Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Explorer streikt

Explorer streikt


Log-Analyse und Auswertung: Explorer streikt

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 17.02.2010, 16:42   #1
AlinavMarie
 
Explorer streikt - Standard

Explorer streikt


Hallo, habe ein Problem. Explorer öffnet sich nicht mehr so richtig,und einige Seiten werden erst garnicht mehr geöffnet bzw Explorer sagt muss beendet werden HAB ICH EIN VIRUS oder so? lg


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:39:03 PM, on 2/17/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Programme\Quick Macros 2\qmserv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Avira\AntiVir Desktop\avguard.exe
C:\Programme\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Programme\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Programme\Synaptics\SynTP\SynTPEnh.exe
C:\Programme\Samsung\Samsung Battery Manager\BatteryManager.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Programme\Avira\AntiVir Desktop\avgnt.exe
C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
C:\Programme\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe
C:\DOKUME~1\SIENKN~1\LOKALE~1\Temp\Jwd.exe
C:\Programme\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Samsung\Easy Display Manager\dmhkcore.exe
C:\Programme\WEB.DE\WEB.DE Club E-Mail Alarm\EmailAlarm.exe
C:\Programme\SAMSUNG\MagicKBD\MagicKBD.exe
C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Programme\SAMSUNG\MagicKBD\PerformanceManager.exe
C:\WINDOWS\system32\igfxext.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Programme\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\msizdg32.exe,
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programme\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - (no file)
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [EDS] C:\Programme\Samsung\Samsung EDS\EDSAgent.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programme\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [DMHotKey] C:\Programme\Samsung\Easy Display Manager\DMLoader.exe
O4 - HKLM\..\Run: [BatteryManager] C:\Programme\Samsung\Samsung Battery Manager\BatteryManager.exe
O4 - HKLM\..\Run: [MagicKeyboard] C:\Programme\SAMSUNG\MagicKBD\PreMKBD.exe
O4 - HKLM\..\Run: [avgnt] "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [MobileConnect] %programfiles%\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe /silent
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKCU\..\Run: [msnmsgr] "C:\Programme\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\PROGRA~1\Yahoo!\MESSEN~1\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Programme\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [F5JMWNZTHI] C:\DOKUME~1\SIENKN~1\LOKALE~1\Temp\Jwd.exe
O4 - HKCU\..\Run: [WEB.DE Club E-Mail Alarm] C:\Programme\WEB.DE\WEB.DE Club E-Mail Alarm\EmailAlarm.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: SetPointII.lnk = ?
O9 - Extra button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL
O9 - Extra button: PartyCasino - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\Programme\PartyGaming\PartyCasino\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyCasino - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\Programme\PartyGaming\PartyCasino\RunApp.exe (file missing)
O9 - Extra button: (no name) - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - (no file)
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Programme\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Programme\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {79E7DCE2-6306-4996-B7CB-C2601B2B7BD1} (DownloadCtrl Class) - https://stream.web.de/v/notify/Download.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-27-0.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Programme\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: Quick Macros (quickmacros2) - Unknown owner - C:\Programme\Quick Macros 2\qmserv.exe
O23 - Service: Samsung Update Plus - Unknown owner - C:\Programme\Samsung\Samsung Update Plus\SLUBackgroundService.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Vodafone Mobile Connect Service (VMCService) - Vodafone - C:\Programme\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Programme\Yahoo!\SoftwareUpdate\YahooAUService.exe
O23 - Service: Marvell Yukon Service (yksvc) - Unknown owner - RUNDLL32.EXE (file missing)

--
End of file - 11141 bytes

Alt 17.02.2010, 21:32   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Explorer streikt - Standard

Explorer streikt


Hallo und

Installiere und nutze besser einen Alternativbrowser: Firefox oder Google Chrome oder Opera. Du kannst auch alle parallel installieren und Dich dann für einen entscheiden, aber mMn nach sind alle deutlich besser als der IE8.


Danach diese Liste beachten und abarbeiten. Beim Scan mit MalwareBytes auch alle externen Speicher (ext. Platten, USB-Sticks, ... mit anklemmen!!
Die Logfiles kannst Du zB alle in eine Datei zippen und auf File-Upload.net hochladen und hier verlinken, denn 1. sind manche Logfiles fürs Board nämlich zu groß und 2. kann ich mit einem Klick mir gleich alle auf einmal runterladen.
__________________

__________________
Alt 18.02.2010, 15:51   #3
AlinavMarie
 
Explorer streikt - Standard

Explorer streikt


Hi danke für die Antwort !! Ich habe mit CC Cleaner und dieses Anti Mal-ware Programm bereinigt.Nun funzt das alles wieder super Danke für die schnelle Hilfe Gruß
__________________
Alt 18.02.2010, 16:23   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Explorer streikt - Standard

Explorer streikt


Du solltest aber alle Logs posten!
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 18.02.2010, 19:29   #5
AlinavMarie
 
Explorer streikt - Standard

Explorer streikt


Scan als problem bestand.

Malwarebytes' Anti-Malware 1.44
Datenbank Version: 3753
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

2/17/2010 10:53:19 PM
mbam-log-2010-02-17 (22-53-19).txt

Scan-Methode: Vollständiger Scan (C:\|D:\|)
Durchsuchte Objekte: 186582
Laufzeit: 57 minute(s), 25 second(s)

Infizierte Speicherprozesse: 1
Infizierte Speichermodule: 1
Infizierte Registrierungsschlüssel: 16
Infizierte Registrierungswerte: 2
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 4

Infizierte Speicherprozesse:
C:\Dokumente und Einstellungen\Sienknecht\Lokale Einstellungen\Temp\Jwd.exe (Trojan.Downloader) -> Unloaded process successfully.

