| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Probleme mit ff und ieWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
24.06.2008, 11:06
| #1 |
  |  Probleme mit ff und ie Wies aussieht, hab ich mir nen Virus oder so eingefangen. ich kann mit Firefox einige Seiten nicht mehr öffnen und Google funktioniert auch nicht mehr. außerdem kommen im Internet Explorer andauernd Popups... Habs schon mit meinem Antivirenprogramm versucht (Norton), aber das findet nix Nen Systemwiederherstellungspunkt hab ich leider auch nicht Wenn ich mit ie ins inet gehe, dann kommt schon beim start h**p://83.149.75.33/info.png?cmp=ghr...&lid=http&z=ma und h**p://83.149.75.33/info.png?cmp=ghr...&lid=http&z=ma in ner registerkarte außerdem öffnet sich h**ps://www.bwin.com/fr/sportsbook.aspx?zoneid=20800 und h**p://de.celldorado.com/DE/ADS/1338...6PCL3w57dtvd3f außerdem kommen andauernd werbeseite von antivirenprogrammen bsp: h**p://de.antispywareexpert.com/2009...990_8051_20346 Hab auch mal versucht spybot zu installen: bei der Installation kam dann: Die Serververbindung konnte nicht hergestellt werden. Hab mit GMER dann alle laufenden Prozesse abgeschaltet und antvir hat nen Trojaner, sowie 2 HTML-Scriptviren gefunden (HTML/Infected.WebPage.Gen) Ich hoffe ich hab mein Problem ausführlich genug geschildert und irgendwer kann mir weiterhelfen... |
|
24.06.2008, 11:14
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Probleme mit ff und ie Laß mal DSS auf Dein System los und poste die Logfiles. Den Link findest Du in meiner Signatur.
__________________
__________________ |
|
24.06.2008, 11:34
| #3 |
| |  Probleme mit ff und ie Is glaub gar nicht mehr nötig die zu posten
__________________ DSS hat anscheinend die Probleme vollständig aus der Welt geschafft! Ich hab seit 2 Tagen versucht die Probleme aus der Welt zu schaffen, sogar mit Hilfe von Leuten, die sich eig damit auskennen, jedoch hat es keiner geschafft...und dann schreib ich hier mein Problem und keine 10min später ist es aus der Welt! Echt fantastisch, vielen vielen Dank dafür  €dit: -.- jetzt war ich grade fertig mit schreiben, dann kommt wieder so ne meldung im ie...  Geändert von Metallica (24.06.2008 um 11:40 Uhr) |
|
24.06.2008, 11:36
| #4 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Probleme mit ff und ie Poste trotzdem die Logfiles! DSS gibt sehr viele detailierte Infos! Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
24.06.2008, 11:59
| #5 |
| |  Probleme mit ff und ie ImageShack® - Image Hosting code: 80122081918109 ImageShack® - Image Hosting code: 80122081933277 ich hoffe das geht so^^ |
|
24.06.2008, 12:29
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Probleme mit ff und ie Poste die bitte hier in den Beitrag oder lad sie alternativ bei file-upload.net hoch und verlink das gnaze hier dann.
__________________ --> Probleme mit ff und ie |
|
24.06.2008, 12:35
| #7 |
| | Probleme mit ff und ie main.txt Deckard's System Scanner v20071014.68 Run by Metal on 2008-06-24 12:22:24 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- Last 1 Restore Point(s) -- 1: 2008-06-24 08:17:35 UTC - RP146 - Avira AntiVir Personal - 24.06.2008 10:17 Backed up registry hives. Performed disk cleanup. System Drive C: has 1.47 GiB (less than 15%) free. -- HijackThis Clone ------------------------------------------------------------ Emulating logfile of Trend Micro HijackThis v2.0.2 Scan saved at 2008-06-24 12:24:27 Platform: Windows Vista (6.00.6000) MSIE: Internet Explorer (7.00.6000.16386) Boot mode: Normal Running processes: C:\Windows\System32\dwm.exe C:\Windows\System32\taskeng.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\rundll32.exe C:\Windows\RtHDVCpl.exe C:\Windows\BisonCam\BisonHK.exe C:\Windows\BisonCam\BsMnt.exe C:\Program Files\System Control Manager\MGSysCtrl.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\System32\rundll32.exe C:\Program Files\ICQ6\ICQ.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\rundll32.exe C:\Windows\ehome\ehmsas.exe C:\Windows\System32\wuauclt.exe C:\Program Files\Internet Explorer\ieuser.exe C:\Program Files\Common Files\microsoft shared\Windows Live\WLLoginProxy.exe C:\Windows\explorer.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Metal\Downloads\dss.exe C:\Windows\System32\conime.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSI -- MICRO-STAR INT'L CO.,LTD. R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSI -- MICRO-STAR INT'L CO.,LTD. R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [BisonHK] C:\Windows\BisonCam\BisonHK.exe O4 - HKLM\..\Run: [BsMnt] C:\Windows\BisonCam\BsMnt.exe O4 - HKLM\..\Run: [MGSysCtrl] C:\Program Files\System Control Manager\MGSysCtrl.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll" O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [Vidalia] "C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe" O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [MSServer] rundll32.exe C:\Users\Metal\AppData\Local\Temp\aWoLeffC.dll,#1 O4 - HKCU\..\Run: [cmds] rundll32.exe C:\Users\Metal\AppData\Local\Temp\xxYOHWnn.dll,c O4 - HKCU\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup O4 - HKCU\..\Run: [ICQ] "C:\PROGRA~1\ICQ6\ICQ.exe" silent O4 - HKCU\..\Run: [2c2ae4cc] rundll32.exe "C:\Users\Metal\AppData\Local\Temp\ivlbwwdw.dll",b O4 - HKCU\..\Run: [BM2f19d750] Rundll32.exe "C:\Users\Metal\AppData\Local\Temp\fofcfcxy.dll",s O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'NETWORK SERVICE') O4 - Global Startup: Privoxy.lnk = C:\Program Files\Vidalia Bundle\Privoxy\privoxy.exe O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (file missing) O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll O18 - Protocol: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\microsoft shared\Information Retrieval\msitss.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL O23 - Service: Acronis OS Selector Reinstall Service (AcronisOSSReinstallSvc) - Unknown owner - C:\Program Files\Common Files\Acronis\Acronis Disk Director\oss_reinstall_svc.exe O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\System32\agrsmsvc.exe O23 - Service: Avira AntiVir Personal – Free Antivirus Planer (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe O23 - Service: SCM Driver Daemon (NishService) - Unknown owner - C:\Program Files\System Control Manager\edd.exe O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Oz128 Driver\o2flash.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe -- End of file - 9055 bytes -- File Associations ----------------------------------------------------------- All associations okay. -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------- R1 ssmdrv - c:\windows\system32\drivers\ssmdrv.sys <Not Verified; AVIRA GmbH; > R3 MGHwCtrl - \??\c:\windows\system32\drivers\mghwctrl.sys -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled -------------------- R2 AntiVirScheduler (Avira AntiVir Personal – Free Antivirus Planer) - "c:\program files\avira\antivir personaledition classic\sched.exe" <Not Verified; Avira GmbH; AntiVir Workstation> R2 NishService (SCM Driver Daemon) - c:\program files\system control manager\edd.exe R2 o2flash (O2Micro Flash Memory Card Service) - "c:\program files\o2micro oz128 driver\o2flash.exe" <Not Verified; O2Micro International; O2 MS1/MP1 Service> R2 RichVideo (Cyberlink RichVideo Service(CRVS)) - "c:\program files\cyberlink\shared files\richvideo.exe" <Not Verified; ; RichVideo Module> S2 AcronisOSSReinstallSvc (Acronis OS Selector Reinstall Service) - "c:\program files\common files\acronis\acronis disk director\oss_reinstall_svc.exe" (file missing) S2 LiveUpdate Notice Ex (LiveUpdate Notice Service Ex) - "c:\program files\common files\symantec shared\ccsvchst.exe" /h cccommon (file missing) -- Device Manager: Disabled ---------------------------------------------------- No disabled devices found. -- Scheduled Tasks ------------------------------------------------------------- 2008-06-24 12:00:00 500 --a------ C:\Windows\Tasks\1-Klick-Wartung.job 2008-06-24 10:48:31 418 --ah----- C:\Windows\Tasks\User_Feed_Synchronization-{2AB77972-40AB-477B-9318-5CF9D3C35BE9}.job -- Files created between 2008-05-24 and 2008-06-24 ----------------------------- 2008-06-24 10:18:47 0 d-------- C:\Users\All Users\Avira 2008-06-24 10:18:47 0 d-------- C:\Program Files\Avira 2008-06-24 10:04:45 0 d-------- C:\Program Files\Sophos 2008-06-23 02:13:31 0 d-------- C:\Users\All Users\Kaspersky Lab 2008-06-23 00:33:59 0 d-------- C:\Users\All Users\Kaspersky Lab Setup Files 2008-06-22 08:48:40 0 