Internet extrem langsam, bitte um Hilfe !

hiiilfeee · 20.07.2009, 22:54

Hallo an alle,

Habe ein großes Problem wenn ich im Internet surfe.

Die Seiten öffnen sich seit neuestem extrem langsam, Videos auf Youtube dauern eine halbe Ewigkeit bis was geladen wurde etc pp.
An meinen Router Einstellungen habe ich nichts geändert.

Habe jetzt mal einen Speedtest laufen lassen der mir dann sagte das meine Geschwindgkeit einem Modem!!!!

gleicht ( Download ~ 3-4 kbps, Upload ~ 2-3 kbps )

Normal wäre meine 10000/500 Leitung. Habe dann bei meinem Anbieter auch nachgefragt ob zurzeit eine Störung vorliegt aber anscheinend sind meine ''Werte'' völlig ok sagen sie, und es wäre keine Störung bekannt.

Meinen Virenscaner hab ich auch bestimmt 3 mal durchlaufen lassen aber hat irgendwie nichts gebracht.

Hoffe echt ihr könnt mir weiterhelfen, hier mein Hijack Logfile :
Ein Riesen- DANKE vorab für die Mühe

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:11:22, on 20.07.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Avira\AntiVir Desktop\sched.exe
C:\Programme\Avira\AntiVir Desktop\avguard.exe
C:\Programme\ICQ6Toolbar\ICQ Service.exe
C:\Programme\Java\jre6\bin\jqs.exe
C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Ahead\InCD\InCD.exe
C:\Programme\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\Programme\lg_fwupdate\fwupdate.exe
C:\Programme\Java\jre6\bin\jusched.exe
C:\Programme\Microsoft Xbox 360 Accessories\XboxStat.exe
C:\Programme\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Messenger\msmsgs.exe
C:\Programme\Eraser\Eraser.exe
C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Programme\Spybot - Search & Destroyy\TeaTimer.exe
C:\Programme\Electronic Arts\EADM\Core.exe
C:\Programme\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Programme\OpenOffice.org 3\program\soffice.exe
C:\Programme\OpenOffice.org 3\program\soffice.bin
C:\WINDOWS\System32\svchost.exe
C:\Programme\Adobe\Reader 8.0\Reader\AcroRd32.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Programme\ICQ6.5\ICQ.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Programme\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://gmx.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroyy\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Programme\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [InCD] C:\Programme\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Programme\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LGODDFU] C:\Programme\lg_fwupdate\fwupdate.exe
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Dokumente und Einstellungen\******\Desktop\high secure\Kabel Deutschland\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [XboxStat] "C:\Programme\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [avgnt] "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Eraser] C:\Programme\Eraser\Eraser.exe -hide
O4 - HKCU\..\Run: [RGSC] C:\Programme\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKCU\..\Run: [swg] C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroyy\TeaTimer.exe
O4 - HKCU\..\Run: [EA Core] "C:\Programme\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [ICQ] "C:\Programme\ICQ6.5\ICQ.exe" silent
O4 - HKCU\..\Run: [QIP2005] C:\Programme\QIP\qip.exe
O4 - HKCU\..\Run: [AdobeUpdater] "C:\Programme\Gemeinsame Dateien\Adobe\Updater5\AdobeUpdater.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Programme\InterVideo\Common\Bin\WinCinemaMgr.exe
O9 - Extra button: PartyCasino - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\Programme\PartyGaming\PartyCasino\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyCasino - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\Programme\PartyGaming\PartyCasino\RunApp.exe (file missing)
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programme\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programme\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroyy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroyy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1153128773359
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Programme\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\avguard.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - Unknown owner - C:\Dokumente und Einstellungen\******\Desktop\high secure\Kabel Deutschland\Anti-Virus\fsgk32st.exe (file missing)
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - Unknown owner - C:\Dokumente und Einstellungen\******\Desktop\high secure\Kabel Deutschland\FSAUA\program\fsaua.exe (file missing)
O23 - Service: FSMA - Unknown owner - C:\Dokumente und Einstellungen\******\Desktop\high secure\Kabel Deutschland\Common\FSMA32.EXE (file missing)
O23 - Service: Google Software Updater (gusvc) - Google - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Programme\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Programme\Ahead\InCD\InCDsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 10303 bytes

Swisstreasure · 21.07.2009, 06:53

>>
Schliesse alle Fenster und starte Hijack This
Klicke: Do a Systemscan only
Setze ein Häckchen in das Kästchen vor den genannten Einträgen bei: (falls diese noch vorhanden sind)

Code:

ATTFilter

R3 - URLSearchHook: (no name) - - (no file)

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)

O9 - Extra button: PartyCasino - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\Programme\PartyGaming\PartyCasino\RunApp.exe (file missing)

O9 - Extra 'Tools' menuitem: PartyCasino - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\Programme\PartyGaming\PartyCasino\RunApp.exe (file missing)

O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programme\PartyGaming\PartyPoker\RunApp.exe (file missing)

O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programme\PartyGaming\PartyPoker\RunApp.exe (file missing)

und wähle fix checked.

Starte den Rechner neu.

>>
Scanne mit Malwarebytes und poste das Log.

>>
Arbeite mal diese Punkte ab und schau ob sich was verbessert

Gruss Swiss

hiiilfeee · 21.07.2009, 14:30

JUHU

Danke Swiss,
habe jetzt gerade die gennante Einträge gefixed und siehe da, ich habe meine Geschwindigkeit wieder !

