Fake Alert und Falschverlinkung von Google

chaosqueen82 · 22.06.2010, 12:49

Hallo,

habe seit gestern Probleme mit meinem PC.

BitDefender und Malwarebytes brachten einen Fake.Alert Trojaner zu Tage (während Antivir auf beiden Augen blind ist.) Danach wollte ich googlen, wie ich den wieder loswerde und merkte dabei, dass ich in über 50% der Fälle nicht auf den Seiten landete, die ich eigentlich aufsuchen wollte. Hoffe ihr könnt mir helfen, mein System wieder sauber zu kriegen.

Code:

ATTFilter

System drive C: has 136 GB (68%) free of 199 GB
Total RAM: 2047 MB (76% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:54:44, on 22.06.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Avira\AntiVir Desktop\sched.exe
C:\Programme\Google\Update\GoogleUpdate.exe
C:\Programme\Avira\AntiVir Desktop\avguard.exe
C:\Programme\Tobit ClipInc\Server\ClipInc-Server.exe
C:\Programme\Java\jre6\bin\jqs.exe
C:\WINDOWS\runservice.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Programme\Analog Devices\Core\smax4pnp.exe
C:\Programme\Analog Devices\SoundMAX\Smax4.exe
C:\Programme\Lexmark 3300 Series\lxccmon.exe
C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe
C:\Programme\Avira\AntiVir Desktop\avgnt.exe
C:\Programme\Java\jre6\bin\jusched.exe
C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\lxcccoms.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Logitech\SetPoint\KEM.exe
C:\Programme\Logitech\SetPoint\KHALMNPR.EXE
C:\Dokumente und Einstellungen\Chaosqueen\Desktop\RSIT.exe
C:\Programme\trend micro\Chaosqueen.exe
C:\WINDOWS\system32\wuauclt.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,First Home Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Programme\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Programme\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [lxccmon.exe] "C:\Programme\Lexmark 3300 Series\lxccmon.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [LXCCCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCCtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [avgnt] "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe"  -osboot
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Programme\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [EBUNWVLUMV] C:\DOKUME~1\CHAOSQ~1\LOKALE~1\Temp\Vjr.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programme\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Programme\Logitech\SetPoint\KEM.exe
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file://C:\Programme\Mysteryville 2\Images\stg_drm.ocx
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1246474515671
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file://C:\Programme\Mystery P.I. - The New York Fortune\Images\armhelper.ocx
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ClipInc 001 (ClipInc001) - Unknown owner - C:\Programme\Tobit ClipInc\Server\ClipInc-Server.exe
O23 - Service: AVM FRITZ!web Routing Service (de_serv) - Unknown owner - C:\Programme\Gemeinsame Dateien\AVM\de_serv.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Programme\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Programme\Ahead\InCD\InCDsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe
O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - C:\WINDOWS\runservice.exe
O23 - Service: lxcc_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxcccoms.exe
O23 - Service: TuneUp Drive Defrag-Dienst (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 7018 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\1-Klick-Wartung.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1960408961-1645522239-839522115-1003.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1960408961-1645522239-839522115-1003.job
C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
C:\WINDOWS\tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2009-12-18 61888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2010-03-31 341600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Programme\Java\jre6\bin\jp2ssv.dll [2009-05-21 41368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-05-21 73728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"=C:\Programme\Analog Devices\Core\smax4pnp.exe [2006-05-01 843776]
"SoundMAX"=C:\Programme\Analog Devices\SoundMAX\Smax4.exe [2006-04-10 729088]
"JMB36X Configure"=C:\WINDOWS\system32\JMRaidTool.exe [2006-06-02 385024]
"Logitech Hardware Abstraction Layer"=C:\WINDOWS\KHALMNPR.EXE [2004-04-26 29696]
"lxccmon.exe"=C:\Programme\Lexmark 3300 Series\lxccmon.exe [2005-02-21 192512]
"ZoneAlarm Client"=C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe [2008-07-09 919016]
"LXCCCATS"=rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCCtime.dll,_RunDLLEntry@16 []
"avgnt"=C:\Programme\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"SunJavaUpdateSched"=C:\Programme\Java\jre6\bin\jusched.exe [2009-05-21 148888]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"TkBellExe"=C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe [2010-03-31 202256]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360]
"LDM"=C:\Programme\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe []
"EBUNWVLUMV"=C:\DOKUME~1\CHAOSQ~1\LOKALE~1\Temp\Vjr.exe [2010-06-22 172032]

