Hallo,
seit Gestern bekomme ich jedes mal wenn ich den IE öffne die Benachrichtigung "Internet Explorer ist momentan nicht Ihr Standartbrowser. Möchten Sie Internetexplorer als Standart festlegen?"
Ich habe schon immer den IE als Standart fesgelegt. Außerdem kann ich das in den Internetoptionen nicht mehr einstellen, da sich der übernehmen Button nicht anklicken läßt.
Das heißt wenn ich die Frage durch anklicken bejae, ändert sich in der Einstellung nichts. Da steht jedes mal das der IE nicht als Standartbrowser eingestellt ist.
Firefox ist bei mir auch nicht als Standart festgelegt. Was ich sofort überprüft habe. Was ich auch nicht bei der letzten Installation eingestellt habe.
Nun habe ich Vorgestern bei dem Besuch der Webseite "coolespiele.de" zwei Meldungen von G-Data erhalten.
Habe danach aber eine Bereinigung mit CCleaner durchgeführt und bin der Meinung das sich da nichts bei mir eingenistet hat. Hat danach auch keine Probleme festgestellt und der IE funktionierte normal ohne Benachrichtigungen.Code:Virenprüfung von Web-Inhalten Adresse: 194.140.229.100 Virus: HTML:Downloader-O [Trj] (Engine-B) Status: Der Zugriff wurde verweigert. Virenprüfung von Web-Inhalten Adresse: http://212.117.168.229/tds/ Status: Der Zugriff wurde verweigert.
Ich habe heute morgen schon mal einen Volständigen Scan mit Malewarebytes durchgeführt(ohne Befund, siehe Log), und einen Scan mit Gmer. Da ist mir aber auch nichts angezeigt worden. (Hänge diese Logs auch noch an)
Ich werde gleich noch einmal einen Scan mit G-Data durchführen und den Bericht auch als Log anhängen. Obwohl mein System automatisch ein mal in der woche gescant wird. Letzte mal gestern morgen. Ohne Befund.
Ich poste jetzt noch die diversen Logfiles zur Ansicht
ps.: Habe mich noch mal neu registriert, da das mit dem neuen Kennwort das ich angefordert habe nicht hingehauen hat.
Nummer1
Nummer 2Code:Logfile of random's system information tool 1.07 (written by random/random) Run by Andreas at 2010-07-08 11:11:32 Microsoft® Windows Vista™ Home Premium Service Pack 2 System drive C: has 107 GB (76%) free of 140 GB Total RAM: 2046 MB (52% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 11:11:58, on 08.07.2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18928) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Dell\MediaDirect\PCMService.exe C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe C:\Program Files\G DATA\AntiVirus\AVKTray\AVKTray.exe C:\Program Files\DellSupport\DSAgnt.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Windows\ehome\ehmsas.exe C:\Windows\system32\conime.exe C:\Windows\System32\mobsync.exe C:\Windows\system32\Macromed\Flash\FlashUtil10h_ActiveX.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\SearchProtocolHost.exe C:\Users\Andreas\Desktop\RSIT.exe C:\Program Files\trend micro\Andreas.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer bereitgestellt von Dell R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: G Data WebFilter Class - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files\G Data\AntiVirus\WebFilter\AvkWebIE.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: T1 - {4180A6C9-26D0-4A15-A2CD-A24E3178E386} - C:\PROGRA~1\LANGEN~1\StdAlone\T1IE.dll O3 - Toolbar: G Data WebFilter - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files\G Data\AntiVirus\WebFilter\AvkWebIE.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe" O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe O4 - HKLM\..\Run: [Corel File Shell Monitor] C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe O4 - HKLM\..\Run: [G Data AntiVirus Tray Application] C:\Program Files\G Data\AntiVirus\AVKTray\AVKTray.exe O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup O4 - HKCU\..\Run: [EPSON Stylus DX4000 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE /FU "C:\Windows\TEMP\E_SDF76.tmp" /EF "HKCU" O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST') O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html O9 - Extra button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553560000} - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: G Data AntiVirus Proxy (AVKProxy) - G Data Software AG - C:\Program Files\Common Files\G DATA\AVKProxy\AVKProxy.exe O23 - Service: G Data Scheduler (AVKService) - G Data Software AG - C:\Program Files\G DATA\AntiVirus\AVK\AVKService.exe O23 - Service: G Data Dateisystem Wächter (AVKWCtl) - G Data Software AG - C:\Program Files\G DATA\AntiVirus\AVK\AVKWCtl.exe O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe O23 - Service: G Data Scanner (GDScan) - G Data Software AG - C:\Program Files\Common Files\G DATA\GDScan\GDScan.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: SupportSoft Sprocket Service (DellSupportCenter) (sprtsvc_DellSupportCenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe O23 - Service: stllssvr - Unknown owner - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe (file missing) O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 8405 bytes ======Scheduled tasks folder====== C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0124123D-61B4-456f-AF86-78C53A0790C5}] G Data WebFilter - C:\Program Files\G Data\AntiVirus\WebFilter\AvkWebIE.dll [2010-03-31 657480] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}] RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2010-06-15 341600] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}] Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live Anmelde-Hilfsprogramm - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-06-23 278192] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll [2010-05-24 814648] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA6319C0-31B7-401E-A518-A07C3DB8F777}] CBrowserHelperObject Object - C:\Program Files\BAE\BAE.dll [2006-11-17 98304] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-04-12 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}] Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] {4180A6C9-26D0-4A15-A2CD-A24E3178E386} - T1 - C:\PROGRA~1\LANGEN~1\StdAlone\T1IE.dll [2007-09-26 2222864] {0124123D-61B4-456f-AF86-78C53A0790C5} - G Data WebFilter - C:\Program Files\G Data\AntiVirus\WebFilter\AvkWebIE.dll [2010-03-31 657480] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-06-23 278192] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-11-18 815104] "ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2006-10-03 81920] "PCMService"=C:\Program Files\Dell\MediaDirect\PCMService.exe [2007-05-02 184320] "SigmatelSysTrayApp"=C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe [2007-09-13 405504] "Corel File Shell Monitor"=C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe [2007-10-30 16200] "G Data AntiVirus Tray Application"=C:\Program Files\G Data\AntiVirus\AVKTray\AVKTray.exe [2010-03-31 963144] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "DellSupport"=C:\Program Files\DellSupport\DSAgnt.exe [2007-03-15 460784] "EPSON Stylus DX4000 Series"=C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE [2006-09-21 139264] "ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2010-01-31 39408] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DisableTaskMgr"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoRun"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "BindDirectlyToPropertySetStorage"= "NoRun"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 months====== 2010-07-08 11:11:32 ----D---- C:\rsit 2010-07-08 09:54:16 ----A---- C:\Windows\system32\hjtscanlist.txt 2010-06-24 21:30:39 ----A---- C:\Windows\system32\WMAFile.dll 2010-06-24 21:30:39 ----A---- C:\Windows\system32\AudPlayer.dll 2010-06-24 21:30:39 ----A---- C:\Windows\system32\AudioVisu.dll 2010-06-24 21:30:39 ----A---- C:\Windows\system32\AudioRecord.dll 2010-06-24 21:30:39 ----A---- C:\Windows\system32\AudioInfos.dll 2010-06-24 21:30:38 ----A---- C:\Windows\system32\AudFile.dll 2010-06-24 21:30:38 ----A---- C:\Windows\system32\AudDisplay.dll 2010-06-24 21:30:38 ----A---- C:\Windows\system32\AudDesign.dll 2010-06-24 21:30:37 ----A---- C:\Windows\system32\VB6STKIT.DLL 2010-06-24 21:30:37 ----A---- C:\Windows\system32\VB6FR.DLL 2010-06-24 21:30:37 ----A---- C:\Windows\system32\TABCTFR.DLL 2010-06-24 21:30:37 ----A---- C:\Windows\system32\inetfr.DLL 2010-06-24 21:30:36 ----A---- C:\Windows\system32\MSCMCFR.DLL 2010-06-24 21:30:36 ----A---- C:\Windows\system32\Mscc2fr.dll 2010-06-24 21:30:36 ----A---- C:\Windows\system32\CMDLGFR.DLL 2010-06-24 21:30:35 ----D---- C:\Users\Andreas\AppData\Roaming\FreeAudioPack 2010-06-24 21:28:03 ----D---- C:\Users\Andreas\AppData\Roaming\FreeVideoConverter 2010-06-24 20:53:36 ----D---- C:\Users\Andreas\AppData\Roaming\Media Player Classic 2010-06-24 20:52:27 ----D---- C:\output media 2010-06-24 20:50:21 ----D---- C:\Program Files\Free Convert to DIVX AVI WMV MP4 MPEG Converter 2010-06-22 21:27:37 ----A---- C:\Windows\system32\PresentationHostProxy.dll 2010-06-22 21:27:27 ----A---- C:\Windows\system32\PresentationHost.exe 2010-06-22 21:27:27 ----A---- C:\Windows\system32\netfxperf.dll 2010-06-22 21:27:27 ----A---- C:\Windows\system32\mscoree.dll 2010-06-22 21:27:27 ----A---- C:\Windows\system32\dfshim.dll 2010-06-22 20:59:45 ----A---- C:\Windows\system32\Apphlpdm.dll 2010-06-22 20:59:44 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll 2010-06-17 08:45:56 ----D---- C:\Users\Andreas\AppData\Roaming\Malwarebytes 2010-06-15 15:29:23 ----D---- C:\Program Files\Common Files\xing shared 2010-06-15 15:07:42 ----A---- C:\Windows\system32\clrviddc.dll 2010-06-14 10:55:58 ----D---- C:\Program Files\Microsoft Windows 7 Upgrade Advisor 2010-06-14 10:45:12 ----D---- C:\Program Files\Free RAR Extract Frog 2010-06-14 10:44:51 ----D---- C:\Program Files\Conduit 2010-06-12 18:55:30 ----A---- C:\Windows\system32\atmfd.dll 2010-06-12 18:55:29 ----A---- C:\Windows\system32\atmlib.dll 2010-06-12 18:55:21 ----A---- C:\Windows\system32\mshtml.dll 2010-06-12 18:55:19 ----A---- C:\Windows\system32\ieframe.dll 2010-06-12 18:55:17 ----A---- C:\Windows\system32\wininet.dll 2010-06-12 18:55:17 ----A---- C:\Windows\system32\urlmon.dll 2010-06-12 18:55:17 ----A---- C:\Windows\system32\iertutil.dll 2010-06-12 18:55:16 ----A---- C:\Windows\system32\occache.dll 2010-06-12 18:55:16 ----A---- C:\Windows\system32\msfeeds.dll 2010-06-12 18:55:16 ----A---- C:\Windows\system32\iedkcs32.dll 2010-06-12 18:55:15 ----A---- C:\Windows\system32\mstime.dll 2010-06-12 18:55:15 ----A---- C:\Windows\system32\ieui.dll 2010-06-12 18:55:14 ----A---- C:\Windows\system32\msfeedssync.exe 2010-06-12 18:55:14 ----A---- C:\Windows\system32\msfeedsbs.dll 2010-06-12 18:55:14 ----A---- C:\Windows\system32\jsproxy.dll 2010-06-12 18:55:14 ----A---- C:\Windows\system32\ieUnatt.exe 2010-06-12 18:55:14 ----A---- C:\Windows\system32\iesysprep.dll 2010-06-12 18:55:14 ----A---- C:\Windows\system32\iesetup.dll 2010-06-12 18:55:14 ----A---- C:\Windows\system32\iernonce.dll 2010-06-12 18:55:14 ----A---- C:\Windows\system32\iepeers.dll 2010-06-12 18:55:14 ----A---- C:\Windows\system32\ie4uinit.exe 2010-06-12 18:54:55 ----A---- C:\Windows\system32\asycfilt.dll 2010-06-12 17:41:53 ----D---- C:\Users\Andreas\AppData\Roaming\Adobe ======List of files/folders modified in the last 1 months====== 2010-07-08 11:11:45 ----D---- C:\Windows\Temp 2010-07-08 11:11:39 ----D---- C:\Program Files\trend micro 2010-07-08 10:54:36 ----D---- C:\Windows\System32 2010-07-08 08:06:49 ----SHD---- C:\System Volume Information 2010-07-08 07:39:32 ----D---- C:\MDT 2010-07-07 12:54:09 ----SHD---- C:\Windows\Installer 2010-07-07 12:33:56 ----D---- C:\Windows 2010-07-06 14:26:54 ----D---- C:\Program Files\CCleaner 2010-07-05 07:37:19 ----D---- C:\Windows\system32\catroot2 2010-07-04 13:06:01 ----D---- C:\Users\Andreas\AppData\Roaming\gtk-2.0 2010-07-04 12:53:37 ----D---- C:\Users\Andreas\AppData\Roaming\vlc 2010-07-02 14:09:47 ----D---- C:\Windows\system32\Tasks 2010-07-02 11:07:05 ----D---- C:\ProgramData\Spybot - Search & Destroy 2010-06-30 10:07:23 ----D---- C:\Users\Andreas\AppData\Roaming\EPSON 2010-06-29 07:48:05 ----D---- C:\Program Files\Mozilla Firefox 2010-06-28 15:40:47 ----RD---- C:\Program Files 2010-06-27 14:17:36 ----D---- C:\Windows\Prefetch 2010-06-27 09:11:30 ----D---- C:\Windows\Minidump 2010-06-26 17:55:33 ----D---- C:\ProgramData\G DATA 2010-06-25 12:09:13 ----D---- C:\Langenscheidt T1 7_0 2010-06-24 21:32:00 ----A---- C:\Windows\win.ini 2010-06-24 20:12:13 ----D---- C:\Users\Andreas\AppData\Roaming\Real 2010-06-23 11:53:03 ----D---- C:\Windows\Microsoft.NET 2010-06-23 11:52:41 ----RSD---- C:\Windows\assembly 2010-06-22 21:44:35 ----D---- C:\Windows\ehome 2010-06-22 21:44:35 ----D---- C:\Windows\AppPatch 2010-06-22 21:42:27 ----D---- C:\Windows\winsxs 2010-06-22 21:41:27 ----D---- C:\Windows\system32\catroot 2010-06-22 21:36:02 ----D---- C:\Windows\system32\de-DE 2010-06-22 21:34:53 ----A---- C:\Windows\system32\PerfStringBackup.INI 2010-06-22 21:34:52 ----D---- C:\Windows\inf 2010-06-22 21:30:54 ----D---- C:\Windows\system32\en-US 2010-06-22 21:30:49 ----D---- C:\Program Files\Microsoft.NET 2010-06-19 16:40:05 ----D---- C:\Windows\system32\Msdtc 2010-06-19 16:40:01 ----D---- C:\Windows\system32\wbem 2010-06-19 16:39:26 ----D---- C:\Windows\system32\config 2010-06-19 16:38:59 ----D---- C:\Windows\Tasks 2010-06-19 16:38:59 ----D---- C:\Windows\system32\spool 2010-06-19 16:38:56 ----D---- C:\Windows\registration 2010-06-17 08:45:50 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2010-06-17 08:45:45 ----D---- C:\Windows\system32\drivers 2010-06-15 15:30:15 ----D---- C:\Program Files\Common Files\Real 2010-06-15 15:30:09 ----A---- C:\Windows\system32\rmoc3260.dll 2010-06-15 15:29:38 ----A---- C:\Windows\system32\pndx5032.dll 2010-06-15 15:29:38 ----A---- C:\Windows\system32\pndx5016.dll 2010-06-15 15:29:34 ----D---- C:\Program Files\Real 2010-06-15 15:29:23 ----D---- C:\Program Files\Common Files 2010-06-15 15:28:24 ----A---- C:\Windows\system32\pncrt.dll 2010-06-14 07:26:46 ----D---- C:\Users\Andreas\AppData\Roaming\Uniblue 2010-06-13 18:25:26 ----D---- C:\Program Files\Spybot - Search & Destroy 2010-06-13 18:12:05 ----D---- C:\PerfLogs 2010-06-13 17:46:16 ----D---- C:\Windows\system32\LogFiles 2010-06-13 14:42:56 ----HD---- C:\ProgramData 2010-06-13 14:02:05 ----D---- C:\Windows\Debug 2010-06-13 13:08:22 ----SD---- C:\Windows\Downloaded Program Files 2010-06-12 19:24:49 ----D---- C:\Windows\system32\migration 2010-06-12 19:24:49 ----D---- C:\Program Files\Windows Mail 2010-06-12 19:24:49 ----D---- C:\Program Files\Internet Explorer 2010-06-12 18:15:34 ----D---- C:\Windows\system32\CodeIntegrity 2010-06-12 18:15:34 ----D---- C:\Windows\system32\Adobe 2010-06-12 18:15:28 ----D---- C:\Users\Andreas\AppData\Roaming\inifiles 2010-06-12 18:15:27 ----D---- C:\Users\Andreas\AppData\Roaming\dvdcss ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 GDMnIcpt;GDMnIcpt; \??\C:\Windows\system32\drivers\MiniIcpt.sys [2010-06-06 61512] R1 gdwfpcd;G DATA WFP CD; C:\Windows\system32\drivers\gdwfpcd32.sys [2010-06-06 40904] R1 GRD;G Data Rootkit Detector Driver; \??\C:\Windows\system32\drivers\GRD.sys [2010-06-06 29992] R2 dsunidrv;DellSupport UniDriver; C:\Windows\system32\DRIVERS\dsunidrv.sys [2007-02-25 5376] R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-11-12 12672] R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2006-11-20 32256] R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2006-11-20 43520] R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2006-11-20 37376] R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2006-11-12 8192] R3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\Windows\system32\DRIVERS\bcm4sbxp.sys [2007-03-12 45568] R3 CmBatt;Treiber für Microsoft-ACPI-Kontrollmethodenkompatible Batterie; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-19 14208] R3 DSproct;DSproct; \??\C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys [2006-10-05 4736] R3 GearAspiWDM;GEARAspiWDM; C:\Windows\System32\drivers\GEARAspiWDM.sys [2008-02-22 16168] R3 HookCentre;HookCentre; \??\C:\Windows\system32\drivers\HookCentre.sys [2010-06-06 38856] R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2006-11-12 986624] R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2006-11-12 206848] R3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2006-11-08 2071552] R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088] R3 STHDA;SigmaTel High Definition Audio CODEC; C:\Windows\system32\drivers\stwrt.sys [2007-09-13 330240] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2006-11-18 179256] R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2006-11-12 659968] R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-19 11264] S3 drmkaud;Microsoft Kernel-DRM-Audioentschlüsselung; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632] S3 e1express;Intel(R) PRO/1000 PCI Express-Netzwerkverbindungstreiber; C:\Windows\system32\DRIVERS\e1e6032.sys [2006-11-02 200704] S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2009-08-05 54632] S3 HdAudAddService;Microsoft 1.1 UAA-Funktionstreiber für High Definition Audio-Dienst; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520] S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192] S3 MSPCLOCK;Microsoft Proxy für Streaming Clock; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888] S3 MSPQM;Microsoft Proxy für Streaming Quality Manager; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016] S3 NETw3v32;Intel(R) PRO/Wireless 3945ABG Adaptertreiber für Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-10-30 1786880] S3 NETw4v32;Intel(R) Wireless WiFi Link Adaptertreiber für Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-09-26 2251776] S3 usbscan;USB-Scannertreiber; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328] S3 uwtdqfob;uwtdqfob; \??\C:\Users\Andreas\AppData\Local\Temp\uwtdqfob.sys [] S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2006-11-08 552960] R2 AVKProxy;G Data AntiVirus Proxy; C:\Program Files\Common Files\G DATA\AVKProxy\AVKProxy.exe [2010-04-30 1147976] R2 AVKService;G Data Scheduler; C:\Program Files\G DATA\AntiVirus\AVK\AVKService.exe [2010-03-31 410696] R2 AVKWCtl;G Data Dateisystem Wächter; C:\Program Files\G DATA\AntiVirus\AVK\AVKWCtl.exe [2010-03-15 1279816] R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368] R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512] R2 sprtsvc_DellSupportCenter;SupportSoft Sprocket Service (DellSupportCenter); C:\Program Files\Dell Support Center\bin\sprtsvc.exe [2009-01-30 201968] R2 STacSV;SigmaTel Audio Service; C:\Windows\system32\STacSV.exe [2007-09-13 102400] R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2006-11-12 386560] R3 GDScan;G Data Scanner; C:\Program Files\Common Files\G DATA\GDScan\GDScan.exe [2010-04-22 339016] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-31 135664] S3 DSBrokerService;DSBrokerService; C:\Program Files\DellSupport\brkrsvc.exe [2007-03-07 76848] S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504] S3 fsssvc;Windows Live Family Safety-Dienst; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864] S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-07-07 182768] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [] S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504] S4 ProtexisLicensing;ProtexisLicensing; C:\Windows\system32\PSIService.exe [2007-06-05 177704] -----------------EOF-----------------
Und Nummer3Code:info.txt logfile of random's system information tool 1.06 2010-07-08 11:12:02 ======Uninstall list====== Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\FlashUtil10h_ActiveX.exe -maintain activex Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\FlashUtil10h_Plugin.exe -maintain plugin Adobe Shockwave Player 11.5-->"C:\Windows\system32\Adobe\Shockwave 11\uninstaller.exe" Assistant zum Anpassen des Dell-Systems-->MsiExec.exe /I{FD023F61-65E9-465C-B558-7C64EB2B97E6} ATI Catalyst Control Center Ex-->MsiExec.exe /I{493BAF04-DA99-9257-B343-E17BB5E687A3} Benutzerhandbuch-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}\setup.exe" Camera RAW Plug-In for EPSON Creativity Suite-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EB041636-9CD5-4D65-9604-37432FCAED91}\setup.exe" -l0x7 UNINST CCleaner-->"C:\Program Files\CCleaner\uninst.exe" Conexant HDA D110 MDC V.92 Modem-->C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F100C3\HXFSETUP.EXE -U -IDellHDAz.inf Corel Paint Shop Pro Photo X2-->MsiExec.exe /X{64E72FB1-2343-4977-B4A8-262CD53D0BD3} Dell Resource CD-->MsiExec.exe /X{2764CA82-DFB9-4498-AF85-719340BF5305} Dell Support Center (Support Software)-->MsiExec.exe /X{E3BFEE55-39E2-4BE0-B966-89FE583822C1} DellSupport-->MsiExec.exe /X{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D} Digital Line Detect-->C:\Program Files\InstallShield Installation Information\{E646DCF0-5A68-11D5-B229-002078017FBF}\setup.exe -runfromtemp -l0x0007 -removeonly EPSON Attach To Email-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{20C45B32-5AB6-46A4-94EF-58950CAF05E5} /l1033 ADDREMOVEDLG EPSON Copy Utility 3-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{67EDD823-135A-4D59-87BD-950616D6E857}\SETUP.EXE" -l0x7 -UnInstall EPSON Easy Photo Print-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8A8F8391-4C2C-4BE1-A984-CD4A5A546467}\setup.exe" -l0x7 UNINST EPSON File Manager-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E86BC406-944E-41F6-ADE6-2C136734C96B}\Setup.exe" -l0x7 UNINST EPSON Scan Assistant-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}\Setup.exe" -l0x7 -u EPSON Scan-->C:\Program Files\epson\escndv\setup\setup.exe /r EPSON-Drucker-Software-->C:\Windows\system32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R ESDX4000_4050_CX3900-->C:\Program Files\EPSON\TPMANUAL\ESDX4000_4050_CX3900\USE_G\DOCUNINS.EXE Foxit Reader-->C:\Program Files\Foxit Software\Foxit Reader\Uninstall.exe G Data AntiVirus 2011-->MsiExec.exe /I{A7FB84F1-FA4F-4B50-9AEC-4F83AB1DFEBE} GIMP 2.6.7-git-->"C:\Program Files\GIMP-2.0\setup\unins000.exe" Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_6447DDAF760F41DD.exe" /uninstall Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C} Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT="" Java(TM) 6 Update 20-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216019FF} Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5} Langenscheidt T1 7.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{57EB87EF-23DF-4A76-9B90-FD7B53E1C6CE}\Setup.exe" -l0x7 UNINSTALL Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" MediaDirect-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}\Setup.exe" -l0x7 -cluninstall Microsoft .NET Framework 3.5 Language Pack SP1 - DEU-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - deu\setup.exe Microsoft .NET Framework 3.5 Language Pack SP1 - deu-->MsiExec.exe /I{052FDD78-A6EA-3187-8386-C82F4CA3A929} Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} Microsoft .NET Framework 4 Client Profile DEU Language Pack-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /lcid 1031 /parameterfolder ClientLP Microsoft .NET Framework 4 Client Profile DEU Language Pack-->MsiExec.exe /X{F750C986-5310-3A5A-95F8-4EC71C8AC01C} Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6} Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570} Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC} Microsoft Office Outlook Connector-->MsiExec.exe /I{95120000-0122-0407-0000-0000000FF1CE} Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110407-6000-11D3-8CFE-0150048383C9} Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7} Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5} Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB} Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7} Microsoft Works-->MsiExec.exe /I{4EA2F95F-A537-4D17-9E7F-6B3FF8D9BBE3} Modem-Diagnose-Tool-->MsiExec.exe /I{F63A3748-B93D-4360-9AD4-B064481A5C7B} Mozilla Firefox (3.6.6)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC} MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC} NetWaiting-->C:\Program Files\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\setup.exe -runfromtemp -l0x0007 -removeonly OpenOffice.org 3.2-->MsiExec.exe /I{192A107E-C6B9-41B9-BDBF-38E3AA226054} OutlookAddinSetup-->MsiExec.exe /I{9BDEF074-020E-458D-ADC5-8FF68E0C9B56} PIF DESIGNER-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B90450DF-E781-46FD-B1F1-0C86DA40E443}\SETUP.EXE" -l0x7 anything QuickSet-->MsiExec.exe /I{7F0C4457-8E64-491B-8D7B-991504365D1E} RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|12.0 RealUpgrade 1.0-->MsiExec.exe /I{F4F4F84E-804F-4E9A-84D7-C34283F0088F} Rome - Total War - Gold Edition-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2E97F7E8-ABDE-4E0D-B0AD-B6B4BAD89E24}\setup.exe" -l0x7 -removeonly SigmaTel Audio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}\setup.exe" -l0x7 -remove -removeonly Sonic Activation Module-->MsiExec.exe /I{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0} Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe" Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT="" URL Assistant-->regsvr32 /u /s "C:\Program Files\BAE\BAE.dll" Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27} Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\Windows\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT="" VLC media player 1.0.1-->C:\Program Files\VideoLAN\VLC\uninstall.exe Windows 7 Upgrade Advisor-->MsiExec.exe /I{9A4D182C-35C7-4791-8484-4304EBC9101A} Windows Live Anmelde-Assistent-->MsiExec.exe /I{52B97218-98CB-4B8B-9283-D213C85E1AA4} Windows Live Call-->MsiExec.exe /I{5FC68772-6D56-41C6-9DF1-24E868198AE6} Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52} Windows Live Essentials-->C:\Program Files\Windows Live\Installer\wlarp.exe Windows Live Essentials-->MsiExec.exe /I{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F} Windows Live Family Safety-->MsiExec.exe /X{994223F3-A99B-4DDD-9E1D-0190A17C6860} Windows Live Fotogalerie-->MsiExec.exe /X{2BA722D1-48D1-406E-9123-8AE5431D63EF} Windows Live Mail-->MsiExec.exe /I{C4D738F7-996A-4C81-B8FA-C4E26D767E41} Windows Live Messenger-->MsiExec.exe /X{41E654A9-26D0-4EAC-854B-0FA824FFFABB} Windows Live Movie Maker-->MsiExec.exe /X{3EFEF049-23D4-4B46-8903-4592FEA51018} Windows Live Sync-->MsiExec.exe /X{76618402-179D-4699-A66B-D351C59436BC} Windows Live Toolbar-->MsiExec.exe /X{70B7A167-0B88-445D-A3EA-97C73AA88CAC} Windows Live Writer-->MsiExec.exe /X{E0A4805D-280A-4DD7-9E74-3A5F85E302A1} Windows Live-Uploadtool-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238} Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4} ======Hosts File====== 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com ======Security center information====== AS: Spybot - Search and Destroy (disabled) AS: Windows-Defender AS: SUPERAntiSpyware (disabled) ======System event log====== Computer Name: Andreas-PC Event Code: 7036 Message: Dienst "Ati External Event Utility" befindet sich jetzt im Status "Ausgeführt". Record Number: 89639 Source Name: Service Control Manager Time Written: 20100124091531.000000-000 Event Type: Informationen User: Computer Name: Andreas-PC Event Code: 7036 Message: Dienst "Windows-Defender" befindet sich jetzt im Status "Ausgeführt". Record Number: 89638 Source Name: Service Control Manager Time Written: 20100124091531.000000-000 Event Type: Informationen User: Computer Name: Andreas-PC Event Code: 7036 Message: Dienst "Remoteprozeduraufruf (RPC)" befindet sich jetzt im Status "Ausgeführt". Record Number: 89637 Source Name: Service Control Manager Time Written: 20100124091531.000000-000 Event Type: Informationen User: Computer Name: Andreas-PC Event Code: 7036 Message: Dienst "DCOM-Server-Prozessstart" befindet sich jetzt im Status "Ausgeführt". Record Number: 89636 Source Name: Service Control Manager Time Written: 20100124091531.000000-000 Event Type: Informationen User: Computer Name: Andreas-PC Event Code: 7036 Message: Dienst "Plug & Play" befindet sich jetzt im Status "Ausgeführt". Record Number: 89635 Source Name: Service Control Manager Time Written: 20100124091531.000000-000 Event Type: Informationen User: =====Application event log===== Computer Name: Andreas-PC Event Code: 223 Message: WinMail (3032) WindowsMail0: Sicherung von Protokolldateien (Bereich C:\Users\Andreas\AppData\Local\Microsoft\Windows Mail\edb00001.log - C:\Users\Andreas\AppData\Local\Microsoft\Windows Mail\edb00001.log) wird gestartet. Record Number: 358 Source Name: ESENT Time Written: 20090810154704.000000-000 Event Type: Informationen User: Computer Name: Andreas-PC Event Code: 221 Message: WinMail (3032) WindowsMail0: Sicherung der Datei C:\Users\Andreas\AppData\Local\Microsoft\Windows Mail\WindowsMail.MSMessageStore wird beendet. Record Number: 357 Source Name: ESENT Time Written: 20090810154703.000000-000 Event Type: Informationen User: Computer Name: Andreas-PC Event Code: 220 Message: WinMail (3032) WindowsMail0: Sicherung der Datei C:\Users\Andreas\AppData\Local\Microsoft\Windows Mail\WindowsMail.MSMessageStore (Größe 2 Mb) beginnt. Record Number: 356 Source Name: ESENT Time Written: 20090810154702.000000-000 Event Type: Informationen User: Computer Name: Andreas-PC Event Code: 210 Message: WinMail (3032) WindowsMail0: Eine vollständige Sicherung wird gestartet. Record Number: 355 Source Name: ESENT Time Written: 20090810154701.000000-000 Event Type: Informationen User: Computer Name: Andreas-PC Event Code: 102 Message: WinMail (3032) WindowsMail0: Das Datenbankmodul (6.00.6000.0000) hat eine neue Instanz gestartet (0). Record Number: 354 Source Name: ESENT Time Written: 20090810154651.000000-000 Event Type: Informationen User: =====Security event log===== Computer Name: Andreas-PC Event Code: 1100 Message: Der Ereignisprotokollierungsdienst wurde heruntergefahren. Record Number: 11030 Source Name: Microsoft-Windows-Eventlog Time Written: 20090921153659.903600-000 Event Type: Überwachung erfolgreich User: Computer Name: Andreas-PC Event Code: 4672 Message: Einer neuen Anmeldung wurden besondere Rechte zugewiesen. Antragsteller: Sicherheits-ID: S-1-5-18 Kontoname: SYSTEM Kontodomäne: NT-AUTORITÄT Anmelde-ID: 0x3e7 Berechtigungen: SeAssignPrimaryTokenPrivilege SeTcbPrivilege SeSecurityPrivilege SeTakeOwnershipPrivilege SeLoadDriverPrivilege SeBackupPrivilege SeRestorePrivilege SeDebugPrivilege SeAuditPrivilege SeSystemEnvironmentPrivilege SeImpersonatePrivilege Record Number: 11029 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20090921153650.481200-000 Event Type: Überwachung erfolgreich User: Computer Name: Andreas-PC Event Code: 4624 Message: Ein Konto wurde erfolgreich angemeldet. Antragsteller: Sicherheits-ID: S-1-5-18 Kontoname: ANDREAS-PC$ Kontodomäne: WORKGROUP Anmelde-ID: 0x3e7 Anmeldetyp: 5 Neue Anmeldung: Sicherheits-ID: S-1-5-18 Kontoname: SYSTEM Kontodomäne: NT-AUTORITÄT Anmelde-ID: 0x3e7 Anmelde-GUID: {00000000-0000-0000-0000-000000000000} Prozessinformationen: Prozess-ID: 0x280 Prozessname: C:\Windows\System32\services.exe Netzwerkinformationen: Arbeitsstationsname: Quellnetzwerkadresse: - Quellport: - Detaillierte Authentifizierungsinformationen: Anmeldeprozess: Advapi Authentifizierungspaket: Negotiate Übertragene Dienste: - Paketname (nur NTLM): - Schlüssellänge: 0 Dieses Ereignis wird beim Erstellen einer Anmeldesitzung generiert. Es wird auf dem Computer generiert, auf den zugegriffen wurde. Die Antragstellerfelder geben das Konto auf dem lokalen System an, von dem die Anmeldung angefordert wurde. Dies ist meistens ein Dienst wie der Serverdienst oder ein lokaler Prozess wie "Winlogon.exe" oder "Services.exe". Das Anmeldetypfeld gibt den jeweiligen Anmeldetyp an. Die häufigsten Typen sind 2 (interaktiv) und 3 (Netzwerk). Die Felder für die neue Anmeldung geben das Konto an, für das die Anmeldung erstellt wurde, d. h. das angemeldete Konto. Die Netzwerkfelder geben die Quelle einer Remoteanmeldeanforderung an. der Arbeitsstationsname ist nicht immer verfügbar und kann in manchen Fällen leer bleiben. Die Felder für die Authentifizierungsinformationen enthalten detaillierte Informationen zu dieser speziellen Anmeldeanforderung. - Die Anmelde-GUID ist ein eindeutiger Bezeichner, der verwendet werden kann, um dieses Ereignis mit einem KDC-Ereignis zu korrelieren. - Die übertragenen Dienste geben an, welche Zwischendienste an der Anmeldeanforderung beteiligt waren. - Der Paketname gibt das in den NTLM-Protokollen verwendete Unterprotokoll an. - Die Schlüssellänge gibt die Länge des generierten Sitzungsschlüssels an. Wenn kein Sitzungsschlüssel angefordert wurde, ist dieser Wert 0. Record Number: 11028 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20090921153650.481200-000 Event Type: Überwachung erfolgreich User: Computer Name: Andreas-PC Event Code: 4648 Message: Anmeldeversuch mit expliziten Anmeldeinformationen. Antragsteller: Sicherheits-ID: S-1-5-18 Kontoname: ANDREAS-PC$ Kontodomäne: WORKGROUP Anmelde-ID: 0x3e7 Anmelde-GUID: {00000000-0000-0000-0000-000000000000} Konto, dessen Anmeldeinformationen verwendet wurden: Kontoname: SYSTEM Kontodomäne: NT-AUTORITÄT Anmelde-GUID: {00000000-0000-0000-0000-000000000000} Zielserver: Zielservername: localhost Weitere Informationen: localhost Prozessinformationen: Prozess-ID: 0x280 Prozessname: C:\Windows\System32\services.exe Netzwerkinformationen: Netzwerkadresse: - Port: - Dieses Ereignis wird bei einem Anmeldeversuch durch einen Prozess generiert, wenn ausdrücklich die Anmeldeinformationen des Kontos angegeben werden. Dies ist normalerweise der Fall in Batch-Konfigurationen, z. B. bei geplanten Aufgaben oder wenn der Befehl "runas" verwendet wird. Record Number: 11027 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20090921153650.481200-000 Event Type: Überwachung erfolgreich User: Computer Name: Andreas-PC Event Code: 4647 Message: Benutzerinitiierte Abmeldung: Antragsteller: Sicherheits-ID: S-1-5-21-133595383-470094535-1088895100-1000 Kontoname: Andreas Kontodomäne: Andreas-PC Anmelde-ID: 0x2214d Dieses Ereignis wird generiert, wenn eine Abmeldung initiiert wird, aber die Anzahl der Tokenreferenzen nicht Null ist und die Anmeldesitzung nicht zerstört werden kann. Es kann keiner Benutzerinitiierte Aktion erfolgen. Dieses Ereignis kann als Abmeldeereignis interpretiert werden. Record Number: 11026 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20090921153648.593600-000 Event Type: Überwachung erfolgreich User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "FP_NO_HOST_CHECK"=NO "NUMBER_OF_PROCESSORS"=2 "OS"=Windows_NT "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\ "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 6, GenuineIntel "PROCESSOR_LEVEL"=6 "PROCESSOR_REVISION"=0f06 "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "USERNAME"=SYSTEM "windir"=%SystemRoot% -----------------EOF-----------------
Hier noch die Logs Von Malewarebytes und Gmer.Code:Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:48:37, on 08.07.2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18928) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Dell\MediaDirect\PCMService.exe C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe C:\Program Files\G DATA\AntiVirus\AVKTray\AVKTray.exe C:\Program Files\DellSupport\DSAgnt.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Windows\ehome\ehmsas.exe C:\Windows\system32\conime.exe C:\Windows\System32\mobsync.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\trend micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer bereitgestellt von Dell R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: G Data WebFilter Class - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files\G Data\AntiVirus\WebFilter\AvkWebIE.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: T1 - {4180A6C9-26D0-4A15-A2CD-A24E3178E386} - C:\PROGRA~1\LANGEN~1\StdAlone\T1IE.dll O3 - Toolbar: G Data WebFilter - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files\G Data\AntiVirus\WebFilter\AvkWebIE.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe" O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe O4 - HKLM\..\Run: [Corel File Shell Monitor] C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe O4 - HKLM\..\Run: [G Data AntiVirus Tray Application] C:\Program Files\G Data\AntiVirus\AVKTray\AVKTray.exe O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup O4 - HKCU\..\Run: [EPSON Stylus DX4000 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE /FU "C:\Windows\TEMP\E_SDF76.tmp" /EF "HKCU" O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST') O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html O9 - Extra button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O13 - Gopher Prefix: O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553560000} - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: G Data AntiVirus Proxy (AVKProxy) - G Data Software AG - C:\Program Files\Common Files\G DATA\AVKProxy\AVKProxy.exe O23 - Service: G Data Scheduler (AVKService) - G Data Software AG - C:\Program Files\G DATA\AntiVirus\AVK\AVKService.exe O23 - Service: G Data Dateisystem Wächter (AVKWCtl) - G Data Software AG - C:\Program Files\G DATA\AntiVirus\AVK\AVKWCtl.exe O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe O23 - Service: G Data Scanner (GDScan) - G Data Software AG - C:\Program Files\Common Files\G DATA\GDScan\GDScan.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: SupportSoft Sprocket Service (DellSupportCenter) (sprtsvc_DellSupportCenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe O23 - Service: stllssvr - Unknown owner - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe (file missing) O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 8327 bytes