Habe zur Sicherheit Malwarebytes noch drüberlaufen lassen, der hat noch einiges erfasst:

Logfile:

Malwarebytes' Anti-Malware 1.39
Datenbank Version: 2468
Windows 5.1.2600 Service Pack 3

21.07.2009 15:25:28
mbam-log-2009-07-21 (15-25-28).txt

Scan-Methode: Vollständiger Scan (C:\|D:\|)
Durchsuchte Objekte: 220820
Laufzeit: 56 minute(s), 31 second(s)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 8
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 1

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3aa42713-5c1e-48e2-b432-d8bf420dd31d} (Rogue.AntiVirus2008) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7d5dd829-6c90-42c5-b54c-2afa82f988ba} (Rogue.Installer) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{a3ed5288-f558-4f6e-8d5c-740cb6f89029} (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6fd31ed6-7c94-4bbc-8e95-f927f4d3a949} (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\UAC (Rootkit.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055fd26d-3a88-4e15-963d-dc8493744b1d} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{055fd26d-3a88-4e15-963d-dc8493744b1d} (Adware.BHO) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
C:\Programme\ICQToolbar\toolbaru.dll (Adware.BHO) -> Delete on reboot.

Also Danke nochmal Swiss mein Problem ist behoben

kranke_vista · 27.07.2009, 21:29

hey leute

ich bin neu hier deshalb hab ich keine ahnung wie es hier läuft

Also ich habe ein probelm das mich zum schaffen macht :@
ich habe Notebook mit vista betriebsystem gekauft hab jetzt ein Internet problem und wieß nicht wie lösen soll.
Also hier ist mein HijackThis LOG:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:27:47, on 27.07.2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\Program Files\Norton AntiVirus\Engine\16.5.0.134\ccSvcHst.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = AOL - Willkommen
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = AOL - Willkommen
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\16.5.0.134\IPSBHO.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\2.0"
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [OnScreenDisplay] C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O23 - Service: Norton2009 Reset (.norton2009Reset) - Unknown owner - C:\Program Files\Norton2009Reset.exe (file missing)
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\aestsrv.exe
O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Norton AntiVirus - Symantec Corporation - C:\Program Files\Norton AntiVirus\Engine\16.5.0.134\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Windows\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\STacSV.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

--
End of file - 8075 bytes

Wär echt toll wenn ihr mir helfen könnt
Thx im vorraus

kranke_vista · 27.07.2009, 21:33

by the way

wenn iha euch fragt was für ne problem ich habe

also mein problem ist das mein mein Internet viel langsamer geworden ist seit dem ich ein datei heruntergeladen hab.

Und ich benütze W-lan von "thompson Gateway"

Swisstreasure · 27.07.2009, 22:02

Vermutlich hast Du dir Norton2009 Reset runtergeladen über Bitorent. Und dabei handelt es sich um Malware:
http://www.prevx.com/filenames/X315792894696582061-X1/NORTON2009RESET.EXE.html

>>
Welches Antivirenprogramm nutzt Du?
Falls keines, ich nehme an du wolltest Norton installieren, dann nimm AVIRA und stelle es so ein wie beschrieben. Dann mach einen Scan und poste das Log. (gefundenes in Quarantäne)

>>
Askbar entfernen
Start -> Systemsteuerung -> Software >
Schau ob AskBar,SrchAstt oder Ask Search Assistant dazwischen steht, dann entfernen

>>
Schliesse alle Fenster und starte Hijack This
Klicke: Do a Systemscan only
Setze ein Häckchen in das Kästchen vor den genannten Einträgen bei: (falls diese noch vorhanden sind)

Code:

ATTFilter

O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
03 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O23 - Service: O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
03 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O23 - Service: Norton2009 Reset (.norton2009Reset) - Unknown owner - C:\Program Files\Norton2009Reset.exe (file missing)
O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe

und wähle fix checked.

Starte den Rechner neu.

>>
Nun arbeite Punkt 2 aus dem Link in meiner Signatur ab.

>>
Spiele das SP2 für Vista auf

>>
Update Dein Java

Gruss Swiss

kranke_vista · 28.07.2009, 13:06

stimmt. Ich wollte norton antivir installieren und das habe ich auch getan weil avira total nervt

meinst du ich soll norton deinstallieren und stattdessen avira instalieren???
wenn ja dann mach ich das

hoffentlich klappt das auch ^^

Swisstreasure · 28.07.2009, 20:40

Ja mach das und vorher aber noch:

>>
TeaTimer deaktivieren:
Starte Spybot S&D --> klicke auf "Modus" --> hake an "Erweiterte Modus" --> mit "Ja" bestätigen --> klicke auf "Werkzeuge" -->
klicke auf "Resident" --> das Häkchen entfernen aus der "Resident "TeaTimer" (Schutz aller Systemeinstellungen) --> beende Spybot S&D.
(der TeaTimer be- bzw. verhindert alle weiteren Reinigungmaßnahmen!)

>>
Nun wende RSIT an und poste dies Logs.

Gruss swiss

kranke_vista · 28.07.2009, 21:50

hey man
ich kann nicht schickn weil es zu langer text ist.

Swisstreasure · 28.07.2009, 23:10

Mache dafür mehrere Beiträge hier und poste jeweils einen Teil.

Gruss swiss

kranke_vista · 30.07.2009, 20:41

hier is der 1 teil von der RSIT Log:

Logfile of random's system information tool 1.06 (written by random/random)
Run by Reload at 2009-07-28 22:36:54
Microsoft® Windows Vista™ Home Premium Service Pack 1
System drive C: has 213 GB (72%) free of 296 GB
Total RAM: 3068 MB (60% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:36:55, on 28.07.2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Users\Reload\Downloads\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Reload.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_at&c=83&bd=Pavilion&pf=cnnb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_at&c=83&bd=Pavilion&pf=cnnb
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\2.0"
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [OnScreenDisplay] C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix:
O23 - Service: Norton2009 Reset (.norton2009Reset) - Unknown owner - C:\Program Files\Norton2009Reset.exe (file missing)
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\aestsrv.exe
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Windows\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\STacSV.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

--
End of file - 8857 bytes

kranke_vista · 30.07.2009, 20:43

und hier nun 2. teil von RSIT Log:

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
AskBar BHO - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2009-04-02 333192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll [2008-03-25 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C554162-8CB7-45A4-B8F4-8EA1C75885F9}]
AOL Toolbar BHO - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll [2008-02-03 1185120]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Anmelde-Hilfsprogramm - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{DE9C389F-3316-41A7-809B-AA305ED9D922} - AOL Toolbar - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll [2008-02-03 1185120]
{3041d03e-fd4b-44e0-b742-2d9b88305f98} - Ask Toolbar - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2009-04-02 333192]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-05-14 13535776]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-05-14 92704]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-01-18 1033512]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray.exe [2008-06-27 442467]
"UCam_Menu"=C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [2007-12-24 222504]
"QPService"=C:\Program Files\HP\QuickPlay\QPService.exe [2008-06-25 468264]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-03-14 202032]
"OnScreenDisplay"=C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe [2007-11-01 554288]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"HP Health Check Scheduler"=c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-04-15 70912]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
"hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2008-04-15 488752]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe [2008-03-25 144784]
"PWRISOVM.EXE"=C:\Program Files\PowerISO\PWRISOVM.EXE [2009-03-15 180224]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-05-26 413696]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]
"uTorrent"=C:\Program Files\uTorrent\uTorrent.exe [2009-07-25 287536]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-01-26 2144088]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G]
shell\AutoRun\command - G:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f7ba1fa3-792e-11de-9075-806e6f6e6963}]
shell\AutoRun\command - E:\doNada.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f7ba20a8-792e-11de-9075-001eecf2a7fd}]
shell\AutoRun\command - G:\LaunchU3.exe -a

