Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Plötzliche Computer Abstürze

Plötzliche Computer Abstürze


Log-Analyse und Auswertung: Plötzliche Computer Abstürze

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Seite 2 von 2 1 2
Alt 26.09.2011, 21:00   #16
Prayer
 
Plötzliche Computer Abstürze - Standard

Plötzliche Computer Abstürze


ComboFix.txt:

Code:
ATTFilter
Combofix Logfile:


	
Code: 

 
ATTFilter


  

	
ComboFix 11-09-26.02 - Enrico 3 26.09.2011  21:41:30.2.4 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.49.1031.18.3069.1625 [GMT 2:00]
ausgeführt von:: c:\users\Enrico 3\Desktop\ComboFix.exe
Benutzte Befehlsschalter :: c:\users\Enrico 3\Desktop\CFScript.txt
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\users\Enrico 3\AppData\Local\emiwezanonulurup.dll"
"c:\windows\ssndii.exe"
"c:\windows\system32\easyupdatusapiu.dll"
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\ssndii.exe
c:\windows\system32\easyupdatusapiu.dll
.
.
(((((((((((((((((((((((   Dateien erstellt von 2011-08-26 bis 2011-09-26  ))))))))))))))))))))))))))))))
.
.
2011-09-26 19:50 . 2011-09-26 19:50	56200	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{599DD650-24CF-4ECE-9F84-EF178EABE86C}\offreg.dll
2011-09-26 19:49 . 2011-09-26 19:51	--------	d-----w-	c:\users\Enrico 3\AppData\Local\temp
2011-09-26 19:49 . 2011-09-26 19:49	--------	d-----w-	c:\users\TEMP\AppData\Local\temp
2011-09-26 19:49 . 2011-09-26 19:49	--------	d-----w-	c:\users\Gast\AppData\Local\temp
2011-09-26 15:23 . 2011-09-26 15:23	--------	d-----w-	C:\_OTL
2011-09-25 13:11 . 2011-09-25 13:11	--------	d-----w-	c:\users\Enrico 3\AppData\Roaming\NVIDIA
2011-09-25 11:32 . 2011-08-03 11:50	6613096	----a-w-	c:\windows\system32\nvwgf2um.dll
2011-09-25 11:32 . 2011-08-03 11:50	57960	----a-w-	c:\windows\system32\OpenCL.dll
2011-09-25 11:32 . 2011-08-03 11:50	16595560	----a-w-	c:\windows\system32\nvoglv32.dll
2011-09-25 11:32 . 2011-08-03 11:50	914024	----a-w-	c:\windows\system32\nvdispco32.dll
2011-09-25 11:32 . 2011-08-03 11:50	875112	----a-w-	c:\windows\system32\nvgenco32.dll
2011-09-25 11:32 . 2011-08-03 11:50	5404776	----a-w-	c:\windows\system32\nvcuda.dll
2011-09-25 11:32 . 2011-08-03 11:50	2391656	----a-w-	c:\windows\system32\nvcuvid.dll
2011-09-25 11:32 . 2011-08-03 11:50	2090088	----a-w-	c:\windows\system32\nvcuvenc.dll
2011-09-25 11:32 . 2011-08-03 11:50	17193576	----a-w-	c:\windows\system32\nvcompiler.dll
2011-09-25 11:32 . 2011-08-03 11:50	10304104	----a-w-	c:\windows\system32\drivers\nvlddmkm.sys
2011-09-24 15:22 . 2011-09-24 15:22	--------	d-----w-	c:\program files\ESET
2011-09-24 12:20 . 2011-09-24 12:20	--------	d-----w-	c:\users\Enrico 3\AppData\Roaming\Malwarebytes
2011-09-24 12:19 . 2011-09-24 12:19	--------	d-----w-	c:\programdata\Malwarebytes
2011-09-24 12:19 . 2011-09-24 12:19	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2011-09-24 12:19 . 2011-08-31 15:00	22216	----a-w-	c:\windows\system32\drivers\mbam.sys
2011-09-24 11:00 . 2011-09-24 11:32	--------	d-----w-	c:\program files\TeamViewer
2011-09-23 12:58 . 2011-09-23 12:58	--------	d-----w-	c:\users\UpdatusUser
2011-09-23 12:54 . 2011-09-23 12:54	--------	d-----w-	c:\program files\Microsoft Silverlight
2011-09-23 12:54 . 2011-09-23 12:54	--------	d-----w-	c:\programdata\Samsung
2011-09-23 12:44 . 2011-09-12 23:14	7269712	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{599DD650-24CF-4ECE-9F84-EF178EABE86C}\mpengine.dll
2011-09-22 17:28 . 2011-09-25 15:54	--------	d-----w-	c:\program files\SpeedFan
2011-09-20 13:51 . 2011-09-20 13:51	--------	d-----w-	c:\users\Enrico 3\AppData\Roaming\XMedia Recode
2011-09-20 13:25 . 2011-09-20 13:25	--------	d-----w-	c:\program files\XMedia Recode
2011-09-17 15:35 . 2011-09-17 15:35	--------	d-----w-	c:\program files\LOLReplay
2011-09-15 20:47 . 2011-09-15 20:47	--------	d-----w-	c:\program files\MSXML 4.0
2011-09-14 16:33 . 2011-09-14 16:33	--------	d-----w-	c:\windows\Samsung
2011-09-14 16:33 . 2011-06-21 00:23	24576	----a-w-	c:\windows\system32\Spool\prtprocs\w32x86\sst3cpc.dll
2011-09-14 16:32 . 2011-06-21 05:42	24064	----a-w-	c:\windows\system32\sst3cl3.dll
2011-09-14 16:32 . 2009-09-11 07:46	151552	----a-w-	c:\windows\system32\sst3cci.exe
2011-09-14 16:32 . 2009-09-11 07:46	65536	----a-w-	c:\windows\system32\sst3cci.dll
2011-09-14 16:31 . 2009-09-10 08:49	49152	----a-w-	c:\windows\system32\ssusbpn.dll
2011-09-14 16:31 . 2009-09-10 08:49	81920	----a-w-	c:\windows\system32\ssdevm.dll
2011-09-14 16:31 . 2009-09-10 08:49	82432	----a-w-	c:\windows\system32\msxml4r.dll
2011-09-14 16:31 . 2009-09-10 08:49	44544	----a-w-	c:\windows\system32\msxml4a.dll
2011-09-14 16:31 . 2009-09-10 08:49	21776	----a-w-	c:\windows\system32\msxml2a.dll
2011-09-14 16:30 . 2011-09-14 16:30	--------	d-----w-	c:\program files\Samsung
2011-09-14 16:13 . 2009-09-10 07:50	5120	------w-	c:\windows\system32\drivers\SSPORT.SYS
2011-09-14 14:50 . 2011-08-10 12:14	2409784	----a-w-	c:\program files\Windows Mail\OESpamFilter.dat
2011-09-13 12:59 . 2011-09-13 12:59	--------	d-----w-	c:\users\Enrico 3\.thumbnails
2011-09-11 12:24 . 2011-09-11 12:24	--------	d-----w-	c:\programdata\WindowsSearch
2011-09-09 15:05 . 2011-09-09 15:05	--------	d-----w-	C:\12c63f91399ac2689c1024
2011-09-09 14:57 . 2009-07-14 12:12	16896	----a-w-	c:\windows\system32\winusb.dll
2011-09-09 14:57 . 2009-07-13 23:51	34944	----a-w-	c:\windows\system32\drivers\winusb.sys
2011-09-09 14:53 . 2009-07-14 17:45	445008	----a-w-	c:\windows\system32\drivers\Wdf01000.sys
2011-09-09 14:53 . 2009-07-14 17:45	38480	----a-w-	c:\windows\system32\drivers\WdfLdr.sys
2011-09-09 14:44 . 2011-09-09 14:44	--------	d-----w-	c:\program files\NIBObeeLib
2011-09-05 17:04 . 2011-09-05 17:04	183696	----a-w-	c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2011-09-05 17:04 . 2011-09-05 17:04	183696	----a-w-	c:\program files\Internet Explorer\Plugins\nppdf32.dll
2011-09-05 14:44 . 2011-09-26 15:30	--------	d-----r-	c:\users\Enrico 3\Dropbox
2011-09-05 14:41 . 2011-09-26 17:11	--------	d-----w-	c:\users\Enrico 3\AppData\Roaming\Dropbox
2011-08-30 12:21 . 2011-08-30 12:21	1138440	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-19 20:02 . 2009-08-28 21:56	140496	----a-w-	c:\windows\system32\drivers\PnkBstrK.sys
2011-09-19 20:01 . 2009-08-29 17:32	280736	----a-w-	c:\windows\system32\PnkBstrB.xtr
2011-09-19 20:01 . 2009-08-28 21:56	280736	----a-w-	c:\windows\system32\PnkBstrB.exe
2011-09-19 20:00 . 2009-08-28 21:56	280768	----a-w-	c:\windows\system32\PnkBstrB.ex0