Infizierte Speichermodule:
c:\WINDOWS\system32\sshnas21.dll (Trojan.Downloader) -> Delete on reboot.

Infizierte Registrierungsschlüssel:
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{43bf8cd1-c5d5-2230-7bb2-98f22c2b7dc6} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{494e6cec-7483-a4ee-0938-895519a84bc7} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{43bf8cd1-c5d5-2230-7bb2-98f22c2b7dc6} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{494e6cec-7483-a4ee-0938-895519a84bc7} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sshnas (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\F5JMWNZTHI (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\chrome.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\safari.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\navigator.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\opera.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Userinit.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\ROUA3O12PW (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\f5jmwnzthi (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Network\uid (Malware.Trace) -> Quarantined and deleted successfully.

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
C:\Dokumente und Einstellungen\Sienknecht\Lokale Einstellungen\Temp\Jwd.exe (Trojan.Downloader) -> Delete on reboot.
C:\WINDOWS\system32\sshnas21.dll (Trojan.Downloader) -> Delete on reboot.
C:\WINDOWS\Tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job (Trojan.Downloader) -> Quarantined and deleted successfully.


Alt 18.02.2010, 19:31   #6
AlinavMarie
 
Explorer streikt - Standard

Explorer streikt


Nach Bereinigung


Malwarebytes' Anti-Malware 1.44
Datenbank Version: 3753
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

2/18/2010 8:54:37 AM
mbam-log-2010-02-18 (08-54-37).txt

Scan-Methode: Vollständiger Scan (C:\|D:\|)
Durchsuchte Objekte: 77580
Laufzeit: 9 hour(s), 54 minute(s), 24 second(s)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

Alt 18.02.2010, 20:14   #7
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Explorer streikt - Standard

Explorer streikt


Ok, Malwarebytes war aktuell. hat der wirklich beim 2. Scan 9 Stunden gebraucht?
Poste bitte noch die RSIT Logfiles. Das dauert auch nicht lang die zu erstellen.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 18.02.2010, 21:25   #8
AlinavMarie
 
Explorer streikt - Standard

Explorer streikt


ne war nur auf standby letzte nacht keine ahnung warum 9 std.


