| |
| |||||||
Log-Analyse und Auswertung: Internet langsamWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
| |
21.08.2009, 14:24
| #1 |
 |  Internet langsam Hey seit einiger zeit stimmt irgendwas mit meinem Intern nicht , sprich ist is sehr langsam und manchmal schaltet firefox automatisch in den offline modus welchen ich nur durch neustart weg bekomme ach ja hab firefox 3.5 hoffe mir kann jemand helfen danke schon mal poste hier mal mein HijackThis log: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 15:22:55, on 21.08.2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16876) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programme\Avira\AntiVir Desktop\sched.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\RTHDCPL.EXE C:\Programme\Java\jre6\bin\jusched.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Programme\iTunes\iTunesHelper.exe C:\Programme\Avira\AntiVir Desktop\avguard.exe C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Programme\Bonjour\mDNSResponder.exe C:\Programme\Java\jre6\bin\jqs.exe C:\Programme\NVIDIA Corporation\nTune\nTuneService.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\System32\TUProgSt.exe C:\Programme\iPod\bin\iPodService.exe C:\WINDOWS\system32\rundll32.exe C:\Programme\ICQ6.5\ICQ.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\PnkBstrB.exe C:\Programme\Mozilla Firefox\firefox.exe C:\Programme\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\Dokumente und Einstellungen\Julian\hlro.exe \s O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [nwiz] C:\Programme\NVIDIA Corporation\nView\nwiz.exe /install O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Programme\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-20\..\Run: [InetChk] C:\DOKUME~1\NETWOR~1\LOKALE~1\Temp\ms1240510904.exe work (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Ruhezeit optimierung.bat O4 - Global Startup: Ruhezeit optimierung.bat O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1211057793730 O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab O20 - Winlogon Notify: lzwbyrsk - lzwbyrsk.dll (file missing) O21 - SSODL: TvEvyDexK - {28C4DA15-826E-70BF-C07D-0F3A5DF86FDC} - (no file) O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. - C:\Programme\Bonjour\mDNSResponder.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Programme\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Programme\NVIDIA Corporation\nTune\nTuneService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe O23 - Service: TuneUp Drive Defrag-Dienst (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe -- End of file - 6778 bytes |
|
21.08.2009, 15:33
| #2 |
 | Internet langsam__________________
__________________ |
|
21.08.2009, 17:04
| #3 |
| | Internet langsam info.txt logfile of random's system information tool 1.06 2009-08-21 17:56:37
__________________======Uninstall list====== -->C:\Programme\DivX\DivXConverterUninstall.exe /CONVERTER -->MsiExec /X{E2BE1618-AF5F-4F7D-8484-42E080EDF609} -->MsiExec.exe /X{69495273-FCDC-4A86-BCB7-49B504D3FB0E} -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf 1. Bundesliga Minifaces Winterupdate-->C:\Programme\EA Sports\FIFA 09\Uninstall 1. Bundesliga Minifaces Winterupdate.exe 3DMark06-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{7F3AD00A-1819-4B15-BB7D-08B3586336D7}\setup.exe" -l0x9 -removeonly 7-Zip 4.57-->"C:\Programme\7-Zip\Uninstall.exe" 7-Zip 4.57-->MsiExec.exe /I{23170F69-40C1-2701-0457-000001000000} Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Reader 8.1.3 - Deutsch-->MsiExec.exe /I{AC76BA86-7AD7-1031-7B44-A81300000003} AGEIA PhysX v7.01.12-->MsiExec.exe /X{E2BE1618-AF5F-4F7D-8484-42E080EDF609} America's Army 3-->"C:\Programme\Valve\Steam\steam.exe" steam://uninstall/13140 Apollox Realistic Gameplay 1.0-->C:\Programme\EA Sports\FIFA 09\Uninstall Apollox Realistic Gameplay 1_0.exe Apollox Realistic Gameplay v1.5-->C:\Programme\EA Sports\FIFA 09\Uninstall Apollox Realistic Gameplay 1_5.exe Apple Mobile Device Support-->MsiExec.exe /I{C337BDAF-CB4E-47E2-BE1A-CB31BB7DD0E3} Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033} Avira AntiVir Personal - Free Antivirus-->C:\Programme\Avira\AntiVir Desktop\setup.exe /REMOVE BlueJ 2.5.0-->"C:\BlueJ\uninst\unins000.exe" Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B} Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch-->C:\Programme\InstallShield Installation Information\{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}\setup.exe -runfromtemp -l0x0409 Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch-->C:\Programme\InstallShield Installation Information\{931C37FC-594D-43A9-B10F-A2F2B1F03498}\setup.exe -runfromtemp -l0x0409 Call of Duty(R) 4 - Modern