Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Trojanisches Pferd TR/Crypt.XPACK.Gen

Trojanisches Pferd TR/Crypt.XPACK.Gen


Plagegeister aller Art und deren Bekämpfung: Trojanisches Pferd TR/Crypt.XPACK.Gen

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 15.05.2010, 18:54   #1
KoBr24
 
Trojanisches Pferd TR/Crypt.XPACK.Gen - Standard

Trojanisches Pferd TR/Crypt.XPACK.Gen


Ich habe heute mehrfach die Meldung:
Zitat:
C:\System Volume Information\_restore{35B2C2AE-B663-4BF4-8BBA-183A2B58DBD6}\RP670\A0291087.exe
[FUND] Ist das Trojanische Pferd TR/Crypt.XPACK.Gen
bekommen, habe danach mit AntiVIr eine Systemprüfung durchgeführt.
Dabei wurde diese Datei in Quarantäneverzeichnis verschoben:
Zitat:
[HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '4c20d0d9.qua' verschoben!
Ich habe leider gar keine Erfahrung, was das Entfernen solcher schädlichen Dateien betrifft. Deswegen habe ich mich in diesem Forum angemeldet und die Schritte zur Erstellung eines Threads durchgeführt. Ich hoffe jemand findet Zeit, sich die folgenden Zeilen durchzulesen. Über Hilfe würde ich mich riesig freuen, danke im Voraus!

mbam-log-2010-05-15(19-14-52).txt:
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 4104

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13

15.05.2010 19:14:52
mbam-log-2010-05-15 (19-14-52).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 127536
Laufzeit: 5 Minute(n), 7 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 4
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 12
Infizierte Dateien: 131

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Cheat Engine (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055fd26d-3a88-4e15-963d-dc8493744b1d} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{055fd26d-3a88-4e15-963d-dc8493744b1d} (Trojan.BHO) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
C:\Programme\Cheat Engine (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\example scripts (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\include (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\Plugins (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\Plugins\DebugEventLog (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\Plugins\DebugEventLog\src (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\Plugins\example packet editor (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\Plugins\example packet editor\inject (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\Plugins\example packet editor\inject\src (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\Plugins\example packet editor\src (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\Plugins\example-c (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\Plugins\example-delphi (Backdoor.Bot) -> Quarantined and deleted successfully.

