| |
| |||||||
Log-Analyse und Auswertung: Aero weg - plötzlich keine Verbindung mehrWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
14.05.2009, 16:31
| #1 |
 |  Aero weg - plötzlich keine Verbindung mehr Hallo! nachdem Ihr mir schon das erste Mal so gut geholfen habt, hier ein Problem mit meinem neuen Rechner: In letzter Zeit kappt sich die Internetverbindung, d.h. nur für Browser -- über ICQ & Skype komm ich weiterhin nach draußen. Punkt 2: Seit einiger Zeit wollen viele exe's laut meiner Firewall ins Internet, darunter aber auch Programme, die nie eine Web-Funktion haben, sogar noch nicht einmal eine Update-Funktion. Punkt 3: Seit heute ist meine Aero-Oberfläche verschwunden, und weder über die Systemsteuerung>Design, noch über den Dienst wiederzubekommen. hier ein HijackThis-Log von gerade eben: Code:
ATTFilter Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:25:43, on 14.05.2009 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe C:\Program Files\Norton Internet Security\Engine\16.5.0.135 \ccSvcHst.exe C:\Windows\System32\oodtray.exe C:\Program Files\Common Files\Logishrd\LComMgr\Communications_Helper.exe C:\Program Files\Logitech\QuickCam\Quickcam.exe C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe C:\Windows\System32\CTXFIHLP.EXE C:\Windows\RtHDVCpl.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Windows\ehome\ehtray.exe C:\Windows\System32\CTXFISPI.EXE C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\ICQ6.5\ICQ.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\DisplayFusion\DisplayFusion.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Pamela\Pamela.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\UltraMon\UltraMon.exe C:\Program Files\UltraMon\UltraMonTaskbar.exe C:\Windows\System32\mobsync.exe C:\Program Files\UltraMon\UltraMonUiAcc.exe C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files\SRWare Iron\iron.exe C:\Program Files\SRWare Iron\iron.exe C:\Program Files\SRWare Iron\iron.exe C:\Program Files\Opera\opera.exe C:\Program Files\SRWare Iron\iron.exe C:\Program Files\SRWare Iron\iron.exe C:\Windows\system32\conime.exe C:\Program Files\SRWare Iron\iron.exe C:\Windows\System32\cmd.exe C:\Windows\explorer.exe E:\HiJackThis.exe C:\Windows\system32\SearchFilterHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = h**p://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = h**p://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = h**p://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = h**p://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = h**p://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe O1 - Hosts: ::1 localhost O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409- FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8 \SnagItBHO.dll O2 - BHO: Mediaplayer - {1536BA74-8625-4240-99B0- BE65883689C8} - C:\PROGRA~1\MEDIAP~1\MEDIAP~1 \IEBUTT~1.DLL O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596- FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53- 2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1- 95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll O2 - BHO: SMART Notebook Download Plugin - {67BCF957-85FC -4036-8DC4-D4D80E00A77B} - C:\Program Files\SMART Technologies\Notebook Software\NotebookPlugin.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE- 4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\IPSBHO.DLL O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C- B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0 -D3882835F153} - C:\PROGRA~1\IDM\QUICKF~1\PlugIns\IEHelp.dll O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA -8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b -BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E- D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8 \SnagItIEAddin.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2- FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll O4 - HKLM\..\Run: [OODefragTray] C:\Windows\system32 \oodtray.exe O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" /r O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir% \WindowsMobile\wmdc.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ6.5\ICQ.exe" silent O4 - HKCU\..\Run: [DisplayFusion] "C:\Program Files\DisplayFusion\DisplayFusion.exe" O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKCU\..\Run: [Google Update] "C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.e xe" /c O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [pamela.exe] "C:\Program Files\Pamela\Pamela.exe" O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST') O4 - Startup: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Program Files\Microsoft Office\Office12 \ONENOTEM.EXE O4 - Global Startup: Launchy.lnk.disabled O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O4 - Global Startup: UltraMon.lnk = ? O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c- 8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12 \ONBttnIE.dll O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A- 7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2 \Office12\ONBttnIE.dll O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,- 222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307- 00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2- 070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE- 3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12 \REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200- 58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA- FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA- FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe O13 - Gopher Prefix: O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - h**p://dlm.tools.akamai.com/dlmanager/versions/activex/dlm- activex-2.2.4.8.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458- 1830C7DD7F5D} - C:\PROGRA~1\COMMON~1 \Skype\SKYPE4~1.DLL O18 - Protocol: symres - {AA1061FE-6C41-421F-9344- 69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Update Service (gupdate1c98af435d197e) (gupdate1c98af435d197e) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\16.5.0.135 \ccSvcHst.exe O23 - Service: O&O Defrag - O&O Software GmbH - C:\Windows\system32\oodag.exe O23 - Service: Softex OmniPass Service (omniserv) - Softex Inc. - C:\Program Files\Softex\OmniPass\OmniServ.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe -- End of file - 11216 bytes Vielen Dank schonmal! Gruß finnwal e: der Scan von Anti-Malware ist bereits am Laufen, die Software-Liste kommt auch gleich Geändert von finnwal (14.05.2009 um 16:44 Uhr) |
| Themen zu Aero weg - plötzlich keine Verbindung mehr |
| adobe, bho, bonjour, browser, computer, download, erste mal, exe, explorer, firewall, free download, google, google update, gupdate, hijack, internet explorer, internet security, intrusion prevention, logfile, monitor, notebook, object, opera, plug-in, problem, programme, security, senden, software, symantec, vista, windows, windows sidebar, über icq |
Baum-Darstellung