| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: SpyEyes-Trojaner gefunden (Antivir läßt sich nicht mehr updaten)Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
26.05.2011, 11:31
| #16 |
 |  SpyEyes-Trojaner gefunden (Antivir läßt sich nicht mehr updaten) GMER ist unter dem admin-modus abgestürzt. Osam-log: Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 12:18:58 on 26.05.2011 OS: Windows XP Professional Service Pack 3 (Build 2600) Default Browser: Mozilla Corporation Firefox 3.6.17 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [Boot Execute] -----( HKLM\SYSTEM\CurrentControlSet\Control\Session Manager )----- "BootExecute" - "Microsoft Corporation" - C:\WINDOWS\system32\autochk.exe [Common] -----( %SystemRoot%\Tasks )----- "GoogleUpdateTaskUserS-1-5-21-1645522239-115176313-1417001333-1003Core.job" - "Google Inc." - C:\Documents and Settings\Martin\Local Settings\Application Data\Google\Update\GoogleUpdate.exe "GoogleUpdateTaskUserS-1-5-21-1645522239-115176313-1417001333-1003UA.job" - "Google Inc." - C:\Documents and Settings\Martin\Local Settings\Application Data\Google\Update\GoogleUpdate.exe -----( HKLM\SOFTWARE\Microsoft\Windows Scripting Host\Locations )----- "CScript" - "Microsoft Corporation" - C:\WINDOWS\System32\cscript.exe "WScript" - "Microsoft Corporation" - C:\WINDOWS\System32\wscript.exe [Control Panel Objects] -----( %SystemRoot%\system32 )----- "access.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\access.cpl "ALSNDMGR.CPL" - "Realtek Semiconductor Corp." - C:\WINDOWS\system32\ALSNDMGR.CPL "appwiz.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\appwiz.cpl "bthprops.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\bthprops.cpl "desk.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\desk.cpl "firewall.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\firewall.cpl "hdwwiz.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\hdwwiz.cpl "inetcpl.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\inetcpl.cpl "intl.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\intl.cpl "irprops.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\irprops.cpl "javacpl.cpl" - "Sun Microsystems, Inc." - C:\WINDOWS\system32\javacpl.cpl "joy.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\joy.cpl "main.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\main.cpl "mmsys.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\mmsys.cpl "ncpa.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\ncpa.cpl "netsetup.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\netsetup.cpl "nusrmgr.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\nusrmgr.cpl "nwc.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\nwc.cpl "odbccp32.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\odbccp32.cpl "powercfg.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\powercfg.cpl "RTSndMgr.CPL" - "Realtek Semiconductor Corp." - C:\WINDOWS\system32\RTSndMgr.CPL "sysdm.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\sysdm.cpl "telephon.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\telephon.cpl "timedate.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\timedate.cpl "wscui.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\wscui.cpl "wuaucpl.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\wuaucpl.cpl -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )----- "Avira AntiVir Personal" - "Avira GmbH" - C:\PROGRA~1\Avira\ANTIVI~1\avconfig.cpl "Avira AntiVir Personal - Free Antivirus " - "Avira GmbH" - C:\PROGRA~1\Avira\ANTIVI~1\avconfig.cpl "Internet Connection Firewall" - "Microsoft Corporation" - C:\WINDOWS\system32\Firewall.cpl "NetSetupWizard" - "Microsoft Corporation" - C:\WINDOWS\system32\NetSetup.cpl "Speech" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Speech\sapi.cpl [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "1394 ARP Client Protocol" (Arp1394) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\arp1394.sys "1394 Net Driver" (NIC1394) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\nic1394.sys "adfs" (adfs) - ? - C:\WINDOWS\system32\drivers\adfs.sys (File not found) "AFD" (AFD) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\afd.sys "AsrCDDrv" (AsrCDDrv) - ? - C:\WINDOWS\system32\Drivers\AsrCDDrv.sys (File not found) "ATI Function Driver for High Definition Audio Service" (AtiHdmiService) - "ATI Research Inc." - C:\WINDOWS\System32\drivers\AtiHdmi.sys "ati2mtag" (ati2mtag) - "ATI Technologies Inc." - C:\WINDOWS\System32\DRIVERS\ati2mtag.sys "ATM ARP Client Protocol" (Atmarpc) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\atmarpc.sys "Audio Stub Driver" (audstub) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\audstub.sys "avgio" (avgio) - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\avgio.sys "avgntflt" (avgntflt) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\avgntflt.sys "avipbb" (avipbb) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\avipbb.sys "BDA IPSink" (streamip) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\StreamIP.sys "BDA Slip De-Framer" (SLIP) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\SLIP.sys "Beep" (Beep) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Beep.sys "Brother USB Still Image driver" (BrScnUsb) - "Brother Industries Ltd." - C:\WINDOWS\System32\Drivers\BrScnUsb.sys "catchme" (catchme) - ? - C:\DOCUME~1\Martin\LOCALS~1\Temp\catchme.sys (File not found) "CD-Burning Filter Driver" (Imapi) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\imapi.sys "CD-ROM Driver" (Cdrom) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\cdrom.sys "Cdaudio" (Cdaudio) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Cdaudio.sys "Cdfs" (Cdfs) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Cdfs.sys "Changer" (Changer) - ? - C:\WINDOWS\system32\drivers\Changer.sys (File not found) "Closed Caption Decoder" (CCDECODE) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\CCDECODE.sys "dfmirage" (dfmirage) - "DemoForge, LLC" - C:\WINDOWS\System32\DRIVERS\dfmirage.sys "Digital CD Audio Playback Filter Driver" (redbook) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\redbook.sys "Direct Parallel" (Raspti) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\raspti.sys "Direct Parallel Link Driver" (Ptilink) - "Parallel Technologies, Inc." - C:\WINDOWS\System32\DRIVERS\ptilink.sys "Disk Driver" (Disk) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\disk.sys "dmload" (dmload) - "Microsoft Corp., Veritas Software." - C:\WINDOWS\System32\drivers\dmload.sys "Fastfat" (Fastfat) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Fastfat.sys "Fdc" (Fdc) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Fdc.sys "Fips" (Fips) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Fips.sys "Flpydisk" (Flpydisk) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Flpydisk.sys "FltMgr" (FltMgr) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\fltMgr.sys "Fs_Rec" (Fs_Rec) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Fs_Rec.sys "Generic Packet Classifier" (Gpc) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\msgpc.sys "giveio" (giveio) - ? - C:\WINDOWS\System32\giveio.sys (File found, but it contains no detailed information) "GMSIPCI" (GMSIPCI) - ? - D:\INSTALL\GMSIPCI.SYS (File not found) "HTTP" (HTTP) - "Microsoft Corporation" - C:\WINDOWS\System32\Drivers\HTTP.sys "i2omgmt" (i2omgmt) - ? - C:\WINDOWS\system32\drivers\i2omgmt.sys (File not found) "i8042prt" (i8042prt) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\i8042prt.sys "Intel Processor Driver" (intelppm) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\intelppm.sys "IP in IP Tunnel Driver" (IpInIp) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\ipinip.sys "IP Network Address Translator" (IpNat) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\ipnat.sys "IP Traffic Filter Driver" (IpFilterDriver) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys "IPSEC driver" (IPSec) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\ipsec.sys "IPv6 Windows Firewall Driver" (Ip6Fw) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\Ip6Fw.sys "IPX Traffic Filter Driver" (NwlnkFlt) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\nwlnkflt.sys "IPX Traffic Forwarder Driver" (NwlnkFwd) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\nwlnkfwd.sys "IR Enumerator Service" (IRENUM) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\irenum.sys "IrDA Protocol" (irda) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\irda.sys "JRAID" (JRAID) - "JMicron Technology Corp." - C:\WINDOWS\System32\DRIVERS\jraid.sys "Keyboard Class Driver" (Kbdclass) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\kbdclass.sys "Keyboard HID Driver" (kbdhid) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\kbdhid.sys "KSecDD" (KSecDD) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\KSecDD.sys "lbrtfdc" (lbrtfdc) - ? - C:\WINDOWS\system32\drivers\lbrtfdc.sys (File not found) "Logical Disk Manager Driver" (dmio) - "Microsoft Corp., Veritas Software" - C:\WINDOWS\System32\drivers\dmio.sys "ManyCam Virtual Webcam, WDM Video Capture Driver" (ManyCam) - ? - C:\WINDOWS\System32\DRIVERS\ManyCam.sys (File not found) "MEMSWEEP2" (MEMSWEEP2) - ? - C:\WINDOWS\system32\19.tmp (File not found) "Microcode Update Driver" (Update) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\update.sys "Microsoft ACPI Driver" (ACPI) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\ACPI.sys "Microsoft HID Class Driver" (hidusb) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\hidusb.sys "Microsoft Kernel Acoustic Echo Canceller" (aec) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\aec.sys "Microsoft Kernel Audio Splitter" (splitter) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\splitter.sys "Microsoft Kernel DLS Syntheiszer" (DMusic) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\DMusic.sys "Microsoft Kernel DRM Audio Descrambler" (drmkaud) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\drmkaud.sys "Microsoft Kernel GS Wavetable Synthesizer" (swmidi) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\swmidi.sys "Microsoft Kernel System Audio Device" (sysaudio) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\sysaudio.sys "Microsoft Kernel Wave Audio Mixer" (kmixer) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\kmixer.sys "Microsoft Serial Infrared Driver" (irsir) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\irsir.sys "Microsoft Streaming Clock Proxy" (MSPCLOCK) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\MSPCLOCK.sys "Microsoft Streaming Quality Manager Proxy" (MSPQM) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\MSPQM.sys "Microsoft Streaming Service Proxy" (MSKSSRV) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\MSKSSRV.sys "Microsoft Streaming Tee/Sink-to-Sink Converter" (MSTEE) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\MSTEE.sys "Microsoft System Management BIOS Driver" (mssmbios) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\mssmbios.sys "Microsoft TV/Video