Infizierte Dateien:
C:\Programme\Cheat Engine\Addresses.TMP (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\ADDRESSESFIRST.TMP (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\allochook.dll (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\Black.bmp (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\CEHook.dll (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\ceregreset.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\Cheat Engine.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\CheatEngine.chm (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\commonmodulelist.txt (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\dbk32.dll (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\dbk32.sys (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\dbk64.sys (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\dxhook.dll (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\EmptyDLL.dll (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\EmptyProcess.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\Kernelmoduleunloader.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\LockedString.bmp (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\Locktexture.bmp (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\MEMORYFIRST.TMP (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\movementtexture.bmp (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\speedhack.dll (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\Systemcallretriever.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\systemcallsignal.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\targettexture.bmp (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\TextureString.bmp (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\Tutorial.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\ucc12.dll (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\undercdll.dll (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\unins000.dat (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\unins000.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\UnLockedString.bmp (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\vmdisk.img (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\example scripts\changeregtest.CEC (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\example scripts\gettime.CEC (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\example scripts\sleepcall.CEC (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\example scripts\step10.CEC (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\example scripts\testscript.CEC (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\example scripts\timermess.CEC (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\include\algorithm (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\include\assert.h (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\include\cctype (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\include\classlib.h (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\include\cmath (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\include\cstdarg.txt (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\include\cstdio (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\include\cstdlib (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\include\cstring (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\include\foreach2.h (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\include\for_each.h (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\include\fstream (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\include\fstream.h (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\include\glib.h (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\include\header.cpp (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\include\io.h (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\include\iostream (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\include\iostream.h (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\include\list (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\include\list.new (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\include\listx (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\include\malloc.h (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\include\map (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\include\math.h (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\include\new-stdlib.h (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\include\old-string (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\include\regexp.h (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\include\rx++.h (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\include\self.imp (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\include\sstream (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\include\stdarg.h (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\include\stddef.h (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\include\stdio.h (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\include\stdlib.h (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\include\string (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\include\string.h (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\include\strstrea.h (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\include\strstream.h (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\include\test-stdarg.uc (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\include\time.h (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\include\turtle.h (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\include\ucri.h (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\include\uc_except.h (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\include\uc_save.h (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\include\uc_timer.h (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\include\vector (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\include\vector.h (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\include\winbase.h (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\include\windows.h (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\include\wininet.h (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\include\winuser.h (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\include\yawl.h (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\include\_end_shared.h (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\include\_shared_lib.h (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\Plugins\cepluginsdk.h (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\Plugins\cepluginsdk.pas (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\Plugins\DebugEventLog\DebugEventLog.dll (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\Plugins\DebugEventLog\src\DebugEventLog.cfg (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\Plugins\DebugEventLog\src\DebugEventLog.dpr (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\Plugins\DebugEventLog\src\DebugEventLog.res (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\Plugins\DebugEventLog\src\exportimplementation.pas (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\Plugins\DebugEventLog\src\frmEventLogUnit.dfm (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\Plugins\DebugEventLog\src\frmEventLogUnit.pas (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\Plugins\example packet editor\inject\src\cepe.cfg (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\Plugins\example packet editor\inject\src\cepe.dof (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\Plugins\example packet editor\inject\src\cepe.dpr (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\Plugins\example packet editor\inject\src\cepe.res (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\Plugins\example packet editor\inject\src\filterform.dfm (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\Plugins\example packet editor\inject\src\filterform.pas (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\Plugins\example packet editor\inject\src\hexedit.pas (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\Plugins\example packet editor\inject\src\mainunit.dfm (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\Plugins\example packet editor\inject\src\mainunit.pas (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\Plugins\example packet editor\inject\src\packetfilter.pas (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\Plugins\example packet editor\src\injector.pas (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\Plugins\example packet editor\src\packeteditor.cfg (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\Plugins\example packet editor\src\packeteditor.dof (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\Plugins\example packet editor\src\packeteditor.dpr (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\Plugins\example packet editor\src\packeteditor.res (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\Plugins\example packet editor\src\Unit1.pas (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\Plugins\example-c\example-c.c (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\Plugins\example-c\example-c.def (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\Plugins\example-c\example-c.dll (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\Plugins\example-c\example-c.sln (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\Plugins\example-c\example-c.vcproj (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\Plugins\example-delphi\exampleplugin.cfg (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\Plugins\example-delphi\exampleplugin.dll (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\Plugins\example-delphi\exampleplugin.dof (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\Plugins\example-delphi\exampleplugin.dpr (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\Plugins\example-delphi\exampleplugin.res (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Programme\Cheat Engine\Plugins\example-delphi\Unit1.pas (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\***\Desktop\Cheat Engine.LNK (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\h@tkeysh@@k.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Programme\ICQToolbar\toolbaru.dll (Trojan.BHO) -> Quarantined and deleted successfully.



