IE öffnet dauernd Werbung allein

flunny · 02.08.2009, 18:28

Hallo an alle Helfer,

ich kenn mich leider nicht all zu gut mit dem PC aus. Seit geraumer Zeit öffnet der IE auch immer Werbung dazu. Nach einiger Zeit bei google und auf eurer Seite habe ich jetzt den CCleaner und RSIT herunter geladen. Das Programm Malwarebytes-Anti-Malware funktioniert bei mir nicht. Es taucht eine Fehlermeldung auf. Das Setup konnte den Ordner "C:\Users\***\AppData\Local\Temp\is-GL34N.tmp" nicht finden. Laut Anleitung zu RSIT soll ich einmal die Info und Log Informationen einstellen. Ich hoffe es fehlt nichts an Erklärung oder Info.
________________

info.txt logfile of random's system information tool 1.06 2009-08-02 18:33:57

======Uninstall list======

Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
Adobe Reader 8.1.2 - Deutsch-->MsiExec.exe /I{AC76BA86-7AD7-1031-7B44-A81200000003}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
ASUS CopyProtect-->MsiExec.exe /I{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}
ASUS Data Security Manager-->C:\Program Files\InstallShield Installation Information\{1C8521E5-5A7B-4A4E-A9CD-AD53116EAEE0}\Setup.exe -runfromtemp -l0x0009 -removeonly
ASUS LifeFrame3-->MsiExec.exe /I{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}
ASUS Live Update-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}\Setup.exe" -l0x9
ASUS Power4Gear Hybrid-->MsiExec.exe /I{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}
ASUS SmartLogon-->MsiExec.exe /I{64452561-169F-4A36-A2FF-B5E118EC65F5}
ASUS Splendid Video Enhancement Technology-->MsiExec.exe /I{0969AF05-4FF6-4C00-9406-43599238DE0D}
ASUS Virtual Camera-->MsiExec.exe /I{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}
ASUS_Notebook_N50 Screen Saver-->C:\Windows\system32\ASUS_Notebook_N50.scr /u
Atheros Client Installation Program-->C:\Program Files\InstallShield Installation Information\{28006915-2739-4EBE-B5E8-49B25D32EB33}\setup.exe -runfromtemp -l0x0009 -removeonly
ATK Generic Function Service-->C:\Program Files\InstallShield Installation Information\{D3D54F3E-C5C3-443D-978F-87A72E5616E8}\Setup.exe -runfromtemp -l0x0009 -removeonly
ATK Hotkey-->MsiExec.exe /I{7C05592D-424B-46CB-B505-E0013E8E75C9}
ATK Media-->MsiExec.exe /I{D1E5870E-E3E5-4475-98A6-ADD614524ADF}
ATKOSD2-->MsiExec.exe /I{3B05F2FB-745B-4012-ADF2-439F36B2E70B}
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
Cisco EAP-FAST Module-->MsiExec.exe /I{415B2719-AD3A-4944-B404-C472DB6085B3}
Cisco LEAP Module-->MsiExec.exe /I{83770D14-21B9-44B3-8689-F7B523F94560}
Cisco PEAP Module-->MsiExec.exe /I{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}
CyberLink LabelPrint-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" -uninstall
CyberLink Power2Go-->"C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall
CyberLink Power2Go-->"C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall
Express Gate-->MsiExec.exe /I{2862A3C1-0CD9-4D8B-A28C-8C337D4DD5EB}
Favorit-->c:\users\flunny\appdata\local\cakuogc.bat
FileZilla Client 3.2.4.1-->C:\Program Files\FileZilla FTP Client\uninstall.exe
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_E582EA556D8DE101.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
IE7Pro-->C:\Program Files\IEPro\uninst.exe
Java(TM) 6 Update 14-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216014FF}
Junk Mail filter update-->MsiExec.exe /I{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}
LightScribe System Software 1.14.17.1-->MsiExec.exe /X{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - deu\setup.exe
Microsoft .NET Framework 3.5 Language Pack SP1 - deu-->MsiExec.exe /I{052FDD78-A6EA-3187-8386-C82F4CA3A929}
Microsoft .NET Framework 3.5 SP1-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Office Access MUI (German) 2007-->MsiExec.exe /X{90120000-0015-0407-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (German) 2007-->MsiExec.exe /X{90120000-0016-0407-0000-0000000FF1CE}
Microsoft Office Groove MUI (German) 2007-->MsiExec.exe /X{90120000-00BA-0407-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (German) 2007-->MsiExec.exe /X{90120000-0044-0407-0000-0000000FF1CE}
Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}
Microsoft Office OneNote MUI (German) 2007-->MsiExec.exe /X{90120000-00A1-0407-0000-0000000FF1CE}
Microsoft Office Outlook Connector-->MsiExec.exe /I{95120000-0120-0407-0000-0000000FF1CE}
Microsoft Office Outlook MUI (German) 2007-->MsiExec.exe /X{90120000-001A-0407-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (German) 2007-->MsiExec.exe /X{90120000-0018-0407-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Italian) 2007-->MsiExec.exe /X{90120000-001F-0410-0000-0000000FF1CE}
Microsoft Office Proofing (German) 2007-->MsiExec.exe /X{90120000-002C-0407-0000-0000000FF1CE}
Microsoft Office Publisher MUI (German) 2007-->MsiExec.exe /X{90120000-0019-0407-0000-0000000FF1CE}
