Virus oder sonstwas??Hijackthis?Thema ist geschlossen! |
||
---|---|---|
Thema ist geschlossen! |
||
#0
| ||
05.10.2006, 00:35
...neu hier
Beiträge: 5 |
||
|
||
05.10.2006, 01:01
Ehrenmitglied
Beiträge: 29434 |
#2
hallo
poste bitte hier dieses log http://virus-protect.org/artikel/tools/combofix.html __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
05.10.2006, 10:11
...neu hier
Themenstarter Beiträge: 5 |
#3
Guten Morgen,
so, hab ich gemacht: Bettina - 06-10-05 8:29:07.56 Service Pack 2 ComboFix 06.09.28 - Running from: "C:\Dokumente und Einstellungen\Bettina\appleJuice\incoming" ((((((((((((((((((((((((((((((( Files Created from 2006-09-05 to 2006-10-05 )))))))))))))))))))))))))))))))))) 2006-10-04 10:11 76,560 --a------ C:\WINDOWS\system32\drivers\tmcomm.sys 2006-10-01 22:12 28,672 --a------ C:\WINDOWS\system32\drivers\CO_Mon.sys 2006-10-01 01:00 1,060,864 --a------ C:\WINDOWS\system32\MFC71.dll 2006-09-10 20:01 31,616 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys 2006-09-10 20:01 21,504 --a------ C:\WINDOWS\system32\hidserv.dll 2006-09-10 20:01 14,848 --a------ C:\WINDOWS\system32\drivers\kbdhid.sys (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))) 2006-10-05 00:07 -------- d-------- C:\Programme\HijackThis 2006-10-04 23:03 5029508 --a------ C:\Programme\drweb-cureit.exe 2006-10-04 10:34 -------- d-------- C:\Programme\PerformanceTest 2006-10-03 22:47 -------- d-------- C:\Programme\CheckIt 2006-10-03 20:05 -------- d-------- C:\Programme\Mozilla Firefox 2006-10-03 16:41 -------- d--h----- C:\Programme\InstallShield Installation Information 2006-10-03 16:33 -------- d-------- C:\Programme\DaViDeo 4 professional 2006-10-03 16:32 -------- d-------- C:\Programme\Gemeinsame Dateien 2006-10-03 16:28 -------- d-------- C:\Programme\DaViDeo 4 2006-10-03 13:41 96256 --a------ C:\WINDOWS\system32\drivers\sptd8717.sys 2006-10-02 09:36 -------- d-------- C:\Programme\Trend Micro 2006-10-01 20:53 -------- d-------- C:\Dokumente und Einstellungen\Bettina\Anwendungsdaten\Lavasoft 2006-10-01 20:52 -------- d-------- C:\Programme\Lavasoft 2006-10-01 17:35 -------- d-------- C:\Programme\Unlocker 2006-10-01 01:00 -------- d-------- C:\Programme\Alwil Software 2006-09-28 21:25 -------- d-------- C:\Programme\Sunbelt Software 2006-09-25 20:30 -------- d-------- C:\Programme\ProcessGuard 2006-09-24 22:30 -------- d-------- C:\Programme\Internet Explorer 2006-09-24 22:21 -------- d-------- C:\Programme\FlashFXP 2006-09-24 21:58 -------- d-------- C:\Programme\VideoReDoPlus1 2006-09-24 21:24 -------- d-------- C:\Programme\CCleaner 2006-09-23 23:07 359808 --a------ C:\WINDOWS\system32\drivers\tcpip.sys 2006-09-23 22:38 -------- d-------- C:\Programme\Java 2006-09-05 09:16 -------- d-------- C:\Programme\VideoReDoPlus 2006-08-31 15:08 -------- d---s---- C:\Dokumente und Einstellungen\Bettina\Anwendungsdaten\Microsoft 2006-08-31 15:08 -------- d-------- C:\Dokumente und Einstellungen\Bettina\Anwendungsdaten\Cuttermaran 2006-08-24 20:15 -------- d-------- C:\Programme\eRightSoft 2006-08-23 23:38 42920 --a------ C:\WINDOWS\system32\vsutil_loc0407.dll 2006-08-23 21:57 -------- d-------- C:\Programme\Cuttermaran 2006-08-21 09:26 -------- d-------- C:\Dokumente und Einstellungen\Bettina\Anwendungsdaten\Pegasys Inc 2006-08-21 09:16 -------- d-------- C:\Programme\Pegasys Inc 2006-08-20 14:27 -------- d-------- C:\Dokumente und Einstellungen\Bettina\Anwendungsdaten\VCDEasy 2006-08-20 14:26 -------- d-------- C:\Programme\VCDEasy 2006-08-20 01:00 -------- d-------- C:\Dokumente und Einstellungen\Bettina\Anwendungsdaten\uTorrent 2006-08-18 09:41 -------- d-------- C:\Programme\KaLoMa 2006-08-17 20:34 -------- d-------- C:\Programme\xp-AntiSpy 2006-08-17 20:18 -------- d-------- C:\Dokumente und Einstellungen\Bettina\Anwendungsdaten\MCMPEGEnc 2006-08-17 20:16 -------- d-------- C:\Programme\Super Video Splitter 2006-08-17 18:42 -------- d-------- C:\Programme\MainConcept 2006-08-16 18:19 65536 --------- C:\WINDOWS\system32\DVDKeyAuth.dll 2006-08-16 18:19 213054 --a--c--- C:\WINDOWS\GSetup.exe 2006-08-16 18:03 -------- d-------- C:\Programme\Gemeinsame Dateien\Adobe 2006-08-16 18:03 -------- d-------- C:\Programme\Adobe 2006-08-16 16:29 53248 --a------ C:\WINDOWS\system32\GEARSEC.EXE 2006-08-15 20:54 -------- d-------- C:\Dokumente und Einstellungen\Bettina\Anwendungsdaten\Adobe 2006-08-15 20:13 -------- d-------- C:\Programme\Windows Media Player 2006-08-15 11:42 729088 --a------ C:\WINDOWS\iun6002.exe 2006-08-14 21:49 -------- d-------- C:\Programme\nanocosmos (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries are not shown [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe" "NBJ"="\"C:\\Programme\\Ahead\\Nero BackItUp\\NBJ.exe\"" "!1_ProcessGuard_Startup"="\"C:\\Programme\\ProcessGuard\\procguard.exe\" -minimize" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\System32\\NvCpl.dll,NvStartup" "NvMediaCenter"="RUNDLL32.EXE C:\\WINDOWS\\System32\\NvMcTray.dll,NvTaskbarInit" "C-Media Mixer"="Mixer.exe /startup" "BluetoothAuthenticationAgent"="rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent" "NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe" "KAVPersonal50"="\"C:\\Programme\\Kaspersky Lab\\Kaspersky Anti-Virus Personal Pro\\kav.exe\" /minimize" "!1_pgaccount"="\"C:\\Programme\\ProcessGuard\\pgaccount.exe\"" "SunJavaUpdateSched"="\"C:\\Programme\\Java\\jre1.5.0_08\\bin\\jusched.exe\"" "SunServer"="C:\\Programme\\Sunbelt Software\\CounterSpy\\Consumer\\sunserver.exe" "Zone Labs Client"="\"C:\\Programme\\Zone Labs\\ZoneAlarm\\zlclient.exe\"" "UnlockerAssistant"="\"C:\\Programme\\Unlocker\\UnlockerAssistant.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL] "Installed"="1" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI] "Installed"="1" "NoChange"="1" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS] "Installed"="1" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components] "DeskHtmlVersion"=dword:00000110 "DeskHtmlMinorVersion"=dword:00000005 "Settings"=dword:00000001 "GeneralFlags"=dword:00000000 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components\0] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="Die derzeitige Homepage" "Flags"=dword:00000002 "Position"=hex:2c,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,e2,02,00,00,00,\ 00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00 "CurrentState"=hex:04,00,00,40 "OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\ ff,ff,04,00,00,00 "RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\ 00,00,01,00,00,00 [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE" [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\shellexecutehooks] "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"="" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 "ClearRecentDocsOnExit"=dword:00000001 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\Run] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] "dontdisplaylastusername"=dword:00000000 "legalnoticecaption"="" "legalnoticetext"="" "shutdownwithoutlogon"=dword:00000001 "undockwithoutlogon"=dword:00000001 "SynchronousMachineGroupPolicy"=dword:00000000 "SynchronousUserGroupPolicy"=dword:00000000 [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] "PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}" "CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}" "WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" "SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}" "UPnPMonitor"="{e57ce738-33e8-4c51-8354-bb4de9d215d1}" HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders securityproviders REG_SZ msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll Completion time: 05.10.2006 9:50:17.43 ComboFix.txt ComboFix2.txt |
|
|
||
05.10.2006, 12:00
Ehrenmitglied
Beiträge: 29434 |
#4
poste noch mal das log vom HijackThis, aber so:
--> None of the above just start the program --> Save--> Savelog -->es öffnet sich der Editor nun das KOMPLETTE Log mit rechtem Mausklick abkopieren und ins Forum mit rechtem Mausklick "einfügen" __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
05.10.2006, 12:17
...neu hier
Themenstarter Beiträge: 5 |
#5
Logfile of HijackThis v1.99.1