Und 3x GmerCode:Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Datenbank Version: 4291 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.18928 08.07.2010 10:02:22 mbam-log-2010-07-08 (10-02-22).txt Art des Suchlaufs: Quick-Scan Durchsuchte Objekte: 7 Laufzeit: 8 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden)
Code:GMER 1.0.15.15281 - http://www.gmer.net Rootkit scan 2010-07-08 10:32:41 Windows 6.0.6002 Service Pack 2 Running: i1mtku92.exe; Driver: C:\Users\Andreas\AppData\Local\Temp\uwtdqfob.sys ---- Devices - GMER 1.0.15 ---- AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (WDF Dynamic/Microsoft Corporation) AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (WDF Dynamic/Microsoft Corporation) AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Dateisystem-Filter-Manager/Microsoft Corporation) ---- EOF - GMER 1.0.15 ----Code:GMER 1.0.15.15281 - httpwww.gmer.net Rootkit scan 2010-07-08 103425 Windows 6.0.6002 Service Pack 2 Running i1mtku92.exe; Driver CUsersAndreasAppDataLocalTempuwtdqfob.sys ---- Modules - GMER 1.0.15 ---- Module SystemRootsystem32driversGDBehave.sys (Behavior BlockerG Data Software AG) 87D61000-87D68000 (28672 bytes) Module SystemRootsystem32DRIVERSatikmdag.sys (ATI Radeon Kernel Mode DriverATI Technologies Inc.) 8BA03000-8C130000 (7524352 bytes) Module SystemRootsystem32DRIVERSbcm4sbxp.sys (Broadcom Corporation NDIS 5.1 ethernet driverBroadcom Corporation) 87BEF000-87BFF000 (65536 bytes) Module SystemRootsystem32DRIVERSrimmptsk.sys (RICOH MMC DriverREDC) 8C21A000-8C228000 (57344 bytes) Module SystemRootsystem32DRIVERSrimsptsk.sys (RICOH MS DriverREDC) 8C228000-8C23C000 (81920 bytes) Module SystemRootsystem32DRIVERSrixdptsk.sys (RICOH XD SM DriverREDC) 8C23C000-8C28D000 (331776 bytes) Module SystemRootsystem32DRIVERSSynTP.sys (Synaptics Touchpad DriverSynaptics, Inc.) 8C2A0000-8C2CB000 (176128 bytes) Module SystemRootSystem32driversGEARAspiWDM.sys (CD DVD FilterGEAR Software Inc.) 8C2FB000-8C2FE000 (12288 bytes) Module SystemRootsystem32DRIVERSmssmbios.sys (System Management BIOS DriverMicrosoft Corporation) 8C634000-8C63E000 (40960 bytes) Module SystemRootsystem32driversstwrt.sys (NDHFIDT, Inc.) 8C691000-8C6E6000 (348160 bytes) Module SystemRootsystem32DRIVERSHSXHWAZL.sys (HSF_HWAZL WDM driverConexant Systems, Inc.) 8C738000-8C775000 (249856 bytes) Module SystemRootsystem32DRIVERSHSX_DPV.sys (HSF_DP driverConexant Systems, Inc.) 8CA0C000-8CB0F000 (1060864 bytes) Module SystemRootsystem32DRIVERSHSX_CNXT.sys (HSF_CNXT driverConexant Systems, Inc.) 8CB0F000-8CBC3000 (737280 bytes) Module SystemRootsystem32driversrdpencdd.sys (RDP MiniportMicrosoft Corporation) 8CBF7000-8CBFF000 (32768 bytes) Module CWindowssystem32driversGRD.sys (G Data Rootkit Detector DriverG Data Software) 8CD06000-8CD1C000 (90112 bytes) Module SystemRootsystem32driversgdwfpcd32.sys (G DATA WFP Callout DriverG DATA Software AG) 8CD1C000-8CD29000 (53248 bytes) Module CWindowssystem32driversMiniIcpt.sys (Filesystem MiniInterceptor (Mini Filter)G Data Software AG) 8CD29000-8CD37000 (57344 bytes) Module SystemRootSystem32TSDDD.dll (Framebuffer Display DriverMicrosoft Corporation) 94870000-94879000 (36864 bytes) Module SystemRootsystem32DRIVERSbowser.sys (NT Lan Manager Datagram Receiver DriverMicrosoft Corporation) 97B98000-97BB1000 (102400 bytes) Module SystemRootsystem32DRIVERSdsunidrv.sys (GUniDriverGteko Ltd.) 988D4000-988D6000 (8192 bytes) Module SystemRootsystem32DRIVERSmdmxsdk.sys (Diagnostic Interface x86 DriverConexant) 988D6000-988DA000 (16384 bytes) Module SystemRootSystem32Driverssecdrv.SYS (Macrovision SECURITY DriverMacrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) 989E0000-989EA000 (40960 bytes) Module SystemRootsystem32DRIVERSxaudio.sys (Modem Audio Device DriverConexant Systems, Inc.) 989F6000-989FE000 (32768 bytes) Module CWindowssystem32driversHookCentre.sys (Security HookG Data Software AG) 98800000-9880E000 (57344 bytes) Module CProgram_FilesDellSupportGTActiontriggersDSproct.sys (Process Trigger DriverGteko Ltd.) 989FE000-98A00000 (8192 bytes) Module CUsersAndreasAppDataLocalTempuwtdqfob.sys (GMER) 87DCA000-87DE1000 (94208 bytes) ---- Processes - GMER 1.0.15 ---- Process CWindowssystem32svchost.exe (Hostprozess für Windows-DiensteMicrosoft Corporation) 464 Library CWindowssystem32USP10.dll (Uniscribe Unicode script processorMicrosoft Corporation) 0x76FD0000 Library CWindowssystem32credssp.dll (TS Single Sign On Security PackageMicrosoft Corporation) 0x75580000 Process CProgram FilesMicrosoftSearch Enhancement PackSeaPortSeaPort.exe (Microsoft SeaPort Search Enhancement BrokerMicrosoft Corporation) 476 Library CWindowssystem32USP10.dll (Uniscribe Unicode script processorMicrosoft Corporation) 0x76FD0000 Process CWindowssystem32csrss.exe (Client-Server-LaufzeitprozessMicrosoft Corporation) 544 Library CWindowssystem32USP10.dll (Uniscribe Unicode script processorMicrosoft Corporation) 0x76FD0000 Process CWindowssystem32wininit.exe (Windows-StartanwendungMicrosoft Corporation) 596 Library CWindowssystem32USP10.dll (Uniscribe Unicode script processorMicrosoft Corporation) 0x76FD0000 Library CWindowssystem32credssp.dll (TS Single Sign On Security PackageMicrosoft Corporation) 0x75580000 Process CWindowssystem32csrss.exe (Client-Server-LaufzeitprozessMicrosoft Corporation) 608 Library CWindowssystem32USP10.dll (Uniscribe Unicode script processorMicrosoft Corporation) 0x76FD0000 Process CWindowssystem32services.exe (Anwendung für Dienste und ControllerMicrosoft Corporation) 640 Library CWindowssystem32USP10.dll (Uniscribe Unicode script processorMicrosoft Corporation) 0x76FD0000 Library CWindowssystem32credssp.dll (TS Single Sign On Security PackageMicrosoft Corporation) 0x75580000 Process CWindowssystem32lsass.exe (Local Security Authority ProcessMicrosoft Corporation) 656 Library CWindowssystem32USP10.dll (Uniscribe Unicode script processorMicrosoft Corporation) 0x76FD0000 Library CWindowssystem32credssp.dll (TS Single Sign On Security PackageMicrosoft Corporation) 0x75580000 Process CWindowssystem32lsm.exe (Lokaler Sitzungs-Manager-DienstMicrosoft Corporation) 664 Library CWindowssystem32USP10.dll (Uniscribe Unicode script processorMicrosoft Corporation) 0x76FD0000 Library CWindowssystem32credssp.dll (TS Single Sign On Security PackageMicrosoft Corporation) 0x75580000 Process CWindowssystem32winlogon.exe (Windows-AnmeldeanwendungMicrosoft Corporation) 700 Library CWindowssystem32USP10.dll (Uniscribe Unicode script processorMicrosoft Corporation) 0x76FD0000 Process CWindowssystem32svchost.exe (Hostprozess für Windows-DiensteMicrosoft Corporation) 864 Library CWindowssystem32USP10.dll (Uniscribe Unicode script processorMicrosoft Corporation) 0x76FD0000 Library CWindowssystem32credssp.dll (TS Single Sign On Security PackageMicrosoft Corporation) 0x75580000 Process CWindowssystem32svchost.exe (Hostprozess für Windows-DiensteMicrosoft Corporation) 924 Library CWindowssystem32USP10.dll (Uniscribe Unicode script processorMicrosoft Corporation) 0x76FD0000 Library CWindowssystem32credssp.dll (TS Single Sign On Security PackageMicrosoft Corporation) 0x75580000 Process CWindowsSystem32svchost.exe (Hostprozess für Windows-DiensteMicrosoft Corporation) 964 Library CWindowssystem32USP10.dll (Uniscribe Unicode script processorMicrosoft Corporation) 0x76FD0000 Library CWindowsSystem32credssp.dll (TS Single Sign On Security PackageMicrosoft Corporation) 0x75580000 Process CWindowssystem32Ati2evxx.exe (ATI External Event Utility EXE ModuleATI Technologies Inc.) 1052 Library CWindowssystem32Ati2evxx.exe (ATI External Event Utility EXE ModuleATI Technologies Inc.) 0x00400000 Library CWindowssystem32USP10.dll (Uniscribe Unicode script processorMicrosoft Corporation) 0x76FD0000 Process CWindowsSystem32svchost.exe (Hostprozess für Windows-DiensteMicrosoft Corporation) 1084 Library CWindowssystem32USP10.dll (Uniscribe Unicode script processorMicrosoft Corporation) 0x76FD0000 Library CWindowsSystem32credssp.dll (TS Single Sign On Security PackageMicrosoft Corporation) 0x75580000 Library CWindowssystem32stapo.dll (Audio LFXGFXIDT, Inc.) 0x73BA0000 Library CWindowssystem32ctapo32.dll (Creative Audio Processing Object ModuleCreative Technology Ltd.) 0x73A50000 Process CWindowsSystem32svchost.exe (Hostprozess für Windows-DiensteMicrosoft Corporation) 1112 Library CWindowssystem32USP10.dll (Uniscribe Unicode script processorMicrosoft Corporation) 0x76FD0000 Library cwindowssystem32tabsvc.dll (Microsoft Tablet PC-EingabedienstMicrosoft Corporation) 0x740E0000 Library cwindowssystem32l2gpstore.dll (Policy Storage dllMicrosoft Corporation) 0x73920000 Library CWindowsSystem32credssp.dll (TS Single Sign On Security PackageMicrosoft Corporation) 0x75580000 Library CWindowsSystem32ACTIVEDS.dll (ADs Router-Ebene-DLLMicrosoft Corporation) 0x72BF0000 Process CWindowssystem32svchost.exe (Hostprozess für Windows-DiensteMicrosoft Corporation) 1132 Library CWindowssystem32USP10.dll (Uniscribe Unicode script processorMicrosoft Corporation) 0x76FD0000 Library CWindowssystem32credssp.dll (TS Single Sign On Security PackageMicrosoft Corporation) 0x75580000 Library CWindowssystem32ACTIVEDS.dll (ADs Router-Ebene-DLLMicrosoft Corporation) 0x72BF0000 Library CWindowssystem32vsstrace.dll (Microsoft® Volumeschattenkopie-DLL zum Nachverfolgen von AnforderungsprozessenGeneratorenMicrosoft Corporation) 0x72A20000 Library CWindowssystem32wbemncprov.dll (Non-COM WMI Event Provision APIsMicrosoft Corporation) 0x71020000 Library CWindowssystem32MSIMG32.dll (GDIEXT Client DLLMicrosoft Corporation) 0x75450000 Library CWindowssystem32bitsprx2.dll (Background Intelligent Transfer Service ProxyMicrosoft Corporation) 0x74910000 Process CWindowssystem32AUDIODG.EXE (Windows Graphisolierung für Audiogeräte Microsoft Corporation) 1236 Library CWindowssystem32USP10.dll (Uniscribe Unicode script processorMicrosoft Corporation) 0x76FD0000 Library CWindowssystem32stapo.dll (Audio LFXGFXIDT, Inc.) 0x73BA0000 Library CWindowssystem32ctapo32.dll (Creative Audio Processing Object ModuleCreative Technology Ltd.) 0x73A50000 Process CWindowssystem32svchost.exe (Hostprozess für Windows-DiensteMicrosoft Corporation) 1260 Library CWindowssystem32USP10.dll (Uniscribe Unicode script processorMicrosoft Corporation) 0x76FD0000 Process CWindowssystem32SLsvc.exe (Microsoft-SoftwarelizenzierungsdienstMicrosoft Corporation) 1280 Library CWindowssystem32USP10.dll (Uniscribe Unicode script processorMicrosoft Corporation) 0x76FD0000 Process CWindowssystem32svchost.exe (Hostprozess für Windows-DiensteMicrosoft Corporation) 1312 Library CWindowssystem32USP10.dll (Uniscribe Unicode script processorMicrosoft Corporation) 0x76FD0000 Library CWindowssystem32credssp.dll (TS Single Sign On Security PackageMicrosoft Corporation) 0x75580000 Library cwindowssystem32upnphost.dll (UPnP-GerätehostMicrosoft Corporation) 0x71D90000 Library CWindowsSystem32npmproxy.dll (Network List Manager ProxyMicrosoft Corporation) 0x72190000 Process CWindowssystem32svchost.exe (Hostprozess für Windows-DiensteMicrosoft Corporation) 1492 Library CWindowssystem32USP10.dll (Uniscribe Unicode script processorMicrosoft Corporation) 0x76FD0000 Library cwindowssystem32vsstrace.dll (Microsoft® Volumeschattenkopie-DLL zum Nachverfolgen von AnforderungsprozessenGeneratorenMicrosoft Corporation) 0x72A20000 Library CWindowssystem32credssp.dll (TS Single Sign On Security PackageMicrosoft Corporation) 0x75580000 Library cwindowssystem32ACTIVEDS.dll (ADs Router-Ebene-DLLMicrosoft Corporation) 0x72BF0000 Library CWindowssystem32ndptsp.tsp (NDIS-Proxy-TAPI-DienstanbieterMicrosoft Corporation) 0x6FF20000 Process CWindowssystem32Ati2evxx.exe (ATI External Event Utility EXE ModuleATI Technologies Inc.) 1512 Library CWindowssystem32Ati2evxx.exe (ATI External Event Utility EXE ModuleATI Technologies Inc.) 0x00400000 Library CWindowssystem32USP10.dll (Uniscribe Unicode script processorMicrosoft Corporation) 0x76FD0000 Library CWindowssystem32Ati2edxx.dll (ati2edxxATI Technologies, Inc.) 0x00280000 Library CWindowssystem32atipdlxx.dll (ATI Desktop CWDDEDI DLLATI Technologies, Inc.) 0x10000000 Library CWindowssystem32ati2evxx.dll (ATI External Event Utility DLL ModuleATI Technologies Inc.) 0x00290000 Process CWindowssystem32STacSV.exe (STacSV ModuleIDT, Inc.) 1572 Library CWindowssystem32STacSV.exe (STacSV ModuleIDT, Inc.) 0x00400000 Library CWindowssystem32USP10.dll (Uniscribe Unicode script processorMicrosoft Corporation) 0x76FD0000 Library CWindowssystem32stapi32.dll (STACAPI.DLLIDT, Inc.) 0x72000000 Process CWindowsSystem32spoolsv.exe (Spoolersubsystem-AnwendungMicrosoft Corporation) 1760 Library CWindowssystem32USP10.dll (Uniscribe Unicode script processorMicrosoft Corporation) 0x76FD0000 Library CWindowsSystem32credssp.dll (TS Single Sign On Security PackageMicrosoft Corporation) 0x75580000 Library CWindowsSystem32E_FLBBEE.DLL (EPSON Bi-directional MonitorSEIKO EPSON CORPORATION) 0x005B0000 Library CWindowsSystem32mdimon.dll (Microsoft® Document ImagingMicrosoft Corporation) 0x00120000 Library CWindowsSystem32usbmon.dll (Standard-DLL für dynamischen DruckanschlussmonitorMicrosoft Corporation) 0x70190000 Library CWindowssystem32spoolPRTPROCSW32X86mdippr.dll (Microsoft® Document ImagingMicrosoft Corporation) 0x007A0000 Process CWindowssystem32svchost.exe (Hostprozess für Windows-DiensteMicrosoft Corporation) 1784 Library CWindowssystem32USP10.dll (Uniscribe Unicode script processorMicrosoft Corporation) 0x76FD0000 Library CWindowssystem32credssp.dll (TS Single Sign On Security PackageMicrosoft Corporation) 0x75580000 Library CWindowsSystem32npmproxy.dll (Network List Manager ProxyMicrosoft Corporation) 0x72190000 Process CProgram FilesCommon FilesG DATAAVKProxyAVKProxy.exe (G Data AntiVirus Proxy ServiceG Data Software AG) 1952 Library CProgram FilesCommon FilesG DATAAVKProxyAVKProxy.exe (G Data AntiVirus Proxy ServiceG Data Software AG) 0x00400000 Library CWindowssystem32USP10.dll (Uniscribe Unicode script processorMicrosoft Corporation) 0x76FD0000 Library CProgram FilesCommon FilesG DATAAVKProxygdwfpcd.dll (G DATA WFP Callout Driver InterfaceG DATA Software AG) 0x10000000 Library CProgram FilesCommon FilesG DATAAVKScanPAVKScanP.dll (G DATA AntiVirus Scan Server StubG DATA Software AG) 0x722A0000 Library CProgram FilesCommon FilesG DATAAVKScanPAVKQt.dll (G DATA AntiVirus Quarantine ModuleG DATA Software AG) 0x01F00000 Library CProgram FilesCommon FilesG DATAAVKProxyavkpop3.dll (G DATA POP3 ScannerG DATA Software AG) 0x01F60000 Library CProgram FilesCommon FilesG DATAAVKProxyavkimap.dll (G DATA IMAP ScannerG DATA Software AG) 0x01F90000 Library CProgram FilesCommon FilesG DATAAVKProxyavksmtp.dll (G DATA SMTP ScannerG DATA Software AG) 0x01FC0000 Library CProgram FilesCommon FilesG DATAAVKProxyavkhttp.dll (G Data HTTP ScannerG Data Software AG) 0x03250000 Library CProgram FilesCommon FilesG DATAAVKProxyavkim.dll (G Data IM ScannerG Data Software AG) 0x021B0000 Library CProgram FilesCommon FilesG DATAAVKProxyBehaviourService.dll (G Data Behaviour ServiceG Data Software AG) 0x6C830000 Library CProgram FilesCommon FilesG DATAAVKProxyGdDeepAnalyse.dll (G DATA Security AnalyserG DATA Software AG) 0x6CBD0000 Library CProgram FilesCommon FilesG DATAAVKProxyBehaviourServiceResources.dll (G Data Behaviour ServiceG Data Software AG) 0x6D2E0000 Library CProgram FilesCommon FilesG DATAAVKProxySecSrv.dll (Security Server Dll (32-Bit)G Data Software AG) 0x6CA50000 Library CProgram FilesG DATAAntiVirusAVKMiniIcpt2.dll (MiniInterceptor StubG Data Software AG) 0x01870000 Library CWindowssystem32FLTLIB.DLL (FilterbibliothekMicrosoft Corporation) 0x73840000 Library CProgram FilesG DATAAntiVirusAVKSysIcpt.dll (SysHook StubG DATA Software AG) 0x02230000 Process CProgram FilesG DATAAntiVirusAVKAVKService.exe (G Data InternetSecurity Scheduler ServiceG Data Software AG) 1968 Library CProgram FilesG DATAAntiVirusAVKAVKService.exe (G Data InternetSecurity Scheduler ServiceG Data Software AG) 0x00400000 Library CWindowssystem32USP10.dll (Uniscribe Unicode script processorMicrosoft Corporation) 0x76FD0000 Process CProgram FilesG DATAAntiVirusAVKAVKWCtl.exe (G Data Filesystem Monitor ServiceG Data Software AG) 1988 Library CProgram FilesG DATAAntiVirusAVKAVKWCtl.exe (G Data Filesystem Monitor ServiceG Data Software AG) 0x00400000 Library CProgram FilesG DATAAntiVirusAVKMiniIcpt2.dll (MiniInterceptor StubG Data Software AG) 0x10000000 Library CWindowssystem32FLTLIB.DLL (FilterbibliothekMicrosoft Corporation) 0x73840000 Library CWindowssystem32USP10.dll (Uniscribe Unicode script processorMicrosoft Corporation) 0x76FD0000 Library CProgram FilesG DATAAntiVirusAVKSysIcpt.dll (SysHook StubG DATA Software AG) 0x00DB0000 Library CProgram FilesG DATAAntiVirusAVKAVKWSC.dll (G Data WSC HelperG Data Software AG) 0x00E20000 Library CProgram FilesCommon FilesG DATAAVKScanPAVKScanP.dll (G DATA AntiVirus Scan Server StubG DATA Software AG) 0x722A0000 Library CProgram FilesCommon FilesG DATAAVKScanPAVKQt.dll (G DATA AntiVirus Quarantine ModuleG DATA Software AG) 0x01E00000 Process CWindowssystem32svchost.exe (Hostprozess für Windows-DiensteMicrosoft Corporation) 2052 Library CWindowssystem32USP10.dll (Uniscribe Unicode script processorMicrosoft Corporation) 0x76FD0000 Library CWindowssystem32credssp.dll (TS Single Sign On Security PackageMicrosoft Corporation) 0x75580000 Process CWindowssystem32SearchIndexer.exe (Microsoft Windows Search-IndexerstellungMicrosoft Corporation) 2136 Library CWindowssystem32USP10.dll (Uniscribe Unicode script processorMicrosoft Corporation) 0x76FD0000 Library CWindowssystem32credssp.dll (TS Single Sign On Security PackageMicrosoft Corporation) 0x75580000 Library CWindowssystem32vsstrace.dll (Microsoft® Volumeschattenkopie-DLL zum Nachverfolgen von AnforderungsprozessenGeneratorenMicrosoft Corporation) 0x72A20000 Process CWindowssystem32DRIVERSxaudio.exe (Modem Audio ServiceConexant Systems, Inc.) 2212 Library CWindowssystem32DRIVERSxaudio.exe (Modem Audio ServiceConexant Systems, Inc.) 0x00400000 Library CWindowssystem32USP10.dll (Uniscribe Unicode script processorMicrosoft Corporation) 0x76FD0000 Process CProgram FilesSpybot - Search & DestroySDWinSec.exe (Spybot-S&D Security Center integrationSafer Networking Ltd.) 2292 Library CProgram FilesSpybot - Search & DestroySDWinSec.exe (Spybot-S&D Security Center integrationSafer Networking Ltd.) 0x00400000 Library CWindowssystem32USP10.dll (Uniscribe Unicode script processorMicrosoft Corporation) 0x76FD0000 Library CWindowssystem32msimg32.dll (GDIEXT Client DLLMicrosoft Corporation) 0x75450000 Process CProgram FilesCommon FilesG DATAGDScanGDScan.exe (G Data AntiVirus Scan ServerG Data Software AG) 2532 Library CProgram FilesCommon FilesG DATAGDScanGDScan.exe (G Data AntiVirus Scan ServerG Data Software AG) 0x003B0000 Library CWindowssystem32USP10.dll (Uniscribe Unicode script processorMicrosoft Corporation) 0x76FD0000 Library CProgram FilesCommon FilesG DATAGDScanAVKScanPS.dll (G DATA AntiVirus PScanner ModuleG DATA Software AG) 0x10000000 Library CProgram FilesCommon FilesG DATAAVKScanPAVKQt.dll (G DATA AntiVirus Quarantine ModuleG DATA Software AG) 0x01010000 Library CProgram FilesCommon FilesG DATAAVKScanPBD1bdcore.dll (BitDefender CoreBitDefender) 0x00960000 Library CProgram FilesCommon FilesG DATAAVKScanPBD1avxdisk.dll (BitDefender CoreBitDefender) 0x00FC0000 Library CProgram FilesCommon FilesG DATAAVKScanPAvastaswEngin.dll (High level antivirus engineALWIL Software) 0x64280000 Library CProgram FilesCommon FilesG DATAAVKScanPAvastaswScan.dll (Low level antivirus engineALWIL Software) 0x64200000 Library CProgram FilesCommon FilesG DATAAVKScanPAvastaswCmnOS.dll (Antivirus HW dependent libraryALWIL Software) 0x64000000 Library CProgram FilesCommon FilesG DATAAVKScanPAvastaswCmnB.dll (High level portable functionsALWIL Software) 0x64080000 Library CProgram FilesCommon FilesG DATAAVKScanPAvastaswCmnS.dll (Common non-portable functionsALWIL Software) 0x64100000 Process CWindowssystem32SearchFilterHost.exe (Microsoft Windows Search Filter HostMicrosoft Corporation) 2604 Library CWindowssystem32USP10.dll (Uniscribe Unicode script processorMicrosoft Corporation) 0x76FD0000 Process CWindowssystem32WUDFHost.exe (Windows Driver Foundation - Benutzermodus-Treiberframework-HostprozessMicrosoft Corporation) 2816 Library CWindowssystem32USP10.dll (Uniscribe Unicode script processorMicrosoft Corporation) 0x76FD0000 Process CWindowssystem32SearchProtocolHost.exe (Microsoft Windows Search Protocol HostMicrosoft Corporation) 2948 Library CWindowssystem32USP10.dll (Uniscribe Unicode script processorMicrosoft Corporation) 0x76FD0000 Process CWindowssystem32Dwm.exe (Desktopfenster-ManagerMicrosoft Corporation) 3008 Library CWindowssystem32USP10.dll (Uniscribe Unicode script processorMicrosoft Corporation) 0x76FD0000 Library CWindowssystem32atiumdag.dll (atiumdag.dllATI Technologies Inc. ) 0x70770000 Library CWindowssystem32atiumdva.dll (Radeon Video Acceleration Universal DriverATI Technologies Inc. ) 0x01B10000 Process CWindowssystem32taskeng.exe (AufgabenplanungsmodulMicrosoft Corporation) 3044 Library CWindowssystem32USP10.dll (Uniscribe Unicode script processorMicrosoft Corporation) 0x76FD0000 Library CWindowssystem32pautoenr.dll (DLL für automatische RegistrierungMicrosoft Corporation) 0x6D120000 Process CWindowsExplorer.EXE (Windows-ExplorerMicrosoft Corporation) 3080 Library CWindowssystem32USP10.dll (Uniscribe Unicode script processorMicrosoft Corporation) 0x76FD0000 Library CWindowssystem32MSIMG32.dll (GDIEXT Client DLLMicrosoft Corporation) 0x75450000 Library CWindowssystem32MSACM32.dll (Microsoft ACM-AudiofilterMicrosoft Corporation) 0x73DA0000 Library CWindowsSystem32npmproxy.dll (Network List Manager ProxyMicrosoft Corporation) 0x72190000 Library CWindowssystem32wscntfy.dll (Windows-Sicherheitscenter-BenachrichtigungsanwendungMicrosoft Corporation) 0x6D3E0000 Library CProgram FilesMalwarebytes' Anti-Malwarembamext.dll (Malwarebytes' Anti-MalwareMalwarebytes Corporation) 0x10000000 Library CProgram FilesEPSONCreativity SuiteEasy Photo PrintEPPShell.dll (SEIKO EPSON CORPORATION) 0x033F0000 Library CProgram FilesG DataAntiVirusAVKShellExt.dll (G Data AntiVirus Shell ExtensionG Data Software AG) 0x03430000 Library CWindowssystem32credssp.dll (TS Single Sign On Security PackageMicrosoft Corporation) 0x75580000 Process CWindowssystem32taskeng.exe (AufgabenplanungsmodulMicrosoft Corporation) 3168 Library CWindowssystem32USP10.dll (Uniscribe Unicode script processorMicrosoft Corporation) 0x76FD0000 Library CWindowssystem32atitmmxx.dll 0x10000000 Library CWindowssystem32atipdlxx.dll (ATI Desktop CWDDEDI DLLATI Technologies, Inc.) 0x019C0000 Library CWindowssystem32MSACM32.dll (Microsoft ACM-AudiofilterMicrosoft Corporation) 0x73DA0000 Library CWindowssystem32pautoenr.dll (DLL für automatische RegistrierungMicrosoft Corporation) 0x6D120000 Process CProgram FilesSynapticsSynTPSynTPEnh.exe (Synaptics TouchPad EnhancementsSynaptics, Inc.) 3564 Library CProgram FilesSynapticsSynTPSynTPEnh.exe (Synaptics TouchPad EnhancementsSynaptics, Inc.) 0x00400000 Library CWindowssystem32USP10.dll (Uniscribe Unicode script processorMicrosoft Corporation) 0x76FD0000 Library CWindowssystem32SynCOM.dll (SynCOMSynaptics, Inc.) 0x10000000 Library CWindowssystem32SynTPAPI.dll (SynTPAPISynaptics, Inc.) 0x63010000 Process CProgram FilesDellMediaDirectPCMService.exe (CyberLink PowerCinema Resident ProgramCyberLink Corp.) 3596 Library CProgram FilesDellMediaDirectPCMService.exe (CyberLink PowerCinema Resident ProgramCyberLink Corp.) 0x00400000 Library CWindowssystem32USP10.dll (Uniscribe Unicode script processorMicrosoft Corporation) 0x76FD0000 Library CWindowssystem32MSIMG32.dll (GDIEXT Client DLLMicrosoft Corporation) 0x75450000 Library CProgram FilesDellMediaDirectKernelcommonCLRCEngine3.dll (Cyberlink Remote Control Module for PCMCyberLink Corp.) 0x10000000 Library CProgram FilesDellMediaDirectKernelMovieCLNavX.ax (CyberLink DVD Navigation FilterCyberLink Corp.) 0x1D1C0000 Process CProgram FilesSigmaTelC-Major AudioWDMsttray.exe (Sigmatel Audio system tray applicationIDT, Inc.) 3620 Library CProgram FilesSigmaTelC-Major AudioWDMsttray.exe (Sigmatel Audio system tray applicationIDT, Inc.) 0x00400000 Library CProgram FilesSigmaTelC-Major AudioWDMSTLang.dll (Localize ModuleSigmaTel, Inc.) 0x10000000 Library CWindowssystem32USP10.dll (Uniscribe Unicode script processorMicrosoft Corporation) 0x76FD0000 Library CWindowssystem32stapi32.dll (STACAPI.DLLIDT, Inc.) 0x72000000 Process CProgram FilesCorelCorel Paint Shop Pro Photo X2CorelIOMonitor.exe 3636 Library CProgram FilesCorelCorel Paint Shop Pro Photo X2CorelIOMonitor.exe 0x00400000 Library CWindowssystem32USP10.dll (Uniscribe Unicode script processorMicrosoft Corporation) 0x76FD0000 Process CProgram FilesG DATAAntiVirusAVKTrayAVKTray.exe (G Data Security SoftwareG Data Software AG) 3652 Library CProgram FilesG DATAAntiVirusAVKTrayAVKTray.exe (G Data Security SoftwareG Data Software AG) 0x00400000 Library CWindowssystem32MSIMG32.dll (GDIEXT Client DLLMicrosoft Corporation) 0x75450000 Library CWindowssystem32USP10.dll (Uniscribe Unicode script processorMicrosoft Corporation) 0x76FD0000 Library CProgram FilesG DataAntiVirusCommonAVKRes.dll (G Data Common ResourcesG Data Software AG) 0x10000000 Process CProgram FilesDellSupportDSAgnt.exe (Dell SupportGteko Ltd.) 3676 Library CProgram FilesDellSupportDSAgnt.exe (Dell SupportGteko Ltd.) 0x00400000 Library CWindowssystem32USP10.dll (Uniscribe Unicode script processorMicrosoft Corporation) 0x76FD0000 Library CProgram FilesDellSupportGTAgnt.dll (GTAgntGteko Ltd.) 0x10000000 Library CProgram FilesDellSupportCfgData.DLL (CfgData ModuleGteko Ltd.) 0x001E0000 Library CProgram FilesDellSupportActMgr.dll (ActMgrGteko Ltd.) 0x01B10000 Library cprogra~1dellsu~1gtactionhandlersbrkrsvch.dll (BrkrSvcHGteko Ltd.) 0x02C20000 Library cprogra~1dellsu~1gtactionhandlersgrouph.dll (GroupHGteko Ltd.) 0x02C50000 Library cprogra~1dellsu~1gtactionhandlerspnph.dll (PNPHGteko Ltd.) 0x02CC0000 Library cprogra~1dellsu~1gtactionhandlersqdiagh.dll (QDiagHGteko Ltd.) 0x02D40000 Library cprogra~1dellsu~1gtactionhandlerstrgloadh.dll (TrgLoadHGteko Ltd.) 0x02EF0000 Library cprogra~1dellsu~1gtactionhandlerstrgregh.dll (TriggerHandlerGteko Ltd.) 0x038B0000 Library CProgram FilesDellSupportTrgMgr.DLL (TrgMgr ModuleGteko Ltd.) 0x038F0000 Library CPROGRA~1DELLSU~1gdql_d.dll (QDiagLib ModuleGteko Ltd.) 0x04C00000 Library CWindowssystem32MSACM32.dll (Microsoft ACM-AudiofilterMicrosoft Corporation) 0x73DA0000 Library CPROGRA~1DELLSU~1GTACTIONTRIGGERSTIMERT.DLL (TimerTGteko Ltd.) 0x03B50000 Library CPROGRA~1DELLSU~1GTACTIONTRIGGERSDSPROCT.DLL (ProcessTGteko Ltd.) 0x048E0000 Library CPROGRA~1DELLSU~1GTACTIONTRIGGERSDSWNHNT.DLL (WinHunTGteko Ltd.) 0x04960000 Library CWindowssystem32credssp.dll (TS Single Sign On Security PackageMicrosoft Corporation) 0x75580000 Process CWindowsehomeehtray.exe (Media Center Tray AppletMicrosoft Corporation) 3696 Library CWindowssystem32USP10.dll (Uniscribe Unicode script processorMicrosoft Corporation) 0x76FD0000 Process CProgram FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe (GoogleToolbarNotifierGoogle Inc.) 3712 Library CProgram FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe (GoogleToolbarNotifierGoogle Inc.) 0x00400000 Library CProgram FilesGoogleGoogleToolbarNotifier5.5.5126.1836gtn.dll (GoogleToolbarNotifierGoogle Inc.) 0x10000000 Library CWindowssystem32USP10.dll (Uniscribe Unicode script processorMicrosoft Corporation) 0x76FD0000 Library CProgram FilesGoogleGoogleToolbarNotifier5.5.5126.1836swg.dll (GoogleToolbarNotifierGoogle Inc.) 0x01D20000 Process CWindowsehomeehmsas.exe (Media Center Media Status Aggregator ServiceMicrosoft Corporation) 3764 Library CWindowssystem32USP10.dll (Uniscribe Unicode script processorMicrosoft Corporation) 0x76FD0000 Process CWindowssystem32conime.exe (Console IMEMicrosoft Corporation) 4336 Library CWindowssystem32USP10.dll (Uniscribe Unicode script processorMicrosoft Corporation) 0x76FD0000 Process CProgram FilesDell Support Centerbinsprtsvc.exe (SupportSoft Agent ServiceSupportSoft, Inc.) 4356 Library CProgram FilesDell Support Centerbinsprtsvc.exe (SupportSoft Agent ServiceSupportSoft, Inc.) 0x00400000 Library CWindowssystem32USP10.dll (Uniscribe Unicode script processorMicrosoft Corporation) 0x76FD0000 Library CProgram FilesDell Support Centerbinsprtsched.dll (sprtschedSupportSoft, Inc.) 0x62D20000 Library CProgram FilesDell Support Centerbinsprtfod.dll (sprtfodSupportSoft, Inc.) 0x627C0000 Library CProgram FilesDell Support CenterbinLIBEAY32.dll (SSL ModuleSupportSoft, Inc.) 0x61F30000 Library CProgram FilesDell Support Centerbinsprtsync.dll (sprtsyncSupportSoft, Inc.) 0x666C0000 Library CProgram FilesDell Support Centerbinsprtupdate.dll (sprtupdateSupportSoft, Inc.) 0x62E00000 Library CWindowssystem32credssp.dll (TS Single Sign On Security PackageMicrosoft Corporation) 0x75580000 Library CWindowssystem32bitsprx2.dll (Background Intelligent Transfer Service ProxyMicrosoft Corporation) 0x74910000 Process Fi1mtku92.exe 5212 Library Fi1mtku92.exe 0x00400000 Library CWindowssystem32USP10.dll (Uniscribe Unicode script processorMicrosoft Corporation) 0x76FD0000 Library CWindowssystem32ACTIVEDS.dll (ADs Router-Ebene-DLLMicrosoft Corporation) 0x72BF0000 Library CPROGRA~1COMMON~1SYSTEMMSMAPI1031MSMAPI32.DLL (Extended MAPI 1.0 for Windows NTMicrosoft Corporation) 0x6B920000 ---- Services - GMER 1.0.15 ---- Service CWindowssystem32Ati2evxx.exe (ATI External Event Utility EXE ModuleATI Technologies Inc.) [AUTO] Ati External Event Utility Service Atierecord Service CProgram FilesCommon FilesG DATAAVKProxyAVKProxy.exe (G Data AntiVirus Proxy ServiceG Data Software AG) [AUTO] AVKProxy Service CProgram FilesG DATAAntiVirusAVKAVKService.exe (G Data InternetSecurity Scheduler ServiceG Data Software AG) [AUTO] AVKService Service CProgram FilesG DATAAntiVirusAVKAVKWCtl.exe (G Data Filesystem Monitor ServiceG Data Software AG) [AUTO] AVKWCtl Service CWindowssystem32DRIVERSbcm4sbxp.sys (Broadcom Corporation NDIS 5.1 ethernet driverBroadcom Corporation) [MANUAL] bcm4sbxp Service CWindowssystem32DRIVERSbowser.sys (NT Lan Manager Datagram Receiver DriverMicrosoft Corporation) [MANUAL] bowser Service CWindowssystem32driversbrfiltlo.sys (Windows ME USB Mass-Storage Bulk-Only Lower Filter DriverBrother Industries, Ltd.) [MANUAL] BrFiltLo Service CWindowssystem32driversbrfiltup.sys (Windows ME USB Mass-Storage Bulk-Only Upper Filter DriverBrother Industries, Ltd.) [MANUAL] BrFiltUp Service CWindowssystem32driversbrusbser.sys (Brother USB Serial DriverBrother Industries Ltd.) [MANUAL] BrUsbSer Service BTHPORT Service CProgram FilesDellSupportbrkrsvc.exe [MANUAL] DSBrokerService Service FCProgram FilesDellSupportGTActiontriggersDSproct.sys [MANUAL] DSproct Service CWindowssystem32DRIVERSdsunidrv.sys (GUniDriverGteko Ltd.) [AUTO] dsunidrv Service CWindowssystem32DRIVERSe1e6032.sys (Intel(R) PRO1000 Adapter NDIS 6 deserialized driverIntel Corporation) [MANUAL] e1express Service CWindowssystem32DRIVERSE1G60I32.sys (Intel(R) PRO1000 Adapter NDIS 6 deserialized driverIntel Corporation) [MANUAL] E1G60 Service CWindowssystem32driversGDBehave.sys (Behavior BlockerG Data Software AG) [BOOT] GDBehave Service FCWindowssystem32driversMiniIcpt.sys [SYSTEM] GDMnIcpt Service CProgram FilesCommon FilesG DATAGDScanGDScan.exe (G Data AntiVirus Scan ServerG Data Software AG) [MANUAL] GDScan Service CWindowssystem32driversgdwfpcd32.sys (G DATA WFP Callout DriverG DATA Software AG) [SYSTEM] gdwfpcd Service CWindowsSystem32driversGEARAspiWDM.sys (CD DVD FilterGEAR Software Inc.) [MANUAL] GearAspiWDM Service FCWindowssystem32driversGRD.sys [SYSTEM] GRD Service CProgram FilesGoogleUpdateGoogleUpdate.exe (Google InstallerGoogle Inc.) [AUTO] gupdate Service CProgram FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe (gusvcGoogle) [MANUAL] gusvc Service FCWindowssystem32driversHookCentre.sys [MANUAL] HookCentre Service CWindowssystem32DRIVERSHSX_DPV.sys (HSF_DP driverConexant Systems, Inc.) [MANUAL] HSF_DPV Service CWindowssystem32DRIVERSHSXHWAZL.sys (HSF_HWAZL WDM driverConexant Systems, Inc.) [MANUAL] HSXHWAZL Service CProgram FilesCommon FilesInstallShieldDriver1050Intel 32IDriverT.exe (IDriverT ModuleMacrovision Corporation) [MANUAL] IDriverT Service system32DRIVERSipinip.sys [MANUAL] IpInIp Service CWindowssystem32DRIVERSmdmxsdk.sys (Diagnostic Interface x86 DriverConexant) [AUTO] mdmxsdk Service MSDTC Bridge 3.0.0.0 Service MSDTC Bridge 4.0.0.0 Service CWindowssystem32DRIVERSmssmbios.sys (System Management BIOS DriverMicrosoft Corporation) [MANUAL] mssmbios Service CWindowssystem32DRIVERSNETw3v32.sys (Intel® Wireless LAN DriverIntel® Corporation) [MANUAL] NETw3v32 Service CWindowssystem32DRIVERSNETw4v32.sys (Intel® Wireless WiFi Link DriverIntel Corporation) [MANUAL] NETw4v32 Service system32DRIVERSnwlnkflt.sys [MANUAL] NwlnkFlt Service system32DRIVERSnwlnkfwd.sys [MANUAL] NwlnkFwd Service Outlook Service CWindowssystem32DRIVERSatikmdag.sys (ATI Radeon Kernel Mode DriverATI Technologies Inc.) [MANUAL] R300 Service CWindowssystem32driversrdpencdd.sys (RDP MiniportMicrosoft Corporation) [SYSTEM] RDPENCDD Service CWindowssystem32DRIVERSrimmptsk.sys (RICOH MMC DriverREDC) [AUTO] rimmptsk Service CWindowssystem32DRIVERSrimsptsk.sys (RICOH MS DriverREDC) [AUTO] rimsptsk Service CWindowssystem32DRIVERSrixdptsk.sys (RICOH XD SM DriverREDC) [AUTO] rismxdp Service CProgram FilesSpybot - Search & DestroySDWinSec.exe (Spybot-S&D Security Center integrationSafer Networking Ltd.) [AUTO] SBSDWSCService Service (Macrovision SECURITY DriverMacrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [AUTO] secdrv Service ServiceModelEndpoint 3.0.0.0 Service ServiceModelOperation 3.0.0.0 Service ServiceModelService 3.0.0.0 Service CWindowssystem32driverssffp_sd.sys (Small Form Factor SD Protocol DriverMicrosoft Corporation) [MANUAL] sffp_sd Service SMSvcHost 3.0.0.0 Service SMSvcHost 4.0.0.0 Service CProgram FilesDell Support Centerbinsprtsvc.exe (SupportSoft Agent ServiceSupportSoft, Inc.) [AUTO] sprtsvc_DellSupportCenter Service CWindowssystem32STacSV.exe (STacSV ModuleIDT, Inc.) [AUTO] STacSV Service CWindowssystem32driversstwrt.sys (NDHFIDT, Inc.) [MANUAL] STHDA Service CProgram FilesCommon FilesSureThing Sharedstllssvr.exe [MANUAL] stllssvr Service SynPS2Enable Service CWindowssystem32DRIVERSSynTP.sys (Synaptics Touchpad DriverSynaptics, Inc.) [MANUAL] SynTP Service CWindowssystem32DRIVERSvgapnp.sys (VGASuper VGA Video DriverMicrosoft Corporation) [MANUAL] vga Service CWindowssystem32DRIVERSHSX_CNXT.sys (HSF_CNXT driverConexant Systems, Inc.) [MANUAL] winachsf Service Windows Workflow Foundation 3.0.0.0 Service WSearchIdxPi Service CWindowssystem32DRIVERSxaudio.sys (Modem Audio Device DriverConexant Systems, Inc.) [AUTO] XAudio Service CWindowssystem32DRIVERSxaudio.exe (Modem Audio ServiceConexant Systems, Inc.) [AUTO] XAudioService ---- EOF - GMER 1.0.15 ----Den Bericht von G-Data liefere ich noch nach.Code:GMER 1.0.15.15281 - http://www.gmer.net Autostart scan 2010-07-08 10:37:32 Windows 6.0.6002 Service Pack 2 HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems@Windows = %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16 HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon@Userinit = C:\Windows\system32\userinit.exe, HKLM\SYSTEM\CurrentControlSet\Services\ >>> Ati External Event Utility@ = %SystemRoot%\system32\Ati2evxx.exe AVKProxy@ = "C:\Program Files\Common Files\G DATA\AVKProxy\AVKProxy.exe" AVKService@ = C:\Program Files\G DATA\AntiVirus\AVK\AVKService.exe AVKWCtl@ = C:\Program Files\G DATA\AntiVirus\AVK\AVKWCtl.exe clr_optimization_v4.0.30319_32@ = C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe gupdate@ = "C:\Program Files\Google\Update\GoogleUpdate.exe" /svc SBSDWSCService@ = C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe SeaPort@ = "C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe" slsvc@ = %SystemRoot%\system32\SLsvc.exe sprtsvc_DellSupportCenter@ = "C:\Program Files\Dell Support Center\bin\sprtsvc.exe" /service /P DellSupportCenter