Microsoft Office Shared MUI (German) 2007-->MsiExec.exe /X{90120000-006E-0407-0000-0000000FF1CE}
Microsoft Office Word MUI (German) 2007-->MsiExec.exe /X{90120000-001B-0407-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft SQL Server 2008 Common Files-->MsiExec.exe /I{4A6F34E2-09E5-4616-B227-4A26A488A6F9}
Microsoft SQL Server 2008 Common Files-->MsiExec.exe /I{FF6F95A4-E59B-45C8-BEA8-0BDC8D9CAB51}
Microsoft SQL Server 2008 Database Engine Services-->MsiExec.exe /I{5BD39911-A12F-4562-98BA-A6E03E3370B1}
Microsoft SQL Server 2008 Database Engine Services-->MsiExec.exe /I{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}
Microsoft SQL Server 2008 Database Engine Shared-->MsiExec.exe /I{477415F5-93DA-46AA-85C5-640047825995}
Microsoft SQL Server 2008 Database Engine Shared-->MsiExec.exe /I{F3494AB6-6900-41C6-AF57-823626827ED8}
Microsoft SQL Server 2008 Management Objects-->MsiExec.exe /I{F5E87B12-3C27-452F-8E78-21D42164FD83}
Microsoft SQL Server 2008 Native Client-->MsiExec.exe /I{C91C4EF4-63E1-41EE-AE6A-5152628FDC21}
Microsoft SQL Server 2008 RsFx Driver-->MsiExec.exe /I{F1DC7648-8623-442F-92B7-E118DF61872E}
Microsoft SQL Server 2008 Setup Support Files (English)-->MsiExec.exe /X{30355ED7-DE49-4C8D-BE23-2161D36E8A9A}
Microsoft SQL Server 2008-->"C:\Program Files\Microsoft SQL Server\100\Setup Bootstrap\Release\x86\SetupARP.exe" /x86
Microsoft SQL Server 2008-->"C:\Program Files\Microsoft SQL Server\100\Setup Bootstrap\Release\x86\SetupARP.exe" /X86
Microsoft SQL Server 2008-Browser-->MsiExec.exe /X{4AF2248C-B3DF-46FB-9596-87F5DB193689}
Microsoft SQL Server Compact 3.5 SP1 (Deutsch)-->MsiExec.exe /I{FA440BE8-EC2F-4478-A01A-077DA0606501}
Microsoft SQL Server Compact 3.5 SP1 Design Tools (Deutsch)-->MsiExec.exe /X{738B0934-6676-44F6-AB52-32F4E60DCA7F}
Microsoft SQL Server VSS Writer-->MsiExec.exe /I{D074DC76-F6C9-440E-A1D0-1DE958417FDB}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
NB Probe-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}\Setup.exe" -l0x9
Norton Internet Security-->MsiExec.exe /I{7B15D70E-9449-4CFB-B9BC-798465B2BD5C}
NOXON Home Server-->C:\Program Files\TerraTec\TerraTec Home Cinema\Uninst.exe
NVIDIA Drivers-->C:\Windows\system32\nvuninst.exe UninstallGUI
Picasa 3-->"C:\Program Files\Picasa2\Uninstall.exe"
QuickTime-->MsiExec.exe /I{C78EAC6F-7A73-452E-8134-DBB2165C5A68}
Realtek 8169 8168 8101E 8102E Ethernet Driver-->C:\Program Files\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -l0x0009 -removeonly
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.55.01-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{59F6A514-9813-47A3-948C-8A155460CC2A}\setup.exe" -l0x9 anything
Sql Server Customer Experience Improvement Program-->MsiExec.exe /I{C965F01C-76EA-4BD7-973E-46236AE312D7}
SQL Server System CLR Types-->MsiExec.exe /I{342D4AD7-EC4C-4EC8-AEA6-E70F5905A490}
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
TerraTec Home Cinema-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}\setup.exe" -l0x7
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Outlook 2007 Junk Email Filter (kb971933)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {53C200F4-3B4B-49A5-8539-2C61F1A88CA2}
Update für Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0407-0000-0000000FF1CE} /uninstall {BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}
Update für Microsoft Office Outlook 2007 Help (KB963677)-->msiexec /package {90120000-001A-0407-0000-0000000FF1CE} /uninstall {F6828576-6F79-470D-AB50-69D1BBADBD30}
Update für Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0407-0000-0000000FF1CE} /uninstall {EA160DA3-E9B5-4D03-A518-21D306665B96}
Update für Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0407-0000-0000000FF1CE} /uninstall {38472199-D7B6-4833-A949-10E4EE6365A1}
USB 2.0 2.0M UVC WebCam-->C:\Windows\Uninstuxga.bat
Windows Live Communications Platform-->MsiExec.exe /I{F69E83CF-B440-43F8-89E6-6EA80712109B}
Windows Live Essentials-->C:\Program Files\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{DF5F687F-8018-4542-9F98-7084E9022917}
Windows Live Family Safety-->MsiExec.exe /X{3A608351-5980-4A47-AE08-3742C55B4016}
Windows Live Fotogalerie-->MsiExec.exe /X{6B96DADA-1A27-4A04-8CB2-CC45168D05FA}
Windows Live Mail-->MsiExec.exe /I{5A166C0B-9557-4364-A057-F946D674E6AC}
Windows Live Movie Maker-Betaversion-->MsiExec.exe /X{DC35EF73-C7BD-4452-A793-4269990E1EA3}
Windows Live Sync-->MsiExec.exe /X{8C1E2925-14F8-45AA-B999-1E2A74BF5607}
Windows Live Writer-->MsiExec.exe /X{81821BF8-DA20-4F8C-AA87-F70A274828D4}
Windows Live-Uploadtool-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
WinFlash-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DE10AB76-4756-4913-BE25-55D1C1051F9A}\Setup.exe" -l0x9
Wireless Console 2-->C:\Program Files\InstallShield Installation Information\{83F73CB1-7705-49D1-9852-84D839CA2A45}\Setup.exe -runfromtemp -l0x0009 -removeonly

