winfixer obwohl Auswertung keine bösen Dateien mehr erkennt |
||
---|---|---|
#0
| ||
04.12.2005, 12:46
...neu hier
Beiträge: 2 |
||
|
||
05.12.2005, 13:05
Ehrenmitglied
Beiträge: 29434 |
#2
im Log ist nichts mehr erkennbar, nur ein anti-Virentool kann das finden.
scanne mit Counterspy und berichte http://virus-protect.org/counterspy.html nach dem Scan muss man sich entscheiden für: *Ignore *Remove *Quarantaine wähle immer Remove und starte den PC neu (dann kopiere den Scanreport ab und ins Sicherheitsforum) __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
08.12.2005, 18:56
...neu hier
Themenstarter Beiträge: 2 |
#3
Spyware Scan Details
Start Date: 08.12.2005 14:01:27 End Date: 08.12.2005 14:43:25 Total Time: 41 mins 58 secs Detected spyware IST.PowerScan Adware more information... Details: PowerScan is advertised through in ordinary web pop-ups, but recently it started to install with help from the the ISTBar adware. Status: Deleted Infected files detected c:\programme\power scan\powerscan.exe Infected registry entries detected HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\main bandrest HKEY_LOCAL_MACHINE\Software\microsoft\windows\currentversion\uninstall\Power Scan HKEY_LOCAL_MACHINE\Software\microsoft\windows\currentversion\uninstall\Power Scan DisplayName Power Scan HKEY_LOCAL_MACHINE\Software\microsoft\windows\currentversion\uninstall\Power Scan UninstallString C:\Programme\Power Scan\uninstall.exe YourSiteBar Spyware more information... Details: YourSiteBar from IST, the makers of numerous spyware Thread, is an affiliate based marketing toolbar. Status: Deleted WildTangent Low Risk Adware more information... Details: WildTangent is an online gaming plugin bundle from Wildtangent.com similar to Macromedia’s flash. WildTangent uses a built in required feature that is used to provide adware based advertising to the user. Status: Deleted Infected files detected c:\windows\wt\cleanup.bat c:\windows\wt\data.wts c:\windows\wt\info.txt c:\windows\wt\stopwcmdr.bat c:\windows\wt\updatenow.bat c:\windows\wt\wcmdmgr.exe c:\windows\wt\wcmdmgrl.exe c:\windows\wt\wildtangent.jar c:\windows\wt\wt.ini c:\windows\wt\wt3d.dll c:\windows\wt\wt3d.ini c:\windows\wt\wtlog.txt c:\windows\wt\wtshared.dll c:\windows\wt\wtvh.dll c:\windows\wt\backup\1.1.0.0\cleanup.bat c:\windows\wt\backup\1.1.0.0\stopwcmdr.bat c:\windows\wt\backup\1.1.0.0\updatenow.bat c:\windows\wt\backup\1.1.0.0\wcmdmgr.exe c:\windows\wt\backup\1.1.0.0\wcmdmgrl.exe c:\windows\wt\backup\1.1.0.0\wtshared.dll c:\windows\wt\backup\1.2.0.0\npwtplug.dll c:\windows\wt\backup\1.2.0.0\wildtangent.jar c:\windows\wt\backup\1.2.1.0\wt3d.dll c:\windows\wt\backup\1.2.1.0\wtvh.dll Infected registry entries detected HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run wcmdmgr HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WT3D.WT.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WT3D.WT.1\CLSID {FA13A9FA-CA9B-11D2-9780-00104B242EA3} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WT3D.WT.1 WT Class HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WT3D.WT HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WT3D.WT\CLSID {FA13A9FA-CA9B-11D2-9780-00104B242EA3} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WT3D.WT\CurVer WT3D.WT.