Warfare(TM)-->C:\Programme\InstallShield Installation Information\{E48469CC-635E-4FD5-A122-1497C286D217}\setup.exe -runfromtemp -l0x0407 Card Reader Software-->MsiExec.exe /I{CFA9C1EE-8D76-477E-9E26-D24C26F11F47} CCleaner (remove only)-->"C:\Programme\CCleaner\uninst.exe" Command & Conquer™ Red Alert™ 3-->MsiExec.exe /X{296D8550-CB06-48E4-9A8B-E5034FB64715} Company of Heroes-->MsiExec.exe /X{EAF636A9-F664-4703-A659-85A894DA264F} Counter-Strike: Source-->"C:\Programme\Valve\Steam\steam.exe" steam://uninstall/240 DH Driver Cleaner Professional Edition-->C:\Programme\Driver Cleaner Pro\Uninstall.exe Die*Sims™*3-->"C:\Programme\InstallShield Installation Information\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}\Sims3Setup.exe" -runfromtemp -l0x0007 -removeonly DivX Codec-->C:\Programme\DivX\DivXCodecUninstall.exe /CODEC DivX Converter-->C:\Programme\DivX\DivXConverterUninstall.exe /CONVERTER DivX Player-->C:\Programme\DivX\DivXPlayerUninstall.exe /PLAYER DivX Plus DirectShow Filters-->C:\Programme\DivX\DivXDSFiltersUninstall.exe /DSFILTERS DivX Web Player-->C:\Programme\DivX\DivXWebPlayerUninstall.exe /PLUGIN DriverAgent by eSupport.com-->RunDll32.exe advpack.dll,LaunchINFSection driveragent_exe.inf,TVICHW32Remove DVBViewer Technisat Edition-->"C:\Programme\DVBViewerTE\unins000.exe" Fallout 3-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{974C4B12-4D02-4879-85E0-61C95CC63E9E}\setup.exe" -l0x9 -removeonly Far Cry 2-->"C:\Programme\InstallShield Installation Information\{F2835483-37F2-4123-B4FE-0E77D58447F2}\setup.exe" -runfromtemp -l0x0007 -removeonly FIFA 09 Lightning Patch-->C:\Programme\EA Sports\FIFA 09\Uninstall Light Patch.exe FIFA 09-->MsiExec.exe /X{2315B23D-3E21-4920-837D-AE6460934ECB} Free 3GP Video Converter version 3.2-->"C:\Programme\DVDVideoSoft\Free 3GP Video Converter\unins000.exe" Free YouTube to Mp3 Converter version 3.1-->"C:\Programme\DVDVideoSoft\Free YouTube to Mp3 Converter\unins000.exe" Half-Life(R) 2-->MsiExec.exe /I{D45EC259-4A19-4656-B588-C2C360DD18EA} HijackThis 2.0.2-->"C:\Programme\Trend Micro\HijackThis\HijackThis.exe" /uninstall Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT="" ICQ6.5-->"C:\Programme\InstallShield Installation Information\{60DE4033-9503-48D1-A483-7846BD217CA9}\setup.exe" -runfromtemp -l0x0009 -removeonly iTunes-->MsiExec.exe /I{99ECF41F-5CCA-42BD-B8B8-A8333E2E2944} Java DB 10.3.1.4-->MsiExec.exe /X{CD49361E-3FE6-457E-90A1-9C59E29B5D02} Java(TM) 6 Update 15-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF} Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050} Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070} Java(TM) SE Development Kit 6 Update 7-->MsiExec.exe /I{32A3A4F4-B792-11D6-A78A-00B0D0160070} LG USB Modem driver-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{C3ABE126-2BB2-4246-BFE1-6797679B3579}\setup.exe" -l0x7 LG -removeonly LG_MobileSync-->C:\Programme\InstallShield Installation Information\{0B7BA3EE-D7AC-494E-999D-DA58D6D01DAC}\setup.exe -runfromtemp -l0x0007 -removeonly MainConcept DTV Decoder Standard-->MsiExec.exe /I{059A00AC-1205-423C-91C7-7E6168D804DA} Malwarebytes' Anti-Malware-->"C:\Programme\Malwarebytes' Anti-Malware\unins000.exe" Mass Effect-->C:\Programme\Gemeinsame Dateien\BioWare\Uninstall Mass Effect.exe Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp" Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 2.0 Language Pack - DEU-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - DEU\install.exe Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7} Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} Microsoft Games for Windows - LIVE -->MsiExec.exe /X{4AA3D64E-9EC3-4B0F-AB91-5885AC55641F} Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe" Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe" Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} Microsoft WSE 3.0 Runtime-->MsiExec.exe /X{E3E71D07-CD27-46CB-8448-16D4FB29AA13} MobileMe Control Panel-->MsiExec.exe /I{DDBB28C8-B2AA-45A1-8DCE-059A798509FB} Mozilla Firefox (3.5.2)-->C:\Programme\Mozilla Firefox\uninstall\helper.exe MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 6.0 Parser (KB925673)-->MsiExec.exe /I{FE9126DB-5F84-495A-BB46-3C724F1C2D08} neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B} Next Generation Graphic Patch Update-->C:\Programme\EA Sports\FIFA 09\Uninstall_NextGen_Patch_Update.exe NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI NVIDIA nTune-->C:\PROGRA~1\GEMEIN~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF} /l1031 NVIDIA nView Desktop Manager-->C:\Programme\NVIDIA Corporation\nView\nViewSetup.exe -uninstall OpenAL-->"C:\Programme\OpenAL\oalinst.exe" /U OpenOffice.org 3.0-->MsiExec.exe /I{7EC19307-7C22-47A8-922B-3FA965291260} PunkBuster