Trojaner Problem und habe keine ahnung

#0
13.01.2010, 18:12
Member

Beiträge: 11
#1 Hallo !!!!

bin einem trojanischem pferd zum opfer gefallen.
darauf hin habe ich die anweisung mit dem hijack programm durch geführt.
Aber wie gehts weiter????
Könnt ihr mir helfen





Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:06:10, on 13.01.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Avira\AntiVir Desktop\sched.exe
C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACService.exe
C:\Programme\Avira\AntiVir Desktop\avguard.exe
C:\Programme\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\lxdjcoms.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Programme\Gemeinsame Dateien\Pure Networks Shared\Platform\nmsrvc.exe
C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe
C:\Programme\Gemeinsame Dateien\Pure Networks Shared\Platform\nmctxth.exe
C:\Programme\Linksys\Linksys Wireless Manager\LinksysWirelessManager.exe
C:\Programme\Avira\AntiVir Desktop\avgnt.exe
C:\Programme\Lexmark 1400 Series\lxdjamon.exe
C:\Programme\HP\HP Software Update\HPWuSchd2.exe
C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\ALCFDRTM.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe
C:\Programme\Windows Desktop Search\WindowsSearch.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Programme\HP\Digital Imaging\bin\hpqbam08.exe
C:\Programme\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Programme\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com/?SearchSource=10&ctid=CT1700389
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = 91.4.109.105
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Programme\pdfforge Toolbar\SearchSettings.dll (file missing)
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: DVDVideoSoft Toolbar - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Programme\DVDVideoSoft\tbDVDV.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: IsoBuster Toolbar - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - C:\Programme\IsoBuster\tbIsoB.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Programme\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Programme\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: IsoBuster Toolbar - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - C:\Programme\IsoBuster\tbIsoB.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\pdfforgeToolbarIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll
O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Programme\pdfforge Toolbar\SearchSettings.dll (file missing)
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: DVDVideoSoft Toolbar - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Programme\DVDVideoSoft\tbDVDV.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Programme\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\pdfforgeToolbarIE.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: DVDVideoSoft Toolbar - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Programme\DVDVideoSoft\tbDVDV.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: IsoBuster Toolbar - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - C:\Programme\IsoBuster\tbIsoB.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [nwiz] C:\Programme\NVIDIA Corporation\nView\nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Programme\Gemeinsame Dateien\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SearchSettings] C:\Programme\pdfforge Toolbar\SearchSettings.exe
O4 - HKLM\..\Run: [nmctxth] "C:\Programme\Gemeinsame Dateien\Pure Networks Shared\Platform\nmctxth.exe"
O4 - HKLM\..\Run: [Linksys Wireless Manager] "C:\Programme\Linksys\Linksys Wireless Manager\LinksysWirelessManager.exe" /cm /min /lcid 1031
O4 - HKLM\..\Run: [avgnt] "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [lxdjamon] "C:\Programme\Lexmark 1400 Series\lxdjamon.exe"
O4 - HKLM\..\Run: [LXDJCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXDJtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [HP Software Update] C:\Programme\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\RunOnce: [KB955759] rundll32.exe apphelp.dll,ShimFlushCache
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Programme\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Programme\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [swg] C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WEB.DE_WEB.DE MultiMessenger] "C:\Programme\WEB.DE\WEB.DE MultiMessenger\MESSENGR.EXE" /hide
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: TMMonitor.lnk = C:\Programme\ArcSoft\TotalMedia 3.5\TMMonitor.exe
O4 - Global Startup: Windows Search.lnk = C:\Programme\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Programme\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Programme\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Programme\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: HP Intelligente Auswahl - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Programme\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft - C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. - C:\Programme\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Programme\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe
O23 - Service: lxdj_device - - C:\WINDOWS\system32\lxdjcoms.exe
O23 - Service: Pure Networks Platform Service (nmservice) - Cisco Systems, Inc. - C:\Programme\Gemeinsame Dateien\Pure Networks Shared\Platform\nmsrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TuneUp Drive Defrag-Dienst (TuneUp.Defrag) - TuneUp Software - C:\Programme\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe

--
End of file - 12322 bytes
Dieser Beitrag wurde am 13.01.2010 um 18:17 Uhr von Mr.Nice editiert.
Seitenanfang Seitenende
13.01.2010, 19:03
Member

Beiträge: 3716
#2 abarbeiten, logs posten:
http://board.protecus.de/t23188.htm
Seitenanfang Seitenende
13.01.2010, 20:49
Member

Themenstarter

Beiträge: 11
#3 wie erkenne ich das ich alles korrekt durchgeführt habe und mein system wieder voll funktionsfähig ist!?
Seitenanfang Seitenende
13.01.2010, 21:45
Member

Beiträge: 3716
#4 in dem du die logs postest.
Seitenanfang Seitenende
13.01.2010, 22:33
Member

Themenstarter

Beiträge: 11
#5 Sorry aber wie poste ich die logs genau.
es ist mir nicht richtig klar geworden bei
der erklärung.
Danke
Seitenanfang Seitenende
13.01.2010, 23:38
Moderator

Beiträge: 5694
#6 Wenn Du dies abarbeitest http://board.protecus.de/t23188.htm dann kommt am Ende nach den Punkten 3, 4, 5 und 6 jeweils ein Logfile. Dies wird jeweils im Editor angezeigt. Nun kopierst Du diesen Inhalt und fügst ihn hier hinein. Genau so wie oben das Hijackthis Logfile.
Seitenanfang Seitenende
14.01.2010, 00:44
Member

Themenstarter

Beiträge: 11
#7 Malwarebytes' Anti-Malware 1.44
Datenbank Version: 3556
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18865

13.01.2010 22:27:06
mbam-log-2010-01-13 (22-27-06).txt

Scan-Methode: Quick-Scan
Durchsuchte Objekte: 107471
Laufzeit: 10 minute(s), 57 second(s)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 3
Infizierte Registrierungswerte: 1
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 1

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_CURRENT_USER\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Live-Player (Malware.Trace) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ehrcmwh (Trojan.Agent.H) -> Quarantined and deleted successfully.

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
c:\Users\DerLange\AppData\Local\ehrcmwh.exe (Trojan.Agent.H) -> Delete on reboot.
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-01-14 00:35:02
Windows 6.0.6002 Service Pack 2
Running: fzncbdgm.exe; Driver: C:\Users\DerLange\AppData\Local\Temp\uwldipow.sys


---- System - GMER 1.0.15 ----

SSDT 917C6A28 ZwAlertResumeThread
SSDT 917C6B08 ZwAlertThread
SSDT 917C9500 ZwAllocateVirtualMemory
SSDT 91746CF8 ZwAlpcConnectPort
SSDT 917C6778 ZwCreateMutant
SSDT A45ACC5C ZwCreateThread
SSDT 917C63F8 ZwDebugActiveProcess
SSDT 917C9360 ZwFreeVirtualMemory
SSDT 917C6868 ZwImpersonateAnonymousToken
SSDT 917C6948 ZwImpersonateThread
SSDT 917C9280 ZwMapViewOfSection
SSDT 917C6698 ZwOpenEvent
SSDT A45ACC48 ZwOpenProcess
SSDT 917C95D0 ZwOpenProcessToken
SSDT 917C64D8 ZwOpenSection
SSDT A45ACC4D ZwOpenThread
SSDT 917C6FC0 ZwOpenThreadToken
SSDT 917AB400 ZwResumeThread
SSDT 917C6F00 ZwSetContextThread
SSDT 917C90F0 ZwSetInformationProcess
SSDT 917C6E10 ZwSetInformationThread
SSDT 917C65B8 ZwSuspendProcess
SSDT 917C6C50 ZwSuspendThread
SSDT A45ACC57 ZwTerminateProcess
SSDT 917C6D30 ZwTerminateThread
SSDT 917C91C0 ZwUnmapViewOfSection
SSDT 917C9430 ZwWriteVirtualMemory

INT 0x51 ? 90522550
INT 0x71 ? 905227D0
INT 0x81 ? 90522A50

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!KeSetEvent + 11D 824E1860 8 Bytes [28, 6A, 7C, 91, 08, 6B, 7C, ...] {SUB [EDX+0x7c], CH; XCHG ECX, EAX; OR [EBX+0x7c], CH; XCHG ECX, EAX}
.text ntkrnlpa.exe!KeSetEvent + 131 824E1874 4 Bytes [00, 95, 7C, 91]
.text ntkrnlpa.exe!KeSetEvent + 13D 824E1880 4 Bytes [F8, 6C, 74, 91] {CLC ; INSB ; JZ 0xffffffffffffff95}
.text ntkrnlpa.exe!KeSetEvent + 1F5 824E1938 4 Bytes [78, 67, 7C, 91] {JS 0x69; JL 0xffffffffffffff95}
.text ntkrnlpa.exe!KeSetEvent + 221 824E1964 4 Bytes [5C, CC, 5A, A4] {POP ESP; INT 3 ; POP EDX; MOVSB }
.text ...
.text C:\Windows\system32\DRIVERS\nvlddmkm.sys section is writeable [0x8F207340, 0x3EE587, 0xE8000020]
C:\Program Files\ASUS\AI TouchMedia\PlayMovie\000.fcl entry point in "" section [0xB153F41C]
.clc C:\Program Files\ASUS\AI TouchMedia\PlayMovie\000.fcl unknown last code section [0xB1540000, 0x1000, 0xE0000020]

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Windows\Explorer.EXE[616] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [73347817] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[616] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [7339A86D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[616] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [7334BB22] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[616] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [7333F695] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[616] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [733475E9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[616] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [7333E7CA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[616] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStreamICM] [73378395] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[616] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStream] [7334DA60] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[616] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [7333FFFA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[616] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [7333FF61] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[616] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [733371CF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[616] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFileICM] [733CCAE2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[616] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFile] [7336C8D8] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[616] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [7333D968] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[616] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [73336853] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[616] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [7333687E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[616] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [73342AD1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\system32\services.exe[704] @ C:\Windows\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW] 00130002
IAT C:\Windows\system32\services.exe[704] @ C:\Windows\system32\services.exe [KERNEL32.dll!CreateProcessW] 00130000

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice \Driver\tdx \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\tdx \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Dateisystem-Filter-Manager/Microsoft Corporation)

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\002243c18dc0
Reg HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Antivirus@Sources ?avas
Reg HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\002243c18dc0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\Eventlog\Antivirus@Sources ?avas