Connection" (NdisIP) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\NdisIP.sys "Microsoft UAA Bus Driver for High Definition Audio" (HDAudBus) - "Windows (R) Server 2003 DDK provider" - C:\WINDOWS\System32\DRIVERS\HDAudBus.sys "Microsoft USB 2.0 Enhanced Host Controller Miniport Driver" (usbehci) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\usbehci.sys "Microsoft USB Generic Parent Driver" (usbccgp) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\usbccgp.sys "Microsoft USB PRINTER Class" (usbprint) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\usbprint.sys "Microsoft USB Standard Hub Driver" (usbhub) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\usbhub.sys "Microsoft WINMM WDM Audio Compatibility Driver" (wdmaud) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\wdmaud.sys "mnmdd" (mnmdd) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\mnmdd.sys "Modem" (Modem) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Modem.sys "MountMgr" (MountMgr) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\MountMgr.sys "Mouse Class Driver" (Mouclass) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\mouclass.sys "Mouse HID Driver" (mouhid) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\mouhid.sys "MRXSMB" (MRxSmb) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\mrxsmb.sys "Msfs" (Msfs) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Msfs.sys "Mup" (Mup) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Mup.sys "NABTS/FEC VBI Codec" (NABTSFEC) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys "NDIS System Driver" (NDIS) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\NDIS.sys "NDIS Usermode I/O Protocol" (Ndisuio) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\ndisuio.sys "NDProxy" (NDProxy) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\NDProxy.sys "NetBIOS Interface" (NetBIOS) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\netbios.sys "NetBios over Tcpip" (NetBT) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\netbt.sys "Npfs" (Npfs) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Npfs.sys "Ntfs" (Ntfs) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Ntfs.sys "Null" (Null) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Null.sys "Parport" (Parport) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Parport.sys "PartMgr" (PartMgr) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\PartMgr.sys "ParVdm" (ParVdm) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\ParVdm.sys "PCI Bus Driver" (PCI) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\pci.sys "PCIDump" (PCIDump) - ? - C:\WINDOWS\system32\drivers\PCIDump.sys (File not found) "PCIIde" (PCIIde) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\pciide.sys "PDCOMP" (PDCOMP) - ? - C:\WINDOWS\system32\drivers\PDCOMP.sys (File not found) "PDFRAME" (PDFRAME) - ? - C:\WINDOWS\system32\drivers\PDFRAME.sys (File not found) "PDRELI" (PDRELI) - ? - C:\WINDOWS\system32\drivers\PDRELI.sys (File not found) "PDRFRAME" (PDRFRAME) - ? - C:\WINDOWS\system32\drivers\PDRFRAME.sys (File not found) "PnP ISA/EISA Bus Driver" (isapnp) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\isapnp.sys "PxHelp20" (PxHelp20) - "Sonic Solutions" - C:\WINDOWS\System32\Drivers\PxHelp20.sys "QoS Packet Scheduler" (PSched) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\psched.sys "Ralink 802.11n USB Wireless LAN Card Driver" (rt2870) - "Ralink Technology, Corp." - C:\WINDOWS\System32\DRIVERS\rt2870.sys "RAS Asynchronous Media Driver" (AsyncMac) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\asyncmac.sys "Rdbss" (Rdbss) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\rdbss.sys "RDPCDD" (RDPCDD) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\RDPCDD.sys "RDPWD" (RDPWD) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\RDPWD.sys "Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver" (RTLE8023xp) - "Realtek Semiconductor Corporation " - C:\WINDOWS\System32\DRIVERS\Rtenicxp.sys "Remote Access Auto Connection Driver" (RasAcd) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\rasacd.sys "Remote Access IP ARP Driver" (Wanarp) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\wanarp.sys "Remote Access NDIS TAPI Driver" (NdisTapi) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\ndistapi.sys "Remote Access NDIS WAN Driver" (NdisWan) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\ndiswan.sys "Remote Access PPPOE Driver" (RasPppoe) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\raspppoe.sys "RT73 USB Wireless LAN Card Driver" (RT73) - "Ralink Technology, Corp." - C:\WINDOWS\System32\DRIVERS\rt73.sys "Secdrv" (Secdrv) - "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." - C:\WINDOWS\System32\DRIVERS\secdrv.sys "Serenum Filter Driver" (serenum) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\serenum.sys "Serial port driver" (Serial) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\serial.sys "Service for Realtek HD Audio (WDM)" (IntcAzAudAddService) - "Realtek Semiconductor Corp." - C:\WINDOWS\System32\drivers\RtkHDAud.sys "Sfloppy" (Sfloppy) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\Sfloppy.sys "Software Bus Driver" (swenum) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\swenum.sys "speedfan" (speedfan) - "Almico Software" - C:\WINDOWS\System32\speedfan.sys "sptd" (sptd) - "Duplex Secure Ltd." - C:\WINDOWS\System32\Drivers\sptd.sys (File is exclusively opened, access blocked) "Srv" (Srv) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\srv.sys "ssmdrv" (ssmdrv) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\ssmdrv.sys "Standard IDE/ESDI Hard Disk Controller" (atapi) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\atapi.sys "StarOpen" (StarOpen) - ? - C:\WINDOWS\system32\drivers\StarOpen.sys (File found, but it contains no detailed information) "System Restore Filter Driver" (sr) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\sr.sys "TCP/IP Protocol Driver" (Tcpip) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\tcpip.sys "TDPIPE" (TDPIPE) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\TDPIPE.sys "TDTCP" (TDTCP) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\TDTCP.sys "Terminal Device Driver" (TermDD) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\termdd.sys "Terminal Server Device Redirector Driver" (rdpdr) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\rdpdr.sys "USB Audio Driver (WDM)" (usbaudio) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\usbaudio.sys "USB Mass Storage Driver" (USBSTOR) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS "USB Video Device (WDM)" (usbvideo) - "Microsoft Corporation" - C:\WINDOWS\System32\Drivers\usbvideo.sys "VgaSave" (VgaSave) - "Microsoft Corporation" - C:\WINDOWS\System32\drivers\vga.sys "VIA OHCI Compliant IEEE 1394 Host Controller" (ohci1394) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\ohci1394.sys "VolSnap" (VolSnap) - "Microsoft Corporation" - C:\WINDOWS\system32\drivers\VolSnap.sys "Volume Manager Driver" (Ftdisk) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\ftdisk.sys "WAN Miniport (IrDA)" (Rasirda) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\rasirda.sys "WAN Miniport (L2TP)" (Rasl2tp) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\rasl2tp.sys "WAN Miniport (PPTP)" (PptpMiniport) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\raspptp.sys "WDICA" (WDICA) - ? - C:\WINDOWS\system32\drivers\WDICA.sys (File not found) "WebDav Client Redirector" (MRxDAV) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\mrxdav.sys "World Standard Teletext Codec" (WSTCODEC) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [Explorer] -----( HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components )----- {7790769C-0471-11d2-AF11-00C04FA35D02} "Address Book 6" - "Microsoft Corporation" - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS "Browser Customizations" - "Microsoft Corporation" - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP >{26923b43-4d38-484f-9b9e-de460746276c} "Internet Explorer" - "Microsoft Corporation" - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE {4b218e3e-bc98-4770-93d3-2731b9329278} "Internet Explorer" - "Microsoft Corporation" - %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection MarketplaceLinkInstall 896 %systemroot%\inf\ie.inf {89820200-ECBD-11cf-8B85-00AA005B4383} "Internet Explorer 6" - "Microsoft Corporation" - %SystemRoot%\system32\ie4uinit.exe {44BBA840-CC51-11CF-AAFA-00AA00B6015C} "Microsoft Outlook Express 6" - "Microsoft Corporation" - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} "Microsoft Windows Media Player" - "Microsoft Corporation" - C:\WINDOWS\inf\unregmp2.exe /ShowWMP {6BF52A52-394A-11d3-B153-00C04F79FAA6} "Microsoft Windows Media Player" - "Microsoft Corporation" - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub {44BBA842-CC51-11CF-AAFA-00AA00B6015B} "NetMeeting 3.01" - "Microsoft Corporation" - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} "Outlook Express" - "Microsoft Corporation" - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE {89B4C1CD-B018-4511-B0A1-5476DBF70820} "StubPath" - "Microsoft Corporation" - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install {2C7339CF-2B09-4501-B3F3-F3508C9228ED} "Themes Setup" - "Microsoft Corporation" - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll {89820200-ECBD-11cf-8B85-00AA005B4340} "Windows Desktop Update" - "Microsoft Corporation" - regsvr32.exe /s /n /i:U shell32.dll -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll {0D2E74C4-3C34-11d2-A27E-00C04FC30871} "{0D2E74C4-3C34-11d2-A27E-00C04FC30871}" - "Microsoft Corporation" - C:\WINDOWS\system32\SHELL32.dll {24F14F01-7B1C-11d1-838f-0000F80461CF} "{24F14F01-7B1C-11d1-838f-0000F80461CF}" - "Microsoft Corporation" - C:\WINDOWS\system32\SHELL32.dll {24F14F02-7B1C-11d1-838f-0000F80461CF} "{24F14F02-7B1C-11d1-838f-0000F80461CF}" - "Microsoft Corporation" - C:\WINDOWS\system32\SHELL32.dll {66742402-F9B9-11D1-A202-0000F81FEDEE} "{66742402-F9B9-11D1-A202-0000F81FEDEE}" - "Microsoft Corporation" - C:\WINDOWS\system32\SHELL32.dll {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll -----( HKLM\Software\Classes\Protocols\Filter )----- {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} "AP Class Install Handler filter" - "Microsoft Corporation" - C:\WINDOWS\system32\urlmon.dll {8f6b0360-b80d-11d0-a9b3-006097942311} "AP lzdhtml encoding/decoding Filter" - "Microsoft Corporation" - C:\WINDOWS\system32\urlmon.dll {8f6b0360-b80d-11d0-a9b3-006097942311} "AP lzdhtml encoding/decoding Filter" - "Microsoft Corporation" - C:\WINDOWS\system32\urlmon.dll {8f6b0360-b80d-11d0-a9b3-006097942311} "AP lzdhtml encoding/decoding Filter" - "Microsoft Corporation" - C:\WINDOWS\system32\urlmon.dll {1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll {1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll {1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll {733AC4CB-F1A4-11d0-B951-00A0C90312E1} "WebView MIME Filter" - "Microsoft