log.text
Logfile of random's system information tool 1.07 (written by random/random)
Run by *** at 2010-05-15 19:23:39
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 77 GB (25%) free of 305 GB
Total RAM: 2047 MB (77% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:23:46, on 15.05.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17023)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Avira\AntiVir Desktop\sched.exe
C:\Programme\Avira\AntiVir Desktop\avguard.exe
C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\ATKKBService.exe
C:\Programme\Bonjour\mDNSResponder.exe
C:\Programme\ICQ6Toolbar\ICQ Service.exe
C:\Programme\Java\jre6\bin\jqs.exe
C:\Programme\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Programme\802.11 Wireless LAN\802.11g Pen Size Wireless USB 2.0 Adapter HW.32 V1.10\SiSWLSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe
C:\Programme\QuickTime\QTTask.exe
C:\Programme\iTunes\iTunesHelper.exe
C:\Programme\Java\jre6\bin\jusched.exe
C:\Programme\SweetIM\Messenger\SweetIM.exe
C:\Programme\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Programme\iPod\bin\iPodService.exe
C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Programme\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Programme\802.11 Wireless LAN\802.11g Pen Size Wireless USB 2.0 Adapter HW.32 V1.10\WlanCU.exe
C:\Dokumente und Einstellungen\***\Desktop\RSIT.exe
C:\Programme\trend micro\***.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Programme\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Programme\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Programme\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Programme\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Programme\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programme\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SweetIM] C:\Programme\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [avgnt] "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [combofix] "C:\ComboFix\" /c "C:\ComboFix\C.bat"
O4 - HKCU\..\Run: [swg] "C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Steam] "c:\programme\steam\steam.exe" -silent
O4 - HKCU\..\Run: [RGSC] C:\Programme\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKCU\..\Run: [DAEMON Tools Lite] C:\Programme\DAEMON Tools Lite\DTLite.exe -autorun
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Erinnerungen für Microsoft Works-Kalender.lnk = ?
O4 - Global Startup: Wireless Configuration Utility HW.32.lnk = ?
O8 - Extra context menu item: Google Sidewiki... - res://C:\Programme\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Programme\Bonjour\ExplorerPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programme\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programme\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - hxxp://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - hxxp://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab
O16 - DPF: {D4003189-95B1-4A2F-9A87-F2B03665960D} (VodClient Control Class) - hxxp://www.vexcast.com/download/vexcast.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. - C:\Programme\Bonjour\mDNSResponder.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Programme\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Programme\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Programme\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: NMSAccessU - Unknown owner - C:\Programme\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: SiS WirelessLan Service (SiSWLSvc) - Unknown owner - C:\Programme\802.11 Wireless LAN\802.11g Pen Size Wireless USB 2.0 Adapter HW.32 V1.10\SiSWLSvc.exe

