| |
| |||||||
Log-Analyse und Auswertung: PC läuft langsam / stürzt häufig ab. Wlanverbindung hat sich nach Einwahl geändertWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
25.12.2009, 15:46
| #1 |
| |  PC läuft langsam / stürzt häufig ab. Wlanverbindung hat sich nach Einwahl geändert Hallo zusammen, ich hab seit einiger Zeit ein Problem mit meinem Laptop und bin bei der Suche nach Hilfe auf dieses tolle Forum gestoßen. Ich hoffe, dass mir hier vielleicht geholfen werden kann? Vor einiger Zeit ist mir aufgefallen, dass die WLAN Verbindung sich problemlos aufbaut, allerdings ist die Netzwerkkennung nicht so wie ich sie eingestellt habe. Das Wlan hat sich über einen andere Kennung eingewählt. Ich weiss nicht ob das möglich ist, allerdings glaube ich, dass ich über zwei Konten dadurch im Internet war?! Ich habe dann meinen Router ausgetauscht und eine neue Verbindung eingestellt. Seitdem tritt das Problem nicht mehr auf, allerdings stürzt jetzt mein PC häufig ab und ist auch sehr langsam geworden. Logfile of random's system information tool 1.06 (written by random/random) Run by xxx at 2009-12-25 11:18:53 Microsoft® Windows Vista™ Home Basic Service Pack 1 System drive C: has 10 GB (18%) free of 57 GB Total RAM: 1015 MB (34% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:19:31, on 25.12.2009 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Keyboard & Mouse Driver\StartAutorun.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Keyboard & Mouse Driver\KMConfig.exe C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Programe\ICQ\ICQ6.5\ICQ.exe C:\Program Files\Keyboard & Mouse Driver\KMProcess.exe C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Users\xxx\Desktop\download\RSIT.exe C:\Program Files\trend micro\xxx.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = h**p://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = h**p://www.google.de/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = h**p://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = h**p://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = h**p://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = h**p://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll O1 - Hosts: ::1 localhost O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [KMCONFIG] C:\Program Files\Keyboard & Mouse Driver\StartAutorun.exe KMConfig.exe O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKCU\..\Run: [TOSCDSPD] TOSCDSPD.EXE O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [ICQ] "C:\Programe\ICQ\ICQ6.5\ICQ.exe" silent O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST') O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: eBay - Der weltweite Online Marktplatz - {76577871-04EC-495E-A12B-91F7C3600AFA} - h**p://rover.ebay.com/rover/1/707-44556-9400-3/4 (file missing) O9 - Extra button: Amazon.de - {8A918C1D-E123-4E36-B562-5C1519E434CE} - h**p://www.amazon.de/exec/obidos/redirect-home?tag=Toshibadebholink-21&site=home (file missing) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programe\ICQ\ICQ6.5\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programe\ICQ\ICQ6.5\ICQ.exe O13 - Gopher Prefix: O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: Notebook Performance Tuning Service (TempoMonitoringService) - Toshiba Europe GmbH - C:\Program Files\Toshiba TEMPO\TempoSVC.exe O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe -- End of file - 6446 bytes ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}] &Yahoo! Toolbar Helper - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}] AskBar BHO - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-08-26 279944] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C451C08A-EC37-45DF-AAAD-18B51AB5E837}] PDFCreator Toolbar Helper - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll [2009-01-03 806912] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-12-19 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}] SingleInstance Class - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll [2008-07-28 160496] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416] {3041d03e-fd4b-44e0-b742-2d9b88305f98} - Ask Toolbar - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-08-26 279944] {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - PDFCreator Toolbar - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll [2009-01-03 806912] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184] "NDSTray.exe"=NDSTray.exe [] "avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-07-18 266497] "KMCONFIG"=C:\Program Files\Keyboard & Mouse Driver\StartAutorun.exe [2007-03-06 212992] "IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-02-11 141848] "HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2008-02-11 166424] "Persistence"=C:\Windows\system32\igfxpers.exe [2008-02-11 133656] "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-12-19 149280] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "TOSCDSPD"=TOSCDSPD.EXE [] "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240] "ICQ"=C:\Programe\ICQ\ICQ6.5\ICQ.exe [2009-03-01 172792] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe [2008-03-30 267048] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [2008-11-05 4347120] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2008-12-03 1205760] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] C:\Program Files\QuickTime\QTTask.exe [2008-03-28 413696] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-04-13 861744] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe [2007-04-02 577536] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe [2007-05-04 571024] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Toshiba TEMPO] C:\Program Files\Toshiba TEMPO\Toshiba.Tempo.UI.TrayApplication.exe [2007-10-29 103824] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WireLessKeyboard] C:\Program Files\40700 Multimedia Keyboard & Mouse Driver\StartAutorun.exe [2005-11-30 94208] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WireLessMouse] C:\Program Files\40700 Multimedia Keyboard & Mouse Driver\StartAutorun.exe [2005-11-30 94208] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^xxx^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^HotSync Manager.lnk] C:\PROGRA~1\palmOne\HOTSYNC.EXE [2004-04-13 299008] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\Windows\system32\igfxdev.dll [2008-02-11 204800] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "EnableLUA"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{698df4be-6766-11dc-8f11-001a92fc0f0e}] shell\AutoRun\command - D:\pushinst.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9c3962e6-c073-11de-968c-404e57434401}] shell\AutoRun\command - G:\Toshiba\more4you.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cd21b6c7-b35b-11de-a967-404e57434401}] shell\AutoRun\command - D:\Toshiba\more4you.exe ======List of files/folders created in the last 1 months====== 2009-12-25 11:18:55 ----D---- C:\Program Files\trend micro 2009-12-25 11:18:53 ----D---- C:\rsit 2009-12-25 00:17:04 ----D---- C:\Users\xxx\AppData\Roaming\Malwarebytes 2009-12-25 00:16:54 ----D---- C:\ProgramData\Malwarebytes 2009-12-25 00:16:53 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2009-12-25 00:02:12 ----D---- C:\Program Files\CCleaner 2009-12-24 23:52:11 ----D---- C:\Program Files\TrendMicro 2009-12-19 20:00:15 ----A---- C:\Windows\system32\javaws.exe 2009-12-19 20:00:15 ----A---- C:\Windows\system32\javaw.exe 2009-12-19 20:00:15 ----A---- C:\Windows\system32\java.exe 2009-12-19 20:00:15 ----A---- C:\Windows\system32\deploytk.dll 2009-12-17 22:07:12 ----A---- C:\Windows\QuickInstall.INI 2009-12-06 13:04:02 ----D---- C:\Users\xxx\AppData\Roaming\FastStone 2009-12-06 13:03:59 ----D---- C:\Program Files\FastStone Capture 2009-12-06 12:05:08 ----SHD---- C:\found.004 ======List of files/folders modified in the last 1 months====== 2009-12-25 11:19:32 ----D---- C:\Windows\Temp 2009-12-25 11:19:07 ----D---- C:\Windows\Prefetch 2009-12-25 11:18:55 ----RD---- C:\Program Files 2009-12-25 11:16:10 ----D---- C:\Program Files\Mozilla Firefox 2009-12-25 00:16:58 ----D---- C:\Windows\system32\drivers 2009-12-25 00:16:54 ----HD---- C:\ProgramData 2009-12-25 00:11:40 ----D---- C:\Windows\Minidump 2009-12-25 00:11:40 ----D---- C:\Windows\Debug 2009-12-25 00:11:40 ----D---- C:\Windows 2009-12-24 23:57:10 ----SHD---- C:\System Volume Information 2009-12-24 23:52:15 ----SHD---- C:\Windows\Installer 2009-12-24 21:19:42 ----A---- C:\Windows\NeroDigital.ini 2009-12-24 21:18:53 ----D---- C:\Windows\System32 2009-12-24 21:18:53 ----D---- C:\Windows\inf 2009-12-24 21:18:53 ----A---- C:\Windows\system32\PerfStringBackup.INI 2009-12-24 11:59:35 ----D---- C:\Users\xxx\AppData\Roaming\vlc 2009-12-20 21:17:37 ----D---- C:\Users\xxx\AppData\Roaming\dvdcss 2009-12-19 19:59:07 ----D---- C:\Program Files\Java 2009-12-17 22:06:59 ----D---- C:\Program Files\palmOne 2009-12-15 22:09:34 ----SD---- C:\Windows\Downloaded Program Files 2009-12-06 14:10:20 ----D---- C:\Windows\system32\catroot2 2009-12-06 12:58:15 ----D---- C:\DVDVideoSoft 2009-11-28 20:48:16 ----D---- C:\Program Files\Common Files\DVDVideoSoft 2009-11-28 20:48:05 ----D---- C:\Program Files\DVDVideoSoft ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys [2009-05-27 11608] R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2009-05-27 75096] R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2008-04-17 21248] R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys [2007-04-09 324096] R3 AgereSoftModem;TOSHIBA V92 Software Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2006-11-28 1161888] R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2008-07-29 919552] R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys [2009-05-27 52056] R3 AVMCOWAN;AVM ISDN CoNDIS WAN-CAPI-Treiber; C:\Windows\system32\DRIVERS\AVMCOWAN.sys [2006-11-02 64000] R3 CmBatt;Treiber für Microsoft-ACPI-Kontrollmethodenkompatible Batterie; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-19 14208] R3 GEARAspiWDM;GEARAspiWDM; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2008-01-29 16168] R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-02-11 2302976] R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2006-12-14 7680] R3 RTL8023xp;Realtek 10/100 NIC Family NDIS x86 Driver; C:\Windows\system32\DRIVERS\Rtnicxp.sys [2007-04-09 50176] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-04-13 186680] R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2006-10-18 16128] S2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2007-02-24 39936] S2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-01-23 42496] S2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-03-21 37376] S3 drmkaud;Microsoft Kernel-DRM-Audioentschlüsselung; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632] S3 FWLANUSB;AVM FRITZ!WLAN; C:\Windows\system32\DRIVERS\fwlanusb.sys [2006-04-06 264704] S3 FXUSBASE;AVM FRITZ!X USB; C:\Windows\system32\DRIVERS\fxusbase.sys [2006-11-02 588928] S3 HdAudAddService;Microsoft 1.1 UAA-Funktionstreiber für High Definition Audio-Dienst; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520] S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-02-11 2302976] S3 KMWDFilter;KMWDFilter; \??\C:\Windows\System32\Drivers\KMWDFilter.SYS [2007-03-29 17024] S3 MOUSEWDFilter;MOUSEWDFilter; \??\C:\Windows\System32\Drivers\MOUSEWD.SYS [2006-08-20 6528] S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192] S3 MSPCLOCK;Microsoft Proxy für Streaming Clock; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888] S3 MSPQM;Microsoft Proxy für Streaming Quality Manager; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016] S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmb.sys [2008-09-15 17664] S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbo.sys [2008-09-15 22016] S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816] S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2007-05-31 82432] S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2008-09-15 8064] S3 USBCM;Scientific Atlanta USB Cable Modem Driver; C:\Windows\system32\DRIVERS\Sacm2K.sys [2004-06-10 15429] S3 usbscan;USB-Scannertreiber; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328] S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2008-01-19 28160] S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2008-09-15 8064] S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-19 39936] S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328] S4 KR10I;KR10I; C:\Windows\system32\drivers\kr10i.sys [2007-01-18 219392] S4 KR10N;KR10N; C:\Windows\system32\drivers\kr10n.sys [2007-01-18 211072] S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2006-10-05 9216] R2 AntiVirScheduler;AntiVir PersonalEdition Classic Planer; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-25 68865] R2 AntiVirService;AntiVir PersonalEdition Classic Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-25 151297] R2 TempoMonitoringService;Notebook Performance Tuning Service ; C:\Program Files\Toshiba TEMPO\TempoSVC.exe [2007-10-29 95624] R2 TNaviSrv;TOSHIBA Navi Support Service; C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe [2007-06-28 77824] R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2006-05-25 114688] S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S4 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-02-18 110592] S4 