Bitte um Fileauswertung McAfee Rootkite Detective

Pjong

Hi,
habe mit McAfee Rootkite Detective System gescannt und Hidden-Einträge gefunden.

Kann mir einer sagen, ob sich dahinter was "böses" versteckt?

Hier der Bericht:


McAfee(R) Rootkit Detective 1.1 scan report
On 09-03-2011 at 21:47:31
OS-Version 5.1.2600
Service Pack 3.0
====================================

Object-Type: SSDT-hook
Object-Name: ZwCreateKey
Object-Path: (NULL)

Object-Type: SSDT-hook
Object-Name: ZwCreateThread
Object-Path: (NULL)

Object-Type: SSDT-hook
Object-Name: ZwDeleteKey
Object-Path: (NULL)

Object-Type: SSDT-hook
Object-Name: ZwDeleteValueKey
Object-Path: (NULL)

Object-Type: SSDT-hook
Object-Name: ZwEnumerateKey
Object-Path: \SystemRoot\System32\drivers\sprt.sys

Object-Type: SSDT-hook
Object-Name: ZwEnumerateValueKey
Object-Path: \SystemRoot\System32\drivers\sprt.sys

Object-Type: SSDT-hook
Object-Name: ZwLoadKey2
Object-Path: (NULL)

Object-Type: SSDT-hook
Object-Name: ZwOpenKey
Object-Path: \SystemRoot\System32\drivers\sprt.sys

Object-Type: SSDT-hook
Object-Name: ZwOpenProcess
Object-Path: (NULL)

Object-Type: SSDT-hook
Object-Name: ZwOpenThread
Object-Path: (NULL)

Object-Type: SSDT-hook
Object-Name: ZwQueryKey
Object-Path: \SystemRoot\System32\drivers\sprt.sys

Object-Type: SSDT-hook
Object-Name: ZwQueryValueKey
Object-Path: \SystemRoot\System32\drivers\sprt.sys

Object-Type: SSDT-hook
Object-Name: ZwReplaceKey
Object-Path: (NULL)

Object-Type: SSDT-hook
Object-Name: ZwRestoreKey
Object-Path: (NULL)

Object-Type: SSDT-hook
Object-Name: ZwSetValueKey
Object-Path: (NULL)

Object-Type: IRP-hook
Object-Name: \Driver\Ftdisk->IRP_MJ_SYSTEM_CONTROL
Object-Path:

Object-Type: IRP-hook
Object-Name: \Driver\Ftdisk->IRP_MJ_POWER
Object-Path:

Object-Type: IRP-hook
Object-Name: \Driver\Ftdisk->IRP_MJ_CLEANUP
Object-Path:

Object-Type: IRP-hook
Object-Name: \Driver\Ftdisk->IRP_MJ_SHUTDOWN
Object-Path:

Object-Type: IRP-hook
Object-Name: \Driver\Ftdisk->IRP_MJ_INTERNAL_DEVICE_CONTROL
Object-Path:

Object-Type: IRP-hook
Object-Name: \Driver\Ftdisk->IRP_MJ_DEVICE_CONTROL
Object-Path:

Object-Type: IRP-hook
Object-Name: \Driver\Ftdisk->IRP_MJ_FLUSH_BUFFERS
Object-Path:

Object-Type: IRP-hook
Object-Name: \Driver\Ftdisk->IRP_MJ_WRITE
Object-Path:

Object-Type: IRP-hook
Object-Name: \Driver\Ftdisk->IRP_MJ_READ
Object-Path:

Object-Type: IRP-hook
Object-Name: \Driver\Ftdisk->IRP_MJ_CREATE
Object-Path:

Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg
Status: Unable to access registry key

Object-Type: Registry-key
Object-Name: 0D79C293C1ED61418462E24595C90D04td\Cfg
Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04
Status: Hidden

Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04
Status: Unable to access registry key

Object-Type: Registry-key
Object-Name: 00000001ontrolSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04
Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001
Status: Hidden

Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001
Status: Unable to access registry key

Object-Type: Registry-key
Object-Name: jdgg40\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001
Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40
Status: Hidden

Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40
Status: Unable to access registry key

Object-Type: Registry-value
Object-Name: ujdew
Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40
Status: Hidden

Object-Type: Registry-value
Object-Name: a0
Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001
Status: Hidden

Object-Type: Registry-value
Object-Name: ujdew
Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001
Status: Hidden

Object-Type: Registry-value
Object-Name: p0
Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04
Status: Hidden

Object-Type: Registry-value
Object-Name: h0
Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04
Status: Hidden

Object-Type: Registry-value
Object-Name: ujdew
Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04
Status: Hidden

Object-Type: Registry-value
Object-Name: s1
Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg
Status: Hidden

Object-Type: Registry-value
Object-Name: s2
Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg
Status: Hidden

Object-Type: Registry-value
Object-Name: g0
Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg
Status: Hidden

Object-Type: Registry-value
Object-Name: h0
Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg
Status: Hidden

Object-Type: Registry-key
Object-Name: 0D79C293C1ED61418462E24595C90D04td\Cfg
Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04
Status: Hidden

Object-Type: Registry-key
Object-Name: 00000001ontrolSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04
Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001
Status: Hidden

Object-Type: Registry-key
Object-Name: jdgg40\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001
Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40
Status: Hidden

Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg
Status: Unable to access registry key

Object-Type: Registry-key
Object-Name: 0D79C293C1ED61418462E24595C90D04td\Cfg
Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04
Status: Hidden

Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04
Status: Unable to access registry key

Object-Type: Registry-key
Object-Name: 00000001ontrolSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04
Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001
Status: Hidden

Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001
Status: Unable to access registry key

Object-Type: Registry-key
Object-Name: jdgg40\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001
Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40
Status: Hidden

Object-Type: Registry-value
Object-Name: (Default)
Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40
Status: Unable to access registry key

Object-Type: Registry-value
Object-Name: ujdew
Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40
Status: Hidden

Object-Type: Registry-value
Object-Name: a0
Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001
Status: Hidden

Object-Type: Registry-value
Object-Name: ujdew
Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001
Status: Hidden

Object-Type: Registry-value
Object-Name: p0
Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04
Status: Hidden

Object-Type: Registry-value
Object-Name: h0
Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04
Status: Hidden

Object-Type: Registry-value
Object-Name: ujdew
Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04
Status: Hidden

Object-Type: Registry-value
Object-Name: s1
Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg
Status: Hidden

Object-Type: Registry-value
Object-Name: s2
Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg
Status: Hidden

Object-Type: Registry-value
Object-Name: g0
Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg
Status: Hidden

Object-Type: Registry-value
Object-Name: h0
Object-Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg
Status: Hidden

Object-Type: Registry-key
Object-Name: DataEM\ControlSet001\Services\sptd\Cfg
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Protected Storage System Provider\*Local Machine*\Data
Status: Hidden

Object-Type: Registry-key
Object-Name: a5c5c2e4-6bee-4ef9-a0f5-f76a07cce771 System Provider\*Local Machine*\Data
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Protected Storage System Provider\*Local Machine*\Data\a5c5c2e4-6bee-4ef9-a0f5-f76a07cce771
Status: Hidden

Object-Type: Registry-key
Object-Name: 00000000-0000-0000-0000-000000000000 System Provider\*Local Machine*\Data\a5c5c2e4-6bee-4ef9-a0f5-f76a07cce771
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Protected Storage System Provider\*Local Machine*\Data\a5c5c2e4-6bee-4ef9-a0f5-f76a07cce771\00000000-0000-0000-0000-000000000000
Status: Hidden

Object-Type: Registry-key
Object-Name: {6340E680-FF06-435f-8767-B79D88AEBD4D}ystem Provider\*Local Machine*\Data\a5c5c2e4-6bee-4ef9-a0f5-f76a07cce771\00000000-0000-0000-0000-000000000000
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Protected Storage System Provider\*Local Machine*\Data\a5c5c2e4-6bee-4ef9-a0f5-f76a07cce771\00000000-0000-0000-0000-000000000000\{6340E680-FF06-435f-8767-B79D88AEBD4D}
Status: Hidden