--
End of file - 11697 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\1-Klick-Wartung.job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{16E428EF-277D-462F-8049-47DA60D4291E}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Programme\Java\jre6\bin\ssv.dll [2009-03-18 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll [2010-02-25 279664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Programme\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll [2010-02-25 812528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C451C08A-EC37-45DF-AAAD-18B51AB5E837}]
PDFCreator Toolbar Helper - C:\Programme\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll [2008-06-07 806912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Programme\Ask.com\GenericAskToolbar.dll [2010-02-04 1197448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Programme\Java\jre6\bin\jp2ssv.dll [2009-03-18 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-03-18 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
SweetIM Toolbar Helper - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2009-10-19 1345336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FE063DB1-4EC0-403e-8DD8-394C54984B2C}]
Ask Toolbar BHO - C:\Programme\AskTBar\bar\1.bin\ASKTBAR.DLL [2008-01-13 245760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Programme\ICQ6Toolbar\ICQToolBar.dll [2009-06-01 962808]
{FE063DB9-4EC0-403e-8DD8-394C54984B2C} - Ask Toolbar - C:\Programme\AskTBar\bar\1.bin\ASKTBAR.DLL [2008-01-13 245760]
{31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - PDFCreator Toolbar - C:\Programme\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll [2008-06-07 806912]
{EEE6C35B-6118-11DC-9C72-001320C79847} - SweetIM Toolbar for Internet Explorer - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2009-10-19 1345336]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Programme\DAEMON Tools Toolbar\DTToolbar.dll [2009-11-24 953800]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Programme\Ask.com\GenericAskToolbar.dll [2010-02-04 1197448]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll [2010-02-25 279664]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-03-21 16126464]
"GrooveMonitor"=C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"QuickTime Task"=C:\Programme\QuickTime\QTTask.exe [2008-05-27 413696]
"iTunesHelper"=C:\Programme\iTunes\iTunesHelper.exe [2008-06-02 267048]
"SunJavaUpdateSched"=C:\Programme\Java\jre6\bin\jusched.exe [2009-03-18 136600]
"SweetIM"=C:\Programme\SweetIM\Messenger\SweetIM.exe [2009-10-20 111928]
"avgnt"=C:\Programme\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2010-01-11 110696]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-01-11 13666408]
"combofix"=C:\ComboFix\ /c C:\ComboFix\C.bat []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-12-23 68856]
"MSMSGS"=C:\Programme\Messenger\msmsgs.exe [2008-04-14 1695232]
"Steam"=c:\programme\steam\steam.exe [2010-05-10 1238352]
"RGSC"=C:\Programme\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe [2008-12-14 306088]
"DAEMON Tools Lite"=C:\Programme\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart
Adobe Reader Speed Launch.lnk - C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe
Erinnerungen für Microsoft Works-Kalender.lnk - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\wkcalrem.exe
Wireless Configuration Utility HW.32.lnk - C:\WINDOWS\Installer\{BDC88E5A-F47B-4314-AB38-994592E32C95}\NewShortcut1.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Programme\802.11 Wireless LAN\802.11g Pen Size Wireless USB 2.0 Adapter HW.32 V1.10\WlanCU.exe"="C:\Programme\802.11 Wireless LAN\802.11g Pen Size Wireless USB 2.0 Adapter HW.32 V1.10\WlanCU.exe:*:Enabled:Wireless Configuration Utility HW.32"
"C:\Programme\ANSTOSS 3\anstoss3.exe"="C:\Programme\ANSTOSS 3\anstoss3.exe:*:Enabled:ANSTOSS 3 starten"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Programme\NetMeeting\conf.exe"="C:\Programme\NetMeeting\conf.exe:*:Enabled:Windows® NetMeeting®"
"C:\Programme\SopCast\adv\SopAdver.exe"="C:\Programme\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver"
"C:\Programme\SopCast\SopCast.exe"="C:\Programme\SopCast\SopCast.exe:*:Enabled:SopCast Main Application"
"C:\Programme\VideoLAN\VLC\vlc.exe"="C:\Programme\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
"C:\Programme\SopCast\sopvod.exe"="C:\Programme\SopCast\sopvod.exe:*:Enabled:sopvod"
"C:\Programme\TVUPlayer\TVUPlayer.exe"="C:\Programme\TVUPlayer\TVUPlayer.exe:*:Enabled:TVUPlayer Component"
