| |
| |||||||
Log-Analyse und Auswertung: Vista 64 problemWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
10.01.2010, 09:10
| #1 |
| |  Vista 64 problem Moin. Habe Seit längeren Probleme mit meinen Rechner.Die Tastatur spinnt groß und klein. Fenster werden immer neue geöffnet statt tabs zu nehmen.Auf dem Deskt verändern sich die symbole(sie werden Kleiner und die schrift darunter auch).Man kann mit der Maus nicht einen Ordner(programm) öffnen ohne das mehere Fenster (ordner) sich Öffnen. Und das Beste ist wenn ich Ad-Ware oder Spybot laufen lasse ist es weg.Bitte um Hilfe |
|
10.01.2010, 14:43
| #2 |
| | Vista 64 problemCode:
ATTFilter Logfile of Trend Micro HijackThis v2.0.3 (BETA) Scan saved at 13:44:54, on 10.01.2010 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18349) Boot mode: Normal Running processes: C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe C:\Program Files (x86)\Java\jre6\bin\jusched.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Skype\Toolbars\Shared\SkypeNames.exe C:\Program Files (x86)\TrendMicro\HiJackThis\HiJackThis.exe C:\Windows\SysWOW64\DllHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe" O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll O13 - Gopher Prefix: O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 6167 bytes |
|
10.01.2010, 15:56
| #3 |
| | Vista 64 problemCode:
ATTFilter Gratuliere!: Es wurden keine Spione gefunden. (Status)
--- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---
2009-01-26 blindman.exe (1.0.0.8)
2009-01-26 SDFiles.exe (1.6.1.7)
2009-01-26 SDMain.exe (1.0.0.6)
2009-01-26 SDShred.exe (1.0.2.5)
2009-01-26 SDUpdate.exe (1.6.0.12)
2009-01-26 SDWinSec.exe (1.0.0.12)
2009-01-26 SpybotSD.exe (1.6.2.46)
2009-01-26 TeaTimer.exe (1.6.4.26)
2010-01-09 unins000.exe (51.49.0.0)
2009-01-26 Update.exe (1.6.0.7)
2009-01-26 advcheck.dll (1.6.2.15)
2007-04-02 aports.dll (2.1.0.0)
2008-06-14 DelZip179.dll (1.79.11.1)
2009-01-26 SDHelper.dll (1.6.2.14)
2008-06-19 sqlite3.dll
2009-01-26 Tools.dll (2.1.6.10)
2009-01-16 UninsSrv.dll (1.0.0.0)
2009-10-08 Includes\Adware.sbi (*)
2010-01-05 Includes\AdwareC.sbi (*)
2009-01-22 Includes\Cookies.sbi (*)
2009-11-03 Includes\Dialer.sbi (*)
2010-01-05 Includes\DialerC.sbi (*)
2009-01-22 Includes\HeavyDuty.sbi (*)
2009-05-26 Includes\Hijackers.sbi (*)
2010-01-05 Includes\HijackersC.sbi (*)
2009-12-15 Includes\Keyloggers.sbi (*)
2010-01-05 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2009-12-30 Includes\Malware.sbi (*)
2010-01-05 Includes\MalwareC.sbi (*)
2009-03-25 Includes\PUPS.sbi (*)
2010-01-05 Includes\PUPSC.sbi (*)
2009-01-22 Includes\Revision.sbi (*)
2009-01-13 Includes\Security.sbi (*)
2010-01-05 Includes\SecurityC.sbi (*)
2008-06-03 Includes\Spybots.sbi (*)
2008-06-03 Includes\SpybotsC.sbi (*)
2009-11-03 Includes\Spyware.sbi (*)
2010-01-05 Includes\SpywareC.sbi (*)
2009-06-08 Includes\Tracks.uti
2009-12-08 Includes\Trojans.sbi (*)
2010-01-05 Includes\TrojansC.sbi (*)
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll
Code:
ATTFilter Logfile created: 10.01.2010 15:57:55
Lavasoft Ad-Aware version: 8.1.3
User performing scan: XXX
*********************** Definitions database information ***********************
Lavasoft definition file: 149.128
Genotype definition file version: 2010/01/07 15:41:05
******************************** Scan results: *********************************
Scan profile name: Intelligenter Scan (ID: smart)
Objects scanned: 69720
Objects detected: 0
Type Detected
==========================
Processes.......: 0
Registry entries: 0
Hostfile entries: 0
Files...........: 0
Folders.........: 0
LSPs............: 0
Cookies.........: 0
Browser hijacks.: 0
MRU objects.....: 0
Scan and cleaning complete: Finished correctly after 374 seconds
*********************************** Settings ***********************************
Scan profile:
ID: smart, enabled:1, value: Intelligenter Scan
ID: folderstoscan, enabled:1, value:
ID: useantivirus, enabled:1, value: true
ID: sections, enabled:1
ID: scancriticalareas, enabled:1, value: true
ID: scanrunningapps, enabled:1, value: true
ID: scanregistry, enabled:1, value: true
ID: scanlsp, enabled:1, value: true
ID: scanads, enabled:1, value: false
ID: scanhostsfile, enabled:1, value: false
ID: scanmru, enabled:1, value: false
ID: scanbrowserhijacks, enabled:1, value: true
ID: scantrackingcookies, enabled:1, value: true
ID: closebrowsers, enabled:1, value: false
ID: filescanningoptions, enabled:1
ID: archives, enabled:1, value: false
ID: onlyexecutables, enabled:1, value: true
