Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: svchost.exe macht 100% Systemauslastung bei Internetverbindung

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 11.06.2010, 14:57   #1
Msmg
 
svchost.exe macht 100% Systemauslastung bei Internetverbindung - Ausrufezeichen

svchost.exe macht 100% Systemauslastung bei Internetverbindung



Hallo zusammen!

svchost.exe macht bei mir 100% Systemauslastung, sobald ich online gehe. Habe Windows Updates bereits abgestellt, daran liegt es nicht.

Wenn ich den PC ohne eingestecktes Netzwerkkabel hochfahre läuft alles prima. Sobald ich das Netzwerkkabel einstecke, geht es los (s.o.).

Bin jetzt im Internetcafe, weil der PC mit Internet extrem langsam ist.

Nähere Details: Ich war, kurz bevor das Problem das erste mal auftauchte, auf der Seite w*w.asien-reise.net
Habe dort von AVG eine Warnung bekommen, dass die Seite versucht, einen Trojaner o.ä. zu installieren. Danach gings los (s.o.)

Habe bereits mit Malwarebytes ein paar Trojaner entfernt, aber Problem besteht weiter.

Hier nun alle nötigen Infos:

Vielen Dank schon mal fürs Helfen!!!!

M.

CCleaner: Keine Auffälligkeiten.

CCleaner: Uninstall-List:
Code:
ATTFilter
 7-Zip 4.65		
AAVUpdateManager	Akademische Arbeitsgemeinschaft	12.00.0000
Acrobat Elements 6.0 - Deutsch	Adobe Systems	006.000.000
****		
Adobe Flash Player 10 ActiveX	Adobe Systems Incorporated	10.0.45.2
Adobe Flash Player 10 Plugin	Adobe Systems Incorporated	10.0.45.2
Adobe Photoshop Elements 3.0	Adobe Systems, Inc.	003.000.0000
Adobe Premiere Standard	Adobe Systems, Inc.	7.0
Adobe Reader 9.3.2 - Deutsch	Adobe Systems Incorporated	9.3.2
AlphaTrack Driver 1.1.0	Frontier Design Group, LLC	1.0.0
Antares Kantos v1.0		
Antares Tube v1.0		
Any Video Converter 3.0.3	Any-Video-Converter.com	
Apple Software Update	Apple Inc.	2.1.1.116
ATI - Dienstprogramm zur Deinstallation der Software		6.14.10.1012
ATI Control Panel		6.14.10.5140
ATI Display Driver		8.102-050201a-021033C-Sony
ATK0100 ACPI UTILITY		
AVG Free 9.0	AVG Technologies	
Avidemux 2.5		2.5.2.5660
BitterSweetII	Flux:: sound and picture development	2.0.10.995
Canon Camera Access Library	Canon Inc.	8.4.0.1
Canon Camera Support Core Library	Canon Inc.	7.3.1.6
Canon G.726 WMP-Decoder	Canon Inc.	1.1.0.4
CANON iMAGE GATEWAY Task for ZoomBrowser EX	Canon Inc.	1.5.0.3
Canon Internet Library for ZoomBrowser EX	Canon Inc.	1.6.1.6
Canon IXY 320, PowerShot S230, IXUS v3 WIA-Treiber	Canon	5.0.5
Canon MovieEdit Task for ZoomBrowser EX	Canon Inc.	2.6.0.4
Canon MP Drivers 6.0		
Canon MP Navigator 1.0		
Canon RAW Image Task for ZoomBrowser EX	Canon Inc.	0.9.3.9
Canon ScanGear Starter		
Canon Utilities CameraWindow	Canon Inc.	7.1.0.2
Canon Utilities CameraWindow DC	Canon Inc.	7.1.0.7
Canon Utilities CameraWindow DC_DV 5 for ZoomBrowser EX	Canon Inc.	5.4.5.17
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX	Canon Inc.	6.4.2.16
Canon Utilities Easy-PhotoPrint		
Canon Utilities EOS Utility	Canon Inc.	1.1.0.8
Canon Utilities MyCamera	Canon Inc.	6.4.0.5
Canon Utilities MyCamera DC	Canon Inc.	7.0.1.8
Canon Utilities PhotoStitch	Canon Inc.	3.1.21.45
Canon Utilities RemoteCapture Task for ZoomBrowser EX	Canon Inc.	1.7.1.9
Canon Utilities ZoomBrowser EX	Canon Inc.	6.1.0.20
Canon ZoomBrowser EX Memory Card Utility	Canon Inc.	1.1.0.8
CCleaner	Piriform	2.32
CD-LabelPrint		
CMAPSi	Drake	7.8.1.0
DAEMON Tools	DAEMON'S HOME	3.47.0
DivX	DivX, Inc.	6.2.2
DivX 4.12 Codec		
DivX Converter	DivX, Inc.	6.1.1
DivX Player	DivXNetworks, Inc.	6.2.0
DivX Web Player	DivX,Inc.	1.0.0
DVD Shrink 3.2 deutsch (DeCSS-frei)	DVD Shrink	
DVgate Plus		
Easy-WebPrint		
EDIROL FA-66 Driver		
Edirol HQ Orchestral v1.01		
EVEREST Home Edition v2.20	Lavalys Inc	2.20
Evrsoft First Page 2006	Evrsoft	
Excel-Jahreskalender 8.1	MSDatec	
GMX Internet Manager	GMX GmbH	2.1
Google Toolbar for Firefox	Google	7.0.20100326
Google Toolbar for Internet Explorer	Google Inc.	
HDAUDIO SoftV92 Data Fax Modem with SmartCP		
High Definition Audio Driver Package - KB835221	Microsoft Corporation	20040219.000000
HiJackThis	Trend Micro	1.0.0
IK Multimedia AmpliTube v1.3.1		
Intel(R) PROSet/Wireless Software	Intel Corporation	10.5.0.0 API
InterVideo WinDVD for VAIO	InterVideo Inc.	5.0-B11.731
InterVideo WinDVDX	InterVideo Inc.	
iTunes	Apple Computer, Inc.	6.0.1.3
J2SE Runtime Environment 5.0 Update 1	Sun Microsystems, Inc.	1.5.0.10
Jalbum	Jalbum AB	8.7.1
Java(TM) 6 Update 15	Sun Microsystems, Inc.	6.0.150
JDownloader	AppWork UG (haftungsbeschränkt)	0.89
Kate's Video Cutter	Web Solution Mart	4.4.0
M-Audio Series II MIDI		4.2.03
****
Macromedia Flash Player	Macromedia, Inc.	7.0.19.0
Malwarebytes' Anti-Malware	Malwarebytes Corporation	
MD Simple Burner 2.0.05		
Memory Stick Formatter		
Microsoft .NET Framework 2.0 Language Pack - DEU	Microsoft Corporation	
Microsoft .NET Framework 2.0 Service Pack 2	Microsoft Corporation	2.2.30729
Microsoft .NET Framework 3.0 Service Pack 2	Microsoft Corporation	3.2.30729
Microsoft .NET Framework 3.5 SP1	Microsoft Corporation	
Microsoft Office Standard Edition 2003	Microsoft Corporation	11.0.5614.0
Microsoft Visual C++ 2005 Redistributable	Microsoft Corporation	8.0.59193
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022	Microsoft Corporation	9.0.21022
Mozilla Firefox (3.6.3)	Mozilla	3.6.3 (de)
MSXML 4.0 SP2 (KB927978)	Microsoft Corporation	4.20.9841.0
MSXML 4.0 SP2 (KB936181)	Microsoft Corporation	4.20.9848.0
MSXML 4.0 SP2 (KB954430)	Microsoft Corporation	4.20.9870.0
MSXML 4.0 SP2 (KB973688)	Microsoft Corporation	4.20.9876.0
mxGUI	Lawo AG	1.00.0000
mymoments	ONE DIRECT GmbH	2.0.14.0
****
****		
****
****
****	
NCH Toolbox	NCH Software	
Nokia Connectivity Cable Driver	Nokia	1.00.141
****
Nvu 1.0	Thorsten Fritz	1.0
OmniPage SE	ScanSoft, Inc.	2.00.0004
OpenMG Limited Patch 4.1-05-13-31-01		
OpenMG Secure Module 4.1.00	Sony Corporation	4.1.00.13261
Palm Desktop		
PictureGear Studio 2.0		
PocketMirror 2.0 für Outlook		
Prism Video Converter	NCH Software	
****
QuickTime	Apple Inc.	7.55.90.70
****	
RealPlayer		
Realtek High Definition Audio Driver		
RME Hammerfall DSP (WDM)	RME Intelligent Audio Solutions	3.0.7.5
SA25x0 & SA26x0 Device Manager	Philips	01.01.00.1015
SAMSUNG CDMA Modem Driver Set		
SAMSUNG Mobile Composite Device Software		
Samsung Mobile phone USB driver Software		
SAMSUNG Mobile USB Modem 1.0 Software		
SAMSUNG Mobile USB Modem Software		
Samsung Music Studio		
Samsung PC Studio	Samsung Electronics Co., Ltd.	3.2.3.90502
Samsung PC Studio 3 USB Driver Installer	Samsung Electronics Co., Ltd.	1.00.0000
Samsung Samples Installer	Samsung Electronics Co., Ltd.	1.00.0000
Security Task Manager 1.7h	Neuber GmbH	1.7h
Setting Utility Series		
Sonic RecordNow!	Sonic Solutions	7.30
SonicStage 3.0	Sony Corporation	3.0
SonicStage Mastering Studio 1.4		
SonicStage Mastering Studio Audio Filter		
SonicStage Mastering Studio Audio Filter Custom Preset		
SonicStage Mastering Studio Plugins		
Sony MP4 Shared Library	Sony Corporation	1.1
Sony USB Mouse		
Sony Utilities DLL		
Sony Video Shared Library	Sony Corporation	2.0.01
****		
Sparwelt.de Gutschein Alarm	Sparwelt.de	1.0.0
SpeedSoft Virtual Sampler		
Spelling Dictionaries Support For Adobe Reader 9	Adobe Systems Incorporated	9.0.0
****
****
StereoTool	Flux:: sound and picture development	2.0.10.995
Steuer-Spar-Erklärung 2009	Akademische Arbeitsgemeinschaft Verlag	14.10.0000
Steuer-Spar-Erklärung 2010	Akademische Arbeitsgemeinschaft Verlag	15.11
Sun xVM VirtualBox	Sun Microsystems, Inc.	2.2.4
SyncroSoft Emu (Remove only)		
Syncrosofts Lizenz Kontrolle	Syncrosoft Hard- und Software GmbH	
****	
The Playa		
Timeworks Millenium Pack		
Timeworks ReverbX		
TweakNow PowerPack 2010	TweakNow.com	2.0.0
VAIO Control Center		
VAIO Edit Components	Sony Corporation	5.0.01
VAIO Event Service	Sony Corporation	2.1.00.14030
VAIO Power Management	Sony Corporation	1.6.01.14010
VAIO Product Survey	Sony Corporation	1.1.2.0
VAIO Update 4	Sony Corporation	4.0.0.08240
VAIO-Online-Registrierung (Deutsch)	Sony Corporation	4.5.1.0
VideoPad Video Editor	NCH Software	
VLC media player 0.9.8a	VideoLAN Team	0.9.8a
VUPlayer		
Windows Internet Explorer 8	Microsoft Corporation	20090308.140743
Windows XP Service Pack 3	Microsoft Corporation	20080414.031514
Wireless LAN Starter		
WordBuilder	East West	1.1.21
         
Malwarebytes: Log 1 (quickscan):
Code:
ATTFilter
 Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 4182

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

09.06.2010 15:38:45
mbam-log-2010-06-09 (15-38-45).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 127219
Laufzeit: 4 Stunde(n), 26 Minute(n), 26 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 1
Infizierte Verzeichnisse: 0
Infizierte Dateien: 1

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\CheckedValue (Hijack.System.Hidden) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
C:\Dokumente und Einstellungen\****\Anwendungsdaten\avdrn.dat (Malware.Trace) -> Quarantined and deleted successfully.
         
log 2: (complete scan)

Code:
ATTFilter
 Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 4182

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

09.06.2010 20:14:50
mbam-log-2010-06-09 (20-14-50).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 237394
Laufzeit: 50 Minute(n), 16 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 9

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
C:\Programme\Antares\AutoTuneDX\Antares Autotune DX Uninstall\UNWISE.EXE (Malware.Packer.Morphine) -> Quarantined and deleted successfully.
C:\Programme\Antares\MicModDX\Uninstall\UNWISE.EXE (Malware.Packer.Morphine) -> Quarantined and deleted successfully.
C:\Programme\Antares\Uninstall\UNWISE.EXE (Malware.Packer.Morphine) -> Quarantined and deleted successfully.
C:\Programme\****\****\UNWISE.EXE (Malware.Packer.Morphine) -> Quarantined and deleted successfully.
C:\Programme\Steinberg\Cubase SX 3\UNWISE.EXE (Malware.Packer.Morphine) -> Quarantined and deleted successfully.
C:\Programme\Steinberg\VstPlugins\Guitar Amp\Nomad Factory RAL\UNWISE.EXE (Malware.Packer.Morphine) -> Quarantined and deleted successfully.
C:\Programme\Steinberg\VstPlugins\Nomad Factory\Blue Tubes Bundle\Nomad Factory Blue Tubes Bundle Uninstall\UNWISE.EXE (Malware.Packer.Morphine) -> Quarantined and deleted successfully.
C:\Programme\****\****\UNWISE.EXE (Malware.Packer.Morphine) -> Quarantined and deleted successfully.
D:\Programme\Guitar Rig\UNWISE.EXE (Malware.Packer.Morphine) -> Quarantined and deleted successfully.
         
RSIT: info:
Code:
ATTFilter
 info.txt logfile of random's system information tool 1.06 2010-06-11 13:16:24

