Home » Spyware & Browser Hijacker Support Forum » TR/Fakealert.ann.189, TR/Crypt.XPACK.Gen, TR/Agent.53760.O, etc » Themenansicht
TR/Fakealert.ann.189, TR/Crypt.XPACK.Gen, TR/Agent.53760.O, etc |
||
|---|---|---|
| #0
| ||
|
05.12.2008, 21:12
...neu hier
Beiträge: 2 |
||
 
|
|
|
|
06.12.2008, 08:32
Moderator
Beiträge: 7805 |
#2
Also das sieht gut aus. Es ist soweit keine Malware mehr zu sehen....
__________ MfG Ralf SEO-Spam Hunter |
|
|
|
|
|
|
06.12.2008, 10:16
...neu hier
Themenstarter Beiträge: 2 |
||
|
|
|
|
|
06.12.2008, 10:32
Moderator
Beiträge: 7805 |
#4
Manchmal muss man auch Glueck im Leben haben!
 Wenn du die Asks Toolbar nicht brauchst, wuerde ich sie ueber "Software" deinstallieren. __________ MfG Ralf SEO-Spam Hunter |
|
|
|
|
|
Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!
bitte erst » hier kostenlos registrieren!!
Folgende Themen könnten Dich auch interessieren:
Seite(n): 1
Copyright © 2024, Protecus.de - Protecus Team - Impressum / Mediadaten
seit ein paar Tagen spuckt mir mein Antivir andauernd Funde heraus. Alles angefangen hat es mit dem Fund TR/Agent.AKWY.7
Folge Files sind ebenfalls gefunden worden: TR/Fakealert.ann.189, TR/Crypt.XPACK.Gen, TR/Agent.53760.O, WORM/Autorun.qah, TR/Drop.Zlob.QD, TR/Agent.aqu.156672, TR/Fakealert.ann.189
Glücklicherweise bin ich auf die Anleitung NEUE BEITRÄGE ERSTELLEN: Mit folgenden Infos Thread im Forum erstellen von Sabine gestoßen und habe die Punkte abgearbeitet.
Im Folgenden stelle ich wie empfohlen die Logs von Malwarebytes, Combofix und Hijackthis rein.
Nun meine Frage: BIN ICH JETZT ALLES LOS???
Schönen Gruß
Mo
Malwarebytes' Anti-Malware 1.31
Datenbank Version: 1463
Windows 6.0.6001 Service Pack 1
05.12.2008 20:05:58
mbam-log-2008-12-05 (20-05-58).txt
Scan-Methode: Quick-Scan
Durchsuchte Objekte: 47208
Laufzeit: 3 minute(s), 34 second(s)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 1
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 19
Infizierte Verzeichnisse: 1
Infizierte Dateien: 1
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Windows Tribute Service (Trojan.Agent) -> Quarantined and deleted successfully.