ASLDRService;ASLDR Service; C:\Program Files\ATK Hotkey\ASLDRSrv.exe [2007-02-05 94208] S4 Bonjour Service;Bonjour-Dienst; C:\Program Files\Bonjour\mDNSResponder.exe [2007-07-24 229376] S4 CFSvcs;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2006-11-14 40960] S4 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance; C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 1527900] S4 iPod Service;iPod-Dienst; C:\Program Files\iPod\bin\iPodService.exe [2008-03-30 504104] S4 KMWDSERVICE;Keyboard And Mouse Communication Service; C:\Program Files\Keyboard & Mouse Driver\KMWDSrv.exe [2007-04-05 208896] S4 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040] S4 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-11-11 620544] S4 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2006-08-23 49152] -----------------EOF----------------- info.txt logfile of random's system information tool 1.06 2009-12-25 11:19:38 ======Uninstall list====== -->"C:\Program Files\InstallShield Installation Information\{A644254B-92F6-4970-8635-AB0775371E72}\setup.exe" --u:{A644254B-92F6-4970-8635-AB0775371E72} -->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE -->C:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL -->C:\Windows\UNNeroBackItUp.exe /UNINSTALL -->C:\Windows\UNNeroMediaHome.exe /UNINSTALL -->C:\Windows\UNNeroShowTime.exe /UNINSTALL -->C:\Windows\UNNeroVision.exe /UNINSTALL -->C:\Windows\UNRecode.exe /UNINSTALL -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{622E6F16-0904-49B6-BBE1-4CC836314CCF}\setup.exe" -l0x7 -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{697AFC77-F318-4CD4-BF16-F50F4C1072DA}\setup.exe" -l0x7 40700 Multimedia Keyboard & Mouse Driver-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{D9AFF0DB-5955-4AED-94A2-E2209456A621} Accessibility-->C:\Program Files\InstallShield Installation Information\{2C544254-39F2-4ACA-B779-ABF7297C96CF}\setup.exe -runfromtemp -l0x0007 -removeonly Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe Adobe Reader 8.1.4 - Deutsch-->MsiExec.exe /I{AC76BA86-7AD7-1031-7B44-A81300000003} Apple Mobile Device Support-->MsiExec.exe /I{44734179-8A79-4DEE-BB08-73037F065543} Apple Software Update-->MsiExec.exe /I{02DFF6B1-1654-411C-8D7B-FD6052EF016F} Ask Toolbar-->"C:\Program Files\AskBarDis\unins000.exe" Atheros Driver Installation Program-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{28006915-2739-4EBE-B5E8-49B25D32EB33}\setup.exe" -l0x7 -removeonly ATK Hotkey-->C:\Program Files\InstallShield Installation Information\{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}\setup.exe -runfromtemp -l0x0007 -removeonly Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE Bonjour-->MsiExec.exe /I{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3} Canon G.726 WMP-Decoder-->"C:\Program Files\Common Files\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\G726Decoder\G726DecUnInstall.ini" CANON iMAGE GATEWAY Task for ZoomBrowser EX-->"C:\Program Files\Common Files\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\CRWUnInstall.ini" Canon Internet Library for ZoomBrowser EX-->"C:\Program Files\Common Files\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\CIGUnInstall.ini" Canon MovieEdit Task for ZoomBrowser EX-->"C:\Program Files\Common Files\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\MVWUninst.ini" Canon RAW Image Task for ZoomBrowser EX-->"C:\Program Files\Common Files\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\RAW Image Task\Uninst.ini" Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX-->"C:\Program Files\Common Files\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowDVC6\Uninst.ini" Canon Utilities CameraWindow DC-->"C:\Program Files\Common Files\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowDC\Uninst.ini" Canon Utilities CameraWindow-->"C:\Program Files\Common Files\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowLauncher\Uninst.ini" Canon Utilities MyCamera DC-->"C:\Program Files\Common Files\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\MyCameraDC\Uninst.ini" Canon Utilities MyCamera-->"C:\Program Files\Common Files\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\MyCamera\Uninst.ini" Canon Utilities PhotoStitch-->"C:\Program Files\Common Files\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\PhotoStitch\Uninst.ini" Canon Utilities RemoteCapture Task for ZoomBrowser EX-->"C:\Program Files\Common Files\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\RemoteCaptureTask DC\Uninst.ini" Canon Utilities ZoomBrowser EX-->"C:\Program Files\Common Files\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\Uninst.ini" Canon ZoomBrowser EX Memory Card Utility-->"C:\Program Files\Common Files\Canon\UIW\1.4.