======Security center information======

AS: Windows Defender

======System event log======

Computer Name: ***-PC
Event Code: 10029
Message: DCOM hat den Dienst wercplsupport mit den Argumenten "" gestartet, um den Server auszuführen:
{0E9A7BB5-F699-4D66-8A47-B919F5B6A1DB}
Record Number: 42281
Source Name: Microsoft-Windows-DistributedCOM
Time Written: 20090802160002.000000-000
Event Type: Informationen
User:

Computer Name: ***-PC
Event Code: 7036
Message: Dienst "Unterstützung in der Systemsteuerung unter Lösungen für Probleme" befindet sich jetzt im Status "Ausgeführt".
Record Number: 42282
Source Name: Service Control Manager
Time Written: 20090802160002.000000-000
Event Type: Informationen
User:

Computer Name: ***-PC
Event Code: 7036
Message: Dienst "Unterstützung in der Systemsteuerung unter Lösungen für Probleme" befindet sich jetzt im Status "Beendet".
Record Number: 42283
Source Name: Service Control Manager
Time Written: 20090802160002.000000-000
Event Type: Informationen
User:

Computer Name: ***-PC
Event Code: 7036
Message: Dienst "WinHTTP-Web Proxy Auto-Discovery-Dienst" befindet sich jetzt im Status "Beendet".
Record Number: 42284
Source Name: Service Control Manager
Time Written: 20090802160904.000000-000
Event Type: Informationen
User:

Computer Name: ***-PC
Event Code: 9
Message: Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht geantwortet.
Record Number: 42285
Source Name: iaStor
Time Written: 20090802161403.307459-000
Event Type: Fehler
User:

=====Application event log=====

Computer Name: ***-PC
Event Code: 0
Message:
Record Number: 4535
Source Name: gusvc
Time Written: 20090802154725.000000-000
Event Type: Informationen
User:

Computer Name: ***-PC
Event Code: 10
Message: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Record Number: 4536
Source Name: Microsoft-Windows-WMI
Time Written: 20090802154755.000000-000
Event Type: Fehler
User:

Computer Name: ***-PC
Event Code: 1
Message: Der Windows-Sicherheitscenterdienst wurde gestartet.
Record Number: 4537
Source Name: SecurityCenter
Time Written: 20090802154844.000000-000
Event Type: Informationen
User:

Computer Name: ***-PC
Event Code: 8193
Message: Fehler beim Erstellen des Wiederherstellungspunkts auf dem Volume (Prozess = C:\Windows\system32\svchost.exe -k netsvcs; Beschreibung = Windows Update; Hr = 0x80070422).
Record Number: 4538
Source Name: System Restore
Time Written: 20090802155219.000000-000
Event Type: Fehler
User:

Computer Name: ***-PC
Event Code: 5
Message: Unsupported service control request (see data below)
Record Number: 4539
Source Name: LightScribeService
Time Written: 20090802163357.000000-000
Event Type: Informationen
User:

=====Security event log=====

Computer Name: ***-PC
Event Code: 5038
Message: Die Codeintegrität hat festgestellt, dass der Abbildhash einer Datei nicht gültig ist. Die Datei wurde möglicherweise durch eine nicht autorisierte Änderung beschädigt. Dieses Problem kann auch auf einen potenziellen Fehler des Datenträgergeräts hinweisen.

Dateiname: \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys
Record Number: 4898
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090802163354.822259-000
Event Type: Überwachung gescheitert
User:

Computer Name: ***-PC
Event Code: 5038
Message: Die Codeintegrität hat festgestellt, dass der Abbildhash einer Datei nicht gültig ist. Die Datei wurde möglicherweise durch eine nicht autorisierte Änderung beschädigt. Dieses Problem kann auch auf einen potenziellen Fehler des Datenträgergeräts hinweisen.

Dateiname: \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys
Record Number: 4899
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090802163354.853459-000
Event Type: Überwachung gescheitert
User:

Computer Name: ***-PC
Event Code: 5038
Message: Die Codeintegrität hat festgestellt, dass der Abbildhash einer Datei nicht gültig ist. Die Datei wurde möglicherweise durch eine nicht autorisierte Änderung beschädigt. Dieses Problem kann auch auf einen potenziellen Fehler des Datenträgergeräts hinweisen.

Dateiname: \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys
Record Number: 4900
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090802163354.884659-000
Event Type: Überwachung gescheitert
User:

Computer Name: ***-PC
Event Code: 5038
Message: Die Codeintegrität hat festgestellt, dass der Abbildhash einer Datei nicht gültig ist. Die Datei wurde möglicherweise durch eine nicht autorisierte Änderung beschädigt. Dieses Problem kann auch auf einen potenziellen Fehler des Datenträgergeräts hinweisen.

Dateiname: \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys
Record Number: 4901
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090802163354.915859-000
Event Type: Überwachung gescheitert
User:

Computer Name: ***-PC
Event Code: 5038
Message: Die Codeintegrität hat festgestellt, dass der Abbildhash einer Datei nicht gültig ist. Die Datei wurde möglicherweise durch eine nicht autorisierte Änderung beschädigt. Dieses Problem kann auch auf einen potenziellen Fehler des Datenträgergeräts hinweisen.

Dateiname: \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys
Record Number: 4902
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090802163354.947059-000
Event Type: Überwachung gescheitert
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Microsoft SQL Server\100\Tools\Binn\;C:\Program Files\Microsoft SQL Server\100\DTS\Binn\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 6, GenuineIntel
"PROCESSOR_REVISION"=1706
"NUMBER_OF_PROCESSORS"=2
"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat
"DFSTRACINGON"=FALSE
"configsetroot"=%SystemRoot%\ConfigSetRoot
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------

Die Info über den Log stelle ich noch extra ein wegen Zeichenmangel.

lg flunny

flunny · 02.08.2009, 18:38

hier jetzt noch der fehlende Log
TEIL I (die Zeichen sind zu viel)
Logfile of random's system information tool 1.06 (written by random/random)
Run by *** at 2009-08-02 18:33:52
Microsoft® Windows Vista™ Home Premium Service Pack 1
System drive C: has 134 GB (88%) free of 153 GB
Total RAM: 3070 MB (56% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:33:55, on 02.08.2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18294)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Program files\P4G\BatteryLife.exe
C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
C:\Windows\System32\rundll32.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Windows\AsScrPro.exe
C:\Program Files\avmwlanstick\FRITZWLANMini.exe
C:\Program Files\Common Files\TerraTec\Remote\TTTvRc.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Windows\ehome\ehtray.exe
C:\Users\***\AppData\Local\iakay.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\IEPro\MiniDM.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
C:\Program Files\Microsoft\Office Live\OfficeLiveSignIn.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\***\Documents\My Downloads\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\***.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = h**p://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = h**p://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = fritz.box;192.168.178.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IEPro\iepro.dll
O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: TerraTec Home Cinema - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\PROGRA~1\TerraTec\TERRAT~1\THCDES~1.DLL
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [P2Go_Menu] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [HControlUser] C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AVMWlanClient] C:\Program Files\avmwlanstick\FRITZWLANMini.exe
O4 - HKLM\..\Run: [Remote Control Editor] C:\Program Files\Common Files\TerraTec\Remote\TTTVRC.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [Remote Control Editor] "C:\Program Files\Common Files\TerraTec\Remote\TTTvRc.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [iakay] "c:\users\***\appdata\local\iakay.exe" iakay
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files\IEPro\iepro.dll
O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - h**p://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O23 - Service: ADSM Service (ADSMService) - Unknown owner - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Norton Internet Security - Unknown owner - C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe

--
End of file - 9311 bytes

======Scheduled tasks folder======

C:\Windows\tasks\User_Feed_Synchronization-{8233062F-2EE5-481A-ABE1-4CA79E0B0F0D}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00011268-E188-40DF-A514-835FCD78B1BF}]
IE7Pro BHO - C:\Program Files\IEPro\iepro.dll [2009-07-03 777320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-07-21 256112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2009-07-21 761840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-07-21 458736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-06-28 41368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{AD6E6555-FB2C-47D4-8339-3E2965509877} - TerraTec Home Cinema - C:\PROGRA~1\TerraTec\TERRAT~1\THCDES~1.DLL [2008-12-09 526336]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-07-21 256112]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"CLMLServer"=C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe [2008-07-19 104936]
"P2Go_Menu"=C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2008-06-14 210216]
"HControlUser"=C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe [2008-01-12 98304]
"ATKOSD2"=C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe [2008-07-15 7651328]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-09-19 13593120]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-09-19 92704]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-07-24 6265376]
"Skytel"=C:\Windows\Skytel.exe [2008-07-24 1833504]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-12-06 1029416]
"ATKMEDIA"=C:\Program Files\ASUS\ATK Media\DMedia.exe [2008-06-25 159744]
"ASUS Screen Saver Protector"=C:\Windows\AsScrPro.exe [2009-03-11 3054136]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"AVMWlanClient"=C:\Program Files\avmwlanstick\FRITZWLANMini.exe [2007-02-02 283136]
"Remote Control Editor"=C:\Program Files\Common Files\TerraTec\Remote\TTTVRC.exe [2008-12-09 1105920]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-06-28 148888]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-05-26 413696]
"Google Quick Search Box"=C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe [2009-07-21 122368]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-21 1233920]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2008-06-09 2363392]
"Remote Control Editor"=C:\Program Files\Common Files\TerraTec\Remote\TTTvRc.exe [2008-12-09 1105920]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"iakay"=c:\users\***\appdata\local\iakay.exe [2009-07-24 249856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\IEPro\MiniDM.exe"="C:\Program Files\IEPro\MiniDM.exe:*:Enabled:MiniDM"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e4fda4f9-5db1-11de-a12c-00248c5e81ee}]
shell\AutoRun\command - F:\pushinst.exe

======List of files/folders created in the last 1 months======

2009-08-02 18:33:52 ----D---- C:\rsit
2009-08-02 18:18:36 ----D---- C:\Program Files\CCleaner
2009-08-02 18:05:39 ----D---- C:\Program Files\Trend Micro
2009-07-30 21:48:34 ----D---- C:\Users\flunny\AppData\Roaming\MiniDm
2009-07-30 21:33:07 ----D---- C:\Program Files\IEPro
2009-07-30 20:13:32 ----A---- C:\Windows\system32\msonpmon.dll
2009-07-30 20:12:20 ----D---- C:\Program Files\Microsoft Works
2009-07-30 20:11:58 ----D---- C:\Program Files\Microsoft Visual Studio
2009-07-30 20:11:57 ----D---- C:\Program Files\Common Files\DESIGNER
2009-07-30 20:08:02 ----D---- C:\Program Files\Microsoft Visual Studio 8
2009-07-30 20:07:17 ----D---- C:\Program Files\Microsoft Office
2009-07-30 20:06:53 ----RHD---- C:\MSOCache
2009-07-30 19:01:13 ----A---- C:\Windows\system32\occache.dll
2009-07-30 19:01:13 ----A---- C:\Windows\system32\mshtml.dll
2009-07-30 19:01:12 ----A---- C:\Windows\system32\urlmon.dll
2009-07-30 19:01:12 ----A---- C:\Windows\system32\ieframe.dll
2009-07-30 19:01:11 ----A---- C:\Windows\system32\wininet.dll
2009-07-30 19:01:11 ----A---- C:\Windows\system32\mstime.dll
2009-07-30 19:01:11 ----A---- C:\Windows\system32\msfeeds.dll
2009-07-30 19:01:11 ----A---- C:\Windows\system32\ieUnatt.exe
2009-07-30 19:01:11 ----A---- C:\Windows\system32\iertutil.dll
2009-07-30 19:01:11 ----A---- C:\Windows\system32\ieencode.dll
2009-07-30 19:01:11 ----A---- C:\Windows\system32\iedkcs32.dll
2009-07-30 19:01:11 ----A---- C:\Windows\system32\ieaksie.dll
2009-07-30 19:01:10 ----A---- C:\Windows\system32\jsproxy.dll
2009-07-21 22:03:45 ----D---- C:\ProgramData\Google
2009-07-21 21:50:25 ----D---- C:\ProgramData\LightScribe
2009-07-15 20:54:49 ----A---- C:\Windows\system32\t2embed.dll
2009-07-15 20:54:49 ----A---- C:\Windows\system32\fontsub.dll
2009-07-15 20:54:49 ----A---- C:\Windows\system32\dciman32.dll
2009-07-15 20:54:49 ----A---- C:\Windows\system32\atmfd.dll
2009-07-12 20:03:49 ----HD---- C:\Program Files\Zero G Registry
2009-07-12 18:33:31 ----A---- C:\Windows\system32\perf-SQLAgent$SQLEXPRESS-sqlagtctr10.0.1600.22.dll
2009-07-12 18:33:22 ----A---- C:\Windows\system32\perf-MSSQL$SQLEXPRESS-sqlctr10.0.1600.22.dll
2009-07-12 18:32:55 ----D---- C:\Windows\system32\RsFx
2009-07-12 18:32:00 ----D---- C:\Windows\system32\1033
2009-07-12 18:32:00 ----D---- C:\Windows\system32\1031
2009-07-12 18:19:37 ----A---- C:\Windows\system32\msimsg.dll
2009-07-12 18:19:37 ----A---- C:\Windows\system32\msihnd.dll
2009-07-12 18:19:37 ----A---- C:\Windows\system32\msiexec.exe
2009-07-12 18:19:37 ----A---- C:\Windows\system32\msi.dll
2009-07-12 18:19:06 ----D---- C:\Program Files\Microsoft SQL Server
2009-07-12 18:19:03 ----D---- C:\Program Files\Microsoft Synchronization Services
2009-07-12 18:16:57 ----D---- C:\Program Files\Microsoft Visual Studio 9.0
2009-07-12 18:08:00 ----D---- C:\Program Files\Microsoft SDKs
2009-07-12 17:57:37 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2009-07-12 17:57:37 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-07-12 17:57:37 ----A---- C:\Windows\system32\infocardapi.dll
2009-07-12 17:57:37 ----A---- C:\Windows\system32\icardres.dll
2009-07-12 17:57:37 ----A---- C:\Windows\system32\icardagt.exe
2009-07-12 17:57:36 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2009-07-12 17:57:35 ----A---- C:\Windows\system32\PresentationHost.exe
2009-07-12 17:53:19 ----A---- C:\Windows\system32\dfshim.dll
2009-07-12 17:53:17 ----A---- C:\Windows\system32\mscoree.dll
2009-07-12 17:53:16 ----A---- C:\Windows\system32\netfxperf.dll
2009-07-12 17:53:12 ----A---- C:\Windows\system32\mscorier.dll
2009-07-12 17:53:11 ----A---- C:\Windows\system32\mscories.dll
2009-07-12 15:10:30 ----D---- C:\Program Files\phase5
2009-07-12 11:42:20 ----D---- C:\Users\***\AppData\Roaming\BuddyW
2009-07-05 13:44:23 ----D---- C:\Windows\Downloaded Installations

======List of files/folders modified in the last 1 months======

2009-08-02 18:33:33 ----D---- C:\Windows\Temp
2009-08-02 18:23:20 ----D---- C:\Windows\Debug
2009-08-02 18:23:20 ----D---- C:\Windows
2009-08-02 18:18:36 ----RD---- C:\Program Files
2009-07-31 06:33:24 ----SHD---- C:\Windows\Installer
2009-07-31 06:33:24 ----D---- C:\ProgramData\Microsoft Help
2009-07-31 06:01:43 ----A---- C:\Windows\system32\acovcnt.exe
2009-07-31 06:00:16 ----D---- C:\Windows\System32
2009-07-31 06:00:16 ----D---- C:\Program Files\Internet Explorer
2009-07-30 21:51:14 ----D---- C:\Windows\winsxs
2009-07-30 20:17:32 ----SD---- C:\Users\***\AppData\Roaming\Microsoft
2009-07-30 20:13:39 ----RSD---- C:\Windows\assembly
2009-07-30 20:12:14 ----D---- C:\Program Files\Common Files\microsoft shared
2009-07-30 20:12:11 ----D---- C:\Program Files\MSBuild
2009-07-30 20:11:57 ----D---- C:\Program Files\Common Files
2009-07-30 20:11:56 ----D---- C:\Windows\ShellNew
2009-07-30 20:11:42 ----RSD---- C:\Windows\Fonts
2009-07-30 20:11:33 ----D---- C:\Program Files\Microsoft.NET
2009-07-30 20:07:38 ----A---- C:\Windows\win.ini
2009-07-30 20:01:25 ----D---- C:\Windows\system32\WDI
2009-07-30 19:00:26 ----D---- C:\Windows\system32\catroot
2009-07-30 19:00:25 ----D---- C:\Windows\system32\catroot2
2009-07-26 15:41:27 ----D---- C:\Windows\inf
2009-07-26 15:41:27 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-07-24 21:30:05 ----D---- C:\Program Files\Microsoft Silverlight
2009-07-22 19:32:58 ----D---- C:\Program Files\Google
2009-07-21 22:03:45 ----HD---- C:\ProgramData
2009-07-18 07:40:36 ----D---- C:\Program Files\Windows Mail
2009-07-12 20:02:46 ----D---- C:\Users\***\AppData\Roaming\FileZilla
2009-07-12 19:24:18 ----D---- C:\Windows\Microsoft.NET
2009-07-12 18:44:20 ----D---- C:\Windows\rescache
2009-07-12 18:32:55 ----D---- C:\Windows\system32\drivers
2009-07-12 18:27:50 ----D---- C:\Windows\system32\zh-TW
2009-07-12 18:27:50 ----D---- C:\Windows\system32\zh-CN
2009-07-12 18:27:50 ----D---- C:\Windows\system32\uk-UA
2009-07-12 18:27:50 ----D---- C:\Windows\system32\tr-TR
2009-07-12 18:27:50 ----D---- C:\Windows\system32\th-TH
2009-07-12 18:27:50 ----D---- C:\Windows\system32\sv-SE
2009-07-12 18:27:50 ----D---- C:\Windows\system32\sr-Latn-CS
2009-07-12 18:27:50 ----D---- C:\Windows\system32\sl-SI
2009-07-12 18:27:50 ----D---- C:\Windows\system32\sk-SK
2009-07-12 18:27:50 ----D---- C:\Windows\system32\ru-RU
2009-07-12 18:27:50 ----D---- C:\Windows\system32\ro-RO
2009-07-12 18:27:50 ----D---- C:\Windows\system32\pt-PT
2009-07-12 18:27:50 ----D---- C:\Windows\system32\pt-BR
2009-07-12 18:27:50 ----D---- C:\Windows\system32\pl-PL
2009-07-12 18:27:50 ----D---- C:\Windows\system32\nl-NL
2009-07-12 18:27:50 ----D---- C:\Windows\system32\nb-NO
2009-07-12 18:27:50 ----D---- C:\Windows\system32\lv-LV
2009-07-12 18:27:50 ----D---- C:\Windows\system32\lt-LT
2009-07-12 18:27:50 ----D---- C:\Windows\system32\ko-KR
2009-07-12 18:27:50 ----D---- C:\Windows\system32\ja-JP
2009-07-12 18:27:50 ----D---- C:\Windows\system32\it-IT
2009-07-12 18:27:50 ----D---- C:\Windows\system32\hu-HU
2009-07-12 18:27:50 ----D---- C:\Windows\system32\hr-HR
2009-07-12 18:27:50 ----D---- C:\Windows\system32\he-IL
2009-07-12 18:27:50 ----D---- C:\Windows\system32\fr-FR
2009-07-12 18:27:50 ----D---- C:\Windows\system32\fi-FI
2009-07-12 18:27:50 ----D---- C:\Windows\system32\et-EE
2009-07-12 18:27:50 ----D---- C:\Windows\system32\es-ES
2009-07-12 18:27:50 ----D---- C:\Windows\system32\en-US
2009-07-12 18:27:50 ----D---- C:\Windows\system32\el-GR
2009-07-12 18:27:50 ----D---- C:\Windows\system32\de-DE
2009-07-12 18:27:50 ----D---- C:\Windows\system32\da-DK
2009-07-12 18:27:50 ----D---- C:\Windows\system32\cs-CZ
2009-07-12 18:27:50 ----D---- C:\Windows\system32\bg-BG
2009-07-12 18:27:50 ----D---- C:\Windows\system32\ar-SA
2009-07-12 18:19:05 ----SD---- C:\ProgramData\Microsoft
2009-07-12 18:19:03 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2009-07-12 18:13:33 ----D---- C:\Windows\system32\XPSViewer
2009-07-12 18:13:33 ----D---- C:\Windows\system32\wbem
2009-07-12 17:39:05 ----D---- C:\Windows\Logs
2009-07-12 17:30:18 ----D---- C:\Windows\Prefetch
2009-07-12 15:28:50 ----HD---- C:\Program Files\InstallShield Installation Information
2009-07-12 14:57:25 ----D---- C:\Program Files\Picasa2
2009-07-07 17:10:56 ----A---- C:\Windows\system32\mrt.exe
2009-07-03 21:39:39 ----SHD---- C:\System Volume Information

TEIL II kommt danach

lg flunny

flunny · 02.08.2009, 18:40

Teil II von Log Info

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-06-21 28520]
R2 ASMMAP;ASMMAP; \??\C:\Program Files\ATKGFNEX\ASMMAP.sys [2007-07-24 13880]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2009-03-24 55640]
R2 ghaio;ghaio; \??\C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys [2007-08-03 20936]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2008-02-16 46592]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-07-30 43008]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-07-30 38400]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2008-04-27 909824]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-07-24 2158432]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2008-06-03 15928]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2006-12-14 7680]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2008-09-05 45600]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-09-19 7404832]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-08-06 124928]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2008-04-01 1807744]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-12-06 196400]
S1 SRTSP;SRTSP; \??\C:\Windows\system32\drivers\NIS\1000000.07D\SRTSP.SYS []
S1 SRTSPX;SRTSPX; \??\C:\Windows\system32\drivers\NIS\1000000.07D\SRTSPX.SYS []
S3 avmeject;AVM Eject; C:\Windows\system32\drivers\avmeject.sys [2007-01-26 4352]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2008-12-08 55264]
S3 FWLANUSB;AVM FRITZ!WLAN; C:\Windows\system32\DRIVERS\fwlanusb.sys [2007-01-26 265088]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 mod7700;Cinergy DT USB XS Diversity (MKII) Capture Service; C:\Windows\system32\DRIVERS\mod7700.sys [2007-12-20 554240]
S3 MODRC;Cinergy DT USB XS Diversity (MKII) IR Service; C:\Windows\system32\DRIVERS\modrc.sys [2007-07-11 13824]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\NAVENG.SYS []
S3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\NAVEX15.SYS []
S3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2006-11-02 1010560]
S3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2006-11-02 194048]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 RsFx0102;RsFx0102 Driver; C:\Windows\system32\DRIVERS\RsFx0102.sys [2008-07-10 242712]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ADSMService;ADSM Service; C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe [2007-05-18 73728]
R2 AntiVirSchedulerService;Avira AntiVir Planer; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-06-21 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-06-21 185089]
R2 ASLDRService;ASLDR Service; C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe [2007-10-03 94208]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-06-09 73728]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2008-07-11 40999448]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-09-19 196608]
R2 spmgr;spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [2007-08-03 125496]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-07-10 98840]
S2 Norton Internet Security;Norton Internet Security; C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe /s Norton Internet Security /m C:\Program Files\Norton Internet Security\Engine\16.0.0.125\diMaster.dll /prefetch:1 []
S3 fsssvc;Windows Live Family Safety; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2008-12-08 533344]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-06-20 182768]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S4 MSSQLServerADHelper100;SQL Server Hilfsdienst für Active Directory; C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2008-07-11 47128]
S4 SQLAgent$SQLEXPRESS;SQL Server-Agent (SQLEXPRESS); C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2008-07-11 369688]
S4 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2008-07-10 258072]

-----------------EOF-----------------

so jetzt müsste es aber alles sein was ich habe.

lg Flunny

Angel21 · 02.08.2009, 18:54

Hallo,

du hast Navipromo drauf.

Erkennst du an diesem Eintrag:

Zitat:

O4 - HKCU\..\Run: [iakay] "c:\users\***\appdata\local\iakay.exe" iakay

Was ist Navipromo: Navipromo ist zurück

Deinstalliere:

Favorit
Adobe Reader 8.1.2
Apple Software Update
Google Toolbar for Internet Explorer

Installiere:
http://filepony.de/download-adobe_reader/

flunny · 13.08.2009, 12:58

Hallo Angel21

vielen Dank für deinen super tip. Bei mir funktioniert wieder alles. Hab es jetzt eine Woche lang getestet.

Ich weiß garnicht wie ich mich bedanken kann

IE öffnet dauernd Werbung allein

Log-Analyse und Auswertung: IE öffnet dauernd Werbung allein