info.txt logfile of random's system information tool 1.06 2010-02-18 21:12:44

======Uninstall list======

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8.1.5 - Deutsch-->MsiExec.exe /I{AC76BA86-7AD7-1031-7B44-A81300000003}
Atheros WLAN Client-->"C:\Programme\InstallShield Installation Information\{F4F41D14-E0DD-4FB4-AA09-A14225C769BD}\setup.exe" -runfromtemp -l0x0007 -removeonly
Avira AntiVir Personal - Free Antivirus-->C:\Programme\Avira\AntiVir Desktop\setup.exe /REMOVE
CCleaner-->"C:\Programme\CCleaner\uninst.exe"
Driver Detective-->MsiExec.exe /X{4640FDE1-B83A-4376-84ED-86F86BEE2D41}
Easy Display Manager-->"C:\Programme\InstallShield Installation Information\{17283B95-21A8-4996-97DA-547A48DB266F}\setup.exe" -runfromtemp -l0x0009 -removeonly
Easy Network Manager-->MsiExec.exe /I{A7581D39-EA20-4883-A480-80C21047052B}
HijackThis 2.0.2-->"C:\Programme\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
ICQ6.5-->"C:\Programme\InstallShield Installation Information\{60DE4033-9503-48D1-A483-7846BD217CA9}\setup.exe" -runfromtemp -l0x0009 -removeonly
imagine digital freedom - Samsung-->MsiExec.exe /X{8E106A57-A17E-431D-B48F-175E42EB9F74}
Intel(R) Graphics Media Accelerator Driver-->C:\WINDOWS\system32\igxpun.exe -uninstall
J2SE Runtime Environment 5.0-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150000}
Java(TM) 6 Update 18-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216015FF}
JDownloader-->C:\Programme\JDownloader\uninstall.exe
Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}
Logitech SetPoint 5.20-->MsiExec.exe /I{D3120436-1358-4253-9EB2-257FFE8CE1D9}
Magic Keyboard-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{BD723E53-A42C-4702-AA04-1D74A0311590}\Setup.exe" -l0x9 Remove
Malwarebytes' Anti-Malware-->"C:\Programme\Malwarebytes' Anti-Malware\unins000.exe"
Marvell Miniport Driver-->C:\Programme\Marvell\Miniport Driver\Uninst.exe
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0044-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00BA-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0114-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0117-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office Access MUI (English) 2007-->MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Groove MUI (English) 2007-->MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}
Microsoft Office Groove Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (English) 2007-->MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007-->MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007-->MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9}
Microsoft Office Publisher MUI (English) 2007-->MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
MSN-->C:\Programme\MSN\MsnInstaller\msninst.exe /Action:ARP
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
Namuga 1.3M Webcam-->C:\Programme\InstallShield Installation Information\{71A51B59-E7D3-11DB-A386-005056C00008}\setup.exe -runfromtemp -l0x0009 -removeonly
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Play Camera-->C:\Programme\InstallShield Installation Information\{7B46F9CF-CF60-492E-816E-95EB1A9D1BB4}\setup.exe -runfromtemp -l0x0407
Quick Macros 2-->"C:\Programme\Quick Macros 2\unins000.exe"
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -l0x7 -removeonly
Samsung Battery Manager-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{6F730513-8688-4C3C-90A3-6B9792CE2EF3}\Setup.exe" -l0x7 Remove
Samsung EDS-->MsiExec.exe /X{ABB14904-A11B-4F42-996C-80FD608A0F17}
Samsung Magic Doctor-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{32D6A58F-9659-446C-BBFC-E6F2B41F24DC}\Setup.exe" -l0x7 Remove
Samsung Recovery Solution III-->"C:\Programme\InstallShield Installation Information\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}\setup.exe" -runfromtemp -l0x0007 -removeonly
Samsung Update Plus-->C:\PROGRA~1\GEMEIN~1\INSTAL~1\Driver\10\INTEL3~1\IDriver.exe /M{685707A4-911C-468D-BFC4-64A50E5E3A0C} /l1031
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB973704)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E626DC89-A787-4553-9BB3-DC2EC7E1593F}
Security Update for Microsoft Office Excel 2007 (KB973593)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7D6255E3-3423-4D8B-A328-F6F8D28DD5FE}
Security Update for Microsoft Office Outlook 2007 (KB972363)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {120BE9A0-9B09-4855-9E0C-7DEE45CB03C0}
Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}
Security Update for Microsoft Office Publisher 2007 (KB969693)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7BE67088-1EB3-4569-8E75-DDAFBF61BC4E}
Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C}
Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
Security Update for Microsoft Office Word 2007 (KB969604)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {CF3D6499-709C-43D0-8908-BC5652656050}
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Sicherheitsupdate für Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 8 (KB976325)-->"C:\WINDOWS\ie8updates\KB976325-IE8\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 8 (KB978207)-->"C:\WINDOWS\ie8updates\KB978207-IE8\spuninst\spuninst.exe"
Synaptics Pointing Device Driver-->rundll32.exe "C:\Programme\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Microsoft Office InfoPath 2007 (KB976416)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {432C5EE4-8096-4FF1-95E1-65219365DFF7}
Update for Outlook 2007 Junk Email Filter (kb977719)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C0C92202-5215-4EFA-B0B9-B3A0DEABCDF1}
Update für Windows Internet Explorer 8 (KB978506)-->"C:\WINDOWS\ie8updates\KB978506-IE8\spuninst\spuninst.exe"
VCRedistSetup-->MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
Vodafone Mobile Connect Lite-->MsiExec.exe /X{E3B99F3D-9856-482A-9048-305E28E2510C}
WEB.DE Club E-Mail Alarm-->C:\Programme\WEB.DE\WEB.DE Club E-Mail Alarm\Uninstall.exe
WIDCOMM Bluetooth Software-->MsiExec.exe /X{84814E6B-2581-46EC-926A-823BD1C670F6}
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Live Anmelde-Assistent-->MsiExec.exe /I{52B97218-98CB-4B8B-9283-D213C85E1AA4}
Windows Live Call-->MsiExec.exe /I{5FC68772-6D56-41C6-9DF1-24E868198AE6}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Essentials-->C:\Programme\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}
Windows Live Fotogalerie-->MsiExec.exe /X{2BA722D1-48D1-406E-9123-8AE5431D63EF}
Windows Live Mail-->MsiExec.exe /I{C4D738F7-996A-4C81-B8FA-C4E26D767E41}
Windows Live Messenger-->MsiExec.exe /X{41E654A9-26D0-4EAC-854B-0FA824FFFABB}
Windows Live Sync-->MsiExec.exe /X{76618402-179D-4699-A66B-D351C59436BC}
Windows Live Toolbar-->MsiExec.exe /X{70B7A167-0B88-445D-A3EA-97C73AA88CAC}
Windows Live Writer-->MsiExec.exe /X{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}
Windows Live-Uploadtool-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Windows Media Format 11 runtime-->"C:\Programme\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Programme\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
WinRAR archiver-->C:\Programme\WinRAR\uninstall.exe
Yahoo! Messenger-->C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG
Yahoo! Software Update-->C:\PROGRA~1\Yahoo!\SOFTWA~1\UNINST~1.EXE

======Security center information======

AV: AntiVir Desktop

======System event log======

Computer Name: ALINA
Event Code: 18
Message: Installationsbereit: Die folgenden Updates wurden heruntergeladen und können installiert werden. Diese Updates sollen laut Zeitplan am Donnerstag, 21. Januar 2010 um 03:00 auf diesem Computer installiert werden:
- Sicherheitsupdate für Microsoft Office Word 2007 (KB969604)
- Sicherheitsupdate für Microsoft Office Outlook 2007 (KB972363)

Record Number: 8780
Source Name: Windows Update Agent
Time Written: 20100120172040.000000+060
Event Type: Informationen
User:

Computer Name: ALINA
Event Code: 18
Message: Installationsbereit: Die folgenden Updates wurden heruntergeladen und können installiert werden. Diese Updates sollen laut Zeitplan am Donnerstag, 21. Januar 2010 um 03:00 auf diesem Computer installiert werden:
- Sicherheitsupdate für Microsoft Office Word 2007 (KB969604)

Record Number: 8779
Source Name: Windows Update Agent
Time Written: 20100120171850.000000+060
Event Type: Informationen
User:

Computer Name: ALINA
Event Code: 36
Message: Der Zeitdienst konnte die Systemzeit seit 49152 Sekunden nicht
synchronisieren, da kein Zeitanbieter einen gültigen Zeitstempel
anbieten konnte. Die Systemuhr ist nicht synchronisiert.

Record Number: 8778
Source Name: W32Time
Time Written: 20100120170430.000000+060
Event Type: Warnung
User:

Computer Name: ALINA
Event Code: 7036
Message: Dienst "IMAPI-CD-Brenn-COM-Dienste" befindet sich jetzt im Status "Beendet".