---- EOF - GMER 1.0.15 ----
Logfile of Trend Micro HijackThis v2.0.3 (BETA)
Scan saved at 00:41:02, on 14.01.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\AsGHost.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\ASUS\AI TouchMedia\AI TouchMedia\Kernel\CLML\CLMLSvc.exe
C:\Program Files\ASUS\AI TouchMedia\AI TouchMedia\PCMAgent.exe
C:\Program Files\ASUS\AI TouchMedia\PlayMovie\PMVService.exe
C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
C:\Windows\System32\rundll32.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Windows\AsScrPro.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10c.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2269050
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.qip.ru/search?query=%s&from=IE
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: DVDVideoSoft Toolbar - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\tbDVDV.dll
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: TBSB03968 - {AA61DE26-FA67-4575-9033-918671094293} - C:\Users\DerLange\AppData\Roaming\Toolbars\Toolbar fuer eBay\ebay.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\WidgiToolbarIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: ASUS Security Protect Manager - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItIEAddIn.dll
O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll
O2 - BHO: DVDVideoSoft Toolbar - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\tbDVDV.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll
O3 - Toolbar: Toolbar fuer eBay - {000E148C-F7A7-445A-9044-93BF6CE09ECB} - C:\Users\DerLange\AppData\Roaming\Toolbars\Toolbar fuer eBay\ebay.dll
O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\WidgiToolbarIE.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: DVDVideoSoft Toolbar - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\tbDVDV.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\ASUS\AI TouchMedia\AI TouchMedia\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [P2Go_Menu] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [PCMAgent] "C:\Program Files\ASUS\AI TouchMedia\AI TouchMedia\PCMAgent.exe"
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\ASUS\AI TouchMedia\PlayMovie\PMVService.exe"
O4 - HKLM\..\Run: [HControlUser] C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~1\ASUSSE~1\ASUSSE~1\Bin\ASTSVCC.dll,RegisterModule
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\pdfforge Toolbar\SearchSettings.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [LXDJCATS] rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\LXDJtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles
O4 - HKLM\..\Run: [NokiaMusic FastStart] "C:\Program Files\Nokia\Nokia Music\NokiaMusic.exe" /command:faststart
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [WEB.DE_WEB.DE MultiMessenger] "C:\Program Files\WEB.DE\WEB.DE MultiMessenger\MESSENGR.EXE" /hide
O4 - HKUS\S-1-5-18\..\RunOnce: [RealUpgradeHelper] "C:\Program Files\Common Files\Real\Update_OB\upgrdhlp.exe" "RealNetworks|RealPlayer|12.0" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [RealUpgradeHelper] "C:\Program Files\Common Files\Real\Update_OB\upgrdhlp.exe" "RealNetworks|RealPlayer|12.0" (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: TMMonitor.lnk = C:\Program Files\MSI\ArcSoft\TotalMedia\TMMonitor.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: ASUS Security Protect Manager e-Wallet - {1009C944-97D5-44A9-9E32-DFF54F498968} - C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASWallet.dll
O9 - Extra 'Tools' menuitem: ASUS Security Protect Manager e-&Wallet - {1009C944-97D5-44A9-9E32-DFF54F498968} - C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASWallet.dll
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: HP Intelligente Auswahl - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: APSHook.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Automatisches LiveUpdate - Scheduler (Automatic LiveUpdate Scheduler) - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: lxbc_device - - C:\Windows\system32\lxbccoms.exe
O23 - Service: lxdj_device - - C:\Windows\system32\lxdjcoms.exe
O23 - Service: Megatech-Software-Protection - Unknown owner - C:\Users\DerLange\MProtect\MPSERV.EXE
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
O23 - Service: TeamViewer 4 (TeamViewer4) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe
O23 - Service: TwonkyMedia - PacketVideo - C:\Program Files\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe

--
End of file - 14805 bytes
Seitenanfang Seitenende
14.01.2010, 00:47
Member

Themenstarter

Beiträge: 11
#8 Ich hoffe ich habe jetzt alles richtig gemacht. dies ist der lap top von mir wo ich den durchlauf vollzogen habe. als nächszes sende ich noch den vom tower.
dort aber ist das problem der stürzt schon immer ab.
naja wenn ich so weit bin kommt der als nächstes
danke
Seitenanfang Seitenende
14.01.2010, 00:55
Member

Themenstarter

Beiträge: 11
#9 2007 Microsoft Office system
32 Bit HP CIO Components Installer
7-Zip 4.65
Activation Assistant for the 2007 Microsoft Office suites
Adobe AIR
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Media Player
Adobe Media Player
Adobe Reader 9.1 - Deutsch
Adobe Shockwave Player 11.5
Agere Systems HDA Modem
AI TouchMedia
AI TouchMedia
Any DVD Converter Professional 3.7.5
AnyDVD
AppCore
ArcSoft TotalMedia 3
ASUS CopyProtect
ASUS LifeFrame3
ASUS Live Update
ASUS Power4Gear eXtreme
ASUS Security Protect Manager
ASUS SmartLogon
ASUS Splendid Video Enhancement Technology
ASUS Virtual Camera
ATK Generic Function Service
ATK Hotkey
ATK Media
ATKOSD2
AuthenTec Fingerprint Sensor Minimum Install
avast! Free Antivirus
Avira AntiVir Personal - Free Antivirus
ccCommon
Choice Guard
Component Framework
concept/design Hit-Recorder 3
concept/design onlineTV 5
CyberLink LabelPrint
CyberLink Power2Go
CyberLink Power2Go
DHTML Editing Component
DivX Plus Web Player
Dolby Control Center
DVD Shrink 3.2
DVD X Rescue
DVDVideoSoft Toolbar
DVDXCopy Platinum 3.2.1
Express Gate
Favorit
Free Audio CD Burner version 1.2
Free YouTube to MP3 Converter version 3.2
Google Earth
Google Update Helper
Google Updater
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Customer Participation Program 10.0
HP Document Manager 1.0
HP Imaging Device Functions 10.0
HP Officejet J4500 Series
HP Smart Web Printing
HP Solution Center 10.0
HP Update
ICQ Toolbar
ICQ6.5
InterVideo WinDVD 8
IsoBuster 2.5
ITECIR
Java(TM) 6 Update 15
JDownloader
Lexmark Z500-Z600 Series
LightScribe System Software 1.14.17.1
LiveUpdate (Symantec Corporation)
LiveUpdate (Symantec Corporation)
M50_screensaver
Malwarebytes' Anti-Malware
maxdome - Online Videothek Version 3.0.0
Meine Software
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB953297)
Microsoft .NET Framework 3.5 Language Pack SP1 - deu
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft Office 2003 Web Components
Microsoft Office 2007 Primary Interop Assemblies
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (Dutch) 2007
Microsoft Office Access MUI (English) 2007
Microsoft Office Access MUI (French) 2007
Microsoft Office Access MUI (German) 2007
Microsoft Office Access MUI (Italian) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel 2007 Help - Aggiornamento (KB963678)
Microsoft Office Excel MUI (Dutch) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Excel MUI (French) 2007
Microsoft Office Excel MUI (German) 2007
Microsoft Office Excel MUI (Italian) 2007
Microsoft Office Home and Student 2007
Microsoft Office Home and Student 2007
Microsoft Office Live Add-in 1.4
Microsoft Office OneNote MUI (German) 2007
Microsoft Office Outlook 2007 Help - Aggiornamento (KB963677)
Microsoft Office Outlook MUI (Dutch) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office Outlook MUI (French) 2007
Microsoft Office Outlook MUI (German) 2007
Microsoft Office Outlook MUI (Italian) 2007
Microsoft Office Outlook-Minianwendungen für Windows SideShow
Microsoft Office Powerpoint 2007 Help - Aggiornamento (KB963669)
Microsoft Office PowerPoint MUI (Dutch) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint MUI (French) 2007
Microsoft Office PowerPoint MUI (German) 2007
Microsoft Office PowerPoint MUI (Italian) 2007
Microsoft Office Professional 2007
Microsoft Office Professional 2007-Testversion
Microsoft Office Professional Hybrid 2007
Microsoft Office Proof (Arabic) 2007
Microsoft Office Proof (Dutch) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (German) 2007
Microsoft Office Proof (Italian) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (Dutch) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing (French) 2007
Microsoft Office Proofing (German) 2007
Microsoft Office Proofing (Italian) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (Dutch) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Publisher MUI (French) 2007
Microsoft Office Publisher MUI (German) 2007
Microsoft Office Publisher MUI (Italian) 2007
Microsoft Office Shared MUI (Dutch) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared MUI (French) 2007
Microsoft Office Shared MUI (German) 2007
Microsoft Office Shared MUI (Italian) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Small Business Connectivity Components
Microsoft Office Word 2007 Help - Aggiornamento (KB963665)
Microsoft Office Word MUI (Dutch) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Office Word MUI (French) 2007
Microsoft Office Word MUI (German) 2007
Microsoft Office Word MUI (Italian) 2007
Microsoft Silverlight
Microsoft SQL Server Native Client
Microsoft SQL Server VSS Writer
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Mise à jour Microsoft Office Excel 2007 Help (KB963678)
Mise à jour Microsoft Office Outlook 2007 Help (KB963677)
Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669)
Mise à jour Microsoft Office Word 2007 Help (KB963665)
Mozilla Firefox (3.5.7)
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
NB Probe
Nokia Connectivity Cable Driver
Nokia Home Media Server
Nokia Map Loader
Nokia Multimedia Common Components 2.4
Nokia Music
Nokia Ovi Application Installer
Nokia Ovi Application Installer 6.85.3011
Nokia Ovi Content Copier
Nokia Ovi Content Copier 6.85.3011
Nokia Ovi One Touch Access
Nokia Ovi One Touch Access 6.85.3019
Nokia Ovi Suite
Nokia Ovi System Utilities
Nokia Ovi System Utilities 6.85.3018
Nokia Photos
Nokia Software Updater
Norton AntiVirus
Norton AntiVirus Help
Norton Confidential Core
Norton Internet Security
Norton Internet Security
Norton Internet Security (Symantec Corporation)
Norton Protection Center
Norton Security Scan
NVIDIA Drivers
OCR Software by I.R.I.S. 10.0
PC Connectivity Solution
PDFCreator
pdfforge Toolbar v1.0<< Entfernen !!
Phase 5 HTML-Editor
RealPlayer
Realtek 8169, 8168, 8101E and 8102E Ethernet Network Card Driver for Windows Vista
Realtek High Definition Audio Driver
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.55.03
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB973704)
Security Update for 2007 Microsoft Office System (KB973704)
Security Update for 2007 Microsoft Office System (KB973704)
Security Update for Microsoft Office Excel 2007 (KB973593)
Security Update for Microsoft Office Excel 2007 (KB973593)
Security Update for Microsoft Office Excel 2007 (KB973593)
Security Update for Microsoft Office Outlook 2007 (KB972363)
Security Update for Microsoft Office Outlook 2007 (KB972363)
Security Update for Microsoft Office PowerPoint 2007 (KB957789)
Security Update for Microsoft Office PowerPoint 2007 (KB957789)
Security Update for Microsoft Office PowerPoint 2007 (KB957789)
Security Update for Microsoft Office Publisher 2007 (KB969693)
Security Update for Microsoft Office Publisher 2007 (KB969693)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB969613)
Security Update for Microsoft Office system 2007 (KB969613)
Security Update for Microsoft Office system 2007 (KB969613)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Shop for HP Supplies
Skype web features
Skype™ 4.1
SopCast 3.2.4
SPBBC 32bit
Symantec Real Time Storage Protection Component
Synaptics Pointing Device Driver
TeamViewer 4
T-Online 6.0
T-Online WLAN-Access Finder
Toolbar fuer eBay
Total Commander (Remove or Repair)
TVAnts 1.0
TwonkyMedia
Uninstall 1.0.0.1
Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)
Update for 2007 Microsoft Office System (KB967642)
Update for 2007 Microsoft Office System (KB967642)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office InfoPath 2007 (KB976416)
Update for Microsoft Office InfoPath 2007 (KB976416)
Update for Microsoft Office InfoPath 2007 (KB976416)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 (KB974561)
Update for Microsoft Office Word 2007 (KB974561)
Update for Microsoft Office Word 2007 (KB974561)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (kb977839)
Update for Outlook 2007 Junk Email Filter (kb977839)
Update für Microsoft Office Excel 2007 Help (KB963678)
Update für Microsoft Office Outlook 2007 Help (KB963677)
Update für Microsoft Office Powerpoint 2007 Help (KB963669)
Update für Microsoft Office Word 2007 Help (KB963665)
Update voor Microsoft Office Excel 2007 Help (KB963678)
Update voor Microsoft Office Powerpoint 2007 Help (KB963669)
Update voor Microsoft Office Word 2007 Help (KB963665)
USB2.0 UVC 1.3M WebCam
VC80CRTRedist - 8.0.50727.4053
Vista Codec Package
VLC media player 0.9.9
WEB.DE MultiMessenger
web'n'walk Manager
WIDCOMM Bluetooth Software
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live ID-Anmelde-Assistent
Windows Live Messenger
Windows Live-Uploadtool
Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0)
WinFlash
WinRAR
Wireless Console 2
YAVIDO
Zattoo 3.3.4 Beta

