXE [2007-12-17 143872]
R2 EPSON_PM_RPCV4_01;EPSON V3 Service4(01); C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EPSON\EPW!3 SSRP\E_S40RP7.EXE [2007-01-11 113664]
R2 EpsonBidirectionalService;EpsonBidirectionalService; C:\Programme\Gemeinsame Dateien\EPSON\EBAPI\eEBSVC.exe [2006-12-19 94208]
R2 ICQ Service;ICQ Service; C:\Programme\ICQ6Toolbar\ICQ Service.exe [2008-06-10 222456]
R2 Irmon;Infrarotüberwachung; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 MDM;Machine Debug Manager; C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe [2003-06-20 322120]
R2 RegSrvc;RegSrvc; C:\WINDOWS\System32\RegSrvc.exe [2004-03-03 122880]
R2 S24EventMonitor;Spectrum24 Event Monitor; C:\WINDOWS\System32\S24EvMon.exe [2004-03-03 311363]
R2 STI Simulator;STI Simulator; C:\WINDOWS\System32\PAStiSvc.exe [2005-01-14 53248]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 iPod Service;iPod-Dienst; C:\Programme\iPod\bin\iPodService.exe [2009-10-28 545568]
R3 ServiceLayer;ServiceLayer; C:\Programme\Nokia\PC Connectivity Solution\ServiceLayer.exe [2008-09-08 575488]
S2 SBService;ScriptBlocking Service; C:\PROGRA~1\GEMEIN~1\SYMANT~1\SCRIPT~1\SBServ.exe [2001-08-13 54408]
S2 TwonkyMedia;TwonkyMedia; C:\Programme\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe [2008-10-20 102400]
S3 aspnet_state;ASP.NET-Zustandsdienst; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 ccEvtMgr;Symantec Event Manager; C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe [2002-11-19 321232]
S3 ccPwdSvc;Symantec Password Validation Service; C:\Programme\Gemeinsame Dateien\Symantec Shared\ccPwdSvc.exe [2002-11-19 100040]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Updater Service; C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-03-28 138168]
S3 HauppaugeTVServer;HauppaugeTVServer; C:\PROGRA~1\WinTV\HCWTVS~1.EXE [2007-02-20 815104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Programme\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 navapsvc;Norton AntiVirus Auto-Protect-Dienst; C:\Programme\Norton AntiVirus\navapsvc.exe [2002-11-19 116344]
S3 odserv;Microsoft Office Diagnostics Service; C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Windows Media Player-Netzwerkfreigabedienst; C:\Programme\Windows Media Player\WMPNetwk.exe [2006-11-03 920576]
S4 NetTcpPortSharing;Net.Tcp-Portfreigabedienst; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------
Geändert von hamburger84 (12.03.2010 um 23:58 Uhr)

Antwort

Themen zu viele trojaner (drooper, alureon) und umleitung über ukrainische seite, was tun?
antivir, antivir guard, antivirus, avira, bho, bonjour, c:\windows\temp, computer, content.ie5, desktop, einstellungen, hijack, hijackthis, hkus\s-1-5-18, home, internet, internet explorer, lan verbindung, langsam, log files, mp3, netzwerk, senden, software, spam, symantec, system, toolbars, trojan.dropper, trojaner, was tun, windows, windows xp


« Virenprobleme und keine Lösung | HiJackThis Log post »


Ähnliche Themen: viele trojaner (drooper, alureon) und umleitung über ukrainische seite, was tun?


  1. Browser-Umleitung zu schädlicher Seite und unerwüschte Werbeeinblendung
    Plagegeister aller Art und deren Bekämpfung - 04.08.2012 (7)
  2. Nach Google Suche umleitung über Rocketnews zu safeseeking.com
    Plagegeister aller Art und deren Bekämpfung - 02.07.2012 (16)
  3. Trojaner Sirefe.FT / Drooper.PE4 / Rootkit.0Acces usw
    Plagegeister aller Art und deren Bekämpfung - 11.06.2012 (3)
  4. Suchmaschinen Umleitung zu Werbseiten (über Rocketnews)
    Plagegeister aller Art und deren Bekämpfung - 26.05.2012 (27)
  5. Infizierung mit Trojaner TR/Drop.Softomat.An und TR/Trash.Gen und Maleware über Seite Mywebface
    Log-Analyse und Auswertung - 26.04.2012 (20)
  6. Umleitung von Google auf Unbekannte Seite
    Plagegeister aller Art und deren Bekämpfung - 28.03.2012 (6)
  7. Umleitung von Google-Links über 100ksearches
    Plagegeister aller Art und deren Bekämpfung - 05.08.2011 (22)
  8. Google-Umleitung auf Werbeseiten über 100ksearches.com
    Plagegeister aller Art und deren Bekämpfung - 14.07.2011 (1)
  9. Umleitung auf Phishing-Seite, Antivirenprogramm(e) plötzlich deaktiviert, neue nicht installierbar
    Plagegeister aller Art und deren Bekämpfung - 09.07.2011 (64)
  10. Trash.Gen, Umleitung über andere Seiten, Formatieren nutzlos
    Plagegeister aller Art und deren Bekämpfung - 15.12.2010 (3)
  11. Uni Seite öffnet nicht nach Meldung von Viren wie TR/Alureon.EC.72 TR/Rootkit.Gen3
    Log-Analyse und Auswertung - 14.11.2010 (19)
  12. Ungewollte Umleitung auf andere Seite; Pls HijackThis-Log auswerten
    Log-Analyse und Auswertung - 21.10.2010 (2)
  13. Umleitung auf Seiten wie netwere.com, Seite nicht gefunden im Firefox und IE
    Plagegeister aller Art und deren Bekämpfung - 20.09.2010 (16)
  14. Nach URL-Eingabe Umleitung auf falsche Seite
    Log-Analyse und Auswertung - 25.08.2010 (18)
  15. Über Rechner per Trojaner Seite gehackt?
    Log-Analyse und Auswertung - 06.06.2010 (18)
  16. Mozilla - Umleitung oder Seite nicht aufrufbar
    Log-Analyse und Auswertung - 23.03.2010 (1)
  17. DNS-Umleitung über einen ausländischen Server? *Hilfe?!
    Log-Analyse und Auswertung - 22.01.2008 (4)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema viele trojaner (drooper, alureon) und umleitung über ukrainische seite, was tun? - Logfile of random's system information tool 1.06 (written by random/random) Run by Admin at 2010-03-12 23:04:03 Microsoft Windows XP Home Edition Service Pack 3 System drive C: has 37 GB - viele trojaner (drooper, alureon) und umleitung über ukrainische seite, was tun?...
Archiv
Du betrachtest: viele trojaner (drooper, alureon) und umleitung über ukrainische seite, was tun? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132