2011-08-31 14:01 . 2011-05-15 10:47	404640	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2011-08-03 11:50 . 2010-10-16 11:42	599144	----a-w-	c:\windows\system32\nvvsvc.exe
2011-08-03 11:50 . 2010-10-16 11:42	2560616	----a-w-	c:\windows\system32\nvsvcr.dll
2011-08-03 11:50 . 2010-10-16 11:42	111208	----a-w-	c:\windows\system32\nvmctray.dll
2011-08-03 11:50 . 2010-10-16 11:42	3730024	----a-w-	c:\windows\system32\nvcpl.dll
2011-08-03 11:50 . 2010-10-16 11:42	2558568	----a-w-	c:\windows\system32\nvsvc.dll
2011-08-03 11:50 . 2010-04-03 16:27	66664	----a-w-	c:\windows\system32\nvshext.dll
2011-08-03 11:50 . 2008-05-02 20:46	2412136	----a-w-	c:\windows\system32\nvapi.dll
2011-08-03 11:50 . 2008-05-02 20:46	12636776	----a-w-	c:\windows\system32\nvd3dum.dll
2011-08-03 01:31 . 2011-08-03 01:31	311912	----a-w-	c:\windows\system32\nvStreaming.exe
2011-07-22 02:54 . 2011-08-11 21:23	1797632	----a-w-	c:\windows\system32\jscript9.dll
2011-07-22 02:48 . 2011-08-11 21:23	1126912	----a-w-	c:\windows\system32\wininet.dll
2011-07-22 02:44 . 2011-08-11 21:23	2382848	----a-w-	c:\windows\system32\mshtml.tlb
2011-07-11 13:25 . 2011-08-24 14:13	2048	----a-w-	c:\windows\system32\tzres.dll
2011-07-06 15:31 . 2011-08-11 15:12	214016	----a-w-	c:\windows\system32\drivers\mrxsmb10.sys
2011-06-30 10:40 . 2009-08-28 21:03	66616	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2011-06-30 10:40 . 2009-08-28 21:03	138192	----a-w-	c:\windows\system32\drivers\avipbb.sys
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12	94208	----a-w-	c:\users\Enrico 3\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12	94208	----a-w-	c:\users\Enrico 3\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12	94208	----a-w-	c:\users\Enrico 3\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2008-05-07 6139904]
"Skytel"="Skytel.exe" [2007-11-20 1826816]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-12-01 281768]
.
c:\users\Enrico 3\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
CurseClientStartup.ccip [2010-3-19 0]
Dropbox.lnk - c:\users\Enrico 3\AppData\Roaming\Dropbox\bin\Dropbox.exe [2011-9-2 24183152]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"WMPNSCFG"=c:\program files\Windows Media Player\WMPNSCFG.exe
"ehTray.exe"=c:\windows\ehome\ehTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"FreePDF Assistant"=c:\program files\FreePDF_XP\fpassist.exe
"UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe"
"Samsung PanelMgr"=c:\windows\Samsung\PanelMgr\ssmmgr.exe /autorun
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-06-26 136176]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-06-26 136176]
R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [x]
R3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\ScreamingBAudio.sys [2010-07-01 34896]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2009-12-19 722416]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [2011-04-28 136360]
S2 DevoloNetworkService;devolo Network Service;c:\program files\devolo\dlan\devolonetsvc.exe [2010-07-19 2231616]
S2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [2010-01-03 246520]
S2 NPF_devolo;NetGroup Packet Filter Driver (devolo);c:\windows\system32\drivers\npf_devolo.sys [2010-06-10 35840]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-08-03 2255464]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [2009-09-10 5120]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-08-03 379496]
S2 TeamViewer5;TeamViewer 5;c:\program files\TeamViewer\Version5\TeamViewer_Service.exe [2010-04-16 173352]
S2 TeamViewer6;TeamViewer 6;c:\program files\TeamViewer\Version6\TeamViewer_Service.exe [2011-08-30 2358656]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2009-12-09 1044808]
S3 arusb_lh;TP-LINK TL-WN821N 11N Wireless device driver;c:\windows\system32\DRIVERS\arusb_lh.sys [2008-07-24 437760]
S3 netr28u;RT2870 USB Wireless LAN Card Driver for Vista;c:\windows\system32\DRIVERS\netr28u.sys [2007-11-21 569344]
S3 Ph3xIB32;Philips 713x Inbox PCI TV Card;c:\windows\system32\DRIVERS\Ph3xIB32.sys [2007-04-03 1131136]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2009-10-14 10064]
S3 X10Hid;X10 Hid Device;c:\windows\system32\Drivers\x10hid.sys [2006-11-17 13976]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	FontCache
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp
.
Inhalt des "geplante Tasks" Ordners
.
2011-09-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-06-26 23:49]
.
2011-09-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-06-26 23:49]
.
2011-09-26 c:\windows\Tasks\User_Feed_Synchronization-{922948E4-51CB-426B-9169-4462F3F7F7B1}.job
- c:\windows\system32\msfeedssync.exe [2011-05-04 12:21]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.de/
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Enrico 3\AppData\Roaming\Mozilla\Firefox\Profiles\lx33bz2r.default\
FF - prefs.js: browser.search.defaulturl - 
FF - prefs.js: browser.search.selectedEngine - 
FF - prefs.js: browser.startup.homepage - 
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
.
**************************************************************************
Scanne versteckte Prozesse... 
.
Scanne versteckte Autostarteinträge... 
.
Scanne versteckte Dateien... 
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="Opera.HTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="Opera.HTML"
.
[HKEY_USERS\S-1-5-21-80837186-2041014162-264518140-1001\Software\SecuROM\License information*]
"datasecu"=hex:cc,10,5d,e4,49,61,74,5f,1f,5c,8c,f6,ee,26,6a,19,1e,46,ac,eb,ba,
   67,33,71,dc,64,c7,9b,81,88,c9,ce,cf,62,a6,98,21,d8,f7,f6,ac,20,e2,7e,f0,f7,\
"rkeysecu"=hex:70,47,ed,af,bb,4e,66,db,b5,2a,b0,9e,c0,49,d2,f8
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'Explorer.exe'(4024)
c:\users\Enrico 3\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\NVIDIA Corporation\Display\nvxdsync.exe
c:\windows\system32\nvvsvc.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\progra~1\COMMON~1\X10\Common\x10nets.exe
c:\windows\system32\WUDFHost.exe
c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
c:\windows\system32\conime.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\servicing\TrustedInstaller.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2011-09-26  21:58:19 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2011-09-26 19:56
ComboFix2.txt  2011-09-26 19:04
.
Vor Suchlauf: 19 Verzeichnis(se), 156.713.275.392 Bytes frei
Nach Suchlauf: 20 Verzeichnis(se), 157.376.700.416 Bytes frei
.
- - End Of File - - FF0EB09891185B01ED99A2127C4DF1FA
         