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX MCU\Uninst.ini" CCleaner-->"C:\Program Files\CCleaner\uninst.exe" CD/DVD Drive Acoustic Silencer-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}\setup.exe" -l0x7 dBpoweramp AAC Encoder-->"C:\Windows\system32\SpoonUninstall.exe" <uninstall>C:\Windows\system32\SpoonUninstall-dBpoweramp AAC Encoder.dat dBpoweramp m4a Codec-->"C:\Windows\system32\SpoonUninstall.exe" <uninstall>C:\Windows\system32\SpoonUninstall-dBpoweramp m4a Codec.dat dBpoweramp m4a Utilities-->"C:\Windows\system32\SpoonUninstall.exe" <uninstall>C:\Windows\system32\SpoonUninstall-dBpoweramp m4a Utilities.dat dBpoweramp m4b Audio book Encoder-->"C:\Windows\system32\SpoonUninstall.exe" <uninstall>C:\Windows\system32\SpoonUninstall-dBpoweramp m4b Audio book Encoder.dat Digitale Bibliothek 3-->c:\digibib3\uninstall.exe Digitale Bibliothek 4-->"C:\Program Files\Digitale Bibliothek 4\uninstall.exe" DVD MovieFactory for TOSHIBA-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}\setup.exe" -l0x7 FastStone Capture 5.3-->C:\Program Files\FastStone Capture\uninst.exe Firebird SQL Server - MAGIX Edition 2.0.0.1 (D)-->C:\Program Files\MAGIX\Common\Database\uninstall.exe Free DVD Video Burner version 1.1-->"C:\Program Files\DVDVideoSoft\Free DVD Video Burner\unins000.exe" Free Video to DVD Converter version 1.1-->"C:\Program Files\DVDVideoSoft\Free Video to DVD Converter\unins000.exe" Free YouTube Download 2.3-->"C:\Program Files\DVDVideoSoft\Free YouTube Download\unins000.exe" Free YouTube to Mp3 Converter version 3.1-->"C:\Program Files\DVDVideoSoft\Free YouTube to Mp3 Converter\unins000.exe" HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall HiJackThis-->MsiExec.exe /X{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A} HP Print Diagnostic Utility-->MsiExec.exe /I{5E06C076-E4E7-4239-A886-B3D8AC84C166} ICQ6.5-->"C:\Program Files\InstallShield Installation Information\{60DE4033-9503-48D1-A483-7846BD217CA9}\setup.exe" -runfromtemp -l0x0009 -removeonly IKEA Home Planner-->MsiExec.exe /I{A987FEC8-5616-49BD-BCA6-ACFFFE7403FE} Intel(R) Graphics Media Accelerator Driver-->C:\Windows\system32\igxpun.exe -uninstall iTunes-->MsiExec.exe /I{585776BC-4BD6-4BD2-A19A-1D6CB44A403B} Java(TM) 6 Update 17-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216017FF} Java(TM) SE Runtime Environment 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160000} Keyboard & Mouse Driver-->C:\Program Files\InstallShield Installation Information\{B910DD1A-49B1-4068-9C08-E3C3AEC0C30A}\setup.exe -runfromtemp -l0x0409 MAGIX Digital Foto Maker SE 4.1.0.835 (D)-->C:\Program Files\MAGIX\DigitalFotoMaker2007_SE\instslct.exe MAGIX Foto Suite 1.12.0.89 (D)-->C:\Program Files\MAGIX\Foto_Suite\instslct.exe MAGIX Online Druck Service 2.3.2.0 (D)-->C:\Program Files\MAGIX\Online_Druck_Service\instslct.exe Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" Microsoft Office Excel 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall EXCEL /dll OSETUP.DLL Microsoft Office Excel 2007-->MsiExec.exe /X{90120000-0016-0000-0000-0000000FF1CE} Microsoft Office Excel MUI (German) 2007-->MsiExec.exe /X{90120000-0016-0407-0000-0000000FF1CE} Microsoft Office Outlook 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall OUTLOOK /dll OSETUP.DLL Microsoft Office Outlook 2007-->MsiExec.exe /X{90120000-001A-0000-0000-0000000FF1CE} Microsoft Office Outlook MUI (German) 2007-->MsiExec.exe /X{90120000-001A-0407-0000-0000000FF1CE} Microsoft Office PowerPoint 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall POWERPOINT /dll OSETUP.DLL Microsoft Office PowerPoint 2007-->MsiExec.exe /X{90120000-0018-0000-0000-0000000FF1CE} Microsoft Office PowerPoint MUI (German) 2007-->MsiExec.exe /X{90120000-0018-0407-0000-0000000FF1CE} Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE} Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE} Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE} Microsoft Office Proof (Italian) 2007-->MsiExec.exe /X{90120000-001F-0410-0000-0000000FF1CE} Microsoft Office Proofing (German) 2007-->MsiExec.exe /X{90120000-002C-0407-0000-0000000FF1CE} Microsoft Office Shared MUI (German) 2007-->MsiExec.exe /X{90120000-006E-0407-0000-0000000FF1CE} Microsoft