C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart
Logitech Desktop Messenger.lnk - C:\Programme\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
Logitech SetPoint.lnk - C:\Programme\Logitech\SetPoint\KEM.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2009-02-25 155648]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=1
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Programme\Microsoft Games\Age of Mythology\aomx.exe"="C:\Programme\Microsoft Games\Age of Mythology\aomx.exe:*:Enabled:Age of Mythology - The Titans Expansion"
"C:\Programme\Tobit ClipInc\Server\ClipInc-Server.exe"="C:\Programme\Tobit ClipInc\Server\ClipInc-Server.exe:*:Enabled:ClipInc Server"
"C:\Programme\Tobit ClipInc\Player\ClipInc-Player.exe"="C:\Programme\Tobit ClipInc\Player\ClipInc-Player.exe:*:Enabled:ClipInc Player"
"C:\Programme\Tobit ClipInc\Player\RadioRecorder.exe"="C:\Programme\Tobit ClipInc\Player\RadioRecorder.exe:*:Enabled:WDR RadioRecorder"
"H:\Programme\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe"="H:\Programme\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe:*:Enabled:S.T.A.L.K.E.R. - Shadow of Chernobyl (CLI)"
"H:\Programme\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe"="H:\Programme\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe:*:Enabled:S.T.A.L.K.E.R. - Shadow of Chernobyl (SRV)"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2010-06-22 10:36:54 ----D---- C:\Programme\trend micro
2010-06-22 00:20:58 ----A---- C:\WINDOWS\Vbocoa.exe
2010-06-22 00:20:48 ----A---- C:\WINDOWS\system32\sshnas21.dll
2010-06-21 23:47:57 ----D---- C:\Programme\SilverStyle
2010-06-15 21:20:55 ----A---- C:\WINDOWS\game.INI
2010-05-31 13:55:40 ----D---- C:\Programme\Croteam
2010-05-30 09:55:01 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\JollyBear
2010-05-24 18:21:24 ----D---- C:\Dokumente und Einstellungen\Chaosqueen\Anwendungsdaten\Zylom
2010-05-24 18:18:26 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Zylom

======List of files/folders modified in the last 1 months======

2010-06-22 11:54:30 ----D---- C:\WINDOWS\Temp
2010-06-22 11:52:48 ----D---- C:\WINDOWS\system32\CatRoot2
2010-06-22 11:51:33 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-06-22 11:51:18 ----D---- C:\WINDOWS\Prefetch
2010-06-22 11:48:43 ----D---- C:\WINDOWS\Internet Logs
2010-06-22 10:36:54 ----D---- C:\Programme
2010-06-22 09:45:44 ----D---- C:\Dokumente und Einstellungen\Chaosqueen\Anwendungsdaten\QuickScan
2010-06-22 08:28:32 ----D---- C:\Programme\Mozilla Firefox
2010-06-22 01:44:08 ----SHD---- C:\WINDOWS\Installer
2010-06-22 01:41:40 ----SD---- C:\WINDOWS\Tasks
2010-06-22 01:22:37 ----A---- C:\WINDOWS\NeroDigital.ini
2010-06-22 00:20:58 ----D---- C:\WINDOWS
2010-06-22 00:20:48 ----D---- C:\WINDOWS\system32
2010-06-21 10:55:11 ----D---- C:\Spiele
2010-06-19 09:04:13 ----D---- C:\Programme\Lx_cats
2010-06-19 09:04:08 ----D---- C:\WINDOWS\Minidump
2010-06-19 09:03:51 ----SHD---- C:\System Volume Information
2010-06-19 09:03:51 ----D---- C:\WINDOWS\system32\Restore
2010-06-18 22:59:28 ----RSH---- C:\boot.ini
2010-06-18 22:59:28 ----A---- C:\WINDOWS\win.ini
2010-06-18 22:59:28 ----A---- C:\WINDOWS\system.ini
2010-06-02 16:33:06 ----HD---- C:\Programme\InstallShield Installation Information
2010-05-30 09:54:58 ----D---- C:\Dokumente und Einstellungen\Chaosqueen\Anwendungsdaten\Identities

