| |
| |||||||
Antiviren-, Firewall- und andere Schutzprogramme: Vista. Kann kein Antivirenprogramm meh installierenWindows 7 Sämtliche Fragen zur Bedienung von Firewalls, Anti-Viren Programmen, Anti Malware und Anti Trojaner Software sind hier richtig. Dies ist ein Diskussionsforum für Sicherheitslösungen für Windows Rechner. Benötigst du Hilfe beim Trojaner entfernen oder weil du dir einen Virus eingefangen hast, erstelle ein Thema in den oberen Bereinigungsforen. |
 |
02.08.2008, 14:48
| #1 |
| |  Vista. Kann kein Antivirenprogramm meh installieren Hi Leutz. BS ist Vista32 Ultimate. Ergo, ich hatte mir einen Virus/Trojaner..? eingefangen, der mir mein Avast Antivirus zerschossen hat. Ausserdem hat er mir die Firewall, die Updatefunktion und den Defender matt gesetzt. Firewall, Update und Defender hab ich wieder zum laufen gekriegt. Avast ging gar nicht mehr (.exe liess sich nicht öffen. Auch nicht als Admin.) Danach konnte ich keine Antivirenprogramme mehr installieren. Versuche: AVG, Antivir und avast. Kurz vor der vollständigen Installation, deinstallieren sie sich selber wieder und schlimmer....PC stürzt ab....startet neu...und ich komm danach auf die Seite wo er nach dem Abgesicherten Modus fragt. Ich habe auch Online Antivirenprog. drüberlaufen lassen im abgesicherten Modus. Der hat zwar ein paar Schädlinge gefunden, aber das Problem nicht beseitigt. Ebenso wenig wie Removaltools. Ich kann den PC aber jetzt ganz normal starten, kann alles machen, wie gesagt, Firewall und Defender laufen....aber kein installieren der ach so wichtigen Antivirenproggies möglich....ansonsten...siehe oben. Filelist konnte ich nicht erstellen. Gibt zwar ein Prog für Vista, aber ohne Datumslog (File-List 2.2) Hijackthis (scheint aber alles i.o. zu sein, oder?) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 15:20:23, on 02.08.2008 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Windows\RtHDVCpl.exe C:\Windows\System32\rundll32.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\myiHome\app\myiHome-server.exe C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe C:\Windows\System32\mobsync.exe C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE C:\Windows\ehome\ehmsas.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\IncrediMail\bin\ImApp.exe C:\Program Files\Internet Explorer\ieuser.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\conime.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Users\babelfisch\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\713VAS2D\HiJackThis[1].exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ch/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.stegcomputer.ch R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [TkBellExe] "realsched.exe" -osboot O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKUS\S-1-5-18\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c (User 'Default user') O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O4 - Global Startup: myiHome Server.lnk = C:\Program Files\myiHome\app\myiHome-server.exe O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe O13 - Gopher Prefix: O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.de/scan_de/scan8/oscan8.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: GEST Service for program management. (GEST Service) - Unknown owner - C:\Program Files\GIGABYTE\GEST\GSvr.exe O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NFS Server (NFSserver) - Dr. Hanewinkel -- www.haneWIN.de - C:\Program Files\nfsd\nfsd.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe O23 - Service: SunRPC Portmap Daemon (PMAPDaemon) - Dr. Hanewinkel -- www.haneWIN.de - C:\Program Files\nfsd\pmapd.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe -- End of file - 6870 bytes Sorry Admins. Wurde ins falsche Thema abgelegt. Bitte verschieben:-) thx Geändert von Babelfisch (02.08.2008 um 14:56 Uhr) Grund: Sorry Admins....habs grad gesehen. Thema wurde von mir falsch abgelegt. Bitte verschieben :-) |
|
02.08.2008, 15:00
| #2 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Vista. Kann kein Antivirenprogramm meh installierenZitat:
Code:
ATTFilter C:\Program Files\IncrediMail\bin\ImApp.exe
C:\Program Files\Internet Explorer\iexplore.exe
Code:
ATTFilter O23 - Service: NFS Server (NFSserver) - Dr. Hanewinkel -- www.haneWIN.de - C:\Program Files\nfsd\nfsd.exe
 Ansonsten seh ich nichts im Logfile. Folge mal meinem DSS-Link in meiner Signatur und poste die beiden Logs wie dort beschrieben ist.
__________________ |
|
02.08.2008, 17:25
| #3 |
| | Vista. Kann kein Antivirenprogramm meh installieren Danke erstmal für die rasche Antwort.
__________________1.Ein logfile wurde nicht erstellt vom Antivir Removal Tool. Da gab es ein Fehlermeldung, das die nicht installiert wurde (oder so) 2. Klar werd ich bal umstellen (hab den Compi relativ neu) 3. Hanewin NFS benötige ich zum streamen auf meinen NMT HDD PopcornHour. 4. Hoffe ich poste hier die richtigen Logs: main und extra (da die logs zu gross, hab ich sie aufgeteilt...muss man ja :-) |
|
02.08.2008, 17:28
| #4 |
| | Vista. Kann kein Antivirenprogramm meh installieren -- Last 5 Restore Point(s) -- 29: 2008-08-02 12:24:21 UTC - RP88 - Install AnyDVD 28: 2008-08-02 09:39:02 UTC - RP86 - Installed AVG 8.0 27: 2008-08-01 10:21:32 UTC - RP85 - Windows Update 26: 2008-07-31 11:44:42 UTC - RP84 - Windows Update 25: 2008-07-31 05:29:26 UTC - RP83 - OpenOffice.org 3.0 Beta wird installiert - First Restore Point -- 1: 2008-07-13 17:00:20 UTC - RP58 - Audials TV wird installiert Backed up registry hives. Performed disk cleanup. -- HijackThis (run as babelfisch.exe) ---------- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:02:59, on 02.08.2008 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Windows\RtHDVCpl.exe C:\Windows\System32\rundll32.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\myiHome\app\myiHome-server.exe C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe C:\Windows\System32\mobsync.exe C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE C:\Windows\ehome\ehmsas.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\IncrediMail\bin\ImApp.exe C:\Windows\system32\conime.exe C:\Windows\system32\rundll32.exe C:\Windows\system32\NOTEPAD.EXE C:\Windows\system32\NOTEPAD.EXE C:\Program Files\Internet Explorer\ieuser.exe C:\Users\babelfisch\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SU46GI6G\dss[1].exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\DllHost.exe C:\Users\ADMINI~1\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\IDCO7CMX\babelfisch.