STacSV@ = C:\Windows\system32\STacSV.exe WSearch@ = %systemroot%\system32\SearchIndexer.exe /Embedding XAudioService@ = %SystemRoot%\system32\DRIVERS\xaudio.exe HKLM\Software\Microsoft\Windows\CurrentVersion\Run >>> @SynTPEnhC:\Program Files\Synaptics\SynTP\SynTPEnh.exe = C:\Program Files\Synaptics\SynTP\SynTPEnh.exe @ISUSScheduler"C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start = "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start @PCMService"C:\Program Files\Dell\MediaDirect\PCMService.exe" = "C:\Program Files\Dell\MediaDirect\PCMService.exe" @SigmatelSysTrayApp%ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe /*file not found*/ = %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe /*file not found*/ @Corel File Shell MonitorC:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe = C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe @G Data AntiVirus Tray ApplicationC:\Program Files\G Data\AntiVirus\AVKTray\AVKTray.exe = C:\Program Files\G Data\AntiVirus\AVKTray\AVKTray.exe HKCU\Software\Microsoft\Windows\CurrentVersion\Run >>> @DellSupport"C:\Program Files\DellSupport\DSAgnt.exe" /startup = "C:\Program Files\DellSupport\DSAgnt.exe" /startup @EPSON Stylus DX4000 SeriesC:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE /FU "C:\Windows\TEMP\E_SDF76.tmp" /EF "HKCU" = C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE /FU "C:\Windows\TEMP\E_SDF76.tmp" /EF "HKCU" @ehTray.exeC:\Windows\ehome\ehTray.exe = C:\Windows\ehome\ehTray.exe @swg"C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" = "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved >>> @{F02C1A0D-BE21-4350-88B0-7367FC96EF3C} /*Computers and Devices*/%systemroot%\system32\NetworkExplorer.dll = %systemroot%\system32\NetworkExplorer.dll @{4A1E5ACD-A108-4100-9E26-D2FAFA1BA486} /*IGD Property Sheet Handler*/%SystemRoot%\System32\icsigd.dll = %SystemRoot%\System32\icsigd.dll @{92dbad9f-5025-49b0-9078-2d78f935e341} /*Microsoft Windows Mail Html Preview Handler*/%SystemRoot%\system32\inetcomm.dll = %SystemRoot%\system32\inetcomm.dll @{b9815375-5d7f-4ce2-9245-c9d4da436930} /*Microsoft Windows Mail Html Preview Handler*/%SystemRoot%\system32\inetcomm.dll = %SystemRoot%\system32\inetcomm.dll @{f8b8412b-dea3-4130-b36c-5e8be73106ac} /*Microsoft Windows Mail Html Preview Handler*/%SystemRoot%\system32\inetcomm.dll = %SystemRoot%\system32\inetcomm.dll @{5FA29220-36A1-40f9-89C6-F4B384B7642E} /*Shell Message Handler*/%SystemRoot%\system32\inetcomm.dll = %SystemRoot%\system32\inetcomm.dll @{E7E4BC40-E76A-11CE-A9BB-00AA004AE837} /*Shell DocObject Viewer*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll @{FBF23B40-E3F0-101B-8488-00AA003E56F8} /*InternetShortcut*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll @{3C374A40-BAE4-11CF-BF7D-00AA006946EE} /*Microsoft Url History Service*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll @{FF393560-C2A7-11CF-BFF4-444553540000} /*History*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll @{7BD29E00-76C1-11CF-9DD0-00A0C9034933} /*Temporary Internet Files*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll @{7BD29E01-76C1-11CF-9DD0-00A0C9034933} /*Temporary Internet Files*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll @{CFBFAE00-17A6-11D0-99CB-00C04FD64497} /*Microsoft Url Search Hook*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll @{3DC7A020-0ACD-11CF-A9BB-00AA004AE837} /*The Internet*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll @{73CFD649-CD48-4fd8-A272-2070EA56526B} /*IE BandProxy*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll @{07C45BB1-4A8C-4642-A1F5-237E7215FF66} /*IE Microsoft BrowserBand*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll @{43886CD5-6529-41c4-A707-7B3C92C05E68} /*IE Navigation Bar*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll @{30D02401-6A81-11d0-8274-00C04FD5AE38} /*IE Search Band*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll @{F83DAC1C-9BB9-4f2b-B619-09819DA81B0E} /*IE Registry Tree Options Utility*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll @{3028902F-6374-48b2-8DC6-9725E775B926} /*IE AutoComplete*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll @{98FF6D4B-6387-4b0a-8FBD-C5C4BB17B4F8} /*IE MRU AutoComplete List*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll @{FDE7673D-2E19-4145-8376-BBD58C4BC7BA} /*IE Custom MRU AutoCompleted List*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll @{6038EF75-ABFC-4e59-AB6F-12D397F6568D} /*IE Microsoft History AutoComplete List*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll @{9D958C62-3954-4b44-8FAB-C4670C1DB4C2} /*IE Microsoft Shell Folder AutoComplete List*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll @{B31C5FAE-961F-415b-BAF0-E697A5178B94} /*IE Microsoft Multiple AutoComplete List Container*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll @{E6EE9AAC-F76B-4947-8260-A9F136138E11} /*IE Shell Band Site Menu*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll @{BFAD62EE-9D54-4b2a-BF3B-76F90697BD2A} /*IE Shell Rebar BandSite*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll @{FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} /*IE User Assist*/(null) = @{4B78D326-D922-44f9-AF2A-07805C2A3560} /*IE Menu Band*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll @{6CF48EF8-44CD-45d2-8832-A16EA016311B} /*IE IShellFolderBand*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll @{F2CF5485-4E02-4f68-819C-B92DE9277049} /*&Links*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll @{1C1EDB47-CE22-4bbb-B608-77B48F83C823} /*IE Fade Task*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll @{6B4ECC4F-16D1-4474-94AB-5A763F2A54AE} /*IE Tracking Shell Menu*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll @{44C76ECD-F7FA-411c-9929-1B77BA77F524} /*IE Menu Site*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll @{205D7A97-F16D-4691-86EF-F3075DCCA57D} /*IE Menu Desk Bar*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll @{871C5380-42A0-1069-A2EA-08002B30309D} /*Internet Name Space*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll @{9A096BB5-9DC3-4D1C-8526-C3CBF991EA4E} /*IE RSS Feeder Folder*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll @{8856f961-340a-11d0-a96b-00c04fd705a2} /*Microsoft Web Browser*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll @{00020d75-0000-0000-c000-000000000046} /*Microsoft Office Outlook Desktop Icon Handler*/C:\PROGRA~1\MICROS~3\OFFICE11\MLSHEXT.DLL = C:\PROGRA~1\MICROS~3\OFFICE11\MLSHEXT.DLL @{CC6EEFFB-43F6-46c5-9619-51D571967F7D} /*Web Publishing Wizard*/%SystemRoot%\System32\shwebsvc.dll = %SystemRoot%\System32\shwebsvc.dll @{add36aa8-751a-4579-a266-d66f5202ccbb} /*Print Ordering via the Web*/%SystemRoot%\System32\shwebsvc.dll = %SystemRoot%\System32\shwebsvc.dll @{6b33163c-76a5-4b6c-bf21-45de9cd503a1} /*Shell Publishing Wizard Object*/%SystemRoot%\System32\shwebsvc.dll = %SystemRoot%\System32\shwebsvc.dll @{176d6597-26d3-11d1-b350-080036a75b03} /*ICM Scanner Management*/%SystemRoot%\System32\colorui.dll = %SystemRoot%\System32\colorui.dll @{5DB2625A-54DF-11D0-B6C4-0800091AA605} /*ICM Monitor Management*/%SystemRoot%\System32\colorui.dll = %SystemRoot%\System32\colorui.dll @{675F097E-4C4D-11D0-B6C1-0800091AA605} /*ICM Printer Management*/%SystemRoot%\system32\colorui.dll = %SystemRoot%\system32\colorui.dll @{DBCE2480-C732-101B-BE72-BA78E9AD5B27} /*ICC Profile*/%SystemRoot%\system32\colorui.dll = %SystemRoot%\system32\colorui.dll @{b2c761c6-29bc-4f19-9251-e6195265baf1} /*Color Control Panel Applet*/(null) = @{74246bfc-4c96-11d0-abef-0020af6b0b7a} /*Device Manager*/%SystemRoot%\System32\devmgr.dll = %SystemRoot%\System32\devmgr.dll @{7A979262-40CE-46ff-AEEE-7884AC3B6136} /*Add New Hardware*/(null) = @{3e7efb4c-faf1-453d-89eb-56026875ef90} /*Get Programs Online*/(null) = @{1b24a030-9b20-49bc-97ac-1be4426f9e59} /*ActiveDirectory Folder*/(null) = @{34449847-FD14-4fc8-A75A-7432F5181EFB} /*ActiveDirectory Folder*/(null) = @{C8494E42-ACDD-4739-B0FB-217361E4894F} /*Sam Account Folder*/(null) = @{E29F9716-5C08-4FCD-955A-119FDB5A522D} /*Sam Account Folder*/(null) = @{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0} /*Control Panel command object for Start menu*/(null) = @{E44E5D18-0652-4508-A4E2-8A090067BCB0} /*Default Programs command object for Start menu*/(null) = @{6dfd7c5c-2451-11d3-a299-00c04f8ef6af} /*Folder Options*/(null) = @{97e467b4-98c6-4f19-9588-161b7773d6f6} /*Office Document Property Handler*/%SystemRoot%\system32\propsys.dll = %SystemRoot%\system32\propsys.dll @{2C2577C2-63A7-40e3-9B7F-586602617ECB} /*Explorer Query Band*/(null) = @{DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} /*File Open Dialog*/%SystemRoot%\System32\comdlg32.dll = %SystemRoot%\System32\comdlg32.dll @{C0B4E2F3-BA21-4773-8DBA-335EC946EB8B} /*File Save Dialog*/%SystemRoot%\System32\comdlg32.dll = %SystemRoot%\System32\comdlg32.dll @{E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} /*Shell Icon Handler for Application References*/C:\Windows\system32\dfshim.dll = C:\Windows\system32\dfshim.dll @{e82a2d71-5b2f-43a0-97b8-81be15854de8} /*ShellLink for Application References*/C:\Windows\system32\dfshim.dll = C:\Windows\system32\dfshim.dll @{92337A8C-E11D-11D0-BE48-00C04FC30DF6} /*OlePrn.PrinterURL*/%SystemRoot%\system32\oleprn.dll = %SystemRoot%\system32\oleprn.dll @{45670FA8-ED97-4F44-BC93-305082590BFB} /*Microsoft XPS Properties*/%SystemRoot%\system32\XPSSHHDR.DLL = %SystemRoot%\system32\XPSSHHDR.DLL @{44121072-A222-48f2-A58A-6D9AD51EBBE9} /*Microsoft XPS Thumbnail*/%SystemRoot%\system32\XPSSHHDR.DLL = %SystemRoot%\system32\XPSSHHDR.DLL @{38a98528-6cbf-4ca9-8dc0-b1e1d10f7b1b} /*View Available Networks*/(null) = @{13D3C4B8-B179-4ebb-BF62-F704173E7448} /*Windows Contact Preview Handler*/%CommonProgramFiles%\System\wab32.dll = %CommonProgramFiles%\System\wab32.dll @{0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48} /*Contacts folder*/(null) = @{4F58F63F-244B-4c07-B29F-210BE59BE9B4} /*.group shell extension handler*/%CommonProgramFiles%\System\wab32.dll = %CommonProgramFiles%\System\wab32.dll @{8082C5E6-4C27-48ec-A809-B8E1122E8F97} /*.contact shell extension handler*/%CommonProgramFiles%\System\wab32.dll = %CommonProgramFiles%\System\wab32.dll @{16C2C29D-0E5F-45f3-A445-03E03F587B7D} /*group_wab_auto_file*/%CommonProgramFiles%\System\wab32.dll = %CommonProgramFiles%\System\wab32.dll @{CF67796C-F57F-45F8-92FB-AD698826C602} /*contact_wab_auto_file*/%CommonProgramFiles%\System\wab32.dll = %CommonProgramFiles%\System\wab32.dll @{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8} /*Compatibility Property Page*/%windir%\system32\acppage.dll = %windir%\system32\acppage.dll @{4026492f-2f69-46b8-b9bf-5654fc07e423} /*Windows Firewall*/(null) = @{fcfeecae-ee1b-4849-ae50-685dcf7717ec} /*Problem Reports and Solutions*/(null) = @{a304259d-52b8-4526-8b1a-a1d6cecc8243} /*iSCSI Initiator*/(null) = @{11dbb47c-a525-400b-9e80-a54615a090c0} /*Execute Folder*/ExplorerFrame.dll = ExplorerFrame.dll @{90b9bce2-b6db-4fd3-8451-35917ea1081b} /*Search Execute Command*/ExplorerFrame.dll = ExplorerFrame.dll @{911051fa-c21c-4246-b470-070cd8df6dc4} /*.cab or .zip files*/(null) = @{da67b8ad-e81b-4c70-9b91b417b5e33527} /*Windows Search Shell Service*/(null) = @{BC65FB43-1958-4349-971A-210290480130} /*Network Explorer Property Sheet Handler*/%SystemRoot%\System32\NcdProp.dll = %SystemRoot%\System32\NcdProp.dll @{d3e34b21-9d75-101a-8c3d-00aa001a1652} /*Bitmap Image*/(null) = @{40C3D757-D6E4-4b49-BB41-0E5BBEA28817} /*Video Media Properties Handler*/%SystemRoot%\System32\mediametadatahandler.dll = %SystemRoot%\System32\mediametadatahandler.dll @{E598560B-28D5-46aa-A14A-8A3BEA34B576} /*Windows Photo Gallery Viewer Video Verbs*/%ProgramFiles%\Windows Photo Gallery\PhotoViewer.dll /*file not found*/ = %ProgramFiles%\Windows Photo Gallery\PhotoViewer.dll /*file not found*/ @{00f2886f-cd64-4fc9-8ec5-30ef6cdbe8c3} /*Microsoft.ScannersAndCameras*/(null) = @{0a4286ea-e355-44fb-8086-af3df7645bd9} /*Windows Media Player*/C:\PROGRA~1\WI4EB4~1\wmpband.dll = C:\PROGRA~1\WI4EB4~1\wmpband.dll @{BB6B2374-3D79-41DB-87F4-896C91846510} /*EMDFileProperties*/emdmgmt.dll = emdmgmt.dll @{875CB1A1-0F29-45de-A1AE-CFB4950D0B78} /*Audio Media Properties Handler*/%SystemRoot%\System32\mediametadatahandler.dll = %SystemRoot%\System32\mediametadatahandler.dll @{89D83576-6BD1-4c86-9454-BEB04E94C819} /*MAPI Search Namespace Extension*/%systemroot%\system32\mssvp.dll = %systemroot%\system32\mssvp.dll @{7A0F6AB7-ED84-46B6-B47E-02AA159A152B} /*Sync Center Simple Conflict Presenter*/%SystemRoot%\System32\SyncCenter.dll = %SystemRoot%\System32\SyncCenter.dll @{9D687A4C-1404-41ef-A089-883B6FBECDE6} /*Windows Photo Gallery Viewer Autoplay Handler*/(null) = @{37efd44d-ef8d-41b1-940d-96973a50e9e0} /*Windows Sidebar Properties*/(null) = @{00f20eb5-8fd6-4d9d-b75e-36801766c8f1} /*PhotoAcqDropTarget*/%ProgramFiles%\Windows Photo Gallery\PhotoAcq.dll /*file not found*/ = %ProgramFiles%\Windows Photo Gallery\PhotoAcq.dll /*file not found*/ @{BC48B32F-5910-47F5-8570-5074A8A5636A} /*Sync Results Delegate Folder*/%SystemRoot%\System32\SyncCenter.dll = %SystemRoot%\System32\SyncCenter.dll @{ED228FDF-9EA8-4870-83B1-96B02CFE0D52} /*Games Folder*/C:\Windows\System32\gameux.dll = C:\Windows\System32\gameux.dll @{E413D040-6788-4C22-957E-175D1C513A34} /*Sync Center Conflict Delegate Folder*/%SystemRoot%\System32\SyncCenter.dll = %SystemRoot%\System32\SyncCenter.dll @{67718415-c450-4f3c-bf8a-b487642dc39b} /*Windows Features*/(null) = @{91ADC906-6722-4B05-A12B-471ADDCCE132} /*Touch Band*/%SystemRoot%\System32\TouchX.dll = %SystemRoot%\System32\TouchX.dll @{2781761E-28E0-4109-99FE-B9D127C57AFE} /*Windows Defender IOfficeAntiVirus implementation*/%ProgramFiles%\Windows Defender\MpOav.dll /*file not found*/ = %ProgramFiles%\Windows Defender\MpOav.dll /*file not found*/ @{FFE2A43C-56B9-4bf5-9A79-CC6D4285608A} /*Windows Photo Gallery Viewer Image Verbs*/%ProgramFiles%\Windows Photo Gallery\PhotoViewer.dll /*file not found*/ = %ProgramFiles%\Windows Photo Gallery\PhotoViewer.dll /*file not found*/ @{4B534112-3AF6-4697-A77C-D62CE9B9E7CF} /*Sync Center Event Properties Extension*/%SystemRoot%\System32\SyncCenter.dll = %SystemRoot%\System32\SyncCenter.dll @{F1390A9A-A3F4-4E5D-9C5F-98F3BD8D935C} /*Sync Setup Delegate Folder*/%SystemRoot%\System32\SyncCenter.dll = %SystemRoot%\System32\SyncCenter.dll @{4E5BFBF8-F59A-4e87-9805-1F9B42CC254A} /*GameUX.RichGameMediaThumbnail*/C:\Windows\System32\gameux.dll = C:\Windows\System32\gameux.dll @{d8559eb9-20c0-410e-beda-7ed416aecc2a} /*Windows Defender*/(null) = @{576C9E85-1300-4EF5-BF6B-D00509F4EDCD} /*Sync Center Handler Properties Extension*/%SystemRoot%\System32\SyncCenter.dll = %SystemRoot%\System32\SyncCenter.dll @{5ea4f148-308c-46d7-98a9-49041b1dd468} /*Mobility Center Control Panel*/(null) = @{289978AC-A101-4341-A817-21EBA7FD046D} /*Sync Center Conflict Folder*/%SystemRoot%\System32\SyncCenter.dll = %SystemRoot%\System32\SyncCenter.dll @{877ca5ac-cb41-4842-9c69-9136e42d47e2} /*File Backup Index*/%systemroot%\system32\sdshext.dll = %systemroot%\system32\sdshext.dll @{71D99464-3B6B-475C-B241-E15883207529} /*Sync Results Folder*/%SystemRoot%\System32\SyncCenter.dll = %SystemRoot%\System32\SyncCenter.dll @{B32D3949-ED98-4DBB-B347-17A144969BBA} /*Sync Center Item Properties Extension*/%SystemRoot%\System32\SyncCenter.dll = %SystemRoot%\System32\SyncCenter.dll @{D6791A63-E7E2-4fee-BF52-5DED8E86E9B8} /*Portable Devices Menu*/%SystemRoot%\system32\wpdshext.dll = %SystemRoot%\system32\wpdshext.dll @{2E9E59C0-B437-4981-A647-9C34B9B90891} /*Sync Setup Folder*/%SystemRoot%\System32\SyncCenter.dll = %SystemRoot%\System32\SyncCenter.dll @{9C73F5E5-7AE7-4E32-A8E8-8D23B85255BF} /*Sync Center Folder*/%SystemRoot%\System32\SyncCenter.dll = %SystemRoot%\System32\SyncCenter.dll @{CB1B7F8C-C50A-4176-B604-9E24DEE8D4D1} /*Welcome Center*/oobefldr.dll = oobefldr.dll @{15D633E2-AD00-465b-9EC7-F56B7CDF8E27} /*Tablet PC Input Panel*/%CommonProgramFiles%\microsoft shared\ink\TipBand.dll /*file not found*/ = %CommonProgramFiles%\microsoft shared\ink\TipBand.dll /*file not found*/ @{F04CC277-03A2-4277-96A9-77967471BDFF} /*Sync Center Conflict Properties Extension*/%SystemRoot%\System32\SyncCenter.dll = %SystemRoot%\System32\SyncCenter.dll @{53BEDF0B-4E5B-4183-8DC9-B844344FA104} /*Microsoft Windows MAPI Preview Handler*/%SystemRoot%\system32\mssvp.dll = %SystemRoot%\system32\mssvp.dll @{6b9228da-9c15-419e-856c-19e768a13bdc} /*Windows gadget DropTarget*/%ProgramFiles%\Windows Sidebar\sbdrop.dll /*file not found*/ = %ProgramFiles%\Windows Sidebar\sbdrop.dll /*file not found*/ @{8E25992B-373E-486E-80E5-BD23AE417E66} /*Sync Center Device Notification Sink*/%SystemRoot%\System32\SyncCenter.dll = %SystemRoot%\System32\SyncCenter.dll @{35786D3C-B075-49b9-88DD-029876E11C01} /*Portable Devices*/%SystemRoot%\system32\wpdshext.dll = %SystemRoot%\system32\wpdshext.dll @{031EE060-67BC-460d-8847-E4A7C5E45A27} /*Windows Media Player Rich Preview Handler*/(null) = @{1FA9085F-25A2-489B-85D4-86326EEDCD87} /*Manage Wireless Networks*/%SystemRoot%\system32\wlanpref.dll = %SystemRoot%\system32\wlanpref.dll @{ECDD6472-2B9B-4b4b-AE36-F316DF3C8D60} /*RichGameMediaPropertyStore Class*/C:\Windows\System32\gameux.dll = C:\Windows\System32\gameux.dll @{BD7A2E7B-21CB-41b2-A086-B309680C6B7E} /*Client Side Cache Namespace Extension*/%systemroot%\system32\mssvp.dll = %systemroot%\system32\mssvp.dll @{c5a40261-cd64-4ccf-84cb-c394da41d590} /*Video Thumbnail Extractor*/%SystemRoot%\System32\mediametadatahandler.dll = %SystemRoot%\System32\mediametadatahandler.dll @{2F603045-309F-11CF-9774-0020AFD0CFF6} /*Synaptics Control Panel*/C:\Program Files\Synaptics\SynTP\SynTPCpl.dll = C:\Program Files\Synaptics\SynTP\SynTPCpl.dll @{BDEADF00-C265-11D0-BCED-00A0C90AB50F} /*Webordner*/C:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL = C:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL @{0006F045-0000-0000-C000-000000000046} /*Microsoft Office Outlook Custom Icon Handler*/C:\PROGRA~1\MICROS~3\OFFICE11\OLKFSTUB.DLL = C:\PROGRA~1\MICROS~3\OFFICE11\OLKFSTUB.DLL @{42042206-2D85-11D3-8CFF-005004838597} /*Microsoft Office HTML Icon Handler*/C:\Program Files\Microsoft Office\OFFICE11\msohev.dll = C:\Program Files\Microsoft Office\OFFICE11\msohev.dll @{0563DB41-F538-4B37-A92D-4659049B7766} /*WLMD Message Handler*/C:\Program Files\Windows Live\Mail\mailcomm.dll = C:\Program Files\Windows Live\Mail\mailcomm.dll @{11016101-E366-4D22-BC06-4ADA335C892B} /*IE History and Feeds Shell Data Source for Windows Search*/C:\Windows\System32\ieframe.dll = C:\Windows\System32\ieframe.dll @{06A2568A-CED6-4187-BB20-400B8C02BE5A} /**/(null) = @{00F33137-EE26-412F-8D71-F84E4C2C6625} /**/C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll = C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll @{2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} /*Windows Live Photo Gallery Autoplay Drop Target*/(null) = @{00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} /*Windows Live Photo Gallery Viewer Drop Target*/(null) = @{00F374B7-B390-4884-B372-2FC349F2172B} /*Windows Live Photo Gallery Editor Drop Target*/(null) = @{00F346CB-35A4-465B-8B8F-65A29DBAB1F6} /*Windows Live Photo Gallery Viewer Drop Target Shim*/C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll = C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll @{00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} /*Windows Live Photo Gallery Editor Drop Target Shim*/C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll = C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll @{00F30F90-3E96-453B-AFCD-D71989ECC2C7} /*Windows Live Photo Gallery Autoplay Drop Target Shim*/C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll = C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll @{28803F59-3A75-4058-995F-4EE5503B023C} /*Wireless Devices*/%systemroot%\system32\FunctionDiscoveryFolder.dll = %systemroot%\system32\FunctionDiscoveryFolder.dll @{9113A02D-00A3-46B9-BC5F-9C04DADDD5D7} /*Enhanced Storage Data Source*/%SystemRoot%\system32\EhStorShell.dll = %SystemRoot%\system32\EhStorShell.dll @{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} /*OpenOffice.org Column Handler*/"C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll" = "C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll" @{087B3AE3-E237-4467-B8DB-5A38AB959AC9} /*OpenOffice.org Infotip Handler*/"C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll" = "C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll" @{63542C48-9552-494A-84F7-73AA6A7C99C1} /*OpenOffice.org Property Sheet Handler*/"C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll" = "C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll" @{3B092F0C-7696-40E3-A80F-68D74DA84210} /*OpenOffice.org Thumbnail Viewer*/"C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll" = "C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll" @{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} /*Shell Extensions for RealOne Player*/c:\program files\real\realplayer\rpshell.dll = c:\program files\real\realplayer\rpshell.dll HKLM\Software\Classes\*\shellex\ContextMenuHandlers\ >>> AVK9CM@{CAF4C320-32F5-11D3-A222-004095200FF2} = C:\Program Files\G Data\AntiVirus\AVK\ShellExt.dll EPPShellEx@{509FE1AF-ADD5-49EC-BC55-7CF81FD16E78} = C:\Program Files\EPSON\Creativity Suite\Easy Photo Print\EPPShell.dll HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\ >>> AVK9CM@{CAF4C320-32F5-11D3-A222-004095200FF2} = C:\Program Files\G Data\AntiVirus\AVK\ShellExt.dll MBAMShlExt@{57CE581A-0CB6-4266-9CA0-19364C90A0B3} = C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects >>> @{0124123D-61B4-456f-AF86-78C53A0790C5}C:\Program Files\G Data\AntiVirus\WebFilter\AvkWebIE.dll = C:\Program Files\G Data\AntiVirus\WebFilter\AvkWebIE.dll @{3049C3E9-B461-4BC5-8870-4C09146192CA}C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll @{53707962-6F74-2D53-2644-206D7942484F}C:\PROGRA~1\SPYBOT~1\SDHelper.dll = C:\PROGRA~1\SPYBOT~1\SDHelper.dll @{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll = C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll @{9030D464-4C02-4ABF-8ECC-5164760863C6}C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll @{AA58ED58-01DD-4d91-8333-CF10577473F7}C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll = C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll @{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll = C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll @{CA6319C0-31B7-401E-A518-A07C3DB8F777}C:\Program Files\BAE\BAE.dll = C:\Program Files\BAE\BAE.dll @{DBC80044-A445-435b-BC74-9C25C1C588A9}C:\Program Files\Java\jre6\bin\jp2ssv.dll = C:\Program Files\Java\jre6\bin\jp2ssv.dll @{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}C:\Program Files\Windows Live\Toolbar\wltcore.dll = C:\Program Files\Windows Live\Toolbar\wltcore.dll HKLM\Software\Microsoft\Internet Explorer\Main >>> @Default_Page_URLhttp://go.microsoft.com/fwlink/?LinkId=69157 = http://go.microsoft.com/fwlink/?LinkId=69157 @Start Pagehttp://go.microsoft.com/fwlink/?LinkId=69157 = http://go.microsoft.com/fwlink/?LinkId=69157 @Local PageC:\Windows\System32\blank.htm = C:\Windows\System32\blank.htm HKCU\Software\Microsoft\Internet Explorer\Main >>> @Start Pagehttp://www.google.de/ = http://www.google.de/ @Local PageC:\Windows\system32\blank.htm = C:\Windows\system32\blank.htm HKLM\Software\Classes\PROTOCOLS\Filter\text/xml@CLSID = C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL HKLM\Software\Classes\PROTOCOLS\Handler\ >>> dvd@CLSID = C:\Windows\System32\msvidctl.dll its@CLSID = %SystemRoot%\System32\itss.dll livecall@CLSID = C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL mhtml@CLSID = %SystemRoot%\system32\inetcomm.dll ms-its@CLSID = %SystemRoot%\System32\itss.dll ms-itss@CLSID = C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll msnim@CLSID = C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL mso-offdap@CLSID = C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL mso-offdap11@CLSID = C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL tv@CLSID = C:\Windows\System32\msvidctl.dll wlmailhtml@CLSID = C:\Program Files\Windows Live\Mail\mailcomm.dll HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ >>> 000000000001@LibraryPath = %SystemRoot%\system32\NLAapi.dll 000000000002@LibraryPath = %SystemRoot%\system32\napinsp.dll 000000000003@LibraryPath = %SystemRoot%\system32\pnrpnsp.dll HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000004@LibraryPath = %SystemRoot%\system32\pnrpnsp.dll ---- EOF - GMER 1.0.15 ----
Schon mal schönen Dank für's nachgucken.
