Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!
bitte erst » hier kostenlos registrieren!!
Folgende Themen könnten Dich auch interessieren:
Seite(n): 1
Copyright © 2024, Protecus.de - Protecus Team - Impressum / Mediadaten
ComboFix 07-08-04.3 - "Sergej" 2007-08-04 15:21:18.1 [GMT 2:00] - NTFS
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1031.18.Wahr
* Created a new restore point
((((((((((((((((((((((((( Files Created from 2007-07-04 to 2007-08-04 )))))))))))))))))))))))))))))))
2007-08-03 17:25 <DIR> d----c--- C:\DriveCleaner78981782901
2007-07-31 18:57 <DIR> d-------- C:\Programme\Bullfrog
2007-07-31 16:20 <DIR> d----c--- C:\DOKUME~1\Sergej\ANWEND~1\WinRAR
2007-07-31 13:58 438,272 -ra------ C:\WINDOWS\system32\vp6vfw.dll
2007-07-31 13:58 <DIR> d-------- C:\Programme\Electronic Arts
2007-07-30 14:11 78,464 --a--c--- C:\WINDOWS\system32\dllcache\usbvideo.sys
2007-07-30 14:11 78,464 --a------ C:\WINDOWS\system32\drivers\usbvideo.sys
2007-07-29 19:53 32,592 --a------ C:\WINDOWS\system32\msonpmon.dll
2007-07-29 19:50 <DIR> d-------- C:\Programme\Microsoft Works
2007-07-29 19:49 <DIR> d-------- C:\Programme\MSBuild
2007-07-29 19:47 <DIR> d-------- C:\Programme\Microsoft.NET
2007-07-29 19:44 <DIR> d-------- C:\WINDOWS\SHELLNEW
2007-07-29 19:44 <DIR> d-------- C:\Programme\Microsoft Visual Studio 8
2007-07-29 19:39 <DIR> d----c--- C:\DOKUME~1\ALLUSE~1\ANWEND~1\Microsoft Help
2007-07-29 19:38 <DIR> dr-h-c--- C:\MSOCache
2007-07-29 19:34 <DIR> d-------- C:\Programme\Smart Projects
2007-07-26 16:17 29,704 --a------ C:\WINDOWS\system32\uxtuneup.dll
2007-07-26 16:16 <DIR> d-------- C:\Programme\Gemeinsame Dateien\Wise Installation Wizard
2007-07-13 17:30 90,112 --a------ C:\WINDOWS\system32\RegDACL.exe
2007-07-13 17:30 9,006 --a--c--- C:\clean.bat
2007-07-13 17:30 53,248 --a------ C:\WINDOWS\system32\process.exe
2007-07-13 17:30 4,096 --a------ C:\WINDOWS\system32\reboot.exe
2007-07-13 15:29 51,200 --a------ C:\WINDOWS\nircmd.exe
2007-07-13 15:08 <DIR> d----c--- C:\DOKUME~1\ALLUSE~1\ANWEND~1\Panasonic
2007-07-13 15:04 65,536 --a------ C:\WINDOWS\system32\PDvAvi3.dll
2007-07-13 15:04 65,536 --a------ C:\WINDOWS\system32\PDvAvi2.dll
2007-07-13 15:04 <DIR> d-------- C:\Programme\Gemeinsame Dateien\CNC
2007-07-13 14:56 77,824 --a------ C:\WINDOWS\system32\PAvFilt.dll
2007-07-13 14:56 36,864 --a------ C:\WINDOWS\system32\DvWrite.dll
2007-07-13 14:56 36,864 --a------ C:\WINDOWS\system32\DvRead.dll
2007-07-13 14:56 253,952 --a------ C:\WINDOWS\system32\PCodec.dll
2007-07-13 14:56 <DIR> d-------- C:\Programme\Gemeinsame Dateien\Panasonic
2007-07-13 14:55 <DIR> d-------- C:\Programme\Panasonic
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
2007-08-04 11:56 --------- d-------- C:\Programme\Gemeinsame Dateien\Symantec Shared
2007-08-03 23:02 --------- d----c--- C:\DOKUME~1\Sergej\ANWEND~1\Azureus
2007-08-03 20:21 --------- d-------- C:\Programme\eMule
2007-08-02 11:41 --------- d-------- C:\Programme\PokerStars.NET
2007-07-31 14:25 --------- d--h----- C:\Programme\InstallShield Installation Information
2007-07-29 21:02 --------- d----c--- C:\DOKUME~1\Sergej\ANWEND~1\Skype
2007-07-26 16:17 --------- d-------- C:\Programme\TuneUp Utilities 2007
2007-07-13 00:43 78238 --a------ C:\WINDOWS\system32\perfc007.dat
2007-07-13 00:43 423550 --a------ C:\WINDOWS\system32\perfh007.dat
2007-07-13 00:41 6 --a------ C:\WINDOWS\system32\TMcnt.bin
2007-06-29 00:35 --------- d----c--- C:\DOKUME~1\Sergej\ANWEND~1\Lavasoft
2007-06-28 21:54 --------- d----c--- C:\DOKUME~1\Sergej\ANWEND~1\OpenOffice.org2
2007-06-28 20:27 --------- d-------- C:\Programme\Google
2007-06-28 20:19 --------- d-------- C:\Programme\PokerStars
2007-06-27 19:00 --------- d-------- C:\Programme\themexp
2007-06-27 18:43 8464 --a------ C:\WINDOWS\system32\sporder.dll
2007-06-27 16:28 5504 --a------ C:\WINDOWS\system32\xdrve9d.sys.ren
2007-06-20 09:14 --------- d-------- C:\Programme\Microsoft ActiveSync
2007-06-20 09:12 --------- d-------- C:\Programme\Yahoo!
2007-06-20 09:10 --------- d----c--- C:\DOKUME~1\Sergej\ANWEND~1\GoPal Assistant
2007-06-20 09:10 --------- d-------- C:\Programme\Medion GoPal Assistant
2007-06-09 21:28 --------- d-------- C:\Programme\Common Files
2007-06-09 21:28 --------- d-------- C:\Programme\AvantGo Connect
2007-05-29 11:18 1044480 --a------ C:\WINDOWS\system32\VchReg.dll
2007-05-16 17:12 85504 --a--c--- C:\WINDOWS\system32\dllcache\wabimp.dll
2007-05-16 17:12 510976 --a--c--- C:\WINDOWS\system32\dllcache\wab32.dll
2007-05-16 17:11 86528 --a--c--- C:\WINDOWS\system32\dllcache\directdb.dll
2007-05-16 17:11 683520 --a--c--- C:\WINDOWS\system32\dllcache\inetcomm.dll
2007-05-16 17:11 683520 --a------ C:\WINDOWS\system32\inetcomm.dll
2007-05-16 17:11 1314816 --a--c--- C:\WINDOWS\system32\dllcache\msoe.dll
2007-05-04 14:59 3085312 --a--c--- C:\WINDOWS\system32\dllcache\mshtml.dll
2006-06-04 18:57 1124 --a--c--- C:\DOKUME~1\Sergej\ANWEND~1\wklnhst.dat
2006-03-17 18:16 457 --a--c--- C:\Programme\INSTALL.LOG
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"T-DSL SpeedMgr"="C:\Programme\T-DSL SpeedManager\SpeedMgr.exe" [2004-07-14 17:01]
"ccApp"="C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe" [2007-01-09 23:59]
"osCheck"="C:\Programme\Norton Internet Security\osCheck.exe" [2007-01-14 01:11]
"nwiz"="nwiz.exe" [2006-10-22 13:22 C:\WINDOWS\system32\nwiz.exe]
"SoundMan"="SOUNDMAN.EXE" [2006-11-03 01:00 C:\WINDOWS\SOUNDMAN.EXE]
"AlcWzrd"="ALCWZRD.EXE" [2006-11-03 01:00 C:\WINDOWS\ALCWZRD.EXE]
"Alcmtr"="ALCMTR.EXE" [2006-11-03 01:00 C:\WINDOWS\ALCMTR.EXE]
"HerculesCamService"="C:\Programme\Hercules\Hercules Blog Webcam\CamService.exe" [2006-10-04 19:44]
"ISUSPM Startup"="C:\PROGRA~1\GEMEIN~1\INSTAL~1\UPDATE~1\isuspm.exe" [2005-02-16 19:15]
"WinPatrol"="C:\PROGRA~1\BILLPS~1\WINPAT~1\winpatrol.exe" [2005-11-15 13:50]
"SunJavaUpdateSched"="C:\Programme\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 03:43]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-10-22 13:22]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 14:00]
"WMPNSCFG"="C:\Programme\Windows Media Player\WMPNSCFG.exe" [2006-11-03 10:56]
"CCleaner"="C:\Programme\CCleaner\CCleaner.exe" [2007-05-10 13:01]
"H/PC Connection Agent"="C:\Programme\Microsoft ActiveSync\Wcescomm.exe" [2006-11-13 13:50]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"LinkResolveIgnoreLinkInfo"=0 (0x0)
"NoResolveSearch"=1 (0x1)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"MSMSGS"="C:\Programme\Messenger\msmsgs.exe" /background
"WMPNSCFG"=C:\Programme\Windows Media Player\WMPNSCFG.exe
"Skype"="C:\Programme\Skype\Phone\Skype.exe" /nosplash /minimized
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"T-DSL SpeedMgr"="C:\Programme\T-DSL SpeedManager\SpeedMgr.exe"
"Verknüpfung mit der High Definition Audio-Eigenschaftenseite"=HDAShCut.exe
"HP Software Update"=C:\Programme\HP\HP Software Update\HPWuSchd2.exe
"SunJavaUpdateSched"=C:\Programme\Java\jre1.5.0_07\bin\jusched.exe
"NeroCheck"=C:\WINDOWS\system32\NeroCheck.exe
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe
"ICQ Lite"="C:\Programme\ICQLite\ICQLite.exe" -minimize
"NvCplDaemon"=RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"HerculesCamService"=C:\Programme\Hercules\Hercules Blog Webcam\CamService.exe
"DriveCleaner 2006"="c:\programme\drivecleaner 2006\dc2006.exe" /min
"TopDesk"=C:\Programme\TopDesk\topdesk.exe
"HP Software Update"=C:\Programme\HP\HP Software Update\HPWuSchd2.exe
"ISUSScheduler"="C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe" -start
"ISUSPM Startup"=C:\PROGRA~1\GEMEIN~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
R1 SRTSP;SRTSP;C:\WINDOWS\system32\Drivers\SRTSP.SYS
R1 SRTSPX;SRTSPX;C:\WINDOWS\system32\Drivers\SRTSPX.SYS
R2 ACEDRV07;ACEDRV07;\??\C:\WINDOWS\system32\drivers\ACEDRV07.sys
R2 Automatisches LiveUpdate - Scheduler;Automatisches LiveUpdate - Scheduler;"C:\Programme\Symantec\LiveUpdate\ALUSchedulerSvc.exe"
R2 BCMNTIO;BCMNTIO;\??\C:\PROGRA~1\CheckIt\DIAGNO~1\BCMNTIO.sys
R2 MAPMEM;MAPMEM;\??\C:\PROGRA~1\CheckIt\DIAGNO~1\MAPMEM.sys
R2 SVKP;SVKP;\??\C:\WINDOWS\system32\SVKP.sys
R2 UxTuneUp;TuneUp Designerweiterung;C:\WINDOWS\System32\svchost.exe -k netsvcs
R3 APL531;Hercules Blog Webcam;C:\WINDOWS\system32\Drivers\BLvid.sys
R3 camfilt;camfilt;C:\WINDOWS\system32\Drivers\camfilt.sys
R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver;C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys
S2 nvcap;nVidia WDM Video Capture (universal);C:\WINDOWS\system32\DRIVERS\nvcap.sys
S2 NVXBAR;nVidia WDM A/V Crossbar;C:\WINDOWS\system32\DRIVERS\NVxbar.sys
S3 Afc;PPdus ASPI Shell;C:\WINDOWS\system32\drivers\Afc.sys
S3 avfwim;AvFw Packet Filter Miniport;C:\WINDOWS\system32\DRIVERS\avfwim.sys
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service;"C:\Programme\Microsoft Office\Office12\GrooveAuditService.exe"
S3 odserv;Microsoft Office Diagnostics Service;"C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE"
S3 ovt530;Webcam Deluxe;C:\WINDOWS\system32\Drivers\ov530vid.sys
S3 pepifilter;Volume Adapter;C:\WINDOWS\system32\DRIVERS\lv302af.sys
S3 PID_PEPI;Logitech QuickCam IM(PID_PEPI);C:\WINDOWS\system32\DRIVERS\LV302V32.SYS
S3 ROOTMODEM;Microsoft Legacy Modem Driver;C:\WINDOWS\system32\Drivers\RootMdm.sys
S3 SRTSPL;SRTSPL;C:\WINDOWS\system32\Drivers\SRTSPL.SYS
S3 StMp3Rec;Treiber f�r Player-Wiederherstellungsger„t;C:\WINDOWS\system32\Drivers\StMp3Rec.sys
S3 TNPacket;T-Systems Nova Packet Capture Driver;\??\C:\Programme\T-DSL SpeedManager\TNPACKET.SYS
S3 TSMPacket;T-DSL SpeedManager Service;C:\WINDOWS\system32\DRIVERS\tsmpkt.sys
S3 USBAV191;Instant VideoXpress;C:\WINDOWS\system32\DRIVERS\USBAV191.SYS
S3 usbvideo;USB-Videoger„t (WDM);C:\WINDOWS\system32\Drivers\usbvideo.sys
S3 vaxscsi;vaxscsi;C:\WINDOWS\system32\Drivers\vaxscsi.sys
S3 wceusbsh;Windows CE USB Serial Host Driver;C:\WINDOWS\system32\DRIVERS\wceusbsh.sys
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
*Newly Created Service* - COMHOST
Contents of the 'Scheduled Tasks' folder
2007-08-03 15:16:30 C:\WINDOWS\Tasks\1-Klick-Wartung.job
2007-07-30 20:08:32 C:\WINDOWS\Tasks\Norton Internet Security - Systemprüfung ausführen - Sergej.job
**************************************************************************
catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-08-04 15:25:12
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden registry entries ...
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System]
"OODEFRAG08.00.00.01WORKSTATION"="1C44105747899ED76DB044F2E03F1F0536D48611F64B4C60673BA9EDC49708F830BCE029359BCEA437DDB082182B63EC6479E8F0748019C12EBEA979E52BA00789FE856A8E3B6C6959C5A4538F4D248
9FBCA065B1B58A6725AA7C45B96D71CE3926EF457C0BD16682E7A0EB5F4B649C169A5E656FCBF479C86C03AEE6789D49D376149BE7DACD0B6137E028D3EB01FCF9BDA38FA6B5C2EC0D4C572A12E608B9A6C23C3843CC4833E6CC9B852A032D5
4207B0CA760185F5B26A6AF4F40332DF142472459FB678F83C9E490C1317EC82FC23DE940B18451D1AED55F180C3065A95D903D51A6AFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC
9E127BECC74C8EDD5E5BE2F6E667A6A0AC4980AC7933A6A0AC4980AC7933A6171C11EC38DE3D14080AE4F9A8FC2D7344B86C05BF6B4B557D2C811823882E4310E55B626D250AB6DDE50C06A6561137E3EBA9271F69A4555997074ADB9F11EBE5
4BF7018DC25E36E0E7A8E01F042FB324538155CBABA95DF051233D4E1E7F26E0AE675217A3F1D6E6B37BE81912FA2B64F485FA25B7714CCAE25708D19CCF8E4FBB3D3B7816FC10A83BCAEF3D24AF90E6274AF6AC22D63254A92B3662489EF3E67
70F1648FAFB8CC3C55E3D5BEFC88DD1186A1B8A177655D957A848215F4B563FB6FBAE3E482EAC3AEF820AE2C0887D2F4982B088D534AF91725FB250B877EED5A6A146B807170470298804EA73F271ED8EB5F017B2B4EC1253625DD83A8B288AC3A
313B7D20159B0B544CDAEFAD22D6091A80BC79362F1562946A3C5E1321E21E12A3C5F60F629A8AC8F7D895EB4AABD4D05235174EBD0BCF4A6D6483FDAA5C128E0DFF971C8A268FA451C7F37E8161F9479CD8F64C2D40B0DA3B932F5B744FA917
60FF3610B29E6DE4829B4B385CE040BB61A81071FFA6799DC84FD4041353BEA9FCE5E9B96D3FB6DFB167495E26ACCA971034914F7F55D9B7C64C568B266D7D993176DA486EE668DC8C7AC349EB1C23DE57E2ED48D2ADC61AAF7494F89F988D28E
D5FA8E3AF946FA1B9A6E79999F0EE54F711B2AE1B0381396D3EDE90B476B21506C0304D7A7A247E5597063F9E63E1A71399E073BD727A9737F3B403CD8FDE41BAF2742C661E3539AC98B05A86AC52110A16DF22321C4F2F7785CEEE96CA68E386
7AC9AB2405659B41F3E0351437A98F4705B89E642928FDDAD212422F42E67F1D2FAF28C15ADE32F05AA1AE63D96F06F5CE4799AA3F0F6E383FD26391A3F8819219FC207E3FD528A1816969C5A39ED508F2A859364A8724ED10B4DC5B4EAE000F8
CC181C62415A4CEBEADAED4E642B6C296B856B55662061E38405A25327347F715595867ED381FC05375D16027E121E3C12E481FAB771EA7A48CE6E3ACA97739834EE47D57825295E2DA91791D1E5"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Prefetcher]
"TracesProcessed"=dword:000005fc
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
Completion time: 2007-08-04 15:26:46
C:\ComboFix-quarantined-files.txt ... 2007-08-04 15:26
C:\ComboFix2.txt ... 2007-07-13 17:57
C:\ComboFix3.txt ... 2007-07-13 15:32
C:\combofixlog.txt ... 2007-07-13 15:34
--- E O F ---
und nun das hjk file:
Logfile of HijackThis v1.99.1
Scan saved at 15:31:26, on 04.08.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\AppCore\AppSvc32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\T-DSL SpeedManager\SpeedMgr.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Programme\T-DSL SpeedManager\tsmsvc.exe
C:\WINDOWS\ALCWZRD.EXE
C:\Programme\Hercules\Hercules Blog Webcam\CamService.exe
C:\PROGRA~1\BILLPS~1\WINPAT~1\winpatrol.exe
C:\Programme\Java\jre1.6.0_01\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Windows Media Player\WMPNSCFG.exe
C:\Programme\Microsoft ActiveSync\Wcescomm.exe
C:\PROGRA~1\MICROS~2\rapimgr.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Dokumente und Einstellungen\Sergej\Desktop\HijackThis.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = file://C:\Programme\WinSweep\ws.js
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.2.1:25
R3 - URLSearchHook: Yahoo! Toolbar mit Pop-Up-Blocker - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Programme\Gemeinsame Dateien\Symantec Shared\coShared\Browser\1.5\NppBho.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_01\bin\ssv.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Programme\Gemeinsame Dateien\Symantec Shared\coShared\Browser\1.5\UIBHO.dll
O4 - HKLM\..\Run: [T-DSL SpeedMgr] "C:\Programme\T-DSL SpeedManager\SpeedMgr.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Programme\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [HerculesCamService] C:\Programme\Hercules\Hercules Blog Webcam\CamService.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\GEMEIN~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [WinPatrol] C:\PROGRA~1\BILLPS~1\WINPAT~1\winpatrol.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [CCleaner] "C:\Programme\CCleaner\CCleaner.exe" /AUTO
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Programme\Microsoft ActiveSync\Wcescomm.exe"
O8 - Extra context menu item: Add to AMV Converter... - C:\Programme\MP3 Player Utilities 4.05\AMVConverter\grab.html
O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Programme\MP3 Player Utilities 4.05\MediaManager\grab.html
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra 'Tools' menuitem: Mobilen Favoriten erstellen... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Programme\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\GEMEIN~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Automatisches LiveUpdate - Scheduler - Symantec Corporation - C:\Programme\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe" /h cltCommon (file missing)
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\VAScanner\comHost.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Programme\Norton Internet Security\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: LiveUpdate Notice Service - Unknown owner - C:\Programme\Gemeinsame Dateien\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /m "C:\Programme\Gemeinsame Dateien\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifEng.dll (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: TSMService - T-Systems Nova, Berkom - C:\Programme\T-DSL SpeedManager\tsmsvc.exe
bin für jede hilfe dankbar