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{05a1afd2-c55b-41c7-942b-bfe68b1f739c}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.156;85.255.112.190 -> Delete on reboot.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{05a1afd2-c55b-41c7-942b-bfe68b1f739c}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.156;85.255.112.190 -> Delete on reboot.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{592fa153-2214-4123-8ca6-e3861a1c6740}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.156;85.255.112.190 -> Delete on reboot.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{91d2a0e2-fed1-417f-866f-dc44c7e530a3}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.156;85.255.112.190 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{91d2a0e2-fed1-417f-866f-dc44c7e530a3}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.156;85.255.112.190 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{b1a7de28-4a4d-4002-b0da-e67993636f82}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.156;85.255.112.190 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{05a1afd2-c55b-41c7-942b-bfe68b1f739c}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.156;85.255.112.190 -> Delete on reboot.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{05a1afd2-c55b-41c7-942b-bfe68b1f739c}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.156;85.255.112.190 -> Delete on reboot.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{592fa153-2214-4123-8ca6-e3861a1c6740}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.156;85.255.112.190 -> Delete on reboot.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{91d2a0e2-fed1-417f-866f-dc44c7e530a3}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.156;85.255.112.190 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{91d2a0e2-fed1-417f-866f-dc44c7e530a3}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.156;85.255.112.190 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{b1a7de28-4a4d-4002-b0da-e67993636f82}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.156;85.255.112.190 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{05a1afd2-c55b-41c7-942b-bfe68b1f739c}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.156;85.255.112.190 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{05a1afd2-c55b-41c7-942b-bfe68b1f739c}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.156;85.255.112.190 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{592fa153-2214-4123-8ca6-e3861a1c6740}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.156;85.255.112.190 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{592fa153-2214-4123-8ca6-e3861a1c6740}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.156;85.255.112.190 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{91d2a0e2-fed1-417f-866f-dc44c7e530a3}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.156;85.255.112.190 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{91d2a0e2-fed1-417f-866f-dc44c7e530a3}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.156;85.255.112.190 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{b1a7de28-4a4d-4002-b0da-e67993636f82}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.156;85.255.112.190 -> Quarantined and deleted successfully.
Infizierte Verzeichnisse:
C:\resycled (Trojan.DNSChanger) -> Quarantined and deleted successfully.