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ch/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.stegcomputer.ch R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [TkBellExe] "realsched.exe" -osboot O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-18\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c (User 'Default user') O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O4 - Global Startup: myiHome Server.lnk = C:\Program Files\myiHome\app\myiHome-server.exe O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe O13 - Gopher Prefix: O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.de/scan_de/scan8/oscan8.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: GEST Service for program management. (GEST Service) - Unknown owner - C:\Program Files\GIGABYTE\GEST\GSvr.exe O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NFS Server (NFSserver) - Dr. Hanewinkel -- www.haneWIN.de - C:\Program Files\nfsd\nfsd.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe O23 - Service: SunRPC Portmap Daemon (PMAPDaemon) - Dr. Hanewinkel -- www.haneWIN.de - C:\Program Files\nfsd\pmapd.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe -End of file - 7386 bytes File Associations All associations okay. Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------All drivers whitelisted. Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled -------------- R2 Bonjour Service (Bonjour-Dienst) - "c:\program files\bonjour\mdnsresponder.exe" <Not Verified; Apple Inc.; Bonjour> R2 Nero BackItUp Scheduler 3 - c:\program files\nero\nero8\nero backitup\nbservice.exe R2 NFSserver (NFS Server) - c:\program files\nfsd\nfsd.exe <Not Verified; Dr. Hanewinkel -- www.haneWIN.de; haneWIN NFS Server> R2 PLFlash DeviceIoControl Service - c:\windows\system32\ioctlsvc.exe <Not Verified; Prolific Technology Inc.; IoctlSvc Application> R2 PMAPDaemon (SunRPC Portmap Daemon) - c:\program files\nfsd\pmapd.exe <Not Verified; Dr. Hanewinkel -- www.haneWIN.de; haneWIN SunRPC Portmap Daemon> S4 avast! Mail Scanner - "c:\program files\alwil software\avast4\ashmaisv.exe" /service (file missing) S4 avast! Web Scanner - "c:\program files\alwil software\avast4\ashwebsv.exe" /service (file missing) Device Manager: Disabled ---------------------------------------------------- No disabled devices found. Scheduled Tasks 2008-08-02 17:59:59 434 --ah----- C:\Windows\Tasks\User_Feed_Synchronization-{9D2C9BB4-6A54-4BC9-95FA-E34EFE1291D7}.job 2008-08-02 17:59:59 434 --ah----- C:\Windows\Tasks\User_Feed_Synchronization-{45838A77-0068-4AFD-AA35-4E7B7695934B}.job -- Files created between 2008-07-02 and 2008-08-02 ----------------------------- 2008-08-02 14:40:15 0 d-------- C:\Program Files\File-List 2.2 2008-08-02 14:15:57 0 d-------- C:\Windows\pss 2008-08-02 13:36:40 0 d-------- C:\Program Files\iPod 2008-08-02 13:36:39 0 d-------- C:\Program Files\iTunes 2008-08-02 13:33:55 0 d-------- C:\Program Files\Safari 2008-08-02 10:57:00 0 d-------- C:\Program Files\Free Registry Cleaner for Vista 2008-07-31 07:30:03 0 d-------- C:\Program Files\OpenOffice.org 2008-07-31 07:30:03 0 d-------- C:\Program Files\OpenOffice.org 3 2008-07-30 20:48:42 0 d-------- C:\Users\All Users\avg8 2008-07-30 20:48:42 0 d-------- C:\Program Files\AVG 2008-07-30 20:43:29 0 d-------- C:\Windows\ro-RO 2008-07-30 20:43:27 0 d-------- C:\Windows\system32\drivers\ro-RO 2008-07-30 20:33:10 353332 --a------ C:\Windows\system32\perfh00D.dat 2008-07-30 20:33:10 69240 --a------ C:\Windows\system32\perfc00D.dat 2008-07-30 20:32:35 0 d-------- C:\Windows\system32\he 2008-07-30 20:32:35 0 d-------- C:\Windows\system32\drivers\he-IL 2008-07-30 20:32:30 0 d-------- C:\Windows\he-IL 2008-07-30 20:21:16 429828 --a------ C:\Windows\system32\perfh00B.dat 2008-07-30 20:21:16 81258 --a------ C:\Windows\system32\perfc00B.dat 2008-07-30 20:20:41 0 d-------- C:\Windows\fi-FI 2008-07-30 20:20:38 0 d-------- C:\Windows\system32\040B 2008-07-30 20:20:37 0 d-------- C:\Windows\system32\fi 2008-07-30 20:20:37 0 d-------- C:\Windows\system32\drivers\fi-FI 2008-07-30 17:03:04 0 d-------- C:\Program Files\f-secure-rescue-cd-release 2008-07-30 17:01:41 0 d-------- C:\Program Files\GDATA-Boot 2008-07-30 07:36:38 0 d-------- C:\Windows\BDOSCAN8 2008-07-28 15:22:47 0 d-------- C:\Windows\Sun 2008-07-28 12:04:38 0 d-------- C:\FilmarchivPro 2008-07-26 23:11:52 0 d-------- C:\Program Files\myiHome 2008-07-26 09:51:28 0 d-------- C:\Program Files\nfsd 2008-07-23 10:12:02 0 d-------- C:\myiHome Library 2008-07-23 10:12:02 0 d-------- C:\My Videos 2008-07-23 10:12:02 0 d-------- C:\My Pictures 2008-07-23 10:12:02 0 d-------- C:\My Music 2008-07-22 23:08:00 0 d-------- C:\RemuxTool 2008-07-22 22:26:09 180224 --a------ C:\Windows\system32\xvidvfw.dll 2008-07-22 22:26:09 765952 --a------ C:\Windows\system32\xvidcore.dll 2008-07-22 22:26:09 0 d-------- C:\Program Files\Xvid 2008-07-22 22:16:36 0 d-------- C:\Program Files\xvidcore-1.1.3 2008-07-22 19:27:19 0 d-------- C:\Program Files\ImgBurn 2008-07-22 17:31:05 0 d-------- C:\Program Files\megui 2008-07-22 17:22:51 0 d-------- C:\Program Files\Matroska Pack 2008-07-22 17:04:03 0 d-------- C:\Program Files\x264 2008-07-21 21:20:58 0 d-------- C:\Users\All Users\VistaCodecs 2008-07-20 11:28:34 0 d-------- C:\Program Files\VideoLAN 2008-07-20 10:57:56 0 d-------- C:\Program Files\MediaInfo 2008-07-18 08:30:45 0 d-------- C:\Program Files\Bonjour 2008-07-18 08:30:21 0 d-------- C:\Program Files\QuickTime 2008-07-18 08:30:20 0 d-------- C:\Users\All Users\Apple Computer 2008-07-18 08:30:10 0 d-------- C:\Program Files\Apple Software Update 2008-07-18 08:29:29 0 d-------- C:\Users\All Users\Apple 2008-07-18 08:29:29 0 d-------- C:\Program Files\Common Files\Apple 2008-07-13 19:01:25 0 d-------- C:\Program Files\RapidSolution Software AG 2008-07-13 15:42:47 0 d-------- C:\Program Files\Common Files\xing shared 2008-07-13 15:42:34 0 d-------- C:\Program Files\Real 2008-07-13 15:42:32 0 d-------- C:\Program Files\Common Files\Real 2008-07-07 15:53:14 0 d-------- C:\Program Files\skins 2008-07-07 10:50:12 0 d--h----- C:\Users\All Users\CanonBJ 2008-07-06 18:12:29 0 d-------- C:\Program Files\Java 2008-07-06 18:12:28 0 d-------- C:\Program Files\Common Files\Java 2008-07-06 13:01:36 0 d-------- C:\Program Files\MSXML 4.0 2008-07-05 13:40:39 0 d-------- C:\Users\All Users\Nero 2008-07-05 13:40:39 0 d-------- C:\Program Files\Common Files\Nero 2008-07-05 13:30:14 0 d-------- C:\Windows\system32\appmgmt 2008-07-05 11:49:34 0 d-------- C:\Users\All Users\Adobe 2008-07-05 11:45:19 0 d-------- C:\Users\All Users\NOS 2008-07-05 11:45:19 0 d-------- C:\Program Files\NOS 2008-07-05 10:16:24 0 d-------- C:\Program Files\phase5 2008-07-05 10:15:04 0 -rahs---- C:\MSDOS.SYS 2008-07-05 10:15:04 0 -rahs---- C:\IO.SYS 2008-07-05 10:12:18 0 d-------- C:\Program Files\Nvu 2008-07-03 