Zurück   Trojaner-Board > Malware entfernen > Antiviren-, Firewall- und andere Schutzprogramme

Antiviren-, Firewall- und andere Schutzprogramme: Vista. Kann kein Antivirenprogramm meh installieren

Windows 7 Sämtliche Fragen zur Bedienung von Firewalls, Anti-Viren Programmen, Anti Malware und Anti Trojaner Software sind hier richtig. Dies ist ein Diskussionsforum für Sicherheitslösungen für Windows Rechner. Benötigst du Hilfe beim Trojaner entfernen oder weil du dir einen Virus eingefangen hast, erstelle ein Thema in den oberen Bereinigungsforen.

Antwort
Alt 02.08.2008, 14:48   #1
Babelfisch
 
Vista. Kann kein Antivirenprogramm meh installieren - Standard

Vista. Kann kein Antivirenprogramm meh installieren



Hi Leutz.
BS ist Vista32 Ultimate.
Ergo, ich hatte mir einen Virus/Trojaner..? eingefangen, der mir mein Avast Antivirus zerschossen hat. Ausserdem hat er mir die Firewall, die Updatefunktion und den Defender matt gesetzt. Firewall, Update und Defender hab ich wieder zum laufen gekriegt. Avast ging gar nicht mehr (.exe liess sich nicht öffen. Auch nicht als Admin.)
Danach konnte ich keine Antivirenprogramme mehr installieren. Versuche: AVG, Antivir und avast. Kurz vor der vollständigen Installation, deinstallieren sie sich selber wieder und schlimmer....PC stürzt ab....startet neu...und ich komm danach auf die Seite wo er nach dem Abgesicherten Modus fragt.
Ich habe auch Online Antivirenprog. drüberlaufen lassen im abgesicherten Modus. Der hat zwar ein paar Schädlinge gefunden, aber das Problem nicht beseitigt. Ebenso wenig wie Removaltools.

Ich kann den PC aber jetzt ganz normal starten, kann alles machen, wie gesagt, Firewall und Defender laufen....aber kein installieren der ach so wichtigen Antivirenproggies möglich....ansonsten...siehe oben.

Filelist konnte ich nicht erstellen. Gibt zwar ein Prog für Vista, aber ohne Datumslog (File-List 2.2)


Hijackthis (scheint aber alles i.o. zu sein, oder?)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:20:23, on 02.08.2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\myiHome\app\myiHome-server.exe
C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\IncrediMail\bin\ImApp.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\conime.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\babelfisch\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\713VAS2D\HiJackThis[1].exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ch/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.stegcomputer.ch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "realsched.exe" -osboot
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-18\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c (User 'Default user')
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: myiHome Server.lnk = C:\Program Files\myiHome\app\myiHome-server.exe
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O13 - Gopher Prefix:
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.de/scan_de/scan8/oscan8.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: GEST Service for program management. (GEST Service) - Unknown owner - C:\Program Files\GIGABYTE\GEST\GSvr.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NFS Server (NFSserver) - Dr. Hanewinkel -- www.haneWIN.de - C:\Program Files\nfsd\nfsd.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: SunRPC Portmap Daemon (PMAPDaemon) - Dr. Hanewinkel -- www.haneWIN.de - C:\Program Files\nfsd\pmapd.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

--
End of file - 6870 bytes


Sorry Admins. Wurde ins falsche Thema abgelegt. Bitte verschieben:-) thx

Geändert von Babelfisch (02.08.2008 um 14:56 Uhr) Grund: Sorry Admins....habs grad gesehen. Thema wurde von mir falsch abgelegt. Bitte verschieben :-)

Alt 02.08.2008, 15:00   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Vista. Kann kein Antivirenprogramm meh installieren - Icon32

Vista. Kann kein Antivirenprogramm meh installieren



Zitat:
Der hat zwar ein paar Schädlinge gefunden, aber das Problem nicht beseitigt. Ebenso wenig wie Removaltools.
Du mußt schon posten welche Schädlinge gefunden wurden, poste notfalls das Logfile mit Codetags umschlossen oder als Anhang.
Code:
ATTFilter
C:\Program Files\IncrediMail\bin\ImApp.exe
C:\Program Files\Internet Explorer\iexplore.exe
         
An Deiner Stelle würde ich nicht den IE und Incredimail benutzen. Besser Mozilla Firefox (Browser) und Thunderbird (Malclient) oder Seamonkey (Suite) oder Opera als gescheiten Ersatz fürs Mailen und Surfen.

Code:
ATTFilter
O23 - Service: NFS Server (NFSserver) - Dr. Hanewinkel -- www.haneWIN.de - C:\Program Files\nfsd\nfsd.exe
         
Wozu brauchst Du einen NFS-Daemon??
Ansonsten seh ich nichts im Logfile. Folge mal meinem DSS-Link in meiner Signatur und poste die beiden Logs wie dort beschrieben ist.
__________________

__________________

Alt 02.08.2008, 17:25   #3
Babelfisch
 
Vista. Kann kein Antivirenprogramm meh installieren - Standard

Vista. Kann kein Antivirenprogramm meh installieren



Danke erstmal für die rasche Antwort.

1.Ein logfile wurde nicht erstellt vom Antivir Removal Tool. Da gab es ein Fehlermeldung, das die nicht installiert wurde (oder so)

2. Klar werd ich bal umstellen (hab den Compi relativ neu)
3. Hanewin NFS benötige ich zum streamen auf meinen NMT HDD PopcornHour.

4. Hoffe ich poste hier die richtigen Logs: main und extra

(da die logs zu gross, hab ich sie aufgeteilt...muss man ja :-)
__________________

Alt 02.08.2008, 17:28   #4
Babelfisch
 
Vista. Kann kein Antivirenprogramm meh installieren - Standard

Vista. Kann kein Antivirenprogramm meh installieren



-- Last 5 Restore Point(s) --
29: 2008-08-02 12:24:21 UTC - RP88 - Install AnyDVD
28: 2008-08-02 09:39:02 UTC - RP86 - Installed AVG 8.0
27: 2008-08-01 10:21:32 UTC - RP85 - Windows Update
26: 2008-07-31 11:44:42 UTC - RP84 - Windows Update
25: 2008-07-31 05:29:26 UTC - RP83 - OpenOffice.org 3.0 Beta wird installiert
- First Restore Point --
1: 2008-07-13 17:00:20 UTC - RP58 - Audials TV wird installiert
Backed up registry hives.
Performed disk cleanup.
-- HijackThis (run as babelfisch.exe) ----------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:02:59, on 02.08.2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\myiHome\app\myiHome-server.exe
C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\IncrediMail\bin\ImApp.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\ieuser.exe
C:\Users\babelfisch\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SU46GI6G\dss[1].exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\ADMINI~1\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\IDCO7CMX\babelfisch.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ch/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.stegcomputer.ch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "realsched.exe" -osboot
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c (User 'Default user')
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: myiHome Server.lnk = C:\Program Files\myiHome\app\myiHome-server.exe
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O13 - Gopher Prefix:
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.de/scan_de/scan8/oscan8.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: GEST Service for program management. (GEST Service) - Unknown owner - C:\Program Files\GIGABYTE\GEST\GSvr.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NFS Server (NFSserver) - Dr. Hanewinkel -- www.haneWIN.de - C:\Program Files\nfsd\nfsd.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: SunRPC Portmap Daemon (PMAPDaemon) - Dr. Hanewinkel -- www.haneWIN.de - C:\Program Files\nfsd\pmapd.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

-End of file - 7386 bytes File Associations

All associations okay.
Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------All drivers whitelisted.
Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------

R2 Bonjour Service (Bonjour-Dienst) - "c:\program files\bonjour\mdnsresponder.exe" <Not Verified; Apple Inc.; Bonjour>
R2 Nero BackItUp Scheduler 3 - c:\program files\nero\nero8\nero backitup\nbservice.exe
R2 NFSserver (NFS Server) - c:\program files\nfsd\nfsd.exe <Not Verified; Dr. Hanewinkel -- www.haneWIN.de; haneWIN NFS Server>
R2 PLFlash DeviceIoControl Service - c:\windows\system32\ioctlsvc.exe <Not Verified; Prolific Technology Inc.; IoctlSvc Application>
R2 PMAPDaemon (SunRPC Portmap Daemon) - c:\program files\nfsd\pmapd.exe <Not Verified; Dr. Hanewinkel -- www.haneWIN.de; haneWIN SunRPC Portmap Daemon>

S4 avast! Mail Scanner - "c:\program files\alwil software\avast4\ashmaisv.exe" /service (file missing)
S4 avast! Web Scanner - "c:\program files\alwil software\avast4\ashwebsv.exe" /service (file missing)
Device Manager: Disabled ----------------------------------------------------
No disabled devices found.