[b]Habe punkt 6 hier extra gepakt!!!!!!!!!!![/b]
Seitenanfang Seitenende
14.01.2010, 11:12
Member

Beiträge: 3716
#10 bitte nur einen pc pro thread.
ich sehe 3 antivirenprogramme, deinstaliere 2
mach dann weiter mit combofix.
berichte wie der pc danach läuft
Seitenanfang Seitenende
15.01.2010, 08:47
Member

Themenstarter

Beiträge: 11
#11 omboFix 10-01-13.0C - DerLange 14.01.2010 18:40:52.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.49.1031.18.3070.1908 [GMT 1:00]
ausgeführt von:: c:\users\DerLange\Desktop\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
ADS - Windows: deleted 24 bytes in 1 streams.

(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\pdfforge Toolbar\SearchSettings.dll
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\TMMonitor.lnk
c:\users\DerLange\AppData\Local\ehrcmwh.dat
c:\users\DerLange\AppData\Local\ehrcmwh_nav.dat
c:\users\DerLange\AppData\Local\ehrcmwh_navps.dat
c:\users\DerLange\AppData\Roaming\Desktopicon
c:\users\DerLange\AppData\Roaming\Desktopicon\eBayShortcuts.exe

.
((((((((((((((((((((((( Dateien erstellt von 2009-12-14 bis 2010-01-14 ))))))))))))))))))))))))))))))
.

2010-01-14 17:52 . 2010-01-14 18:07 -------- d-----w- c:\users\DerLange\AppData\Local\temp
2010-01-14 17:52 . 2010-01-14 17:52 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-01-13 23:38 . 2010-01-13 23:38 388096 ----a-r- c:\users\DerLange\AppData\Roaming\Microsoft\Installer\{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}\HiJackThis.exe
2010-01-13 23:38 . 2010-01-13 23:38 -------- d-----w- c:\program files\TrendMicro
2010-01-13 21:12 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-13 21:12 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-13 20:01 . 2010-01-13 20:01 -------- d-----w- c:\users\DerLange\AppData\Roaming\Malwarebytes
2010-01-13 20:01 . 2010-01-13 20:01 -------- d-----w- c:\programdata\Malwarebytes
2010-01-13 20:01 . 2010-01-13 21:26 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-01-13 15:20 . 2009-11-25 10:19 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2010-01-13 15:20 . 2009-03-30 08:33 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys
2010-01-13 15:19 . 2010-01-13 15:19 -------- d-----w- c:\programdata\Avira
2010-01-13 15:19 . 2010-01-13 15:19 -------- d-----w- c:\program files\Avira
2010-01-13 14:58 . 2009-10-19 13:38 156672 ----a-w- c:\windows\system32\t2embed.dll
2010-01-13 14:58 . 2009-10-19 13:35 72704 ----a-w- c:\windows\system32\fontsub.dll
2010-01-13 11:19 . 2010-01-13 11:19 1273592 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2010-01-11 12:23 . 2010-01-11 12:23 -------- d-----w- c:\programdata\LightScribe
2010-01-07 21:56 . 2010-01-07 21:56 -------- d-----w- c:\users\DerLange\AppData\Roaming\VistaCodecs
2010-01-07 21:55 . 2010-01-07 21:56 -------- d-----w- c:\programdata\VistaCodecs
2010-01-07 21:54 . 2010-01-07 21:54 -------- d-----w- c:\program files\JDownloader
2010-01-07 21:53 . 2010-01-07 21:53 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-01-07 21:53 . 2010-01-07 21:53 -------- d-----w- c:\program files\Java
2010-01-07 21:47 . 2010-01-07 21:47 -------- d-----w- c:\program files\7-Zip
2010-01-07 21:34 . 2010-01-07 21:22 38784 ----a-w- c:\users\DerLange\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-01-07 21:34 . 2010-01-07 21:34 -------- d-----w- c:\program files\Adobe Media Player
2010-01-07 21:34 . 2010-01-07 21:22 38784 ----a-w- c:\users\Default\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-01-07 21:34 . 2010-01-07 21:34 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-01-04 07:47 . 2010-01-04 07:47 -------- d-----w- c:\program files\DivX
2010-01-04 07:47 . 2010-01-04 07:47 -------- d-----w- c:\program files\Common Files\DivX Shared
2009-12-30 12:18 . 2009-12-30 12:22 -------- d-----w- c:\users\DerLange\AppData\Roaming\HP
2009-12-30 12:18 . 2009-12-30 12:18 -------- d-----w- c:\users\DerLange\AppData\Local\HP
2009-12-30 12:13 . 2010-01-13 21:01 -------- d-----w- c:\programdata\HP Product Assistant
2009-12-30 12:11 . 2009-12-30 12:11 -------- d-----w- c:\program files\Common Files\HP
2009-12-30 12:11 . 2009-12-30 12:11 -------- d-----w- c:\program files\Common Files\Hewlett-Packard
2009-12-30 12:11 . 2009-12-30 12:11 -------- d-----w- c:\program files\Hewlett-Packard
2009-12-30 12:10 . 2008-12-16 13:56 10567 ----a-r- c:\windows\hpwscr19.dat
2009-12-30 12:10 . 2007-11-06 10:15 1140056 ----a-r- c:\windows\hpzmsi01.exe
2009-12-30 12:10 . 2007-11-06 10:04 1373528 ----a-r- c:\windows\hpzshl01.exe
2009-12-30 12:10 . 2009-12-30 12:10 -------- d-----w- c:\windows\yellowtail
2009-12-30 12:09 . 2009-12-30 12:13 -------- d-----w- c:\program files\HP
2009-12-30 12:05 . 2009-12-30 12:20 202477 ----a-w- c:\windows\hpwins19.dat
2009-12-30 12:05 . 2009-12-30 12:05 -------- d-----w- c:\programdata\Hewlett-Packard
2009-12-30 12:05 . 2007-11-05 18:06 278016 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\hpzpp5mu.dll
2009-12-30 12:04 . 2007-10-30 18:35 729088 ----a-w- c:\windows\system32\hpwwiax4.dll
2009-12-30 12:04 . 2007-10-30 18:35 593920 ----a-w- c:\windows\system32\hpwtscl3.dll
2009-12-30 12:04 . 2007-01-17 00:31 294912 ----a-w- c:\windows\system32\hpovst11.dll
2009-12-30 12:04 . 2007-11-06 10:10 271704 ----a-w- c:\windows\system32\hpzids01.dll
2009-12-30 12:04 . 2007-11-05 18:07 118272 ----a-w- c:\windows\system32\hpz3l5mu.dll
2009-12-30 12:02 . 2007-01-17 00:37 364544 ----a-w- c:\windows\system32\hppldcoi.dll
2009-12-30 12:02 . 2007-01-17 00:37 309760 ----a-w- c:\windows\system32\difxapi.dll
2009-12-30 12:00 . 2009-12-30 12:18 -------- d-----w- c:\programdata\HP