Corporation" - C:\WINDOWS\system32\SHELL32.dll -----( HKLM\Software\Classes\Protocols\Handler )----- {3dd53d40-7b8b-11D0-b013-00aa0059ce02} "CDL: Asychronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\urlmon.dll {12D51199-0DB5-46FE-A120-47A3D7D937CC} "DVD: Pluggable Protocol" - "Microsoft Corporation" - C:\WINDOWS\system32\msvidctl.dll {79eac9e7-baf9-11ce-8c82-00aa004ba90b} "file:, local: Asychronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\urlmon.dll {79eac9e7-baf9-11ce-8c82-00aa004ba90b} "file:, local: Asychronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\urlmon.dll {79eac9e3-baf9-11ce-8c82-00aa004ba90b} "ftp: Asychronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\urlmon.dll {79eac9e4-baf9-11ce-8c82-00aa004ba90b} "gopher: Asychronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\urlmon.dll {79eac9e2-baf9-11ce-8c82-00aa004ba90b} "http: Asychronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\urlmon.dll {79eac9e5-baf9-11ce-8c82-00aa004ba90b} "https: Asychronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\urlmon.dll {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL {05300401-BCBC-11d0-85E3-00C04FD85AB4} "MHTML Asychronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\inetcomm.dll {3050F406-98B5-11CF-BB82-00AA00BDCE0B} "Microsoft HTML About Pluggable Protocol" - "Microsoft Corporation" - C:\WINDOWS\system32\mshtml.dll {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} "Microsoft HTML Javascript Pluggable Protocol" - "Microsoft Corporation" - C:\WINDOWS\system32\mshtml.dll {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} "Microsoft HTML Javascript Pluggable Protocol" - "Microsoft Corporation" - C:\WINDOWS\system32\mshtml.dll {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} "Microsoft HTML Mailto Pluggable Protocol" - "Microsoft Corporation" - C:\WINDOWS\system32\mshtml.dll {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} "Microsoft HTML Resource Pluggable Protocol" - "Microsoft Corporation" - C:\WINDOWS\system32\mshtml.dll {76E67A63-06E9-11D2-A840-006008059382} "Microsoft HTML Resource Pluggable Protocol" - "Microsoft Corporation" - C:\WINDOWS\system32\mshtml.dll {9D148291-B9C8-11D0-A4CC-0000F80149F6} "Microsoft InfoTech Protocols for IE 4.0" - "Microsoft Corporation" - C:\WINDOWS\system32\itss.dll {9D148291-B9C8-11D0-A4CC-0000F80149F6} "Microsoft InfoTech Protocols for IE 4.0" - "Microsoft Corporation" - C:\WINDOWS\system32\itss.dll {79eac9e6-baf9-11ce-8c82-00aa004ba90b} "mk: Asychronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\urlmon.dll {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} "TV: Pluggable Protocol" - "Microsoft Corporation" - C:\WINDOWS\system32\msvidctl.dll {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} "WiaProtocol Class" - "Microsoft Corporation" - C:\WINDOWS\system32\wiascr.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler )----- {438755C2-A8BA-11D1-B96B-00A0C90312E1} "Browseui preloader" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {8C7461EF-2B13-11d2-BE35-3078302C2030} "Component Categories cache daemon" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks )----- {AEB6717E-7E19-11d0-97EE-00C04FD91972} "URL Exec Hook" - "Microsoft Corporation" - C:\WINDOWS\system32\shell32.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {01E04581-4EEE-11d0-BFE9-00AA005B4383} "&Address" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {23170F69-40C1-278A-1000-000100020000} "7-Zip Shell Extension" - "Igor Pavlov" - C:\Program Files\7-Zip\7-zip.dll {7e653215-fa25-46bd-a339-34a2790f3cb7} "Accessible" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {88C6C381-2E85-11D0-94DE-444553540000} "ActiveX Cache Folder" - "Microsoft Corporation" - C:\WINDOWS\system32\occache.dll {A08C11D2-A228-11d0-825B-00AA005B4383} "Address EditBox" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {D20EA4E1-3957-11d2-A40B-0C5020524153} "Administrative Tools" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll {875CB1A1-0F29-45de-A1AE-CFB4950D0B78} "Audio Media Properties Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\shmedia.dll {91EA3F8B-C99B-11d0-9815-00C04FD91972} "Augmented Shell Folder" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {6413BA2C-B461-11d1-A18A-080036B11A03} "Augmented Shell Folder 2" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {5F327514-6C5E-4d60-8F16-D07FA08A78ED} "Auto Update Property Sheet Extension" - "Microsoft Corporation" - C:\WINDOWS\system32\wuaucpl.cpl {87D62D94-71B3-4b9a-9489-5FE6850DC73E} "Avi Properties Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\shmedia.dll {F61FFEC1-754F-11d0-80CA-00AA005B4383} "BandProxy" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {85BBD920-42A0-1069-A2E4-08002B30309D} "Briefcase" - "Microsoft Corporation" - C:\WINDOWS\system32\syncui.dll {0CD7A5C0-9F37-11CE-AE65-08002B2E1262} "Cabinet File" - "Microsoft Corporation" - C:\WINDOWS\system32\cabview.dll {67EA19A0-CCEF-11d0-8024-00C04FD75D13} "CDF Extension Copy Hook" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll {f39a0dc0-9cc8-11d0-a599-00c04fd64433} "Channel" - "Microsoft Corporation" - C:\WINDOWS\system32\cdfview.dll {f3ba0dc0-9cc8-11d0-a599-00c04fd64435} "Channel Handler Object" - "Microsoft Corporation" - C:\WINDOWS\system32\cdfview.dll {f3da0dc0-9cc8-11d0-a599-00c04fd64437} "Channel Menu Handler Object" - "Microsoft Corporation" - C:\WINDOWS\system32\cdfview.dll {f3aa0dc0-9cc8-11d0-a599-00c04fd64434} "Channel Shortcut" - "Microsoft Corporation" - C:\WINDOWS\system32\cdfview.dll {f3ea0dc0-9cc8-11d0-a599-00c04fd64438} "Channel Shortcut Property Pages" - "Microsoft Corporation" - C:\WINDOWS\system32\cdfview.dll {7D559C10-9FE9-11d0-93F7-00AA0059CE02} "Code Download Agent" - "Microsoft Corporation" - C:\WINDOWS\system32\webcheck.dll {513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8} "Compatibility Page" - "Microsoft Corporation" - C:\WINDOWS\system32\SlayerXP.dll {BD472F60-27FA-11cf-B8B4-444553540000} "Compressed (zipped) Folder Right Drag Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\zipfldr.dll {888DCA60-FC0A-11CF-8F0F-00C04FD7D062} "Compressed (zipped) Folder SendTo Target" - "Microsoft Corporation" - C:\WINDOWS\system32\zipfldr.dll {E88DCCE0-B7B3-11d1-A9F0-00AA0060FA31} "CompressedFolder" - "Microsoft Corporation" - C:\WINDOWS\system32\zipfldr.dll {E6CC6978-6B6E-11D0-BECA-00C04FD940BE} "ConnectionAgent" - "Microsoft Corporation" - C:\WINDOWS\system32\webcheck.dll {7444C717-39BF-11D1-8CD9-00C04FC29D45} "CryptPKO Class" - "Microsoft Corporation" - C:\WINDOWS\system32\cryptext.dll {7444C719-39BF-11D1-8CD9-00C04FC29D45} "CryptSig Class" - "Microsoft Corporation" - C:\WINDOWS\system32\cryptext.dll {6935DB93-21E8-4ccc-BEB9-9FE3C77A297A} "Custom MRU AutoCompleted List" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {CFCCC7A0-A282-11D1-9082-006008059382} "Darwin App Publisher" - "Microsoft Corporation" - C:\WINDOWS\system32\appwiz.cpl {ECCDF543-45CC-11CE-B9BF-0080C87CDBA6} "DfsShell Class" - "Microsoft Corporation" - C:\WINDOWS\system32\dfsshlex.dll {62AE1F9A-126A-11D0-A14B-0800361B1103} "Directory Context Menu Verbs" - "Microsoft Corporation" - C:\WINDOWS\system32\dsuiext.dll {163FDC20-2ABC-11d0-88F0-00A024AB2DBB} "Directory Object Find" - "Microsoft Corporation" - C:\WINDOWS\system32\dsquery.dll {0D45D530-764B-11d0-A1CA-00AA00C16E65} "Directory Property UI" - "Microsoft Corporation" - C:\WINDOWS\system32\dsuiext.dll {8A23E65E-31C2-11d0-891C-00A024AB2DBB} "Directory Query UI" - "Microsoft Corporation" - C:\WINDOWS\system32\dsquery.dll {F020E586-5264-11d1-A532-0000F8757D7E} "Directory Start/Search Find" - "Microsoft Corporation" - C:\WINDOWS\system32\dsquery.dll {59099400-57FF-11CE-BD94-0020AF85B590} "Disk Copy Extension" - "Microsoft Corporation" - C:\WINDOWS\system32\diskcopy.dll {42071712-76d4-11d1-8b24-00a0c9068ff3} "Display Adapter CPL Extension" - "Microsoft Corporation" - C:\WINDOWS\system32\deskadp.dll {42071713-76d4-11d1-8b24-00a0c9068ff3} "Display Monitor CPL Extension" - "Microsoft Corporation" - C:\WINDOWS\system32\deskmon.dll {42071714-76d4-11d1-8b24-00a0c9068ff3} "Display Panning CPL Extension" - ? - deskpan.dll (File not found) {f92e8c40-3d33-11d2-b1aa-080036a75b03} "Display TroubleShoot CPL Extension" - "Microsoft Corporation" - C:\WINDOWS\system32\deskperf.dll {872A9397-E0D6-4e28-B64D-52B8D0A7EA35} "DisplayCplExt Class" - "Advanced Micro Devices, Inc." - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiamaxx.dll {22BF0C20-6DA7-11D0-B373-00A0C9034938} "Download Status" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {60fd46de-f830-4894-a628-6fa81bc0190d} "DropTarget Object for Photo Printing Wizard" - "Microsoft Corporation" - C:\WINDOWS\system32\photowiz.dll {2559a1f5-21d7-11d4-bdaf-00c04f60b9f0} "E-mail" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll {853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} "Encryption Context Menu" - ? - (File not found | COM-object registry key not found) {EFA24E64-B078-11d0-89E4-00C04FC9E26E} "Explorer Band" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll {692F0339-CBAA-47e6-B5B5-3B84DB604E87} "Extensions Manager Folder" - "Microsoft Corporation" - C:\WINDOWS\system32\extmgr.dll {7A80E4A8-8005-11D2-BCF8-00C04F72C717} "ExtractIcon Class" - "Microsoft Corporation" - C:\WINDOWS\System32\mmcshext.dll {EFA24E61-B078-11d0-89E4-00C04FC9E26E} "Favorites Band" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll {BD84B380-8CA2-1069-AB1D-08000948F534} "Fonts" - "Microsoft Corporation" - C:\WINDOWS\system32\fontext.dll {D20EA4E1-3957-11d2-A40B-0C5020524152} "Fonts" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll {32714800-2E5F-11d0-8B85-00AA0044F941} "For &People..." - "Microsoft Corporation" - C:\Program Files\Outlook Express\wabfind.dll {3F30C968-480A-4C6C-862D-EFC0897BB84B} "GDI+ file thumbnail extractor" - "Microsoft Corporation" - C:\WINDOWS\system32\shimgvw.dll {58f1f272-9240-4f51-b6d4-fd63d1618591} "Get a Passport Wizard" - "Microsoft Corporation" - C:\WINDOWS\system32\netplwiz.dll {EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "Global Folder Settings" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {2559a1f1-21d7-11d4-bdaf-00c04f60b9f0} "Help and Support" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll {FF393560-C2A7-11CF-BFF4-444553540000} "History" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll {EFA24E62-B078-11d0-89E4-00C04FC9E26E} "History Band" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll {EAB841A0-9550-11cf-8C16-00805F1408F3} "HTML Thumbnail Extractor" - "Microsoft Corporation" - C:\WINDOWS\system32\shimgvw.dll {88895560-9AA2-1069-930E-00AA0030EBC8} "HyperTerminal Icon Ext" - "Hilgraeve, Inc." - C:\WINDOWS\system32\hticons.dll {DBCE2480-C732-101B-BE72-BA78E9AD5B27} "ICC Profile" - "Microsoft Corporation" - C:\WINDOWS\system32\icmui.dll {5DB2625A-54DF-11D0-B6C4-0800091AA605} "ICM Monitor Management" - "Microsoft Corporation" - C:\WINDOWS\System32\icmui.dll {675F097E-4C4D-11D0-B6C1-0800091AA605} "ICM Printer Management" - "Microsoft Corporation" - C:\WINDOWS\system32\icmui.dll {176d6597-26d3-11d1-b350-080036a75b03} "ICM Scanner Management" - "Microsoft Corporation" - C:\WINDOWS\system32\icmui.dll {3028902F-6374-48b2-8DC6-9725E775B926} "IE Microsoft AutoComplete" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {30D02401-6A81-11d0-8274-00C04FD5AE38} "IE Search Band" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {A2B0DD40-CC59-11d0-A3A5-00C04FD706EC} "IE4 Suite Splash Screen" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll {169A0691-8DF9-11d1-A1C4-00C04FD75D13} "In-pane search" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {0B124F8F-91F0-11D1-B8B5-006008059382} "Installed Apps Enumerator" - "Microsoft Corporation" - C:\WINDOWS\system32\appwiz.cpl {2559a1f4-21d7-11d4-bdaf-00c04f60b9f0} "Internet" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll {871C5380-42A0-1069-A2EA-08002B30309D} "Internet Name Space" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll {FBF23B40-E3F0-101B-8488-00AA003E56F8} "Internet Shortcut" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll {131A6951-7F78-11D0-A979-00C04FD705A2} "ISFBand OC" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll {143A62C8-C33B-11D1-84FE-00C04FA34A14} "Microsoft Agent Character Property Sheet Handler" - "Microsoft Corporation" - C:\WINDOWS\msagent\agentpsh.dll {A5E46E3A-8849-11D1-9D8C-00C04FC99D61} "Microsoft Browser Architecture" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll {7BA4C742-9E81-11CF-99D3-00AA004AE837} "Microsoft BrowserBand" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {7988B573-EC89-11cf-9C00-00AA00A14F56} "Microsoft Disk Quota UI" - "Microsoft Corporation" - C:\WINDOWS\system32\dskquoui.dll {6A205B57-2567-4A2C-B881-F787FAB579A3} "Microsoft DocProp Inplace Calendar Control" - "Microsoft Corporation" - C:\WINDOWS\system32\docprop2.dll {0EEA25CC-4362-4A12-850B-86EE61B0D3EB} "Microsoft DocProp Inplace Droplist Combo Control" - "Microsoft Corporation" - C:\WINDOWS\system32\docprop2.dll {A9CF0EAE-901A-4739-A481-E35B73E47F6D} "Microsoft DocProp Inplace Edit Box Control" - "Microsoft Corporation" - C:\WINDOWS\system32\docprop2.dll {8EE97210-FD1F-4B19-91DA-67914005F020} "Microsoft DocProp Inplace ML Edit Box Control" - "Microsoft Corporation" - C:\WINDOWS\system32\docprop2.dll {28F8A4AC-BBB3-4D9B-B177-82BFC914FA33} "Microsoft DocProp Inplace Time Control" - "Microsoft Corporation" - C:\WINDOWS\system32\docprop2.dll {883373C3-BF89-11D1-BE35-080036B11A03} "Microsoft DocProp Shell Ext" - "Microsoft Corporation" - C:\WINDOWS\system32\docprop2.dll {63da6ec0-2e98-11cf-8d82-444553540000} "Microsoft FTP Folder" - "Microsoft Corporation" - C:\WINDOWS\system32\msieftp.dll {00BB2764-6A77-11D0-A535-00C04FD7D062} "Microsoft History AutoComplete List" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {5E6AB780-7743-11CF-A12B-00AA004AE837} "Microsoft Internet Toolbar" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {00BB2765-6A77-11D0-A535-00C04FD7D062} "Microsoft Multiple AutoComplete List Container" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {2206CDB2-19C1-11D1-89E0-00C04FD7A829} "Microsoft OLE DB Service Component Data Links" - "Microsoft Corporation" - C:\Program Files\Common Files\System\Ole DB\oledb32.dll {03C036F1-A186-11D0-824A-00AA005B4383} "Microsoft Shell Folder AutoComplete List" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {3C374A40-BAE4-11CF-BF7D-00AA006946EE} "Microsoft Url History Service" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll {CFBFAE00-17A6-11D0-99CB-00C04FD64497} "Microsoft Url Search Hook" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll {A6FD9E45-6E44-43f9-8644-08598F5A74D9} "Midi Properties Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\shmedia.dll {6756A641-DE71-11d0-831B-00AA005B4383} "MRU AutoComplete List" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {00022613-0000-0000-C000-000000000046} "Multimedia File Property Sheet" - "Microsoft Corporation" - C:\WINDOWS\system32\mmsys.cpl {ECF03A33-103D-11d2-854D-006008059367} "MyDocs Copy Hook" - "Microsoft Corporation" - C:\WINDOWS\system32\mydocs.dll {ECF03A32-103D-11d2-854D-006008059367} "MyDocs Drop Target" - "Microsoft Corporation" - C:\WINDOWS\system32\mydocs.dll {4a7ded0a-ad25-11d0-98a8-0800361b1103} "MyDocs menu and properties" - "Microsoft Corporation" - C:\WINDOWS\system32\mydocs.dll {7007ACC7-3202-11D1-AAD2-00805FC1270E} "Network Connections" - "Microsoft Corporation" - C:\WINDOWS\system32\NETSHELL.dll {992CFFA0-F557-101A-88EC-00DD010CCC48} "Network Connections" - "Microsoft Corporation" - C:\WINDOWS\system32\NETSHELL.dll {AFDB1F70-2A4C-11d2-9039-00C04F8EEB3E} "Offline Files Folder" - "Microsoft Corporation" - C:\WINDOWS\System32\cscui.dll {10CFC467-4392-11d2-8DB4-00C04FA31A66} "Offline Files Folder Options" - "Microsoft Corporation" - C:\WINDOWS\System32\cscui.dll {750fdf0e-2a26-11d1-a3ea-080036587f03} "Offline Files Menu" - "Microsoft Corporation" - C:\WINDOWS\System32\cscui.dll {3EA48300-8CF6-101B-84FB-666CCB9BCD32} "OLE Docfile Property Page" - "Microsoft Corporation" - C:\WINDOWS\system32\docprop.dll {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "OpenOffice.org Column Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {087B3AE3-E237-4467-B8DB-5A38AB959AC9} "OpenOffice.org Infotip Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {63542C48-9552-494A-84F7-73AA6A7C99C1} "OpenOffice.org Property Sheet Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {3B092F0C-7696-40E3-A80F-68D74DA84210} "OpenOffice.org Thumbnail Viewer" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll {41E300E0-78B6-11ce-849B-444553540000} "PlusPack CPL Extension" - "Microsoft Corporation" - C:\WINDOWS\system32\themeui.dll {35786D3C-B075-49b9-88DD-029876E11C01} "Portable Devices" - "Microsoft Corporation" - C:\WINDOWS\system32\wpdshext.dll {D6791A63-E7E2-4fee-BF52-5DED8E86E9B8} "Portable Devices Menu" - "Microsoft Corporation" - C:\WINDOWS\system32\wpdshext.dll {640167b4-59b0-47a6-b335-a6b3c0695aea} "Portable Media Devices" - "Microsoft Corporation" - C:\WINDOWS\system32\Audiodev.dll {D8BD2030-6FC9-11D0-864F-00AA006809D9} "PostAgent" - "Microsoft Corporation" - C:\WINDOWS\system32\webcheck.dll {9DB7A13C-F208-4981-8353-73CC61AE2783} "Previous Versions" - "Microsoft Corporation" - C:\WINDOWS\system32\twext.dll {596AB062-B4D2-4215-9F74-E9109B0A8153} "Previous Versions Property Page" - "Microsoft Corporation" - C:\WINDOWS\system32\twext.dll {add36aa8-751a-4579-a266-d66f5202ccbb} "Print Ordering via the Web" - "Microsoft Corporation" - C:\WINDOWS\system32\netplwiz.dll {AF4F6510-F982-11d0-8595-00AA004CD6D8} "Registry Tree Options Utility" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {F0152790-D56E-4445-850E-4F3117DB740C} "Remote Sessions CPL Extension" - "Microsoft Corporation" - C:\WINDOWS\system32\remotepg.dll {2559a1f3-21d7-11d4-bdaf-00c04f60b9f0} "Run..." - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll {3F953603-1008-4f6e-A73A-04AAC7A992F1} "Scanners & Cameras" - "Microsoft Corporation" - C:\WINDOWS\system32\wiashext.dll {83bbcbf3-b28a-4919-a5aa-73027445d672} "Scanners & Cameras" - "Microsoft Corporation" - C:\WINDOWS\system32\wiashext.dll {905667aa-acd6-11d2-8080-00805f6596d2} "Scanners & Cameras" - "Microsoft Corporation" - C:\WINDOWS\system32\wiashext.dll {E211B736-43FD-11D1-9EFB-0000F8757FCD} "Scanners & Cameras" - "Microsoft Corporation" - C:\WINDOWS\system32\wiashext.dll {FB0C9C8A-6C50-11D1-9F1D-0000F8757FCD} "Scanners & Cameras" - "Microsoft Corporation" - C:\WINDOWS\system32\wiashext.dll {D6277990-4C6A-11CF-8D87-00AA0060F5BF} "Scheduled Tasks" - "Microsoft Corporation" - C:\WINDOWS\system32\mstask.dll {DD2110F0-9EEF-11cf-8D8E-00AA0060F5BF} "Scheduling UI icon handler" - "Microsoft Corporation" - C:\WINDOWS\system32\mstask.dll {797F1E90-9EDD-11cf-8D8E-00AA0060F5BF} "Scheduling UI property sheet handler" - "Microsoft Corporation" - C:\WINDOWS\system32\mstask.dll {2559a1f0-21d7-11d4-bdaf-00c04f60b9f0} "Search" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll {9461b922-3c5a-11d2-bf8b-00c04fb93661} "Search Assistant OC" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll {1F2E5C40-9550-11CE-99D2-00AA006E086C} "Security Shell Extension" - "Microsoft Corporation" - C:\WINDOWS\system32\rshx32.dll {4E40F770-369C-11d0-8922-00A024AB2DBB} "Security Shell Extension" - "Microsoft Corporation" - C:\WINDOWS\system32\dssec.dll {F37C5810-4D3F-11d0-B4BF-00AA00BBB723} "Security Shell Extension" - "Microsoft Corporation" - C:\WINDOWS\system32\rshx32.dll {9E56BE60-C50F-11CF-9A2C-00A0C90A90CE} "Sendmail service" - "Microsoft Corporation" - C:\WINDOWS\system32\sendmail.dll {9E56BE61-C50F-11CF-9A2C-00A0C90A90CE} "Sendmail service" - "Microsoft Corporation" - C:\WINDOWS\system32\sendmail.dll {2559a1f7-21d7-11d4-bdaf-00c04f60b9f0} "Set Program Access and Defaults" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll {352EC2B7-8B9A-11D1-B8AE-006008059382} "Shell Application Manager" - "Microsoft Corporation" - C:\WINDOWS\system32\appwiz.cpl {0A89A860-D7B1-11CE-8350-444553540000} "Shell Automation Inproc Service" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll {00E7B358-F65B-4dcf-83DF-CD026B94BFD4} "Shell Autoplay for Slideshow" - "Microsoft Corporation" - C:\WINDOWS\system32\shimgvw.dll {ECD4FC4E-521C-11D0-B792-00A0C90312E1} "Shell Band Site Menu" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {ECD4FC4C-521C-11D0-B792-00A0C90312E1} "Shell DeskBar" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {3CCF8A41-5C85-11d0-9796-00AA00B90ADF} "Shell DeskBarApp" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {E7E4BC40-E76A-11CE-A9BB-00AA004AE837} "Shell DocObject Viewer" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll {45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\shlext.dll {60254CA5-953B-11CF-8C96-00AA00B8708C} "Shell Extension For Windows Script Host" - "Microsoft Corporation" - C:\WINDOWS\system32\wshext.dll {764BF0E1-F219-11ce-972D-00AA00A14F56} "Shell extensions for file compression" - ? - (File not found | COM-object registry key not found) {59be4990-f85c-11ce-aff7-00aa003ca9f6} "Shell extensions for Microsoft Windows Network objects" - "Microsoft Corporation" - C:\WINDOWS\system32\ntlanui2.dll {40dd6e20-7c17-11ce-a804-00aa003ca9f6} "Shell extensions for sharing" - "Microsoft Corporation" - C:\WINDOWS\system32\ntshrui.dll {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} "Shell extensions for sharing" - "Microsoft Corporation" - C:\WINDOWS\system32\ntshrui.dll {E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} "Shell Icon Handler for Application References" - "Microsoft Corporation" - C:\WINDOWS\system32\dfshim.dll {66e4e4fb-f385-4dd0-8d74-a2efd1bc6178} "Shell Image Data Factory" - "Microsoft Corporation" - C:\WINDOWS\system32\shimgvw.dll {eb9b1153-3b57-4e68-959a-a3266bc3d7fe} "Shell Image Property Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\shimgvw.dll {e84fda7c-1d6a-45f6-b725-cb260c236066} "Shell Image Verbs" - "Microsoft Corporation" - C:\WINDOWS\system32\shimgvw.dll {00BB2763-6A77-11D0-A535-00C04FD7D062} "Shell Microsoft