Services-->C:\WINDOWS\system32\pbsvc.exe -u QuickTime-->MsiExec.exe /I{C78EAC6F-7A73-452E-8134-DBB2165C5A68} Realtek High Definition Audio Driver-->RtlUpd.exe -r -m S.T.A.L.K.E.R. - Shadow of Chernobyl-->"E:\Games\S.T.A.L.K.E.R. - Shadow of Chernobyl\unins000.exe" Sicherheitsupdate für Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe" Sicherheitsupdate für Windows Internet Explorer 7 (KB972260)-->"C:\WINDOWS\ie7updates\KB972260-IE7\spuninst\spuninst.exe" Steam(TM)-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3} System Requirements Lab-->C:\Programme\SystemRequirementsLab\Uninstall.exe TechniSat DVB-PC TV Star-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{D032A7F0-8B5C-4603-8B46-235025D5F9C1}\Setup.exe" -l0x7 anything -removeonly Technisat DVB-VC80 Redistributable Modules-->MsiExec.exe /I{134007CC-7026-46C2-B46F-40D9FD2AF385} TuneUp Utilities 2009-->MsiExec.exe /I{55A29068-F2CE-456C-9148-C869879E2357} Uninstall 1.0.0.0-->"C:\Programme\Gemeinsame Dateien\DVDVideoSoft\unins000.exe" VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B} VideoLAN VLC media player 0.8.6f-->C:\Programme\VideoLAN\VLC\uninstall.exe Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe" Windows Media Format 11 runtime-->"C:\Programme\Windows Media Player\wmsetsdk.exe" /UninstallAll Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe" Windows Media Player 11-->"C:\Programme\Windows Media Player\Setup_wm.exe" /Uninstall Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe" Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4} Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840} WinRAR-->C:\Programme\WinRAR\uninstall.exe WinUHA 2.0 RC1 (2005.02.27)-->C:\Programme\WinUHA\unins000.exe =====HijackThis Backups===== O17 - HKLM\System\CS3\Services\Tcpip\Parameters: NameServer = 85.255.112.66,85.255.112.131 [2009-04-10] O17 - HKLM\System\CS2\Services\Tcpip\..\{503D45AC-065D-4617-ABF4-956950A54C77}: NameServer = 85.255.112.66,85.255.112.131 [2009-04-10] O20 - Winlogon Notify: byXRhFVo - byXRhFVo.dll (file missing) [2009-04-10] O4 - HKUS\S-1-5-19\..\Run: [rukoyuzama] Rundll32.exe "C:\WINDOWS\system32\lizasaja.dll",s (User 'LOKALER DIENST') [2009-04-10] O17 - HKLM\System\CCS\Services\Tcpip\..\{932BD8F2-E7B9-4491-9718-BA3608AA7A00}: NameServer = 85.255.112.66,85.255.112.131 [2009-04-10] O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.112.66,85.255.112.131 [2009-04-10] O17 - HKLM\System\CS1\Services\Tcpip\..\{503D45AC-065D-4617-ABF4-956950A54C77}: NameServer = 85.255.112.66,85.255.112.131 [2009-04-10] O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.112.66,85.255.112.131 [2009-04-10] O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.112.66,85.255.112.131 [2009-04-10] O17 - HKLM\System\CCS\Services\Tcpip\..\{503D45AC-065D-4617-ABF4-956950A54C77}: NameServer = 85.255.112.66,85.255.112.131 [2009-04-10] O17 - HKLM\System\CS3\Services\Tcpip\..\{503D45AC-065D-4617-ABF4-956950A54C77}: NameServer = 85.255.112.66,85.255.112.131 [2009-04-10] O20 - Winlogon Notify: lzwbyrsk - C:\WINDOWS\SYSTEM32\lzwbyrsk.dll [2009-04-10] O23 - Service: ICF - Unknown owner - C:\WINDOWS\system32\svchost.exe:ext.exe [2009-04-10] O21 - SSODL: TvEvyDexK - {28C4DA15-826E-70BF-C07D-0F3A5DF86FDC} - C:\WINDOWS\system32\hea.dll [2009-04-10] O20 - Winlogon Notify: lzwbyrsk - lzwbyrsk.dll (file missing) [2009-04-18] O21 - SSODL: TvEvyDexK - {28C4DA15-826E-70BF-C07D-0F3A5DF86FDC} - C:\WINDOWS\System32\hea.dll [2009-04-18] O20 - Winlogon Notify: lzwbyrsk - lzwbyrsk.dll (file missing) [2009-04-18] ======Security center information====== AV: AntiVir Desktop ======System event log====== Computer Name: PC-*** Event Code: 7001 Message: Der Dienst "RAS-Verbindungsverwaltung" ist vom Dienst "Telefonie" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden. Record Number: 3786 Source Name: Service Control Manager Time Written: 20090814172731.000000+120 Event Type: Fehler User: Computer Name: PC-*** Event Code: 7001 Message: Der Dienst "RAS-Verbindungsverwaltung" ist vom Dienst "Telefonie" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden. Record Number: 3785 Source Name: Service Control Manager Time Written: 20090814172730.000000+120 Event Type: Fehler User: Computer Name: PC-*** Event Code: 7001 Message: Der Dienst "RAS-Verbindungsverwaltung" ist vom Dienst "Telefonie" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden. Record Number: 3784 Source Name: Service Control Manager Time Written: 20090814172500.000000+120 Event Type: Fehler User: Computer Name: PC-*** Event Code: 7001 Message: Der Dienst "RAS-Verbindungsverwaltung" ist vom Dienst "Telefonie" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden. Record Number: 3783 Source Name: Service Control Manager Time