.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-14 18:07 . 2009-06-25 11:13 45056 ----a-w- c:\windows\system32\acovcnt.exe
2010-01-14 17:53 . 2008-10-30 09:25 12 ----a-w- c:\windows\bthservsdp.dat
2010-01-14 17:51 . 2009-06-26 23:53 -------- d-----w- c:\program files\pdfforge Toolbar
2010-01-14 17:02 . 2008-10-30 08:33 -------- d-----w- c:\program files\Common Files\Symantec Shared
2010-01-14 16:57 . 2008-10-30 08:33 -------- d-----w- c:\programdata\Symantec
2010-01-14 07:37 . 2009-12-07 18:08 -------- d-----w- c:\programdata\Alwil Software
2010-01-13 21:06 . 2009-08-29 14:31 93 ----a-w- c:\users\DerLange\AppData\Local\ddutl.bat
2010-01-13 21:01 . 2008-10-30 10:37 -------- d-----w- c:\programdata\P4G
2010-01-13 20:58 . 2009-08-09 12:07 8268 ----a-w- c:\users\DerLange\AppData\Local\d3d9caps.dat
2010-01-13 15:10 . 2008-10-30 08:18 -------- d-----w- c:\programdata\Microsoft Help
2010-01-13 15:07 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-01-11 14:11 . 2010-01-11 14:10 84 ---ha-w- c:\programdata\aspg.dat
2010-01-11 13:35 . 2009-09-01 09:00 -------- d-----w- c:\programdata\maxdome
2010-01-07 23:12 . 2009-12-07 18:46 -------- d-----w- c:\program files\DVDVideoSoft
2010-01-07 23:11 . 2009-12-07 18:46 -------- d-----w- c:\program files\Common Files\DVDVideoSoft
2010-01-02 19:18 . 2008-04-16 11:11 676118 ----a-w- c:\windows\system32\perfh007.dat
2010-01-02 19:18 . 2008-04-16 11:11 147024 ----a-w- c:\windows\system32\perfc007.dat
2010-01-01 15:42 . 2009-06-26 08:10 -------- d-----w- c:\program files\Lx_cats
2009-12-27 18:16 . 2009-08-06 20:33 -------- d-----w- c:\program files\Google
2009-12-25 18:00 . 2009-06-26 19:05 -------- d-----w- c:\users\DerLange\AppData\Roaming\Skype
2009-12-25 15:02 . 2009-06-26 19:08 -------- d-----w- c:\users\DerLange\AppData\Roaming\skypePM
2009-12-23 17:34 . 2009-06-28 22:12 159644 ----a-w- c:\programdata\nvModes.dat
2009-12-17 08:18 . 2009-08-26 07:19 -------- d-----w- c:\programdata\Norton
2009-12-10 20:54 . 2009-12-10 20:54 -------- d-----w- c:\program files\Windows SideShow
2009-12-10 17:58 . 2009-12-10 17:58 -------- d-----w- c:\users\DerLange\AppData\Roaming\Vodafone
2009-12-10 17:58 . 2009-12-10 17:58 -------- d-----w- c:\programdata\InstallShield
2009-12-10 17:56 . 2009-12-10 17:56 -------- d-----w- c:\programdata\Vodafone
2009-12-10 17:56 . 2008-10-30 08:31 -------- d-----w- c:\program files\Common Files\InstallShield
2009-12-07 19:18 . 2009-12-07 19:17 -------- d-----w- c:\program files\Common Files\Adobe
2009-12-07 19:10 . 2009-08-06 20:34 -------- d-----w- c:\program files\Common Files\Real
2009-12-07 19:09 . 2006-07-11 16:35 348160 ----a-w- c:\windows\system32\msvcr71.dll
2009-12-07 19:08 . 2009-12-07 18:00 -------- d-----w- c:\programdata\Google Updater
2009-12-07 18:46 . 2009-12-07 18:46 -------- d-----w- c:\program files\Conduit
2009-12-07 18:46 . 2009-12-07 18:46 52224 ----a-w- c:\users\DerLange\AppData\Roaming\Mozilla\Firefox\Profiles\9w9shs4f.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}\components\FFExternalAlert.dll
2009-12-07 18:46 . 2009-12-07 18:46 114688 ----a-w- c:\users\DerLange\AppData\Roaming\Mozilla\Firefox\Profiles\9w9shs4f.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}\components\npmozax.dll
2009-12-07 18:45 . 2009-06-29 22:08 -------- d-----w- c:\program files\xp-AntiSpy
2009-12-07 18:08 . 2009-12-07 18:08 -------- d-----w- c:\program files\Alwil Software
2009-11-30 17:51 . 2009-11-30 17:51 -------- d-----w- c:\users\DerLange\AppData\Roaming\U3
2009-11-29 15:28 . 2009-11-29 15:28 -------- d-----w- c:\program files\TVAnts
2009-11-23 14:45 . 2009-08-25 23:06 -------- d-----w- c:\program files\SopCast
2009-11-23 13:34 . 2009-08-03 15:09 73728 ----a-w- c:\programdata\T-Home\MeineSoftware\updater\nfs.corestorage.dll
2009-11-23 13:34 . 2009-08-03 15:09 171152 ----a-w- c:\programdata\T-Home\MeineSoftware\updater\meinesoftwareupdate.exe
2009-11-21 06:40 . 2009-12-10 18:00 916480 ----a-w- c:\windows\system32\wininet.dll
2009-11-21 06:34 . 2009-12-10 17:59 109056 ----a-w- c:\windows\system32\iesysprep.dll
2009-11-21 06:34 . 2009-12-10 17:59 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-11-21 04:59 . 2009-12-10 17:59 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-11-16 22:07 . 2009-11-16 22:07 -------- d-----w- c:\users\DerLange\AppData\Roaming\PC Suite
2009-11-09 12:31 . 2009-12-12 20:55 24064 ----a-w- c:\windows\system32\nshhttp.dll
2009-11-09 12:30 . 2009-12-12 20:55 30720 ----a-w- c:\windows\system32\httpapi.dll
2009-11-09 10:36 . 2009-12-12 20:55 411648 ----a-w- c:\windows\system32\drivers\http.sys
2009-11-04 11:50 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-11-02 19:42 . 2009-11-23 20:50 195456 ------w- c:\windows\system32\MpSigStub.exe
2009-10-29 09:17 . 2009-11-26 11:08 2048 ----a-w- c:\windows\system32\tzres.dll
2008-07-02 02:28 . 2008-07-02 02:28 61440 ----a-w- c:\program files\Common Files\CPInstallAction.dll
2008-05-22 16:35 . 2008-05-22 16:35 51962 ----a-w- c:\program files\Common Files\banner.jpg
2007-06-12 17:34 . 2007-06-12 17:34 35822 ----a-w- c:\program files\Common Files\ASPG_icon.ico
.

(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}"= "c:\program files\DVDVideoSoft\tbDVDV.dll" [2009-11-09 2331672]

[HKEY_CLASSES_ROOT\clsid\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{AA61DE26-FA67-4575-9033-918671094293}]
2008-08-14 13:57 2484224 ----a-w- c:\users\DerLange\AppData\Roaming\Toolbars\Toolbar fuer eBay\ebay.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}]
2009-05-04 14:32 650752 ----a-w- c:\program files\pdfforge Toolbar\WidgiToolbarIE.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}]
2009-11-09 17:38 2331672 ----a-w- c:\program files\DVDVideoSoft\tbDVDV.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{000E148C-F7A7-445A-9044-93BF6CE09ECB}"= "c:\users\DerLange\AppData\Roaming\Toolbars\Toolbar fuer eBay\ebay.dll" [2008-08-14 2484224]
"{B922D405-6D13-4A2B-AE89-08A030DA4402}"= "c:\program files\pdfforge Toolbar\WidgiToolbarIE.dll" [2009-05-04 650752]
"{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}"= "c:\program files\DVDVideoSoft\tbDVDV.dll" [2009-11-09 2331672]

[HKEY_CLASSES_ROOT\clsid\{000e148c-f7a7-445a-9044-93bf6ce09ecb}]
[HKEY_CLASSES_ROOT\TBSB03968.TBSB03968.3]
[HKEY_CLASSES_ROOT\TypeLib\{77AA25E8-6083-4949-A831-9CB11861DC10}]
[HKEY_CLASSES_ROOT\TBSB03968.TBSB03968]

[HKEY_CLASSES_ROOT\clsid\{b922d405-6d13-4a2b-ae89-08a030da4402}]

[HKEY_CLASSES_ROOT\clsid\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{000E148C-F7A7-445A-9044-93BF6CE09ECB}"= "c:\users\DerLange\AppData\Roaming\Toolbars\Toolbar fuer eBay\ebay.dll" [2008-08-14 2484224]
"{E9911EC6-1BCC-40B0-9993-E0EEA7F6953F}"= "c:\program files\DVDVideoSoft\tbDVDV.dll" [2009-11-09 2331672]

[HKEY_CLASSES_ROOT\clsid\{000e148c-f7a7-445a-9044-93bf6ce09ecb}]
[HKEY_CLASSES_ROOT\TBSB03968.TBSB03968.3]
[HKEY_CLASSES_ROOT\TypeLib\{77AA25E8-6083-4949-A831-9CB11861DC10}]
[HKEY_CLASSES_ROOT\TBSB03968.TBSB03968]

[HKEY_CLASSES_ROOT\clsid\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]
"WEB.DE_WEB.DE MultiMessenger"="c:\program files\WEB.DE\WEB.DE MultiMessenger\MESSENGR.EXE" [2009-04-17 4920752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"CLMLServer"="c:\program files\ASUS\AI TouchMedia\AI TouchMedia\Kernel\CLML\CLMLSvc.exe" [2008-06-12 196608]
"P2Go_Menu"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-06-14 210216]
"PCMAgent"="c:\program files\ASUS\AI TouchMedia\AI TouchMedia\PCMAgent.exe" [2008-06-12 212992]
"PlayMovie"="c:\program files\ASUS\AI TouchMedia\PlayMovie\PMVService.exe" [2008-05-20 172032]
"HControlUser"="c:\program files\ASUS\ATK Hotkey\HControlUser.exe" [2008-01-12 98304]
"ATKOSD2"="c:\program files\ASUS\ATKOSD2\ATKOSD2.exe" [2008-07-15 7651328]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-07-25 13548064]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-07-25 92704]
"RtHDVCpl"="RtHDVCpl.exe" [2008-06-13 6183456]
"CognizanceTS"="c:\progra~1\ASUSSE~1\ASUSSE~1\Bin\ASTSVCC.dll" [2003-12-22 17920]
"ATKMEDIA"="c:\program files\ASUS\ATK Media\DMedia.exe" [2008-08-19 159744]
"ASUS Screen Saver Protector"="c:\windows\AsScrPro.exe" [2008-10-30 3054136]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-07-03 1328424]
"SearchSettings"="c:\program files\pdfforge Toolbar\SearchSettings.exe" [2009-03-30 970240]
"Skytel"="Skytel.exe" [2007-11-20 1826816]
"LXDJCATS"="c:\windows\system32\spool\DRIVERS\W32X86\3\LXDJtime.dll" [2007-02-09 102400]
"NokiaMusic FastStart"="c:\program files\Nokia\Nokia Music\NokiaMusic.exe" [2009-07-22 2331936]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-12-07 198160]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-10-14 49152]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-01-07 1394000]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RealUpgradeHelper"="c:\program files\Common Files\Real\Update_OB\upgrdhlp.exe" [2009-12-07 136744]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\APSHook.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):81,18,67,74,e3,18,ca,01

R0 lullaby;lullaby;c:\windows\System32\drivers\lullaby.sys [30.10.2008 11:35 15416]
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\ASUS\AI TouchMedia\PlayMovie\000.fcl [30.10.2008 10:17 61424]
R2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [13.01.2010 16:20 108289]
R2 ASBroker;Logon Session Broker;c:\windows\System32\svchost.exe -k Cognizance [21.01.2008 03:23 21504]
R2 ASChannel;Local Communication Channel;c:\windows\System32\svchost.exe -k Cognizance [21.01.2008 03:23 21504]
R2 lxbc_device;lxbc_device;c:\windows\system32\lxbccoms.exe -service --> c:\windows\system32\lxbccoms.exe -service [?]
R2 Megatech-Software-Protection;Megatech-Software-Protection;c:\users\DerLange\MProtect\MPServ.exe [26.06.2009 14:59 36864]
R2 regi;regi;c:\windows\System32\drivers\regi.sys [17.04.2007 19:09 11032]
R2 TeamViewer4;TeamViewer 4;c:\program files\TeamViewer\Version4\TeamViewer_Service.exe [25.06.2009 08:22 185640]
R3 itecir;ITECIR Infrared Receiver;c:\windows\System32\drivers\itecir.sys [30.10.2008 11:11 54784]
R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\System32\drivers\NETw5v32.sys [25.06.2008 23:30 3662848]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\System32\drivers\nvhda32v.sys [25.06.2008 06:05 44064]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [07.12.2009 19:03 133104]
S2 TwonkyMedia;TwonkyMedia;c:\program files\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe -serviceversion 0 --> c:\program files\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe -serviceversion 0 [?]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\System32\drivers\btwl2cap.sys [30.10.2008 11:16 29736]
S3 FontCache;Windows-Dienst für Schriftartencache;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [21.01.2008 03:23 21504]
S3 MTOnlPktAlyX;MTOnlPktAlyX NDIS Protocol Driver;c:\progra~1\T-Online\T-ONLI~1\BASIS-~1\Basis1\MTOnlPktAlyX.SYS [03.08.2009 16:10 17536]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
Cognizance REG_MULTI_SZ ASBroker ASChannel
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-06-09 17:14 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Inhalt des "geplante Tasks" Ordners

2010-01-14 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-12-07 18:00]

2010-01-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-07 18:02]

2010-01-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-07 18:02]

2010-01-13 c:\windows\Tasks\User_Feed_Synchronization-{7BFD0253-E8D7-4290-BE2B-E726126647E0}.job
- c:\windows\system32\msfeedssync.exe [2009-12-10 04:59]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2269050
uDefault_Search_URL = hxxp://search.qip.ru
uSearchAssistant = hxxp://search.qip.ru
uSearchURL,(Default) = hxxp://search.qip.ru/search?query=%s&from=IE
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\users\DerLange\AppData\Roaming\Mozilla\Firefox\Profiles\9w9shs4f.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT2269050&SearchSource=13
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=2&q=
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1739.5352\npCIDetect13.dll
FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-14 19:08
Windows 6.0.6002 Service Pack 2 NTFS

Scanne versteckte Prozesse...

