Antimalware Doctor und PC piept.....

Fjodoro · 19.08.2010, 19:33

Hallo Leute.....

Also über Antimalware Doctor hab ich mir in diesem Forum schon was durchgelesen und auch das was gesagt wurde probiert.
Ich habe mir Rkill runtergeladen, damit die Prozesse von Antimalware Doctor beendet. Habe es mehrmals probiert auch öfters ausgeführt.
Dann mit Malwarebytes das System gescannt, er hat auch die entsprechenden Dateien gefunden, nach einem Neustart sah das ganze dann aber wieder genau so aus wie vorher. Mein PC läuft außerdem ziemlich langsam und piept ständig, ich weis leider nicht wie man das Geräusch nennt.

Habe jetzt CCleaner durchlaufen lassen und dann von RSIT, die 2 Logs erstellen lassen. Die ich hier mal posten möchte und auf weitere Hilfe hoffe.

RSIT Logfile:

Code:

ATTFilter

Logfile of random's system information tool 1.08 (written by random/random)
Run by Admin at 2010-08-19 20:18:51
Microsoft Windows XP Professional Service Pack 2
System drive C: has 4 GB (12%) free of 30 GB
Total RAM: 3327 MB (83% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:18:55, on 19.08.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Programme\ASUS\EPU-6 Engine\SixEngine.exe
D:\Programme\Winamp\winampa.exe
C:\Programme\Java\jre6\bin\jusched.exe
C:\Programme\DivX\DivX Update\DivXUpdate.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Windows Live\Messenger\msnmsgr.exe
C:\Programme\Messenger\msmsgs.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programme\Avira\AntiVir Desktop\avguard.exe
C:\Programme\AskBarDis\bar\bin\AskService.exe
C:\Programme\AskBarDis\bar\bin\ASKUpgrade.exe
C:\Programme\Avira\AntiVir Desktop\avshadow.exe
C:\Programme\Bonjour\mDNSResponder.exe
C:\Programme\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Tablet.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Windows Live\Contacts\wlcomm.exe
C:\Programme\Java\jre6\bin\jucheck.exe
C:\Dokumente und Einstellungen\Admin\Eigene Dateien\Downloads\RSIT.exe
C:\Programme\trend micro\Admin.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bigseekpro.com/splitcam/{C63C9CF1-1903-4F54-AE16-058D53B3CDED}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bigseekpro.com/splitcam/{C63C9CF1-1903-4F54-AE16-058D53B3CDED}
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: ToolbarURLSearchHook Class - {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Programme\Splitcam Toolbar\tbhelper.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Programme\AskBarDis\bar\bin\askBar.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: voguecash browser enhancer - {9DC916E8-2211-DDB8-C1B7-C1C35213B6BE} - C:\WINDOWS\system32\kwkluqnxpjcomjgvh.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programme\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SMTTB2009 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Programme\Splitcam Toolbar\tbcore3.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Programme\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Programme\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: Splitcam Toolbar - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Programme\Splitcam Toolbar\tbcore3.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot
O4 - HKLM\..\Run: [Six Engine] "C:\Programme\ASUS\EPU-6 Engine\SixEngine.exe" -r
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [WinampAgent] D:\Programme\Winamp\winampa.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Programme\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [ISTray] "C:\Programme\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programme\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [wintask] C:\WINDOWS\wintask.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Programme\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] "C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Programme\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [gotnewupdate000.exe] C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\974D8B1F46D23B334F2188A59CB4797A\gotnewupdate000.exe
O4 - HKCU\..\Run: [M5T8QL3YW3] C:\DOKUME~1\Admin\LOKALE~1\Temp\Ncx.exe
O4 - HKCU\..\Run: [Skype] "C:\Programme\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Vyisas] rundll32.exe "C:\WINDOWS\mensdsli.dll",Startup
O4 - HKCU\..\RunOnce: [WiseStubReboot] MSIEXEC /quiet SKIP_PPU_DRIVER_INSTALL=1 /I "C:\Programme\Gemeinsame Dateien\Wise Installation Wizard\WIS1C4551A64743409391E41477CD655043_9_09_0203.MSI" TRANSFORMS="C:\Programme\Gemeinsame Dateien\Wise Installation Wizard\WIS1C4551A64743409391E41477CD655043_9_09_0203.MST" WISE_SETUP_EXE_PATH="c:\nvidia\winxp\185.85\is\PhysX_9.09.0408_SystemSoftware.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: McAfee Security Scan.lnk = ?
O4 - Global Startup: TabUserW.exe.lnk = C:\WINDOWS\system32\WTablet\TabUserW.exe
O9 - Extra button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: cbssreg - C:\Dokumente und Einstellungen\All Users\Dokumente\Settings\cbss.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\avguard.exe
O23 - Service: ASKService - Unknown owner - C:\Programme\AskBarDis\bar\bin\AskService.exe
O23 - Service: ASKUpgrade - Unknown owner - C:\Programme\AskBarDis\bar\bin\ASKUpgrade.exe
O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. - C:\Programme\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Programme\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programme\Java\jre6\bin\jqs.exe
O23 - Service: lxddCATSCustConnectService - Lexmark International, Inc. - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxddserv.exe
O23 - Service: lxdd_device -   - C:\WINDOWS\system32\lxddcoms.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Programme\CDBurnerXP\NMSAccessU.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe
O23 - Service: TabletServiceWacom - Wacom Technology, Corp. - C:\WINDOWS\system32\Wacom_Tablet.exe
O23 - Service: Viewpoint Service - Viewpoint Corporation - C:\Programme\Viewpoint\Common\ViewpointService.exe