19:27:31 0 d-------- C:\Users\All Users\SlySoft 2008-07-03 19:25:10 0 d-------- C:\Program Files\SlySoft 2008-07-03 19:08:07 0 d-------- C:\Users\All Users\IncrediMail 2008-07-03 19:08:07 0 d-------- C:\Users\All Users\IM 2008-07-03 19:08:07 0 d-------- C:\Program Files\IncrediMail 2008-07-03 18:32:51 0 --a------ C:\Windows\nsreg.dat 2008-07-03 18:26:33 0 d-------- C:\Program Files\Synovel Spicebird - Find3M Report --------------------------------------------------------------- 2008-08-02 14:31:02 655756 --a------ C:\Windows\system32\perfh010.dat 2008-08-02 14:31:02 661898 --a------ C:\Windows\system32\perfh00C.dat 2008-08-02 14:31:02 621702 --a------ C:\Windows\system32\perfh007.dat 2008-08-02 14:31:02 120396 --a------ C:\Windows\system32\perfc010.dat 2008-08-02 14:31:02 123622 --a------ C:\Windows\system32\perfc00C.dat 2008-08-02 14:31:02 123646 --a------ C:\Windows\system32\perfc007.dat 2008-08-02 13:42:34 0 d-------- C:\Users\babelfisch\AppData\Roaming\Apple Computer 2008-08-02 13:23:26 0 d-------- C:\Users\babelfisch\AppData\Roaming\OpenOffice.org3 2008-08-02 13:22:48 0 d-------- C:\Program Files\Steam 2008-07-30 20:43:29 0 d-------- C:\Program Files\Windows Sidebar 2008-07-30 20:43:29 0 d-------- C:\Program Files\Windows Photo Gallery 2008-07-30 20:43:29 0 d-------- C:\Program Files\Windows Mail 2008-07-30 20:43:29 0 d-------- C:\Program Files\Windows Journal 2008-07-30 20:43:29 0 d-------- C:\Program Files\Windows Defender 2008-07-30 20:43:29 0 d-------- C:\Program Files\Windows Collaboration 2008-07-30 20:43:29 0 d-------- C:\Program Files\Windows Calendar 2008-07-30 20:43:29 0 d-------- C:\Program Files\Movie Maker 2008-07-29 21:35:47 0 d--h----- C:\Users\babelfisch\AppData\Roaming\m 2008-07-29 21:34:02 0 d-------- C:\Program Files\Common Files 2008-07-29 20:37:17 0 d-------- C:\Program Files\Common Files\LightScribe 2008-07-28 12:38:12 0 d-------- C:\Users\babelfisch\AppData\Roaming\FileZilla 2008-07-28 12:26:59 0 d-------- C:\Users\babelfisch\AppData\Roaming\Thinstall 2008-07-28 12:05:44 161076 --a------ C:\Program Files\FilmarchivPro.rar 2008-07-22 19:35:46 0 d-------- C:\Users\babelfisch\AppData\Roaming\ImgBurn 2008-07-20 11:35:19 0 d-------- C:\Users\babelfisch\AppData\Roaming\vlc 2008-07-20 10:58:36 0 d-------- C:\Users\babelfisch\AppData\Roaming\Real 2008-07-18 13:41:27 0 d-------- C:\Program Files\Common Files\Steam 2008-07-05 13:42:47 0 d-------- C:\Users\babelfisch\AppData\Roaming\Nero 2008-07-05 13:40:39 0 d-------- C:\Program Files\Nero 2008-07-05 13:29:56 0 d-------- C:\Program Files\Common Files\Ahead 2008-07-05 13:29:23 0 d-------- C:\Users\babelfisch\AppData\Roaming\Ahead 2008-07-05 11:50:53 0 d-------- C:\Users\babelfisch\AppData\Roaming\Adobe 2008-07-05 11:49:51 0 d-------- C:\Program Files\Common Files\Adobe 2008-07-05 10:12:22 0 d-------- C:\Users\babelfisch\AppData\Roaming\Nvu 2008-07-03 18:32:51 0 d-------- C:\Users\babelfisch\AppData\Roaming\Thunderbird 2008-07-03 18:32:51 0 d-------- C:\Users\babelfisch\AppData\Roaming\Mozilla 2008-07-03 18:26:38 0 d-------- C:\Users\babelfisch\AppData\Roaming\Spicebird 2008-06-29 16:43:48 174 --ahs---- C:\Program Files\desktop.ini 2008-06-27 13:04:28 0 d-------- C:\Program Files\Smart Projects 2008-06-27 11:51:53 0 d-------- C:\Program Files\IrfanView 2008-06-27 11:50:41 0 d-------- C:\Program Files\Plugins 2008-06-27 11:48:25 0 d-------- C:\Program Files\DVD Shrink 2008-06-27 11:43:41 0 d-------- C:\Program Files\GIMP-2.0 2008-06-27 11:39:18 0 d-------- C:\Users\babelfisch\AppData\Roaming\WinRAR 2008-06-26 23:05:04 3072 --a------ C:\Windows\checkip.dat 2008-06-26 18:37:33 0 d-------- C:\Program Files\Alwil Software 2008-06-26 15:27:53 0 d-------- C:\Users\babelfisch\AppData\Roaming\Macromedia 2008-06-25 16:31:05 0 d-------- C:\Users\babelfisch\AppData\Roaming\Logitech 2008-06-25 16:13:40 0 d-------- C:\Program Files\Common Files\Logitech 2008-06-25 16:13:27 0 d-------- C:\Program Files\Logitech 2008-06-25 16:13:24 0 d--h----- C:\Program Files\InstallShield Installation Information 2008-06-25 16:13:19 0 d-------- C:\Users\babelfisch\AppData\Roaming\InstallShield 2008-06-25 16:06:58 0 d-------- C:\Users\babelfisch\AppData\Roaming\Identities 2008-06-25 16:00:19 0 d-------- C:\Program Files\Windows NT 2008-06-25 16:00:19 0 d--hs---- C:\Program Files\Gemeinsame Dateien - Registry Dump --------------------------------------------------------------- *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] 11.06.2008 22:33 75128 --a------ C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [19.01.2008 09:38] "RtHDVCpl"="RtHDVCpl.exe" [19.09.2007 08:50 C:\Windows\RtHDVCpl.exe] "NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [24.03.2008 19:52] "NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [24.03.2008 19:52] "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [11.04.2007 15:32 C:\Windows\KHALMNPR.Exe] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [12.06.2008 02:38] "NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [18.02.2008 17:29] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [10.06.2008 04:27] "TkBellExe"="realsched.exe" [] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [19.01.2008 09:33] "WindowsWelcomeCenter"="oobefldr.dll,ShowWelcomeCenter" [] "LightScribe Control Panel"="C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe" [19.04.2007 13:26] "IncrediMail"="C:\Program Files\IncrediMail\bin\IncMail.exe" [12.06.2008 13:49] "AnyDVD"="C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe" [01.08.2008 15:32] "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [19.01.2008 09:33] "ehTray.exe"="C:\Windows\ehome\ehTray.exe" [19.01.2008 09:33] [HKEY_USERS\.default\software\microsoft\windows\currentversion\run] "IncrediMail"=C:\Program Files\IncrediMail\bin\IncMail.exe /c C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [25.06.2008 16:13:36] myiHome Server.lnk - C:\Program Files\myiHome\app\myiHome-server.exe [26.07.2008 23:11:54] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"=2 (0x2) "EnableUIADesktopToggle"=0 (0x0) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] @="Volume shadow copy" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] @="IEEE 1394 Bus host controllers" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] @="SBP2 IEEE 1394 Devices" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] @="SecurityDevices" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^babelfisch^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.0.lnk] path=C:\Users\babelfisch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk backup=C:\Windows\pss\OpenOffice.org 3.0.lnk.Startup backupExtension=.Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam] "C:\Program Files\Steam\Steam.exe" -silent [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalService nsi lltdsvc SSDPSRV upnphost SCardSvr w32time EventSystem RemoteRegistry WinHttpAutoProxySvc lanmanworkstation TBS SLUINotify THREADORDER fdrespub netprofm fdphost wcncsvc QWAVE Mcx2Svc WebClient SstpSvc GPSvcGroup GPSvc [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] C:\Windows\system32\unregmp2.exe /ShowWMP [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] "C:\Program Files\Common Files\LightScribe\LSRunOnce.exe" [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] %SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI |
|
02.08.2008, 17:31
| #5 |
| | Vista. Kann kein Antivirenprogramm meh installieren -- Last 5 Restore Point(s) -- 29: 2008-08-02 12:24:21 UTC - RP88 - Install AnyDVD 28: 2008-08-02 09:39:02 UTC - RP86 - Installed AVG 8.0 27: 2008-08-01 10:21:32 UTC - RP85 - Windows Update 26: 2008-07-31 11:44:42 UTC - RP84 - Windows Update 25: 2008-07-31 05:29:26 UTC - RP83 - OpenOffice.org 3.0 Beta wird installiert First Restore Point -- 1: 2008-07-13 17:00:20 UTC - RP58 - Audials TV wird installiert Backed up registry hives. Performed disk cleanup. HijackThis (run as babelfisch.exe) ------------------------------------------ Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:02:59, on 02.08.2008 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Windows\RtHDVCpl.exe C:\Windows\System32\rundll32.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\myiHome\app\myiHome-server.exe C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe C:\Windows\System32\mobsync.exe C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE C:\Windows\ehome\ehmsas.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\IncrediMail\bin\ImApp.exe C:\Windows\system32\conime.exe C:\Windows\system32\rundll32.exe C:\Windows\system32\NOTEPAD.EXE C:\Windows\system32\NOTEPAD.EXE C:\Program Files\Internet Explorer\ieuser.exe C:\Users\babelfisch\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SU46GI6G\dss[1].exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\DllHost.exe C:\Users\ADMINI~1\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\IDCO7CMX\babelfisch.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ch/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.stegcomputer.ch R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [TkBellExe] "realsched.exe" -osboot O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-18\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c (User 'Default user') O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O4 - Global Startup: myiHome Server.lnk = C:\Program Files\myiHome\app\myiHome-server.exe O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe O13 - Gopher Prefix: O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.de/scan_de/scan8/oscan8.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: GEST Service for program management. (GEST Service) - Unknown owner - C:\Program Files\GIGABYTE\GEST\GSvr.exe O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NFS Server (NFSserver) - Dr. Hanewinkel -- www.haneWIN.de - C:\Program Files\nfsd\nfsd.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe O23 - Service: SunRPC Portmap Daemon (PMAPDaemon) - Dr. Hanewinkel -- www.haneWIN.de - C:\Program Files\nfsd\pmapd.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe End of file - 7386 bytes File Associations All associations okay. Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled All drivers whitelisted. Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled -------------------- R2 Bonjour Service (Bonjour-Dienst) - "c:\program files\bonjour\mdnsresponder.exe" <Not Verified; Apple Inc.; Bonjour> R2 Nero BackItUp Scheduler 3 - c:\program files\nero\nero8\nero backitup\nbservice.exe R2 NFSserver (NFS Server) - c:\program files\nfsd\nfsd.exe <Not Verified; Dr. Hanewinkel -- www.haneWIN.de; haneWIN NFS Server> R2 PLFlash DeviceIoControl Service - c:\windows\system32\ioctlsvc.exe <Not Verified; Prolific Technology Inc.; IoctlSvc Application> R2 PMAPDaemon (SunRPC Portmap Daemon) - c:\program files\nfsd\pmapd.exe <Not Verified; Dr. Hanewinkel -- www.haneWIN.de; haneWIN SunRPC Portmap Daemon> S4 avast! Mail Scanner - "c:\program files\alwil software\avast4\ashmaisv.exe" /service (file missing) S4 avast! Web Scanner - "c:\program files\alwil software\avast4\ashwebsv.exe" /service (file missing) Device Manager: Disabled ----------------------------------------------------No disabled devices found. Scheduled Tasks - 2008-08-02 17:59:59 434 --ah----- C:\Windows\Tasks\User_Feed_Synchronization-{9D2C9BB4-6A54-4BC9-95FA-E34EFE1291D7}.job 2008-08-02 17:59:59 434 --ah----- C:\Windows\Tasks\User_Feed_Synchronization-{45838A77-0068-4AFD-AA35-4E7B7695934B}.job -- Files created between 2008-07-02 and 2008-08-02 - 2008-08-02 14:40:15 0 d-------- C:\Program Files\File-List 2.2 2008-08-02 14:15:57 0 d-------- C:\Windows\pss 2008-08-02 13:36:40 0 d-------- C:\Program Files\iPod 2008-08-02 13:36:39 0 d-------- C:\Program Files\iTunes 2008-08-02 13:33:55 0 d-------- C:\Program Files\Safari 2008-08-02 10:57:00 0 d-------- C:\Program Files\Free Registry Cleaner for Vista 2008-07-31 07:30:03 0 d-------- C:\Program Files\OpenOffice.org 2008-07-31 07:30:03 0 d-------- C:\Program Files\OpenOffice.org 3 2008-07-30 20:48:42 0 d-------- C:\Users\All Users\avg8 2008-07-30 20:48:42 0 d-------- C:\Program Files\AVG 2008-07-30 20:43:29 0 d-------- C:\Windows\ro-RO 2008-07-30 20:43:27 0 d-------- C:\Windows\system32\drivers\ro-RO 2008-07-30 20:33:10 353332 --a------ C:\Windows\system32\perfh00D.dat 2008-07-30 20:33:10 69240 --a------ C:\Windows\system32\perfc00D.dat 2008-07-30 20:32:35 0 d-------- C:\Windows\system32\he 2008-07-30 20:32:35 0 d-------- C:\Windows\system32\drivers\he-IL 2008-07-30 20:32:30 0 d-------- C:\Windows\he-IL 2008-07-30 20:21:16 429828 --a------ C:\Windows\system32\perfh00B.dat 2008-07-30 20:21:16 81258 --a------ C:\Windows\system32\perfc00B.dat 2008-07-30 20:20:41 0 d-------- C:\Windows\fi-FI 2008-07-30 20:20:38 0 d-------- C:\Windows\system32\040B 2008-07-30 20:20:37 0 d-------- C:\Windows\system32\fi 2008-07-30 20:20:37 0 d-------- C:\Windows\system32\drivers\fi-FI 2008-07-30 17:03:04 0 d-------- C:\Program Files\f-secure-rescue-cd-release 2008-07-30 17:01:41 0 d-------- C:\Program Files\GDATA-Boot 2008-07-30 07:36:38 0 d-------- C:\Windows\BDOSCAN8 2008-07-28 15:22:47 0 d-------- C:\Windows\Sun 2008-07-28 12:04:38 0 d-------- C:\FilmarchivPro 2008-07-26 23:11:52 0 d-------- C:\Program Files\myiHome 2008-07-26 09:51:28 0 d-------- C:\Program Files\nfsd 2008-07-23 10:12:02 0 d-------- C:\myiHome Library 2008-07-23 10:12:02 