Scanne versteckte Autostarteinträge...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
LXDJCATS = rundll32 c:\windows\system32\spool\DRIVERS\W32X86\3\LXDJtime.dll,_RunDLLEntry@16???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????

Scanne versteckte Dateien...

Scan erfolgreich abgeschlossen
versteckte Dateien: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}]
"ImagePath"="\??\c:\program files\ASUS\AI TouchMedia\PlayMovie\000.fcl"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------

- - - - - - - > 'Explorer.exe'(3468)
c:\windows\system32\APSHook.dll
c:\program files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItClient.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\ASUS\ATK Hotkey\ASLDRSrv.exe
c:\program files\ATKGFNEX\GFNEXSrv.exe
c:\windows\system32\rundll32.exe
c:\windows\system32\agrsmsvc.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\program files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
c:\program files\Google\Update\1.2.183.13\GoogleCrashHandler.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\windows\system32\lxbccoms.exe
c:\windows\system32\lxdjcoms.exe
c:\program files\ASUS\NB Probe\SPM\spmgr.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\ASUS Security Center\ASUS Security Protect Manager\Bin\AsGHost.exe
c:\program files\ASUS\SmartLogon\sensorsrv.exe
c:\program files\ASUS\ATK Hotkey\MsgTranAgt.exe
c:\program files\ASUS\ATK Hotkey\HControl.exe
c:\program files\Wireless Console 2\wcourier.exe
c:\program files\ASUS\ASUS CopyProtect\aspg.exe
c:\program files\P4G\BatteryLife.exe
c:\program files\ASUS\Splendid\ACMON.exe
c:\windows\System32\ACEngSvr.exe
c:\program files\ASUS\ATK Hotkey\ATKOSD.exe
c:\windows\system32\conime.exe
c:\program files\ASUS\ATK Hotkey\KBFiltr.exe
c:\program files\ASUS\ATK Hotkey\WDC.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2010-01-14 19:13:18 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2010-01-14 18:13

Vor Suchlauf: 10 Verzeichnis(se), 122.187.350.016 Bytes frei
Nach Suchlauf: 17 Verzeichnis(se), 122.827.399.168 Bytes frei

- - End Of File - - 12C29C9F3D495AC654832A84EBAC09F8
Seitenanfang Seitenende
15.01.2010, 08:52
Member

Themenstarter

Beiträge: 11
#12 Ich habe nun avast und Norten Security deinstaliert. Sowie die Pfade gelöscht die mir Antivir im Bericht angezeigt hat.Auf "C"
Hoffe das es wieder gut aussieht. Rechner zeigt bis jetzt nichts neues an, an Funden.
Danke schonmal im voraus.
Seitenanfang Seitenende
15.01.2010, 08:53
Member

Themenstarter

Beiträge: 11
#13 wie sollte ich nun vorgehen um mein system zu sichern????
Seitenanfang Seitenende
15.01.2010, 09:11
Member

Themenstarter

Beiträge: 11
#14 Habe parallel meinen Tower bearbeitet und die log files geben ich im anhang dazu.
Habe wie gehabt avast gelöscht und die pfade auf "c" gelöscht die mir antivir gemeldet hat.
wie ist die einschätzung dort sowie ist alles OK wären meine fragen.
Desweiteren wie schütze ich da mein system Seit gestern läuft er eigentlich wieder normal.
Seitenanfang Seitenende
15.01.2010, 09:12
Member

Themenstarter

Beiträge: 11
#15 Malwarebytes' Anti-Malware 1.44
Datenbank Version: 3556
Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

13.01.2010 23:55:05
mbam-log-2010-01-13 (23-55-05).txt

Scan-Methode: Quick-Scan
Durchsuchte Objekte: 123721
Laufzeit: 3 minute(s), 30 second(s)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)





Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:12:05, on 14.01.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Avira\AntiVir Desktop\sched.exe
C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACService.exe
C:\Programme\Avira\AntiVir Desktop\avguard.exe
C:\Programme\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\lxdjcoms.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Programme\Gemeinsame Dateien\Pure Networks Shared\Platform\nmsrvc.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programme\Gemeinsame Dateien\Pure Networks Shared\Platform\nmctxth.exe
C:\Programme\Linksys\Linksys Wireless Manager\LinksysWirelessManager.exe
C:\Programme\Avira\AntiVir Desktop\avgnt.exe
C:\Programme\Lexmark 1400 Series\lxdjamon.exe
C:\Programme\HP\HP Software Update\HPWuSchd2.exe
C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\ALCFDRTM.EXE
C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe
C:\Programme\Windows Desktop Search\WindowsSearch.exe
C:\Programme\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Programme\HP\Digital Imaging\bin\hpqbam08.exe
C:\Programme\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Programme\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\SearchProtocolHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com/?SearchSource=10&ctid=CT1700389
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = 91.4.109.105
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Programme\pdfforge Toolbar\SearchSettings.dll (file missing)
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: DVDVideoSoft Toolbar - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Programme\DVDVideoSoft\tbDVDV.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: IsoBuster Toolbar - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - C:\Programme\IsoBuster\tbIsoB.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Programme\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Programme\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: IsoBuster Toolbar - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - C:\Programme\IsoBuster\tbIsoB.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\pdfforgeToolbarIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll
O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Programme\pdfforge Toolbar\SearchSettings.dll (file missing)
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: DVDVideoSoft Toolbar - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Programme\DVDVideoSoft\tbDVDV.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Programme\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\pdfforgeToolbarIE.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: DVDVideoSoft Toolbar - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Programme\DVDVideoSoft\tbDVDV.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: IsoBuster Toolbar - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - C:\Programme\IsoBuster\tbIsoB.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [nwiz] C:\Programme\NVIDIA Corporation\nView\nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Programme\Gemeinsame Dateien\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SearchSettings] C:\Programme\pdfforge Toolbar\SearchSettings.exe
O4 - HKLM\..\Run: [nmctxth] "C:\Programme\Gemeinsame Dateien\Pure Networks Shared\Platform\nmctxth.exe"
O4 - HKLM\..\Run: [Linksys Wireless Manager] "C:\Programme\Linksys\Linksys Wireless Manager\LinksysWirelessManager.exe" /cm /min /lcid 1031
O4 - HKLM\..\Run: [avgnt] "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [lxdjamon] "C:\Programme\Lexmark 1400 Series\lxdjamon.exe"
O4 - HKLM\..\Run: [LXDJCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXDJtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [HP Software Update] C:\Programme\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Programme\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Programme\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [swg] C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WEB.DE_WEB.DE MultiMessenger] "C:\Programme\WEB.DE\WEB.DE MultiMessenger\MESSENGR.EXE" /hide
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: TMMonitor.lnk = C:\Programme\ArcSoft\TotalMedia 3.5\TMMonitor.exe
O4 - Global Startup: Windows Search.lnk = C:\Programme\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Programme\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Programme\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Programme\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: HP Intelligente Auswahl - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Programme\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft - C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. - C:\Programme\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Programme\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe
O23 - Service: lxdj_device - - C:\WINDOWS\system32\lxdjcoms.exe
O23 - Service: Pure Networks Platform Service (nmservice) - Cisco Systems, Inc. - C:\Programme\Gemeinsame Dateien\Pure Networks Shared\Platform\nmsrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

--
End of file - 11762 bytes


ComboFix 10-01-13.0C - MEDIA CONCERT 14.01.2010 18:39:22.1.4 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.49.1031.18.3326.2813 [GMT 1:00]
ausgeführt von:: c:\dokumente und einstellungen\MEDIA CONCERT\Desktop\ComboFix.exe
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
.

(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\programme\driver
c:\windows\tmp.tmp.tmp1

.
((((((((((((((((((((((( Dateien erstellt von 2009-12-14 bis 2010-01-14 ))))))))))))))))))))))))))))))
.