--
End of file - 10829 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
C:\WINDOWS\tasks\{62C40AA6-4406-467a-A5A5-DFDF1B559B7A}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
AskBar BHO - C:\Programme\AskBarDis\bar\bin\askBar.dll [2009-04-02 333192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Programme\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2009-01-14 92504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Anmelde-Hilfsprogramm - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9DC916E8-2211-DDB8-C1B7-C1C35213B6BE}]
voguecash browser enhancer - C:\WINDOWS\system32\kwkluqnxpjcomjgvh.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll [2010-07-14 278192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Programme\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll [2010-07-14 814648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Programme\Java\jre6\bin\jp2ssv.dll [2009-12-29 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Programme\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-12-29 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}]
SMTTB2009 Class - C:\Programme\Splitcam Toolbar\tbcore3.dll [2010-02-16 2495488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{3041d03e-fd4b-44e0-b742-2d9b88305f98} - Ask Toolbar - C:\Programme\AskBarDis\bar\bin\askBar.dll [2009-04-02 333192]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Programme\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Programme\DAEMON Tools Toolbar\DTToolbar.dll [2009-11-24 953800]
{338B4DFE-2E2C-4338-9E41-E176D497299E} - Splitcam Toolbar - C:\Programme\Splitcam Toolbar\tbcore3.dll [2010-02-16 2495488]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll [2010-07-14 278192]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-05-01 86016]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-05-01 13750272]
"JMB36X IDE Setup"=C:\WINDOWS\RaidTool\xInsIDE.exe [2007-03-21 36864]
"36X Raid Configurer"=C:\WINDOWS\system32\xRaidSetup.exe [2007-11-19 1970176]
"Six Engine"=C:\Programme\ASUS\EPU-6 Engine\SixEngine.exe [2008-11-13 5974528]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-11-17 17676288]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2008-06-19 57344]
"WinampAgent"=D:\Programme\Winamp\winampa.exe [2009-04-10 37888]
"QuickTime Task"=C:\Programme\QuickTime\QTTask.exe [2009-11-11 417792]
"SunJavaUpdateSched"=C:\Programme\Java\jre6\bin\jusched.exe [2009-12-29 149280]
"DivXUpdate"=C:\Programme\DivX\DivX Update\DivXUpdate.exe [2010-04-13 1135912]
"ISTray"=C:\Programme\Spyware Doctor\pctsTray.exe []
"iTunesHelper"=C:\Programme\iTunes\iTunesHelper.exe []
"wintask"=C:\WINDOWS\wintask.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2006-08-12 15360]
"msnmsgr"=C:\Programme\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883840]
"swg"=C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-05-28 39408]
"MSMSGS"=C:\Programme\Messenger\msmsgs.exe [2004-08-04 1667584]
"SpybotSD TeaTimer"=C:\Programme\Spybot - Search & Destroy\TeaTimer.exe [2009-01-26 2144088]
"DAEMON Tools Lite"=C:\Programme\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]
"gotnewupdate000.exe"=C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\974D8B1F46D23B334F2188A59CB4797A\gotnewupdate000.exe [2010-06-05 1041920]
"M5T8QL3YW3"=C:\DOKUME~1\Admin\LOKALE~1\Temp\Ncx.exe []
"Skype"=C:\Programme\Skype\Phone\Skype.exe [2010-05-13 26192168]
"Vyisas"=C:\WINDOWS\mensdsli.dll [2006-08-12 73728]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"WiseStubReboot"=MSIEXEC /quiet SKIP_PPU_DRIVER_INSTALL=1 /I C:\Programme\Gemeinsame Dateien\Wise Installation Wizard\WIS1C4551A64743409391E41477CD655043_9_09_0203.MSI TRANSFORMS=C:\Programme\Gemeinsame Dateien\Wise Installation Wizard\WIS1C4551A64743409391E41477CD655043_9_09_0203.MST WISE_SETUP_EXE_PATH=c:\nvidia\winxp\185.85\is\PhysX_9.09.0408_SystemSoftware.exe []