d-------- C:\Users\All Users\Nero 2008-06-22 08:48:40 0 d-------- C:\Program Files\Nero 2008-06-22 08:48:38 0 d-------- C:\Program Files\Common Files\Nero 2008-06-20 21:36:11 0 d-------- C:\Program Files\uTorrent 2008-06-20 13:44:45 0 d-------- C:\Program Files\Paragon Software 2008-06-10 14:15:29 0 d-------- C:\Users\All Users\TEMP 2008-06-10 14:15:29 0 d-------- C:\Users\All Users\PassMark -- Find3M Report --------------------------------------------------------------- 2008-06-24 12:20:35 0 d-------- C:\Users\Metal\AppData\Roaming\Vidalia 2008-06-24 12:20:35 0 d-------- C:\Users\Metal\AppData\Roaming\tor 2008-06-24 11:42:12 641344 --a------ C:\Windows\system32\perfh007.dat 2008-06-24 11:42:12 116706 --a------ C:\Windows\system32\perfc007.dat 2008-06-24 11:39:47 25159 --a------ C:\Users\Metal\AppData\Roaming\nvModes.001 2008-06-24 08:37:53 12 --a------ C:\Windows\bthservsdp.dat 2008-06-23 13:10:44 25159 --a------ C:\Users\Metal\AppData\Roaming\nvModes.dat 2008-06-23 00:53:55 0 d-------- C:\Program Files\Common Files\Symantec Shared 2008-06-23 00:35:58 0 d-------- C:\Program Files\Symantec 2008-06-22 09:34:34 0 d-------- C:\Users\Metal\AppData\Roaming\uTorrent 2008-06-22 09:05:54 0 d--h----- C:\Users\Metal\AppData\Roaming\setup 2008-06-22 09:05:52 0 d-------- C:\Users\Metal\AppData\Roaming\Thinstall 2008-06-22 08:48:38 0 d-------- C:\Program Files\Common Files 2008-06-22 08:04:15 0 d-------- C:\Users\Metal\AppData\Roaming\CyberLink 2008-06-22 07:50:23 0 d-------- C:\Program Files\Microsoft Silverlight 2008-06-20 23:39:31 0 d-------- C:\Users\Metal\AppData\Roaming\Winamp 2008-06-20 13:53:32 0 d-------- C:\Program Files\ICQ6 2008-06-20 13:46:19 0 d--h----- C:\Program Files\InstallShield Installation Information 2008-06-20 13:24:35 0 d-------- C:\Program Files\ICQToolbar 2008-06-20 13:14:06 0 d-------- C:\Program Files\Common Files\InstallShield 2008-06-20 12:51:48 0 d-------- C:\Program Files\ICQ-Flowers 2008-06-20 03:13:06 0 d-------- C:\Program Files\Windows Mail 2008-06-19 11:50:28 0 d-------- C:\Users\Metal\AppData\Roaming\Mozilla 2008-06-19 11:13:55 0 d-------- C:\Users\Metal\AppData\Roaming\ICQ Toolbar -- Registry Dump --------------------------------------------------------------- *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [13.06.2007 17:19] "NvSvc"="C:\Windows\system32\nvsvc.dll" [28.04.2007 13:05] "NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [28.04.2007 13:05] "NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [28.04.2007 13:05] "RtHDVCpl"="RtHDVCpl.exe" [10.04.2007 10:01 C:\Windows\RtHDVCpl.exe] "BisonHK"="C:\Windows\BisonCam\BisonHK.exe" [15.03.2007 16:37] "BsMnt"="C:\Windows\BisonCam\BsMnt.exe" [15.03.2007 16:34] "MGSysCtrl"="C:\Program Files\System Control Manager\MGSysCtrl.exe" [28.05.2007 19:39] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [11.01.2008 23:16] "{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="C:\Program Files\Google\Gmail Notifier\gnotify.exe" [15.07.2005 23:48] "RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [14.03.2007 22:01] "LanguageShortcut"="C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" [08.01.2007 23:17] "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [31.01.2008 23:13] "Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [29.01.2008 18:38] "ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [11.08.2005 16:30] "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [12.02.2008 10:06] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [18.10.2007 12:34] "ehTray.exe"="C:\Windows\ehome\ehTray.exe" [02.11.2006 14:35] "PowerBar"="" [] "Vidalia"="C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe" [22.11.2007 23:49] "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [02.11.2006 14:36] "MSServer"="C:\Users\Metal\AppData\Local\Temp\aWoLeffC.dll,#1" [] "cmds"="C:\Users\Metal\AppData\Local\Temp\xxYOHWnn.dll,c" [] "ISUSPM Startup"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [11.08.2005 16:30] "ICQ"="C:\PROGRA~1\ICQ6\ICQ.exe" [01.04.2008 12:40] "2c2ae4cc"="C:\Users\Metal\AppData\Local\Temp\ivlbwwdw.dll,b" [] "Power2GoExpress"="" [] "BM2f19d750"="C:\Users\Metal\AppData\Local\Temp\fofcfcxy.dll,s" [] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ Privoxy.lnk - C:\Program Files\Vidalia Bundle\Privoxy\privoxy.exe [20.11.2006 16:30:54] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"=2 (0x2) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] @="Volume shadow copy" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] @="IEEE 1394 Bus host controllers" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] @="SBP2 IEEE 1394 Devices" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] @="SecurityDevices" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "Speech Recognition"="C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe /autoRun [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "WinampAgent"="C:\Program Files\Winamp\winampa.exe" "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalSystemNetworkRestricted hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc EMDMgmt TabletInputService wlansvc WPDBusEnum bthsvcs BthServ HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] C:\Windows\system32\unregmp2.exe /ShowWMP [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] %SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI -- End of Deckard's System Scanner: finished at 2008-06-24 12:25:07 ------------ |
|
24.06.2008, 12:36
| #8 |
| | Probleme mit ff und ie extra.txt Deckard's System Scanner v20071014.68 Extra logfile - please post this as an attachment with your post. -------------------------------------------------------------------------------- -- System Information ---------------------------------------------------------- Microsoft® Windows Vista™ Home Premium (build 6000) Architecture: X86; Language: German CPU 0: Intel(R) Core(TM)2 Duo CPU T7250 @ 2.00GHz Percentage of Memory in Use: 41% Physical Memory (total/avail): 2046.69 MiB / 1194.95 MiB Pagefile Memory (total/avail): 4313.67 MiB / 3250.59 MiB Virtual Memory (total/avail): 2047.88 MiB / 1924.26 MiB C: is Fixed (NTFS) - 34.18 GiB total, 1.47 GiB free. E: is Fixed (NTFS) - 109.01 GiB total, 108 GiB free. F: is CDROM (No Media) \\.\PHYSICALDRIVE0 - WDC WD1600BEVS-22RST0 ATA Device - 149.05 GiB - 3 partitions \PARTITION0 - Unknown - 5.86 GiB \PARTITION1 (bootable) - Installierbares Dateisystem - 34.18 GiB - C: \PARTITION2 - Installierbares Dateisystem - 109.01 GiB - E: -- Security Center ------------------------------------------------------------- AUOptions is scheduled to auto-install. Windows Internal Firewall is disabled. FW: Norton Internet Security v2007 (Symantec Corporation) AV: Avira AntiVir PersonalEdition v8.0.1.15 (Avira GmbH) Disabled Outdated AV: Norton Internet Security v2007 (Symantec Corporation) Disabled Outdated AS: Windows-Defender v1.1.1505.0 (Microsoft Corporation) AS: Norton Internet Security v2007 (Symantec Corporation) Disabled Outdated [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] -- Environment Variables ------------------------------------------------------- ALLUSERSPROFILE=C:\ProgramData APPDATA=C:\Users\Metal\AppData\Roaming CLASSPATH=.;C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip CommonProgramFiles=C:\Program Files\Common Files COMPUTERNAME=METAL-PC ComSpec=C:\Windows\system32\cmd.exe configsetroot=C:\Windows\ConfigSetRoot FP_NO_HOST_CHECK=NO HOMEDRIVE=C: HOMEPATH=\Users\Metal LOCALAPPDATA=C:\Users\Metal\AppData\Local LOGONSERVER=\\METAL-PC NUMBER_OF_PROCESSORS=2 OS=Windows_NT Path=C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Program Files\QuickTime\QTSystem\ PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC PROCESSOR_ARCHITECTURE=x86 PROCESSOR_IDENTIFIER=x86 Family 6 Model 15 Stepping 13, GenuineIntel PROCESSOR_LEVEL=6 PROCESSOR_REVISION=0f0d ProgramData=C:\ProgramData ProgramFiles=C:\Program Files PROMPT=$P$G PUBLIC=C:\Users\Public QTJAVA=C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip SystemDrive=C: SystemRoot=C:\Windows TEMP=C:\Users\Metal\AppData\Local\Temp TMP=C:\Users\Metal\AppData\Local\Temp USERDOMAIN=Metal-PC USERNAME=Metal USERPROFILE=C:\Users\Metal windir=C:\Windows -- User Profiles --------------------------------------------------------------- Metal Metal2 -- Add/Remove Programs --------------------------------------------------------- 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0016-0407-0000-0000000FF1CE} /uninstall {DCBECE36-8F23-4B33-925E-A1C6183C0DBD} 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0018-0407-0000-0000000FF1CE} /uninstall {DCBECE36-8F23-4B33-925E-A1C6183C0DBD} 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001B-0407-0000-0000000FF1CE} /uninstall {DCBECE36-8F23-4B33-925E-A1C6183C0DBD} 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9} 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173} 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C} 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0410-0000-0000000FF1CE} /uninstall {58FC5E37-DD28-4D4A-A549-125744C6763C} 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-006E-0407-0000-0000000FF1CE} /uninstall {888B9AC7-8F5C-456B-A27A-157A6C310E52} 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-00A1-0407-0000-0000000FF1CE} /uninstall {DCBECE36-8F23-4B33-925E-A1C6183C0DBD} 2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419} Activation Assistant for the 2007 Microsoft Office suites --> "C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE Adobe Flash Player 9 ActiveX --> C:\Windows\system32\Macromed\Flash\UninstFl.exe -q Adobe Flash Player ActiveX --> C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player Plugin --> C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe Adobe Reader 8.1.2 - Deutsch --> MsiExec.exe /I{AC76BA86-7AD7-1031-7B44-A81200000003} Agere Systems HDA Modem --> agrsmdel Alarm 1.1 --> "C:\Program Files\Alarm\unins000.exe" AppCore --> MsiExec.exe /I{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B} Apple Software Update --> MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4} µTorrent --> "C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL Avira AntiVir Personal – Free Antivirus --> C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE BisonCam --> C:\Program Files\InstallShield Installation Information\{4A57592C-FF92-4083-97A9-92783BD5AFB4}\setup.exe -runfromtemp -l0x0007 -removeonly DVD Solution --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\setup.exe" -uninstall Free YouTube to Mp3 Converter version 2.4 --> "C:\Program Files\DVDVideoSoft\Free YouTube to Mp3 Converter\unins000.exe" Frets On Fire --> "C:\Program Files\Frets on Fire\Uninstall.exe" Google Gmail Notifier --> "C:\Program Files\Google\Gmail Notifier\UninstallGmail.exe" Google SketchUp 6 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{98736A65-3C79-49EC-B7E9-A3C77774B0E6}\setup.exe" -l0x7 -removeonly Google SketchUp 6 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B3D8B2F8-3C2C-45BC-933E-8B60E78F6684}\setup.exe" -l0x7 -removeonly ICQ6 --> C:\Program Files\InstallShield Installation Information\{60DE4033-9503-48D1-A483-7846BD217CA9}\setup.exe -runfromtemp -l0x0009 -removeonly Java(TM) 6 Update 5 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050} LiveUpdate Notice (Symantec Corporation) --> MsiExec.exe /X{DBA4DB9D-EE51-4944-A419-98AB1F1249C8} Microsoft Office Excel MUI (German) 2007 --> MsiExec.exe /X{90120000-0016-0407-0000-0000000FF1CE} Microsoft Office Home and Student 2007 --> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL Microsoft Office Home and Student 2007 --> MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE} Microsoft Office OneNote MUI (German) 2007 --> MsiExec.exe /X{90120000-00A1-0407-0000-0000000FF1CE} Microsoft Office PowerPoint MUI (German) 2007 --> MsiExec.exe /X{90120000-0018-0407-0000-0000000FF1CE} Microsoft Office Proof (English) 2007 --> MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE} Microsoft Office Proof (French) 2007 --> MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE} Microsoft Office Proof (German) 2007 --> MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE} Microsoft Office Proof (Italian) 2007 --> MsiExec.exe /X{90120000-001F-0410-0000-0000000FF1CE} Microsoft Office Proofing (German) 2007 --> MsiExec.exe /X{90120000-002C-0407-0000-0000000FF1CE} Microsoft Office Shared MUI (German) 2007 --> MsiExec.exe /X{90120000-006E-0407-0000-0000000FF1CE} Microsoft Office Word MUI (German) 2007 --> MsiExec.exe /X{90120000-001B-0407-0000-0000000FF1CE} Microsoft Silverlight --> MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7} Microsoft Works --> MsiExec.exe /I{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3} Mozilla Firefox (3.0) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe MSXML 4.0 SP2 (KB936181) --> MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF} MSXML 4.0 SP2 (KB941833) --> MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF} Norton Internet Security --> MsiExec.exe /I{3672B097-EA69-4bfe-B92F-29AE6D9D2B34} NVIDIA Drivers --> C:\Windows\system32\NVUNINST.EXE UninstallGUI O2Micro Flash Memory Card Reader Driver Installer(x86) --> MsiExec.exe /X{78764173-3805-4916-B3CE-B433702B8870} Paragon Drive Backup 8.51 Professional Trial --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D155D300-C235-44FC-981C-F7B34683439C}\Setup.exe" -l0x7 Power2Go 5.0 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\setup.exe" -uninstall PowerDirector Express --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EDE721EC-870A-11D8-9D75-000129760D75}\setup.exe" -uninstall PowerDVD --> "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -l0x000407 /z-uninstall PowerProducer --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\setup.exe" -uninstall Prince of Persia T2T --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DFFE2B1F-07E0-45A9-8801-CD8514CAA876}\setup.exe" -l0x7 -removeonly Prince of Persia The Sands of Time --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8C453F13-6877-4D34-8816-009ABDE306DB}\setup.exe" -l0x7 Privoxy 3.0.6 --> "C:\Program Files\Vidalia Bundle\Uninstall.exe" QuickTime --> MsiExec.exe /I{BFD96B89-B769-4CD6-B11E-E79FFD46F067} Rappelz_USA --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E144A786-D2DD-428B-9C1A-0EE3FA3515EA}\setup.exe" -l0x9 -removeonly Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista --> C:\Program Files\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -l0x0007 -removeonly Realtek High Definition Audio Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x7 -removeonly RTC Client API v1.2 --> MsiExec.exe /X{44CDBD1B-89FB-4E02-8319-2A4C550F664A} Security Update for Excel 2007 (KB946974) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {85E83E2E-AF9B-439B-B4F9-EB9B7EF6A00E} Security Update for Microsoft Office system 2007 (KB951808) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {8F375E11-4FD6-4B89-9E2B-A76D48B51E00} Security Update for Microsoft Office Word 2007 (KB950113) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {AD72BABE-C733-4FCF-9674-4314466191B9} Security Update for Office 2007 (KB947801) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {02B5A17B-01BE-4BA6-95F1-1CBB46EBC76E} Security Update for Visio 2007 (KB947590) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {6BAD036C-261F-4BEF-96CF-C20678D07A41} Sophos Anti-Rootkit 1.3.1 --> C:\Program Files\Sophos\Sophos Anti-Rootkit\helper.exe remove System Control Manager --> C:\Program Files\InstallShield Installation Information\{ED9C5D25-55DF-48D8-9328-2AC0D75DE5D8}\setup.exe -runfromtemp -l0x0009 -removeonly Tor 0.1.2.19 --> "C:\Program Files\Vidalia Bundle\Uninstall.exe" TuneUp Utilities 2008 --> MsiExec.exe /I{5888428E-699C-4E71-BF71-94EE06B497DA} Uninstall 1.0.0.0 --> "C:\Program Files\Common Files\DVDVideoSoft\unins000.exe" Update for Office 2007 (KB946691) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278} Vidalia 0.0.16 --> "C:\Program Files\Vidalia Bundle\Uninstall.exe" VideoLAN VLC media player 0.8.6f --> C:\Program Files\VideoLAN\VLC\uninstall.exe Viewpoint Media Player --> C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u Winamp --> "C:\Program Files\Winamp\UninstWA.exe" Windows Driver Package - Atheros Communications Inc. (athr) Net (04/15/2007 7.2.0.204) --> C:\PROGRA~1\DIFX\D6ACC4BE676423A2B130B78A4B627FC457D98997\DPInst86.exe /u C:\Windows\system32\DRVSTORE\netathr_A3C5CE2F55F7B1C5F3EBD7FA2BD1DF66B97F432E\netathr.inf Windows Driver Package - Atheros Communications Inc. Net (04/15/2007 7.2.0.204) --> C:\PROGRA~1\DIFX\D6ACC4BE676423A2B130B78A4B627FC457D98997\DPInst86.exe /u C:\Windows\system32\DRVSTORE\netathrx_75CC24611F68E5A816CFF55FF0CDCBFB55359E7E\netathrx.inf Windows Driver Package - Bluetooth Dongle Maker Bluetooth (01/01/2007 6.0.6000.16386) --> C:\PROGRA~1\DIFX\D6ACC4BE676423A2B130B78A4B627FC457D98997\DPINST.EXE /u C:\Windows\system32\DRVSTORE\btdongle_705312D9C32BB7F9D9E3F1C7D86796BD308F282B\btdongle.inf Windows Driver Package - Intel (iaNvStor) SCSIAdapter (03/10/2007 1.0.0.1082) --> C:\PROGRA~1\DIFX\D6ACC4BE676423A2B130B78A4B627FC457D98997\DPINST.EXE /u C:\Windows\system32\DRVSTORE\ianvstor_E1EA503F3B70B7E6FB11B89247F9AB944AA01F53\ianvstor.inf Windows Driver Package - Intel (NETw2v32) net (03/06/2007 9.1.1.15) --> C:\PROGRA~1\DIFX\D6ACC4BE676423A2B130B78A4B627FC457D98997\DPInst32.EXE /u C:\Windows\system32\DRVSTORE\netw2_12485469B3B666EE542BF08EFC4D088F0B0A75A4\netw2.inf Windows Driver Package - Intel (NETw4v32) net (04/30/2007 11.1.1.11) --> C:\PROGRA~1\DIFX\D6ACC4BE676423A2B130B78A4B627FC457D98997\DPInst32.EXE /u C:\Windows\system32\DRVSTORE\netw4v32_2D5C1C3A07181C86D77C0E7723EF88348DED631A\netw4v32.inf Windows Driver Package - Intel net (04/30/2007 11.1.1.11) --> C:\PROGRA~1\DIFX\D6ACC4BE676423A2B130B78A4B627FC457D98997\DPInst32.EXE /u C:\Windows\system32\DRVSTORE\netw4v64_C085F69C6B987145A362CC12BDE2E81905F46EC6\netw4v64.inf Windows Live Anmelde-Assistent --> MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986} Windows Live installer --> MsiExec.exe /X{7A7B0BF3-2F00-4F03-8A9B-6ABCC07B90C6} Windows Live Messenger --> MsiExec.exe /X{2B091530-69AA-442E-AB09-39ED06B58220} Windows Media Player Firefox Plugin --> MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4} WinRAR archiver --> C:\Program Files\WinRAR 3.61 Multi\Uninstall.exe Xvid 1.1.3 final uninstall --> "C:\Program Files\Xvid\unins000.exe" -- Application Event Log ------------------------------------------------------- Event Record #/Type8843 / Error Event Submitted/Written: 06/24/2008 11:42:11 AM Event ID/Source: 5007 / WerSvc Event Description: Die Zieldatei für die Windows-Feedbackplattform (eine DLL-Datei, die eine Liste der auf diesem Computer aufgetretenen Probleme enthält, für deren Diagnose das Sammeln zusätzlicher Daten erforderlich ist) konnte nicht analysiert werden. Fehlercode 8014FFF9. Event Record #/Type8838 / Success Event Submitted/Written: 06/24/2008 11:40:18 AM Event ID/Source: 12001 / usnjsvc Event Description: The Messenger Sharing USN Journal Reader service started successfully. Event Record #/Type8835 / Error Event Submitted/Written: 06/24/2008 11:39:31 AM Event ID/Source: 215 / ESENT Event Description: WinMail (2652) WindowsMail0: The backup has been stopped because it was halted by the client or the connection with the client failed. Event Record #/Type8823 / Success Event Submitted/Written: 06/24/2008 11:35:48 AM Event ID/Source: 5617 / WinMgmt Event Description: Event Record #/Type8822 / Success Event Submitted/Written: 06/24/2008 11:35:47 AM Event ID/Source: 5615 / WinMgmt Event Description: -- Security Event Log ---------------------------------------------------------- No Errors/Warnings found. -- System Event Log ------------------------------------------------------------ Event Record #/Type25560 / Warning Event Submitted/Written: 06/24/2008 00:24:37 PM Event ID/Source: 3004 / WinDefend Event Description: Vom %Metal-PC27-Echtzeitschutz-Agent wurden Änderungen erkannt. Microsoft empfiehlt, die Software, die diese Änderungen vorgenommen hat, zu analysieren, um potenzielle Risiken festzustellen. Sie können anhand der Informationen über die Funktionsweise dieser Programme entscheiden, ob die Software ausgeführt werden kann oder vom Computer entfernt werden soll. Lassen Sie nur Änderungen zu, wenn das Programm oder der Softwareherausgeber vertrauenswürdig ist. %Metal-PC27 kann Änderungen, die Sie zugelassen haben, nicht mehr rückgängig machen. Weitere Informationen finden Sie im Folgenden: %Metal-PC275 Scan-ID: {0C5B0B22-4F59-4433-BED8-05040D7B44E1} Benutzer: Metal-PC\Metal Name: %Metal-PC271 ID: %Metal-PC272 Schweregrad-ID: %Metal-PC273 Kategorie-ID: %Metal-PC274 Gefundener Pfad: %Metal-PC276 Warnungsart: %Metal-PC278 Feststellungstyp: 1.1.1505.02 Event Record #/Type25559 / Warning Event Submitted/Written: 06/24/2008 00:24:34 PM Event ID/Source: 3004 / WinDefend Event Description: Vom %Metal-PC27-Echtzeitschutz-Agent wurden Änderungen erkannt. Microsoft empfiehlt, die Software, die diese Änderungen vorgenommen hat, zu analysieren, um potenzielle Risiken festzustellen. Sie können anhand der Informationen über die Funktionsweise dieser Programme entscheiden, ob die Software ausgeführt werden kann oder vom Computer entfernt werden soll. Lassen Sie nur Änderungen zu, wenn das Programm oder der Softwareherausgeber vertrauenswürdig ist. %Metal-PC27 kann Änderungen, die Sie zugelassen haben, nicht mehr rückgängig machen. Weitere Informationen finden Sie im Folgenden: %Metal-PC275 Scan-ID: {EC6CB1C2-7051-4CDC-8377-F079464D20DA} Benutzer: Metal-PC\Metal Name: %Metal-PC271 ID: %Metal-PC272 Schweregrad-ID: %Metal-PC273 Kategorie-ID: %Metal-PC274 Gefundener Pfad: %Metal-PC276 Warnungsart: %Metal-PC278 Feststellungstyp: 1.1.1505.02 Event Record #/Type25558 / Warning Event Submitted/Written: 06/24/2008 00:24:34 PM Event ID/Source: 3004 / WinDefend Event Description: Vom %Metal-PC27-Echtzeitschutz-Agent wurden Änderungen erkannt. Microsoft empfiehlt, die Software, die diese Änderungen vorgenommen hat, zu analysieren, um potenzielle Risiken festzustellen. Sie können anhand der Informationen über die Funktionsweise dieser Programme entscheiden, ob die Software ausgeführt werden kann oder vom Computer entfernt werden soll. Lassen Sie nur Änderungen zu, wenn das Programm oder der Softwareherausgeber vertrauenswürdig ist. %Metal-PC27 kann Änderungen, die Sie zugelassen haben, nicht mehr rückgängig machen. Weitere Informationen finden Sie im Folgenden: %Metal-PC275 Scan-ID: {D772E849-7889-4528-8EB6-BBF3A31DA30C} Benutzer: Metal-PC\Metal Name: %Metal-PC271 ID: %Metal-PC272 Schweregrad-ID: %Metal-PC273 Kategorie-ID: %Metal-PC274 Gefundener Pfad: %Metal-PC276 Warnungsart: %Metal-PC278 Feststellungstyp: 1.1.1505.02 Event Record #/Type25557 / Warning Event Submitted/Written: 06/24/2008 00:24:34 PM Event ID/Source: 3004 / WinDefend Event Description: Vom %Metal-PC27-Echtzeitschutz-Agent wurden Änderungen erkannt. Microsoft empfiehlt, die Software, die diese Änderungen vorgenommen hat, zu analysieren, um potenzielle Risiken festzustellen. Sie können anhand der Informationen über die Funktionsweise dieser Programme entscheiden, ob die Software ausgeführt werden kann oder vom Computer entfernt werden soll. Lassen Sie nur Änderungen zu, wenn das Programm oder der Softwareherausgeber vertrauenswürdig ist. %Metal-PC27 kann Änderungen, die Sie zugelassen haben, nicht mehr rückgängig machen. Weitere Informationen finden Sie im Folgenden: %Metal-PC275 Scan-ID: {8A80172C-277E-4239-AE0D-1127EA2746C4} Benutzer: Metal-PC\Metal Name: %Metal-PC271 ID: %Metal-PC272 Schweregrad-ID: %Metal-PC273 Kategorie-ID: %Metal-PC274 Gefundener Pfad: %Metal-PC276 Warnungsart: %Metal-PC278 Feststellungstyp: 1.1.1505.02 Event Record #/Type25556 / Warning Event Submitted/Written: 06/24/2008 00:24:34 PM Event ID/Source: 3004 / WinDefend Event Description: Vom %Metal-PC27-Echtzeitschutz-Agent wurden Änderungen erkannt. Microsoft empfiehlt, die Software, die diese Änderungen vorgenommen hat, zu analysieren, um potenzielle Risiken festzustellen. Sie können anhand der Informationen über die Funktionsweise dieser Programme entscheiden, ob die Software ausgeführt werden kann oder vom Computer entfernt werden soll. Lassen Sie nur Änderungen zu, wenn das Programm oder der Softwareherausgeber vertrauenswürdig ist. %Metal-PC27 kann Änderungen, die Sie zugelassen haben, nicht mehr rückgängig machen. Weitere Informationen finden Sie im Folgenden: %Metal-PC275 Scan-ID: {8004EF9F-CE85-40DF-AC79-FE2FFE2205D9} Benutzer: Metal-PC\Metal Name: %Metal-PC271 ID: %Metal-PC272 Schweregrad-ID: %Metal-PC273 Kategorie-ID: %Metal-PC274 Gefundener Pfad: %Metal-PC276 Warnungsart: %Metal-PC278 Feststellungstyp: 1.1.1505.02 -- End of Deckard's System Scanner: finished at 2008-06-24 12:25:07 ------------ |
|
24.06.2008, 15:08
| #9 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Probleme mit ff und ie Bitte genauer lesen! Die Logfiles entweder als Anhang (hier im Board oder per file-upload.net) oder hier direkt posten, dann aber mit Code-Tags!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
24.06.2008, 16:37
| #10 |
| | Probleme mit ff und ie sorry -.- dann hier mal mit Code-Tags....ich hoffe das passt jetzt so Code:
ATTFilter Deckard's System Scanner v20071014.68 Run by Metal on 2008-06-24 12:22:24 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- Last 1 Restore Point(s) -- 1: 2008-06-24 08:17:35 UTC - RP146 - Avira AntiVir Personal - 24.06.2008 10:17 Backed up registry hives. Performed disk cleanup. System Drive C: has 1.47 GiB (less than 15%) free. -- HijackThis Clone ------------------------------------------------------------ Emulating logfile of Trend Micro HijackThis v2.0.2 Scan saved at 2008-06-24 12:24:27 Platform: Windows Vista (6.00.6000) MSIE: Internet Explorer (7.00.6000.16386) Boot mode: Normal Running processes: C:\Windows\System32\dwm.exe C:\Windows\System32\taskeng.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\rundll32.exe C:\Windows\RtHDVCpl.exe C:\Windows\BisonCam\BisonHK.exe C:\Windows\BisonCam\BsMnt.exe C:\Program Files\System Control Manager\MGSysCtrl.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\System32\rundll32.exe C:\Program Files\ICQ6\ICQ.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\rundll32.exe C:\Windows\ehome\ehmsas.exe C:\Windows\System32\wuauclt.exe C:\Program Files\Internet Explorer\ieuser.exe C:\Program Files\Common Files\microsoft shared\Windows Live\WLLoginProxy.exe C:\Windows\explorer.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Metal\Downloads\dss.exe C:\Windows\System32\conime.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msi.com.tw R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msi.com.tw R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [BisonHK] C:\Windows\BisonCam\BisonHK.exe O4 - HKLM\..\Run: [BsMnt] C:\Windows\BisonCam\BsMnt.exe O4 - HKLM\..\Run: [MGSysCtrl] C:\Program Files\System Control Manager\MGSysCtrl.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll" O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [Vidalia] "C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe" O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [MSServer] rundll32.exe C:\Users\Metal\AppData\Local\Temp\aWoLeffC.dll,#1 O4 - HKCU\..\Run: [cmds] rundll32.exe C:\Users\Metal\AppData\Local\Temp\xxYOHWnn.dll,c O4 - HKCU\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup O4 - HKCU\..\Run: [ICQ] "C:\PROGRA~1\ICQ6\ICQ.exe" silent O4 - HKCU\..\Run: [2c2ae4cc] rundll32.exe "C:\Users\Metal\AppData\Local\Temp\ivlbwwdw.dll",b O4 - HKCU\..\Run: [BM2f19d750] Rundll32.exe "C:\Users\Metal\AppData\Local\Temp\fofcfcxy.dll",s O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'NETWORK SERVICE') O4 - Global Startup: Privoxy.lnk = C:\Program Files\Vidalia Bundle\Privoxy\privoxy.exe O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (file missing) O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll O18 - Protocol: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\microsoft shared\Information Retrieval\msitss.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL O23 - Service: Acronis OS Selector Reinstall Service (AcronisOSSReinstallSvc) - Unknown owner - C:\Program Files\Common Files\Acronis\Acronis Disk Director\oss_reinstall_svc.exe O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\System32\agrsmsvc.exe O23 - Service: Avira AntiVir Personal – Free Antivirus Planer (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe O23 - Service: SCM Driver Daemon (NishService) - Unknown owner - C:\Program Files\System Control Manager\edd.exe O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Oz128 Driver\o2flash.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe -- End of file - 9055 bytes -- File Associations ----------------------------------------------------------- All associations okay. -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------- R1 ssmdrv - c:\windows\system32\drivers\ssmdrv.sys <Not Verified; AVIRA GmbH; > R3 MGHwCtrl - \??\c:\windows\system32\drivers\mghwctrl.sys -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled -------------------- R2 AntiVirScheduler (Avira AntiVir Personal – Free Antivirus Planer) - "c:\program files\avira\antivir personaledition classic\sched.exe" <Not Verified; Avira GmbH; AntiVir Workstation> R2 NishService (SCM Driver Daemon) - c:\program files\system control manager\edd.exe R2 o2flash (O2Micro Flash Memory Card Service) - "c:\program files\o2micro oz128 driver\o2flash.exe" <Not Verified; O2Micro International; O2 MS1/MP1 Service> R2 RichVideo (Cyberlink RichVideo Service(CRVS)) - "c:\program files\cyberlink\shared files\richvideo.exe" <Not Verified; ; RichVideo Module> S2 AcronisOSSReinstallSvc (Acronis OS Selector Reinstall Service) - "c:\program files\common files\acronis\acronis disk director\oss_reinstall_svc.exe" (file missing) S2 LiveUpdate Notice Ex (LiveUpdate Notice Service Ex) - "c:\program files\common files\symantec shared\ccsvchst.exe" /h cccommon (file missing) -- Device Manager: Disabled ---------------------------------------------------- No disabled devices found. -- Scheduled Tasks ------------------------------------------------------------- 2008-06-24 12:00:00 500 --a------ C:\Windows\Tasks\1-Klick-Wartung.job 2008-06-24 10:48:31 418 --ah----- C:\Windows\Tasks\User_Feed_Synchronization-{2AB77972-40AB-477B-9318-5CF9D3C35BE9}.job -- Files created between 2008-05-24 and 2008-06-24 ----------------------------- 2008-06-24 10:18:47 0 d-------- C:\Users\All Users\Avira 2008-06-24 10:18:47 0 d-------- C:\Program Files\Avira 2008-06-24 10:04:45 0 d-------- C:\Program Files\Sophos 2008-06-23 02:13:31 0 d-------- C:\Users\All Users\Kaspersky Lab 2008-06-23 00:33:59 0 d-------- C:\Users\All Users\Kaspersky Lab Setup Files 2008-06-22 08:48:40 0 d-------- C:\Users\All Users\Nero 2008-06-22 08:48:40 0 d-------- C:\Program Files\Nero 2008-06-22 08:48:38 0 d-------- C:\Program Files\Common Files\Nero 2008-06-20 21:36:11 0 d-------- C:\Program Files\uTorrent 2008-06-20 13:44:45 0 d-------- C:\Program Files\Paragon Software 2008-06-10 14:15:29 0 d-------- C:\Users\All Users\TEMP 2008-06-10 14:15:29 0 d-------- C:\Users\All Users\PassMark -- Find3M Report --------------------------------------------------------------- 2008-06-24 12:20:35 0 d-------- C:\Users\Metal\AppData\Roaming\Vidalia 2008-06-24 12:20:35 0 d-------- C:\Users\Metal\AppData\Roaming\tor 2008-06-24 11:42:12 641344 --a------ C:\Windows\system32\perfh007.dat 2008-06-24 11:42:12 116706 --a------ C:\Windows\system32\perfc007.dat 2008-06-24 11:39:47 25159 --a------ C:\Users\Metal\AppData\Roaming\nvModes.001 2008-06-24 08:37:53 12 --a------ C:\Windows\bthservsdp.dat 2008-06-23 13:10:44 25159 --a------ C:\Users\Metal\AppData\Roaming\nvModes.dat 2008-06-23 00:53:55 0 d-------- C:\Program Files\Common Files\Symantec Shared 2008-06-23 00:35:58 0 d-------- C:\Program Files\Symantec 2008-06-22 09:34:34 0 d-------- C:\Users\Metal\AppData\Roaming\uTorrent 2008-06-22 09:05:54 0 d--h----- C:\Users\Metal\AppData\Roaming\setup 2008-06-22 09:05:52 0 d-------- C:\Users\Metal\AppData\Roaming\Thinstall 2008-06-22 08:48:38 0 d-------- C:\Program Files\Common Files 2008-06-22 08:04:15 0 d-------- C:\Users\Metal\AppData\Roaming\CyberLink 2008-06-22 07:50:23 0 d-------- C:\Program Files\Microsoft Silverlight 2008-06-20 23:39:31 0 d-------- C:\Users\Metal\AppData\Roaming\Winamp 2008-06-20 13:53:32 0 d-------- C:\Program Files\ICQ6 2008-06-20 13:46:19 0 d--h----- C:\Program Files\InstallShield Installation Information 2008-06-20 13:24:35 0 d-------- C:\Program Files\ICQToolbar 2008-06-20 13:14:06 0 d-------- C:\Program Files\Common Files\InstallShield 2008-06-20 12:51:48 0 d-------- C:\Program Files\ICQ-Flowers 2008-06-20 03:13:06 0 d-------- C:\Program Files\Windows Mail 2008-06-19 11:50:28 0 d-------- C:\Users\Metal\AppData\Roaming\Mozilla 2008-06-19 11:13:55 0 d-------- C:\Users\Metal\AppData\Roaming\ICQ Toolbar -- Registry Dump --------------------------------------------------------------- *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [13.06.2007 17:19] "NvSvc"="C:\Windows\system32\nvsvc.dll" [28.04.2007 13:05] "NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [28.04.2007 13:05] "NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [28.04.2007 13:05] "RtHDVCpl"="RtHDVCpl.exe" [10.04.2007 10:01 C:\Windows\RtHDVCpl.exe] "BisonHK"="C:\Windows\BisonCam\BisonHK.exe" [15.03.2007 16:37] "BsMnt"="C:\Windows\BisonCam\BsMnt.exe" [15.03.2007 16:34] "MGSysCtrl"="C:\Program Files\System Control Manager\MGSysCtrl.exe" [28.05.2007 19:39] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [11.01.2008 23:16] "{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="C:\Program Files\Google\Gmail Notifier\gnotify.exe" [15.07.2005 23:48] "RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [14.03.2007 22:01] "LanguageShortcut"="C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" [08.01.2007 23:17] "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [31.01.2008 23:13] "Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [29.01.2008 18:38] "ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [11.08.2005 