Scheduled Tasks

2008-08-02 17:59:59 434 --ah----- C:\Windows\Tasks\User_Feed_Synchronization-{9D2C9BB4-6A54-4BC9-95FA-E34EFE1291D7}.job
2008-08-02 17:59:59 434 --ah----- C:\Windows\Tasks\User_Feed_Synchronization-{45838A77-0068-4AFD-AA35-4E7B7695934B}.job

-- Files created between 2008-07-02 and 2008-08-02 -----------------------------

2008-08-02 14:40:15 0 d-------- C:\Program Files\File-List 2.2
2008-08-02 14:15:57 0 d-------- C:\Windows\pss
2008-08-02 13:36:40 0 d-------- C:\Program Files\iPod
2008-08-02 13:36:39 0 d-------- C:\Program Files\iTunes
2008-08-02 13:33:55 0 d-------- C:\Program Files\Safari
2008-08-02 10:57:00 0 d-------- C:\Program Files\Free Registry Cleaner for Vista
2008-07-31 07:30:03 0 d-------- C:\Program Files\OpenOffice.org
2008-07-31 07:30:03 0 d-------- C:\Program Files\OpenOffice.org 3
2008-07-30 20:48:42 0 d-------- C:\Users\All Users\avg8
2008-07-30 20:48:42 0 d-------- C:\Program Files\AVG
2008-07-30 20:43:29 0 d-------- C:\Windows\ro-RO
2008-07-30 20:43:27 0 d-------- C:\Windows\system32\drivers\ro-RO
2008-07-30 20:33:10 353332 --a------ C:\Windows\system32\perfh00D.dat
2008-07-30 20:33:10 69240 --a------ C:\Windows\system32\perfc00D.dat
2008-07-30 20:32:35 0 d-------- C:\Windows\system32\he
2008-07-30 20:32:35 0 d-------- C:\Windows\system32\drivers\he-IL
2008-07-30 20:32:30 0 d-------- C:\Windows\he-IL
2008-07-30 20:21:16 429828 --a------ C:\Windows\system32\perfh00B.dat
2008-07-30 20:21:16 81258 --a------ C:\Windows\system32\perfc00B.dat
2008-07-30 20:20:41 0 d-------- C:\Windows\fi-FI
2008-07-30 20:20:38 0 d-------- C:\Windows\system32\040B
2008-07-30 20:20:37 0 d-------- C:\Windows\system32\fi
2008-07-30 20:20:37 0 d-------- C:\Windows\system32\drivers\fi-FI
2008-07-30 17:03:04 0 d-------- C:\Program Files\f-secure-rescue-cd-release
2008-07-30 17:01:41 0 d-------- C:\Program Files\GDATA-Boot
2008-07-30 07:36:38 0 d-------- C:\Windows\BDOSCAN8
2008-07-28 15:22:47 0 d-------- C:\Windows\Sun
2008-07-28 12:04:38 0 d-------- C:\FilmarchivPro
2008-07-26 23:11:52 0 d-------- C:\Program Files\myiHome
2008-07-26 09:51:28 0 d-------- C:\Program Files\nfsd
2008-07-23 10:12:02 0 d-------- C:\myiHome Library
2008-07-23 10:12:02 0 d-------- C:\My Videos
2008-07-23 10:12:02 0 d-------- C:\My Pictures
2008-07-23 10:12:02 0 d-------- C:\My Music
2008-07-22 23:08:00 0 d-------- C:\RemuxTool
2008-07-22 22:26:09 180224 --a------ C:\Windows\system32\xvidvfw.dll
2008-07-22 22:26:09 765952 --a------ C:\Windows\system32\xvidcore.dll
2008-07-22 22:26:09 0 d-------- C:\Program Files\Xvid
2008-07-22 22:16:36 0 d-------- C:\Program Files\xvidcore-1.1.3
2008-07-22 19:27:19 0 d-------- C:\Program Files\ImgBurn
2008-07-22 17:31:05 0 d-------- C:\Program Files\megui
2008-07-22 17:22:51 0 d-------- C:\Program Files\Matroska Pack
2008-07-22 17:04:03 0 d-------- C:\Program Files\x264
2008-07-21 21:20:58 0 d-------- C:\Users\All Users\VistaCodecs
2008-07-20 11:28:34 0 d-------- C:\Program Files\VideoLAN
2008-07-20 10:57:56 0 d-------- C:\Program Files\MediaInfo
2008-07-18 08:30:45 0 d-------- C:\Program Files\Bonjour
2008-07-18 08:30:21 0 d-------- C:\Program Files\QuickTime
2008-07-18 08:30:20 0 d-------- C:\Users\All Users\Apple Computer
2008-07-18 08:30:10 0 d-------- C:\Program Files\Apple Software Update
2008-07-18 08:29:29 0 d-------- C:\Users\All Users\Apple
2008-07-18 08:29:29 0 d-------- C:\Program Files\Common Files\Apple
2008-07-13 19:01:25 0 d-------- C:\Program Files\RapidSolution Software AG
2008-07-13 15:42:47 0 d-------- C:\Program Files\Common Files\xing shared
2008-07-13 15:42:34 0 d-------- C:\Program Files\Real
2008-07-13 15:42:32 0 d-------- C:\Program Files\Common Files\Real
2008-07-07 15:53:14 0 d-------- C:\Program Files\skins
2008-07-07 10:50:12 0 d--h----- C:\Users\All Users\CanonBJ
2008-07-06 18:12:29 0 d-------- C:\Program Files\Java
2008-07-06 18:12:28 0 d-------- C:\Program Files\Common Files\Java
2008-07-06 13:01:36 0 d-------- C:\Program Files\MSXML 4.0
2008-07-05 13:40:39 0 d-------- C:\Users\All Users\Nero
2008-07-05 13:40:39 0 d-------- C:\Program Files\Common Files\Nero
2008-07-05 13:30:14 0 d-------- C:\Windows\system32\appmgmt
2008-07-05 11:49:34 0 d-------- C:\Users\All Users\Adobe
2008-07-05 11:45:19 0 d-------- C:\Users\All Users\NOS
2008-07-05 11:45:19 0 d-------- C:\Program Files\NOS
2008-07-05 10:16:24 0 d-------- C:\Program Files\phase5
2008-07-05 10:15:04 0 -rahs---- C:\MSDOS.SYS
2008-07-05 10:15:04 0 -rahs---- C:\IO.SYS
2008-07-05 10:12:18 0 d-------- C:\Program Files\Nvu
2008-07-03 19:27:31 0 d-------- C:\Users\All Users\SlySoft
2008-07-03 19:25:10 0 d-------- C:\Program Files\SlySoft
2008-07-03 19:08:07 0 d-------- C:\Users\All Users\IncrediMail
2008-07-03 19:08:07 0 d-------- C:\Users\All Users\IM
2008-07-03 19:08:07 0 d-------- C:\Program Files\IncrediMail
2008-07-03 18:32:51 0 --a------ C:\Windows\nsreg.dat
2008-07-03 18:26:33 0 d-------- C:\Program Files\Synovel Spicebird