2010-01-13 17:05 . 2010-01-13 17:05 -------- d-----w- c:\programme\Trend Micro
2010-01-13 14:55 . 2010-01-13 14:55 -------- d-----w- c:\dokumente und einstellungen\MEDIA CONCERT\Anwendungsdaten\Malwarebytes
2010-01-13 14:55 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-13 14:55 . 2010-01-13 14:55 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\Malwarebytes
2010-01-13 14:55 . 2010-01-13 20:09 -------- d-----w- c:\programme\Malwarebytes' Anti-Malware
2010-01-13 14:55 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-13 05:48 . 2009-11-21 15:54 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2010-01-11 21:23 . 2010-01-11 21:23 -------- d-----w- C:\Inetpub
2010-01-11 20:52 . 2008-04-14 06:52 26624 ----a-w- c:\dokumente und einstellungen\LocalService\Anwendungsdaten\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
2010-01-11 13:13 . 2008-05-29 06:03 37176 ----a-w- c:\dokumente und einstellungen\MEDIA CONCERT\Anwendungsdaten\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-01-08 12:44 . 2010-01-08 12:45 -------- d-----w- c:\dokumente und einstellungen\MEDIA CONCERT\Anwendungsdaten\dvdcss
2010-01-08 11:47 . 2009-02-12 11:19 45056 ----a-w- c:\windows\system32\MPDLL.DLL
2010-01-08 11:46 . 2010-01-08 11:47 -------- d-----w- C:\Megatech
2010-01-08 08:51 . 2010-01-08 08:51 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\DVD Shrink
2010-01-08 08:51 . 2010-01-08 08:51 -------- d-----w- c:\programme\DVD Shrink DE
2010-01-08 07:04 . 2010-01-08 07:04 -------- d-----w- c:\dokumente und einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\IsoBuster
2010-01-08 07:04 . 2010-01-08 07:04 -------- d-----w- c:\dokumente und einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\DVDVideoSoft
2010-01-07 23:19 . 2010-01-07 23:19 -------- d-----w- c:\dokumente und einstellungen\MEDIA CONCERT\Lokale Einstellungen\Anwendungsdaten\WEB.DE
2010-01-07 23:19 . 2010-01-07 23:19 -------- d-----w- c:\dokumente und einstellungen\MEDIA CONCERT\Anwendungsdaten\WEB.DE
2010-01-07 23:19 . 2010-01-07 23:19 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\WEB.DE
2010-01-07 23:18 . 2010-01-07 23:18 -------- d-----w- c:\programme\WEB.DE
2010-01-07 23:17 . 2010-01-07 23:17 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\TEMP
2010-01-07 23:17 . 2010-01-07 23:17 -------- d-----w- c:\dokumente und einstellungen\MEDIA CONCERT\Anwendungsdaten\AnvSoft
2010-01-07 23:17 . 2010-01-07 23:17 -------- d-----w- c:\programme\AnvSoft
2010-01-07 22:26 . 2010-01-07 22:26 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\SlySoft
2010-01-07 22:01 . 2010-01-07 22:02 -------- d-----w- c:\programme\JDownloader
2010-01-07 22:00 . 2010-01-07 22:00 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-01-07 22:00 . 2010-01-07 22:00 -------- d-----w- c:\programme\Java
2010-01-07 22:00 . 2010-01-07 22:00 152576 ----a-w- c:\dokumente und einstellungen\MEDIA CONCERT\Anwendungsdaten\Sun\Java\jre1.6.0_15\lzma.dll
2010-01-07 21:57 . 2010-01-07 21:57 -------- d-----w- c:\programme\7-Zip
2010-01-07 20:42 . 2010-01-07 23:47 -------- d-----w- c:\dokumente und einstellungen\MEDIA CONCERT\Anwendungsdaten\ArcSoft
2010-01-07 20:42 . 2006-11-10 14:05 18688 ----a-w- c:\windows\system32\drivers\afc.sys
2010-01-07 20:42 . 2010-01-14 17:35 3048 ----a-w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\ArcSoft\arcsoft-totalmedia-35-071019-web\acforall.dll
2010-01-07 20:42 . 2010-01-07 20:42 -------- d-----w- c:\dokumente und einstellungen\MEDIA CONCERT\Lokale Einstellungen\Anwendungsdaten\ArcSoft
2010-01-07 20:42 . 2010-01-07 20:42 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\ArcSoft
2010-01-07 20:42 . 2010-01-07 20:42 -------- d-----w- c:\programme\Gemeinsame Dateien\ArcSoft
2010-01-07 20:42 . 2010-01-07 20:42 -------- d-----w- c:\programme\ArcSoft
2010-01-07 20:42 . 2005-04-27 15:36 245408 ----a-w- c:\windows\system32\unicows.dll
2010-01-07 20:40 . 2010-01-07 20:40 -------- d-----w- c:\dokumente und einstellungen\MEDIA CONCERT\Anwendungsdaten\AVS4YOU
2010-01-07 20:40 . 2010-01-07 20:40 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\AVS4YOU
2010-01-07 20:40 . 2010-01-07 20:40 -------- d-----w- c:\programme\Gemeinsame Dateien\AVSMedia
2010-01-07 20:39 . 2010-01-07 20:40 -------- d-----w- c:\programme\AVS4YOU
2010-01-07 20:39 . 2008-08-13 09:22 974848 ----a-w- c:\windows\system32\mfc70.dll
2010-01-07 20:39 . 2008-08-13 09:22 487424 ----a-w- c:\windows\system32\msvcp70.dll
2010-01-07 20:39 . 2008-08-13 09:22 24576 ----a-w- c:\windows\system32\msxml3a.dll
2010-01-07 20:38 . 2010-01-07 23:28 -------- d-----w- c:\programme\eMule
2010-01-07 20:33 . 2010-01-13 17:10 -------- d-----w- c:\dokumente und einstellungen\MEDIA CONCERT\Lokale Einstellungen\Anwendungsdaten\IsoBuster
2010-01-07 20:33 . 2010-01-07 20:33 -------- d-----w- c:\programme\IsoBuster
2010-01-07 20:33 . 2010-01-07 20:33 -------- d-----w- c:\programme\Smart Projects
2010-01-07 20:33 . 2009-10-13 15:45 52224 ----a-w- c:\dokumente und einstellungen\MEDIA CONCERT\Anwendungsdaten\Mozilla\Firefox\Profiles\f2h773xk.default\extensions\{266fcdca-7bb3-4da7-b3bf-f845dea2ebd6}\components\FFExternalAlert.dll
2010-01-07 20:33 . 2009-10-13 15:45 114688 ----a-w- c:\dokumente und einstellungen\MEDIA CONCERT\Anwendungsdaten\Mozilla\Firefox\Profiles\f2h773xk.default\extensions\{266fcdca-7bb3-4da7-b3bf-f845dea2ebd6}\components\npmozax.dll
2010-01-07 20:23 . 2010-01-07 20:23 -------- d-----w- c:\programme\SlySoft
2009-12-30 02:00 . 2009-12-30 02:00 -------- d-----w- c:\programme\MSXML 4.0
2009-12-28 15:28 . 2010-01-14 16:53 -------- d-----w- c:\dokumente und einstellungen\MEDIA CONCERT\Anwendungsdaten\HPAppData
2009-12-28 15:28 . 2009-12-28 15:28 -------- d-----w- c:\dokumente und einstellungen\MEDIA CONCERT\Anwendungsdaten\Yahoo!
2009-12-28 15:28 . 2009-12-28 15:28 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\Yahoo! Companion
2009-12-28 15:26 . 2009-12-28 15:26 -------- d-----w- c:\dokumente und einstellungen\MEDIA CONCERT\Anwendungsdaten\HP
2009-12-28 15:13 . 2009-12-28 15:13 -------- d-----w- c:\dokumente und einstellungen\MEDIA CONCERT\Lokale Einstellungen\Anwendungsdaten\HP
2009-12-28 15:09 . 2007-01-17 00:37 16496 ----a-r- c:\windows\system32\drivers\HPZipr12.sys
2009-12-28 15:09 . 2007-01-17 00:37 49920 ----a-r- c:\windows\system32\drivers\HPZid412.sys
2009-12-28 15:08 . 2007-01-17 00:37 21568 ----a-r- c:\windows\system32\drivers\HPZius12.sys
2009-12-28 15:08 . 2009-12-28 15:08 -------- d-----w- c:\programme\Yahoo!
2009-12-28 15:06 . 2009-12-28 15:06 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\HP Product Assistant
2009-12-28 15:05 . 2009-12-28 15:05 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\HP
2009-12-28 15:04 . 2009-12-28 15:04 -------- d-----w- c:\programme\Gemeinsame Dateien\HP
2009-12-28 15:04 . 2009-12-28 15:04 -------- d-----w- c:\programme\Gemeinsame Dateien\Hewlett-Packard
2009-12-28 15:04 . 2009-12-28 15:04 -------- d-----w- c:\programme\Hewlett-Packard
2009-12-28 15:04 . 2008-12-16 13:56 10567 ----a-r- c:\windows\hpwscr19.dat
2009-12-28 15:04 . 2007-11-06 10:15 1140056 ----a-r- c:\windows\hpzmsi01.exe
2009-12-28 15:04 . 2007-11-06 10:04 1373528 ----a-r- c:\windows\hpzshl01.exe
2009-12-28 15:04 . 2009-12-28 15:04 -------- d-----w- c:\windows\yellowtail
2009-12-28 15:03 . 2009-12-28 15:06 -------- d-----w- c:\programme\HP
2009-12-28 15:01 . 2009-12-28 15:01 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\Hewlett-Packard
2009-12-28 15:01 . 2009-12-28 15:12 203417 ----a-w- c:\windows\hpwins19.dat
2009-12-28 15:01 . 2008-01-06 22:08 997 ----a-r- c:\windows\hpwmdl19.dat
2009-12-28 15:01 . 2007-11-05 18:07 118272 ----a-w- c:\windows\system32\hpz3l5mu.dll
2009-12-28 15:01 . 2007-11-05 18:06 278016 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\hpzpp5mu.dll
2009-12-28 15:01 . 2007-11-06 10:10 271704 ----a-r- c:\windows\system32\hpzids01.dll
2009-12-28 14:59 . 2007-01-17 00:37 364544 ----a-r- c:\windows\system32\hppldcoi.dll
2009-12-28 14:59 . 2007-01-17 00:37 309760 ----a-r- c:\windows\system32\difxapi.dll
2009-12-28 14:59 . 2007-01-17 00:31 294912 ----a-r- c:\windows\system32\hpovst11.dll
2009-12-28 14:59 . 2007-10-30 18:35 593920 ----a-r- c:\windows\system32\hpwtscl3.dll
2009-12-28 14:59 . 2007-10-30 18:35 729088 ----a-r- c:\windows\system32\hpwwiax4.dll
2009-12-19 18:22 . 2009-12-19 18:22 104512 ----a-w- c:\windows\system32\drivers\AnyDVD.sys
2009-12-17 22:25 . 2009-12-17 22:25 26024 ----a-w- c:\windows\system32\drivers\ElbyCDIO.sys

