RSIT logfile auswertung - 10 warnungen!
 

Befürchte ich hab mir was eingefangen, bei der logfile auswertung von RSIT wurden mehrere sachen als schädlich gemeldet:
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\fi rewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\fi rewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoint s2\{c31f466b-3359-11de-add0-c22822f5c904}]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoint s2\{fc0ff496-9d6d-11de-987e-806d6172696f}]
2010-05-11 23:01:04 ----HD---- C:\WINDOWS\inf
2010-05-11 23:01:02 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-04-26 05:29:04 ----SHD---- C:\System Volume Information
R2 UxTuneUp;TuneUp Designerweiterung; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]

irgendeine idea
Malewarebytes' AntiMaleware und Spyware terminator haben nichts gefunden


gesamtes logfile:

Logfile of random's system information tool 1.06 (written by random/random)
Run by sleepyhead at 2010-05-15 15:06:17
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 44 GB (58%) free of 76 GB
Total RAM: 2046 MB (48% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:06:19, on 15.05.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
D:\Programme\Avira\AntiVir Desktop\avguard.exe
D:\Programme\Avira\AntiVir Desktop\avshadow.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
D:\Programme\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
D:\Programme\Spyware Terminator\SpywareTerminatorShield.exe
D:\Programme\Avira\AntiVir Desktop\avgnt.exe
D:\Programme\TrueCrypt\TrueCrypt.exe
D:\Programme\AnalogX\CookieWall\cookie.exe
D:\Programme\Windows Uptime\Windows Uptime.exe
D:\Programme\aMSN\bin\wish.exe
C:\Programme\Gemeinsame Dateien\Nero\Nero BackItUp 4\NBService.exe
C:\WINDOWS\system32\nvsvc32.exe
D:\Programme\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\CNAB4RPK.EXE
C:\WINDOWS\System32\TUProgSt.exe
C:\WINDOWS\System32\svchost.exe
D:\Programme\xchat\xchat.exe
C:\WINDOWS\system32\dllhost.exe
C:\Programme\Java\jre6\bin\jqs.exe
d:\programme\avira\antivir desktop\avcenter.exe
C:\WINDOWS\explorer.exe
D:\Programme\Winamp\winamp.exe
D:\Programme\Opera\opera.exe
D:\Programme\VideoLAN\VLC\vlc.exe
D:\Programme\Malwarebytes' Anti-Malware\mbam.exe
C:\Dokumente und Einstellungen\sleepyhead\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\security\RSIT.exe
C:\Dokumente und Einstellungen\sleepyhead\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\security\sleepyhead.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 0.0.0.0:80
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SpywareTerminator] "D:\Programme\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "D:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [CarboniteSetupLite] "C:\Programme\Carbonite\CarbonitePreinstaller.exe" /preinstalled /showonfirst /reshowat=900
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] D:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [TrueCrypt] "D:\Programme\TrueCrypt\TrueCrypt.exe" /q preferences
O4 - HKCU\..\Run: [cookie] D:\Programme\AnalogX\CookieWall\cookie.exe
O4 - HKCU\..\Run: [WindowsUptime] "D:\Programme\Windows Uptime\Windows Uptime.exe" /i
O4 - HKCU\..\Run: [amsn] D:\Programme\aMSN\amsn.exe
O4 - HKCU\..\Run: [Eraser] D:\Programme\Eraser\Eraser.exe -hide
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1240858322937
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - D:\Programme\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - D:\Programme\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Seagate Service (FreeAgentGoNext Service) - Seagate Technology LLC - D:\Programme\Sync\FreeAgentService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Programme\Gemeinsame Dateien\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - D:\Programme\Spyware Terminator\sp_rsser.exe
O23 - Service: TuneUp Drive Defrag-Dienst (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe

--
End of file - 5470 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\1-Klick-Wartung.job