- Find3M Report ---------------------------------------------------------------

2008-08-02 14:31:02 655756 --a------ C:\Windows\system32\perfh010.dat
2008-08-02 14:31:02 661898 --a------ C:\Windows\system32\perfh00C.dat
2008-08-02 14:31:02 621702 --a------ C:\Windows\system32\perfh007.dat
2008-08-02 14:31:02 120396 --a------ C:\Windows\system32\perfc010.dat
2008-08-02 14:31:02 123622 --a------ C:\Windows\system32\perfc00C.dat
2008-08-02 14:31:02 123646 --a------ C:\Windows\system32\perfc007.dat
2008-08-02 13:42:34 0 d-------- C:\Users\babelfisch\AppData\Roaming\Apple Computer
2008-08-02 13:23:26 0 d-------- C:\Users\babelfisch\AppData\Roaming\OpenOffice.org3
2008-08-02 13:22:48 0 d-------- C:\Program Files\Steam
2008-07-30 20:43:29 0 d-------- C:\Program Files\Windows Sidebar
2008-07-30 20:43:29 0 d-------- C:\Program Files\Windows Photo Gallery
2008-07-30 20:43:29 0 d-------- C:\Program Files\Windows Mail
2008-07-30 20:43:29 0 d-------- C:\Program Files\Windows Journal
2008-07-30 20:43:29 0 d-------- C:\Program Files\Windows Defender
2008-07-30 20:43:29 0 d-------- C:\Program Files\Windows Collaboration
2008-07-30 20:43:29 0 d-------- C:\Program Files\Windows Calendar
2008-07-30 20:43:29 0 d-------- C:\Program Files\Movie Maker
2008-07-29 21:35:47 0 d--h----- C:\Users\babelfisch\AppData\Roaming\m
2008-07-29 21:34:02 0 d-------- C:\Program Files\Common Files
2008-07-29 20:37:17 0 d-------- C:\Program Files\Common Files\LightScribe
2008-07-28 12:38:12 0 d-------- C:\Users\babelfisch\AppData\Roaming\FileZilla
2008-07-28 12:26:59 0 d-------- C:\Users\babelfisch\AppData\Roaming\Thinstall
2008-07-28 12:05:44 161076 --a------ C:\Program Files\FilmarchivPro.rar
2008-07-22 19:35:46 0 d-------- C:\Users\babelfisch\AppData\Roaming\ImgBurn
2008-07-20 11:35:19 0 d-------- C:\Users\babelfisch\AppData\Roaming\vlc
2008-07-20 10:58:36 0 d-------- C:\Users\babelfisch\AppData\Roaming\Real
2008-07-18 13:41:27 0 d-------- C:\Program Files\Common Files\Steam
2008-07-05 13:42:47 0 d-------- C:\Users\babelfisch\AppData\Roaming\Nero
2008-07-05 13:40:39 0 d-------- C:\Program Files\Nero
2008-07-05 13:29:56 0 d-------- C:\Program Files\Common Files\Ahead
2008-07-05 13:29:23 0 d-------- C:\Users\babelfisch\AppData\Roaming\Ahead
2008-07-05 11:50:53 0 d-------- C:\Users\babelfisch\AppData\Roaming\Adobe
2008-07-05 11:49:51 0 d-------- C:\Program Files\Common Files\Adobe
2008-07-05 10:12:22 0 d-------- C:\Users\babelfisch\AppData\Roaming\Nvu
2008-07-03 18:32:51 0 d-------- C:\Users\babelfisch\AppData\Roaming\Thunderbird
2008-07-03 18:32:51 0 d-------- C:\Users\babelfisch\AppData\Roaming\Mozilla
2008-07-03 18:26:38 0 d-------- C:\Users\babelfisch\AppData\Roaming\Spicebird
2008-06-29 16:43:48 174 --ahs---- C:\Program Files\desktop.ini
2008-06-27 13:04:28 0 d-------- C:\Program Files\Smart Projects
2008-06-27 11:51:53 0 d-------- C:\Program Files\IrfanView
2008-06-27 11:50:41 0 d-------- C:\Program Files\Plugins
2008-06-27 11:48:25 0 d-------- C:\Program Files\DVD Shrink
2008-06-27 11:43:41 0 d-------- C:\Program Files\GIMP-2.0
2008-06-27 11:39:18 0 d-------- C:\Users\babelfisch\AppData\Roaming\WinRAR
2008-06-26 23:05:04 3072 --a------ C:\Windows\checkip.dat
2008-06-26 18:37:33 0 d-------- C:\Program Files\Alwil Software
2008-06-26 15:27:53 0 d-------- C:\Users\babelfisch\AppData\Roaming\Macromedia
2008-06-25 16:31:05 0 d-------- C:\Users\babelfisch\AppData\Roaming\Logitech
2008-06-25 16:13:40 0 d-------- C:\Program Files\Common Files\Logitech
2008-06-25 16:13:27 0 d-------- C:\Program Files\Logitech
2008-06-25 16:13:24 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-06-25 16:13:19 0 d-------- C:\Users\babelfisch\AppData\Roaming\InstallShield
2008-06-25 16:06:58 0 d-------- C:\Users\babelfisch\AppData\Roaming\Identities
2008-06-25 16:00:19 0 d-------- C:\Program Files\Windows NT
2008-06-25 16:00:19 0 d--hs---- C:\Program Files\Gemeinsame Dateien

- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
11.06.2008 22:33 75128 --a------ C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [19.01.2008 09:38]
"RtHDVCpl"="RtHDVCpl.exe" [19.09.2007 08:50 C:\Windows\RtHDVCpl.exe]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [24.03.2008 19:52]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [24.03.2008 19:52]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [11.04.2007 15:32 C:\Windows\KHALMNPR.Exe]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [12.06.2008 02:38]
"NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [18.02.2008 17:29]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [10.06.2008 04:27]
"TkBellExe"="realsched.exe" []

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [19.01.2008 09:33]
"WindowsWelcomeCenter"="oobefldr.dll,ShowWelcomeCenter" []
"LightScribe Control Panel"="C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe" [19.04.2007 13:26]
"IncrediMail"="C:\Program Files\IncrediMail\bin\IncMail.exe" [12.06.2008 13:49]
"AnyDVD"="C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe" [01.08.2008 15:32]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [19.01.2008 09:33]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [19.01.2008 09:33]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"IncrediMail"=C:\Program Files\IncrediMail\bin\IncMail.exe /c

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [25.06.2008 16:13:36]
myiHome Server.lnk - C:\Program Files\myiHome\app\myiHome-server.exe [26.07.2008 23:11:54]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"=2 (0x2)
"EnableUIADesktopToggle"=0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
@="IEEE 1394 Bus host controllers"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
@="SBP2 IEEE 1394 Devices"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
@="SecurityDevices"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^babelfisch^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.0.lnk]
path=C:\Users\babelfisch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk
backup=C:\Windows\pss\OpenOffice.org 3.0.lnk.Startup
backupExtension=.Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
"C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
"C:\Program Files\iTunes\iTunesHelper.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\QTTask.exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
"C:\Program Files\Steam\Steam.exe" -silent

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalService nsi lltdsvc SSDPSRV upnphost SCardSvr w32time EventSystem RemoteRegistry WinHttpAutoProxySvc lanmanworkstation TBS SLUINotify THREADORDER fdrespub netprofm fdphost wcncsvc QWAVE Mcx2Svc WebClient SstpSvc
GPSvcGroup GPSvc


[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
C:\Windows\system32\unregmp2.exe /ShowWMP

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"C:\Program Files\Common Files\LightScribe\LSRunOnce.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
%SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI

Alt 02.08.2008, 17:31   #5
Babelfisch
 
Vista. Kann kein Antivirenprogramm meh installieren - Standard

Vista. Kann kein Antivirenprogramm meh installieren



-- Last 5 Restore Point(s) --
29: 2008-08-02 12:24:21 UTC - RP88 - Install AnyDVD
28: 2008-08-02 09:39:02 UTC - RP86 - Installed AVG 8.0
27: 2008-08-01 10:21:32 UTC - RP85 - Windows Update
26: 2008-07-31 11:44:42 UTC - RP84 - Windows Update
25: 2008-07-31 05:29:26 UTC - RP83 - OpenOffice.org 3.0 Beta wird installiert
First Restore Point --
1: 2008-07-13 17:00:20 UTC - RP58 - Audials TV wird installiert
Backed up registry hives.
Performed disk cleanup.

