Netz-Treff

Nachricht aus dem Archiv

Royson [Gast] schrieb am 27.June.2010, 21:27:44 in der Kategorie pc.security

Werbung öffnet sich ständig

aso...ok ^^

hier:

Logfile of random\'s system information tool 1.07 (written by random/random)
Run by Antoschin at 2010-06-27 21:09:13
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 227 GB (51%) free of 440 GB
Total RAM: 3066 MB (58% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:09:19, on 27.06.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal

Running processes:
C:\\Windows\\SYSTEM32\\taskeng.exe
C:\\Program Files\\TuneUp Utilities 2010\\TuneUpUtilitiesApp32.exe
C:\\Windows\\Explorer.EXE
C:\\Windows\\Ibeqia.exe
C:\\Users\\Antoschin\\AppData\\Local\\Temp\\Iji.exe
C:\\Program Files\\Acer Arcade Deluxe\\Acer Arcade Deluxe\\ArcadeDeluxeAgent.exe
C:\\Program Files\\Acer Arcade Deluxe\\Acer Arcade Deluxe\\Kernel\\CLML\\CLMLSvc.exe
C:\\Windows\\System32\\rundll32.exe
C:\\Program Files\\AmIcoSingLun\\AmIcoSinglun.exe
C:\\Program Files\\Realtek\\Audio\\HDA\\RtHDVCpl.exe
C:\\Windows\\PLFSetI.exe
C:\\Program Files\\Acer Bio Protection\\PdtWzd.exe
C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe
C:\\Program Files\\Launch Manager\\LManager.exe
C:\\Program Files\\Acer\\Acer PowerSmart Manager\\ePowerTray.exe
C:\\Program Files\\EgisTec Egis Software Update\\EgisUpdate.exe
C:\\Program Files\\Razer\\Diamondback 3G\\razerhid.exe
C:\\Windows\\WindowsMobile\\wmdc.exe
C:\\Windows\\ehome\\ehtray.exe
C:\\Program Files\\Windows Media Player\\wmpnscfg.exe
C:\\Users\\Antoschin\\AppData\\Roaming\\MSA\\mscjm.exe
C:\\Users\\Antoschin\\AppData\\Roaming\\MSA\\mscj.exe
C:\\Windows\\System32\\rundll32.exe
C:\\Program Files\\Acer\\Acer VCM\\AcerVCM.exe
C:\\Windows\\ehome\\ehmsas.exe
C:\\Windows\\System32\\mobsync.exe
C:\\Program Files\\Acer Bio Protection\\PwdBank.exe
C:\\Program Files\\Razer\\Diamondback 3G\\razertra.exe
C:\\Program Files\\Razer\\Diamondback 3G\\razerofa.exe
C:\\Windows\\system32\\wbem\\unsecapp.exe
C:\\Users\\ANTOSC~1\\AppData\\Local\\Temp\\RtkBtMnt.exe
C:\\Program Files\\Internet Explorer\\iexplore.exe
C:\\Program Files\\Synaptics\\SynTP\\SynTPHelper.exe
C:\\Users\\Antoschin\\appdata\\roaming\\msa\\mscj.exe
C:\\Users\\Antoschin\\Downloads\\RSIT.exe
C:\\Program Files\\trend micro\\Antoschin.exe