AutoComplete" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {9E51E0D0-6E0F-11d2-9601-00C04FA31A86} "Shell properties for a DS object" - "Microsoft Corporation" - C:\WINDOWS\system32\dsquery.dll {6b33163c-76a5-4b6c-bf21-45de9cd503a1} "Shell Publishing Wizard Object" - "Microsoft Corporation" - C:\WINDOWS\system32\netplwiz.dll {ECD4FC4D-521C-11D0-B792-00A0C90312E1} "Shell Rebar BandSite" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {56117100-C0CD-101B-81E2-00AA004AE837} "Shell Scrap DataHandler" - "Microsoft Corporation" - C:\WINDOWS\system32\shscrap.dll {21569614-B795-46b1-85F4-E737A8DC09AD} "Shell Search Band" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {e82a2d71-5b2f-43a0-97b8-81be15854de8} "ShellLink for Application References" - "Microsoft Corporation" - C:\WINDOWS\system32\dfshim.dll {5E2121EE-0300-11D4-8D3B-444553540000} "SimpleShlExt Class" - "Advanced Micro Devices, Inc." - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll {F5175861-2688-11d0-9C5E-00AA00A45957} "Subscription Folder" - "Microsoft Corporation" - C:\WINDOWS\system32\webcheck.dll {ABBE31D0-6DAE-11D0-BECA-00C04FD940BE} "Subscription Mgr" - "Microsoft Corporation" - C:\WINDOWS\system32\webcheck.dll {9DBD2C50-62AD-11d0-B806-00C04FD706EC} "Summary Info Thumbnail handler (DOCFILES)" - "Microsoft Corporation" - C:\WINDOWS\system32\shimgvw.dll {0DF44EAA-FF21-4412-828E-260A8728E7F1} "Taskbar and Start Menu" - "Microsoft Corporation" - C:\WINDOWS\system32\shell32.dll {7BD29E00-76C1-11CF-9DD0-00A0C9034933} "Temporary Internet Files" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll {7BD29E01-76C1-11CF-9DD0-00A0C9034933} "Temporary Internet Files" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll {3DC7A020-0ACD-11CF-A9BB-00AA004AE837} "The Internet" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll {acf35015-526e-4230-9596-becbe19f0ac9} "Track Popup Bar" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {E8BB6DC0-6B4E-11d0-92DB-00A0C90C2BD7} "TrayAgent" - "Microsoft Corporation" - C:\WINDOWS\system32\webcheck.dll {7376D660-C583-11d0-A3A5-00C04FD706EC} "TridentImageExtractor" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {7A9D77BD-5403-11d2-8785-2E0420524153} "User Accounts" - "Microsoft Corporation" - C:\WINDOWS\system32\netplwiz.dll {DD313E04-FEFF-11d1-8ECD-0000F87A470C} "User Assist" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {40C3D757-D6E4-4b49-BB41-0E5BBEA28817} "Video Media Properties Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\shmedia.dll {c5a40261-cd64-4ccf-84cb-c394da41d590} "Video Thumbnail Extractor" - "Microsoft Corporation" - C:\WINDOWS\system32\shmedia.dll {E4B29F9D-D390-480b-92FD-7DDB47101D71} "Wav Properties Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\shmedia.dll {77597368-7b15-11d0-a0c2-080036af3f03} "Web Printer Shell Extension" - "Microsoft Corporation" - C:\WINDOWS\system32\printui.dll {CC6EEFFB-43F6-46c5-9619-51D571967F7D} "Web Publishing Wizard" - "Microsoft Corporation" - C:\WINDOWS\system32\netplwiz.dll {07798131-AF23-11d1-9111-00A0C98BA67D} "Web Search" - "Microsoft Corporation" - C:\WINDOWS\system32\browseui.dll {E6FB5E20-DE35-11CF-9C87-00AA005127ED} "WebCheck" - "Microsoft Corporation" - C:\WINDOWS\system32\webcheck.dll {7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB} "WebCheck SyncMgr Handler" - "Microsoft Corporation" - C:\WINDOWS\system32\webcheck.dll {E3A8BDE6-ABCE-11d0-BC4B-00C04FD929DB} "WebCheckChannelAgent" - "Microsoft Corporation" - C:\WINDOWS\system32\webcheck.dll {08165EA0-E946-11CF-9C87-00AA005127ED} "WebCheckWebCrawler" - "Microsoft Corporation" - C:\WINDOWS\system32\webcheck.dll {2559a1f2-21d7-11d4-bdaf-00c04f60b9f0} "Windows Security" - "Microsoft Corporation" - C:\WINDOWS\system32\shdocvw.dll {F1B9284F-E9DC-4e68-9D7E-42362A59F0FD} "WMP Add To Playlist Launcher" - "Microsoft Corporation" - C:\WINDOWS\system32\wmpshell.dll {8DD448E6-C188-4aed-AF92-44956194EB1F} "WMP Burn Audio CD Launcher" - "Microsoft Corporation" - C:\WINDOWS\system32\wmpshell.dll {CE3FB1D1-02AE-4a5f-A6E9-D9F1B4073E6C} "WMP Play As Playlist Launcher" - "Microsoft Corporation" - C:\WINDOWS\system32\wmpshell.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad )----- {7849596a-48ea-486e-8937-a2a3009f31a9} "PostBootReminder object" - "Microsoft Corporation" - C:\WINDOWS\system32\shell32.dll {fbeb8a05-beee-4442-804e-409d6c4515e9} "ShellFolder for CD Burning" - "Microsoft Corporation" - C:\WINDOWS\system32\SHELL32.dll {35CEC8A3-2BE6-11D2-8773-92E220524153} "SysTray" - "Microsoft Corporation" - C:\WINDOWS\system32\stobject.dll {E6FB5E20-DE35-11CF-9C87-00AA005127ED} "WebCheck" - "Microsoft Corporation" - C:\WINDOWS\system32\webcheck.dll {AAA288BA-9A4C-45B0-95D7-94D524869DB5} "WPDShServiceObj Class" - "Microsoft Corporation" - C:\WINDOWS\system32\WPDShServiceObj.dll [Internet Explorer] -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_22" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\npjpi160_22.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} "Java Plug-in 1.6.0_22" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\npjpi160_22.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_22" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\npjpi160_22.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- "Exec" - "Microsoft Corporation" - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2ssv.dll {E7E6F031-17CE-4C07-BC86-EABFE594F69C} "JQSIEStartDetectorImpl Class" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [Known DLLs] -----( HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDLLs )----- "advapi32" - "Microsoft Corporation" - C:\WINDOWS\system32\advapi32.dll "comdlg32" - "Microsoft Corporation" - C:\WINDOWS\system32\comdlg32.dll "gdi32" - "Microsoft Corporation" - C:\WINDOWS\system32\gdi32.dll "imagehlp" - "Microsoft Corporation" - C:\WINDOWS\system32\imagehlp.dll "kernel32" - "Microsoft Corporation" - C:\WINDOWS\system32\kernel32.dll "lz32" - "Microsoft Corporation" - C:\WINDOWS\system32\lz32.dll "ole32" - "Microsoft Corporation" - C:\WINDOWS\system32\ole32.dll "oleaut32" - "Microsoft Corporation" - C:\WINDOWS\system32\oleaut32.dll "olecli32" - "Microsoft Corporation" - C:\WINDOWS\system32\olecli32.dll "olecnv32" - "Microsoft Corporation" - C:\WINDOWS\system32\olecnv32.dll "olesvr32" - "Microsoft Corporation" - C:\WINDOWS\system32\olesvr32.dll "olethk32" - "Microsoft Corporation" - C:\WINDOWS\system32\olethk32.dll "rpcrt4" - "Microsoft Corporation" - C:\WINDOWS\system32\rpcrt4.dll "shell32" - "Microsoft Corporation" - C:\WINDOWS\system32\shell32.dll "url" - "Microsoft Corporation" - C:\WINDOWS\system32\url.dll "urlmon" - "Microsoft Corporation" - C:\WINDOWS\system32\urlmon.dll "user32" - "Microsoft Corporation" - C:\WINDOWS\system32\user32.dll "version" - "Microsoft Corporation" - C:\WINDOWS\system32\version.dll "wininet" - "Microsoft Corporation" - C:\WINDOWS\system32\wininet.dll "wldap32" - "Microsoft Corporation" - C:\WINDOWS\system32\wldap32.dll [LSA Providers] -----( HKLM\SYSTEM\CurrentControlSet\Control\Lsa )----- "Authentication packages" - "Microsoft Corporation" - C:\WINDOWS\system32\msv1_0.dll "Notification packages" - "Microsoft Corporation" - C:\WINDOWS\system32\scecli.dll "Security Packages" - "Microsoft Corporation" - C:\WINDOWS\system32\kerberos.dll "Security Packages" - "Microsoft Corporation" - C:\WINDOWS\system32\msv1_0.dll "Security Packages" - "Microsoft Corporation" - C:\WINDOWS\system32\schannel.dll "Security Packages" - "Microsoft Corporation" - C:\WINDOWS\system32\wdigest.dll -----( HKLM\SYSTEM\CurrentControlSet\Control\SecurityProviders )----- "SecurityProviders" - "Microsoft Corporation" - C:\WINDOWS\system32\msapsspc.dll "SecurityProviders" - "Microsoft Corporation" - C:\WINDOWS\system32\schannel.dll "SecurityProviders" - "Microsoft Corporation" - C:\WINDOWS\system32\digest.dll "SecurityProviders" - "Microsoft Corporation" - C:\WINDOWS\system32\msnsspc.dll [Logon] -----( %AllUsersProfile%\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini -----( %UserProfile%\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\desktop.ini -----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce )----- "scan_after_setup" - "Avira GmbH" - "c:\program files\avira\antivir desktop\avcenter.exe" /SCANAFTERSETUP="scan setup2date wait newprocess" -----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon )----- "Shell" - "Microsoft Corporation" - C:\WINDOWS\Explorer.exe "Userinit" - "Microsoft Corporation" - C:\WINDOWS\system32\userinit.exe -----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )----- "StartupPrograms" - "Microsoft Corporation" - C:\WINDOWS\system32\rdpclip.exe -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "Adobe ARM" - "Adobe Systems Incorporated" - "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" "JMB36X IDE Setup" - ? - C:\WINDOWS\RaidTool\xInsIDE.exe (File found, but it contains no detailed information) "RTHDCPL" - "Realtek Semiconductor Corp." - RTHDCPL.EXE "SetDefPrt" - "Brother Industories, Ltd." - C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe "StartCCC" - "Advanced Micro Devices, Inc." - "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun "SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [Network Providers] -----( HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order )----- "Microsoft Terminal Services" - "Microsoft Corporation" - C:\WINDOWS\System32\drprov.dll "Microsoft Windows Network" - "Microsoft Corporation" - C:\WINDOWS\System32\ntlanman.dll "Web Client Network" - "Microsoft Corporation" - C:\WINDOWS\System32\davclnt.dll [Print Monitors] -----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )----- "BJ Language Monitor" - "Microsoft Corporation" - C:\WINDOWS\system32\cnbjmon.dll "Local Port" - "Microsoft Corporation" - C:\WINDOWS\system32\localspl.dll "PJL Language Monitor" - "Microsoft Corporation" - C:\WINDOWS\system32\pjlmon.dll "Standard TCP/IP Port" - "Microsoft Corporation" - C:\WINDOWS\system32\tcpmon.dll "USB Monitor" - "Microsoft Corporation" - C:\WINDOWS\system32\usbmon.dll [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- ".NET Runtime Optimization Service v2.0.50727_X86" (clr_optimization_v2.0.50727_32) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe "Akamai NetSession Interface" (Akamai) - ? - c:\program files\common files\akamai\netsession_win_8832f4b.dll (File found, but it contains no detailed information) "Application Layer Gateway Service" (ALG) - "Microsoft Corporation" - C:\WINDOWS\System32\alg.exe "Application Management" (AppMgmt) - "Microsoft Corporation" - C:\WINDOWS\System32\appmgmts.dll "ASP.NET State Service" (aspnet_state) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe "Ati HotKey Poller" (Ati HotKey Poller) - "ATI Technologies Inc." - C:\WINDOWS\system32\Ati2evxx.exe "Automatic Updates" (wuauserv) - "Microsoft Corporation" - C:\WINDOWS\system32\wuauserv.dll "Background Intelligent Transfer Service" (BITS) - "Microsoft Corporation" - C:\WINDOWS\system32\qmgr.dll "BrSplService" (Brother XP spl Service) - "brother Industries Ltd" - C:\WINDOWS\system32\brsvc01a.exe "ClipBook" (ClipSrv) - "Microsoft