Scan saved at 12:15:09, on 05.10.2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Mixer.exe C:\WINDOWS\system32\rundll32.exe C:\Programme\ProcessGuard\pgaccount.exe C:\Programme\Java\jre1.5.0_08\bin\jusched.exe C:\Programme\Sunbelt Software\CounterSpy\Consumer\sunserver.exe C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe C:\Programme\Unlocker\UnlockerAssistant.exe C:\WINDOWS\system32\ctfmon.exe C:\Programme\ProcessGuard\procguard.exe C:\WINDOWS\system32\cisvc.exe C:\Programme\ProcessGuard\dcsuserprot.exe C:\WINDOWS\SYSTEM32\GEARSEC.EXE C:\WINDOWS\System32\nvsvc32.exe C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\SYSTEM32\cidaemon.exe C:\Programme\Java\jre1.5.0_08\bin\javaw.exe C:\WINDOWS\explorer.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\Programme\DAEMON Tools\daemon.exe C:\Programme\Sunbelt Software\CounterSpy\Consumer\Thread.exe C:\Programme\Sunbelt Software\CounterSpy\Consumer\SunProtectionServer.exe C:\WINDOWS\System32\imapi.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Programme\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\spider.exe C:\Programme\Java\jre1.5.0_08\bin\javaw.exe C:\WINDOWS\system32\taskmgr.exe C:\Programme\Java\jre1.5.0_08\bin\javaw.exe C:\Programme\Internet Explorer\iexplore.exe C:\Programme\Java\jre1.5.0_08\bin\javaw.exe C:\WINDOWS\PCHealth\HelpCtr\Binaries\helpctr.exe C:\WINDOWS\system32\restore\rstrui.exe C:\Programme\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.internetcologne.de/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.5.0_08\bin\ssv.dll O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\Programme\FlashFXP\IEFlash.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [KAVPersonal50] "C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kav.exe" /minimize O4 - HKLM\..\Run: [!1_pgaccount] "C:\Programme\ProcessGuard\pgaccount.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre1.5.0_08\bin\jusched.exe" O4 - HKLM\..\Run: [SunServer] C:\Programme\Sunbelt Software\CounterSpy\Consumer\sunserver.exe O4 - HKLM\..\Run: [Zone Labs Client] "C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Programme\Unlocker\UnlockerAssistant.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [NBJ] "C:\Programme\Ahead\Nero BackItUp\NBJ.exe" O4 - HKCU\..\Run: [!1_ProcessGuard_Startup] "C:\Programme\ProcessGuard\procguard.exe" -minimize O4 - Startup: Adobe Gamma.lnk = C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_08\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_08\bin\ssv.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\Office\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O12 - Plugin for .pdf: C:\Programme\Internet Explorer\PLUGINS\nppdf32.dll O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/german/kavwebscan_unicode.cab O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewido.net/ewidoOnlineScan.cab O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.de/scan8/oscan8.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {B1826A9F-4AA0-4510-BA77-9013E74E4B9B} - http://www.trendmicro.com/spyware-scan/as4web.cab O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab O23 - Service: DiamondCS Process Guard Service v3.000 (DCSPGSRV) - DiamondCS - C:\Programme\ProcessGuard\dcsuserprot.exe O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\SYSTEM32\GEARSEC.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: kavsvc - Kaspersky Lab - C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kavsvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe Hoffe, es ist so richtig? Lieben Dank |
|
|
||
05.10.2006, 12:23
Ehrenmitglied
Beiträge: 29434 |
#6
es ist alles in Ordnung
und bei dem Arsenal an Antiviren-Proggies, die du geladen hast, nehme ich an, dass auch alles sauber ist. __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
05.10.2006, 12:27
...neu hier
Themenstarter Beiträge: 5 |
||
|
||
bin zwar leider ein blutiger Anfänger, aber ich würde euch gerne bitten mal über mein hijackthis zu schauen. Bin etwas verwirrt von der automatischen Logfileauswertung, da steht sooo viel böse drin.