Record Number: 8777
Source Name: Service Control Manager
Time Written: 20100120164149.000000+060
Event Type: Informationen
User:

Computer Name: ALINA
Event Code: 7036
Message: Dienst "IMAPI-CD-Brenn-COM-Dienste" befindet sich jetzt im Status "Ausgeführt".

Record Number: 8776
Source Name: Service Control Manager
Time Written: 20100120164141.000000+060
Event Type: Informationen
User:

=====Application event log=====

Computer Name: ALINA
Event Code: 1800
Message: Der Windows-Sicherheitscenterdienst wurde gestartet.

Record Number: 1577
Source Name: SecurityCenter
Time Written: 20091226221940.000000+060
Event Type: Informationen
User:

Computer Name: ALINA
Event Code: 0
Message: Service started

Record Number: 1576
Source Name: SeaPort
Time Written: 20091226221936.000000+060
Event Type: Informationen
User:

Computer Name: ALINA
Event Code: 105
Message: The service was started.

Record Number: 1575
Source Name: PLFlash DeviceIoControl Service
Time Written: 20091226221935.000000+060
Event Type: Informationen
User:

Computer Name: ALINA
Event Code: 0
Message:
Record Number: 1574
Source Name: Nero BackItUp Scheduler 3
Time Written: 20091226221934.000000+060
Event Type: Informationen
User:

Computer Name: ALINA
Event Code: 0
Message:
Record Number: 1573
Source Name: btwdins
Time Written: 20091226221931.000000+060
Event Type: Informationen
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 28 Stepping 2, GenuineIntel
"PROCESSOR_REVISION"=1c02
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP

-----------------EOF-----------------

Alt 18.02.2010, 21:26   #9
AlinavMarie
 
Explorer streikt - Standard

Explorer streikt


Logfile of random's system information tool 1.06 (written by random/random)
Run by Sienknecht at 2010-02-18 21:12:23
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 52 GB (71%) free of 73 GB
Total RAM: 1014 MB (34% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:12:39 PM, on 2/18/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Programme\Quick Macros 2\qmserv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Avira\AntiVir Desktop\avguard.exe
C:\Programme\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Programme\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Programme\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Programme\Samsung\Samsung Battery Manager\BatteryManager.exe
C:\Programme\Avira\AntiVir Desktop\avgnt.exe
C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
C:\Programme\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Samsung\Easy Display Manager\dmhkcore.exe
C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Programme\SAMSUNG\MagicKBD\MagicKBD.exe
C:\Programme\SAMSUNG\MagicKBD\PerformanceManager.exe
C:\WINDOWS\system32\igfxext.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\ntvdm.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Programme\ICQ6.5\ICQ.exe
C:\Dokumente und Einstellungen\Sienknecht\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\chrome.exe
C:\Dokumente und Einstellungen\Sienknecht\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\chrome.exe
C:\Dokumente und Einstellungen\Sienknecht\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\chrome.exe
C:\Dokumente und Einstellungen\Sienknecht\Eigene Dateien\Downloads\RSIT.exe
C:\Programme\Trend Micro\HijackThis\Sienknecht.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\msizdg32.exe,
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programme\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - (no file)
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [EDS] C:\Programme\Samsung\Samsung EDS\EDSAgent.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programme\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [DMHotKey] C:\Programme\Samsung\Easy Display Manager\DMLoader.exe
O4 - HKLM\..\Run: [BatteryManager] C:\Programme\Samsung\Samsung Battery Manager\BatteryManager.exe
O4 - HKLM\..\Run: [MagicKeyboard] C:\Programme\SAMSUNG\MagicKBD\PreMKBD.exe
O4 - HKLM\..\Run: [avgnt] "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [MobileConnect] %programfiles%\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe /silent
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKCU\..\Run: [msnmsgr] "C:\Programme\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\PROGRA~1\Yahoo!\MESSEN~1\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Programme\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [WEB.DE Club E-Mail Alarm] C:\Programme\WEB.DE\WEB.DE Club E-Mail Alarm\EmailAlarm.exe
O4 - HKCU\..\Run: [Google Update] "C:\Dokumente und Einstellungen\Sienknecht\Lokale Einstellungen\Anwendungsdaten\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil10d.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: SetPointII.lnk = ?
O9 - Extra button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL
O9 - Extra button: PartyCasino - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\Programme\PartyGaming\PartyCasino\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyCasino - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\Programme\PartyGaming\PartyCasino\RunApp.exe (file missing)
O9 - Extra button: (no name) - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - (no file)
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Programme\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Programme\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {79E7DCE2-6306-4996-B7CB-C2601B2B7BD1} (DownloadCtrl Class) - https://stream.web.de/v/notify/Download.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-27-0.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Programme\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: Quick Macros (quickmacros2) - Unknown owner - C:\Programme\Quick Macros 2\qmserv.exe
O23 - Service: Samsung Update Plus - Unknown owner - C:\Programme\Samsung\Samsung Update Plus\SLUBackgroundService.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Vodafone Mobile Connect Service (VMCService) - Vodafone - C:\Programme\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Programme\Yahoo!\SoftwareUpdate\YahooAUService.exe
O23 - Service: Marvell Yukon Service (yksvc) - Unknown owner - RUNDLL32.EXE (file missing)

--
End of file - 11568 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-86724148-1804607701-1378462614-1005Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-86724148-1804607701-1378462614-1005UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Anmelde-Hilfsprogramm - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Programme\Java\jre6\bin\jp2ssv.dll [2010-01-11 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Programme\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-01-11 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{0FBB9689-D3D7-4f7a-A2E2-585B10099BFC}
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Programme\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{D4027C7F-154A-4066-A1AD-4243D8127440}
Locked