0 d-------- C:\My Videos 2008-07-23 10:12:02 0 d-------- C:\My Pictures 2008-07-23 10:12:02 0 d-------- C:\My Music 2008-07-22 23:08:00 0 d-------- C:\RemuxTool 2008-07-22 22:26:09 180224 --a------ C:\Windows\system32\xvidvfw.dll 2008-07-22 22:26:09 765952 --a------ C:\Windows\system32\xvidcore.dll 2008-07-22 22:26:09 0 d-------- C:\Program Files\Xvid 2008-07-22 22:16:36 0 d-------- C:\Program Files\xvidcore-1.1.3 2008-07-22 19:27:19 0 d-------- C:\Program Files\ImgBurn 2008-07-22 17:31:05 0 d-------- C:\Program Files\megui 2008-07-22 17:22:51 0 d-------- C:\Program Files\Matroska Pack 2008-07-22 17:04:03 0 d-------- C:\Program Files\x264 2008-07-21 21:20:58 0 d-------- C:\Users\All Users\VistaCodecs 2008-07-20 11:28:34 0 d-------- C:\Program Files\VideoLAN 2008-07-20 10:57:56 0 d-------- C:\Program Files\MediaInfo 2008-07-18 08:30:45 0 d-------- C:\Program Files\Bonjour 2008-07-18 08:30:21 0 d-------- C:\Program Files\QuickTime 2008-07-18 08:30:20 0 d-------- C:\Users\All Users\Apple Computer 2008-07-18 08:30:10 0 d-------- C:\Program Files\Apple Software Update 2008-07-18 08:29:29 0 d-------- C:\Users\All Users\Apple 2008-07-18 08:29:29 0 d-------- C:\Program Files\Common Files\Apple 2008-07-13 19:01:25 0 d-------- C:\Program Files\RapidSolution Software AG 2008-07-13 15:42:47 0 d-------- C:\Program Files\Common Files\xing shared 2008-07-13 15:42:34 0 d-------- C:\Program Files\Real 2008-07-13 15:42:32 0 d-------- C:\Program Files\Common Files\Real 2008-07-07 15:53:14 0 d-------- C:\Program Files\skins 2008-07-07 10:50:12 0 d--h----- C:\Users\All Users\CanonBJ 2008-07-06 18:12:29 0 d-------- C:\Program Files\Java 2008-07-06 18:12:28 0 d-------- C:\Program Files\Common Files\Java 2008-07-06 13:01:36 0 d-------- C:\Program Files\MSXML 4.0 2008-07-05 13:40:39 0 d-------- C:\Users\All Users\Nero 2008-07-05 13:40:39 0 d-------- C:\Program Files\Common Files\Nero 2008-07-05 13:30:14 0 d-------- C:\Windows\system32\appmgmt 2008-07-05 11:49:34 0 d-------- C:\Users\All Users\Adobe 2008-07-05 11:45:19 0 d-------- C:\Users\All Users\NOS 2008-07-05 11:45:19 0 d-------- C:\Program Files\NOS 2008-07-05 10:16:24 0 d-------- C:\Program Files\phase5 2008-07-05 10:15:04 0 -rahs---- C:\MSDOS.SYS 2008-07-05 10:15:04 0 -rahs---- C:\IO.SYS 2008-07-05 10:12:18 0 d-------- C:\Program Files\Nvu 2008-07-03 19:27:31 0 d-------- C:\Users\All Users\SlySoft 2008-07-03 19:25:10 0 d-------- C:\Program Files\SlySoft 2008-07-03 19:08:07 0 d-------- C:\Users\All Users\IncrediMail 2008-07-03 19:08:07 0 d-------- C:\Users\All Users\IM 2008-07-03 19:08:07 0 d-------- C:\Program Files\IncrediMail 2008-07-03 18:32:51 0 --a------ C:\Windows\nsreg.dat 2008-07-03 18:26:33 0 d-------- C:\Program Files\Synovel Spicebird -- Find3M Report --------------------------------------------------------------- 2008-08-02 14:31:02 655756 --a------ C:\Windows\system32\perfh010.dat 2008-08-02 14:31:02 661898 --a------ C:\Windows\system32\perfh00C.dat 2008-08-02 14:31:02 621702 --a------ C:\Windows\system32\perfh007.dat 2008-08-02 14:31:02 120396 --a------ C:\Windows\system32\perfc010.dat 2008-08-02 14:31:02 123622 --a------ C:\Windows\system32\perfc00C.dat 2008-08-02 14:31:02 123646 --a------ C:\Windows\system32\perfc007.dat 2008-08-02 13:42:34 0 d-------- C:\Users\babelfisch\AppData\Roaming\Apple Computer 2008-08-02 13:23:26 0 d-------- C:\Users\babelfisch\AppData\Roaming\OpenOffice.org3 2008-08-02 13:22:48 0 d-------- C:\Program Files\Steam 2008-07-30 20:43:29 0 d-------- C:\Program Files\Windows Sidebar 2008-07-30 20:43:29 0 d-------- C:\Program Files\Windows Photo Gallery 2008-07-30 20:43:29 0 d-------- C:\Program Files\Windows Mail 2008-07-30 20:43:29 0 d-------- C:\Program Files\Windows Journal 2008-07-30 20:43:29 0 d-------- C:\Program Files\Windows Defender 2008-07-30 20:43:29 0 d-------- C:\Program Files\Windows Collaboration 2008-07-30 20:43:29 0 d-------- C:\Program Files\Windows Calendar 2008-07-30 20:43:29 0 d-------- C:\Program Files\Movie Maker 2008-07-29 21:35:47 0 d--h----- C:\Users\babelfisch\AppData\Roaming\m 2008-07-29 21:34:02 0 d-------- C:\Program Files\Common Files 2008-07-29 20:37:17 0 d-------- C:\Program Files\Common Files\LightScribe 2008-07-28 12:38:12 0 d-------- C:\Users\babelfisch\AppData\Roaming\FileZilla 2008-07-28 12:26:59 0 d-------- C:\Users\babelfisch\AppData\Roaming\Thinstall 2008-07-28 12:05:44 161076 --a------ C:\Program Files\FilmarchivPro.rar 2008-07-22 19:35:46 0 d-------- C:\Users\babelfisch\AppData\Roaming\ImgBurn 2008-07-20 11:35:19 0 d-------- C:\Users\babelfisch\AppData\Roaming\vlc 2008-07-20 10:58:36 0 d-------- C:\Users\babelfisch\AppData\Roaming\Real 2008-07-18 13:41:27 0 d-------- C:\Program Files\Common Files\Steam 2008-07-05 13:42:47 0 d-------- C:\Users\babelfisch\AppData\Roaming\Nero 2008-07-05 13:40:39 0 d-------- C:\Program Files\Nero 2008-07-05 13:29:56 0 d-------- C:\Program Files\Common Files\Ahead 2008-07-05 13:29:23 0 d-------- C:\Users\babelfisch\AppData\Roaming\Ahead 2008-07-05 11:50:53 0 d-------- C:\Users\babelfisch\AppData\Roaming\Adobe 2008-07-05 11:49:51 0 d-------- C:\Program Files\Common Files\Adobe 2008-07-05 10:12:22 0 d-------- C:\Users\babelfisch\AppData\Roaming\Nvu 2008-07-03 18:32:51 0 d-------- C:\Users\babelfisch\AppData\Roaming\Thunderbird 2008-07-03 18:32:51 0 d-------- C:\Users\babelfisch\AppData\Roaming\Mozilla 2008-07-03 18:26:38 0 d-------- C:\Users\babelfisch\AppData\Roaming\Spicebird 2008-06-29 16:43:48 174 --ahs---- C:\Program Files\desktop.ini 2008-06-27 13:04:28 0 d-------- C:\Program Files\Smart Projects 2008-06-27 11:51:53 0 d-------- C:\Program Files\IrfanView 2008-06-27 11:50:41 0 d-------- C:\Program Files\Plugins 2008-06-27 11:48:25 0 d-------- C:\Program Files\DVD Shrink 2008-06-27 11:43:41 0 d-------- C:\Program Files\GIMP-2.0 2008-06-27 11:39:18 0 d-------- C:\Users\babelfisch\AppData\Roaming\WinRAR 2008-06-26 23:05:04 3072 --a------ C:\Windows\checkip.dat 2008-06-26 18:37:33 0 d-------- C:\Program Files\Alwil Software 2008-06-26 15:27:53 0 d-------- C:\Users\babelfisch\AppData\Roaming\Macromedia 2008-06-25 16:31:05 0 d-------- C:\Users\babelfisch\AppData\Roaming\Logitech 2008-06-25 16:13:40 0 d-------- C:\Program Files\Common Files\Logitech 2008-06-25 16:13:27 0 d-------- C:\Program Files\Logitech 2008-06-25 16:13:24 0 d--h----- C:\Program Files\InstallShield Installation Information 2008-06-25 16:13:19 0 d-------- C:\Users\babelfisch\AppData\Roaming\InstallShield 2008-06-25 16:06:58 0 d-------- C:\Users\babelfisch\AppData\Roaming\Identities 2008-06-25 16:00:19 0 d-------- C:\Program Files\Windows NT 2008-06-25 16:00:19 0 d--hs---- C:\Program Files\Gemeinsame Dateien -- Registry Dump --------------------------------------------------------------- *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] 11.06.2008 22:33 75128 --a------ C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [19.01.2008 09:38] "RtHDVCpl"="RtHDVCpl.exe" [19.09.2007 08:50 C:\Windows\RtHDVCpl.exe] "NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [24.03.2008 19:52] "NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [24.03.2008 19:52] "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [11.04.2007 15:32 C:\Windows\KHALMNPR.Exe] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [12.06.2008 02:38] "NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [18.02.2008 17:29] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [10.06.2008 04:27] "TkBellExe"="realsched.exe" [] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [19.01.2008 09:33] "WindowsWelcomeCenter"="oobefldr.dll,ShowWelcomeCenter" [] "LightScribe Control Panel"="C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe" [19.04.2007 13:26] "IncrediMail"="C:\Program Files\IncrediMail\bin\IncMail.exe" [12.06.2008 13:49] "AnyDVD"="C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe" [01.08.2008 15:32] "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [19.01.2008 09:33] "ehTray.exe"="C:\Windows\ehome\ehTray.exe" [19.01.2008 09:33] [HKEY_USERS\.default\software\microsoft\windows\currentversion\run] "IncrediMail"=C:\Program Files\IncrediMail\bin\IncMail.exe /c C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [25.06.2008 16:13:36] myiHome Server.lnk - C:\Program Files\myiHome\app\myiHome-server.exe [26.07.2008 23:11:54] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"=2 (0x2) "EnableUIADesktopToggle"=0 (0x0) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] @="Volume shadow copy" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] @="IEEE 1394 Bus host controllers" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] @="SBP2 IEEE 1394 Devices" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] @="SecurityDevices" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^babelfisch^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.0.lnk] path=C:\Users\babelfisch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk backup=C:\Windows\pss\OpenOffice.org 3.0.lnk.Startup backupExtension=.Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam] "C:\Program Files\Steam\Steam.exe" -silent [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalService nsi lltdsvc SSDPSRV upnphost SCardSvr w32time EventSystem RemoteRegistry WinHttpAutoProxySvc lanmanworkstation TBS SLUINotify THREADORDER fdrespub netprofm fdphost wcncsvc QWAVE Mcx2Svc WebClient SstpSvc GPSvcGroup GPSvc [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] C:\Windows\system32\unregmp2.exe /ShowWMP [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] "C:\Program Files\Common Files\LightScribe\LSRunOnce.exe" [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] %SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI |
|
02.08.2008, 18:32
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ |  Vista. Kann kein Antivirenprogramm meh installieren Du hast zweimal das gleiche Log gepostet. Bitte sorgfältiger darauf achten! Die Logfiles bitte mit Codetags umschlossen posten also so HTML-Code: [code] Hier das Logfile rein [/code]
__________________ --> Vista. Kann kein Antivirenprogramm meh installieren |
|
03.08.2008, 12:00
| #7 |
| | Vista. Kann kein Antivirenprogramm meh installieren Hoffe so ist richtig :-) Thx Code:
ATTFilter Deckard's System Scanner v20071014.68 Run by babelfisch on 2008-08-03 12:53:18 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- HijackThis (run as babelfisch.exe) ------------------------------------------ Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:53:20, on 03.08.2008 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Windows\RtHDVCpl.exe C:\Windows\System32\rundll32.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\myiHome\app\myiHome-server.exe C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe C:\Windows\System32\mobsync.exe C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE C:\Windows\ehome\ehmsas.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\IncrediMail\bin\ImApp.exe C:\Windows\system32\conime.exe C:\Windows\system32\rundll32.exe C:\Windows\system32\NOTEPAD.EXE C:\Windows\system32\NOTEPAD.EXE C:\Program Files\Internet Explorer\ieuser.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Users\babelfisch\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SU46GI6G\dss[1].exe C:\Users\ADMINI~1\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\IDCO7CMX\BABELF~1.EXE R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ch/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.stegcomputer.ch R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [TkBellExe] "realsched.exe" -osboot O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-18\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c (User 'Default user') O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O4 - Global Startup: myiHome Server.lnk = C:\Program Files\myiHome\app\myiHome-server.exe O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe O13 - Gopher Prefix: O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.de/scan_de/scan8/oscan8.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: GEST Service for program management. (GEST Service) - Unknown owner - C:\Program Files\GIGABYTE\GEST\GSvr.exe O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NFS Server (NFSserver) - Dr. Hanewinkel -- www.haneWIN.de - C:\Program Files\nfsd\nfsd.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe O23 - Service: SunRPC Portmap Daemon (PMAPDaemon) - Dr. Hanewinkel -- www.haneWIN.de - C:\Program Files\nfsd\pmapd.