ID: skiplargerthan, enabled:1, value: 20480
ID: scanrootkits, enabled:1, value: true
ID: rootkitlevel, enabled:1, value: mild, domain: medium,mild,strict
ID: usespywareheuristics, enabled:1, value: true
Scan global:
ID: global, enabled:1
ID: addtocontextmenu, enabled:1, value: true
ID: playsoundoninfection, enabled:1, value: false
ID: soundfile, enabled:0, value: *to be filled in automatically*\alert.wav
Scheduled scan settings:
<Empty>
Update settings:
ID: updates, enabled:1
ID: launchthreatworksafterscan, enabled:1, value: off, domain: normal,off,silently
ID: deffiles, enabled:1, value: downloadandinstall, domain: dontcheck,downloadandinstall
ID: licenseandinfo, enabled:1, value: downloadandinstall, domain: dontcheck,downloadandinstall
ID: schedules, enabled:1, value: true
ID: updatedaily1, enabled:1, value: Daily 1
ID: time, enabled:1, value: Sat Jan 09 20:13:00 2010
ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly
ID: weekdays, enabled:1
ID: monday, enabled:1, value: false
ID: tuesday, enabled:1, value: false
ID: wednesday, enabled:1, value: false
ID: thursday, enabled:1, value: false
ID: friday, enabled:1, value: false
ID: saturday, enabled:1, value: false
ID: sunday, enabled:1, value: false
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
ID: scanprofile, enabled:1, value:
ID: auto_deal_with_infections, enabled:1, value: false
ID: updatedaily2, enabled:1, value: Daily 2
ID: time, enabled:1, value: Sat Jan 09 02:13:00 2010
ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly
ID: weekdays, enabled:1
ID: monday, enabled:1, value: false
ID: tuesday, enabled:1, value: false
ID: wednesday, enabled:1, value: false
ID: thursday, enabled:1, value: false
ID: friday, enabled:1, value: false
ID: saturday, enabled:1, value: false
ID: sunday, enabled:1, value: false
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
ID: scanprofile, enabled:1, value:
ID: auto_deal_with_infections, enabled:1, value: false
ID: updatedaily3, enabled:1, value: Daily 3
ID: time, enabled:1, value: Sat Jan 09 08:13:00 2010
ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly
ID: weekdays, enabled:1
ID: monday, enabled:1, value: false
ID: tuesday, enabled:1, value: false
ID: wednesday, enabled:1, value: false
ID: thursday, enabled:1, value: false
ID: friday, enabled:1, value: false
ID: saturday, enabled:1, value: false
ID: sunday, enabled:1, value: false
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
ID: scanprofile, enabled:1, value:
ID: auto_deal_with_infections, enabled:1, value: false
ID: updatedaily4, enabled:1, value: Daily 4
ID: time, enabled:1, value: Sat Jan 09 14:13:00 2010
ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly
ID: weekdays, enabled:1
ID: monday, enabled:1, value: false
ID: tuesday, enabled:1, value: false
ID: wednesday, enabled:1, value: false
ID: thursday, enabled:1, value: false
ID: friday, enabled:1, value: false
ID: saturday, enabled:1, value: false
ID: sunday, enabled:1, value: false
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
ID: scanprofile, enabled:1, value:
ID: auto_deal_with_infections, enabled:1, value: false
ID: updateweekly1, enabled:1, value: Weekly
ID: time, enabled:1, value: Sat Jan 09 20:13:00 2010
ID: frequency, enabled:1, value: weekly, domain: daily,monthly,once,systemstart,weekly
ID: weekdays, enabled:1
ID: monday, enabled:1, value: false
ID: tuesday, enabled:1, value: true
ID: wednesday, enabled:1, value: false
ID: thursday, enabled:1, value: false
ID: friday, enabled:1, value: false
ID: saturday, enabled:1, value: true
ID: sunday, enabled:1, value: false
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
ID: scanprofile, enabled:1, value:
ID: auto_deal_with_infections, enabled:1, value: false
Appearance settings:
ID: appearance, enabled:1
ID: skin, enabled:1, value: default.egl, reglocation: HKEY_LOCAL_MACHINE\SOFTWARE\Lavasoft\Ad-Aware\Resource
ID: showtrayicon, enabled:1, value: true
ID: autoentertainmentmode, enabled:1, value: true
ID: guimode, enabled:1, value: mode_simple, domain: mode_advanced,mode_simple
ID: language, enabled:1, value: de, reglocation: HKEY_LOCAL_MACHINE\SOFTWARE\Lavasoft\Ad-Aware\Language
Realtime protection settings:
ID: realtime, enabled:1
ID: modules, enabled:1
ID: processprotection, enabled:1, value: true
ID: registryprotection, enabled:1, value: true
ID: networkprotection, enabled:1, value: true
ID: layers, enabled:1
ID: useantivirus, enabled:1, value: true
ID: usespywareheuristics, enabled:1, value: true
ID: infomessages, enabled:1, value: onlyimportant, domain: display,dontnotify,onlyimportant