R1 - HKCU\\Software\\Microsoft\\Internet Explorer\\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0409&m=aspire_7738
R0 - HKCU\\Software\\Microsoft\\Internet Explorer\\Main,Start Page = http://start.icq.com/
R1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0409&m=aspire_7738
R1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0409&m=aspire_7738
R0 - HKLM\\Software\\Microsoft\\Internet Explorer\\Search,SearchAssistant =
R0 - HKLM\\Software\\Microsoft\\Internet Explorer\\Search,CustomizeSearch =
R0 - HKCU\\Software\\Microsoft\\Internet Explorer\\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {83821C2B-32A8-4DD7-B6D4-44309A78E668} - (no file)
R3 - URLSearchHook: (no name) - - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\\Program Files\\Common Files\\Adobe\\Acrobat\\ActiveX\\AcroIEHelperShim.dll
O2 - BHO: CBAbzockschutz.InitToolbarBHO - {2e250b90-0e7a-42a3-9d65-e39f9f227fa4} - mscoree.dll (file missing)
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\\Program Files\\Common Files\\Microsoft Shared\\Windows Live\\WindowsLiveLogin.dll
O3 - Toolbar: COMPUTERBILD-Abzockschutz - {353e2a48-6254-4bd3-88f4-3b51a0ca7870} - mscoree.dll (file missing)
O4 - HKLM\\..\\Run: [ArcadeDeluxeAgent] \"C:\\Program Files\\Acer Arcade Deluxe\\Acer Arcade Deluxe\\ArcadeDeluxeAgent.exe\"
O4 - HKLM\\..\\Run: [CLMLServer] \"C:\\Program Files\\Acer Arcade Deluxe\\Acer Arcade Deluxe\\Kernel\\CLML\\CLMLSvc.exe\"
O4 - HKLM\\..\\Run: [NvCplDaemon] RUNDLL32.EXE C:\\Windows\\system32\\NvCpl.dll,NvStartup
O4 - HKLM\\..\\Run: [NvMediaCenter] RUNDLL32.EXE C:\\Windows\\system32\\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\\..\\Run: [AmIcoSinglun] C:\\Program Files\\AmIcoSingLun\\AmIcoSinglun.exe
O4 - HKLM\\..\\Run: [RtHDVCpl] C:\\Program Files\\Realtek\\Audio\\HDA\\RtHDVCpl.exe
O4 - HKLM\\..\\Run: [PLFSetI] C:\\Windows\\PLFSetI.exe
O4 - HKLM\\..\\Run: [VitaKeyPdtWzd] c:\\Program Files\\Acer Bio Protection\\PdtWzd.exe
O4 - HKLM\\..\\Run: [SynTPEnh] C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe
O4 - HKLM\\..\\Run: [LManager] C:\\Program Files\\Launch Manager\\LManager.exe
O4 - HKLM\\..\\Run: [Acer ePower Management] C:\\Program Files\\Acer\\Acer PowerSmart Manager\\ePowerTray.exe
O4 - HKLM\\..\\Run: [EgisTecLiveUpdate] \"C:\\Program Files\\EgisTec Egis Software Update\\EgisUpdate.exe\"
O4 - HKLM\\..\\Run: [Diamondback] C:\\Program Files\\Razer\\Diamondback 3G\\razerhid.exe
O4 - HKLM\\..\\Run: [Windows Mobile-based device management] %windir%\\WindowsMobile\\wmdc.exe
O4 - HKLM\\..\\Run: [Ocs_SM] C:\\Users\\Antoschin\\AppData\\Roaming\\OCS\\SM\\SearchAnonymizer.exe
O4 - HKCU\\..\\Run: [ehTray.exe] C:\\Windows\\ehome\\ehTray.exe
O4 - HKCU\\..\\Run: [WMPNSCFG] C:\\Program Files\\Windows Media Player\\WMPNSCFG.exe
O4 - HKCU\\..\\Run: [M5T8QL3YW3] C:\\Users\\Antoschin\\AppData\\Local\\Temp\\Iji.exe
O4 - HKCU\\..\\Run: [mscjm.exe] C:\\Users\\Antoschin\\AppData\\Roaming\\MSA\\mscjm.exe
O4 - HKCU\\..\\Run: [mscj.exe] C:\\Users\\Antoschin\\AppData\\Roaming\\MSA\\mscj.exe
O4 - HKCU\\..\\Run: [p2papp50] rundll32.exe \"C:\\Users\\Antoschin\\AppData\\Local\\p2papp50\\p2papp50.dll\", DllInit
O4 - HKCU\\..\\Run: [mscjm] c:\\users\\antoschin\\appdata\\roaming\\msa\\mscjm.exe
O4 - HKCU\\..\\Run: [mscj] c:\\users\\antoschin\\appdata\\roaming\\msa\\mscj.exe
O4 - HKUS\\S-1-5-19\\..\\Run: [Sidebar] %ProgramFiles%\\Windows Sidebar\\Sidebar.exe /detectMem (User \'LOKALER DIENST\')
O4 - HKUS\\S-1-5-19\\..\\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User \'LOKALER DIENST\')
O4 - HKUS\\S-1-5-20\\..\\Run: [Sidebar] %ProgramFiles%\\Windows Sidebar\\Sidebar.exe /detectMem (User \'NETZWERKDIENST\')
O4 - Global Startup: Acer VCM.lnk = ?
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\\Users\\Antoschin\\AppData\\Roaming\\DVDVideoSoftIEHelpers\\youtubetomp3.htm
O8 - Extra context menu item: Google Sidewiki... - res://C:\\Program Files\\Google\\Google Toolbar\\Component\\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\\PROGRA~1\\MICROS~3\\Office10\\EXCEL.EXE/3000
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\\PROGRA~1\\MICROS~3\\Office12\\EXCEL.EXE/3000
O9 - Extra button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\\Program Files\\Windows Live\\Writer\\WriterBrowserExtension.dll
O9 - Extra \'Tools\' menuitem: In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\\Program Files\\Windows Live\\Writer\\WriterBrowserExtension.dll
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\\PROGRA~1\\MICROS~3\\Office12\\ONBttnIE.dll
O9 - Extra \'Tools\' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\\PROGRA~1\\MICROS~3\\Office12\\ONBttnIE.dll
O9 - Extra button: @C:\\Windows\\WindowsMobile\\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\\Windows\\WindowsMobile\\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\\Windows\\WindowsMobile\\INetRepl.dll
O9 - Extra \'Tools\' menuitem: @C:\\Windows\\WindowsMobile\\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\\Windows\\WindowsMobile\\INetRepl.dll
O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\\Program Files\\ICQ7.0\\ICQ.exe
O9 - Extra \'Tools\' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\\Program Files\\ICQ7.0\\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\\PROGRA~1\\MICROS~3\\Office12\\REFIEBAR.DLL
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - http://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\\PROGRA~1\\COMMON~1\\Skype\\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\\Windows\\system32\\browseui.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\\Windows\\system32\\agrsmsvc.exe
O23 - Service: CLHNService - Unknown owner - C:\\Program Files\\Acer Arcade Deluxe\\HomeMedia\\Kernel\\DMP\\CLHNService.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\\Program Files\\Acer\\Acer PowerSmart Manager\\ePowerSvc.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\\Program Files\\Intel\\WiFi\\bin\\EvtEng.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\\Program Files\\MAGIX\\Common\\Database\\bin\\fbserver.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\\Program Files\\Common Files\\Macrovision Shared\\FLEXnet Publisher\\FNPLicensingService.exe
O23 - Service: FsUsbExService - Teruten - C:\\Windows\\system32\\FsUsbExService.Exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\\Program Files\\Google\\Update\\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\\Program Files\\Common Files\\InstallShield\\Driver\\1150\\Intel 32\\IDriverT.exe
O23 - Service: EgisTec Service (IGBASVC) - Egis Technology Inc. - c:\\Program Files\\Acer Bio Protection\\BASVC.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\\Program Files\\Common Files\\Sony Shared\\AVLib\\MSCSPTISRV.exe
O23 - Service: MyWinLocker Service (MWLService) - EgisTec Inc. - C:\\Program Files\\EgisTec\\MyWinLocker 3\\x86\\\\MWLService.exe
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\\Program Files\\NewTech Infosystems\\Acer Backup Manager\\IScheduleSvc.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\\Program Files\\NewTech Infosystems\\NTI Backup Now 5\\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\\Program Files\\NewTech Infosystems\\NTI Backup Now 5\\SchedulerSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\\Windows\\system32\\nvvsvc.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\\Program Files\\Common Files\\Sony Shared\\AVLib\\PACSPTISVR.exe
O23 - Service: PnkBstrA - Unknown owner - C:\\Windows\\system32\\PnkBstrA.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\\Program Files\\Common Files\\Intel\\WirelessCommon\\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\\Program Files\\WinPcap\\rpcapd.exe
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\\Program Files\\Acer\\Acer VCM\\RS_Service.exe
O23 - Service: S3D Service (Win32) - iZ3D Inc. - C:\\Program Files\\iZ3D Driver\\Win32\\S3DCService.exe
O23 - Service: SearchAnonymizer - Unknown owner - C:\\Users\\Antoschin\\AppData\\Roaming\\OCS\\SM\\SearchAnonymizerHelper.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\\Program Files\\Common Files\\Sony Shared\\AVLib\\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\\Program Files\\Common Files\\Sony Shared\\AVLib\\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\\Program Files\\Common Files\\Sony Shared\\AVLib\\SSScsiSV.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\\Program Files\\Common Files\\Steam\\SteamService.exe
O23 - Service: @C:\\Program Files\\TuneUp Utilities 2010\\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\\Program Files\\TuneUp Utilities 2010\\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\\Program Files\\TuneUp Utilities 2010\\TuneUpUtilitiesService32.exe
O23 - Service: WEP/WPA-PMK key recovery service (WZCOOK) - Unknown owner - C:\\Users\\Antoschin\\Downloads\\aircrack-ng-1.0-win\\aircrack-ng-1.0-win\\bin\\wzcook.exe

--
End of file - 12119 bytes

======Scheduled tasks folder======

C:\\Windows\\tasks\\GoogleUpdateTaskMachineCore.job
C:\\Windows\\tasks\\GoogleUpdateTaskMachineUA.job
C:\\Windows\\tasks\\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
C:\\Windows\\tasks\\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Browser Helper Objects\\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\\Program Files\\Common Files\\Adobe\\Acrobat\\ActiveX\\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Browser Helper Objects\\{2e250b90-0e7a-42a3-9d65-e39f9f227fa4}]
CBAbzockschutz.InitToolbarBHO - C:\\Windows\\SYSTEM32\\mscoree.dll [2009-11-08 297808]

[HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Browser Helper Objects\\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Anmelde-Hilfsprogramm - C:\\Program Files\\Common Files\\Microsoft Shared\\Windows Live\\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\Toolbar]
{353e2a48-6254-4bd3-88f4-3b51a0ca7870} - COMPUTERBILD-Abzockschutz - C:\\Windows\\SYSTEM32\\mscoree.dll [2009-11-08 297808]

[HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Run]
\"ArcadeDeluxeAgent\"=C:\\Program Files\\Acer Arcade Deluxe\\Acer Arcade Deluxe\\ArcadeDeluxeAgent.exe [2009-01-21 156968]
\"CLMLServer\"=C:\\Program Files\\Acer Arcade Deluxe\\Acer Arcade Deluxe\\Kernel\\CLML\\CLMLSvc.exe [2009-01-21 202024]
\"NvCplDaemon\"=C:\\Windows\\system32\\NvCpl.dll [2009-02-10 13605408]
\"NvMediaCenter\"=C:\\Windows\\system32\\NvMcTray.dll [2009-02-10 92704]
\"AmIcoSinglun\"=C:\\Program Files\\AmIcoSingLun\\AmIcoSinglun.exe [2008-10-24 237568]
\"RtHDVCpl\"=C:\\Program Files\\Realtek\\Audio\\HDA\\RtHDVCpl.exe [2009-03-11 6957600]
\"PLFSetI\"=C:\\Windows\\PLFSetI.exe [2009-04-23 200704]
\"VitaKeyPdtWzd\"=c:\\Program Files\\Acer Bio Protection\\PdtWzd.exe [2009-02-13 3549696]
\"SynTPEnh\"=C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe [2008-12-05 1410344]
\"LManager\"=C:\\Program Files\\Launch Manager\\LManager.exe [2009-02-24 870920]
\"Acer ePower Management\"=C:\\Program Files\\Acer\\Acer PowerSmart Manager\\ePowerTray.exe [2009-03-11 715296]
\"EgisTecLiveUpdate\"=C:\\Program Files\\EgisTec Egis Software Update\\EgisUpdate.exe [2008-10-27 199464]
\"Diamondback\"=C:\\Program Files\\Razer\\Diamondback 3G\\razerhid.exe [2007-08-01 147456]
\"Windows Mobile-based device management\"=C:\\Windows\\WindowsMobile\\wmdc.exe [2007-01-24 563080]
\"Ocs_SM\"=C:\\Users\\Antoschin\\AppData\\Roaming\\OCS\\SM\\SearchAnonymizer.exe [2010-01-30 106496]

[HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Run]
\"ehTray.exe\"=C:\\Windows\\ehome\\ehTray.exe [2008-01-21 125952]
\"WMPNSCFG\"=C:\\Program Files\\Windows Media Player\\WMPNSCFG.exe [2008-01-21 202240]
\"M5T8QL3YW3\"=C:\\Users\\Antoschin\\AppData\\Local\\Temp\\Iji.exe [2010-06-17 168448]
\"mscjm.exe\"=C:\\Users\\Antoschin\\AppData\\Roaming\\MSA\\mscjm.exe [2010-06-27 10240]
\"mscj.exe\"=C:\\Users\\Antoschin\\AppData\\Roaming\\MSA\\mscj.exe [2010-06-27 131072]
\"p2papp50\"=C:\\Users\\Antoschin\\AppData\\Local\\p2papp50\\p2papp50.dll [2010-06-17 69632]
\"mscjm\"=c:\\users\\antoschin\\appdata\\roaming\\msa\\mscjm.exe [2010-06-27 10240]
\"mscj\"=c:\\users\\antoschin\\appdata\\roaming\\msa\\mscj.exe [2010-06-27 131072]

[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\Adobe Reader Speed Launcher]
C:\\Program Files\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe [2008-06-12 34672]

[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\AdobeCS4ServiceManager]
C:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe [2008-08-14 611712]

[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\AutoStartNPSAgent]
C:\\Program Files\\Samsung\\Samsung New PC Studio\\NPSAgent.exe [2010-02-11 102400]

[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\BackupManagerTray]
C:\\Program Files\\NewTech Infosystems\\Acer Backup Manager\\BackupManagerTray.exe [2009-03-20 249600]

[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\Google Desktop Search]
C:\\Program Files\\Google\\Google Desktop Search\\GoogleDesktop.exe /startup []

[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\mwlDaemon]
C:\\Program Files\\EgisTec\\MyWinLocker 3\\x86\\mwlDaemon.exe [2008-10-27 346672]

[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\swg]
C:\\Program Files\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe []

[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupreg\\Windows Defender]
C:\\Program Files\\Windows Defender\\MSASCui.exe [2008-01-21 1008184]

[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupfolder\\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^ICQ-Tools.de Launcher.lnk]
C:\\Windows\\Installer\\{959214DF-C502-402A-A5A0-D8CE3EB74CDC}\\_AA6D09703DA76FD7ACB5DC.exe [2010-01-30 10134]

[HKEY_LOCAL_MACHINE\\software\\microsoft\\shared tools\\msconfig\\startupfolder\\C:^Users^Antoschin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk]
C:\\PROGRA~1\\MICROS~3\\Office12\\ONENOTEM.EXE [2008-10-25 98696]

C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup
Acer VCM.lnk - C:\\Program Files\\Acer\\Acer VCM\\AcerVCM.exe

[HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\Lsa]
\"notification packages\"=c:\\Program Files\\Acer Bio Protection\\PwdFilter

[HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SafeBoot\\network\\WudfPf]

[HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SafeBoot\\network\\WudfRd]

[HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SafeBoot\\network\\WudfSvc]

[HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SafeBoot\\network\\WudfUsbccidDriver]

[HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System]
\"kmtpbuawurrbahxbudkeTaskMgr\"=0
\"DisableTaskMgr\"=1

[HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System]
\"EnableLUA\"=0
\"dontdisplaylastusername\"=0
\"legalnoticecaption\"=
\"legalnoticetext\"=
\"shutdownwithoutlogon\"=1
\"undockwithoutlogon\"=1
\"EnableUIADesktopToggle\"=0

[HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\explorer]
\"BindDirectlyToPropertySetStorage\"=

[HKEY_LOCAL_MACHINE\\system\\currentcontrolset\\services\\sharedaccess\\parameters\\firewallpolicy\\standardprofile\\authorizedapplications\\list]

[HKEY_LOCAL_MACHINE\\system\\currentcontrolset\\services\\sharedaccess\\parameters\\firewallpolicy\\domainprofile\\authorizedapplications\\list]

[HKEY_CURRENT_USER\\software\\microsoft\\windows\\currentversion\\explorer\\mountpoints2\\{01374f55-6633-11de-9bb5-001f1698f6f4}]
shell\\AutoRun\\command - E:\\SETUPX.exe

[HKEY_CURRENT_USER\\software\\microsoft\\windows\\currentversion\\explorer\\mountpoints2\\{26079f04-7517-11de-a7b7-001f1698f6f4}]
shell\\AutoRun\\command - E:\\SETUPX.exe

======List of files/folders created in the last 1 months======

2010-06-27 21:09:13 ----D---- C:\\rsit
2010-06-27 21:09:13 ----D---- C:\\Program Files\\trend micro
2010-06-27 21:02:29 ----D---- C:\\Users\\Antoschin\\AppData\\Roaming\\MSA
2010-06-27 20:06:19 ----A---- C:\\Windows\\ntbtlog.txt
2010-06-27 20:05:42 ----D---- C:\\Users\\Antoschin\\AppData\\Roaming\\Malwarebytes
2010-06-27 20:05:34 ----D---- C:\\ProgramData\\Malwarebytes
2010-06-27 20:05:34 ----D---- C:\\Program Files\\Malwarebytes\' Anti-Malware
2010-06-27 20:00:11 ----D---- C:\\Program Files\\CCleaner
2010-06-27 19:14:29 ----A---- C:\\Windows\\system32\\PresentationHostProxy.dll
2010-06-27 19:14:29 ----A---- C:\\Windows\\system32\\PresentationHost.exe
2010-06-27 19:14:29 ----A---- C:\\Windows\\system32\\netfxperf.dll
2010-06-27 19:14:29 ----A---- C:\\Windows\\system32\\mscoree.dll
2010-06-27 19:14:29 ----A---- C:\\Windows\\system32\\dfshim.dll
2010-06-27 19:09:05 ----A---- C:\\Windows\\system32\\asycfilt.dll
2010-06-27 19:09:00 ----A---- C:\\Windows\\system32\\inetcomm.dll
2010-06-27 19:08:56 ----A---- C:\\Windows\\system32\\tzres.dll
2010-06-27 19:08:37 ----A---- C:\\Windows\\system32\\iphlpsvc.dll
2010-06-27 19:08:34 ----A---- C:\\Windows\\system32\\ntoskrnl.exe
2010-06-27 19:08:33 ----A---- C:\\Windows\\system32\\ntkrnlpa.exe
2010-06-27 19:08:29 ----A---- C:\\Windows\\system32\\cabview.dll
2010-06-27 19:08:28 ----A---- C:\\Windows\\system32\\wintrust.dll
2010-06-27 19:08:26 ----A---- C:\\Windows\\system32\\atmfd.dll
2010-06-27 19:08:25 ----A---- C:\\Windows\\system32\\atmlib.dll
2010-06-18 23:26:27 ----D---- C:\\ProgramData\\NOS
2010-06-18 23:26:27 ----D---- C:\\Program Files\\NOS
2010-06-17 16:16:18 ----A---- C:\\Windows\\Ibeqia.exe
2010-06-17 14:18:36 ----A---- C:\\Windows\\system32\\sshnas21.dll
2010-06-15 22:19:52 ----D---- C:\\Program Files\\WinPcap
2010-06-07 21:37:05 ----A---- C:\\Windows\\system32\\uxtuneup.dll
2010-06-07 21:37:05 ----A---- C:\\Windows\\system32\\authuitu.dll
2010-06-04 00:23:38 ----A---- C:\\Windows\\system32\\dxtmeta2.dll
2010-06-04 00:10:02 ----D---- C:\\Program Files\\Smart Projects
2010-06-01 16:16:01 ----A---- C:\\Windows\\system32\\PCGW32.DLL
2010-06-01 16:15:58 ----D---- C:\\Users\\Antoschin\\AppData\\Roaming\\iZ3D Driver
2010-06-01 16:15:56 ----D---- C:\\ProgramData\\iZ3D Driver
2010-06-01 16:15:56 ----D---- C:\\Program Files\\iZ3D Driver
2010-05-31 11:00:55 ----A---- C:\\Windows\\ODBC.INI
2010-05-30 21:48:30 ----D---- C:\\NVIDIA
2010-05-30 17:41:48 ----D---- C:\\Program Files\\SystemRequirementsLab
2010-05-28 23:32:37 ----D---- C:\\Users\\Antoschin\\AppData\\Roaming\\mresreg
2010-05-28 23:32:24 ----D---- C:\\Program Files\\HomepageFIX
2010-05-28 23:32:17 ----D---- C:\\Program Files\\mresreg
2010-05-28 23:15:03 ----A---- C:\\Windows\\system32\\ILDA32.DLL
2010-05-28 23:15:01 ----D---- C:\\Program Files\\Homepage Baukasten 8.0 Demo
2010-05-28 23:14:42 ----A---- C:\\Windows\\unin0407.exe
2010-05-28 19:01:58 ----A---- C:\\Windows\\EurekaLog.ini
2010-05-28 18:45:02 ----D---- C:\\Users\\Antoschin\\AppData\\Roaming\\BuddyW
2010-05-28 18:44:40 ----D---- C:\\Program Files\\BuddyW
2010-05-28 18:43:00 ----D---- C:\\Users\\Antoschin\\AppData\\Roaming\\KompoZer
2010-05-28 18:11:41 ----D---- C:\\Users\\Antoschin\\AppData\\Roaming\\AntiBrowserSpy 2009
2010-05-28 18:11:33 ----D---- C:\\Users\\Antoschin\\AppData\\Roaming\\COMPUTERBILD Browser-Optimierer
2010-05-28 18:02:56 ----D---- C:\\Program Files\\AntiBrowserSpy

Werbung öffnet sich ständig Royson [Gast] - 27.June.2010, 19:36:29 - (pc.security)
- Werbung öffnet sich ständig GagstGast [Gast] - 28.June.2010, 04:08:21
- Werbung öffnet sich ständig Hausdoc - 27.June.2010, 19:42:45
  - Werbung öffnet sich ständig Royson [Gast] - 27.June.2010, 21:21:18
    - Werbung öffnet sich ständig Hausdoc - 27.June.2010, 21:35:56
    - Werbung öffnet sich ständig Hausdoc - 27.June.2010, 21:24:43
      - Werbung öffnet sich ständig Royson [Gast] - 27.June.2010, 21:27:44
        Werbung öffnet sich ständig Royson [Gast] - 27.June.2010, 21:28:30
        Werbung öffnet sich ständig Hausdoc - 27.June.2010, 21:31:58
        Werbung öffnet sich ständig Royson [Gast] - 27.June.2010, 21:36:47
        Werbung öffnet sich ständig cosinus - 30.June.2010, 13:30:12
        Werbung öffnet sich ständig Hausdoc - 27.June.2010, 21:39:05
        Werbung öffnet sich ständig Royson [Gast] - 27.June.2010, 21:41:12
        Werbung öffnet sich ständig Hausdoc - 27.June.2010, 21:44:00
        Werbung öffnet sich ständig Royson [Gast] - 28.June.2010, 13:18:31
        Werbung öffnet sich ständig Royson [Gast] - 28.June.2010, 13:19:05