Corporation" - C:\WINDOWS\system32\clipsrv.exe "COM+ Event System" (EventSystem) - "Microsoft Corporation" - C:\WINDOWS\system32\es.dll "COM+ System Application" (COMSysApp) - "Microsoft Corporation" - C:\WINDOWS\system32\dllhost.exe "Computer Browser" (Browser) - "Microsoft Corporation" - C:\WINDOWS\System32\browser.dll "CryptSvc" (CryptSvc) - "Microsoft Corporation" - C:\WINDOWS\System32\cryptsvc.dll "DCOM Server Process Launcher" (DcomLaunch) - "Microsoft Corporation" - C:\WINDOWS\system32\rpcss.dll "DHCP Client" (Dhcp) - "Microsoft Corporation" - C:\WINDOWS\System32\dhcpcsvc.dll "Distributed Link Tracking Client" (TrkWks) - "Microsoft Corporation" - C:\WINDOWS\system32\trkwks.dll "Distributed Transaction Coordinator" (MSDTC) - "Microsoft Corporation" - C:\WINDOWS\system32\msdtc.exe "DNS Client" (Dnscache) - "Microsoft Corporation" - C:\WINDOWS\System32\dnsrslvr.dll "Error Reporting Service" (ERSvc) - "Microsoft Corporation" - C:\WINDOWS\System32\ersvc.dll "Event Log" (Eventlog) - "Microsoft Corporation" - C:\WINDOWS\system32\services.exe "Extensible Authentication Protocol Service" (EapHost) - "Microsoft Corporation" - C:\WINDOWS\System32\eapsvc.dll "Fast User Switching Compatibility" (FastUserSwitchingCompatibility) - "Microsoft Corporation" - C:\WINDOWS\System32\shsvcs.dll "Health Key and Certificate Management Service" (hkmsvc) - "Microsoft Corporation" - C:\WINDOWS\System32\kmsvc.dll "Help and Support" (helpsvc) - "Microsoft Corporation" - C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll "HID Input Service" (HidServ) - "Microsoft Corporation" - C:\WINDOWS\System32\hidserv.dll "HTTP SSL" (HTTPFilter) - "Microsoft Corporation" - C:\WINDOWS\System32\w3ssl.dll "IMAPI CD-Burning COM Service" (ImapiService) - "Microsoft Corporation" - C:\WINDOWS\system32\imapi.exe "Indexing Service" (CiSvc) - "Microsoft Corporation" - C:\WINDOWS\system32\cisvc.exe "Infrared Monitor" (Irmon) - "Microsoft Corporation" - C:\WINDOWS\System32\irmon.dll "IPSEC Services" (PolicyAgent) - "Microsoft Corporation" - C:\WINDOWS\system32\lsass.exe "Java Quick Starter" (JavaQuickStarterService) - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jqs.exe "Logical Disk Manager" (dmserver) - "Microsoft Corp." - C:\WINDOWS\System32\dmserver.dll "Logical Disk Manager Administrative Service" (dmadmin) - "Microsoft Corp., Veritas Software" - C:\WINDOWS\System32\dmadmin.exe "MS Software Shadow Copy Provider" (SwPrv) - "Microsoft Corporation" - C:\WINDOWS\system32\dllhost.exe "MySQL" (MySQL) - "MySQL AB" - C:\xampp\mysql\bin\mysqld.exe "Net Logon" (Netlogon) - "Microsoft Corporation" - C:\WINDOWS\system32\lsass.exe "NetMeeting Remote Desktop Sharing" (mnmsrvc) - "Microsoft Corporation" - C:\WINDOWS\system32\mnmsrvc.exe "Network Access Protection Agent" (napagent) - "Microsoft Corporation" - C:\WINDOWS\System32\qagentrt.dll "Network Connections" (Netman) - "Microsoft Corporation" - C:\WINDOWS\System32\netman.dll "Network Location Awareness (NLA)" (Nla) - "Microsoft Corporation" - C:\WINDOWS\System32\mswsock.dll "Network Provisioning Service" (xmlprov) - "Microsoft Corporation" - C:\WINDOWS\System32\xmlprov.dll "NMSAccessU" (NMSAccessU) - ? - C:\Program Files\CDBurnerXP\NMSAccessU.exe (File found, but it contains no detailed information) "NT LM Security Support Provider" (NtLmSsp) - "Microsoft Corporation" - C:\WINDOWS\system32\lsass.exe "Performance Logs and Alerts" (SysmonLog) - "Microsoft Corporation" - C:\WINDOWS\system32\smlogsvc.exe "Plug and Play" (PlugPlay) - "Microsoft Corporation" - C:\WINDOWS\system32\services.exe "Portable Media Serial Number Service" (WmdmPmSN) - "Microsoft Corporation" - C:\WINDOWS\system32\MsPMSNSv.dll "Print Spooler" (Spooler) - "Microsoft Corporation" - C:\WINDOWS\system32\spoolsv.exe "Protected Storage" (ProtectedStorage) - "Microsoft Corporation" - C:\WINDOWS\system32\lsass.exe "QoS RSVP" (RSVP) - "Microsoft Corporation" - C:\WINDOWS\system32\rsvp.exe "Remote Access Auto Connection Manager" (RasAuto) - "Microsoft Corporation" - C:\WINDOWS\System32\rasauto.dll "Remote Access Connection Manager" (RasMan) - "Microsoft Corporation" - C:\WINDOWS\System32\rasmans.dll "Remote Desktop Help Session Manager" (RDSessMgr) - "Microsoft Corporation" - C:\WINDOWS\system32\sessmgr.exe "Remote Procedure Call (RPC)" (RpcSs) - "Microsoft Corporation" - C:\WINDOWS\System32\rpcss.dll "Remote Procedure Call (RPC) Locator" (RpcLocator) - "Microsoft Corporation" - C:\WINDOWS\system32\locator.exe "Remote Registry" (RemoteRegistry) - "Microsoft Corporation" - C:\WINDOWS\system32\regsvc.dll "Removable Storage" (NtmsSvc) - "Microsoft Corporation" - C:\WINDOWS\system32\ntmssvc.dll "Secondary Logon" (seclogon) - "Microsoft Corporation" - C:\WINDOWS\System32\seclogon.dll "Security Accounts Manager" (SamSs) - "Microsoft Corporation" - C:\WINDOWS\system32\lsass.exe "Security Center" (wscsvc) - "Microsoft Corporation" - C:\WINDOWS\system32\wscsvc.dll "Server" (LanmanServer) - "Microsoft Corporation" - C:\WINDOWS\System32\srvsvc.dll "Shell Hardware Detection" (ShellHWDetection) - "Microsoft Corporation" - C:\WINDOWS\System32\shsvcs.dll "Smart Card" (SCardSvr) - "Microsoft Corporation" - C:\WINDOWS\System32\SCardSvr.exe "SSDP Discovery Service" (SSDPSRV) - "Microsoft Corporation" - C:\WINDOWS\System32\ssdpsrv.dll "System Event Notification" (SENS) - "Microsoft Corporation" - C:\WINDOWS\system32\sens.dll "System Restore Service" (srservice) - "Microsoft Corporation" - C:\WINDOWS\system32\srsvc.dll "Task Scheduler" (Schedule) - "Microsoft Corporation" - C:\WINDOWS\system32\schedsvc.dll "TCP/IP NetBIOS Helper" (LmHosts) - "Microsoft Corporation" - C:\WINDOWS\System32\lmhsvc.dll "Telephony" (TapiSrv) - "Microsoft Corporation" - C:\WINDOWS\System32\tapisrv.dll "Telnet" (TlntSvr) - "Microsoft Corporation" - C:\WINDOWS\system32\tlntsvr.exe "Terminal Services" (TermService) - "Microsoft Corporation" - C:\WINDOWS\System32\termsrv.dll "Themes" (Themes) - "Microsoft Corporation" - C:\WINDOWS\System32\shsvcs.dll "TipCtrl" (TipCtrl) - ? - "C:\Program Files\uTIPu\TipCtrl.exe" (File not found) "Uninterruptible Power Supply" (UPS) - "Microsoft Corporation" - C:\WINDOWS\System32\ups.exe "Universal Plug and Play Device Host" (upnphost) - "Microsoft Corporation" - C:\WINDOWS\System32\upnphost.dll "Volume Shadow Copy" (VSS) - "Microsoft Corporation" - C:\WINDOWS\System32\vssvc.exe "WebClient" (WebClient) - "Microsoft Corporation" - C:\WINDOWS\System32\webclnt.dll "Windows Audio" (AudioSrv) - "Microsoft Corporation" - C:\WINDOWS\System32\audiosrv.dll "Windows Firewall/Internet Connection Sharing (ICS)" (SharedAccess) - "Microsoft Corporation" - C:\WINDOWS\System32\ipnathlp.dll "Windows Image Acquisition (WIA)" (stisvc) - "Microsoft Corporation" - C:\WINDOWS\system32\wiaservc.dll "Windows Installer" (MSIServer) - "Microsoft Corporation" - C:\WINDOWS\system32\msiexec.exe "Windows Management Instrumentation" (winmgmt) - "Microsoft Corporation" - C:\WINDOWS\system32\wbem\WMIsvc.dll "Windows Management Instrumentation Driver Extensions" (Wmi) - "Microsoft Corporation" - C:\WINDOWS\System32\advapi32.dll "Windows Time" (W32Time) - "Microsoft Corporation" - C:\WINDOWS\system32\w32time.dll "Wired AutoConfig" (Dot3svc) - "Microsoft Corporation" - C:\WINDOWS\System32\dot3svc.dll "Wireless Zero Configuration" (WZCSVC) - "Microsoft Corporation" - C:\WINDOWS\System32\wzcsvc.dll "WMI Performance Adapter" (WmiApSrv) - "Microsoft Corporation" - C:\WINDOWS\system32\wbem\wmiapsrv.exe "Workstation" (lanmanworkstation) - "Microsoft Corporation" - C:\WINDOWS\System32\wkssvc.dll "XAMPP Service" (XAMPP) - ? - C:\xampp\service.exe (File not found) [Winlogon] -----( HKCU\Control Panel\Desktop )----- "SCRNSAVE.EXE" - "Microsoft Corporation" - C:\WINDOWS\System32\logon.scr -----( HKCU\Control Panel\IOProcs )----- "MVB" - ? - mvfs32.dll (File not found) -----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon )----- "UIHost" - "Microsoft Corporation" - C:\WINDOWS\system32\logonui.exe "VmApplet" - "Microsoft Corporation" - C:\WINDOWS\system32\sysdm.cpl -----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions )----- {B587E2B1-4D59-4e7e-AED9-22B9DF11D053} "802.3 Group Policy" - "Microsoft Corporation" - C:\WINDOWS\system32\dot3gpclnt.dll {B1BE8D72-6EAC-11D2-A4EA-00C04F79F83A} "EFS recovery" - "Microsoft Corporation" - C:\WINDOWS\system32\scecli.dll {25537BA6-77A8-11D2-9B6C-0000F8080861} "Folder Redirection" - "Microsoft Corporation" - C:\WINDOWS\system32\fdeploy.dll {A2E30F80-D7DE-11d2-BBDE-00C04F86AE3B} "Internet Explorer Branding" - "Microsoft Corporation" - C:\WINDOWS\system32\iedkcs32.dll {4CFB60C1-FAA6-47f1-89AA-0B18730C9FD3} "Internet Explorer Zonemapping" - "Microsoft Corporation" - C:\WINDOWS\system32\iedkcs32.dll {e437bc1c-aa7d-11d2-a382-00c04f991e27} "IP Security" - "Microsoft Corporation" - C:\WINDOWS\system32\gptext.dll {3610eda5-77ef-11d2-8dc5-00c04fa31a66} "Microsoft Disk Quota" - "Microsoft Corporation" - C:\WINDOWS\system32\dskquota.dll {C631DF4C-088F-4156-B058-4375F0853CD8} "Microsoft Offline Files" - "Microsoft Corporation" - C:\WINDOWS\System32\cscui.dll {426031c0-0b47-4852-b0ca-ac3d37bfcb39} "QoS Packet Scheduler" - "Microsoft Corporation" - C:\WINDOWS\system32\gptext.dll {42B5FAAE-6536-11d2-AE5A-0000F87571E3} "Scripts" - "Microsoft Corporation" - C:\WINDOWS\system32\gptext.dll {827D319E-6EAC-11D2-A4EA-00C04F79F83A} "Security" - "Microsoft Corporation" - C:\WINDOWS\system32\scecli.dll {c6dc5466-785a-11d2-84d0-00c04fb169f7} "Software Installation" - "Microsoft Corporation" - C:\WINDOWS\system32\appmgmts.dll {0ACDD40C-75AC-47ab-BAA0-BF6DE7E7FE63} "Wireless" - "Microsoft Corporation" - C:\WINDOWS\system32\gptext.dll -----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify )----- "AtiExtEvent" - "ATI Technologies Inc." - C:\WINDOWS\system32\Ati2evxx.dll "crypt32chain" - "Microsoft Corporation" - C:\WINDOWS\system32\crypt32.dll "cryptnet" - "Microsoft Corporation" - C:\WINDOWS\system32\cryptnet.dll "cscdll" - "Microsoft Corporation" - C:\WINDOWS\system32\cscdll.dll "dimsntfy" - "Microsoft Corporation" - C:\WINDOWS\System32\dimsntfy.dll "ScCertProp" - "Microsoft Corporation" - C:\WINDOWS\system32\wlnotify.dll "Schedule" - "Microsoft Corporation" - C:\WINDOWS\system32\wlnotify.dll "sclgntfy" - "Microsoft Corporation" - C:\WINDOWS\system32\sclgntfy.dll "SensLogn" - "Microsoft Corporation" - C:\WINDOWS\system32\WlNotify.dll "termsrv" - "Microsoft Corporation" - C:\WINDOWS\system32\wlnotify.dll "wlballoon" - "Microsoft Corporation" - C:\WINDOWS\system32\wlnotify.dll [Winsock Providers] -----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )----- "Network Location Awareness (NLA) Namespace" - "Microsoft Corporation" - C:\WINDOWS\System32\mswsock.dll "NTDS" - "Microsoft Corporation" - C:\WINDOWS\System32\winrnr.dll "Tcpip" - "Microsoft Corporation" - C:\WINDOWS\System32\mswsock.dll -----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries )----- "MSAFD Irda [IrDA]" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll "MSAFD NetBIOS [\Device\NetBT_Tcpip_{07974B52-E0B2-467B-8F89-1274A6046C9F}] DATAGRAM 6" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll "MSAFD NetBIOS [\Device\NetBT_Tcpip_{07974B52-E0B2-467B-8F89-1274A6046C9F}] SEQPACKET 6" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll "MSAFD NetBIOS [\Device\NetBT_Tcpip_{0B9C5207-C49E-4934-B94B-7F1A7D231CD7}] DATAGRAM 0" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll "MSAFD NetBIOS [\Device\NetBT_Tcpip_{0B9C5207-C49E-4934-B94B-7F1A7D231CD7}] SEQPACKET 0" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll "MSAFD NetBIOS [\Device\NetBT_Tcpip_{15F8D7AF-5DE1-44EE-AC27-AF2DDE2BB640}] DATAGRAM 8" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll "MSAFD NetBIOS [\Device\NetBT_Tcpip_{15F8D7AF-5DE1-44EE-AC27-AF2DDE2BB640}] SEQPACKET 8" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll "MSAFD NetBIOS [\Device\NetBT_Tcpip_{49914E6B-9F49-48B0-A097-5E9E6CC6C641}] DATAGRAM 4" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll "MSAFD NetBIOS [\Device\NetBT_Tcpip_{49914E6B-9F49-48B0-A097-5E9E6CC6C641}] SEQPACKET 4" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll "MSAFD NetBIOS [\Device\NetBT_Tcpip_{7E62BA3A-6C0C-4009-A4BF-259D6D0C2DE4}] DATAGRAM 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll "MSAFD NetBIOS [\Device\NetBT_Tcpip_{7E62BA3A-6C0C-4009-A4BF-259D6D0C2DE4}] SEQPACKET 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll "MSAFD NetBIOS [\Device\NetBT_Tcpip_{811B27A2-641D-43AA-A243-0720A4F061EE}] DATAGRAM 7" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll "MSAFD NetBIOS [\Device\NetBT_Tcpip_{811B27A2-641D-43AA-A243-0720A4F061EE}] SEQPACKET 7" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll "MSAFD NetBIOS [\Device\NetBT_Tcpip_{83622F88-46EE-4CDC-A746-299ECF62BD50}] DATAGRAM 3" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll "MSAFD NetBIOS [\Device\NetBT_Tcpip_{83622F88-46EE-4CDC-A746-299ECF62BD50}] SEQPACKET 3" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll "MSAFD NetBIOS [\Device\NetBT_Tcpip_{D22F3642-578E-4DFE-8BE9-91F5450C00DF}] DATAGRAM 5" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll "MSAFD NetBIOS [\Device\NetBT_Tcpip_{D22F3642-578E-4DFE-8BE9-91F5450C00DF}] SEQPACKET 5" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll "MSAFD NetBIOS [\Device\NetBT_Tcpip_{EEFE1A3A-CBB3-4D5F-9CD2-3259C9E6B366}] DATAGRAM 2" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll "MSAFD NetBIOS [\Device\NetBT_Tcpip_{EEFE1A3A-CBB3-4D5F-9CD2-3259C9E6B366}] SEQPACKET 2" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll "MSAFD Tcpip [RAW/IP]" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll "MSAFD Tcpip [TCP/IP]" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll "MSAFD Tcpip [UDP/IP]" - "Microsoft Corporation" - C:\WINDOWS\system32\mswsock.dll "RSVP TCP Service Provider" - "Microsoft Corporation" - C:\WINDOWS\system32\rsvpsp.dll "RSVP UDP Service Provider" - "Microsoft Corporation" - C:\WINDOWS\system32\rsvpsp.dll ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru Code:
ATTFilter MBRCheck, version 1.2.3
(c) 2010, AD
Command-line:
Windows Version: Windows XP Professional
Windows Information: Service Pack 3 (build 2600)
Logical Drives Mask: 0x0000007c
Kernel Drivers (total 131):
0x804D7000 \WINDOWS\system32\ntoskrnl.exe
0x806FF000 \WINDOWS\system32\hal.dll
0xF7987000 \WINDOWS\system32\KDCOM.DLL
0xF7897000 \WINDOWS\system32\BOOTVID.dll
0xF7366000 sphh.sys
0xF7989000 \WINDOWS\System32\Drivers\WMILIB.SYS
0xF734E000 \WINDOWS\System32\Drivers\SCSIPORT.SYS
0xF7320000 ACPI.sys
0xF730F000 pci.sys
0xF7487000 ohci1394.sys
0xF7497000 \WINDOWS\system32\DRIVERS\1394BUS.SYS
0xF74A7000 isapnp.sys
0xF7A4F000 pciide.sys
0xF7707000 \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
0xF74B7000 MountMgr.sys
0xF72F0000 ftdisk.sys
0xF798B000 dmload.sys
0xF72CA000 dmio.sys
0xF770F000 PartMgr.sys
0xF74C7000 VolSnap.sys
0xF72B2000 atapi.sys
0xF7298000 jraid.sys
0xF74D7000 disk.sys
0xF74E7000 \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
0xF7278000 fltMgr.sys
0xF7266000 sr.sys
0xF74F7000 PxHelp20.sys
0xF724F000 KSecDD.sys
0xF71C2000 Ntfs.sys
0xF7195000 NDIS.sys
0xF789B000 speedfan.sys
0xF717B000 Mup.sys
0xF7A50000 giveio.sys
0xF75A7000 \SystemRoot\system32\DRIVERS\intelppm.sys
0xF652F000 \SystemRoot\system32\DRIVERS\ati2mtag.sys
0xF651B000 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
0xF64F3000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0xF777F000 \SystemRoot\system32\DRIVERS\usbehci.sys
0xF64CF000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0xF64B2000 \SystemRoot\system32\DRIVERS\Rtenicxp.sys
0xF75B7000 \SystemRoot\system32\DRIVERS\nic1394.sys
0xF75C7000 \SystemRoot\system32\DRIVERS\serial.sys
0xF69BE000 \SystemRoot\system32\DRIVERS\serenum.sys
0xF75D7000 \SystemRoot\system32\DRIVERS\imapi.sys
0xF75E7000 \SystemRoot\system32\DRIVERS\cdrom.sys
0xF75F7000 \SystemRoot\system32\DRIVERS\redbook.sys
0xF648F000 \SystemRoot\system32\DRIVERS\ks.sys
0xF7607000 \SystemRoot\system32\DRIVERS\dfmirage.sys
0xF7B49000 \SystemRoot\system32\DRIVERS\audstub.sys
0xF7787000 \SystemRoot\system32\DRIVERS\rasirda.sys
0xF778F000 \SystemRoot\system32\DRIVERS\TDI.SYS
0xF7617000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0xF7943000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0xF6478000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0xF6A6E000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0xF6A5E000 \SystemRoot\system32\DRIVERS\raspptp.sys
0xF6467000 \SystemRoot\system32\DRIVERS\psched.sys
0xF6A4E000 \SystemRoot\system32\DRIVERS\msgpc.sys
0xF7797000 \SystemRoot\system32\DRIVERS\ptilink.sys
0xF779F000 \SystemRoot\system32\DRIVERS\raspti.sys
0xF6437000 \SystemRoot\system32\DRIVERS\rdpdr.sys
0xF6A3E000 \SystemRoot\system32\DRIVERS\termdd.sys
0xF77A7000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0xF77AF000 \SystemRoot\system32\DRIVERS\mouclass.sys
0xF79CD000 \SystemRoot\system32\DRIVERS\swenum.sys
0xF63D9000 \SystemRoot\system32\DRIVERS\update.sys
0xF795B000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0xF6A2E000 \SystemRoot\system32\DRIVERS\usbhub.sys
0xF79D1000 \SystemRoot\system32\DRIVERS\USBD.SYS
0xF6A1E000 \SystemRoot\System32\Drivers\NDProxy.SYS
0xAE499000 \SystemRoot\system32\drivers\AtiHdmi.sys
0xAE475000 \SystemRoot\system32\drivers\portcls.sys
0xF69DE000 \SystemRoot\system32\drivers\drmk.sys
0xADF58000 \SystemRoot\system32\drivers\RtkHDAud.sys
0xF79DF000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0xF7BCA000 \SystemRoot\System32\Drivers\Null.SYS
0xF79E1000 \SystemRoot\System32\Drivers\Beep.SYS
0xF7817000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0xF780F000 \SystemRoot\System32\drivers\vga.sys
0xF79E5000 \SystemRoot\System32\Drivers\mnmdd.SYS
0xF79E9000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0xF7877000 \SystemRoot\System32\Drivers\Msfs.SYS
0xF781F000 \SystemRoot\System32\Drivers\Npfs.SYS
0xF69CA000 \SystemRoot\system32\DRIVERS\rasacd.sys
0xAD9DF000 \SystemRoot\system32\DRIVERS\ipsec.sys
0xAD986000 \SystemRoot\system32\DRIVERS\tcpip.sys
0xAD95E000 \SystemRoot\system32\DRIVERS\netbt.sys
0xAD938000 \SystemRoot\system32\DRIVERS\ipnat.sys
0xF76B7000 \SystemRoot\system32\DRIVERS\wanarp.sys
0xAD916000 \SystemRoot\System32\drivers\afd.sys
0xF76D7000 \SystemRoot\system32\DRIVERS\netbios.sys
0xF76E7000 \SystemRoot\system32\DRIVERS\arp1394.sys
0xF7827000 \SystemRoot\system32\DRIVERS\ssmdrv.sys
0xAD896000 \SystemRoot\system32\DRIVERS\rdbss.sys
0xAD826000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xF7577000 \SystemRoot\System32\Drivers\Fips.SYS
0xF776F000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0xADF54000 \SystemRoot\system32\DRIVERS\hidusb.sys
0xADF00000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0xAC493000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0xAC48B000 \SystemRoot\system32\DRIVERS\mouhid.sys
0xA300F000 \SystemRoot\system32\DRIVERS\avipbb.sys
0xA787E000 \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys
0xA2FEB000 \SystemRoot\System32\Drivers\Fastfat.SYS
0xA2FD3000 \SystemRoot\System32\Drivers\dump_atapi.sys
0xA32A4000 \SystemRoot\System32\Drivers\dump_WMILIB.SYS
0xBF800000 \SystemRoot\System32\win32k.sys
0xA3379000 \SystemRoot\System32\drivers\Dxapi.sys
0xA40DD000 \SystemRoot\System32\watchdog.sys
0xBF000000 \SystemRoot\System32\drivers\dxg.sys
0xAB4FD000 \SystemRoot\System32\drivers\dxgthk.sys
0xBF012000 \SystemRoot\System32\ati2dvag.dll
0xBF060000 \SystemRoot\System32\ati2cqag.dll
0xBF0FC000 \SystemRoot\System32\atikvmag.dll
0xBF196000 \SystemRoot\System32\atiok3x2.dll
0xBF1FC000 \SystemRoot\System32\ati3duag.dll
0xBF557000 \SystemRoot\System32\ativvaxx.dll
0xBFFA0000 \SystemRoot\System32\ATMFD.DLL
0xA05AD000 \SystemRoot\system32\DRIVERS\avgntflt.sys
0xA0597000 \SystemRoot\system32\DRIVERS\irda.sys
0xAC49B000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0xA04F2000 \SystemRoot\system32\DRIVERS\mrxdav.sys
0xA0450000 \SystemRoot\system32\DRIVERS\srv.sys
0xAA032000 \SystemRoot\system32\DRIVERS\secdrv.sys
0xA03C3000 \SystemRoot\system32\drivers\wdmaud.sys
0xAA072000 \SystemRoot\system32\drivers\sysaudio.sys
0xA003A000 \SystemRoot\System32\Drivers\HTTP.sys
0x9FFBA000 \SystemRoot\System32\Drivers\Cdfs.SYS
0x9FDBD000 \SystemRoot\system32\drivers\kmixer.sys
0xF77EF000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS
0x7C900000 \WINDOWS\system32\ntdll.dll
Processes (total 32):
0 System Idle Process
4 System
756 C:\WINDOWS\system32\smss.exe
812 csrss.exe
848 C:\WINDOWS\system32\winlogon.exe
892 C:\WINDOWS\system32\services.exe
904 C:\WINDOWS\system32\lsass.exe
1104 C:\WINDOWS\system32\ati2evxx.exe
1124 C:\WINDOWS\system32\svchost.exe
1192 svchost.exe
1240 C:\WINDOWS\system32\svchost.exe
1332 svchost.exe
1360 svchost.exe
1476 C:\WINDOWS\system32\ati2evxx.exe
1616 C:\WINDOWS\system32\brsvc01a.exe
1632 C:\WINDOWS\system32\brss01a.exe
1640 C:\WINDOWS\system32\spoolsv.exe
1756 C:\WINDOWS\system32\svchost.exe
1796 C:\Program Files\Java\jre6\bin\jqs.exe
1832 C:\xampp\mysql\bin\mysqld.exe
1856 C:\Program Files\CDBurnerXP\NMSAccessU.exe
1972 C:\WINDOWS\system32\svchost.exe
540 C:\WINDOWS\system32\wscntfy.exe
396 C:\WINDOWS\explorer.exe
1592 alg.exe
1868 C:\WINDOWS\RTHDCPL.EXE
1900 C:\Program Files\Common Files\Java\Java Update\jusched.exe
1904 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
2132 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
3600 C:\WINDOWS\system32\svchost.exe
3596 C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32Info.exe
1884 C:\Documents and Settings\Martin\Desktop\MBRCheck.exe
\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (NTFS)
\\.\F: --> \\.\PhysicalDrive0 at offset 0x0000000c`34f34a00 (NTFS)
\\.\G: --> \\.\PhysicalDrive0 at offset 0x00000074`5df7b400 (FAT32)
PhysicalDrive0 Model Number: ST3500418AS, Rev: CC37
Size Device Name MBR Status
--------------------------------------------
465 GB \\.\PhysicalDrive0 Windows XP MBR code detected
SHA1: DA38B874B7713D1B51CBC449F4EF809B0DEC644A
Done!
|
|
26.05.2011, 11:33
| #17 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | SpyEyes-Trojaner gefunden (Antivir läßt sich nicht mehr updaten) Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs.