HijackThis (run as babelfisch.exe) ------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:02:59, on 02.08.2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\myiHome\app\myiHome-server.exe
C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\IncrediMail\bin\ImApp.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\ieuser.exe
C:\Users\babelfisch\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SU46GI6G\dss[1].exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\ADMINI~1\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\IDCO7CMX\babelfisch.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ch/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.stegcomputer.ch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "realsched.exe" -osboot
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c (User 'Default user')
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: myiHome Server.lnk = C:\Program Files\myiHome\app\myiHome-server.exe
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O13 - Gopher Prefix:
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.de/scan_de/scan8/oscan8.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: GEST Service for program management. (GEST Service) - Unknown owner - C:\Program Files\GIGABYTE\GEST\GSvr.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NFS Server (NFSserver) - Dr. Hanewinkel -- www.haneWIN.de - C:\Program Files\nfsd\nfsd.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: SunRPC Portmap Daemon (PMAPDaemon) - Dr. Hanewinkel -- www.haneWIN.de - C:\Program Files\nfsd\pmapd.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
End of file - 7386 bytes
File Associations
All associations okay.
Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled
All drivers whitelisted.

Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 Bonjour Service (Bonjour-Dienst) - "c:\program files\bonjour\mdnsresponder.exe" <Not Verified; Apple Inc.; Bonjour>
R2 Nero BackItUp Scheduler 3 - c:\program files\nero\nero8\nero backitup\nbservice.exe
R2 NFSserver (NFS Server) - c:\program files\nfsd\nfsd.exe <Not Verified; Dr. Hanewinkel -- www.haneWIN.de; haneWIN NFS Server>
R2 PLFlash DeviceIoControl Service - c:\windows\system32\ioctlsvc.exe <Not Verified; Prolific Technology Inc.; IoctlSvc Application>
R2 PMAPDaemon (SunRPC Portmap Daemon) - c:\program files\nfsd\pmapd.exe <Not Verified; Dr. Hanewinkel -- www.haneWIN.de; haneWIN SunRPC Portmap Daemon>

S4 avast! Mail Scanner - "c:\program files\alwil software\avast4\ashmaisv.exe" /service (file missing)
S4 avast! Web Scanner - "c:\program files\alwil software\avast4\ashwebsv.exe" /service (file missing)

Device Manager: Disabled ----------------------------------------------------No disabled devices found.

Scheduled Tasks -
2008-08-02 17:59:59 434 --ah----- C:\Windows\Tasks\User_Feed_Synchronization-{9D2C9BB4-6A54-4BC9-95FA-E34EFE1291D7}.job
2008-08-02 17:59:59 434 --ah----- C:\Windows\Tasks\User_Feed_Synchronization-{45838A77-0068-4AFD-AA35-4E7B7695934B}.job


-- Files created between 2008-07-02 and 2008-08-02 -

2008-08-02 14:40:15 0 d-------- C:\Program Files\File-List 2.2
2008-08-02 14:15:57 0 d-------- C:\Windows\pss
2008-08-02 13:36:40 0 d-------- C:\Program Files\iPod
2008-08-02 13:36:39 0 d-------- C:\Program Files\iTunes
2008-08-02 13:33:55 0 d-------- C:\Program Files\Safari
2008-08-02 10:57:00 0 d-------- C:\Program Files\Free Registry Cleaner for Vista
2008-07-31 07:30:03 0 d-------- C:\Program Files\OpenOffice.org
2008-07-31 07:30:03 0 d-------- C:\Program Files\OpenOffice.org 3
2008-07-30 20:48:42 0 d-------- C:\Users\All Users\avg8
2008-07-30 20:48:42 0 d-------- C:\Program Files\AVG
2008-07-30 20:43:29 0 d-------- C:\Windows\ro-RO
2008-07-30 20:43:27 0 d-------- C:\Windows\system32\drivers\ro-RO
2008-07-30 20:33:10 353332 --a------ C:\Windows\system32\perfh00D.dat
2008-07-30 20:33:10 69240 --a------ C:\Windows\system32\perfc00D.dat
2008-07-30 20:32:35 0 d-------- C:\Windows\system32\he
2008-07-30 20:32:35 0 d-------- C:\Windows\system32\drivers\he-IL
2008-07-30 20:32:30 0 d-------- C:\Windows\he-IL
2008-07-30 20:21:16 429828 --a------ C:\Windows\system32\perfh00B.dat
2008-07-30 20:21:16 81258 --a------ C:\Windows\system32\perfc00B.dat
2008-07-30 20:20:41 0 d-------- C:\Windows\fi-FI
2008-07-30 20:20:38 0 d-------- C:\Windows\system32\040B
2008-07-30 20:20:37 0 d-------- C:\Windows\system32\fi
2008-07-30 20:20:37 0 d-------- C:\Windows\system32\drivers\fi-FI
2008-07-30 17:03:04 0 d-------- C:\Program Files\f-secure-rescue-cd-release
2008-07-30 17:01:41 0 d-------- C:\Program Files\GDATA-Boot
2008-07-30 07:36:38 0 d-------- C:\Windows\BDOSCAN8
2008-07-28 15:22:47 0 d-------- C:\Windows\Sun
2008-07-28 12:04:38 0 d-------- C:\FilmarchivPro
2008-07-26 23:11:52 0 d-------- C:\Program Files\myiHome
2008-07-26 09:51:28 0 d-------- C:\Program Files\nfsd
2008-07-23 10:12:02 0 d-------- C:\myiHome Library
2008-07-23 10:12:02 0 d-------- C:\My Videos
2008-07-23 10:12:02 0 d-------- C:\My Pictures
2008-07-23 10:12:02 0 d-------- C:\My Music
2008-07-22 23:08:00 0 d-------- C:\RemuxTool
2008-07-22 22:26:09 180224 --a------ C:\Windows\system32\xvidvfw.dll
2008-07-22 22:26:09 765952 --a------ C:\Windows\system32\xvidcore.dll
2008-07-22 22:26:09 0 d-------- C:\Program Files\Xvid
2008-07-22 22:16:36 0 d-------- C:\Program Files\xvidcore-1.1.3
2008-07-22 19:27:19 0 d-------- C:\Program Files\ImgBurn
2008-07-22 17:31:05 0 d-------- C:\Program Files\megui
2008-07-22 17:22:51 0 d-------- C:\Program Files\Matroska Pack
2008-07-22 17:04:03 0 d-------- C:\Program Files\x264
2008-07-21 21:20:58 0 d-------- C:\Users\All Users\VistaCodecs
2008-07-20 11:28:34 0 d-------- C:\Program Files\VideoLAN
2008-07-20 10:57:56 0 d-------- C:\Program Files\MediaInfo
2008-07-18 08:30:45 0 d-------- C:\Program Files\Bonjour
2008-07-18 08:30:21 0 d-------- C:\Program Files\QuickTime
2008-07-18 08:30:20 0 d-------- C:\Users\All Users\Apple Computer
2008-07-18 08:30:10 0 d-------- C:\Program Files\Apple Software Update
2008-07-18 08:29:29 0 d-------- C:\Users\All Users\Apple
2008-07-18 08:29:29 0 d-------- C:\Program Files\Common Files\Apple
2008-07-13 19:01:25 0 d-------- C:\Program Files\RapidSolution Software AG
2008-07-13 15:42:47 0 d-------- C:\Program Files\Common Files\xing shared
2008-07-13 15:42:34 0 d-------- C:\Program Files\Real
2008-07-13 15:42:32 0 d-------- C:\Program Files\Common Files\Real
2008-07-07 15:53:14 0 d-------- C:\Program Files\skins
2008-07-07 10:50:12 0 d--h----- C:\Users\All Users\CanonBJ
2008-07-06 18:12:29 0 d-------- C:\Program Files\Java
2008-07-06 18:12:28 0 d-------- C:\Program Files\Common Files\Java
2008-07-06 13:01:36 0 d-------- C:\Program Files\MSXML 4.0
2008-07-05 13:40:39 0 d-------- C:\Users\All Users\Nero
2008-07-05 13:40:39 0 d-------- C:\Program Files\Common Files\Nero
2008-07-05 13:30:14 0 d-------- C:\Windows\system32\appmgmt
2008-07-05 11:49:34 0 d-------- C:\Users\All Users\Adobe
2008-07-05 11:45:19 0 d-------- C:\Users\All Users\NOS
2008-07-05 11:45:19 0 d-------- C:\Program Files\NOS
2008-07-05 10:16:24 0 d-------- C:\Program Files\phase5
2008-07-05 10:15:04 0 -rahs---- C:\MSDOS.SYS
2008-07-05 10:15:04 0 -rahs---- C:\IO.SYS
2008-07-05 10:12:18 0 d-------- C:\Program Files\Nvu
2008-07-03 19:27:31 0 d-------- C:\Users\All Users\SlySoft
2008-07-03 19:25:10 0 d-------- C:\Program Files\SlySoft
2008-07-03 19:08:07 0 d-------- C:\Users\All Users\IncrediMail
2008-07-03 19:08:07 0 d-------- C:\Users\All Users\IM
2008-07-03 19:08:07 0 d-------- C:\Program Files\IncrediMail
2008-07-03 18:32:51 0 --a------ C:\Windows\nsreg.dat
2008-07-03 18:26:33 0 d-------- C:\Program Files\Synovel Spicebird