Object-Type: Registry-value
Object-Name: Item Data
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Protected Storage System Provider\*Local Machine*\Data\a5c5c2e4-6bee-4ef9-a0f5-f76a07cce771\00000000-0000-0000-0000-000000000000\{6340E680-FF06-435f-8767-B79D88AEBD4D}
Status: Hidden

Object-Type: Registry-value
Object-Name: Display String
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Protected Storage System Provider\*Local Machine*\Data\a5c5c2e4-6bee-4ef9-a0f5-f76a07cce771\00000000-0000-0000-0000-000000000000
Status: Hidden

Object-Type: Registry-value
Object-Name: Display String
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Protected Storage System Provider\*Local Machine*\Data\a5c5c2e4-6bee-4ef9-a0f5-f76a07cce771
Status: Hidden

Object-Type: Registry-key
Object-Name: Data 2RE\Microsoft\Protected Storage System Provider\*Local Machine*\Data\a5c5c2e4-6bee-4ef9-a0f5-f76a07cce771
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Protected Storage System Provider\*Local Machine*\Data 2
Status: Hidden

Object-Type: Registry-key
Object-Name: WindowsE\Microsoft\Protected Storage System Provider\*Local Machine*\Data 2
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Protected Storage System Provider\*Local Machine*\Data 2\Windows
Status: Hidden

Object-Type: Registry-value
Object-Name: Value
Object-Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Protected Storage System Provider\*Local Machine*\Data 2\Windows
Status: Hidden

Object-Type: IAT/EAT-hook
PID: 1792
Details: Export : Function : ADVAPI32.dll!RegSetValueExW =>
Object-Path:
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1792
Details: Export : Function : ADVAPI32.dll!RegSetValueExA =>
Object-Path:
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1792
Details: Export : Function : ADVAPI32.dll!RegOpenKeyW =>
Object-Path:
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1792
Details: Export : Function : ADVAPI32.dll!RegOpenKeyExW =>
Object-Path:
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1792
Details: Export : Function : ADVAPI32.dll!RegOpenKeyExA =>
Object-Path:
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1792
Details: Export : Function : ADVAPI32.dll!RegOpenKeyA =>
Object-Path:
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1792
Details: Export : Function : ADVAPI32.dll!RegCreateKeyW =>
Object-Path:
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1792
Details: Export : Function : ADVAPI32.dll!RegCreateKeyA =>
Object-Path:
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1792
Details: Export : Function : WININET.dll!InternetReadFileExW => 01EC0000 + 0xfb90
Object-Path: 01EC0000 + 0xfb90
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1792
Details: Export : Function : WININET.dll!InternetReadFileExA => 01EC0000 + 0xfb28
Object-Path: 01EC0000 + 0xfb28
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1792
Details: Export : Function : WININET.dll!InternetReadFile => 01EC0000 + 0xf9a4
Object-Path: 01EC0000 + 0xf9a4
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1792
Details: Export : Function : WININET.dll!InternetQueryDataAvailable => 01EC0000 + 0xf674
Object-Path: 01EC0000 + 0xf674
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1792
Details: Export : Function : WININET.dll!InternetConnectA => 01EC0000 + 0xd390
Object-Path: 01EC0000 + 0xd390
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1792
Details: Export : Function : WININET.dll!HttpSendRequestW => 01EC0000 + 0xec68
Object-Path: 01EC0000 + 0xec68
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1792
Details: Export : Function : WININET.dll!HttpSendRequestA => 01EC0000 + 0xe5a8
Object-Path: 01EC0000 + 0xe5a8
Status: Hooked

Object-Type: IAT/EAT-hook
PID: 1792
Details: Export : Function : WININET.dll!HttpOpenRequestA => 01EC0000 + 0xd684
Object-Path: 01EC0000 + 0xd684
Status: Hooked

Object-Type: Process
Object-Name: NMBgMonitor.exe
Pid: 1456
Object-Path: C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMBgMonitor.exe
Status: Visible

Object-Type: Process
Object-Name: wmiapsrv.exe
Pid: 2076
Object-Path: C:\WINDOWS\system32\wbem\wmiapsrv.exe
Status: Visible

Object-Type: Process
Object-Name: lsass.exe
Pid: 836
Object-Path: C:\WINDOWS\system32\lsass.exe
Status: Visible

Object-Type: Process
Object-Name: System Idle Process
Pid: 0
Object-Path:
Status: Visible

Object-Type: Process
Object-Name: IGDCTRL.EXE
Pid: 1892
Object-Path: C:\Programme\FRITZ!DSL\IGDCTRL.EXE
Status: Visible

Object-Type: Process
Object-Name: IAAnotif.exe
Pid: 1148
Object-Path: C:\Programme\Intel\Intel Matrix Storage Manager\iaanotif.exe
Status: Visible

Object-Type: Process
Object-Name: avgnt.exe
Pid: 1396
Object-Path: C:\Programme\Avira\AntiVir Desktop\avgnt.exe
Status: Visible

Object-Type: Process
Object-Name: igfxsrvc.exe
Pid: 1644
Object-Path: C:\WINDOWS\system32\igfxsrvc.exe
Status: Visible

Object-Type: Process
Object-Name: RTHDCPL.EXE
Pid: 1212
Object-Path: C:\WINDOWS\RTHDCPL.EXE
Status: Visible

Object-Type: Process
Object-Name: smss.exe
Pid: 468
Object-Path: C:\WINDOWS\System32\smss.exe
Status: Visible

Object-Type: Process
Object-Name: svchost.exe
Pid: 996
Object-Path: C:\WINDOWS\system32\svchost.exe
Status: Visible

Object-Type: Process
Object-Name: System
Pid: 4
Object-Path:
Status: Visible

Object-Type: Process
Object-Name: AntiSpyWare2Gua
Pid: 1308
Object-Path: C:\Programme\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWare2Guard.exe
Status: Visible

Object-Type: Process
Object-Name: svchost.exe
Pid: 1092
Object-Path: C:\WINDOWS\System32\svchost.exe
Status: Visible

Object-Type: Process
Object-Name: svchost.exe
Pid: 1712
Object-Path: C:\WINDOWS\system32\svchost.exe
Status: Visible

Object-Type: Process
Object-Name: services.exe
Pid: 816
Object-Path: C:\WINDOWS\system32\services.exe
Status: Visible

Object-Type: Process
Object-Name: StCenter.exe
Pid: 1220
Object-Path: C:\Programme\FRITZ!DSL\StCenter.exe
Status: Visible

Object-Type: Process
Object-Name: avguard.exe
Pid: 1872
Object-Path: C:\Programme\Avira\AntiVir Desktop\avguard.exe
Status: Visible

Object-Type: Process
Object-Name: IAANTmon.exe
Pid: 1936
Object-Path: C:\Programme\Intel\Intel Matrix Storage Manager\IAANTMon.exe
Status: Visible

Object-Type: Process
Object-Name: ctfmon.exe
Pid: 1440
Object-Path: C:\WINDOWS\system32\ctfmon.exe
Status: Visible

Object-Type: Process
Object-Name: svchost.exe
Pid: 1316
Object-Path: C:\WINDOWS\system32\svchost.exe
Status: Visible

Object-Type: Process
Object-Name: RtkBtMnt.exe
Pid: 3952
Object-Path: C:\DOKUME~1\ME\LOKALE~1\Temp\RtkBtMnt.exe
Status: Visible

Object-Type: Process
Object-Name: E_FATIFBE.EXE
Pid: 1504
Object-Path: C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIFBE.EXE
Status: Visible

Object-Type: Process
Object-Name: svchost.exe
Pid: 1132
Object-Path: C:\WINDOWS\system32\svchost.exe
Status: Visible

Object-Type: Process
Object-Name: alg.exe
Pid: 3644
Object-Path: C:\WINDOWS\System32\alg.exe
Status: Visible

Object-Type: Process
Object-Name: AntiSpyWareServ
Pid: 1816
Object-Path: C:\Programme\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe
Status: Visible

Object-Type: Process
Object-Name: NMIndexStoreSvr
Pid: 2188
Object-Path: C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexStoreSvr.exe
Status: Visible

Object-Type: Process
Object-Name: svchost.exe
Pid: 1196
Object-Path: C:\WINDOWS\system32\svchost.exe
Status: Visible

Object-Type: Process
Object-Name: spoolsv.exe
Pid: 1568
Object-Path: C:\WINDOWS\system32\spoolsv.exe
Status: Visible

Object-Type: Process
Object-Name: avshadow.exe
Pid: 484
Object-Path: C:\Programme\Avira\AntiVir Desktop\avshadow.exe
Status: Visible

Object-Type: Process
Object-Name: EEventManager.e
Pid: 1352
Object-Path: C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe
Status: Visible

Object-Type: Process
Object-Name: msmsgs.exe
Pid: 1476
Object-Path: C:\Programme\Messenger\msmsgs.exe
Status: Visible

Object-Type: Process
Object-Name: StarWindService
Pid: 268
Object-Path: C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
Status: Visible

Object-Type: Process
Object-Name: svchost.exe
Pid: 2128
Object-Path: C:\WINDOWS\System32\svchost.exe
Status: Visible

Object-Type: Process
Object-Name: winlogon.exe
Pid: 548
Object-Path: C:\WINDOWS\system32\winlogon.exe
Status: Visible

Object-Type: Process
Object-Name: jqs.exe
Pid: 1976
Object-Path: C:\Programme\Java\jre6\bin\jqs.exe
Status: Visible

Object-Type: Process
Object-Name: FwebProt.exe
Pid: 1604
Object-Path: C:\Programme\FRITZ!DSL\FwebProt.exe
Status: Visible

Object-Type: Process
Object-Name: svchost.exe
Pid: 396
Object-Path: C:\WINDOWS\system32\svchost.exe
Status: Visible

Object-Type: Process
Object-Name: hkcmd.exe
Pid: 1264
Object-Path: C:\WINDOWS\system32\hkcmd.exe
Status: Visible

Object-Type: Process
Object-Name: wscntfy.exe
Pid: 3496
Object-Path: C:\WINDOWS\system32\wscntfy.exe
Status: Visible

Object-Type: Process
Object-Name: Rootkit_Detecti
Pid: 1016
Object-Path: C:\Dokumente und Einstellungen\ME\Eigene Dateien\Downloads\Mc A\Rootkit_Detective.exe
Status: Visible

Object-Type: Process
Object-Name: explorer.exe
Pid: 1792
Object-Path: C:\WINDOWS\Explorer.EXE
Status: Visible

Object-Type: Process
Object-Name: sched.exe
Pid: 1668
Object-Path: C:\Programme\Avira\AntiVir Desktop\sched.exe
Status: Visible

Object-Type: Process
Object-Name: igfxtray.exe
Pid: 1236
Object-Path: C:\WINDOWS\system32\igfxtray.exe
Status: Visible

Object-Type: Process
Object-Name: firefox.exe
Pid: 1484
Object-Path: C:\Programme\Mozilla Firefox\firefox.exe
Status: Visible

Object-Type: Process
Object-Name: csrss.exe
Pid: 524
Object-Path: C:\WINDOWS\system32\csrss.exe
Status: Visible

Object-Type: Process
Object-Name: igfxpers.exe
Pid: 1300
Object-Path: C:\WINDOWS\system32\igfxpers.exe
Status: Visible

Object-Type: Process
Object-Name: plugin-containe
Pid: 556
Object-Path: C:\Programme\Mozilla Firefox\plugin-container.exe
Status: Visible

Object-Type: Process
Object-Name: svchost.exe
Pid: 1052
Object-Path: C:\WINDOWS\system32\svchost.exe
Status: Visible

Scan complete. Hidden registry keys/values: 39

DANKE FÜR EURE HILFE!!!