"C:\Programme\Bonjour\mDNSResponder.exe"="C:\Programme\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Programme\Microsoft Office\Office12\GROOVE.EXE"="C:\Programme\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Programme\Microsoft Office\Office12\ONENOTE.EXE"="C:\Programme\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Programme\Mozilla Firefox\firefox.exe"="C:\Programme\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Programme\iTunes\iTunes.exe"="C:\Programme\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Programme\Rockstar Games\Grand Theft Auto IV\GTAIV.exe"="C:\Programme\Rockstar Games\Grand Theft Auto IV\GTAIV.exe:*:Enabled:Grand Theft Auto IV"
"C:\Programme\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe"="C:\Programme\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe:*:Enabled:Rockstar Games Social Club"
"C:\Programme\Microsoft Games\Age of Empires III\age3.exe"="C:\Programme\Microsoft Games\Age of Empires III\age3.exe:*:Enabled:Age of Empires 3"
"C:\Programme\KONAMI\Pro Evolution Soccer 2009\pes2009.exe"="C:\Programme\KONAMI\Pro Evolution Soccer 2009\pes2009.exe:*:Enabled:Pro Evolution Soccer 2009"
"C:\Programme\Steam\steamapps\common\nba 2k9\nba2k9.exe"="C:\Programme\Steam\steamapps\common\nba 2k9\nba2k9.exe:*:Enabled:NBA 2K9"
"C:\Programme\PPStream\PPStream.exe"="C:\Programme\PPStream\PPStream.exe:*:Enabled:PPSÍøÂçµçÊÓ"
"C:\Programme\PPStream\PPSAP.exe"="C:\Programme\PPStream\PPSAP.exe:*:Enabled:PPS ÍøÂç¼ÓËÙÆ÷"
"C:\Programme\ICQ6.5\ICQ.exe"="C:\Programme\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Programme\PPStream\update\ppstreamsetup-update090811.exe"="C:\Programme\PPStream\update\ppstreamsetup-update090811.exe:*:Enabled:PPStream Installer"
"C:\Programme\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe"="C:\Programme\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe:*:Enabled:Assassin's Creed Dx9"
"C:\Programme\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe"="C:\Programme\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe:*:Enabled:Assassin's Creed Dx10"
"C:\Programme\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe"="C:\Programme\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe:*:Enabled:Assassin's Creed Update"
"C:\Programme\2K Sports\NBA 2K10\nba2k10.exe"="C:\Programme\2K Sports\NBA 2K10\nba2k10.exe:*:Enabled:2K Sports NBA 2K10"
"C:\Programme\Pinnacle\VideoSpin\Programs\RM.exe"="C:\Programme\Pinnacle\VideoSpin\Programs\RM.exe:*:Enabled:Render Manager"
"C:\Programme\Pinnacle\VideoSpin\Programs\umi.exe"="C:\Programme\Pinnacle\VideoSpin\Programs\umi.exe:*:Enabled:umi"
"C:\Programme\Pinnacle\VideoSpin\Programs\VideoSpin.exe"="C:\Programme\Pinnacle\VideoSpin\Programs\VideoSpin.exe:*:Enabled:Pinnacle VideoSpin"
"C:\Programme\KONAMI\Pro Evolution Soccer 2010\pes2010.exe"="C:\Programme\KONAMI\Pro Evolution Soccer 2010\pes2010.exe:*:Enabled:Pro Evolution Soccer 2010"
"C:\Programme\KONAMI\Pro Evolution Soccer 2010\save\pes2010.exe"="C:\Programme\KONAMI\Pro Evolution Soccer 2010\save\pes2010.exe:*:Enabled:Pro Evolution Soccer 2010"
"C:\Programme\TVAnts\Tvants.exe"="C:\Programme\TVAnts\Tvants.exe:*:Enabled:TVAnts"
"C:\Dokumente und Einstellungen\***\Anwendungsdaten\Macromedia\Flash Player\w*w.macromedia.com\bin\octoshape\octoshape.exe"="C:\Dokumente und Einstellungen\***\Anwendungsdaten\Macromedia\Flash Player\w*w.macromedia.com\bin\octoshape\octoshape.exe:*:Enabled:Octoshape add-in for Adobe Flash Player"
"C:\Programme\KONAMI\Pro Evolution Soccer 2010\save2\pes2010.exe"="C:\Programme\KONAMI\Pro Evolution Soccer 2010\save2\pes2010.exe:*:Enabled:Pro Evolution Soccer 2010"
"C:\Programme\StreamTorrent 1.0\StreamTorrent.exe"="C:\Programme\StreamTorrent 1.0\StreamTorrent.exe:*:Enabled:StreamTorrent Media Player"
"C:\Programme\Internet Explorer\iexplore.exe"="C:\Programme\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"C:\Programme\SecondLife\SLVoice.exe"="C:\Programme\SecondLife\SLVoice.exe:*:Enabled:SLVoice"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2010-05-15 19:23:39 ----D---- C:\rsit
2010-05-15 19:23:39 ----D---- C:\Programme\trend micro
2010-05-15 19:06:59 ----D---- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Malwarebytes
2010-05-15 19:06:45 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
2010-05-15 19:06:44 ----D---- C:\Programme\Malwarebytes' Anti-Malware
2010-05-15 17:14:06 ----D---- C:\ComboFix
2010-05-15 17:08:14 ----D---- C:\Programme\CCleaner
2010-05-13 13:38:28 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$
2010-04-26 14:41:14 ----D---- C:\Programme\PixiePack Codec Pack
2010-04-21 16:01:22 ----D---- C:\Programme\AIST

======List of files/folders modified in the last 1 months======

2010-05-15 19:23:39 ----D---- C:\Programme
2010-05-15 19:18:40 ----D---- C:\Programme\Steam
2010-05-15 19:18:17 ----D---- C:\WINDOWS\Temp
2010-05-15 19:17:54 ----D---- C:\WINDOWS\system32\CatRoot2
2010-05-15 19:17:15 ----D---- C:\WINDOWS\system32\drivers
2010-05-15 19:16:31 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-05-15 19:16:21 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2010-05-15 19:14:51 ----D---- C:\WINDOWS\system32
2010-05-15 19:06:45 ----D---- C:\WINDOWS\Prefetch
2010-05-15 17:15:26 ----D---- C:\WINDOWS
2010-05-15 17:11:35 ----D---- C:\WINDOWS\Minidump
2010-05-15 17:11:35 ----D---- C:\WINDOWS\Debug
2010-05-13 13:38:57 ----SHD---- C:\WINDOWS\Installer
2010-05-13 13:38:57 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft Help
2010-05-13 13:38:57 ----D---- C:\Config.Msi
2010-05-13 13:38:33 ----HD---- C:\WINDOWS\inf
2010-05-13 13:38:30 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-05-13 13:38:30 ----D---- C:\Programme\Outlook Express
2010-05-13 12:45:13 ----HD---- C:\WINDOWS\$hf_mig$
2010-05-03 23:18:59 ----D---- C:\Dokumente und Einstellungen\***\Anwendungsdaten\ICQ
2010-04-30 20:51:06 ----A---- C:\WINDOWS\system32\MRT.exe
2010-04-28 20:57:44 ----A---- C:\WINDOWS\DUMP7a50.tmp
2010-04-26 15:09:26 ----A---- C:\WINDOWS\Podcasts.INI
2010-04-26 14:40:55 ----D---- C:\Programme\RapidSolution
2010-04-21 18:13:29 ----A---- C:\WINDOWS\system.ini
2010-04-21 17:27:51 ----D---- C:\Programme\Pinnacle
2010-04-21 17:27:35 ----D---- C:\Programme\Gemeinsame Dateien
2010-04-21 17:27:33 ----RSD---- C:\WINDOWS\Fonts
2010-04-21 17:14:10 ----D---- C:\Programme\DVDVideoSoft
2010-04-21 16:02:48 ----A---- C:\WINDOWS\win.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 asuskbnt;Enhanced Display Driver Helper Service; C:\WINDOWS\system32\drivers\atkkbnt.sys [2007-09-13 11136]
R1 avgio;avgio; \??\C:\Programme\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 EIO;EIO; \??\C:\WINDOWS\system32\drivers\EIO.sys []
R1 intelppm;Intel-Prozessortreiber; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40448]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R2 ACEDRV07;ACEDRV07; \??\C:\WINDOWS\system32\drivers\ACEDRV07.sys []
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-11-25 56816]
R2 irda;IrDA-Protokoll; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
R3 asusgsb;ASUS Virtual Video Capture Device Driver; C:\WINDOWS\system32\drivers\asusgsb.sys [2007-09-13 12416]
R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller; C:\WINDOWS\system32\DRIVERS\atl01_xp.sys [2007-03-15 38656]
R3 GEARAspiWDM;GEAR CDRom Filter; C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys [2008-01-29 16168]
R3 HDAudBus;Microsoft UAA-Bustreiber für High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Microsoft HID Class-Treiber; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-03-26 4395008]
R3 mouhid;Maus-HID-Treiber; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-04 12288]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-01-12 10276768]
R3 Rasirda;WAN-Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 RRNetCapMP;RRNetCapMP; C:\WINDOWS\system32\DRIVERS\rrnetcap.sys [2009-11-16 27168]
R3 SIS163u;SiS 163 usb Wireless LAN Adapter Driver; C:\WINDOWS\system32\DRIVERS\sis163u.sys [2004-12-29 167424]
R3 SISNPF;SIS Netgroup Packet Filter; C:\WINDOWS\system32\drivers\SISNPF.sys [2004-12-31 74240]
R3 tbhsd;Tunebite High-Speed Dubbing; C:\WINDOWS\system32\drivers\tbhsd.sys [2009-11-16 37920]
R3 usbehci;Miniporttreiber für erweiterten Microsoft USB 2.0-Hostcontroller; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2-aktivierter Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbstor;USB-Massenspeichertreiber; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Miniporttreiber für universellen Microsoft USB-Hostcontroller; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 Video3D;ASUS Video3D Service; C:\WINDOWS\System32\Drivers\Video3D32.sys [2007-09-13 10752]