Written: 20090814172500.000000+120 Event Type: Fehler User: Computer Name: PC-*** Event Code: 7001 Message: Der Dienst "RAS-Verbindungsverwaltung" ist vom Dienst "Telefonie" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden. Record Number: 3782 Source Name: Service Control Manager Time Written: 20090814172500.000000+120 Event Type: Fehler User: =====Application event log===== Computer Name: PC-*** Event Code: 1000 Message: Die Leistungsindikatoren für den Dienst WmiApRpl (WmiApRpl) wurden geladen. Die Daten enthalten die dem Dienst zugeordneten neuen Indexwerte. Record Number: 5530 Source Name: LoadPerf Time Written: 20090426152500.000000+120 Event Type: Informationen User: Computer Name: PC-*** Event Code: 1001 Message: Die Leistungsindikatoren für den Dienst WmiApRpl (WmiApRpl) wurden entfernt. Die Daten enthalten die neuen Werte der Registrierungseinträge Last Counter und Last Help. Record Number: 5529 Source Name: LoadPerf Time Written: 20090426152458.000000+120 Event Type: Informationen User: Computer Name: PC-*** Event Code: 2444 Message: MS DTC wurde mit den folgenden Einstellungen gestartet: Sicherheitskonfiguration (AUS = 0 und EIN = 1): Netzwerkverwaltung von Transaktionen = 0, Netzwerkclients = 0, Eingehende verteilte Transaktionen mithilfe des systemeigenen MSDTC-Protokolls = 0, Ausgehende verteilte Transaktionen mithilfe des systemeigenen MSDTC-Protokolls = 0, Transaction Internet Protocol (TIP) = 0, XA-Transaktionen = 0 Record Number: 5528 Source Name: MSDTC Time Written: 20090426152145.000000+120 Event Type: Informationen User: Computer Name: PC-*** Event Code: 102 Message: wuaueng.dll (2552) SUS20ClientDataStore: Das Datenbankmodul hat eine neue Instanz gestartet (0). Record Number: 5527 Source Name: ESENT Time Written: 20090426152142.000000+120 Event Type: Informationen User: Computer Name: PC-*** Event Code: 100 Message: wuauclt (2552) Das Datenbankmodul 5.01.2600.5512 ist gestartet. Record Number: 5526 Source Name: ESENT Time Written: 20090426152142.000000+120 Event Type: Informationen User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\WBEM;C:\Programme\Gemeinsame Dateien\DivX Shared\;C:\Programme\QuickTime\QTSystem\ "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=15 "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 4 Stepping 1, GenuineIntel "PROCESSOR_REVISION"=0401 "NUMBER_OF_PROCESSORS"=2 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "CLASSPATH"=.;C:\Programme\Java\jre6\lib\ext\QTJava.zip "QTJAVA"=C:\Programme\Java\jre6\lib\ext\QTJava.zip -----------------EOF----------------- |
|
21.08.2009, 17:05
| #4 |
| | Internet langsam Logfile of random's system information tool 1.06 (written by random/random) Run by *** at 2009-08-21 17:56:32 Microsoft Windows XP Professional Service Pack 3 System drive C: has 5 GB (10%) free of 50 GB Total RAM: 1022 MB (57% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:56:36, on 21.08.2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16876) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programme\Avira\AntiVir Desktop\sched.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\RTHDCPL.EXE C:\Programme\Java\jre6\bin\jusched.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Programme\iTunes\iTunesHelper.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\rundll32.exe C:\Programme\Avira\AntiVir Desktop\avguard.exe C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Programme\Bonjour\mDNSResponder.exe C:\Programme\Java\jre6\bin\jqs.exe C:\Programme\NVIDIA Corporation\nTune\nTuneService.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\PnkBstrB.exe C:\WINDOWS\System32\TUProgSt.exe C:\Programme\iPod\bin\iPodService.exe C:\WINDOWS\system32\wuauclt.exe C:\Programme\Mozilla Firefox\firefox.exe C:\Dokumente und Einstellungen\***\Desktop\RSIT.exe C:\Programme\Trend Micro\HijackThis\***.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [nwiz] C:\Programme\NVIDIA Corporation\nView\nwiz.exe /install O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Programme\iTunes\iTunesHelper.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-20\..\Run: [InetChk] C:\DOKUME~1\NETWOR~1\LOKALE~1\Temp\ms1240510904.exe work (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Ruhezeit optimierung.bat O4 - Global Startup: Ruhezeit optimierung.bat O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1211057793730 O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab O20 - Winlogon Notify: lzwbyrsk - lzwbyrsk.dll (file missing) O21 - SSODL: TvEvyDexK - {28C4DA15-826E-70BF-C07D-0F3A5DF86FDC} - (no file) O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. - C:\Programme\Bonjour\mDNSResponder.