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2009-07-28 22:29:18 ----D---- C:\rsit
2009-07-28 22:21:58 ----D---- C:\ProgramData\Spybot - Search & Destroy
2009-07-28 22:21:58 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-07-28 21:19:59 ----D---- C:\ProgramData\Avira
2009-07-28 21:19:59 ----D---- C:\Program Files\Avira
2009-07-28 01:24:31 ----D---- C:\Program Files\WinAVI MP4 Converter
2009-07-28 01:21:14 ----D---- C:\Users\Reload\AppData\Roaming\DivX
2009-07-27 21:14:58 ----D---- C:\Program Files\Trend Micro
2009-07-27 12:55:28 ----D---- C:\Program Files\Common Files\PX Storage Engine
2009-07-27 12:54:59 ----D---- C:\Program Files\DivX
2009-07-27 12:54:59 ----D---- C:\Program Files\Common Files\DivX Shared
2009-07-27 08:36:43 ----D---- C:\ProgramData\Apple Computer
2009-07-27 08:36:43 ----D---- C:\Program Files\QuickTime
2009-07-27 08:35:51 ----D---- C:\Program Files\Apple Software Update
2009-07-27 08:35:50 ----D---- C:\ProgramData\Apple
2009-07-26 20:36:36 ----D---- C:\Program Files\Guitar Pro 5
2009-07-26 20:35:40 ----D---- C:\Program Files\PowerISO
2009-07-26 19:13:32 ----D---- C:\Users\Reload\AppData\Roaming\SharePod
2009-07-26 12:50:57 ----D---- C:\Program Files\Common Files\Steam
2009-07-26 12:06:43 ----D---- C:\Program Files\Ubisoft
2009-07-26 02:48:30 ----SHD---- C:\System Volume Information
2009-07-25 23:29:54 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2009-07-25 23:28:48 ----D---- C:\Program Files\Microsoft
2009-07-25 22:50:45 ----RHD---- C:\Users\Reload\AppData\Roaming\SecuROM
2009-07-25 21:07:23 ----DC---- C:\Windows\system32\DRVSTORE
2009-07-25 20:58:30 ----A---- C:\Windows\system32\xinput1_3.dll
2009-07-25 20:58:29 ----A---- C:\Windows\system32\xactengine2_7.dll
2009-07-25 20:58:28 ----A---- C:\Windows\system32\d3dx10_33.dll
2009-07-25 20:58:27 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2009-07-25 20:58:26 ----A---- C:\Windows\system32\d3dx9_33.dll
2009-07-25 20:58:25 ----A---- C:\Windows\system32\xactengine2_6.dll
2009-07-25 20:58:23 ----A---- C:\Windows\system32\xactengine2_5.dll
2009-07-25 20:58:23 ----A---- C:\Windows\system32\d3dx10.dll
2009-07-25 20:58:22 ----A---- C:\Windows\system32\d3dx9_32.dll
2009-07-25 20:58:21 ----A---- C:\Windows\system32\xactengine2_4.dll
2009-07-25 20:58:21 ----A---- C:\Windows\system32\x3daudio1_1.dll
2009-07-25 20:58:20 ----A---- C:\Windows\system32\d3dx9_31.dll
2009-07-25 20:58:19 ----A---- C:\Windows\system32\xactengine2_3.dll
2009-07-25 20:58:18 ----A---- C:\Windows\system32\xinput1_2.dll
2009-07-25 20:58:17 ----A---- C:\Windows\system32\xinput1_1.dll
2009-07-25 20:58:17 ----A---- C:\Windows\system32\xactengine2_2.dll
2009-07-25 20:58:15 ----A---- C:\Windows\system32\xactengine2_1.dll
2009-07-25 20:57:58 ----A---- C:\Windows\system32\d3dx9_30.dll
2009-07-25 20:57:57 ----A---- C:\Windows\system32\xactengine2_0.dll
2009-07-25 20:57:57 ----A---- C:\Windows\system32\x3daudio1_0.dll
2009-07-25 20:57:56 ----A---- C:\Windows\system32\d3dx9_29.dll
2009-07-25 20:57:55 ----A---- C:\Windows\system32\d3dx9_28.dll
2009-07-25 20:57:54 ----A---- C:\Windows\system32\d3dx9_27.dll
2009-07-25 20:57:53 ----A---- C:\Windows\system32\d3dx9_26.dll
2009-07-25 20:57:52 ----A---- C:\Windows\system32\d3dx9_25.dll
2009-07-25 20:57:51 ----A---- C:\Windows\system32\d3dx9_24.dll
2009-07-25 20:56:50 ----D---- C:\Program Files\Midway Games
2009-07-25 20:55:13 ----D---- C:\Users\Reload\AppData\Roaming\InstallShield
2009-07-25 20:48:01 ----D---- C:\Program Files\Windows Live SkyDrive
2009-07-25 20:47:42 ----D---- C:\Program Files\Windows Live
2009-07-25 20:37:46 ----D---- C:\Program Files\Common Files\Windows Live
2009-07-25 20:31:48 ----A---- C:\Windows\system32\ieui.dll
2009-07-25 20:31:48 ----A---- C:\Windows\system32\iesetup.dll
2009-07-25 20:31:48 ----A---- C:\Windows\system32\iernonce.dll
2009-07-25 20:31:48 ----A---- C:\Windows\system32\ie4uinit.exe
2009-07-25 20:31:47 ----A---- C:\Windows\system32\wininet.dll
2009-07-25 20:31:47 ----A---- C:\Windows\system32\jsproxy.dll
2009-07-25 20:31:47 ----A---- C:\Windows\system32\iertutil.dll
2009-07-25 20:31:47 ----A---- C:\Windows\system32\iedkcs32.dll
2009-07-25 20:31:46 ----A---- C:\Windows\system32\urlmon.dll
2009-07-25 20:31:45 ----A---- C:\Windows\system32\mshtml.dll
2009-07-25 20:31:45 ----A---- C:\Windows\system32\ieframe.dll
2009-07-25 20:30:28 ----A---- C:\Windows\system32\msls31.dll
2009-07-25 20:30:28 ----A---- C:\Windows\system32\mshtmler.dll
2009-07-25 20:30:28 ----A---- C:\Windows\system32\mshtmled.dll
2009-07-25 20:30:28 ----A---- C:\Windows\system32\icardie.dll
2009-07-25 20:30:28 ----A---- C:\Windows\system32\corpol.dll
2009-07-25 20:30:28 ----A---- C:\Windows\system32\admparse.dll
2009-07-25 20:30:27 ----A---- C:\Windows\system32\msfeedsbs.dll
2009-07-25 20:30:27 ----A---- C:\Windows\system32\licmgr10.dll
2009-07-25 20:30:27 ----A---- C:\Windows\system32\inseng.dll
2009-07-25 20:30:27 ----A---- C:\Windows\system32\imgutil.dll
2009-07-25 20:30:27 ----A---- C:\Windows\system32\iepeers.dll
2009-07-25 20:30:27 ----A---- C:\Windows\system32\ieakeng.dll
2009-07-25 20:30:27 ----A---- C:\Windows\system32\dxtrans.dll
2009-07-25 20:30:27 ----A---- C:\Windows\system32\dxtmsft.dll
2009-07-25 20:30:26 ----A---- C:\Windows\system32\WinFXDocObj.exe
2009-07-25 20:30:26 ----A---- C:\Windows\system32\wextract.exe
2009-07-25 20:30:26 ----A---- C:\Windows\system32\webcheck.dll
2009-07-25 20:30:26 ----A---- C:\Windows\system32\occache.dll
2009-07-25 20:30:26 ----A---- C:\Windows\system32\mstime.dll
2009-07-25 20:30:26 ----A---- C:\Windows\system32\msrating.dll
2009-07-25 20:30:26 ----A---- C:\Windows\system32\msfeedssync.exe
2009-07-25 20:30:26 ----A---- C:\Windows\system32\ieakui.dll
2009-07-25 20:30:26 ----A---- C:\Windows\system32\ieaksie.dll
2009-07-25 20:30:25 ----A---- C:\Windows\system32\vbscript.dll
2009-07-25 20:30:25 ----A---- C:\Windows\system32\url.dll
2009-07-25 20:30:25 ----A---- C:\Windows\system32\pngfilt.dll
2009-07-25 20:30:25 ----A---- C:\Windows\system32\msfeeds.dll
2009-07-25 20:30:25 ----A---- C:\Windows\system32\jscript.dll
2009-07-25 20:30:25 ----A---- C:\Windows\system32\ieapfltr.dll
2009-07-25 20:30:25 ----A---- C:\Windows\system32\advpack.dll
2009-07-25 20:30:24 ----A---- C:\Windows\system32\mshta.exe
2009-07-25 20:30:24 ----A---- C:\Windows\system32\iexpress.exe
2009-07-25 20:30:23 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2009-07-25 20:30:23 ----A---- C:\Windows\system32\SetDepNx.exe
2009-07-25 20:30:23 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2009-07-25 20:30:23 ----A---- C:\Windows\system32\PDMSetup.exe
2009-07-25 20:30:23 ----A---- C:\Windows\system32\ieUnatt.exe
2009-07-25 20:30:23 ----A---- C:\Windows\system32\iesysprep.dll
2009-07-25 20:26:36 ----D---- C:\Program Files\Steam
2009-07-25 19:50:19 ----D---- C:\ProgramData\Norton
2009-07-25 19:50:19 ----D---- C:\Program Files\Norton AntiVirus
2009-07-25 19:49:30 ----D---- C:\Program Files\NortonInstaller
2009-07-25 19:24:05 ----D---- C:\ProgramData\NortonInstaller
2009-07-25 19:08:24 ----A---- C:\Windows\system32\msshooks.dll
2009-07-25 19:08:24 ----A---- C:\Windows\system32\msscb.dll
2009-07-25 19:08:23 ----A---- C:\Windows\system32\thawbrkr.dll
2009-07-25 19:08:23 ----A---- C:\Windows\system32\srchadmin.dll
2009-07-25 19:08:23 ----A---- C:\Windows\system32\SearchFilterHost.exe
2009-07-25 19:08:23 ----A---- C:\Windows\system32\propsys.dll
2009-07-25 19:08:23 ----A---- C:\Windows\system32\propdefs.dll
2009-07-25 19:08:23 ----A---- C:\Windows\system32\msstrc.dll
2009-07-25 19:08:23 ----A---- C:\Windows\system32\mssprxy.dll
2009-07-25 19:08:23 ----A---- C:\Windows\system32\mssitlb.dll
2009-07-25 19:08:23 ----A---- C:\Windows\system32\msshsq.dll
2009-07-25 19:08:23 ----A---- C:\Windows\system32\korwbrkr.dll
2009-07-25 19:08:22 ----A---- C:\Windows\system32\xmlfilter.dll
2009-07-25 19:08:22 ----A---- C:\Windows\system32\wsepno.dll
2009-07-25 19:08:22 ----A---- C:\Windows\system32\tquery.dll
2009-07-25 19:08:22 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2009-07-25 19:08:22 ----A---- C:\Windows\system32\SearchIndexer.exe
2009-07-25 19:08:22 ----A---- C:\Windows\system32\rtffilt.dll
2009-07-25 19:08:22 ----A---- C:\Windows\system32\offfilt.dll
2009-07-25 19:08:22 ----A---- C:\Windows\system32\nlhtml.dll
2009-07-25 19:08:22 ----A---- C:\Windows\system32\msscntrs.dll
2009-07-25 19:08:22 ----A---- C:\Windows\system32\mimefilt.dll
2009-07-25 19:08:22 ----A---- C:\Windows\system32\chtbrkr.dll
2009-07-25 19:08:22 ----A---- C:\Windows\system32\chsbrkr.dll
2009-07-25 19:08:21 ----A---- C:\Windows\system32\mssvp.dll
2009-07-25 19:08:21 ----A---- C:\Windows\system32\mssrch.dll
2009-07-25 19:08:21 ----A---- C:\Windows\system32\mssphtb.dll
2009-07-25 19:08:21 ----A---- C:\Windows\system32\mssph.dll
2009-07-25 19:07:34 ----A---- C:\Windows\system32\tzres.dll
2009-07-25 18:52:34 ----A---- C:\Windows\system32\infocardapi.dll
2009-07-25 18:52:33 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-07-25 18:52:31 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2009-07-25 18:52:31 ----A---- C:\Windows\system32\icardres.dll
2009-07-25 18:52:31 ----A---- C:\Windows\system32\icardagt.exe