.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-14 08:10 . 2009-11-26 07:13 -------- d-----w- c:\dokumente und einstellungen\MEDIA CONCERT\Anwendungsdaten\Skype
2010-01-14 07:39 . 2009-11-26 07:18 -------- d-----w- c:\dokumente und einstellungen\MEDIA CONCERT\Anwendungsdaten\skypePM
2010-01-11 21:38 . 2009-11-23 11:58 -------- d-----w- c:\dokumente und einstellungen\MEDIA CONCERT\Anwendungsdaten\vlc
2010-01-08 17:09 . 2009-09-15 07:08 -------- d-----w- c:\dokumente und einstellungen\MEDIA CONCERT\Anwendungsdaten\U3
2010-01-08 11:47 . 2009-08-07 12:46 73416 ----a-w- c:\dokumente und einstellungen\MEDIA CONCERT\Lokale Einstellungen\Anwendungsdaten\GDIPFONTCACHEV1.DAT
2010-01-07 20:42 . 2007-01-01 08:17 -------- d--h--w- c:\programme\InstallShield Installation Information
2010-01-07 20:37 . 2010-01-07 20:37 -------- d-----w- c:\dokumente und einstellungen\MEDIA CONCERT\Anwendungsdaten\concept design
2010-01-07 20:37 . 2010-01-07 20:37 -------- d-----w- c:\programme\concept design
2010-01-07 13:22 . 2009-08-13 23:44 1 ----a-w- c:\dokumente und einstellungen\MEDIA CONCERT\Anwendungsdaten\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2009-12-30 08:03 . 2009-11-30 18:53 -------- d-----w- c:\programme\Lx_cats
2009-12-26 00:32 . 2009-08-31 00:18 -------- d-----w- c:\programme\Google
2009-12-10 13:13 . 2001-08-18 10:00 90924 ----a-w- c:\windows\system32\perfc007.dat
2009-12-10 13:13 . 2001-08-18 10:00 477134 ----a-w- c:\windows\system32\perfh007.dat
2009-12-07 19:16 . 2009-12-07 19:15 -------- d-----w- c:\programme\DVDVideoSoft
2009-12-07 19:16 . 2009-12-07 19:16 -------- d-----w- c:\programme\Conduit
2009-12-07 19:16 . 2009-12-07 19:16 52224 ----a-w- c:\dokumente und einstellungen\MEDIA CONCERT\Anwendungsdaten\Mozilla\Firefox\Profiles\f2h773xk.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}\components\FFExternalAlert.dll
2009-12-07 19:16 . 2009-12-07 19:16 114688 ----a-w- c:\dokumente und einstellungen\MEDIA CONCERT\Anwendungsdaten\Mozilla\Firefox\Profiles\f2h773xk.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}\components\npmozax.dll
2009-12-07 19:16 . 2009-12-07 19:15 -------- d-----w- c:\programme\Gemeinsame Dateien\DVDVideoSoft
2009-12-07 18:37 . 2009-12-07 18:37 -------- d-----w- c:\programme\Alwil Software
2009-12-07 18:37 . 2009-12-07 18:37 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\Alwil Software
2009-12-07 18:28 . 2009-12-07 18:28 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\Google Updater
2009-12-07 18:09 . 2007-01-01 08:20 -------- d-----w- c:\programme\BIOSTAR
2009-12-07 13:44 . 2009-11-23 13:42 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-12-02 22:04 . 2009-09-03 19:05 -------- d-----w- c:\programme\MSBuild
2009-12-02 22:04 . 2009-12-02 22:04 -------- d-----w- c:\programme\Reference Assemblies
2009-11-30 18:51 . 2009-11-30 18:47 -------- d-----w- c:\programme\Lexmark 1400 Series
2009-11-28 16:06 . 2009-11-28 16:06 -------- d-----w- c:\programme\TVAnts
2009-11-28 11:21 . 2009-11-28 11:21 -------- d-----w- c:\programme\Microsoft Office Outlook Connector
2009-11-27 16:55 . 2009-11-27 16:55 -------- d-----w- c:\programme\MSECache
2009-11-27 14:06 . 2009-09-03 19:02 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\Microsoft Help
2009-11-27 13:27 . 2009-11-27 13:27 -------- d-----w- c:\programme\SopCast
2009-11-26 09:35 . 2009-11-26 09:35 -------- d-----w- c:\dokumente und einstellungen\MEDIA CONCERT\Anwendungsdaten\TeamViewer
2009-11-26 09:35 . 2009-11-26 09:35 -------- d-----w- c:\programme\TeamViewer
2009-11-26 09:30 . 2009-11-26 09:30 14634 ----a-w- c:\windows\CachedXtraz.bin
2009-11-26 09:30 . 2009-11-26 09:12 -------- d-----w- c:\programme\ICQ6.5
2009-11-26 09:30 . 2009-11-26 09:12 -------- d-----w- c:\dokumente und einstellungen\MEDIA CONCERT\Anwendungsdaten\ICQ
2009-11-26 09:28 . 2009-11-26 09:28 -------- d-----w- c:\programme\ICQ6Toolbar
2009-11-26 09:28 . 2009-11-26 09:28 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\ICQ
2009-11-26 07:18 . 2009-11-26 07:18 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2009-11-26 07:13 . 2009-11-26 07:13 -------- d-----r- c:\programme\Skype
2009-11-26 07:13 . 2009-11-26 07:13 -------- d-----w- c:\programme\Gemeinsame Dateien\Skype
2009-11-26 07:13 . 2009-11-26 07:13 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\Skype
2009-11-25 20:14 . 2007-01-01 08:03 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-11-25 07:25 . 2009-11-25 07:25 -------- d-----w- c:\dokumente und einstellungen\MEDIA CONCERT\Anwendungsdaten\QIP
2009-11-23 13:51 . 2009-11-23 13:51 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\nView_Profiles
2009-11-23 13:42 . 2009-11-23 13:42 -------- d-----w- c:\programme\Avira
2009-11-23 13:42 . 2009-11-23 13:42 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\Avira
2009-11-23 12:00 . 2009-11-23 12:00 -------- d-----w- c:\dokumente und einstellungen\LocalService\Anwendungsdaten\TuneUp Software
2009-11-23 11:56 . 2009-11-23 11:56 -------- d-----w- c:\programme\VideoLAN
2009-11-23 11:44 . 2009-11-23 11:44 -------- d-----w- c:\dokumente und einstellungen\MEDIA CONCERT\Anwendungsdaten\TuneUp Software
2009-11-23 11:44 . 2009-11-23 11:43 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\TuneUp Software
2009-11-23 11:43 . 2009-11-23 11:43 -------- d-sh--w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2009-11-23 10:59 . 2009-11-23 10:59 -------- d-----w- c:\dokumente und einstellungen\MEDIA CONCERT\Anwendungsdaten\Windows Search
2009-11-23 10:46 . 2009-11-23 10:46 -------- d-----w- c:\programme\Linksys
2009-11-23 10:46 . 2009-11-23 10:45 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\Pure Networks
2009-11-23 10:46 . 2009-11-23 10:46 -------- d-----w- c:\programme\Gemeinsame Dateien\Pure Networks Shared
2009-11-21 15:54 . 2004-08-03 22:57 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
2009-11-20 15:11 . 2009-08-25 01:39 -------- d-----w- c:\programme\DivX
2009-11-20 15:11 . 2009-08-07 01:32 -------- d-----w- c:\programme\AGEIA Technologies
2009-10-29 05:24 . 2004-08-03 22:57 672768 ----a-w- c:\windows\system32\wininet.dll
2009-10-29 04:48 . 2009-10-29 04:48 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-10-29 04:48 . 2009-10-29 04:48 348160 ----a-w- c:\windows\system32\msvcr71.dll
2009-10-21 05:38 . 2004-08-03 22:57 75776 ----a-w- c:\windows\system32\strmfilt.dll
2009-10-21 05:38 . 2004-08-03 22:57 25088 ----a-w- c:\windows\system32\httpapi.dll
2009-10-20 16:20 . 2004-08-03 21:00 265728 ----a-w- c:\windows\system32\drivers\http.sys
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\programme\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\programme\mozilla firefox\plugins\ssldivx.dll
.

(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}"= "c:\programme\DVDVideoSoft\tbDVDV.dll" [2009-11-09 2331672]
"{266fcdca-7bb3-4da7-b3bf-f845dea2ebd6}"= "c:\programme\IsoBuster\tbIsoB.dll" [2009-10-01 2166296]

[HKEY_CLASSES_ROOT\clsid\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}]

[HKEY_CLASSES_ROOT\clsid\{266fcdca-7bb3-4da7-b3bf-f845dea2ebd6}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{266fcdca-7bb3-4da7-b3bf-f845dea2ebd6}]
2009-10-01 16:29 2166296 ----a-w- c:\programme\IsoBuster\tbIsoB.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}]
2009-11-09 17:38 2331672 ----a-w- c:\programme\DVDVideoSoft\tbDVDV.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}"= "c:\programme\DVDVideoSoft\tbDVDV.dll" [2009-11-09 2331672]
"{266fcdca-7bb3-4da7-b3bf-f845dea2ebd6}"= "c:\programme\IsoBuster\tbIsoB.dll" [2009-10-01 2166296]

[HKEY_CLASSES_ROOT\clsid\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}]

[HKEY_CLASSES_ROOT\clsid\{266fcdca-7bb3-4da7-b3bf-f845dea2ebd6}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{E9911EC6-1BCC-40B0-9993-E0EEA7F6953F}"= "c:\programme\DVDVideoSoft\tbDVDV.dll" [2009-11-09 2331672]
"{266FCDCA-7BB3-4DA7-B3BF-F845DEA2EBD6}"= "c:\programme\IsoBuster\tbIsoB.dll" [2009-10-01 2166296]

[HKEY_CLASSES_ROOT\clsid\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}]

[HKEY_CLASSES_ROOT\clsid\{266fcdca-7bb3-4da7-b3bf-f845dea2ebd6}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AlcoholAutomount"="c:\programme\Alcohol Soft\Alcohol 120\axcmd.exe" [2009-04-24 203928]
"MSMSGS"="c:\programme\Messenger\msmsgs.exe" [2008-04-14 1695232]
"Skype"="c:\programme\Skype\Phone\Skype.exe" [2009-10-09 25623336]
"swg"="c:\programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-12-07 39408]
"WEB.DE_WEB.DE MultiMessenger"="c:\programme\WEB.DE\WEB.DE MultiMessenger\MESSENGR.EXE" [2009-10-16 4920752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2007-04-10 16126464]
"nwiz"="c:\programme\NVIDIA Corporation\nView\nwiz.exe" [2009-08-12 1657376]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-08-17 13877248]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-08-17 86016]
"AdobeCS4ServiceManager"="c:\programme\Gemeinsame Dateien\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"GrooveMonitor"="c:\programme\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"nmctxth"="c:\programme\Gemeinsame Dateien\Pure Networks Shared\Platform\nmctxth.exe" [2008-12-12 642856]
"Linksys Wireless Manager"="c:\programme\Linksys\Linksys Wireless Manager\LinksysWirelessManager.exe" [2009-02-15 1358384]
"avgnt"="c:\programme\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"lxdjamon"="c:\programme\Lexmark 1400 Series\lxdjamon.exe" [2007-03-06 20480]
"LXDJCATS"="c:\windows\System32\spool\DRIVERS\W32X86\3\LXDJtime.dll" [2007-02-09 102400]
"HP Software Update"="c:\programme\HP\HP Software Update\HPWuSchd2.exe" [2007-10-14 49152]
"ArcSoft Connection Service"="c:\programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2007-11-13 72192]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\dokumente und einstellungen\All Users\Startmen\Programme\Autostart\
HP Digital Imaging Monitor.lnk - c:\programme\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360]
TMMonitor.lnk - c:\programme\ArcSoft\TotalMedia 3.5\TMMonitor.exe [2010-1-7 258048]
Windows Search.lnk - c:\programme\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\programme\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\programme\Adobe\Reader 9.0\Reader\Reader_sl.exe"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Programme\\Bonjour\\mDNSResponder.exe"=
"c:\\Programme\\Gemeinsame Dateien\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\\Programme\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Programme\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Programme\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programme\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Programme\\ICQ6.5\\ICQ.exe"=
"c:\\Programme\\TeamViewer\\Version4\\TeamViewer.exe"=
"c:\\Programme\\SopCast\\SopCast.exe"=
"c:\\Programme\\TVAnts\\Tvants.exe"=
"c:\\WINDOWS\\system32\\lxdjcoms.exe"=
"c:\\Programme\\Lexmark 1400 Series\\lxdjamon.exe"=
"c:\\Programme\\Lexmark 1400 Series\\App4R.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxdjpswx.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxdjjswx.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxdjwbgw.exe"=
"c:\\Programme\\concept design\\onlineTV 5\\onlineTV.exe"=
"c:\\Programme\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Programme\\eMule\\emule.exe"=
"c:\\Programme\\Messenger\\msmsgs.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxdjtime.exe"=
"c:\\Programme\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5353:TCP"= 5353:TCP:Adobe CSI CS4
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

R0 hotcore3;hotcore3;c:\windows\system32\drivers\hotcore3.sys [07.08.2009 00:56 39472]
R1 BIOS;BIOS;c:\windows\system32\drivers\BIOS.sys [01.01.2007 09:15 13696]
R1 BS_I2cIo;BS_I2cIo;c:\windows\system32\drivers\BS_I2cIo.sys [01.01.2007 09:21 8192]
R2 AntiVirSchedulerService;Avira AntiVir Planer;c:\programme\Avira\AntiVir Desktop\sched.exe [23.11.2009 14:42 108289]
R3 rt2870;Linksys 802.11n USB Wireless LAN Card Driver;c:\windows\system32\drivers\rt2870.sys [23.11.2009 11:45 644096]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [07.08.2009 01:40 722416]
S2 gupdate;Google Update Service (gupdate);c:\programme\Google\Update\GoogleUpdate.exe [31.08.2009 01:18 133104]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Inhalt des "geplante Tasks" Ordners

2010-01-08 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programme\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]

2010-01-14 c:\windows\Tasks\Google Software Updater.job
- c:\programme\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-12-07 18:27]

2010-01-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programme\Google\Update\GoogleUpdate.exe [2009-08-31 00:18]