 
--- --- ---

Alt 27.09.2011, 10:23   #17
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Plötzliche Computer Abstürze - Standard

Plötzliche Computer Abstürze


Ok. Bitte nun Logs mit GMER und OSAM erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen.
Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst.

Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM!

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe - (aswMBR.exe Anleitung)
    Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
    Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS-Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).

__________________

__________________
Alt 27.09.2011, 14:14   #18
Prayer
 
Plötzliche Computer Abstürze - Standard

Plötzliche Computer Abstürze


So, natürlich funktionierte bei mir GMER nicht, da es während der Überprüfung ''nicht mehr funktioniert''.

Das Log von OSAM:

Code:
ATTFilter
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Report of OSAM: Autorun Manager v5.0.11926.0</title>
<style type="text/css">
body
{
    margin                    : 10px 10px 10px 20px;
    color                     : #000000;
    background-color          : #fffbf0;
    font                      : 10pt Tahoma, Verdana, Arial, Helvetica, sans-serif;
    scrollbar-3dlight-color   : #fffbf0;
    scrollbar-arrow-color     : #000000;
    scrollbar-darkshadow-color: #000000;
    scrollbar-face-color      : #fffbf0;
    scrollbar-highlight-color : #000000;
    scrollbar-shadow-color    : #fffbf0;
    scrollbar-track-color     : #fffbf0;
}
a:link
{
    color: #e15616;
}
a:visited 
{
    color: #e15616;
}
a:hover
{
    color: #e4743f;
}
a:active
{
    color: #e4743f;
}
.header1
{
    font-size  : 115%;
    font-weight: bold;
    margin-left: 0px;
}
table
{
    border-collapse: collapse;
    border         : 1px solid #000000;
    cellpadding    : 0;
    cellspacing    : 0;
    width          : 90%;
}
td,th
{
    font-size     : 12px;
    color         : #000000;
    background    : #fffbf0;
    border        : 1px solid #000000;
    text-align    : left;
    vertical-align: top;
    padding       : 2px 4px 2px 4px;
}
.cap
{
    font-weight: bold;
    font-size  : 10pt;
    padding    : 2px 4px 2px 4px;
    border     : 1px solid #000000;
}
.group
{
    font-weight: bold;
    font-size  : 10pt;
    padding    : 2px 4px 2px 4px;
    text-align : center;
}
.reg
{
    font-weight: bold;
    font-size  : 10pt;
    border     : 0px none;
    padding    : 2px 4px 2px 4px;
}
.notfound
{
    background-color: #B3DDFF;
}
.blocked
{
    background-color: #FF96EB;
}
.nodetails
{
    background-color: #FFFF75;
}
.trusted
{
    background-color: #C8FFC8;
}
.rootkit
{
    background-color: #FF8696;
}
td.rs { text-align: center; vertical-align: center; font-family: courier; }
td.rs.rm { background: #F90424; title: "Malware"; }
td.rs.ri { background: #F90424; title: "Infected"; color: #21F411; }
td.rs.rw { background: #F90424; title: "Unwanted"; }
td.rs.rs { background: #F90424; title: "Suspicious"; }
td.rs.rt { background: #21F411; title: "Trusted"; }
td.rs.rc { background: #21F411; title: "Checked"; }
td.rs.ry { background: #21F411; title: "Up-to-You"; }
td.rs.rr { background: #F6EB13; title: "Riskware"; }
td.rs.ru { background: #D4D0C8; title: "Unknown"; }
td.rs.rn { background: #FFFFFF; title: "Not checked"; }
</style>
</head>
<body>
<p><span class="header1">Report of OSAM: Autorun Manager v5.0.11926.0</span><br>
<a href="hxxp://www.online-solutions.ru/en/" target="_blank">hxxp://www.online-solutions.ru/en/</a><br>
Saved at 14:42:39 on 27.09.2011</p>
<b>OS</b>: Windows Vista Home Premium Edition Service Pack 2 (Build 6002), 32-bit<br>
<b>Default Browser</b>: Opera Software Opera Internet Browser 11.51<br>
<br><b>Scanner Settings</b><br>
<input type="checkbox" disabled checked>Rootkits detection (hidden registry)<br>
<input type="checkbox" disabled checked>Rootkits detection (hidden files)<br>
<input type="checkbox" disabled checked>Retrieve files information<br>
<input type="checkbox" disabled checked>Check Microsoft signatures<br>
<br><b>Filters</b><br>
<input type="checkbox" disabled>Trusted entries<br>
<input type="checkbox" disabled>Empty entries<br>
<input type="checkbox" disabled checked>Hidden registry entries (rootkit activity)<br>
<input type="checkbox" disabled checked>Exclusively opened files<br>
<input type="checkbox" disabled checked>Not found files<br>
<input type="checkbox" disabled checked>Files without detailed information<br>
<input type="checkbox" disabled checked>Existing files<br>
<input type="checkbox" disabled>Non-startable services<br>
<input type="checkbox" disabled>Non-startable drivers<br>
<input type="checkbox" disabled checked>Active entries<br>
<input type="checkbox" disabled checked>Disabled entries<br>
<br>
<table border="1" cellpadding="0" cellspacing="0">
<tr>
<th class="cap" width="20">&nbsp;</th>
<th class="cap">Risk</th>
<th class="cap">Name</th>
<th class="cap">Publisher</th>
<th class="cap">Full Path</th>
<th class="cap">Status</th>
</tr>
<tr>
<td class="group" colspan="6">Common</td>
</tr>
<tr>
<td class="reg" colspan="6">%SystemRoot%\Tasks</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs ry">||||&nbsp;&nbsp;</td>
<td>"GoogleUpdateTaskMachineCore.job"</td>
<td>"Google Inc."</td>
<td>C:\Program Files\Google\Update\GoogleUpdate.exe</td>
<td>File exists</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs ry">||||&nbsp;&nbsp;</td>
<td>"GoogleUpdateTaskMachineUA.job"</td>
<td>"Google Inc."</td>
<td>C:\Program Files\Google\Update\GoogleUpdate.exe</td>
<td>File exists</td>
</tr>
<tr>
<td class="group" colspan="6">Control Panel Objects</td>
</tr>
<tr>
<td class="reg" colspan="6">%SystemRoot%\system32</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs rt">||||||</td>
<td>"FlashPlayerCPLApp.cpl"</td>
<td>"Adobe Systems Incorporated"</td>
<td>C:\Windows\system32\FlashPlayerCPLApp.cpl</td>
<td>File exists</td>
</tr>
<tr>
<td class="reg" colspan="6">HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs rt">||||||</td>
<td>"Adobe Gamma"</td>
<td>"Adobe Systems, Inc."</td>
<td>C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma.cpl</td>
<td>File exists</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs rt">||||||</td>
<td>"mlcfg32.cpl"</td>
<td>"Microsoft Corporation"</td>
<td>C:\PROGRA~1\MICROS~4\Office12\MLCFG32.CPL</td>
<td>File exists</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs rt">||||||</td>
<td>"Pando"</td>
<td>"Pando Networks"</td>
<td>C:\Program Files\Pando Networks\Media Booster\PMB.cpl</td>
<td>File exists</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs rt">||||||</td>
<td>"QuickTime"</td>
<td>"Apple Inc."</td>
<td>C:\Program Files\QuickTime\QTSystem\QuickTime.cpl</td>
<td>File exists</td>
</tr>
<tr>
<td class="group" colspan="6">Drivers</td>
</tr>
<tr>
<td class="reg" colspan="6">HKLM\SYSTEM\CurrentControlSet\Services</td>
</tr>
<tr>
<td class="rootkit"><input type="checkbox" disabled checked></td>
<td class="rs rn">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
<td class="rootkit">"a4h2sb7e" (a4h2sb7e)</td>
<td class="rootkit"></td>
<td class="rootkit">C:\Windows\system32\drivers\a4h2sb7e.sys</td>
<td class="rootkit">Hidden registry entry, rootkit activity | File not found</td>
</tr>
<tr>
<td class="rootkit"><input type="checkbox" disabled checked></td>
<td class="rs rn">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
<td class="rootkit">"aswMBR" (aswMBR)</td>
<td class="rootkit"></td>
<td class="rootkit">C:\Users\ENRICO~1\AppData\Local\Temp\aswMBR.sys</td>
<td class="rootkit">Hidden registry entry, rootkit activity | File not found</td>
</tr>
<tr>
<td class="nodetails"><input type="checkbox" disabled checked></td>
<td class="rs rt">||||||</td>
<td class="nodetails">"atksgt" (atksgt)</td>
<td class="nodetails"></td>
<td class="nodetails">C:\Windows\System32\DRIVERS\atksgt.sys</td>
<td class="nodetails">File found, but it contains no detailed information</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs rt">||||||</td>
<td>"avgio" (avgio)</td>
<td>"Avira GmbH"</td>
<td>C:\Program Files\Avira\AntiVir Desktop\avgio.sys</td>
<td>File exists</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs rt">||||||</td>
<td>"avgntflt" (avgntflt)</td>
<td>"Avira GmbH"</td>
<td>C:\Windows\System32\DRIVERS\avgntflt.sys</td>
<td>File exists</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs rt">||||||</td>
<td>"avipbb" (avipbb)</td>
<td>"Avira GmbH"</td>
<td>C:\Windows\System32\DRIVERS\avipbb.sys</td>
<td>File exists</td>
</tr>
<tr>
<td class="notfound"><input type="checkbox" disabled checked></td>
<td class="rs rn">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
<td class="notfound">"catchme" (catchme)</td>
<td class="notfound"></td>
<td class="notfound">C:\ComboFix\catchme.sys</td>
<td class="notfound">File not found</td>
</tr>
<tr>
<td class="notfound"><input type="checkbox" disabled checked></td>
<td class="rs rn">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
<td class="notfound">"DgiVecp" (DgiVecp)</td>
<td class="notfound"></td>
<td class="notfound">C:\Windows\system32\Drivers\DgiVecp.sys</td>
<td class="notfound">File not found</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs rt">||||||</td>
<td>"GEARAspiWDM" (GEARAspiWDM)</td>
<td>"GEAR Software Inc."</td>
<td>C:\Windows\System32\Drivers\GEARAspiWDM.sys</td>
<td>File exists</td>
</tr>
<tr>
<td class="nodetails"><input type="checkbox" disabled checked></td>
<td class="rs rt">||||||</td>
<td class="nodetails">"giveio" (giveio)</td>
<td class="nodetails"></td>
<td class="nodetails">C:\Windows\System32\giveio.sys</td>
<td class="nodetails">File found, but it contains no detailed information</td>
</tr>
<tr>
<td class="notfound"><input type="checkbox" disabled checked></td>
<td class="rs rn">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
<td class="notfound">"IP in IP Tunnel Driver" (IpInIp)</td>
<td class="notfound"></td>
<td class="notfound">C:\Windows\System32\DRIVERS\ipinip.sys</td>
<td class="notfound">File not found</td>
</tr>
<tr>
<td class="notfound"><input type="checkbox" disabled checked></td>
<td class="rs rn">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
<td class="notfound">"IPX Traffic Filter Driver" (NwlnkFlt)</td>
<td class="notfound"></td>
<td class="notfound">C:\Windows\System32\DRIVERS\nwlnkflt.sys</td>
<td class="notfound">File not found</td>
</tr>
<tr>
<td class="notfound"><input type="checkbox" disabled checked></td>
<td class="rs rn">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
<td class="notfound">"IPX Traffic Forwarder Driver" (NwlnkFwd)</td>
<td class="notfound"></td>
<td class="notfound">C:\Windows\System32\DRIVERS\nwlnkfwd.sys</td>
<td class="notfound">File not found</td>
</tr>
<tr>
<td class="notfound"><input type="checkbox" disabled checked></td>
<td class="rs rn">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
<td class="notfound">"Lavasoft helper driver" (Lavasoft Kernexplorer)</td>
<td class="notfound"></td>
<td class="notfound">C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys</td>
<td class="notfound">File not found</td>
</tr>
<tr>
<td class="nodetails"><input type="checkbox" disabled checked></td>
<td class="rs rt">||||||</td>
<td class="nodetails">"lirsgt" (lirsgt)</td>
<td class="nodetails"></td>
<td class="nodetails">C:\Windows\System32\DRIVERS\lirsgt.sys</td>
<td class="nodetails">File found, but it contains no detailed information</td>
</tr>
<tr>
<td class="notfound"><input type="checkbox" disabled checked></td>
<td class="rs rn">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
<td class="notfound">"MBAMSwissArmy" (MBAMSwissArmy)</td>
<td class="notfound"></td>
<td class="notfound">C:\Windows\system32\drivers\mbamswissarmy.sys</td>
<td class="notfound">File not found</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs rr">||||||</td>
<td>"NetGroup Packet Filter Driver (devolo)" (NPF_devolo)</td>
<td>"CACE Technologies"</td>
<td>C:\Windows\system32\drivers\npf_devolo.sys</td>
<td>File exists</td>
</tr>
<tr>
<td class="rootkit"><input type="checkbox" disabled checked></td>
<td class="rs ru">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
<td class="rootkit">"pwdiypod" (pwdiypod)</td>
<td class="rootkit">"GMER"</td>
<td class="rootkit">C:\pwdiypod.sys</td>
<td class="rootkit">Hidden registry entry, rootkit activity</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs ru">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
<td>"RT2870 USB Wireless LAN Card Driver for Vista" (netr28u)</td>
<td>"Ralink Technology Corp."</td>
<td>C:\Windows\System32\DRIVERS\netr28u.sys</td>
<td>File exists</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs rt">||||||</td>
<td>"speedfan" (speedfan)</td>
<td>"Almico Software"</td>
<td>C:\Windows\System32\speedfan.sys</td>
<td>File exists</td>
</tr>
<tr>
<td class="blocked"><input type="checkbox" disabled checked></td>
<td class="rs rt">||||||</td>
<td class="blocked">"sptd" (sptd)</td>
<td class="blocked">"Duplex Secure Ltd."</td>
<td class="blocked">C:\Windows\System32\Drivers\sptd.sys</td>
<td class="blocked">File is exclusively opened, access blocked</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs rt">||||||</td>
<td>"ssmdrv" (ssmdrv)</td>
<td>"Avira GmbH"</td>
<td>C:\Windows\System32\DRIVERS\ssmdrv.sys</td>
<td>File exists</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs rt">||||||</td>
<td>"SSPORT" (SSPORT)</td>
<td>"Samsung Electronics"</td>
<td>C:\Windows\system32\Drivers\SSPORT.sys</td>
<td>File exists</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs rc">||&nbsp;&nbsp;&nbsp;&nbsp;</td>
<td>"TP-LINK TL-WN821N 11N Wireless device driver" (arusb_lh)</td>
<td>"Atheros Communications, Inc."</td>
<td>C:\Windows\System32\DRIVERS\arusb_lh.sys</td>
<td>File exists</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs rt">||||||</td>
<td>"TuneUpUtilitiesDrv" (TuneUpUtilitiesDrv)</td>
<td>"TuneUp Software"</td>
<td>C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys</td>
<td>File exists</td>
</tr>
<tr>
<td class="group" colspan="6">Explorer</td>
</tr>
<tr>
<td class="reg" colspan="6">HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved</td>
</tr>
<tr>
<td class="notfound"><input type="checkbox" disabled checked></td>
<td class="rs rn">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
<td class="notfound">{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt"</td>
<td class="notfound"></td>
<td class="notfound"></td>
<td class="notfound">File not found | COM-object registry key not found</td>
</tr>
<tr>
<td class="notfound"><input type="checkbox" disabled checked></td>
<td class="rs rn">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
<td class="notfound">{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt"</td>
<td class="notfound"></td>
<td class="notfound"></td>
<td class="notfound">File not found | COM-object registry key not found</td>
</tr>
<tr>
<td class="notfound"><input type="checkbox" disabled checked></td>
<td class="rs rn">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
<td class="notfound">{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt"</td>
<td class="notfound"></td>
<td class="notfound"></td>
<td class="notfound">File not found | COM-object registry key not found</td>
</tr>
<tr>
<td class="notfound"><input type="checkbox" disabled checked></td>
<td class="rs rn">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
<td class="notfound">{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt"</td>
<td class="notfound"></td>
<td class="notfound"></td>
<td class="notfound">File not found | COM-object registry key not found</td>
</tr>
<tr>
<td class="reg" colspan="6">HKLM\Software\Classes\Folder\shellex\ColumnHandlers</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs ru">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
<td>{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension"</td>
<td>"Adobe Systems, Inc."</td>
<td>C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll</td>
<td>File exists</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs rt">||||||</td>
<td>{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}"</td>
<td></td>
<td>C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll</td>
<td>File exists</td>
</tr>
<tr>
<td class="reg" colspan="6">HKLM\Software\Classes\Protocols\Filter</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs rt">||||||</td>
<td>{807563E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter"</td>
<td>"Microsoft Corporation"</td>
<td>C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL</td>
<td>File exists</td>
</tr>
<tr>
<td class="reg" colspan="6">HKLM\Software\Classes\Protocols\Handler</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs rt">||||||</td>
<td>{314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class"</td>
<td>"Microsoft Corporation"</td>
<td>C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll</td>
<td>File exists</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs ry">||||&nbsp;&nbsp;</td>
<td>{828030A1-22C1-4009-854F-8E305202313F} "livecall"</td>
<td>"Microsoft Corporation"</td>
<td>C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL</td>
<td>File exists</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs rt">||||||</td>
<td>{88FED34C-F0CA-4636-A375-3CB6248B04CD} "Local Groove Web Services Protocol"</td>
<td>"Microsoft Corporation"</td>
<td>C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll</td>
<td>File exists</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs rt">||||||</td>
<td>{0A9007C0-4076-11D3-8789-0000F8105754} "Microsoft Infotech Storage Protocol for IE 4.0"</td>
<td>"Microsoft Corporation"</td>
<td>C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll</td>
<td>File exists</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs ry">||||&nbsp;&nbsp;</td>
<td>{828030A1-22C1-4009-854F-8E305202313F} "msnim"</td>
<td>"Microsoft Corporation"</td>
<td>C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL</td>
<td>File exists</td>
</tr>
<tr>
<td class="reg" colspan="6">HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks</td>
</tr>
<tr>
<td class="notfound"><input type="checkbox" disabled checked></td>
<td class="rs rn">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
<td class="notfound">{B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook"</td>
<td class="notfound"></td>
<td class="notfound"></td>
<td class="notfound">File not found | COM-object registry key not found</td>
</tr>
<tr>
<td class="reg" colspan="6">HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved</td>
</tr>
<tr>
<td class="notfound"><input type="checkbox" disabled checked></td>
<td class="rs rn">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
<td class="notfound">{911051fa-c21c-4246-b470-070cd8df6dc4} ".cab or .zip files"</td>
<td class="notfound"></td>
<td class="notfound"></td>
<td class="notfound">File not found | COM-object registry key not found</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs rt">||||||</td>
<td>{23170F69-40C1-278A-1000-000100020000} "7-Zip Shell Extension"</td>
<td>"Igor Pavlov"</td>
<td>C:\Program Files\7-Zip\7-zip.dll</td>
<td>File exists</td>
</tr>
<tr>
<td class="notfound"><input type="checkbox" disabled checked></td>
<td class="rs rn">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
<td class="notfound">{1b24a030-9b20-49bc-97ac-1be4426f9e59} "ActiveDirectory Folder"</td>
<td class="notfound"></td>
<td class="notfound"></td>
<td class="notfound">File not found | COM-object registry key not found</td>
</tr>
<tr>
<td class="notfound"><input type="checkbox" disabled checked></td>
<td class="rs rn">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
<td class="notfound">{34449847-FD14-4fc8-A75A-7432F5181EFB} "ActiveDirectory Folder"</td>
<td class="notfound"></td>
<td class="notfound"></td>
<td class="notfound">File not found | COM-object registry key not found</td>
</tr>
<tr>
<td class="notfound"><input type="checkbox" disabled checked></td>
<td class="rs rn">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
<td class="notfound">{0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48} "Contacts folder"</td>
<td class="notfound"></td>
<td class="notfound"></td>
<td class="notfound">File not found | COM-object registry key not found</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs rt">||||||</td>
<td>{A70C977A-BF00-412C-90B7-034C51DA2439} "DesktopContext Class"</td>
<td>"NVIDIA Corporation"</td>
<td>C:\Program Files\NVIDIA Corporation\Display\nvui.dll</td>
<td>File exists</td>
</tr>
<tr>
<td class="notfound"><input type="checkbox" disabled checked></td>
<td class="rs rn">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
<td class="notfound">{2C2577C2-63A7-40e3-9B7F-586602617ECB} "Explorer Query Band"</td>
<td class="notfound"></td>
<td class="notfound"></td>
<td class="notfound">File not found | COM-object registry key not found</td>
</tr>
<tr>
<td class="notfound"><input type="checkbox" disabled checked></td>
<td class="rs rn">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
<td class="notfound">{99FD978C-D287-4F50-827F-B2C658EDA8E7} "Groove Explorer Icon Overlay 1 (GFS Unread Stub)"</td>
<td class="notfound"></td>
<td class="notfound"></td>
<td class="notfound">File not found | COM-object registry key not found</td>
</tr>
<tr>
<td class="notfound"><input type="checkbox" disabled checked></td>
<td class="rs rn">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
<td class="notfound">{AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} "Groove Explorer Icon Overlay 2 (GFS Stub)"</td>
<td class="notfound"></td>
<td class="notfound"></td>
<td class="notfound">File not found | COM-object registry key not found</td>
</tr>
<tr>
<td class="notfound"><input type="checkbox" disabled checked></td>
<td class="rs rn">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
<td class="notfound">{920E6DB1-9907-4370-B3A0-BAFC03D81399} "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)"</td>
<td class="notfound"></td>
<td class="notfound"></td>
<td class="notfound">File not found | COM-object registry key not found</td>
</tr>
<tr>
<td class="notfound"><input type="checkbox" disabled checked></td>
<td class="rs rn">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
<td class="notfound">{16F3DD56-1AF5-4347-846D-7C10C4192619} "Groove Explorer Icon Overlay 3 (GFS Folder)"</td>
<td class="notfound"></td>
<td class="notfound"></td>
<td class="notfound">File not found | COM-object registry key not found</td>
</tr>
<tr>
<td class="notfound"><input type="checkbox" disabled checked></td>
<td class="rs rn">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
<td class="notfound">{2916C86E-86A6-43FE-8112-43ABE6BF8DCC} "Groove Explorer Icon Overlay 4 (GFS Unread Mark)"</td>
<td class="notfound"></td>
<td class="notfound"></td>
<td class="notfound">File not found | COM-object registry key not found</td>
</tr>
<tr>
<td class="notfound"><input type="checkbox" disabled checked></td>
<td class="rs rn">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
<td class="notfound">{72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper"</td>
<td class="notfound"></td>
<td class="notfound"></td>
<td class="notfound">File not found | COM-object registry key not found</td>
</tr>
<tr>
<td class="notfound"><input type="checkbox" disabled checked></td>
<td class="rs rn">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
<td class="notfound">{6C467336-8281-4E60-8204-430CED96822D} "Groove GFS Context Menu Handler"</td>
<td class="notfound"></td>
<td class="notfound"></td>
<td class="notfound">File not found | COM-object registry key not found</td>
</tr>
<tr>
<td class="notfound"><input type="checkbox" disabled checked></td>
<td class="rs rn">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
<td class="notfound">{2A541AE1-5BF6-4665-A8A3-CFA9672E4291} "Groove GFS Explorer Bar"</td>
<td class="notfound"></td>
<td class="notfound"></td>
<td class="notfound">File not found | COM-object registry key not found</td>
</tr>
<tr>
<td class="notfound"><input type="checkbox" disabled checked></td>
<td class="rs rn">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
<td class="notfound">{B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook"</td>
<td class="notfound"></td>
<td class="notfound"></td>
<td class="notfound">File not found | COM-object registry key not found</td>
</tr>
<tr>
<td class="notfound"><input type="checkbox" disabled checked></td>
<td class="rs rn">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
<td class="notfound">{A449600E-1DC6-4232-B948-9BD794D62056} "Groove GFS Stub Icon Handler"</td>
<td class="notfound"></td>
<td class="notfound"></td>
<td class="notfound">File not found | COM-object registry key not found</td>
</tr>
<tr>
<td class="notfound"><input type="checkbox" disabled checked></td>
<td class="rs rn">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
<td class="notfound">{387E725D-DC16-4D76-B310-2C93ED4752A0} "Groove XML Icon Handler"</td>
<td class="notfound"></td>
<td class="notfound"></td>
<td class="notfound">File not found | COM-object registry key not found</td>
</tr>
<tr>
<td class="notfound"><input type="checkbox" disabled checked></td>
<td class="rs rn">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
<td class="notfound">{FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist"</td>
<td class="notfound"></td>
<td class="notfound"></td>
<td class="notfound">File not found | COM-object registry key not found</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs rt">||||||</td>
<td>{42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler"</td>
<td>"Microsoft Corporation"</td>
<td>C:\Program Files\Microsoft Office\OFFICE11\msohev.dll</td>
<td>File exists</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs rt">||||||</td>
<td>{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler"</td>
<td>"Microsoft Corporation"</td>
<td>C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll</td>
<td>File exists</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs rt">||||||</td>
<td>{5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C} "Microsoft Office OneNote Namespace Extension for Windows Desktop Search"</td>
<td>"Microsoft Corporation"</td>
<td>C:\PROGRA~1\MICROS~4\Office12\ONFILTER.DLL</td>
<td>File exists</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs rt">||||||</td>
<td>{00020d75-0000-0000-c000-000000000046} "Microsoft Office Outlook"</td>
<td>"Microsoft Corporation"</td>
<td>C:\PROGRA~1\MICROS~4\Office12\MLSHEXT.DLL</td>
<td>File exists</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs rt">||||||</td>
<td>{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler"</td>
<td>"Microsoft Corporation"</td>
<td>C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll</td>
<td>File exists</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs rt">||||||</td>
<td>{3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} "NVIDIA CPL Context Menu Extension"</td>
<td>"NVIDIA Corporation"</td>
<td>C:\Windows\system32\nvshext.dll</td>
<td>File exists</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs rt">||||||</td>
<td>{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "OpenOffice.org Column Handler"</td>
<td></td>
<td>C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll</td>
<td>File exists</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs rt">||||||</td>
<td>{087B3AE3-E237-4467-B8DB-5A38AB959AC9} "OpenOffice.org Infotip Handler"</td>
<td></td>
<td>C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll</td>
<td>File exists</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs rt">||||||</td>
<td>{63542C48-9552-494A-84F7-73AA6A7C99C1} "OpenOffice.org Property Sheet Handler"</td>
<td></td>
<td>C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll</td>
<td>File exists</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs rt">||||||</td>
<td>{3B092F0C-7696-40E3-A80F-68D74DA84210} "OpenOffice.org Thumbnail Viewer"</td>
<td></td>
<td>C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll</td>
<td>File exists</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs rt">||||||</td>
<td>{0006F045-0000-0000-C000-000000000046} "Outlook File Icon Extension"</td>
<td>"Microsoft Corporation"</td>
<td>C:\PROGRA~1\MICROS~4\Office12\OLKFSTUB.DLL</td>
<td>File exists</td>
</tr>
<tr>
<td class="notfound"><input type="checkbox" disabled checked></td>
<td class="rs rn">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
<td class="notfound">{C8494E42-ACDD-4739-B0FB-217361E4894F} "Sam Account Folder"</td>
<td class="notfound"></td>
<td class="notfound"></td>
<td class="notfound">File not found | COM-object registry key not found</td>
</tr>
<tr>
<td class="notfound"><input type="checkbox" disabled checked></td>
<td class="rs rn">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
<td class="notfound">{E29F9716-5C08-4FCD-955A-119FDB5A522D} "Sam Account Folder"</td>
<td class="notfound"></td>
<td class="notfound"></td>
<td class="notfound">File not found | COM-object registry key not found</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs rt">||||||</td>
<td>{45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning"</td>
<td>"Avira GmbH"</td>
<td>C:\Program Files\Avira\AntiVir Desktop\shlext.dll</td>
<td>File exists</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs rt">||||||</td>
<td>{4838CD50-7E5D-4811-9B17-C47A85539F28} "TuneUp Disk Space Explorer Shell Extension"</td>
<td>"TuneUp Software"</td>
<td>C:\Program Files\TuneUp Utilities 2010\DseShExt-x86.dll</td>
<td>File exists</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs rt">||||||</td>
<td>{4858E7D9-8E12-45a3-B6A3-1CD128C9D403} "TuneUp Shredder Shell Extension"</td>
<td>"TuneUp Software"</td>
<td>C:\Program Files\TuneUp Utilities 2010\SDShelEx-win32.dll</td>
<td>File exists</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs rt">||||||</td>
<td>{44440D00-FF19-4AFC-B765-9A0970567D97} "TuneUp Theme Extension"</td>
<td>"TuneUp Software"</td>
<td>C:\Windows\System32\uxtuneup.dll</td>
<td>File exists</td>
</tr>
<tr>
<td class="nodetails"><input type="checkbox" disabled checked></td>
<td class="rs rt">||||||</td>
<td class="nodetails">{DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} "UnlockerShellExtension"</td>
<td class="nodetails"></td>
<td class="nodetails">C:\Program Files\Unlocker\UnlockerCOM.dll</td>
<td class="nodetails">File found, but it contains no detailed information</td>
</tr>
<tr>
<td class="notfound"><input type="checkbox" disabled checked></td>
<td class="rs rn">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
<td class="notfound">{da67b8ad-e81b-4c70-9b91b417b5e33527} "Windows Search Shell Service"</td>
<td class="notfound"></td>
<td class="notfound"></td>
<td class="notfound">File not found | COM-object registry key not found</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs rt">||||||</td>
<td>{B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR"</td>
<td>"Alexander Roshal"</td>
<td>C:\Program Files\WinRAR\rarext.dll</td>
<td>File exists</td>
</tr>
<tr>
<td class="group" colspan="6">Internet Explorer</td>
</tr>
<tr>
<td class="reg" colspan="6">HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser</td>
</tr>
<tr>
<td class="notfound"><input type="checkbox" disabled checked></td>
<td class="rs rn">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
<td class="notfound">ITBar7Height "ITBar7Height"</td>
<td class="notfound"></td>
<td class="notfound"></td>
<td class="notfound">File not found | COM-object registry key not found</td>
</tr>
<tr>
<td class="notfound"><input type="checkbox" disabled checked></td>
<td class="rs rn">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
<td class="notfound"><binary data> "ITBar7Layout"</td>
<td class="notfound"></td>
<td class="notfound"></td>
<td class="notfound">File not found | COM-object registry key not found</td>
</tr>
<tr>
<td class="reg" colspan="6">HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs ry">||||&nbsp;&nbsp;</td>
<td>{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_26"<br>hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab</td>
<td>"Sun Microsystems, Inc."</td>
<td>C:\Program Files\Java\jre6\bin\jp2iexp.dll</td>
<td>File exists</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs ry">||||&nbsp;&nbsp;</td>
<td>{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} "Java Plug-in 1.6.0_26"<br>hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab</td>
<td>"Sun Microsystems, Inc."</td>
<td>C:\Program Files\Java\jre6\bin\jp2iexp.dll</td>
<td>File exists</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs ry">||||&nbsp;&nbsp;</td>
<td>{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_26"<br>hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab</td>
<td>"Sun Microsystems, Inc."</td>
<td>C:\Program Files\Java\jre6\bin\npjpi160_26.dll</td>
<td>File exists</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs ru">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
<td>{D27CDB6E-AE6D-11CF-96B8-444553540000} "Shockwave Flash Object"<br>hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab</td>
<td>"Adobe Systems, Inc."</td>
<td>C:\Windows\system32\Macromed\Flash\Flash10w.ocx</td>
<td>File exists</td>
</tr>
<tr>
<td class="reg" colspan="6">HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs ry">||||&nbsp;&nbsp;</td>
<td>{48E73304-E1D6-4330-914C-F5F514E3486C} "An OneNote senden"</td>
<td>"Microsoft Corporation"</td>
<td>C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll</td>
<td>File exists</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs rt">||||||</td>
<td>{53707962-6F74-2D53-2644-206D7942484F} "ClsidExtension"</td>
<td>"Safer Networking Limited"</td>
<td>C:\Program Files\Spybot - Search & Destroy\SDHelper.dll</td>
<td>File exists</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs ry">||||&nbsp;&nbsp;</td>
<td>"ICQ7"</td>
<td>"ICQ, LLC."</td>
<td>C:\Program Files\ICQ7.0\ICQ.exe</td>
<td>File exists</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs ry">||||&nbsp;&nbsp;</td>
<td>{FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Research"</td>
<td>"Microsoft Corporation"</td>
<td>C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL</td>
<td>File exists</td>
</tr>
<tr>
<td class="reg" colspan="6">HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs ru">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
<td>{18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper"</td>
<td>"Adobe Systems Incorporated"</td>
<td>C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll</td>
<td>File exists</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs ry">||||&nbsp;&nbsp;</td>
<td>{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper"</td>
<td>"Sun Microsystems, Inc."</td>
<td>C:\Program Files\Java\jre6\bin\jp2ssv.dll</td>
<td>File exists</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs rt">||||||</td>
<td>{53707962-6F74-2D53-2644-206D7942484F} "Spybot-S&D IE Protection"</td>
<td>"Safer Networking Limited"</td>
<td>C:\Program Files\Spybot - Search & Destroy\SDHelper.dll</td>
<td>File exists</td>
</tr>
<tr>
<td class="group" colspan="6">Logon</td>
</tr>
<tr>
<td class="reg" colspan="6">%APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs ry">||||&nbsp;&nbsp;</td>
<td>"Adobe Gamma.lnk"</td>
<td>"Adobe Systems, Inc."</td>
<td>C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe</td>
<td>Shortcut exists | File exists</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs rn">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
<td>"CurseClientStartup.ccip"</td>
<td></td>
<td>C:\Users\Enrico 3\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip</td>
<td>File exists</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs rt">||||||</td>
<td>"desktop.ini"</td>
<td></td>
<td>C:\Users\Enrico 3\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini</td>
<td>File exists</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs ru">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
<td>"Dropbox.lnk"</td>
<td>"Dropbox, Inc."</td>
<td>C:\Users\Enrico 3\AppData\Roaming\Dropbox\bin\Dropbox.exe</td>
<td>Shortcut exists | File exists</td>
</tr>
<tr>
<td class="reg" colspan="6">%AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs rt">||||||</td>
<td>"desktop.ini"</td>
<td></td>
<td>C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini</td>
<td>File exists</td>
</tr>
<tr>
<td class="reg" colspan="6">HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd</td>
</tr>
<tr>
<td class="notfound"><input type="checkbox" disabled checked></td>
<td class="rs rn">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
<td class="notfound">"StartupPrograms"</td>
<td class="notfound"></td>
<td class="notfound">rdpclip</td>
<td class="notfound">File not found</td>
</tr>
<tr>
<td class="reg" colspan="6">HKLM\Software\Microsoft\Windows\CurrentVersion\Run</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs rt">||||||</td>
<td>"avgnt"</td>
<td>"Avira GmbH"</td>
<td>"C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min</td>
<td>File exists</td>
</tr>
<tr>
<td class="group" colspan="6">Print Monitors</td>
</tr>
<tr>
<td class="reg" colspan="6">HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors</td>
</tr>
<tr>
<td class="nodetails"><input type="checkbox" disabled checked></td>
<td class="rs rt">||||||</td>
<td class="nodetails">"Redirected Port"</td>
<td class="nodetails"></td>
<td class="nodetails">C:\Windows\system32\redmonnt.dll</td>
<td class="nodetails">File found, but it contains no detailed information</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs rt">||||||</td>
<td>"Send To Microsoft OneNote Monitor"</td>
<td>"Microsoft Corporation"</td>
<td>C:\Windows\system32\msonpmon.dll</td>
<td>File exists</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs ru">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
<td>"SST3C Langmon"</td>
<td></td>
<td>C:\Windows\system32\sst3cl3.dll</td>
<td>File exists</td>
</tr>
<tr>
<td class="group" colspan="6">Services</td>
</tr>
<tr>
<td class="reg" colspan="6">HKLM\SYSTEM\CurrentControlSet\Services</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs rt">||||||</td>
<td>"@%SystemRoot%\System32\uxtuneup.dll,-4096" (UxTuneUp)</td>
<td>"TuneUp Software"</td>
<td>C:\Windows\System32\uxtuneup.dll</td>
<td>File exists</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs rt">||||||</td>
<td>"@C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1" (TuneUp.Defrag)</td>
<td>"TuneUp Software"</td>
<td>C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe</td>
<td>File exists</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs rt">||||||</td>
<td>"@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100" (WPFFontCache_v0400)</td>
<td>"Microsoft Corporation"</td>
<td>C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe</td>
<td>File exists</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs rc">||&nbsp;&nbsp;&nbsp;&nbsp;</td>
<td>"Adobe Acrobat Update Service" (AdobeARMservice)</td>
<td>"Adobe Systems Incorporated"</td>
<td>C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe</td>
<td>File exists</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs rt">||||||</td>
<td>"Adobe LM Service" (Adobe LM Service)</td>
<td>"Adobe Systems"</td>
<td>C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe</td>
<td>File exists</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs rt">||||||</td>
<td>"Avira AntiVir Guard" (AntiVirService)</td>
<td>"Avira GmbH"</td>
<td>C:\Program Files\Avira\AntiVir Desktop\avguard.exe</td>
<td>File exists</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs rt">||||||</td>
<td>"Avira AntiVir Planer" (AntiVirSchedulerService)</td>
<td>"Avira GmbH"</td>
<td>C:\Program Files\Avira\AntiVir Desktop\sched.exe</td>
<td>File exists</td>
</tr>
<tr>
<td class="nodetails"><input type="checkbox" disabled checked></td>
<td class="rs ru">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
<td class="nodetails">"devolo Network Service" (DevoloNetworkService)</td>
<td class="nodetails"></td>
<td class="nodetails">C:\Program Files\devolo\dlan\devolonetsvc.exe</td>
<td class="nodetails">File found, but it contains no detailed information</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs rc">||&nbsp;&nbsp;&nbsp;&nbsp;</td>
<td>"GameConsoleService" (GameConsoleService)</td>
<td>"WildTangent, Inc."</td>
<td>C:\Program Files\WildGames\Game Console - WildGames\GameConsoleService.exe</td>
<td>File exists</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs ry">||||&nbsp;&nbsp;</td>
<td>"Google Update Service (gupdate)" (gupdate)</td>
<td>"Google Inc."</td>
<td>C:\Program Files\Google\Update\GoogleUpdate.exe</td>
<td>File exists</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs ry">||||&nbsp;&nbsp;</td>
<td>"Google Update-Dienst (gupdatem)" (gupdatem)</td>
<td>"Google Inc."</td>
<td>C:\Program Files\Google\Update\GoogleUpdate.exe</td>
<td>File exists</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs rc">||&nbsp;&nbsp;&nbsp;&nbsp;</td>
<td>"ICQ Service" (ICQ Service)</td>
<td></td>
<td>C:\Program Files\ICQ6Toolbar\ICQ Service.exe</td>
<td>File exists</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs ry">||||&nbsp;&nbsp;</td>
<td>"InstallDriver Table Manager" (IDriverT)</td>
<td>"Macrovision Corporation"</td>
<td>C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe</td>
<td>File exists</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs rt">||||||</td>
<td>"Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32)</td>
<td>"Microsoft Corporation"</td>
<td>C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe</td>
<td>File exists</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs rt">||||||</td>
<td>"Microsoft Office Diagnostics Service" (odserv)</td>
<td>"Microsoft Corporation"</td>
<td>C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE</td>
<td>File exists</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs rt">||||||</td>
<td>"Microsoft Office Groove Audit Service" (Microsoft Office Groove Audit Service)</td>
<td>"Microsoft Corporation"</td>
<td>C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe</td>
<td>File exists</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs rt">||||||</td>
<td>"NVIDIA Display Driver Service" (nvsvc)</td>
<td>"NVIDIA Corporation"</td>
<td>C:\Windows\system32\nvvsvc.exe</td>
<td>File exists</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs rt">||||||</td>
<td>"NVIDIA Stereoscopic 3D Driver Service" (Stereo Service)</td>
<td>"NVIDIA Corporation"</td>
<td>C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe</td>
<td>File exists</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs rt">||||||</td>
<td>"NVIDIA Update Service Daemon" (nvUpdatusService)</td>
<td>"NVIDIA Corporation"</td>
<td>C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe</td>
<td>File exists</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs rt">||||||</td>
<td>"Office Source Engine" (ose)</td>
<td>"Microsoft Corporation"</td>
<td>C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE</td>
<td>File exists</td>
</tr>
<tr>
<td class="nodetails"><input type="checkbox" disabled checked></td>
<td class="rs rt">||||||</td>
<td class="nodetails">"PnkBstrA" (PnkBstrA)</td>
<td class="nodetails"></td>
<td class="nodetails">C:\Windows\system32\PnkBstrA.exe</td>
<td class="nodetails">File found, but it contains no detailed information</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs rt">||||||</td>
<td>"SBSD Security Center Service" (SBSDWSCService)</td>
<td>"Safer Networking Ltd."</td>
<td>C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe</td>
<td>File exists</td>
</tr>
<tr>
<td class="notfound"><input type="checkbox" disabled checked></td>
<td class="rs rn">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
<td class="notfound">"StarWind AE Service" (StarWindServiceAE)</td>
<td class="notfound"></td>
<td class="notfound">C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe</td>
<td class="notfound">File not found</td>
</tr>
<tr>
<td class="notfound"><input type="checkbox" disabled checked></td>
<td class="rs rn">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
<td class="notfound">"StarWind iSCSI Service" (StarWindService)</td>
<td class="notfound"></td>
<td class="notfound">C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe</td>
<td class="notfound">File not found</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs ru">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
<td>"Steam Client Service" (Steam Client Service)</td>
<td>"Valve Corporation"</td>
<td>C:\Program Files\Common Files\Steam\SteamService.exe</td>
<td>File exists</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs rr">||||||</td>
<td>"TeamViewer 5" (TeamViewer5)</td>
<td>"TeamViewer GmbH"</td>
<td>C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe</td>
<td>File exists</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs ru">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>
<td>"TeamViewer 6" (TeamViewer6)</td>
<td>"TeamViewer GmbH"</td>
<td>C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe</td>
<td>File exists</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs rt">||||||</td>
<td>"TuneUp Utilities Service" (TuneUp.UtilitiesSvc)</td>
<td>"TuneUp Software"</td>
<td>C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe</td>
<td>File exists</td>
</tr>
<tr>
<td><input type="checkbox" disabled checked></td>
<td class="rs rt">||||||</td>
<td>"X10 Device Network Service" (x10nets)</td>
<td>"X10"</td>
<td>C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe</td>
<td>File exists</td>
</tr>
</table>
<p>If You have questions or want to get some help, You can visit <a href="hxxp://forum.online-solutions.ru" target="_blank">hxxp://forum.online-solutions.ru</a></p>
</body></html>
Das Log von aswMBR:
Code:
ATTFilter
aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
Run date: 2011-09-27 14:43:30
-----------------------------
14:43:30.330    OS Version: Windows 6.0.6002 Service Pack 2
14:43:30.331    Number of processors: 4 586 0xF0B
14:43:30.331    ComputerName: ENRICO-PC  UserName: Enrico 3
14:43:32.231    Initialize success
14:43:35.722    AVAST engine defs: 11092700
14:43:41.443    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
14:43:41.448    Disk 0 Vendor: WDC_WD5000AACS-00ZUB0 01.01B01 Size: 476940MB BusType: 3
14:43:43.514    Disk 0 MBR read successfully
14:43:43.519    Disk 0 MBR scan
14:43:43.524    Disk 0 Windows VISTA default MBR code
14:43:43.529    Disk 0 scanning sectors +976768065
14:43:43.629    Disk 0 scanning C:\Windows\system32\drivers
14:43:56.584    Service scanning
14:43:57.643    Service sptd C:\Windows\System32\Drivers\sptd.sys **LOCKED** 32
14:43:58.172    Modules scanning
14:44:03.218    Disk 0 trace - called modules:
14:44:03.228    ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll >>UNKNOWN [0x8662c1f8]<<
14:44:03.233    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8708d380]
14:44:03.238    3 CLASSPNP.SYS[8b3a58b3] -> nt!IofCallDriver -> [0x866a6838]
14:44:03.243    5 acpi.sys[807c06bc] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x8666ab98]
14:44:03.253    \Driver\atapi[0x86679030] -> IRP_MJ_CREATE -> 0x8662c1f8
14:44:05.194    AVAST engine scan C:\Windows
14:44:10.528    AVAST engine scan C:\Windows\system32
14:46:39.288    AVAST engine scan C:\Windows\system32\drivers
14:46:54.470    AVAST engine scan C:\Users\Enrico 3
15:04:43.681    AVAST engine scan C:\ProgramData
15:09:04.380    Scan finished successfully
15:09:57.533    Disk 0 MBR has been saved successfully to "C:\Users\Enrico 3\Desktop\MBR.dat"
15:09:57.538    The log file has been saved successfully to "C:\Users\Enrico 3\Desktop\aswMBR.txt"
Kleine Frage: Wie lange wird es noch dauern, bis alles wieder funktioniert wie es sollte? Bzw. Weißt du, was das Problem für die Abstürze ist?