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-10-16 16855552]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2007-10-11 1826816]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-09-17 13574144]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-09-17 86016]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-04 208952]
"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-04 59392]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-04 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-04 455168]
"SpywareTerminator"=D:\Programme\Spyware Terminator\SpywareTerminatorShield.exe [2010-04-08 2176512]
"SunJavaUpdateSched"=C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe [2010-02-18 248040]
"avgnt"=D:\Programme\Avira\AntiVir Desktop\avgnt.exe [2010-03-02 282792]
"CarboniteSetupLite"=C:\Programme\Carbonite\CarbonitePreinstaller.exe [2009-08-04 318096]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"=D:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe [2010-04-29 437584]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"TrueCrypt"=D:\Programme\TrueCrypt\TrueCrypt.exe [2009-12-28 1415632]
"cookie"=D:\Programme\AnalogX\CookieWall\cookie.exe [2009-04-27 151040]
"WindowsUptime"=D:\Programme\Windows Uptime\Windows Uptime.exe [2002-12-23 159232]
"amsn"=D:\Programme\aMSN\amsn.exe [2006-11-24 32768]
"Eraser"=D:\Programme\Eraser\Eraser.exe [2007-12-23 916240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nero DriveSpeed]
D:\PROGRA~1\NERO9~1\NERO9~1\NERODR~1\DRIVES~1.EXE [2008-09-02 3082776]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
D:\Programme\uTorrent\uTorrent.exe [2010-04-10 319792]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\Programme\xchat\xchat.exe"="D:\Programme\xchat\xchat.exe:*:Enabled:xchat"
"C:\WINDOWS\system32\CNAB4RPK.EXE"="C:\WINDOWS\system32\CNAB4RPK.EXE:*:Enabled:Canon LBP2900 RPC Server Process"
"D:\Programme\Opera\opera.exe"="D:\Programme\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"D:\Programme\VideoLAN\VLC\vlc.exe"="D:\Programme\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
"D:\Programme\uTorrent\uTorrent.exe"="D:\Programme\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Programme\Internet Explorer\iexplore.exe"="C:\Programme\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"C:\Programme\Windows Live\Messenger\wlcsdk.exe"="C:\Programme\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"D:\Programme\aMSN\bin\wish.exe"="D:\Programme\aMSN\bin\wish.exe:*:Enabled:Wish Application"
"C:\Programme\Java\jre6\bin\javaw.exe"="C:\Programme\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Programme\Windows Live\Messenger\wlcsdk.exe"="C:\Programme\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c31f466b-3359-11de-add0-c22822f5c904}]
shell\AutoRun\command - J:\TrueCrypt\TrueCrypt.exe
shell\dismount\command - J:\TrueCrypt\TrueCrypt.exe /q /d
shell\start\command - J:\TrueCrypt\TrueCrypt.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fc0ff496-9d6d-11de-987e-806d6172696f}]
shell\play\command - "D:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file dvd://%1


======List of files/folders created in the last 1 months======

2010-05-11 23:00:14 ----D---- C:\WINDOWS\LastGood
2010-05-11 12:32:37 ----A---- C:\WINDOWS\system32\deployJava1.dll
2010-05-09 04:48:25 ----A---- C:\mbam-error.txt
2010-05-03 15:37:53 ----A---- C:\WINDOWS\CDPlayer.ini

======List of files/folders modified in the last 1 months======

2010-05-15 15:02:44 ----D---- C:\WINDOWS\Prefetch
2010-05-15 14:55:55 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spyware Terminator
2010-05-15 14:06:14 ----D---- C:\Dokumente und Einstellungen\sleepyhead\Anwendungsdaten\dvdcss
2010-05-15 14:06:06 ----D---- C:\WINDOWS\Temp
2010-05-15 04:12:56 ----D---- C:\Dokumente und Einstellungen\sleepyhead\Anwendungsdaten\vlc
2010-05-14 22:09:15 ----D---- C:\Dokumente und Einstellungen\sleepyhead\Anwendungsdaten\Spyware Terminator
2010-05-14 22:00:00 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-05-14 15:31:33 ----A---- C:\WINDOWS\winamp.ini
2010-05-12 12:56:36 ----D---- C:\WINDOWS\system32
2010-05-12 01:05:05 ----D---- C:\WINDOWS
2010-05-11 23:01:10 ----D---- C:\WINDOWS\Debug
2010-05-11 23:01:04 ----HD---- C:\WINDOWS\inf
2010-05-11 23:01:02 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-05-11 23:01:01 ----D---- C:\Programme\Outlook Express
2010-05-11 23:00:15 ----HD---- C:\WINDOWS\$hf_mig$
2010-05-11 22:59:49 ----D---- C:\WINDOWS\SoftwareDistribution
2010-05-11 16:17:31 ----D---- C:\Dokumente und Einstellungen\sleepyhead\Anwendungsdaten\gtk-2.0
2010-05-11 12:32:50 ----SHD---- C:\WINDOWS\Installer
2010-05-11 12:32:35 ----D---- C:\Programme\Java
2010-05-11 00:36:48 ----D---- C:\Dokumente und Einstellungen\sleepyhead\Anwendungsdaten\uTorrent
2010-05-10 20:14:17 ----D---- C:\WINDOWS\system32\NtmsData
2010-05-09 04:48:22 ----D---- C:\WINDOWS\system32\drivers
2010-04-30 22:35:50 ----D---- C:\WINDOWS\Registration
2010-04-30 20:51:06 ----A---- C:\WINDOWS\system32\MRT.exe
2010-04-30 20:06:14 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-04-30 20:02:26 ----D---- C:\WINDOWS\system32\CatRoot2
2010-04-30 20:00:30 ----D---- C:\Dokumente und Einstellungen\sleepyhead\Anwendungsdaten\X-Chat 2
2010-04-30 12:49:51 ----SHD---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{55A29068-F2CE-456C-9148-C869879E2357}
2010-04-26 20:53:15 ----HDC---- C:\WINDOWS\$NtUninstallKB981349$
2010-04-26 20:53:15 ----HDC---- C:\WINDOWS\$NtUninstallKB979402_WM9$
2010-04-26 20:53:15 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2010-04-26 20:52:12 ----RD---- C:\Programme
2010-04-26 05:29:04 ----SHD---- C:\System Volume Information
2010-04-21 16:33:04 ----D---- C:\WINDOWS\system32\Restore

