Spyware Detection Alert |
||
|---|---|---|
| #0
| ||
|
21.02.2007, 16:27
...neu hier
Beiträge: 2 |
||
 
|
|
|
|
21.02.2007, 22:07
Ehrenmitglied
 Beiträge: 29434 |
#2
Bernd171257
«« stelle den CleanUp genauso ein, wie hier angegeben: http://virus-protect.org/cleanup.html «« Kopiere diese 6 Textdateien ab . (rechtsklick mit der Maus -> den Text markieren -> kopieren -> einfügen) Sie sind nach Datum geordnet. (kopiere nur die letzten 3 Monate ab) http://virus-protect.org/datfindbat.html «« ServiceFilter.zip http://virus-protect.org/artikel/tools/ServiceFilter.zip - entzippen - doppelklick auf die datei ServiceFilter.vbs - versions-nummer bestätigen - scannen - öffnen von wordpad oder editor erlauben - POST_THIS.TXT abkopieren »» poste dieses log http://virus-protect.org/artikel/tools/comboscan.html __________ MfG Sabina rund um die PC-Sicherheit |
|
|
|
|
|
|
22.02.2007, 15:12
...neu hier
Themenstarter Beiträge: 2 |
#3
«
22.02.2007 15:06 405 down.txt 22.02.2007 15:06 117 tmp.txt 22.02.2007 15:06 3.205 system.txt 22.02.2007 15:06 346 systemtemp.txt 22.02.2007 15:06 117.259 system32.txt 22.02.2007 14:48 1.073.274.880 hiberfil.sys 22.02.2007 14:48 1.387.200.512 pagefile.sys 02.11.2006 10:53 438.840 bootmgr 18.09.2006 22:43 10 config.sys 18.09.2006 22:43 24 autoexec.bat 14 Datei(en), 2.461.145.384 Bytes 0 Verzeichnis(se), 21.236.834.304 Bytes frei 11.12.2006 16:44 367 LegitCheckControl.inf 09.11.2006 14:36 5.019 swflash.inf 18.09.2006 22:26 65 desktop.ini 3 Datei(en), 5.451 Bytes 0 Verzeichnis(se), 21.236.834.304 Bytes frei Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: C4B7-6CD3 Verzeichnis von C:\Windows\Temp 22.02.2007 14:56 240.851 WindowsUpdate.log 22.02.2007 14:48 67.584 bootstat.dat 21.02.2007 18:11 26.840 DirectX.log 21.02.2007 17:39 3.992 avminstcli1.log 21.02.2007 17:39 2.200 avmadd32.log 21.02.2007 17:39 1.766 avminstcli.log 21.02.2007 17:08 39.325 avmfwlanci.log 20.02.2007 17:15 5.976 avmadd321.log 20.02.2007 17:14 5.230 avmsetup.log 20.02.2007 17:14 17.244 avmacc.log 20.02.2007 17:14 371 avmcowlan.log 20.02.2007 17:13 448 avmcowlan1.log 19.02.2007 19:25 199 WISO.INI 19.02.2007 19:24 639.488 fpuninst.exe 19.02.2007 19:15 1.908 KB867460.log 28.12.2006 01:02 7.031 instwcli.inf 02.11.2006 13:52 0 setuperr.log 02.11.2006 13:50 749 WindowsShell.Manifest 02.11.2006 13:47 94 SETUPAPI.LOG 02.11.2006 13:35 316.640 WMSysPr9.prx 02.11.2006 13:34 49.680 twunk_16.exe 02.11.2006 13:34 31.232 twunk_32.exe 02.11.2006 13:34 50.688 twain_32.dll 02.11.2006 13:34 94.784 twain.dll 02.11.2006 13:34 151.040 notepad.exe 02.11.2006 10:45 9.216 winhlp32.exe 02.11.2006 10:45 134.656 regedit.exe 02.11.2006 10:45 497.152 HelpPane.exe 02.11.2006 10:45 14.848 hh.exe 02.11.2006 10:45 13.312 fveupdate.exe 02.11.2006 10:45 2.923.520 explorer.exe 02.11.2006 10:44 50.176 bfsvc.exe 02.11.2006 08:46 43.131 mib.bin 22.02.2007 15:03 3.564 ~loroqec.tmp 31.10.2006 00:00 145.184 ose00000.exe 2 Datei(en), 148.748 Bytes 0 Verzeichnis(se), 21.236.899.840 Bytes frei 22.02.2007 14:57 617.860 perfh009.dat 22.02.2007 14:57 107.004 perfc009.dat 22.02.2007 14:57 650.364 perfh007.dat 22.02.2007 14:57 120.530 perfc007.dat 22.02.2007 14:57 1.488.910 PerfStringBackup.INI 22.02.2007 14:50 2.464 7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 22.02.2007 14:50 2.464 7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 19.02.2007 20:16 3.139 jupdate-1.4.2_03-b02.log 19.02.2007 19:59 374.240 FNTCACHE.DAT 19.02.2007 13:43 104.448 DWWIN.EXE 19.02.2007 13:42 3.580.416 mshtml.dll 19.02.2007 13:41 383.488 ieapfltr.dll 19.02.2007 13:41 4.153.344 GameUXLegacyGDFs.dll 19.02.2007 13:41 1.686.016 gameux.dll 19.02.2007 13:40 974.336 crypt32.dll 12.02.2007 18:55 364.544 cjpcsc32.dll 11.02.2007 20:14 40.426 cjbc_en.lan 11.02.2007 20:11 43.402 cjbc_de.lan 09.02.2007 13:40 593.920 cjpcsc.exe 09.02.2007 13:39 303.104 ctrsct32.dll 09.02.2007 13:38 638.976 cjpcscui.exe 07.02.2007 23:01 12.293.536 mrt.exe 30.01.2007 10:38 60.702 rsct_pv_start.wav 30.01.2007 10:38 60.702 rsct_mv_start.wav 30.01.2007 10:38 157.808 cjppa32.dll 30.01.2007 10:38 47.616 cjKbBase.dll 30.01.2007 10:38 13.084 rsct_key_clear.wav 30.01.2007 10:38 4.636 rsct_key_1.wav 30.01.2007 10:38 656 rsct_key.wav 30.01.2007 10:38 18.192 Psap64f5.rra 30.01.2007 10:38 13.026 rsct_key_err.wav 20.01.2007 00:53 3.584 timerstop.sys 15.01.2007 18:32 689.280 aswBoot.exe 15.01.2007 18:23 90.112 AVASTSS.scr 28.12.2006 01:02 74.240 fwlanci.dll 28.12.2006 01:02 68.096 avmadd32.dll 19.12.2006 16:14 266.240 rsct_pnp.dll 12.12.2006 10:45 1.474.864 LegitCheckControl.DLL HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\TabletInputService HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\TBS HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\TrustedInstaller HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\volmgr.sys HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\volmgrx.sys HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F} HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7} HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6} [HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost] LocalService REG_MULTI_SZ nsi\0lltdsvc\0SSDPSRV\0upnphost\0SCardSvr\0w32time\0EventSystem\0RemoteRegistry\0WinHttpAutoProxySvc\ 0lanmanworkstation\0TBS\0SLUINotify\0THREADORDER\0fdrespub\0netprofm\0fdphost\ 0wcncsvc\0QWAVE\0Mcx2Svc\0WebClient\0\0 LocalSystemNetworkRestricted REG_MULTI_SZ hidserv\0UxSms\0WdiSystemHost\0Netman\0trkwks\0AudioEndpointBuilder\0WUDFSvc\ 0irmon\0sysmain\0IPBusEnum\0dot3svc\0PcaSvc\0EMDMgmt\0TabletInputService\0wlansvc\0WPDBusEnum\0\0 NetworkServiceNetworkRestricted REG_MULTI_SZ PolicyAgent\0\0 LocalServiceNoNetwork REG_MULTI_SZ PLA\0DPS\0BFE\0mpssvc\0ehstart\0\0 NetworkService REG_MULTI_SZ CryptSvc\0DHCP\0TermService\0KtmRm\0DNSCache\0NapAgent\0nlasvc\0WinRM\0WECSVC\0Tapisrv\0\0 termsvcs REG_MULTI_SZ TermService\0\0 WerSvcGroup REG_MULTI_SZ wersvc\0\0 swprv REG_MULTI_SZ swprv\0\0 LocalServiceNetworkRestricted REG_MULTI_SZ DHCP\0eventlog\0AudioSrv\0LmHosts\0wscsvc\0p2pimsvc\0PNRPSvc\0p2psvc\0WPCSvc\0PnrpAutoReg\0\0 rpcss REG_MULTI_SZ RpcSs\0\0 regsvc REG_MULTI_SZ RemoteRegistry\0\0 wcssvc REG_MULTI_SZ WcsPlugInService\0\0 DcomLaunch REG_MULTI_SZ PlugPlay\0DcomLaunch\0\0 wdisvc REG_MULTI_SZ WdiServiceHost\0\0 sdrsvc REG_MULTI_SZ sdrsvc\0\0 imgsvc REG_MULTI_SZ StiSvc\0\0 secsvcs REG_MULTI_SZ WinDefend\0\0 HKLM\software\Microsoft\Windows NT\CurrentVersion\Svchost *netsvcs* AeLookupSvc UxTuneUp wercplsupport CertPropSvc SCPolicySvc gpsvc IKEEXT LogonHours PCAudit iphlpsvc AppInfo msiscsi MMCSS ProfSvc EapHost SessionEnv hkmsvc ComboScan v20070221.16 run by Bernd on 2007-02-22 at 15:00:05 Supplementary logfile - please post this as an attachment with your post. -------------------------------------------------------------------------------- -- System Information ----------------------------------------------------------- Microsoft® Windows Vista™ Home Premium (build 6000) Architecture: X86; Language: German CPU 0: AMD Athlon(tm) XP Percentage of Memory in Use: 53% Physical Memory (total/avail): 1022.94 MiB / 472.39 MiB Pagefile Memory (total/avail): 2301.9 MiB / 1652.78 MiB Virtual Memory (total/avail): 2047.88 MiB / 1942.48 MiB A: is Removable (FAT) C: is Fixed (NTFS) - 37.27 GiB total, 19.88 GiB free. D: is CDROM (No Media) E: is CDROM (No Media) -- Security Center -------------------------------------------------------------- AUOptions is scheduled to auto-install. Windows Internal Firewall is enabled. AV: avast! antivirus 4.7.942 [VPS 000716-0] v4.7.942 (ALWIL Software) AS: Windows-Defender v1.1.1505.0 (Microsoft Corporation) -- Environment Variables -------------------------------------------------------- windir=C:\Windows ZKA_SIG_HOME=C:\Program Files\REINER SCT\cyberJack -- User Profiles ---------------------------------------------------------------- Bernd -- Add/Remove Programs ---------------------------------------------------------- --> C:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL --> C:\Windows\UNNeroBackItUp.exe /UNINSTALL --> C:\Windows\UNNeroMediaHome.exe /UNINSTALL --> C:\Windows\UNNeroShowTime.exe /UNINSTALL --> C:\Windows\UNNeroVision.exe /UNINSTALL --> C:\Windows\UNRecode.exe /UNINSTALL 1&1 FotoManager --> "C:\Program Files\1&1 FotoManager\unins000.exe" 1&1 VirtuSafe --> C:\PROGRA~1\1&1INT~1\VIRTUS~1\UNWISE.EXE C:\PROGRA~1\1&1INT~1\VIRTUS~1\INSTALL.LOG Adobe Flash Player 9 ActiveX --> C:\Windows\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete Adobe Reader 8 - Deutsch --> MsiExec.exe /I{AC76BA86-7AD7-1031-7B44-A80000000002} Agfa ScanWise 2.00 --> C:\Windows\IsUn0407.exe -f"C:\Program Files\Agfa\ScanWise 2_00\uninst.isu" -c"C:\Program Files\Agfa\ScanWise 2_00\UNINSTALL.DLL" AGFAnet Print Service --> C:\PROGRA~1\AGFAnet\INTERN~1\UNWISE.EXE C:\PROGRA~1\AGFAnet\INTERN~1\INSTALL.LOG appleJuice Client --> "C:\Program Files\appleJuice\unins000.exe" Ask Toolbar --> rundll32 C:\PROGRA~1\AskTBar\bar\1.bin\AskTBar.dll,O avast! Antivirus --> rundll32 C:\PROGRA~1\ALWILS~1\Avast4\Setup\setiface.dll,RunSetup CleanUp! --> C:\Program Files\CleanUp!\uninstall.exe cyberJack Base Components --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FC338210-F594-11D3-BA24-00001C3AB4DF}\setup.exe" -l0x7 -removeonly IsoBuster 2.0 --> "C:\Program Files\Smart Projects\IsoBuster\Uninst\unins000.exe" Java 2 Runtime Environment, SE v1.4.2_03 --> MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142030} LetsTrade Komponenten --> C:\Windows\fpuninst.exe -uninstall:"c:\program files\letstrade\uninst\uninst.ini" Mein Geld Standard --> MsiExec.exe /I{04E4F3CE-A34E-4667-8DE9-147249FAE468} Microsoft .NET Framework 1.1 --> msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1 --> MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1 German Language Pack --> MsiExec.exe /X{E78BFA60-5393-4C38-82AB-E8019E464EB4} Microsoft Office Access MUI (German) 2007 --> MsiExec.exe /X{90120000-0015-0407-0000-0000000FF1CE} Microsoft Office Enterprise 2007 --> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL Microsoft Office Enterprise 2007 --> MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE} Microsoft Office Excel MUI (German) 2007 --> MsiExec.exe /X{90120000-0016-0407-0000-0000000FF1CE} Microsoft Office Groove MUI (German) 2007 --> MsiExec.exe /X{90120000-00BA-0407-0000-0000000FF1CE} Microsoft Office InfoPath MUI (German) 2007 --> MsiExec.exe /X{90120000-0044-0407-0000-0000000FF1CE} Microsoft Office OneNote MUI (German) 2007 --> MsiExec.exe /X{90120000-00A1-0407-0000-0000000FF1CE} Microsoft Office Outlook MUI (German) 2007 --> MsiExec.exe /X{90120000-001A-0407-0000-0000000FF1CE} Microsoft Office PowerPoint MUI (German) 2007 --> MsiExec.exe /X{90120000-0018-0407-0000-0000000FF1CE} Microsoft Office Proof (English) 2007 --> MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE} Microsoft Office Proof (French) 2007 --> MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE} Microsoft Office Proof (German) 2007 --> MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE} Microsoft Office Proof (Italian) 2007 --> MsiExec.exe /X{90120000-001F-0410-0000-0000000FF1CE} Microsoft Office Proofing (German) 2007 --> MsiExec.exe /X{90120000-002C-0407-0000-0000000FF1CE} Microsoft Office Publisher MUI (German) 2007 --> MsiExec.exe /X{90120000-0019-0407-0000-0000000FF1CE} Microsoft Office Shared MUI (German) 2007 --> MsiExec.exe /X{90120000-006E-0407-0000-0000000FF1CE} Microsoft Office Word MUI (German) 2007 --> MsiExec.exe /X{90120000-001B-0407-0000-0000000FF1CE} Mozilla Firefox (2.0.0.1) --> C:\Program Files\Mozilla Firefox\uninstall\uninst.exe Nero 7 --> MsiExec.exe /I{42F7C377-2A1F-44FB-A17F-053C29E81031} TuneUp Utilities 2007 --> MsiExec.exe /I{C8BB4912-12D9-42AE-B571-E580D8CD1B5B} WinRAR Archivierer --> C:\Program Files\WinRAR\uninstall.exe XAMPP 1.6.0 --> "C:\Program Files\xampp\uninstall.exe" -- End of ComboScan: finished at 2007-02-22 at 15:03:50 ------------------------- |
|
|
|
|
|
|
22.02.2007, 16:08
Ehrenmitglied
Beiträge: 29434 |
#4
Bernd171257
poste bitte noch mal die 6 logs von datfind bat und ich waere dir sehr verbunden, wenn es nicht wie kraut und Rueben dabei zuginge, sondern oberhalb von jedem log den dazugehoerigen Pfad mit reinkopieren » das log von comboscan ist ebenfalls nicht komplett  - noch mal bitte«« catchme http://gmer.net/catchme.exe click the catchme.exe - catchme.log - poste das log «« ServiceFilter.zip http://virus-protect.org/artikel/tools/ServiceFilter.zip - entzippen - doppelklick auf die datei ServiceFilter.vbs - versions-nummer bestätigen - scannen - öffnen von wordpad oder editor erlauben - POST_THIS.TXT abkopieren __________ MfG Sabina rund um die PC-Sicherheit |
|
|
|
|
|
Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!
bitte erst » hier kostenlos registrieren!!
Folgende Themen könnten Dich auch interessieren:
Seite(n): 1
Copyright © 2024, Protecus.de - Protecus Team - Impressum / Mediadaten
Ich werde das Programm
nicht loss brauche Hilfe
anbei meine Logfile
Logfile of HijackThis v1.99.1
Scan saved at 16:20:12, on 21.02.2007
Platform: Unknown Windows (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16386)
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Windows\System32\v6.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\1&1 Internet\VirtuSafe\VirtuSafe.exe
C:\Program Files\avmwlanstick\WLanGUI.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\Users\Bernd\AppData\Local\Temp\Rar$EX00.812\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [syswin] C:\Windows\system32\v6.exe
O4 - HKLM\..\Run: [CTDrive] rundll32.exe C:\Windows\system32\drvpuj.dll,startup
O4 - HKLM\..\Run: [{C4B76CD3-044C-1031-1021-040031}] "C:\Program Files\Common Files\{C4B76CD3-044C-1031-1021-040031}\Update.exe" mc-110-12-0000272
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [1&1 VirtuSafe] "c:\progra~1\1&1int~1\virtus~1\virtusafe.exe"
O4 - HKLM\..\Run: [AVMWlanClient] C:\Program Files\avmwlanstick\wlangui.exe
O4 - HKCU\..\Run: [Ieuu] "C:\PROGRA~1\SSEMBL~1\netdde.exe" -vt yazb
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - Global Startup: Adobe Reader - Schnellstart.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
O11 - Options group: [INTERNATIONAL] International*
O13 - Gopher Prefix:
O17 - HKLM\System\CCS\Services\Tcpip\..\{E7A10C89-A963-46D3-894F-E08DF1373E88}: NameServer = 192.168.100.1
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: pmnmmlj - C:\Windows\SYSTEM32\pmnmmlj.dll
O20 - Winlogon Notify: winnqi32 - C:\Windows\SYSTEM32\winnqi32.dll
O23 - Service: Apache2.2 - Unknown owner - C:\Program Files\xampp\apache\bin\apache.exe" -k runservice (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVM WLAN Connection Service - AVM Berlin - C:\Program Files\avmwlanstick\WlanNetService.exe
O23 - Service: cyberJack PC/SC COM Service (cjpcsc) - REINER SCT - C:\Windows\system32\cjpcsc.exe
O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)