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-08-26 16851456]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2008-06-20 57344]
""= []
"EDS"=C:\Programme\Samsung\Samsung EDS\EDSAgent.exe [2007-12-20 659456]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2008-02-28 141848]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2008-02-28 166424]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2008-02-28 137752]
"SynTPEnh"=C:\Programme\Synaptics\SynTP\SynTPEnh.exe [2008-08-28 1044480]
"DMHotKey"=C:\Programme\Samsung\Easy Display Manager\DMLoader.exe [2006-12-27 466944]
"BatteryManager"=C:\Programme\Samsung\Samsung Battery Manager\BatteryManager.exe [2008-10-20 2768896]
"MagicKeyboard"=C:\Programme\SAMSUNG\MagicKBD\PreMKBD.exe [2006-05-14 151552]
"avgnt"=C:\Programme\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"Adobe Reader Speed Launcher"=C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
"SunJavaUpdateSched"=C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe [2010-01-11 246504]
"MobileConnect"=C:\Programme\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe [2009-04-20 2327552]
"GrooveMonitor"=C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"Kernel and Hardware Abstraction Layer"=C:\WINDOWS\KHALMNPR.EXE [2009-06-17 55824]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"=C:\Programme\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883840]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Messenger (Yahoo!)"=C:\PROGRA~1\Yahoo!\MESSEN~1\YahooMessenger.exe [2009-11-10 5244216]
"AlcoholAutomount"=C:\Programme\Alcohol Soft\Alcohol 120\axcmd.exe [2008-09-02 205256]
"WEB.DE Club E-Mail Alarm"=C:\Programme\WEB.DE\WEB.DE Club E-Mail Alarm\EmailAlarm.exe [2010-01-28 2204672]
"Google Update"=C:\Dokumente und Einstellungen\Sienknecht\Lokale Einstellungen\Anwendungsdaten\Google\Update\GoogleUpdate.exe [2010-02-18 135664]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"=C:\WINDOWS\system32\Macromed\Flash\FlashUtil10d.exe [2009-10-28 257440]

C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart
BTTray.lnk - C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe
SetPointII.lnk - C:\Programme\Logitech\SetPoint II\SetpointII.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2008-02-15 208896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Programme\Internet Explorer\IEXPLORE.EXE"="C:\Programme\Internet Explorer\IEXPLORE.EXE:*:Enabled:Internet Explorer"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\Programme\Messenger\msmsgs.exe"="C:\Programme\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Programme\ICQ6.5\ICQ.exe"="C:\Programme\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Programme\Windows Live\Messenger\wlcsdk.exe"="C:\Programme\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Programme\Yahoo!\Messenger\YahooMessenger.exe"="C:\Programme\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\Programme\Yahoo!\Messenger\YServer.exe"="C:\Programme\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\Programme\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"="C:\Programme\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:*:Enabled:Veoh Web Player "
"C:\Programme\Windows Live\Messenger\msnmsgr.exe"="C:\Programme\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Programme\Windows Live\Sync\WindowsLiveSync.exe"="C:\Programme\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Dokumente und Einstellungen\Sienknecht\Desktop\NovoGames_Full\Novogames_Full\gameunp.exe"="C:\Dokumente und Einstellungen\Sienknecht\Desktop\NovoGames_Full\Novogames_Full\gameunp.exe:*:Enabled:gameunp"
"C:\Dokumente und Einstellungen\Sienknecht\Desktop\NovoGames_Full\Spiele 1-10\NovoGames_Full\Novogames_Full\gameunp.exe.exe"="C:\Dokumente und Einstellungen\Sienknecht\Desktop\NovoGames_Full\Spiele 1-10\NovoGames_Full\Novogames_Full\gameunp.exe.exe:*:Enabled:gameunp.exe"
"C:\Dokumente und Einstellungen\Sienknecht\Desktop\NovoGames_Full\Spiele 1-10\NovoGames_Full\Novogames_Full\gameunp.exe"="C:\Dokumente und Einstellungen\Sienknecht\Desktop\NovoGames_Full\Spiele 1-10\NovoGames_Full\Novogames_Full\gameunp.exe:*:Enabled:gameunp"
"C:\Dokumente und Einstellungen\Sienknecht\Desktop\NovoGames_Full\Spiele 11-20\NovoGames_Full\Novogames_Full\gameunp.exe"="C:\Dokumente und Einstellungen\Sienknecht\Desktop\NovoGames_Full\Spiele 11-20\NovoGames_Full\Novogames_Full\gameunp.exe:*:Enabled:gameunp"
"C:\Programme\Java\jre6\bin\javaw.exe"="C:\Programme\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Programme\Microsoft Office\Office12\GROOVE.EXE"="C:\Programme\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Programme\Microsoft Office\Office12\ONENOTE.EXE"="C:\Programme\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"D:\NovoGames_Full\Spiele 11-20\NovoGames_Full\Novogames_Full\gameunp.exe"="D:\NovoGames_Full\Spiele 11-20\NovoGames_Full\Novogames_Full\gameunp.exe:*:Enabled:gameunp"
"C:\Programme\NOVOMATIC Gaminator CF1 Final\game.exe"="C:\Programme\NOVOMATIC Gaminator CF1 Final\game.exe:*:Enabled:game"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Programme\Windows Live\Messenger\wlcsdk.exe"="C:\Programme\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Programme\Windows Live\Messenger\msnmsgr.exe"="C:\Programme\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Programme\Windows Live\Sync\WindowsLiveSync.exe"="C:\Programme\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{46424f20-eb2d-11de-a2a8-001377fa1e50}]
shell\AutoRun\command - E:\Install.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{72e7ad75-f7dd-11de-a2af-000000000000}]
shell\AutoRun\command - E:\setup_vmc_lite.exe /checkApplicationPresence