Infizierte Dateien:
C:\resycled\boot.com (Trojan.DNSChanger) -> Quarantined and deleted successfully.
ComboFix 08-12-05.01 - tiAmo 2008-12-05 20:24:09.1 - NTFSx86
Microsoft® Windows Vista™ Business 6.0.6001.1.1252.1.1031.18.1180 [GMT 1:00]
ausgeführt von:: c:\users\tiAmo\Downloads\ComboFix.exe
* Neuer Wiederherstellungspunkt wurde erstellt
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\autorun.inf
c:\windows\system32\igfxres.dll
D:\Autorun.inf
D:\resycled
d:\resycled\boot.com
.
((((((((((((((((((((((( Dateien erstellt von 2008-11-05 bis 2008-12-05 ))))))))))))))))))))))))))))))
.
2008-12-05 19:59 . 2008-12-05 19:59 <DIR> d-------- c:\users\tiAmo\AppData\Roaming\Malwarebytes
2008-12-05 19:59 . 2008-12-05 19:59 <DIR> d-------- c:\users\All Users\Malwarebytes
2008-12-05 19:59 . 2008-12-05 19:59 <DIR> d-------- c:\programdata\Malwarebytes
2008-12-05 19:59 . 2008-12-05 19:59 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2008-12-05 19:59 . 2008-12-03 19:52 38,496 --a------ c:\windows\System32\drivers\mbamswissarmy.sys
2008-12-05 19:59 . 2008-12-03 19:52 15,504 --a------ c:\windows\System32\drivers\mbam.sys
2008-12-05 11:18 . 2008-12-05 11:18 <DIR> d-------- c:\program files\Aspell
2008-12-02 15:36 . 2008-12-02 15:36 <DIR> d-------- c:\program files\SecureW2
2008-12-01 22:42 . 2008-12-01 23:05 <DIR> d-------- C:\Temp
2008-11-27 09:22 . 2008-11-27 09:22 <DIR> d-------- c:\program files\Bonjour
2008-11-20 23:02 . 2008-11-20 23:02 242,546,977 --a------ c:\windows\MEMORY.DMP
2008-11-18 07:00 . 2008-10-16 22:13 1,809,944 --a------ c:\windows\System32\wuaueng.dll
2008-11-18 07:00 . 2008-10-16 21:56 1,524,736 --a------ c:\windows\System32\wucltux.dll
2008-11-18 07:00 . 2008-10-16 22:09 51,224 --a------ c:\windows\System32\wuauclt.exe
2008-11-18 07:00 . 2008-10-16 22:09 43,544 --a------ c:\windows\System32\wups2.dll
2008-11-18 06:59 . 2008-10-16 22:12 561,688 --a------ c:\windows\System32\wuapi.dll
2008-11-18 06:59 . 2008-10-16 14:08 162,064 --a------ c:\windows\System32\wuwebv.dll
2008-11-18 06:59 . 2008-10-16 21:55 83,456 --a------ c:\windows\System32\wudriver.dll
2008-11-18 06:59 . 2008-10-16 22:08 34,328 --a------ c:\windows\System32\wups.dll
2008-11-18 06:59 . 2008-10-16 13:56 31,232 --a------ c:\windows\System32\wuapp.exe
2008-11-12 16:04 . 2008-11-12 16:20 <DIR> d-------- c:\users\tiAmo\AppData\Roaming\PhotoLine
2008-11-12 14:19 . 2008-09-10 04:40 1,334,272 --a------ c:\windows\System32\msxml6.dll
2008-11-12 14:19 . 2008-09-05 06:14 1,191,936 --a------ c:\windows\System32\msxml3.dll
2008-11-12 14:19 . 2008-08-27 02:05 212,480 --a------ c:\windows\System32\drivers\mrxsmb10.sys
2008-11-09 17:35 . 2008-11-09 17:35 <DIR> d-------- c:\users\tiAmo\AppData\Roaming\Ashampoo Photo Commander 4
2008-11-09 15:25 . 2008-11-09 15:49 <DIR> d-------- c:\users\tiAmo\AppData\Roaming\vlc
2008-11-09 15:24 . 2008-11-09 15:24 <DIR> d-------- c:\program files\VideoLAN
2008-11-09 09:42 . 2008-11-09 09:42 <DIR> d-------- c:\program files\Veoh
2008-11-08 23:12 . 2008-11-08 23:12 <DIR> d-------- c:\program files\Veoh Networks
2008-11-08 18:54 . 2008-11-08 18:54 <DIR> d-------- c:\program files\MSXML 4.0
2008-11-08 15:50 . 2008-11-08 15:50 <DIR> d-------- c:\program files\Xvid
2008-11-08 15:50 . 2008-04-27 10:33 765,952 --a------ c:\windows\System32\xvidcore.dll
2008-11-08 15:50 . 2008-04-27 10:35 180,224 --a------ c:\windows\System32\xvidvfw.dll
2008-11-08 15:50 . 2007-06-28 18:55 77,824 --a------ c:\windows\System32\xvid.ax
2008-11-08 00:28 . 2008-11-08 10:31 <DIR> d-------- c:\users\tiAmo\AppData\Roaming\Mobile Master
2008-11-08 00:27 . 2008-11-08 10:31 <DIR> d-------- c:\program files\Mobile Master
2008-11-08 00:27 . 2008-11-08 00:27 <DIR> d-------- c:\program files\Common Files\Wise Installation Wizard
2008-11-08 00:13 . 2008-11-08 00:13 120 --a------ c:\windows\PbkUser.INI
2008-11-07 23:56 . 1998-06-17 18:07 57,344 --------- c:\windows\System32\Mfc42loc.dll
2008-11-07 23:55 . 2008-11-08 12:37 <DIR> d-------- c:\users\All Users\BVRP Software
2008-11-07 23:55 . 2008-11-08 12:37 <DIR> d-------- c:\programdata\BVRP Software
2008-11-07 23:55 . 2008-11-07 23:55 25,600 --a------ c:\users\tiAmo\usbsermptxp.sys
2008-11-07 23:55 . 2008-11-07 23:55 22,768 --a------ c:\windows\System32\drivers\usbsermpt.sys
2008-11-07 23:55 . 2008-11-07 23:55 22,768 --a------ c:\users\tiAmo\usbsermpt.sys
2008-11-07 23:02 . 2008-11-07 23:02 <DIR> d-------- c:\users\tiAmo\AppData\Roaming\tmp
2008-11-07 23:02 . 2008-11-07 23:02 <DIR> d-------- c:\users\tiAmo\AppData\Roaming\Reallusion
2008-11-07 23:02 . 2008-11-07 23:02 <DIR> d-------- c:\users\tiAmo\AppData\Roaming\Creative
2008-11-07 22:42 . 2008-12-05 19:38 <DIR> d-------- c:\users\tiAmo\AppData\Roaming\skypePM
2008-11-07 22:42 . 2008-11-07 22:42 56 --ah----- c:\windows\System32\ezsidmv.dat
2008-11-07 21:59 . 2008-11-08 12:44 <DIR> d-------- c:\program files\MozBackup-1.4.8-DE
2008-11-07 21:47 . 2008-03-29 17:36 125,328 --a------ c:\windows\System32\drivers\dne2000.sys
2008-11-07 21:47 . 2008-03-29 17:36 106,768 --a------ c:\windows\System32\dneinobj.dll
2008-11-07 21:46 . 2008-11-07 21:46 <DIR> d-------- c:\program files\Common Files\Deterministic Networks
2008-11-07 21:46 . 2008-11-07 21:46 <DIR> d-------- c:\program files\Cisco Systems
2008-11-07 21:46 . 2008-11-07 21:47 1,594 --a------ c:\windows\VPNInstall.MIF
2008-11-07 21:27 . 2008-11-26 22:45 <DIR> d-------- c:\users\tiAmo\AppData\Roaming\Canon
2008-11-07 21:26 . 2008-11-07 21:26 <DIR> d-------- c:\users\tiAmo\AppData\Roaming\Thunderbird
2008-11-07 21:23 . 2008-11-23 17:32 <DIR> d-------- c:\program files\Mozilla Thunderbird
2008-11-07 21:16 . 2008-12-05 20:30 <DIR> d-------- c:\users\tiAmo\AppData\Roaming\Skype
2008-11-07 21:13 . 2008-11-07 21:13 <DIR> d-------- c:\program files\Canon
2008-11-07 21:06 . 2008-11-07 21:07 <DIR> d--h----- C:\CanoScan
2008-11-07 21:06 . 2002-05-24 03:04 389,180 --a------ c:\windows\System32\UCS32P.DLL
2008-11-07 21:06 . 2003-09-17 17:35 339,968 --a------ c:\windows\System32\N067UFW.DLL
2008-11-07 21:06 . 2002-09-12 01:07 36,864 --a------ c:\windows\System32\CNQU70.DLL
2008-11-07 20:58 . 2008-11-07 20:58 <DIR> d-------- c:\users\All Users\Skype
2008-11-07 20:58 . 2008-11-07 20:58 <DIR> d-------- c:\programdata\Skype
2008-11-07 20:58 . 2008-11-07 20:58 <DIR> d-------- c:\program files\Skype
2008-11-07 20:58 . 2008-11-07 20:58 <DIR> d-------- c:\program files\Common Files\Skype
2008-11-07 20:52 . 2008-11-07 20:52 <DIR> d-------- c:\program files\AskSBar
2008-11-07 20:52 . 2008-11-07 20:52 249,592 --a------ c:\windows\System32\cssdll32.dll
2008-11-07 20:50 . 2008-11-07 20:50 <DIR> d-------- c:\users\tiAmo\AppData\Roaming\Comodo
2008-11-07 20:50 . 2008-11-07 21:17 <DIR> d-------- c:\users\All Users\comodo
2008-11-07 20:50 . 2008-11-07 21:17 <DIR> d-------- c:\programdata\comodo
2008-11-07 20:50 . 2008-11-07 20:52 <DIR> d-------- c:\program files\COMODO
2008-11-07 20:50 . 2008-11-07 21:59 143,096 --a------ c:\windows\System32\guard32.dll
2008-11-07 20:50 . 2008-11-07 21:59 98,320 --a------ c:\windows\System32\drivers\cmdguard.sys
2008-11-07 20:50 . 2008-11-07 21:59 25,104 --a------ c:\windows\System32\drivers\cmdhlp.sys
2008-11-07 20:43 . 2008-11-07 20:43 <DIR> d-------- c:\users\All Users\Avira
2008-11-07 20:43 . 2008-11-07 20:43 <DIR> d-------- c:\programdata\Avira
2008-11-07 20:43 . 2008-11-07 20:43 <DIR> d-------- c:\program files\Avira
2008-11-07 20:26 . 2008-11-07 20:26 <DIR> d-------- c:\users\tiAmo\AppData\Roaming\DassaultSystemes
2008-11-07 20:26 . 2008-11-07 20:30 <DIR> d-------- c:\users\All Users\DassaultSystemes
2008-11-07 20:26 . 2008-11-07 20:30 <DIR> d-------- c:\programdata\DassaultSystemes
2008-11-07 20:15 . 2004-03-22 15:17 24,816 --a------ c:\windows\System32\mdimon.dll
2008-11-07 20:15 . 2008-11-07 20:15 400 --a------ c:\windows\ODBC.INI
2008-11-07 20:06 . 2008-11-07 20:06 <DIR> d-------- c:\program files\Microsoft Works
2008-11-07 20:03 . 2008-11-07 20:03 <DIR> d-------- c:\windows\PCHEALTH
2008-11-07 20:03 . 2008-11-07 20:03 <DIR> d-------- c:\program files\Microsoft.NET
2008-11-07 19:38 . 2008-11-07 19:38 <DIR> d-------- c:\users\tiAmo\AppData\Roaming\Roxio
2008-11-07 19:38 . 2008-12-01 23:13 <DIR> d-------- c:\users\All Users\Roxio
2008-11-07 19:38 . 2008-12-01 23:13 <DIR> d-------- c:\programdata\Roxio
2008-11-07 19:21 . 2008-11-07 19:21 <DIR> d-------- c:\program files\TeXnicCenter
2008-11-07 19:21 . 2006-05-28 16:39 82,432 --a------ c:\windows\System32\msxml4r.dll
2008-11-07 19:21 . 2006-05-28 16:39 44,544 --a------ c:\windows\System32\msxml4a.dll
2008-11-07 19:02 . 2008-11-07 19:02 <DIR> d-------- c:\users\All Users\MiKTeX
2008-11-07 19:02 . 2008-11-07 19:02 <DIR> d-------- c:\programdata\MiKTeX
2008-11-07 18:37 . 2008-11-07 18:59 <DIR> d-------- c:\program files\MiKTeX 2.7
2008-11-07 18:18 . 2008-11-07 18:18 <DIR> d-------- c:\users\All Users\FLEXnet
2008-11-07 18:18 . 2008-11-07 18:18 <DIR> d-------- c:\programdata\FLEXnet
2008-11-07 18:18 . 2008-11-07 18:18 <DIR> d-------- c:\program files\Common Files\Macrovision Shared
2008-11-07 18:13 . 2008-11-07 18:18 <DIR> d-------- c:\users\All Users\Adobe
2008-11-07 18:13 . 2008-11-27 09:22 <DIR> d-------- c:\program files\Common Files\Adobe
2008-11-07 18:07 . 2008-11-07 18:07 <DIR> d-------- c:\users\tiAmo\AppData\Roaming\Dell
2008-11-07 13:00 . 2008-07-16 02:32 2,048 --a------ c:\windows\System32\tzres.dll
2008-11-07 11:37 . 2008-06-26 02:45 12,240,896 --a------ c:\windows\System32\NlsLexicons0007.dll
2008-11-07 11:37 . 2008-06-26 02:45 2,644,480 --a------ c:\windows\System32\NlsLexicons0009.dll
2008-11-07 11:37 . 2008-06-26 04:29 801,280 --a------ c:\windows\System32\NaturalLanguage6.dll
2008-11-07 11:32 . 2008-12-03 11:45 <DIR> d-------- C:\DOWNLOADS
2008-11-07 11:30 . 2008-11-07 11:30 <DIR> d-------- c:\windows\System32\Macromed
2008-11-07 11:30 . 2008-11-07 11:30 0 --a------ c:\windows\nsreg.dat
2008-11-07 11:21 . 2008-11-07 11:21 <DIR> d-------- c:\users\tiAmo\AppData\Roaming\CSR
2008-11-07 11:21 . 2008-11-07 11:21 <DIR> d-------- c:\program files\CSR
2008-11-07 11:21 . 2008-12-05 20:28 12 --a------ c:\windows\bthservsdp.dat
2008-11-07 11:17 . 2006-11-06 23:13 13,824 --a------ c:\windows\System32\drivers\BthFilt.sys