S1 kbdhid;Tastatur-HID-Treiber; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
S3 ASUSVRC;ASUSTeK Virtual Capture Device; C:\WINDOWS\system32\DRIVERS\AsusVRC.sys [2007-01-29 18432]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CCDECODE;Untertiteldecoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 E1000;Intel(R) PRO/1000 Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1000325.sys [2006-10-24 170392]
S3 irsir;Microsoft serieller Infrarottreiber; C:\WINDOWS\system32\DRIVERS\irsir.sys [2001-08-17 18688]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI-Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV-/Videoverbindung; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2008-01-13 47360]
S3 RRNetCap;RRNetCap Service; C:\WINDOWS\system32\DRIVERS\rrnetcap.sys [2009-11-16 27168]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA-IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2008-01-15 30464]
S3 usbbus;LGE Mobile Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgusbbus.sys [2007-07-11 12416]
S3 usbccgp;Microsoft Standard-USB-Haupttreiber; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys [2007-07-11 19840]
S3 USBModem;LGE Mobile USB Modem; C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys [2007-07-11 21632]
S3 usbohci;Miniporttreiber für Microsoft USB Open Host-Controller; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
S3 usbscan;USB-Scannertreiber; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext-Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-02-04 691696]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirSchedulerService;Avira AntiVir Planer; C:\Programme\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Programme\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089]
R2 Apple Mobile Device;Apple Mobile Device; C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2007-09-06 110592]
R2 ATKKeyboardService;ATK Keyboard Service; C:\WINDOWS\ATKKBService.exe [2007-09-13 258560]
R2 BonjourService;Bonjour-Dienst; C:\Programme\Bonjour\mDNSResponder.exe [2007-07-24 229376]
R2 ICQ Service;ICQ Service; C:\Programme\ICQ6Toolbar\ICQ Service.exe [2009-06-01 222968]
R2 Irmon;Infrarotüberwachung; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Programme\Java\jre6\bin\jqs.exe [2009-03-18 152984]
R2 NMSAccessU;NMSAccessU; C:\Programme\CDBurnerXP\NMSAccessU.exe [2008-03-09 71096]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-01-11 154216]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2008-10-12 66872]
R2 SiSWLSvc;SiS WirelessLan Service; C:\Programme\802.11 Wireless LAN\802.11g Pen Size Wireless USB 2.0 Adapter HW.32 V1.10\SiSWLSvc.exe [2004-12-31 45056]
R2 UxTuneUp;TuneUp Designerweiterung; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
R3 iPod Service;iPod-Dienst; C:\Programme\iPod\bin\iPodService.exe [2008-06-02 504104]
S2 gupdate;Google Update Service (gupdate); C:\Programme\Google\Update\GoogleUpdate.exe [2010-02-25 135664]
S2 vvdsvc;VJVodClientServices; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 Adobe LM Service;Adobe LM Service; C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe [2008-05-21 72704]
S3 aspnet_state;ASP.NET-Zustandsdienst; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 gusvc;Google Software Updater; C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-05-03 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Programme\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 NMIndexingService;NMIndexingService; C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe []
S3 odserv;Microsoft Office Diagnostics Service; C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Windows Media Player-Netzwerkfreigabedienst; C:\Programme\Windows Media Player\WMPNetwk.exe [2006-11-03 920576]
S4 NetTcpPortSharing;Net.Tcp-Portfreigabedienst; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