2009-07-25 18:52:29 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2009-07-25 18:52:26 ----A---- C:\Windows\system32\PresentationHost.exe
2009-07-25 18:46:16 ----A---- C:\Windows\system32\dfshim.dll
2009-07-25 18:46:14 ----A---- C:\Windows\system32\mscoree.dll
2009-07-25 18:46:13 ----A---- C:\Windows\system32\netfxperf.dll
2009-07-25 18:46:04 ----A---- C:\Windows\system32\mscorier.dll
2009-07-25 18:45:59 ----A---- C:\Windows\system32\mscories.dll
2009-07-25 18:43:58 ----D---- C:\Program Files\MSXML 4.0
2009-07-25 18:42:33 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2009-07-25 18:42:32 ----A---- C:\Windows\system32\gdi32.dll
2009-07-25 18:42:18 ----A---- C:\Windows\system32\pacerprf.dll
2009-07-25 18:42:10 ----A---- C:\Windows\system32\EncDec.dll
2009-07-25 18:42:08 ----A---- C:\Windows\system32\psisdecd.dll
2009-07-25 18:42:03 ----A---- C:\Windows\system32\t2embed.dll
2009-07-25 18:42:03 ----A---- C:\Windows\system32\fontsub.dll
2009-07-25 18:42:03 ----A---- C:\Windows\system32\dciman32.dll
2009-07-25 18:42:03 ----A---- C:\Windows\system32\atmfd.dll
2009-07-25 18:41:59 ----A---- C:\Windows\system32\IPSECSVC.DLL
2009-07-25 18:41:57 ----A---- C:\Windows\system32\winhttp.dll
2009-07-25 18:41:55 ----A---- C:\Windows\system32\xolehlp.dll
2009-07-25 18:41:55 ----A---- C:\Windows\system32\msdtcprx.dll
2009-07-25 18:41:50 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2009-07-25 18:41:50 ----A---- C:\Windows\system32\gameux.dll
2009-07-25 18:41:50 ----A---- C:\Windows\system32\Apphlpdm.dll
2009-07-25 18:41:43 ----A---- C:\Windows\system32\shell32.dll
2009-07-25 18:41:37 ----A---- C:\Windows\system32\inetcomm.dll
2009-07-25 18:41:32 ----A---- C:\Windows\system32\msxml3.dll
2009-07-25 18:41:21 ----A---- C:\Windows\system32\rpcss.dll
2009-07-25 18:41:21 ----A---- C:\Windows\system32\ntoskrnl.exe
2009-07-25 18:41:21 ----A---- C:\Windows\system32\ntkrnlpa.exe
2009-07-25 18:41:20 ----A---- C:\Windows\system32\sdohlp.dll
2009-07-25 18:41:20 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2009-07-25 18:41:20 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2009-07-25 18:41:20 ----A---- C:\Windows\system32\iasrecst.dll
2009-07-25 18:41:20 ----A---- C:\Windows\system32\iashost.exe
2009-07-25 18:41:20 ----A---- C:\Windows\system32\iasdatastore.dll
2009-07-25 18:41:20 ----A---- C:\Windows\system32\iasads.dll
2009-07-25 18:41:15 ----A---- C:\Windows\explorer.exe
2009-07-25 18:41:13 ----A---- C:\Windows\system32\es.dll
2009-07-25 18:41:12 ----A---- C:\Windows\system32\wersvc.dll
2009-07-25 18:41:12 ----A---- C:\Windows\system32\Faultrep.dll
2009-07-25 18:40:12 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2009-07-25 18:40:10 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2009-07-25 18:40:00 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2009-07-25 18:38:59 ----A---- C:\Windows\system32\lsasrv.dll
2009-07-25 18:38:58 ----A---- C:\Windows\system32\kernel32.dll
2009-07-25 18:38:57 ----A---- C:\Windows\system32\secur32.dll
2009-07-25 18:38:57 ----A---- C:\Windows\system32\apilogen.dll
2009-07-25 18:38:57 ----A---- C:\Windows\system32\amxread.dll
2009-07-25 18:38:55 ----A---- C:\Windows\system32\wmpeffects.dll
2009-07-25 18:38:53 ----A---- C:\Windows\system32\wmp.dll
2009-07-25 18:38:52 ----A---- C:\Windows\system32\spwmp.dll
2009-07-25 18:38:51 ----A---- C:\Windows\system32\wmploc.DLL
2009-07-25 18:38:51 ----A---- C:\Windows\system32\dxmasf.dll
2009-07-25 18:38:50 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2009-07-25 18:38:50 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2009-07-25 18:38:49 ----A---- C:\Windows\system32\WindowsCodecs.dll
2009-07-25 18:38:48 ----A---- C:\Windows\system32\localspl.dll
2009-07-25 18:38:43 ----A---- C:\Windows\system32\rpcrt4.dll
2009-07-25 18:38:39 ----A---- C:\Windows\system32\emdmgmt.dll
2009-07-25 18:38:39 ----A---- C:\Windows\system32\dataclen.dll
2009-07-25 18:38:38 ----A---- C:\Windows\system32\cdd.dll
2009-07-25 18:38:37 ----A---- C:\Windows\system32\netapi32.dll
2009-07-25 18:38:34 ----A---- C:\Windows\system32\schannel.dll
2009-07-25 18:38:33 ----A---- C:\Windows\system32\win32spl.dll
2009-07-25 18:38:06 ----A---- C:\Windows\system32\mf.dll
2009-07-25 18:38:05 ----A---- C:\Windows\system32\WMVCORE.DLL
2009-07-25 18:38:04 ----A---- C:\Windows\system32\WMNetMgr.dll
2009-07-25 18:38:04 ----A---- C:\Windows\system32\logagent.exe
2009-07-25 18:36:13 ----A---- C:\Windows\system32\quartz.dll
2009-07-25 18:36:11 ----A---- C:\Windows\system32\wshext.dll
2009-07-25 18:36:11 ----A---- C:\Windows\system32\wscript.exe