****************************** System information ******************************
Computer name: ZUHAUSE
Processor name: AMD Athlon(tm) 64 X2 Dual Core Processor 6000+
Processor identifier: AMD64 Family 15 Model 67 Stepping 3
Processor speed: ~2984MHZ
Raw info: processorarchitecture 9, processortype 8664, processorlevel 15, processor revision 17155, number of processors 2, processor features: [MMX,SSE,SSE2,SSE3,3DNow]
Physical memory available: 814186496 bytes
Physical memory total: 2145996800 bytes
Virtual memory available: 1941487616 bytes
Virtual memory total: 2147352576 bytes
Memory load: 62%
Microsoft Windows Vista Home Premium Edition, 64-bit Service Pack 1 (build 6001)
Windows startup mode:
Running processes:
PID: 376 name: C:\Windows\System32\smss.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 448 name: C:\Windows\System32\csrss.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 480 name: C:\Windows\System32\wininit.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 500 name: C:\Windows\System32\csrss.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 532 name: C:\Windows\System32\services.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 544 name: C:\Windows\System32\lsass.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 552 name: C:\Windows\System32\lsm.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 596 name: C:\Windows\System32\winlogon.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 748 name: C:\Windows\System32\svchost.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 828 name: C:\Windows\System32\svchost.exe owner: NETZWERKDIENST domain: NT-AUTORITÄT
PID: 864 name: C:\Windows\System32\svchost.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 948 name: C:\Windows\System32\svchost.exe owner: LOKALER DIENST domain: NT-AUTORITÄT
PID: 976 name: C:\Windows\System32\svchost.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 996 name: C:\Windows\System32\svchost.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 412 name: C:\Windows\System32\SLsvc.exe owner: NETZWERKDIENST domain: NT-AUTORITÄT
PID: 924 name: C:\Windows\System32\svchost.exe owner: LOKALER DIENST domain: NT-AUTORITÄT
PID: 1096 name: C:\Windows\System32\svchost.exe owner: NETZWERKDIENST domain: NT-AUTORITÄT
PID: 1180 name: C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 1300 name: C:\Windows\System32\spoolsv.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 1328 name: C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 1340 name: C:\Windows\System32\svchost.exe owner: LOKALER DIENST domain: NT-AUTORITÄT
PID: 1628 name: C:\Windows\System32\taskeng.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 1708 name: C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 1884 name: C:\Windows\System32\svchost.exe owner: NETZWERKDIENST domain: NT-AUTORITÄT
PID: 1904 name: C:\Windows\System32\svchost.exe owner: LOKALER DIENST domain: NT-AUTORITÄT
PID: 1936 name: C:\Windows\System32\svchost.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 1976 name: C:\Windows\System32\SearchIndexer.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 1476 name: C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 2408 name: C:\Windows\System32\wbem\unsecapp.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 2432 name: C:\Windows\System32\wbem\WmiPrvSE.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 2884 name: C:\Windows\System32\taskeng.exe owner: XXX domain: Zuhause
PID: 2936 name: C:\Windows\System32\dwm.exe owner: XXX domain: Zuhause
PID: 2960 name: C:\Windows\explorer.exe owner: XXX domain: Zuhause
PID: 2548 name: C:\Program Files\Windows Defender\MSASCui.exe owner: XXX domain: Zuhause
PID: 2556 name: C:\Program Files\Windows Sidebar\sidebar.exe owner: XXX domain: Zuhause
PID: 1580 name: C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe owner: XXX domain: Zuhause
PID: 2724 name: C:\Program Files (x86)\Skype\Phone\Skype.exe owner: XXX domain: Zuhause
PID: 2520 name: C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe owner: XXX domain: Zuhause
PID: 908 name: C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe owner: XXX domain: Zuhause
PID: 308 name: C:\Program Files (x86)\Java\jre6\bin\jusched.exe owner: XXX domain: Zuhause
PID: 256 name: C:\Program Files\Windows Sidebar\sidebar.exe owner: XXX domain: Zuhause
PID: 3924 name: C:\Windows\System32\wuauclt.exe owner: XXX domain: Zuhause
PID: 2144 name: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe owner: XXX domain: Zuhause