16:30] "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [12.02.2008 10:06] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [18.10.2007 12:34] "ehTray.exe"="C:\Windows\ehome\ehTray.exe" [02.11.2006 14:35] "PowerBar"="" [] "Vidalia"="C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe" [22.11.2007 23:49] "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [02.11.2006 14:36] "MSServer"="C:\Users\Metal\AppData\Local\Temp\aWoLeffC.dll,#1" [] "cmds"="C:\Users\Metal\AppData\Local\Temp\xxYOHWnn.dll,c" [] "ISUSPM Startup"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [11.08.2005 16:30] "ICQ"="C:\PROGRA~1\ICQ6\ICQ.exe" [01.04.2008 12:40] "2c2ae4cc"="C:\Users\Metal\AppData\Local\Temp\ivlbwwdw.dll,b" [] "Power2GoExpress"="" [] "BM2f19d750"="C:\Users\Metal\AppData\Local\Temp\fofcfcxy.dll,s" [] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ Privoxy.lnk - C:\Program Files\Vidalia Bundle\Privoxy\privoxy.exe [20.11.2006 16:30:54] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"=2 (0x2) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] @="Volume shadow copy" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] @="IEEE 1394 Bus host controllers" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] @="SBP2 IEEE 1394 Devices" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] @="SecurityDevices" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "Speech Recognition"="C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe /autoRun [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "WinampAgent"="C:\Program Files\Winamp\winampa.exe" "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalSystemNetworkRestricted hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc EMDMgmt TabletInputService wlansvc WPDBusEnum bthsvcs BthServ HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] C:\Windows\system32\unregmp2.exe /ShowWMP [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] %SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI -- End of Deckard's System Scanner: finished at 2008-06-24 12:25:07 ------------ |
|
24.06.2008, 16:38
| #11 |
| | Probleme mit ff und ie ....und hier extra.txt Code:
ATTFilter Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft® Windows Vista™ Home Premium (build 6000)
Architecture: X86; Language: German
CPU 0: Intel(R) Core(TM)2 Duo CPU T7250 @ 2.00GHz
Percentage of Memory in Use: 41%
Physical Memory (total/avail): 2046.69 MiB / 1194.95 MiB
Pagefile Memory (total/avail): 4313.67 MiB / 3250.59 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1924.26 MiB
C: is Fixed (NTFS) - 34.18 GiB total, 1.47 GiB free.
E: is Fixed (NTFS) - 109.01 GiB total, 108 GiB free.
F: is CDROM (No Media)
\\.\PHYSICALDRIVE0 - WDC WD1600BEVS-22RST0 ATA Device - 149.05 GiB - 3 partitions
\PARTITION0 - Unknown - 5.86 GiB
\PARTITION1 (bootable) - Installierbares Dateisystem - 34.18 GiB - C:
\PARTITION2 - Installierbares Dateisystem - 109.01 GiB - E:
-- Security Center -------------------------------------------------------------
AUOptions is scheduled to auto-install.
Windows Internal Firewall is disabled.
FW: Norton Internet Security v2007 (Symantec Corporation)
AV: Avira AntiVir PersonalEdition v8.0.1.15 (Avira GmbH) Disabled Outdated
AV: Norton Internet Security v2007 (Symantec Corporation) Disabled Outdated
AS: Windows-Defender v1.1.1505.0 (Microsoft Corporation)
AS: Norton Internet Security v2007 (Symantec Corporation) Disabled Outdated
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\ProgramData
APPDATA=C:\Users\Metal\AppData\Roaming
CLASSPATH=.;C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=METAL-PC
ComSpec=C:\Windows\system32\cmd.exe
configsetroot=C:\Windows\ConfigSetRoot
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Users\Metal
LOCALAPPDATA=C:\Users\Metal\AppData\Local
LOGONSERVER=\\METAL-PC
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Program Files\QuickTime\QTSystem\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 15 Stepping 13, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0f0d
ProgramData=C:\ProgramData
ProgramFiles=C:\Program Files
PROMPT=$P$G
PUBLIC=C:\Users\Public
QTJAVA=C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip
SystemDrive=C:
SystemRoot=C:\Windows
TEMP=C:\Users\Metal\AppData\Local\Temp
TMP=C:\Users\Metal\AppData\Local\Temp
USERDOMAIN=Metal-PC
USERNAME=Metal
USERPROFILE=C:\Users\Metal
windir=C:\Windows
-- User Profiles ---------------------------------------------------------------
Metal
Metal2
-- Add/Remove Programs ---------------------------------------------------------
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0016-0407-0000-0000000FF1CE} /uninstall {DCBECE36-8F23-4B33-925E-A1C6183C0DBD}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0018-0407-0000-0000000FF1CE} /uninstall {DCBECE36-8F23-4B33-925E-A1C6183C0DBD}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001B-0407-0000-0000000FF1CE} /uninstall {DCBECE36-8F23-4B33-925E-A1C6183C0DBD}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0410-0000-0000000FF1CE} /uninstall {58FC5E37-DD28-4D4A-A549-125744C6763C}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-006E-0407-0000-0000000FF1CE} /uninstall {888B9AC7-8F5C-456B-A27A-157A6C310E52}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-00A1-0407-0000-0000000FF1CE} /uninstall {DCBECE36-8F23-4B33-925E-A1C6183C0DBD}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
Activation Assistant for the 2007 Microsoft Office suites --> "C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
Adobe Flash Player 9 ActiveX --> C:\Windows\system32\Macromed\Flash\UninstFl.exe -q
Adobe Flash Player ActiveX --> C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin --> C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8.1.2 - Deutsch --> MsiExec.exe /I{AC76BA86-7AD7-1031-7B44-A81200000003}
Agere Systems HDA Modem --> agrsmdel
Alarm 1.1 --> "C:\Program Files\Alarm\unins000.exe"
AppCore --> MsiExec.exe /I{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}
Apple Software Update --> MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
µTorrent --> "C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
Avira AntiVir Personal – Free Antivirus --> C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
BisonCam --> C:\Program Files\InstallShield Installation Information\{4A57592C-FF92-4083-97A9-92783BD5AFB4}\setup.exe -runfromtemp -l0x0007 -removeonly
DVD Solution --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\setup.exe" -uninstall
Free YouTube to Mp3 Converter version 2.4 --> "C:\Program Files\DVDVideoSoft\Free YouTube to Mp3 Converter\unins000.exe"
Frets On Fire --> "C:\Program Files\Frets on Fire\Uninstall.exe"
Google Gmail Notifier --> "C:\Program Files\Google\Gmail Notifier\UninstallGmail.exe"
Google SketchUp 6 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{98736A65-3C79-49EC-B7E9-A3C77774B0E6}\setup.exe" -l0x7 -removeonly
Google SketchUp 6 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B3D8B2F8-3C2C-45BC-933E-8B60E78F6684}\setup.exe" -l0x7 -removeonly
ICQ6 --> C:\Program Files\InstallShield Installation Information\{60DE4033-9503-48D1-A483-7846BD217CA9}\setup.exe -runfromtemp -l0x0009 -removeonly
Java(TM) 6 Update 5 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
LiveUpdate Notice (Symantec Corporation) --> MsiExec.exe /X{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}
Microsoft Office Excel MUI (German) 2007 --> MsiExec.exe /X{90120000-0016-0407-0000-0000000FF1CE}
Microsoft Office Home and Student 2007 --> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
Microsoft Office Home and Student 2007 --> MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
Microsoft Office OneNote MUI (German) 2007 --> MsiExec.exe /X{90120000-00A1-0407-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (German) 2007 --> MsiExec.exe /X{90120000-0018-0407-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007 --> MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007 --> MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007 --> MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Italian) 2007 --> MsiExec.exe /X{90120000-001F-0410-0000-0000000FF1CE}
Microsoft Office Proofing (German) 2007 --> MsiExec.exe /X{90120000-002C-0407-0000-0000000FF1CE}
Microsoft Office Shared MUI (German) 2007 --> MsiExec.exe /X{90120000-006E-0407-0000-0000000FF1CE}
Microsoft Office Word MUI (German) 2007 --> MsiExec.exe /X{90120000-001B-0407-0000-0000000FF1CE}
Microsoft Silverlight --> MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Works --> MsiExec.exe /I{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}
Mozilla Firefox (3.0) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB936181) --> MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833) --> MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
Norton Internet Security --> MsiExec.exe /I{3672B097-EA69-4bfe-B92F-29AE6D9D2B34}
NVIDIA Drivers --> C:\Windows\system32\NVUNINST.EXE UninstallGUI
O2Micro Flash Memory Card Reader Driver Installer(x86) --> MsiExec.exe /X{78764173-3805-4916-B3CE-B433702B8870}
Paragon Drive Backup 8.51 Professional Trial --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D155D300-C235-44FC-981C-F7B34683439C}\Setup.exe" -l0x7
Power2Go 5.0 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\setup.exe" -uninstall
PowerDirector Express --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EDE721EC-870A-11D8-9D75-000129760D75}\setup.exe" -uninstall
PowerDVD --> "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -l0x000407 /z-uninstall
PowerProducer --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\setup.exe" -uninstall
Prince of Persia T2T --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DFFE2B1F-07E0-45A9-8801-CD8514CAA876}\setup.exe" -l0x7 -removeonly
Prince of Persia The Sands of Time --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8C453F13-6877-4D34-8816-009ABDE306DB}\setup.exe" -l0x7
Privoxy 3.0.6 --> "C:\Program Files\Vidalia Bundle\Uninstall.exe"
QuickTime --> MsiExec.exe /I{BFD96B89-B769-4CD6-B11E-E79FFD46F067}
Rappelz_USA --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E144A786-D2DD-428B-9C1A-0EE3FA3515EA}\setup.exe" -l0x9 -removeonly
Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista --> C:\Program Files\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -l0x0007 -removeonly
Realtek High Definition Audio Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x7 -removeonly
RTC Client API v1.2 --> MsiExec.exe /X{44CDBD1B-89FB-4E02-8319-2A4C550F664A}
Security Update for Excel 2007 (KB946974) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {85E83E2E-AF9B-439B-B4F9-EB9B7EF6A00E}
Security Update for Microsoft Office system 2007 (KB951808) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {8F375E11-4FD6-4B89-9E2B-A76D48B51E00}
Security Update for Microsoft Office Word 2007 (KB950113) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {AD72BABE-C733-4FCF-9674-4314466191B9}
Security Update for Office 2007 (KB947801) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {02B5A17B-01BE-4BA6-95F1-1CBB46EBC76E}
Security Update for Visio 2007 (KB947590) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {6BAD036C-261F-4BEF-96CF-C20678D07A41}
Sophos Anti-Rootkit 1.3.1 --> C:\Program Files\Sophos\Sophos Anti-Rootkit\helper.exe remove
System Control Manager --> C:\Program Files\InstallShield Installation Information\{ED9C5D25-55DF-48D8-9328-2AC0D75DE5D8}\setup.exe -runfromtemp -l0x0009 -removeonly
Tor 0.1.2.19 --> "C:\Program Files\Vidalia Bundle\Uninstall.exe"
TuneUp Utilities 2008 --> MsiExec.exe /I{5888428E-699C-4E71-BF71-94EE06B497DA}
Uninstall 1.0.0.0 --> "C:\Program Files\Common Files\DVDVideoSoft\unins000.exe"
Update for Office 2007 (KB946691) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
Vidalia 0.0.16 --> "C:\Program Files\Vidalia Bundle\Uninstall.exe"
VideoLAN VLC media player 0.8.6f --> C:\Program Files\VideoLAN\VLC\uninstall.exe
Viewpoint Media Player --> C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
Winamp --> "C:\Program Files\Winamp\UninstWA.exe"
Windows Driver Package - Atheros Communications Inc. (athr) Net (04/15/2007 7.2.0.204) --> C:\PROGRA~1\DIFX\D6ACC4BE676423A2B130B78A4B627FC457D98997\DPInst86.exe /u C:\Windows\system32\DRVSTORE\netathr_A3C5CE2F55F7B1C5F3EBD7FA2BD1DF66B97F432E\netathr.inf
Windows Driver Package - Atheros Communications Inc. Net (04/15/2007 7.2.0.204) --> C:\PROGRA~1\DIFX\D6ACC4BE676423A2B130B78A4B627FC457D98997\DPInst86.exe /u C:\Windows\system32\DRVSTORE\netathrx_75CC24611F68E5A816CFF55FF0CDCBFB55359E7E\netathrx.inf
Windows Driver Package - Bluetooth Dongle Maker Bluetooth (01/01/2007 6.0.6000.16386) --> C:\PROGRA~1\DIFX\D6ACC4BE676423A2B130B78A4B627FC457D98997\DPINST.EXE /u C:\Windows\system32\DRVSTORE\btdongle_705312D9C32BB7F9D9E3F1C7D86796BD308F282B\btdongle.inf
Windows Driver Package - Intel (iaNvStor) SCSIAdapter (03/10/2007 1.0.0.1082) --> C:\PROGRA~1\DIFX\D6ACC4BE676423A2B130B78A4B627FC457D98997\DPINST.EXE /u C:\Windows\system32\DRVSTORE\ianvstor_E1EA503F3B70B7E6FB11B89247F9AB944AA01F53\ianvstor.inf
Windows Driver Package - Intel (NETw2v32) net (03/06/2007 9.1.1.15) --> C:\PROGRA~1\DIFX\D6ACC4BE676423A2B130B78A4B627FC457D98997\DPInst32.EXE /u C:\Windows\system32\DRVSTORE\netw2_12485469B3B666EE542BF08EFC4D088F0B0A75A4\netw2.inf
Windows Driver Package - Intel (NETw4v32) net (04/30/2007 11.1.1.11) --> C:\PROGRA~1\DIFX\D6ACC4BE676423A2B130B78A4B627FC457D98997\DPInst32.EXE /u C:\Windows\system32\DRVSTORE\netw4v32_2D5C1C3A07181C86D77C0E7723EF88348DED631A\netw4v32.inf
Windows Driver Package - Intel net (04/30/2007 11.1.1.11) --> C:\PROGRA~1\DIFX\D6ACC4BE676423A2B130B78A4B627FC457D98997\DPInst32.EXE /u C:\Windows\system32\DRVSTORE\netw4v64_C085F69C6B987145A362CC12BDE2E81905F46EC6\netw4v64.inf
Windows Live Anmelde-Assistent --> MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
Windows Live installer --> MsiExec.exe /X{7A7B0BF3-2F00-4F03-8A9B-6ABCC07B90C6}
Windows Live Messenger --> MsiExec.exe /X{2B091530-69AA-442E-AB09-39ED06B58220}
Windows Media Player Firefox Plugin --> MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
WinRAR archiver --> C:\Program Files\WinRAR 3.61 Multi\Uninstall.exe
Xvid 1.1.3 final uninstall --> "C:\Program Files\Xvid\unins000.exe"
-- Application Event Log -------------------------------------------------------
Event Record #/Type8843 / Error
Event Submitted/Written: 06/24/2008 11:42:11 AM
Event ID/Source: 5007 / WerSvc
Event Description:
Die Zieldatei für die Windows-Feedbackplattform (eine DLL-Datei, die eine Liste der auf diesem Computer aufgetretenen Probleme enthält, für deren Diagnose das Sammeln zusätzlicher Daten erforderlich ist) konnte nicht analysiert werden. Fehlercode 8014FFF9.
Event Record #/Type8838 / Success
Event Submitted/Written: 06/24/2008 11:40:18 AM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.
Event Record #/Type8835 / Error
Event Submitted/Written: 06/24/2008 11:39:31 AM
Event ID/Source: 215 / ESENT
Event Description:
WinMail (2652) WindowsMail0: The backup has been stopped because it was halted by the client or the connection with the client failed.
Event Record #/Type8823 / Success
Event Submitted/Written: 06/24/2008 11:35:48 AM
Event ID/Source: 5617 / WinMgmt
Event Description:
Event Record #/Type8822 / Success
Event Submitted/Written: 06/24/2008 11:35:47 AM
Event ID/Source: 5615 / WinMgmt
Event Description:
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type25560 / Warning
Event Submitted/Written: 06/24/2008 00:24:37 PM
Event ID/Source: 3004 / WinDefend
Event Description:
Vom %Metal-PC27-Echtzeitschutz-Agent wurden Änderungen erkannt. Microsoft empfiehlt, die Software, die diese Änderungen vorgenommen hat, zu analysieren, um potenzielle Risiken festzustellen. Sie können anhand der Informationen über die Funktionsweise dieser Programme entscheiden, ob die Software ausgeführt werden kann oder vom Computer entfernt werden soll. Lassen Sie nur Änderungen zu, wenn das Programm oder der Softwareherausgeber vertrauenswürdig ist. %Metal-PC27 kann Änderungen, die Sie zugelassen haben, nicht mehr rückgängig machen.
Weitere Informationen finden Sie im Folgenden:
%Metal-PC275
Scan-ID: {0C5B0B22-4F59-4433-BED8-05040D7B44E1}
Benutzer: Metal-PC\Metal
Name: %Metal-PC271
ID: %Metal-PC272
Schweregrad-ID: %Metal-PC273
Kategorie-ID: %Metal-PC274
Gefundener Pfad: %Metal-PC276
Warnungsart: %Metal-PC278
Feststellungstyp: 1.1.1505.02
Event Record #/Type25559 / Warning
Event Submitted/Written: 06/24/2008 00:24:34 PM
Event ID/Source: 3004 / WinDefend
Event Description:
Vom %Metal-PC27-Echtzeitschutz-Agent wurden Änderungen erkannt. Microsoft empfiehlt, die Software, die diese Änderungen vorgenommen hat, zu analysieren, um potenzielle Risiken festzustellen. Sie können anhand der Informationen über die Funktionsweise dieser Programme entscheiden, ob die Software ausgeführt werden kann oder vom Computer entfernt werden soll. Lassen Sie nur Änderungen zu, wenn das Programm oder der Softwareherausgeber vertrauenswürdig ist. %Metal-PC27 kann Änderungen, die Sie zugelassen haben, nicht mehr rückgängig machen.
Weitere Informationen finden Sie im Folgenden:
%Metal-PC275
Scan-ID: {EC6CB1C2-7051-4CDC-8377-F079464D20DA}
Benutzer: Metal-PC\Metal
Name: %Metal-PC271
ID: %Metal-PC272
Schweregrad-ID: %Metal-PC273
Kategorie-ID: %Metal-PC274
Gefundener Pfad: %Metal-PC276
Warnungsart: %Metal-PC278
Feststellungstyp: 1.1.1505.02
Event Record #/Type25558 / Warning
Event Submitted/Written: 06/24/2008 00:24:34 PM
Event ID/Source: 3004 / WinDefend
Event Description:
Vom %Metal-PC27-Echtzeitschutz-Agent wurden Änderungen erkannt. Microsoft empfiehlt, die Software, die diese Änderungen vorgenommen hat, zu analysieren, um potenzielle Risiken festzustellen. Sie können anhand der Informationen über die Funktionsweise dieser Programme entscheiden, ob die Software ausgeführt werden kann oder vom Computer entfernt werden soll. Lassen Sie nur Änderungen zu, wenn das Programm oder der Softwareherausgeber vertrauenswürdig ist. %Metal-PC27 kann Änderungen, die Sie zugelassen haben, nicht mehr rückgängig machen.
Weitere Informationen finden Sie im Folgenden:
%Metal-PC275
Scan-ID: {D772E849-7889-4528-8EB6-BBF3A31DA30C}
Benutzer: Metal-PC\Metal
Name: %Metal-PC271
ID: %Metal-PC272
Schweregrad-ID: %Metal-PC273
Kategorie-ID: %Metal-PC274
Gefundener Pfad: %Metal-PC276
Warnungsart: %Metal-PC278
Feststellungstyp: 1.1.1505.02
Event Record #/Type25557 / Warning
Event Submitted/Written: 06/24/2008 00:24:34 PM
Event ID/Source: 3004 / WinDefend
Event Description:
Vom %Metal-PC27-Echtzeitschutz-Agent wurden Änderungen erkannt. Microsoft empfiehlt, die Software, die diese Änderungen vorgenommen hat, zu analysieren, um potenzielle Risiken festzustellen. Sie können anhand der Informationen über die Funktionsweise dieser Programme entscheiden, ob die Software ausgeführt werden kann oder vom Computer entfernt werden soll. Lassen Sie nur Änderungen zu, wenn das Programm oder der Softwareherausgeber vertrauenswürdig ist. %Metal-PC27 kann Änderungen, die Sie zugelassen haben, nicht mehr rückgängig machen.
Weitere Informationen finden Sie im Folgenden:
%Metal-PC275
Scan-ID: {8A80172C-277E-4239-AE0D-1127EA2746C4}
Benutzer: Metal-PC\Metal
Name: %Metal-PC271
ID: %Metal-PC272
Schweregrad-ID: %Metal-PC273
Kategorie-ID: %Metal-PC274
Gefundener Pfad: %Metal-PC276
Warnungsart: %Metal-PC278
Feststellungstyp: 1.1.1505.02
Event Record #/Type25556 / Warning
Event Submitted/Written: 06/24/2008 00:24:34 PM
Event ID/Source: 3004 / WinDefend
Event Description:
Vom %Metal-PC27-Echtzeitschutz-Agent wurden Änderungen erkannt. Microsoft empfiehlt, die Software, die diese Änderungen vorgenommen hat, zu analysieren, um potenzielle Risiken festzustellen. Sie können anhand der Informationen über die Funktionsweise dieser Programme entscheiden, ob die Software ausgeführt werden kann oder vom Computer entfernt werden soll. Lassen Sie nur Änderungen zu, wenn das Programm oder der Softwareherausgeber vertrauenswürdig ist. %Metal-PC27 kann Änderungen, die Sie zugelassen haben, nicht mehr rückgängig machen.
Weitere Informationen finden Sie im Folgenden:
%Metal-PC275
Scan-ID: {8004EF9F-CE85-40DF-AC79-FE2FFE2205D9}
Benutzer: Metal-PC\Metal
Name: %Metal-PC271
ID: %Metal-PC272
Schweregrad-ID: %Metal-PC273
Kategorie-ID: %Metal-PC274
Gefundener Pfad: %Metal-PC276
Warnungsart: %Metal-PC278
Feststellungstyp: 1.1.1505.02
-- End of Deckard's System Scanner: finished at 2008-06-24 12:25:07 ------------
|
|
24.06.2008, 18:44
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ |  Probleme mit ff und ie So wars in i.O. - mit Codetags ist immer besser. c:\windows\system32\drivers\mghwctrl.sys C:\Users\Metal\AppData\Local\Temp\aWoLeffC.dll C:\Users\Metal\AppData\Local\Temp\xxYOHWnn.dll C:\Users\Metal\AppData\Local\Temp\ivlbwwdw.dll C:\Users\Metal\AppData\Local\Temp\fofcfcxy.dll Werte diese Dateien mal bitte bei virustotal.com aus und poste alle Ergebnisse inkl. Angaben zu Dateigrößen und Prüfsummen (md5, sha1, ...)
__________________ Logfiles bitte immer in CODE-Tags posten |
|
25.06.2008, 08:26
| #13 |
| | Probleme mit ff und ie c:\windows\system32\drivers\mghwctrl.sys : keine Funde durch Antivirenprogramme Code:
ATTFilter weitere Informationen
File size: 19456 bytes
MD5...: e5292521916cea4937fbabcb1532f676
SHA1..: 27b9d66120fe84763c5bb4a28829b185e00c0f6e
SHA256: 7b5ee6d115a10697829fe5a7074859a9c742635b4faf87741c12db5c671481be
SHA512: 22d55f67b2de272450d3bd50cfa2c5b9e92eb3e85c59dc563c2ab713de0d32d1
7a55f3ee7c48ae6952f7adfb7e9583d94b34dc0e5dff4d447e89a53934d3bafc
PEiD..: -
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x11ef2
timedatestamp.....: 0x458bdbef (Fri Dec 22 13:21:51 2006)
machinetype.......: 0x14c (I386)
( 7 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x10e2 0x1200 6.15 86a5068a5c4d67901cee5883c75ac679
.rdata 0x3000 0x402 0x600 3.06 3a802f300caf3e2f65b68c1d65f6cf8d
.data 0x4000 0x8e8 0x200 0.76 8e98f50f469179e991e53a44454ff59f
PAGE 0x5000 0x1a94 0x1c00 6.11 93ef5a096f80ab55d8487b59a4240223
INIT 0x7000 0x48e 0x600 4.92 622e02ae62f78603ed805bffe4ffa44a
.rsrc 0x8000 0x428 0x600 2.58 43a1cff9b1ee8ef6c5ce246fedce0f36
.reloc 0x9000 0x4a2 0x600 4.89 b11985713dc49b01872f04f1494c7d98
( 3 imports )
> ntoskrnl.exe: ZwCreateFile, RtlAppendUnicodeStringToString, ZwClose, ZwReadFile, ZwSetInformationFile, MmMapIoSpace, KeTickCount, KeBugCheckEx, IoWMIRegistrationControl, RtlCompareMemory, RtlInitUnicodeString, MmGetSystemRoutineAddress, memcpy, ExAllocatePoolWithTag, IoWMIWriteEvent, RtlCopyUnicodeString, ExFreePoolWithTag, ZwWriteFile, memset
> HAL.dll: READ_PORT_UCHAR, WRITE_PORT_UCHAR, READ_PORT_ULONG, READ_PORT_USHORT, HalTranslateBusAddress, WRITE_PORT_ULONG, WRITE_PORT_USHORT
> WDFLDR.SYS: WdfVersionUnbind, WdfVersionBind
( 0 exports )
|
|
25.06.2008, 13:26
| #14 |
| | Probleme mit ff und ie *aktuell halt* |
|
26.06.2008, 00:00
| #15 |
| | Probleme mit ff und ie oO mir ist eben aufgefallen, dass mein Antivir keine Updates mehr runterladen kann, da keine Verbindung zum Internet hergestellt werden kann...  Weiss jemand Rat (zu allen Problemen, die ich aufm Rechner hab^^ ) |
|
| Themen zu Probleme mit ff und ie |
| antivirenprogramm, antvir, explorer, firefox, funktioniert, gmer, google, html/infected.webpage.gen, installation, internet, internet explorer, nicht mehr, nicht mehr öffnen, norton, problem, probleme, programm, programme, prozesse, seite, seiten, spybot, trojaner, virus, werbeseite, öffnen, öffnet |
Linear-Darstellung