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WT3D.WT WT Class HKEY_CLASSES_ROOT\clsid\{fa13a9fa-ca9b-11d2-9780-00104b242ea3} HKEY_CLASSES_ROOT\clsid\{fa13a9fa-ca9b-11d2-9780-00104b242ea3}\InprocServer32 C:\WINDOWS\wt\wt3d.dll HKEY_CLASSES_ROOT\clsid\{fa13a9fa-ca9b-11d2-9780-00104b242ea3}\InprocServer32 ThreadingModel Apartment HKEY_CLASSES_ROOT\clsid\{fa13a9fa-ca9b-11d2-9780-00104b242ea3}\MiscStatus\1 131473 HKEY_CLASSES_ROOT\clsid\{fa13a9fa-ca9b-11d2-9780-00104b242ea3}\MiscStatus 0 HKEY_CLASSES_ROOT\clsid\{fa13a9fa-ca9b-11d2-9780-00104b242ea3}\ProgID WT3D.WT.1 HKEY_CLASSES_ROOT\clsid\{fa13a9fa-ca9b-11d2-9780-00104b242ea3}\ToolboxBitmap32 C:\WINDOWS\wt\wt3d.dll, 101 HKEY_CLASSES_ROOT\clsid\{fa13a9fa-ca9b-11d2-9780-00104b242ea3}\TypeLib {FA13AA2E-CA9B-11D2-9780-00104B242EA3} HKEY_CLASSES_ROOT\clsid\{fa13a9fa-ca9b-11d2-9780-00104b242ea3}\VersionIndependentProgID WT3D.WT HKEY_CLASSES_ROOT\clsid\{fa13a9fa-ca9b-11d2-9780-00104b242ea3} WT Class HKEY_CLASSES_ROOT\interface\{05ef74a5-e109-11d2-a566-444553540000} HKEY_CLASSES_ROOT\interface\{05ef74a5-e109-11d2-a566-444553540000}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{05ef74a5-e109-11d2-a566-444553540000}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{05ef74a5-e109-11d2-a566-444553540000}\TypeLib {FA13AA2E-CA9B-11D2-9780-00104B242EA3} HKEY_CLASSES_ROOT\interface\{05ef74a5-e109-11d2-a566-444553540000}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\interface\{05ef74a5-e109-11d2-a566-444553540000} IWTDrop HKEY_CLASSES_ROOT\interface\{0e7ae465-ee8d-11d2-a566-444553540000} HKEY_CLASSES_ROOT\interface\{0e7ae465-ee8d-11d2-a566-444553540000}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{0e7ae465-ee8d-11d2-a566-444553540000}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{0e7ae465-ee8d-11d2-a566-444553540000}\TypeLib {FA13AA2E-CA9B-11D2-9780-00104B242EA3} HKEY_CLASSES_ROOT\interface\{0e7ae465-ee8d-11d2-a566-444553540000}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\interface\{0e7ae465-ee8d-11d2-a566-444553540000} IWTVector3D HKEY_CLASSES_ROOT\interface\{111d8b01-96c5-46dd-94d1-c6e8b1f69f44} HKEY_CLASSES_ROOT\interface\{111d8b01-96c5-46dd-94d1-c6e8b1f69f44}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{111d8b01-96c5-46dd-94d1-c6e8b1f69f44}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{111d8b01-96c5-46dd-94d1-c6e8b1f69f44}\TypeLib {FA13AA2E-CA9B-11D2-9780-00104B242EA3} HKEY_CLASSES_ROOT\interface\{111d8b01-96c5-46dd-94d1-c6e8b1f69f44}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\interface\{111d8b01-96c5-46dd-94d1-c6e8b1f69f44} IWTVisualizer HKEY_CLASSES_ROOT\interface\{52889e01-cb46-11d2-96bc-00104b242e64} HKEY_CLASSES_ROOT\interface\{52889e01-cb46-11d2-96bc-00104b242e64}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{52889e01-cb46-11d2-96bc-00104b242e64}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{52889e01-cb46-11d2-96bc-00104b242e64}\TypeLib {FA13AA2E-CA9B-11D2-9780-00104B242EA3} HKEY_CLASSES_ROOT\interface\{52889e01-cb46-11d2-96bc-00104b242e64}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\interface\{52889e01-cb46-11d2-96bc-00104b242e64} IWTCamera HKEY_CLASSES_ROOT\interface\{6e6cf8e5-d795-11d2-a566-444553540000} HKEY_CLASSES_ROOT\interface\{6e6cf8e5-d795-11d2-a566-444553540000}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{6e6cf8e5-d795-11d2-a566-444553540000}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{6e6cf8e5-d795-11d2-a566-444553540000}\TypeLib {FA13AA2E-CA9B-11D2-9780-00104B242EA3} HKEY_CLASSES_ROOT\interface\{6e6cf8e5-d795-11d2-a566-444553540000}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\interface\{6e6cf8e5-d795-11d2-a566-444553540000} IWTBitmap