Trojaner-Board - Desktop symbole verschwinden

Trojaner-Board (https://www.trojaner-board.de/)

- Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)

- - Desktop symbole verschwinden (https://www.trojaner-board.de/75740-desktop-symbole-verschwinden.html)

Desktop symbole verschwinden

Servus hab das problem das die desktop symbole hin und wieder einfach verschwinden ausserdem startet mein antivirus nicht also vermute ich das dieser durch einen virus geblockt wird.
Hier das Highjackthis logfile:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:47:38, on 25.07.2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18248)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program files\P4G\BatteryLife.exe
C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files\ATKOSD2\ATKOSD2.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Windows\ASScrPro.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\ICQ6.5\ICQ.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser.exe
C:\Program Files\kikin\KikinBroker.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = h**p://www.asus.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = h**p://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = h**p://www.asus.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = h**p://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = h**p://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = h**p://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll (file missing)
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: kikin Plugin - {E601996F-E400-41CA-804B-CD6373A7EEE2} - C:\Program Files\kikin\ie_kikin.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [HControlUser] C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ADSMTray] C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe
O4 - HKLM\..\Run: [ATKOSD2] "C:\Program Files\ATKOSD2\ATKOSD2.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\Windows\ASScrProlog.exe
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\ASScrPro.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ICQ Lite] "C:\Program Files\ICQLite\ICQLite.exe" -minimize
O4 - HKLM\..\Run: [PSUNMain] "C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe" /Traybar
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ6.5\ICQ.exe" silent
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -trayboot
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST')
O9 - Extra button: (no name) - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - C:\Program Files\kikin\ie_kikin.dll
O9 - Extra 'Tools' menuitem: My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - C:\Program Files\kikin\ie_kikin.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O13 - Gopher Prefix:
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NanoServiceMain - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe

--
End of file - 7713 bytes

DAnke schonmal für die hilfe die hoffentlich schnell folgt ;)

Hallo Zentrifugalbrummbal :)

>>

Zitat:

mein antivirus

Was hast Du? Norton?

>>
Schliesse alle Fenster und starte Hijack This
Klicke: Do a Systemscan only
Setze ein Häckchen in das Kästchen vor den genannten Einträgen bei: (falls diese noch vorhanden sind)

Code:

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file
 

O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
 

O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll (file missing)
 

O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)

und wähle fix checked.

Starte den Rechner neu.

>>
Bitte arbeite den Punkt 2 aus dem Link in meiner Signatur durch und poste die Logs von Malwarebytes und RSIT.

Gruss Swiss

Mein derzeitiger antivirus ist panda cloud

Malwarebytes' Anti-Malware 1.39
Datenbank Version: 2500
Windows 6.0.6001 Service Pack 1

26.07.2009 02:46:55
mbam-log-2009-07-26 (02-46-55).txt

Scan-Methode: Vollständiger Scan (C:\|D:\|)
Durchsuchte Objekte: 172285
Laufzeit: 34 minute(s), 30 second(s)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

Logfile of random's system information tool 1.06 (written by random/random)
Run by Katharina at 2009-07-26 13:32:33
Microsoft® Windows Vista™ Home Basic Service Pack 1
System drive C: has 29 GB (24%) free of 119 GB
Total RAM: 3062 MB (59% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:32:42, on 26.07.2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program files\P4G\BatteryLife.exe
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe
C:\Program Files\ATKOSD2\ATKOSD2.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Windows\ASScrPro.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\ICQ6.5\ICQ.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Users\Katharina\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\**.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = **//www.asus.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = **//go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = *//www.asus.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = h*//go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =**//go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = h**//go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - (no file)
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: kikin Plugin - {E601996F-E400-41CA-804B-CD6373A7EEE2} - C:\Program Files\kikin\ie_kikin.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [HControlUser] C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ADSMTray] C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe
O4 - HKLM\..\Run: [ATKOSD2] "C:\Program Files\ATKOSD2\ATKOSD2.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\Windows\ASScrProlog.exe
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\ASScrPro.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ICQ Lite] "C:\Program Files\ICQLite\ICQLite.exe" -minimize
O4 - HKLM\..\Run: [PSUNMain] "C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe" /Traybar
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ6.5\ICQ.exe" silent
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -trayboot
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST')
O9 - Extra button: (no name) - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - C:\Program Files\kikin\ie_kikin.dll
O9 - Extra 'Tools' menuitem: My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - C:\Program Files\kikin\ie_kikin.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O13 - Gopher Prefix:
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NanoServiceMain - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe

--
End of file - 7498 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Anmelde-Hilfsprogramm - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-07-09 259696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll [2009-07-13 669168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll [2009-07-09 470512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E601996F-E400-41CA-804B-CD6373A7EEE2}]
kikin Plugin - C:\Program Files\kikin\ie_kikin.dll [2009-06-09 429280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-07-09 259696]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"HControlUser"=C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe [2008-01-12 98304]
"ADSMTray"=C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe [2008-04-01 266240]
"ATKOSD2"=C:\Program Files\ATKOSD2\ATKOSD2.exe [2007-10-18 7737344]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-11-20 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2008-11-20 173592]
"Persistence"=C:\Windows\system32\igfxpers.exe [2008-11-20 150552]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2008-12-23 6707744]
"ASUS Camera ScreenSaver"=C:\Windows\ASScrProlog.exe [2009-03-21 37232]
"ASUS Screen Saver Protector"=C:\Windows\ASScrPro.exe [2009-03-21 33136]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-12-05 1029416]
"ICQ Lite"=C:\Program Files\ICQLite\ICQLite.exe [2006-07-11 3144800]
"PSUNMain"=C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe [2009-06-04 353536]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-21 1233920]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2008-06-09 2363392]
"ICQ"=C:\Program Files\ICQ6.5\ICQ.exe [2009-03-01 172792]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-07-09 39408]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"ICQ Lite"=C:\Program Files\ICQLite\ICQLite.exe [2006-07-11 3144800]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-12 39792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe [2008-07-19 104936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
C:\Program Files\ASUSTek\ASUSDVD\Language\Language.exe [2008-12-19 62760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\P2Go_Menu]
C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2008-06-14 210216]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe [2008-12-12 87336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-07-09 39408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WindowsWelcomeCenter]
oobefldr.dll,ShowWelcomeCenter []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FancyStart daemon.lnk]
C:\Windows\Installer\{DC905847-D537-427F-BF91-47CC7ACCDE58}\_DF3A81D17C478A2A6C60A5.exe [2009-03-21 12862]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2008-11-14 210432]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\ASUS\ASUS Data Security Manager\ASPWDFLT

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2009-07-26 13:32:33 ----D---- C:\rsit
2009-07-26 13:32:33 ----D---- \rsit
2009-07-25 19:15:16 ----D---- C:\Users\**\AppData\Roaming\Malwarebytes
2009-07-25 19:15:09 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-07-25 18:39:19 ----A---- C:\Windows\system32\iesetup.dll
2009-07-25 18:39:19 ----A---- C:\Windows\system32\iernonce.dll
2009-07-25 18:39:18 ----A---- C:\Windows\system32\wininet.dll
2009-07-25 18:39:18 ----A---- C:\Windows\system32\ieui.dll
2009-07-25 18:39:18 ----A---- C:\Windows\system32\iertutil.dll
2009-07-25 18:39:18 ----A---- C:\Windows\system32\ie4uinit.exe
2009-07-25 18:39:17 ----A---- C:\Windows\system32\urlmon.dll
2009-07-25 18:39:17 ----A---- C:\Windows\system32\jsproxy.dll
2009-07-25 18:39:17 ----A---- C:\Windows\system32\iedkcs32.dll
2009-07-25 18:39:15 ----A---- C:\Windows\system32\ieframe.dll
2009-07-25 18:39:14 ----A---- C:\Windows\system32\mshtml.dll
2009-07-25 18:36:54 ----A---- C:\Windows\system32\mshtmled.dll
2009-07-25 18:36:54 ----A---- C:\Windows\system32\icardie.dll
2009-07-25 18:36:53 ----A---- C:\Windows\system32\msls31.dll
2009-07-25 18:36:53 ----A---- C:\Windows\system32\mshtmler.dll
2009-07-25 18:36:53 ----A---- C:\Windows\system32\corpol.dll
2009-07-25 18:36:53 ----A---- C:\Windows\system32\admparse.dll
2009-07-25 18:36:52 ----A---- C:\Windows\system32\imgutil.dll
2009-07-25 18:36:52 ----A---- C:\Windows\system32\ieakeng.dll
2009-07-25 18:36:52 ----A---- C:\Windows\system32\dxtrans.dll
2009-07-25 18:36:52 ----A---- C:\Windows\system32\dxtmsft.dll
2009-07-25 18:36:51 ----A---- C:\Windows\system32\occache.dll
2009-07-25 18:36:51 ----A---- C:\Windows\system32\msfeedsbs.dll
2009-07-25 18:36:51 ----A---- C:\Windows\system32\licmgr10.dll
2009-07-25 18:36:51 ----A---- C:\Windows\system32\inseng.dll
2009-07-25 18:36:51 ----A---- C:\Windows\system32\iepeers.dll
2009-07-25 18:36:51 ----A---- C:\Windows\system32\ieaksie.dll
2009-07-25 18:36:50 ----A---- C:\Windows\system32\WinFXDocObj.exe
2009-07-25 18:36:50 ----A---- C:\Windows\system32\wextract.exe
2009-07-25 18:36:50 ----A---- C:\Windows\system32\webcheck.dll
2009-07-25 18:36:50 ----A---- C:\Windows\system32\msrating.dll
2009-07-25 18:36:50 ----A---- C:\Windows\system32\msfeedssync.exe
2009-07-25 18:36:50 ----A---- C:\Windows\system32\ieakui.dll
2009-07-25 18:36:49 ----A---- C:\Windows\system32\pngfilt.dll
2009-07-25 18:36:49 ----A---- C:\Windows\system32\mstime.dll
2009-07-25 18:36:49 ----A---- C:\Windows\system32\msfeeds.dll
2009-07-25 18:36:49 ----A---- C:\Windows\system32\advpack.dll
2009-07-25 18:36:48 ----A---- C:\Windows\system32\vbscript.dll
2009-07-25 18:36:48 ----A---- C:\Windows\system32\url.dll
2009-07-25 18:36:48 ----A---- C:\Windows\system32\jscript.dll
2009-07-25 18:36:48 ----A---- C:\Windows\system32\ieapfltr.dll
2009-07-25 18:36:46 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2009-07-25 18:36:46 ----A---- C:\Windows\system32\SetDepNx.exe
2009-07-25 18:36:46 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2009-07-25 18:36:46 ----A---- C:\Windows\system32\PDMSetup.exe
2009-07-25 18:36:46 ----A---- C:\Windows\system32\mshta.exe
2009-07-25 18:36:46 ----A---- C:\Windows\system32\iexpress.exe
2009-07-25 18:36:46 ----A---- C:\Windows\system32\ieUnatt.exe
2009-07-25 18:36:46 ----A---- C:\Windows\system32\iesysprep.dll
2009-07-25 18:36:31 ----D---- C:\Program Files\CCleaner
2009-07-25 11:47:10 ----D---- C:\Program Files\Trend Micro
2009-07-22 18:24:08 ----D---- C:\Program Files\PhotoScape
2009-07-22 14:15:27 ----D---- C:\Program Files\Panda Security
2009-07-21 21:38:46 ----D---- C:\Users\**\AppData\Roaming\ICQLite
2009-07-21 21:38:45 ----D---- C:\Program Files\ICQLite
2009-07-20 22:43:00 ----D----

C:\Users\**\AppData\Roaming\PeerNetworking
2009-07-19 20:57:09 ----D---- C:\Windows\pss
2009-07-15 22:52:40 ----D---- C:\Program Files\Messenger Plus! Live
2009-07-15 07:54:56 ----A---- C:\Windows\system32\t2embed.dll
2009-07-15 07:54:56 ----A---- C:\Windows\system32\fontsub.dll
2009-07-15 07:54:56 ----A---- C:\Windows\system32\dciman32.dll
2009-07-15 07:54:56 ----A---- C:\Windows\system32\atmfd.dll
2009-07-14 10:56:11 ----D---- C:\Users\K**\AppData\Roaming\dvdcss
2009-07-12 23:46:05 ----D---- C:\Users*\AppData\Roaming\vlc
2009-07-12 23:45:01 ----D---- C:\Program Files\VideoLAN
2009-07-12 23:43:53 ----D---- C:\Users\K**\AppData\Roaming\CyberLink
2009-07-11 21:00:09 ----A---- C:\Windows\ATKPF.ini
2009-07-10 09:38:32 ----SHD---- C:\System Volume Information
2009-07-10 09:38:32 ----SHD---- \System Volume Information
2009-07-09 22:11:25 ----D---- C:\Users\Katharina\AppData\Roaming\Google
2009-07-09 22:10:36 ----D---- C:\Program Files\Google
2009-07-09 22:10:23 ----D---- C:\Program Files\NOS
2009-07-09 20:45:02 ----D---- C:\Program Files\Microsoft
2009-07-09 20:44:47 ----D---- C:\Program Files\Windows Live SkyDrive
2009-07-09 20:44:30 ----D---- C:\Program Files\Windows Live
2009-07-09 20:44:17 ----D---- C:\Windows\PCHEALTH
2009-07-09 20:41:59 ----D---- C:\Program Files\Common Files\Windows Live
2009-07-09 20:16:30 ----D---- C:\Program Files\ClipGrab
2009-07-09 20:14:49 ----D---- C:\Users\K**\AppData\Roaming\Adobe
2009-07-09 20:04:44 ----A---- C:\Windows\system32\msshooks.dll
2009-07-09 20:04:43 ----A---- C:\Windows\system32\thawbrkr.dll
2009-07-09 20:04:43 ----A---- C:\Windows\system32\srchadmin.dll
2009-07-09 20:04:43 ----A---- C:\Windows\system32\SearchFilterHost.exe
2009-07-09 20:04:43 ----A---- C:\Windows\system32\propsys.dll
2009-07-09 20:04:43 ----A---- C:\Windows\system32\propdefs.dll
2009-07-09 20:04:43 ----A---- C:\Windows\system32\msstrc.dll
2009-07-09 20:04:43 ----A---- C:\Windows\system32\mssprxy.dll
2009-07-09 20:04:43 ----A---- C:\Windows\system32\mssitlb.dll
2009-07-09 20:04:43 ----A---- C:\Windows\system32\msshsq.dll
2009-07-09 20:04:43 ----A---- C:\Windows\system32\msscb.dll
2009-07-09 20:04:43 ----A---- C:\Windows\system32\korwbrkr.dll
2009-07-09 20:04:42 ----A---- C:\Windows\system32\xmlfilter.dll
2009-07-09 20:04:42 ----A---- C:\Windows\system32\wsepno.dll
2009-07-09 20:04:42 ----A---- C:\Windows\system32\tquery.dll
2009-07-09 20:04:42 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2009-07-09 20:04:42 ----A---- C:\Windows\system32\SearchIndexer.exe
2009-07-09 20:04:42 ----A---- C:\Windows\system32\rtffilt.dll
2009-07-09 20:04:42 ----A---- C:\Windows\system32\offfilt.dll
2009-07-09 20:04:42 ----A---- C:\Windows\system32\nlhtml.dll
2009-07-09 20:04:42 ----A---- C:\Windows\system32\msscntrs.dll
2009-07-09 20:04:42 ----A---- C:\Windows\system32\mimefilt.dll
2009-07-09 20:04:42 ----A---- C:\Windows\system32\chtbrkr.dll
2009-07-09 20:04:42 ----A---- C:\Windows\system32\chsbrkr.dll
2009-07-09 20:04:41 ----A---- C:\Windows\system32\mssvp.dll
2009-07-09 20:04:41 ----A---- C:\Windows\system32\mssrch.dll
2009-07-09 20:04:41 ----A---- C:\Windows\system32\mssphtb.dll
2009-07-09 20:04:41 ----A---- C:\Windows\system32\mssph.dll
2009-07-09 20:04:38 ----D---- C:\Users\K**a\AppData\Roaming\kikin
2009-07-09 20:04:38 ----D---- C:\Users\K**a\AppData\Roaming\Desktopicon
2009-07-09 20:04:38 ----D---- C:\Program Files\kikin
2009-07-09 20:04:37 ----D---- C:\Program Files\ICQ-Banner-Remover
2009-07-09 20:03:28 ----A---- C:\Windows\system32\tzres.dll
2009-07-09 19:42:32 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2009-07-09 19:42:32 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-07-09 19:42:32 ----A---- C:\Windows\system32\infocardapi.dll
2009-07-09 19:42:32 ----A---- C:\Windows\system32\icardres.dll
2009-07-09 19:42:32 ----A---- C:\Windows\system32\icardagt.exe
2009-07-09 19:42:31 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2009-07-09 19:42:29 ----A---- C:\Windows\system32\PresentationHost.exe
2009-07-09 19:38:31 ----A---- C:\Windows\system32\dfshim.dll
2009-07-09 19:38:30 ----A---- C:\Windows\system32\mscoree.dll
2009-07-09 19:38:29 ----A---- C:\Windows\system32\netfxperf.dll
2009-07-09 19:38:26 ----A---- C:\Windows\system32\mscorier.dll
2009-07-09 19:38:24 ----A---- C:\Windows\system32\mscories.dll
2009-07-09 19:36:06 ----A---- C:\Windows\system32\gdi32.dll
2009-07-09 19:36:02 ----A---- C:\Windows\system32\shell32.dll
2009-07-09 19:35:58 ----A---- C:\Windows\system32\winhttp.dll
2009-07-09 19:35:55 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2009-07-09 19:35:53 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2009-07-09 19:35:46 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2009-07-09 19:34:55 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2009-07-09 19:34:55 ----A---- C:\Windows\system32\gameux.dll
2009-07-09 19:34:55 ----A---- C:\Windows\system32\Apphlpdm.dll
2009-07-09 19:34:54 ----A---- C:\Windows\system32\lsasrv.dll
2009-07-09 19:34:53 ----A---- C:\Windows\system32\secur32.dll
2009-07-09 19:34:53 ----A---- C:\Windows\system32\kernel32.dll
2009-07-09 19:34:53 ----A---- C:\Windows\system32\apilogen.dll
2009-07-09 19:34:53 ----A---- C:\Windows\system32\amxread.dll
2009-07-09 19:34:52 ----A---- C:\Windows\system32\emdmgmt.dll
2009-07-09 19:34:52 ----A---- C:\Windows\system32\dataclen.dll
2009-07-09 19:34:52 ----A---- C:\Windows\system32\cdd.dll
2009-07-09 19:34:49 ----A---- C:\Windows\system32\rpcss.dll
2009-07-09 19:34:48 ----A---- C:\Windows\system32\sdohlp.dll
2009-07-09 19:34:48 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2009-07-09 19:34:48 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2009-07-09 19:34:48 ----A---- C:\Windows\system32\ntoskrnl.exe
2009-07-09 19:34:48 ----A---- C:\Windows\system32\ntkrnlpa.exe
2009-07-09 19:34:48 ----A---- C:\Windows\system32\iasrecst.dll
2009-07-09 19:34:48 ----A---- C:\Windows\system32\iasdatastore.dll
2009-07-09 19:34:47 ----A---- C:\Windows\system32\msxml3.dll
2009-07-09 19:34:47 ----A---- C:\Windows\system32\iashost.exe
2009-07-09 19:34:47 ----A---- C:\Windows\system32\iasads.dll
2009-07-09 19:34:45 ----A---- C:\Windows\system32\kd1394.dll
2009-07-09 19:34:44 ----A---- C:\Windows\system32\winresume.exe
2009-07-09 19:34:44 ----A---- C:\Windows\system32\winload.exe
2009-07-09 19:34:44 ----A---- C:\Windows\system32\srdelayed.exe
2009-07-09 19:34:44 ----A---- C:\Windows\system32\srcore.dll
2009-07-09 19:34:44 ----A---- C:\Windows\system32\srclient.dll
2009-07-09 19:34:44 ----A---- C:\Windows\system32\setbcdlocale.dll
2009-07-09 19:34:44 ----A---- C:\Windows\system32\rstrui.exe
2009-07-09 19:34:44 ----A---- C:\Windows\system32\kbd106n.dll
2009-07-09 19:34:44 ----A---- C:\Windows\system32\ci.dll
2009-07-09 19:34:39 ----A---- C:\Windows\explorer.exe
2009-07-09 19:34:38 ----A---- C:\Windows\system32\wmp.dll
2009-07-09 19:34:37 ----A---- C:\Windows\system32\spwmp.dll
2009-07-09 19:34:37 ----A---- C:\Windows\system32\dxmasf.dll
2009-07-09 19:34:36 ----A---- C:\Windows\system32\wmploc.DLL
2009-07-09 19:34:35 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2009-07-09 19:34:35 ----A---- C:\Windows\system32\WindowsCodecs.dll
2009-07-09 19:34:35 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2009-07-09 19:34:35 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2009-07-09 19:34:24 ----A---- C:\Windows\system32\pacerprf.dll
2009-07-09 19:34:23 ----A---- C:\Windows\system32\localspl.dll
2009-07-09 19:34:21 ----A---- C:\Windows\system32\schannel.dll
2009-07-09 19:34:18 ----A---- C:\Windows\system32\xolehlp.dll
2009-07-09 19:34:18 ----A---- C:\Windows\system32\netapi32.dll
2009-07-09 19:34:18 ----A---- C:\Windows\system32\msdtcprx.dll
2009-07-09 19:34:17 ----A---- C:\Windows\system32\win32spl.dll
2009-07-09 19:34:16 ----A---- C:\Windows\system32\es.dll
2009-07-09 19:34:14 ----A---- C:\Windows\system32\IPSECSVC.DLL
2009-07-09 19:34:13 ----A---- C:\Windows\system32\WMVCORE.DLL
2009-07-09 19:34:13 ----A---- C:\Windows\system32\WMNetMgr.dll
2009-07-09 19:34:13 ----A---- C:\Windows\system32\mf.dll
2009-07-09 19:34:12 ----A---- C:\Windows\system32\logagent.exe
2009-07-09 19:34:11 ----A---- C:\Windows\system32\wersvc.dll
2009-07-09 19:34:11 ----A---- C:\Windows\system32\Faultrep.dll
2009-07-09 19:34:08 ----A---- C:\Windows\system32\wmpeffects.dll
2009-07-09 19:33:41 ----A---- C:\Windows\system32\inetcomm.dll
2009-07-09 19:33:40 ----A---- C:\Windows\system32\wshext.dll
2009-07-09 19:33:40 ----A---- C:\Windows\system32\wscript.exe
2009-07-09 19:33:40 ----A---- C:\Windows\system32\scrrun.dll
2009-07-09 19:33:40 ----A---- C:\Windows\system32\scrobj.dll
2009-07-09 19:33:40 ----A---- C:\Windows\system32\cscript.exe
2009-07-09 19:32:15 ----A---- C:\Windows\system32\connect.dll
2009-07-09 19:31:57 ----A---- C:\Windows\system32\rpcrt4.dll
2009-07-09 19:11:44 ----A---- C:\Windows\system32\quartz.dll
2009-07-09 19:08:06 ----A---- C:\Windows\system32\msxml6.dll
2009-07-09 19:05:59 ----D---- C:\Users\*\AppData\Roaming\ICQ
2009-07-09 19:05:41 ----D---- C:\Program Files\ICQ6.5
2009-07-09 19:02:37 ----A---- C:\Windows\system32\wups2.dll
2009-07-09 19:02:37 ----A---- C:\Windows\system32\wucltux.dll
2009-07-09 19:02:37 ----A---- C:\Windows\system32\wuaueng.dll
2009-07-09 19:02:37 ----A---- C:\Windows\system32\wuauclt.exe
2009-07-09 19:02:28 ----A---- C:\Windows\system32\wups.dll
2009-07-09 19:02:28 ----A---- C:\Windows\system32\wudriver.dll
2009-07-09 19:02:28 ----A---- C:\Windows\system32\wuapi.dll
2009-07-09 19:02:21 ----A---- C:\Windows\system32\wuwebv.dll
2009-07-09 19:02:21 ----A---- C:\Windows\system32\wuapp.exe
2009-07-09 18:52:26 ----D---- C:\Users\K**\AppData\Roaming\Macromedia
2009-07-09 18:52:23 ----SHD---- C:\$RECYCLE.BIN
2009-07-09 18:52:23 ----SHD---- \$RECYCLE.BIN
2009-07-09 18:51:26 ----D---- C:\Users\K*\AppData\Roaming\Identities
2009-07-09 18:50:04 ----SD---- C:\Users\*\AppData\Roaming\Microsoft
2009-07-09 18:45:07 ----SHD---- C:\Documents and Settings
2009-07-09 18:45:07 ----SHD---- \Documents and Settings

======List of files/folders modified in the last 1 months======

2009-07-26 13:32:42 ----D---- C:\Windows\Prefetch
2009-07-26 13:32:35 ----D---- C:\Windows\Temp
2009-07-26 12:34:33 ----D---- C:\Windows\rescache
2009-07-26 12:25:33 ----D---- C:\Windows\system32\catroot
2009-07-26 12:25:30 ----D---- C:\Windows\winsxs
2009-07-26 12:24:01 ----A---- C:\Windows\system32\acovcnt.exe
2009-07-26 12:23:36 ----D---- C:\Windows\System32
2009-07-26 12:23:36 ----D---- C:\Windows\inf
2009-07-26 12:23:36 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-07-26 02:48:28 ----D---- C:\Windows\system32\migration
2009-07-26 02:48:27 ----D---- C:\Windows\system32\de-DE
2009-07-26 02:48:27 ----D---- C:\Program Files\Internet Explorer
2009-07-26 02:48:26 ----D---- C:\Windows\system32\en-US
2009-07-26 02:48:26 ----D---- C:\Windows\PolicyDefinitions
2009-07-25 19:15:11 ----D---- C:\Windows\system32\drivers
2009-07-25 19:15:09 ----RD---- C:\Program Files
2009-07-25 19:15:09 ----RD---- \Program Files
2009-07-25 19:15:09 ----HD---- C:\ProgramData
2009-07-25 19:15:09 ----HD---- \ProgramData
2009-07-25 19:06:49 ----D---- C:\Windows\Debug
2009-07-25 19:06:49 ----D---- C:\Windows
2009-07-25 19:06:49 ----D---- \Windows
2009-07-25 18:38:28 ----D---- C:\Windows\system32\catroot2
2009-07-23 19:51:42 ----D---- C:\Windows\system32\WDI
2009-07-22 14:15:48 ----SHD---- C:\Windows\Installer
2009-07-20 18:53:34 ----HD---- C:\ASUS.DAT
2009-07-20 18:53:34 ----HD---- \ASUS.DAT
2009-07-19 21:42:02 ----SD---- C:\Windows\Downloaded Program Files
2009-07-19 20:23:03 ----RSD---- C:\Windows\assembly
2009-07-18 18:47:48 ----RSD---- C:\Windows\Fonts
2009-07-18 14:04:05 ----HD---- C:\Windows\system32\GroupPolicy
2009-07-16 10:31:26 ----D---- C:\Program Files\Windows Mail
2009-07-16 00:50:21 ----D---- C:\Windows\system32\Tasks
2009-07-14 20:08:45 ----D---- C:\Windows\system32\nl-NL
2009-07-14 00:21:18 ----D---- C:\Windows\system32\it-IT
2009-07-13 22:47:40 ----D---- C:\Windows\system32\fr-FR
2009-07-12 18:18:08 ----D---- C:\Windows\Logs
2009-07-11 20:12:10 ----D---- C:\Windows\system32\LogFiles
2009-07-11 14:26:08 ----D---- C:\Windows\Microsoft.NET
2009-07-09 20:44:52 ----D---- C:\Program Files\Common Files\microsoft shared
2009-07-09 20:41:59 ----D---- C:\Program Files\Common Files
2009-07-09 20:27:51 ----D---- C:\Windows\AppPatch
2009-07-09 20:27:49 ----D---- C:\Program Files\Windows Media Player
2009-07-09 20:27:48 ----D---- C:\Windows\system32\wbem
2009-07-09 20:27:48 ----D---- C:\Windows\system32\manifeststore
2009-07-09 20:27:48 ----D---- C:\Windows\system32\Boot
2009-07-09 20:27:38 ----D---- C:\Windows\system32\XPSViewer
2009-07-09 19:06:59 ----HD---- C:\Program Files\InstallShield Installation Information
2009-07-09 19:02:50 ----D---- C:\Windows\SoftwareDistribution
2009-07-09 18:58:07 ----D---- C:\Windows\system32\NDF
2009-07-09 18:50:04 ----RD---- C:\Users
2009-07-09 18:50:04 ----RD---- \Users
2009-07-07 08:10:58 ----A---- C:\Windows\system32\mrt.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 PSINKNC;PSINKNC; C:\Windows\system32\DRIVERS\psinknc.sys [2009-06-01 114184]
R2 ASMMAP;ASMMAP; \??\C:\Program Files\ATKGFNEX\ASMMAP.sys [2007-07-24 13880]
R2 PSINAflt;PSINAflt; C:\Windows\system32\DRIVERS\PSINAflt.sys [2009-06-23 136200]
R2 PSINFile;PSINFile; C:\Windows\system32\DRIVERS\PSINFile.sys [2009-06-04 94216]
R2 PSINProc;PSINProc; C:\Windows\system32\DRIVERS\PSINProc.sys [2009-06-04 98312]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2008-06-25 47104]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-07-30 43008]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2008-04-06 908800]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-11-14 4560384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-12-23 2256976]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2007-01-24 5632]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2006-12-13 7680]
R3 RTL8023xp;Realtek 10/100 NIC Family NDIS x86 Driver; C:\Windows\system32\DRIVERS\Rtnicxp.sys [2007-07-12 50688]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2008-06-09 1748352]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-12-05 196400]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S3 BCM43XV;Broadcom Extensible 802.11-Netzwerkadaptertreiber; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-11-02 464384]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2006-11-02 1010560]
S3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2006-11-02 194048]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ADSMService;ADSM Service; C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe [2008-03-31 225280]
R2 ASLDRService;ASLDR Service; C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe [2007-10-03 94208]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-06-09 73728]
R2 NanoServiceMain;NanoServiceMain; C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe [2009-04-23 95488]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-05-14 272024]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-07-09 182768]
S3 Symantec Core LC;Symantec Core LC; C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe [2009-03-21 1245064]

-----------------EOF-----------------

info.txt logfile of random's system information tool 1.06 2009-07-26 13:32:46

======Uninstall list======

Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 8.1.2-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
ASUS Data Security Manager-->C:\Program Files\InstallShield Installation Information\{1C8521E5-5A7B-4A4E-A9CD-AD53116EAEE0}\SETUP.exe -runfromtemp -l0x0009 -removeonly
ASUS FancyStart-->MsiExec.exe /I{DC905847-D537-427F-BF91-47CC7ACCDE58}
ASUS LifeFrame3-->MsiExec.exe /I{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}
ASUS Live Update-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}\setup.exe" -l0x9
ASUS MultiFrame-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9D48531D-2135-49FC-BC29-ACCDA5396A76}\SETUP.EXE" -l0x9
ASUS Power4Gear Hybrid-->MsiExec.exe /I{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}
ASUS SmartLogon-->MsiExec.exe /I{64452561-169F-4A36-A2FF-B5E118EC65F5}
ASUS Splendid Video Enhancement Technology-->MsiExec.exe /I{0969AF05-4FF6-4C00-9406-43599238DE0D}
ASUS Virtual Camera-->MsiExec.exe /I{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}
Asus_Camera_ScreenSaver-->"C:\Windows\ASUS Camera ScreenSaver Uninstaller.exe"
ASUSDVD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
Atheros Client Installation Program-->C:\Program Files\InstallShield Installation Information\{28006915-2739-4EBE-B5E8-49B25D32EB33}\SETUP.exe -runfromtemp -l0x0009 -removeonly
ATK Generic Function Service-->C:\Program Files\InstallShield Installation Information\{D3D54F3E-C5C3-443D-978F-87A72E5616E8}\SETUP.exe -runfromtemp -l0x0009 -removeonly
ATK Hotkey-->MsiExec.exe /I{7C05592D-424B-46CB-B505-E0013E8E75C9}
ATKOSD2-->C:\Program Files\InstallShield Installation Information\{5C1DB4ED-E9B4-402D-BB14-D75D97D6C1A6}\SETUP.exe -runfromtemp -l0x0009 -removeonly
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
Cisco EAP-FAST Module-->MsiExec.exe /I{415B2719-AD3A-4944-B404-C472DB6085B3}
Cisco LEAP Module-->MsiExec.exe /I{83770D14-21B9-44B3-8689-F7B523F94560}
Cisco PEAP Module-->MsiExec.exe /I{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}
ClipGrab 2.0 Beta 2-->C:\Program Files\ClipGrab\uninst.exe
CyberLink LabelPrint-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" -uninstall
CyberLink Power2Go-->"C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall
CyberLink Power2Go-->"C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall
Express Gate-->MsiExec.exe /X{62CF8923-31DC-4285-A23C-17CE5AA6A679}
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_9DE96A29E721D90A.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
ICQ 5.1-->C:\Program Files\ICQLite\ICQLiteUninstall.EXE
ICQ 6.5 Build #1042 Banner Remover 1.2-->"C:\Program Files\ICQ-Banner-Remover\unins000.exe"
ICQ6.5-->"C:\Program Files\InstallShield Installation Information\{60DE4033-9503-48D1-A483-7846BD217CA9}\setup.exe" -runfromtemp -l0x0009 -removeonly
Intel(R) Graphics Media Accelerator Driver-->C:\Windows\system32\igxpun.exe -uninstall
Intel(R) TV Wizard-->C:\Windows\system32\TVWizudlg.exe -uninstall
kikin Plugin (Murb.com Edition) 1.11-->C:\Program Files\kikin\uninst.exe
LightScribe System Software 1.14.17.1-->MsiExec.exe /X{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}
LiveUpdate (Symantec Corporation)-->MsiExec.exe /x {E80F62FF-5D3C-4A19-8409-9721F2928206} /l*v "C:\ProgramData\LuUninstall.LiveUpdate"
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - deu\setup.exe
Microsoft .NET Framework 3.5 Language Pack SP1 - deu-->MsiExec.exe /I{052FDD78-A6EA-3187-8386-C82F4CA3A929}
Microsoft .NET Framework 3.5 SP1-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
Norton AntiVirus-->MsiExec.exe /X{77FFBA7E-0973-4F39-BBDB-AC2F537578D2}
Panda Cloud Antivirus-->"C:\Program Files\Panda Security\Panda Cloud Antivirus\Setup.exe" /X{93EAB20E-76E0-4206-9B40-52FE434E4464}
Panda Cloud Antivirus-->MsiExec.exe /X{93EAB20E-76E0-4206-9B40-52FE434E4464}
PhotoScape-->"C:\Program Files\PhotoScape\uninstall.exe"
Realtek 8139 and 8139C+ Ethernet Network Card Driver for Windows Vista-->C:\Program Files\InstallShield Installation Information\{AE46ABD3-D625-467F-B5A7-8D3FFF077F0D}\SETUP.exe -runfromtemp -l0x0009 -removeonly
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\SETUP.exe" -removeonly
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.55.03-->"C:\Program Files\InstallShield Installation Information\{59F6A514-9813-47A3-948C-8A155460CC2A}\SETUP.EXE" -runfromtemp -l0x0009 anything -removeonly
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
USB 2.0 1.3M UVC WebCam-->C:\Windows\Uninstsxga.bat
VLC media player 0.9.9-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Live Anmelde-Assistent-->MsiExec.exe /I{52B97218-98CB-4B8B-9283-D213C85E1AA4}
Windows Live Call-->MsiExec.exe /I{5FC68772-6D56-41C6-9DF1-24E868198AE6}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Essentials-->C:\Program Files\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{91E04CA7-0B13-4F8C-AA4D-2A573AC96D19}
Windows Live Messenger-->MsiExec.exe /X{837B6259-6FF5-4E66-87C1-A5A15ED36FF4}
Windows Live-Uploadtool-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
WinFlash-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DE10AB76-4756-4913-BE25-55D1C1051F9A}\setup.exe" -l0x9
Wireless Console 2-->C:\Program Files\InstallShield Installation Information\{83F73CB1-7705-49D1-9852-84D839CA2A45}\SETUP.exe -runfromtemp -l0x0009 -removeonly

======Security center information======

AS: Windows Defender

======System event log======

Computer Name: **
Event Code: 7036
Message: Dienst "Microsoft-Softwareschattenkopie-Anbieter" befindet sich jetzt im Status "Ausgeführt".
Record Number: 36094
Source Name: Service Control Manager
Time Written: 20090726111913.000000-000
Event Type: Informationen
User:

Computer Name: P**
Event Code: 7036
Message: Dienst "Volumeschattenkopie" befindet sich jetzt im Status "Beendet".
Record Number: 36095
Source Name: Service Control Manager
Time Written: 20090726112259.000000-000
Event Type: Informationen
User:

Computer Na*
Event Code: 7036
Message: Dienst "Microsoft-Softwareschattenkopie-Anbieter" befindet sich jetzt im Status "Beendet".
Record Number: 36096
Source Name: Service Control Manager
Time Written: 20090726112559.000000-000
Event Type: Informationen
User:

Computer Name: *
Event Code: 33
Message: Die älteste Schattenkopie von Volume "C:" wurde gelöscht, um den Datenträger-Speicherplatz für Schattenkopien auf Volume "C:" unterhalb des benutzerdfinierten Limits zu belassen.
Record Number: 36097
Source Name: volsnap
Time Written: 20090726112612.510512-000
Event Type: Informationen
User:

Computer Name: *
Event Code: 33
Message: Die älteste Schattenkopie von Volume "C:" wurde gelöscht, um den Datenträger-Speicherplatz für Schattenkopien auf Volume "C:" unterhalb des benutzerdfinierten Limits zu belassen.
Record Number: 36098
Source Name: volsnap
Time Written: 20090726112648.749712-000
Event Type: Informationen
User:

=====Application event log=====

Computer Name: P*
Event Code: 0
Message:
Record Number: 1463
Source Name: gusvc
Time Written: 20090726103002.000000-000
Event Type: Informationen
User:

Computer Name: *
Event Code: 8194
Message: Der Wiederherstellungspunkt wurde erfolgreich erstellt (Prozess = C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation; Beschreibung = Geplanter Prüfpunkt).
Record Number: 1464
Source Name: System Restore
Time Written: 20090726111959.000000-000
Event Type: Informationen
User:

Computer Name: *
Event Code: 8211
Message: Der geplante Wiederherstellungspunkt wurde erfolgreich erstellt.
Record Number: 1465
Source Name: System Restore
Time Written: 20090726111959.000000-000
Event Type: Informationen
User:

Computer Name: *
Event Code: 8224
Message: Der VSS-Dienst wird aufgrund eines Leerlaufzeitlimits heruntergefahren.
Record Number: 1466
Source Name: VSS
Time Written: 20090726112259.000000-000
Event Type: Informationen
User:

Computer Name:*
Event Code: 5
Message: Unsupported service control request (see data below)
Record Number: 1467
Source Name: LightScribeService
Time Written: 20090726113245.000000-000
Event Type: Informationen
User:

=====Security event log=====

Computer Name: P*
Event Code: 5038
Message: Die Codeintegrität hat festgestellt, dass der Abbildhash einer Datei nicht gültig ist. Die Datei wurde möglicherweise durch eine nicht autorisierte Änderung beschädigt. Dieses Problem kann auch auf einen potenziellen Fehler des Datenträgergeräts hinweisen.

Dateiname: \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys
Record Number: 3091
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090726113241.950512-000
Event Type: Überwachung gescheitert
User:

Computer Name: P*
Event Code: 5038
Message: Die Codeintegrität hat festgestellt, dass der Abbildhash einer Datei nicht gültig ist. Die Datei wurde möglicherweise durch eine nicht autorisierte Änderung beschädigt. Dieses Problem kann auch auf einen potenziellen Fehler des Datenträgergeräts hinweisen.

Dateiname: \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys
Record Number: 3092
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090726113242.012912-000
Event Type: Überwachung gescheitert
User:

Computer Name: *a
Event Code: 5038
Message: Die Codeintegrität hat festgestellt, dass der Abbildhash einer Datei nicht gültig ist. Die Datei wurde möglicherweise durch eine nicht autorisierte Änderung beschädigt. Dieses Problem kann auch auf einen potenziellen Fehler des Datenträgergeräts hinweisen.

Dateiname: \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys
Record Number: 3093
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090726113242.059712-000
Event Type: Überwachung gescheitert
User:

Computer Name: *
Event Code: 5038
Message: Die Codeintegrität hat festgestellt, dass der Abbildhash einer Datei nicht gültig ist. Die Datei wurde möglicherweise durch eine nicht autorisierte Änderung beschädigt. Dieses Problem kann auch auf einen potenziellen Fehler des Datenträgergeräts hinweisen.

Dateiname: \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys
Record Number: 3094
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090726113242.122112-000
Event Type: Überwachung gescheitert
User:

Computer Name: +
Event Code: 5038
Message: Die Codeintegrität hat festgestellt, dass der Abbildhash einer Datei nicht gültig ist. Die Datei wurde möglicherweise durch eine nicht autorisierte Änderung beschädigt. Dieses Problem kann auch auf einen potenziellen Fehler des Datenträgergeräts hinweisen.

Dateiname: \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys
Record Number: 3095
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090726113242.168912-000
Event Type: Überwachung gescheitert
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel
"PROCESSOR_REVISION"=0f0d
"NUMBER_OF_PROCESSORS"=2
"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat
"DFSTRACINGON"=FALSE
"configsetroot"=%SystemRoot%\ConfigSetRoot

-----------------EOF-----------------

Hast Du die entsprechenden Einträge mit HJT gefixt???

Installiere das aktuelle Servicepack 2 und gib Bericht ob die Probleme weg sind.

Gruss Swiss

Nein Probleme bestehen weiterhin ... den gesammten vorgang wiederholen? Oder weitere Empfehlungen? ...

Hast Du die entsprechenden Einträge mit HJT gefixt???

Beschreibe nochmals genau Dein Problem. Ist das an einem PC oder Laptop und bei netzbetrieb oder Akkubetrieb?

Säuberung mit Ccleaner durchgeführt?

Auch schon das System Defragmentiert?

Gruss Swiss

Die Probleme liegen an einem laptop vor, es ist egal ob netz oder akku betrieb. Die auffalenden probleme sind, dass die desktop symbole einfach mal verschwinde und man auch nichts auf dem desktop markieren kann ausserdem startet das av programm nicht das einzige was gestartet hat war antivir aber der hat nix gefunden ...
Ich gucke nochmal im hjt nach aber ich habe das alles gefixt ...

Edit : Habe gerade nochmal gefixt und ccleaner laufen lassen, die einträge sind nicht mehr im scan vorhanden aber panda startet immernochnicht

Also Avira und Panda zusammen geht nicht. Du musst Dich für eines entscheiden. Zwei Kapitäne auf einem Schiff bringt auch nichts.

Gruss Swiss

ich habe antivir ja wieder runtergeschmissen war nur en test aber wie gesagt die probleme sind trotzdem da

Hallo.

Das klingt vielleicht abwegig, aber ich habe heute genau das gleiche Problem an einem anderen Laptop feststellen können und habe es folgendermaßen 'gelöst'.

Start - Ausführen - msconfig - Dienste - Häckchen bei dem Dienst 'ASLDR' entfernen - rebooten.

Würde mich sehr freuen, wenn ich eine Rückmeldung kriege.