ISATray.exe liegt im Verzeichnis für die MS Firewall und betrifft diese auch. Nach beenden des Prozesses war das entsprechende Icon weg.
Internat.exe ist die Startupdatei für die Weltzeituhr. Die habe ich allerdings schon seit ca. 1,5 Jahren auf dem Rechner.
Hier die Startup List: (nützliches Tool!!)
StartupList report, 24.08.2003, 09:12:32
StartupList version: 1.52
Started from : C:\Temp\startuplist\StartupList.EXE
Detected: Windows 2000 SP2 (WinNT 5.00.2195)
Detected: Internet Explorer v6.00 (6.00.2600.0000)
* Using default options
==================================================
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Programme\Panda Software\Panda Antivirus Titanium\Pavsrv50.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\System32\mspmspsv.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\inetsrv\inetinfo.exe
C:\WINNT\Explorer.EXE
C:\Programme\Panda Software\Panda Antivirus Titanium\APVXDWIN.EXE
C:\WINNT\System32\internat.exe
C:\Programme\Adobe\Acrobat 4.0\Distillr\AcroTray.exe
C:\Programme\Microsoft Firewall Client\ISATRAY.EXE
C:\Programme\Panda Software\Panda Antivirus Titanium\pavProxy.exe
C:\Programme\Panda Software\Panda Antivirus Titanium\AVENGINE.EXE
C:\WINNT\system32\svchost.exe
C:\Programme\Comundo\Comundo.exe
c:\programme\comundo\WsRasMon.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Temp\startuplist\StartupList.exe
--------------------------------------------------
Listing of startup folders:
Shell folders Common Startup:
[C:\Dokumente und Einstellungen\All Users.WINNT\Startmenü\Programme\Autostart]
Acrobat Assistant.lnk = C:\Programme\Adobe\Acrobat 4.0\Distillr\AcroTray.exe
Firewallclient-Konnektivitätsmonitor.LNK = C:\Programme\Microsoft Firewall Client\ISATRAY.EXE
Microsoft Office.lnk = C:\Programme\Microsoft Office\Office\OSA9.EXE
--------------------------------------------------
Checking Windows NT UserInit:
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = C:\WINNT\system32\userinit.exe,
--------------------------------------------------
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Synchronization Manager = mobsync.exe /logon
QuickTime Task = "C:\Programme\QuickTime\qttask.exe" -atboottime
APVXDWIN = "C:\Programme\Panda Software\Panda Antivirus Titanium\APVXDWIN.EXE" /s
--------------------------------------------------
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
internat.exe = internat.exe
IridiumTimeWizard = C:\Temp\Geklaut\Weltzeit\iridium.exe
--------------------------------------------------
Shell & screensaver key from C:\WINNT\SYSTEM.INI:
Shell=*INI section not found*
SCRNSAVE.EXE=*INI section not found*
drivers=*INI section not found*
Shell & screensaver key from Registry:
Shell=Explorer.exe
SCRNSAVE.EXE=*Registry value not found*
drivers=*Registry value not found*
Policies Shell key:
HKCU\..\Policies: Shell=*Registry key not found*
HKLM\..\Policies: Shell=*Registry value not found*
--------------------------------------------------
Enumerating Browser Helper Objects:
(no name) - (no file) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
--------------------------------------------------
Enumerating Task Scheduler jobs:
Symantec NetDetect.job
--------------------------------------------------
Enumerating Download Program Files:
[ActiveScan Installer Class]
InProcServer32 = C:\WINNT\Downloaded Program Files\asinst.dll
CODEBASE =
http://www.pandasoftware.com/activescan/as5/asinst.cab[Live365Player Class]
InProcServer32 = C:\WINNT\DOWNLO~1\Play365.dll
CODEBASE =
http://www.live365.com/players/play365.cab[Shockwave Flash Object]
InProcServer32 = C:\WINNT\System32\macromed\flash\Flash.ocx
CODEBASE =
http://download.macromedia.com/pub/shockwa...ash/swflash.cab--------------------------------------------------
Enumerating ShellServiceObjectDelayLoad items:
Network.ConnectionTray: C:\WINNT\system32\NETSHELL.dll
WebCheck: C:\WINNT\System32\webcheck.dll
SysTray: stobject.dll
--------------------------------------------------
End of report, 4.812 bytes
Report generated in 0,450 seconds
Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
/full - to include several rarely-important sections
/force9x - to include Win9x-only startups even if running on WinNT
/forcent - to include WinNT-only startups even if running on Win9x
/forceall - to include all Win9x and WinNT startups, regardless of platform
/history - to list version history only
Vielleicht ist da was drin??