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe -- End of file - 7358 bytes -- Files created between 2008-07-03 and 2008-08-03 ----------------------------- 2008-08-02 14:40:15 0 d-------- C:\Program Files\File-List 2.2 2008-08-02 14:15:57 0 d-------- C:\Windows\pss 2008-08-02 13:36:40 0 d-------- C:\Program Files\iPod 2008-08-02 13:36:39 0 d-------- C:\Program Files\iTunes 2008-08-02 13:33:55 0 d-------- C:\Program Files\Safari 2008-08-02 10:57:00 0 d-------- C:\Program Files\Free Registry Cleaner for Vista 2008-07-31 07:30:03 0 d-------- C:\Program Files\OpenOffice.org 2008-07-31 07:30:03 0 d-------- C:\Program Files\OpenOffice.org 3 2008-07-30 20:48:42 0 d-------- C:\Users\All Users\avg8 2008-07-30 20:48:42 0 d-------- C:\Program Files\AVG 2008-07-30 20:43:29 0 d-------- C:\Windows\ro-RO 2008-07-30 20:43:27 0 d-------- C:\Windows\system32\drivers\ro-RO 2008-07-30 20:33:10 353332 --a------ C:\Windows\system32\perfh00D.dat 2008-07-30 20:33:10 69240 --a------ C:\Windows\system32\perfc00D.dat 2008-07-30 20:32:35 0 d-------- C:\Windows\system32\he 2008-07-30 20:32:35 0 d-------- C:\Windows\system32\drivers\he-IL 2008-07-30 20:32:30 0 d-------- C:\Windows\he-IL 2008-07-30 20:21:16 429828 --a------ C:\Windows\system32\perfh00B.dat 2008-07-30 20:21:16 81258 --a------ C:\Windows\system32\perfc00B.dat 2008-07-30 20:20:41 0 d-------- C:\Windows\fi-FI 2008-07-30 20:20:38 0 d-------- C:\Windows\system32\040B 2008-07-30 20:20:37 0 d-------- C:\Windows\system32\fi 2008-07-30 20:20:37 0 d-------- C:\Windows\system32\drivers\fi-FI 2008-07-30 17:03:04 0 d-------- C:\Program Files\f-secure-rescue-cd-release 2008-07-30 17:01:41 0 d-------- C:\Program Files\GDATA-Boot 2008-07-30 07:36:38 0 d-------- C:\Windows\BDOSCAN8 2008-07-28 15:22:47 0 d-------- C:\Windows\Sun 2008-07-28 12:04:38 0 d-------- C:\FilmarchivPro 2008-07-26 23:11:52 0 d-------- C:\Program Files\myiHome 2008-07-26 09:51:28 0 d-------- C:\Program Files\nfsd 2008-07-23 10:12:02 0 d-------- C:\myiHome Library 2008-07-23 10:12:02 0 d-------- C:\My Videos 2008-07-23 10:12:02 0 d-------- C:\My Pictures 2008-07-23 10:12:02 0 d-------- C:\My Music 2008-07-22 23:08:00 0 d-------- C:\RemuxTool 2008-07-22 22:26:09 180224 --a------ C:\Windows\system32\xvidvfw.dll 2008-07-22 22:26:09 765952 --a------ C:\Windows\system32\xvidcore.dll 2008-07-22 22:26:09 0 d-------- C:\Program Files\Xvid 2008-07-22 22:16:36 0 d-------- C:\Program Files\xvidcore-1.1.3 2008-07-22 19:27:19 0 d-------- C:\Program Files\ImgBurn 2008-07-22 17:31:05 0 d-------- C:\Program Files\megui 2008-07-22 17:22:51 0 d-------- C:\Program Files\Matroska Pack 2008-07-22 17:04:03 0 d-------- C:\Program Files\x264 2008-07-21 21:20:58 0 d-------- C:\Users\All Users\VistaCodecs 2008-07-20 11:28:34 0 d-------- C:\Program Files\VideoLAN 2008-07-20 10:57:56 0 d-------- C:\Program Files\MediaInfo 2008-07-18 08:30:45 0 d-------- C:\Program Files\Bonjour 2008-07-18 08:30:21 0 d-------- C:\Program Files\QuickTime 2008-07-18 08:30:20 0 d-------- C:\Users\All Users\Apple Computer 2008-07-18 08:30:10 0 d-------- C:\Program Files\Apple Software Update 2008-07-18 08:29:29 0 d-------- C:\Users\All Users\Apple 2008-07-18 08:29:29 0 d-------- C:\Program Files\Common Files\Apple 2008-07-13 19:01:25 0 d-------- C:\Program Files\RapidSolution Software AG 2008-07-13 15:42:47 0 d-------- C:\Program Files\Common Files\xing shared 2008-07-13 15:42:34 0 d-------- C:\Program Files\Real 2008-07-13 15:42:32 0 d-------- C:\Program Files\Common Files\Real 2008-07-07 15:53:14 0 d-------- C:\Program Files\skins 2008-07-07 10:50:12 0 d--h----- C:\Users\All Users\CanonBJ 2008-07-06 18:12:29 0 d-------- C:\Program Files\Java 2008-07-06 18:12:28 0 d-------- C:\Program Files\Common Files\Java 2008-07-06 13:01:36 0 d-------- C:\Program Files\MSXML 4.0 2008-07-05 13:40:39 0 d-------- C:\Users\All Users\Nero 2008-07-05 13:40:39 0 d-------- C:\Program Files\Common Files\Nero 2008-07-05 13:30:14 0 d-------- C:\Windows\system32\appmgmt 2008-07-05 11:49:34 0 d-------- C:\Users\All Users\Adobe 2008-07-05 11:45:19 0 d-------- C:\Users\All Users\NOS 2008-07-05 11:45:19 0 d-------- C:\Program Files\NOS 2008-07-05 10:16:24 0 d-------- C:\Program Files\phase5 2008-07-05 10:15:04 0 -rahs---- C:\MSDOS.SYS 2008-07-05 10:15:04 0 -rahs---- C:\IO.SYS 2008-07-05 10:12:18 0 d-------- C:\Program Files\Nvu 2008-07-03 19:27:31 0 d-------- C:\Users\All Users\SlySoft 2008-07-03 19:25:10 0 d-------- C:\Program Files\SlySoft 2008-07-03 19:08:07 0 d-------- C:\Users\All Users\IncrediMail 2008-07-03 19:08:07 0 d-------- C:\Users\All Users\IM 2008-07-03 19:08:07 0 d-------- C:\Program Files\IncrediMail 2008-07-03 18:32:51 0 --a------ C:\Windows\nsreg.dat 2008-07-03 18:26:33 0 d-------- C:\Program Files\Synovel Spicebird -- Find3M Report --------------------------------------------------------------- 2008-08-02 14:31:02 655756 --a------ C:\Windows\system32\perfh010.dat 2008-08-02 14:31:02 661898 --a------ C:\Windows\system32\perfh00C.dat 2008-08-02 14:31:02 621702 --a------ C:\Windows\system32\perfh007.dat 2008-08-02 14:31:02 120396 --a------ C:\Windows\system32\perfc010.dat 2008-08-02 14:31:02 123622 --a------ C:\Windows\system32\perfc00C.dat 2008-08-02 14:31:02 123646 --a------ C:\Windows\system32\perfc007.dat 2008-08-02 13:42:34 0 d-------- C:\Users\babelfisch\AppData\Roaming\Apple Computer 2008-08-02 13:23:26 0 d-------- C:\Users\babelfisch\AppData\Roaming\OpenOffice.org3 2008-08-02 13:22:48 0 d-------- C:\Program Files\Steam 2008-07-30 20:43:29 0 d-------- C:\Program Files\Windows Sidebar 2008-07-30 20:43:29 0 d-------- C:\Program Files\Windows Photo Gallery 2008-07-30 20:43:29 0 d-------- C:\Program Files\Windows Mail 2008-07-30 20:43:29 0 d-------- C:\Program Files\Windows Journal 2008-07-30 20:43:29 0 d-------- C:\Program Files\Windows Defender 2008-07-30 20:43:29 0 d-------- C:\Program Files\Windows Collaboration 2008-07-30 20:43:29 0 d-------- C:\Program Files\Windows Calendar 2008-07-30 20:43:29 0 d-------- C:\Program Files\Movie Maker 2008-07-29 21:35:47 0 d--h----- C:\Users\babelfisch\AppData\Roaming\m 2008-07-29 21:34:02 0 d-------- C:\Program Files\Common Files 2008-07-29 20:37:17 0 d-------- C:\Program Files\Common Files\LightScribe 2008-07-28 12:38:12 0 d-------- C:\Users\babelfisch\AppData\Roaming\FileZilla 2008-07-28 12:26:59 0 d-------- C:\Users\babelfisch\AppData\Roaming\Thinstall 2008-07-28 12:05:44 161076 --a------ C:\Program Files\FilmarchivPro.rar 2008-07-22 19:35:46 0 d-------- C:\Users\babelfisch\AppData\Roaming\ImgBurn 2008-07-20 11:35:19 0 d-------- C:\Users\babelfisch\AppData\Roaming\vlc 2008-07-20 10:58:36 0 d-------- C:\Users\babelfisch\AppData\Roaming\Real 2008-07-18 13:41:27 0 d-------- C:\Program Files\Common Files\Steam 2008-07-05 13:42:47 0 d-------- C:\Users\babelfisch\AppData\Roaming\Nero 2008-07-05 13:40:39 0 d-------- C:\Program Files\Nero 2008-07-05 13:29:56 0 d-------- C:\Program Files\Common Files\Ahead 2008-07-05 13:29:23 0 d-------- C:\Users\babelfisch\AppData\Roaming\Ahead 2008-07-05 11:50:53 0 d-------- C:\Users\babelfisch\AppData\Roaming\Adobe 2008-07-05 11:49:51 0 d-------- C:\Program Files\Common Files\Adobe 2008-07-05 10:12:22 0 d-------- C:\Users\babelfisch\AppData\Roaming\Nvu 2008-07-03 18:32:51 0 d-------- C:\Users\babelfisch\AppData\Roaming\Thunderbird 2008-07-03 18:32:51 0 d-------- C:\Users\babelfisch\AppData\Roaming\Mozilla 2008-07-03 18:26:38 0 d-------- C:\Users\babelfisch\AppData\Roaming\Spicebird 2008-06-29 16:43:48 174 --ahs---- C:\Program Files\desktop.ini 2008-06-27 13:04:28 0 d-------- C:\Program Files\Smart Projects 2008-06-27 11:51:53 0 d-------- C:\Program Files\IrfanView 2008-06-27 11:50:41 0 