Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Auswerten bitte

Auswerten bitte


Log-Analyse und Auswertung: Auswerten bitte

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 03.04.2008, 17:07   #1
NeerG
 
Auswerten bitte - Standard

Auswerten bitte


03.04.2008 16:34:07 Datei C:\Program Files (x86)\Circle Developement\Uninstall.exe, gefunden: trojanisches Programm 'Trojan.Win32.Obfuscated.mt'.


also das is doch eindeutig ein trojaner ...wie kann ich den löschen oda kann ich den überhaupt löschen?

Alt 03.04.2008, 17:16   #2
Sunny
Administrator
> Competence Manager
 
Auswerten bitte - Standard

Auswerten bitte


Zitat:
Zitat von NeerG Beitrag anzeigen
Datei C:\Program Files (x86)\Circle Developement\Uninstall.exe, gefunden: trojanisches Programm 'Trojan.Win32.Obfuscated.mt'.
Dieser genannte Trojaner steht eigentlich oft mit der "doppelten iexplore.exe" in Verbindung, fraglich ist nur wieso gerade in dieser Datei.. Uninstall.exe


Kennst du denn dieses Programm -> Circle Developement



außerdem:



Dateien Online überprüfen lassen:
  • Suche die Seite Virtustotal auf, klicke auf den Button „Durchsuchen“ und suche folgende Datei/Dateien:
  • (lass auch die versteckten Dateien anzeigen!)

Zitat:
C:\Program Files (x86)\Circle Developement\Uninstall.exe
  • Lade nun nacheinander jede/alle Datei/Dateien hoch, und warte bis der Scan vorbei ist. (kann bis zu 2 Minuten dauern.)
  • Poste im Anschluss das Ergebnis der Auswertung, alles abkopieren und in einen Beitrag einfügen.
  • (Wichtig: Auch die Größenangabe sowie den HASH mit kopieren!)
__________________

__________________
Alt 03.04.2008, 19:25   #3
NeerG
 
Auswerten bitte - Standard

Auswerten bitte


Hmm,
also ich hab die datei anscheinen mit kaspersky gelöscht. naja aber irgendwie hab ich noch imemr das problem mit den 2 IE.
also das Programm kenn ich nicht, naja und ich habs noch nie gehört.
__________________
Alt 03.04.2008, 19:29   #4
Sunny
Administrator
> Competence Manager
 
Auswerten bitte - Standard

Auswerten bitte


Deckards System Scanner (DSS)

Hier gibt es das Tool -> dss.exe

* Schließe alle Anwendungen
* Doppelklicke dss.exe um das Programm zu starten
* Wenn der Scan abgeschlossen ist wird sich ein Notepad mit dem Inhalt
der main.txt öffnen.
Ein weiteres Logfile, die extra.txt liegt im Verzeichnis
c:\Deckard\SystemScanner\extra.txt
* Kopiere den Inhalt der beiden Logfiles in diesen Thread, bitte als ['CODE]['/CODE]


Was Deckards System Scanner macht:

* Es Erstellt einen System Wiederherstellungspunkt
* es säubert die temporären Dateien, Downloaded Program Files, Internet
Cache Dateien und es leert den Mülleimer auf allen Lauferken.
__________________
Anfragen per Email, Profil- oder privater Nachricht werden ignoriert!
Hilfe gibts NUR im Forum!


Stulti est se ipsum sapientem putare.

Alt 03.04.2008, 20:10   #5
NeerG
 
Auswerten bitte - Standard

Auswerten bitte


Ich weiß zwar nicht wie ich das gemacht hab aber ich habs geschaft. Leider kann ich nur die extra txt reinkopieren, ka wieso. (thx für das alles)

['CODE]CPU 0: Intel(R) Core(TM)2 Duo CPU E6850 @ 3.00GHz
Percentage of Memory in Use: 69%
Physical Memory (total/avail): 4093.75 MiB / 1256.86 MiB
Pagefile Memory (total/avail): 8341.27 MiB / 5178.73 MiB
Virtual Memory (total/avail): 4095.88 MiB / 3941.68 MiB

A: is Removable (No Media)
C: is Fixed (NTFS) - 45 GiB total, 7.67 GiB free.
D: is Fixed (NTFS) - 420.76 GiB total, 250.3 GiB free.
E: is CDROM (CDFS)
G: is CDROM (No Media)

\\.\PHYSICALDRIVE0 - ST350032 0NS SCSI Disk Device - 465.76 GiB - 2 partitions
\PARTITION0 (bootable) - Installierbares Dateisystem - 45 GiB - C:
\PARTITION1 - Installierbares Dateisystem - 420.76 GiB - D:



-- Security Center -------------------------------------------------------------

Windows Internal Firewall is disabled.

FW: Norton Internet Security v2007 (Symantec Corporation)
FW: Kaspersky Internet Security v7.0.1.325 (Kaspersky Lab) Disabled
AV: Kaspersky Internet Security v7.0.1.325 (Kaspersky Lab) Disabled
AV: Norton Internet Security v2007 (Symantec Corporation)
AS: Windows-Defender v1.1.1505.0 (Microsoft Corporation)
AS: Kaspersky Internet Security v7.0.1.325 (Kaspersky Lab) Disabled
AS: Norton Internet Security v2007 (Symantec Corporation)

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\ProgramData
APPDATA=C:\Users\NeerG\AppData\Roaming
CLASSPATH=.;C:\Program Files (x86)\QuickTime\QTSystem\QTJava.zip
CommonProgramFiles=C:\Program Files (x86)\Common Files
CommonProgramFiles(x86)=C:\Program Files (x86)\Common Files
CommonProgramW6432=C:\Program Files\Common Files
COMPUTERNAME=BLACKZEN
ComSpec=C:\Windows\system32\cmd.exe
DEFAULT_CA_NR=CA8
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Users\NeerG
LOCALAPPDATA=C:\Users\NeerG\AppData\Local
LOGONSERVER=\\BLACKZEN
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Program Files (x86)\Common Files\Teleca Shared;C:\Program Files (x86)\QuickTime\QTSystem\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_ARCHITEW6432=AMD64
PROCESSOR_IDENTIFIER=EM64T Family 6 Model 15 Stepping 11, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0f0b
ProgramData=C:\ProgramData
ProgramFiles=C:\Program Files (x86)
ProgramFiles(x86)=C:\Program Files (x86)
ProgramW6432=C:\Program Files
PROMPT=$P$G
PUBLIC=C:\Users\Public
QTJAVA=C:\Program Files (x86)\QuickTime\QTSystem\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\Windows
TEMP=C:\Users\NeerG\AppData\Local\Temp
TMP=C:\Users\NeerG\AppData\Local\Temp
USERDOMAIN=BlackZEN
USERNAME=NeerG
USERPROFILE=C:\Users\NeerG
windir=C:\Windows


-- User Profiles ---------------------------------------------------------------

NeerG (admin)


-- Add/Remove Programs ---------------------------------------------------------

--> C:\Program Files (x86)\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
--> MsiExec /X{45235788-142C-44BE-8A4D-DDE9A84492E5}
Ad-Aware 2007 --> MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Flash Player ActiveX --> C:\Windows\SysWOW64\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin --> C:\Windows\SysWOW64\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8.1.2 - Deutsch --> MsiExec.exe /I{AC76BA86-7AD7-1031-7B44-A81200000003}
Adobe Shockwave Player --> C:\Windows\System32\Macromed\SHOCKW~1\UNWISE.EXE C:\Windows\System32\Macromed\SHOCKW~1\Install.log
AdVantage (Powering DAEMON Tools) --> "C:\Program Files (x86)\AdVantage\AdVUninst.exe" /r DAEM /d "AdVantage (Powering DAEMON Tools)" /m "AdVantage is safe advertising software that supports Freeze.com.\nAdVantage is certified by TRUSTe as a Trusted Download.\n\nAre you sure you want to uninstall AdVantage support for DAEMON Tools?"
AGEIA PhysX v7.09.13 --> MsiExec.exe /X{45235788-142C-44BE-8A4D-DDE9A84492E5}
Apple Software Update --> MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
Ashampoo Magical Security 1.80 --> "D:\Programme\Ashampoo\Magical Security\unins000.exe"
Ashampoo WinOptimizer 2008 --> "D:\Programme\Ashampoo\WinOptimizer 2008\unins000.exe"
Audacity 1.3.4 (Unicode) --> "D:\Programme\Audacity\unins000.exe"
Battlefield 2142-Demo --> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{FD347316-609E-4149-983C-84B40338D38A}\setup.exe" -l0x7 -removeonly
BioShock --> C:\Program Files (x86)\InstallShield Installation Information\{E280923D-C5D9-4728-8C79-AC9A0DC75875}\setup.exe -runfromtemp -l0x0007 -removeonly
Black & White® 2 --> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{D9E52CD1-9DF1-4A8A-9BDC-1E5E53982F2B}\setup.exe" -l0x7 -removeonly
Bonjour --> MsiExec.exe /I{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}
Call of Duty(R) 4 - Modern Warfare(TM) Demo --> C:\Program Files (x86)\InstallShield Installation Information\{6734CA10-8FB8-4C7F-B8C7-75317C617DC5}\setup.exe -runfromtemp -l0x0409
Cities3D --> "D:\Games\Siedler von Catan fake\uninstall.exe"
Condition Zero --> "D:\Games\Steam\Day of Defeat\steam.exe" steam://uninstall/80
Condition Zero Deleted Scenes --> "D:\Games\Steam\Day of Defeat\steam.exe" steam://uninstall/100
Counter-Strike 1.6 --> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{13B792AA-C078-43A4-8A3A-8B12D629940D}\Setup.exe" -l0x19
Counter-Strike: Source --> "D:\Games\Steam\Day of Defeat\steam.exe" steam://uninstall/240
CryEngine(R)2 Sandbox(TM)2 --> MsiExec.exe /I{7E4B7FD9-4ECE-4298-A910-3160B7918059}
Crysis(R) --> MsiExec.exe /I{000E79B7-E725-4F01-870A-C12942B7F8E4}
Crysis(R) Tournament Map Pack --> MsiExec.exe /X{63DAD698-7FB0-4094-BDD5-342AB1763D11}
Cuttermaran 1.69a --> MsiExec.exe /I{01CEF48F-41F2-4A43-82F2-25D23D68C1D4}
Dark Messiah --> C:\Program Files (x86)\InstallShield Installation Information\{A8E2EF8F-73EF-4DD8-BB38-31FCCAF50103}\setup.exe -runfromtemp -l0x0007 -removeonly
Day of Defeat: Source --> MsiExec.exe /I{7E18C9F0-1262-4AF6-AC3D-9CB1EBF54772}
Die Schlacht um Mittelerde™ II --> D:\Games\Schlacht um Mittelerde 2\EAUninstall.exe
DIE SIEDLER - Aufstieg eines Königreichs --> "C:\Program Files (x86)\InstallShield Installation Information\{D3F80A98-05AB-4D8C-9272-766CCFA6A48D}\setup.exe" -runfromtemp -l0x0007 -removeonly
Die Sims 2 --> D:\Games\Die Sims 2\Sims 2\EAUninstall.exe
Die Sims 2: Nightlife --> D:\Games\Die Sims 2\Nightlife\EAUninstall.exe
Die Sims 2: Open For Business --> D:\Games\Die Sims 2\Open for Busines\EAUninstall.exe
Die Sims 2: Wilde Campus-Jahre --> D:\Games\Die Sims 2\Wilde Campusjahre\EAUninstall.exe
Die Sims™ 2 Freizeit-Spaß --> D:\Games\Die Sims 2\Freizeit-Spaß\EAUninstall.exe
Die Sims™ 2 Gute Reise --> D:\Games\Die Sims 2\Gute Reise\EAUninstall.exe
Die Sims™ 2 H&M®-Fashion-Accessoires --> D:\Games\Die Sims 2\Accessiores Packs\H&M Fashion\EAUninstall.exe
Die Sims™ 2 Haustiere --> D:\Games\Die Sims 2\Haustiere\EAUninstall.exe
Die Sims™ 2 Party-Accessoires --> D:\Games\Die Sims 2\Accessiores Packs\Party\EAUninstall.exe
Die Sims™ 2 Teen Style-Accessoires --> D:\Games\Die Sims 2\Accessiores Packs\Teen Style\EAUninstall.exe
Die Sims™ 2 Vier Jahreszeiten --> D:\Games\Die Sims 2\4 Jahreszeiten\EAUninstall.exe
Die Sims™ 2: Glamour-Accessoires --> D:\Games\Die Sims 2\Accessiores Packs\Glamour\EAUninstall.exe
DiRT Demo --> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{FEBC7B8D-BC69-46F7-A872-7698D03127C8}\setup.exe" -l0x7 -removeonly
Divine Divinity --> D:\Games\DIVINE~1\UNINST~1\UNWISE.EXE D:\Games\DIVINE~1\UNINST~1\INSTALL.LOG
DivX Content Uploader --> C:\Program Files (x86)\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
DivX Web Player --> C:\Program Files (x86)\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Enemy Territory - QUAKE Wars(TM) Demo --> C:\Program Files (x86)\InstallShield Installation Information\{AEF04476-51FA-41F2-80F0-0AD9B026F46A}\setup.exe -runfromtemp -l0x0409
Enemy Territory - QUAKE Wars(TM) Demo 2 --> C:\Program Files (x86)\InstallShield Installation Information\{0E1B773B-B396-4FA4-BBB9-01F8D1F74C57}\setup.exe -runfromtemp -l0x0409
FEAR --> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{2B653229-9854-4989-B780-D978F5F13EAB}\setup.exe" -l0x9 /zU -removeonly
GIMP 2.4.4 --> "D:\Programme\GIMP-2.0\setup\unins000.exe"
Google Earth --> MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72}
GPGNet --> MsiExec.exe /I{C194D333-B84A-4BB7-B35E-060732D98DC4}
GTA San Andreas --> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}\setup.exe" -l0x7 -removeonly
GUILD WARS --> "D:\Games\GUILD WARS\Gw.exe" -uninstall
Half-Life 2: Deathmatch --> "D:\Games\Steam\Day of Defeat\steam.exe" steam://uninstall/320
HijackThis 2.0.2 --> "C:\Users\NeerG\AppData\Local\Temp\Rar$EX00.599\HijackThis.exe" /uninstall
iTunes --> MsiExec.exe /I{80FD852F-5AAC-4129-B931-06AAFFA43138}
JMB36X Raid Configurer --> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}\setup.exe" -l0x7 -removeonly
Kaspersky Internet Security 7.0 --> MsiExec.exe /I{C774410D-3EF9-4DE7-AC01-332613163ECF}
Kaspersky Internet Security 7.0 --> MsiExec.exe /I{C774410D-3EF9-4DE7-AC01-332613163ECF}
Kaspersky Online Scanner --> C:\Windows\system32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe
MagicTune Premium --> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{D6044256-A309-43B5-9833-D3FAFE2AD24D}\setup.exe" -l0x7
Malwarebytes' Anti-Malware --> "D:\Programme\Malwarebytes' Anti-Malware\unins000.exe"
Medieval 2 Total War Demo SE --> C:\Program Files (x86)\InstallShield Installation Information\{8A5359C9-7B27-45C0-B41C-666798A75752}\setup.exe -runfromtemp -l0x0009 -removeonly
Messenger Plus! Live & Sponsor (CiD) --> "C:\Program Files (x86)\MSN Plus\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 1.1 --> msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1 --> MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1 Hotfix (KB929729) --> "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\M929729\M929729Uninstall.msp"
Microsoft LifeCam --> MsiExec.exe /X{726DBFE3-BE2B-4FFA-9787-D6495765CFD2}
Microsoft Office Professional Edition 2003 --> MsiExec.exe /I{90110407-6000-11D3-8CFE-0150048383C9}
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Mozilla Firefox (2.0.0.13) --> D:\Programme\Mozilla Firefox\uninstall\helper.exe
mpegable Player --> C:\Windows\AKDeInstall.exe "/D:\Programme\MpegablE\Player\"
MSXML 4.0 SP2 (KB936181) --> MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833) --> MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
Natural Color Pro --> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{FC2C7405-BC58-4E11-8F51-29671BEAC06B}\setup.exe" -l0x9
Need for Speed Underground 2 --> D:\Games\Need For Speed Underground 2\EAUninstall.exe
Need for Speed™ Carbon --> D:\Games\Need for Speed Carbon\EAUninstall.exe
Oblivion --> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{35CB6715-41F8-4F99-8881-6FC75BF054B0}\setup.exe" -l0x7 -removeonly
PANZERS - Phase2 --> D:\Games\PANZER~1\UNINST~1\UNWISE.EXE D:\Games\PANZER~1\UNINST~1\INSTALL.LOG
PC Probe II --> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F7338FA3-DAB5-49B2-900D-0AFB5760C166}\setup.exe" -l0x7
Portal --> "D:\Games\Steam\Day of Defeat\steam.exe" steam://uninstall/400
PowerDVD --> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
PunkBuster Services --> C:\Windows\system32\pbsvc.exe -u
QuickTime --> MsiExec.exe /I{BFD96B89-B769-4CD6-B11E-E79FFD46F067}
Rainbow Six Vegas --> C:\Program Files (x86)\InstallShield Installation Information\{5731C0A8-B266-451A-8D3F-8066AA21836F}\setup.exe -runfromtemp -l0x0007 -removeonly
RealPlayer --> C:\Program Files (x86)\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek High Definition Audio Driver --> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -l0x7 -removeonly
Sacred --> D:\Games\Sacred\unins000.exe
Sid Meier's Civilization 4 Complete --> C:\Program Files (x86)\InstallShield Installation Information\{30D1F3D2-54CF-481D-A005-F94B0E98FEEC}\setup.exe -runfromtemp -l0x0007 -removeonly
SimCity 4 Deluxe --> D:\Games\SimCity4 Deluxe\EAUninstall.exe
Skype™ 3.6 --> MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
Sony Ericsson Device Data --> MsiExec.exe /I{C92E7DF1-624A-4D95-A4C4-18CB491B44A4}
Sony Ericsson PC Suite --> C:\Windows\Installer\{D6BF6477-8369-489F-8DE6-3731F4B88560}\Setup.exe /uninstall
Sony Ericsson PC Suite --> MsiExec.exe /I{25BEC3AB-5CD4-481D-9143-215C1BBB189E}
Source SDK Base --> "D:\Games\Steam\Day of Defeat\steam.exe" steam://uninstall/215
SpellForce 2 - Shadow Wars --> MsiExec.exe /X{E63A550D-7A75-462C-B495-D77F0808D083}
Steam(TM) --> MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
Stronghold 2 Deluxe --> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{16D2C649-CBA8-44EE-B730-12584667D487}\setup.exe" -l0x7 -removeonly
Supreme Commander --> C:\Program Files (x86)\InstallShield Installation Information\{25A1E6A4-2DBD-4AC0-8650-8EA9A45B183D}\setup.exe -runfromtemp -l0x0007 -removeonly
Team Fortress 2 --> "D:\Games\Steam\Day of Defeat\steam.exe" steam://uninstall/440
TeamSpeak 2 RC2 --> D:\Programme\Teamspeak2_RC2\unins000.exe
TerraTec Home Cinema --> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}\setup.exe" -l0x7
Tom Clancy's Splinter Cell Chaos Theory --> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{BABAEBE4-9FFB-4B5D-9453-64FF11517CA2}\setup.exe" -l0x7 -removeonly
TrackMania United 0.2.0.0 --> "D:\Games\TrackMania United\unins000.exe"
Transformers(TM) - The Game --> C:\Program Files (x86)\InstallShield Installation Information\{5645BA4F-2BF3-4F31-B3F7-710700C92456}\setup.exe -runfromtemp -l0x0407
Two Worlds --> D:\Games\TWOWOR~1\Unwise.exe /U D:\Games\TWOWOR~1\install.log
Unreal Tournament 3 Demo --> "C:\Users\NeerG\AppData\Roaming\InstallShield Installation Information\{3266FEA9-98E9-448B-B235-DAC63D4CE781}\setup.exe" -runfromtemp -l0x0409 -removeonly
Unreal Tournament 3 Demo --> MsiExec.exe /X{3266FEA9-98E9-448B-B235-DAC63D4CE781}
VeohTV BETA --> C:\Program Files (x86)\InstallShield Installation Information\{D1B11537-EA51-4DD8-BF1E-098BEE48868D}\setup.exe -runfromtemp -l0x0409
VideoLAN VLC media player 0.8.6d --> D:\Programme\VLC Media Player\VLC\uninstall.exe
Warcraft III --> C:\Windows\War3Unin.exe C:\Windows\War3Unin.dat
Warcraft III: All Products --> C:\Windows\War3Unin.exe C:\Windows\War3Unin.dat
Winamp --> "C:\Users\NeerG\Programme\Winamp\UninstWA.exe"
Windows Live installer --> MsiExec.exe /X{7A7B0BF3-2F00-4F03-8A9B-6ABCC07B90C6}
Windows Live Messenger --> MsiExec.exe /X{2B091530-69AA-442E-AB09-39ED06B58220}
Windows Live OneCare safety scanner --> "C:\Program Files (x86)\Windows Live Safety Center\UnInstall.exe"
Windows Live OneCare safety scanner --> MsiExec.exe /X{FE0646A7-19D0-41B4-A2BB-2C35D644270D}
Windows Media Player Firefox Plugin --> MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
WinFast(R) Display Driver --> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F69FD33C-8815-46BF-9134-A643DE68F3C0}\setup.exe" -l0x7 -removeonly
WinRAR --> D:\Programme\WinRAR\uninstall.exe
Xfire (remove only) --> "D:\Programme\Messenger\X-Fire\Xfire\uninst.exe"
Xvid 1.1.3 final uninstall --> "D:\Programme\Xvid\unins000.exe"
Z-DBackup --> C:\Windows\AKDeInstall.exe /x "D:\Programme\Z-DBackup\unins2.dat"


-- Application Event Log -------------------------------------------------------

Event Record #/Type6539 / Error
Event Submitted/Written: 04/03/2008 08:20:48 PM
Event ID/Source: 1002 / Application Hang
Event Description:
Ad-Aware2007.exe7.0.2.790c01c895a5ff8e64a724

Event Record #/Type6505 / Error
Event Submitted/Written: 04/03/2008 03:29:42 PM
Event ID/Source: 33 / SideBySide
Event Description:
Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.DebugCRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Event Record #/Type6503 / Error
Event Submitted/Written: 04/03/2008 03:28:52 PM
Event ID/Source: 78 / SideBySide
Event Description:
Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion.
Die widersprüchlichen Komponenten sind:
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_1559f1c6f365a7fa.manifest.

Event Record #/Type6502 / Error
Event Submitted/Written: 04/03/2008 03:28:52 PM
Event ID/Source: 78 / SideBySide
Event Description:
Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion.
Die widersprüchlichen Komponenten sind:
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_1559f1c6f365a7fa.manifest.

Event Record #/Type6501 / Error
Event Submitted/Written: 04/03/2008 03:28:52 PM
Event ID/Source: 78 / SideBySide
Event Description:
Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion.
Die widersprüchlichen Komponenten sind:
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_1559f1c6f365a7fa.manifest.



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type23663 / Warning
Event Submitted/Written: 04/03/2008 06:15:33 PM
Event ID/Source: 3004 / WinDefend
Event Description:
%%8271.1.1505.0{05332C52-905E-411A-BC54-BE061F82892C}BlackZENNeerGS-1-5-21-4238484321-681284091-3699878319-1000Unknown%%832safeboot:HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\aawservice0%%807

Event Record #/Type23662 / Warning
Event Submitted/Written: 04/03/2008 06:15:33 PM
Event ID/Source: 3004 / WinDefend
Event Description:
%%8271.1.1505.0{13395DF1-AEE5-47A8-A526-4BA73D3DA51D}BlackZENNeerGS-1-5-21-4238484321-681284091-3699878319-1000Unknown%%832service:aawservice0%%807

Event Record #/Type23661 / Warning
Event Submitted/Written: 04/03/2008 06:15:33 PM
Event ID/Source: 3004 / WinDefend
Event Description:
%%8271.1.1505.0{3880A064-ADCA-4B17-A043-B53DBB4203F7}BlackZENNeerGS-1-5-21-4238484321-681284091-3699878319-1000Unknown%%832safeboot:HKLM\System\CurrentControlSet\Control\SafeBoot\Network\aawservice0%%807

Event Record #/Type23660 / Error
Event Submitted/Written: 04/03/2008 06:15:32 PM
Event ID/Source: 7030 / Service Control Manager
Event Description:
Ad-Aware 2007 Service

Event Record #/Type23652 / Error
Event Submitted/Written: 04/03/2008 05:18:48 PM
Event ID/Source: 4114 / Schannel
Event Description:




-- End of Deckard's System Scanner: finished at 2008-04-03 21:00:51 ------------

['/CODE]

Geändert von NeerG (03.04.2008 um 20:23 Uhr)

Alt 03.04.2008, 20:11   #6
Sunny
Administrator
> Competence Manager
 
Auswerten bitte - Standard

Auswerten bitte


Zitat:
Zitat von NeerG Beitrag anzeigen
hier sind mal main und extra, das sind die txt fils die sich geöffnet haben.
* Kopiere den Inhalt der beiden Logfiles in diesen Thread, bitte als ['CODE]['/CODE]
__________________
--> Auswerten bitte

Alt 03.04.2008, 20:31   #7
NeerG
 
Auswerten bitte - Standard

Auswerten bitte


['CODE]Deckard's System Scanner v20071014.68
Run by NeerG on 2008-04-03 20:57:41
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- Last 5 Restore Point(s) --
6: 2008-04-03 16:14:48 UTC - RP177 - Installed Ad-Aware 2007
5: 2008-04-02 20:11:45 UTC - RP176 - Installierte(s) Kaspersky Internet Security 7.0.
4: 2008-04-02 12:14:56 UTC - RP175 - Windows Update
3: 2008-04-01 16:12:49 UTC - RP174 - Geplanter Prüfpunkt
2: 2008-03-30 15:00:53 UTC - RP173 - Geplanter Prüfpunkt


-- First Restore Point --
1: 2008-03-29 13:16:53 UTC - RP172 - Geplanter Prüfpunkt


Backed up registry hives.
Performed disk cleanup.



-- HijackThis Clone ------------------------------------------------------------


Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-04-03 21:00:15
Platform: Windows Vista (6.00.6000)
MSIE: Internet Explorer (7.00.6000.16386)
Boot mode: Normal

Running processes:
C:\Windows\vVX1000.exe
D:\Programme\Magic Tun Premium\GammaTray.exe
D:\Programme\Power DVD7\PDVDServ.exe
D:\Programme\iTunes+QuickTime\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\NeerG\Desktop\dss.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpage
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: &TerraTec Home Cinema - {AD6E6555-FB2C-47D4-8339-3E2965509877} - D:\Programme\TerraTec\TerraTec Home Cinema\THCDeskBand.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - D:\Programme\Veoh\Plugins\reg\VeohToolbar.dll
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\JM\JMInsIDE.exe
O4 - HKLM\..\Run: [AsusStartupHelp] "C:\Program Files (x86)\ASUS\AASP\1.00.17\AsRunHelp.exe"
O4 - HKLM\..\Run: [SettingsFour] "C:\ProgramData\part joy joy.f7jm0av"
O4 - HKLM\..\Run: [dog about manager team] "C:\ProgramData\Barb Data Dog.zuqjd8"
O4 - HKLM\..\Run: [TerraTec Remote Control] "C:\Program Files (x86)\Common Files\TerraTec\Remote\TTTVRC.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Programme\Adobe\Reader 8.1.2\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "D:\Programme\Sony Ericsson\PC Soute\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [RemoteControl] "D:\Programme\Power DVD7\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "D:\Programme\Power DVD7\Language\Language.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "D:\Programme\iTunes+QuickTime\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AVP] "D:\Programme\Kaspersky Internet Security 7.0\avp.exe"
O4 - HKCU\..\Run: [Steam] "d:\games\steam\day of defeat\steam.exe" -silent
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files (x86)\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SettingsFour] "C:\ProgramData\part joy joy.s415c"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [DeskSpace] D:\Programme\DeskSpace\deskspace.exe
O4 - HKCU\..\Run: [Veoh] "D:\Programme\Veoh\VeohClient.exe" /VeohHide
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'NETWORK SERVICE')
O4 - Global Startup: GammaTray.lnk = D:\Programme\Magic Tun Premium\GammaTray.exe
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://D:\PROGRA~1\OFFICE~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - (file missing)
O9 - Extra button: (no name) - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (file missing)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/german/partner/de/kavwebscan_unicode.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/DE-AT/a-UNO1/GAME_UNO1.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll
O18 - Protocol: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files (x86)\Common Files\microsoft shared\Web Components\10\OWC10.DLL
O18 - Protocol: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files (x86)\Common Files\microsoft shared\Web Components\11\OWC11.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL
O20 - AppInit_DLLs: D:\PROGRA~1\KASPER~1.0\r3hook.dll,D:\PROGRA~1\KASPER~1.0\adialhk.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - D:\Programme\Ad-Aware 2007\aawservice.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe
O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - D:\Programme\Kaspersky Internet Security 7.0\avp.exe
O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files (x86)\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: MagicTuneEngine - Unknown owner - D:\Programme\Magic Tun Premium\MagicTuneEngine.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Windows\SysWOW64\NMSAccessU.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\System32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe
O23 - Service: Steam Client Service - Unknown owner - C:\Program Files
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe


--
End of file - 8791 bytes

-- File Associations -----------------------------------------------------------

.reg - regfile - shell\open\command - regedit.exe "%1" %*
.scr - scrfile - shell\open\command - "%1" %*


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R0 ACPI (Microsoft ACPI-Treiber) - c:\windows\system32\drivers\acpi.sys (file missing)
R0 atapi (IDE-Kanal) - c:\windows\system32\drivers\atapi.sys (file missing)
R0 CLFS (Common Log (CLFS)) - c:\windows\system32\clfs.sys (file missing)
R0 crcdisk (Crcdisk Filter Driver) - c:\windows\system32\drivers\crcdisk.sys (file missing)
R0 disk (Laufwerktreiber) - c:\windows\system32\drivers\disk.sys (file missing)
R0 Ecache (ReadyBoost Caching Driver) - c:\windows\system32\drivers\ecache.sys (file missing)
R0 FileInfo (File Information FS MiniFilter) - c:\windows\system32\drivers\fileinfo.sys (file missing)
R0 FltMgr - c:\windows\system32\drivers\fltmgr.sys (file missing)
R0 JGOGO (JMicron Hot-Plug Driver) - c:\windows\system32\drivers\jgogo.sys (file missing)
R0 JRAID - c:\windows\system32\drivers\jraid.sys (file missing)
R0 KSecDD - c:\windows\system32\drivers\ksecdd.sys (file missing)
R0 MountMgr (Mount Point Manager) - c:\windows\system32\drivers\mountmgr.sys (file missing)
R0 msahci - c:\windows\system32\drivers\msahci.sys (file missing)
R0 msisadrv (ISA/EISA-Klassentreiber) - c:\windows\system32\drivers\msisadrv.sys (file missing)
R0 Mup - c:\windows\system32\drivers\mup.sys (file missing)
R0 NDIS (NDIS System Driver) - c:\windows\system32\drivers\ndis.sys (file missing)
R0 nvstor - c:\windows\system32\drivers\nvstor.sys (file missing)
R0 nvstor64 - c:\windows\system32\drivers\nvstor64.sys (file missing)
R0 partmgr (Partition Manager) - c:\windows\system32\drivers\partmgr.sys (file missing)
R0 pci (PCI-Bus-Treiber) - c:\windows\system32\drivers\pci.sys (file missing)
R0 pciide - c:\windows\system32\drivers\pciide.sys (file missing)
R0 spldr (Security Processor Loader Driver) - c:\windows\system32\drivers\spldr.sys (file missing)
R0 volmgr (Treiber für Volume-Manager) - c:\windows\system32\drivers\volmgr.sys (file missing)
R0 volmgrx (Dynamic Volume Manager) - c:\windows\system32\drivers\volmgrx.sys (file missing)
R0 volsnap (Speichervolumes) - c:\windows\system32\drivers\volsnap.sys (file missing)
R0 Wdf01000 (Kernel Mode Driver Frameworks service) - c:\windows\system32\drivers\wdf01000.sys (file missing)
R1 AFD (Ancilliary Function Driver for Winsock) - c:\windows\system32\drivers\afd.sys (file missing)
R1 cdrom (CD-ROM-Laufwerktreiber) - c:\windows\system32\drivers\cdrom.sys (file missing)
R1 DfsC (Dfs Client Driver) - c:\windows\system32\drivers\dfsc.sys (file missing)
R1 kbdclass (Tastaturklassentreiber) - c:\windows\system32\drivers\kbdclass.sys (file missing)
R1 kbdhid (Tastatur-HID-Treiber) - c:\windows\system32\drivers\kbdhid.sys (file missing)
R1 kl1 - c:\windows\system32\drivers\kl1.sys (file missing)
R1 KLIF (Kaspersky Lab Driver) - c:\windows\system32\drivers\klif.sys (file missing)
R1 KLIM6 (Kaspersky Anti-Virus NDIS 6 Filter) - c:\windows\system32\drivers\klim6.sys (file missing)
R1 mouclass (Mausklassentreiber) - c:\windows\system32\drivers\mouclass.sys (file missing)
R1 Msfs - c:\windows\system32\drivers\msfs.sys (file missing)
R1 NetBIOS (NetBIOS Interface) - c:\windows\system32\drivers\netbios.sys (file missing)
R1 netbt - c:\windows\system32\drivers\netbt.sys (file missing)
R1 Npfs - c:\windows\system32\drivers\npfs.sys (file missing)
R1 nsiproxy (NSI proxy service) - c:\windows\system32\drivers\nsiproxy.sys (file missing)
R1 Null - c:\windows\system32\drivers\null.sys (file missing)
R1 PSched (QoS-Paketplaner) - c:\windows\system32\drivers\pacer.sys (file missing)
R1 RasAcd (Remote Access Auto Connection Driver) - c:\windows\system32\drivers\rasacd.sys (file missing)
R1 rdbss (Redirected Buffering Sub Sysytem) - c:\windows\system32\drivers\rdbss.sys (file missing)
R1 RDPCDD - c:\windows\system32\drivers\rdpcdd.sys (file missing)
R1 RDPENCDD (RDP Encoder Mirror Driver) - c:\windows\system32\drivers\rdpencdd.sys (file missing)
R1 Smb (Nachrichtenorientiertes TCP/IP- und TCP/IPv6-Protokoll (SMB-Sitzung)) - c:\windows\system32\drivers\smb.sys (file missing)
R1 Tcpip (TCP/IP-Protokolltreiber) - c:\windows\system32\drivers\tcpip.sys (file missing)
R1 tdx (NetIO-Legacy-TDI-Supporttreiber) - c:\windows\system32\drivers\tdx.sys (file missing)
R1 TermDD (Terminal-Gerätetreiber) - c:\windows\system32\drivers\termdd.sys (file missing)
R1 VgaSave - c:\windows\system32\drivers\vga.sys (file missing)
R1 Wanarpv6 (Remote Access IPv6 ARP Driver) - c:\windows\system32\drivers\wanarp.sys (file missing)
R2 atksgt - c:\windows\system32\drivers\atksgt.sys (file missing)
R2 lirsgt - c:\windows\system32\drivers\lirsgt.sys (file missing)
R2 lltdio (Link-Layer Topology Discovery Mapper I/O Driver) - c:\windows\system32\drivers\lltdio.sys (file missing)
R2 luafv (UAC File Virtualization) - c:\windows\system32\drivers\luafv.sys (file missing)
R2 PEAUTH - c:\windows\system32\drivers\peauth.sys (file missing)
R2 rspndr (Link-Layer Topology Discovery Responder) - c:\windows\system32\drivers\rspndr.sys (file missing)
R2 secdrv (Security Driver) - c:\windows\system32\drivers\secdrv.sys (file missing)
R2 tcpipreg (TCP/IP Registry Compatibility) - c:\windows\system32\drivers\tcpipreg.sys (file missing)
R3 AsyncMac (Asynchroner RAS -Medientreiber) - c:\windows\system32\drivers\asyncmac.sys (file missing)
R3 bowser - c:\windows\system32\drivers\bowser.sys (file missing)
R3 DXGKrnl (LDDM Graphics Subsystem) - c:\windows\system32\drivers\dxgkrnl.sys (file missing)
R3 fastfat (FAT12/16/32 File System Driver) - c:\windows\system32\drivers\fastfat.sys (file missing)
R3 fdc (Diskettencontrollertreiber) - c:\windows\system32\drivers\fdc.sys (file missing)
R3 flpydisk (Diskettenlaufwerktreiber) - c:\windows\system32\drivers\flpydisk.sys (file missing)
R3 HDAudBus (Microsoft-UAA-Bustreiber für High Definition Audio) - c:\windows\system32\drivers\hdaudbus.sys (file missing)
R3 HidUsb (Microsoft HID Class-Treiber) - c:\windows\system32\drivers\hidusb.sys (file missing)
R3 HTTP - c:\windows\system32\drivers\http.sys (file missing)
R3 IntcAzAudAddService (Service for Realtek HD Audio (WDM)) - c:\windows\system32\drivers\rtkvhd64.sys (file missing)
R3 intelppm (Intel-Prozessortreiber) - c:\windows\system32\drivers\intelppm.sys (file missing)
R3 iScsiPrt (iScsiPort-Treiber) - c:\windows\system32\drivers\msiscsi.sys (file missing)
R3 ksthunk (Kernel Streaming Thunks) - c:\windows\system32\drivers\ksthunk.sys (file missing)
R3 monitor (Microsoft Monitor-Klassenfunktionstreiber-Dienst) - c:\windows\system32\drivers\monitor.sys (file missing)
R3 mouhid (Maus-HID-Treiber) - c:\windows\system32\drivers\mouhid.sys (file missing)
R3 mpsdrv (Windows-Firewallautorisierungstreiber) - c:\windows\system32\drivers\mpsdrv.sys (file missing)
R3 MRxDAV (WebDav Client Redirector Driver) - c:\windows\system32\drivers\mrxdav.sys (file missing)
R3 mrxsmb (SMB MiniRedirector Wrapper and Engine) - c:\windows\system32\drivers\mrxsmb.sys (file missing)
R3 mrxsmb10 (SMB 1.x MiniRedirector) - c:\windows\system32\drivers\mrxsmb10.sys (file missing)
R3 mrxsmb20 (SMB 2.0 MiniRedirector) - c:\windows\system32\drivers\mrxsmb20.sys (file missing)
R3 MSPQM (Microsoft Proxy für Streaming Quality Manager) - c:\windows\system32\drivers\mspqm.sys (file missing)
R3 mssmbios (Microsoft-Systemverwaltungs-BIOS-Treiber) - c:\windows\system32\drivers\mssmbios.sys (file missing)
R3 MTsensor (ATK0110 ACPI UTILITY) - c:\windows\system32\drivers\asacpi.sys (file missing)
R3 NdisTapi (RAS-NDIS-TAPI-Treiber) - c:\windows\system32\drivers\ndistapi.sys (file missing)
R3 NdisWan (RAS-NDIS-WAN-Treiber) - c:\windows\system32\drivers\ndiswan.sys (file missing)
R3 NDProxy (NDIS Proxy) - c:\windows\system32\drivers\ndproxy.sys (file missing)
R3 Ntfs - c:\windows\system32\drivers\ntfs.sys (file missing)
R3 NVENETFD (NVIDIA nForce-Netzwerkcontrollertreiber) - c:\windows\system32\drivers\nvm60x64.sys (file missing)
R3 nvlddmkm - c:\windows\system32\drivers\nvlddmkm.sys (file missing)
R3 ohci1394 (VIA OHCI-konformer IEEE 1394-Hostcontroller) - c:\windows\system32\drivers\ohci1394.sys (file missing)
R3 Parport (Treiber für parallelen Anschluss) - c:\windows\system32\drivers\parport.sys (file missing)
R3 PptpMiniport (WAN-Miniport (PPTP)) - c:\windows\system32\drivers\raspptp.sys (file missing)
R3 Rasl2tp (WAN-Miniport (L2TP)) - c:\windows\system32\drivers\rasl2tp.sys (file missing)
R3 RasPppoe (Remotezugriff-PPPOE-Treiber) - c:\windows\system32\drivers\raspppoe.sys (file missing)
R3 Serenum (Serenum-Filtertreiber) - c:\windows\system32\drivers\serenum.sys (file missing)
R3 Serial (Treiber für seriellen Anschluss) - c:\windows\system32\drivers\serial.sys (file missing)
R3 srv - c:\windows\system32\drivers\srv.sys (file missing)
R3 srv2 - c:\windows\system32\drivers\srv2.sys (file missing)
R3 srvnet - c:\windows\system32\drivers\srvnet.sys (file missing)
R3 swenum (Software-Bus-Treiber) - c:\windows\system32\drivers\swenum.sys (file missing)
R3 tunmp (Microsoft Tun-Miniportadaptertreiber) - c:\windows\system32\drivers\tunmp.sys (file missing)
R3 tunnel (Microsoft-IPv6-Tunnelminiport-Adaptertreiber) - c:\windows\system32\drivers\tunnel.sys (file missing)
R3 umbus (UMBus-Enumerator-Treiber) - c:\windows\system32\drivers\umbus.sys (file missing)
R3 USB28xxBGA (Cinergy EM28xx Capture) - c:\windows\system32\drivers\embda64.sys (file missing)
R3 USB28xxOEM (Cinergy EM28xx OEM Filter) - c:\windows\system32\drivers\emoem64.sys (file missing)
R3 usbaudio (USB-Audiotreiber (WDM)) - c:\windows\system32\drivers\usbaudio.sys (file missing)
R3 usbccgp (Microsoft Standard-USB-Haupttreiber) - c:\windows\system32\drivers\usbccgp.sys (file missing)
R3 usbehci (Miniporttreiber für erweiterten Microsoft USB 2.0-Hostcontroller) - c:\windows\system32\drivers\usbehci.sys (file missing)
R3 usbhub (Microsoft USB-Standardhubtreiber) - c:\windows\system32\drivers\usbhub.sys (file missing)
R3 usbohci (Miniporttreiber für Microsoft USB Open Host-Controller) - c:\windows\system32\drivers\usbohci.sys (file missing)
R3 VX1000 (VX-1000) - c:\windows\system32\drivers\vx1000.sys (file missing)
R4 cdfs (CD/DVD File System Reader) - c:\windows\system32\drivers\cdfs.sys (file missing)

['/CODE]

Antwort

Themen zu Auswerten bitte
adobe, application, auswerten, bho, browser, explorer, firefox, hijack, hijackthis, home, internet, internet explorer, local\temp, lsass.exe, messenger, microsoft, mozilla, mozilla firefox, object, pdf, plug-in, problem, programdata, programme, remote control, rundll, shockwave, software, syswow64, temp, vista, windows, windows sidebar, wmp


« Internet Seiten werden trotz bestehender Verbindung net ang. | iexplore.exe! »


Ähnliche Themen: Auswerten bitte


  1. Bitte Log auswerten
    Mülltonne - 14.08.2008 (0)
  2. Bitte Auswerten
    Mülltonne - 22.03.2008 (0)
  3. Bitte Log auswerten
    Log-Analyse und Auswertung - 10.03.2008 (5)
  4. Bitte auswerten ;)
    Log-Analyse und Auswertung - 22.02.2008 (3)
  5. Trojaner - Bitte bitte Logfile auswerten!
    Log-Analyse und Auswertung - 30.11.2007 (2)
  6. Bitte auswerten
    Mülltonne - 22.07.2007 (0)
  7. Bitte Auswerten! :)
    Log-Analyse und Auswertung - 05.11.2006 (5)
  8. bitte log auswerten
    Log-Analyse und Auswertung - 22.07.2006 (1)
  9. Bitte auswerten
    Mülltonne - 16.07.2006 (2)
  10. Bitte, bitte log auswerten. Ich brauch Hilfe!
    Log-Analyse und Auswertung - 21.07.2005 (13)
  11. Bitte auswerten!
    Log-Analyse und Auswertung - 29.04.2005 (11)
  12. an k, bitte auswerten
    Log-Analyse und Auswertung - 17.02.2005 (3)
  13. Bitte auswerten!
    Log-Analyse und Auswertung - 15.02.2005 (6)
  14. Bitte auswerten!
    Log-Analyse und Auswertung - 12.01.2005 (2)
  15. Bitte Log auswerten.
    Log-Analyse und Auswertung - 03.01.2005 (2)
  16. Bitte LOG auswerten
    Log-Analyse und Auswertung - 06.12.2004 (1)
  17. Bitte mal auswerten!
    Log-Analyse und Auswertung - 10.09.2004 (2)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Auswerten bitte - 03.04.2008 16:34:07 Datei C:\Program Files (x86)\Circle Developement\Uninstall.exe, gefunden: trojanisches Programm 'Trojan.Win32.Obfuscated.mt'. also das is doch eindeutig ein trojaner ...wie kann ich den löschen oda kann ich den überhaupt löschen? - Auswerten bitte...
Archiv
Du betrachtest: Auswerten bitte auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132