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Programme\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Programme\NVIDIA Corporation\nTune\nTuneService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe O23 - Service: TuneUp Drive Defrag-Dienst (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe -- End of file - 6691 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\1-Klick-Wartung.job C:\WINDOWS\tasks\AppleSoftwareUpdate.job C:\WINDOWS\tasks\qlbfhucw.job C:\WINDOWS\tasks\WGASetup.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Programme\Java\jre6\bin\jp2ssv.dll [2009-07-25 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-07-25 73728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] SITEguard [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "High Definition Audio Property Page Shortcut"=C:\WINDOWS\system32\HDAShCut.exe [2005-01-07 61952] "SkyTel"=C:\WINDOWS\SkyTel.EXE [2006-06-28 2879488] "RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-06-28 16248320] "Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2006-06-28 69632] "KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k [] "SunJavaUpdateSched"=C:\Programme\Java\jre6\bin\jusched.exe [2009-07-25 149280] "nwiz"=C:\Programme\NVIDIA Corporation\nView\nwiz.exe [2009-07-09 1657376] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-07-14 13877248] "NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-07-14 86016] "AppleSyncNotifier"=C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2009-05-13 177472] "QuickTime Task"=C:\Programme\QuickTime\QTTask.exe [2009-05-26 413696] "iTunesHelper"=C:\Programme\iTunes\iTunesHelper.exe [2009-07-13 292128] C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart Ruhezeit optimierung.bat C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart Ruhezeit optimierung.bat [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\lzwbyrsk] lzwbyrsk.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] TvEvyDexK - {28C4DA15-826E-70BF-C07D-0F3A5DF86FDC} [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{f1c17d17-edb2-494f-84a3-b100a283a32d}"= [] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa] "authentication packages"=msv1_0 C:\WINDOWS\system32\xxyxxYoL "notification packages"=scecli C:\WINDOWS\system32\wisafiha.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati3vnxx.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ati3vnxx.sys] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Programme\Bonjour\mDNSResponder.exe"="C:\Programme\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour" "C:\Programme\ICQ6.5\ICQ.exe"="C:\Programme\ICQ6.5\ICQ.exe:*:Enabled:ICQ" "C:\Programme\Java\jre6\launch4j-tmp\JDownloader.exe"="C:\Programme\Java\jre6\launch4j-tmp\JDownloader.exe:*:Enabled:Java(TM) Platform SE binary" "C:\WINDOWS\system32\java.exe"="C:\WINDOWS\system32\java.exe:*:Enabled:Java(TM) Platform SE binary" "C:\Programme\Java\jre6\bin\javaw.exe"="C:\Programme\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary" "C:\Programme\Java\jre6\bin\java.exe"="C:\Programme\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary" "C:\Programme\Java\jdk1.6.0_07\jre\bin\java.exe"="C:\Programme\Java\jdk1.6.0_07\jre\bin\java.exe:*:Enabled:Java(TM) Platform SE binary" "C:\Programme\Valve\Steam\SteamApps\_bird_\counter-strike source\hl2.exe"="C:\Programme\Valve\Steam\SteamApps\_bird_\counter-strike source\hl2.exe:*:Enabled:hl2" "C:\Programme\Valve\Steam\SteamApps\common\america's army 3\Binaries\AA3Game.exe"="C:\Programme\Valve\Steam\SteamApps\common\america's army 3\Binaries\AA3Game.exe:*:Enabled:America's Army 3" "C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA" "C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB" "D:\CoD4\iw3mp.exe"="D:\CoD4\iw3mp.exe:*:Enabled:iw3mp" "C:\Programme\iTunes\iTunes.exe"="C:\Programme\iTunes\iTunes.exe:*:Enabled:iTunes" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\C] shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RECYCLER\S-1-7-39-100022214-100006762-100031483-4023.com c:\ shell\Open\command - RECYCLER\S-1-7-39-100022214-100006762-100031483-4023.com c:\ ======List of files/folders created in the last 1 months====== 2009-08-21 17:56:32 ----D---- C:\rsit 2009-08-21 17:06:34 ----D---- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Malwarebytes 2009-08-21 17:06:27 ----D---- C:\Programme\Malwarebytes' Anti-Malware 2009-08-21 17:06:27 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes 2009-08-15 14:03:46 ----D---- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Movier 2009-08-14 18:07:08 ----D---- C:\WINDOWS\pss 2009-08-14 17:54:05 ----D---- C:\Programme\iPod 2009-08-14 17:54:01 ----D---- C:\Programme\iTunes 2009-08-14 17:52:23 ----D---- C:\Programme\QuickTime 2009-08-14 17:51:49 ----SHD---- C:\Config.Msi 2009-08-11 