d-------- C:\Program Files\Plugins 2008-06-27 11:48:25 0 d-------- C:\Program Files\DVD Shrink 2008-06-27 11:43:41 0 d-------- C:\Program Files\GIMP-2.0 2008-06-27 11:39:18 0 d-------- C:\Users\babelfisch\AppData\Roaming\WinRAR 2008-06-26 23:05:04 3072 --a------ C:\Windows\checkip.dat 2008-06-26 18:37:33 0 d-------- C:\Program Files\Alwil Software 2008-06-26 15:27:53 0 d-------- C:\Users\babelfisch\AppData\Roaming\Macromedia 2008-06-25 16:31:05 0 d-------- C:\Users\babelfisch\AppData\Roaming\Logitech 2008-06-25 16:13:40 0 d-------- C:\Program Files\Common Files\Logitech 2008-06-25 16:13:27 0 d-------- C:\Program Files\Logitech 2008-06-25 16:13:24 0 d--h----- C:\Program Files\InstallShield Installation Information 2008-06-25 16:13:19 0 d-------- C:\Users\babelfisch\AppData\Roaming\InstallShield 2008-06-25 16:06:58 0 d-------- C:\Users\babelfisch\AppData\Roaming\Identities 2008-06-25 16:00:19 0 d-------- C:\Program Files\Windows NT 2008-06-25 16:00:19 0 d--hs---- C:\Program Files\Gemeinsame Dateien -- Registry Dump --------------------------------------------------------------- *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] 11.06.2008 22:33 75128 --a------ C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [19.01.2008 09:38] "RtHDVCpl"="RtHDVCpl.exe" [19.09.2007 08:50 C:\Windows\RtHDVCpl.exe] "NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [24.03.2008 19:52] "NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [24.03.2008 19:52] "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [11.04.2007 15:32 C:\Windows\KHALMNPR.Exe] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [12.06.2008 02:38] "NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [18.02.2008 17:29] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [10.06.2008 04:27] "TkBellExe"="realsched.exe" [] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [19.01.2008 09:33] "WindowsWelcomeCenter"="oobefldr.dll,ShowWelcomeCenter" [] "LightScribe Control Panel"="C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe" [19.04.2007 13:26] "IncrediMail"="C:\Program Files\IncrediMail\bin\IncMail.exe" [12.06.2008 13:49] "AnyDVD"="C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe" [01.08.2008 15:32] "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [19.01.2008 09:33] "ehTray.exe"="C:\Windows\ehome\ehTray.exe" [19.01.2008 09:33] [HKEY_USERS\.default\software\microsoft\windows\currentversion\run] "IncrediMail"=C:\Program Files\IncrediMail\bin\IncMail.exe /c C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [25.06.2008 16:13:36] myiHome Server.lnk - C:\Program Files\myiHome\app\myiHome-server.exe [26.07.2008 23:11:54] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"=2 (0x2) "EnableUIADesktopToggle"=0 (0x0) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] @="Volume shadow copy" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] @="IEEE 1394 Bus host controllers" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] @="SBP2 IEEE 1394 Devices" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] @="SecurityDevices" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^babelfisch^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.0.lnk] path=C:\Users\babelfisch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk backup=C:\Windows\pss\OpenOffice.org 3.0.lnk.Startup backupExtension=.Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam] "C:\Program Files\Steam\Steam.exe" -silent [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalService nsi lltdsvc SSDPSRV upnphost SCardSvr w32time EventSystem RemoteRegistry WinHttpAutoProxySvc lanmanworkstation TBS SLUINotify THREADORDER fdrespub netprofm fdphost wcncsvc QWAVE Mcx2Svc WebClient SstpSvc GPSvcGroup GPSvc [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] C:\Windows\system32\unregmp2.exe /ShowWMP [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] "C:\Program Files\Common Files\LightScribe\LSRunOnce.exe" [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] %SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI -- End of Deckard's System Scanner: finished at 2008-08-03 12:53:43 ------------ |
|
03.08.2008, 12:54
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ |  Vista. Kann kein Antivirenprogramm meh installieren Und das extra.log? Da sind einige merkwürdige Ordner im Windowsverzeichnis, mach mal bitte einen Durchlauf mit ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden wenn ein Kompetenzler dies ausdrücklich empfohlen hat!Hinweis: Combofix verhindert die Autostart Funktion aller CD / DVD und USB - Laufwerken um so eine Verbeitung einzudämmen. Wenn es hierdurch zu Problemen kommt, diese im Thread posten.
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
03.08.2008, 20:24
| #9 |
| | Vista. Kann kein Antivirenprogramm meh installieren Also....habe versucht Combi Fix runterzuladen. Geht nicht. Bekam eine Fehlermeldung das ich nicht berechtigt sei, obwohl ich als Admin angemeldet bin (geht nicht mehr lange und ich hol mir wieder XP...schei...Vista...oder Typen die nicht damit umgehen können :-) Auf jeden Fall hab ichs nochmal versucht und plötzlich krieg ich kann ich nicht mal mehr den download aufrufen. Ich erhalt ne Fehlerseite: Forbidden 403. Es stzellt sich mir die Frage ob Neuaufsetzen nicht weniger Arbeitsintensiv wär. Den CCleaner hab ich durchlaufen lassen. Herzlichen Dank übrigens für deine Mühe :-) |
|
04.08.2008, 11:54
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ |  Vista. Kann kein Antivirenprogramm meh installieren Mußt Du wissen. Ein Neuaufsetzen löst mit einem Schlag die Malwareprobleme.  Du kannst es allerdings nochmal mit combofix probieren, beende alle Programme vorher und führ es dann mal über ein Rechtsklick, "als Administartor ausführen" aus.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
18.08.2009, 09:48
| #11 |
| |  Vista. Kann kein Antivirenprogramm meh installieren Hallo, ich hätte eine Frage an Babelfisch: Wie hast du die Updates wieder zum laufen gebracht ? Denn ich kann bei mir auch keine Updates mehr installieren  Fehler: Code8000FFFF Ich habe auchnoch ein Bild auf meine Hompage geladen damit es übersichtlicher ist: http://ceadapvp.npage.de/updatefehle...ng_661535.html Geändert von Lone342 (18.08.2009 um 09:59 Uhr) |
|
| Themen zu Vista. Kann kein Antivirenprogramm meh installieren |
| abgesicherten modus, adobe, antivirus, avast, avast antivirus, avg, bho, content.ie5, defender, dll, explorer, firewall, gigabyte, gservice, hkus\s-1-5-18, installation, internet, internet explorer, microsoft, nvidia, object, problem, programm, programme, rundll, software, starten, system, vista, vista32, windows, windows defender, windows sidebar, wmp |
Linear-Darstellung