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Programme\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 InCDPass;InCDPass; C:\WINDOWS\System32\DRIVERS\InCDPass.sys [2004-11-26 28928]
R1 incdrm;InCD Reader; C:\WINDOWS\system32\drivers\incdrm.sys [2004-11-26 27648]
R1 intelppm;Intel-Prozessortreiber; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2004-08-04 40192]
R1 kbdhid;Tastatur-HID-Treiber; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2004-08-04 14848]
R1 KLIF;KLIF; C:\WINDOWS\system32\DRIVERS\klif.sys [2007-07-19 127768]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-08-09 53920]
R1 SSHDRV86;SSHDRV86; \??\C:\WINDOWS\system32\drivers\SSHDRV86.sys []
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2008-07-09 394952]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2009-07-05 278984]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-12-07 56816]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2009-07-05 25416]
R2 XPROTECTOR;XPROTECTOR; \??\C:\WINDOWS\system32\drivers\XPROTECTOR.SYS []
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2006-05-02 229376]
R3 AEAudio;AE Audio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2006-04-27 93824]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-02-26 3565568]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2004-10-27 138240]
R3 hidusb;Microsoft HID Class-Treiber; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2001-08-18 9600]
R3 LHidKe;Logitech SetPoint HID Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidKE.Sys [2004-04-26 24605]
R3 LHidUsbK;Logitech SetPoint USB Receiver device driver; C:\WINDOWS\System32\Drivers\LHidUsbK.Sys [2004-04-26 38081]
R3 LMouKE;Logitech SetPoint Mouse Filter Driver; C:\WINDOWS\System32\Drivers\LMouKE.sys [2004-04-26 71405]
R3 mouhid;Maus-HID-Treiber; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-18 12288]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2006-07-27 83712]
R3 SenFiltService;SenFilt Service; C:\WINDOWS\system32\drivers\Senfilt.sys [2006-03-17 392960]
R3 usbccgp;Microsoft Standard-USB-Haupttreiber; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 usbehci;Miniporttreiber für erweiterten Microsoft USB 2.0-Hostcontroller; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2006-06-13 30080]
R3 usbhub;Microsoft USB-Standardhubtreiber; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2006-10-10 59264]
R3 usbprint;Microsoft USB-Druckerklasse; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
R3 usbscan;USB-Scannertreiber; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
R3 usbstor;USB-Massenspeichertreiber; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
R3 usbuhci;Miniporttreiber für universellen Microsoft USB-Hostcontroller; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2006-06-13 20608]
R4 InCDfs;InCD File System; C:\WINDOWS\system32\drivers\InCDfs.sys [2004-11-26 98176]
S1 ATITool;ATITool Overclocking Utility; C:\WINDOWS\system32\DRIVERS\ATITool.sys [2007-08-08 28968]
S3 AIDA32Driver;AIDA32Driver; \??\C:\Dokumente und Einstellungen\Chaosqueen\Desktop\aida32ee_393\aida32.sys []
S3 cpuz130;cpuz130; \??\C:\DOKUME~1\CHAOSQ~1\LOKALE~1\Temp\cpuz130\cpuz_x32.sys []
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys []
S3 EverestDriver;Lavalys EVEREST Kernel Driver; \??\C:\Programme\Lavalys\EVEREST Home Edition\kerneld.wnt []
S3 GcKernel;Microsoft SideWinder Value Add - Filtertreiber; C:\WINDOWS\system32\DRIVERS\GcKernel.sys [2004-08-04 59136]
S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS []
S3 HIDSwvd;Microsoft SideWinder-Minitreiber für virtuelles HID-Gerät; C:\WINDOWS\system32\DRIVERS\HIDSwvd.sys [2001-08-17 2688]
S3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\System32\Drivers\L8042Kbd.sys []
S3 L8042mou;Logitech SetPoint PS/2 Mouse Filter Driver; C:\WINDOWS\System32\Drivers\L8042mou.sys [2004-04-26 54657]
S3 nenum13E;nenum13E; \??\C:\DOKUME~1\CHAOSQ~1\LOKALE~1\Temp\nenum13E.sys []
S3 w810bus;Sony Ericsson W810 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\w810bus.sys [2007-11-14 58288]
S3 w810mdfl;Sony Ericsson W810 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\w810mdfl.sys [2007-11-14 8336]
S3 w810mdm;Sony Ericsson W810 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\w810mdm.sys [2007-11-14 94064]
S3 w810mgmt;Sony Ericsson W810 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\w810mgmt.sys [2007-11-14 85408]
S3 w810obex;Sony Ericsson W810 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\w810obex.sys [2007-11-14 83344]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirSchedulerService;Avira AntiVir Planer; C:\Programme\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Programme\Avira\AntiVir Desktop\avguard.exe [2009-08-05 185089]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-02-25 602112]
R2 ClipInc001;ClipInc 001; C:\Programme\Tobit ClipInc\Server\ClipInc-Server.exe [2008-11-28 2195720]
R2 InCDsrv;InCD Helper; C:\Programme\Ahead\InCD\InCDsrv.exe [2004-11-26 812032]
R2 JavaQuickStarterService;Java Quick Starter; C:\Programme\Java\jre6\bin\jqs.exe [2009-05-21 152984]
R2 LicCtrlService;LicCtrl Service; C:\WINDOWS\runservice.exe [2007-06-27 2560]
R2 MDM;Machine Debug Manager; C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe [2001-02-23 270336]
R2 SSHNAS;SSHNAS; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service; C:\WINDOWS\System32\TUProgSt.exe [2009-06-27 603904]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R2 UxTuneUp;TuneUp Designerweiterung; C:\WINDOWS\System32\svchost.exe [2004-08-04 14336]
R2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2008-07-09 75304]
R3 lxcc_device;lxcc_device; C:\WINDOWS\system32\lxcccoms.exe [2005-02-25 466944]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2009-02-25 593920]
S2 gupdate;Google Update Service (gupdate); C:\Programme\Google\Update\GoogleUpdate.exe [2010-04-30 136176]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 de_serv;AVM FRITZ!web Routing Service; C:\Programme\Gemeinsame Dateien\AVM\de_serv.exe []
S3 IDriverT;InstallDriver Table Manager; C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 TuneUp.Defrag;TuneUp Drive Defrag-Dienst; C:\WINDOWS\System32\TuneUpDefragService.exe [2009-06-27 360192]

-----------------EOF-----------------

Fake Alert und Falschverlinkung von Google

Log-Analyse und Auswertung: Fake Alert und Falschverlinkung von Google

Fake Alert und Falschverlinkung von Google

Ähnliche Themen: Fake Alert und Falschverlinkung von Google