18:28:33 ----D---- C:\Call of Juarez 2009-08-08 00:53:22 ----A---- C:\WINDOWS\system32\nvudisp.exe 2009-08-08 00:52:37 ----A---- C:\WINDOWS\system32\nvoglnt.dll 2009-08-08 00:52:37 ----A---- C:\WINDOWS\system32\nvcodins.dll 2009-08-08 00:52:37 ----A---- C:\WINDOWS\system32\nvcod.dll 2009-08-08 00:41:09 ----A---- C:\WINDOWS\system32\NVUNINST.EXE 2009-08-08 00:40:54 ----D---- C:\NVIDIA 2009-08-08 00:30:06 ----D---- C:\Programme\Driver Cleaner Pro 2009-08-08 00:17:02 ----A---- C:\WINDOWS\system32\d3dx10_41.dll 2009-08-08 00:17:02 ----A---- C:\WINDOWS\system32\D3DCompiler_41.dll 2009-08-08 00:17:01 ----A---- C:\WINDOWS\system32\XAudio2_4.dll 2009-08-08 00:17:01 ----A---- C:\WINDOWS\system32\XAPOFX1_3.dll 2009-08-08 00:17:01 ----A---- C:\WINDOWS\system32\xactengine3_4.dll 2009-08-08 00:17:01 ----A---- C:\WINDOWS\system32\D3DX9_41.dll 2009-08-08 00:17:00 ----A---- C:\WINDOWS\system32\X3DAudio1_6.dll 2009-08-08 00:17:00 ----A---- C:\WINDOWS\system32\d3dx10_40.dll 2009-08-08 00:17:00 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll 2009-08-08 00:16:59 ----A---- C:\WINDOWS\system32\XAudio2_3.dll 2009-08-08 00:16:59 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll 2009-08-08 00:16:59 ----A---- C:\WINDOWS\system32\xactengine3_3.dll 2009-08-08 00:16:59 ----A---- C:\WINDOWS\system32\D3DX9_40.dll 2009-08-08 00:16:58 ----A---- C:\WINDOWS\system32\XAudio2_2.dll 2009-08-08 00:16:58 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll 2009-08-08 00:16:58 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll 2009-08-08 00:16:57 ----A---- C:\WINDOWS\system32\xactengine3_2.dll 2009-08-08 00:16:56 ----A---- C:\WINDOWS\system32\d3dx10_39.dll 2009-08-08 00:16:56 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll 2009-08-07 23:59:37 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Innovative Solutions 2009-08-07 23:40:46 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Drivers HeadQuarters 2009-08-07 14:58:07 ----A---- C:\WINDOWS\system32\TUProgSt.exe 2009-08-07 14:58:06 ----A---- C:\WINDOWS\system32\uxtuneup.dll 2009-08-07 14:58:05 ----A---- C:\WINDOWS\system32\TuneUpDefragService.exe 2009-08-07 14:57:38 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software 2009-08-07 14:57:36 ----D---- C:\Programme\TuneUp Utilities 2009 2009-08-07 14:57:20 ----SHD---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{55A29068-F2CE-456C-9148-C869879E2357} 2009-08-06 18:58:56 ----D---- C:\WINDOWS\ie7updates 2009-08-06 18:33:01 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AA3DeployClient 2009-08-05 12:38:55 ----A---- C:\WINDOWS\system32\javaws.exe 2009-08-05 12:38:55 ----A---- C:\WINDOWS\system32\javaw.exe 2009-08-05 12:38:55 ----A---- C:\WINDOWS\system32\java.exe ======List of files/folders modified in the last 1 months====== 2009-08-21 17:55:49 ----D---- C:\Programme\Mozilla Firefox 2009-08-21 17:54:01 ----D---- C:\WINDOWS\Temp 2009-08-21 17:53:57 ----D---- C:\WINDOWS\system32\CatRoot2 2009-08-21 17:53:56 ----D---- C:\WINDOWS 2009-08-21 17:53:48 ----D---- C:\WINDOWS\system32\LogFiles 2009-08-21 17:53:05 ----D---- C:\WINDOWS\system32\drivers 2009-08-21 17:53:05 ----D---- C:\WINDOWS\system32 2009-08-21 17:52:38 ----A---- C:\WINDOWS\SchedLgU.Txt 2009-08-21 17:18:35 ----D---- C:\WINDOWS\Prefetch 2009-08-21 17:06:27 ----RD---- C:\Programme 2009-08-21 17:03:01 ----D---- C:\WINDOWS\Minidump 2009-08-21 13:31:17 ----A---- C:\WINDOWS\system32\PnkBstrB.exe 2009-08-21 10:48:34 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2009-08-17 15:20:28 ----SD---- C:\WINDOWS\Downloaded Program Files 2009-08-15 20:14:21 ----D---- C:\WINDOWS\Microsoft.NET 2009-08-15 20:14:13 ----RSD---- C:\WINDOWS\assembly 2009-08-15 14:11:55 ----D---- C:\Programme\Gemeinsame Dateien\DVDVideoSoft 2009-08-15 14:11:47 ----D---- C:\Programme\DVDVideoSoft 2009-08-15 14:09:04 ----D---- C:\DVDVideoSoft 2009-08-15 14:03:17 ----D---- C:\Programme\AVS4YOU 2009-08-15 14:03:13 ----D---- C:\Programme\Gemeinsame Dateien\AVSMedia 2009-08-15 13:59:03 ----D---- C:\Dokumente und Einstellungen\***\Anwendungsdaten\AVS4YOU 2009-08-15 03:24:27 ----SHD---- C:\WINDOWS\Installer 2009-08-15 03:22:57 ----D---- C:\WINDOWS\WinSxS 2009-08-15 00:35:29 ----D---- C:\WINDOWS\Debug 2009-08-14 18:23:14 ----D---- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla 2009-08-14 17:57:38 ----HD---- C:\WINDOWS\inf 2009-08-14 17:54:05 ----D---- C:\Programme\Gemeinsame Dateien\Apple 2009-08-14 17:50:08 ----DC---- C:\WINDOWS\system32\DRVSTORE 2009-08-13 02:12:07 ----RSHDC---- C:\WINDOWS\system32\dllcache 2009-08-13 02:10:53 ----HD---- C:\WINDOWS\$hf_mig$ 2009-08-13 02:09:59 ----D---- C:\Programme\Outlook Express 2009-08-08 19:25:53 ----D---- C:\WINDOWS\system32\CatRoot 2009-08-08 00:54:29 ----D---- C:\WINDOWS\Help 