2008-11-07 11:16 . 2008-11-07 11:16 <DIR> d-------- c:\users\tiAmo\Roaming
2008-11-07 11:16 . 2008-11-07 11:16 <DIR> d-------- c:\users\tiAmo\AppData\Roaming\Intel
2008-11-07 11:16 . 2008-11-07 11:16 <DIR> d-------- c:\users\Public\Roaming
2008-11-07 11:16 . 2008-11-07 11:16 <DIR> d-------- c:\users\Default\Roaming
2008-11-07 11:16 . 2008-11-07 11:16 <DIR> d-------- c:\users\All Users\Roaming
2008-11-07 11:16 . 2008-11-07 11:16 <DIR> d-------- c:\programdata\Roaming
2008-11-07 11:15 . 2008-11-07 11:15 <DIR> d-------- c:\users\All Users\Intel
2008-11-07 11:15 . 2008-11-07 11:15 <DIR> d-------- c:\programdata\Intel
2008-11-07 11:03 . 2008-11-07 11:03 <DIR> d-------- c:\program files\DellTPad
2008-11-07 11:03 . 2007-12-14 11:54 1,419,232 --a------ c:\windows\System32\WdfCoInstaller01005.dll
2008-11-07 11:03 . 2007-12-14 11:42 155,136 --a------ c:\windows\System32\drivers\Apfiltr.sys
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-07 09:53 319,456 ----a-w c:\windows\DIFxAPI.dll
2008-11-07 09:53 315,392 ----a-w c:\windows\HideWin.exe
2008-11-06 23:32 --------- d-sh--w c:\programdata\Vorlagen
2008-11-06 23:32 --------- d-sh--w c:\programdata\Startmenü
2008-11-06 23:32 --------- d-sh--w c:\programdata\Favoriten
2008-11-06 23:32 --------- d-sh--w c:\programdata\Dokumente
2008-11-06 23:32 --------- d-sh--w c:\programdata\Anwendungsdaten
2008-11-06 23:32 --------- d-sh--w c:\program files\Gemeinsame Dateien
2008-10-02 03:49 827,392 ----a-w c:\windows\System32\wininet.dll
2008-09-30 15:43 1,286,152 ----a-w c:\windows\System32\msxml4.dll
2008-09-18 17:33 151,552 ----a-w c:\windows\System32\sw2_ttls_manager.exe
2008-09-18 17:29 327,680 ----a-w c:\windows\System32\sw2_ttls.dll
2008-09-18 05:09 3,601,464 ----a-w c:\windows\System32\ntkrnlpa.exe
2008-09-18 05:09 3,549,240 ----a-w c:\windows\System32\ntoskrnl.exe
2008-09-18 02:16 2,032,640 ----a-w c:\windows\System32\win32k.sys
2008-01-21 02:43 174 --sha-w c:\program files\desktop.ini
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2}"= "c:\program files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL" [2008-11-07 66912]
[HKEY_CLASSES_ROOT\clsid\{0579b4b6-0293-4d73-b02d-5ebb0ba0f0a2}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2}]
2008-11-07 20:52 66912 --a------ c:\program files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-09-11 218032]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2008-09-29 21755688]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DELL Webcam Manager"="c:\program files\Dell\Dell Webcam Manager\DellWMgr.exe" [2007-07-27 118784]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-04 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-04 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-04 133656]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2007-12-14 159744]
"OEM13Mon.exe"="c:\windows\OEM13Mon.exe" [2008-01-08 36864]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2006-10-22 620152]
"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
"COMODO SafeSurf"="c:\program files\COMODO\SafeSurf\cssurf.exe" [2008-11-07 278264]
"COMODO Firewall Pro"="c:\program files\COMODO\Firewall\cfp.exe" [2008-11-07 1797880]
"COMODO Internet Security"="c:\program files\COMODO\Firewall\cfp.exe" [2008-11-07 1797880]