Logfile of HijackThis v1.99.1
Scan saved at 00:07:01, on 05.10.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Mixer.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programme\ProcessGuard\pgaccount.exe
C:\Programme\Java\jre1.5.0_08\bin\jusched.exe
C:\Programme\Sunbelt Software\CounterSpy\Consumer\sunserver.exe
C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe
C:\Programme\Unlocker\UnlockerAssistant.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\ProcessGuard\procguard.exe
C:\WINDOWS\system32\cisvc.exe
C:\Programme\ProcessGuard\dcsuserprot.exe
C:\WINDOWS\SYSTEM32\GEARSEC.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\SYSTEM32\cidaemon.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Programme\Java\jre1.5.0_08\bin\javaw.exe
C:\WINDOWS\system32\spider.exe
C:\WINDOWS\explorer.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Bases_X\mwav\mwavscan.com
C:\Bases_X\mwav\kavss.exe
C:\Programme\DAEMON Tools\daemon.exe
C:\Programme\Sunbelt Software\CounterSpy\Consumer\CounterSpy.exe
C:\Programme\Sunbelt Software\CounterSpy\Consumer\Thread.exe
C:\Programme\Sunbelt Software\CounterSpy\Consumer\SunProtectionServer.exe
C:\WINDOWS\System32\imapi.exe
C:\Programme\HijackThis\hijackthis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.internetcologne.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
O1 - Hosts: # Copyright (c) 1993-1999 Microsoft Corp.
O1 - Hosts: #
O1 - Hosts: # Dies ist eine HOSTS-Beispieldatei, die von Microsoft TCP/IP
O1 - Hosts: # für Windows 2000 verwendet wird.
O1 - Hosts: #
O1 - Hosts: # Diese Datei enthält die Zuordnungen der IP-Adressen zu Hostnamen.
O1 - Hosts: # Jeder Eintrag muss in einer eigenen Zeile stehen. Die IP-
O1 - Hosts: # Adresse sollte in der ersten Spalte gefolgt vom zugehörigen
O1 - Hosts: # Hostnamen stehen.
O1 - Hosts: # Die IP-Adresse und der Hostname müssen durch mindestens ein
O1 - Hosts: # Leerzeichen getrennt sein.
O1 - Hosts: #
O1 - Hosts: # Zusätzliche Kommentare (so wie in dieser Datei) können in
O1 - Hosts: # einzelnen Zeilen oder hinter dem Computernamen eingefügt werden,
O1 - Hosts: # aber müssen mit dem Zeichen '#' eingegeben werden.
O1 - Hosts: #
O1 - Hosts: # Zum Beispiel:
O1 - Hosts: #
O1 - Hosts: # 102.54.94.97 rhino.acme.com # Quellserver
O1 - Hosts: # 38.25.63.10 x.acme.com # x-Clienthost
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.5.0_08\bin\ssv.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\Programme\FlashFXP\IEFlash.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [KAVPersonal50] "C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kav.exe" /minimize
O4 - HKLM\..\Run: [!1_pgaccount] "C:\Programme\ProcessGuard\pgaccount.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre1.5.0_08\bin\jusched.exe"
O4 - HKLM\..\Run: [SunServer] C:\Programme\Sunbelt Software\CounterSpy\Consumer\sunserver.exe
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Programme\Unlocker\UnlockerAssistant.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NBJ] "C:\Programme\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [!1_ProcessGuard_Startup] "C:\Programme\ProcessGuard\procguard.exe" -minimize
O4 - Startup: Adobe Gamma.lnk = C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\Office\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\mswsock.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\winrnr.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\mswsock.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wshbth.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\mswsock.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\mswsock.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\mswsock.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\rsvpsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\rsvpsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\mswsock.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\mswsock.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\mswsock.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\mswsock.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\mswsock.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\mswsock.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\mswsock.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\mswsock.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\mswsock.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\mswsock.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\mswsock.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\mswsock.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\mswsock.dll
