Wo liegt da der Hund begraben ?Thema ist geschlossen! |
||
---|---|---|
Thema ist geschlossen! |
||
#0
| ||
01.08.2006, 12:39
Member
Beiträge: 12 |
||
|
||
01.08.2006, 16:41
Ehrenmitglied
Beiträge: 29434 |
#2
CWShredder
http://virus-protect.org/antispytools.html Während des Scanvorganges müssen ALLE sonstige Anwendungen beendet werden und alle Browserfenster müssen geschlossen sein! * Doppelklick CWShredder.exe * Klick "Fix ->" und klick "OK" * CWShredder scannen lassen * Click "Next->" und dann "Exit". * Log-->"make Report"--> bitte posten __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
01.08.2006, 17:32
Member
Themenstarter Beiträge: 12 |
#3
Ich hoffe, dass dieses Log hier das von Dir gebrauchte ist:
**** Run Keys **** RUN: [SoundMAXPnP] C:\Programme\Analog Devices\SoundMAX\SMax4PNP.exe RUN: [SoundMAX] "C:\Programme\Analog Devices\SoundMAX\Smax4.exe" /tray RUN: [ATIPTA] C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe RUN: [CloneCDTray] "C:\Programme\CloneCD\CloneCDTray.exe" /s RUN: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe RUN: [zBrowser Launcher] C:\Programme\Logitech\iTouch\iTouch.exe RUN: [CamMonitor] C:\Programme\Hewlett-Packard\Digital Imaging\\Unload\hpqcmon.exe RUN: [Share-to-Web Namespace Daemon] C:\Programme\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe RUN: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe RUN: [ccApp] "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe" RUN: [Skype] "C:\Programme\Skype\Phone\Skype.exe" /nosplash /minimized RUN: [Spyware Doctor] "C:\Programme\Spyware Doctor\swdoctor.exe" /Q RUN: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe **** Browser Helper Objects **** BHO: [AcroIEHlprObj Class] C:\Programme\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll BHO: [PCTools Site Guard] C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll BHO: [SSVHelper Class] C:\Programme\Java\jre1.5.0_06\bin\ssv.dll BHO: [CNavExtBho Class] C:\Programme\Norton AntiVirus\NavShExt.dll BHO: [AcroIEToolbarHelper Class] C:\Programme\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll BHO: [PCTools Browser Monitor] C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll **** IE Toolbars **** TOOLBAR: [Adobe PDF] C:\Programme\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll TOOLBAR: [Norton AntiVirus] C:\Programme\Norton AntiVirus\NavShExt.dll **** IE Extensions **** IEExt: [Web Browser Applet Control] C:\WINDOWS\system32\msjava.dll IEExt: [Spyware Doctor] C:\WINDOWS\system32\msjava.dll IEExt: [Recherchieren] C:\WINDOWS\system32\msjava.dll IEExt: [Messenger] C:\Programme\Messenger\msmsgs.exe **** Hosts File Entries **** HOSTS: 127.0.0.1 localhost HOSTS: 127.0.0.1 www.archiviosex.net HOSTS: 127.0.0.1 www.archiviosex.net **** IE Settings **** Default Page: http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome Default Search: http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Local Page: C:\WINDOWS\system32\blank.htm Search Bar: http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Search Page: http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch **** IE Context Menu (Right click) **** IEContext: [Nach Microsoft &Excel exportieren] res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 **** Layered Service Providers **** LSP: MSAFD Tcpip [TCP/IP] LSP: MSAFD Tcpip [UDP/IP] LSP: RSVP UDP Service Provider LSP: RSVP TCP Service Provider LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{EA0A93AD-DD52-40C0-9FFF-7EBBC6A90383}] SEQPACKET 3 LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{EA0A93AD-DD52-40C0-9FFF-7EBBC6A90383}] DATAGRAM 3 LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{479EFE26-2988-4710-9752-EDC4E7581F58}] SEQPACKET 0 LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{479EFE26-2988-4710-9752-EDC4E7581F58}] DATAGRAM 0 LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{A45F3FD9-12A5-4824-95DD-267507AE95DC}] SEQPACKET 1 LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{A45F3FD9-12A5-4824-95DD-267507AE95DC}] DATAGRAM 1 LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{AF675804-9FE0-4EBA-8AAC-CBBC727C60CD}] SEQPACKET 2 LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{AF675804-9FE0-4EBA-8AAC-CBBC727C60CD}] DATAGRAM 2 LSP: MSAFD Irda [IrDA] **** Blocked Control Panel Items **** BLOCKED: [ncpa.cpl] No BLOCKED: [odbccp32.cpl] No **** Downloaded Program Files **** Microsoft XML Parser for Java [file://C:\WINDOWS\Java\classes\xmldso.cab] {11260943-421B-11D0-8EAC-0000C07D88CF} [http://www.ipix.com/viewers/ipixx.cab] C:\WINDOWS\system32\mm32DCMP.DLL C:\WINDOWS\system32\IPX32d56.dll C:\WINDOWS\Downloaded Program Files\ipixx.ocx {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} [http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1141319657828] {8AD9C840-044E-11D1-B3E9-00805F499D93} [http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab] {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} [http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab] {D27CDB6E-AE6D-11CF-96B8-444553540000} [http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab] **** Windows Services **** [Alerter] %SystemRoot%\system32\svchost.exe -k LocalService [ALG] %SystemRoot%\System32\alg.exe [AppMgmt] %SystemRoot%\system32\svchost.exe -k netsvcs [aspnet_state] %SystemRoot%\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [Ati HotKey Poller] %SystemRoot%\system32\Ati2evxx.exe [ATI Smart] C:\WINDOWS\system32\ati2sgag.exe [AudioSrv] %SystemRoot%\System32\svchost.exe -k netsvcs [BITS] %SystemRoot%\system32\svchost.exe -k netsvcs [Browser] %SystemRoot%\system32\svchost.exe -k netsvcs [ccEvtMgr] "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe" [ccSetMgr] "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe" [CiSvc] %SystemRoot%\system32\cisvc.exe [ClipSrv] %SystemRoot%\system32\clipsrv.exe [COMSysApp] C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} [CryptSvc] %SystemRoot%\system32\svchost.exe -k netsvcs [DcomLaunch] %SystemRoot%\system32\svchost -k DcomLaunch [Dhcp] %SystemRoot%\system32\svchost.exe -k netsvcs [dmadmin] %SystemRoot%\System32\dmadmin.exe /com [dmserver] %SystemRoot%\System32\svchost.exe -k netsvcs [Dnscache] %SystemRoot%\system32\svchost.exe -k NetworkService [ERSvc] %SystemRoot%\System32\svchost.exe -k netsvcs [Eventlog] %SystemRoot%\system32\services.exe [EventSystem] C:\WINDOWS\system32\svchost.exe -k netsvcs [FastUserSwitchingCompatibility] %SystemRoot%\System32\svchost.exe -k netsvcs [helpsvc] %SystemRoot%\System32\svchost.exe -k netsvcs [HidServ] %SystemRoot%\System32\svchost.exe -k netsvcs [HTTPFilter] %SystemRoot%\System32\svchost.exe -k HTTPFilter [ImapiService] C:\WINDOWS\system32\imapi.exe [Irmon] %SystemRoot%\system32\svchost.exe -k netsvcs [lanmanserver] %SystemRoot%\system32\svchost.exe -k netsvcs [lanmanworkstation] %SystemRoot%\system32\svchost.exe -k netsvcs [LmHosts] %SystemRoot%\system32\svchost.exe -k LocalService [MDM] "C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE" [Messenger] %SystemRoot%\system32\svchost.exe -k netsvcs [mnmsrvc] C:\WINDOWS\system32\mnmsrvc.exe [MSDTC] C:\WINDOWS\system32\msdtc.exe [MSIServer] C:\WINDOWS\system32\msiexec.exe /V [navapsvc] "C:\Programme\Norton AntiVirus\navapsvc.exe" [NetDDE] %SystemRoot%\system32\netdde.exe [NetDDEdsdm] %SystemRoot%\system32\netdde.exe [Netlogon] %SystemRoot%\system32\lsass.exe [Netman] %SystemRoot%\System32\svchost.exe -k netsvcs [Nla] %SystemRoot%\system32\svchost.exe -k netsvcs [NPFMntor] "C:\Programme\Norton AntiVirus\IWP\NPFMntor.exe" [NSCService] "C:\Programme\Gemeinsame Dateien\Symantec Shared\Security Console\NSCSRVCE.EXE" [NtLmSsp] %SystemRoot%\system32\lsass.exe [NtmsSvc] %SystemRoot%\system32\svchost.exe -k netsvcs [ose] "C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE" [PlugPlay] %SystemRoot%\system32\services.exe [Pml Driver] C:\WINDOWS\system32\HPHipm09.exe [PolicyAgent] %SystemRoot%\system32\lsass.exe [ProtectedStorage] %SystemRoot%\system32\lsass.exe [RasAuto] %SystemRoot%\system32\svchost.exe -k netsvcs [RasMan] %SystemRoot%\system32\svchost.exe -k netsvcs [RDSessMgr] C:\WINDOWS\system32\sessmgr.exe [RemoteAccess] %SystemRoot%\system32\svchost.exe -k netsvcs [RemoteRegistry] %SystemRoot%\system32\svchost.exe -k LocalService [RpcLocator] %SystemRoot%\system32\locator.exe [RpcSs] %SystemRoot%\system32\svchost -k rpcss [RSVP] %SystemRoot%\system32\rsvp.exe [SamSs] %SystemRoot%\system32\lsass.exe [SAVScan] "C:\Programme\Norton AntiVirus\SAVScan.exe" [SCardSvr] %SystemRoot%\System32\SCardSvr.exe [Schedule] %SystemRoot%\System32\svchost.exe -k netsvcs [SDhelper] C:\Programme\Spyware Doctor\sdhelp.exe [seclogon] %SystemRoot%\System32\svchost.exe -k netsvcs [SENS] %SystemRoot%\system32\svchost.exe -k netsvcs [ShellHWDetection] %SystemRoot%\System32\svchost.exe -k netsvcs [SNDSrvc] "C:\Programme\Gemeinsame Dateien\Symantec Shared\SNDSrvc.exe" [SoundMAX Agent Service (default)] C:\Programme\Analog Devices\SoundMAX\SMAgent.exe [SPBBCSvc] "C:\Programme\Gemeinsame Dateien\Symantec Shared\SPBBC\SPBBCSvc.exe" [Spooler] %SystemRoot%\system32\spoolsv.exe [srservice] %SystemRoot%\system32\svchost.exe -k netsvcs [SSDPSRV] %SystemRoot%\system32\svchost.exe -k LocalService [stisvc] %SystemRoot%\system32\svchost.exe -k imgsvc [SwPrv] C:\WINDOWS\system32\dllhost.exe /Processid:{19066EF9-01F9-4B87-9D07-CE78A9BD5B9A} [Symantec Core LC] "C:\Programme\Gemeinsame Dateien\Symantec Shared\CCPD-LC\symlcsvc.exe" [SysmonLog] %SystemRoot%\system32\smlogsvc.exe [TapiSrv] %SystemRoot%\System32\svchost.exe -k netsvcs [TermService] %SystemRoot%\System32\svchost -k DComLaunch [Themes] %SystemRoot%\System32\svchost.exe -k netsvcs [TlntSvr] C:\WINDOWS\system32\tlntsvr.exe [TrkWks] %SystemRoot%\system32\svchost.exe -k netsvcs [UMWdf] C:\WINDOWS\system32\wdfmgr.exe [upnphost] %SystemRoot%\system32\svchost.exe -k LocalService [UPS] %SystemRoot%\System32\ups.exe [VSS] %SystemRoot%\System32\vssvc.exe [W32Time] %SystemRoot%\System32\svchost.exe -k netsvcs [WebClient] %SystemRoot%\system32\svchost.exe -k LocalService [winmgmt] %systemroot%\system32\svchost.exe -k netsvcs [WmcCds] c:\programme\windows media connect\mswmccds.exe [WmcCdsLs] C:\Programme\Windows Media Connect\mswmcls.exe [WmdmPmSN] %SystemRoot%\System32\svchost.exe -k netsvcs [Wmi] %SystemRoot%\System32\svchost.exe -k netsvcs [WmiApSrv] C:\WINDOWS\system32\wbem\wmiapsrv.exe [wscsvc] %SystemRoot%\System32\svchost.exe -k netsvcs [wuauserv] %systemroot%\system32\svchost.exe -k netsvcs [WZCSVC] %SystemRoot%\System32\svchost.exe -k netsvcs [xmlprov] %SystemRoot%\System32\svchost.exe -k netsvcs **** Custom IE Search Items **** SEARCH: [SearchAssistant] http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm SEARCH: [CustomizeSearch] http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm **** Complete IE Options **** IEOPT: [NoUpdateCheck] IEOPT: [NoJITSetup] IEOPT: [Disable Script Debugger] yes IEOPT: [Show_ChannelBand] No IEOPT: [Anchor Underline] yes IEOPT: [Cache_Update_Frequency] Once_Per_Session IEOPT: [Display Inline Images] yes IEOPT: [Do404Search] IEOPT: [Local Page] C:\WINDOWS\system32\blank.htm IEOPT: [Save_Session_History_On_Exit] no IEOPT: [Show_FullURL] no IEOPT: [Show_StatusBar] yes IEOPT: [Show_ToolBar] yes IEOPT: [Show_URLinStatusBar] yes IEOPT: [Show_URLToolBar] yes IEOPT: [Start Page] http://www.google.ch/ IEOPT: [Use_DlgBox_Colors] yes IEOPT: [Search Page] http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IEOPT: [FullScreen] no IEOPT: [Window_Placement] , IEOPT: [Disable Script DebuggerX] yes IEOPT: [Error Dlg Displayed On Every Error] no IEOPT: [Error Dlg Displayed On Every ErrorX] no IEOPT: [Error Dlg Details Pane Open] no IEOPT: [NotifyDownloadComplete] yes IEOPT: [Force Offscreen Composition] IEOPT: [ShowGoButton] yes IEOPT: [NoWebJITSetup] IEOPT: [Friendly http errors] yes IEOPT: [FavIntelliMenus] no IEOPT: [NscSingleExpand] IEOPT: [SmoothScroll] IEOPT: [Page_Transitions] IEOPT: [DisableScriptDebuggerIE] yes IEOPT: [AllowWindowReuse] IEOPT: [UseThemes] IEOPT: [Print_Background] no IEOPT: [Expand Alt Text] no IEOPT: [Move System Caret] no IEOPT: [Play_Animations] yes IEOPT: [Enable AutoImageResize] yes IEOPT: [Enable_MyPics_Hoverbar] yes IEOPT: [Show image placeholders] IEOPT: [Play_Background_Sounds] yes IEOPT: [Display Inline Videos] yes IEOPT: [LastCheckedHi] a±Æs IEOPT: [Use FormSuggest] yes IEOPT: [ShowedCheckBrowser] Yes IEOPT: [Check_Associations] No IEOPT: [FormSuggest PW Ask] no IEOPT: [CustomizeSearch] IEOPT: [SearchAssistant] IEOPT: [SearchBar] IEOPT: [Use Search Asst] IEOPT: [Search Bar] http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IEOPT: [Default_Page_URL] http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome IEOPT: [Default_Search_URL] http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IEOPT: [Search Page] http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IEOPT: [Enable_Disk_Cache] yes IEOPT: [Cache_Percent_of_Disk] IEOPT: [Delete_Temp_Files_On_Exit] yes IEOPT: [Local Page] %SystemRoot%\system32\blank.htm IEOPT: [Anchor_Visitation_Horizon] IEOPT: [Use_Async_DNS] yes IEOPT: [Placeholder_Width] IEOPT: [Placeholder_Height] IEOPT: [Start Page] http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home IEOPT: [CompanyName] Microsoft Corporation IEOPT: [Custom_Key] MICROSO IEOPT: [Wizard_Version] 6.0.2600.0000 IEOPT: [FullScreen] no |
|
|
||
01.08.2006, 18:44
Ehrenmitglied
Beiträge: 29434 |
#4
Hoster.zip
http://www.funkytoad.com/download/hoster.zip Press 'Restore Original Hosts' and press 'OK' Exit Program. dann scanne noch mal und poste den report __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
01.08.2006, 19:43
Member
Themenstarter Beiträge: 12 |
#5
Also....
Hab nun den Hoster.zip runtergeladen und mal genau wie von Dir geschrieben ausgeführt. Habe die Windows Host Originale restored und danach mittels CWShredder nochmals gescannt: **** Run Keys **** RUN: [SoundMAXPnP] C:\Programme\Analog Devices\SoundMAX\SMax4PNP.exe RUN: [SoundMAX] "C:\Programme\Analog Devices\SoundMAX\Smax4.exe" /tray RUN: [ATIPTA] C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe RUN: [CloneCDTray] "C:\Programme\CloneCD\CloneCDTray.exe" /s RUN: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe RUN: [zBrowser Launcher] C:\Programme\Logitech\iTouch\iTouch.exe RUN: [CamMonitor] C:\Programme\Hewlett-Packard\Digital Imaging\\Unload\hpqcmon.exe RUN: [Share-to-Web Namespace Daemon] C:\Programme\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe RUN: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe RUN: [ccApp] "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe" RUN: [Skype] "C:\Programme\Skype\Phone\Skype.exe" /nosplash /minimized RUN: [Spyware Doctor] "C:\Programme\Spyware Doctor\swdoctor.exe" /Q RUN: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe **** Browser Helper Objects **** BHO: [AcroIEHlprObj Class] C:\Programme\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll BHO: [PCTools Site Guard] C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll BHO: [SSVHelper Class] C:\Programme\Java\jre1.5.0_06\bin\ssv.dll BHO: [CNavExtBho Class] C:\Programme\Norton AntiVirus\NavShExt.dll BHO: [AcroIEToolbarHelper Class] C:\Programme\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll BHO: [PCTools Browser Monitor] C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll **** IE Toolbars **** TOOLBAR: [Adobe PDF] C:\Programme\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll TOOLBAR: [Norton AntiVirus] C:\Programme\Norton AntiVirus\NavShExt.dll **** IE Extensions **** IEExt: [Web Browser Applet Control] C:\WINDOWS\system32\msjava.dll IEExt: [Spyware Doctor] C:\WINDOWS\system32\msjava.dll IEExt: [Recherchieren] C:\WINDOWS\system32\msjava.dll IEExt: [Messenger] C:\Programme\Messenger\msmsgs.exe **** Hosts File Entries **** HOSTS: 127.0.0.1 localhost HOSTS: 127.0.0.1 localhost **** IE Settings **** Default Page: http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome Default Search: http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Local Page: C:\WINDOWS\system32\blank.htm Search Bar: http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Search Page: http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch **** IE Context Menu (Right click) **** IEContext: [Nach Microsoft &Excel exportieren] res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 **** Layered Service Providers **** LSP: MSAFD Tcpip [TCP/IP] LSP: MSAFD Tcpip [UDP/IP] LSP: RSVP UDP Service Provider LSP: RSVP TCP Service Provider LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{EA0A93AD-DD52-40C0-9FFF-7EBBC6A90383}] SEQPACKET 3 LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{EA0A93AD-DD52-40C0-9FFF-7EBBC6A90383}] DATAGRAM 3 LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{479EFE26-2988-4710-9752-EDC4E7581F58}] SEQPACKET 0 LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{479EFE26-2988-4710-9752-EDC4E7581F58}] DATAGRAM 0 LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{A45F3FD9-12A5-4824-95DD-267507AE95DC}] SEQPACKET 1 LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{A45F3FD9-12A5-4824-95DD-267507AE95DC}] DATAGRAM 1 LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{AF675804-9FE0-4EBA-8AAC-CBBC727C60CD}] SEQPACKET 2 LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{AF675804-9FE0-4EBA-8AAC-CBBC727C60CD}] DATAGRAM 2 LSP: MSAFD Irda [IrDA] **** Blocked Control Panel Items **** BLOCKED: [ncpa.cpl] No BLOCKED: [odbccp32.cpl] No **** Downloaded Program Files **** Microsoft XML Parser for Java [file://C:\WINDOWS\Java\classes\xmldso.cab] {11260943-421B-11D0-8EAC-0000C07D88CF} [http://www.ipix.com/viewers/ipixx.cab] C:\WINDOWS\system32\mm32DCMP.DLL C:\WINDOWS\system32\IPX32d56.dll C:\WINDOWS\Downloaded Program Files\ipixx.ocx {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} [http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1141319657828] {8AD9C840-044E-11D1-B3E9-00805F499D93} [http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab] {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} [http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab] {D27CDB6E-AE6D-11CF-96B8-444553540000} [http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab] **** Windows Services **** [Alerter] %SystemRoot%\system32\svchost.exe -k LocalService [ALG] %SystemRoot%\System32\alg.exe [AppMgmt] %SystemRoot%\system32\svchost.exe -k netsvcs [aspnet_state] %SystemRoot%\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [Ati HotKey Poller] %SystemRoot%\system32\Ati2evxx.exe [ATI Smart] C:\WINDOWS\system32\ati2sgag.exe [AudioSrv] %SystemRoot%\System32\svchost.exe -k netsvcs [BITS] %SystemRoot%\system32\svchost.exe -k netsvcs [Browser] %SystemRoot%\system32\svchost.exe -k netsvcs [ccEvtMgr] "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe" [ccSetMgr] "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe" [CiSvc] %SystemRoot%\system32\cisvc.exe [ClipSrv] %SystemRoot%\system32\clipsrv.exe [COMSysApp] C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} [CryptSvc] %SystemRoot%\system32\svchost.exe -k netsvcs [DcomLaunch] %SystemRoot%\system32\svchost -k DcomLaunch [Dhcp] %SystemRoot%\system32\svchost.exe -k netsvcs [dmadmin] %SystemRoot%\System32\dmadmin.exe /com [dmserver] %SystemRoot%\System32\svchost.exe -k netsvcs [Dnscache] %SystemRoot%\system32\svchost.exe -k NetworkService [ERSvc] %SystemRoot%\System32\svchost.exe -k netsvcs [Eventlog] %SystemRoot%\system32\services.exe [EventSystem] C:\WINDOWS\system32\svchost.exe -k netsvcs [FastUserSwitchingCompatibility] %SystemRoot%\System32\svchost.exe -k netsvcs [helpsvc] %SystemRoot%\System32\svchost.exe -k netsvcs [HidServ] %SystemRoot%\System32\svchost.exe -k netsvcs [HTTPFilter] %SystemRoot%\System32\svchost.exe -k HTTPFilter [ImapiService] C:\WINDOWS\system32\imapi.exe [Irmon] %SystemRoot%\system32\svchost.exe -k netsvcs [lanmanserver] %SystemRoot%\system32\svchost.exe -k netsvcs [lanmanworkstation] %SystemRoot%\system32\svchost.exe -k netsvcs [LmHosts] %SystemRoot%\system32\svchost.exe -k LocalService [MDM] "C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE" [Messenger] %SystemRoot%\system32\svchost.exe -k netsvcs [mnmsrvc] C:\WINDOWS\system32\mnmsrvc.exe [MSDTC] C:\WINDOWS\system32\msdtc.exe [MSIServer] C:\WINDOWS\system32\msiexec.exe /V [navapsvc] "C:\Programme\Norton AntiVirus\navapsvc.exe" [NetDDE] %SystemRoot%\system32\netdde.exe [NetDDEdsdm] %SystemRoot%\system32\netdde.exe [Netlogon] %SystemRoot%\system32\lsass.exe [Netman] %SystemRoot%\System32\svchost.exe -k netsvcs [Nla] %SystemRoot%\system32\svchost.exe -k netsvcs [NPFMntor] "C:\Programme\Norton AntiVirus\IWP\NPFMntor.exe" [NSCService] "C:\Programme\Gemeinsame Dateien\Symantec Shared\Security Console\NSCSRVCE.EXE" [NtLmSsp] %SystemRoot%\system32\lsass.exe [NtmsSvc] %SystemRoot%\system32\svchost.exe -k netsvcs [ose] "C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE" [PlugPlay] %SystemRoot%\system32\services.exe [Pml Driver] C:\WINDOWS\system32\HPHipm09.exe [PolicyAgent] %SystemRoot%\system32\lsass.exe [ProtectedStorage] %SystemRoot%\system32\lsass.exe [RasAuto] %SystemRoot%\system32\svchost.exe -k netsvcs [RasMan] %SystemRoot%\system32\svchost.exe -k netsvcs [RDSessMgr] C:\WINDOWS\system32\sessmgr.exe [RemoteAccess] %SystemRoot%\system32\svchost.exe -k netsvcs [RemoteRegistry] %SystemRoot%\system32\svchost.exe -k LocalService [RpcLocator] %SystemRoot%\system32\locator.exe [RpcSs] %SystemRoot%\system32\svchost -k rpcss [RSVP] %SystemRoot%\system32\rsvp.exe [SamSs] %SystemRoot%\system32\lsass.exe [SAVScan] "C:\Programme\Norton AntiVirus\SAVScan.exe" [SCardSvr] %SystemRoot%\System32\SCardSvr.exe [Schedule] %SystemRoot%\System32\svchost.exe -k netsvcs [SDhelper] C:\Programme\Spyware Doctor\sdhelp.exe [seclogon] %SystemRoot%\System32\svchost.exe -k netsvcs [SENS] %SystemRoot%\system32\svchost.exe -k netsvcs [ShellHWDetection] %SystemRoot%\System32\svchost.exe -k netsvcs [SNDSrvc] "C:\Programme\Gemeinsame Dateien\Symantec Shared\SNDSrvc.exe" [SoundMAX Agent Service (default)] C:\Programme\Analog Devices\SoundMAX\SMAgent.exe [SPBBCSvc] "C:\Programme\Gemeinsame Dateien\Symantec Shared\SPBBC\SPBBCSvc.exe" [Spooler] %SystemRoot%\system32\spoolsv.exe [srservice] %SystemRoot%\system32\svchost.exe -k netsvcs [SSDPSRV] %SystemRoot%\system32\svchost.exe -k LocalService [stisvc] %SystemRoot%\system32\svchost.exe -k imgsvc [SwPrv] C:\WINDOWS\system32\dllhost.exe /Processid:{19066EF9-01F9-4B87-9D07-CE78A9BD5B9A} [Symantec Core LC] "C:\Programme\Gemeinsame Dateien\Symantec Shared\CCPD-LC\symlcsvc.exe" [SysmonLog] %SystemRoot%\system32\smlogsvc.exe [TapiSrv] %SystemRoot%\System32\svchost.exe -k netsvcs [TermService] %SystemRoot%\System32\svchost -k DComLaunch [Themes] %SystemRoot%\System32\svchost.exe -k netsvcs [TlntSvr] C:\WINDOWS\system32\tlntsvr.exe [TrkWks] %SystemRoot%\system32\svchost.exe -k netsvcs [UMWdf] C:\WINDOWS\system32\wdfmgr.exe [upnphost] %SystemRoot%\system32\svchost.exe -k LocalService [UPS] %SystemRoot%\System32\ups.exe [VSS] %SystemRoot%\System32\vssvc.exe [W32Time] %SystemRoot%\System32\svchost.exe -k netsvcs [WebClient] %SystemRoot%\system32\svchost.exe -k LocalService [winmgmt] %systemroot%\system32\svchost.exe -k netsvcs [WmcCds] c:\programme\windows media connect\mswmccds.exe [WmcCdsLs] C:\Programme\Windows Media Connect\mswmcls.exe [WmdmPmSN] %SystemRoot%\System32\svchost.exe -k netsvcs [Wmi] %SystemRoot%\System32\svchost.exe -k netsvcs [WmiApSrv] C:\WINDOWS\system32\wbem\wmiapsrv.exe [wscsvc] %SystemRoot%\System32\svchost.exe -k netsvcs [wuauserv] %systemroot%\system32\svchost.exe -k netsvcs [WZCSVC] %SystemRoot%\System32\svchost.exe -k netsvcs [xmlprov] %SystemRoot%\System32\svchost.exe -k netsvcs **** Custom IE Search Items **** SEARCH: [SearchAssistant] http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm SEARCH: [CustomizeSearch] http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm **** Complete IE Options **** IEOPT: [NoUpdateCheck] IEOPT: [NoJITSetup] IEOPT: [Disable Script Debugger] yes IEOPT: [Show_ChannelBand] No IEOPT: [Anchor Underline] yes IEOPT: [Cache_Update_Frequency] Once_Per_Session IEOPT: [Display Inline Images] yes IEOPT: [Do404Search] IEOPT: [Local Page] C:\WINDOWS\system32\blank.htm IEOPT: [Save_Session_History_On_Exit] no IEOPT: [Show_FullURL] no IEOPT: [Show_StatusBar] yes IEOPT: [Show_ToolBar] yes IEOPT: [Show_URLinStatusBar] yes IEOPT: [Show_URLToolBar] yes IEOPT: [Start Page] http://www.google.ch/ IEOPT: [Use_DlgBox_Colors] yes IEOPT: [Search Page] http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IEOPT: [FullScreen] no IEOPT: [Window_Placement] , IEOPT: [Disable Script DebuggerX] yes IEOPT: [Error Dlg Displayed On Every Error] no IEOPT: [Error Dlg Displayed On Every ErrorX] no IEOPT: [Error Dlg Details Pane Open] no IEOPT: [NotifyDownloadComplete] yes IEOPT: [Force Offscreen Composition] IEOPT: [ShowGoButton] yes IEOPT: [NoWebJITSetup] IEOPT: [Friendly http errors] yes IEOPT: [FavIntelliMenus] no IEOPT: [NscSingleExpand] IEOPT: [SmoothScroll] IEOPT: [Page_Transitions] IEOPT: [DisableScriptDebuggerIE] yes IEOPT: [AllowWindowReuse] IEOPT: [UseThemes] IEOPT: [Print_Background] no IEOPT: [Expand Alt Text] no IEOPT: [Move System Caret] no IEOPT: [Play_Animations] yes IEOPT: [Enable AutoImageResize] yes IEOPT: [Enable_MyPics_Hoverbar] yes IEOPT: [Show image placeholders] IEOPT: [Play_Background_Sounds] yes IEOPT: [Display Inline Videos] yes IEOPT: [LastCheckedHi] a±Æs IEOPT: [Use FormSuggest] yes IEOPT: [ShowedCheckBrowser] Yes IEOPT: [Check_Associations] No IEOPT: [FormSuggest PW Ask] no IEOPT: [CustomizeSearch] IEOPT: [SearchAssistant] IEOPT: [SearchBar] IEOPT: [Use Search Asst] IEOPT: [Search Bar] http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IEOPT: [Default_Page_URL] http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome IEOPT: [Default_Search_URL] http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IEOPT: [Search Page] http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IEOPT: [Enable_Disk_Cache] yes IEOPT: [Cache_Percent_of_Disk] IEOPT: [Delete_Temp_Files_On_Exit] yes IEOPT: [Local Page] %SystemRoot%\system32\blank.htm IEOPT: [Anchor_Visitation_Horizon] IEOPT: [Use_Async_DNS] yes IEOPT: [Placeholder_Width] IEOPT: [Placeholder_Height] IEOPT: [Start Page] http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home IEOPT: [CompanyName] Microsoft Corporation IEOPT: [Custom_Key] MICROSO IEOPT: [Wizard_Version] 6.0.2600.0000 IEOPT: [FullScreen] no Wie nun weiter ? Danke schon mal herzlich für Deine Bemühungen und die Hilfe ! |