PID: 2952 name: C:\Windows\servicing\TrustedInstaller.exe owner: SYSTEM domain: NT-AUTORITÄT
PID: 3488 name: C:\Program Files (x86)\Mozilla Firefox\firefox.exe owner: xxx domain: Zuhause
PID: 3520 name: C:\Program Files (x86)\Skype\Toolbars\Shared\SkypeNames.exe owner: xXX domain: Zuhause
PID: 3496 name: C:\Windows\System32\taskeng.exe owner: LOKALER DIENST domain: NT-AUTORITÄT
PID: 3908 name: C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-Aware.exe owner: XXX domain: Zuhause
Startup items:
Name: WebCheck
imagepath: {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
Name: {8C7461EF-2B13-11d2-BE35-3078302C2030}
imagepath: Component Categories cache daemon
Name: avgnt
imagepath: "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
Name: Adobe Reader Speed Launcher
imagepath: "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
Name: Adobe ARM
imagepath: "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
Name: SunJavaUpdateSched
imagepath: "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
Name:
imagepath: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
Bootexecute items:
Name:
imagepath: autocheck autochk *
Name:
imagepath: lsdelete
Running services:
Name: AeLookupSvc
displayname: Anwendungserfahrung
Name: AntiVirSchedulerService
displayname: Avira AntiVir Planer
Name: AntiVirService
displayname: Avira AntiVir Guard
Name: Appinfo
displayname: Anwendungsinformationen
Name: AudioEndpointBuilder
displayname: Windows-Audio-Endpunkterstellung
Name: AudioSrv
displayname: Windows-Audio
Name: BFE
displayname: Basisfiltermodul
Name: BITS
displayname: Intelligenter Hintergrundübertragungsdienst
Name: Browser
displayname: Computerbrowser
Name: CryptSvc
displayname: Kryptografiedienste
Name: DcomLaunch
displayname: DCOM-Server-Prozessstart
Name: Dhcp
displayname: DHCP-Client
Name: Dnscache
displayname: DNS-Client
Name: DPS
displayname: Diagnoserichtliniendienst
Name: EMDMgmt
displayname: ReadyBoost
Name: Eventlog
displayname: Windows-Ereignisprotokoll
Name: EventSystem
displayname: COM+-Ereignissystem
Name: fdPHost
displayname: Funktionssuchanbieter-Host
Name: FDResPub
displayname: Funktionssuche-Ressourcenveröffentlichung
Name: gpsvc
displayname: Gruppenrichtlinienclient
Name: IKEEXT
displayname: IKE- und AuthIP IPsec-Schlüsselerstellungsmodule
Name: iphlpsvc
displayname: IP-Hilfsdienst
Name: KtmRm
displayname: KtmRm für Distributed Transaction Coordinator
Name: LanmanServer
displayname: Server
Name: LanmanWorkstation
displayname: Arbeitsstationsdienst
Name: Lavasoft Ad-Aware Service
displayname: Lavasoft Ad-Aware Service
Name: lmhosts
displayname: TCP/IP-NetBIOS-Hilfsdienst
Name: MMCSS
displayname: Multimediaklassenplaner
Name: MpsSvc
displayname: Windows-Firewall
Name: Netman
displayname: Netzwerkverbindungen
Name: netprofm
displayname: Netzwerklistendienst
Name: NlaSvc
displayname: NLA (Network Location Awareness)
Name: nsi
displayname: Netzwerkspeicher-Schnittstellendienst
Name: PcaSvc
displayname: Programmkompatibilitäts-Assistent-Dienst
Name: PlugPlay
displayname: Plug & Play
Name: PolicyAgent
displayname: IPsec-Richtlinien-Agent
Name: ProfSvc
displayname: Benutzerprofildienst
Name: ProtectedStorage
displayname: Geschützter Speicher
Name: RasMan
displayname: RAS-Verbindungsverwaltung
Name: RpcSs
displayname: Remoteprozeduraufruf (RPC)
Name: SamSs
displayname: Sicherheitskonto-Manager
Name: SBSDWSCService
displayname: SBSD Security Center Service
Name: Schedule
displayname: Aufgabenplanung
Name: seclogon
displayname: Sekundäre Anmeldung
Name: SENS
displayname: Benachrichtigungsdienst für Systemereignisse
Name: ShellHWDetection
displayname: Shellhardwareerkennung
Name: slsvc
displayname: Softwarelizenzierung
Name: SLUINotify
displayname: SL-Benutzerschnittstellen-Benachrichtigungsdienst
Name: Spooler
displayname: Druckwarteschlange
Name: SSDPSRV
displayname: SSDP-Suche
Name: SstpSvc
displayname: SSTP-Dienst
Name: stisvc
displayname: Windows-Bilderfassung
Name: SysMain
displayname: Superfetch
Name: TabletInputService
displayname: Tablet PC-Eingabedienst
Name: TapiSrv
displayname: Telefonie
Name: TermService
displayname: Terminaldienste
Name: Themes
displayname: Designs
Name: TrkWks
displayname: Überwachung verteilter Verknüpfungen (Client)
Name: TrustedInstaller
displayname: Windows Modules Installer
Name: upnphost
displayname: UPnP-Gerätehost
Name: UxSms
displayname: Sitzungs-Manager für Desktopfenster-Manager
Name: W32Time
displayname: Windows-Zeitgeber
Name: WdiSystemHost
displayname: Diagnosesystemhost
Name: WebClient
displayname: WebClient
Name: WerSvc
displayname: Windows-Fehlerberichterstattungsdienst