O12 - Plugin for .pdf: C:\Programme\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: DirectAnimation Java Classes - file://C:\WINDOWS\Java\classes\dajava.cab
O16 - DPF: Microsoft XML Parser for Java - file://C:\WINDOWS\Java\classes\xmldso.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/german/kavwebscan_unicode.cab
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.de/scan8/oscan8.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.5.0) - http://java.sun.com/update/1.5.0/jinstall-1_5_0_08-windows-i586.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {B1826A9F-4AA0-4510-BA77-9013E74E4B9B} - http://www.trendmicro.com/spyware-scan/as4web.cab
O16 - DPF: {CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA} (Java Runtime Environment 1.5.0) - http://java.sun.com/update/1.5.0/jinstall-1_5_0_08-windows-i586.cab
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Runtime Environment 1.5.0) - http://java.sun.com/update/1.5.0/jinstall-1_5_0_08-windows-i586.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O18 - Protocol: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll
O18 - Protocol: cdl - {3DD53D40-7B8B-11D0-B013-00AA0059CE02} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll
O18 - Protocol: file - {79EAC9E7-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: ftp - {79EAC9E3-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: gopher - {79EAC9E4-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: http - {79EAC9E2-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: https - {79EAC9E5-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: ipp - (no CLSID) - (no file)
O18 - Protocol: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll
O18 - Protocol: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll
O18 - Protocol: local - {79EAC9E7-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: mailto - {3050F3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll
O18 - Protocol: mhtml - {05300401-BCBC-11D0-85E3-00C04FD85AB4} - C:\WINDOWS\System32\inetcomm.dll
O18 - Protocol: mk - {79EAC9E6-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll
O18 - Protocol: msdaipp - (no CLSID) - (no file)
O18 - Protocol: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBCOM~1\10\OWC10.DLL
O18 - Protocol: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBCOM~1\11\OWC11.DLL
O18 - Protocol: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll
O18 - Protocol: sysimage - {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\System32\mshtml.dll
O18 - Protocol: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll
O18 - Protocol: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll
O18 - Protocol: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\System32\wiascr.dll
O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll
O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll
O18 - Filter: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll
O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll
O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll
O18 - Filter: lzdhtml - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll
O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\SHELL32.dll
O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\SHELL32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\System32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\System32\stobject.dll
O21 - SSODL: UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll
O23 - Service: Gatewaydienst auf Anwendungsebene (ALG) - Microsoft Corporation - C:\WINDOWS\System32\alg.exe
O23 - Service: Anwendungsverwaltung (AppMgmt) - Microsoft Corporation - C:\WINDOWS\system32\svchost.exe
O23 - Service: ASP.NET State Service (aspnet_state) - Microsoft Corporation - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