Mein Pc ist seit Sonntag nicht mehr abgestürzt, aber nur, weil ich keine Spiele und Videos offen hatte.
__________________
Alt 27.09.2011, 14:54   #19
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Plötzliche Computer Abstürze - Standard

Plötzliche Computer Abstürze


Zitat:
Das Log von OSAM:
Was hab ich zum Format des OSAM-Logs gepostet?
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 27.09.2011, 15:01   #20
Prayer
 
Plötzliche Computer Abstürze - Standard

Plötzliche Computer Abstürze


So jetzt aber, war etwas irritiert was mit der Online Abfrage gemeint sein sollte.

Code:
ATTFilter
OSAM Logfile:


	
Code: 

 
ATTFilter


  

	
Report of OSAM: Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 15:59:11 on 27.09.2011

OS: Windows Vista Home Premium Edition Service Pack 2 (Build 6002), 32-bit
Default Browser: Opera Software Opera Internet Browser 11.51

Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures

Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries


[Common]
-----( %SystemRoot%\Tasks )-----
"GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe

[Control Panel Objects]
-----( %SystemRoot%\system32 )-----
"FlashPlayerCPLApp.cpl" - "Adobe Systems Incorporated" - C:\Windows\system32\FlashPlayerCPLApp.cpl
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )-----
"Adobe Gamma" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma.cpl
"mlcfg32.cpl" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~4\Office12\MLCFG32.CPL
"Pando" - "Pando Networks" - C:\Program Files\Pando Networks\Media Booster\PMB.cpl
"QuickTime" - "Apple Inc." - C:\Program Files\QuickTime\QTSystem\QuickTime.cpl

[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"a4h2sb7e" (a4h2sb7e) - ? - C:\Windows\system32\drivers\a4h2sb7e.sys  (Hidden registry entry, rootkit activity | File not found)
"aswMBR" (aswMBR) - ? - C:\Users\ENRICO~1\AppData\Local\Temp\aswMBR.sys  (Hidden registry entry, rootkit activity | File not found)
"atksgt" (atksgt) - ? - C:\Windows\System32\DRIVERS\atksgt.sys  (File found, but it contains no detailed information)
"avgio" (avgio) - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\avgio.sys
"avgntflt" (avgntflt) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avgntflt.sys
"avipbb" (avipbb) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avipbb.sys
"catchme" (catchme) - ? - C:\ComboFix\catchme.sys  (File not found)
"DgiVecp" (DgiVecp) - ? - C:\Windows\system32\Drivers\DgiVecp.sys  (File not found)
"GEARAspiWDM" (GEARAspiWDM) - "GEAR Software Inc." - C:\Windows\System32\Drivers\GEARAspiWDM.sys
"giveio" (giveio) - ? - C:\Windows\System32\giveio.sys  (File found, but it contains no detailed information)
"IP in IP Tunnel Driver" (IpInIp) - ? - C:\Windows\System32\DRIVERS\ipinip.sys  (File not found)
"IPX Traffic Filter Driver" (NwlnkFlt) - ? - C:\Windows\System32\DRIVERS\nwlnkflt.sys  (File not found)
"IPX Traffic Forwarder Driver" (NwlnkFwd) - ? - C:\Windows\System32\DRIVERS\nwlnkfwd.sys  (File not found)
"Lavasoft helper driver" (Lavasoft Kernexplorer) - ? - C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys  (File not found)
"lirsgt" (lirsgt) - ? - C:\Windows\System32\DRIVERS\lirsgt.sys  (File found, but it contains no detailed information)
"MBAMSwissArmy" (MBAMSwissArmy) - ? - C:\Windows\system32\drivers\mbamswissarmy.sys  (File not found)
"NetGroup Packet Filter Driver (devolo)" (NPF_devolo) - "CACE Technologies" - C:\Windows\system32\drivers\npf_devolo.sys
"pwdiypod" (pwdiypod) - "GMER" - C:\pwdiypod.sys  (Hidden registry entry, rootkit activity)
"RT2870 USB Wireless LAN Card Driver for Vista" (netr28u) - "Ralink Technology Corp." - C:\Windows\System32\DRIVERS\netr28u.sys
"speedfan" (speedfan) - "Almico Software" - C:\Windows\System32\speedfan.sys
"sptd" (sptd) - "Duplex Secure Ltd." - C:\Windows\System32\Drivers\sptd.sys  (File is exclusively opened, access blocked)
"ssmdrv" (ssmdrv) - "Avira GmbH" - C:\Windows\System32\DRIVERS\ssmdrv.sys
"SSPORT" (SSPORT) - "Samsung Electronics" - C:\Windows\system32\Drivers\SSPORT.sys
"TP-LINK TL-WN821N 11N Wireless device driver" (arusb_lh) - "Atheros Communications, Inc." - C:\Windows\System32\DRIVERS\arusb_lh.sys
"TuneUpUtilitiesDrv" (TuneUpUtilitiesDrv) - "TuneUp Software" - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys

[Explorer]
-----( HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? -   (File not found | COM-object registry key not found)
{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? -   (File not found | COM-object registry key not found)
{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? -   (File not found | COM-object registry key not found)
{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? -   (File not found | COM-object registry key not found)
-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----
{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
-----( HKLM\Software\Classes\Protocols\Filter )-----
{807563E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
-----( HKLM\Software\Classes\Protocols\Handler )-----
{314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
{828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
{88FED34C-F0CA-4636-A375-3CB6248B04CD} "Local Groove Web Services Protocol" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
{0A9007C0-4076-11D3-8789-0000F8105754} "Microsoft Infotech Storage Protocol for IE 4.0" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll
{828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks )-----
{B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" - ? -   (File not found | COM-object registry key not found)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{911051fa-c21c-4246-b470-070cd8df6dc4} ".cab or .zip files" - ? -   (File not found | COM-object registry key not found)
{23170F69-40C1-278A-1000-000100020000} "7-Zip Shell Extension" - "Igor Pavlov" - C:\Program Files\7-Zip\7-zip.dll
{1b24a030-9b20-49bc-97ac-1be4426f9e59} "ActiveDirectory Folder" - ? -   (File not found | COM-object registry key not found)
{34449847-FD14-4fc8-A75A-7432F5181EFB} "ActiveDirectory Folder" - ? -   (File not found | COM-object registry key not found)
{0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48} "Contacts folder" - ? -   (File not found | COM-object registry key not found)
{A70C977A-BF00-412C-90B7-034C51DA2439} "DesktopContext Class" - "NVIDIA Corporation" - C:\Program Files\NVIDIA Corporation\Display\nvui.dll
{2C2577C2-63A7-40e3-9B7F-586602617ECB} "Explorer Query Band" - ? -   (File not found | COM-object registry key not found)
{99FD978C-D287-4F50-827F-B2C658EDA8E7} "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" - ? -   (File not found | COM-object registry key not found)
{AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} "Groove Explorer Icon Overlay 2 (GFS Stub)" - ? -   (File not found | COM-object registry key not found)
{920E6DB1-9907-4370-B3A0-BAFC03D81399} "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" - ? -   (File not found | COM-object registry key not found)
{16F3DD56-1AF5-4347-846D-7C10C4192619} "Groove Explorer Icon Overlay 3 (GFS Folder)" - ? -   (File not found | COM-object registry key not found)
{2916C86E-86A6-43FE-8112-43ABE6BF8DCC} "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" - ? -   (File not found | COM-object registry key not found)
{72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper" - ? -   (File not found | COM-object registry key not found)
{6C467336-8281-4E60-8204-430CED96822D} "Groove GFS Context Menu Handler" - ? -   (File not found | COM-object registry key not found)
{2A541AE1-5BF6-4665-A8A3-CFA9672E4291} "Groove GFS Explorer Bar" - ? -   (File not found | COM-object registry key not found)
{B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" - ? -   (File not found | COM-object registry key not found)
{A449600E-1DC6-4232-B948-9BD794D62056} "Groove GFS Stub Icon Handler" - ? -   (File not found | COM-object registry key not found)
{387E725D-DC16-4D76-B310-2C93ED4752A0} "Groove XML Icon Handler" - ? -   (File not found | COM-object registry key not found)
{FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist" - ? -   (File not found | COM-object registry key not found)
{42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\OFFICE11\msohev.dll
{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
{5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C} "Microsoft Office OneNote Namespace Extension for Windows Desktop Search" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~4\Office12\ONFILTER.DLL
{00020d75-0000-0000-c000-000000000046} "Microsoft Office Outlook" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~4\Office12\MLSHEXT.DLL
{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
{3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} "NVIDIA CPL Context Menu Extension" - "NVIDIA Corporation" - C:\Windows\system32\nvshext.dll
{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "OpenOffice.org Column Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
{087B3AE3-E237-4467-B8DB-5A38AB959AC9} "OpenOffice.org Infotip Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
{63542C48-9552-494A-84F7-73AA6A7C99C1} "OpenOffice.org Property Sheet Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
{3B092F0C-7696-40E3-A80F-68D74DA84210} "OpenOffice.org Thumbnail Viewer" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
{0006F045-0000-0000-C000-000000000046} "Outlook File Icon Extension" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~4\Office12\OLKFSTUB.DLL
{C8494E42-ACDD-4739-B0FB-217361E4894F} "Sam Account Folder" - ? -   (File not found | COM-object registry key not found)
{E29F9716-5C08-4FCD-955A-119FDB5A522D} "Sam Account Folder" - ? -   (File not found | COM-object registry key not found)
{45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\shlext.dll
{4838CD50-7E5D-4811-9B17-C47A85539F28} "TuneUp Disk Space Explorer Shell Extension" - "TuneUp Software" - C:\Program Files\TuneUp Utilities 2010\DseShExt-x86.dll
{4858E7D9-8E12-45a3-B6A3-1CD128C9D403} "TuneUp Shredder Shell Extension" - "TuneUp Software" - C:\Program Files\TuneUp Utilities 2010\SDShelEx-win32.dll
{44440D00-FF19-4AFC-B765-9A0970567D97} "TuneUp Theme Extension" - "TuneUp Software" - C:\Windows\System32\uxtuneup.dll
{DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} "UnlockerShellExtension" - ? - C:\Program Files\Unlocker\UnlockerCOM.dll  (File found, but it contains no detailed information)
{da67b8ad-e81b-4c70-9b91b417b5e33527} "Windows Search Shell Service" - ? -   (File not found | COM-object registry key not found)
{B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - "Alexander Roshal" - C:\Program Files\WinRAR\rarext.dll