__________________Denk dran beide Tools zu updaten vor dem Scan!! Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt: ESET Online Scanner
__________________ |
|
26.05.2011, 21:39
| #18 |
| | SpyEyes-Trojaner gefunden (Antivir läßt sich nicht mehr updaten) Leider oder zum Glück weitere Viren gefunden.
__________________Ein Fehler den ich evtl begangen habe: Die Programme lade ich alle über ein notebook runter um sie dann per usb-stick auf dem infizierten rechner zu übertragen. Da die Programme teilweise updates brauchten, bin ich (für 1-2 min.) ohne Schutz ins Internet gegangen, aber ohne den Browser oder sonst etwas zu öffnen. malwarebytes-log: Code:
ATTFilter Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Database version: 6683
Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512
5/26/2011 3:05:49 PM
mbam-log-2011-05-26 (15-05-49).txt
Scan type: Full scan (C:\|F:\|G:\|)
Objects scanned: 313513
Time elapsed: 2 hour(s), 16 minute(s), 30 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
Super-Anti-Spyware-log Code:
ATTFilter SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 05/26/2011 at 06:15 PM
Application Version : 4.53.1000
Core Rules Database Version : 7144
Trace Rules Database Version: 4956
Scan type : Complete Scan
Total Scan Time : 02:37:11
Memory items scanned : 507
Memory threats detected : 0
Registry items scanned : 5627
Registry threats detected : 0
File items scanned : 200521
File threats detected : 30
Adware.Tracking Cookie
account.goodgamestudios.com [ C:\Documents and Settings\Martin\Application Data\Macromedia\Flash Player\#SharedObjects\CYY4XYQF ]
adserv.quality-channel.de [ C:\Documents and Settings\Martin\Application Data\Macromedia\Flash Player\#SharedObjects\CYY4XYQF ]
akamai.smartadserver.com [ C:\Documents and Settings\Martin\Application Data\Macromedia\Flash Player\#SharedObjects\CYY4XYQF ]
banners.securedataimages.com [ C:\Documents and Settings\Martin\Application Data\Macromedia\Flash Player\#SharedObjects\CYY4XYQF ]
broadcast.piximedia.fr [ C:\Documents and Settings\Martin\Application Data\Macromedia\Flash Player\#SharedObjects\CYY4XYQF ]
cdn-www.pornhub.com [ C:\Documents and Settings\Martin\Application Data\Macromedia\Flash Player\#SharedObjects\CYY4XYQF ]
cdn.eyewonder.com [ C:\Documents and Settings\Martin\Application Data\Macromedia\Flash Player\#SharedObjects\CYY4XYQF ]
cdn.insights.gravity.com [ C:\Documents and Settings\Martin\Application Data\Macromedia\Flash Player\#SharedObjects\CYY4XYQF ]
cdn1.eyewonder.com [ C:\Documents and Settings\Martin\Application Data\Macromedia\Flash Player\#SharedObjects\CYY4XYQF ]
cdn4.specificclick.net [ C:\Documents and Settings\Martin\Application Data\Macromedia\Flash Player\#SharedObjects\CYY4XYQF ]
cdn5.specificclick.net [ C:\Documents and Settings\Martin\Application Data\Macromedia\Flash Player\#SharedObjects\CYY4XYQF ]
ec.atdmt.com [ C:\Documents and Settings\Martin\Application Data\Macromedia\Flash Player\#SharedObjects\CYY4XYQF ]
games.mochimedia.com [ C:\Documents and Settings\Martin\Application Data\Macromedia\Flash Player\#SharedObjects\CYY4XYQF ]
ia.media-imdb.com [ C:\Documents and Settings\Martin\Application Data\Macromedia\Flash Player\#SharedObjects\CYY4XYQF ]
iolanda.urban-media-berlin.de [ C:\Documents and Settings\Martin\Application Data\Macromedia\Flash Player\#SharedObjects\CYY4XYQF ]
macromedia.com [ C:\Documents and Settings\Martin\Application Data\Macromedia\Flash Player\#SharedObjects\CYY4XYQF ]
media.kelbymediagroup.com [ C:\Documents and Settings\Martin\Application Data\Macromedia\Flash Player\#SharedObjects\CYY4XYQF ]
media.mtvnservices.com [ C:\Documents and Settings\Martin\Application Data\Macromedia\Flash Player\#SharedObjects\CYY4XYQF ]
media.scanscout.com [ C:\Documents and Settings\Martin\Application Data\Macromedia\Flash Player\#SharedObjects\CYY4XYQF ]
media.whosay.com [ C:\Documents and Settings\Martin\Application Data\Macromedia\Flash Player\#SharedObjects\CYY4XYQF ]
mediadb.kicker.de [ C:\Documents and Settings\Martin\Application Data\Macromedia\Flash Player\#SharedObjects\CYY4XYQF ]
msnbcmedia.msn.com [ C:\Documents and Settings\Martin\Application Data\Macromedia\Flash Player\#SharedObjects\CYY4XYQF ]
s0.2mdn.net [ C:\Documents and Settings\Martin\Application Data\Macromedia\Flash Player\#SharedObjects\CYY4XYQF ]
secure-uk.imrworldwide.com [ C:\Documents and Settings\Martin\Application Data\Macromedia\Flash Player\#SharedObjects\CYY4XYQF ]
secure-us.imrworldwide.com [ C:\Documents and Settings\Martin\Application Data\Macromedia\Flash Player\#SharedObjects\CYY4XYQF ]
serving-sys.com [ C:\Documents and Settings\Martin\Application Data\Macromedia\Flash Player\#SharedObjects\CYY4XYQF ]
swrmediathek.de [ C:\Documents and Settings\Martin\Application Data\Macromedia\Flash Player\#SharedObjects\CYY4XYQF ]
www.ardmediathek.de [ C:\Documents and Settings\Martin\Application Data\Macromedia\Flash Player\#SharedObjects\CYY4XYQF ]
www.naiadsystems.com [ C:\Documents and Settings\Martin\Application Data\Macromedia\Flash Player\#SharedObjects\CYY4XYQF ]
www.secmedia.de [ C:\Documents and Settings\Martin\Application Data\Macromedia\Flash Player\#SharedObjects\CYY4XYQF ]
Trojan.Agent/Gen-Krpytik
C:\SYSTEM VOLUME INFORMATION\_RESTORE{B83DA741-C247-48BC-B6D4-9FBFEAD0D7F8}\RP246\A0134399.EXE
 meine laienhafte Anmerkung: den Java-cache hatte ich bereits geleert)Code:
ATTFilter ESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
Can not open internet# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6427
# api_version=3.0.2
# EOSSerial=703000d463dfef489f193f88f8f8eefa
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-05-26 08:22:18
# local_time=2011-05-26 10:22:18 (+0100, W. Europe Standard Time)
# country="Germany"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=512 16777215 100 0 0 0 0 0
# compatibility_mode=1797 16774106 100 93 201125 65526325 0 0
# compatibility_mode=3073 16777214 0 7 115189 115194 0 0
# compatibility_mode=8192 67108863 100 0 434 434 0 0
# scanned=171149
# found=2
# cleaned=2
# scan_time=8107
C:\Documents and Settings\Martin\Application Data\Sun\Java\Deployment\cache\6.0\12\3cc664c-6c7ae634.vir a variant of Java/Exploit.CVE-2010-4452.A trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Martin\Application Data\Sun\Java\Deployment\cache\6.0\56\30b8cfb8-638ae732.vir a variant of Win32/Kryptik.NDO trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
|
|
27.05.2011, 08:15
| #19 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | SpyEyes-Trojaner gefunden (Antivir läßt sich nicht mehr updaten) Sieht ok aus, da wurden nur Cookies und ein paar temp. Überreste gefunden. Noch Probleme oder weitere Funde in der Zwischenzeit?
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
27.05.2011, 10:36
| #20 |
| | SpyEyes-Trojaner gefunden (Antivir läßt sich nicht mehr updaten) Soweit ist alles in Ordnung. Vielen Dank. Der Rechner kommt mir etwas langsam vor, aber ich muss da ohnehin mal etwas aufräumen. |
|
27.05.2011, 14:46
| #21 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | SpyEyes-Trojaner gefunden (Antivir läßt sich nicht mehr updaten)Zitat:
Dann wären wir durch!  Bitte abschließend die Updates prüfen, unten mein Leitfaden dazu. Für noch mehr Sicherheit solltest Du nach der beseitigten Infektion auch möglichst alle Passwörter ändern. Microsoftupdate Windows XP: Besuch mit dem IE die MS-Updateseite und lass Dir alle wichtigen Updates installieren. Windows Vista/7: Anleitung Windows-Update PDF-Reader aktualisieren Dein Adobe Reader ist nicht aktuell, was ein großes Sicherheitsrisiko darstellt. Du solltest daher besser die alte Version über Systemsteuerung => Software deinstallieren, indem Du dort auf "Adobe Reader x.0" klickst und das Programm entfernst. Ich empfehle einen alternativen PDF-Reader wie SumatraPDF oder Foxit PDF Reader, beide sind sehr viel schlanker und flotter als der AdobeReader. Bitte überprüf bei der Gelegenheit auch die Aktualität des Flashplayers, hier der direkte Downloadlink: Mozilla und andere Browser => http://filepony.de/?q=Flash+Player Internet Explorer => http://fpdownload.adobe.com/get/flas..._player_ax.exe Java-Update Veraltete Java-Installationen sind ein Sicherheitsrisiko, daher solltest Du die alten Versionen löschen (falls vorhanden, am besten mit JavaRa) und auf die neuste aktualisieren. Beende dazu alle Programme (v.a. die Browser), klick danach auf Start, Systemsteuerung, Software und deinstalliere darüber alle aufgelisteten Java-Versionen. Lad Dir danach von hier das aktuelle Java SE Runtime Environment (JRE) herunter und installiere es.
__________________ --> SpyEyes-Trojaner gefunden (Antivir läßt sich nicht mehr updaten) |
|
27.05.2011, 18:06
| #22 |
| | SpyEyes-Trojaner gefunden (Antivir läßt sich nicht mehr updaten) Werde ich machen. Vielen Dank für die tolle Hilfe. |
|
| Themen zu SpyEyes-Trojaner gefunden (Antivir läßt sich nicht mehr updaten) |
| anti-malware, antivir, avira, dateien, detected, explorer, file, file is encrypted, gmer, horse, java, java virus, linux, malwarebytes, nicht mehr, programme, rechner, start, system volume information, temp, trojan horse, update, updaten, version, virus, _restore |
Linear-Darstellung