Office Word 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall WORD /dll OSETUP.DLL Microsoft Office Word 2007-->MsiExec.exe /X{90120000-001B-0000-0000-0000000FF1CE} Microsoft Office Word MUI (German) 2007-->MsiExec.exe /X{90120000-001B-0407-0000-0000000FF1CE} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Mozilla Firefox (3.5.6)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe MSVC80_x86-->MsiExec.exe /I{212748BB-0DA5-46DE-82A1-403736DC9F27} myphotobook 3.1-->C:\Program Files\myphotobook\uninst.exe Nero 7-->MsiExec.exe /X{CF097717-F174-4144-954A-FBC4BF301031} neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B} Nokia Connectivity Cable Driver-->MsiExec.exe /X{15AC0C5D-A6FB-4CE2-8CD0-28179EEB5625} Nokia PC Suite-->C:\ProgramData\Installations\{58FB2F9A-5F2D-40E8-82DF-4987E60AD8BD}\Nokia_PC_Suite_7_1_18_0_ger.exe Nokia PC Suite-->MsiExec.exe /I{58FB2F9A-5F2D-40E8-82DF-4987E60AD8BD} Palm Desktop-->MsiExec.exe /X{E89D78B8-28F7-412F-8B26-C684739CBBDC} PC Connectivity Solution-->MsiExec.exe /I{D848D140-41C3-4A53-86D8-E866A100B4CD} PDFCreator Toolbar-->"C:\Windows\PDFCreator_Toolbar_Uninstaller_3133.exe" _?=C:\Program Files\PDFCreator Toolbar PDFCreator-->C:\Program Files\PDFCreator\unins000.exe QuickTime-->MsiExec.exe /I{1838C5A2-AB32-4145-85C1-BB9B8DFA24CD} Realtek 8139 and 8139C+ Ethernet Network Card Driver for Windows Vista-->C:\Program Files\InstallShield Installation Information\{AE46ABD3-D625-467F-B5A7-8D3FFF077F0D}\setup.exe -runfromtemp -l0x0007 -removeonly RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{59F6A514-9813-47A3-948C-8A155460CC2A}\setup.exe" -l0x7 anything Scientific Atlanta WebSTAR 2000 series Cable Modem-->UNDPX2K.EXE Skype™ 3.8-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82} SoundMAX-->C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\setup.exe -runfromtemp -l0x0007 -removeonly Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall Teachmaster 3.9 (nur Entfernen)-->C:\Program Files\Teachmaster 3.9\Uninstall.exe TOSHIBA Assist-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{12B3A009-A080-4619-9A2A-C6DB151D8D67}\setup.exe" -l0x7 TOSHIBA Benutzerhandbücher-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{56995235-B76E-44A6-BA17-8FF13D3F907A}\setup.exe" -l0x7 -removeonly TOSHIBA ConfigFree-->C:\Program Files\InstallShield Installation Information\{78C6A78A-8B03-48C8-A47C-78BA1FCA2307}\setup.exe -runfromtemp -l0x0007 uninstall -removeonly TOSHIBA Disc Creator-->MsiExec.exe /X{5DA0E02F-970B-424B-BF41-513A5018E4C0} TOSHIBA DVD PLAYER-->C:\Program Files\InstallShield Installation Information\{6C5F3BDC-0A1B-4436-A696-5939629D5C31}\setup.exe -runfromtemp -l0x0009 -ADDREMOVE -removeonly TOSHIBA Extended Tiles for Windows Mobility Center-->C:\Program Files\InstallShield Installation Information\{617C36FD-0CBE-4600-84B2-441CEB12FADF}\setup.exe -runfromtemp -l0x0407 Toshiba Online Product Information-->C:\Program Files\InstallShield Installation Information\{2290A680-4083-410A-ADCC-7092C67FC052}\setup.exe -runfromtemp -l0x0007 -removeonly TOSHIBA SD Memory Utilities-->MsiExec.exe /X{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7} TOSHIBA Software Modem-->Tosmreg -U Toshiba TEMPO-->MsiExec.exe /X{4ACF5CB8-CADE-42C9-B3D3-B8751A2CDFD6} Uninstall 1.0.0.1-->"C:\Program Files\Common Files\DVDVideoSoft\unins000.exe" VLC media player 1.0.2-->C:\Program Files\VLC\uninstall.exe Winamp Remote-->"C:\Program Files\Winamp Remote\uninstall.exe" Winamp-->"C:\Program Files\Winamp\UninstWA.exe" Windows Media Encoder 9-Reihe-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} Windows Media Encoder 9-Reihe-->MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4} Windows-Treiberpaket - Nokia Modem (10/27/2008 3.9)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\nokia_bluetooth.inf_544c8e16\nokia_bluetooth.inf Windows-Treiberpaket - Nokia Modem (10/27/2008 7.01.0.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\nokbtmdm.inf_0e4dd4bb\nokbtmdm.inf Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\Windows\system32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccsmcfd.inf WinRAR-->C:\Program Files\WinRAR\uninstall.exe WinZip 12.0-->MsiExec.exe /X{CD95F661-A5C4-44F5-A6AA-ECDD91C240B7} Yahoo! Messenger-->C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG Yahoo! Toolbar-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE ======Security center information====== AS: Avira AntiVir PersonalEdition AS: Windows-Defender ======System event log====== Computer Name: Laptop Event Code: 7036 Message: Dienst "Intelligenter Hintergrundübertragungsdienst" befindet sich jetzt im Status "Ausgeführt". Record Number: 190109 Source Name: Service Control Manager Time Written: 20091225101627.000000-000 Event Type: Informationen User: Computer Name: Laptop Event Code: 7036 Message: Dienst "KtmRm für Distributed Transaction Coordinator" befindet sich jetzt im Status "Ausgeführt". Record Number: 190110 Source Name: Service Control Manager Time Written: 20091225101645.000000-000 Event Type: Informationen User: Computer Name: Laptop Event Code: 7036 Message: Dienst "TPM-Basisdienste" befindet sich jetzt im Status "Beendet". Record Number: 190111 Source Name: Service Control Manager Time Written: 20091225101645.000000-000 Event Type: Informationen User: Computer Name: Laptop Event Code: 537 Message: Auf diesem Computer konnte kein kompatibles TPM-Sicherheitsgerät (Trusted Platform Module) gefunden werden. TBS konnte nicht gestartet werden. Record Number: 190112 Source Name: Microsoft-Windows-TBS Time Written: 20091225101645.848215-000 Event Type: Informationen User: NT-AUTORITÄT\LOKALER DIENST Computer Name: Laptop Event Code: 7036 Message: Dienst "Sicherheitscenter" befindet sich jetzt im Status "Ausgeführt". Record Number: 190113 Source Name: Service Control Manager Time Written: 20091225101656.000000-000 Event Type: Informationen User: =====Application event log===== Computer Name: Laptop Event Code: 0 Message: Der Dienst wurde gestartet. Record Number: 43897 Source Name: TempoMonitoringService Time Written: 20091225101421.000000-000 Event Type: Informationen User: Computer Name: Laptop Event Code: 1003 Message: Der Windows-Suchdienst wurde gestartet. Record Number: 43898 Source Name: Microsoft-Windows-Search Time Written: 20091225101426.000000-000 Event Type: Informationen User: Computer Name: Laptop Event Code: 1 Message: Der Zertifikatdiensteclient wurde erfolgreich gestartet. Record Number: 43899 Source Name: Microsoft-Windows-CertificateServicesClient Time Written: 20091225101509.761215-000 Event Type: Informationen User: NT-AUTORITÄT\SYSTEM Computer Name: Laptop Event Code: 1 Message: Der Zertifikatdiensteclient wurde erfolgreich gestartet. Record Number: 43900 Source Name: Microsoft-Windows-CertificateServicesClient Time Written: 20091225101510.056215-000 Event Type: Informationen User: LAPTOP\xxx Computer Name: Laptop Event Code: 1 Message: Der Windows-Sicherheitscenterdienst wurde gestartet. Record Number: 43901 Source Name: SecurityCenter Time Written: 20091225101658.000000-000 Event Type: Informationen User: =====Security event log===== Computer Name: Laptop Event Code: 5038 Message: Die Codeintegrität hat festgestellt, dass der Abbildhash einer Datei nicht gültig ist. Die Datei wurde möglicherweise durch eine nicht autorisierte Änderung beschädigt. Dieses Problem kann auch auf einen potenziellen Fehler des Datenträgergeräts hinweisen. Dateiname: \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys Record Number: 82749 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20091225101927.272215-000 Event Type: Überwachung gescheitert User: Computer Name: Laptop Event Code: 5038 Message: Die Codeintegrität hat festgestellt, dass der Abbildhash einer Datei nicht gültig ist. Die Datei wurde möglicherweise durch eine nicht autorisierte Änderung beschädigt. Dieses Problem kann auch auf einen potenziellen Fehler des Datenträgergeräts hinweisen. Dateiname: \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys Record Number: 82750 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20091225101927.335215-000 Event Type: Überwachung gescheitert User: Computer Name: Laptop Event Code: 5038 Message: Die Codeintegrität hat festgestellt, dass der Abbildhash einer Datei nicht gültig ist. Die Datei wurde möglicherweise durch eine nicht autorisierte Änderung beschädigt. Dieses Problem kann auch auf einen potenziellen Fehler des Datenträgergeräts hinweisen. Dateiname: \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys Record Number: 82751 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20091225101927.379215-000 Event Type: Überwachung gescheitert User: Computer Name: Laptop Event Code: 5038 Message: Die Codeintegrität hat festgestellt, dass der Abbildhash einer Datei nicht gültig ist. Die Datei wurde möglicherweise durch eine nicht autorisierte Änderung beschädigt. Dieses Problem kann auch auf einen potenziellen Fehler des Datenträgergeräts hinweisen. Dateiname: \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys Record Number: 82752 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20091225101927.435215-000 Event Type: Überwachung gescheitert User: Computer Name: Laptop Event Code: 5038 Message: Die Codeintegrität hat festgestellt, dass der Abbildhash einer Datei nicht gültig ist. Die Datei wurde möglicherweise durch eine nicht autorisierte Änderung beschädigt. Dieses Problem kann auch auf einen potenziellen Fehler des Datenträgergeräts hinweisen. Dateiname: \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys Record Number: 82753 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20091225101927.478215-000 Event Type: Überwachung gescheitert User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "Path"=C:\Program Files\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\PROGRA~1\COMMON~1\ULEADS~1\MPEG;C:\Program Files\QuickTime\QTSystem\ "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC "PROCESSOR_ARCHITECTURE"=x86 "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "USERNAME"=SYSTEM "windir"=%SystemRoot% "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 14 Stepping 12, GenuineIntel "PROCESSOR_REVISION"=0e0c "NUMBER_OF_PROCESSORS"=2 "CLASSPATH"=.;C:\Program Files\Java\jre1.6.0\lib\ext\QTJava.zip "QTJAVA"=C:\Program Files\Java\jre1.6.0\lib\ext\QTJava.zip -----------------EOF----------------- |
|
25.12.2009, 15:57
| #2 |
| | PC läuft langsam / stürzt häufig ab. Wlanverbindung hat sich nach Einwahl geändert Logfile of Trend Micro HijackThis v2.0.3 (BETA)
__________________Scan saved at 15:55:03, on 25.12.2009 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Keyboard & Mouse Driver\StartAutorun.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Keyboard & Mouse Driver\KMConfig.exe C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Programe\ICQ\ICQ6.5\ICQ.exe C:\Program Files\Keyboard & Mouse Driver\KMProcess.exe C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = h*p://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = h**p://www.google.de/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = h**p://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = h**p://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = h**p://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = h**p://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll O1 - Hosts: ::1 localhost O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [KMCONFIG] C:\Program Files\Keyboard & Mouse Driver\StartAutorun.exe KMConfig.exe O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKCU\..\Run: [TOSCDSPD] TOSCDSPD.EXE O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [ICQ] "C:\Programe\ICQ\ICQ6.5\ICQ.exe" silent O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST') O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: eBay - Der weltweite Online Marktplatz - {76577871-04EC-495E-A12B-91F7C3600AFA} - h**p://rover.ebay.com/rover/1/707-44556-9400-3/4 (file missing) O9 - Extra button: Amazon.de - {8A918C1D-E123-4E36-B562-5C1519E434CE} - h**p://www.amazon.de/exec/obidos/redirect-home?tag=Toshibadebholink-21&site=home (file missing) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programe\ICQ\ICQ6.5\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programe\ICQ\ICQ6.5\ICQ.exe O13 - Gopher Prefix: O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: Notebook Performance Tuning Service (TempoMonitoringService) - Toshiba Europe GmbH - C:\Program Files\Toshiba TEMPO\TempoSVC.exe O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe -- End of file - 6568 bytes |
|
06.01.2010, 14:40
| #3 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | PC läuft langsam / stürzt häufig ab. Wlanverbindung hat sich nach Einwahl geändert Hallo und
__________________ Zitat:
__________________ |
|
| Themen zu PC läuft langsam / stürzt häufig ab. Wlanverbindung hat sich nach Einwahl geändert |
| agere systems, antivir, ask toolbar, askbar, avgntflt.sys, avira, bho, bonjour, browser, converter, desktop, device driver, diagnostics, druck, drvstore, ebay, entfernen, firefox, flash player, gservice, hdaudio.sys, helper, hijack, hijackthis, home, install.exe, langsam, mp3, msiexec.exe, pc läuft, pdfcreator, plug-in, problem, programdata, realtek, registry, security, sehr langsam, software, start menu, system, uleadburninghelper, windows, windows-sicherheitscenterdienst, wireless lan, wlan verbindung |
Linear-Darstellung