2009-07-25 18:36:11 ----A---- C:\Windows\system32\scrrun.dll
2009-07-25 18:36:11 ----A---- C:\Windows\system32\scrobj.dll
2009-07-25 18:36:11 ----A---- C:\Windows\system32\cscript.exe
2009-07-25 18:36:09 ----A---- C:\Windows\system32\connect.dll
2009-07-25 18:34:48 ----A---- C:\Windows\system32\msxml6.dll
2009-07-25 18:28:03 ----D---- C:\Program Files\AskBarDis
2009-07-25 18:27:10 ----D---- C:\Program Files\uTorrent
2009-07-25 18:25:07 ----D---- C:\Users\Reload\AppData\Roaming\uTorrent
2009-07-25 18:23:30 ----A---- C:\Windows\system32\wups2.dll
2009-07-25 18:23:30 ----A---- C:\Windows\system32\wucltux.dll
2009-07-25 18:23:30 ----A---- C:\Windows\system32\wuaueng.dll
2009-07-25 18:23:30 ----A---- C:\Windows\system32\wuauclt.exe
2009-07-25 18:23:12 ----A---- C:\Windows\system32\wups.dll
2009-07-25 18:23:12 ----A---- C:\Windows\system32\wudriver.dll
2009-07-25 18:23:12 ----A---- C:\Windows\system32\wuapi.dll
2009-07-25 18:23:03 ----A---- C:\Windows\system32\wuwebv.dll
2009-07-25 18:23:03 ----A---- C:\Windows\system32\wuapp.exe
2009-07-25 18:22:01 ----D---- C:\Users\Reload\AppData\Roaming\Mozilla
2009-07-25 18:21:43 ----D---- C:\Program Files\Mozilla Firefox
2009-07-25 17:34:02 ----D---- C:\Users\Reload\AppData\Roaming\Symantec
2009-07-25 17:33:29 ----D---- C:\Users\Reload\AppData\Roaming\Identities
2009-07-25 17:31:53 ----D---- C:\Users\Reload\AppData\Roaming\Macromedia
2009-07-25 17:31:42 ----D---- C:\Users\Reload\AppData\Roaming\Adobe
2009-07-25 17:31:30 ----D---- C:\Users\Reload\AppData\Roaming\Hewlett-Packard
2009-07-25 17:29:04 ----SD---- C:\Users\Reload\AppData\Roaming\Microsoft
2009-07-25 17:29:04 ----D---- C:\Users\Reload\AppData\Roaming\Media Center Programs
2009-07-25 17:25:29 ----SHD---- C:\Programme
2009-07-25 17:25:29 ----SHD---- C:\ProgramData\Vorlagen
2009-07-25 17:25:29 ----SHD---- C:\ProgramData\Startmenü
2009-07-25 17:25:29 ----SHD---- C:\ProgramData\Favoriten
2009-07-25 17:25:29 ----SHD---- C:\ProgramData\Dokumente
2009-07-25 17:25:29 ----SHD---- C:\ProgramData\Anwendungsdaten
2009-07-25 17:25:29 ----SHD---- C:\Program Files\Gemeinsame Dateien
2009-07-25 17:25:29 ----SHD---- C:\Dokumente und Einstellungen
2009-07-25 17:20:34 ----D---- C:\ProgramData\NVIDIA
2009-07-25 17:20:23 ----SHD---- C:\$RECYCLE.BIN
2009-07-25 17:19:45 ----A---- C:\ProgramData\hpqp.ini
2009-07-25 17:19:42 ----D---- C:\ProgramData\CyberLink
2009-07-25 17:15:49 ----D---- C:\Program Files\Common Files\LightScribe
2009-07-25 17:11:56 ----A---- C:\Windows\system32\aestecap.dll
2009-07-25 17:11:56 ----A---- C:\Windows\system32\aestaren.dll
2009-07-25 17:11:56 ----A---- C:\Windows\system32\aestacap.dll
2009-07-25 17:11:54 ----A---- C:\Windows\system32\stlang.dll
2009-07-25 17:11:54 ----A---- C:\Windows\system32\idtmini1.exe
2009-07-25 17:11:54 ----A---- C:\Windows\system32\AESTCom.dll
2009-07-25 17:11:54 ----A---- C:\Windows\sttray.exe
2009-07-25 17:10:15 ----A---- C:\Windows\system32\staco.dll
2009-07-25 17:09:53 ----A---- C:\Windows\system32\stcplx.dll
2009-07-25 17:09:53 ----A---- C:\Windows\system32\stapo.dll
2009-07-25 17:09:52 ----A---- C:\Windows\system32\stapi32.dll
2009-07-25 17:09:51 ----D---- C:\Program Files\IDT
2009-07-25 17:09:45 ----A---- C:\Windows\xUninstall.bat
2009-07-25 17:06:14 ----D---- C:\Program Files\Synaptics
2009-07-25 17:06:09 ----D---- C:\Windows\JMCR_DIR
2009-07-25 17:06:09 ----A---- C:\Windows\system32\JmCrIcon.dll
2009-07-25 17:05:35 ----A---- C:\Windows\system32\WdfCoInstaller01000.dll
2009-07-25 17:05:33 ----A---- C:\Windows\system32\SynTPCo4.dll
2009-07-25 17:05:33 ----A---- C:\Windows\system32\SynTPAPI.dll
2009-07-25 17:05:33 ----A---- C:\Windows\system32\SynCtrl.dll
2009-07-25 17:05:33 ----A---- C:\Windows\system32\SynCOM.dll
2009-07-25 17:04:32 ----D---- C:\Program Files\Realtek
2009-07-25 17:04:14 ----D---- C:\Windows\system32\HPMDP
2009-07-25 17:03:46 ----A---- C:\Windows\system32\nvexpbar.dll
2009-07-25 17:03:46 ----A---- C:\Windows\system32\nvcpluir.dll
2009-07-25 17:03:46 ----A---- C:\Windows\system32\nvcplui.exe
2009-07-25 17:02:09 ----A---- C:\Windows\system32\NVUNINST.EXE
2009-07-25 17:00:10 ----D---- C:\Program Files\Intel
2009-07-25 17:00:10 ----A---- C:\Windows\system32\CSVer.dll
2009-07-25 16:59:55 ----D---- C:\Intel
2009-07-25 16:59:18 ----A---- C:\Windows\system32\bcmwlcoi.dll
2009-07-25 16:59:18 ----A---- C:\Windows\system32\bcmihvui.dll
2009-07-25 16:59:18 ----A---- C:\Windows\system32\bcmihvsrv.dll
2009-07-25 16:59:17 ----D---- C:\Program Files\Broadcom
2009-07-25 16:55:08 ----D---- C:\Windows\SoftwareDistribution
2009-07-25 16:50:44 ----D---- C:\Windows\Prefetch