======Uninstall list======

-->C:\Programme\DivX\ConverterUninstall.exe /CONVERTER
-->C:\Programme\Gemeinsame Dateien\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->C:\WINDOWS\IsUn0407.exe -fC:\WINDOWS\orun32.isu
-->C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\system32\UninstIPP.isu
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19}
-->Dummy
-->MsiExec.exe /I{5B782FFA-6A95-480D-8E0A-0954A14693D6}
-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{88E5FCB8-5F25-11D5-B16F-0800460222F0}\setup.exe" -l0x7 UNINSTALL
-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{D76298C2-E532-4A11-BCFF-76F3F19DA84D}\setup.exe" UNINSTALL
-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{FD836E74-7923-4174-A055-F97CD0F3BB46}\Setup.exe" -l0x7 
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
7-Zip 4.65-->"D:\Programme\7-Zip\Uninstall.exe"
AAVUpdateManager-->MsiExec.exe /X{DF6FE172-006A-4324-AF7F-ACFE4BA290FE}
Acrobat Elements 6.0 - Deutsch-->MsiExec.exe /I{E5E6E687-1031-BA7E-6000-000000000001}
Addictive Drums-->C:\WINDOWS\unvise32.exe d:\programme\Addictive Drums\uninstal.log
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Photoshop Elements 3.0-->MsiExec.exe /I{851C67EF-068A-4060-9EF5-2E3DDCD68382}
Adobe Premiere Standard-->RunDll32 "C:\Programme\Gemeinsame Dateien\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll",LaunchSetup "C:\Programme\InstallShield Installation Information\{7998F67D-655B-42E3-B651-18D96DD17268}\setup.exe"
Adobe Reader 9.3.2 - Deutsch-->MsiExec.exe /I{AC76BA86-7AD7-1031-7B44-A93000000001}
AlphaTrack Driver 1.1.0-->"C:\Programme\AlphaTrack\unins000.exe"
Antares Kantos v1.0-->C:\PROGRA~1\Antares\kantos\UNINST~1\UNWISE.EXE C:\PROGRA~1\Antares\kantos\UNINST~1\INSTALL.LOG
Antares Tube v1.0-->C:\PROGRA~1\Antares\TUBEUN~1\UNWISE.EXE C:\PROGRA~1\Antares\TUBEUN~1\INSTALL.LOG
Any Video Converter 3.0.3-->"C:\Programme\AnvSoft\Any Video Converter\unins000.exe"
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
ATI - Dienstprogramm zur Deinstallation der Software-->C:\Programme\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Control Panel-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe" 
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
ATK0100 ACPI UTILITY-->C:\WINDOWS\ATK0100\XPunin.exe
AVG Free 9.0-->C:\Programme\AVG\AVG9\setup.exe /UNINSTALL
Avidemux 2.5-->C:\Programme\Avidemux 2.5\uninstall.exe
BitterSweetII-->MsiExec.exe /I{693FCE0D-AB7E-47BD-95F9-7DBD94F728F8}
Canon Camera Access Library-->"C:\Programme\Gemeinsame Dateien\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Programme\Canon\CAL\Uninst.ini"
Canon Camera Support Core Library-->"C:\Programme\Gemeinsame Dateien\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Programme\Canon\CSCLIB\Uninst.ini"
Canon G.726 WMP-Decoder-->"C:\Programme\Gemeinsame Dateien\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Programme\Canon\G726Decoder\G726DecUnInstall.ini"
CANON iMAGE GATEWAY Task for ZoomBrowser EX-->"C:\Programme\Gemeinsame Dateien\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Programme\Canon\ZoomBrowser EX\Program\CRWUnInstall.ini"
Canon Internet Library for ZoomBrowser EX-->"C:\Programme\Gemeinsame Dateien\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Programme\Canon\ZoomBrowser EX\Program\CIGUnInstall.ini"
Canon IXY 320, PowerShot S230, IXUS v3 WIA-Treiber-->C:\PROGRA~1\GEMEIN~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{E1CDCB03-A90F-4A74-BE8C-CD3AF43190CA} 
Canon MovieEdit Task for ZoomBrowser EX-->"C:\Programme\Gemeinsame Dateien\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Programme\Canon\ZoomBrowser EX\Program\MVWUninst.ini"
Canon MP Drivers 6.0-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{3FF3DD04-F386-46B0-97FC-B86238B65487}\Setup.exe" -l0x9 -Uninstall
Canon MP Navigator 1.0-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{109AB81D-9732-40B3-9C1F-113A86CE6F93}\setup.exe"  /SUUninstall
Canon RAW Image Task for ZoomBrowser EX-->"C:\Programme\Gemeinsame Dateien\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Programme\Canon\RAW Image Task\Uninst.ini"
Canon ScanGear Starter-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{18A5DFF2-8A95-49F3-873F-743CB5549F3D}\setup.exe" -l0x9 anything
Canon Utilities CameraWindow DC_DV 5 for ZoomBrowser EX-->"C:\Programme\Gemeinsame Dateien\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Programme\Canon\CameraWindow\CameraWindowDVC\Uninst.ini"
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX-->"C:\Programme\Gemeinsame Dateien\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Programme\Canon\CameraWindow\CameraWindowDVC6\Uninst.ini"
Canon Utilities CameraWindow DC-->"C:\Programme\Gemeinsame Dateien\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Programme\Canon\CameraWindow\CameraWindowDC\Uninst.ini"
Canon Utilities CameraWindow-->"C:\Programme\Gemeinsame Dateien\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Programme\Canon\CameraWindow\CameraWindowLauncher\Uninst.ini"
Canon Utilities Easy-PhotoPrint-->C:\Programme\Canon\Easy-PhotoPrint\uninst.exe C:\Programme\Canon\Easy-PhotoPrint\uninst.ini
Canon Utilities EOS Utility-->"C:\Programme\Gemeinsame Dateien\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Programme\Canon\EOS Utility\Uninst.ini"
Canon Utilities MyCamera DC-->"C:\Programme\Gemeinsame Dateien\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Programme\Canon\CameraWindow\MyCameraDC\Uninst.ini"
Canon Utilities MyCamera-->"C:\Programme\Gemeinsame Dateien\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Programme\Canon\CameraWindow\MyCamera\Uninst.ini"
Canon Utilities PhotoStitch-->"C:\Programme\Gemeinsame Dateien\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Programme\Canon\PhotoStitch\Uninst.ini"
Canon Utilities RemoteCapture Task for ZoomBrowser EX-->"C:\Programme\Gemeinsame Dateien\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Programme\Canon\CameraWindow\RemoteCaptureTask DC\Uninst.ini"
Canon Utilities ZoomBrowser EX-->"C:\Programme\Gemeinsame Dateien\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Programme\Canon\ZoomBrowser EX\Program\Uninst.ini"
Canon ZoomBrowser EX Memory Card Utility-->"C:\Programme\Gemeinsame Dateien\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Programme\Canon\ZoomBrowser EX MCU\Uninst.ini"
CCleaner-->"C:\Programme\CCleaner\uninst.exe"
CD-LabelPrint-->"C:\Programme\Canon\CD-LabelPrint\Uninstal.exe" Canon.CDLabelPrint.Application
CMAPSi-->MsiExec.exe /I{F93F4F75-0BEA-40B2-88EA-B9C12718C3FF}
DAEMON Tools-->MsiExec.exe /I{3DED3A72-61A8-4B87-98A5-EF0BC8038AA0}
DivX 4.12 Codec-->"C:\Programme\DivXCodec\uninstall.exe"
DivX Converter-->C:\Programme\DivX\ConverterUninstall.exe /CONVERTER
DivX Player-->C:\Programme\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player-->C:\Programme\DivX\DivXWebPlayerUninstall.exe /PLUGIN
DivX-->C:\Programme\DivX\DivXCodecUninstall.exe /CODEC
DVD Shrink 3.2 deutsch (DeCSS-frei)-->"D:\Programme\DVD Shrink DE\unins000.exe"
DVgate Plus-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{685BCC47-B8EC-45EC-BBCE-77DF2451502C}\Setup.exe" -l0x7 
Easy-WebPrint-->C:\WINDOWS\IsUninst.exe -fC:\Programme\Canon\Easy-WebPrint\Uninst.isu
EDIROL FA-66 Driver-->C:\Programme\EDIROL\FA-66\uninst.exe Software\EDIROL\FA-66\Setup
Edirol HQ Orchestral v1.01-->C:\PROGRA~1\EDIROL\ORCHES~1\UNWISE.EXE C:\PROGRA~1\EDIROL\ORCHES~1\INSTALL.LOG
EVEREST Home Edition v2.20-->"D:\Programme\EVEREST Home Edition\unins000.exe"
Evrsoft First Page 2006-->"D:\Programme\Evrsoft First Page 2006\unins000.exe"
Excel-Jahreskalender 8.1-->C:\Programme\MSDatec\Jahreskalender\unins000.exe
GMX Internet Manager-->C:\PROGRA~1\GMXPRO~1\GMXINT~1\UNWISE.EXE C:\PROGRA~1\GMXPRO~1\GMXINT~1\INSTALL.LOG
Google Toolbar for Firefox-->MsiExec.exe /X{2CCBABCB-6427-4A55-B091-49864623C43F}
Google Toolbar for Internet Explorer-->"C:\Programme\Google\Google Toolbar\Component\GoogleToolbarManager_E85CDE7661A53A6A.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
HDAUDIO SoftV92 Data Fax Modem with SmartCP-->C:\Programme\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_20030003\HXFSETUP.EXE -U -IHDAUDIO\FUNC_02&VEN_14F1&DEV_2BFA&SUBSYS_20030003
High Definition Audio Driver Package - KB835221-->C:\WINDOWS\$NtUninstallKB835221WXP$\spuninst\spuninst.exe
HiJackThis-->MsiExec.exe /X{45A66726-69BC-466B-A7A4-12FCBA4883D7}
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall  /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Hotfix für Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Hotfix für Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Hotfix für Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
Hotfix für Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"
Hotfix für Windows XP (KB976098-v2)-->"C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe"
Hotfix für Windows XP (KB979306)-->"C:\WINDOWS\$NtUninstallKB979306$\spuninst\spuninst.exe"
Hotfix für Windows XP (KB981793)-->"C:\WINDOWS\$NtUninstallKB981793$\spuninst\spuninst.exe"
IK Multimedia AmpliTube v1.3.1-->D:\PROGRA~1\AMPLIT~1\UNWISE.EXE D:\PROGRA~1\AMPLIT~1\INSTALL.LOG
Intel(R) PROSet/Wireless Software-->C:\WINDOWS\Installer\iProInst.exe
InterVideo WinDVD for VAIO-->"C:\Programme\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL
InterVideo WinDVDX-->"C:\Programme\InstallShield Installation Information\{1A91D1FA-B9B3-4556-9878-5C61059A19B2}\setup.exe" REMOVEALL
iTunes-->C:\PROGRA~1\GEMEIN~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{872653C6-5DDC-488B-B7C2-CF9E4D9335E5} /l1031 
J2SE Runtime Environment 5.0 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150010}
Jalbum-->MsiExec.exe /I{3CE780C5-45FC-429C-A0C8-77E961E480B6}
Java(TM) 6 Update 15-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216015FF}
JDownloader-->C:\Programme\JDownloader\uninstall.exe
Kate's Video Cutter-->"C:\Programme\Kate's Video Cutter\unins000.exe"
****-->C:\WINDOWS\IsUn0407.exe -f"C:\Programme\****\****\Uninst.isu"
Macromedia Flash Player-->MsiExec.exe /X{27579b3c-5470-4496-be6c-0c872674f19f}
Malwarebytes' Anti-Malware-->"C:\Programme\Malwarebytes' Anti-Malware\unins000.exe"
M-Audio Series II MIDI-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{379BD39E-F13E-458F-96D8-56BD7F2CC516}\setup.exe" -l0x9  -removeonly
mCore-->MsiExec.exe /I{E81667C6-2856-46D6-ABEA-6A2F42166779}
MD Simple Burner 2.0.05-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{47E09785-B2FB-11D5-B8EE-00B0D0D26B88}\setup.exe" -l0x7 UNINSTALL
mDriver-->MsiExec.exe /I{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}
Memory Stick Formatter-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{27337663-2619-11D4-99DC-0000F49094C7}\Setup.exe" -l0x7 /UNINSTALL
Microsoft .NET Framework 2.0 Language Pack - DEU-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - DEU\install.exe
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Standard Edition 2003-->MsiExec.exe /I{91120407-6000-11D3-8CFE-0150048383C9}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
mMHouse-->MsiExec.exe /I{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}
Mozilla Firefox (3.6.3)-->C:\Programme\Mozilla Firefox\uninstall\helper.exe
mPfMgr-->MsiExec.exe /I{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}
mProSafe-->MsiExec.exe /I{23FB368F-1399-4EAC-817C-4B83ECBE3D83}
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
mWlsSafe-->MsiExec.exe /I{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}
mxGUI-->MsiExec.exe /I{054547B2-D1EC-48E7-BFAB-9EEA8E8B8B4F}
mXML-->MsiExec.exe /I{9CC89556-3578-48DD-8408-04E66EBEF401}
N.I. Kontakt v2.1.1-->C:\Programme\Native Instruments\Kontakt 2\uninstall.exe
**-->C:\PROGRA~1\NATIVE~1\ABSYNT~1\UNWISE.EXE C:\PROGRA~1\NATIVE~1\ABSYNT~1\INSTALL.LOG
**-->C:\PROGRA~1\NATIVE~1\Battery\UNWISE.EXE C:\PROGRA~1\NATIVE~1\Battery\INSTALL.LOG
**-->C:\PROGRA~1\NATIVE~1\Kompakt\UNWISE.EXE C:\PROGRA~1\NATIVE~1\Kompakt\INSTALL.LOG
**-->"C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{A518DCBE-06AD-461B-8F2E-C53AA3525C15}\Kontakt 4 Setup PC.exe" REMOVE=TRUE MODIFY=FALSE
**-->C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{1D27CD5F-93BB-4968-A5F1-E87D998A9554}\Kontakt 4 Setup PC.exe
**-->C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{A518DCBE-06AD-461B-8F2E-C53AA3525C15}\Kontakt 4 Setup PC.exe
NCH Toolbox-->C:\Programme\NCH Swift Sound\ToolBox\uninst.exe
Nokia Connectivity Cable Driver-->C:\PROGRA~1\GEMEIN~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{3ECED7D1-E469-4BC6-8A93-5CB0FFE5EBF5} /l1031 
Nomad Factory Liquid Bundle VST v1.6-->C:\PROGRA~1\STEINB~1\VSTPLU~1\NOMADF~1\LIQUID~1\UNWISE.EXE C:\PROGRA~1\STEINB~1\VSTPLU~1\NOMADF~1\LIQUID~1\INSTALL.LOG
Nvu 1.0-->D:\Programme\Nvu\unins000.exe
OmniPage SE 2.0-->MsiExec.exe /I{79D5997E-BF79-48BB-8B41-9BE59C15C2D7}
OpenMG Limited Patch 4.1-05-13-31-01-->C:\Programme\Gemeinsame Dateien\Sony Shared\OpenMG\HotFixes\HotFix4.1-05-13-31-01\HotFixSetup\setup.exe /u
OpenMG Secure Module 4.1.00-->C:\PROGRA~1\GEMEIN~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{2F151B50-B434-4838-B51D-70442EBA093E} UNINSTALL
PictureGear Studio 2.0-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{88DA0A52-3372-4803-971A-ADFB961707E8}\Setup.exe" 
Prism Video Converter-->C:\Programme\NCH Software\Prism\uninst.exe
**-->C:\PROGRA~1\PSP84~1\UNWISE.EXE C:\PROGRA~1\PSP84~1\INSTALL.LOG
**-->C:\PROGRA~1\PSPAUD~1\MasterQ\UNWISE.EXE C:\PROGRA~1\PSPAUD~1\MasterQ\INSTALL.LOG
**-->C:\WINDOWS\iun506.exe C:\Programme\PSPaudioware.com\PSP StereoPack\irunin.ini
**-->C:\PROGRA~1\PSPVIN~1\UNWISE.EXE C:\PROGRA~1\PSPVIN~1\INSTALL.LOG
QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB}
**-->C:\PROGRA~1\NATIVE~1\REAKTO~1\Library\ENSEMB~1\NIUSER~1\UNWISE.EXE C:\PROGRA~1\NATIVE~1\REAKTO~1\Library\ENSEMB~1\NIUSER~1\INSTALL.LOG
RealPlayer-->C:\Programme\Gemeinsame Dateien\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" REMOVE
RME Hammerfall DSP (WDM)-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\system32\hdsp.inf
SA25x0 & SA26x0 Device Manager-->C:\Programme\InstallShield Installation Information\{0AD8AA88-0DE9-4065-A35E-529EB576A507}\setup.exe -runfromtemp -l0x0007 -removeonly
SAMSUNG CDMA Modem Driver Set-->C:\WINDOWS\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
SAMSUNG Mobile Composite Device Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\6\SSBCUninstall.exe
Samsung Mobile phone USB driver Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\5\SSSDUninstall.exe
SAMSUNG Mobile USB Modem 1.0 Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe
SAMSUNG Mobile USB Modem Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe
Samsung Music Studio-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{1EC4CE9D-EAEE-4DA1-AB8D-9E6B7FED6742}\Setup.exe" -l0x9 
Samsung PC Studio 3 USB Driver Installer-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}\setup.exe" -l0x7  -removeonly
Samsung PC Studio-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{C4A4722E-79F9-417C-BD72-8D359A090C97}\setup.exe" -l0x7  -removeonly
Samsung Samples Installer-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{7AC15160-A49B-4A89-B181-D4619C025FFF}\setup.exe" -l0x7  -removeonly
Security Task Manager 1.7h-->C:\Programme\Security Task Manager\Uninstal.exe "C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Security Task Manager"
Setting Utility Series-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{59452470-A902-477F-9338-9B88101681BD}\Setup.exe" -l0x7 
Sicherheitsupdate für Step by Step Interactive Training (KB898458)-->"C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Sicherheitsupdate für Step by Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB928090)-->"C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB929969)-->"C:\WINDOWS\ie7updates\KB929969\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB931768)-->"C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB933566)-->"C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB969897)-->"C:\WINDOWS\ie7updates\KB969897-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 8 (KB969897)-->"C:\WINDOWS\ie8updates\KB969897-IE8\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 8 (KB972260)-->"C:\WINDOWS\ie8updates\KB972260-IE8\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 8 (KB974455)-->"C:\WINDOWS\ie8updates\KB974455-IE8\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 8 (KB976325)-->"C:\WINDOWS\ie8updates\KB976325-IE8\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 8 (KB978207)-->"C:\WINDOWS\ie8updates\KB978207-IE8\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 8 (KB981332)-->"C:\WINDOWS\ie8updates\KB981332-IE8\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Media Player (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Media Player 10 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Media Player 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Media Player 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB971468)-->"C:\WINDOWS\$NtUninstallKB971468$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB975560)-->"C:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB975561)-->"C:\WINDOWS\$NtUninstallKB975561$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB975713)-->"C:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB977165)-->"C:\WINDOWS\$NtUninstallKB977165$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB977816)-->"C:\WINDOWS\$NtUninstallKB977816$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB977914)-->"C:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB978037)-->"C:\WINDOWS\$NtUninstallKB978037$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB978251)-->"C:\WINDOWS\$NtUninstallKB978251$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB978262)-->"C:\WINDOWS\$NtUninstallKB978262$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB978338)-->"C:\WINDOWS\$NtUninstallKB978338$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB978542)-->"C:\WINDOWS\$NtUninstallKB978542$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB978601)-->"C:\WINDOWS\$NtUninstallKB978601$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB978706)-->"C:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB979309)-->"C:\WINDOWS\$NtUninstallKB979309$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB979683)-->"C:\WINDOWS\$NtUninstallKB979683$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB980232)-->"C:\WINDOWS\$NtUninstallKB980232$\spuninst\spuninst.exe"
Sonic RecordNow!-->MsiExec.exe /I{9541FED0-327F-4DF0-8B96-EF57EF622F19}
SonicStage 3.0-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{A0EB195B-5876-48E6-879D-33D4B2102610}\setup.exe" -l0x7 UNINSTALL -removeonly
SonicStage Mastering Studio 1.4-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{BF3B304B-8A18-452D-A19F-6012CA8418D7}\Setup.exe" -l0x7 
SonicStage Mastering Studio Audio Filter Custom Preset-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{013E1BA8-C815-4E27-BCB9-D6B1B2E24094}\Setup.exe" -l0x7 
SonicStage Mastering Studio Audio Filter-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{AB467B85-4F52-48C2-AEED-0673D00417B0}\Setup.exe" -l0x7 
SonicStage Mastering Studio Plugins-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{EE7EB179-5AA2-4B28-AC92-5CBAAF82BA7F}\Setup.exe" -l0x7 
Sony MP4 Shared Library-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}\setup.exe" -l0x7  -removeonly
Sony USB Mouse-->PMUninst.exe MouseSuite98
Sony Utilities DLL-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{EF3D45BB-2260-4008-88EA-492E7744A9DF}\Setup.exe" -l0x9 
Sony Video Shared Library-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{BE56FEF0-1A0F-4719-B3AD-34B5087AFA6D}\setup.exe" -l0x7  -removeonly
**-->"C:\Programme\Soulseek\uninstall.exe"
Sparwelt.de Gutschein Alarm-->MsiExec.exe /I{5943B7F7-678B-477E-9AEE-6E4C6962322B}
SpeedSoft Virtual Sampler-->C:\Programme\VSampler\bin\UnInstall.exe
Spelling Dictionaries Support For Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-900000000004}
**-->C:\Programme\Spin Audio\Common\uninst.exe "3DChorus"
**-->C:\Programme\Spin Audio\Common\uninst.exe "3DDelays"
**-->C:\Programme\Spin Audio\Common\uninst.exe "3DPanner Motion Effects"
**-->C:\Programme\Spin Audio\Common\3dpsunin.exe
**-->C:\Programme\Spin Audio\Common\uninst.exe "FX Designer"
**-->C:\Programme\Spin Audio\Common\uninst.exe "RoomVerb M2 2.0"
** -->C:\Programme\Spin Audio\Common\uninst.exe "SpinDelay"
**-->C:\PROGRA~1\STEINB~1\VSTPLU~1\Vsti\THEGRA~1\UNINST~1.EXE C:\PROGRA~1\STEINB~1\VSTPLU~1\Vsti\THEGRA~1\INSTALL.LOG
StereoTool-->MsiExec.exe /I{4E894A9A-4391-4D88-A473-43F1393312F2}
Steuer-Spar-Erklärung 2009-->MsiExec.exe /X{32E00E5E-22B1-4D5A-9DC2-CD75E087A5E6}
Steuer-Spar-Erklärung 2010-->MsiExec.exe /I{D8E1DFEE-622B-46BA-AEFF-AB7E541C0B21}
Sun xVM VirtualBox-->MsiExec.exe /I{2957CEA5-B558-49EF-AD3A-7B59C13C3AD1}
SyncroSoft Emu (Remove only)-->C:\Programme\SyncroSoft\Pos\H2O\Uninst.exe
Syncrosofts Lizenz Kontrolle-->C:\PROGRA~1\SYNCRO~1\UNWISE.EXE C:\PROGRA~1\SYNCRO~1\INSTALL.LOG
**-->C:\PROGRA~1\TCNATI~1\UNWISE.EXE C:\PROGRA~1\TCNATI~1\INSTALL.LOG
The Playa-->"C:\Programme\The Playa\uninstall.exe"
**-->D:\PROGRA~1\TIMEWO~1\UNWISE.EXE D:\PROGRA~1\TIMEWO~1\INSTALL.LOG
**-->D:\PROGRA~1\ReverbX\UNWISE.EXE D:\PROGRA~1\ReverbX\INSTALL.LOG
TweakNow PowerPack 2010-->"C:\Programme\TweakNow PowerPack 2010\unins000.exe"
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update für Windows Internet Explorer 8 (KB971180)-->"C:\WINDOWS\ie8updates\KB971180-IE8\spuninst\spuninst.exe"
Update für Windows Internet Explorer 8 (KB976662)-->"C:\WINDOWS\ie8updates\KB976662-IE8\spuninst\spuninst.exe"
Update für Windows Internet Explorer 8 (KB976749)-->"C:\WINDOWS\ie8updates\KB976749-IE8\spuninst\spuninst.exe"
Update für Windows Internet Explorer 8 (KB980182)-->"C:\WINDOWS\ie8updates\KB980182-IE8\spuninst\spuninst.exe"
Update für Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Update für Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Update für Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe"
Update für Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Update für Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Update für Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
Update für Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe"
Update für Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe"
Update für Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
VAIO Control Center-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{FC37C108-821D-4EDE-8F40-D5B497586805}\Setup.exe" -l0x7 
VAIO Edit Components-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{01AE599F-7B72-4135-8C56-9191F4ACBA88}\setup.exe" -l0x7  -removeonly
VAIO Event Service-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{F0D85ADD-DD61-4B43-87A0-6DA52A211A8B}\Setup.exe" -l0x7 
VAIO Power Management-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{9E319E96-ED8E-4B01-9775-C521A1869A25}\Setup.exe" -l0x7 
VAIO Product Survey-->C:\Programme\Gemeinsame Dateien\InstallShield\Driver\8\Intel 32\IDriver.exe /M{9080C5D2-82FA-452A-87FA-CBB4B05D67A5} /l1031 
VAIO Update 4-->"C:\Programme\InstallShield Installation Information\{83CDA18E-0BF3-4ACA-872C-B4CDABF2360E}\setup.exe" -runfromtemp -l0x0007 -removeonly
VAIO-Online-Registrierung (Deutsch)-->C:\Programme\Gemeinsame Dateien\InstallShield\Driver\8\Intel 32\IDriver.exe /M{668B1BD6-4593-4959-970E-249AFFE6F35C} /l1031 
VideoPad Video Editor-->C:\Programme\NCH Software\VideoPad\uninst.exe
VLC media player 0.9.8a-->C:\Programme\VideoLAN\VLC\uninstall.exe
VUPlayer-->"C:\Programme\VUPlayer\Uninstall.exe"
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Media Format Runtime-->"C:\Programme\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Player 10-->"C:\Programme\Windows Media Player\Setup_wm.exe" /Uninstall
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
Wireless LAN Starter-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{61D6E4FB-1A62-4EB1-BE56-929B00C155CF}\Setup.exe" -l0x7 
WordBuilder-->MsiExec.exe /I{B7DAD844-34CD-456B-83CC-88065323DD69}

======Security center information======

AV: AVG Anti-Virus Free (disabled)

======System event log======

Computer Name: ****
Event Code: 19
Message: Installation erfolgreich: Das folgende Update wurde installiert. Sicherheitsupdate für Windows XP (KB981332)

Record Number: 72498
Source Name: Windows Update Agent
Time Written: 20100414104413.000000+060
Event Type: Informationen
User: 

Computer Name: ****
Event Code: 4377
Message: Windows XP, Hotfix KB981332-IE8 wurde installiert.

Record Number: 72497
Source Name: NtServicePack
Time Written: 20100414104413.000000+060
Event Type: Informationen
User: NT-AUTORITÄT\SYSTEM

Computer Name: ****
Event Code: 19
Message: Installation erfolgreich: Das folgende Update wurde installiert. Sicherheitsupdate für Windows XP (KB979309)

Record Number: 72496
Source Name: Windows Update Agent
Time Written: 20100414104407.000000+060
Event Type: Informationen
User: 

Computer Name: ****
Event Code: 4377
Message: Windows XP, Hotfix KB979309 wurde installiert.

Record Number: 72495
Source Name: NtServicePack
Time Written: 20100414104407.000000+060
Event Type: Informationen
User: NT-AUTORITÄT\SYSTEM

Computer Name: ****
Event Code: 7036
Message: Dienst "Ati HotKey Poller" befindet sich jetzt im Status "Beendet".

Record Number: 72494
Source Name: Service Control Manager
Time Written: 20100414104254.000000+060
Event Type: Informationen
User: 

=====Application event log=====

Computer Name: ****
Event Code: 0
Message: 
Record Number: 931
Source Name: VAIO Event Service
Time Written: 20090825145937.000000+060
Event Type: Informationen
User: 

Computer Name: ****
Event Code: 0
Message: 
Record Number: 930
Source Name: RegSrvc
Time Written: 20090825145927.000000+060
Event Type: Informationen
User: 

Computer Name: ****
Event Code: 2570
Message: Der Adobe Active File-Monitor-Service wurde gestartet.

Record Number: 929
Source Name: Adobe Active File Monitor
Time Written: 20090825145925.000000+060
Event Type: 
User: 

Computer Name: ****
Event Code: 0
Message: 
Record Number: 928
Source Name: EvtEng
Time Written: 20090825145910.000000+060
Event Type: Informationen
User: 

Computer Name: ****
Event Code: 0
Message: 
Record Number: 927
Source Name: gusvc
Time Written: 20090825084957.000000+060
Event Type: Informationen
User: 

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Programme\ATI Technologies\ATI Control Panel;C:\Programme\Intel\Wireless\Bin\;C:\Programme\Microsoft SQL Server\80\Tools\Binn\;C:\Programme\Samsung\Samsung PC Studio 3\;C:\Programme\QuickTime\QTSystem\;C:\Programme\Intel\Wireless\Bin\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 13 Stepping 8, GenuineIntel
"PROCESSOR_REVISION"=0d08
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Programme\Java\jre1.5.0_01\lib\ext\QTJava.zip
"QTJAVA"=C:\Programme\Java\jre1.5.0_01\lib\ext\QTJava.zip

-----------------EOF-----------------
         

Alt 11.06.2010, 15:00   #2
Msmg
 
svchost.exe macht 100% Systemauslastung bei Internetverbindung - Beitrag

svchost.exe macht 100% Systemauslastung bei Internetverbindung



So, hier noch der RSIT-log:

RSIT Logfile:
Code:
ATTFilter
Logfile of random's system information tool 1.07 (written by random/random)
Run by Paddy at 2010-06-11 13:16:21
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 11 GB (39%) free of 29 GB
Total RAM: 2047 MB (74% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\Low Battery Alarm Program.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2010-04-04 61888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10945114-b19f-4614-8450-b25e444a1020}]
SparweltGutscheinAlarm.Sparwelt_Gutschein_Tool - C:\WINDOWS\system32\mscoree.dll [2008-07-25 282112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Programme\AVG\AVG9\avgssie.dll [2010-06-03 1615200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
AVG Security Toolbar BHO - C:\Programme\AVG\AVG9\Toolbar\IEToolbar.dll [2010-04-19 2117704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll [2010-02-25 279664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Programme\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll [2010-02-25 812528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B96137B6-8596-4837-811C-7209AD5B27ED}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Programme\Java\jre6\bin\jp2ssv.dll [2010-04-07 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-04-07 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - C:\Programme\Canon\Easy-WebPrint\Toolband.dll [2004-08-26 405504]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - AVG Security Toolbar - C:\Programme\AVG\AVG9\Toolbar\IEToolbar.dll [2010-04-19 2117704]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll [2010-02-25 279664]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Hcontrol"=C:\WINDOWS\ATK0100\Hcontrol.exe [2004-07-19 61440]
"Apoint"=C:\Programme\Apoint\Apoint.exe [2003-11-07 114688]
"ATIPTA"=C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe [2005-02-01 339968]
"AzMixerSel"=C:\Programme\Realtek\InstallShield\AzMixerSel.exe [2005-02-14 53248]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"Mouse Suite 98 Daemon"=C:\WINDOWS\system32\ICO.EXE [2002-03-14 45056]
"SonyPowerCfg"=C:\Programme\Sony\VAIO Power Management\SPMgr.exe [2005-01-14 184320]
"ISBMgr.exe"=C:\Programme\Sony\ISB Utility\ISBMgr.exe [2004-02-20 32768]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-02-21 69632]
"QuickTime Task"=C:\Programme\QuickTime\qttask.exe [2008-09-06 413696]
"H2O"=C:\Programme\SyncroSoft\Pos\H2O\cledx.exe [2005-05-11 200069]
"StartAlphaTrackApplet"=C:\WINDOWS\system32\AlphaTrackApplet.exe [2006-12-18 413696]
"HDSPTray1"=C:\WINDOWS\system32\hdsp32.exe [2009-02-25 376320]
"HDSPTray2"=C:\WINDOWS\system32\hdspmix.exe [2009-02-25 364544]
"Adobe Reader Speed Launcher"=D:\Programme\Adobe\Reader\Reader_sl.exe [2010-04-04 36272]
"Adobe ARM"=C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe [2010-03-24 952768]
"AVG9_TRAY"=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2010-06-03 2065248]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"ProfiDialer"= []
"swg"=C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-07-29 68856]