======List of files/folders created in the last 1 months======

2010-02-18 21:12:23 ----D---- C:\rsit
2010-02-17 21:42:49 ----D---- C:\Dokumente und Einstellungen\Sienknecht\Anwendungsdaten\Malwarebytes
2010-02-17 21:42:39 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
2010-02-17 21:42:38 ----D---- C:\Programme\Malwarebytes' Anti-Malware
2010-02-17 16:24:19 ----D---- C:\Programme\Trend Micro
2010-02-14 21:11:37 ----HDC---- C:\WINDOWS\ie8
2010-02-14 20:15:28 ----D---- C:\Dokumente und Einstellungen\Sienknecht\Anwendungsdaten\WEB.DE
2010-02-14 20:15:02 ----D---- C:\Programme\WEB.DE
2010-02-13 18:03:11 ----A---- C:\WINDOWS\system32\devil.dll
2010-02-13 18:03:11 ----A---- C:\WINDOWS\system32\avisynth.dll
2010-02-13 18:03:06 ----A---- C:\WINDOWS\system32\i420vfw.dll
2010-02-13 18:03:06 ----A---- C:\WINDOWS\system32\AVSredirect.dll
2010-02-13 18:03:02 ----D---- C:\Programme\AviSynth 2.5
2010-02-12 15:18:16 ----D---- C:\Dokumente und Einstellungen\Sienknecht\Anwendungsdaten\MSNInstaller
2010-02-03 13:28:28 ----D---- C:\Dokumente und Einstellungen\Sienknecht\Anwendungsdaten\Windows Live Writer
2010-01-31 18:47:54 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\UAB
2010-01-31 18:45:39 ----D---- C:\Programme\PC Drivers HeadQuarters
2010-01-31 18:02:04 ----HDC---- C:\WINDOWS\$NtUninstallWdf01005$
2010-01-31 18:00:26 ----D---- C:\Programme\Logitech
2010-01-31 18:00:12 ----D---- C:\Programme\Gemeinsame Dateien\Logishrd
2010-01-31 17:59:59 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\LogiShrd
2010-01-31 17:56:54 ----D---- C:\Programme\Atheros
2010-01-31 17:56:13 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Atheros
2010-01-31 17:08:59 ----D---- C:\Programme\Driver Genius
2010-01-31 15:24:13 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Drivers HeadQuarters
2010-01-27 19:47:57 ----A---- C:\WINDOWS\system32\regsvr32.exe.log
2010-01-27 16:11:25 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Sun
2010-01-27 16:10:56 ----A---- C:\WINDOWS\system32\javaws.exe
2010-01-27 16:10:56 ----A---- C:\WINDOWS\system32\javaw.exe
2010-01-27 16:10:56 ----A---- C:\WINDOWS\system32\java.exe
2010-01-26 14:24:56 ----D---- C:\Dokumente und Einstellungen\Sienknecht\Anwendungsdaten\Media Player Classic
2010-01-26 14:23:40 ----A---- C:\WINDOWS\system32\unrar.dll
2010-01-20 23:45:00 ----D---- C:\Dokumente und Einstellungen\Sienknecht\Anwendungsdaten\Windows Search
2010-01-20 23:38:08 ----D---- C:\Programme\Windows Desktop Search
2010-01-20 23:38:07 ----D---- C:\WINDOWS\system32\GroupPolicy
2010-01-19 21:03:16 ----A---- C:\WINDOWS\system32\msonpmon.dll
2010-01-19 21:00:36 ----D---- C:\Programme\Microsoft Works
2010-01-19 20:58:31 ----D---- C:\Programme\Microsoft Visual Studio
2010-01-19 20:58:31 ----D---- C:\Programme\Gemeinsame Dateien\DESIGNER
2010-01-19 20:57:02 ----D---- C:\Programme\Microsoft.NET
2010-01-19 20:53:41 ----D---- C:\Programme\Microsoft Visual Studio 8
2010-01-19 20:52:45 ----D---- C:\WINDOWS\SHELLNEW
2010-01-19 20:51:56 ----D---- C:\Programme\Microsoft Office
2010-01-19 20:51:54 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft Help
2010-01-19 20:51:10 ----RHD---- C:\MSOCache
2010-01-19 20:40:36 ----D---- C:\Programme\Alcohol Soft

======List of files/folders modified in the last 1 months======

2010-02-18 21:12:00 ----D---- C:\WINDOWS\Prefetch
2010-02-18 19:42:41 ----D---- C:\Dokumente und Einstellungen\Sienknecht\Anwendungsdaten\ICQ
2010-02-18 16:35:06 ----D---- C:\WINDOWS\Temp
2010-02-18 15:43:11 ----SD---- C:\WINDOWS\Tasks
2010-02-18 09:00:22 ----D---- C:\Programme
2010-02-17 23:00:28 ----D---- C:\WINDOWS\Debug
2010-02-17 23:00:28 ----D---- C:\WINDOWS
2010-02-17 22:56:26 ----D---- C:\WINDOWS\system32\CatRoot2
2010-02-17 22:55:31 ----HD---- C:\WINDOWS\inf
2010-02-17 22:55:31 ----D---- C:\WINDOWS\system32
2010-02-17 22:55:30 ----D---- C:\WINDOWS\system32\drivers
2010-02-17 22:54:48 ----N---- C:\WINDOWS\SchedLgU.Txt
2010-02-15 18:23:44 ----D---- C:\Programme\JDownloader
2010-02-15 13:44:47 ----SHD---- C:\WINDOWS\Installer
2010-02-14 21:23:28 ----D---- C:\WINDOWS\system32\CatRoot
2010-02-14 21:21:59 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-02-14 21:21:57 ----D---- C:\WINDOWS\ie8updates
2010-02-14 21:16:00 ----D---- C:\WINDOWS\system32\de-de
2010-02-14 21:15:59 ----D---- C:\WINDOWS\Help
2010-02-14 21:15:59 ----D---- C:\Programme\Internet Explorer
2010-02-14 21:14:17 ----HD---- C:\WINDOWS\$hf_mig$
2010-02-14 21:13:02 ----D---- C:\WINDOWS\WBEM
2010-02-14 21:12:53 ----D---- C:\WINDOWS\Media
2010-02-14 20:37:22 ----D---- C:\WINDOWS\system32\wbem
2010-02-14 20:36:38 ----HD---- C:\Programme\InstallShield Installation Information
2010-02-14 20:36:38 ----D---- C:\Programme\Samsung
2010-02-14 20:14:43 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-02-13 18:02:58 ----RSD---- C:\WINDOWS\Fonts
2010-02-12 15:17:42 ----D---- C:\Programme\MSN
2010-02-12 14:59:58 ----D---- C:\Programme\Google
2010-02-12 14:56:55 ----SD---- C:\Dokumente und Einstellungen\Sienknecht\Anwendungsdaten\Microsoft
2010-02-11 16:04:32 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-02-09 16:10:38 ----D---- C:\WINDOWS\system32\config
2010-02-09 16:10:15 ----D---- C:\WINDOWS\Registration
2010-02-09 16:09:14 ----D---- C:\WINDOWS\system32\Restore
2010-02-01 20:26:20 ----A---- C:\WINDOWS\system32\MRT.exe
2010-01-31 18:47:43 ----RSD---- C:\WINDOWS\assembly
2010-01-31 18:02:30 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-01-31 18:00:12 ----D---- C:\Programme\Gemeinsame Dateien
2010-01-27 22:03:25 ----D---- C:\Programme\DivX
2010-01-27 21:45:21 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Nero
2010-01-27 16:11:23 ----D---- C:\Programme\Gemeinsame Dateien\Java
2010-01-27 16:10:52 ----D---- C:\Programme\Java
2010-01-20 23:38:27 ----SD---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft
2010-01-20 14:48:02 ----D---- C:\Programme\Gemeinsame Dateien\Microsoft Shared
2010-01-20 14:43:35 ----A---- C:\WINDOWS\win.ini
2010-01-20 14:43:33 ----D---- C:\Programme\Gemeinsame Dateien\System
2010-01-20 03:25:00 ----D---- C:\Programme\Microsoft Silverlight
2010-01-19 21:00:17 ----D---- C:\WINDOWS\WinSxS
2010-01-19 20:59:48 ----D---- C:\Programme\MSBuild
2010-01-19 20:38:31 ----D---- C:\Programme\Yahoo!
2010-01-19 20:38:31 ----D---- C:\Programme\WinRAR

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Programme\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 intelppm;Intel-Prozessortreiber; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40448]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-12-19 56816]
R2 DOSMEMIO;MEMIO; \??\C:\WINDOWS\system32\MEMIO.SYS []
R2 LBeepKE;LBeepKE; C:\WINDOWS\System32\Drivers\LBeepKE.sys [2009-06-17 10384]
R3 AR5416;Atheros AR5008 Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\athw.sys [2009-11-06 1590528]
R3 BTDriver;Virtueller Bluetooth-Kommunikationstreiber; C:\WINDOWS\system32\DRIVERS\btport.sys [2008-07-27 37424]
R3 BTKRNL;Bluetooth-Bus-Enumerator; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2008-07-29 879832]
R3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2008-07-27 74688]
R3 CmBatt;Treiber für Microsoft-ACPI-Kontrollmethodenkompatible Batterie; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-14 13952]
R3 DNSeFilter;DNSeFilter; C:\WINDOWS\system32\drivers\SamsungEDS.sys [2008-01-14 30208]
R3 HDAudBus;Microsoft UAA-Bustreiber für High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 HidUsb;Microsoft HID Class-Treiber; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2008-02-15 5854752]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-08-27 4753920]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2009-06-17 35472]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2009-06-17 37392]
R3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\WINDOWS\System32\Drivers\LUsbFilt.Sys [2009-06-17 28560]
R3 mouhid;Maus-HID-Treiber; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-18 12288]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2008-08-28 224736]
R3 usbehci;Miniporttreiber für erweiterten Microsoft USB 2.0-Hostcontroller; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Microsoft USB-Standardhubtreiber; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbstor;USB-Massenspeichertreiber; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Miniporttreiber für universellen Microsoft USB-Hostcontroller; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 VMC326;Vimicro Camera Service VMC326; C:\WINDOWS\System32\Drivers\VMC326.sys [2008-09-23 238464]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2008-11-07 291328]
S1 kbdhid;Tastatur-HID-Treiber; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
S3 at8ryhed;at8ryhed; C:\WINDOWS\system32\drivers\at8ryhed.sys []
S3 btaudio;Bluetooth-Audiogerät; C:\WINDOWS\system32\drivers\btaudio.sys [2008-07-27 539640]
S3 BTWDNDIS;Bluetooth-LAN-Zugangsserver; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2008-07-29 156816]
S3 CCDECODE;Untertiteldecoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 massfilter;ZTE Mass Storage Filter Driver; C:\WINDOWS\system32\drivers\massfilter.sys [2009-04-09 7680]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI-Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV-/Videoverbindung; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 qmphook;QM process triggers; \??\C:\Programme\Quick Macros 2\qmphook.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA-IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbccgp;Microsoft Standard-USB-Haupttreiber; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbvideo;USB-Videogerät (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984]
S3 WSTCODEC;World Standard Teletext-Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:\WINDOWS\system32\DRIVERS\ZTEusbmdm6k.sys [2009-04-09 104960]
S3 ZTEusbnet;ZTE USB-NDIS miniport; C:\WINDOWS\system32\DRIVERS\ZTEusbnet.sys [2009-04-09 110592]
S3 ZTEusbnmea;ZTE NMEA Port; C:\WINDOWS\system32\DRIVERS\ZTEusbnmea.sys [2009-04-09 105344]
S3 ZTEusbser6k;ZTE Diagnostic Port; C:\WINDOWS\system32\DRIVERS\ZTEusbser6k.sys [2009-04-09 104960]
S3 ZTEusbvoice;ZTE VoUSB Port; C:\WINDOWS\system32\DRIVERS\ZTEusbvoice.sys [2009-04-09 105344]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirSchedulerService;Avira AntiVir Planer; C:\Programme\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Programme\Avira\AntiVir Desktop\avguard.exe [2009-08-05 185089]
R2 btwdins;Bluetooth Service; C:\Programme\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2008-09-17 264800]
R2 JavaQuickStarterService;Java Quick Starter; C:\Programme\Java\jre6\bin\jqs.exe [2009-12-17 153376]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\WINDOWS\system32\IoctlSvc.exe [2006-12-19 81920]
R2 quickmacros2;Quick Macros; C:\Programme\Quick Macros 2\qmserv.exe [2009-08-23 9728]
R2 SeaPort;SeaPort; C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 StarWindServiceAE;StarWind AE Service; C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
R2 VMCService;Vodafone Mobile Connect Service; C:\Programme\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [2009-04-20 9216]
R2 YahooAUService;Yahoo! Updater; C:\Programme\Yahoo!\SoftwareUpdate\YahooAUService.exe [2008-11-09 602392]
R2 yksvc;Marvell Yukon Service; ykx32mpcoinst,serviceStartProc []
S2 Samsung Update Plus;Samsung Update Plus; C:\Programme\Samsung\Samsung Update Plus\SLUBackgroundService.exe [2008-05-13 77480]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Programme\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Windows Media Player-Netzwerkfreigabedienst; C:\Programme\Windows Media Player\WMPNetwk.exe [2006-11-03 920576]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Alt 18.02.2010, 21:26   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Explorer streikt - Standard

Explorer streikt


Das war die info.txt - die log.txt fehlt noch.
Edit: Oh, da isse ja schon
__________________
Logfiles bitte immer in CODE-Tags posten

Antwort

Themen zu Explorer streikt
acroiehelper.dll, adobe, antivir, antivir guard, ask toolbar, avira, bho, browser, desktop, dll, e-mail, explorer, hijack, hijackthis, hkus\s-1-5-18, internet, internet explorer, pdf, plug-in, programme, rundll, seiten, software, system, temp, userinit.exe, virus, vodafone, web.de, windows, windows xp, öffnet


« Virus problem | Internet Explorer macht sich selbstständig »


Ähnliche Themen: Explorer streikt


  1. Sandboxie streikt
    Antiviren-, Firewall- und andere Schutzprogramme - 30.05.2015 (2)
  2. compatibilitycheck.exe gefunden!, Pc läuft nicht rund, Explorer streikt manchmal + gebootet wird auch nicht immer einwandfrei.
    Plagegeister aller Art und deren Bekämpfung - 06.02.2015 (13)
  3. Computer streikt!
    Alles rund um Windows - 21.07.2013 (1)
  4. Sicherheitscenter streikt !
    Log-Analyse und Auswertung - 14.05.2013 (17)
  5. Explorer.exe streikt
    Plagegeister aller Art und deren Bekämpfung - 03.07.2009 (1)
  6. IE7 streikt
    Log-Analyse und Auswertung - 12.01.2009 (3)
  7. Internetverbindung streikt bei bestimmten Videostreams
    Log-Analyse und Auswertung - 10.01.2009 (61)
  8. Virus? Soundkarte(ntreiber) streikt....
    Mülltonne - 30.09.2007 (0)
  9. w-lan streikt :-(
    Alles rund um Windows - 06.09.2007 (10)
  10. ZoneAlarm streikt <-> vsmon.exe
    Antiviren-, Firewall- und andere Schutzprogramme - 16.07.2007 (4)
  11. Computer streikt
    Alles rund um Windows - 07.06.2007 (13)
  12. LAN Verbindung streikt ?!?!?!
    Netzwerk und Hardware - 02.06.2007 (1)
  13. Systemwiederherstellung von WinME streikt
    Alles rund um Windows - 23.04.2007 (5)
  14. Systemwiederherstellung von WinME streikt
    Mülltonne - 23.04.2007 (0)
  15. PC streikt bitte um Hilfe
    Alles rund um Windows - 25.11.2006 (11)
  16. Netzwerktreiber streikt
    Netzwerk und Hardware - 06.04.2006 (4)
  17. Notebook-HD streikt...
    Netzwerk und Hardware - 19.01.2003 (7)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Explorer streikt - Hallo, habe ein Problem. Explorer öffnet sich nicht mehr so richtig,und einige Seiten werden erst garnicht mehr geöffnet bzw Explorer sagt muss beendet werden HAB ICH EIN VIRUS oder so? - Explorer streikt...
Archiv
Du betrachtest: Explorer streikt auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19