Name: WinDefend
displayname: Windows-Defender
Name: Winmgmt
displayname: Windows-Verwaltungsinstrumentation
Name: WPDBusEnum
displayname: Enumeratordienst für tragbare Geräte
Name: wscsvc
displayname: Sicherheitscenter
Name: WSearch
displayname: Windows Search
Name: wuauserv
displayname: Windows Update
Code:
ATTFilter Malwarebytes' Anti-Malware 1.44
Datenbank Version: 3533
Windows 6.0.6001 Service Pack 1
Internet Explorer 7.0.6001.18000
10.01.2010 16:13:55
mbam-log-2010-01-10 (16-13-55).txt
Scan-Methode: Vollständiger Scan (C:\|D:\|)
Durchsuchte Objekte: 502614
Laufzeit: 1 hour(s), 39 minute(s), 32 second(s)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
Code:
ATTFilter Logfile of random's system information tool 1.06 (written by random/random) Run by XXX at 2010-01-10 16:15:47 Microsoft® Windows Vista™ Home Premium Service Pack 1 System drive C: has 346 GB (73%) free of 477 GB Total RAM: 2047 MB (34% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:15:56, on 10.01.2010 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18349) Boot mode: Normal Running processes: C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe C:\Program Files (x86)\Java\jre6\bin\jusched.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Skype\Toolbars\Shared\SkypeNames.exe C:\Windows\SysWOW64\NOTEPAD.EXE C:\Windows\SysWOW64\NOTEPAD.EXE C:\Users\XXX\Downloads\RSIT.exe C:\Program Files (x86)\trend micro\XXX.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe" O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST') O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll O13 - Gopher Prefix: O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 6364 bytes ======Scheduled tasks folder====== C:\Windows\tasks\Ad-Aware Update (Daily 1).job C:\Windows\tasks\Ad-Aware Update (Daily 2).job C:\Windows\tasks\Ad-Aware Update (Daily 3).job C:\Windows\tasks\Ad-Aware Update (Daily 4).job C:\Windows\tasks\Ad-Aware Update (Weekly).job C:\Windows\tasks\User_Feed_Synchronization-{DCA1610F-A164-4C62-B4C2-220934965CDE}.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153] "Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696] "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288] "SunJavaUpdateSched"=C:\Program Files (x86)\Java\jre6\bin\jusched.exe [2009-10-11 149280] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-21 1555968] "SpybotSD TeaTimer"=C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2009-01-26 2144088] "Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2009-10-09 25623336] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"= "NoActiveDesktopChanges"= "ForceActiveDesktopOn"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] ======List of files/folders created in the last 1 months====== 2010-01-10 10:57:15 ----D---- C:\Program Files (x86)\CCleaner 2010-01-10 10:38:51 ----D---- C:\Program Files (x86)\trend micro 2010-01-10 10:38:47 ----D---- C:\rsit 2010-01-10 10:35:39 ----D---- C:\Users\XXX\AppData\Roaming\Malwarebytes 2010-01-10 10:35:16 ----D---- C:\ProgramData\Malwarebytes 2010-01-10 10:35:14 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2010-01-10 10:05:17 ----A---- C:\Windows\system32\jscript.dll 2010-01-10 10:05:15 ----A---- C:\Windows\explorer.exe 2010-01-10 10:05:14 ----A---- C:\Windows\system32\explorer.exe 2010-01-10 10:05:11 ----A---- C:\Windows\system32\WMVCORE.DLL 2010-01-10 10:05:10 ----A---- C:\Windows\system32\mf.dll 2010-01-10 10:05:05 ----A---- C:\Windows\system32\wdigest.dll 2010-01-10 10:05:05 ----A---- C:\Windows\system32\secur32.dll 2010-01-10 10:05:05 ----A---- C:\Windows\system32\msv1_0.dll 2010-01-10 10:05:02 ----A---- C:\Windows\system32\atl.dll 2010-01-10 10:04:58 ----A---- C:\Windows\system32\t2embed.dll 2010-01-10 10:04:58 ----A---- C:\Windows\system32\fontsub.dll 2010-01-10 10:04:58 ----A---- C:\Windows\system32\dciman32.dll 2010-01-10 10:04:58 ----A---- C:\Windows\system32\atmfd.dll 2010-01-10 10:04:50 ----A---- C:\Windows\system32\netiohlp.dll 2010-01-10 10:04:49 ----A---- C:\Windows\system32\TCPSVCS.EXE 2010-01-10 10:04:49 ----A---- C:\Windows\system32\ROUTE.EXE 2010-01-10 10:04:49 ----A---- C:\Windows\system32\NETSTAT.EXE 2010-01-10 10:04:49 ----A---- C:\Windows\system32\MRINFO.EXE 2010-01-10 10:04:49 ----A---- C:\Windows\system32\HOSTNAME.EXE 2010-01-10 10:04:49 ----A---- C:\Windows\system32\finger.exe 2010-01-10 10:04:49 ----A---- C:\Windows\system32\ARP.EXE 2010-01-10 10:04:48 ----A---- C:\Windows\system32\netevent.dll 2010-01-10 10:04:08 ----A---- C:\Windows\system32\WMNetMgr.dll 2010-01-10 10:04:08 ----A---- C:\Windows\system32\logagent.exe 2010-01-10 10:03:54 ----A---- C:\Windows\system32\dataclen.dll 2010-01-10 10:03:52 ----A---- C:\Windows\system32\msasn1.dll 2010-01-10 10:03:43 ----A---- C:\Windows\system32\msdtcprx.dll 2010-01-10 10:03:42 ----A---- C:\Windows\system32\xolehlp.dll 2010-01-10 10:03:37 ----A---- C:\Windows\system32\avifil32.dll 2010-01-10 10:03:25 ----A---- C:\Windows\system32\wmpdxm.dll 2010-01-10 10:03:13 ----A---- C:\Windows\system32\shell32.dll 2010-01-10 10:03:01 ----A---- C:\Windows\system32\Faultrep.dll 2010-01-10 09:50:38 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll 2010-01-10 09:50:37 ----A---- C:\Windows\system32\WindowsCodecsExt.dll 2010-01-10 09:50:37 ----A---- C:\Windows\system32\WindowsCodecs.dll 2010-01-10 09:50:31 ----A---- C:\Windows\system32\wlansec.dll 2010-01-10 09:50:31 ----A---- C:\Windows\system32\wlanmsm.dll 2010-01-10 09:50:31 ----A---- C:\Windows\system32\L2SecHC.dll 2010-01-10 08:04:20 ----D---- C:\Program Files (x86)\TrendMicro 2010-01-09 21:14:07 ----D---- C:\ProgramData\Google 2010-01-09 20:31:21 ----A---- C:\Windows\system32\javaws.exe 2010-01-09 20:31:21 ----A---- C:\Windows\system32\javaw.exe 2010-01-09 20:31:21 ----A---- C:\Windows\system32\java.exe 2010-01-09 20:09:01 ----HDC---- C:\ProgramData\{BC9FCCF7-E686-494B-8C9B-55C9A39A7CA9} 2010-01-09 20:09:01 ----D---- C:\Program Files (x86)\Google 2010-01-09 20:08:49 ----D---- C:\ProgramData\Lavasoft 2010-01-09 20:08:49 ----D---- C:\Program Files (x86)\Lavasoft 2010-01-09 19:54:56 ----D---- C:\Program Files (x86)\JRE 2010-01-09 19:54:18 ----D---- C:\Program Files (x86)\OpenOffice.org 3 2010-01-09 19:53:20 ----A---- C:\Windows\system32\deploytk.dll 2010-01-09 19:52:48 ----D---- C:\Program Files (x86)\Java 2010-01-09 19:45:59 ----D---- C:\Users\XXXX\AppData\Roaming\WinRAR 2010-01-09 19:33:40 ----D---- C:\Windows\system32\MAGIX 2010-01-09 19:33:40 ----A---- C:\Windows\system32\mgxoschk.dll 2010-01-09 19:33:40 ----A---- C:\Windows\mgxoschk.ini 2010-01-09 19:27:05 ----D---- C:\Users\XXX\AppData\Roaming\Skype 2010-01-09 19:26:45 ----D---- C:\Program Files (x86)\Common Files\Skype 2010-01-09 19:26:44 ----RD---- C:\Program Files (x86)\Skype 2010-01-09 19:26:39 ----D---- C:\ProgramData\Skype 2010-01-09 19:22:39 ----D---- C:\ProgramData\Spybot - Search & Destroy 2010-01-09 19:22:39 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy 2010-01-09 19:20:24 ----D---- C:\Program Files (x86)\Lavalys 2010-01-09 19:18:29 ----D---- C:\ProgramData\Adobe 2010-01-09 19:18:07 ----D---- C:\Program Files (x86)\Common Files\Adobe 2010-01-09 19:18:06 ----D---- C:\Program Files (x86)\Adobe 2010-01-09 19:06:55 ----D---- C:\Program Files (x86)\Nvidia Omega Drivers 2010-01-09 19:06:55 ----A---- C:\Windows\Nvidia Omega Drivers v1.169.25 Uninstall.exe 2010-01-09 16:27:13 ----D---- C:\Users\XXX\AppData\Roaming\FreshDiagnose 2010-01-09 16:26:58 ----D---- C:\Program Files (x86)\FreshDevices 2010-01-09 16:19:43 ----D---- C:\Program Files (x86)\SystemRequirementsLab 2010-01-09 16:16:46 ----D---- C:\Users\XXX\AppData\Roaming\Macromedia 2010-01-09 16:16:46 ----D---- C:\Users\XXX\AppData\Roaming\Adobe 2010-01-09 16:15:39 ----D---- C:\Windows\system32\Macromed 2010-01-09 14:56:40 ----A---- C:\Windows\system32\tzres.dll 2010-01-09 14:53:07 ----A---- C:\Windows\system32\msshooks.dll 2010-01-09 14:53:07 ----A---- C:\Windows\system32\msscb.dll 2010-01-09 14:53:07 ----A---- C:\Windows\system32\mimefilt.dll 2010-01-09 14:53:05 ----A---- C:\Windows\system32\thawbrkr.dll 2010-01-09 14:53:05 ----A---- C:\Windows\system32\SearchFilterHost.exe 2010-01-09 14:53:05 ----A---- C:\Windows\system32\propsys.dll 2010-01-09 14:53:05 ----A---- C:\Windows\system32\propdefs.dll 2010-01-09 14:53:05 ----A---- C:\Windows\system32\msstrc.dll 2010-01-09 14:53:05 ----A---- C:\Windows\system32\mssprxy.dll 2010-01-09 14:53:05 ----A---- C:\Windows\system32\mssitlb.dll 2010-01-09 14:53:05 ----A---- C:\Windows\system32\msshsq.dll 2010-01-09 14:53:05 ----A---- C:\Windows\system32\chsbrkr.dll 2010-01-09 14:53:04 ----A---- C:\Windows\system32\offfilt.dll 2010-01-09 14:53:04 ----A---- C:\Windows\system32\korwbrkr.dll 2010-01-09 14:53:03 ----A---- C:\Windows\system32\xmlfilter.dll 2010-01-09 14:53:03 ----A---- C:\Windows\system32\tquery.dll 2010-01-09 14:53:03 ----A---- C:\Windows\system32\SearchProtocolHost.exe 2010-01-09 14:53:03 ----A---- C:\Windows\system32\SearchIndexer.exe 2010-01-09 14:53:03 ----A---- C:\Windows\system32\rtffilt.dll 2010-01-09 14:53:03 ----A---- C:\Windows\system32\nlhtml.dll 2010-01-09 14:53:03 ----A---- C:\Windows\system32\mssvp.dll 2010-01-09 14:53:03 ----A---- C:\Windows\system32\mssrch.dll 2010-01-09 14:53:03 ----A---- C:\Windows\system32\mssphtb.dll 2010-01-09 14:53:03 ----A---- C:\Windows\system32\mssph.dll 2010-01-09 14:53:03 ----A---- C:\Windows\system32\msscntrs.dll 2010-01-09 14:53:03 ----A---- C:\Windows\system32\chtbrkr.dll 2010-01-09 14:43:53 ----A---- C:\Windows\system32\nshhttp.dll 2010-01-09 14:43:51 ----D---- C:\ProgramData\Avira 2010-01-09 14:43:51 ----A---- C:\Windows\system32\httpapi.dll 2010-01-09 14:43:50 ----D---- C:\Program Files (x86)\Avira 2010-01-09 14:42:59 ----SHD---- C:\Windows\Installer 2010-01-09 14:42:43 ----A---- C:\Windows\system32\mshtml.dll 2010-01-09 14:42:42 ----A---- C:\Windows\system32\wininet.dll 2010-01-09 14:42:42 ----A---- C:\Windows\system32\occache.dll 2010-01-09 14:42:41 ----A---- C:\Windows\system32\urlmon.dll 2010-01-09 14:42:41 ----A---- C:\Windows\system32\ieframe.dll 2010-01-09 14:42:40 ----A---- C:\Windows\system32\msfeeds.dll 2010-01-09 14:42:40 ----A---- C:\Windows\system32\iertutil.dll 2010-01-09 14:42:40 ----A---- C:\Windows\system32\iedkcs32.dll 2010-01-09 14:42:40 ----A---- C:\Windows\system32\ieapfltr.dll 2010-01-09 14:42:39 ----A---- C:\Windows\system32\mstime.dll 2010-01-09 14:42:39 ----A---- C:\Windows\system32\ieUnatt.exe 2010-01-09 14:42:39 ----A---- C:\Windows\system32\ieaksie.dll 2010-01-09 14:42:38 ----A---- C:\Windows\system32\jsproxy.dll 2010-01-09 14:42:38 ----A---- C:\Windows\system32\ieencode.dll 2010-01-09 14:40:07 ----A---- C:\Windows\system32\wmp.dll 2010-01-09 14:40:06 ----A---- C:\Windows\system32\unregmp2.exe 2010-01-09 14:40:05 ----A---- C:\Windows\system32\spwmp.dll 2010-01-09 14:40:05 ----A---- C:\Windows\system32\dxmasf.dll 2010-01-09 14:40:04 ----A---- C:\Windows\system32\wmploc.DLL 2010-01-09 14:39:22 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll 2010-01-09 14:39:22 ----A---- C:\Windows\system32\gameux.dll 2010-01-09 14:39:22 ----A---- C:\Windows\system32\Apphlpdm.dll 2010-01-09 14:37:42 ----A---- C:\Windows\system32\rpcrt4.dll 2010-01-09 14:37:25 ----A---- C:\Windows\system32\msxml3.dll 2010-01-09 14:37:07 ----A---- C:\Windows\system32\WSDApi.dll 2010-01-09 14:37:07 ----A---- C:\Windows\system32\localspl.dll 2010-01-09 14:37:06 ----A---- C:\Windows\system32\connect.dll 2010-01-09 14:35:12 ----D---- C:\Users\XXXX\AppData\Roaming\Mozilla 2010-01-09 14:35:09 ----D---- C:\Program Files (x86)\Mozilla Firefox 2010-01-09 14:32:54 ----A---- C:\Windows\system32\NlsLexicons0007.dll 2010-01-09 14:32:53 ----A---- C:\Windows\system32\NlsLexicons0009.dll 2010-01-09 14:32:38 ----A---- C:\Windows\system32\NaturalLanguage6.dll 2010-01-09 14:29:06 ----A---- C:\Windows\system32\srclient.dll 2010-01-09 14:29:06 ----A---- C:\Windows\system32\kbd106n.dll 2010-01-09 14:28:47 ----A---- C:\Windows\system32\winipsec.dll 2010-01-09 14:28:47 ----A---- C:\Windows\system32\polstore.dll 2010-01-09 14:28:47 ----A---- C:\Windows\system32\FwRemoteSvr.dll 2010-01-09 14:28:45 ----A---- C:\Windows\system32\inetcomm.dll 2010-01-09 14:28:43 ----A---- C:\Windows\system32\es.dll 2010-01-09 14:28:42 ----A---- C:\Windows\system32\quartz.dll 2010-01-09 14:28:39 ----A---- C:\Windows\system32\wshqos.dll 2010-01-09 14:28:39 ----A---- C:\Windows\system32\traffic.dll 2010-01-09 14:28:39 ----A---- C:\Windows\system32\pacerprf.dll 2010-01-09 14:28:37 ----A---- C:\Windows\system32\wshext.dll 2010-01-09 14:28:37 ----A---- C:\Windows\system32\wscript.exe 2010-01-09 14:28:37 ----A---- C:\Windows\system32\vbscript.dll 2010-01-09 14:28:37 ----A---- C:\Windows\system32\cscript.exe 2010-01-09 14:28:36 ----A---- C:\Windows\system32\scrrun.dll 2010-01-09 14:28:36 ----A---- C:\Windows\system32\scrobj.dll 2010-01-09 14:28:35 ----A---- C:\Windows\system32\wshrm.dll 2010-01-09 14:28:33 ----A---- C:\Windows\system32\wmpeffects.dll 2010-01-09 14:25:50 ----A---- C:\Windows\system32\netapi32.dll 2010-01-09 14:22:52 ----HD---- C:\ProgramData\CanonBJ 2010-01-09 14:10:46 ----D---- C:\Users\XXX\AppData\Roaming\Identities 2010-01-09 14:10:37 ----SD---- C:\Users\XXXX\AppData\Roaming\Microsoft 2010-01-09 14:10:37 ----D---- C:\Users\XXXX\AppData\Roaming\Media Center Programs 2010-01-09 14:08:57 ----A---- C:\Windows\system32\wudriver.dll 2010-01-09 14:08:57 ----A---- C:\Windows\system32\wuapi.dll 2010-01-09 14:08:56 ----A---- C:\Windows\system32\wups.dll 2010-01-09 14:08:20 ----A---- C:\Windows\system32\wuwebv.dll 2010-01-09 14:08:20 ----A---- C:\Windows\system32\wuapp.exe 2010-01-09 14:07:14 ----SHD---- C:\ProgramData\Vorlagen 2010-01-09 