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\D:\Programme\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2010-03-01 124784]
R1 BIOS;BIOS; \??\C:\WINDOWS\system32\drivers\BIOS.sys []
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R1 truecrypt;truecrypt; C:\WINDOWS\System32\drivers\truecrypt.sys [2009-12-28 223440]
R1 WmiAcpi;Microsoft Windows-Verwaltungsschnittstelle für ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2010-02-16 60936]
R3 HDAudBus;Microsoft UAA-Bustreiber für High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-10-16 4615168]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-09-17 6132576]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2007-03-06 58752]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2007-03-06 19968]
R3 usbehci;Miniporttreiber für erweiterten Microsoft USB 2.0-Hostcontroller; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2-aktivierter Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Miniporttreiber für Microsoft USB Open Host-Controller; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
S3 cpuz130;cpuz130; \??\C:\DOKUME~1\SLEEPY~1\LOKALE~1\Temp\cpuz130\cpuz_x32.sys []
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys []
S3 grmnusb;grmnusb; C:\WINDOWS\system32\drivers\grmnusb.sys [2007-03-08 8320]
S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2010-03-22 47360]
S3 usbprint;Microsoft USB-Druckerklasse; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB-Scannertreiber; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;USB-Massenspeichertreiber; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirSchedulerService;Avira AntiVir Planer; D:\Programme\Avira\AntiVir Desktop\sched.exe [2010-02-24 135336]
R2 AntiVirService;Avira AntiVir Guard; D:\Programme\Avira\AntiVir Desktop\avguard.exe [2010-04-19 267432]
R2 JavaQuickStarterService;Java Quick Starter; C:\Programme\Java\jre6\bin\jqs.exe [2010-04-12 153376]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Programme\Gemeinsame Dateien\Nero\Nero BackItUp 4\NBService.exe [2008-08-29 935208]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-09-17 163908]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; D:\Programme\Spyware Terminator\sp_rsser.exe [2010-04-08 488960]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service; C:\WINDOWS\System32\TUProgSt.exe [2009-11-19 604488]
R2 UxTuneUp;TuneUp Designerweiterung; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S2 FreeAgentGoNext Service;Seagate Service; D:\Programme\Sync\FreeAgentService.exe [2009-09-25 189736]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 TuneUp.Defrag;TuneUp Drive Defrag-Dienst; C:\WINDOWS\System32\TuneUpDefragService.exe [2009-11-19 361288]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Hallo und :hallo:

ohne mir dein Log näher angesehen zu haben aber
wo hast die Auswertung vornehmen lassen und was war das für eine Auswertung http://www.cheesebuerger.de/images/s...onfus/c028.gif ?

MFG

hxxp://hijackthis.de/de#anl

wurde mir mal vor einiger zeit gesagt, als ich mich ich RSIT installiert hatte

AHA, scheint etwas über facebook zu sein.

habe heute vor einigen stunden auf meiner "wall" ein video link bekommen und scheinbar wird das jetzt über meinen account weiterverbreitet, obwohl ich garnicht angemeldet bin

Hallo

auf der Seite kannst du nur das Log von Hijackthis analysieren lassen:heilig:

http://www.cheesebuerger.de/images/s...onfus/a050.gif wie meinen?

In dem RSIT Log hab ich nix aufregendes gesehen, was für ein Problem gibt es überhaupt?

MFG