2009-08-08 00:17:03 ----D---- C:\WINDOWS\system32\DirectX 2009-08-07 14:58:08 ----D---- C:\WINDOWS\system32\config 2009-08-07 14:58:07 ----SD---- C:\WINDOWS\Tasks 2009-08-06 20:13:17 ----A---- C:\WINDOWS\system32\PnkBstrA.exe 2009-08-06 20:13:16 ----A---- C:\WINDOWS\system32\pbsvc.exe 2009-08-06 19:14:54 ----D---- C:\Programme\Internet Explorer 2009-08-06 18:59:08 ----D---- C:\WINDOWS\system32\de-de 2009-08-06 18:57:55 ----HDC---- C:\WINDOWS\ie7 2009-08-06 18:25:19 ----D---- C:\WINDOWS\system32\XPSViewer 2009-08-06 18:25:15 ----D---- C:\WINDOWS\system32\en-us 2009-08-06 18:25:08 ----RSD---- C:\WINDOWS\Fonts 2009-08-05 12:38:54 ----D---- C:\Programme\Java 2009-08-05 10:59:36 ----A---- C:\WINDOWS\system32\mswebdvd.dll 2009-07-30 02:49:14 ----A---- C:\WINDOWS\system32\MRT.exe 2009-07-25 05:23:00 ----A---- C:\WINDOWS\system32\deploytk.dll 2009-07-24 22:22:05 ----D---- C:\Programme\Gemeinsame Dateien\Adobe 2009-07-24 22:21:55 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Adobe 2009-07-24 22:21:36 ----D---- C:\Programme\Adobe ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 avgio;avgio; \??\C:\Programme\Avira\AntiVir Desktop\avgio.sys [] R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-04-27 96104] R1 intelppm;Intel-Prozessortreiber; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40448] R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-06-09 28520] R1 WS2IFSL;Windows Socket 2.0 Non-IFS-Dienstanbieter-Unterstützungsumgebung; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2008-04-14 12032] R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2008-08-29 278984] R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-08-05 55656] R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2008-08-29 25416] R2 npf;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2007-11-15 34064] R2 tifsfilter;Acronis True Image FS Filter; C:\WINDOWS\system32\DRIVERS\tifsfilt.sys [2008-09-14 44384] R2 tmcomm;tmcomm; \??\C:\WINDOWS\system32\drivers\tmcomm.sys [] R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2005-03-25 132608] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400] R3 HDAudBus;Microsoft UAA-Bustreiber für High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384] R3 HidUsb;Microsoft HID Class-Treiber; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-06-28 4304384] R3 mouhid;Maus-HID-Treiber; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-04-14 12288] R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-07-14 7741664] R3 NVR0Dev;NVR0Dev; \??\C:\WINDOWS\nvoclock.sys [] R3 usbehci;Miniporttreiber für erweiterten Microsoft USB 2.0-Hostcontroller; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208] R3 usbhub;USB2-aktivierter Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520] R3 usbuhci;Miniporttreiber für universellen Microsoft USB-Hostcontroller; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608] S1 ntiomin;ntiomin; C:\WINDOWS\system32\drivers\ntiomin.sys [] S1 wineoqo;wineoqo; \??\C:\WINDOWS\system32\drivers\wineoqo.sys [] S3 a8r1g7so;a8r1g7so; C:\WINDOWS\system32\drivers\a8r1g7so.sys [] S3 agx6uf85;agx6uf85; C:\WINDOWS\system32\drivers\agx6uf85.sys [] S3 bac2A;bac2A; \??\C:\WINDOWS\system32\bac2A.sys [] S3 bes06e0;bes06e0; C:\WINDOWS\System32\drivers\bes06e0.sys [] S3 cjh3fe9;cjh3fe9; C:\WINDOWS\System32\drivers\cjh3fe9.sys [] S3 dsa01c7;dsa01c7; C:\WINDOWS\System32\drivers\dsa01c7.sys [] S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys [] S3 febbcd0;febbcd0; C:\WINDOWS\System32\drivers\febbcd0.sys [] S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\HdAudio.sys [2005-01-07 145920] S3 hjmda49;hjmda49; C:\WINDOWS\System32\drivers\hjmda49.sys [] S3 ihq7e73;ihq7e73; C:\WINDOWS\System32\drivers\ihq7e73.sys [] S3 ips2eec;ips2eec; C:\WINDOWS\System32\drivers\ips2eec.sys [] S3 kmkaedc;kmkaedc; C:\WINDOWS\System32\drivers\kmkaedc.sys [] S3 lbe9c23;lbe9c23; C:\WINDOWS\System32\drivers\lbe9c23.sys [] S3 oisa138;oisa138; C:\WINDOWS\System32\drivers\oisa138.sys [] S3 pcr7b7b;pcr7b7b; C:\WINDOWS\System32\drivers\pcr7b7b.sys [2009-04-02 21664] S3 qga7c16;qga7c16; C:\WINDOWS\System32\drivers\qga7c16.sys [] S3 qkne972;qkne972; C:\WINDOWS\System32\drivers\qkne972.sys [] S3 rao7a34;rao7a34; C:\WINDOWS\System32\drivers\rao7a34.sys [] S3 rpk939c;rpk939c; C:\WINDOWS\System32\drivers\rpk939c.sys [] S3 rro75f1;rro75f1; C:\WINDOWS\System32\drivers\rro75f1.sys [] S3 sao59e0;sao59e0; C:\WINDOWS\System32\drivers\sao59e0.sys [] S3 tcq5dde;tcq5dde; C:\WINDOWS\System32\drivers\tcq5dde.sys [] S3 tnie529;tnie529; C:\WINDOWS\System32\drivers\tnie529.sys [] S3 TVICHW32;TVICHW32; \??\C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS [] S3 USBSTOR;USB-Massenspeichertreiber; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368] S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-04-20 479200] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\WINDOWS\system32\DRIVERS\xusb21.sys [2007-02-26 61984] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] |
|
21.08.2009, 17:07
| #5 |
| | Internet langsam ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AntiVirSchedulerService;Avira AntiVir Planer; C:\Programme\Avira\AntiVir Desktop\sched.exe [2009-06-09 108289] R2 AntiVirService;Avira AntiVir Guard; C:\Programme\Avira\AntiVir Desktop\avguard.exe [2009-08-05 185089] R2 Apple Mobile Device;Apple Mobile Device; C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-07-09 144712] R2 Bonjour Service;Bonjour-Dienst; C:\Programme\Bonjour\mDNSResponder.exe [2008-12-12 238888] R2 JavaQuickStarterService;Java Quick Starter; C:\Programme\Java\jre6\bin\jqs.exe [2009-07-25 153376] R2 nTuneService;nTune Service; C:\Programme\NVIDIA Corporation\nTune\nTuneService.exe [2007-09-04 131072] R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-07-14 168004] R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-08-06 75064] R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2009-08-21 189104] R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service; C:\WINDOWS\System32\TUProgSt.exe [2009-08-07 604488] R2 UxTuneUp;TuneUp Designerweiterung; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336] R3 iPod Service;iPod-Dienst; C:\Programme\iPod\bin\iPodService.exe [2009-07-13 542496] S2 kcihaesuv;kcihaesuv; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 IDriverT;InstallDriver Table Manager; C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 TuneUp.Defrag;TuneUp Drive Defrag-Dienst; C:\WINDOWS\System32\TuneUpDefragService.exe [2009-08-07 361288] S3 WMPNetworkSvc;Windows Media Player-Netzwerkfreigabedienst; C:\Programme\Windows Media Player\WMPNetwk.exe [2006-11-03 920576] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] S4 aspnet_state;ASP.NET-Zustandsdienst; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF----------------- |
|
21.08.2009, 17:08
| #6 |
| | Internet langsam Malwarebytes' Anti-Malware 1.40 Datenbank Version: 2670 Windows 5.1.2600 Service Pack 3 21.08.2009 17:51:51 mbam-log-2009-08-21 (17-51-51).txt Scan-Methode: Vollständiger Scan (C:\|D:\|E:\|Z:\|) Durchsuchte Objekte: 217571 Laufzeit: 43 minute(s), 36 second(s) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 15 Infizierte Registrierungswerte: 3 Infizierte Dateiobjekte der Registrierung: 3 Infizierte Verzeichnisse: 0 Infizierte Dateien: 6 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\cs41275 (Malware.Trace) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\instkey (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\AGprotect (Malware.Trace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\seneka (Rootkit.Trace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\xpreapp (Malware.Trace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\tcpsr (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SkyNet (Trojan.Agent) -> Quarantined and deleted successfully. Infizierte Registrierungswerte: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\kr_done1 (Malware.Trace) -> Quarantined and deleted successfully. HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\MyID (Malware.Trace) -> Quarantined and deleted successfully. Infizierte Dateiobjekte der Registrierung: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Hijack.Userinit) -> Bad: (C:\WINDOWS\system32\userinit.exe,C:\Dokumente und Einstellungen\Julian\hlro.exe \s) Good: (Userinit.exe) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{932bd8f2-e7b9-4491-9718-ba3608aa7a00}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.66,85.255.112.131 -> Quarantined and deleted successfully. Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: C:\WINDOWS\system32\gaopdxcounter (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\kr_done1 (Malware.Trace) -> Quarantined and deleted successfully. C:\WINDOWS\system32\senekakpxvnofl.dat (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\senekaogmtaswu.dat (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\senekatfqrstho.dat (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\senekaukefqggp.dat (Trojan.Agent) -> Quarantined and deleted successfully. |
|
| Themen zu Internet langsam |
| adobe, antivir, antivir guard, avira, bho, bonjour, desktop, einstellungen, explorer, firefox, hijack, hijackthis, hijackthis log, hkus\s-1-5-18, internet, internet explorer, internet langsam, langsam, mozilla, neustart, nvidia, plug-in, rundll, sehr langsam, shortcut, software, system, temp, tuneup.defrag, userinit.exe, windows, windows xp |
Hybrid-Darstellung