"RtHDVCpl"="RtHDVCpl.exe" [2008-02-04 c:\windows\RtHDVCpl.exe]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Acrobat - Schnellstart.lnk - c:\windows\Installer\{AC76BA86-1033-F400-7760-000000000003}\_SC_Acrobat.exe [2008-11-07 295606]
Adobe Reader Synchronizer.lnk - c:\program files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe [2006-10-23 734872]
QuickSet.lnk - c:\program files\Dell\QuickSet\quickset.exe [2008-02-22 1193240]
VPN Client.lnk - c:\windows\Installer\{A7091E1D-36A4-47F1-A739-173CC341414F}\Icon3E5562ED7.ico [2008-11-07 6144]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"= c:\windows\system32\guard32.dll c:\windows\system32\cssdll32.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{6E24EE89-2E6B-4B4B-A3E6-A25E80A730D5}"= c:\program files\Skype\Phone\Skype.exe:Skype
"{A347AF92-5413-4E00-A0C4-5B6B49431355}"= UDP:c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:Veoh Web Player
"{A3544334-AD25-44B1-901A-3640D14BB042}"= TCP:c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:Veoh Web Player
"{00574C1F-8FB0-466C-8D95-00C28B3851AF}"= c:\program files\Skype\Phone\Skype.exe:Skype
R1 cmdGuard;COMODO Firewall Pro Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2008-11-07 98320]
R1 cmdHlp;COMODO Firewall Pro Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [2008-11-07 25104]
R1 DLARTL_M;DLARTL_M;c:\windows\system32\Drivers\DLARTL_M.SYS [2008-11-07 30064]
R2 AERTFilters;Andrea RT Filters Service;c:\windows\system32\AERTSrv.exe [2008-11-07 77824]
R2 BthFilterHelper;Bluetooth Feature Support;"c:\program files\CSR\Vista Profile Pack\BthFilterHelper.exe" [2006-11-07 127488]
R3 O2MDRDR;O2MDRDR;c:\windows\system32\DRIVERS\o2media.sys [2008-02-14 48472]
R3 O2SDRDR;O2SDRDR;c:\windows\system32\DRIVERS\o2sd.sys [2008-02-14 43480]
R3 OEM13Vfx;Creative Camera OEM013 Video VFX Driver;c:\windows\system32\DRIVERS\OEM13Vfx.sys [2008-11-07 7424]
R3 OEM13Vid;Creative Camera OEM013 Driver;c:\windows\system32\DRIVERS\OEM13Vid.sys [2008-11-07 235200]
S3 BTHFILT;Bluetooth-Befehlsfilter;c:\windows\system32\DRIVERS\BthFilt.sys [2008-11-07 13824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
bthsvcs REG_MULTI_SZ BthServ
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.comodo.com/search/
uInternet Settings,ProxyOverride = *.local
IE: An vorhandenes PDF anfügen - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Auswahl in Adobe PDF konvertieren - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Auswahl in vorhandene PDF-Datei konvertieren - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: In Adobe PDF konvertieren - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Nach Microsoft &Excel exportieren - c:\progra~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: Verknüpfungsziel in Adobe PDF konvertieren - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
FireFox -: Profile - c:\users\tiAmo\AppData\Roaming\Mozilla\Firefox\Profiles\5z9zd4vl.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.google.de
FF -: plugin - c:\program files\Adobe\Acrobat 8.0\Acrobat\browser\nppdf32.dll
FF -: plugin - c:\program files\Mozilla Firefox\plugins\NPAskSBr.dll
FF -: plugin - c:\program files\Veoh Networks\VeohWebPlayer\NPVeohTVPlugin.dll
FF -: plugin - c:\program files\Veoh Networks\VeohWebPlayer\npWebPlayerVideoPluginATL.dll
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-05 20:29:41
Windows 6.0.6001 Service Pack 1 NTFS
Scanne versteckte Prozesse...
Scanne versteckte Autostarteinträge...
Scanne versteckte Dateien...
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
**************************************************************************
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\System32\audiodg.exe
c:\windows\System32\wlanext.exe
c:\program files\Avira\AntiVir PersonalEdition Classic\sched.exe
c:\windows\System32\conime.exe
c:\program files\Avira\AntiVir PersonalEdition Classic\avguard.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\COMODO\Firewall\cmdagent.exe
c:\program files\Cisco Systems\VPN Client\cvpnd.exe
c:\program files\Intel\Wireless\Bin\EvtEng.exe
c:\program files\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
c:\windows\System32\igfxsrvc.exe
c:\program files\O2Micro Flash Memory Card Driver\o2flash.exe
c:\program files\Intel\Wireless\Bin\RegSrvc.exe
c:\windows\System32\WUDFHost.exe
c:\program files\DellTPad\ApMsgFwd.exe
c:\program files\DellTPad\hidfind.exe
c:\program files\DellTPad\ApntEx.exe
c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
c:\program files\Skype\Plugin Manager\skypePM.exe
c:\windows\System32\wbem\WMIADAP.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\System32\dllhost.exe
c:\windows\System32\verclsid.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2008-12-05 20:35:21 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2008-12-05 19:34:59
Vor Suchlauf: 19 Verzeichnis(se), 28.272.955.392 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 28,035,158,016 Bytes frei
282 --- E O F --- 2008-12-05 11:17:17
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:44:31, on 05.12.2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\conime.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\OEM13Mon.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\COMODO\SafeSurf\cssurf.exe
C:\Program Files\COMODO\Firewall\cfp.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Windows\Explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\HijackThis\HJT\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comodo.com/search/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
O2 - BHO: Ask Search Assistant BHO - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll
O4 - HKLM\..\Run: [DELL Webcam Manager] "C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" /s
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [OEM13Mon.exe] C:\Windows\OEM13Mon.exe
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [COMODO SafeSurf] "C:\Program Files\COMODO\SafeSurf\cssurf.exe" -s
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\Firewall\cfp.exe" -h
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - Global Startup: Adobe Acrobat - Schnellstart.lnk = ?
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe
O4 - Global Startup: QuickSet.lnk = C:\Program Files\Dell\QuickSet\quickset.exe
O4 - Global Startup: VPN Client.lnk = ?
O8 - Extra context menu item: An vorhandenes PDF anfügen - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Auswahl in Adobe PDF konvertieren - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Auswahl in vorhandene PDF-Datei konvertieren - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: In Adobe PDF konvertieren - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\Windows\system32\guard32.dll C:\Windows\system32\cssdll32.dll
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Windows\system32\AERTSrv.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Planer (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Feature Support (BthFilterHelper) - CSR, plc - C:\Program Files\CSR\Vista Profile Pack\BthFilterHelper.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\Firewall\cmdagent.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
--
End of file - 8269 bytes