O23 - Service: Windows Audio (AudioSrv) - Microsoft Corporation - C:\WINDOWS\System32\svchost.exe
O23 - Service: Intelligenter Hintergrundübertragungsdienst (BITS) - Microsoft Corporation - C:\WINDOWS\System32\svchost.exe
O23 - Service: Computerbrowser (Browser) - Microsoft Corporation - C:\WINDOWS\System32\svchost.exe
O23 - Service: Bluetooth Support Service (BthServ) - Microsoft Corporation - C:\WINDOWS\system32\svchost.exe
O23 - Service: Indexdienst (CiSvc) - Microsoft Corporation - C:\WINDOWS\system32\cisvc.exe
O23 - Service: .NET Runtime Optimization Service v2.0.50727_X86 (clr_optimization_v2.0.50727_32) - Microsoft Corporation - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
O23 - Service: COM+-Systemanwendung (COMSysApp) - Microsoft Corporation - C:\WINDOWS\System32\dllhost.exe
O23 - Service: Kryptografiedienste (CryptSvc) - Microsoft Corporation - C:\WINDOWS\system32\svchost.exe
O23 - Service: DCOM-Server-Prozessstart (DcomLaunch) - Microsoft Corporation - C:\WINDOWS\system32\svchost.exe
O23 - Service: DiamondCS Process Guard Service v3.000 (DCSPGSRV) - DiamondCS - C:\Programme\ProcessGuard\dcsuserprot.exe
O23 - Service: DHCP-Client (Dhcp) - Microsoft Corporation - C:\WINDOWS\System32\svchost.exe
O23 - Service: Verwaltungsdienst für die Verwaltung logischer Datenträger (dmadmin) - Microsoft Corp., Veritas Software - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Verwaltung logischer Datenträger (dmserver) - Microsoft Corporation - C:\WINDOWS\System32\svchost.exe
O23 - Service: DNS-Client (Dnscache) - Microsoft Corporation - C:\WINDOWS\System32\svchost.exe
O23 - Service: Ereignisprotokoll (Eventlog) - Microsoft Corporation - C:\WINDOWS\system32\services.exe
O23 - Service: COM+-Ereignissystem (EventSystem) - Microsoft Corporation - C:\WINDOWS\System32\svchost.exe
O23 - Service: Kompatibilität für schnelle Benutzerumschaltung (FastUserSwitchingCompatibility) - Microsoft Corporation - C:\WINDOWS\System32\svchost.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\SYSTEM32\GEARSEC.EXE
O23 - Service: Hilfe und Support (helpsvc) - Microsoft Corporation - C:\WINDOWS\System32\svchost.exe
O23 - Service: HID Input Service (HidServ) - Microsoft Corporation - C:\WINDOWS\System32\svchost.exe
O23 - Service: HTTP-SSL (HTTPFilter) - Microsoft Corporation - C:\WINDOWS\System32\svchost.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: IMAPI-CD-Brenn-COM-Dienste (ImapiService) - Microsoft Corporation - C:\WINDOWS\System32\imapi.exe
O23 - Service: kavsvc - Kaspersky Lab - C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kavsvc.exe
O23 - Service: Server (lanmanserver) - Microsoft Corporation - C:\WINDOWS\System32\svchost.exe
O23 - Service: Arbeitsstationsdienst (lanmanworkstation) - Microsoft Corporation - C:\WINDOWS\System32\svchost.exe
O23 - Service: TCP/IP-NetBIOS-Hilfsprogramm (LmHosts) - Microsoft Corporation - C:\WINDOWS\System32\svchost.exe
O23 - Service: Nachrichtendienst (Messenger) - Microsoft Corporation - C:\WINDOWS\System32\svchost.exe
O23 - Service: NetMeeting-Remotedesktop-Freigabe (mnmsrvc) - Microsoft Corporation - C:\WINDOWS\System32\mnmsrvc.exe
O23 - Service: Distributed Transaction Coordinator (MSDTC) - Microsoft Corporation - C:\WINDOWS\System32\msdtc.exe
O23 - Service: Windows Installer (MSIServer) - Microsoft Corporation - C:\WINDOWS\system32\msiexec.exe
O23 - Service: Anmeldedienst (Netlogon) - Microsoft Corporation - C:\WINDOWS\System32\lsass.exe
O23 - Service: Netzwerkverbindungen (Netman) - Microsoft Corporation - C:\WINDOWS\System32\svchost.exe
O23 - Service: NLA (Network Location Awareness) (Nla) - Microsoft Corporation - C:\WINDOWS\System32\svchost.exe
O23 - Service: NT-LM-Sicherheitsdienst (NtLmSsp) - Microsoft Corporation - C:\WINDOWS\System32\lsass.exe
O23 - Service: Wechselmedien (NtmsSvc) - Microsoft Corporation - C:\WINDOWS\system32\svchost.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Office Source Engine (ose) - Microsoft Corporation - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
O23 - Service: Plug & Play (PlugPlay) - Microsoft Corporation - C:\WINDOWS\system32\services.exe