-- Find3M Report ---------------------------------------------------------------

2008-08-02 14:31:02 655756 --a------ C:\Windows\system32\perfh010.dat
2008-08-02 14:31:02 661898 --a------ C:\Windows\system32\perfh00C.dat
2008-08-02 14:31:02 621702 --a------ C:\Windows\system32\perfh007.dat
2008-08-02 14:31:02 120396 --a------ C:\Windows\system32\perfc010.dat
2008-08-02 14:31:02 123622 --a------ C:\Windows\system32\perfc00C.dat
2008-08-02 14:31:02 123646 --a------ C:\Windows\system32\perfc007.dat
2008-08-02 13:42:34 0 d-------- C:\Users\babelfisch\AppData\Roaming\Apple Computer
2008-08-02 13:23:26 0 d-------- C:\Users\babelfisch\AppData\Roaming\OpenOffice.org3
2008-08-02 13:22:48 0 d-------- C:\Program Files\Steam
2008-07-30 20:43:29 0 d-------- C:\Program Files\Windows Sidebar
2008-07-30 20:43:29 0 d-------- C:\Program Files\Windows Photo Gallery
2008-07-30 20:43:29 0 d-------- C:\Program Files\Windows Mail
2008-07-30 20:43:29 0 d-------- C:\Program Files\Windows Journal
2008-07-30 20:43:29 0 d-------- C:\Program Files\Windows Defender
2008-07-30 20:43:29 0 d-------- C:\Program Files\Windows Collaboration
2008-07-30 20:43:29 0 d-------- C:\Program Files\Windows Calendar
2008-07-30 20:43:29 0 d-------- C:\Program Files\Movie Maker
2008-07-29 21:35:47 0 d--h----- C:\Users\babelfisch\AppData\Roaming\m
2008-07-29 21:34:02 0 d-------- C:\Program Files\Common Files
2008-07-29 20:37:17 0 d-------- C:\Program Files\Common Files\LightScribe
2008-07-28 12:38:12 0 d-------- C:\Users\babelfisch\AppData\Roaming\FileZilla
2008-07-28 12:26:59 0 d-------- C:\Users\babelfisch\AppData\Roaming\Thinstall
2008-07-28 12:05:44 161076 --a------ C:\Program Files\FilmarchivPro.rar
2008-07-22 19:35:46 0 d-------- C:\Users\babelfisch\AppData\Roaming\ImgBurn
2008-07-20 11:35:19 0 d-------- C:\Users\babelfisch\AppData\Roaming\vlc
2008-07-20 10:58:36 0 d-------- C:\Users\babelfisch\AppData\Roaming\Real
2008-07-18 13:41:27 0 d-------- C:\Program Files\Common Files\Steam
2008-07-05 13:42:47 0 d-------- C:\Users\babelfisch\AppData\Roaming\Nero
2008-07-05 13:40:39 0 d-------- C:\Program Files\Nero
2008-07-05 13:29:56 0 d-------- C:\Program Files\Common Files\Ahead
2008-07-05 13:29:23 0 d-------- C:\Users\babelfisch\AppData\Roaming\Ahead
2008-07-05 11:50:53 0 d-------- C:\Users\babelfisch\AppData\Roaming\Adobe
2008-07-05 11:49:51 0 d-------- C:\Program Files\Common Files\Adobe
2008-07-05 10:12:22 0 d-------- C:\Users\babelfisch\AppData\Roaming\Nvu
2008-07-03 18:32:51 0 d-------- C:\Users\babelfisch\AppData\Roaming\Thunderbird
2008-07-03 18:32:51 0 d-------- C:\Users\babelfisch\AppData\Roaming\Mozilla
2008-07-03 18:26:38 0 d-------- C:\Users\babelfisch\AppData\Roaming\Spicebird
2008-06-29 16:43:48 174 --ahs---- C:\Program Files\desktop.ini
2008-06-27 13:04:28 0 d-------- C:\Program Files\Smart Projects
2008-06-27 11:51:53 0 d-------- C:\Program Files\IrfanView
2008-06-27 11:50:41 0 d-------- C:\Program Files\Plugins
2008-06-27 11:48:25 0 d-------- C:\Program Files\DVD Shrink
2008-06-27 11:43:41 0 d-------- C:\Program Files\GIMP-2.0
2008-06-27 11:39:18 0 d-------- C:\Users\babelfisch\AppData\Roaming\WinRAR
2008-06-26 23:05:04 3072 --a------ C:\Windows\checkip.dat
2008-06-26 18:37:33 0 d-------- C:\Program Files\Alwil Software
2008-06-26 15:27:53 0 d-------- C:\Users\babelfisch\AppData\Roaming\Macromedia
2008-06-25 16:31:05 0 d-------- C:\Users\babelfisch\AppData\Roaming\Logitech
2008-06-25 16:13:40 0 d-------- C:\Program Files\Common Files\Logitech
2008-06-25 16:13:27 0 d-------- C:\Program Files\Logitech
2008-06-25 16:13:24 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-06-25 16:13:19 0 d-------- C:\Users\babelfisch\AppData\Roaming\InstallShield
2008-06-25 16:06:58 0 d-------- C:\Users\babelfisch\AppData\Roaming\Identities
2008-06-25 16:00:19 0 d-------- C:\Program Files\Windows NT
2008-06-25 16:00:19 0 d--hs---- C:\Program Files\Gemeinsame Dateien


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
11.06.2008 22:33 75128 --a------ C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [19.01.2008 09:38]
"RtHDVCpl"="RtHDVCpl.exe" [19.09.2007 08:50 C:\Windows\RtHDVCpl.exe]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [24.03.2008 19:52]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [24.03.2008 19:52]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [11.04.2007 15:32 C:\Windows\KHALMNPR.Exe]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [12.06.2008 02:38]
"NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [18.02.2008 17:29]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [10.06.2008 04:27]
"TkBellExe"="realsched.exe" []

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [19.01.2008 09:33]
"WindowsWelcomeCenter"="oobefldr.dll,ShowWelcomeCenter" []
"LightScribe Control Panel"="C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe" [19.04.2007 13:26]
"IncrediMail"="C:\Program Files\IncrediMail\bin\IncMail.exe" [12.06.2008 13:49]
"AnyDVD"="C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe" [01.08.2008 15:32]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [19.01.2008 09:33]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [19.01.2008 09:33]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"IncrediMail"=C:\Program Files\IncrediMail\bin\IncMail.exe /c