[Internet Explorer]
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
ITBar7Height "ITBar7Height" - ? -   (File not found | COM-object registry key not found)
<binary data> "ITBar7Layout" - ? -   (File not found | COM-object registry key not found)
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_26" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} "Java Plug-in 1.6.0_26" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_26" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\npjpi160_26.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
{D27CDB6E-AE6D-11CF-96B8-444553540000} "Shockwave Flash Object" - "Adobe Systems, Inc." - C:\Windows\system32\Macromed\Flash\Flash10w.ocx / hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
{48E73304-E1D6-4330-914C-F5F514E3486C} "An OneNote senden" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
{53707962-6F74-2D53-2644-206D7942484F} "ClsidExtension" - "Safer Networking Limited" - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
"ICQ7" - "ICQ, LLC." - C:\Program Files\ICQ7.0\ICQ.exe
{FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Research" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2ssv.dll
{53707962-6F74-2D53-2644-206D7942484F} "Spybot-S&D IE Protection" - "Safer Networking Limited" - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

[Logon]
-----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"Adobe Gamma.lnk" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe  (Shortcut exists | File exists)
"CurseClientStartup.ccip" - ? - C:\Users\Enrico 3\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip
"desktop.ini" - ? - C:\Users\Enrico 3\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
"Dropbox.lnk" - "Dropbox, Inc." - C:\Users\Enrico 3\AppData\Roaming\Dropbox\bin\Dropbox.exe  (Shortcut exists | File exists)
-----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )-----
"StartupPrograms" - ? - rdpclip  (File not found)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"avgnt" - "Avira GmbH" - "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min

[Print Monitors]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )-----
"Redirected Port" - ? - C:\Windows\system32\redmonnt.dll  (File found, but it contains no detailed information)
"Send To Microsoft OneNote Monitor" - "Microsoft Corporation" - C:\Windows\system32\msonpmon.dll
"SST3C Langmon" - ? - C:\Windows\system32\sst3cl3.dll

[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"@%SystemRoot%\System32\uxtuneup.dll,-4096" (UxTuneUp) - "TuneUp Software" - C:\Windows\System32\uxtuneup.dll
"@C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1" (TuneUp.Defrag) - "TuneUp Software" - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
"@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100" (WPFFontCache_v0400) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
"Adobe Acrobat Update Service" (AdobeARMservice) - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
"Adobe LM Service" (Adobe LM Service) - "Adobe Systems" - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
"Avira AntiVir Guard" (AntiVirService) - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
"Avira AntiVir Planer" (AntiVirSchedulerService) - "Avira GmbH" - C:\Program Files\Avira\AntiVir Desktop\sched.exe
"devolo Network Service" (DevoloNetworkService) - ? - C:\Program Files\devolo\dlan\devolonetsvc.exe  (File found, but it contains no detailed information)
"GameConsoleService" (GameConsoleService) - "WildTangent, Inc." - C:\Program Files\WildGames\Game Console - WildGames\GameConsoleService.exe
"Google Update Service (gupdate)" (gupdate) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"Google Update-Dienst (gupdatem)" (gupdatem) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"ICQ Service" (ICQ Service) - ? - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
"InstallDriver Table Manager" (IDriverT) - "Macrovision Corporation" - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
"Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
"Microsoft Office Diagnostics Service" (odserv) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
"Microsoft Office Groove Audit Service" (Microsoft Office Groove Audit Service) - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
"NVIDIA Display Driver Service" (nvsvc) - "NVIDIA Corporation" - C:\Windows\system32\nvvsvc.exe
"NVIDIA Stereoscopic 3D Driver Service" (Stereo Service) - "NVIDIA Corporation" - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
"NVIDIA Update Service Daemon" (nvUpdatusService) - "NVIDIA Corporation" - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
"Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
"PnkBstrA" (PnkBstrA) - ? - C:\Windows\system32\PnkBstrA.exe  (File found, but it contains no detailed information)
"SBSD Security Center Service" (SBSDWSCService) - "Safer Networking Ltd." - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
"StarWind AE Service" (StarWindServiceAE) - ? - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe  (File not found)
"StarWind iSCSI Service" (StarWindService) - ? - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe  (File not found)
"Steam Client Service" (Steam Client Service) - "Valve Corporation" - C:\Program Files\Common Files\Steam\SteamService.exe
"TeamViewer 5" (TeamViewer5) - "TeamViewer GmbH" - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
"TeamViewer 6" (TeamViewer6) - "TeamViewer GmbH" - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
"TuneUp Utilities Service" (TuneUp.UtilitiesSvc) - "TuneUp Software" - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
"X10 Device Network Service" (x10nets) - "X10" - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

===[ Logfile end ]=========================================[ Logfile end ]===
         
 
--- --- ---

If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru


Alt 27.09.2011, 15:13   #21
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Plötzliche Computer Abstürze - Standard

Plötzliche Computer Abstürze


Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!


Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt:


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

__________________
--> Plötzliche Computer Abstürze

Alt 27.09.2011, 15:56   #22
Prayer
 
Plötzliche Computer Abstürze - Standard

Plötzliche Computer Abstürze


Habe eben mal etwas gespielt, lief Reibungslos, mal schauen wie es bleibt. Die Kontroll Scans mache ich Morgen, da ich heute keine Zeit mehr dazu habe.

Danke für die Hilfe

Alt 28.09.2011, 19:15   #23
Prayer
 
Plötzliche Computer Abstürze - Standard

Plötzliche Computer Abstürze


Im Moment läuft alles ziemlich gut, außer dass er gestern bei einem Youtube Video wieder Abstürzte.

Malwarebytes log:

Code:
ATTFilter
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Datenbank Version: 7817

Windows 6.0.6002 Service Pack 2
Internet Explorer 9.0.8112.16421

28.09.2011 20:12:40
mbam-log-2011-09-28 (20-12-40).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 701096
Laufzeit: 3 Stunde(n), 12 Minute(n), 5 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

Antwort
Seite 2 von 2 1 2

Themen zu Plötzliche Computer Abstürze
acrobat update, adobe, antivir, antivir guard, avg, avira, bho, bildschirm, browser, computer, conduit, defender, desktop, explorer, fehlermeldung, hijack, hijackthis, internet, internet explorer, nvidia update, object, plug-in, plötzliche pc abstürze, problem, safer networking, security, senden, software, system, vista, windows


« Infizierter Laptop - Alle geforderten Logs gepostet! (TR/Dldr.NSIS.ha.30 ?) | Versteckter Eintrag i.d. REGISTRY »


Ähnliche Themen: Plötzliche Computer Abstürze


  1. Plötzliche Systemabschaltung bei Windows 7 und Bluescreen
    Log-Analyse und Auswertung - 21.10.2015 (10)
  2. Plötzliche Werbeprobleme trotz ABP
    Plagegeister aller Art und deren Bekämpfung - 10.01.2015 (13)
  3. Mbam Funde auf Win 7, plötzliche Neustarts
    Log-Analyse und Auswertung - 22.11.2014 (7)
  4. Malewareverdacht/ Mac / Plötzliche Weiterleitung auf Videoplayer Aktualisierung
    Plagegeister aller Art und deren Bekämpfung - 27.09.2014 (1)
  5. Plötzliche Werbung in Firefox und Internet Explorer
    Log-Analyse und Auswertung - 11.09.2014 (9)
  6. Wiederholte plötzliche Radioeinspielung (Windows 7)
    Log-Analyse und Auswertung - 24.08.2014 (9)
  7. Plötzliche Musikabspielung
    Mülltonne - 02.07.2012 (1)
  8. Plötzliche Trojaner auf dem PC!
    Plagegeister aller Art und deren Bekämpfung - 13.10.2011 (3)
  9. langsames Hochfahren und plötzliche IE Popups
    Log-Analyse und Auswertung - 13.11.2010 (5)
  10. neuer Computer, plötzliche FPS-Einbrüche bei CoD4
    Log-Analyse und Auswertung - 19.10.2009 (0)
  11. Vista - Plötzliche Änderungen von Systemeinstellungen
    Alles rund um Windows - 08.03.2009 (3)
  12. Computer läuft nur noch im abgesicherten Modus einigermaßen stabil, komplett Abstürze
    Plagegeister aller Art und deren Bekämpfung - 09.01.2009 (19)
  13. Plötzliche IE7 Probleme
    Log-Analyse und Auswertung - 02.08.2008 (0)
  14. Verschiedene plötzliche Probleme - Virus?
    Log-Analyse und Auswertung - 09.07.2008 (7)
  15. Laptop sehr langsam & plötzliche Fehler
    Plagegeister aller Art und deren Bekämpfung - 03.03.2008 (26)
  16. Plötzliche Cpu Auslastung stockender PC
    Log-Analyse und Auswertung - 05.09.2006 (3)
  17. plötzliche Fehlermeldung von regedit.exe
    Plagegeister aller Art und deren Bekämpfung - 02.11.2005 (2)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Plötzliche Computer Abstürze - ComboFix.txt: Code: Alles auswählen Aufklappen ATTFilter Combofix Logfile: Code: Alles auswählen Aufklappen ATTFilter ComboFix 11-09-26.02 - Enrico 3 26.09.2011 21:41:30.2.4 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.49.1031.18.3069.1625 [GMT 2:00] - Plötzliche Computer Abstürze...
Archiv
Du betrachtest: Plötzliche Computer Abstürze auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19