C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart
McAfee Security Scan.lnk - C:\Programme\McAfee Security Scan\1.0.150\SSScheduler.exe
TabUserW.exe.lnk - C:\WINDOWS\system32\WTablet\TabUserW.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cbssreg]
C:\Dokumente und Einstellungen\All Users\Dokumente\Settings\cbss.dll []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 1 months======

2010-08-19 20:18:52 ----D---- C:\Programme\trend micro
2010-08-19 20:18:51 ----D---- C:\rsit
2010-08-19 20:15:07 ----D---- C:\Programme\CCleaner

======List of files/folders modified in the last 1 months======

2010-08-19 20:18:52 ----RD---- C:\Programme
2010-08-19 20:18:27 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy
2010-08-19 20:18:05 ----D---- C:\WINDOWS\Temp
2010-08-19 20:18:05 ----D---- C:\WINDOWS\Debug
2010-08-19 20:18:05 ----D---- C:\WINDOWS
2010-08-19 20:15:20 ----D---- C:\WINDOWS\Prefetch
2010-08-19 20:11:43 ----D---- C:\WINDOWS\system32
2010-08-19 20:11:43 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-08-19 20:07:52 ----D---- C:\WINDOWS\system32\CatRoot2
2010-08-19 20:07:10 ----SD---- C:\WINDOWS\Tasks
2010-08-19 20:06:02 ----N---- C:\WINDOWS\SchedLgU.Txt
2010-08-19 20:04:53 ----D---- C:\WINDOWS\system32\NtmsData
2010-08-19 19:57:53 ----D---- C:\WINDOWS\Registration
2010-08-19 17:35:59 ----D---- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Skype
2010-08-19 17:30:22 ----D---- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\skypePM
2010-08-18 20:18:21 ----D---- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Winamp
2010-08-14 11:34:05 ----D---- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\uTorrent
2010-07-28 19:45:27 ----D---- C:\Programme\Mozilla Firefox
2010-07-28 11:58:05 ----D---- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\DivX

