Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Vista 64 problem

Vista 64 problem


Log-Analyse und Auswertung: Vista 64 problem

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Alt 10.01.2010, 09:10   #1
Markaukie
 
Vista 64 problem - Standard

Vista 64 problem


Moin. Habe Seit längeren Probleme mit meinen Rechner.Die Tastatur spinnt groß und klein. Fenster werden immer neue geöffnet statt tabs zu nehmen.Auf dem Deskt verändern sich die symbole(sie werden Kleiner und die schrift darunter auch).Man kann mit der Maus nicht einen Ordner(programm) öffnen ohne das mehere Fenster (ordner) sich Öffnen. Und das Beste ist wenn ich Ad-Ware oder Spybot laufen lasse ist es weg.Bitte um Hilfe

Alt 10.01.2010, 14:43   #2
Markaukie
 
Vista 64 problem - Standard

Vista 64 problem


Code:
ATTFilter
Logfile of Trend Micro HijackThis v2.0.3 (BETA)
Scan saved at 13:44:54, on 10.01.2010
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18349)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files (x86)\Java\jre6\bin\jusched.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Skype\Toolbars\Shared\SkypeNames.exe
C:\Program Files (x86)\TrendMicro\HiJackThis\HiJackThis.exe
C:\Windows\SysWOW64\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix: 
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 6167 bytes
__________________
Alt 10.01.2010, 15:56   #3
Markaukie
 
Vista 64 problem - Standard

Vista 64 problem


Code:
ATTFilter
Gratuliere!: Es wurden keine Spione gefunden. (Status)
  


--- Spybot - Search & Destroy version: 1.6.2  (build: 20090126) ---

2009-01-26 blindman.exe (1.0.0.8)
2009-01-26 SDFiles.exe (1.6.1.7)
2009-01-26 SDMain.exe (1.0.0.6)
2009-01-26 SDShred.exe (1.0.2.5)
2009-01-26 SDUpdate.exe (1.6.0.12)
2009-01-26 SDWinSec.exe (1.0.0.12)
2009-01-26 SpybotSD.exe (1.6.2.46)
2009-01-26 TeaTimer.exe (1.6.4.26)
2010-01-09 unins000.exe (51.49.0.0)
2009-01-26 Update.exe (1.6.0.7)
2009-01-26 advcheck.dll (1.6.2.15)
2007-04-02 aports.dll (2.1.0.0)
2008-06-14 DelZip179.dll (1.79.11.1)
2009-01-26 SDHelper.dll (1.6.2.14)
2008-06-19 sqlite3.dll
2009-01-26 Tools.dll (2.1.6.10)
2009-01-16 UninsSrv.dll (1.0.0.0)
2009-10-08 Includes\Adware.sbi (*)
2010-01-05 Includes\AdwareC.sbi (*)
2009-01-22 Includes\Cookies.sbi (*)
2009-11-03 Includes\Dialer.sbi (*)
2010-01-05 Includes\DialerC.sbi (*)
2009-01-22 Includes\HeavyDuty.sbi (*)
2009-05-26 Includes\Hijackers.sbi (*)
2010-01-05 Includes\HijackersC.sbi (*)
2009-12-15 Includes\Keyloggers.sbi (*)
2010-01-05 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2009-12-30 Includes\Malware.sbi (*)
2010-01-05 Includes\MalwareC.sbi (*)
2009-03-25 Includes\PUPS.sbi (*)
2010-01-05 Includes\PUPSC.sbi (*)
2009-01-22 Includes\Revision.sbi (*)
2009-01-13 Includes\Security.sbi (*)
2010-01-05 Includes\SecurityC.sbi (*)
2008-06-03 Includes\Spybots.sbi (*)
2008-06-03 Includes\SpybotsC.sbi (*)
2009-11-03 Includes\Spyware.sbi (*)
2010-01-05 Includes\SpywareC.sbi (*)
2009-06-08 Includes\Tracks.uti
2009-12-08 Includes\Trojans.sbi (*)
2010-01-05 Includes\TrojansC.sbi (*)
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll
Code:
ATTFilter
Logfile created: 10.01.2010 15:57:55
Lavasoft Ad-Aware version: 8.1.3
User performing scan: XXX

*********************** Definitions database information ***********************
Lavasoft definition file: 149.128
Genotype definition file version: 2010/01/07 15:41:05

******************************** Scan results: *********************************
Scan profile name: Intelligenter Scan  (ID: smart)
Objects scanned: 69720
Objects detected: 0


Type              Detected
==========================
Processes.......:        0
Registry entries:        0
Hostfile entries:        0
Files...........:        0
Folders.........:        0
LSPs............:        0
Cookies.........:        0
Browser hijacks.:        0
MRU objects.....:        0



Scan and cleaning complete: Finished correctly after 374 seconds

*********************************** Settings ***********************************

Scan profile:
ID: smart, enabled:1, value: Intelligenter Scan
  ID: folderstoscan, enabled:1, value: 
  ID: useantivirus, enabled:1, value: true
  ID: sections, enabled:1
    ID: scancriticalareas, enabled:1, value: true
    ID: scanrunningapps, enabled:1, value: true
    ID: scanregistry, enabled:1, value: true
    ID: scanlsp, enabled:1, value: true
    ID: scanads, enabled:1, value: false
    ID: scanhostsfile, enabled:1, value: false
    ID: scanmru, enabled:1, value: false
    ID: scanbrowserhijacks, enabled:1, value: true
    ID: scantrackingcookies, enabled:1, value: true
      ID: closebrowsers, enabled:1, value: false
  ID: filescanningoptions, enabled:1
    ID: archives, enabled:1, value: false
    ID: onlyexecutables, enabled:1, value: true
    ID: skiplargerthan, enabled:1, value: 20480
    ID: scanrootkits, enabled:1, value: true
      ID: rootkitlevel, enabled:1, value: mild, domain: medium,mild,strict
    ID: usespywareheuristics, enabled:1, value: true

Scan global:
ID: global, enabled:1
  ID: addtocontextmenu, enabled:1, value: true
  ID: playsoundoninfection, enabled:1, value: false
    ID: soundfile, enabled:0, value: *to be filled in automatically*\alert.wav

Scheduled scan settings:
<Empty>

Update settings:
ID: updates, enabled:1
  ID: launchthreatworksafterscan, enabled:1, value: off, domain: normal,off,silently
  ID: deffiles, enabled:1, value: downloadandinstall, domain: dontcheck,downloadandinstall
  ID: licenseandinfo, enabled:1, value: downloadandinstall, domain: dontcheck,downloadandinstall
  ID: schedules, enabled:1, value: true
    ID: updatedaily1, enabled:1, value: Daily 1
      ID: time, enabled:1, value: Sat Jan 09 20:13:00 2010
      ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly
      ID: weekdays, enabled:1
        ID: monday, enabled:1, value: false
        ID: tuesday, enabled:1, value: false
        ID: wednesday, enabled:1, value: false
        ID: thursday, enabled:1, value: false
        ID: friday, enabled:1, value: false
        ID: saturday, enabled:1, value: false
        ID: sunday, enabled:1, value: false
      ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
      ID: scanprofile, enabled:1, value: 
      ID: auto_deal_with_infections, enabled:1, value: false
    ID: updatedaily2, enabled:1, value: Daily 2
      ID: time, enabled:1, value: Sat Jan 09 02:13:00 2010
      ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly
      ID: weekdays, enabled:1
        ID: monday, enabled:1, value: false
        ID: tuesday, enabled:1, value: false
        ID: wednesday, enabled:1, value: false
        ID: thursday, enabled:1, value: false
        ID: friday, enabled:1, value: false
        ID: saturday, enabled:1, value: false
        ID: sunday, enabled:1, value: false
      ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
      ID: scanprofile, enabled:1, value: 
      ID: auto_deal_with_infections, enabled:1, value: false
    ID: updatedaily3, enabled:1, value: Daily 3
      ID: time, enabled:1, value: Sat Jan 09 08:13:00 2010
      ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly
      ID: weekdays, enabled:1
        ID: monday, enabled:1, value: false
        ID: tuesday, enabled:1, value: false
        ID: wednesday, enabled:1, value: false
        ID: thursday, enabled:1, value: false
        ID: friday, enabled:1, value: false
        ID: saturday, enabled:1, value: false
        ID: sunday, enabled:1, value: false
      ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
      ID: scanprofile, enabled:1, value: 
      ID: auto_deal_with_infections, enabled:1, value: false
    ID: updatedaily4, enabled:1, value: Daily 4
      ID: time, enabled:1, value: Sat Jan 09 14:13:00 2010
      ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly
      ID: weekdays, enabled:1
        ID: monday, enabled:1, value: false
        ID: tuesday, enabled:1, value: false
        ID: wednesday, enabled:1, value: false
        ID: thursday, enabled:1, value: false
        ID: friday, enabled:1, value: false
        ID: saturday, enabled:1, value: false
        ID: sunday, enabled:1, value: false
      ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
      ID: scanprofile, enabled:1, value: 
      ID: auto_deal_with_infections, enabled:1, value: false
    ID: updateweekly1, enabled:1, value: Weekly
      ID: time, enabled:1, value: Sat Jan 09 20:13:00 2010
      ID: frequency, enabled:1, value: weekly, domain: daily,monthly,once,systemstart,weekly
      ID: weekdays, enabled:1
        ID: monday, enabled:1, value: false
        ID: tuesday, enabled:1, value: true
        ID: wednesday, enabled:1, value: false
        ID: thursday, enabled:1, value: false
        ID: friday, enabled:1, value: false
        ID: saturday, enabled:1, value: true
        ID: sunday, enabled:1, value: false
      ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
      ID: scanprofile, enabled:1, value: 
      ID: auto_deal_with_infections, enabled:1, value: false

Appearance settings:
ID: appearance, enabled:1
  ID: skin, enabled:1, value: default.egl, reglocation: HKEY_LOCAL_MACHINE\SOFTWARE\Lavasoft\Ad-Aware\Resource
  ID: showtrayicon, enabled:1, value: true
  ID: autoentertainmentmode, enabled:1, value: true
  ID: guimode, enabled:1, value: mode_simple, domain: mode_advanced,mode_simple
  ID: language, enabled:1, value: de, reglocation: HKEY_LOCAL_MACHINE\SOFTWARE\Lavasoft\Ad-Aware\Language

Realtime protection settings:
ID: realtime, enabled:1
  ID: modules, enabled:1
    ID: processprotection, enabled:1, value: true
    ID: registryprotection, enabled:1, value: true
    ID: networkprotection, enabled:1, value: true
  ID: layers, enabled:1
    ID: useantivirus, enabled:1, value: true
    ID: usespywareheuristics, enabled:1, value: true
  ID: infomessages, enabled:1, value: onlyimportant, domain: display,dontnotify,onlyimportant


****************************** System information ******************************
Computer name: ZUHAUSE
Processor name: AMD Athlon(tm) 64 X2 Dual Core Processor 6000+
Processor identifier: AMD64 Family 15 Model 67 Stepping 3
Processor speed: ~2984MHZ
Raw info: processorarchitecture 9, processortype 8664, processorlevel 15, processor revision 17155, number of processors 2, processor features: [MMX,SSE,SSE2,SSE3,3DNow]
Physical memory available: 814186496 bytes
Physical memory total: 2145996800 bytes
Virtual memory available: 1941487616 bytes
Virtual memory total: 2147352576 bytes
Memory load: 62%
Microsoft Windows Vista Home Premium Edition, 64-bit Service Pack 1 (build 6001)
Windows startup mode:

Running processes:
PID: 376 name: C:\Windows\System32\smss.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 448 name: C:\Windows\System32\csrss.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 480 name: C:\Windows\System32\wininit.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 500 name: C:\Windows\System32\csrss.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 532 name: C:\Windows\System32\services.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 544 name: C:\Windows\System32\lsass.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 552 name: C:\Windows\System32\lsm.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 596 name: C:\Windows\System32\winlogon.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 748 name: C:\Windows\System32\svchost.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 828 name: C:\Windows\System32\svchost.exe owner: NETZWERKDIENST domain: NT-AUTORITÄT
PID: 864 name: C:\Windows\System32\svchost.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 948 name: C:\Windows\System32\svchost.exe owner: LOKALER DIENST domain: NT-AUTORITÄT
PID: 976 name: C:\Windows\System32\svchost.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 996 name: C:\Windows\System32\svchost.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 412 name: C:\Windows\System32\SLsvc.exe owner: NETZWERKDIENST domain: NT-AUTORITÄT
PID: 924 name: C:\Windows\System32\svchost.exe owner: LOKALER DIENST domain: NT-AUTORITÄT
PID: 1096 name: C:\Windows\System32\svchost.exe owner: NETZWERKDIENST domain: NT-AUTORITÄT
PID: 1180 name: C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 1300 name: C:\Windows\System32\spoolsv.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 1328 name: C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 1340 name: C:\Windows\System32\svchost.exe owner: LOKALER DIENST domain: NT-AUTORITÄT
PID: 1628 name: C:\Windows\System32\taskeng.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 1708 name: C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 1884 name: C:\Windows\System32\svchost.exe owner: NETZWERKDIENST domain: NT-AUTORITÄT
PID: 1904 name: C:\Windows\System32\svchost.exe owner: LOKALER DIENST domain: NT-AUTORITÄT
PID: 1936 name: C:\Windows\System32\svchost.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 1976 name: C:\Windows\System32\SearchIndexer.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 1476 name: C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 2408 name: C:\Windows\System32\wbem\unsecapp.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 2432 name: C:\Windows\System32\wbem\WmiPrvSE.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 2884 name: C:\Windows\System32\taskeng.exe owner: XXX domain: Zuhause
PID: 2936 name: C:\Windows\System32\dwm.exe owner: XXX domain: Zuhause
PID: 2960 name: C:\Windows\explorer.exe owner: XXX domain: Zuhause
PID: 2548 name: C:\Program Files\Windows Defender\MSASCui.exe owner: XXX domain: Zuhause
PID: 2556 name: C:\Program Files\Windows Sidebar\sidebar.exe owner: XXX domain: Zuhause
PID: 1580 name: C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe owner: XXX domain: Zuhause
PID: 2724 name: C:\Program Files (x86)\Skype\Phone\Skype.exe owner: XXX domain: Zuhause
PID: 2520 name: C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe owner: XXX domain: Zuhause
PID: 908 name: C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe owner: XXX domain: Zuhause
PID: 308 name: C:\Program Files (x86)\Java\jre6\bin\jusched.exe owner: XXX domain: Zuhause
PID: 256 name: C:\Program Files\Windows Sidebar\sidebar.exe owner: XXX domain: Zuhause
PID: 3924 name: C:\Windows\System32\wuauclt.exe owner: XXX domain: Zuhause
PID: 2144 name: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe owner: XXX domain: Zuhause
PID: 2952 name: C:\Windows\servicing\TrustedInstaller.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 3488 name: C:\Program Files (x86)\Mozilla Firefox\firefox.exe owner: xxx domain: Zuhause
PID: 3520 name: C:\Program Files (x86)\Skype\Toolbars\Shared\SkypeNames.exe owner: xXX domain: Zuhause
PID: 3496 name: C:\Windows\System32\taskeng.exe owner: LOKALER DIENST domain: NT-AUTORITÄT
PID: 3908 name: C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-Aware.exe owner: XXX domain: Zuhause

Startup items:
Name: WebCheck
          imagepath: {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
Name: {8C7461EF-2B13-11d2-BE35-3078302C2030}
          imagepath: Component Categories cache daemon
Name: avgnt
          imagepath: "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
Name: Adobe Reader Speed Launcher
          imagepath: "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
Name: Adobe ARM
          imagepath: "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
Name: SunJavaUpdateSched
          imagepath: "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
Name: 
          imagepath: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini

Bootexecute items:
Name: 
          imagepath: autocheck autochk *
Name: 
          imagepath: lsdelete

Running services:
Name: AeLookupSvc
          displayname: Anwendungserfahrung
Name: AntiVirSchedulerService
          displayname: Avira AntiVir Planer
Name: AntiVirService
          displayname: Avira AntiVir Guard
Name: Appinfo
          displayname: Anwendungsinformationen
Name: AudioEndpointBuilder
          displayname: Windows-Audio-Endpunkterstellung
Name: AudioSrv
          displayname: Windows-Audio
Name: BFE
          displayname: Basisfiltermodul
Name: BITS
          displayname: Intelligenter Hintergrundübertragungsdienst
Name: Browser
          displayname: Computerbrowser
Name: CryptSvc
          displayname: Kryptografiedienste
Name: DcomLaunch
          displayname: DCOM-Server-Prozessstart
Name: Dhcp
          displayname: DHCP-Client
Name: Dnscache
          displayname: DNS-Client
Name: DPS
          displayname: Diagnoserichtliniendienst
Name: EMDMgmt
          displayname: ReadyBoost
Name: Eventlog
          displayname: Windows-Ereignisprotokoll
Name: EventSystem
          displayname: COM+-Ereignissystem
Name: fdPHost
          displayname: Funktionssuchanbieter-Host
Name: FDResPub
          displayname: Funktionssuche-Ressourcenveröffentlichung
Name: gpsvc
          displayname: Gruppenrichtlinienclient
Name: IKEEXT
          displayname: IKE- und AuthIP IPsec-Schlüsselerstellungsmodule
Name: iphlpsvc
          displayname: IP-Hilfsdienst
Name: KtmRm
          displayname: KtmRm für Distributed Transaction Coordinator
Name: LanmanServer
          displayname: Server
Name: LanmanWorkstation
          displayname: Arbeitsstationsdienst
Name: Lavasoft Ad-Aware Service
          displayname: Lavasoft Ad-Aware Service
Name: lmhosts
          displayname: TCP/IP-NetBIOS-Hilfsdienst
Name: MMCSS
          displayname: Multimediaklassenplaner
Name: MpsSvc
          displayname: Windows-Firewall
Name: Netman
          displayname: Netzwerkverbindungen
Name: netprofm
          displayname: Netzwerklistendienst
Name: NlaSvc
          displayname: NLA (Network Location Awareness)
Name: nsi
          displayname: Netzwerkspeicher-Schnittstellendienst
Name: PcaSvc
          displayname: Programmkompatibilitäts-Assistent-Dienst
Name: PlugPlay
          displayname: Plug & Play
Name: PolicyAgent
          displayname: IPsec-Richtlinien-Agent
Name: ProfSvc
          displayname: Benutzerprofildienst
Name: ProtectedStorage
          displayname: Geschützter Speicher
Name: RasMan
          displayname: RAS-Verbindungsverwaltung
Name: RpcSs
          displayname: Remoteprozeduraufruf (RPC)
Name: SamSs
          displayname: Sicherheitskonto-Manager
Name: SBSDWSCService
          displayname: SBSD Security Center Service
Name: Schedule
          displayname: Aufgabenplanung
Name: seclogon
          displayname: Sekundäre Anmeldung
Name: SENS
          displayname: Benachrichtigungsdienst für Systemereignisse
Name: ShellHWDetection
          displayname: Shellhardwareerkennung
Name: slsvc
          displayname: Softwarelizenzierung
Name: SLUINotify
          displayname: SL-Benutzerschnittstellen-Benachrichtigungsdienst
Name: Spooler
          displayname: Druckwarteschlange
Name: SSDPSRV
          displayname: SSDP-Suche
Name: SstpSvc
          displayname: SSTP-Dienst
Name: stisvc
          displayname: Windows-Bilderfassung
Name: SysMain
          displayname: Superfetch
Name: TabletInputService
          displayname: Tablet PC-Eingabedienst
Name: TapiSrv
          displayname: Telefonie
Name: TermService
          displayname: Terminaldienste
Name: Themes
          displayname: Designs
Name: TrkWks
          displayname: Überwachung verteilter Verknüpfungen (Client)
Name: TrustedInstaller
          displayname: Windows Modules Installer
Name: upnphost
          displayname: UPnP-Gerätehost
Name: UxSms
          displayname: Sitzungs-Manager für Desktopfenster-Manager
Name: W32Time
          displayname: Windows-Zeitgeber
Name: WdiSystemHost
          displayname: Diagnosesystemhost
Name: WebClient
          displayname: WebClient
Name: WerSvc
          displayname: Windows-Fehlerberichterstattungsdienst
Name: WinDefend
          displayname: Windows-Defender
Name: Winmgmt
          displayname: Windows-Verwaltungsinstrumentation
Name: WPDBusEnum
          displayname: Enumeratordienst für tragbare Geräte
Name: wscsvc
          displayname: Sicherheitscenter
Name: WSearch
          displayname: Windows Search
Name: wuauserv
          displayname: Windows Update
Code:
ATTFilter
Malwarebytes' Anti-Malware 1.44
Datenbank Version: 3533
Windows 6.0.6001 Service Pack 1
Internet Explorer 7.0.6001.18000

10.01.2010 16:13:55
mbam-log-2010-01-10 (16-13-55).txt

Scan-Methode: Vollständiger Scan (C:\|D:\|)
Durchsuchte Objekte: 502614
Laufzeit: 1 hour(s), 39 minute(s), 32 second(s)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
Code:
ATTFilter
Logfile of random's system information tool 1.06 (written by random/random)
Run by XXX at 2010-01-10 16:15:47
Microsoft® Windows Vista™ Home Premium  Service Pack 1
System drive C: has 346 GB (73%) free of 477 GB
Total RAM: 2047 MB (34% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:15:56, on 10.01.2010
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18349)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Java\jre6\bin\jusched.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Skype\Toolbars\Shared\SkypeNames.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Users\XXX\Downloads\RSIT.exe
C:\Program Files (x86)\trend micro\XXX.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST')
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix: 
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 6364 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Ad-Aware Update (Daily 1).job
C:\Windows\tasks\Ad-Aware Update (Daily 2).job
C:\Windows\tasks\Ad-Aware Update (Daily 3).job
C:\Windows\tasks\Ad-Aware Update (Daily 4).job
C:\Windows\tasks\Ad-Aware Update (Weekly).job
C:\Windows\tasks\User_Feed_Synchronization-{DCA1610F-A164-4C62-B4C2-220934965CDE}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
"SunJavaUpdateSched"=C:\Program Files (x86)\Java\jre6\bin\jusched.exe [2009-10-11 149280]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-21 1555968]
"SpybotSD TeaTimer"=C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2009-01-26 2144088]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2009-10-09 25623336]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=
"NoActiveDesktopChanges"=
"ForceActiveDesktopOn"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 1 months======

2010-01-10 10:57:15 ----D---- C:\Program Files (x86)\CCleaner
2010-01-10 10:38:51 ----D---- C:\Program Files (x86)\trend micro
2010-01-10 10:38:47 ----D---- C:\rsit
2010-01-10 10:35:39 ----D---- C:\Users\XXX\AppData\Roaming\Malwarebytes
2010-01-10 10:35:16 ----D---- C:\ProgramData\Malwarebytes
2010-01-10 10:35:14 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2010-01-10 10:05:17 ----A---- C:\Windows\system32\jscript.dll
2010-01-10 10:05:15 ----A---- C:\Windows\explorer.exe
2010-01-10 10:05:14 ----A---- C:\Windows\system32\explorer.exe
2010-01-10 10:05:11 ----A---- C:\Windows\system32\WMVCORE.DLL
2010-01-10 10:05:10 ----A---- C:\Windows\system32\mf.dll
2010-01-10 10:05:05 ----A---- C:\Windows\system32\wdigest.dll
2010-01-10 10:05:05 ----A---- C:\Windows\system32\secur32.dll
2010-01-10 10:05:05 ----A---- C:\Windows\system32\msv1_0.dll
2010-01-10 10:05:02 ----A---- C:\Windows\system32\atl.dll
2010-01-10 10:04:58 ----A---- C:\Windows\system32\t2embed.dll
2010-01-10 10:04:58 ----A---- C:\Windows\system32\fontsub.dll
2010-01-10 10:04:58 ----A---- C:\Windows\system32\dciman32.dll
2010-01-10 10:04:58 ----A---- C:\Windows\system32\atmfd.dll
2010-01-10 10:04:50 ----A---- C:\Windows\system32\netiohlp.dll
2010-01-10 10:04:49 ----A---- C:\Windows\system32\TCPSVCS.EXE
2010-01-10 10:04:49 ----A---- C:\Windows\system32\ROUTE.EXE
2010-01-10 10:04:49 ----A---- C:\Windows\system32\NETSTAT.EXE
2010-01-10 10:04:49 ----A---- C:\Windows\system32\MRINFO.EXE
2010-01-10 10:04:49 ----A---- C:\Windows\system32\HOSTNAME.EXE
2010-01-10 10:04:49 ----A---- C:\Windows\system32\finger.exe
2010-01-10 10:04:49 ----A---- C:\Windows\system32\ARP.EXE
2010-01-10 10:04:48 ----A---- C:\Windows\system32\netevent.dll
2010-01-10 10:04:08 ----A---- C:\Windows\system32\WMNetMgr.dll
2010-01-10 10:04:08 ----A---- C:\Windows\system32\logagent.exe
2010-01-10 10:03:54 ----A---- C:\Windows\system32\dataclen.dll
2010-01-10 10:03:52 ----A---- C:\Windows\system32\msasn1.dll
2010-01-10 10:03:43 ----A---- C:\Windows\system32\msdtcprx.dll
2010-01-10 10:03:42 ----A---- C:\Windows\system32\xolehlp.dll
2010-01-10 10:03:37 ----A---- C:\Windows\system32\avifil32.dll
2010-01-10 10:03:25 ----A---- C:\Windows\system32\wmpdxm.dll
2010-01-10 10:03:13 ----A---- C:\Windows\system32\shell32.dll
2010-01-10 10:03:01 ----A---- C:\Windows\system32\Faultrep.dll
2010-01-10 09:50:38 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2010-01-10 09:50:37 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2010-01-10 09:50:37 ----A---- C:\Windows\system32\WindowsCodecs.dll
2010-01-10 09:50:31 ----A---- C:\Windows\system32\wlansec.dll
2010-01-10 09:50:31 ----A---- C:\Windows\system32\wlanmsm.dll
2010-01-10 09:50:31 ----A---- C:\Windows\system32\L2SecHC.dll
2010-01-10 08:04:20 ----D---- C:\Program Files (x86)\TrendMicro
2010-01-09 21:14:07 ----D---- C:\ProgramData\Google
2010-01-09 20:31:21 ----A---- C:\Windows\system32\javaws.exe
2010-01-09 20:31:21 ----A---- C:\Windows\system32\javaw.exe
2010-01-09 20:31:21 ----A---- C:\Windows\system32\java.exe
2010-01-09 20:09:01 ----HDC---- C:\ProgramData\{BC9FCCF7-E686-494B-8C9B-55C9A39A7CA9}
2010-01-09 20:09:01 ----D---- C:\Program Files (x86)\Google
2010-01-09 20:08:49 ----D---- C:\ProgramData\Lavasoft
2010-01-09 20:08:49 ----D---- C:\Program Files (x86)\Lavasoft
2010-01-09 19:54:56 ----D---- C:\Program Files (x86)\JRE
2010-01-09 19:54:18 ----D---- C:\Program Files (x86)\OpenOffice.org 3
2010-01-09 19:53:20 ----A---- C:\Windows\system32\deploytk.dll
2010-01-09 19:52:48 ----D---- C:\Program Files (x86)\Java
2010-01-09 19:45:59 ----D---- C:\Users\XXXX\AppData\Roaming\WinRAR
2010-01-09 19:33:40 ----D---- C:\Windows\system32\MAGIX
2010-01-09 19:33:40 ----A---- C:\Windows\system32\mgxoschk.dll
2010-01-09 19:33:40 ----A---- C:\Windows\mgxoschk.ini
2010-01-09 19:27:05 ----D---- C:\Users\XXX\AppData\Roaming\Skype
2010-01-09 19:26:45 ----D---- C:\Program Files (x86)\Common Files\Skype
2010-01-09 19:26:44 ----RD---- C:\Program Files (x86)\Skype
2010-01-09 19:26:39 ----D---- C:\ProgramData\Skype
2010-01-09 19:22:39 ----D---- C:\ProgramData\Spybot - Search & Destroy
2010-01-09 19:22:39 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy
2010-01-09 19:20:24 ----D---- C:\Program Files (x86)\Lavalys
2010-01-09 19:18:29 ----D---- C:\ProgramData\Adobe
2010-01-09 19:18:07 ----D---- C:\Program Files (x86)\Common Files\Adobe
2010-01-09 19:18:06 ----D---- C:\Program Files (x86)\Adobe
2010-01-09 19:06:55 ----D---- C:\Program Files (x86)\Nvidia Omega Drivers
2010-01-09 19:06:55 ----A---- C:\Windows\Nvidia Omega Drivers v1.169.25 Uninstall.exe
2010-01-09 16:27:13 ----D---- C:\Users\XXX\AppData\Roaming\FreshDiagnose
2010-01-09 16:26:58 ----D---- C:\Program Files (x86)\FreshDevices
2010-01-09 16:19:43 ----D---- C:\Program Files (x86)\SystemRequirementsLab
2010-01-09 16:16:46 ----D---- C:\Users\XXX\AppData\Roaming\Macromedia
2010-01-09 16:16:46 ----D---- C:\Users\XXX\AppData\Roaming\Adobe
2010-01-09 16:15:39 ----D---- C:\Windows\system32\Macromed
2010-01-09 14:56:40 ----A---- C:\Windows\system32\tzres.dll
2010-01-09 14:53:07 ----A---- C:\Windows\system32\msshooks.dll
2010-01-09 14:53:07 ----A---- C:\Windows\system32\msscb.dll
2010-01-09 14:53:07 ----A---- C:\Windows\system32\mimefilt.dll
2010-01-09 14:53:05 ----A---- C:\Windows\system32\thawbrkr.dll
2010-01-09 14:53:05 ----A---- C:\Windows\system32\SearchFilterHost.exe
2010-01-09 14:53:05 ----A---- C:\Windows\system32\propsys.dll
2010-01-09 14:53:05 ----A---- C:\Windows\system32\propdefs.dll
2010-01-09 14:53:05 ----A---- C:\Windows\system32\msstrc.dll
2010-01-09 14:53:05 ----A---- C:\Windows\system32\mssprxy.dll
2010-01-09 14:53:05 ----A---- C:\Windows\system32\mssitlb.dll
2010-01-09 14:53:05 ----A---- C:\Windows\system32\msshsq.dll
2010-01-09 14:53:05 ----A---- C:\Windows\system32\chsbrkr.dll
2010-01-09 14:53:04 ----A---- C:\Windows\system32\offfilt.dll
2010-01-09 14:53:04 ----A---- C:\Windows\system32\korwbrkr.dll
2010-01-09 14:53:03 ----A---- C:\Windows\system32\xmlfilter.dll
2010-01-09 14:53:03 ----A---- C:\Windows\system32\tquery.dll
2010-01-09 14:53:03 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2010-01-09 14:53:03 ----A---- C:\Windows\system32\SearchIndexer.exe
2010-01-09 14:53:03 ----A---- C:\Windows\system32\rtffilt.dll
2010-01-09 14:53:03 ----A---- C:\Windows\system32\nlhtml.dll
2010-01-09 14:53:03 ----A---- C:\Windows\system32\mssvp.dll
2010-01-09 14:53:03 ----A---- C:\Windows\system32\mssrch.dll
2010-01-09 14:53:03 ----A---- C:\Windows\system32\mssphtb.dll
2010-01-09 14:53:03 ----A---- C:\Windows\system32\mssph.dll
2010-01-09 14:53:03 ----A---- C:\Windows\system32\msscntrs.dll
2010-01-09 14:53:03 ----A---- C:\Windows\system32\chtbrkr.dll
2010-01-09 14:43:53 ----A---- C:\Windows\system32\nshhttp.dll
2010-01-09 14:43:51 ----D---- C:\ProgramData\Avira
2010-01-09 14:43:51 ----A---- C:\Windows\system32\httpapi.dll
2010-01-09 14:43:50 ----D---- C:\Program Files (x86)\Avira
2010-01-09 14:42:59 ----SHD---- C:\Windows\Installer
2010-01-09 14:42:43 ----A---- C:\Windows\system32\mshtml.dll
2010-01-09 14:42:42 ----A---- C:\Windows\system32\wininet.dll
2010-01-09 14:42:42 ----A---- C:\Windows\system32\occache.dll
2010-01-09 14:42:41 ----A---- C:\Windows\system32\urlmon.dll
2010-01-09 14:42:41 ----A---- C:\Windows\system32\ieframe.dll
2010-01-09 14:42:40 ----A---- C:\Windows\system32\msfeeds.dll
2010-01-09 14:42:40 ----A---- C:\Windows\system32\iertutil.dll
2010-01-09 14:42:40 ----A---- C:\Windows\system32\iedkcs32.dll
2010-01-09 14:42:40 ----A---- C:\Windows\system32\ieapfltr.dll
2010-01-09 14:42:39 ----A---- C:\Windows\system32\mstime.dll
2010-01-09 14:42:39 ----A---- C:\Windows\system32\ieUnatt.exe
2010-01-09 14:42:39 ----A---- C:\Windows\system32\ieaksie.dll
2010-01-09 14:42:38 ----A---- C:\Windows\system32\jsproxy.dll
2010-01-09 14:42:38 ----A---- C:\Windows\system32\ieencode.dll
2010-01-09 14:40:07 ----A---- C:\Windows\system32\wmp.dll
2010-01-09 14:40:06 ----A---- C:\Windows\system32\unregmp2.exe
2010-01-09 14:40:05 ----A---- C:\Windows\system32\spwmp.dll
2010-01-09 14:40:05 ----A---- C:\Windows\system32\dxmasf.dll
2010-01-09 14:40:04 ----A---- C:\Windows\system32\wmploc.DLL
2010-01-09 14:39:22 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2010-01-09 14:39:22 ----A---- C:\Windows\system32\gameux.dll
2010-01-09 14:39:22 ----A---- C:\Windows\system32\Apphlpdm.dll
2010-01-09 14:37:42 ----A---- C:\Windows\system32\rpcrt4.dll
2010-01-09 14:37:25 ----A---- C:\Windows\system32\msxml3.dll
2010-01-09 14:37:07 ----A---- C:\Windows\system32\WSDApi.dll
2010-01-09 14:37:07 ----A---- C:\Windows\system32\localspl.dll
2010-01-09 14:37:06 ----A---- C:\Windows\system32\connect.dll
2010-01-09 14:35:12 ----D---- C:\Users\XXXX\AppData\Roaming\Mozilla
2010-01-09 14:35:09 ----D---- C:\Program Files (x86)\Mozilla Firefox
2010-01-09 14:32:54 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2010-01-09 14:32:53 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2010-01-09 14:32:38 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2010-01-09 14:29:06 ----A---- C:\Windows\system32\srclient.dll
2010-01-09 14:29:06 ----A---- C:\Windows\system32\kbd106n.dll
2010-01-09 14:28:47 ----A---- C:\Windows\system32\winipsec.dll
2010-01-09 14:28:47 ----A---- C:\Windows\system32\polstore.dll
2010-01-09 14:28:47 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2010-01-09 14:28:45 ----A---- C:\Windows\system32\inetcomm.dll
2010-01-09 14:28:43 ----A---- C:\Windows\system32\es.dll
2010-01-09 14:28:42 ----A---- C:\Windows\system32\quartz.dll
2010-01-09 14:28:39 ----A---- C:\Windows\system32\wshqos.dll
2010-01-09 14:28:39 ----A---- C:\Windows\system32\traffic.dll
2010-01-09 14:28:39 ----A---- C:\Windows\system32\pacerprf.dll
2010-01-09 14:28:37 ----A---- C:\Windows\system32\wshext.dll
2010-01-09 14:28:37 ----A---- C:\Windows\system32\wscript.exe
2010-01-09 14:28:37 ----A---- C:\Windows\system32\vbscript.dll
2010-01-09 14:28:37 ----A---- C:\Windows\system32\cscript.exe
2010-01-09 14:28:36 ----A---- C:\Windows\system32\scrrun.dll
2010-01-09 14:28:36 ----A---- C:\Windows\system32\scrobj.dll
2010-01-09 14:28:35 ----A---- C:\Windows\system32\wshrm.dll
2010-01-09 14:28:33 ----A---- C:\Windows\system32\wmpeffects.dll
2010-01-09 14:25:50 ----A---- C:\Windows\system32\netapi32.dll
2010-01-09 14:22:52 ----HD---- C:\ProgramData\CanonBJ
2010-01-09 14:10:46 ----D---- C:\Users\XXX\AppData\Roaming\Identities
2010-01-09 14:10:37 ----SD---- C:\Users\XXXX\AppData\Roaming\Microsoft
2010-01-09 14:10:37 ----D---- C:\Users\XXXX\AppData\Roaming\Media Center Programs
2010-01-09 14:08:57 ----A---- C:\Windows\system32\wudriver.dll
2010-01-09 14:08:57 ----A---- C:\Windows\system32\wuapi.dll
2010-01-09 14:08:56 ----A---- C:\Windows\system32\wups.dll
2010-01-09 14:08:20 ----A---- C:\Windows\system32\wuwebv.dll
2010-01-09 14:08:20 ----A---- C:\Windows\system32\wuapp.exe
2010-01-09 14:07:14 ----SHD---- C:\ProgramData\Vorlagen
2010-01-09 14:07:14 ----SHD---- C:\ProgramData\Startmenü
2010-01-09 14:07:14 ----SHD---- C:\ProgramData\Favoriten
2010-01-09 14:07:14 ----SHD---- C:\ProgramData\Dokumente
2010-01-09 14:07:14 ----SHD---- C:\ProgramData\Anwendungsdaten
2010-01-09 14:06:56 ----D---- C:\Windows\Debug
2010-01-09 13:59:58 ----D---- C:\Windows\SoftwareDistribution
2010-01-09 13:52:11 ----D---- C:\Windows\Prefetch
2010-01-09 13:51:05 ----D---- C:\Windows\Panther
2010-01-09 13:41:34 ----D---- C:\Windows.old
2010-01-04 09:10:09 ----D---- C:\BigFishGamesCache

======List of files/folders modified in the last 1 months======

2010-01-10 16:15:54 ----D---- C:\Windows\Temp
2010-01-10 15:57:49 ----D---- C:\Windows\Tasks
2010-01-10 14:28:23 ----D---- C:\Windows\Microsoft.NET
2010-01-10 14:28:22 ----RSD---- C:\Windows\assembly
2010-01-10 14:26:18 ----D---- C:\Windows\rescache
2010-01-10 14:23:39 ----D---- C:\Windows\winsxs
2010-01-10 14:23:24 ----D---- C:\Windows
2010-01-10 14:23:06 ----D---- C:\Windows\System32
2010-01-10 14:23:05 ----D---- C:\Windows\inf
2010-01-10 14:16:05 ----SHD---- C:\System Volume Information
2010-01-10 13:37:33 ----D---- C:\Windows\SysWOW64
2010-01-10 13:37:30 ----D---- C:\Windows\system32\de-DE
2010-01-10 10:57:15 ----RD---- C:\Program Files (x86)
2010-01-10 10:35:22 ----D---- C:\Windows\system32\drivers
2010-01-10 10:35:16 ----HD---- C:\ProgramData
2010-01-09 19:55:18 ----RSD---- C:\Windows\Fonts
2010-01-09 19:26:45 ----D---- C:\Program Files (x86)\Common Files
2010-01-09 19:20:27 ----SD---- C:\ProgramData\Microsoft
2010-01-09 19:20:07 ----RD---- C:\Program Files
2010-01-09 17:08:37 ----D---- C:\NVIDIA
2010-01-09 16:19:38 ----SD---- C:\Windows\Downloaded Program Files
2010-01-09 15:38:59 ----D---- C:\Windows\Logs
2010-01-09 15:00:44 ----D---- C:\Program Files (x86)\Windows Media Player
2010-01-09 15:00:42 ----D---- C:\Windows\AppPatch
2010-01-09 15:00:40 ----D---- C:\Windows\PolicyDefinitions
2010-01-09 15:00:37 ----D---- C:\Windows\system32\migration
2010-01-09 15:00:37 ----D---- C:\Program Files (x86)\Internet Explorer
2010-01-09 15:00:32 ----D---- C:\Windows\ehome
2010-01-09 14:43:01 ----D---- C:\Program Files (x86)\Common Files\microsoft shared
2010-01-09 14:23:25 ----RSD---- C:\Windows\Media
2010-01-09 14:23:24 ----D---- C:\Windows\twain_32
2010-01-09 14:11:09 ----SHD---- C:\$Recycle.Bin
2010-01-09 14:10:29 ----RD---- C:\Users
2010-01-09 13:50:50 ----RAS---- C:\BOOTSECT.BAK
2010-01-09 13:50:49 ----SHD---- C:\Boot

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys []
R3 HdAudAddService;Microsoft 1.1 UAA-Funktionstreiber für High Definition Audio-Dienst; C:\Windows\system32\drivers\HdAudio.sys []
R3 ksthunk;Kernel Streaming Thunks; C:\Windows\system32\drivers\ksthunk.sys []
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh64.sys []
R3 usbscan;USB-Scannertreiber; C:\Windows\system32\DRIVERS\usbscan.sys []
S3 drmkaud;Microsoft Kernel-DRM-Audioentschlüsselung; C:\Windows\system32\drivers\drmkaud.sys []
S3 DualCoreCenter;DualCoreCenter; \??\C:\Windows.old\Program Files (x86)\ATI Technologies\ATI.ACE\NTGLM7X64.sys [2007-04-17 40248]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys []
S3 MSPCLOCK;Microsoft Proxy für Streaming Clock; C:\Windows\system32\drivers\MSPCLOCK.sys []
S3 MSPQM;Microsoft Proxy für Streaming Quality Manager; C:\Windows\system32\drivers\MSPQM.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\Windows\system32\drivers\MSTEE.sys []
S3 RushTopDevice2;RushTopDevice2; \??\C:\Windows.old\Program Files (x86)\ATI Technologies\ATI.ACE\RushTop64.sys [2007-05-19 53560]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys []
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys []
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirSchedulerService;Avira AntiVir Planer; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2010-01-09 1181328]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2008-01-21 93696]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-21 19968]

-----------------EOF-----------------
__________________
Geändert von Markaukie (10.01.2010 um 16:26 Uhr)

Antwort

Themen zu Vista 64 problem
ad-ware, beste, computer, fenster, kleiner, laufe, laufen, maus, neue, ordner, proble, problem, probleme, programm, schrift, spinn, spinnt, spybot, symbole, tastatur, tastatur spinnt, verändern, vista, vista 64 bit, öffnen


« Trojaner Problem | trojaner, erfolgreich entfernt? »


Ähnliche Themen: Vista 64 problem


  1. Unter Firefox friert Vista ein - oder doch ein Vista Explorer Problem?
    Alles rund um Windows - 10.11.2015 (24)
  2. QVO6-Problem auf Windows Vista
    Log-Analyse und Auswertung - 01.11.2013 (17)
  3. Problem SoftwareUpdater.UI.exe in Vista
    Log-Analyse und Auswertung - 05.09.2013 (10)
  4. Vista Security 2011 Problem
    Log-Analyse und Auswertung - 07.05.2011 (9)
  5. Vista rundll problem
    Alles rund um Windows - 28.07.2010 (14)
  6. Problem mit w-lan (vista)
    Alles rund um Windows - 18.11.2009 (2)
  7. 5.1 Sound Problem unter Vista !! -.-
    Alles rund um Windows - 20.10.2009 (0)
  8. Vista - Explorer Problem
    Plagegeister aller Art und deren Bekämpfung - 10.07.2009 (0)
  9. Vista x64 Problem :(
    Alles rund um Windows - 02.03.2009 (20)
  10. Problem mit Vista 64 bit
    Log-Analyse und Auswertung - 28.02.2009 (0)
  11. Problem mit VISTA-Adminpasswort
    Alles rund um Windows - 16.02.2009 (6)
  12. USB 2.0 Problem unter Vista
    Alles rund um Windows - 05.01.2009 (1)
  13. Problem Vista -> VGA-Kabel -> Beamer
    Netzwerk und Hardware - 23.09.2008 (2)
  14. Problem mit Windows Vista bzw. Viren?
    Log-Analyse und Auswertung - 18.06.2008 (0)
  15. Giganiges Vista problem
    Alles rund um Windows - 23.03.2008 (7)
  16. Problem beim Vista neu aufspielen
    Alles rund um Windows - 15.10.2007 (2)
  17. Problem Windows Vista
    Alles rund um Windows - 24.03.2007 (3)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Vista 64 problem - Moin. Habe Seit längeren Probleme mit meinen Rechner.Die Tastatur spinnt groß und klein. Fenster werden immer neue geöffnet statt tabs zu nehmen.Auf dem Deskt verändern sich die symbole(sie werden Kleiner - Vista 64 problem...
Archiv
Du betrachtest: Vista 64 problem auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129