2010-01-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programme\Google\Update\GoogleUpdate.exe [2009-08-31 00:18]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://search.conduit.com/?SearchSource=10&ctid=CT1700389
uInternet Settings,ProxyOverride = *.local
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\dokumente und einstellungen\MEDIA CONCERT\Anwendungsdaten\Mozilla\Firefox\Profiles\f2h773xk.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1700389&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT1700389&SearchSource=13
FF - prefs.js: keyword.URL - hxxp://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=971163&p=
FF - component: c:\dokumente und einstellungen\MEDIA CONCERT\Anwendungsdaten\Mozilla\Firefox\Profiles\f2h773xk.default\extensions\{266fcdca-7bb3-4da7-b3bf-f845dea2ebd6}\components\FFExternalAlert.dll
FF - component: c:\dokumente und einstellungen\MEDIA CONCERT\Anwendungsdaten\Mozilla\Firefox\Profiles\f2h773xk.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}\components\FFExternalAlert.dll
FF - component: c:\programme\Mozilla Firefox\extensions\{B922D405-6D13-4A2B-AE89-08A030DA4402}\components\pdfforgeToolbarFF.dll
FF - component: c:\programme\Mozilla Firefox\extensions\search@searchsettings.com\components\SearchSettingsFF.dll
FF - plugin: c:\dokumente und einstellungen\MEDIA CONCERT\Anwendungsdaten\Mozilla\Firefox\Profiles\f2h773xk.default\extensions\battlefieldheroespatcher@ea.com\platform\WINNT_x86-msvc\plugins\npBFHUpdater.dll
FF - plugin: c:\programme\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\programme\Google\Google Updater\2.4.1739.5352\npCIDetect13.dll
FF - plugin: c:\programme\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -

BHO-{B922D405-6D13-4A2B-AE89-08A030DA4402} - c:\programme\pdfforge Toolbar\pdfforgeToolbarIE.dll
Toolbar-{B922D405-6D13-4A2B-AE89-08A030DA4402} - c:\programme\pdfforge Toolbar\pdfforgeToolbarIE.dll
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKLM-Run-SearchSettings - c:\programme\pdfforge Toolbar\SearchSettings.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-14 18:42
Windows 5.1.2600 Service Pack 3 NTFS

Scanne versteckte Prozesse...

Scanne versteckte Autostarteinträge...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
LXDJCATS = rundll32 c:\windows\System32\spool\DRIVERS\W32X86\3\LXDJtime.dll,_RunDLLEntry@16???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????

Scanne versteckte Dateien...


c:\dokume~1\MEDIAC~1\LOKALE~1\Temp\Perflib_Perfdata_fb4.dat 16384 bytes

Scan erfolgreich abgeschlossen
versteckte Dateien: 1

**************************************************************************
.
Zeit der Fertigstellung: 2010-01-14 18:43:58
ComboFix-quarantined-files.txt 2010-01-14 17:43

Vor Suchlauf: 9 Verzeichnis(se), 185.462.697.984 Bytes frei
Nach Suchlauf: 12 Verzeichnis(se), 189.030.592.512 Bytes frei

WindowsXP-KB310994-SP2-Pro-BootDisk-DEU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

- - End Of File - - BD0A7F1ECBFA1CBD34DC99BED4E25BCC



32 Bit HP CIO Components Installer
7-Zip 4.65
Adobe AIR
Adobe AIR
Adobe Anchor Service CS4
Adobe Bridge CS4
Adobe CMaps CS4
Adobe Color - Photoshop Specific CS4
Adobe Color EU Recommended Settings CS4
Adobe Color JA Extra Settings CS4
Adobe Color NA Extra Settings CS4
Adobe Color Video Profiles CS CS4
Adobe CSI CS4
Adobe Default Language CS4
Adobe Device Central CS4
Adobe Drive CS4
Adobe ExtendScript Toolkit CS4
Adobe Extension Manager CS4
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Fonts All
Adobe Illustrator CS4
Adobe Illustrator CS4
Adobe InDesign CS4
Adobe InDesign CS4
Adobe InDesign CS4 Application Feature Set Files (Roman)
Adobe InDesign CS4 Common Base Files
Adobe InDesign CS4 Icon Handler
Adobe Linguistics CS4
Adobe Media Player
Adobe Media Player
Adobe Output Module
Adobe PDF Library Files CS4
Adobe Photoshop CS4
Adobe Photoshop CS4
Adobe Photoshop CS4
Adobe Photoshop CS4 Support
Adobe Reader 9.1 - Deutsch
Adobe Search for Help
Adobe Service Manager Extension
Adobe Setup
Adobe Setup
Adobe Setup
Adobe SGM CS4
Adobe Shockwave Player 11.5
Adobe SING CS4
Adobe Type Support CS4
Adobe Update Manager CS4
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS4
AdobeColorCommonSetCMYK
AdobeColorCommonSetRGB
Any DVD Converter Professional 4.0.1
AnyDVD
Apple Software Update
ArcSoft TotalMedia 3.5
Avira AntiVir Personal - Free Antivirus
AVS Update Manager 1.0
AVS Video Converter 6
AVS4YOU Software Navigator 1.3
Bonjour
concept/design onlineTV 5
Connect
DivX Web Player
DVD Shrink 3.2 deutsch (DeCSS-frei)
DVDVideoSoft Toolbar
eMule
Free Audio CD Burner version 1.2
Free YouTube to MP3 Converter version 3.2
Google Earth
Google Update Helper
Google Updater
High Definition Audio Driver Package - KB888111
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows XP (KB915800-v4)
Hotfix für Windows XP (KB952287)
Hotfix für Windows XP (KB961118)
Hotfix für Windows XP (KB970653-v3)
Hotfix für Windows XP (KB976098-v2)
HP Customer Participation Program 10.0
HP Document Manager 1.0
HP Imaging Device Functions 10.0
HP Officejet J4500 Series
HP Smart Web Printing
HP Solution Center 10.0
HP Update
ICQ6.5
IsoBuster 2.7
IsoBuster Toolbar
Java(TM) 6 Update 15
JDownloader
kuler
Lexmark 1400 Series
Linksys Wireless Manager
Malwarebytes' Anti-Malware
MegaCAD 3D 2010
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft Office Access MUI (German) 2007
Microsoft Office Enterprise 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (German) 2007
Microsoft Office Groove MUI (German) 2007
Microsoft Office InfoPath MUI (German) 2007
Microsoft Office OneNote MUI (German) 2007
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (German) 2007
Microsoft Office PowerPoint MUI (German) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (German) 2007
Microsoft Office Proof (Italian) 2007
Microsoft Office Proofing (German) 2007
Microsoft Office Publisher MUI (German) 2007
Microsoft Office Shared MUI (German) 2007
Microsoft Office Word MUI (German) 2007
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Mozilla Firefox (3.5.7)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
NVIDIA Drivers
NVIDIA nView Desktop Manager
NVIDIA PhysX
OCR Software by I.R.I.S. 10.0
OpenAL
OpenOffice.org 3.1
Paragon Drive Backup 8.51 Professional Trial
Paragon Partition Manager 9.0 Professional
PDF Settings CS4
PDFCreator
pdfforge Toolbar v1.1.1
Photoshop Camera Raw
PunkBuster Services
REALTEK GbE & FE Ethernet PCI NIC Driver
Realtek High Definition Audio Driver
RivaTuner v2.24
Security Update for Windows Search 4 - KB963093
Shop for HP Supplies
Sicherheitsupdate für Windows Media Player (KB952069)
Sicherheitsupdate für Windows Media Player (KB954155)
Sicherheitsupdate für Windows Media Player (KB968816)
Sicherheitsupdate für Windows Media Player (KB973540)
Sicherheitsupdate für Windows Media Player (KB973540)
Sicherheitsupdate für Windows XP (KB923561)
Sicherheitsupdate für Windows XP (KB923789)
Sicherheitsupdate für Windows XP (KB941569)
Sicherheitsupdate für Windows XP (KB946648)
Sicherheitsupdate für Windows XP (KB950762)
Sicherheitsupdate für Windows XP (KB950974)
Sicherheitsupdate für Windows XP (KB951066)
Sicherheitsupdate für Windows XP (KB951376-v2)
Sicherheitsupdate für Windows XP (KB951748)
Sicherheitsupdate für Windows XP (KB952004)
Sicherheitsupdate für Windows XP (KB952954)
Sicherheitsupdate für Windows XP (KB955069)
Sicherheitsupdate für Windows XP (KB956572)
Sicherheitsupdate für Windows XP (KB956744)
Sicherheitsupdate für Windows XP (KB956802)
Sicherheitsupdate für Windows XP (KB956803)
Sicherheitsupdate für Windows XP (KB956844)
Sicherheitsupdate für Windows XP (KB957097)
Sicherheitsupdate für Windows XP (KB958644)
Sicherheitsupdate für Windows XP (KB958687)
Sicherheitsupdate für Windows XP (KB958869)
Sicherheitsupdate für Windows XP (KB959426)
Sicherheitsupdate für Windows XP (KB960225)
Sicherheitsupdate für Windows XP (KB960803)
Sicherheitsupdate für Windows XP (KB960859)
Sicherheitsupdate für Windows XP (KB961371-v2)
Sicherheitsupdate für Windows XP (KB961501)
Sicherheitsupdate für Windows XP (KB968537)
Sicherheitsupdate für Windows XP (KB969059)
Sicherheitsupdate für Windows XP (KB969947)
Sicherheitsupdate für Windows XP (KB970238)
Sicherheitsupdate für Windows XP (KB970430)
Sicherheitsupdate für Windows XP (KB971486)
Sicherheitsupdate für Windows XP (KB971557)
Sicherheitsupdate für Windows XP (KB971633)
Sicherheitsupdate für Windows XP (KB971657)
Sicherheitsupdate für Windows XP (KB971961)
Sicherheitsupdate für Windows XP (KB972270)
Sicherheitsupdate für Windows XP (KB973354)
Sicherheitsupdate für Windows XP (KB973507)
Sicherheitsupdate für Windows XP (KB973525)
Sicherheitsupdate für Windows XP (KB973869)
Sicherheitsupdate für Windows XP (KB973904)
Sicherheitsupdate für Windows XP (KB974112)
Sicherheitsupdate für Windows XP (KB974318)
Sicherheitsupdate für Windows XP (KB974392)
Sicherheitsupdate für Windows XP (KB974455)
Sicherheitsupdate für Windows XP (KB974571)
Sicherheitsupdate für Windows XP (KB975025)
Sicherheitsupdate für Windows XP (KB975467)
Sicherheitsupdate für Windows XP (KB976325)
Skype web features
Skype™ 4.1
SopCast 3.2.4
Suite Shared Configuration CS4
TeamViewer 4
Total Commander (Remove or Repair)
T-Utility Hardware Monitor
TVAnts 1.0
Uninstall 1.0.0.1
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update für Windows XP (KB951978)
Update für Windows XP (KB955759)
Update für Windows XP (KB967715)
Update für Windows XP (KB968389)
Update für Windows XP (KB971737)
Update für Windows XP (KB973687)
Update für Windows XP (KB973815)
Update für Windows XP (KB976749)
VC80CRTRedist - 8.0.50727.762
VLC media player 1.0.3
WEB.DE MultiMessenger
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Search 4.0
Windows XP Service Pack 3
WinRAR
Yahoo! Toolbar
Zune Desktop Theme
Seitenanfang Seitenende
Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!

Folgende Themen könnten Dich auch interessieren: