Trojaner?

klausschaal · 06.10.2009, 19:06

Hallo Liebe Gemeinde!

Mein Lap-Top hat zur Zeit ein massives Problem;

Diverse Software wie zB BlackBerry oder zB TuneUp Utilitys 2009 "stürtzt" sofort nach dem Start ab.

Folgendes Post habe ich von HIJACK:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:51:41, on 05.10.2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Apoint\ApMsgFwd.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.bearshare.com/de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\PROGRA~1\GOOGLE~1\BAE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'Default user')
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O13 - Gopher Prefix:
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Unknown owner - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\stacsv.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\Windows\System32\TUProgSt.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Media Content Collection (VAIOMediaPlatform-UCLS-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe
O23 - Service: VAIO Media Content Collection (HTTP) (VAIOMediaPlatform-UCLS-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Content Collection (UPnP) (VAIOMediaPlatform-UCLS-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 9843 bytes

Was ist nun hier falsch? Diverse Software habe ich schon neu aufgesetzt...

Bitte helft mir.

Vielen Dank im voraus!

kira · 06.10.2009, 21:27

Hallo und Herzlich Willkommen!

Zitat:

Zitat von klausschaal

Was ist nun hier falsch? Diverse Software habe ich schon neu aufgesetzt...

was heißt das jetzt?
dein System neu aufgesetzt oder Programme deinstalliert und wieder neu installiert ?

- Die Anweisungen bitte gründlich lesen und immer streng einhalten, da ich die Reihenfolge nach bestimmten Kriterien vorbereitet habe:
1.
- Lade dir RSIT - 2.
Ich würde gerne noch all deine installierten Programme sehen:
Lade dir das Tool CCleaner herunter
installieren ("Füge CCleaner Yahoo! Toolbar hinzu" abwählen)→ starten→ unter Options settings-> "german" einstellen
dann klick auf "Extra (um die installierten Programme auch anzuzeigen)→ weiter auf "Als Textdatei speichern..."
wird eine Textdatei (*.txt) erstellt, kopiere dazu den Inhalt und füge ihn da ein

Zitat:

Damit dein Thread übersichtlicher und schön lesbar bleibt, am besten nutze den Code-Tags für deinen Post:
→ vor dein Log schreibst Du:[code]
hier kommt dein Logfile rein
→ dahinter:[/code]

gruß
Coverflow

klausschaal · 06.10.2009, 21:42

Das System ist seid dem Kauf vom Laptop noch nie neu aufgespielt worden.

Die Software - nicht das Betriebssystem wurde drauf gespielt.

----

Logfile of random's system information tool 1.06 (written by random/random)
Run by Bastian Schumann at 2009-10-06 22:37:17
Microsoft® Windows Vista™ Home Premium Service Pack 1
System drive C: has 61 GB (34%) free of 180 GB
Total RAM: 3070 MB (61% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:37:46, on 06.10.2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Apoint\ApMsgFwd.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\ICQ6.5\ICQ.exe
C:\Windows\system32\wuauclt.exe
C:\Users\Bastian Schumann\Downloads\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Bastian Schumann.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.bearshare.com/de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\PROGRA~1\GOOGLE~1\BAE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'Default user')
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O13 - Gopher Prefix:
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Unknown owner - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\stacsv.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\Windows\System32\TUProgSt.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Media Content Collection (VAIOMediaPlatform-UCLS-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe
O23 - Service: VAIO Media Content Collection (HTTP) (VAIOMediaPlatform-UCLS-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Content Collection (UPnP) (VAIOMediaPlatform-UCLS-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 9928 bytes

======Scheduled tasks folder======

C:\Windows\tasks\1-Klick-Wartung.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2008-09-24 308832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2009-01-28 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Anmelde-Hilfsprogramm - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA6319C0-31B7-401E-A518-A07C3DB8F777}]
CBrowserHelperObject Object - C:\PROGRA~1\GOOGLE~1\BAE.dll [2006-06-23 98304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-01-28 34816]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-18 1008184]
"Apoint"=C:\Program Files\Apoint\Apoint.exe [2007-06-10 118784]
"NvSvc"=C:\Windows\system32\nvsvc.dll [2007-10-30 86016]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2007-10-30 8429568]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2007-10-30 81920]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BlackBerryAutoUpdate]
C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe /background []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MarketingTools]
C:\Program Files\Sony\Marketing Tools\MarketingTools.exe [2007-11-02 36864]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector]
C:\Program Files\Picasa2\PicasaMediaDetector.exe [2008-02-26 443968]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxWatchTray]
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2008-09-24 185872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BTTray.lnk]
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe [2007-08-28 739880]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Desktop Manager.lnk]
C:\PROGRA~1\RESEAR~1\BLACKB~1\DESKTO~1.EXE []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\VESWinlogon]
C:\Windows\system32\VESWinlogon.dll [2007-08-14 98304]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{04f8efdc-737b-11de-8b98-001e3d897022}]
shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe WILKENS.vbs

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{16f31be0-4b73-11dd-9766-001e3d897022}]
shell\AutoRun\command - G:\SETUP.EXE
shell\configure\command - G:\SETUP.EXE
shell\install\command - G:\SETUP.EXE

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b9599774-9229-11de-8f8f-001e3d897022}]
shell\AutoRun\command - H:\LaunchU3.exe -a

======List of files/folders created in the last 1 months======

2009-10-06 22:37:17 ----D---- C:\rsit
2009-10-05 12:41:51 ----D---- C:\Users\Bastian Schumann\AppData\Roaming\Malwarebytes
2009-10-05 12:41:46 ----D---- C:\ProgramData\Malwarebytes
2009-10-05 12:41:46 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-10-05 09:51:00 ----D---- C:\Program Files\Trend Micro
2009-10-03 14:36:35 ----N---- C:\Windows\system32\MpSigStub.exe
2009-09-09 08:57:34 ----A---- C:\Windows\system32\netiohlp.dll
2009-09-09 08:57:33 ----A---- C:\Windows\system32\TCPSVCS.EXE
2009-09-09 08:57:33 ----A---- C:\Windows\system32\NETSTAT.EXE
2009-09-09 08:57:33 ----A---- C:\Windows\system32\ARP.EXE
2009-09-09 08:57:32 ----A---- C:\Windows\system32\ROUTE.EXE
2009-09-09 08:57:32 ----A---- C:\Windows\system32\MRINFO.EXE
2009-09-09 08:57:32 ----A---- C:\Windows\system32\HOSTNAME.EXE
2009-09-09 08:57:32 ----A---- C:\Windows\system32\finger.exe
2009-09-09 08:57:31 ----A---- C:\Windows\system32\netevent.dll
2009-09-09 08:57:09 ----A---- C:\Windows\system32\wlansvc.dll
2009-09-09 08:57:09 ----A---- C:\Windows\system32\wlansec.dll
2009-09-09 08:57:09 ----A---- C:\Windows\system32\wlanmsm.dll
2009-09-09 08:57:09 ----A---- C:\Windows\system32\L2SecHC.dll
2009-09-09 08:57:04 ----A---- C:\Windows\system32\WMVCORE.DLL
2009-09-09 08:57:04 ----A---- C:\Windows\system32\mf.dll
2009-09-09 08:56:55 ----A---- C:\Windows\system32\jscript.dll

======List of files/folders modified in the last 1 months======

2009-10-06 22:37:28 ----D---- C:\Windows\Temp
2009-10-06 17:33:50 ----D---- C:\Tecis
2009-10-06 16:58:08 ----SHD---- C:\System Volume Information
2009-10-06 12:17:59 ----D---- C:\Windows\Prefetch
2009-10-05 12:41:48 ----D---- C:\Windows\system32\drivers
2009-10-05 12:41:46 ----HD---- C:\ProgramData
2009-10-05 12:41:46 ----D---- C:\Program Files
2009-10-05 11:42:22 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-10-05 03:01:52 ----SHD---- C:\Windows\Installer
2009-10-05 03:01:45 ----D---- C:\Windows
2009-10-03 14:36:35 ----D---- C:\Windows\System32
2009-09-30 16:25:46 ----D---- C:\ProgramData\Roxio
2009-09-30 16:25:44 ----D---- C:\Program Files\Common Files\Roxio Shared
2009-09-30 16:25:44 ----D---- C:\Program Files\Common Files
2009-09-30 16:25:38 ----RSD---- C:\Windows\Fonts
2009-09-30 16:19:18 ----D---- C:\Windows\system32\catroot
2009-09-30 16:19:18 ----D---- C:\Windows\inf
2009-09-27 19:14:03 ----D---- C:\Windows\system32\catroot2
2009-09-25 14:29:36 ----D---- C:\Program Files\EASY
2009-09-19 13:51:53 ----D---- C:\ProgramData\Sonic
2009-09-13 21:36:44 ----A---- C:\Users\Bastian Schumann\AppData\Roaming\burnaware.ini
2009-09-13 19:46:56 ----D---- C:\Program Files\Common Files\Adobe AIR
2009-09-11 11:42:56 ----D---- C:\Windows\winsxs
2009-09-10 14:30:25 ----D---- C:\Windows\rescache
2009-09-10 11:31:47 ----D---- C:\Windows\system32\de-DE
2009-09-10 11:31:47 ----D---- C:\Program Files\Windows Mail
2009-09-10 11:20:29 ----D---- C:\Program Files\Mozilla Firefox
2009-09-10 09:36:20 ----D---- C:\ProgramData\Microsoft Help
2009-09-10 09:34:27 ----D---- C:\Windows\ehome
2009-09-09 11:09:34 ----D---- C:\Windows\system32\WDI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 DMICall;Sony DMI Call service; C:\Windows\system32\DRIVERS\DMICall.sys [2007-09-19 10216]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-06-09 28520]
R1 Uim_IM;UIM Drive Backup Image Plugin; C:\Windows\System32\Drivers\Uim_IM.sys [2008-06-28 130688]
R1 UimBus;Universal Image Mounter Controller; C:\Windows\system32\DRIVERS\UimBus.sys [2008-06-28 33072]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2009-08-06 55656]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2007-10-05 12672]
R2 regi;regi; C:\Windows\system32\drivers\regi.sys [2007-04-17 11032]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-10-05 8192]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2007-06-10 140800]
R3 BthEnum;Bluetooth-Auflistungsdienst; C:\Windows\system32\DRIVERS\BthEnum.sys [2008-06-23 19456]
R3 BthPan;Bluetooth-Gerät (PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-18 92160]
R3 BTHUSB;USB-Treiber für Bluetooth-Funkgerät; C:\Windows\System32\Drivers\BTHUSB.sys [2008-06-23 29184]
R3 btwaudio;Bluetooth-Audiogerät; C:\Windows\system32\drivers\btwaudio.sys [2007-10-10 81448]
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2008-05-13 100392]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2007-10-10 28464]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2007-10-10 17448]
R3 CmBatt;Treiber für Microsoft-ACPI-Kontrollmethodenkompatible Batterie; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-18 14208]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2007-10-05 985600]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2007-10-05 207360]
R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-11-17 3668480]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-10-30 7115072]
R3 R5U870FLx86;R5U870 UVC Lower Filter ; C:\Windows\System32\Drivers\R5U870FLx86.sys [2007-10-30 75008]
R3 R5U870FUx86;R5U870 UVC Upper Filter ; C:\Windows\System32\Drivers\R5U870FUx86.sys [2007-10-30 43904]
R3 RFCOMM;Bluetooth-Gerät (RFCOMM-Protokoll-TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2008-01-18 49664]
R3 SFEP;Sony Firmware Extension Parser; C:\Windows\system32\DRIVERS\SFEP.sys [2007-08-29 9344]
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\drivers\stwrt.sys [2007-10-27 330240]
R3 ti21sony;ti21sony; C:\Windows\system32\drivers\ti21sony.sys [2007-06-06 812544]
R3 usbvideo;R5U870 (UVC) ; C:\Windows\System32\Drivers\usbvideo.sys [2008-01-18 134016]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2007-10-05 659968]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-18 83328]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2007-10-22 289280]
S1 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys []
S3 BTHPORT;Bluetooth-Porttreiber; C:\Windows\System32\Drivers\BTHport.sys [2008-06-23 220160]
S3 drmkaud;Microsoft Kernel-DRM-Audioentschlüsselung; C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632]
S3 gmer;gmer; C:\Windows\System32\DRIVERS\gmer.sys [2008-08-12 85713]
S3 HdAudAddService;Microsoft 1.1 UAA-Funktionstreiber für High Definition Audio-Dienst; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\mbamswissarmy.sys [2009-09-10 38224]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192]
S3 MSPCLOCK;Microsoft Proxy für Streaming Clock; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888]
S3 MSPQM;Microsoft Proxy für Streaming Quality Manager; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016]
S3 NETw4v32;Intel(R) Wireless WiFi Link Adaptertreiber für Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-09-19 2222080]
S3 RimUsb;BlackBerry-Smartphone; C:\Windows\System32\Drivers\RimUsb.sys []
S3 RimVSerPort;RIM Virtual Serial Port v2; C:\Windows\system32\DRIVERS\RimSerial.sys [2007-01-18 26496]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2008-01-18 8192]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2007-02-13 128104]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-18 39936]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

klausschaal · 06.10.2009, 21:43

Teil 2

R2 AntiVirSchedulerService;Avira AntiVir Planer; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-06-09 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-08-06 185089]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-10-01 116040]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-18 21504]
R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-04 112152]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2009-07-08 75064]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 STacSV;SigmaTel Audio Service; C:\Windows\system32\stacsv.exe [2007-10-27 102400]
R2 TuneUp.ProgramStatisticsSvc;@%SystemRoot%\System32\TUProgSt.exe,-1; C:\Windows\System32\TUProgSt.exe [2009-09-06 604488]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2008-01-18 21504]
R2 VAIO Event Service;VAIO Event Service; C:\Program Files\Sony\VAIO Event Service\VESMgr.exe [2007-08-14 182392]
R2 VzCdbSvc;VAIO Entertainment Database Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [2007-08-28 192512]
R2 VzFw;VAIO Entertainment File Import Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe [2007-08-28 131072]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-10-05 386560]
R3 Vcsw;VAIO Entertainment UPnP Client Adapter; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [2007-06-28 274432]
S2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
S2 RoxLiveShare9;LiveShare P2P Server 9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe []
S3 aspnet_state;ASP.NET-Zustandsdienst; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-27 34312]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-10 137200]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 MSCSPTISRV;MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [2006-12-14 45056]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PACSPTISVR;PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [2006-12-14 57344]
S3 SPTISRV;Sony SPTI Service; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [2006-12-14 69632]
S3 TuneUp.Defrag;@%SystemRoot%\System32\TuneUpDefragService.exe,-1; C:\Windows\System32\TuneUpDefragService.exe [2009-09-06 361288]
S3 usprserv;User Privilege Service; C:\Windows\System32\svchost.exe [2008-01-18 21504]
S3 VAIO Entertainment TV Device Arbitration Service;VAIO Entertainment TV Device Arbitration Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe [2007-06-28 73728]
S3 VAIOMediaPlatform-IntegratedServer-AppServer;VAIO Media Integrated Server; C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe [2007-06-20 2523136]
S3 VAIOMediaPlatform-IntegratedServer-HTTP;VAIO Media Integrated Server (HTTP); C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [2007-06-20 397312]
S3 VAIOMediaPlatform-IntegratedServer-UPnP;VAIO Media Integrated Server (UPnP); C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [2007-06-20 1089536]
S3 VAIOMediaPlatform-Mobile-Gateway;VAIO Media Gateway Server; C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe [2007-06-20 499712]
S3 VAIOMediaPlatform-UCLS-AppServer;VAIO Media Content Collection; C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe [2007-01-10 745472]
S3 VAIOMediaPlatform-UCLS-HTTP;VAIO Media Content Collection (HTTP); C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [2007-06-20 397312]
S3 VAIOMediaPlatform-UCLS-UPnP;VAIO Media Content Collection (UPnP); C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [2007-06-20 1089536]
S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager; C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2007-09-28 292128]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface; C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe [2007-09-20 79136]

-----------------EOF-----------------

klausschaal · 06.10.2009, 21:50

Activation Assistant for the 2007 Microsoft Office suites Microsoft Corporation 22.06.2008 14,0MB
Adobe AIR Adobe Systems Inc. 12.09.2009
Adobe Flash Player 10 ActiveX Adobe Systems Incorporated 20.03.2009
Adobe Flash Player 10 Plugin Adobe Systems Incorporated 09.09.2009
Adobe Reader 8.1.4 - Deutsch Adobe Systems Incorporated 30.03.2009 99,8MB
AGEIA PhysX v7.11.13 AGEIA Technologies, Inc. 14.05.2009 99,7MB
Alps Pointing-device for VAIO 01.11.2007 2,78MB
Apple Mobile Device Support Apple Inc. 05.11.2008 37,1MB
Apple Software Update Apple Inc. 05.11.2008 2,16MB
ArcSoft Magic-i Visual Effects Installer ArcSoft 22.06.2008 17,5MB
Avira AntiVir Personal - Free Antivirus Avira GmbH 07.06.2009 65,3MB
AXA Beratungstechnologie AXA Service AG 30.06.2008 1.543,0MB
BeatportDownloader Beatport LLC 21.12.2008 1,40MB
Benutzerdefinierte Voreinstellungen für SonicStage Mastering Studio Audio Filter Sony Corporation 08.01.2008 14,1MB
Browser Address Error Redirector 22.06.2008
Bullzip PDF Printer 6.0.0.741 Bullzip 11.01.2009 13,8MB
BurnAware Free 2.3.6 Burnaware Technologies 01.07.2009 12,8MB
CCleaner (remove only) Piriform 05.10.2009 2,71MB
Citrix Presentation Server Client - Nur Web Citrix Systems, Inc. 22.06.2008 19,8MB
Click to Disc Sony Corporation 08.01.2008 62,1MB
Click to Disc Editor Sony Corporation 08.01.2008 155,4MB
DivX Converter DivX, Inc. 24.09.2008 52,7MB
DivX Player DivXNetworks, Inc. 24.09.2008 52,7MB
DivX Web Player DivX,Inc. 24.09.2008 52,7MB
DSD Direct Sony Corporation 08.01.2008 10,9MB
DSD Direct Player Sony Corporation 08.01.2008 7,49MB
DSD Playback Plug-in Sony Corporation 08.01.2008 8,42MB
DVD Decrypter (Remove Only) 24.09.2008 0,91MB
easy in C:\Program Files\EASY HDI-Gerling 30.06.2008 10.829,0MB
GameShadow Ihr Firmenname 25.09.2008 16,1MB
GoAL - Version 2.5 Gothaer Lebensversicherung AG 19.08.2009 8.706,2MB
GPL Ghostscript Lite 8.63 11.01.2009 11,4MB
GTA2 18.11.2008 385,4MB
HDAUDIO SoftV92 Data Fax Modem with SmartCP 22.06.2008 0,71MB
HijackThis 2.0.2 TrendMicro 04.10.2009 0,77MB
ICQ6.5 ICQ 15.03.2009 46,4MB
IDT Audio IDT 01.11.2007 14,1MB
Instant Mode InterVideo 08.01.2008 223,7MB
Java(TM) 6 Update 11 Sun Microsystems, Inc. 27.01.2009 94,4MB
Java(TM) 6 Update 2 Sun Microsystems, Inc. 01.11.2007 168,1MB
Java(TM) 6 Update 5 Sun Microsystems, Inc. 22.06.2008 136,2MB
Java(TM) 6 Update 7 Sun Microsystems, Inc. 10.12.2008 136,2MB
Malwarebytes' Anti-Malware Malwarebytes Corporation 04.10.2009 3,99MB
Microsoft .NET Framework 1.1 Microsoft 14.05.2009 35,0MB
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU Microsoft Corporation 10.08.2009 37,0MB
Microsoft .NET Framework 3.5 SP1 Microsoft Corporation 08.08.2009 37,0MB
Microsoft Office Language Pack 2007 - German/Deutsch Microsoft Corporation 15.08.2009 692,4MB
Microsoft Office Live Add-in 1.3 Microsoft Corporation 09.03.2009 0,48MB
Microsoft Office Professional Plus 2007 Microsoft Corporation 15.08.2009 692,4MB
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Corporation 29.07.2009 0,25MB
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 25.08.2008 0,41MB
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Corporation 29.07.2009 0,19MB
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 07.06.2009 0,58MB
Microsoft Word Viewer 97 22.06.2008 5,21MB
Microsoft Works Microsoft Corporation 11.06.2009 281,4MB
Microsoft WSE 3.0 Runtime Microsoft Corp. 24.06.2008 0,92MB
Morningstar FondsAnalyst Morningstar 12.08.2009 30,1MB
Mozilla Firefox (3.0.14) Mozilla 09.09.2009 63,4MB
MSXML 4.0 SP2 (KB927978) Microsoft Corporation 01.11.2007 47,00KB
MSXML 4.0 SP2 (KB936181) Microsoft Corporation 01.11.2007 1,28MB
MSXML 4.0 SP2 (KB941833) Microsoft Corporation 22.06.2008 1,27MB
MSXML 4.0 SP2 (KB954430) Microsoft Corporation 12.11.2008 1,28MB
NVIDIA Drivers 22.06.2008
NÜRNBERGER Beratungstechnologie Version 08.2009 Einzelplatz Nuernberger 12.07.2009 1.546,3MB
OpenAL 11.08.2008 0,75MB
OpenMG Limited Patch 4.7-07-15-19-01 22.06.2008
OpenMG Secure Module 4.7.00 Sony Corporation 08.01.2008
Paint.NET v3.36 dotPDN LLC 15.08.2009 3,97MB
Paragon Drive Backup™ 9 Personal Trial Paragon Software 22.05.2009 124,6MB
Picasa 2 Google, Inc. 22.06.2008 32,2MB
PunkBuster Services Even Balance, Inc. 07.07.2009
QuickTime Apple Inc. 05.11.2008 87,7MB
RealPlayer RealNetworks 23.09.2008 88,6MB
Setting Utility Series Sony Corporation 01.11.2007 17,9MB
SonicStage Mastering Studio Sony Corporation 08.01.2008 59,3MB
SonicStage Mastering Studio Audio Filter Sony Corporation 08.01.2008 14,1MB
SonicStage Mastering Studio Plugins Sony Corporation 08.01.2008 31,9MB
Sony Video Shared Library Sony Corporation 08.01.2008 3,95MB
Spybot - Search & Destroy Safer Networking Limited 27.04.2009 60,8MB
Swiss Life EVA 05.07.2009 197,2MB
Tarifrechner 6.4.3.1 HBOS 28.01.2009 172,2MB
Total Commander (Remove or Repair) 09.06.2009 3,43MB
TuneUp Utilities 2009 TuneUp Software 05.09.2009 45,9MB
Uniblue DriverScanner 2009 Uniblue Systems Ltd. 08.06.2009 20,9MB
Uniblue RegistryBooster 2009 Uniblue Systems 16.05.2009 10,1MB
VAIO Camera Capture Utility Sony Corporation 08.01.2008 9,61MB
VAIO Content Folder Setting Sony Corporation 08.01.2008 6,69MB
VAIO Content Metadata Intelligent Analyzing Manager Sony Corporation 08.01.2008 13,6MB
VAIO Content Metadata Manager Setting Sony Corporation 08.01.2008 2,85MB
VAIO Content Metadata XML Interface Library Sony Corporation 08.01.2008 1,54MB
VAIO Control Center Sony Corporation 01.11.2007 1,41MB
VAIO Data Restore Tool Sony Corporation 08.01.2008 6,50MB
VAIO DVD Menu Data Basic Sony Corporation 08.01.2008 543,3MB
VAIO Entertainment Platform Sony Corporation 08.01.2008 16,5MB
VAIO Event Service Sony Corporation 01.11.2007 5,75MB
VAIO Launcher Sony Corporation 08.01.2008 5,80MB
Vaio Marketing Tools Sony 22.06.2008 0,34MB
VAIO Media 6.0 Sony Corporation 08.01.2008 8,98MB
VAIO Media AC3 Decoder 1.0 22.06.2008 0,79MB
VAIO Media Content Collection 6.0 Sony Corporation 08.01.2008 30,1MB
VAIO Media Integrated Server 6.1 Sony Corporation 08.01.2008 30,1MB
VAIO Media Redistribution 6.0 Sony Corporation 08.01.2008 37,5MB
VAIO Media Registration Tool 6.0 Sony Corporation 08.01.2008 2,09MB
VAIO Movie Story Sony Corporation 08.01.2008 48,6MB
VAIO Movie Story Template Data Sony Corporation 08.01.2008 401,4MB
VAIO MusicBox Sony Corporation 08.01.2008 11,2MB
VAIO MusicBox Sample Music Sony Corporation 08.01.2008 104,6MB
VAIO Original Function Setting Sony Corporation 08.01.2008 5,29MB
VAIO Power Management Sony Corporation 01.11.2007 12,4MB
VAIO Update 3 Sony Corporation 08.01.2008 3,60MB
VAIO Wallpaper Contents Sony Corporation 01.11.2007 116,6MB
VLC media player 0.9.8a VideoLAN Team 07.03.2009 60,4MB
VOLKSWOHL BUND - Angebotsprogramm Komfort VOLKSWOHL BUND Versicherungen 05.10.2009 594,8MB
WIDCOMM Bluetooth Software 6.1.0.2000 Broadcom Corporation 01.11.2007 41,9MB
Winamp Nullsoft, Inc 24.04.2009 34,6MB
Windows Live Anmelde-Assistent Microsoft Corporation 11.03.2009 1,93MB
Windows Media Player Firefox Plugin Microsoft Corp 03.06.2009 0,29MB
Windows Movie Maker 2.6 Microsoft Corporation 13.09.2008 8,94MB
WinDVD BD for VAIO InterVideo Inc. 08.01.2008 94,5MB
WinRAR 30.06.2008 3,66MB
Wireless Switch Setting Utility Sony Corporation 08.01.2008 4,02MB

kira · 07.10.2009, 09:43

hi

1.
Schliesse alle Programme einschliesslich Internet Explorer und fixe mit Hijackthis die Einträge aus der nachfolgenden Codebox (HijackThis starten→ Einträge auswählen→ Häckhen setzen→ "Fix checked"klicken→ PC neu aufstarten):

Zitat:

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.bearshare.com/de/

2.
alle Anwendungen schließen → Ordner für temporäre Dateien bitte leeren
lösche nur den Inhalt der Ordner, nicht die Ordner selbst! - Dateien, die noch in Benutzung sind,nicht löschbar.
c:\windows\temp
- anschließend den Papierkorb leeren
3.
reinige dein System mit Ccleaner:

"Cleaner"→ "Analysieren"→ Klick auf den Button "Start CCleaner"
"Registry""Fehler suchen"→ "Fehler beheben"→ "Alle beheben"
Starte dein System neu auf

4.

lade Dir SUPERAntiSpyware FREE Edition herunter.
installiere das Programm und update online.
starte SUPERAntiSpyware und klicke auf "Ihren Computer durchsuchen"
setze ein Häkchen bei "Kompletter Scan" und klicke auf "Weiter"
anschließend alle gefundenen Schadprogramme werden aufgelistet, bei alle Funde Häkchen setzen und mit "OK" bestätigen
auf "Weiter" klicken dann "OK" und auf "Fertig stellen"
um die Ergebnisse anzuzeigen: auf "Präferenzen" dann auf den "Statistiken und Protokolle" klicken
drücke auf "Protokoll anzeigen" - anschließend diesen Bericht bitte speichern und hier posten

5.
Windows und die installierten Programme auf den neuesten Stand zu halten,sind Garanten für eine erhöhte Sicherheit!
Java aktualisieren `Start→ Systemsteuereung→ Java→ Aktualisierung...(Update 16)
danach deinstalliere:
`Systemsteuerung → Software → Ändern/Entfernen...`- eventuell vorhandene ältere Versionen

Adobe Reader: sehe nach, ob neuere Versionen vorhanden sind

6.
Den kompletten Rechner zu überprüfen (Systemprüfung ohne Säuberung) mit Kaspersky Online - Scanner - wähle "My Computer" aus:
im Internet Explorer:
- "Extras→ Internetoptionen→ Sicherheit":
- alles auf Standardstufe stellen
- Active X erlauben
- speichere die Ergebnis als *.txt Datei und poste das Logfile des Scans

klausschaal · 07.10.2009, 12:48

zu 4.

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 10/07/2009 at 01:43 PM

Application Version : 4.29.1002

Core Rules Database Version : 4150
Trace Rules Database Version: 2079

Scan type : Complete Scan
Total Scan Time : 01:13:28

Memory items scanned : 355
Memory threats detected : 0
Registry items scanned : 7746
Registry threats detected : 0
File items scanned : 55662
File threats detected : 2

Adware.Tracking Cookie
C:\Users\Bxxxxxxx\AppData\Roaming\Microsoft\Windows\Cookies\bxxxxxx_scxxxxxxx@atwola[1].txt
C:\Users\Bxxxxxxxxn\AppData\Roaming\Microsoft\Windows\Cookies\bxxxxx_scxxxxxx@sevenoneintermedia.112.2o7[1].txt

klausschaal · 08.10.2009, 12:45

zu 6.

"no threats fund", hat nix gefunden. was nun?

kira · 08.10.2009, 17:00

hi

also "virusmäßig" nichts zu finden
Bestehen die Anfagsprobleme noch immer?
wenn ja:
- ob Du dein System kaputt optimiziert hast?

Code:

ATTFilter

Total Commander (Remove or Repair)
TuneUp Utilities 2009 TuneUp Software

- oder Treiberprobleme können auch verschiedene Auswirkungen haben...

ist das ein Firmenrechner oder Privat-PC?

- Reste noch von Norton:

Code:

ATTFilter

O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)

Weil Du auf eine andere Sicherheitssoftware umsteigen bist:
Norton Antivirus ZU deinstallieren gehe auf der Symantec-Webseite und suche nach den speziellen Deinstallations-Tools, mit denen die letzten Reste (auch) entfernt werden sollten.
Norton Removal Tool (für alle Produkte ab 2003 bis 2008) von hier herunterladen

- dann noch wenn man zu viele Dienste laufen hat, auch der Rechner langsam wird, Abstürze auch keine Seltenheit

08.10.2009, 12:45	#8
klausschaal	Trojaner? zu 6. "no threats fund", hat nix gefunden. was nun?

Trojaner?

Log-Analyse und Auswertung: Trojaner?

Trojaner?

Trojaner?

Trojaner?

Trojaner?

Trojaner?

Trojaner?

Trojaner?

Trojaner?

Trojaner?