O23 - Service: IPSEC-Dienste (PolicyAgent) - Microsoft Corporation - C:\WINDOWS\System32\lsass.exe
O23 - Service: Geschützter Speicher (ProtectedStorage) - Microsoft Corporation - C:\WINDOWS\system32\lsass.exe
O23 - Service: Verwaltung für automatische RAS-Verbindung (RasAuto) - Microsoft Corporation - C:\WINDOWS\System32\svchost.exe
O23 - Service: RAS-Verbindungsverwaltung (RasMan) - Microsoft Corporation - C:\WINDOWS\System32\svchost.exe
O23 - Service: Sitzungs-Manager für Remotedesktophilfe (RDSessMgr) - Microsoft Corporation - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Remote-Registrierung (RemoteRegistry) - Microsoft Corporation - C:\WINDOWS\system32\svchost.exe
O23 - Service: RPC-Locator (RpcLocator) - Microsoft Corporation - C:\WINDOWS\System32\locator.exe
O23 - Service: Remoteprozeduraufruf (RPC) (RpcSs) - Microsoft Corporation - C:\WINDOWS\system32\svchost.exe
O23 - Service: QoS-RSVP (RSVP) - Microsoft Corporation - C:\WINDOWS\System32\rsvp.exe
O23 - Service: Sicherheitskontenverwaltung (SamSs) - Microsoft Corporation - C:\WINDOWS\system32\lsass.exe
O23 - Service: Smartcard (SCardSvr) - Microsoft Corporation - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Taskplaner (Schedule) - Microsoft Corporation - C:\WINDOWS\System32\svchost.exe
O23 - Service: Sekundäre Anmeldung (seclogon) - Microsoft Corporation - C:\WINDOWS\System32\svchost.exe
O23 - Service: Systemereignisbenachrichtigung (SENS) - Microsoft Corporation - C:\WINDOWS\system32\svchost.exe
O23 - Service: Windows-Firewall/Gemeinsame Nutzung der Internetverbindung (SharedAccess) - Microsoft Corporation - C:\WINDOWS\System32\svchost.exe
O23 - Service: Shellhardwareerkennung (ShellHWDetection) - Microsoft Corporation - C:\WINDOWS\System32\svchost.exe
O23 - Service: Druckwarteschlange (Spooler) - Microsoft Corporation - C:\WINDOWS\system32\spoolsv.exe
O23 - Service: Systemwiederherstellungsdienst (srservice) - Microsoft Corporation - C:\WINDOWS\System32\svchost.exe
O23 - Service: SSDP-Suchdienst (SSDPSRV) - Microsoft Corporation - C:\WINDOWS\System32\svchost.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: Windows-Bilderfassung (WIA) (stisvc) - Microsoft Corporation - C:\WINDOWS\System32\svchost.exe
O23 - Service: MS Software Shadow Copy Provider (SwPrv) - Microsoft Corporation - C:\WINDOWS\System32\dllhost.exe
O23 - Service: Leistungsdatenprotokolle und Warnungen (SysmonLog) - Microsoft Corporation - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Telefonie (TapiSrv) - Microsoft Corporation - C:\WINDOWS\System32\svchost.exe
O23 - Service: Terminaldienste (TermService) - Microsoft Corporation - C:\WINDOWS\System32\svchost.exe
O23 - Service: Designs (Themes) - Microsoft Corporation - C:\WINDOWS\System32\svchost.exe
O23 - Service: Überwachung verteilter Verknüpfungen (Client) (TrkWks) - Microsoft Corporation - C:\WINDOWS\system32\svchost.exe
O23 - Service: Windows User Mode Driver Framework (UMWdf) - Microsoft Corporation - C:\WINDOWS\system32\wdfmgr.exe
O23 - Service: Unterbrechungsfreie Stromversorgung (UPS) - Microsoft Corporation - C:\WINDOWS\System32\ups.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: Volumeschattenkopie (VSS) - Microsoft Corporation - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Webclient (WebClient) - Microsoft Corporation - C:\WINDOWS\System32\svchost.exe
O23 - Service: Windows-Verwaltungsinstrumentation (winmgmt) - Microsoft Corporation - C:\WINDOWS\system32\svchost.exe
O23 - Service: Dienst für Seriennummern der tragbaren Medien (WmdmPmSN) - Microsoft Corporation - C:\WINDOWS\System32\svchost.exe
O23 - Service: Treibererweiterungen für Windows-Verwaltungsinstrumentation (Wmi) - Microsoft Corporation - C:\WINDOWS\System32\svchost.exe
O23 - Service: WMI-Leistungsadapter (WmiApSrv) - Microsoft Corporation - C:\WINDOWS\System32\wbem\wmiapsrv.exe
O23 - Service: Sicherheitscenter (wscsvc) - Microsoft Corporation - C:\WINDOWS\System32\svchost.exe
O23 - Service: Konfigurationsfreie drahtlose Verbindung (WZCSVC) - Microsoft Corporation - C:\WINDOWS\System32\svchost.exe
O23 - Service: Netzwerkversorgungsdienst (xmlprov) - Microsoft Corporation - C:\WINDOWS\System32\svchost.exe
Schonmal vielen Dank vorab
Gruß
Tweety