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 JRAID;JRAID; C:\WINDOWS\system32\DRIVERS\jraid.sys [2008-07-01 79448]
R0 ohci1394;OHCI-konformer IEEE 1394-Hostcontroller; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2006-08-12 61056]
R0 PenClass;Pen Class; C:\WINDOWS\system32\Drivers\PenClass.sys [2001-04-09 8138]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-03-31 44944]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-01-08 691696]
R1 AsIO;AsIO; C:\WINDOWS\system32\drivers\AsIO.sys [2007-12-17 12400]
R1 avgio;avgio; \??\C:\Programme\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2010-03-01 124784]
R1 intelppm;Intel-Prozessortreiber; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2006-08-12 40192]
R1 kbdhid;Tastatur-HID-Treiber; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2006-08-12 14848]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2010-03-13 281760]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2010-02-16 60936]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2010-03-13 25888]
R3 Arp1394;1394-ARP-Clientprotokoll; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2006-08-12 60800]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 hidusb;Microsoft HID Class-Treiber; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2006-08-12 9600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-11-25 4952576]
R3 L1e;Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l1e51x86.sys [2008-09-24 38400]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
R3 mouhid;Maus-HID-Treiber; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-18 12288]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 NIC1394;1394-Netzwerktreiber; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2006-08-12 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-04-30 8055584]
R3 SPLITCAM;Splitcam, WDM Camera Stream Splitter; C:\WINDOWS\system32\DRIVERS\splitcam.sys [2010-05-24 13824]
R3 usbccgp;Microsoft Standard-USB-Haupttreiber; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2006-08-12 31616]
R3 usbuhci;Miniporttreiber für universellen Microsoft USB-Hostcontroller; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2006-08-12 20480]
R3 wacommousefilter;Wacom Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\wacommousefilter.sys [2007-02-16 11312]
R3 wacomvhid;Wacom Virtual Hid Driver; C:\WINDOWS\system32\DRIVERS\wacomvhid.sys [2009-09-21 14120]
S3 a6ncz77x;a6ncz77x; C:\WINDOWS\system32\drivers\a6ncz77x.sys []
S3 CCDECODE;Untertiteldecoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI-Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV-/Videoverbindung; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 RimUsb;BlackBerry-Smartphone; C:\WINDOWS\System32\Drivers\RimUsb.sys []
S3 RimVSerPort;RIM Virtual Serial Port v2; C:\WINDOWS\system32\DRIVERS\RimSerial.sys [2007-01-18 26496]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2006-08-12 5888]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2009-11-12 7168]
S3 streamip;BDA-IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys []
S3 usbaudio;USB-Audiotreiber (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-04 59264]
S3 usbprint;Microsoft USB-Druckerklasse; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-04 25856]
S3 usbscan;USB-Scannertreiber; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;USB-Massenspeichertreiber; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 wacmoumonitor;Wacom Mode Helper; C:\WINDOWS\system32\DRIVERS\wacmoumonitor.sys [2010-01-24 16168]
S3 WacomVKHid;Virtual Keyboard Driver; C:\WINDOWS\system32\DRIVERS\WacomVKHid.sys []
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2005-01-28 18944]
S3 WSTCODEC;World Standard Teletext-Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S4 WS2IFSL;Windows Socket 2.0 Non-IFS-Dienstanbieter-Unterstützungsumgebung; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2006-08-12 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirSchedulerService;Avira AntiVir Planer; C:\Programme\Avira\AntiVir Desktop\sched.exe [2010-02-24 135336]
R2 AntiVirService;Avira AntiVir Guard; C:\Programme\Avira\AntiVir Desktop\avguard.exe [2010-06-05 267432]
R2 ASKService;ASKService; C:\Programme\AskBarDis\bar\bin\AskService.exe [2009-04-02 464264]
R2 ASKUpgrade;ASKUpgrade; C:\Programme\AskBarDis\bar\bin\ASKUpgrade.exe [2009-04-02 234888]
R2 Bonjour Service;Bonjour-Dienst; C:\Programme\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 NMSAccessU;NMSAccessU; C:\Programme\CDBurnerXP\NMSAccessU.exe [2009-09-06 71096]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-05-01 168004]
R2 TabletService;TabletService; C:\WINDOWS\system32\Tablet.exe [2005-06-17 749568]
S2 gupdate;Google Update Service (gupdate); C:\Programme\Google\Update\GoogleUpdate.exe [2010-02-14 135664]
S2 JavaQuickStarterService;Java Quick Starter; C:\Programme\Java\jre6\bin\jqs.exe [2009-12-29 153376]
S2 lxdd_device;lxdd_device; C:\WINDOWS\system32\lxddcoms.exe [2007-05-25 537520]
S2 lxddCATSCustConnectService;lxddCATSCustConnectService; C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxddserv.exe [2007-05-25 99248]
S2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-12-06 75064]
S2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2009-12-06 189248]
S2 SeaPort;SeaPort; C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]
S2 SSHNAS;SSHNAS; C:\WINDOWS\system32\svchost.exe [2006-08-12 14336]
S2 TabletServiceWacom;TabletServiceWacom; C:\WINDOWS\system32\Wacom_Tablet.exe [2010-02-01 4949288]
S2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
S2 Viewpoint Service;Viewpoint Service; C:\Programme\Viewpoint\Common\ViewpointService.exe [2008-04-04 30152]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-03-04 655624]
S3 getPlusHelper;getPlus(R) Helper; C:\WINDOWS\System32\svchost.exe [2006-08-12 14336]
S3 gusvc;Google Software Updater; C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-05-28 182768]
S3 npggsvc;nProtect GameGuard Service; C:\WINDOWS\system32\GameMon.des [2009-08-30 3407412]

-----------------EOF-----------------

--- --- ---

info.txtRSIT Logfile:

Code:

ATTFilter

logfile of random's system information tool 1.08 2010-08-19 20:18:56

======Uninstall list======

-->MsiExec /X{1C4551A6-4743-4093-91E4-1477CD655043}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe AIR-->c:\Programme\Gemeinsame Dateien\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
Adobe CMaps CS4-->MsiExec.exe /I{94D398EB-D2FD-4FD1-B8C4-592635E8A191}
Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}
Adobe Color EU Recommended Settings-->MsiExec.exe /I{73B5D990-04EA-4751-B10F-5534770B91F2}
Adobe Color JA Extra Settings CS4-->MsiExec.exe /I{0D6013AB-A0C7-41DC-973C-E93129C9A29F}
Adobe Color NA Extra Settings-->MsiExec.exe /I{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}
Adobe Default Language CS4-->MsiExec.exe /I{C52E3EC1-048C-45E1-8D53-10B0C6509683}
Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
Adobe Download Manager-->"C:\WINDOWS\system32\rundll32.exe" "C:\Programme\NOS\bin\getPlus_Helper.dll",Uninstall /IE2883E8F-472F-4fb0-9522-AC9BF37916A7 /Get1
Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Fonts All-->MsiExec.exe /I{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}
Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
Adobe PDF Library Files CS4-->MsiExec.exe /I{F93C84A6-0DC6-42AF-89FA-776F7C377353}
Adobe Photoshop CS3-->C:\Programme\Gemeinsame Dateien\Adobe\Installers\5f143314a5d434c8511097393d17397\Setup.exe
Adobe Photoshop CS3-->MsiExec.exe /I{29F05234-DCBB-4FE0-88DC-5160C9250312}
Adobe Setup-->MsiExec.exe /I{F01F79AD-1F47-4685-AE4E-CCFA4EA9FF7C}
Adobe Shockwave Player 11.5-->"C:\WINDOWS\system32\Adobe\Shockwave 11\uninstaller.exe"
Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
Adobe Type Support CS4-->MsiExec.exe /I{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}
Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
Adobe XMP Panels CS3-->MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923}
AdobeColorCommonSetRGB-->MsiExec.exe /I{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}
Apple Application Support-->MsiExec.exe /I{3FA365DF-2D68-45ED-8F83-8C8A33E65143}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
ASIO4ALL-->C:\Programme\ASIO4ALL v2\uninstall.exe
Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver-->"C:\Programme\InstallShield Installation Information\{3108C217-BE83-42E4-AE9E-A56A2A92E549}\Setup.exe" -runfromtemp -l0x0007 -removeonly
AutocompletePro-->"C:\Programme\AutocompletePro\unins000.exe"
Avira AntiVir Personal - Free Antivirus-->C:\Programme\Avira\AntiVir Desktop\setup.exe /REMOVE
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
CCleaner-->"C:\Programme\CCleaner\uninst.exe"
CDBurnerXP-->"C:\Programme\CDBurnerXP\unins000.exe"
Collab-->C:\Programme\Image-Line\Collab\uninstall.exe
DAEMON Tools Toolbar-->C:\Programme\DAEMON Tools Toolbar\uninst.exe
DivX-Setup-->C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DivX\Setup\DivXSetup.exe /uninstall /bundleGroupId divx.com
EPU-6 Engine-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{56B83336-FBC1-4C46-8613-90A9E3B440D6}\setup.exe" -l0x7 
FL Studio 8-->C:\Programme\Image-Line\FL Studio 8\uninstall.exe
Foxit Reader-->D:\Programme\Foxit Software\Foxit Reader\Uninstall.exe
Google Earth-->MsiExec.exe /X{F7B0939E-58DF-11DF-B3A6-005056806466}
Google Toolbar for Internet Explorer-->"C:\Programme\Google\Google Toolbar\Component\GoogleToolbarManager_223E2B8E7BAD9544.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
IL Download Manager-->C:\Programme\Image-Line\Downloader\uninstall.exe
Impulse-->"C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{F8999601-BE77-433E-A70A-B7766E47AE73}\Impulse_setup.exe" REMOVE=TRUE MODIFY=FALSE
Impulse-->C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{F8999601-BE77-433E-A70A-B7766E47AE73}\Impulse_setup.exe
Java(TM) 6 Update 16-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216016FF}
JMB36X Raid Configurer-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}\setup.exe" -l0x7  -removeonly
Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}
KaloMa 4.81-->"C:\Programme\KaloMa\unins000.exe"
League of Legends-->"D:\Programme\League of Legends\unins000.exe"
Lexmark 2500 Series-->C:\Programme\Lexmark 2500 Series\Install\x86\Uninst.exe
Lexmark Symbolleiste-->regsvr32.exe /s /u "C:\Programme\Lexmark Toolbar\toolband.dll"
Malwarebytes' Anti-Malware-->"C:\Programme\Malwarebytes' Anti-Malware\unins000.exe"
McAfee Security Scan-->"C:\Programme\McAfee Security Scan\uninstall.exe"
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Search Enhancement Pack-->MsiExec.exe /I{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Mozilla Firefox (3.6.8)-->C:\Programme\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
MyDefrag v4.2.7-->"C:\Programme\MyDefrag v4.2.7\unins000.exe"
Novation V-Station VSTi v1.11-->C:\V-STAT~1\V-STAT~1\UNWISE.EXE C:\V-STAT~1\V-STAT~1\INSTALL.LOG
NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
NVIDIA PhysX-->MsiExec.exe /X{1C4551A6-4743-4093-91E4-1477CD655043}
OpenOffice.org 3.1-->MsiExec.exe /I{99E862CC-6F69-4D39-99AA-DBF71BF3B585}
PDF Settings CS4-->MsiExec.exe /I{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}
Performance Platform Voguecash-->C:\WINDOWS\system32\oerjgiksmfvq.exe
PoiZone-->C:\Programme\Image-Line\PoiZone\uninstall.exe
PunkBuster Services-->C:\WINDOWS\system32\pbsvc_heroes.exe -u
QuickTime-->MsiExec.exe /I{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -l0x7  -removeonly
reFX Nexus 1.0.9-->"D:\Nexus\unins000.exe"
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Shareaza-->"C:\Programme\Shareaza Applications\Shareaza\UninstallSurvey.exe" "C:\Programme\Shareaza Applications\Shareaza\UnwiseLauncher.exe" /A "C:\Programme\Shareaza Applications\Shareaza\INSTALL.LOG"
Sky-Banners browser enhancer-->"C:\Programme\$NtUninstallWTF1012$\elUninstall.exe"
Skype Toolbars-->MsiExec.exe /I{981029E0-7FC9-4CF3-AB39-6F133621921A}
Skype™ 4.2-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
Splitcam Toolbar-->C:\Programme\Splitcam Toolbar\UninstallToolbar.exe
SplitCam-->"C:\Programme\InstallShield Installation Information\{0C0670E5-2D51-42C6-ACFF-CBCB65B7DCDB}\setup.exe" -runfromtemp -l0x0009 -removeonly
Spybot - Search & Destroy-->"C:\Programme\Spybot - Search & Destroy\unins000.exe"
SpyHunter-->"C:\Programme\Enigma Software Group\SpyHunter\Uninstall.exe" "C:\Programme\Enigma Software Group\SpyHunter\install.log" -u
Street-Ads Browser Enhancer-->"C:\WINDOWS\$NtUninstallMTF1011$\apUninstall.exe"
Tablett-->C:\Programme\Tablet\Remove.exe /u
Toxic Biohazard-->C:\Programme\Image-Line\Toxic Biohazard\uninstall.exe
VC80CRTRedist - 8.0.50727.4053-->MsiExec.exe /I{5EE7D259-D137-4438-9A5F-42F432EC0421}
Viewpoint Manager (Remove Only)-->C:\Programme\Viewpoint\Viewpoint Manager\ViewMgrInstaller.exe /u /k
Viewpoint Media Player-->C:\Programme\Viewpoint\Viewpoint Media Player\MtsAxInstaller.exe /u
Virtual DJ - Atomix Productions-->D:\PROGRA~1\VIRTUA~1\UNWISE.EXE D:\PROGRA~1\VIRTUA~1\INSTALL.LOG
VLC media player 1.0.1-->C:\Programme\VideoLAN\VLC\uninstall.exe
VoiceOver Kit-->MsiExec.exe /I{6DE13770-01B7-4366-8DA6-48237793F445}
V-Station 1.5.1-->"C:\Programme\Uninstall Information\{842C6AFC-7856-4fd9-99AF-8900554ACAA2}\unins000.exe"
Vuze Toolbar-->"C:\Programme\AskBarDis\unins000.exe"
Vuze-->C:\Programme\Vuze\uninstall.exe
WebTablet IE Plugin-->"C:\Programme\TabletPlugins\ieUninstall.exe" /S
WebTablet Netscape Plugin-->"C:\Programme\TabletPlugins\npUninstall.exe" /S
Winamp-->"D:\Programme\Winamp\UninstWA.exe"
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
Windows Live Anmelde-Assistent-->MsiExec.exe /I{52B97218-98CB-4B8B-9283-D213C85E1AA4}
Windows Live Call-->MsiExec.exe /I{5FC68772-6D56-41C6-9DF1-24E868198AE6}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Essentials-->C:\Programme\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}
Windows Live Fotogalerie-->MsiExec.exe /X{2BA722D1-48D1-406E-9123-8AE5431D63EF}
Windows Live Mail-->MsiExec.exe /I{C4D738F7-996A-4C81-B8FA-C4E26D767E41}
Windows Live Messenger-->MsiExec.exe /X{41E654A9-26D0-4EAC-854B-0FA824FFFABB}
Windows Live Sync-->MsiExec.exe /X{76618402-179D-4699-A66B-D351C59436BC}
Windows Live Toolbar-->MsiExec.exe /X{70B7A167-0B88-445D-A3EA-97C73AA88CAC}
Windows Live Writer-->MsiExec.exe /X{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}
Windows Live-Uploadtool-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Windows Media Format Runtime-->"C:\Programme\Windows Media Player\wmsetsdk.exe" /UninstallAll
WinRAR-->C:\Programme\WinRAR\uninstall.exe

======Hosts File======

127.0.0.1	bottalk.us
127.0.0.1	threatexpert.com
127.0.0.1	novirusthanks.org
127.0.0.1	scanner.novirusthanks.org

======Security center information======

AV: AntiVir Desktop (outdated)

======System event log======

Computer Name: PETER-CEC2023E2
Event Code: 7036
Message: Dienst "Intelligenter Hintergrundübertragungsdienst" befindet sich jetzt im Status "Ausgeführt".

Record Number: 19945
Source Name: Service Control Manager
Time Written: 20100717175311.000000+120
Event Type: Informationen
User: 

Computer Name: PETER-CEC2023E2
Event Code: 7036
Message: Dienst "Telefonie" befindet sich jetzt im Status "Ausgeführt".

Record Number: 19944
Source Name: Service Control Manager
Time Written: 20100717175311.000000+120
Event Type: Informationen
User: 

Computer Name: PETER-CEC2023E2
Event Code: 7036
Message: Dienst "Kompatibilität für schnelle Benutzerumschaltung" befindet sich jetzt im Status "Ausgeführt".

Record Number: 19943
Source Name: Service Control Manager
Time Written: 20100717175311.000000+120
Event Type: Informationen
User: 

Computer Name: PETER-CEC2023E2
Event Code: 7035
Message: Der Steuerbefehl "starten" wurde erfolgreich an den Dienst "Intelligenter Hintergrundübertragungsdienst" gesendet.

Record Number: 19942
Source Name: Service Control Manager
Time Written: 20100717175311.000000+120
Event Type: Informationen
User: NT-AUTORITÄT\SYSTEM

Computer Name: PETER-CEC2023E2
Event Code: 7035
Message: Der Steuerbefehl "starten" wurde erfolgreich an den Dienst "Kompatibilität für schnelle Benutzerumschaltung" gesendet.

Record Number: 19941
Source Name: Service Control Manager
Time Written: 20100717175311.000000+120
Event Type: Informationen
User: NT-AUTORITÄT\SYSTEM

=====Application event log=====

Computer Name: PETER-CEC2023E2
Event Code: 4113
Message: AntiVir erkannte in der Datei
C:\WINDOWS\Nvujob.exe
verdächtigen Code mit der Bezeichnung 'TR/Fakealert.awo'!

Record Number: 13327
Source Name: Avira AntiVir
Time Written: 20100803183903.000000+120
Event Type: Warnung
User: NT-AUTORITÄT\SYSTEM

Computer Name: PETER-CEC2023E2
Event Code: 4113
Message: AntiVir erkannte in der Datei
C:\WINDOWS\Nvujoa.exe
verdächtigen Code mit der Bezeichnung 'TR/Dldr.Renos.LX.7'!

Record Number: 13326
Source Name: Avira AntiVir
Time Written: 20100803183903.000000+120
Event Type: Warnung
User: NT-AUTORITÄT\SYSTEM

Computer Name: PETER-CEC2023E2
Event Code: 4113
Message: AntiVir erkannte in der Datei
C:\WINDOWS\system32\npaihtmo.dll
verdächtigen Code mit der Bezeichnung 'TR/BHO.ahvo'!

Record Number: 13325
Source Name: Avira AntiVir
Time Written: 20100803183903.000000+120
Event Type: Warnung
User: NT-AUTORITÄT\SYSTEM

Computer Name: PETER-CEC2023E2
Event Code: 4113
Message: AntiVir erkannte in der Datei
C:\WINDOWS\system32\gnlyyofg.exe
verdächtigen Code mit der Bezeichnung 'TR/Agent.ked'!

Record Number: 13324
Source Name: Avira AntiVir
Time Written: 20100803183903.000000+120
Event Type: Warnung
User: NT-AUTORITÄT\SYSTEM

Computer Name: PETER-CEC2023E2
Event Code: 4113
Message: AntiVir erkannte in der Datei
C:\WINDOWS\Nvujob.exe
verdächtigen Code mit der Bezeichnung 'TR/Fakealert.awo'!

Record Number: 13323
Source Name: Avira AntiVir
Time Written: 20100803183903.000000+120
Event Type: Warnung
User: NT-AUTORITÄT\SYSTEM

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Programme\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 10, GenuineIntel
"PROCESSOR_REVISION"=170a
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Programme\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Programme\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------

--- --- ---

cosinus · 19.08.2010, 19:44

Zitat:

Dann mit Malwarebytes das System gescannt, er hat auch die entsprechenden Dateien gefunden,

Aber das Log von Malwarebytes fehlt leider! Bitte nachreichen, poste alle Logs, falls es mehrere von Malwarebytes gibt!

Antimalware Doctor und PC piept.....

Log-Analyse und Auswertung: Antimalware Doctor und PC piept.....

Antimalware Doctor und PC piept.....

Antimalware Doctor und PC piept.....

Ähnliche Themen: Antimalware Doctor und PC piept.....