|
|
||
01.08.2006, 20:33
Ehrenmitglied
Beiträge: 29434 |
#6
nun muesste es eigentlich wieder in Ordnung sein, jedenfalls ist der host wieder sauber.
Berichte bitte. __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
01.08.2006, 20:40
Member
Themenstarter Beiträge: 12 |
#7
ALLES KLAR !
Problem offenbar behoben ! - D.h. nach dem Start wird nun kein Browserfenster mehr geöffnet. HERZLICHEN DANK !!!! |
|
|
||
Hier mal meine Hijackthis.log
Wo könnte das Problem liegen ? - Wenn ich dieses File mal über www.hijackthis.de auswerten lasse, so werden da keine Probleme gefunden.
Wo also könnte da der Hund noch begraben liegen ?
Danke schon mal für Eure Tips !!!
Logfile of HijackThis v1.99.1
Scan saved at 12:35:43, on 01.08.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\SNDSrvc.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Programme\Norton AntiVirus\navapsvc.exe
C:\Programme\Norton AntiVirus\IWP\NPFMntor.exe
C:\Programme\Spyware Doctor\sdhelp.exe
C:\Programme\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Programme\Analog Devices\SoundMAX\Smax4.exe
C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
C:\Programme\Logitech\iTouch\iTouch.exe
C:\Programme\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
C:\Programme\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe
C:\Programme\Logitech\MouseWare\system\em_exec.exe
C:\Programme\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Programme\Skype\Phone\Skype.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Spyware Doctor\swdoctor.exe
C:\Programme\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Programme\PrintKey2000\Printkey2000.exe
C:\Programme\WinZip\WZQKPICK.EXE
C:\WINDOWS\System32\svchost.exe
C:\Programme\Messenger\msmsgs.exe
C:\Programme\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Programme\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Programme\Gemeinsame Dateien\Symantec Shared\Security Console\NSCSRVCE.EXE
E:\Filesharing\SW_LIBRARY\Hijackthis\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ch/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Programme\Norton AntiVirus\NavShExt.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programme\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Programme\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Programme\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Programme\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [ATIPTA] C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [CloneCDTray] "C:\Programme\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Programme\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [CamMonitor] C:\Programme\Hewlett-Packard\Digital Imaging\\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Programme\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ccApp] "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKCU\..\Run: [Skype] "C:\Programme\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Programme\Spyware Doctor\swdoctor.exe" /Q
O4 - Global Startup: Acrobat Assistant.lnk = C:\Programme\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programme\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Printkey2000.lnk = C:\Programme\PrintKey2000\Printkey2000.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Programme\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1141319657828
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe
O23 - Service: Norton AntiVirus Auto-Protect-Dienst (navapsvc) - Symantec Corporation - C:\Programme\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Programme\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: Pml Driver - HP - C:\WINDOWS\system32\HPHipm09.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Programme\Norton AntiVirus\SAVScan.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Programme\Spyware Doctor\sdhelp.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\SNDSrvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programme\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: SPBBCSvc - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\CCPD-LC\symlcsvc.exe