C:\Dokumente und Einstellungen\Paddy\Startmenü\Programme\Autostart
siszpe32.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2005-02-01 61440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2010-04-22 12464]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\VESWinlogon]
C:\WINDOWS\system32\VESWinlogon.dll [2005-01-18 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2006-06-19 702768]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Programme\Sony\VAIO Media 4.0\Vc.exe"="C:\Programme\Sony\VAIO Media 4.0\Vc.exe:*:Disabled:[VAIO Media] VAIO Media"
"C:\Programme\Sony\VAIO Media Registration Tool\VmpClient.exe"="C:\Programme\Sony\VAIO Media Registration Tool\VmpClient.exe:*:Disabled:VAIO Media Client registry tool"
"C:\Programme\eMule\emule.exe"="C:\Programme\eMule\emule.exe:*:Enabled:eMule"
"C:\Programme\Morpheus\Morpheus.exe"="C:\Programme\Morpheus\Morpheus.exe:*:Enabled:M5Shell"
"D:\StubInstaller.exe"="D:\StubInstaller.exe:*:Enabled:LimeWire swarmed installer"
"C:\Programme\LimeWire\LimeWire.exe"="C:\Programme\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Programme\iTunes\iTunes.exe"="C:\Programme\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Programme\Soulseek\slsk.exe"="C:\Programme\Soulseek\slsk.exe:*:Enabled:SoulSeek"
"C:\Dokumente und Einstellungen\Paddy\Lokale Einstellungen\Temp\Temporäres Verzeichnis 1 für Director5100.zip\Director5100.exe"="C:\Dokumente und Einstellungen\Paddy\Lokale Einstellungen\Temp\Temporäres Verzeichnis 1 für Director5100.zip\Director5100.exe:*:Enabled:Service Software for ARTIST"
"C:\Programme\Riedel\Director5100.exe"="C:\Programme\Riedel\Director5100.exe:*:Enabled:Service Software for ARTIST"
"C:\totalcmd\TOTALCMD.EXE"="C:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"C:\Programme\****\****\****"="C:\Programme\****\****\****.exe:*:Enabled:****"
"C:\Programme\Grisoft\AVG Free\avginet.exe"="C:\Programme\Grisoft\AVG Free\avginet.exe:*:Enabled:avginet.exe"
"C:\Programme\Grisoft\AVG Free\avgamsvr.exe"="C:\Programme\Grisoft\AVG Free\avgamsvr.exe:*:Enabled:avgamsvr.exe"
"C:\Programme\Grisoft\AVG Free\avgcc.exe"="C:\Programme\Grisoft\AVG Free\avgcc.exe:*:Enabled:avgcc.exe"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Programme\Riedel\Director5101.exe"="C:\Programme\Riedel\Director5101.exe:*:Enabled:Service Software for ARTIST"
"C:\Programme\MSN Messenger\msnmsgr.exe"="C:\Programme\MSN Messenger\msnmsgr.exe:*:Enabled:MSN Messenger 7.5"
"C:\Programme\mymoments\Fotobuch.exe"="C:\Programme\mymoments\Fotobuch.exe:*:Enabled:mymoments Fotobuch"
"C:\Programme\Lawo\mxGUI\tools\xming\Xming.exe"="C:\Programme\Lawo\mxGUI\tools\xming\Xming.exe:*:Enabled:Xming X Server"
"C:\Programme\Mozilla Firefox\firefox.exe"="C:\Programme\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Programme\Java\jre6\bin\javaw.exe"="C:\Programme\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Programme\AVG\AVG9\avgupd.exe"="C:\Programme\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Programme\AVG\AVG9\avgnsx.exe"="C:\Programme\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Programme\MSN Messenger\msnmsgr.exe"="C:\Programme\MSN Messenger\msnmsgr.exe:*:Enabled:MSN Messenger 7.5"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7077ffb3-fa6e-11dc-a48c-00014a1d2e9b}]
shell\Auto\command - fun.xls.exe
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL fun.xls.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b1b54235-eb8e-11dd-b49f-00014a1d2e9b}]
shell\1\command - I:\.\recycled\info.exe
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL .\recycled\info.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b9de3bfa-4414-11dc-a39b-00014a1d2e9b}]
shell\AutoRun\command - G:\setupSNK.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cdb1a956-e18d-11dd-b487-00014a1d2e9b}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE      .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn


======List of files/folders created in the last 1 months======

2010-06-11 13:14:18 ----D---- C:\RSIT
2010-06-11 12:11:56 ----D---- C:\Programme\CCleaner
2010-06-11 12:09:55 ----D---- C:\Programme\Trend Micro
2010-06-09 15:53:06 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SecTaskMan
2010-06-09 15:53:01 ----D---- C:\Programme\Security Task Manager
2010-06-09 10:53:24 ----D---- C:\Dokumente und Einstellungen\****\Anwendungsdaten\Malwarebytes
2010-06-09 10:52:40 ----D---- C:\Programme\Malwarebytes' Anti-Malware
2010-06-09 10:52:40 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
2010-06-06 01:00:07 ----D---- C:\Programme\Gemeinsame Dateien\Steinberg
2010-06-04 09:44:37 ----D---- C:\Programme\****
2010-05-26 07:18:41 ----HDC---- C:\WINDOWS\$NtUninstallKB981793$
2010-05-12 23:55:11 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$

======List of files/folders modified in the last 1 months======

2010-06-11 13:12:53 ----D---- C:\WINDOWS\Prefetch
2010-06-11 13:05:36 ----D---- C:\WINDOWS\Temp
2010-06-11 13:05:08 ----D---- C:\WINDOWS
2010-06-11 13:02:55 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-06-11 12:50:47 ----D---- C:\WINDOWS\Minidump
2010-06-11 12:50:47 ----D---- C:\WINDOWS\Debug
2010-06-11 12:11:56 ----RD---- C:\Programme
2010-06-11 12:09:56 ----SHD---- C:\WINDOWS\Installer
2010-06-10 13:49:50 ----D---- C:\WINDOWS\system32\drivers
2010-06-09 18:44:47 ----D---- C:\WINDOWS\system32\CatRoot2
2010-06-09 18:12:03 ----D---- C:\Programme\Mozilla Firefox
2010-06-09 16:05:28 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-06-09 16:05:23 ----A---- C:\WINDOWS\system32\svchost.exe
2010-06-09 15:45:05 ----HDC---- C:\WINDOWS\$NtUninstallKB930178$
2010-06-08 14:35:25 ----D---- C:\WINDOWS\system32
2010-06-08 14:35:21 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-06-06 01:00:07 ----D---- C:\Programme\Gemeinsame Dateien
2010-06-05 12:29:19 ----D---- C:\Programme\JDownloader
2010-06-02 08:28:18 ----A---- C:\WINDOWS\system32\ssprs.dll
2010-06-02 08:28:18 ----A---- C:\WINDOWS\system32\lsprst7.dll
2010-05-26 07:18:47 ----HD---- C:\WINDOWS\inf
2010-05-12 23:55:13 ----D---- C:\Programme\Outlook Express
2010-05-12 09:15:03 ----HD---- C:\WINDOWS\$hf_mig$

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2010-04-22 216200]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2010-06-03 29584]
R1 AvgTdiX;AVG Free Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2010-06-03 242896]
R1 DMICall;Sony DMI Call service; C:\WINDOWS\system32\DRIVERS\DMICall.sys [2000-12-05 3952]
R1 intelppm;Intel-Prozessortreiber; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40448]
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2008-11-12 5632]
R1 VBoxDrv;VirtualBox Service; C:\WINDOWS\system32\DRIVERS\VBoxDrv.sys [2009-05-29 100944]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys [2009-05-29 41424]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.5.3.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2009-02-20 21419]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-03-17 13059]
R2 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2006-08-02 12544]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\WINDOWS\system32\DRIVERS\Apfiltr.sys [2003-09-29 94601]
R3 Arp1394;1394-ARP-Clientprotokoll; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-02-01 970240]
R3 AVMDSLPPPOE;AVM DSL PPPoE CAPI Treiber; C:\WINDOWS\system32\DRIVERS\avmdsloe.sys [2005-06-03 45440]
R3 AVMNDSL;AVM DSL NDIS WAN CAPI Treiber; C:\WINDOWS\system32\DRIVERS\avmndsl.sys [2005-06-03 38992]
R3 CLEDX;Team H2O CLEDX service; C:\WINDOWS\system32\DRIVERS\cledx.sys [2005-05-09 33792]
R3 CmBatt;Microsoft-Netzteiltreiber; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2005-02-02 14408]
R3 HDAudBus;Microsoft UAA-Bustreiber für High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Microsoft HID Class-Treiber; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2004-09-08 1041536]
R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2004-09-08 161024]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-02-22 2522560]
R3 mouhid;Maus-HID-Treiber; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-04 12288]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ATKACPI.sys [2003-09-26 5786]
R3 NIC1394;1394-Netzwerktreiber; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 RTL8023xp;Realtek RTL8139/810x/8169/8110 all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2004-12-02 70912]
R3 SNC;Sony Notebook Control Device; C:\WINDOWS\System32\Drivers\SonyNC.sys [2000-11-09 48896]
R3 SPI;Sony Programmable I/O Control Device; C:\WINDOWS\system32\DRIVERS\SonyPI.sys [2002-08-20 71961]
R3 tifmsony;tifmsony; C:\WINDOWS\system32\drivers\tifmsony.sys [2005-01-06 52736]
R3 usbehci;Miniporttreiber für erweiterten Microsoft USB 2.0-Hostcontroller; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Microsoft USB-Standardhubtreiber; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Miniporttreiber für universellen Microsoft USB-Hostcontroller; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp.sys [2009-05-29 79888]
R3 VBoxNetFlt;VBoxNetFlt Service; C:\WINDOWS\system32\DRIVERS\VBoxNetFlt.sys [2009-05-29 87760]
R3 w29n51;Intel(R) PRO/Wireless 2200BG Netzwerkverbindungstreiber für Windows XP; C:\WINDOWS\system32\DRIVERS\w29n51.sys [2006-06-29 2206720]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2004-09-08 685184]
S1 kbdhid;Tastatur-HID-Treiber; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
S2 Nsynas32;Nsynas32; C:\WINDOWS\system32\drivers\Nsynas32.sys [2001-04-09 17784]
S3 61883;61883-Einheitsgerät; C:\WINDOWS\system32\DRIVERS\61883.sys [2008-04-13 48128]
S3 AlphaTrack;AlphaTrack Driver; C:\WINDOWS\System32\Drivers\AlphaTrack.sys [2007-02-21 78848]
S3 AlphaTrackWdmService;AlphaTrack Wdm Audio; C:\WINDOWS\System32\Drivers\AlphaTrackWdm.sys [2006-12-18 34816]
S3 Avc;AVC-Gerät; C:\WINDOWS\system32\DRIVERS\avc.sys [2008-04-13 38912]
S3 BthEnum;Bluetooth-Auflistungsdienst; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BTHMODEM;Serieller Kommunikationstreiber für Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-13 37888]
S3 BthPan;Bluetooth-Gerät (PAN); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Bluetooth-Porttreiber; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 273024]
S3 BTHUSB;USB-Treiber für Bluetooth-Funkgerät; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 CCDECODE;Untertiteldecoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 FDLUBASE;AVM FRITZ!Card DSL SL USB (WinXP/2000); C:\WINDOWS\system32\DRIVERS\fdlubase.sys [2005-06-03 704128]
S3 GWUSB2E;USB 2.0 10/100Base Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\GWUSB2E.sys [2003-03-28 10496]
S3 hdsp;RME Hammerfall Audio Device; C:\WINDOWS\system32\drivers\hdsp.sys [2009-02-25 66048]
S3 MA_CMIDI;M-Audio USB Driver; C:\WINDOWS\system32\drivers\ma_cmidi.sys [2006-08-16 21888]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI-Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV-/Videoverbindung; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NETFWDSL;AVM FRITZ!web DSL PPP; C:\WINDOWS\system32\DRIVERS\NETFWDSL.SYS []
S3 pelmouse;Mouse Suite Driver; C:\WINDOWS\system32\DRIVERS\pelmouse.sys [2002-06-28 17251]
S3 pelusblf;USB Mouse Low Filter Driver; C:\WINDOWS\system32\DRIVERS\pelusblf.sys [2001-07-24 7520]
S3 RFCOMM;Bluetooth-Gerät (RFCOMM-Protokoll-TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 rrau0002;rrau0002; C:\WINDOWS\System32\Drivers\rrau0002.sys [2004-09-28 24576]
S3 rrwd0002;rrwd0002; C:\WINDOWS\System32\Drivers\rrwd0002.sys [2004-09-28 97280]
S3 Ser2pl;Prolific Serial port driver; C:\WINDOWS\system32\DRIVERS\ser2pl.sys [2002-04-09 39552]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SONYTVC;Sony MPEG RR-Engine; C:\WINDOWS\system32\DRIVERS\SONYTVC.sys [2005-01-11 237440]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2005-08-30 58320]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2005-08-30 8304]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2005-08-30 94000]
S3 streamip;BDA-IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbaudio;USB-Audiotreiber (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbccgp;Microsoft Standard-USB-Haupttreiber; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Microsoft USB-Druckerklasse; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB-Scannertreiber; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;USB-Massenspeichertreiber; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 uxldipoc;uxldipoc; \??\C:\DOKUME~1\Paddy\LOKALE~1\Temp\uxldipoc.sys []
S3 VBoxUSB;VirtualBox USB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [2009-10-29 32016]
S3 WSTCODEC;World Standard Teletext-Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AAV UpdateService;AAV UpdateService; C:\Programme\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [2008-10-24 128296]
R2 AdobeActiveFileMonitor;Adobe Active File Monitor; C:\Programme\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe [2004-10-12 98304]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-02-01 344064]
R2 avg9wd;AVG Free WatchDog; C:\Programme\AVG\AVG9\avgwdsvc.exe [2010-04-22 308064]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2010-06-09 14336]
R2 CCALib8;Canon Camera Access Library 8; C:\Programme\Canon\CAL\CALMAIN.exe [2007-01-31 96370]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Programme\Intel\Wireless\Bin\EvtEng.exe [2006-08-02 434176]
R2 JavaQuickStarterService;Java Quick Starter; C:\Programme\Java\jre6\bin\jqs.exe [2010-04-07 153376]
R2 MA_CMIDI_InstallerService;M-Audio Series II MIDI Installer; C:\Programme\M-Audio\M-Audio Series II MIDI\MA_CMIDI_Inst.exe [2006-03-01 94208]
R2 PhotoshopElementsDeviceConnect;Photoshop Elements Device Connect; C:\Programme\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe [2004-10-12 118784]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Programme\Intel\Wireless\Bin\RegSrvc.exe [2006-08-02 327680]
R2 S24EventMonitor;Intel(R) PROSet/Wireless Service; C:\Programme\Intel\Wireless\Bin\S24EvMon.exe [2006-08-02 937984]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-10 38912]
R2 VAIO Event Service;VAIO Event Service; C:\Programme\Sony\VAIO Event Service\VESMgr.exe [2005-01-21 150528]
S2 gupdate;Google Update Service (gupdate); C:\Programme\Google\Update\GoogleUpdate.exe [2010-02-25 135664]
S2 VCI;VAIO Cooporated Initialisation; C:\Programme\Sony\VAIO Cooperated Initialisation\VCI_SVC.exe [2005-01-04 398336]
S3 aspnet_state;ASP.NET-Zustandsdienst; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service; C:\Programme\AVG\AVG9\Toolbar\ToolbarBroker.exe [2010-04-19 430152]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 de_serv;AVM FRITZ!web Routing Service; C:\Programme\Gemeinsame Dateien\AVM\de_serv.exe [2004-03-29 196666]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Software Updater; C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-05-17 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 iPodService;iPodService; C:\Programme\iPod\bin\iPodService.exe [2005-10-18 323584]
S3 MSCSPTISRV;MSCSPTISRV; C:\Programme\Gemeinsame Dateien\Sony Shared\AVLib\MSCSPTISRV.exe [2005-01-26 53337]
S3 NetMDSB;MD Simple Burner Service; C:\Programme\Sony\MD Simple Burner\NetMDSB.exe [2005-01-15 782336]
S3 ose;Office Source Engine; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 PACSPTISVR;PACSPTISVR; C:\Programme\Gemeinsame Dateien\Sony Shared\AVLib\PACSPTISVR.exe [2005-01-26 53337]
S3 SPTISRV;Sony SPTI Service; C:\Programme\Gemeinsame Dateien\Sony Shared\AVLib\SPTISRV.exe [2005-01-26 69718]
S3 SSScsiSV;SonicStage SCSI Service; C:\Programme\Gemeinsame Dateien\Sony Shared\AVLib\SSScsiSV.exe [2005-01-24 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------
         
--- --- ---


und HijackThis-Log:

Code:
ATTFilter
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:24:19, on 11.06.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\AVG\AVG9\avgchsvx.exe
C:\Programme\AVG\AVG9\avgrsx.exe
C:\Programme\Intel\Wireless\Bin\EvtEng.exe
C:\Programme\AVG\AVG9\avgcsrvx.exe
C:\Programme\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Apoint\Apoint.exe
C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Programme\Realtek\InstallShield\AzMixerSel.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ICO.EXE
C:\Programme\Sony\VAIO Power Management\SPMgr.exe
C:\Programme\Sony\ISB Utility\ISBMgr.exe
C:\Programme\SyncroSoft\Pos\H2O\cledx.exe
C:\WINDOWS\system32\AlphaTrackApplet.exe
C:\WINDOWS\system32\hdsp32.exe
C:\WINDOWS\system32\hdspmix.exe
C:\Programme\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
C:\Programme\Apoint\Apntex.exe
C:\Programme\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Programme\AVG\AVG9\avgwdsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Java\jre6\bin\jqs.exe
C:\Programme\M-Audio\M-Audio Series II MIDI\MA_CMIDI_Inst.exe
C:\Programme\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
C:\Programme\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Programme\Sony\VAIO Event Service\VESMgr.exe
C:\Programme\AVG\AVG9\avgnsx.exe
C:\Programme\Canon\CAL\CALMAIN.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Programme\Trend Micro\HiJackThis\HiJackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Programme\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SparweltGutscheinAlarm.Sparwelt_Gutschein_Tool - {10945114-b19f-4614-8450-b25e444a1020} - mscoree.dll (file missing)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programme\AVG\AVG9\avgssie.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Programme\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
O2 - BHO: (no name) - {B96137B6-8596-4837-811C-7209AD5B27ED} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programme\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Programme\AVG\AVG9\Toolbar\IEToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Hcontrol] C:\WINDOWS\ATK0100\Hcontrol.exe
O4 - HKLM\..\Run: [Apoint] C:\Programme\Apoint\Apoint.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [AzMixerSel] C:\Programme\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Programme\Sony\VAIO Power Management\SPMgr.exe
O4 - HKLM\..\Run: [ISBMgr.exe] C:\Programme\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [H2O] C:\Programme\SyncroSoft\Pos\H2O\cledx.exe
O4 - HKLM\..\Run: [StartAlphaTrackApplet] AlphaTrackApplet.exe
O4 - HKLM\..\Run: [HDSPTray1] hdsp32.exe
O4 - HKLM\..\Run: [HDSPTray2] hdspmix.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Programme\Adobe\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: siszpe32.exe
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Google Sidewiki... - res://C:\Programme\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Übertragen mit Image Converter 2 - C:\Programme\Sony\Image Converter 2\menu.htm
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=hxxp://www.club-vaio.com/de/
O15 - Trusted Zone: *.sony-europe.com
O15 - Trusted Zone: *.sonystyle-europe.com
O15 - Trusted Zone: *.vaio-link.com
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Programme\AVG\AVG9\Toolbar\IEToolbar.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programme\AVG\AVG9\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: AAV UpdateService - Unknown owner - C:\Programme\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Programme\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Programme\AVG\AVG9\Toolbar\ToolbarBroker.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Programme\AVG\AVG9\avgwdsvc.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Programme\Canon\CAL\CALMAIN.exe
O23 - Service: AVM FRITZ!web Routing Service (de_serv) - AVM Berlin - C:\Programme\Gemeinsame Dateien\AVM\de_serv.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Programme\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Programme\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Programme\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe
O23 - Service: M-Audio Series II MIDI Installer (MA_CMIDI_InstallerService) - Unknown owner - C:\Programme\M-Audio\M-Audio Series II MIDI\MA_CMIDI_Inst.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Programme\Gemeinsame Dateien\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: MD Simple Burner Service (NetMDSB) - Sony Corporation - C:\Programme\Sony\MD Simple Burner\NetMDSB.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Programme\Gemeinsame Dateien\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Programme\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Programme\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation  - C:\Programme\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Programme\Gemeinsame Dateien\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Programme\Gemeinsame Dateien\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Programme\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Cooporated Initialisation (VCI) - Sony Corporation - C:\Programme\Sony\VAIO Cooperated Initialisation\VCI_SVC.exe

--
End of file - 11799 bytes
         
__________________


Alt 11.06.2010, 15:09   #3
markusg
/// Malware-holic
 
svchost.exe macht 100% Systemauslastung bei Internetverbindung - Standard

svchost.exe macht 100% Systemauslastung bei Internetverbindung



ootl:
Systemscan mit OTL
download otl:
http://filepony.de/download-otl/

Doppelklick auf die OTL.exe
(user von Windows 7 und Vista: Rechtsklick als Administrator ausführen)
1. Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
2. Hake an "scan all users"
3. Unter "Extra Registry wähle:
"Use Safelist" "LOP Check" "Purity Check"
4. Kopiere in die Textbox:
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT
5. Klicke "run Scan"
6. 2 reporte werden erstellt:
OTL.Txt
Extras.Txt
falls zu groß, bitte aufteilen
__________________

Alt 12.06.2010, 14:42   #4
Msmg
 
svchost.exe macht 100% Systemauslastung bei Internetverbindung - Beitrag

svchost.exe macht 100% Systemauslastung bei Internetverbindung



So hier das gewünschte...