 

Themen zu Trojanisches Pferd TR/Crypt.XPACK.Gen
adware.mywebsearch, antivir, antivir guard, ask toolbar, ask.com, avgntflt.sys, avira, browser, browseui preloader, cdburnerxp, combofix, computer, desktop, device driver, diagnostics, entfernen, excel, firefox, firefox.exe, flash player, fontcache, google, grand theft auto, gupdate, hijack, hijackthis, hkus\s-1-5-18, home, iexplore.exe, inject, nodrives, pdfcreator, plug-in, realtek, senden, software, sptd.sys, starten, sweetim, system, tr/crypt.xpack.ge, tr/crypt.xpack.gen, trojanisches pferd, usb 2.0, videospin, vlc media player, windows xp, wireless lan


« wA6mruD6.exe öffnet sich dauernd im Hintergund | Programm öffnet sich immer selber »


Ähnliche Themen: Trojanisches Pferd TR/Crypt.XPACK.Gen


  1. Trojanische Pferd TR/Crypt.Xpack.74102
    Log-Analyse und Auswertung - 17.07.2014 (15)
  2. Trojanisches Pferd TR/Crypt.XPACK.Gen3 gefunden ... Fehlalarm?
    Plagegeister aller Art und deren Bekämpfung - 07.04.2013 (11)
  3. Trojanische Pferd TR/Crypt.XPACK.Gen
    Plagegeister aller Art und deren Bekämpfung - 16.08.2012 (1)
  4. Trojanisches Pferd TR/Crypt.XPACK.Gen3
    Log-Analyse und Auswertung - 02.04.2012 (1)
  5. Trojanisches Pferd TR/Crypt.zpack.gen2 gefunden. Kein Internet!
    Plagegeister aller Art und deren Bekämpfung - 19.03.2012 (62)
  6. Trojanisches Pferd TR/Crypt.XPACK.Gen und andere
    Plagegeister aller Art und deren Bekämpfung - 07.01.2011 (5)
  7. Trojanisches Pferd TR/Patched.Gen //// Trojanisches Pferd TR/Refroso.ayol
    Überwachung, Datenschutz und Spam - 26.12.2010 (6)
  8. windows\system32\gff6.exe ist trojanisches Pferd TR/Crypt.PEPM.Gen
    Log-Analyse und Auswertung - 16.10.2010 (19)
  9. Trojanisches Pferd TR/Crypt.ZPACK.Gen gefunden - was tun?
    Plagegeister aller Art und deren Bekämpfung - 13.10.2010 (17)
  10. Trojanisches Pferd TR/Crypt.XPACK.Gen2
    Plagegeister aller Art und deren Bekämpfung - 12.10.2010 (5)
  11. Trojanisches Pferd TR/Crypt.XPACK.Gen2 / gebxxv.dll
    Plagegeister aller Art und deren Bekämpfung - 06.05.2010 (1)
  12. Trojanisches pferd tr/crypt/xpack:gen
    Plagegeister aller Art und deren Bekämpfung - 05.01.2010 (3)
  13. TROJANISCHES PFERD TR/CRYPT/XPACK:GENyY>
    Plagegeister aller Art und deren Bekämpfung - 23.12.2009 (1)
  14. Trojanisches Pferd in verschiedenen Ausführungen (Vilsel/PCK/Crypt/Dldr)
    Plagegeister aller Art und deren Bekämpfung - 07.12.2009 (3)
  15. Trojanische Pferd TR/Crypt.XPACK.Gen
    Plagegeister aller Art und deren Bekämpfung - 13.12.2008 (8)
  16. Trojanisches Pferd TR/Crypt.XPACK.Gen - ist es jetzt plötzlich weg? Anbei HJT File
    Log-Analyse und Auswertung - 23.12.2007 (13)
  17. Trojanisches Pferd TR/Crypt.XPACK.Gen , bekomme diesen Trojaner nicht gelöscht
    Plagegeister aller Art und deren Bekämpfung - 04.10.2007 (4)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Trojanisches Pferd TR/Crypt.XPACK.Gen - Ich habe heute mehrfach die Meldung: Zitat: C:\System Volume Information\_restore{35B2C2AE-B663-4BF4-8BBA-183A2B58DBD6}\RP670\A0291087.exe [FUND] Ist das Trojanische Pferd TR/Crypt.XPACK.Gen bekommen, habe danach mit AntiVIr eine Systemprüfung durchgeführt. Dabei wurde diese Datei in Quarantäneverzeichnis - Trojanisches Pferd TR/Crypt.XPACK.Gen...
Archiv
Du betrachtest: Trojanisches Pferd TR/Crypt.XPACK.Gen auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131