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [25.06.2008 16:13:36]
myiHome Server.lnk - C:\Program Files\myiHome\app\myiHome-server.exe [26.07.2008 23:11:54]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"=2 (0x2)
"EnableUIADesktopToggle"=0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
@="IEEE 1394 Bus host controllers"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
@="SBP2 IEEE 1394 Devices"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
@="SecurityDevices"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^babelfisch^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.0.lnk]
path=C:\Users\babelfisch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk
backup=C:\Windows\pss\OpenOffice.org 3.0.lnk.Startup
backupExtension=.Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
"C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
"C:\Program Files\iTunes\iTunesHelper.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\QTTask.exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
"C:\Program Files\Steam\Steam.exe" -silent

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalService nsi lltdsvc SSDPSRV upnphost SCardSvr w32time EventSystem RemoteRegistry WinHttpAutoProxySvc lanmanworkstation TBS SLUINotify THREADORDER fdrespub netprofm fdphost wcncsvc QWAVE Mcx2Svc WebClient SstpSvc
GPSvcGroup GPSvc


[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
C:\Windows\system32\unregmp2.exe /ShowWMP

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"C:\Program Files\Common Files\LightScribe\LSRunOnce.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
%SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI


Alt 02.08.2008, 18:32   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Vista. Kann kein Antivirenprogramm meh installieren - Ausrufezeichen

Vista. Kann kein Antivirenprogramm meh installieren



Du hast zweimal das gleiche Log gepostet. Bitte sorgfältiger darauf achten!
Die Logfiles bitte mit Codetags umschlossen posten also so

HTML-Code:
[code] Hier das Logfile rein [/code]
__________________
--> Vista. Kann kein Antivirenprogramm meh installieren

Alt 03.08.2008, 12:00   #7
Babelfisch
 
Vista. Kann kein Antivirenprogramm meh installieren - Standard

Vista. Kann kein Antivirenprogramm meh installieren



Hoffe so ist richtig :-) Thx


Code:
ATTFilter
Deckard's System Scanner v20071014.68
Run by babelfisch on 2008-08-03 12:53:18
Computer is in Normal Mode.
--------------------------------------------------------------------------------



-- HijackThis (run as babelfisch.exe) ------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:53:20, on 03.08.2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\myiHome\app\myiHome-server.exe
C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\IncrediMail\bin\ImApp.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\babelfisch\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SU46GI6G\dss[1].exe
C:\Users\ADMINI~1\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\IDCO7CMX\BABELF~1.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ch/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.stegcomputer.ch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "realsched.exe"  -osboot
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c (User 'Default user')
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: myiHome Server.lnk = C:\Program Files\myiHome\app\myiHome-server.exe
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O13 - Gopher Prefix: 
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.de/scan_de/scan8/oscan8.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: GEST Service for program management. (GEST Service) - Unknown owner - C:\Program Files\GIGABYTE\GEST\GSvr.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NFS Server (NFSserver) - Dr. Hanewinkel -- www.haneWIN.de - C:\Program Files\nfsd\nfsd.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: SunRPC Portmap Daemon (PMAPDaemon) - Dr. Hanewinkel -- www.haneWIN.de - C:\Program Files\nfsd\pmapd.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

--
End of file - 7358 bytes

-- Files created between 2008-07-03 and 2008-08-03 -----------------------------

2008-08-02 14:40:15         0 d-------- C:\Program Files\File-List 2.2
2008-08-02 14:15:57         0 d-------- C:\Windows\pss
2008-08-02 13:36:40         0 d-------- C:\Program Files\iPod
2008-08-02 13:36:39         0 d-------- C:\Program Files\iTunes
2008-08-02 13:33:55         0 d-------- C:\Program Files\Safari
2008-08-02 10:57:00         0 d-------- C:\Program Files\Free Registry Cleaner for Vista
2008-07-31 07:30:03         0 d-------- C:\Program Files\OpenOffice.org
2008-07-31 07:30:03         0 d-------- C:\Program Files\OpenOffice.org 3
2008-07-30 20:48:42         0 d-------- C:\Users\All Users\avg8
2008-07-30 20:48:42         0 d-------- C:\Program Files\AVG
2008-07-30 20:43:29         0 d-------- C:\Windows\ro-RO
2008-07-30 20:43:27         0 d-------- C:\Windows\system32\drivers\ro-RO
2008-07-30 20:33:10    353332 --a------ C:\Windows\system32\perfh00D.dat
2008-07-30 20:33:10     69240 --a------ C:\Windows\system32\perfc00D.dat
2008-07-30 20:32:35         0 d-------- C:\Windows\system32\he
2008-07-30 20:32:35         0 d-------- C:\Windows\system32\drivers\he-IL
2008-07-30 20:32:30         0 d-------- C:\Windows\he-IL
2008-07-30 20:21:16    429828 --a------ C:\Windows\system32\perfh00B.dat
2008-07-30 20:21:16     81258 --a------ C:\Windows\system32\perfc00B.dat
2008-07-30 20:20:41         0 d-------- C:\Windows\fi-FI
2008-07-30 20:20:38         0 d-------- C:\Windows\system32\040B
2008-07-30 20:20:37         0 d-------- C:\Windows\system32\fi
2008-07-30 20:20:37         0 d-------- C:\Windows\system32\drivers\fi-FI
2008-07-30 17:03:04         0 d-------- C:\Program Files\f-secure-rescue-cd-release
2008-07-30 17:01:41         0 d-------- C:\Program Files\GDATA-Boot
2008-07-30 07:36:38         0 d-------- C:\Windows\BDOSCAN8
2008-07-28 15:22:47         0 d-------- C:\Windows\Sun
2008-07-28 12:04:38         0 d-------- C:\FilmarchivPro
2008-07-26 23:11:52         0 d-------- C:\Program Files\myiHome
2008-07-26 09:51:28         0 d-------- C:\Program Files\nfsd
2008-07-23 10:12:02         0 d-------- C:\myiHome Library
2008-07-23 10:12:02         0 d-------- C:\My Videos
2008-07-23 10:12:02         0 d-------- C:\My Pictures
2008-07-23 10:12:02         0 d-------- C:\My Music
2008-07-22 23:08:00         0 d-------- C:\RemuxTool
2008-07-22 22:26:09    180224 --a------ C:\Windows\system32\xvidvfw.dll
2008-07-22 22:26:09    765952 --a------ C:\Windows\system32\xvidcore.dll
2008-07-22 22:26:09         0 d-------- C:\Program Files\Xvid
2008-07-22 22:16:36         0 d-------- C:\Program Files\xvidcore-1.1.3
2008-07-22 19:27:19         0 d-------- C:\Program Files\ImgBurn
2008-07-22 17:31:05         0 d-------- C:\Program Files\megui
2008-07-22 17:22:51         0 d-------- C:\Program Files\Matroska Pack
2008-07-22 17:04:03         0 d-------- C:\Program Files\x264
2008-07-21 21:20:58         0 d-------- C:\Users\All Users\VistaCodecs
2008-07-20 11:28:34         0 d-------- C:\Program Files\VideoLAN
2008-07-20 10:57:56         0 d-------- C:\Program Files\MediaInfo
2008-07-18 08:30:45         0 d-------- C:\Program Files\Bonjour
2008-07-18 08:30:21         0 d-------- C:\Program Files\QuickTime
2008-07-18 08:30:20         0 d-------- C:\Users\All Users\Apple Computer
2008-07-18 08:30:10         0 d-------- C:\Program Files\Apple Software Update
2008-07-18 08:29:29         0 d-------- C:\Users\All Users\Apple
2008-07-18 08:29:29         0 d-------- C:\Program Files\Common Files\Apple
2008-07-13 19:01:25         0 d-------- C:\Program Files\RapidSolution Software AG
2008-07-13 15:42:47         0 d-------- C:\Program Files\Common Files\xing shared
2008-07-13 15:42:34         0 d-------- C:\Program Files\Real
2008-07-13 15:42:32         0 d-------- C:\Program Files\Common Files\Real
2008-07-07 15:53:14         0 d-------- C:\Program Files\skins
2008-07-07 10:50:12         0 d--h----- C:\Users\All Users\CanonBJ
2008-07-06 18:12:29         0 d-------- C:\Program Files\Java
2008-07-06 18:12:28         0 d-------- C:\Program Files\Common Files\Java
2008-07-06 13:01:36         0 d-------- C:\Program Files\MSXML 4.0
2008-07-05 13:40:39         0 d-------- C:\Users\All Users\Nero
2008-07-05 13:40:39         0 d-------- C:\Program Files\Common Files\Nero
2008-07-05 13:30:14         0 d-------- C:\Windows\system32\appmgmt
2008-07-05 11:49:34         0 d-------- C:\Users\All Users\Adobe
2008-07-05 11:45:19         0 d-------- C:\Users\All Users\NOS
2008-07-05 11:45:19         0 d-------- C:\Program Files\NOS
2008-07-05 10:16:24         0 d-------- C:\Program Files\phase5
2008-07-05 10:15:04         0 -rahs---- C:\MSDOS.SYS
2008-07-05 10:15:04         0 -rahs---- C:\IO.SYS
2008-07-05 10:12:18         0 d-------- C:\Program Files\Nvu
2008-07-03 19:27:31         0 d-------- C:\Users\All Users\SlySoft
2008-07-03 19:25:10         0 d-------- C:\Program Files\SlySoft
2008-07-03 19:08:07         0 d-------- C:\Users\All Users\IncrediMail
2008-07-03 19:08:07         0 d-------- C:\Users\All Users\IM
2008-07-03 19:08:07         0 d-------- C:\Program Files\IncrediMail
2008-07-03 18:32:51         0 --a------ C:\Windows\nsreg.dat
2008-07-03 18:26:33         0 d-------- C:\Program Files\Synovel Spicebird


-- Find3M Report ---------------------------------------------------------------

2008-08-02 14:31:02    655756 --a------ C:\Windows\system32\perfh010.dat
2008-08-02 14:31:02    661898 --a------ C:\Windows\system32\perfh00C.dat
2008-08-02 14:31:02    621702 --a------ C:\Windows\system32\perfh007.dat
2008-08-02 14:31:02    120396 --a------ C:\Windows\system32\perfc010.dat
2008-08-02 14:31:02    123622 --a------ C:\Windows\system32\perfc00C.dat
2008-08-02 14:31:02    123646 --a------ C:\Windows\system32\perfc007.dat
2008-08-02 13:42:34         0 d-------- C:\Users\babelfisch\AppData\Roaming\Apple Computer
2008-08-02 13:23:26         0 d-------- C:\Users\babelfisch\AppData\Roaming\OpenOffice.org3
2008-08-02 13:22:48         0 d-------- C:\Program Files\Steam
2008-07-30 20:43:29         0 d-------- C:\Program Files\Windows Sidebar
2008-07-30 20:43:29         0 d-------- C:\Program Files\Windows Photo Gallery
2008-07-30 20:43:29         0 d-------- C:\Program Files\Windows Mail
2008-07-30 20:43:29         0 d-------- C:\Program Files\Windows Journal
2008-07-30 20:43:29         0 d-------- C:\Program Files\Windows Defender
2008-07-30 20:43:29         0 d-------- C:\Program Files\Windows Collaboration
2008-07-30 20:43:29         0 d-------- C:\Program Files\Windows Calendar
2008-07-30 20:43:29         0 d-------- C:\Program Files\Movie Maker
2008-07-29 21:35:47         0 d--h----- C:\Users\babelfisch\AppData\Roaming\m
2008-07-29 21:34:02         0 d-------- C:\Program Files\Common Files
2008-07-29 20:37:17         0 d-------- C:\Program Files\Common Files\LightScribe
2008-07-28 12:38:12         0 d-------- C:\Users\babelfisch\AppData\Roaming\FileZilla
2008-07-28 12:26:59         0 d-------- C:\Users\babelfisch\AppData\Roaming\Thinstall
2008-07-28 12:05:44    161076 --a------ C:\Program Files\FilmarchivPro.rar
2008-07-22 19:35:46         0 d-------- C:\Users\babelfisch\AppData\Roaming\ImgBurn
2008-07-20 11:35:19         0 d-------- C:\Users\babelfisch\AppData\Roaming\vlc
2008-07-20 10:58:36         0 d-------- C:\Users\babelfisch\AppData\Roaming\Real
2008-07-18 13:41:27         0 d-------- C:\Program Files\Common Files\Steam
2008-07-05 13:42:47         0 d-------- C:\Users\babelfisch\AppData\Roaming\Nero
2008-07-05 13:40:39         0 d-------- C:\Program Files\Nero
2008-07-05 13:29:56         0 d-------- C:\Program Files\Common Files\Ahead
2008-07-05 13:29:23         0 d-------- C:\Users\babelfisch\AppData\Roaming\Ahead
2008-07-05 11:50:53         0 d-------- C:\Users\babelfisch\AppData\Roaming\Adobe
2008-07-05 11:49:51         0 d-------- C:\Program Files\Common Files\Adobe
2008-07-05 10:12:22         0 d-------- C:\Users\babelfisch\AppData\Roaming\Nvu
2008-07-03 18:32:51         0 d-------- C:\Users\babelfisch\AppData\Roaming\Thunderbird
2008-07-03 18:32:51         0 d-------- C:\Users\babelfisch\AppData\Roaming\Mozilla
2008-07-03 18:26:38         0 d-------- C:\Users\babelfisch\AppData\Roaming\Spicebird
2008-06-29 16:43:48       174 --ahs---- C:\Program Files\desktop.ini
2008-06-27 13:04:28         0 d-------- C:\Program Files\Smart Projects
2008-06-27 11:51:53         0 d-------- C:\Program Files\IrfanView
2008-06-27 11:50:41         0 d-------- C:\Program Files\Plugins
2008-06-27 11:48:25         0 d-------- C:\Program Files\DVD Shrink
2008-06-27 11:43:41         0 d-------- C:\Program Files\GIMP-2.0
2008-06-27 11:39:18         0 d-------- C:\Users\babelfisch\AppData\Roaming\WinRAR
2008-06-26 23:05:04      3072 --a------ C:\Windows\checkip.dat
2008-06-26 18:37:33         0 d-------- C:\Program Files\Alwil Software
2008-06-26 15:27:53         0 d-------- C:\Users\babelfisch\AppData\Roaming\Macromedia
2008-06-25 16:31:05         0 d-------- C:\Users\babelfisch\AppData\Roaming\Logitech
2008-06-25 16:13:40         0 d-------- C:\Program Files\Common Files\Logitech
2008-06-25 16:13:27         0 d-------- C:\Program Files\Logitech
2008-06-25 16:13:24         0 d--h----- C:\Program Files\InstallShield Installation Information
2008-06-25 16:13:19         0 d-------- C:\Users\babelfisch\AppData\Roaming\InstallShield
2008-06-25 16:06:58         0 d-------- C:\Users\babelfisch\AppData\Roaming\Identities
2008-06-25 16:00:19         0 d-------- C:\Program Files\Windows NT
2008-06-25 16:00:19         0 d--hs---- C:\Program Files\Gemeinsame Dateien


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
11.06.2008 22:33	75128	--a------	C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [19.01.2008 09:38]
"RtHDVCpl"="RtHDVCpl.exe" [19.09.2007 08:50 C:\Windows\RtHDVCpl.exe]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [24.03.2008 19:52]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [24.03.2008 19:52]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [11.04.2007 15:32 C:\Windows\KHALMNPR.Exe]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [12.06.2008 02:38]
"NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [18.02.2008 17:29]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [10.06.2008 04:27]
"TkBellExe"="realsched.exe" []

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [19.01.2008 09:33]
"WindowsWelcomeCenter"="oobefldr.dll,ShowWelcomeCenter" []
"LightScribe Control Panel"="C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe" [19.04.2007 13:26]
"IncrediMail"="C:\Program Files\IncrediMail\bin\IncMail.exe" [12.06.2008 13:49]
"AnyDVD"="C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe" [01.08.2008 15:32]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [19.01.2008 09:33]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [19.01.2008 09:33]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"IncrediMail"=C:\Program Files\IncrediMail\bin\IncMail.exe /c

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [25.06.2008 16:13:36]
myiHome Server.lnk - C:\Program Files\myiHome\app\myiHome-server.exe [26.07.2008 23:11:54]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"=2 (0x2)
"EnableUIADesktopToggle"=0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
@="IEEE 1394 Bus host controllers"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
@="SBP2 IEEE 1394 Devices"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
@="SecurityDevices"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^babelfisch^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.0.lnk]
path=C:\Users\babelfisch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk
backup=C:\Windows\pss\OpenOffice.org 3.0.lnk.Startup
backupExtension=.Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
"C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
"C:\Program Files\iTunes\iTunesHelper.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\QTTask.exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
"C:\Program Files\Steam\Steam.exe" -silent

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalService	nsi lltdsvc SSDPSRV upnphost SCardSvr w32time EventSystem RemoteRegistry WinHttpAutoProxySvc lanmanworkstation TBS SLUINotify THREADORDER fdrespub netprofm fdphost wcncsvc QWAVE Mcx2Svc WebClient SstpSvc
GPSvcGroup	GPSvc


[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
C:\Windows\system32\unregmp2.exe /ShowWMP

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"C:\Program Files\Common Files\LightScribe\LSRunOnce.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
%SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI



-- End of Deckard's System Scanner: finished at 2008-08-03 12:53:43 ------------
         

Alt 03.08.2008, 12:54   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Vista. Kann kein Antivirenprogramm meh installieren - Frage

Vista. Kann kein Antivirenprogramm meh installieren



Und das extra.log?
Da sind einige merkwürdige Ordner im Windowsverzeichnis, mach mal bitte einen Durchlauf mit
ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Lade dir das Tool hier herunter auf den Desktop -> KLICK
Das Programm jedoch noch nicht starten sondern zuerst folgendes tun:
  • Schliesse alle Anwendungen und Programme, vor allem deine Antiviren-Software und andere Hintergrundwächter, sowie deinen Internetbrowser.
    Vermeide es auch explizit während das Combofix läuft die Maus und Tastatur zu benutzen.
  • Starte nun die combofix.exe von deinem Desktop aus, bestätige die Warnmeldungen und lass dein System durchsuchen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte abkopieren und in deinen Beitrag einfügen. Das log findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.
Hinweis: Combofix verhindert die Autostart Funktion aller CD / DVD und USB - Laufwerken um so eine Verbeitung einzudämmen. Wenn es hierdurch zu Problemen kommt, diese im Thread posten.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 03.08.2008, 20:24   #9
Babelfisch
 
Vista. Kann kein Antivirenprogramm meh installieren - Standard

Vista. Kann kein Antivirenprogramm meh installieren



Also....habe versucht Combi Fix runterzuladen. Geht nicht. Bekam eine Fehlermeldung das ich nicht berechtigt sei, obwohl ich als Admin angemeldet bin (geht nicht mehr lange und ich hol mir wieder XP...schei...Vista...oder Typen die nicht damit umgehen können :-)

Auf jeden Fall hab ichs nochmal versucht und plötzlich krieg ich kann ich nicht mal mehr den download aufrufen. Ich erhalt ne Fehlerseite: Forbidden 403.

Es stzellt sich mir die Frage ob Neuaufsetzen nicht weniger Arbeitsintensiv wär.

Den CCleaner hab ich durchlaufen lassen.

Herzlichen Dank übrigens für deine Mühe :-)

Alt 04.08.2008, 11:54   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Vista. Kann kein Antivirenprogramm meh installieren - Blinzeln

Vista. Kann kein Antivirenprogramm meh installieren



Mußt Du wissen. Ein Neuaufsetzen löst mit einem Schlag die Malwareprobleme.
Du kannst es allerdings nochmal mit combofix probieren, beende alle Programme vorher und führ es dann mal über ein Rechtsklick, "als Administartor ausführen" aus.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 18.08.2009, 09:48   #11
Lone342
 
Vista. Kann kein Antivirenprogramm meh installieren - Unglücklich

Vista. Kann kein Antivirenprogramm meh installieren



Hallo, ich hätte eine Frage an Babelfisch:
Wie hast du die Updates wieder zum laufen gebracht ? Denn ich kann bei mir auch keine Updates mehr installieren
Fehler: Code8000FFFF
Ich habe auchnoch ein Bild auf meine Hompage geladen damit es übersichtlicher ist:
http://ceadapvp.npage.de/updatefehle...ng_661535.html

Geändert von Lone342 (18.08.2009 um 09:59 Uhr)

Antwort

Themen zu Vista. Kann kein Antivirenprogramm meh installieren
abgesicherten modus, adobe, antivirus, avast, avast antivirus, avg, bho, content.ie5, defender, dll, explorer, firewall, gigabyte, gservice, hkus\s-1-5-18, installation, internet, internet explorer, microsoft, nvidia, object, problem, programm, programme, rundll, software, starten, system, vista, vista32, windows, windows defender, windows sidebar, wmp



Ähnliche Themen: Vista. Kann kein Antivirenprogramm meh installieren


  1. Kann kein Antivirus-Programm installieren!
    Plagegeister aller Art und deren Bekämpfung - 23.04.2014 (3)
  2. Win Vista - kann kein SP2 installieren
    Alles rund um Windows - 02.04.2014 (12)
  3. Windows Vista, Trojanerbefall Win32/Kryptik.BXAT trojan Antivirenprogramm kann nicht mehr gestartet werden
    Log-Analyse und Auswertung - 28.03.2014 (19)
  4. Kann kein Antivierenprogramm installieren!
    Plagegeister aller Art und deren Bekämpfung - 20.10.2012 (1)
  5. Laptop lässt mich kein Antivirenprogramm installieren - Installation fehlgeschlagen!
    Antiviren-, Firewall- und andere Schutzprogramme - 26.12.2011 (6)
  6. HILFE Kann kein Antivirus Programm installieren
    Log-Analyse und Auswertung - 13.08.2009 (0)
  7. Es funzt kein Antivirenprogramm mehr!!!
    Plagegeister aller Art und deren Bekämpfung - 17.03.2009 (39)
  8. Keine Updates, kann kein Ad-aware oder Spybot installieren, Browser funktioniert kaum
    Log-Analyse und Auswertung - 16.02.2009 (8)
  9. Kann ich Vista nach Virus parallel installieren?
    Plagegeister aller Art und deren Bekämpfung - 04.09.2008 (1)
  10. Kann kein Antivirenprogramm wie Avira oder Avast installieren
    Log-Analyse und Auswertung - 04.08.2008 (3)
  11. Kann kein Anti Wir / Windos Updates mehr installieren
    Log-Analyse und Auswertung - 01.06.2008 (11)
  12. Kann kein Antivirus Programm mehr Installieren
    Log-Analyse und Auswertung - 06.12.2007 (3)
  13. ich kann kein gar kein antivirus software installieren ???
    Log-Analyse und Auswertung - 24.11.2007 (2)
  14. Kann kein Antivirus-Programm installieren
    Plagegeister aller Art und deren Bekämpfung - 19.11.2007 (1)
  15. Kann kein Virus Programm mehr installieren.
    Log-Analyse und Auswertung - 12.11.2007 (7)
  16. Großes Problem!kann nichts mehr updaten!kein antivir installieren usw.
    Plagegeister aller Art und deren Bekämpfung - 08.11.2007 (10)
  17. DRINGEND!!!kann kein Antivirenprogramm mehr installieren
    Log-Analyse und Auswertung - 04.09.2007 (3)

Zum Thema Vista. Kann kein Antivirenprogramm meh installieren - Hi Leutz. BS ist Vista32 Ultimate. Ergo, ich hatte mir einen Virus/Trojaner..? eingefangen, der mir mein Avast Antivirus zerschossen hat. Ausserdem hat er mir die Firewall, die Updatefunktion und den - Vista. Kann kein Antivirenprogramm meh installieren...
Archiv
Du betrachtest: Vista. Kann kein Antivirenprogramm meh installieren auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.