OTL-Log:

[code]
OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 12.06.2010 13:25:00 - Run 1
OTL by OldTimer - Version 3.2.6.0     Folder = C:\OTL
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 75,00% Memory free
3,00 Gb Paging File | 2,00 Gb Available in Paging File | 86,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 27,95 Gb Total Space | 11,02 Gb Free Space | 39,42% Space Free | Partition Type: NTFS
Drive D: | 39,60 Gb Total Space | 17,98 Gb Free Space | 45,41% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: **
Current User Name: **
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Processes (SafeList) ==========
 
PRC - C:\OTL\OTL.exe (OldTimer Tools)
PRC - C:\Programme\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Programme\AVG\AVG9\avgnsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Programme\AVG\AVG9\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Programme\AVG\AVG9\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Programme\AVG\AVG9\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Programme\AVG\AVG9\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\WINDOWS\system32\hdspmix.exe ()
PRC - C:\WINDOWS\system32\hdsp32.exe (RME)
PRC - C:\Programme\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe ()
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\Programme\Canon\CAL\CALMAIN.exe (Canon Inc.)
PRC - C:\WINDOWS\system32\AlphaTrackApplet.exe (Frontier Design Group, LLC)
PRC - C:\Programme\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation)
PRC - C:\Programme\Intel\Wireless\Bin\S24EvMon.exe (Intel Corporation )
PRC - C:\Programme\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation)
PRC - C:\Programme\M-Audio\M-Audio Series II MIDI\MA_CMIDI_Inst.exe ()
PRC - C:\Programme\Syncrosoft\POS\H2O\cledx.exe (Team H2O)
PRC - C:\Programme\Realtek\InstallShield\AzMixerSel.exe (Realtek Semiconductor Corp.)
PRC - C:\Programme\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
PRC - C:\Programme\Sony\VAIO Power Management\SPMgr.exe (Sony Corporation)
PRC - C:\Programme\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe ()
PRC - C:\Programme\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe ()
PRC - C:\Programme\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
PRC - C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
PRC - C:\Programme\Apoint\ApntEx.exe (Alps Electric Co., Ltd.)
PRC - C:\WINDOWS\system32\ico.exe (Primax Electronics Ltd.)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\OTL\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)
MOD - C:\WINDOWS\system32\framedyn.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (avg9wd) -- C:\Programme\AVG\AVG9\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (AVG Security Toolbar Service) -- C:\Programme\AVG\AVG9\Toolbar\ToolbarBroker.exe ()
SRV - (AAV UpdateService) -- C:\Programme\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe ()
SRV - (CCALib8) -- C:\Programme\Canon\CAL\CALMAIN.exe (Canon Inc.)
SRV - (EvtEng) Intel(R) -- C:\Programme\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation)
SRV - (S24EventMonitor) Intel(R) -- C:\Programme\Intel\Wireless\Bin\S24EvMon.exe (Intel Corporation )
SRV - (RegSrvc) Intel(R) -- C:\Programme\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation)
SRV - (MA_CMIDI_InstallerService) -- C:\Programme\M-Audio\M-Audio Series II MIDI\MA_CMIDI_Inst.exe ()
SRV - (IDriverT) -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (MSCSPTISRV) -- C:\Programme\Gemeinsame Dateien\Sony Shared\AVLib\MSCSPTISRV.exe (Sony Corporation)
SRV - (PACSPTISVR) -- C:\Programme\Gemeinsame Dateien\Sony Shared\AVLib\PACSPTISVR.exe (Sony Corporation)
SRV - (SPTISRV) -- C:\Programme\Gemeinsame Dateien\Sony Shared\AVLib\SPTISRV.exe (Sony Corporation)
SRV - (SSScsiSV) -- C:\Programme\Gemeinsame Dateien\Sony Shared\AVLib\SSScsiSV.exe (Sony Corporation)
SRV - (VAIO Event Service) -- C:\Programme\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
SRV - (NetMDSB) -- C:\Programme\Sony\MD Simple Burner\NetMDSB.exe (Sony Corporation)
SRV - (VCI) -- C:\Programme\Sony\VAIO Cooperated Initialisation\VCI_svc.exe (Sony Corporation)
SRV - (AdobeActiveFileMonitor) -- C:\Programme\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe ()
SRV - (PhotoshopElementsDeviceConnect) -- C:\Programme\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe ()
SRV - (de_serv) -- C:\Programme\Gemeinsame Dateien\AVM\De_serv.exe (AVM Berlin)
SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (AvgTdiX) -- C:\WINDOWS\system32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgMfx86) -- C:\WINDOWS\system32\drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgLdx86) -- C:\WINDOWS\system32\drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (VBoxUSB) -- C:\WINDOWS\system32\drivers\VBoxUSB.sys (Sun Microsystems, Inc.)
DRV - (VBoxNetAdp) -- C:\WINDOWS\system32\drivers\VBoxNetAdp.sys (Sun Microsystems, Inc.)
DRV - (VBoxUSBMon) -- C:\WINDOWS\system32\drivers\VBoxUSBMon.sys (Sun Microsystems, Inc.)
DRV - (VBoxDrv) -- C:\WINDOWS\system32\drivers\VBoxDrv.sys (Sun Microsystems, Inc.)
DRV - (VBoxNetFlt) -- C:\WINDOWS\system32\drivers\VBoxNetFlt.sys (Sun Microsystems, Inc.)
DRV - (hdsp) -- C:\WINDOWS\system32\drivers\hdsp.sys (RME)
DRV - (StarOpen) -- C:\WINDOWS\system32\drivers\StarOpen.sys ()
DRV - (61883) -- C:\WINDOWS\system32\drivers\61883.sys (Microsoft Corporation)
DRV - (Avc) -- C:\WINDOWS\system32\drivers\avc.sys (Microsoft Corporation)
DRV - (usbaudio) USB-Audiotreiber (WDM) -- C:\WINDOWS\system32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (AlphaTrack) -- C:\WINDOWS\system32\drivers\AlphaTrack.sys (Frontier Design Group, LLC)
DRV - (AlphaTrackWdmService) -- C:\WINDOWS\system32\drivers\AlphaTrackWdm.sys (Frontier Design Group, LLC)
DRV - (MA_CMIDI) -- C:\WINDOWS\system32\drivers\ma_cmidi.sys (M-Audio)
DRV - (s24trans) -- C:\WINDOWS\system32\drivers\s24trans.sys (Intel Corporation)
DRV - (w29n51) Intel(R) -- C:\WINDOWS\system32\drivers\w29n51.sys (Intel® Corporation)
DRV - (ss_mdm) -- C:\WINDOWS\system32\drivers\ss_mdm.sys (MCCI)
DRV - (ss_mdfl) -- C:\WINDOWS\system32\drivers\ss_mdfl.sys (MCCI)
DRV - (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM) -- C:\WINDOWS\system32\drivers\ss_bus.sys (MCCI)
DRV - (FDLUBASE) AVM FRITZ!Card DSL SL USB (WinXP/2000) -- C:\WINDOWS\system32\drivers\fdlubase.sys (AVM Berlin)
DRV - (AVMDSLPPPOE) -- C:\WINDOWS\system32\drivers\avmdsloe.sys (AVM GmbH)
DRV - (AVMNDSL) -- C:\WINDOWS\system32\drivers\avmndsl.sys (AVM GmbH)
DRV - (CLEDX) -- C:\WINDOWS\system32\drivers\cledx.sys (Team H2O)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (SONYTVC) -- C:\WINDOWS\system32\drivers\SONYTVC.sys (Sony Corporation)
DRV - (tifmsony) -- C:\WINDOWS\system32\drivers\tifmsony.sys (Texas Instruments)
DRV - (RTL8023xp) -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys (Realtek Semiconductor Corporation                           )
DRV - (rrau0002) -- C:\WINDOWS\system32\drivers\rrau0002.sys (BridgeCo AG)
DRV - (rrwd0002) -- C:\WINDOWS\system32\drivers\rrwd0002.sys (BridgeCo AG)
DRV - (HSFHWAZL) -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (HSF_DP) -- C:\WINDOWS\system32\drivers\HSF_DP.sys (Conexant Systems, Inc.)
DRV - (d347prt) -- C:\WINDOWS\System32\Drivers\d347prt.sys ( )
DRV - (d347bus) -- C:\WINDOWS\system32\DRIVERS\d347bus.sys ( )
DRV - (ApfiltrService) -- C:\WINDOWS\system32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (MTsensor) -- C:\WINDOWS\system32\drivers\ATKACPI.sys ()
DRV - (GWUSB2E) -- C:\WINDOWS\system32\drivers\GWUSB2E.sys (Generic )
DRV - (SPI) -- C:\WINDOWS\system32\drivers\SonyPI.sys (Sony Corporation)
DRV - (pelmouse) -- C:\WINDOWS\system32\drivers\PELMOUSE.SYS (Primax Electronics Ltd.)
DRV - (Ser2pl) -- C:\WINDOWS\system32\drivers\ser2pl.sys (Prolific Technology Inc.)
DRV - (pelusblf) -- C:\WINDOWS\system32\drivers\PELUSBlf.SYS (Primax Electronics Ltd.)
DRV - (Nsynas32) -- C:\WINDOWS\system32\drivers\NSynas32.sys (Syncrosoft Hard- und Software GmbH)
DRV - (DMICall) -- C:\WINDOWS\system32\drivers\DMICall.sys (Sony Corporation)
DRV - (SNC) -- C:\WINDOWS\system32\drivers\SonyNC.sys (Sony Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
 
 
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.club-vaio.com/de/
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Programme\AVG\AVG9\Toolbar\IEToolbar.dll ()
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.club-vaio.com/de/
IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Programme\AVG\AVG9\Toolbar\IEToolbar.dll ()
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.club-vaio.com/de/
 
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.club-vaio.com/de/
 
IE - HKU\S-1-5-21-1126878031-2439804501-3234919006-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\S-1-5-21-1126878031-2439804501-3234919006-1006\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-1126878031-2439804501-3234919006-1006\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\S-1-5-21-1126878031-2439804501-3234919006-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-1126878031-2439804501-3234919006-1006\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-1126878031-2439804501-3234919006-1006\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Programme\AVG\AVG9\Toolbar\IEToolbar.dll ()
IE - HKU\S-1-5-21-1126878031-2439804501-3234919006-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaulturl: "hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
FF - prefs.js..browser.search.selectedEngine: "Wikipedia (de)"
FF - prefs.js..browser.startup.homepage: "about:blank"
FF - prefs.js..extensions.enabledItems: sparweltgutscheinewl@sparwelt.de:1.0
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.825
FF - prefs.js..extensions.enabledItems: avg@igeared:4.504.019.002
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Programme\AVG\AVG9\Firefox [2010.06.03 09:41:38 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Programme\AVG\AVG9\Toolbar\Firefox\avg@igeared [2010.05.19 18:42:03 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Programme\Mozilla Firefox\components [2010.06.09 18:11:49 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2010.06.09 18:11:34 | 000,000,000 | ---D | M]
 
[2008.09.07 20:01:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\Mozilla\Extensions
[2010.06.08 12:05:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\Mozilla\Firefox\Profiles\tl1rio09.default\extensions
[2010.05.01 10:25:11 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\Mozilla\Firefox\Profiles\tl1rio09.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.04.29 17:47:03 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\Mozilla\Firefox\Profiles\tl1rio09.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010.03.14 17:08:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\Mozilla\Firefox\Profiles\tl1rio09.default\extensions\sparweltgutscheinewl@sparwelt.de
[2010.06.08 12:05:14 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2006.06.03 20:50:12 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Programme\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010.04.01 17:54:38 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.04.01 17:54:38 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.04.01 17:54:38 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.04.01 17:54:38 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.04.01 17:54:38 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2004.08.04 13:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programme\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Programme\AVG\AVG9\Toolbar\IEToolbar.dll ()
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll (Google Inc.)
O2 - BHO: (no name) - {B96137B6-8596-4837-811C-7209AD5B27ED} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programme\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Programme\AVG\AVG9\Toolbar\IEToolbar.dll ()
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-21-1126878031-2439804501-3234919006-1006\..\Toolbar\ShellBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-21-1126878031-2439804501-3234919006-1006\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-21-1126878031-2439804501-3234919006-1006\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Programme\AVG\AVG9\Toolbar\IEToolbar.dll ()
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] D:\Programme\Adobe\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [Apoint] C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Programme\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [AzMixerSel] C:\Programme\Realtek\InstallShield\AzMixerSel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [H2O] C:\Programme\Syncrosoft\POS\H2O\cledx.exe (Team H2O)
O4 - HKLM..\Run: [Hcontrol] C:\WINDOWS\ATK0100\Hcontrol.exe ()
O4 - HKLM..\Run: [HDSPTray1] C:\WINDOWS\System32\hdsp32.exe (RME)
O4 - HKLM..\Run: [HDSPTray2] C:\WINDOWS\System32\hdspmix.exe ()
O4 - HKLM..\Run: [ISBMgr.exe] C:\Programme\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [Mouse Suite 98 Daemon] C:\WINDOWS\System32\ico.exe (Primax Electronics Ltd.)
O4 - HKLM..\Run: [SonyPowerCfg] C:\Programme\Sony\VAIO Power Management\SPMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [StartAlphaTrackApplet] C:\WINDOWS\System32\AlphaTrackApplet.exe (Frontier Design Group, LLC)
O4 - HKU\S-1-5-21-1126878031-2439804501-3234919006-1006..\Run: [ProfiDialer]  File not found
O4 - HKU\S-1-5-21-1126878031-2439804501-3234919006-1006..\Run: [swg] C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\Paddy\Startmenü\Programme\Autostart\siszpe32.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1126878031-2439804501-3234919006-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Easy-WebPrint Add To Print List - C:\Programme\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint High Speed Print - C:\Programme\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint Preview - C:\Programme\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint Print - C:\Programme\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Google Sidewiki... - C:\Programme\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.)
O15 - HKU\.DEFAULT\..Trusted Domains: sony-europe.com ([] in Lokales Intranet)
O15 - HKU\.DEFAULT\..Trusted Domains: sony-europe.com ([]* in Vertrauenswürdige Sites)
O15 - HKU\.DEFAULT\..Trusted Domains: sonystyle-europe.com ([] in Lokales Intranet)
O15 - HKU\.DEFAULT\..Trusted Domains: sonystyle-europe.com ([]* in Vertrauenswürdige Sites)
O15 - HKU\.DEFAULT\..Trusted Domains: vaio-link.com ([] in Lokales Intranet)
O15 - HKU\.DEFAULT\..Trusted Domains: vaio-link.com ([]* in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-18\..Trusted Domains: sony-europe.com ([] in Lokales Intranet)
O15 - HKU\S-1-5-18\..Trusted Domains: sony-europe.com ([]* in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-18\..Trusted Domains: sonystyle-europe.com ([] in Lokales Intranet)
O15 - HKU\S-1-5-18\..Trusted Domains: sonystyle-europe.com ([]* in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-18\..Trusted Domains: vaio-link.com ([] in Lokales Intranet)
O15 - HKU\S-1-5-18\..Trusted Domains: vaio-link.com ([]* in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-21-1126878031-2439804501-3234919006-1006\..Trusted Domains: sony-europe.com ([]* in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-21-1126878031-2439804501-3234919006-1006\..Trusted Domains: sonystyle-europe.com ([]* in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-21-1126878031-2439804501-3234919006-1006\..Trusted Domains: vaio-link.com ([]* in Vertrauenswürdige Sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_01-windows-i586.cab (Java Plug-in 1.5.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Programme\AVG\AVG9\Toolbar\IEToolbar.dll ()
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programme\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - Winlogon\Notify\VESWinlogon: DllName - VESWinlogon.dll - C:\WINDOWS\System32\VESWinlogon.dll (Sony Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Paddy\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Paddy\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005.03.03 15:28:36 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{7077ffb3-fa6e-11dc-a48c-00014a1d2e9b}\Shell\Auto\command - "" = fun.xls.exe
O33 - MountPoints2\{7077ffb3-fa6e-11dc-a48c-00014a1d2e9b}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{b1b54235-eb8e-11dd-b49f-00014a1d2e9b}\Shell - "" = AutoRun
O33 - MountPoints2\{b1b54235-eb8e-11dd-b49f-00014a1d2e9b}\Shell\1\Command - "" = I:\.\recycled\info.exe -- File not found
O33 - MountPoints2\{b1b54235-eb8e-11dd-b49f-00014a1d2e9b}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{b9de3bfa-4414-11dc-a39b-00014a1d2e9b}\Shell\AutoRun\command - "" = G:\setupSNK.exe -- File not found
O33 - MountPoints2\{cdb1a956-e18d-11dd-b487-00014a1d2e9b}\Shell - "" = AutoRun
O33 - MountPoints2\{cdb1a956-e18d-11dd-b487-00014a1d2e9b}\Shell\AutoRun - "" = Auto&Play
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs: 6to4 -  File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2005.03.03 15:28:02 | 000,000,000 | ---D | M]
NetSvcs: Iprip -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp -  File not found
 
 
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
 
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: nm -  File not found
SafeBootNet: nm.sys -  File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
 
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
 
Drivers32: midi1 - C:\WINDOWS\System32\ma_cmidn.dll (M-Audio)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSACM.MI-SC4 - C:\WINDOWS\System32\mi-sc4.acm (Micronas Intermetall)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.444p - C:\Programme\t@b\0.958\686\tabdec.dll File not found
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivXNetworks, Inc.)
Drivers32: VIDC.dvsd - C:\Programme\Gemeinsame Dateien\Sony Shared\VideoLib\sonydv.dll (Sony Corporation)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.mpng - C:\Programme\t@b\0.958\686\tabdec.dll File not found
Drivers32: vidc.mvjp - C:\Programme\t@b\0.958\686\tabdec.dll File not found
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivXNetworks, Inc.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (16902109354000384)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.06.12 11:55:41 | 000,000,000 | ---D | C] -- C:\OTL
[2010.06.11 13:30:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Paddy\Desktop\Safety
[2010.06.11 13:14:18 | 000,000,000 | ---D | C] -- C:\RSIT
[2010.06.11 12:50:46 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Paddy\Recent
[2010.06.11 12:11:56 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner
[2010.06.11 12:09:55 | 000,000,000 | ---D | C] -- C:\Programme\Trend Micro
[2010.06.09 15:53:06 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SecTaskMan
[2010.06.09 15:53:01 | 000,000,000 | ---D | C] -- C:\Programme\Security Task Manager
[2010.06.09 10:53:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\Malwarebytes
[2010.06.09 10:52:41 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.06.09 10:52:40 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.06.09 10:52:40 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.06.09 10:52:40 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2010.06.06 01:00:07 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Steinberg
[2010.06.04 09:44:37 | 000,000,000 | ---D | C] -- C:\Programme\East West
[2010.05.26 09:08:05 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Paddy\Desktop\vers
[2010.04.09 10:58:49 | 000,155,136 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d347bus.sys
[2010.04.09 10:58:49 | 000,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d347prt.sys
 
========== Files - Modified Within 30 Days ==========
 
[2010.06.12 13:26:30 | 000,772,096 | ---- | M] () -- C:\WINDOWS\System32\drivers\vgqci.sys
[2010.06.12 13:06:41 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.06.12 13:05:42 | 000,001,084 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010.06.12 13:05:40 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.06.12 13:05:16 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.06.12 13:05:05 | 2146,816,000 | -HS- | M] () -- C:\hiberfil.sys
[2010.06.12 11:59:56 | 015,466,496 | -H-- | M] () -- C:\Dokumente und Einstellungen\Paddy\NTUSER.DAT
[2010.06.12 11:59:56 | 000,000,300 | -HS- | M] () -- C:\Dokumente und Einstellungen\Paddy\ntuser.ini
[2010.06.11 13:05:18 | 000,001,088 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010.06.10 13:49:12 | 001,381,954 | -H-- | M] () -- C:\Dokumente und Einstellungen\Paddy\Lokale Einstellungen\Anwendungsdaten\IconCache.db
[2010.06.09 16:05:23 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\svchost.exe
[2010.06.09 11:03:12 | 060,860,587 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010.06.08 16:34:10 | 002,414,592 | ---- | M] () -- C:\Dokumente und Einstellungen\Paddy\Desktop\svchost-orte.doc
[2010.06.08 14:35:26 | 000,453,424 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.06.08 14:35:26 | 000,076,038 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.06.08 14:35:25 | 000,475,180 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2010.06.08 14:35:25 | 000,091,464 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2010.06.08 14:35:21 | 001,109,742 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.06.03 09:28:03 | 000,242,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2010.06.03 09:28:02 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2010.06.02 08:28:18 | 000,000,219 | ---- | M] () -- C:\WINDOWS\System32\lsprst7.tgz
[2010.06.02 08:28:18 | 000,000,205 | ---- | M] () -- C:\WINDOWS\System32\lsprst7.dll
[2010.06.02 08:28:18 | 000,000,087 | ---- | M] () -- C:\WINDOWS\System32\ssprs.tgz
[2010.06.02 08:28:18 | 000,000,073 | ---- | M] () -- C:\WINDOWS\System32\ssprs.dll
[2010.06.01 17:54:13 | 000,171,008 | ---- | M] () -- C:\Dokumente und Einstellungen\Paddy\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
========== Files Created - No Company Name ==========
 
[2010.06.08 16:34:05 | 002,414,592 | ---- | C] () -- C:\Dokumente und Einstellungen\Paddy\Desktop\svchost-orte.doc
[2010.06.08 12:07:48 | 000,772,096 | ---- | C] () -- C:\WINDOWS\System32\drivers\vgqci.sys
[2009.10.26 12:36:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\uni95.INI
[2009.10.26 12:36:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\uni95old.INI
[2009.04.07 16:37:03 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\sysprs7.dll
[2009.04.07 16:37:03 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth2.dll
[2009.04.07 16:37:03 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth1.dll
[2009.04.07 16:37:03 | 000,000,205 | ---- | C] () -- C:\WINDOWS\System32\lsprst7.dll
[2009.04.07 16:37:03 | 000,000,073 | ---- | C] () -- C:\WINDOWS\System32\ssprs.dll
[2009.04.03 17:58:36 | 000,000,016 | ---- | C] () -- C:\WINDOWS\System32\msvcsv60.dll
[2009.02.20 13:47:59 | 000,000,056 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2009.02.16 19:37:54 | 000,905,290 | ---- | C] () -- C:\WINDOWS\System32\libmmd.dll
[2009.01.25 11:32:56 | 000,036,352 | ---- | C] () -- C:\WINDOWS\System32\ewctl32.dll
[2008.12.03 21:28:55 | 000,000,019 | ---- | C] () -- C:\WINDOWS\SoundConverter.INI
[2008.11.12 10:23:54 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2007.09.11 15:25:04 | 000,000,785 | ---- | C] () -- C:\WINDOWS\dcsi162504.ini
[2007.09.04 11:43:12 | 000,000,180 | ---- | C] () -- C:\WINDOWS\CMAPSI.INI
[2007.09.04 11:38:17 | 000,001,458 | ---- | C] () -- C:\WINDOWS\adpmain.ini
[2007.09.04 11:36:11 | 000,001,449 | ---- | C] () -- C:\WINDOWS\adpmain123611.ini
[2007.09.04 11:36:11 | 000,000,126 | ---- | C] () -- C:\WINDOWS\dcsi123611.ini
[2007.09.04 11:18:00 | 000,001,449 | ---- | C] () -- C:\WINDOWS\adpmain121800.ini
[2007.09.04 11:18:00 | 000,000,126 | ---- | C] () -- C:\WINDOWS\dcsi121800.ini
[2007.09.03 13:09:18 | 000,004,072 | ---- | C] () -- C:\WINDOWS\DCSi.INI
[2007.09.03 13:06:53 | 000,000,182 | ---- | C] () -- C:\WINDOWS\key162504.ini
[2007.09.03 13:06:53 | 000,000,175 | ---- | C] () -- C:\WINDOWS\KEY.INI
[2007.09.03 13:06:53 | 000,000,174 | ---- | C] () -- C:\WINDOWS\key121800.ini
[2007.09.03 13:06:53 | 000,000,173 | ---- | C] () -- C:\WINDOWS\key123611.ini
[2007.09.03 13:06:52 | 000,001,449 | ---- | C] () -- C:\WINDOWS\adpmain140652.ini
[2007.01.27 11:18:35 | 000,003,424 | ---- | C] () -- C:\WINDOWS\tm.ini
[2006.06.04 19:13:03 | 000,402,338 | ---- | C] () -- C:\WINDOWS\MPfun.ini
[2006.06.03 20:45:00 | 000,000,199 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2006.05.24 23:47:11 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2006.04.19 01:04:53 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2006.02.17 13:07:37 | 000,000,081 | ---- | C] () -- C:\WINDOWS\Prestopm.INI
[2006.01.17 14:01:15 | 000,000,032 | ---- | C] () -- C:\WINDOWS\ncvk32.ini
[2006.01.17 13:48:05 | 000,000,526 | ---- | C] () -- C:\WINDOWS\rsagent.ini
[2005.10.05 00:32:09 | 000,000,112 | ---- | C] () -- C:\WINDOWS\ActiveSkin.INI
[2005.09.14 21:41:58 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\CNMVS6y.DLL
[2005.09.14 21:35:28 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\IPPCPUID.DLL
[2005.09.14 21:35:17 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\PMSBFN32.DLL
[2005.09.14 21:28:23 | 000,000,516 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2005.09.14 21:24:09 | 000,000,398 | ---- | C] () -- C:\WINDOWS\System32\CNCMP60.INI
[2005.03.06 16:45:32 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005.03.06 14:56:34 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2005.03.06 14:56:34 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2005.03.06 14:56:34 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2005.03.06 14:56:34 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2005.03.06 14:56:34 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2005.03.06 14:56:34 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2005.03.06 14:53:55 | 000,000,000 | ---- | C] () -- C:\WINDOWS\VAIOUpdt.INI
[2005.03.06 14:18:45 | 000,000,849 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2005.03.03 16:04:00 | 000,156,672 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2005.03.03 07:14:18 | 000,005,786 | ---- | C] () -- C:\WINDOWS\System32\drivers\ATKACPI.sys
[2005.03.03 07:14:18 | 000,002,074 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2005.01.18 03:31:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004.08.22 17:04:56 | 000,069,120 | ---- | C] () -- C:\WINDOWS\daemon.dll
[2003.10.14 06:18:38 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2003.10.14 06:04:24 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\Cpuinf32.dll
[2003.02.20 17:53:42 | 000,005,702 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001.10.24 15:00:40 | 000,524,288 | ---- | C] () -- C:\WINDOWS\System32\TDI-SonyOMG.dll
[1997.09.26 11:39:52 | 000,000,073 | ---- | C] () -- C:\WINDOWS\Hdkctnts.ini
 
========== LOP Check ==========
 
[2009.06.05 11:22:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AAV
[2010.04.22 09:31:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVG Security Toolbar
[2010.04.22 09:29:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\avg9
[2010.03.14 16:36:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Deskshare
[2008.04.12 17:31:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ElsterFormular
[2009.01.04 14:05:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Grisoft
[2010.03.14 17:43:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NCH Swift Sound
[2009.01.09 21:25:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Propellerhead Software
[2008.12.03 19:42:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ScanSoft
[2010.06.09 16:08:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SecTaskMan
[2009.01.30 17:49:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SIR
[2008.12.03 19:42:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SSScanAppDataDir
[2005.09.14 21:28:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SSScanWizard
[2010.03.14 16:38:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP
[2010.04.09 11:28:50 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{1D27CD5F-93BB-4968-A5F1-E87D998A9554}
[2010.04.09 11:32:35 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{A518DCBE-06AD-461B-8F2E-C53AA3525C15}
[2010.04.09 11:24:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{E7D4E1BB-A8A8-4E3B-BEA6-38DD8E4522DF}
[2005.10.27 21:03:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\sony
[2006.11.27 13:30:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\3M
[2010.03.05 12:31:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\AnvSoft
[2010.03.05 19:12:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\Aura4You
[2010.03.14 13:40:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\AVCutty
[2010.03.15 12:06:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\avidemux
[2010.04.10 10:05:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\Canon
[2005.09.28 22:28:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\DataLayer
[2007.07.06 11:40:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\FileMaker
[2009.10.03 13:06:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\Flux
[2005.09.08 11:03:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\FRITZ!
[2008.07.12 12:05:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\Grisoft
[2005.09.26 14:45:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\InterVideo
[2005.09.25 18:56:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\Leadertech
[2005.09.14 21:34:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\NewSoft
[2005.09.28 22:28:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\Nokia
[2007.01.09 22:25:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\NSBackup
[2009.03.26 15:33:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\Nvu
[2009.02.23 18:26:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\Samsung
[2005.09.14 21:28:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\ScanSoft
[2009.01.30 18:05:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\SIR
[2005.09.07 13:56:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\sony
[2010.03.15 13:10:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\SparweltGutschein
[2008.12.17 18:55:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\Steinberg
[2005.09.10 12:13:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\Template
[2010.05.04 10:19:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\TweakNow PowerPack 2010
[2010.04.10 00:14:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\TweakNow RegCleaner
[2009.11.01 13:56:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\VUPlayer
[2007.09.22 21:58:11 | 000,000,106 | ---- | M] () -- C:\WINDOWS\Tasks\Low Battery Alarm Program.job
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< %ALLUSERSPROFILE%\Application Data\*. >
[2005.03.06 15:14:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Application Data\Adobe
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2006.11.27 13:30:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\3M
[2009.04.01 18:01:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\Adobe
[2009.03.26 12:40:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\AdobeUM
[2010.03.05 12:31:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\AnvSoft
[2005.12.11 22:00:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\Apple Computer
[2010.03.05 19:12:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\Aura4You
[2010.03.14 13:40:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\AVCutty
[2010.03.15 12:06:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\avidemux
[2008.12.01 22:07:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\CameraWindowDC
[2010.04.10 10:05:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\Canon
[2008.12.01 22:04:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\CANON INC
[2005.09.28 22:28:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\DataLayer
[2009.03.25 17:57:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\Download Manager
[2010.03.11 17:41:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\dvdcss
[2007.07.06 11:40:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\FileMaker
[2009.10.03 13:06:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\Flux
[2005.09.08 11:03:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\FRITZ!
[2006.09.24 15:24:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\Google
[2008.07.12 12:05:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\Grisoft
[2007.01.09 22:25:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\Help
[2005.03.03 15:28:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\Identities
[2008.09.20 14:05:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\InstallShield
[2005.09.26 14:45:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\InterVideo
[2005.09.25 18:56:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\Leadertech
[2005.03.06 15:12:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\Macromedia
[2010.06.09 10:53:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\Malwarebytes
[2010.03.14 17:07:41 | 000,000,000 | --SD | M] -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\Microsoft
[2006.06.03 20:50:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\Mozilla
[2010.03.14 17:27:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\NCH Software
[2005.09.14 21:34:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\NewSoft
[2005.09.28 22:28:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\Nokia
[2007.01.09 22:25:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\NSBackup
[2009.03.26 15:33:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\Nvu
[2005.11.05 10:49:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\Real
[2009.02.23 18:26:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\Samsung
[2005.09.14 21:28:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\ScanSoft
[2009.01.30 18:05:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\SIR
[2005.09.25 18:57:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\Sonic
[2005.09.07 13:56:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\sony
[2008.12.03 21:06:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\Sony Corporation
[2010.03.15 13:10:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\SparweltGutschein
[2008.12.17 18:55:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\Steinberg
[2005.11.06 21:27:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\Sun
[2005.09.07 13:49:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\Symantec
[2005.09.10 12:13:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\Template
[2010.05.04 10:19:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\TweakNow PowerPack 2010
[2010.04.10 00:14:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\TweakNow RegCleaner
[2009.01.29 19:35:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\vlc
[2009.11.01 13:56:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\VUPlayer
[2010.04.07 20:19:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\WinRAR
[2008.11.29 23:24:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\ZoomBrowser EX
 
< %APPDATA%\*.exe /s >
[2010.06.11 12:09:56 | 000,388,096 | R--- | M] (Trend Micro Inc.) -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
[2010.03.14 17:08:07 | 000,005,550 | R--- | M] () -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\Microsoft\Installer\{5943B7F7-678B-477E-9AEE-6E4C6962322B}\_6FEFF9B68218417F98F549.exe
[2010.06.06 01:00:14 | 000,015,086 | R--- | M] () -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\Microsoft\Installer\{B7DAD844-34CD-456B-83CC-88065323DD69}\_18be6784.exe
[2010.06.06 01:00:14 | 000,015,086 | R--- | M] () -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\Microsoft\Installer\{B7DAD844-34CD-456B-83CC-88065323DD69}\_294823.exe
[2010.06.06 01:00:14 | 000,015,086 | R--- | M] () -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\Microsoft\Installer\{B7DAD844-34CD-456B-83CC-88065323DD69}\_2cd672ae.exe
[2010.06.06 01:00:14 | 000,015,086 | R--- | M] () -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\Microsoft\Installer\{B7DAD844-34CD-456B-83CC-88065323DD69}\_4ae13d6c.exe
[2010.03.29 11:28:35 | 000,053,248 | R--- | M] (Acresso Software Inc.) -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\Microsoft\Installer\{DF6FE172-006A-4324-AF7F-ACFE4BA290FE}\ARPPRODUCTICON.exe
[2007.09.11 15:24:48 | 000,000,766 | R--- | M] () -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\Microsoft\Installer\{F93F4F75-0BEA-40B2-88EA-B9C12718C3FF}\_398212f1.exe
[2007.09.11 15:24:48 | 000,000,766 | R--- | M] () -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\Microsoft\Installer\{F93F4F75-0BEA-40B2-88EA-B9C12718C3FF}\_464d2023.exe
[2007.09.11 15:24:48 | 000,000,766 | R--- | M] () -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\Microsoft\Installer\{F93F4F75-0BEA-40B2-88EA-B9C12718C3FF}\_678e85a.exe
[2007.09.11 15:24:48 | 000,029,926 | R--- | M] () -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\Microsoft\Installer\{F93F4F75-0BEA-40B2-88EA-B9C12718C3FF}\_76b135a.exe
[2005.02.13 16:24:00 | 001,733,385 | ---- | M] (Sony ITE                                                                                                                                                                                                                 ) -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\sony\myclubvaio\sections\software\shows\nis.exe
[2005.02.13 16:22:00 | 001,178,540 | ---- | M] (Sony ITE                                                                                                                                                                                                                 ) -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\sony\myclubvaio\sections\software\shows\npm.exe
[2005.02.13 16:26:00 | 001,430,296 | ---- | M] (Sony ITE                                                                                                                                                                                                                 ) -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\sony\myclubvaio\sections\software\shows\psp.exe
[2005.02.15 13:33:00 | 004,942,537 | ---- | M] (Sony ITE                                                                                                                                                                                                                 ) -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\sony\myclubvaio\sections\software\shows\YahooDE.exe
[2005.02.15 13:31:00 | 004,960,611 | ---- | M] (Sony ITE                                                                                                                                                                                                                 ) -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\sony\myclubvaio\sections\software\shows\YahooFR.exe
[2005.02.15 13:42:00 | 007,037,826 | ---- | M] (Sony ITE                                                                                                                                                                                                                 ) -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\sony\myclubvaio\sections\software\shows\YahooIT.exe
[2005.02.13 16:52:00 | 012,482,453 | ---- | M] (Sony ITE                                                                                                                                                                                                                 ) -- C:\Dokumente und Einstellungen\Paddy\Anwendungsdaten\sony\myclubvaio\sections\software\shows\YahooUK.exe
 
< %SYSTEMDRIVE%\*.exe >
[2007.11.07 09:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
[2001.01.10 11:23:58 | 000,162,304 | ---- | M] () -- C:\UNWISE.EXE
 
 
< MD5 for: AGP440.SYS  >
[2004.08.04 13:00:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.09.06 12:11:03 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2004.08.04 13:00:00 | 018,782,319 | R--- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:AGP440.sys
[2008.09.06 12:11:03 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
 
< MD5 for: ATAPI.SYS  >
[2004.08.04 13:00:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.09.06 12:11:03 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2004.08.04 13:00:00 | 018,782,319 | R--- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:atapi.sys
[2008.09.06 12:11:03 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004.08.04 13:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\i386\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\i386\atapi.sys
 
< MD5 for: EVENTLOG.DLL  >
[2008.04.14 03:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 03:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\system32\eventlog.dll
[2004.08.04 13:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=B932C077D5A65B71B4512544AC404CB4 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
 
< MD5 for: NETLOGON.DLL  >
[2008.04.14 03:22:19 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 03:22:19 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\system32\netlogon.dll
[2004.08.04 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D27395EDCD3416AFD125A9370DCB585C -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
 
< MD5 for: SCECLI.DLL  >
[2008.04.14 03:22:23 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 03:22:23 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\system32\scecli.dll
[2004.08.04 13:00:00 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=64DC26B3CF7BCCAD431CE360A4C625D5 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
 
< MD5 for: USERINIT.EXE  >
[2008.04.14 03:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 03:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\userinit.exe
[2004.08.04 13:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D1E53DC57143F2584B1DD53B036C0633 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
 
< MD5 for: WS2IFSL.SYS  >
[2004.08.04 13:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\drivers\ws2ifsl.sys
 
< %systemroot%\system32\drivers\  >
 
< *.sys /lockedfiles >
[2010.06.12 13:05:05 | 2146,816,000 | -HS- | M] () Unable to obtain MD5 -- 
[2010.06.12 13:05:04 | 805,306,368 | -HS- | M] () Unable to obtain MD5 -- 
 
< %systemroot%\System32\config\*.sav >
[2005.03.03 16:19:37 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2005.03.03 16:19:37 | 000,638,976 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2005.03.03 16:19:37 | 000,438,272 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 88 bytes -> C:\WINDOWS\System32\svchost.exe:SummaryInformation
@Alternate Data Stream - 122 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:6152D44C
< End of report >
         
--- --- ---

Alt 12.06.2010, 14:43   #5
Msmg
 
svchost.exe macht 100% Systemauslastung bei Internetverbindung - Beitrag

svchost.exe macht 100% Systemauslastung bei Internetverbindung



... und noch ...

OTL-Extras:

[code]
OTL EXTRAS Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 12.06.2010 13:25:00 - Run 1
OTL by OldTimer - Version 3.2.6.0     Folder = C:\OTL
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 75,00% Memory free
3,00 Gb Paging File | 2,00 Gb Available in Paging File | 86,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 27,95 Gb Total Space | 11,02 Gb Free Space | 39,42% Space Free | Partition Type: NTFS
Drive D: | 39,60 Gb Total Space | 17,98 Gb Free Space | 45,41% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: **
Current User Name: **
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
[HKEY_USERS\S-1-5-21-1126878031-2439804501-3234919006-1006\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Programme\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Programme\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Programme\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Programme\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Programme\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"4662:TCP" = 4662:TCP:*:Enabled:emule 1
"4672:UDP" = 4672:UDP:*:Enabled:emule 2
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Programme\MSN Messenger\msnmsgr.exe" = C:\Programme\MSN Messenger\msnmsgr.exe:*:Enabled:MSN Messenger 7.5 -- File not found
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\Sony\VAIO Media 4.0\Vc.exe" = C:\Programme\Sony\VAIO Media 4.0\Vc.exe:*:Disabled:[VAIO Media] VAIO Media -- File not found
"C:\Programme\Sony\VAIO Media Registration Tool\VmpClient.exe" = C:\Programme\Sony\VAIO Media Registration Tool\VmpClient.exe:*:Disabled:VAIO Media Client registry tool -- File not found
"C:\Programme\eMule\emule.exe" = C:\Programme\eMule\emule.exe:*:Enabled:eMule -- File not found
"C:\Programme\Morpheus\Morpheus.exe" = C:\Programme\Morpheus\Morpheus.exe:*:Enabled:M5Shell -- File not found
"D:\StubInstaller.exe" = D:\StubInstaller.exe:*:Enabled:LimeWire swarmed installer -- File not found
"C:\Programme\LimeWire\LimeWire.exe" = C:\Programme\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- File not found
"C:\Programme\iTunes\iTunes.exe" = C:\Programme\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Computer, Inc.)
"C:\Programme\Soulseek\slsk.exe" = C:\Programme\Soulseek\slsk.exe:*:Enabled:SoulSeek -- ()
"C:\Dokumente und Einstellungen\Paddy\Lokale Einstellungen\Temp\Temporäres Verzeichnis 1 für Director5100.zip\Director5100.exe" = C:\Dokumente und Einstellungen\Paddy\Lokale Einstellungen\Temp\Temporäres Verzeichnis 1 für Director5100.zip\Director5100.exe:*:Enabled:Service Software for ARTIST -- File not found
"C:\Programme\Riedel\Director5100.exe" = C:\Programme\Riedel\Director5100.exe:*:Enabled:Service Software for ARTIST -- File not found
"C:\totalcmd\TOTALCMD.EXE" = C:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows -- File not found
"C:\Programme\Macromedia\Dreamweaver 3\Dreamweaver.exe" = C:\Programme\Macromedia\Dreamweaver 3\Dreamweaver.exe:*:Enabled:Dreamweaver -- (Macromedia, Inc.)
"C:\Programme\Grisoft\AVG Free\avginet.exe" = C:\Programme\Grisoft\AVG Free\avginet.exe:*:Enabled:avginet.exe -- File not found
"C:\Programme\Grisoft\AVG Free\avgamsvr.exe" = C:\Programme\Grisoft\AVG Free\avgamsvr.exe:*:Enabled:avgamsvr.exe -- File not found
"C:\Programme\Grisoft\AVG Free\avgcc.exe" = C:\Programme\Grisoft\AVG Free\avgcc.exe:*:Enabled:avgcc.exe -- File not found
"C:\Programme\Riedel\Director5101.exe" = C:\Programme\Riedel\Director5101.exe:*:Enabled:Service Software for ARTIST -- File not found
"C:\Programme\MSN Messenger\msnmsgr.exe" = C:\Programme\MSN Messenger\msnmsgr.exe:*:Enabled:MSN Messenger 7.5 -- File not found
"C:\Programme\mymoments\Fotobuch.exe" = C:\Programme\mymoments\Fotobuch.exe:*:Enabled:mymoments Fotobuch -- (tweerlei Wruck + Buchmeier GbR)
"C:\Programme\Lawo\mxGUI\tools\xming\Xming.exe" = C:\Programme\Lawo\mxGUI\tools\xming\Xming.exe:*:Enabled:Xming X Server -- ()
"C:\Programme\Mozilla Firefox\firefox.exe" = C:\Programme\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\Programme\Java\jre6\bin\javaw.exe" = C:\Programme\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Programme\AVG\AVG9\avgupd.exe" = C:\Programme\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Programme\AVG\AVG9\avgnsx.exe" = C:\Programme\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{013E1BA8-C815-4E27-BCB9-D6B1B2E24094}" = SonicStage Mastering Studio Audio Filter Custom Preset
"{01AE599F-7B72-4135-8C56-9191F4ACBA88}" = VAIO Edit Components
"{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}" = Sony MP4 Shared Library
"{054547B2-D1EC-48E7-BFAB-9EEA8E8B8B4F}" = mxGUI
"{0AD8AA88-0DE9-4065-A35E-529EB576A507}" = SA25x0 & SA26x0 Device Manager
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{109AB81D-9732-40B3-9C1F-113A86CE6F93}" = Canon MP Navigator 1.0
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18A5DFF2-8A95-49F3-873F-743CB5549F3D}" = Canon ScanGear Starter
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1A91D1FA-B9B3-4556-9878-5C61059A19B2}" = InterVideo WinDVDX
"{1EC4CE9D-EAEE-4DA1-AB8D-9E6B7FED6742}" = Samsung Music Studio
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java(TM) 6 Update 15
"{27337663-2619-11D4-99DC-0000F49094C7}" = Memory Stick Formatter
"{27579b3c-5470-4496-be6c-0c872674f19f}" = Macromedia Flash Player
"{2957CEA5-B558-49EF-AD3A-7B59C13C3AD1}" = Sun xVM VirtualBox
"{29B3C64A-0F93-47CD-9C54-72C0C5578487}" = Samsung PC Studio
"{2CCBABCB-6427-4A55-B091-49864623C43F}" = Google Toolbar for Firefox
"{2F151B50-B434-4838-B51D-70442EBA093E}" = OpenMG Secure Module 4.1.00
"{3248F0A8-6813-11D6-A77B-00B0D0150010}" = J2SE Runtime Environment 5.0 Update 1
"{32E00E5E-22B1-4D5A-9DC2-CD75E087A5E6}" = Steuer-Spar-Erklärung 2009
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{379BD39E-F13E-458F-96D8-56BD7F2CC516}" = M-Audio Series II MIDI
"{3CE780C5-45FC-429C-A0C8-77E961E480B6}" = Jalbum
"{3DED3A72-61A8-4B87-98A5-EF0BC8038AA0}" = DAEMON Tools
"{3ECED7D1-E469-4BC6-8A93-5CB0FFE5EBF5}" = Nokia Connectivity Cable Driver
"{3FF3DD04-F386-46B0-97FC-B86238B65487}" = Canon MP Drivers 6.0
"{43E7798A-248E-4A3D-9969-FEA63543A462}" = Native Instruments Kontakt 4
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{47E09785-B2FB-11D5-B8EE-00B0D0D26B88}" = MD Simple Burner 2.0.05
"{4E894A9A-4391-4D88-A473-43F1393312F2}" = StereoTool
"{5943B7F7-678B-477E-9AEE-6E4C6962322B}" = Sparwelt.de Gutschein Alarm
"{59452470-A902-477F-9338-9B88101681BD}" = Setting Utility Series
"{61D6E4FB-1A62-4EB1-BE56-929B00C155CF}" = Wireless LAN Starter
"{668B1BD6-4593-4959-970E-249AFFE6F35C}" = VOR
"{685BCC47-B8EC-45EC-BBCE-77DF2451502C}" = DVgate Plus
"{693FCE0D-AB7E-47BD-95F9-7DBD94F728F8}" = BitterSweetII
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{7998F67D-655B-42E3-B651-18D96DD17268}" = Adobe Premiere Standard
"{79D5997E-BF79-48BB-8B41-9BE59C15C2D7}" = OmniPage SE 2.0
"{7AC15160-A49B-4A89-B181-D4619C025FFF}" = Samsung Samples Installer
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83CDA18E-0BF3-4ACA-872C-B4CDABF2360E}" = VAIO Update 4
"{851C67EF-068A-4060-9EF5-2E3DDCD68382}" = Adobe Photoshop Elements 3.0
"{872653C6-5DDC-488B-B7C2-CF9E4D9335E5}" = iTunes
"{88DA0A52-3372-4803-971A-ADFB961707E8}" = PictureGear Studio 2.0
"{8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38}" = Microsoft .NET Framework 2.0 Language Pack - DEU
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{8DC42D05-680B-41B0-8878-6C14D24602DB}" = QuickTime
"{9080C5D2-82FA-452A-87FA-CBB4B05D67A5}" = VPS
"{91120407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD for VAIO
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow!
"{98277262-5030-45E8-A2FF-302D446ED70F}" = My Club VAIO
"{9CC89556-3578-48DD-8408-04E66EBEF401}" = mXML
"{9E319E96-ED8E-4B01-9775-C521A1869A25}" = VAIO Power Management
"{A0EB195B-5876-48E6-879D-33D4B2102610}" = SonicStage 3.0
"{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}" = mDriver
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB467B85-4F52-48C2-AEED-0673D00417B0}" = SonicStage Mastering Studio Audio Filter
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.2 - Deutsch
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B7DAD844-34CD-456B-83CC-88065323DD69}" = WordBuilder
"{BE56FEF0-1A0F-4719-B3AD-34B5087AFA6D}" = Sony Video Shared Library
"{BF3B304B-8A18-452D-A19F-6012CA8418D7}" = SonicStage Mastering Studio 1.4
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C4A4722E-79F9-417C-BD72-8D359A090C97}" = Samsung PC Studio
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D8E1DFEE-622B-46BA-AEFF-AB7E541C0B21}" = Steuer-Spar-Erklärung 2010
"{DF6FE172-006A-4324-AF7F-ACFE4BA290FE}" = AAVUpdateManager
"{E1CDCB03-A90F-4A74-BE8C-CD3AF43190CA}" = Canon Camera WIA Driver
"{E5E6E687-1031-BA7E-6000-000000000001}" = Acrobat Elements 6.0 - Deutsch
"{E81667C6-2856-46D6-ABEA-6A2F42166779}" = mCore
"{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}" = Samsung PC Studio 3 USB Driver Installer
"{EC015649-3B3C-4611-9C66-453F8011E944}" = Native Instruments Kontakt 4
"{EE7EB179-5AA2-4B28-AC92-5CBAAF82BA7F}" = SonicStage Mastering Studio Plugins
"{EF3D45BB-2260-4008-88EA-492E7744A9DF}" = Sony Utilities DLL
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F0D85ADD-DD61-4B43-87A0-6DA52A211A8B}" = VAIO Event Service
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F93F4F75-0BEA-40B2-88EA-B9C12718C3FF}" = CMAPSi
"{FC37C108-821D-4EDE-8F40-D5B497586805}" = VAIO Control Center
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
**
"7-Zip" = 7-Zip 4.65
**
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"All ATI Software" = ATI - Dienstprogramm zur Deinstallation der Software
"AlphaTrack Driver_is1" = AlphaTrack Driver 1.1.0
"Antares Kantos v1.0" = Antares Kantos v1.0
"Antares Tube v1.0" = Antares Tube v1.0
"Any Video Converter_is1" = Any Video Converter 3.0.3
"ATI Display Driver" = ATI Display Driver
"AVG9Uninstall" = AVG Free 9.0
"Avidemux 2.5" = Avidemux 2.5
"CAL" = Canon Camera Access Library
"CameraWindowDC" = Canon Utilities CameraWindow DC
"CameraWindowDVC5" = Canon Utilities CameraWindow DC_DV 5 for ZoomBrowser EX
"CameraWindowDVC6" = Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
"CameraWindowLauncher" = Canon Utilities CameraWindow
"Canon G.726 WMP-Decoder" = Canon G.726 WMP-Decoder
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX
"CCleaner" = CCleaner
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_20030003" = HDAUDIO SoftV92 Data Fax Modem with SmartCP
"CSCLIB" = Canon Camera Support Core Library
"DivXCodec" = DivX 4.12 Codec
"DVD Shrink DE_is1" = DVD Shrink 3.2 deutsch (DeCSS-frei)
"Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint
"Easy-WebPrint" = Easy-WebPrint
"EDIROL FA-66 Driver Setup" = EDIROL FA-66 Driver
"Edirol HQ Orchestral v1.01" = Edirol HQ Orchestral v1.01
"EOS Utility" = Canon Utilities EOS Utility
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Evrsoft First Page 2006_is1" = Evrsoft First Page 2006
"Excel-Jahreskalender_is1" = Excel-Jahreskalender 8.1
"FX Designer" = SpinAudio FX Designer 1.0
"GMX Internet Manager" = GMX Internet Manager
"Hcontrol" = ATK0100 ACPI UTILITY
"HDSP" = RME Hammerfall DSP (WDM)
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"IK Multimedia AmpliTube v1.3.1" = IK Multimedia AmpliTube v1.3.1
"InstallShield_{2F151B50-B434-4838-B51D-70442EBA093E}" = OpenMG Secure Module 4.1.00
"InstallShield_{3ECED7D1-E469-4BC6-8A93-5CB0FFE5EBF5}" = Nokia Connectivity Cable Driver
"InstallShield_{668B1BD6-4593-4959-970E-249AFFE6F35C}" = VAIO-Online-Registrierung (Deutsch)
"InstallShield_{872653C6-5DDC-488B-B7C2-CF9E4D9335E5}" = iTunes
"InstallShield_{9080C5D2-82FA-452A-87FA-CBB4B05D67A5}" = VAIO Product Survey
"InstallShield_{E1CDCB03-A90F-4A74-BE8C-CD3AF43190CA}" = Canon IXY 320, PowerShot S230, IXUS v3 WIA-Treiber
"JDownloader" = JDownloader
**
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MediaNavigation.CDLabelPrint" = CD-LabelPrint
"Microsoft .NET Framework 2.0 Language Pack - DEU" = Microsoft .NET Framework 2.0 Language Pack - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MouseSuite98" = Sony USB Mouse
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"MyCamera" = Canon Utilities MyCamera
"MyCameraDC" = Canon Utilities MyCamera DC
**
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Nomad Factory Liquid Bundle VST v1.6" = Nomad Factory Liquid Bundle VST v1.6
"Nvu_is1" = Nvu 1.0
"OpenMG HotFix4.1-05-13-31-01" = OpenMG Limited Patch 4.1-05-13-31-01
"PhotoStitch" = Canon Utilities PhotoStitch
"Prism" = Prism Video Converter
"ProInst" = Intel(R) PROSet/Wireless Software
**
"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
**
"RealPlayer 6.0" = RealPlayer
"RemoteCaptureTask" = Canon Utilities RemoteCapture Task for ZoomBrowser EX
"RoomVerb M2 2.0" = SpinAudio RoomVerb M2 2.0  Demo
"SAMSUNG CDMA Modem" = SAMSUNG CDMA Modem Driver Set
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"Security Task Manager" = Security Task Manager 1.7h
"Soulseek" = SoulSeek Client 156c
**
"SyncroSoft Emu" = SyncroSoft Emu (Remove only)
"Syncrosoft's License Control" = Syncrosofts Lizenz Kontrolle
"TC.Works.Native.Bundle.v3.0.VST.WinAll-cRime" = TC.Works.Native.Bundle.v3.0.VST.WinAll-cRime
**
"ThePlaya" = The Playa
"ToolBox" = NCH Toolbox
"TweakNow PowerPack 2010_is1" = TweakNow PowerPack 2010
"VideoCutter_is1" = Kate's Video Cutter
"VideoPad" = VideoPad Video Editor
"VLC media player" = VLC media player 0.9.8a
"VUPlayer" = VUPlayer
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"Windows XP Service Pack" = Windows XP Service Pack 3
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-1126878031-2439804501-3234919006-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"mymoments" = mymoments
"Pilot Desktop" = Palm Desktop
"PocketMirror 2.0" = PocketMirror 2.0 für Outlook
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 17.10.2009 19:30:57 | Computer Name = TEETEE | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung isbmgr.exe, Version 1.0.0.2180, fehlgeschlagenes
 Modul snyutils.dll, Version 6.1.0.13260, Fehleradresse 0x00008731.
 
Error - 01.11.2009 08:15:20 | Computer Name = TEETEE | Source = crypt32 | ID = 131083
Description = Die Extrahierung der Drittanbieterstammlisten aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
 ist fehlgeschlagen mit dem Fehler: Ein erforderliches Zertifikat befindet sich 
nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel
 in der signierten Datei.  .
 
Error - 01.11.2009 08:15:20 | Computer Name = TEETEE | Source = crypt32 | ID = 131083
Description = Die Extrahierung der Drittanbieterstammlisten aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
 ist fehlgeschlagen mit dem Fehler: Ein erforderliches Zertifikat befindet sich 
nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel
 in der signierten Datei.  .
 
Error - 13.01.2010 06:57:31 | Computer Name = TEETEE | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung isbmgr.exe, Version 1.0.0.2180, fehlgeschlagenes
 Modul snyutils.dll, Version 6.1.0.13260, Fehleradresse 0x00008731.
 
Error - 01.03.2010 06:50:31 | Computer Name = TEETEE | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung nvu.exe, Version 0.0.0.0, fehlgeschlagenes
 Modul gkplugin.dll, Version 0.0.0.0, Fehleradresse 0x000053b2.
 
Error - 09.03.2010 13:28:37 | Computer Name = TEETEE | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung Cubasesx3.exe, Version 3.0.2.623, Stillstandmodul
 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
Error - 14.03.2010 08:41:33 | Computer Name = TEETEE | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung avcutty.exe, Version 3.0.0.1, fehlgeschlagenes
 Modul avcutty.exe, Version 3.0.0.1, Fehleradresse 0x0000a8e0.
 
Error - 14.03.2010 08:41:56 | Computer Name = TEETEE | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung avcutty.exe, Version 3.0.0.1, fehlgeschlagenes
 Modul avcutty.exe, Version 3.0.0.1, Fehleradresse 0x0000a8e0.
 
Error - 14.03.2010 08:42:14 | Computer Name = TEETEE | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung avcutty.exe, Version 3.0.0.1, fehlgeschlagenes
 Modul avcutty.exe, Version 3.0.0.1, Fehleradresse 0x0000a8e0.
 
Error - 14.03.2010 08:42:28 | Computer Name = TEETEE | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung avcutty.exe, Version 3.0.0.1, fehlgeschlagenes
 Modul avcutty.exe, Version 3.0.0.1, Fehleradresse 0x0000a8e0.
 
[ System Events ]
Error - 11.06.2010 07:02:34 | Computer Name = TEETEE | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Nsynas32" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%20
 
Error - 11.06.2010 07:02:34 | Computer Name = TEETEE | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Security Monitor" wurde mit folgendem Fehler beendet: 
  %%126
 
Error - 11.06.2010 07:21:59 | Computer Name = TEETEE | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Nsynas32" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%20
 
Error - 11.06.2010 07:21:59 | Computer Name = TEETEE | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Security Monitor" wurde mit folgendem Fehler beendet: 
  %%126
 
Error - 11.06.2010 08:05:00 | Computer Name = TEETEE | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Nsynas32" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%20
 
Error - 11.06.2010 08:05:00 | Computer Name = TEETEE | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Security Monitor" wurde mit folgendem Fehler beendet: 
  %%126
 
Error - 12.06.2010 06:40:06 | Computer Name = TEETEE | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Nsynas32" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%20
 
Error - 12.06.2010 06:40:06 | Computer Name = TEETEE | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Security Monitor" wurde mit folgendem Fehler beendet: 
  %%126
 
Error - 12.06.2010 08:06:21 | Computer Name = TEETEE | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Nsynas32" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%20
 
Error - 12.06.2010 08:06:21 | Computer Name = TEETEE | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Security Monitor" wurde mit folgendem Fehler beendet: 
  %%126
 
 
< End of report >
         
--- --- ---


Alt 12.06.2010, 15:59   #6
markusg
/// Malware-holic
 
svchost.exe macht 100% Systemauslastung bei Internetverbindung - Standard

svchost.exe macht 100% Systemauslastung bei Internetverbindung



Fixen mit OTL

• Starte bitte die OTL.exe.
Vista-User mit Rechtsklick "als Administrator starten"
• Kopiere nun das Folgende in die Textbox.

:OTL
PRC - C:\WINDOWS\system32\hdspmix.exe ()
O4 - HKLM..\Run: [HDSPTray2] C:\WINDOWS\System32\hdspmix.exe ()
O4 - Startup: C:\Dokumente und Einstellungen\Paddy\Startmenü\Programme\Autostart\siszpe32.exe ()
O33 - MountPoints2\{7077ffb3-fa6e-11dc-a48c-00014a1d2e9b}\Shell\Auto\command - "" = fun.xls.exe
O33 - MountPoints2\{7077ffb3-fa6e-11dc-a48c-00014a1d2e9b}\Shell\AutoRun - "" = AutoPlay
O33 - MountPoints2\{b1b54235-eb8e-11dd-b49f-00014a1d2e9b}\Shell - "" = AutoRun
O33 - MountPoints2\{b1b54235-eb8e-11dd-b49f-00014a1d2e9b}\Shell\1\Command - "" = I:\.\recycled\info.exe -- File not found
O33 - MountPoints2\{b1b54235-eb8e-11dd-b49f-00014a1d2e9b}\Shell\AutoRun - "" = AutoPlay
O33 - MountPoints2\{b9de3bfa-4414-11dc-a39b-00014a1d2e9b}\Shell\AutoRun\command - "" = G:\setupSNK.exe -- File not found
O33 - MountPoints2\{cdb1a956-e18d-11dd-b487-00014a1d2e9b}\Shell - "" = AutoRun
O33 - MountPoints2\{cdb1a956-e18d-11dd-b487-00014a1d2e9b}\Shell\AutoRun - "" = AutoPlay
:Files
C:\WINDOWS\system32\hdspmix.exe
C:\Dokumente und Einstellungen\Paddy\Startmenü\Programme\Autostart\siszpe32.exe
:Commands
[purity]
[EMPTYFLASH]
[emptytemp]
[start explorer]
[Reboot]

• Schliesse bitte nun alle Programme.
• Klicke nun bitte auf den Run Fix Button.
• OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
• Nach dem Neustart findest Du ein Textdokument dieses posten

Alt 14.06.2010, 10:35   #7
Msmg
 
svchost.exe macht 100% Systemauslastung bei Internetverbindung - Icon26

svchost.exe macht 100% Systemauslastung bei Internetverbindung



Hallo Markus,

die Anwendung "hdspmix" bzw. "hdspsettings" würde ich nicht so gerne entfernen. Es sind die Settings bzw. Mixer zu einer Soundkarte. Die Soundkarte ist aus der Hammerfall-Serie von R.M.E. Audio. Die beiden Anwendungen starten auch immer automatisch (sind wohl im Autostart-Ordner).
Falls das Löschen notwendig ist bzw. du den Virus/Trojaner auch hinter diesen Files vermutest, kann ich sie natürlich löschen. Nur war das Neuinstallieren letztes Mal so nervig...

Dann würde ich dich ggf. um einen neuen, veränderten Code für OTL bitten.

Vielen Dank!

MfG, M.

Alt 14.06.2010, 11:21   #8
markusg
/// Malware-holic
 
svchost.exe macht 100% Systemauslastung bei Internetverbindung - Standard

svchost.exe macht 100% Systemauslastung bei Internetverbindung



o gott, sorry.
dann lass einfach die beiden zeilen weg.
PRC - C:\WINDOWS\system32\hdspmix.exe ()
O4 - HKLM..\Run: [HDSPTray2] C:\WINDOWS\System32\hdspmix.exe ()

Alt 22.06.2010, 10:00   #9
Msmg
 
svchost.exe macht 100% Systemauslastung bei Internetverbindung - Standard

svchost.exe macht 100% Systemauslastung bei Internetverbindung



Hallo Markus,

sorry, dass es so lange gedauert hat.
Das Problem ist erstmal behoben. svchost beansprucht keine Rechnerleistung mehr und das wilde, dauerhafte up-/downloaden hat aufgehört.
Ich weiß nun nicht, ob ich schon paranoid bin, oder ob das mehr als früher ist: Jedesmal, wenn ich den PC hochgefahren hab, beginnt ein Upload. Vielleicht für 10 Minuten. Außerdem arbeitet die Festplatte, auch im Leerlaufbetrieb, ca. alle 2 Sekunden für vielleicht ne halbe Sekunde. Der Prozess, der dann mit ca. 2% arbeitet, ist "services.exe".
Was meinst du dazu?

Hier nun der OTL-Bericht:

Code:
ATTFilter
All processes killed
========== OTL ==========
File move failed. C:\Dokumente und Einstellungen\**\Startmenü\Programme\Autostart\siszpe32.exe scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7077ffb3-fa6e-11dc-a48c-00014a1d2e9b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7077ffb3-fa6e-11dc-a48c-00014a1d2e9b}\ not found.
File fun.xls.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7077ffb3-fa6e-11dc-a48c-00014a1d2e9b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7077ffb3-fa6e-11dc-a48c-00014a1d2e9b}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b1b54235-eb8e-11dd-b49f-00014a1d2e9b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b1b54235-eb8e-11dd-b49f-00014a1d2e9b}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b1b54235-eb8e-11dd-b49f-00014a1d2e9b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b1b54235-eb8e-11dd-b49f-00014a1d2e9b}\ not found.
File I:\.\recycled\info.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b1b54235-eb8e-11dd-b49f-00014a1d2e9b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b1b54235-eb8e-11dd-b49f-00014a1d2e9b}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b9de3bfa-4414-11dc-a39b-00014a1d2e9b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b9de3bfa-4414-11dc-a39b-00014a1d2e9b}\ not found.
File G:\setupSNK.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cdb1a956-e18d-11dd-b487-00014a1d2e9b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cdb1a956-e18d-11dd-b487-00014a1d2e9b}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cdb1a956-e18d-11dd-b487-00014a1d2e9b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cdb1a956-e18d-11dd-b487-00014a1d2e9b}\ not found.
========== FILES ==========
File move failed. C:\Dokumente und Einstellungen\**\Startmenü\Programme\Autostart\siszpe32.exe scheduled to be moved on reboot.
========== COMMANDS ==========
 
[EMPTYFLASH]
 
User: All Users
 
User: Default User
->Flash cache emptied: 451 bytes
 
User: LocalService
->Flash cache emptied: 348 bytes
 
User: NetworkService
 
User: **
->Flash cache emptied: 4079 bytes
 
Total Flash Files Cleaned = 0,00 mb
 
 
[EMPTYTEMP]
 
User: All Users
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
->Flash cache emptied: 0 bytes
 
User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 14736057 bytes
->Flash cache emptied: 0 bytes
 
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 627540 bytes
 
User: **
->Temp folder emptied: 328288 bytes
->Temporary Internet Files folder emptied: 35923 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 36558460 bytes
->Flash cache emptied: 0 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 25931998 bytes
RecycleBin emptied: 563627 bytes
 
Total Files Cleaned = 75,00 mb
 
 
OTL by OldTimer - Version 3.2.6.0 log created on 06152010_093018

Files\Folders moved on Reboot...
C:\Dokumente und Einstellungen\**\Startmenü\Programme\Autostart\siszpe32.exe moved successfully.

Registry entries deleted on Reboot...
         

Alt 28.06.2010, 12:06   #10
Msmg
 
svchost.exe macht 100% Systemauslastung bei Internetverbindung - Standard

svchost.exe macht 100% Systemauslastung bei Internetverbindung



Hallo Markus,

könntest Du bitte hierzu nochmal Stellung nehmen?

Vielen Dank!

MfG, M.

Alt 30.06.2010, 09:08   #11
Msmg
 
svchost.exe macht 100% Systemauslastung bei Internetverbindung - Standard

svchost.exe macht 100% Systemauslastung bei Internetverbindung



Noch eine Anmerkung:

Wenn ich von mir aus nichts Up- oder Downloade habe ich an einem Tag ca. 20 MB Upload und 10 MB Download-Traffic (jeden Tag).

Kann das normal sein?

Alt 03.07.2010, 00:07   #12
markusg
/// Malware-holic
 
svchost.exe macht 100% Systemauslastung bei Internetverbindung - Standard

svchost.exe macht 100% Systemauslastung bei Internetverbindung



war nicht zu haus.
bitte erstelle und poste ein combofix log.
Ein Leitfaden und Tutorium zur Nutzung von ComboFix

Alt 07.07.2010, 11:39   #13
Msmg
 
svchost.exe macht 100% Systemauslastung bei Internetverbindung - Icon26

svchost.exe macht 100% Systemauslastung bei Internetverbindung



Hallo Markus,

hier nun der Combofix-log.

1x wurde der Rechner neu gestartet mit dem Hinweis: "Es wurden Rootkit-Aktivitäten entdeckt"

Code:
ATTFilter
Combofix Logfile:
Code:
ATTFilter
ComboFix 10-07-06.03 - ** 07.07.2010  12:16:45.1.1 - x86
Microsoft Windows XP Home Edition  5.1.2600.3.1252.49.1031.18.2047.1542 [GMT 1:00]
ausgeführt von:: c:\dokumente und einstellungen\**\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
 ADS - svchost.exe: deleted 88 bytes in 2 streams. 

((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\install.exe
c:\windows\daemon.dll
c:\windows\system32\lsprst7.dll
c:\windows\system32\ssprs.dll

.
(((((((((((((((((((((((   Dateien erstellt von 2010-06-07 bis 2010-07-07  ))))))))))))))))))))))))))))))
.

2010-06-22 10:32 . 2010-06-30 07:30	57344	----a-w-	c:\dokumente und einstellungen\All Users\Anwendungsdaten\DivX\RunAsUser\RUNASUSERPROCESS.dll
2010-06-22 10:31 . 2010-06-22 10:31	--------	d-----w-	c:\dokumente und einstellungen\Paddy\Anwendungsdaten\DivX
2010-06-22 10:27 . 2010-06-30 07:30	--------	d-----w-	c:\dokumente und einstellungen\All Users\Anwendungsdaten\DivX
2010-06-22 10:17 . 2010-06-22 10:17	503808	----a-w-	c:\dokumente und einstellungen\Paddy\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-65bed7a9-n\msvcp71.dll
2010-06-22 10:17 . 2010-06-22 10:17	499712	----a-w-	c:\dokumente und einstellungen\Paddy\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-65bed7a9-n\jmc.dll
2010-06-22 10:17 . 2010-06-22 10:17	348160	----a-w-	c:\dokumente und einstellungen\Paddy\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-65bed7a9-n\msvcr71.dll
2010-06-22 10:17 . 2010-06-22 10:17	61440	----a-w-	c:\dokumente und einstellungen\Paddy\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-4bc19ec1-n\decora-sse.dll
2010-06-22 10:17 . 2010-06-22 10:17	12800	----a-w-	c:\dokumente und einstellungen\Paddy\Anwendungsdaten\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-4bc19ec1-n\decora-d3d.dll
2010-06-22 10:17 . 2010-04-12 16:29	411368	----a-w-	c:\windows\system32\deployJava1.dll
2010-06-20 22:29 . 2010-06-20 22:29	--------	d-----w-	c:\programme\iPod
2010-06-20 22:29 . 2010-06-20 22:30	--------	d-----w-	c:\programme\iTunes
2010-06-20 22:29 . 2010-06-20 22:30	--------	d-----w-	c:\dokumente und einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2010-06-20 22:27 . 2010-06-20 22:27	--------	d-----w-	c:\programme\Apple Software Update
2010-06-20 22:26 . 2010-06-20 22:26	--------	d-----w-	c:\programme\Bonjour
2010-06-20 22:13 . 2008-04-14 02:22	26624	----a-w-	c:\dokumente und einstellungen\LocalService\Anwendungsdaten\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
2010-06-20 22:06 . 2010-06-20 22:06	--------	d-----w-	c:\programme\Windows Media Connect 2
2010-06-20 22:04 . 2010-06-20 22:05	--------	d-----w-	c:\windows\system32\drivers\UMDF
2010-06-20 19:27 . 2008-04-13 19:46	51200	-c--a-w-	c:\windows\system32\dllcache\msdv.sys
2010-06-20 19:27 . 2008-04-13 19:46	51200	----a-w-	c:\windows\system32\drivers\msdv.sys
2010-06-19 15:11 . 2010-06-17 13:35	1496064	----a-w-	c:\dokumente und einstellungen\Paddy\Anwendungsdaten\Mozilla\Firefox\Profiles\tl1rio09.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
2010-06-19 15:11 . 2010-06-17 13:35	43008	----a-w-	c:\dokumente und einstellungen\Paddy\Anwendungsdaten\Mozilla\Firefox\Profiles\tl1rio09.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbarloader.dll
2010-06-19 15:11 . 2010-06-17 13:35	339456	----a-w-	c:\dokumente und einstellungen\Paddy\Anwendungsdaten\Mozilla\Firefox\Profiles\tl1rio09.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff2.dll
2010-06-19 15:11 . 2010-06-17 13:35	346112	----a-w-	c:\dokumente und einstellungen\Paddy\Anwendungsdaten\Mozilla\Firefox\Profiles\tl1rio09.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff3.dll
2010-06-15 19:01 . 2010-06-15 19:01	72504	----a-w-	c:\dokumente und einstellungen\All Users\Anwendungsdaten\Apple Computer\Installer Cache\iTunes 9.2.0.61\SetupAdmin.exe
2010-06-15 08:58 . 2010-05-06 10:31	743424	-c----w-	c:\windows\system32\dllcache\iedvtool.dll
2010-06-15 08:30 . 2010-06-15 08:30	--------	d-----w-	C:\_OTL
2010-06-12 10:55 . 2010-06-14 09:06	--------	d-----w-	C:\OTL
2010-06-11 12:14 . 2010-06-12 10:55	--------	d-----w-	C:\RSIT
2010-06-11 11:11 . 2010-06-11 11:11	--------	d-----w-	c:\programme\CCleaner
2010-06-11 11:09 . 2010-06-11 11:09	388096	----a-r-	c:\dokumente und einstellungen\Paddy\Anwendungsdaten\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-06-11 11:09 . 2010-06-11 11:09	--------	d-----w-	c:\programme\Trend Micro
2010-06-09 09:53 . 2010-06-09 09:53	--------	d-----w-	c:\dokumente und einstellungen\Paddy\Anwendungsdaten\Malwarebytes
2010-06-09 09:52 . 2010-04-29 11:19	38224	----a-w-	c:\windows\system32\drivers\mbamswissarmy.sys
2010-06-09 09:52 . 2010-06-09 09:52	--------	d-----w-	c:\programme\Malwarebytes' Anti-Malware
2010-06-09 09:52 . 2010-06-09 09:52	--------	d-----w-	c:\dokumente und einstellungen\All Users\Anwendungsdaten\Malwarebytes
2010-06-09 09:52 . 2010-04-29 11:19	20952	----a-w-	c:\windows\system32\drivers\mbam.sys
2010-06-09 08:06 . 2010-06-09 08:06	976832	----a-w-	c:\dokumente und einstellungen\All Users\Anwendungsdaten\Adobe\Reader\9.3\ARM\13329\AdobeARM.exe
2010-06-09 08:06 . 2010-06-09 08:06	70584	----a-w-	c:\dokumente und einstellungen\All Users\Anwendungsdaten\Adobe\Reader\9.3\ARM\13329\AdobeExtractFiles.dll
2010-06-09 08:06 . 2010-06-09 08:06	331176	----a-w-	c:\dokumente und einstellungen\All Users\Anwendungsdaten\Adobe\Reader\9.3\ARM\13329\ReaderUpdater.exe
2010-06-09 08:06 . 2010-06-09 08:06	331176	----a-w-	c:\dokumente und einstellungen\All Users\Anwendungsdaten\Adobe\Reader\9.3\ARM\13329\AcrobatUpdater.exe
2010-06-08 11:07 . 2010-07-07 11:23	772096	----a-w-	c:\windows\system32\drivers\vgqci.sys

.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-06-23 08:31 . 2005-03-03 06:14	91464	----a-w-	c:\windows\system32\perfc007.dat
2010-06-23 08:31 . 2005-03-03 06:14	475180	----a-w-	c:\windows\system32\perfh007.dat
2010-06-22 10:17 . 2005-03-06 13:22	--------	d-----w-	c:\programme\Gemeinsame Dateien\Java
2010-06-22 10:17 . 2005-03-06 13:22	--------	d-----w-	c:\programme\Java
2010-06-22 08:48 . 2005-12-11 21:00	--------	d-----w-	c:\dokumente und einstellungen\Paddy\Anwendungsdaten\Apple Computer
2010-06-20 22:29 . 2008-12-16 18:56	--------	d-----w-	c:\programme\Gemeinsame Dateien\Apple
2010-06-20 22:28 . 2005-12-11 20:59	--------	d-----w-	c:\programme\QuickTime
2010-06-20 22:27 . 2005-12-11 20:58	--------	d-----w-	c:\dokumente und einstellungen\All Users\Anwendungsdaten\Apple Computer
2010-06-19 15:06 . 2010-04-07 16:33	--------	d-----w-	c:\programme\JDownloader
2010-06-09 15:08 . 2010-06-09 14:53	--------	d-----w-	c:\dokumente und einstellungen\All Users\Anwendungsdaten\SecTaskMan
2010-06-09 15:05 . 2005-03-03 06:13	14336	----a-w-	c:\windows\system32\svchost.exe
2010-06-09 14:58 . 2010-06-04 08:44	--------	d-----w-	c:\programme\East West
2010-06-08 11:07 . 2010-06-08 11:07	12	----a-w-	c:\windows\system32\config\systemprofile\Anwendungsdaten\qcopjv.dat
2010-06-06 00:00 . 2010-06-06 00:00	15086	----a-r-	c:\dokumente und einstellungen\Paddy\Anwendungsdaten\Microsoft\Installer\{B7DAD844-34CD-456B-83CC-88065323DD69}\_4ae13d6c.exe
2010-06-06 00:00 . 2010-06-06 00:00	15086	----a-r-	c:\dokumente und einstellungen\Paddy\Anwendungsdaten\Microsoft\Installer\{B7DAD844-34CD-456B-83CC-88065323DD69}\_2cd672ae.exe
2010-06-06 00:00 . 2010-06-06 00:00	15086	----a-r-	c:\dokumente und einstellungen\Paddy\Anwendungsdaten\Microsoft\Installer\{B7DAD844-34CD-456B-83CC-88065323DD69}\_294823.exe
2010-06-06 00:00 . 2010-06-06 00:00	15086	----a-r-	c:\dokumente und einstellungen\Paddy\Anwendungsdaten\Microsoft\Installer\{B7DAD844-34CD-456B-83CC-88065323DD69}\_18be6784.exe
2010-06-06 00:00 . 2010-06-06 00:00	--------	d-----w-	c:\programme\Gemeinsame Dateien\Steinberg
2010-06-03 08:28 . 2009-03-27 09:33	242896	----a-w-	c:\windows\system32\drivers\avgtdix.sys
2010-06-03 08:28 . 2006-11-20 10:08	29584	----a-w-	c:\windows\system32\drivers\avgmfx86.sys
2010-05-23 10:45 . 2010-05-23 10:45	6650	----a-w-	c:\dokumente und einstellungen\All Users\Anwendungsdaten\AAV\SSE\15\UpdateFiles\SSEStandard_Patch_15.11.bat
2010-05-18 15:35 . 2010-05-18 15:35	91424	----a-w-	c:\windows\system32\dnssd.dll
2010-05-18 15:35 . 2010-05-18 15:35	75040	----a-w-	c:\windows\system32\jdns_sd.dll
2010-05-18 15:35 . 2010-05-18 15:35	197920	----a-w-	c:\windows\system32\dnssdX.dll
2010-05-18 15:35 . 2010-05-18 15:35	107808	----a-w-	c:\windows\system32\dns-sd.exe
2010-05-06 10:31 . 2005-03-03 06:13	916480	----a-w-	c:\windows\system32\wininet.dll
2010-05-02 08:05 . 2005-03-03 06:13	1851392	----a-w-	c:\windows\system32\win32k.sys
2010-04-27 18:40 . 2005-03-06 14:04	126448	------w-	c:\windows\system32\pxinsi64.exe
2010-04-27 18:40 . 2005-03-06 14:04	123888	------w-	c:\windows\system32\pxcpyi64.exe
2010-04-27 18:40 . 2005-01-12 00:03	45648	----a-w-	c:\windows\system32\drivers\pxhelp20.sys
2010-04-22 08:32 . 2009-01-04 13:05	12464	----a-w-	c:\windows\system32\avgrsstx.dll
2010-04-22 08:32 . 2009-01-04 13:05	216200	----a-w-	c:\windows\system32\drivers\avgldx86.sys
2010-04-20 05:29 . 2005-03-03 06:13	285696	----a-w-	c:\windows\system32\atmfd.dll
2010-04-12 12:44 . 2010-04-12 12:44	6182	----a-w-	c:\dokumente und einstellungen\All Users\Anwendungsdaten\AAV\SSE\15\UpdateFiles\SSEStandard_Patch_15.09.bat
2010-04-12 12:44 . 2010-04-12 12:44	20776	----a-w-	c:\dokumente und einstellungen\All Users\Anwendungsdaten\AAV\SSE\15\UpdateFiles\ApplyMsp.exe
2010-04-12 12:44 . 2010-04-12 12:44	18728	----a-w-	c:\dokumente und einstellungen\All Users\Anwendungsdaten\AAV\SSE\15\UpdateFiles\RepairVLH2010.exe
.

((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\programme\AVG\AVG9\Toolbar\IEToolbar.dll" [2010-04-19 2117704]

[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2010-04-19 09:25	2117704	----a-w-	c:\programme\AVG\AVG9\Toolbar\IEToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\programme\AVG\AVG9\Toolbar\IEToolbar.dll" [2010-04-19 2117704]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\programme\AVG\AVG9\Toolbar\IEToolbar.dll" [2010-04-19 2117704]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-29 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Hcontrol"="c:\windows\ATK0100\Hcontrol.exe" [2004-07-19 61440]
"Apoint"="c:\programme\Apoint\Apoint.exe" [2003-11-07 114688]
"ATIPTA"="c:\programme\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-02-01 339968]
"AzMixerSel"="c:\programme\Realtek\InstallShield\AzMixerSel.exe" [2005-02-14 53248]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"Mouse Suite 98 Daemon"="ICO.EXE" [2002-03-14 45056]
"SonyPowerCfg"="c:\programme\Sony\VAIO Power Management\SPMgr.exe" [2005-01-14 184320]
"ISBMgr.exe"="c:\programme\Sony\ISB Utility\ISBMgr.exe" [2004-02-20 32768]
"H2O"="c:\programme\SyncroSoft\Pos\H2O\cledx.exe" [2005-05-11 200069]
"StartAlphaTrackApplet"="AlphaTrackApplet.exe" [2006-12-18 413696]
"Adobe Reader Speed Launcher"="d:\programme\Adobe\Reader\Reader_sl.exe" [2010-06-20 35760]
"Adobe ARM"="c:\programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
"AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2010-06-03 2065248]
"QuickTime Task"="c:\programme\QuickTime\QTTask.exe" [2010-03-18 421888]
"iTunesHelper"="c:\programme\iTunes\iTunesHelper.exe" [2010-06-15 141624]
"SunJavaUpdateSched"="c:\programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" [2010-02-18 248040]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2010-04-22 08:32	12464	----a-w-	c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2005-01-18 11:48	73728	----a-w-	c:\windows\system32\VESWinlogon.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"midi1"=ma_cmidn.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programme\\Soulseek\\slsk.exe"=
"c:\\Programme\\Macromedia\\Dreamweaver 3\\Dreamweaver.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programme\\mymoments\\Fotobuch.exe"=
"c:\\Programme\\Lawo\\mxGUI\\tools\\xming\\Xming.exe"=
"c:\\Programme\\Mozilla Firefox\\firefox.exe"=
"c:\\Programme\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Programme\\AVG\\AVG9\\avgupd.exe"=
"c:\\Programme\\AVG\\AVG9\\avgnsx.exe"=
"c:\\Programme\\Bonjour\\mDNSResponder.exe"=
"c:\\Programme\\iTunes\\iTunes.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"4662:TCP"= 4662:TCP:emule 1
"4672:UDP"= 4672:UDP:emule 2

R0 d347bus;d347bus;c:\windows\system32\drivers\d347bus.sys [09.04.2010 10:58 155136]
R0 d347prt;d347prt;c:\windows\system32\drivers\d347prt.sys [09.04.2010 10:58 5248]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [04.01.2009 14:05 216200]
R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [27.03.2009 10:33 242896]
R1 VBoxDrv;VirtualBox Service;c:\windows\system32\drivers\VBoxDrv.sys [01.11.2009 13:19 100944]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\drivers\VBoxUSBMon.sys [01.11.2009 13:19 41424]
R2 AAV UpdateService;AAV UpdateService;c:\programme\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [24.10.2008 16:35 128296]
R2 avg9wd;AVG Free WatchDog;c:\programme\AVG\AVG9\avgwdsvc.exe [22.04.2010 09:30 308064]
R3 AVMDSLPPPOE;AVM DSL PPPoE CAPI Treiber;c:\windows\system32\drivers\avmdsloe.sys [11.06.2003 01:00 45440]
R3 AVMNDSL;AVM DSL NDIS WAN CAPI Treiber;c:\windows\system32\drivers\avmndsl.sys [11.06.2003 01:00 38992]
R3 CLEDX;Team H2O CLEDX service;c:\windows\system32\drivers\cledx.sys [17.12.2008 18:46 33792]
R3 SPI;Sony Programmable I/O Control Device;c:\windows\system32\drivers\SonyPI.sys [03.03.2005 07:14 71961]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\drivers\VBoxNetAdp.sys [01.11.2009 13:19 79888]
R3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\drivers\VBoxNetFlt.sys [29.05.2009 21:12 87760]
S2 AdobeActiveFileMonitor;Adobe Active File Monitor;c:\programme\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe [12.10.2004 04:47 98304]
S2 gupdate;Google Update Service (gupdate);c:\programme\Google\Update\GoogleUpdate.exe [25.02.2010 18:50 135664]
S2 PhotoshopElementsDeviceConnect;Photoshop Elements Device Connect;c:\programme\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe [12.10.2004 03:40 118784]
S2 upsslu;Security Monitor;c:\windows\system32\svchost.exe -k netsvcs [03.03.2005 07:13 14336]
S3 AlphaTrack;AlphaTrack Driver;c:\windows\system32\drivers\AlphaTrack.sys [09.01.2009 21:24 78848]
S3 AlphaTrackWdmService;AlphaTrack Wdm Audio;c:\windows\system32\drivers\AlphaTrackWdm.sys [09.01.2009 21:24 34816]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\programme\AVG\AVG9\Toolbar\ToolbarBroker.exe [22.04.2010 09:31 430152]
S3 FDLUBASE;AVM FRITZ!Card DSL SL USB (WinXP/2000);c:\windows\system32\drivers\fdlubase.sys [11.06.2003 01:00 704128]
S3 GWUSB2E;USB 2.0 10/100Base Ethernet Adapter;c:\windows\system32\drivers\GWUSB2E.sys [02.11.2005 15:51 10496]
S3 hdsp;RME Hammerfall Audio Device;c:\windows\system32\drivers\hdsp.sys [04.03.2009 16:42 66048]
S3 NETFWDSL;AVM FRITZ!web DSL PPP;c:\windows\system32\DRIVERS\NETFWDSL.SYS --> c:\windows\system32\DRIVERS\NETFWDSL.SYS [?]
S3 rrau0002;rrau0002;c:\windows\system32\drivers\rrau0002.sys [01.01.2009 13:08 24576]
S3 rrwd0002;rrwd0002;c:\windows\system32\drivers\rrwd0002.sys [01.01.2009 13:08 97280]
S3 VBoxUSB;VirtualBox USB;c:\windows\system32\drivers\VBoxUSB.sys [01.11.2009 13:19 32016]

--- Andere Dienste/Treiber im Speicher ---

*Deregistered* - vgqci

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
upsslu
.
Inhalt des "geplante Tasks" Ordners

2010-06-20 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programme\Apple Software Update\SoftwareUpdate.exe [2009-10-22 10:50]

2010-07-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programme\Google\Update\GoogleUpdate.exe [2010-02-25 17:49]

2010-07-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programme\Google\Update\GoogleUpdate.exe [2010-02-25 17:49]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = about:blank
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Easy-WebPrint Add To Print List - c:\programme\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
IE: Easy-WebPrint High Speed Print - c:\programme\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
IE: Easy-WebPrint Preview - c:\programme\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
IE: Easy-WebPrint Print - c:\programme\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
IE: Google Sidewiki... - c:\programme\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
IE: Nach Microsoft &Excel exportieren - c:\progra~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
IE: Übertragen mit Image Converter 2 - c:\programme\Sony\Image Converter 2\menu.htm
Trusted Zone: sony-europe.com
Trusted Zone: sonystyle-europe.com
Trusted Zone: vaio-link.com
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - c:\programme\AVG\AVG9\Toolbar\IEToolbar.dll
FF - ProfilePath - c:\dokumente und einstellungen\Paddy\Anwendungsdaten\Mozilla\Firefox\Profiles\tl1rio09.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Wikipedia (de)
FF - prefs.js: browser.startup.homepage - about:blank
FF - component: c:\dokumente und einstellungen\Paddy\Anwendungsdaten\Mozilla\Firefox\Profiles\tl1rio09.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - component: c:\programme\AVG\AVG9\Firefox\components\avgssff.dll
FF - component: c:\programme\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll
FF - component: c:\programme\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll
FF - component: c:\programme\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll
FF - component: c:\programme\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\xpavgtbapi.dll
FF - plugin: c:\programme\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\programme\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: d:\programme\Adobe\Reader\browser\nppdf32.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX Richtlinien ----
c:\programme\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\programme\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\programme\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\programme\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\programme\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); 
c:\programme\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\programme\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\programme\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\programme\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\programme\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type",                  5);
c:\programme\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\programme\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\programme\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\programme\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\programme\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\programme\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\programme\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation",  false);
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\programme\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -

BHO-{B96137B6-8596-4837-811C-7209AD5B27ED} - (no file)
HKCU-Run-ProfiDialer - (no file)
AddRemove-CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_20030003 - c:\programme\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_20030003\HXFSETUP.EXE -U -IHDAUDIO\FUNC_02&VEN_14F1&DEV_2BFA&SUBSYS_20030003
AddRemove-EDIROL FA-66 Driver Setup - c:\programme\EDIROL\FA-66\uninst.exe Software\EDIROL\FA-66\Setup
AddRemove-{7585478E9D9B42108671C12F8714CEFE} - c:\programme\DivX\ConverterUninstall.exe
AddRemove-{7B63B2922B174135AFC0E1377DD81EC2} - c:\programme\DivX\DivXCodecUninstall.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2010-07-07 12:23
Windows 5.1.2600 Service Pack 3 NTFS

Scanne versteckte Prozesse... 

Scanne versteckte Autostarteinträge... 

Scanne versteckte Dateien... 

Scan erfolgreich abgeschlossen
versteckte Dateien: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, hxxp://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe catchme.sys CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x8A5B4008]<< 
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xba10cf28
\Driver\ACPI -> ACPI.sys @ 0xb9f58cb8
\Driver\atapi -> 0x8a5b4008
IoDeviceObjectType -> DeleteProcedure -> ntkrnlpa.exe @ 0x80579014
 ParseProcedure -> ntkrnlpa.exe @ 0x80577c76
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntkrnlpa.exe @ 0x80579014
 ParseProcedure -> ntkrnlpa.exe @ 0x80577c76
NDIS: Realtek RTL8169/8110 Family Gigabit Ethernet NIC -> SendCompleteHandler -> NDIS.sys @ 0xb9d23bb0
 PacketIndicateHandler -> NDIS.sys @ 0xb9d30a21
 SendHandler -> NDIS.sys @ 0xb9d0e87b
Warning: possible MBR rootkit infection !
user & kernel MBR OK 

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\vgqci]

.
--------------------- Gesperrte Registrierungsschluessel ---------------------

[HKEY_USERS\S-1-5-21-1126878031-2439804501-3234919006-1006\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{612194DA-D453-C45D-DC0B-F5218EDEC066}*]
"hanpogbijmefhmbd"=hex:6a,61,65,63,66,63,66,63,67,65,6c,6d,69,63,69,6e,6e,65,
   6d,6a,00,e4
"iahmlemhmpjdjdkohp"=hex:6a,61,65,63,69,63,61,63,6b,6a,6b,61,6a,63,6b,65,6d,6b,
   67,68,00,dc
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------

- - - - - - - > 'winlogon.exe'(1648)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\VESWinlogon.dll
.
Zeit der Fertigstellung: 2010-07-07  12:26:06
ComboFix-quarantined-files.txt  2010-07-07 11:25

Vor Suchlauf: 9.531.568.128 Bytes frei
Nach Suchlauf: 9.621.192.704 Bytes frei

WindowsXP-KB310994-SP2-Home-BootDisk-DEU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

- - End Of File - - EC6946A28697ECA8B50106DAD01D4A79
         
--- --- ---

Alt 07.07.2010, 11:45   #14
markusg
/// Malware-holic
 
svchost.exe macht 100% Systemauslastung bei Internetverbindung - Standard

svchost.exe macht 100% Systemauslastung bei Internetverbindung



nutze bitte den kaspersky tdss killer:
Wie werden Schadprogramme der Familie Rootkit.Win32.TDSS bek&#228;mpft?
poste das ergebniss

Alt 08.07.2010, 18:52   #15
Msmg
 
svchost.exe macht 100% Systemauslastung bei Internetverbindung - Beitrag

svchost.exe macht 100% Systemauslastung bei Internetverbindung



Hallo Markus,

hier das Ergebnis:

Code:
ATTFilter
19:47:10:546 3900	TDSS rootkit removing tool 2.3.2.2 Jun 30 2010 17:23:49
19:47:10:546 3900	================================================================================
19:47:10:546 3900	SystemInfo:

19:47:10:546 3900	OS Version: 5.1.2600 ServicePack: 3.0
19:47:10:546 3900	Product type: Workstation
19:47:10:546 3900	ComputerName: **
19:47:10:546 3900	UserName: **
19:47:10:546 3900	Windows directory: C:\WINDOWS
19:47:10:546 3900	System windows directory: C:\WINDOWS
19:47:10:546 3900	Processor architecture: Intel x86
19:47:10:546 3900	Number of processors: 1
19:47:10:546 3900	Page size: 0x1000
19:47:10:546 3900	Boot type: Normal boot
19:47:10:546 3900	================================================================================
19:47:10:953 3900	Initialize success
19:47:10:953 3900	
19:47:10:953 3900	Scanning	Services ...
19:47:11:468 3900	Raw services enum returned 407 services
19:47:11:484 3900	Suspicious serv vgqci (h: 0, b: 1)
19:47:11:484 3900	
19:47:11:484 3900	Hidden service detected!
19:47:11:484 3900	Service name:	vgqci
19:47:11:484 3900	Image path:	
19:47:11:484 3900	Type "delete" (without quotes) to delete it: 19:47:35:812 3900	
19:47:35:812 3900	By user detect vgqci
19:47:35:812 3900	RegNode HKLM\SYSTEM\ControlSet001\services\vgqci infected by TDSS rootkit ... 19:47:35:812 3900	will be deleted on reboot
19:47:35:812 3900	RegNode HKLM\SYSTEM\ControlSet002\services\vgqci infected by TDSS rootkit ... 19:47:35:812 3900	will be deleted on reboot
19:47:35:812 3900	File C:\WINDOWS\system32\drivers\vgqci.sys infected by TDSS rootkit ... 19:47:35:812 3900	will be deleted on reboot
19:47:35:812 3900	
19:47:35:812 3900	Scanning	Drivers ...
19:47:36:453 3900	61883           (914a9709fc3bf419ad2f85547f2a4832) C:\WINDOWS\system32\DRIVERS\61883.sys
19:47:36:578 3900	ACPI            (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
19:47:36:609 3900	ACPIEC          (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
19:47:36:687 3900	aec             (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
19:47:36:734 3900	AegisP          (15e655baa989444f56787ef558823643) C:\WINDOWS\system32\DRIVERS\AegisP.sys
19:47:36:828 3900	AFD             (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys
19:47:36:937 3900	AlphaTrack      (fcb881a0fa53b115738e0e25aa33a4e4) C:\WINDOWS\system32\Drivers\AlphaTrack.sys
19:47:36:968 3900	AlphaTrackWdmService (578240558b35154d65a3f36b6a868f0e) C:\WINDOWS\system32\Drivers\AlphaTrackWdm.sys
19:47:37:125 3900	ApfiltrService  (d3da11b88ab29076b78ff79f35f0586b) C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
19:47:37:156 3900	Arp1394         (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
19:47:37:218 3900	AsyncMac        (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
19:47:37:296 3900	atapi           (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
19:47:37:453 3900	ati2mtag        (e42f83f1e85cf0b9f9873851543dcd9d) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
19:47:37:640 3900	Atmarpc         (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
19:47:37:703 3900	audstub         (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
19:47:37:734 3900	Avc             (f8e6956a614f15a0860474c5e2a7de6b) C:\WINDOWS\system32\DRIVERS\avc.sys
19:47:37:828 3900	AvgLdx86        (9c0a7e6d3cb9a8a7ad4e4575d9a42e94) C:\WINDOWS\system32\Drivers\avgldx86.sys
19:47:37:921 3900	AvgMfx86        (53b3f979930a786a614d29cafe99f645) C:\WINDOWS\system32\Drivers\avgmfx86.sys
19:47:38:015 3900	AvgTdiX         (6e11bbc8dc5af836adc9c5f682fa3186) C:\WINDOWS\system32\Drivers\avgtdix.sys
19:47:38:078 3900	AVMDSLPPPOE     (4460f56b12b898e75f989f290d14ab9e) C:\WINDOWS\system32\DRIVERS\avmdsloe.sys
19:47:38:109 3900	AVMNDSL         (70ecb88ca41e7f658025d1d442767fe9) C:\WINDOWS\system32\DRIVERS\avmndsl.sys
19:47:38:218 3900	Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
19:47:38:265 3900	BthEnum         (b279426e3c0c344893ed78a613a73bde) C:\WINDOWS\system32\DRIVERS\BthEnum.sys
19:47:38:281 3900	BTHMODEM        (fca6f069597b62d42495191ace3fc6c1) C:\WINDOWS\system32\DRIVERS\bthmodem.sys
19:47:38:312 3900	BthPan          (80602b8746d3738f5886ce3d67ef06b6) C:\WINDOWS\system32\DRIVERS\bthpan.sys
19:47:38:359 3900	BTHPORT         (592e1cedbe314d0ef184dc6f46141e76) C:\WINDOWS\system32\Drivers\BTHport.sys
19:47:38:406 3900	BTHUSB          (61364cd71ef63b0f038b7e9df00f1efa) C:\WINDOWS\system32\Drivers\BTHUSB.sys
19:47:38:562 3900	cbidf2k         (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
19:47:38:578 3900	CCDECODE        (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
19:47:38:656 3900	Cdaudio         (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
19:47:38:765 3900	Cdfs            (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
19:47:38:843 3900	Cdrom           (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
19:47:38:953 3900	CLEDX           (b53f9635457b56dcffef750e18aec6cb) C:\WINDOWS\system32\DRIVERS\cledx.sys
19:47:38:984 3900	CmBatt          (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
19:47:39:015 3900	Compbatt        (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
19:47:39:109 3900	d347bus         (5776322f93cdb91086111f5ffbfda2a0) C:\WINDOWS\system32\DRIVERS\d347bus.sys
19:47:39:156 3900	d347prt         (b49f79ace459763f4e0380071be9cb45) C:\WINDOWS\system32\Drivers\d347prt.sys
19:47:39:218 3900	Disk            (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
19:47:39:296 3900	dmboot          (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
19:47:39:437 3900	DMICall         (526192bf7696f72e29777bf4a180513a) C:\WINDOWS\system32\DRIVERS\DMICall.sys
19:47:39:484 3900	dmio            (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
19:47:39:546 3900	dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
19:47:39:593 3900	DMusic          (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
19:47:39:640 3900	drmkaud         (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
19:47:39:687 3900	Fastfat         (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
19:47:39:734 3900	Fdc             (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
19:47:39:812 3900	FDLUBASE        (aca8ae9a4177c69fcc56af862c10d820) C:\WINDOWS\system32\DRIVERS\fdlubase.sys
19:47:39:921 3900	Fips            (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
19:47:39:984 3900	Flpydisk        (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
19:47:40:062 3900	FltMgr          (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
19:47:40:125 3900	Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:47:40:203 3900	Ftdisk          (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
19:47:40:265 3900	GEARAspiWDM     (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
19:47:40:328 3900	Gpc             (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
19:47:40:359 3900	GWUSB2E         (4d34275806561874fb7bb1ed115c1c59) C:\WINDOWS\system32\DRIVERS\GWUSB2E.sys
19:47:40:468 3900	HDAudBus        (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
19:47:40:562 3900	hdsp            (af5c5bcca2bb52614f16b100d7e8c886) C:\WINDOWS\system32\drivers\hdsp.sys
19:47:40:609 3900	hidusb          (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
19:47:40:671 3900	HSFHWAZL        (3d812d0de9344bc9bd1a1b8575b883db) C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
19:47:40:781 3900	HSF_DP          (0e130bec5a13cf68adaa216ab55a8dff) C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
19:47:40:875 3900	HTTP            (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
19:47:41:031 3900	i8042prt        (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
19:47:41:125 3900	Imapi           (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
19:47:41:281 3900	IntcAzAudAddService (93903ddd430db2fc61cbeeb2be651e9f) C:\WINDOWS\system32\drivers\RtkHDAud.sys
19:47:41:390 3900	IntelIde        (69c4e3c9e67a1f103b94e14fdd5f3213) C:\WINDOWS\system32\DRIVERS\intelide.sys
19:47:41:468 3900	intelppm        (4c7d2750158ed6e7ad642d97bffae351) C:\WINDOWS\system32\DRIVERS\intelppm.sys
19:47:41:562 3900	Ip6Fw           (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
19:47:41:640 3900	IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:47:41:656 3900	IpInIp          (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
19:47:41:687 3900	IpNat           (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
19:47:41:734 3900	IPSec           (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
19:47:41:765 3900	IRENUM          (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
19:47:41:812 3900	isapnp          (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
19:47:41:875 3900	Kbdclass        (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
19:47:41:968 3900	kbdhid          (b6d6c117d771c98130497265f26d1882) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
19:47:42:015 3900	klmd23          (316353165feba3d0538eaa9c2f60c5b7) C:\WINDOWS\system32\drivers\klmd.sys
19:47:42:093 3900	kmixer          (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
19:47:42:140 3900	KSecDD          (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
19:47:42:203 3900	MA_CMIDI        (6d03a526eeded908759ca8c0e581494d) C:\WINDOWS\system32\drivers\ma_cmidi.sys
19:47:42:265 3900	mdmxsdk         (3c318b9cd391371bed62126581ee9961) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
19:47:42:312 3900	mnmdd           (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
19:47:42:390 3900	Modem           (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
19:47:42:484 3900	Mouclass        (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
19:47:42:562 3900	mouhid          (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys
19:47:42:578 3900	MountMgr        (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
19:47:42:609 3900	MRxDAV          (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
19:47:42:718 3900	MRxSmb          (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:47:42:828 3900	MSDV            (1477849772712bac69c144dcf2c9ce81) C:\WINDOWS\system32\DRIVERS\msdv.sys
19:47:42:921 3900	Msfs            (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
19:47:42:937 3900	MSKSSRV         (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
19:47:42:968 3900	MSPCLOCK        (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
19:47:42:984 3900	MSPQM           (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
19:47:43:015 3900	mssmbios        (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
19:47:43:031 3900	MSTEE           (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
19:47:43:078 3900	MTsensor        (f4271a6c98692794010068602fa1d5e6) C:\WINDOWS\system32\DRIVERS\ATKACPI.sys
19:47:43:109 3900	Mup             (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
19:47:43:140 3900	NABTSFEC        (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
19:47:43:171 3900	NDIS            (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
19:47:43:203 3900	NdisIP          (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
19:47:43:218 3900	NdisTapi        (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:47:43:250 3900	Ndisuio         (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
19:47:43:328 3900	NdisWan         (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:47:43:343 3900	NDProxy         (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys
19:47:43:421 3900	NetBIOS         (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
19:47:43:500 3900	NetBT           (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
19:47:43:562 3900	NIC1394         (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
19:47:43:578 3900	Npfs            (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
19:47:43:640 3900	Nsynas32        (4b4a21e158c039ee0888741bfe1d24e0) C:\WINDOWS\system32\drivers\Nsynas32.sys
19:47:43:703 3900	Ntfs            (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
19:47:43:750 3900	Null            (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
19:47:43:796 3900	NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
19:47:43:859 3900	NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
19:47:43:937 3900	ohci1394        (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
19:47:43:984 3900	Parport         (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\drivers\Parport.sys
19:47:44:031 3900	PartMgr         (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
19:47:44:078 3900	ParVdm          (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
19:47:44:156 3900	PCI             (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys
19:47:44:203 3900	PCIIde          (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys
19:47:44:265 3900	Pcmcia          (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
19:47:44:406 3900	pelmouse        (59b3101f20056104c011e0c68aebb840) C:\WINDOWS\system32\DRIVERS\pelmouse.sys
19:47:44:453 3900	pelusblf        (f1ce775af376faf3ffefb4ff8cbdfbf3) C:\WINDOWS\system32\DRIVERS\pelusblf.sys
19:47:44:500 3900	PptpMiniport    (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
19:47:44:515 3900	PSched          (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
19:47:44:531 3900	Ptilink         (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
19:47:44:625 3900	PxHelp20        (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
19:47:44:750 3900	RasAcd          (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:47:44:812 3900	Rasl2tp         (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
19:47:44:828 3900	RasPppoe        (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:47:44:875 3900	Raspti          (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
19:47:44:953 3900	Rdbss           (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:47:45:031 3900	RDPCDD          (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
19:47:45:078 3900	RDPWD           (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
19:47:45:125 3900	redbook         (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys
19:47:45:187 3900	RFCOMM          (851c30df2807fcfa21e4c681a7d6440e) C:\WINDOWS\system32\DRIVERS\rfcomm.sys
19:47:45:234 3900	rrau0002        (ff960d10239eadbc9524f40c5bc81d3d) C:\WINDOWS\system32\Drivers\rrau0002.sys
19:47:45:296 3900	rrwd0002        (35e9aff01bb451d4101da15c74418aaf) C:\WINDOWS\system32\Drivers\rrwd0002.sys
19:47:45:406 3900	RTL8023xp       (4a0ae7891fcf74acc848b109294cb80f) C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys
19:47:45:437 3900	s24trans        (2862adb14481ac28f98105ff33a99eb0) C:\WINDOWS\system32\DRIVERS\s24trans.sys
19:47:45:515 3900	sbp2port        (b244960e5a1db8e9d5d17086de37c1e4) C:\WINDOWS\system32\DRIVERS\sbp2port.sys
19:47:45:578 3900	Secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
19:47:45:750 3900	Ser2pl          (95eeb5a6843238c829aaa9c05168c09c) C:\WINDOWS\system32\DRIVERS\ser2pl.sys
19:47:45:781 3900	Serenum         (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
19:47:45:796 3900	Serial          (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\drivers\Serial.sys
19:47:45:828 3900	Sfloppy         (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
19:47:45:859 3900	SLIP            (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
19:47:45:968 3900	SNC             (be6038e0a7d2e2fe69107e41a0265831) C:\WINDOWS\system32\Drivers\SonyNC.sys
19:47:46:015 3900	SONYTVC         (2100a5cc7dd75a5a0dba3cb9eb4f16bb) C:\WINDOWS\system32\DRIVERS\SONYTVC.sys
19:47:46:046 3900	SPI             (ad9436c46c10222b8f03405628a8cd86) C:\WINDOWS\system32\DRIVERS\SonyPI.sys
19:47:46:078 3900	splitter        (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
19:47:46:187 3900	sr              (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
19:47:46:265 3900	Srv             (89220b427890aa1dffd1a02648ae51c3) C:\WINDOWS\system32\DRIVERS\srv.sys
19:47:46:359 3900	ss_bus          (bd15182e9d2d3fabc1d1313badbd2415) C:\WINDOWS\system32\DRIVERS\ss_bus.sys
19:47:46:437 3900	ss_mdfl         (67d1144f249a3c5e03ebd7a2304dee11) C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys
19:47:46:500 3900	ss_mdm          (954b7ce2d54c703d6a8471d6b05a5e13) C:\WINDOWS\system32\DRIVERS\ss_mdm.sys
19:47:46:546 3900	StarOpen        (306521935042fc0a6988d528643619b3) C:\WINDOWS\system32\drivers\StarOpen.sys
19:47:46:625 3900	streamip        (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
19:47:46:687 3900	swenum          (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
19:47:46:718 3900	swmidi          (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
19:47:46:781 3900	sysaudio        (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
19:47:46:937 3900	Tcpip           (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
19:47:47:015 3900	TDPIPE          (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
19:47:47:046 3900	TDTCP           (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
19:47:47:093 3900	TermDD          (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
19:47:47:140 3900	tifmsony        (fb481e8cd426d0e5f96a838a47390c94) C:\WINDOWS\system32\drivers\tifmsony.sys
19:47:47:203 3900	Udfs            (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
19:47:47:265 3900	Update          (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
19:47:47:359 3900	usbaudio        (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
19:47:47:390 3900	usbccgp         (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
19:47:47:406 3900	usbehci         (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
19:47:47:484 3900	usbhub          (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
19:47:47:625 3900	usbprint        (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
19:47:47:640 3900	usbscan         (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
19:47:47:671 3900	USBSTOR         (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
19:47:47:687 3900	usbuhci         (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
19:47:47:812 3900	VBoxDrv         (99807cc3cccad05f413df3cd174d720e) C:\WINDOWS\system32\DRIVERS\VBoxDrv.sys
19:47:47:921 3900	VBoxNetAdp      (d381cdadba1f3f6c02c9c07fa18ff1ea) C:\WINDOWS\system32\DRIVERS\VBoxNetAdp.sys
19:47:48:000 3900	VBoxNetFlt      (590f33335ba929fed851280f9ee22c3b) C:\WINDOWS\system32\DRIVERS\VBoxNetFlt.sys
19:47:48:046 3900	VBoxUSB         (3e8284752b2e184b4596b0ef770cf783) C:\WINDOWS\system32\Drivers\VBoxUSB.sys
19:47:48:078 3900	VBoxUSBMon      (c5e7a731496d7d63070301c1af7e4e99) C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys
19:47:48:125 3900	VgaSave         (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
19:47:48:265 3900	vgqci           (19c8fb7ae0c7f10453aafda8debae559) C:\WINDOWS\system32\drivers\vgqci.sys
19:47:48:265 3900	Suspicious file (NoAccess): C:\WINDOWS\system32\drivers\vgqci.sys. md5: 19c8fb7ae0c7f10453aafda8debae559
19:47:48:328 3900	VolSnap         (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
19:47:48:453 3900	w29n51          (68eb5bc07781a36a63633541c11e1ad6) C:\WINDOWS\system32\DRIVERS\w29n51.sys
19:47:48:562 3900	Wanarp          (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:47:48:609 3900	wdmaud          (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
19:47:48:687 3900	winachsf        (c08fad1207bb219bdf9eec30afc1809e) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
19:47:48:750 3900	WSTCODEC        (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
19:47:48:796 3900	WudfPf          (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
19:47:48:843 3900	WudfRd          (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
19:47:48:859 3900	Reboot required for cure complete..
19:47:49:312 3900	Cure on reboot scheduled successfully
19:47:49:312 3900	
19:47:49:312 3900	Completed
19:47:49:312 3900	
19:47:49:312 3900	Results:
19:47:49:312 3900	Registry objects infected / cured / cured on reboot:	2 / 0 / 2
19:47:49:312 3900	File objects infected / cured / cured on reboot:	1 / 0 / 1
19:47:49:312 3900	
19:47:49:312 3900	KLMD(ARK) unloaded successfully
         

Antwort

Themen zu svchost.exe macht 100% Systemauslastung bei Internetverbindung
100%, 100% auslastung, 7-zip, avg, computer, converter, cubase, einstellungen, erste mal, flash player, format, install.exe, langsam, lizenz, logfile, msiexec.exe, photoshop, problem, programm, programme, rundll, server, software, stick, studio, svchost.exe, trojaner, trojaner entfernt, updates, usb, video converter, warnung, windows, windows updates



Ähnliche Themen: svchost.exe macht 100% Systemauslastung bei Internetverbindung


  1. SVCHOST macht Rechner langsam, belegt bei Internetverbindung für Minuten 100% Arbeitsspeicher
    Log-Analyse und Auswertung - 31.03.2015 (9)
  2. Systemauslastung: svchost.exe 100 % CPU-Auslastung
    Log-Analyse und Auswertung - 14.12.2013 (9)
  3. Systemauslastung: svchost.exe 100 % CPU-Auslastung
    Plagegeister aller Art und deren Bekämpfung - 22.05.2013 (14)
  4. Svchost.exe macht laut Kaspersky Probleme?
    Log-Analyse und Auswertung - 05.01.2013 (5)
  5. Svchost.exe macht probleme
    Plagegeister aller Art und deren Bekämpfung - 25.09.2012 (23)
  6. 100 %ige CPU Auslastung bei Internetverbindung, svchost.exe der Virus?
    Log-Analyse und Auswertung - 01.03.2011 (45)
  7. svchost.exe macht 100% Systemauslastung
    Plagegeister aller Art und deren Bekämpfung - 07.07.2010 (1)
  8. Bei Internetverbindung lastet svchost.exe den CPU 100 % aus
    Plagegeister aller Art und deren Bekämpfung - 18.06.2010 (29)
  9. svchost.exe lastet System bei Internetverbindung aus!
    Plagegeister aller Art und deren Bekämpfung - 10.06.2010 (24)
  10. Computer macht zicken - svchost.exe infiziert?
    Log-Analyse und Auswertung - 17.01.2010 (0)
  11. Systemauslastung durch svchost.exe
    Alles rund um Windows - 06.06.2009 (2)
  12. svchost.exe macht Ärger + Trojaner
    Plagegeister aller Art und deren Bekämpfung - 29.05.2007 (3)
  13. svchost.exe macht probleme.
    Plagegeister aller Art und deren Bekämpfung - 21.11.2006 (1)
  14. SVCHost.exe / Internetverbindung hängt sich auf
    Plagegeister aller Art und deren Bekämpfung - 16.08.2006 (4)
  15. svchost.exe macht probleme
    Log-Analyse und Auswertung - 28.03.2006 (1)
  16. svchost.exe macht Probleme
    Plagegeister aller Art und deren Bekämpfung - 04.09.2005 (1)
  17. svchost macht probleme
    Plagegeister aller Art und deren Bekämpfung - 15.08.2005 (1)

Zum Thema svchost.exe macht 100% Systemauslastung bei Internetverbindung - Hallo zusammen! svchost.exe macht bei mir 100% Systemauslastung, sobald ich online gehe. Habe Windows Updates bereits abgestellt, daran liegt es nicht. Wenn ich den PC ohne eingestecktes Netzwerkkabel hochfahre läuft - svchost.exe macht 100% Systemauslastung bei Internetverbindung...
Archiv
Du betrachtest: svchost.exe macht 100% Systemauslastung bei Internetverbindung auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.