HKEY_CLASSES_ROOT\interface\{79884200-3ade-11d3-ac39-00105a2057fa} HKEY_CLASSES_ROOT\interface\{79884200-3ade-11d3-ac39-00105a2057fa}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{79884200-3ade-11d3-ac39-00105a2057fa}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{79884200-3ade-11d3-ac39-00105a2057fa}\TypeLib {FA13AA2E-CA9B-11D2-9780-00104B242EA3} HKEY_CLASSES_ROOT\interface\{79884200-3ade-11d3-ac39-00105a2057fa}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\interface\{79884200-3ade-11d3-ac39-00105a2057fa} IWTFile HKEY_CLASSES_ROOT\interface\{bdb9b021-caff-11d2-9780-00104b242ea3} HKEY_CLASSES_ROOT\interface\{bdb9b021-caff-11d2-9780-00104b242ea3}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{bdb9b021-caff-11d2-9780-00104b242ea3}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{bdb9b021-caff-11d2-9780-00104b242ea3}\TypeLib {FA13AA2E-CA9B-11D2-9780-00104B242EA3} HKEY_CLASSES_ROOT\interface\{bdb9b021-caff-11d2-9780-00104b242ea3}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\interface\{bdb9b021-caff-11d2-9780-00104b242ea3} IWT HKEY_CLASSES_ROOT\interface\{bdb9b022-caff-11d2-9780-00104b242ea3} HKEY_CLASSES_ROOT\interface\{bdb9b022-caff-11d2-9780-00104b242ea3}\ProxyStubClsid {00020420-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{bdb9b022-caff-11d2-9780-00104b242ea3}\ProxyStubClsid32 {00020420-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{bdb9b022-caff-11d2-9780-00104b242ea3}\TypeLib {FA13AA2E-CA9B-11D2-9780-00104B242EA3} HKEY_CLASSES_ROOT\interface\{bdb9b022-caff-11d2-9780-00104b242ea3}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\interface\{bdb9b022-caff-11d2-9780-00104b242ea3} _IWTEvents HKEY_CLASSES_ROOT\interface\{d72ac8e7-f41d-11d2-a566-444553540000} HKEY_CLASSES_ROOT\interface\{d72ac8e7-f41d-11d2-a566-444553540000}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{d72ac8e7-f41d-11d2-a566-444553540000}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{d72ac8e7-f41d-11d2-a566-444553540000}\TypeLib {FA13AA2E-CA9B-11D2-9780-00104B242EA3} HKEY_CLASSES_ROOT\interface\{d72ac8e7-f41d-11d2-a566-444553540000}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\interface\{d72ac8e7-f41d-11d2-a566-444553540000} IWTOrientation3D HKEY_CLASSES_ROOT\interface\{de3e540a-f0f2-4761-99be-afc6dc427e30} HKEY_CLASSES_ROOT\interface\{de3e540a-f0f2-4761-99be-afc6dc427e30}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{de3e540a-f0f2-4761-99be-afc6dc427e30}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{de3e540a-f0f2-4761-99be-afc6dc427e30}\TypeLib {FA13AA2E-CA9B-11D2-9780-00104B242EA3} HKEY_CLASSES_ROOT\interface\{de3e540a-f0f2-4761-99be-afc6dc427e30}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\interface\{de3e540a-f0f2-4761-99be-afc6dc427e30} IWTSysInfo HKEY_CLASSES_ROOT\interface\{f10493c1-d0b6-11d2-a566-444553540000} HKEY_CLASSES_ROOT\interface\{f10493c1-d0b6-11d2-a566-444553540000}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{f10493c1-d0b6-11d2-a566-444553540000}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{f10493c1-d0b6-11d2-a566-444553540000}\TypeLib {FA13AA2E-CA9B-11D2-9780-00104B242EA3} HKEY_CLASSES_ROOT\interface\{f10493c1-d0b6-11d2-a566-444553540000}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\interface\{f10493c1-d0b6-11d2-a566-444553540000} IWTLight HKEY_CLASSES_ROOT\interface\{fa13aa3a-ca9b-11d2-9780-00104b242ea3} HKEY_CLASSES_ROOT\interface\{fa13aa3a-ca9b-11d2-9780-00104b242ea3}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{fa13aa3a-ca9b-11d2-9780-00104b242ea3}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{fa13aa3a-ca9b-11d2-9780-00104b242ea3}\TypeLib {FA13AA2E-CA9B-11D2-9780-00104B242EA3} HKEY_CLASSES_ROOT\interface\{fa13aa3a-ca9b-11d2-9780-00104b242ea3}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\interface\{fa13aa3a-ca9b-11d2-9780-00104b242ea3} IWTObject HKEY_CLASSES_ROOT\interface\{fa13aa3e-ca9b-11d2-9780-00104b242ea3} HKEY_CLASSES_ROOT\interface\{fa13aa3e-ca9b-11d2-9780-00104b242ea3}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{fa13aa3e-ca9b-11d2-9780-00104b242ea3}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{fa13aa3e-ca9b-11d2-9780-00104b242ea3}\TypeLib {FA13AA2E-CA9B-11D2-9780-00104B242EA3} HKEY_CLASSES_ROOT\interface\{fa13aa3e-ca9b-11d2-9780-00104b242ea3}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\interface\{fa13aa3e-ca9b-11d2-9780-00104b242ea3} IWTModel HKEY_CLASSES_ROOT\interface\{fa13aa40-ca9b-11d2-9780-00104b242ea3} HKEY_CLASSES_ROOT\interface\{fa13aa40-ca9b-11d2-9780-00104b242ea3}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{fa13aa40-ca9b-11d2-9780-00104b242ea3}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{fa13aa40-ca9b-11d2-9780-00104b242ea3}\TypeLib {FA13AA2E-CA9B-11D2-9780-00104B242EA3} HKEY_CLASSES_ROOT\interface\{fa13aa40-ca9b-11d2-9780-00104b242ea3}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\interface\{fa13aa40-ca9b-11d2-9780-00104b242ea3} IWTContainer HKEY_CLASSES_ROOT\interface\{fa13aa44-ca9b-11d2-9780-00104b242ea3} HKEY_CLASSES_ROOT\interface\{fa13aa44-ca9b-11d2-9780-00104b242ea3}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{fa13aa44-ca9b-11d2-9780-00104b242ea3}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{fa13aa44-ca9b-11d2-9780-00104b242ea3}\TypeLib {FA13AA2E-CA9B-11D2-9780-00104B242EA3} HKEY_CLASSES_ROOT\interface\{fa13aa44-ca9b-11d2-9780-00104b242ea3}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\interface\{fa13aa44-ca9b-11d2-9780-00104b242ea3} IWTStage HKEY_CLASSES_ROOT\interface\{fa13aa46-ca9b-11d2-9780-00104b242ea3} HKEY_CLASSES_ROOT\interface\{fa13aa46-ca9b-11d2-9780-00104b242ea3}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{fa13aa46-ca9b-11d2-9780-00104b242ea3}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{fa13aa46-ca9b-11d2-9780-00104b242ea3}\TypeLib {FA13AA2E-CA9B-11D2-9780-00104B242EA3} HKEY_CLASSES_ROOT\interface\{fa13aa46-ca9b-11d2-9780-00104b242ea3}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\interface\{fa13aa46-ca9b-11d2-9780-00104b242ea3} IWTGroup HKEY_CLASSES_ROOT\interface\{fa13aa50-ca9b-11d2-9780-00104b242ea3} HKEY_CLASSES_ROOT\interface\{fa13aa50-ca9b-11d2-9780-00104b242ea3}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{fa13aa50-ca9b-11d2-9780-00104b242ea3}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{fa13aa50-ca9b-11d2-9780-00104b242ea3}\TypeLib {FA13AA2E-CA9B-11D2-9780-00104B242EA3} HKEY_CLASSES_ROOT\interface\{fa13aa50-ca9b-11d2-9780-00104b242ea3}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\interface\{fa13aa50-ca9b-11d2-9780-00104b242ea3} IWTEvent HKEY_CLASSES_ROOT\interface\{fa13aafa-ca9b-11d2-9780-00104b242ea3} HKEY_CLASSES_ROOT\interface\{fa13aafa-ca9b-11d2-9780-00104b242ea3}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{fa13aafa-ca9b-11d2-9780-00104b242ea3}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\interface\{fa13aafa-ca9b-11d2-9780-00104b242ea3}\TypeLib {FA13AA2E-CA9B-11D2-9780-00104B242EA3} HKEY_CLASSES_ROOT\interface\{fa13aafa-ca9b-11d2-9780-00104b242ea3}\TypeLib Version 1.0 