kranke_vista · 30.07.2009, 20:44

und hier zuletzt der 3. Teil von RSIT Log:

======List of files/folders modified in the last 1 months======

2009-07-28 22:36:49 ----D---- C:\Windows\Temp
2009-07-28 22:21:58 ----RD---- C:\Program Files
2009-07-28 22:21:58 ----HD---- C:\ProgramData
2009-07-28 21:20:03 ----D---- C:\Windows\system32\drivers
2009-07-28 21:19:07 ----SHD---- C:\Windows\Installer
2009-07-28 21:19:06 ----D---- C:\Windows\winsxs
2009-07-28 21:14:27 ----D---- C:\Program Files\Common Files\Symantec Shared
2009-07-28 21:14:22 ----D---- C:\Windows\system32\catroot
2009-07-28 21:14:22 ----D---- C:\Windows\inf
2009-07-28 14:02:49 ----D---- C:\Windows\System32
2009-07-28 14:02:49 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-07-28 03:00:36 ----D---- C:\Program Files\Internet Explorer
2009-07-27 20:52:47 ----D---- C:\Windows\system32\catroot2
2009-07-27 17:01:35 ----D---- C:\Windows\system32\Tasks
2009-07-27 12:55:28 ----D---- C:\Program Files\Common Files
2009-07-26 20:36:37 ----RSD---- C:\Windows\Fonts
2009-07-26 18:38:00 ----D---- C:\WINDOWS
2009-07-26 17:50:29 ----D---- C:\Windows\rescache
2009-07-26 12:14:38 ----HD---- C:\Program Files\InstallShield Installation Information
2009-07-26 12:08:29 ----D---- C:\ProgramData\WildTangent
2009-07-26 11:07:53 ----D---- C:\Program Files\Microsoft Works
2009-07-26 11:07:02 ----D---- C:\ProgramData\Microsoft Help
2009-07-25 23:32:40 ----D---- C:\Windows\system32\de-DE
2009-07-25 23:32:33 ----D---- C:\Windows\system32\migration
2009-07-25 23:32:26 ----D---- C:\Windows\system32\en-US
2009-07-25 23:32:26 ----D---- C:\Windows\PolicyDefinitions
2009-07-25 23:29:55 ----RSD---- C:\Windows\assembly
2009-07-25 23:28:37 ----D---- C:\Program Files\Common Files\microsoft shared
2009-07-25 20:58:08 ----D---- C:\Windows\system32\LogFiles
2009-07-25 20:58:00 ----D---- C:\Windows\Microsoft.NET
2009-07-25 20:37:31 ----SD---- C:\ProgramData\Microsoft
2009-07-25 20:28:26 ----D---- C:\Windows\Debug
2009-07-25 20:14:28 ----D---- C:\ProgramData\Symantec
2009-07-25 19:48:06 ----D---- C:\Windows\system32\WDI
2009-07-25 19:43:33 ----D---- C:\Windows\ehome
2009-07-25 19:43:32 ----D---- C:\Program Files\Windows Mail
2009-07-25 19:43:31 ----D---- C:\Windows\AppPatch
2009-07-25 19:43:30 ----D---- C:\Program Files\Windows Media Player
2009-07-25 19:43:29 ----D---- C:\Windows\system32\wbem
2009-07-25 19:43:29 ----D---- C:\Windows\system32\manifeststore
2009-07-25 19:43:27 ----D---- C:\Windows\system32\XPSViewer
2009-07-25 18:54:03 ----D---- C:\Windows\Tasks
2009-07-25 18:04:25 ----D---- C:\Windows\Logs
2009-07-25 17:32:58 ----D---- C:\Windows\SMINST
2009-07-25 17:32:47 ----D---- C:\Windows\system
2009-07-25 17:31:27 ----RD---- C:\Program Files\Online Services
2009-07-25 17:30:56 ----HD---- C:\System.sav
2009-07-25 17:30:56 ----D---- C:\Windows\system32\restore
2009-07-25 17:30:56 ----D---- C:\SwSetup
2009-07-25 17:29:04 ----RD---- C:\Users
2009-07-25 17:25:29 ----D---- C:\Program Files\Windows NT
2009-07-25 17:23:06 ----D---- C:\Windows\panther
2009-07-25 17:20:58 ----D---- C:\Windows\system32\sysprep
2009-07-25 17:18:31 ----D---- C:\Program Files\CyberLink
2009-07-25 17:15:40 ----D---- C:\Program Files\Hewlett-Packard
2009-07-25 17:15:27 ----D---- C:\ProgramData\Hewlett-Packard
2009-07-25 17:03:25 ----D---- C:\Windows\Help
2009-07-07 08:10:58 ----A---- C:\Windows\system32\mrt.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2009-03-15 56268]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2009-03-24 55640]
R3 Accelerometer;HP Accelerometer; C:\Windows\system32\DRIVERS\Accelerometer.sys [2008-03-27 34664]
R3 BCM43XX;Treiber für Broadcom 802.11-Netzwerkadapter; C:\Windows\system32\DRIVERS\bcmwl6.sys [2009-07-25 1207288]
R3 CmBatt;Treiber für Microsoft-ACPI-Kontrollmethodenkompatible Batterie; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [2008-01-24 52736]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2008-07-08 96856]
R3 MSPCLOCK;Microsoft Proxy für Streaming Clock; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
R3 MSPQM;Microsoft Proxy für Streaming Quality Manager; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2008-05-14 43552]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-05-14 7443872]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-05-02 122368]
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt.sys [2008-06-27 380928]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-01-18 196784]
R3 usbvideo;USB-Videogerät (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
R4 IDSVix86;IDSVix86; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20090722.001\IDSvix86.sys []
R4 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\NAV\1005000.086\SYMEFA.SYS []
R4 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS []
S1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2009-07-25 1207288]
S3 BthEnum;Bluetooth-Anforderungsblocktreiber; C:\Windows\system32\DRIVERS\BthEnum.sys [2008-01-21 19456]
S3 BthPan;Bluetooth-Gerät (PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
S3 BTHPORT;Bluetooth-Porttreiber; C:\Windows\System32\Drivers\BTHport.sys [2008-01-21 219648]
S3 BTHUSB;USB-Treiber für Bluetooth-Funkgerät; C:\Windows\System32\Drivers\BTHUSB.sys [2008-01-21 29184]
S3 drmkaud;Microsoft Kernel-DRM-Audioentschlüsselung; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S3 HdAudAddService;Microsoft 1.1 UAA-Funktionstreiber für High Definition Audio-Dienst; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2008-01-21 987648]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2008-01-21 200704]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm60x32.sys [2006-11-02 429056]
S3 RFCOMM;Bluetooth-Gerät (RFCOMM-Protokoll-TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2008-01-21 49664]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]
S3 winachsf;winachsf; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2008-01-21 654336]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090728.007\NAVEX15.SYS []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\aestsrv.exe [2008-06-27 77824]
R2 AntiVirSchedulerService;Avira AntiVir Planer; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-05-11 185089]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 ezSharedSvc;Easybits Shared Services for Windows; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-04-15 94208]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2008-03-18 19456]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-02-26 73728]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-05-14 118784]
R2 QPCapSvc;QuickPlay Background Capture Service (QBCS); C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe [2008-06-25 292216]
R2 QPSched;QuickPlay Task Scheduler (QTS); C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe [2008-06-25 116080]
R2 Recovery Service for Windows;Recovery Service for Windows; C:\Windows\SMINST\BLService.exe [2008-04-26 361808]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-01-09 272024]
R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\STacSV.exe [2008-06-27 221273]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-02-07 193840]
R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe [2008-01-09 148832]
S2 .norton2009Reset;Norton2009 Reset; C:\Program Files\Norton2009Reset.exe []
S2 ASKUpgrade;ASKUpgrade; C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe [2009-04-02 234888]
S3 GameConsoleService;GameConsoleService; C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe [2007-07-24 181800]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2009-07-25 316664]

-----------------EOF-----------------

kranke_vista · 30.07.2009, 20:47

brauchst du auch RSIT info

hab mit den Logs bekommen

Thx bis dahin

28.07.2009, 23:10	#10
Swisstreasure /// Malwareteam	Internet extrem langsam, bitte um Hilfe ! Mache dafür mehrere Beiträge hier und poste jeweils einen Teil. Gruss swiss

Internet extrem langsam, bitte um Hilfe !

Log-Analyse und Auswertung: Internet extrem langsam, bitte um Hilfe !