TR/Vundo.Gen bleibt einfach und ich habe keine ahnung!
gefunden am 10.07.2008Hi, ich hab mir einen Vundo.Gen eingefangen und bekomme ihn einfach nit weg.Hoffe mal auf eure hilfe: hoffe die logs helfen euch und ich habs richtig gepostet :) Code: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:11:45, on 09.07.2008 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16386) Boot mode: Normal Running processes: c:\Program Files\Hewlett-Packard\IAM\bin\asghost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Hp\HP Software Update\hpwuSchd2.exe C:\Windows\System32\igfxpers.exe C:\Windows\System32\hkcmd.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\GUARDGUI.EXE C:\Program Files\Mozilla Firefox 3 Beta 4\firefox.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpage R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - (no file) O2 - BHO: (no name) - {3106C796-4695-432B-BBD8-8188C8CBEB66} - (no file) O2 - BHO: (no name) - {3E018EE2-8257-420C-9F98-16D0315B68D5} - (no file) O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {5AA15982-E8D9-470D-80F6-B3CFFA8E7E1E} - (no file) O2 - BHO: (no name) - {67C07E77-B187-4DC0-89D7-EC2EEADE70D4} - (no file) O2 - BHO: (no name) - {6EEE7607-229F-485C-98AC-B4EA06D0021C} - (no file) O2 - BHO: (no name) - {71D1E605-F1F1-466B-ACEA-364E226286E5} - C:\Windows\system32\khfGYRiF.dll O2 - BHO: (no name) - {91084A64-7109-4001-AEC8-5D97845A6BE6} - (no file) O2 - BHO: (no name) - {A58F7501-B93D-4D93-B78E-906BCB5D0C18} - (no file) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll O2 - BHO: (no name) - {B0C3210A-E0C0-4E0C-966A-A80A8CE04059} - (no file) O2 - BHO: (no name) - {B7474EB4-5A16-496A-B39A-5C12C0DA25FD} - (no file) O2 - BHO: (no name) - {DBD0CF04-FF70-4147-8B92-3EE6F844C92A} - (no file) O2 - BHO: (no name) - {DEE3179B-B00F-43AB-A7A0-632C920A8253} - (no file) O2 - BHO: Credential Manager for HP ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - c:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll O2 - BHO: QXK Olive - {E859DCC4-2549-4667-9E0D-CBCB6F2FCC78} - C:\Windows\kgqfweltbnk.dll O2 - BHO: (no name) - {F2A03A6B-98EC-4053-853D-407529134F0A} - (no file) O2 - BHO: (no name) - {FF45C67F-7373-441D-869B-656FAF017E19} - (no file) O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file) O3 - Toolbar: nqgpedlr - {6374A4B4-45BA-4718-9972-E56A8912ED9E} - C:\Windows\nqgpedlr.dll O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe O4 - HKLM\..\Run: [MSServer] rundll32.exe C:\Windows\system32\ddcCTmLb.dll,#1 O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe" O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'NETZWERKDIENST') O4 - Global Startup: BTTray.lnk = ? O8 - Extra context menu item: Bild an &Bluetooth-Ger?senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Seite an &Bluetooth-Ger?senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - (no file) O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file) O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - (no file) O9 - Extra 'Tools' menuitem: ?amp;bersetzer einstellen - {CC963627-B1DC-40E0-B52A-CF21EE748449} - (no file) O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - (no file) O9 - Extra 'Tools' menuitem: &W?rbuch - {CC963627-B1DC-40E0-B52A-CF21EE748450} - (no file) O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - (no file) O9 - Extra 'Tools' menuitem: &Markierter Text ?setzen - {CC963627-B1DC-40E0-B52A-CF21EE748451} - (no file) O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - (no file) O9 - Extra 'Tools' menuitem: &Siete ?setzen - {CC963627-B1DC-40E0-B52A-CF21EE748452} - (no file) O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe O13 - Gopher Prefix: O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Roxio\Roxio MyDVD Basic v9\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: stllssvr - Unknown owner - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe (file missing) O23 - Service: VundoFix Service (VundoFixSvc) - Atribune.org - C:\Windows\SYSTEM32\VundoFixSVC.exe -- End of file - 9557 bytes und dazu Code: $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ º º hjtscanlist v2.0 º º $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ Microsoft Windows [Version 6.0.6000] C: C:\Program Files C:\pagefile.sys C:\VundoFix.txt C:\VundoFix Backups C:\Windows C:\SwSetup C:\System Volume Information C:\crashAddress.txt C:\ProgramData C:\findaudio.log C:\Langenscheidt T1 7_0 C:\SIERRA C:\IO.SYS C:\MSDOS.SYS C:\OpenSSL C:\ATMA_config.ini C:\Genius C:\Intel C:\start C:\perflogs C:\$Recycle.Bin C:\System.sav C:\Users C:\C_USERPART C:\hp C:\boot C:\Programme C:\Dokumente und Einstellungen C:\Documents and Settings C:\bootmgr ---------------------------------------- C:\Windows C:\Windows\bootstat.dat C:\Windows\bthservsdp.dat C:\Windows\kgqfweltbnk.dll C:\Windows\nqgpedlr.dll C:\Windows\mrvtdpqe.exe C:\Windows\erab.exe C:\Windows\axrfgvek.dll C:\Windows\okmdepgb.dll C:\Windows\NeroDigital.ini C:\Windows\mgxoschk.ini C:\Windows\ICMET20.BIN C:\Windows\SIERRA.INI C:\Windows\eReg.dat C:\Windows\Setup1.exe C:\Windows\ST6UNST.EXE C:\Windows\key3.db C:\Windows\cookies.txt C:\Windows\signons.txt C:\Windows\TRNCOM.INI C:\Windows\nsreg.dat C:\Windows\UNNeroMediaHome.exe C:\Windows\UNRecode.exe C:\Windows\UNNeroVision.exe C:\Windows\UNNeroBackItUp.exe C:\Windows\UNNeroShowTime.exe C:\Windows\csup.txt C:\Windows\agrsmdel.exe C:\Windows\HPModemVersion.dll C:\Windows\win.ini C:\Windows\WindowsShell.Manifest C:\Windows\WMSysPr9.prx C:\Windows\twunk_16.exe C:\Windows\twunk_32.exe C:\Windows\twain_32.dll C:\Windows\twain.dll C:\Windows\notepad.exe C:\Windows\winhlp32.exe C:\Windows\regedit.exe C:\Windows\HelpPane.exe C:\Windows\hh.exe C:\Windows\fveupdate.exe C:\Windows\explorer.exe C:\Windows\bfsvc.exe C:\Windows\mib.bin C:\Windows\WMPrfDeu.prx C:\Windows\Business.xml C:\Windows\system.ini C:\Windows\_default.pif C:\Windows\winhelp.exe C:\Windows\msdfmap.ini C:\Windows\UNNeroMediaHome.cfg C:\Windows\UNNeroVision.cfg C:\Windows\UNNeroShowTime.cfg C:\Windows\UNRecode.cfg C:\Windows\UNNeroBackItUp.cfg C:\Windows\WMSysPr8.prx C:\Windows\IsUn0407.exe ---------------------------------------- C:\Windows\System C:\Windows\System\hpsysdrv.dat C:\Windows\System\mciseq.drv C:\Windows\System\mciwave.drv C:\Windows\System\avifile.dll C:\Windows\System\mciavi.drv C:\Windows\System\avicap.dll C:\Windows\System\msvideo.dll C:\Windows\System\OLESVR.DLL C:\Windows\System\WFWNET.DRV C:\Windows\System\COMMDLG.DLL C:\Windows\System\TIMER.DRV C:\Windows\System\MMSYSTEM.DLL C:\Windows\System\mmtask.tsk C:\Windows\System\mouse.drv C:\Windows\System\vga.drv C:\Windows\System\sound.drv C:\Windows\System\keyboard.drv C:\Windows\System\SHELL.DLL C:\Windows\System\system.drv C:\Windows\System\ver.dll C:\Windows\System\olecli.dll C:\Windows\System\lzexpand.dll C:\Windows\System\stdole.tlb ---------------------------------------- C:\Windows\System32 C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 C:\Windows\system32\WDI C:\Windows\system32\bbpahwxg.ini C:\Windows\system32\jupdate-1.6.0_06-b02.log C:\Windows\system32\31df9225-.txt C:\Windows\system32\wpxdthjb.ini C:\Windows\system32\epkobnla.ini C:\Windows\system32\pqeuudwq.ini C:\Windows\system32\jkupigpx.ini C:\Windows\system32\tool_de[1].log C:\Windows\system32\jniderlr.ini C:\Windows\system32\catroot2 C:\Windows\system32\rlvyltfh.ini C:\Windows\system32\VundoFixSVC.exe C:\Windows\system32\dmdbhwse.ini C:\Windows\system32\vwbioxrx.ini C:\Windows\system32\bhrnqcqh.ini C:\Windows\system32\hphwvpwp.ini C:\Windows\system32\khfGYRiF.dll C:\Windows\system32\CmdLineExt.dll C:\Windows\system32\perfh009.dat C:\Windows\system32\perfh007.dat C:\Windows\system32\perfc009.dat C:\Windows\system32\perfc007.dat C:\Windows\system32\PerfStringBackup.INI C:\Windows\system32\pndx5032.dll C:\Windows\system32\pndx5016.dll C:\Windows\system32\pncrt.dll C:\Windows\system32\rmoc3260.dll C:\Windows\system32\FNTCACHE.DAT C:\Windows\system32\drivers C:\Windows\system32\MAGIX C:\Windows\system32\jupdate-1.6.0_05-b13.log C:\Windows\system32\libssl32.dll C:\Windows\system32\appmgmt C:\Windows\system32\catroot C:\Windows\system32\directx C:\Windows\system32\MsiExec.exe.log C:\Windows\system32\LogFiles C:\Windows\system32\Tasks C:\Windows\system32\config C:\Windows\system32\MSINET.OCX C:\Windows\system32\de-DE C:\Windows\system32\wucltux.dll C:\Windows\system32\wups2.dll C:\Windows\system32\wuauclt.exe C:\Windows\system32\wuaueng.dll C:\Windows\system32\wudriver.dll C:\Windows\system32\wups.dll C:\Windows\system32\wuapi.dll C:\Windows\system32\wuwebv.dll C:\Windows\system32\wuapp.exe C:\Windows\system32\NDF C:\Windows\system32\zh-TW C:\Windows\system32\zh-CN C:\Windows\system32\sv-SE C:\Windows\system32\ru-RU C:\Windows\system32\pt-BR C:\Windows\system32\pl-PL C:\Windows\system32\ko-KR C:\Windows\system32\ja-JP C:\Windows\system32\it-IT C:\Windows\system32\fr-FR C:\Windows\system32\es-MX C:\Windows\system32\es-ES C:\Windows\system32\es-AR C:\Windows\system32\en-US C:\Windows\system32\restore C:\Windows\system32\igxpun.exe C:\Windows\system32\iglhxs32.vp C:\Windows\system32\igfxzoom.exe C:\Windows\system32\igfxtray.exe C:\Windows\system32\igfxsrvc.exe C:\Windows\system32\igfxpers.exe C:\Windows\system32\igfxext.exe C:\Windows\system32\igfxcfg.exe C:\Windows\system32\hkcmd.exe C:\Windows\system32\igfxCoIn_v1409.dll C:\Windows\system32\igdumd32.dll C:\Windows\system32\ig4dev32.dll C:\Windows\system32\ig4icd32.dll C:\Windows\system32\igfxrtrk.lrc C:\Windows\system32\igfxrsve.lrc C:\Windows\system32\igfxrtha.lrc C:\Windows\system32\igfxrptb.lrc C:\Windows\system32\igfxrsky.lrc C:\Windows\system32\igfxrrus.lrc C:\Windows\system32\igfxrplk.lrc C:\Windows\system32\igfxrslv.lrc C:\Windows\system32\igfxrptg.lrc C:\Windows\system32\igfxrjpn.lrc C:\Windows\system32\igfxrkor.lrc C:\Windows\system32\igfxrnld.lrc C:\Windows\system32\igfxrnor.lrc C:\Windows\system32\igfxrhun.lrc C:\Windows\system32\igfxrita.lrc C:\Windows\system32\igfxrfra.lrc C:\Windows\system32\igfxrfin.lrc C:\Windows\system32\igfxresp.lrc ---------------------------------------- C:\Windows\Prefetch C:\Windows\Prefetch\CMD.EXE-89305D47.pf C:\Windows\Prefetch\CONIME.EXE-B273009A.pf C:\Windows\Prefetch\SEARCHFILTERHOST.EXE-AA7A1FDD.pf C:\Windows\Prefetch\SEARCHPROTOCOLHOST.EXE-AFAD3EF9.pf C:\Windows\Prefetch\MSFEEDSSYNC.EXE-1F01ED17.pf C:\Windows\Prefetch\NOTEPAD.EXE-EB1B961A.pf C:\Windows\Prefetch\WMIPRVSE.EXE-43972D0F.pf C:\Windows\Prefetch\HIJACKTHIS.EXE-4187566C.pf C:\Windows\Prefetch\WINRAR.EXE-6F42D4E7.pf C:\Windows\Prefetch\AVWSC.EXE-A384DC2B.pf C:\Windows\Prefetch\TRUSTEDINSTALLER.EXE-031B6478.pf C:\Windows\Prefetch\TASKENG.EXE-5BAF290C.pf C:\Windows\Prefetch\VERCLSID.EXE-4D95F5A7.pf C:\Windows\Prefetch\EXPLORER.EXE-7A3328DA.pf C:\Windows\Prefetch\GUARDGUI.EXE-B9785867.pf C:\Windows\Prefetch\WERMGR.EXE-2A1BCBC7.pf C:\Windows\Prefetch\FIREFOX.EXE-6CDAD96E.pf C:\Windows\Prefetch\WMIADAP.EXE-369DF1CD.pf C:\Windows\Prefetch\HJTINSTALL.EXE-38090C27.pf C:\Windows\Prefetch\SCHTASKS.EXE-2DE769BF.pf C:\Windows\Prefetch\HPHC_SERVICE.EXE-B8B935C8.pf C:\Windows\Prefetch\MOBSYNC.EXE-D8BC6ED2.pf C:\Windows\Prefetch\ReadyBoot C:\Windows\Prefetch\UNSECAPP.EXE-CD982D99.pf C:\Windows\Prefetch\NMINDEXSTORESVR.EXE-1071025B.pf C:\Windows\Prefetch\HPQWMIEX.EXE-47BFC017.pf C:\Windows\Prefetch\ALG.EXE-5BBFFD2F.pf C:\Windows\Prefetch\NMINDEXINGSERVICE.EXE-FBCA8F66.pf C:\Windows\Prefetch\PRESENTATIONSETTINGS.EXE-6F4C5E34.pf C:\Windows\Prefetch\IGFXSRVC.EXE-67E7A62F.pf C:\Windows\Prefetch\CCLEANER.EXE-CC440CDB.pf C:\Windows\Prefetch\RUNDLL32.EXE-7BF4CE40.pf C:\Windows\Prefetch\DLLHOST.EXE-82A80DAE.pf C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-3216825288-2389835765-1074425339-1003.db C:\Windows\Prefetch\AgGlUAD_S-1-5-21-3216825288-2389835765-1074425339-1003.db C:\Windows\Prefetch\AgGlFgAppHistory.db C:\Windows\Prefetch\AgGlFaultHistory.db C:\Windows\Prefetch\AgGlGlobalHistory.db C:\Windows\Prefetch\AgRobust.db C:\Windows\Prefetch\SCRNSAVE.SCR-225A7D32.pf C:\Windows\Prefetch\Layout.ini C:\Windows\Prefetch\GOOGLEUPDATER.EXE-746F6782.pf C:\Windows\Prefetch\CCSETUP209_SLIM.EXE-4BF69DC4.pf C:\Windows\Prefetch\IGFXPERS.EXE-F690CC93.pf C:\Windows\Prefetch\FSQUIRT.EXE-CEB3AAF1.pf C:\Windows\Prefetch\HPWUSCHD2.EXE-2BAFD0AB.pf C:\Windows\Prefetch\AVGNT.EXE-E101157F.pf C:\Windows\Prefetch\AVSCAN.EXE-F988127B.pf C:\Windows\Prefetch\UPDATE.EXE-196C0F6E.pf C:\Windows\Prefetch\PREUPD.EXE-4F99113F.pf C:\Windows\Prefetch\PfSvPerfStats.bin C:\Windows\Prefetch\LOGONUI.EXE-1BEE4A84.pf C:\Windows\Prefetch\WERFAULT.EXE-B7E27BE5.pf C:\Windows\Prefetch\SYSTEMPROPERTIESPROTECTION.EX-47C43498.pf C:\Windows\Prefetch\CLEANMGR.EXE-B508FB28.pf C:\Windows\Prefetch\RSTRUI.EXE-4841C8C8.pf C:\Windows\Prefetch\VSSVC.EXE-04D079CC.pf C:\Windows\Prefetch\SYSTEMPROPERTIESADVANCED.EXE-AA165DFB.pf C:\Windows\Prefetch\RUNDLL32.EXE-41E85287.pf C:\Windows\Prefetch\IEXPLORE.EXE-1B894AFB.pf C:\Windows\Prefetch\JAVAW.EXE-444CF5E2.pf C:\Windows\Prefetch\JAVAWS.EXE-5DB75A31.pf C:\Windows\Prefetch\MSIEXEC.EXE-B5AFA339.pf C:\Windows\Prefetch\SVCHOST.EXE-8FD92526.pf C:\Windows\Prefetch\PTSERVS.EXE-61810021.pf C:\Windows\Prefetch\SVCHOST.EXE-F59CA9BD.pf C:\Windows\Prefetch\JAVA.EXE-354407C7.pf C:\Windows\Prefetch\VLC.EXE-CE8E9BE1.pf C:\Windows\Prefetch\WINAMP.EXE-97ED5809.pf C:\Windows\Prefetch\UTORRENT.EXE-07DD3997.pf C:\Windows\Prefetch\DLLHOST.EXE-A1CD8B86.pf C:\Windows\Prefetch\PHOTOSNAPVIEWER.EXE-194B42AF.pf C:\Windows\Prefetch\DFRGNTFS.EXE-4F838A89.pf C:\Windows\Prefetch\DEFRAG.EXE-738093E8.pf C:\Windows\Prefetch\PATCHJRE.EXE-B89CF976.pf C:\Windows\Prefetch\LAUNCHER.EXE-B7AEFAD3.pf C:\Windows\Prefetch\UNPACK200.EXE-CC917E49.pf C:\Windows\Prefetch\ZIPPER.EXE-6FE725FB.pf C:\Windows\Prefetch\MSIB654.TMP-1A5465F8.pf C:\Windows\Prefetch\JRE-6U6-WINDOWS-I586-P-IFTW.E-88C811FA.pf C:\Windows\Prefetch\IEXPLORE.EXE-6862E187.pf C:\Windows\Prefetch\IEUSER.EXE-D895AB54.pf C:\Windows\Prefetch\RUNDLL32.EXE-07E18E77.pf C:\Windows\Prefetch\AVNOTIFY.EXE-3344516F.pf C:\Windows\Prefetch\RUNDLL32.EXE-F452D79D.pf C:\Windows\Prefetch\RUNDLL32.EXE-E1EB85D1.pf C:\Windows\Prefetch\REGSVR32.EXE-55A4EE79.pf C:\Windows\Prefetch\ACRORD32.EXE-89736734.pf C:\Windows\Prefetch\RUNDLL32.EXE-D3EA1807.pf C:\Windows\Prefetch\SEARCHINDEXER.EXE-77D27BAC.pf C:\Windows\Prefetch\SVCHOST.EXE-7488A139.pf C:\Windows\Prefetch\SVCHOST.EXE-4D8DA32A.pf C:\Windows\Prefetch\SVCHOST.EXE-93CEEE07.pf C:\Windows\Prefetch\RUNDLL32.EXE-C7D752FC.pf C:\Windows\Prefetch\RUNDLL32.EXE-1CADFB54.pf C:\Windows\Prefetch\SCHED.EXE-D2CA8342.pf C:\Windows\Prefetch\AGRSMSVC.EXE-58B0C351.pf C:\Windows\Prefetch\GOOGLEUPDATERSERVICE.EXE-600E0B48.pf C:\Windows\Prefetch\NBSERVICE.EXE-EEDA7CD1.pf C:\Windows\Prefetch\SVCHOST.EXE-B1D6DE75.pf C:\Windows\Prefetch\LSSRVC.EXE-AA69E98A.pf C:\Windows\Prefetch\LPKSETUP.EXE-62381863.pf C:\Windows\Prefetch\GOOGLETOOLBARNOTIFIER.EXE-B3E65CF6.pf C:\Windows\Prefetch\JUSCHED.EXE-DAF5141A.pf C:\Windows\Prefetch\IEDW.EXE-1D6ABDE0.pf C:\Windows\Prefetch\TOOL_DE[1].EXE-1FAF625F.pf C:\Windows\Prefetch\VUNDOFIX.EXE-A094F860.pf C:\Windows\Prefetch\RUNDLL32.EXE-8CA7E6A8.pf C:\Windows\Prefetch\RUNDLL32.EXE-97EACD73.pf C:\Windows\Prefetch\RUNDLL32.EXE-EB3105E8.pf C:\Windows\Prefetch\CONTROL.EXE-9459D5A0.pf C:\Windows\Prefetch\RUNDLL32.EXE-C61079DA.pf C:\Windows\Prefetch\EASYLOGIN.EXE-DC073A5B.pf C:\Windows\Prefetch\RUNDLL32.EXE-A3703B02.pf C:\Windows\Prefetch\SOFFICE.BIN-5B14B466.pf C:\Windows\Prefetch\SOFFICE.EXE-67869B8B.pf C:\Windows\Prefetch\SWRITER.EXE-E5D584F8.pf C:\Windows\Prefetch\VUNDOFIX.EXE-DFC6AE05.pf C:\Windows\Prefetch\TASKMGR.EXE-72398DC0.pf C:\Windows\Prefetch\RUNDLL32.EXE-A9FFF4BE.pf C:\Windows\Prefetch\AgCx_SC1.db C:\Windows\Prefetch\AgCx_SC1.db.trx C:\Windows\Prefetch\NTOSBOOT-B00DFAAD.pf C:\Windows\Prefetch\AgAppLaunch.db ---------------------------------------- C:\Windows\Tasks C:\Windows\Tasks\User_Feed_Synchronization-{F78F33FA-5DBD-4541-B787-88F2D5B0C84B}.job C:\Windows\Tasks\SA.DAT C:\Windows\Tasks\SCHEDLGU.TXT ---------------------------------------- C:\Windows\Temp C:\Windows\Temp\lpksetup-20080709-220541-0.log C:\Windows\Temp\lpksetup-20080709-220536-0.log ---------------------------------------- C:\Users\ErNiE\AppData\Local\Temp C:\Users\ErNiE\AppData\Local\Temp\~DF31DD.tmp C:\Users\ErNiE\AppData\Local\Temp\WPDNSE C:\Users\ErNiE\AppData\Local\Temp\FXSAPIDebugLogFile.txt ---------------------------------------- C:\Program Files C:\Program Files\Mozilla Firefox 3 Beta 4 C:\Program Files\Trend Micro C:\Program Files\CCleaner C:\Program Files\Common Files C:\Program Files\Real Alternative C:\Program Files\ArtMoney C:\Program Files\EA SPORTS C:\Program Files\InstallShield Installation Information C:\Program Files\Rockstar Games C:\Program Files\Diablo II C:\Program Files\Firaxis Games C:\Program Files\Google C:\Program Files\Verimount C:\Program Files\ICQ6 C:\Program Files\Disc2Phone C:\Program Files\ProtectDisc Driver Installer C:\Program Files\MAGIX C:\Program Files\Reallusion C:\Program Files\Final Draft 7 C:\Program Files\Final Draft Tagger C:\Program Files\Valve C:\Program Files\Sierra On-Line C:\Program Files\Teachmaster 3.10 C:\Program Files\Noctua C:\Program Files\Winamp C:\Program Files\AVSMedia C:\Program Files\Roxio C:\Program Files\Spybot - Search & Destroy C:\Program Files\DAEMON Tools Lite C:\Program Files\Nero C:\Program Files\SecureW2 C:\Program Files\FreeMind C:\Program Files\VideoLAN C:\Program Files\Langenscheidt T1 7_0 C:\Program Files\DAMN NFO Viewer C:\Program Files\WinRAR C:\Program Files\Avira C:\Program Files\1&1 C:\Program Files\uTorrent C:\Program Files\OpenOffice.org 2.3 C:\Program Files\WIDCOMM C:\Program Files\Hewlett-Packard C:\Program Files\Fingerprint Sensor C:\Program Files\HPQ C:\Program Files\Synaptics C:\Program Files\Adobe C:\Program Files\Hp C:\Program Files\Analog Devices C:\Program Files\Internet Explorer C:\Program Files\Windows NT C:\Program Files\Gemeinsame Dateien C:\Program Files\Uninstall Information C:\Program Files\desktop.ini C:\Program Files\Movie Maker C:\Program Files\Windows Sidebar C:\Program Files\Windows Calendar C:\Program Files\Windows Mail C:\Program Files\Windows Media Player C:\Program Files\Windows Collaboration C:\Program Files\Windows Photo Gallery C:\Program Files\Windows Journal C:\Program Files\Windows Defender C:\Program Files\MSN C:\Program Files\Reference Assemblies C:\Program Files\MSBuild ---------------------------------------- C:\ProgramData\.. ErNiE Default Default User All Users Public desktop.ini ---------------------------------------- C:\Windows\system32\drivers\etc\hosts # 38.25.63.10 x.acme.com # x client host 127.0.0.1 localhost ::1 localhost # Start of entries inserted by Spybot - Search & Destroy 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com 127.0.0.1 www.1001-search.info 127.0.0.1 1001-search.info 127.0.0.1 www.100888290cs.com 127.0.0.1 100888290cs.com 127.0.0.1 www.100sexlinks.com 127.0.0.1 100sexlinks.com 127.0.0.1 www.10sek.com 127.0.0.1 10sek.com 127.0.0.1 www.123topsearch.com 127.0.0.1 123topsearch.com ---------------------------------------- Abbildname PID Sitzungsname Sitz.-Nr. Speichernutzung ========================= ======== ================ =========== =============== System Idle Process 0 Services 0 28 K System 4 Services 0 548 K smss.exe 368 Services 0 564 K csrss.exe 436 Services 0 4.760 K wininit.exe 480 Services 0 3.060 K csrss.exe 488 Console 1 8.024 K winlogon.exe 536 Console 1 3.968 K services.exe 564 Services 0 5.612 K lsass.exe 576 Services 0 2.540 K lsm.exe 584 Services 0 2.996 K svchost.exe 760 Services 0 4.844 K svchost.exe 804 Services 0 5.996 K svchost.exe 844 Services 0 5.348 K svchost.exe 940 Services 0 9.688 K svchost.exe 1044 Services 0 46.808 K svchost.exe 1080 Services 0 19.396 K audiodg.exe 1136 Services 0 9.180 K svchost.exe 1164 Services 0 3.728 K SLsvc.exe 1220 Services 0 3.516 K svchost.exe 1252 Services 0 10.160 K svchost.exe 1356 Services 0 12.500 K spoolsv.exe 1676 Services 0 6.916 K avguard.exe 1712 Services 0 8.216 K svchost.exe 1724 Services 0 4.560 K asghost.exe 284 Console 1 8.112 K dwm.exe 300 Console 1 4.220 K explorer.exe 416 Console 1 30.808 K taskeng.exe 472 Console 1 9.252 K hpwuSchd2.exe 1896 Console 1 2.632 K igfxpers.exe 608 Console 1 3.560 K hkcmd.exe 728 Console 1 3.884 K avgnt.exe 492 Console 1 1.536 K igfxsrvc.exe 1984 Console 1 4.272 K SynTPEnh.exe 984 Console 1 4.300 K TeaTimer.exe 976 Console 1 31.808 K NMBgMonitor.exe 1700 Console 1 5.680 K BTTray.exe 1732 Console 1 5.792 K agrsmsvc.exe 2324 Services 0 1.944 K sched.exe 2348 Services 0 1.008 K svchost.exe 2360 Services 0 2.756 K GoogleUpdaterService.exe 2404 Services 0 3.536 K LSSrvc.exe 2436 Services 0 2.808 K NBService.exe 2488 Services 0 4.876 K svchost.exe 2700 Services 0 3.716 K svchost.exe 2728 Services 0 4.876 K svchost.exe 2764 Services 0 1.656 K SearchIndexer.exe 2800 Services 0 22.656 K hpqwmiex.exe 2892 Services 0 3.892 K NMIndexingService.exe 3204 Services 0 5.640 K alg.exe 3352 Services 0 3.900 K NMIndexStoreSvr.exe 3444 Console 1 6.028 K unsecapp.exe 3592 Console 1 3.952 K WmiPrvSE.exe 3732 Services 0 5.108 K guardgui.exe 1836 Console 1 5.036 K HPHC_Service.exe 3248 Services 0 17.032 K taskeng.exe 2132 Services 0 5.316 K firefox.exe 2260 Console 1 58.724 K TrustedInstaller.exe 792 Services 0 8.076 K HijackThis.exe 476 Console 1 14.604 K WmiPrvSE.exe 1704 Services 0 5.848 K SearchProtocolHost.exe 2204 Services 0 8.528 K SearchFilterHost.exe 3880 Services 0 5.228 K cmd.exe 2612 Console 1 2.884 K conime.exe 3092 Console 1 3.428 K tasklist.exe 2980 Console 1 4.568 K ***** Ende des Scans 09.07.2008 um 22:12:38,04 *** Ich hoffe ihr k? daraus was erkennen :) Tausend dank im voraus ;)
- > Wieso flacket das Versatel Modem "WLAN" wenn keine Rechner aktiv sind?
- > MacOSX und Safari da werden keine Preise angezeigt und bestellen kann man auch nichts
- > Absoluter Laie braucht Eure Hilfe - "Oft keine Verbindung möglich"
- > FRAGE?!? M740 AV: Nach Trennung vom Netz keine Funktionalität mehr
- > Offizieller Play-boy-thread 2008/08 - keine neuen eröffnen!