HKEY_CLASSES_ROOT\interface\{fa13aafa-ca9b-11d2-9780-00104b242ea3} IWTAudioClip HKEY_CLASSES_ROOT\typelib\{fa13aa2e-ca9b-11d2-9780-00104b242ea3} HKEY_CLASSES_ROOT\typelib\{fa13aa2e-ca9b-11d2-9780-00104b242ea3}\1.0\0\win32 C:\WINDOWS\wt\wt3d.dll HKEY_CLASSES_ROOT\typelib\{fa13aa2e-ca9b-11d2-9780-00104b242ea3}\1.0\FLAGS 0 HKEY_CLASSES_ROOT\typelib\{fa13aa2e-ca9b-11d2-9780-00104b242ea3}\1.0\HELPDIR C:\WINDOWS\wt\ HKEY_CLASSES_ROOT\typelib\{fa13aa2e-ca9b-11d2-9780-00104b242ea3}\1.0 WT3D 1.0 Type Library HKEY_CLASSES_ROOT\wt3d.wt HKEY_CLASSES_ROOT\wt3d.wt\CLSID {FA13A9FA-CA9B-11D2-9780-00104B242EA3} HKEY_CLASSES_ROOT\wt3d.wt\CurVer WT3D.WT.1 HKEY_CLASSES_ROOT\wt3d.wt WT Class HKEY_CLASSES_ROOT\wt3d.wt.1 HKEY_CLASSES_ROOT\wt3d.wt.1\CLSID {FA13A9FA-CA9B-11D2-9780-00104B242EA3} HKEY_CLASSES_ROOT\wt3d.wt.1 WT Class HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FA13A9FA-CA9B-11D2-9780-00104B242EA3} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FA13A9FA-CA9B-11D2-9780-00104B242EA3}\InprocServer32 C:\WINDOWS\wt\wt3d.dll HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FA13A9FA-CA9B-11D2-9780-00104B242EA3}\InprocServer32 ThreadingModel Apartment HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FA13A9FA-CA9B-11D2-9780-00104B242EA3}\MiscStatus\1 131473 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FA13A9FA-CA9B-11D2-9780-00104B242EA3}\MiscStatus 0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FA13A9FA-CA9B-11D2-9780-00104B242EA3}\ProgID WT3D.WT.1 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FA13A9FA-CA9B-11D2-9780-00104B242EA3}\ToolboxBitmap32 C:\WINDOWS\wt\wt3d.dll, 101 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FA13A9FA-CA9B-11D2-9780-00104B242EA3}\TypeLib {FA13AA2E-CA9B-11D2-9780-00104B242EA3} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FA13A9FA-CA9B-11D2-9780-00104B242EA3}\VersionIndependentProgID WT3D.WT HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FA13A9FA-CA9B-11D2-9780-00104B242EA3} WT Class HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{05EF74A5-E109-11D2-A566-444553540000} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{05EF74A5-E109-11D2-A566-444553540000}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{05EF74A5-E109-11D2-A566-444553540000}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{05EF74A5-E109-11D2-A566-444553540000}\TypeLib {FA13AA2E-CA9B-11D2-9780-00104B242EA3} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{05EF74A5-E109-11D2-A566-444553540000}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{05EF74A5-E109-11D2-A566-444553540000} IWTDrop HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{0E7AE465-EE8D-11D2-A566-444553540000} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{0E7AE465-EE8D-11D2-A566-444553540000}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{0E7AE465-EE8D-11D2-A566-444553540000}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{0E7AE465-EE8D-11D2-A566-444553540000}\TypeLib {FA13AA2E-CA9B-11D2-9780-00104B242EA3} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{0E7AE465-EE8D-11D2-A566-444553540000}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{0E7AE465-EE8D-11D2-A566-444553540000} IWTVector3D HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{111D8B01-96C5-46DD-94D1-C6E8B1F69F44} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{111D8B01-96C5-46DD-94D1-C6E8B1F69F44}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{111D8B01-96C5-46DD-94D1-C6E8B1F69F44}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{111D8B01-96C5-46DD-94D1-C6E8B1F69F44}\TypeLib {FA13AA2E-CA9B-11D2-9780-00104B242EA3} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{111D8B01-96C5-46DD-94D1-C6E8B1F69F44}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{111D8B01-96C5-46DD-94D1-C6E8B1F69F44} IWTVisualizer HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{52889E01-CB46-11D2-96BC-00104B242E64} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{52889E01-CB46-11D2-96BC-00104B242E64}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{52889E01-CB46-11D2-96BC-00104B242E64}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{52889E01-CB46-11D2-96BC-00104B242E64}\TypeLib {FA13AA2E-CA9B-11D2-9780-00104B242EA3} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{52889E01-CB46-11D2-96BC-00104B242E64}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{52889E01-CB46-11D2-96BC-00104B242E64} IWTCamera HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6E6CF8E5-D795-11D2-A566-444553540000} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6E6CF8E5-D795-11D2-A566-444553540000}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6E6CF8E5-D795-11D2-A566-444553540000}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6E6CF8E5-D795-11D2-A566-444553540000}\TypeLib {FA13AA2E-CA9B-11D2-9780-00104B242EA3} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6E6CF8E5-D795-11D2-A566-444553540000}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6E6CF8E5-D795-11D2-A566-444553540000} IWTBitmap HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{79884200-3ADE-11D3-AC39-00105A2057FA} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{79884200-3ADE-11D3-AC39-00105A2057FA}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{79884200-3ADE-11D3-AC39-00105A2057FA}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{79884200-3ADE-11D3-AC39-00105A2057FA}\TypeLib {FA13AA2E-CA9B-11D2-9780-00104B242EA3} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{79884200-3ADE-11D3-AC39-00105A2057FA}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{79884200-3ADE-11D3-AC39-00105A2057FA} IWTFile HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{BDB9B021-CAFF-11D2-9780-00104B242EA3} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{BDB9B021-CAFF-11D2-9780-00104B242EA3}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{BDB9B021-CAFF-11D2-9780-00104B242EA3}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{BDB9B021-CAFF-11D2-9780-00104B242EA3}\TypeLib {FA13AA2E-CA9B-11D2-9780-00104B242EA3} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{BDB9B021-CAFF-11D2-9780-00104B242EA3}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{BDB9B021-CAFF-11D2-9780-00104B242EA3} IWT HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{FA13AA46-CA9B-11D2-9780-00104B242EA3} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{FA13AA46-CA9B-11D2-9780-00104B242EA3}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{FA13AA46-CA9B-11D2-9780-00104B242EA3}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{FA13AA46-CA9B-11D2-9780-00104B242EA3}\TypeLib {FA13AA2E-CA9B-11D2-9780-00104B242EA3} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{FA13AA46-CA9B-11D2-9780-00104B242EA3}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{FA13AA46-CA9B-11D2-9780-00104B242EA3} IWTGroup HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{FA13AAFA-CA9B-11D2-9780-00104B242EA3} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{FA13AAFA-CA9B-11D2-9780-00104B242EA3}\ProxyStubClsid {00020424-0000-0000-C000-000000000046} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{FA13AAFA-CA9B-11D2-9780-00104B242EA3}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{FA13AAFA-CA9B-11D2-9780-00104B242EA3}\TypeLib {FA13AA2E-CA9B-11D2-9780-00104B242EA3} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{FA13AAFA-CA9B-11D2-9780-00104B242EA3}\TypeLib Version 1.0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{FA13AAFA-CA9B-11D2-9780-00104B242EA3} IWTAudioClip HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{FA13AA2E-CA9B-11D2-9780-00104B242EA3} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{FA13AA2E-CA9B-11D2-9780-00104B242EA3}\1.0\0\win32 C:\WINDOWS\wt\wt3d.dll HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{FA13AA2E-CA9B-11D2-9780-00104B242EA3}\1.0\FLAGS 0 HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{FA13AA2E-CA9B-11D2-9780-00104B242EA3}\1.0\HELPDIR C:\WINDOWS\wt\ HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{FA13AA2E-CA9B-11D2-9780-00104B242EA3}\1.0 WT3D 1.0 Type Library Unclassified.Spyware.Loader Spyware more information... Details: Spyware.Loader is spyware that is set to automatically start when Windows loads up by hiding itself in a number of different startup locations. Status: Deleted Infected files detected C:\Programme\airbus_1024\insthlp.dat IST.SideFind Adware more information... Details: SideFind installs an adware Internet Explorer browser helper object that installs some extra buttons. Status: Deleted Infected files detected C:\Programme\Power Scan\powerscan.exe SurfAccuracy Adware more information... Status: Deleted Infected registry entries detected HKEY_LOCAL_MACHINE\Software\SAcc HKEY_LOCAL_MACHINE\Software\SAcc accid 104 HKEY_LOCAL_MACHINE\Software\SAcc subaccid 1004174 HKEY_LOCAL_MACHINE\Software\SAcc Version 1122 HKEY_LOCAL_MACHINE\Software\SAcc InstallDate 1132997194 HKEY_LOCAL_MACHINE\Software\SAcc CfgReloadAttempts 1 HKEY_LOCAL_MACHINE\Software\SAcc CfgReload 1133643559 HKEY_LOCAL_MACHINE\Software\SAcc SAData uid:305d30431d5c121ea5100b6d9d063459-cnt:18-t:1133542770;1133543208;1133554517;-c:1516775;ce: 1133629170|c:1517367;ce:1133629608|c:1517524;ce:1133640917|- HKEY_LOCAL_MACHINE\Software\SAcc Counter 12 HKEY_LOCAL_MACHINE\Software\SAcc NextInvoke 1133544122 HKEY_LOCAL_MACHINE\Software\SAcc PopupFail 6 HKEY_LOCAL_MACHINE\Software\microsoft\windows\currentversion\uninstall\SAcc HKEY_LOCAL_MACHINE\Software\microsoft\windows\currentversion\uninstall\SAcc DisplayName Surf Accuracy HKEY_LOCAL_MACHINE\Software\microsoft\windows\currentversion\uninstall\SAcc UninstallString C:\Programme\SurfAccuracy\SAccU.exe |
|
|
||
08.12.2005, 19:28
Ehrenmitglied
Beiträge: 29434 |
#4
roland74
nun...der Platz hat nicht ausgereicht ist nun alles wieder in Ordnung? wende CleanUp an: http://virus-protect.org/cleanup.html surfe nur noch mit dem Firefox http://virus-protect.org/firefox.html ------------------------------------------------------------------------- P.S: Wild Tangent wird als Spyware eingestuft: O4 - HKLM\..\Run: [wcmdmgr] C:\WINDOWS\wt\wcmdmgrl.exe -launch Zitat Web Driver delivery system for WildTangent on-line games. Periodically checks for updates - can be disabled within the programs control panel. Note that WildTanget's privacy policy used to state that they also collect and share individuals information but this is no longer the case __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
Nachfolgend das logfile of hijackthis
Logfile of HijackThis v1.99.1
Scan saved at 12:46:02, on 04.12.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRAMME\AVPERSONAL\AVGUARD.EXE
C:\Programme\AVPersonal\AVWUPSRV.EXE
C:\WINDOWS\System32\gearsec.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Java\j2re1.4.2_03\bin\jusched.exe
C:\Programme\QuickTime\qttask.exe
C:\Programme\iTunes\iTunesHelper.exe
C:\Programme\HPQ\Quick Launch Buttons\EabServr.exe
C:\Programme\Synaptics\SynTP\SynTPLpr.exe
C:\Programme\Synaptics\SynTP\SynTPEnh.exe
C:\Programme\HP\Digital Imaging\Unload\hpqcmon.exe
C:\Programme\HP\HP Share-to-Web\hpgs2wnd.exe
C:\WINDOWS\System32\hphmon05.exe
C:\Programme\ScanSoft\OmniPageSE\opware32.exe
C:\PROGRA~1\Bluewin\QUICKH~1\SMARTB~1\MotiveSB.exe
C:\Programme\AVPersonal\AVGNT.EXE
C:\Programme\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Programme\AVPersonal\AVSched32.EXE
C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
C:\Programme\iPod\bin\iPodService.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Messenger\msmsgs.exe
C:\WINDOWS\wt\wcmdmgr.exe
C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe
C:\Programme\HP\HP Share-to-Web\hpgs2wnf.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\PROGRA~1\MICROS~3\OFFICE11\OUTLOOK.EXE
C:\Programme\Microsoft Office\OFFICE11\WINWORD.EXE
C:\DOKUME~1\ROLAND~1\LOKALE~1\Temp\Temporäres Verzeichnis 10 für hijackthis_199.zip\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/ycomp_wave/defaults/sp/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bluewin.ch/index_d.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.hp.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ycomp_wave/defaults/su/*http://www.yahoo.com
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn\ycomp5_5_5_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\ycomp5_5_5_0.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] C:\Programme\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Programme\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [UpdateManager] "C:\Programme\Gemeinsame Dateien\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [SynTPLpr] C:\Programme\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programme\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [CamMonitor] C:\Programme\HP\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Programme\HP\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [Cpqset] C:\Programme\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [Omnipage] C:\Programme\ScanSoft\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\Bluewin\QUICKH~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [AVGCtrl] C:\Programme\AVPersonal\AVGNT.EXE /min
O4 - HKLM\..\Run: [HP Software Update] C:\Programme\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [AVSCHED32] C:\Programme\AVPersonal\AVSched32.EXE /min
O4 - HKLM\..\Run: [wcmdmgr] C:\WINDOWS\wt\wcmdmgrl.exe -launch
O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background
O4 - Global Startup: Adobe Reader - Schnellstart.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Recherche-Assistent - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1132173839625
O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\PROGRAMME\AVPERSONAL\AVGUARD.EXE
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Programme\AVPersonal\AVWUPSRV.EXE
O23 - Service: Gear Security Service (GEARSecurity) - GEAR Software - C:\WINDOWS\System32\gearsec.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Programme\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe