Probleme mit ff und ie

Metallica · 24.06.2008, 11:06

Wies aussieht, hab ich mir nen Virus oder so eingefangen.
ich kann mit Firefox einige Seiten nicht mehr öffnen und Google funktioniert auch nicht mehr. außerdem kommen im Internet Explorer andauernd Popups...

Habs schon mit meinem Antivirenprogramm versucht (Norton), aber das findet nix
Nen Systemwiederherstellungspunkt hab ich leider auch nicht

Wenn ich mit ie ins inet gehe, dann kommt schon beim start
h**p://83.149.75.33/info.png?cmp=ghr...&lid=http&z=ma
und
h**p://83.149.75.33/info.png?cmp=ghr...&lid=http&z=ma
in ner registerkarte

außerdem öffnet sich
h**ps://www.bwin.com/fr/sportsbook.aspx?zoneid=20800
und
h**p://de.celldorado.com/DE/ADS/1338...6PCL3w57dtvd3f

außerdem kommen andauernd werbeseite von antivirenprogrammen
bsp: h**p://de.antispywareexpert.com/2009...990_8051_20346

Hab auch mal versucht spybot zu installen:
bei der Installation kam dann:
Die Serververbindung konnte nicht hergestellt werden.

Hab mit GMER dann alle laufenden Prozesse abgeschaltet und antvir hat nen Trojaner, sowie 2 HTML-Scriptviren gefunden (HTML/Infected.WebPage.Gen)

Ich hoffe ich hab mein Problem ausführlich genug geschildert und irgendwer kann mir weiterhelfen...

cosinus · 24.06.2008, 11:14

Laß mal DSS auf Dein System los und poste die Logfiles. Den Link findest Du in meiner Signatur.

Metallica · 24.06.2008, 11:34

Is glaub gar nicht mehr nötig die zu posten

DSS hat anscheinend die Probleme vollständig aus der Welt geschafft!

Ich hab seit 2 Tagen versucht die Probleme aus der Welt zu schaffen, sogar mit Hilfe von Leuten, die sich eig damit auskennen, jedoch hat es keiner geschafft...und dann schreib ich hier mein Problem und keine 10min später ist es aus der Welt!

Echt fantastisch, vielen vielen Dank dafür

€dit: -.- jetzt war ich grade fertig mit schreiben, dann kommt wieder so ne meldung im ie...

cosinus · 24.06.2008, 11:36

Poste trotzdem die Logfiles! DSS gibt sehr viele detailierte Infos!

Zitat:

Was Deckards System Scanner macht:

* Es Erstellt einen System Wiederherstellungspunkt
* es säubert die temporären Dateien, Downloaded Program Files, Internet
Cache Dateien und es leert den Mülleimer auf allen Laufwerken.

Daß offensichtlich alles behoben wurde, kann eigentlich nur daran liegen, daß DSS temp. Dateien löscht.

Metallica · 24.06.2008, 11:59

ImageShack® - Image Hosting
code: 80122081918109

ImageShack® - Image Hosting
code: 80122081933277

ich hoffe das geht so^^

cosinus · 24.06.2008, 12:29

Poste die bitte hier in den Beitrag oder lad sie alternativ bei file-upload.net hoch und verlink das gnaze hier dann.

Metallica · 26.06.2008, 01:57

hab nochmals nen neuen logfile erstellt, vllt findet sich hier etwas...

Code:

ATTFilter

Deckard's System Scanner v20071014.68
Run by Metal on 2008-06-26 02:48:24
Computer is in Normal Mode.
--------------------------------------------------------------------------------



-- HijackThis Clone ------------------------------------------------------------


Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-06-26 02:49:59
Platform: Windows Vista Service Pack 1 (6.00.6001)
MSIE: Internet Explorer (7.00.6000.16386)
Boot mode: Normal

Running processes:
C:\Windows\System32\taskeng.exe
C:\Windows\System32\dwm.exe
C:\Windows\explorer.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\BisonCam\BisonHK.exe
C:\Program Files\System Control Manager\MGSysCtrl.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\F-Secure Internet Security\Common\FSM32.EXE
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Vidalia Bundle\Privoxy\privoxy.exe
C:\Program Files\F-Secure Internet Security\FSGUI\fsguidll.exe
C:\Program Files\Vidalia Bundle\Tor\tor.exe
C:\Program Files\ICQ6\ICQ.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Metal\Downloads\dss.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSI -- MICRO-STAR INT'L CO.,LTD.
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSI -- MICRO-STAR INT'L CO.,LTD.
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [BisonHK] C:\Windows\BisonCam\BisonHK.exe
O4 - HKLM\..\Run: [BsMnt] C:\Windows\BisonCam\BsMnt.exe
O4 - HKLM\..\Run: [MGSysCtrl] C:\Program Files\System Control Manager\MGSysCtrl.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure Internet Security\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure Internet Security\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Vidalia] "C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [MSServer] rundll32.exe C:\Users\Metal\AppData\Local\Temp\aWoLeffC.dll,#1
O4 - HKCU\..\Run: [cmds] rundll32.exe C:\Users\Metal\AppData\Local\Temp\xxYOHWnn.dll,c
O4 - HKCU\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
O4 - HKCU\..\Run: [ICQ] "C:\PROGRA~1\ICQ6\ICQ.exe" silent
O4 - HKCU\..\Run: [2c2ae4cc] rundll32.exe "C:\Users\Metal\AppData\Local\Temp\ivlbwwdw.dll",b
O4 - HKCU\..\Run: [BM2f19d750] Rundll32.exe "C:\Users\Metal\AppData\Local\Temp\fofcfcxy.dll",s
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'NETWORK SERVICE')
O4 - Global Startup: Privoxy.lnk = C:\Program Files\Vidalia Bundle\Privoxy\privoxy.exe
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (file missing)
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll
O18 - Protocol: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll
O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\microsoft shared\Information Retrieval\msitss.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL
O23 - Service: Acronis OS Selector Reinstall Service (AcronisOSSReinstallSvc) - Unknown owner - C:\Program Files\Common Files\Acronis\Acronis Disk Director\oss_reinstall_svc.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\System32\agrsmsvc.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Planer (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\FWES\program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\Common\FSMA32.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: SCM Driver Daemon (NishService) - Unknown owner - C:\Program Files\System Control Manager\edd.exe
O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Oz128 Driver\o2flash.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe


--
End of file - 9951 bytes

-- Files created between 2008-05-26 and 2008-06-26 -----------------------------

2008-06-25 18:27:44         0 d-------- C:\PerfLogs
2008-06-24 18:32:02         0 d-------- C:\Users\All Users\F-Secure
2008-06-24 18:30:45         0 d-------- C:\Program Files\F-Secure Internet Security
2008-06-24 18:30:19         0 d-------- C:\Users\All Users\fssg
2008-06-24 10:18:47         0 d-------- C:\Users\All Users\Avira
2008-06-24 10:18:47         0 d-------- C:\Program Files\Avira
2008-06-24 10:04:45         0 d-------- C:\Program Files\Sophos
2008-06-23 02:13:31         0 d-------- C:\Users\All Users\Kaspersky Lab
2008-06-23 00:33:59         0 d-------- C:\Users\All Users\Kaspersky Lab Setup Files
2008-06-22 08:48:40         0 d-------- C:\Users\All Users\Nero
2008-06-22 08:48:40         0 d-------- C:\Program Files\Nero
2008-06-22 08:48:38         0 d-------- C:\Program Files\Common Files\Nero
2008-06-20 21:36:11         0 d-------- C:\Program Files\uTorrent
2008-06-20 13:44:45         0 d-------- C:\Program Files\Paragon Software
2008-06-10 14:15:29         0 d-------- C:\Users\All Users\TEMP
2008-06-10 14:15:29         0 d-------- C:\Users\All Users\PassMark


-- Find3M Report ---------------------------------------------------------------

2008-06-26 02:07:49         0 d-------- C:\Users\Metal\AppData\Roaming\tor
2008-06-26 01:01:33     25159 --a------ C:\Users\Metal\AppData\Roaming\nvModes.001
2008-06-26 00:53:46    624138 --a------ C:\Windows\system32\perfh007.dat
2008-06-26 00:53:46    125292 --a------ C:\Windows\system32\perfc007.dat
2008-06-26 00:52:45         0 d-------- C:\Users\Metal\AppData\Roaming\Vidalia
2008-06-25 18:39:01       174 --ahs---- C:\Program Files\desktop.ini
2008-06-25 18:31:34         0 d-------- C:\Program Files\Windows Sidebar
2008-06-25 18:31:34         0 d-------- C:\Program Files\Windows Calendar
2008-06-25 18:31:34         0 d-------- C:\Program Files\Movie Maker
2008-06-25 18:31:33         0 d-------- C:\Program Files\Windows Mail
2008-06-25 18:31:33         0 d-------- C:\Program Files\Windows Journal
2008-06-25 18:31:33         0 d-------- C:\Program Files\Windows Collaboration
2008-06-25 18:31:32         0 d-------- C:\Program Files\Windows Photo Gallery
2008-06-25 18:31:29         0 d-------- C:\Program Files\Windows Defender
2008-06-25 18:28:25        12 --a------ C:\Windows\bthservsdp.dat
2008-06-25 16:58:08         0 d-------- C:\Program Files\UBISOFT
2008-06-25 16:58:08         0 d--h----- C:\Program Files\InstallShield Installation Information
2008-06-24 19:40:17     25159 --a------ C:\Users\Metal\AppData\Roaming\nvModes.dat
2008-06-24 18:48:00         0 d-------- C:\Users\Metal\AppData\Roaming\F-Secure
2008-06-23 00:53:55         0 d-------- C:\Program Files\Common Files\Symantec Shared
2008-06-22 09:34:34         0 d-------- C:\Users\Metal\AppData\Roaming\uTorrent
2008-06-22 09:05:54         0 d--h----- C:\Users\Metal\AppData\Roaming\setup
2008-06-22 09:05:52         0 d-------- C:\Users\Metal\AppData\Roaming\Thinstall
2008-06-22 08:48:38         0 d-------- C:\Program Files\Common Files
2008-06-22 08:04:15         0 d-------- C:\Users\Metal\AppData\Roaming\CyberLink
2008-06-22 07:50:23         0 d-------- C:\Program Files\Microsoft Silverlight
2008-06-20 23:39:31         0 d-------- C:\Users\Metal\AppData\Roaming\Winamp
2008-06-20 13:53:32         0 d-------- C:\Program Files\ICQ6
2008-06-20 13:24:35         0 d-------- C:\Program Files\ICQToolbar
2008-06-20 13:14:06         0 d-------- C:\Program Files\Common Files\InstallShield
2008-06-20 12:51:48         0 d-------- C:\Program Files\ICQ-Flowers
2008-06-19 11:50:28         0 d-------- C:\Users\Metal\AppData\Roaming\Mozilla
2008-06-19 11:13:55         0 d-------- C:\Users\Metal\AppData\Roaming\ICQ Toolbar


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [19.01.2008 09:38]
"RtHDVCpl"="RtHDVCpl.exe" [10.04.2007 10:01 C:\Windows\RtHDVCpl.exe]
"BisonHK"="C:\Windows\BisonCam\BisonHK.exe" [15.03.2007 16:37]
"BsMnt"="C:\Windows\BisonCam\BsMnt.exe" [15.03.2007 16:34]
"MGSysCtrl"="C:\Program Files\System Control Manager\MGSysCtrl.exe" [28.05.2007 19:39]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [11.01.2008 23:16]
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="C:\Program Files\Google\Gmail Notifier\gnotify.exe" [15.07.2005 23:48]
"RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [14.03.2007 22:01]
"LanguageShortcut"="C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" [08.01.2007 23:17]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [31.01.2008 23:13]
"Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [29.01.2008 18:38]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [11.08.2005 16:30]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [12.02.2008 10:06]
"F-Secure Manager"="C:\Program Files\F-Secure Internet Security\Common\FSM32.exe" [04.04.2008 20:10]
"F-Secure TNB"="C:\Program Files\F-Secure Internet Security\FSGUI\TNBUtil.exe" [04.04.2008 20:09]
"Skytel"="Skytel.exe" [04.04.2007 11:22 C:\Windows\SkyTel.exe]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [28.04.2007 13:05]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [28.04.2007 13:05]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [28.04.2007 13:05]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [18.10.2007 12:34]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [19.01.2008 09:33]
"PowerBar"="" []
"Vidalia"="C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe" [22.11.2007 23:49]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [19.01.2008 09:33]
"MSServer"="C:\Users\Metal\AppData\Local\Temp\aWoLeffC.dll,#1" []
"cmds"="C:\Users\Metal\AppData\Local\Temp\xxYOHWnn.dll,c" []
"ISUSPM Startup"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [11.08.2005 16:30]
"ICQ"="C:\PROGRA~1\ICQ6\ICQ.exe" [01.04.2008 12:40]
"2c2ae4cc"="C:\Users\Metal\AppData\Local\Temp\ivlbwwdw.dll,b" []
"Power2GoExpress"="" []
"BM2f19d750"="C:\Users\Metal\AppData\Local\Temp\fofcfcxy.dll,s" []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Privoxy.lnk - C:\Program Files\Vidalia Bundle\Privoxy\privoxy.exe [20.11.2006 16:30:54]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"=2 (0x2)
"EnableUIADesktopToggle"=0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
@="IEEE 1394 Bus host controllers"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
@="SBP2 IEEE 1394 Devices"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
@="SecurityDevices"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Speech Recognition"="C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe"
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalService	nsi lltdsvc SSDPSRV upnphost SCardSvr w32time EventSystem RemoteRegistry WinHttpAutoProxySvc lanmanworkstation TBS SLUINotify THREADORDER fdrespub netprofm fdphost wcncsvc QWAVE Mcx2Svc WebClient SstpSvc
LocalSystemNetworkRestricted	hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc EMDMgmt TabletInputService wlansvc WPDBusEnum
bthsvcs	BthServ

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp


[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
C:\Windows\system32\unregmp2.exe /ShowWMP

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
%SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI



-- End of Deckard's System Scanner: finished at 2008-06-26 02:51:27 ------------

(kann natürlich auch sein, dass dieser genauso aussieht, wie der andere, hab sie nicht verglichen)

24.06.2008, 11:14	#2
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Probleme mit ff und ie Laß mal DSS auf Dein System los und poste die Logfiles. Den Link findest Du in meiner Signatur. __________________ __________________

24.06.2008, 12:29	#6
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Probleme mit ff und ie Poste die bitte hier in den Beitrag oder lad sie alternativ bei file-upload.net hoch und verlink das gnaze hier dann. __________________ --> Probleme mit ff und ie

Probleme mit ff und ie

Plagegeister aller Art und deren Bekämpfung: Probleme mit ff und ie