14:07:14 ----SHD---- C:\ProgramData\Startmenü 2010-01-09 14:07:14 ----SHD---- C:\ProgramData\Favoriten 2010-01-09 14:07:14 ----SHD---- C:\ProgramData\Dokumente 2010-01-09 14:07:14 ----SHD---- C:\ProgramData\Anwendungsdaten 2010-01-09 14:06:56 ----D---- C:\Windows\Debug 2010-01-09 13:59:58 ----D---- C:\Windows\SoftwareDistribution 2010-01-09 13:52:11 ----D---- C:\Windows\Prefetch 2010-01-09 13:51:05 ----D---- C:\Windows\Panther 2010-01-09 13:41:34 ----D---- C:\Windows.old 2010-01-04 09:10:09 ----D---- C:\BigFishGamesCache ======List of files/folders modified in the last 1 months====== 2010-01-10 16:15:54 ----D---- C:\Windows\Temp 2010-01-10 15:57:49 ----D---- C:\Windows\Tasks 2010-01-10 14:28:23 ----D---- C:\Windows\Microsoft.NET 2010-01-10 14:28:22 ----RSD---- C:\Windows\assembly 2010-01-10 14:26:18 ----D---- C:\Windows\rescache 2010-01-10 14:23:39 ----D---- C:\Windows\winsxs 2010-01-10 14:23:24 ----D---- C:\Windows 2010-01-10 14:23:06 ----D---- C:\Windows\System32 2010-01-10 14:23:05 ----D---- C:\Windows\inf 2010-01-10 14:16:05 ----SHD---- C:\System Volume Information 2010-01-10 13:37:33 ----D---- C:\Windows\SysWOW64 2010-01-10 13:37:30 ----D---- C:\Windows\system32\de-DE 2010-01-10 10:57:15 ----RD---- C:\Program Files (x86) 2010-01-10 10:35:22 ----D---- C:\Windows\system32\drivers 2010-01-10 10:35:16 ----HD---- C:\ProgramData 2010-01-09 19:55:18 ----RSD---- C:\Windows\Fonts 2010-01-09 19:26:45 ----D---- C:\Program Files (x86)\Common Files 2010-01-09 19:20:27 ----SD---- C:\ProgramData\Microsoft 2010-01-09 19:20:07 ----RD---- C:\Program Files 2010-01-09 17:08:37 ----D---- C:\NVIDIA 2010-01-09 16:19:38 ----SD---- C:\Windows\Downloaded Program Files 2010-01-09 15:38:59 ----D---- C:\Windows\Logs 2010-01-09 15:00:44 ----D---- C:\Program Files (x86)\Windows Media Player 2010-01-09 15:00:42 ----D---- C:\Windows\AppPatch 2010-01-09 15:00:40 ----D---- C:\Windows\PolicyDefinitions 2010-01-09 15:00:37 ----D---- C:\Windows\system32\migration 2010-01-09 15:00:37 ----D---- C:\Program Files (x86)\Internet Explorer 2010-01-09 15:00:32 ----D---- C:\Windows\ehome 2010-01-09 14:43:01 ----D---- C:\Program Files (x86)\Common Files\microsoft shared 2010-01-09 14:23:25 ----RSD---- C:\Windows\Media 2010-01-09 14:23:24 ----D---- C:\Windows\twain_32 2010-01-09 14:11:09 ----SHD---- C:\$Recycle.Bin 2010-01-09 14:10:29 ----RD---- C:\Users 2010-01-09 13:50:50 ----RAS---- C:\BOOTSECT.BAK 2010-01-09 13:50:49 ----SHD---- C:\Boot ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [] R3 HdAudAddService;Microsoft 1.1 UAA-Funktionstreiber für High Definition Audio-Dienst; C:\Windows\system32\drivers\HdAudio.sys [] R3 ksthunk;Kernel Streaming Thunks; C:\Windows\system32\drivers\ksthunk.sys [] R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh64.sys [] R3 usbscan;USB-Scannertreiber; C:\Windows\system32\DRIVERS\usbscan.sys [] S3 drmkaud;Microsoft Kernel-DRM-Audioentschlüsselung; C:\Windows\system32\drivers\drmkaud.sys [] S3 DualCoreCenter;DualCoreCenter; \??\C:\Windows.old\Program Files (x86)\ATI Technologies\ATI.ACE\NTGLM7X64.sys [2007-04-17 40248] S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [] S3 MSPCLOCK;Microsoft Proxy für Streaming Clock; C:\Windows\system32\drivers\MSPCLOCK.sys [] S3 MSPQM;Microsoft Proxy für Streaming Quality Manager; C:\Windows\system32\drivers\MSPQM.sys [] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\Windows\system32\drivers\MSTEE.sys [] S3 RushTopDevice2;RushTopDevice2; \??\C:\Windows.old\Program Files (x86)\ATI Technologies\ATI.ACE\RushTop64.sys [2007-05-19 53560] S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [] S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [] S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AntiVirSchedulerService;Avira AntiVir Planer; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289] R2 AntiVirService;Avira AntiVir Guard; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089] R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2010-01-09 1181328] R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368] S3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2008-01-21 93696] S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-21 19968] -----------------EOF----------------- Geändert von Markaukie (10.01.2010 um 16:26 Uhr) |
|
| Themen zu Vista 64 problem |
| ad-ware, beste, computer, fenster, kleiner, laufe, laufen, maus, neue, ordner, proble, problem, probleme, programm, schrift, spinn, spinnt, spybot, symbole, tastatur, tastatur spinnt, verändern, vista, vista 64 bit, öffnen |
Linear-Darstellung
