Mein Laptop ist super lahm! |
||
|---|---|---|
| #0
| ||
|
08.03.2008, 23:06
Member
Beiträge: 19 |
||
 
|
|
|
|
09.03.2008, 00:04
Ehrenmitglied
 Beiträge: 1441 |
#2
Hallo
versuche Combofix zu laden, scanne + poste den report http://www.virus-protect.org/artikel/tools/combofix.html __________ Gruss Pinguin bin dabei, meine Seite + Proggies zu aktualisieren: http://www.virus-protect.org/ |
|
|
|
|
|
|
09.03.2008, 23:21
Member
Themenstarter Beiträge: 19 |
#3
Okay...
ich hab heut versucht ComboFix durchlaufen zu lassen...hat aber irgendwie nicht funktioniert. Außerdem habe ich bemerkt, dass Downloads, die größer sind als 2 MB nach 2MB einfach aufhören und nicht weiter gedownloaded werden. Habe heute ComboFix runtergeladen, Problem ist aber, dass das Logfile nicht angezeigt werden kann...am Ende kam dann im ComboFix fenster: die Logdatei wird vorbereitet, bitte starte keine weiteren Programme bis ComboFix fertig ist. dann habe ich 2 Stunden gewartet, nichts passiert, außer, dass mein PC noch langsamer geworden ist und ich nichts mehr machen konnte, außer den PC manuell ausschalten...(also ausknopf lang drücken) hab ComboFix deinstalliert, neu runtergeladen, wieder gleiches ergebnis... was mach ich jetzt? hoffe ihr könnt mir helfen... Problem ist, dass wahrscheinlich außer CCleaner und AntiVir nichts auf aktuellem Stand ist...und ich nicht weiter was downloaden kann...zumindest nichts, was größer ist als 2MB... |
|
|
|
|
|
|
09.03.2008, 23:32
Ehrenmitglied
 Beiträge: 6028 |
#4
Hallo,
http://www.virus-protect.org/artikel/tools/comboscan.html Download dss zum Desktop Doppelklick dss.exe Kopiere den Inhalt des Berichts C:/ main.txt und extra.txt in dein folgender Bericht __________ MfG Argus |
|
|
|
|
|
|
10.03.2008, 16:38
Member
Themenstarter Beiträge: 19 |
#5
okay das hat jetzt zum glück geklappt!
hier die main.txt: Deckard's System Scanner v20071014.68 Run by Matz on 2008-03-10 16:33:45 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- System Restore -------------------------------------------------------------- Successfully created a Deckard's System Scanner Restore Point. -- Last 5 Restore Point(s) -- 9: 2008-03-10 15:33:57 UTC - RP110 - Deckard's System Scanner Restore Point 8: 2008-03-09 16:56:58 UTC - RP109 - ComboFix created restore point 7: 2008-03-08 17:31:27 UTC - RP108 - Systemprüfpunkt 6: 2008-03-06 17:24:07 UTC - RP107 - Systemprüfpunkt 5: 2008-03-05 17:04:02 UTC - RP106 - Systemprüfpunkt -- First Restore Point -- 1: 2008-02-27 12:38:26 UTC - RP102 - Systemprüfpunkt Backed up registry hives. Performed disk cleanup. [color=red]Total Physical Memory: 503 MiB (512 MiB recommended).[/color] [color=red]System Drive C: has 4.67 GiB (less than 15%) free.[/color] -- HijackThis (run as Matz.exe) ------------------------------------------------ Logfile of HijackThis v1.99.1 Scan saved at 16:35, on 2008-03-10 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe c:\programme\gemeinsame dateien\logitech\lvmvfm\LVPrcSrv.exe C:\Programme\AntiVir PersonalEdition Classic\avguard.exe C:\Programme\AntiVir PersonalEdition Classic\sched.exe C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Programme\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\Programme\TOSHIBA\ConfigFree\CFSvcs.exe C:\Programme\CyberLink\Shared Files\RichVideo.exe C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\system32\svchost.exe C:\Programme\Gemeinsame Dateien\Symantec Shared\Security Center\SymWSC.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Programme\TOSHIBA\E-KEY\CeEKey.exe C:\Programme\TOSHIBA\TouchPad\TPTray.exe C:\Programme\Toshiba\TOSHIBA Controls\TFncKy.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\WINDOWS\vsnpstd2.exe C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Programme\TOSHIBA\TOSCDSPD\toscdspd.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\System32\svchost.exe C:\Dokumente und Einstellungen\Matz\Desktop\dss.exe C:\PROGRA~1\HIJACK~1\Matz.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQLite\ICQToolbar\toolbaru.dll O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\Programme\ICQLite\ICQToolbar\toolbaru.dll O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQLite\ICQToolbar\toolbaru.dll O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Programme\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [Apoint] C:\Programme\Apoint2K\Apoint.exe O4 - HKLM\..\Run: [CeEKEY] C:\Programme\TOSHIBA\E-KEY\CeEKey.exe O4 - HKLM\..\Run: [TPNF] C:\Programme\TOSHIBA\TouchPad\TPTray.exe O4 - HKLM\..\Run: [HWSetup] C:\Programme\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP O4 - HKLM\..\Run: [SVPWUTIL] C:\Programme\Toshiba\Windows Utilities\SVPWUTIL.exe SVPwUTIL O4 - HKLM\..\Run: [TFncKy] C:\Programme\Toshiba\TOSHIBA Controls\TFncKy.exe O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [SNPSTD2] C:\WINDOWS\vsnpstd2.exe O4 - HKLM\..\Run: [avgnt] "C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKCU\..\Run: [TOSCDSPD] C:\Programme\TOSHIBA\TOSCDSPD\toscdspd.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Startup: Microsoft Office OneNote 2003 Schnellstart.lnk = C:\Programme\Microsoft Office\OFFICE11\ONENOTEM.EXE O4 - Global Startup: AutoCAD Startup Accelerator.lnk = C:\Programme\Gemeinsame Dateien\Autodesk Shared\acstart16.exe O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O9 - Extra button: eBay - {D7783732-69C6-4A28-BE53-618CC4609617} - C:\Programme\Internet Explorer\Signup\ToshibaGotoEbay.exe (HKCU) O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Autodesk Licensing Service - Autodesk - C:\Programme\Gemeinsame Dateien\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: Automatisches LiveUpdate - Scheduler - Symantec Corporation - C:\Programme\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Programme\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: AVM FRITZ!web Routing Service (de_serv) - Unknown owner - C:\Programme\Gemeinsame Dateien\AVM\de_serv.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Programme\iPod\bin\iPodService.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\programme\gemeinsame dateien\logitech\lvmvfm\LVPrcSrv.exe O23 - Service: OpenVPN Service (OpenVPNService) - Unknown owner - C:\Programme\OpenVPN\bin\openvpnserv.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Programme\CyberLink\Shared Files\RichVideo.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\Security Center\SymWSC.exe -- HijackThis Fixed Entries (C:\PROGRA~1\HIJACK~1\backups\) -------------------- backup-20070823-204901-468 O4 - HKCU\..\Run: [LOG LIST] C:\DOKUME~1\Matz\ANWEND~1\ObjBone\Interidoladmin.exe backup-20070823-221017-864 O4 - HKCU\..\Run: [LOG LIST] C:\DOKUME~1\Matz\ANWEND~1\ObjBone\Interidoladmin.exe backup-20070824-151930-178 O4 - HKCU\..\RunServices: [WinUpdate] C:\WINDOWS\system32\alrsvcl.exe backup-20070901-142354-572 O20 - Winlogon Notify: cbxxvtt - cbxxvtt.dll (file missing) backup-20070901-142355-156 O20 - Winlogon Notify: xxyxwvu - xxyxwvu.dll (file missing) backup-20070901-142355-195 O20 - Winlogon Notify: ddcyx - C:\WINDOWS\system32\ddcyx.dll (file missing) backup-20080222-220118-421 O16 - DPF: {286A75C3-11FB-4FB4-AC4A-4DD1B0750050} (INISAFEWeb6 V6 Class) - http://www.siren24.com/initech/plugin/INIS60.cab backup-20080222-220118-442 O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) backup-20080222-220120-776 O16 - DPF: {28E0FF21-49DE-47C2-BC2C-9976398907C3} (MyPdpopX Class) - http://211.33.88.30/App/mtg.cab backup-20080222-220121-459 O16 - DPF: {31547BE4-40A1-4F53-8DC6-40553BBEAA44} (ClubHard WebControl V2) - http://www.clubhard.co.kr/append/application/ClubHardCtrl.CAB backup-20080222-220121-552 O16 - DPF: {882A7CC6-0163-4BC1-8BC1-505E36C9FFA2} (MaxHelper Control) - http://www.mnet.com/Ver2/App/totalApp/maxhelper/maxhelper.cab backup-20080222-220122-852 O16 - DPF: {970E1B88-8AC1-4E31-86D6-BFA769CEF7A6} (eGSignPlus For_EBS Class) - http://www.ebsi.co.kr/ebs/ActiveX/eGEBS.cab backup-20080222-220122-929 O16 - DPF: {9CDD57AC-CA86-464C-B920-3228A388CC78} (NaverFileControl Control) - http://file.naver.com/activex/NaverFile.cab backup-20080308-224742-289 O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/DE-DE/a-UNO1/GAME_UNO1.cab backup-20080308-224742-328 O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab backup-20080308-224743-353 O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab backup-20080308-224743-512 O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213.cab backup-20080308-224743-678 O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab -- File Associations ----------------------------------------------------------- All associations okay. -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------- R0 Vax347b - c:\windows\system32\drivers\vax347b.sys R0 Vax347s - c:\windows\system32\drivers\vax347s.sys R1 SrvcSSIOMngr - c:\windows\system32\drivers\ssiomngr.sys <Not Verified; COMPAL ELECTRONIC INC.; Compal IoManager Application> R1 TPwSav (Common Driver) - c:\windows\system32\drivers\tpwsav.sys <Not Verified; TOSHIBA; > R2 Netdevio (TOSHIBA Network Device Usermode I/O Protocol) - c:\windows\system32\drivers\netdevio.sys <Not Verified; TOSHIBA Corporation.; TOSHIBA Network Device Usermode I/O protocol> R3 Iviaspi (IVI ASPI Shell) - c:\windows\system32\drivers\iviaspi.sys <Not Verified; InterVideo, Inc.; InterVideo ASPI Shell> R3 LVPrcMon (Logitech LVPrcMon Driver) - c:\windows\system32\drivers\lvprcmon.sys R3 Pfc (Padus ASPI Shell) - c:\windows\system32\drivers\pfc.sys <Not Verified; Padus, Inc.; Padus(R) ASPI Shell> R3 tap0801 (TAP-Win32 Adapter V8) - c:\windows\system32\drivers\tap0801.sys <Not Verified; The OpenVPN Project; TAP-Win32 Virtual Network Driver> R3 TDSLAdapter (T-DSL-Adapter (T-Online)) - c:\windows\system32\drivers\tdsladap.sys <Not Verified; T-Online International AG; T-DSL Adapter for Windows.> R3 Tvs (Toshiba Virtual Sound with SRS technologies) - c:\windows\system32\drivers\tvs.sys <Not Verified; TOSHIBA Corporation; Audio Filter> S3 catchme - c:\dokume~1\matz\lokale~1\temp\catchme.sys (file missing) S3 TDSLProtocol (T-DSL-Protocol (T-Online)) - c:\windows\system32\drivers\tdslprot.sys <Not Verified; T-Online International AG; T-DSL Protocol for Windows.> S3 tosrfec (Bluetooth ACPI from TOSHIBA) - c:\windows\system32\drivers\tosrfec.sys <Not Verified; TOSHIBA Corporation; TOSHIBA Bluetooth EC Driver> S3 ultradfg - c:\windows\system32\drivers\ultradfg.sys <Not Verified; DASoft Development Team; UltraDefrag> -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled -------------------- R2 AntiVirScheduler (AntiVir PersonalEdition Classic Planer) - "c:\programme\antivir personaledition classic\sched.exe" <Not Verified; Avira GmbH; Scheduler> R2 Apple Mobile Device - "c:\programme\gemeinsame dateien\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service> R2 CFSvcs (ConfigFree Service) - c:\programme\toshiba\configfree\cfsvcs.exe <Not Verified; TOSHIBA CORPORATION; ConfigFree(TM)> R2 RichVideo (Cyberlink RichVideo Service(CRVS)) - "c:\programme\cyberlink\shared files\richvideo.exe" <Not Verified; ; RichVideo Module> S3 de_serv (AVM FRITZ!web Routing Service) - c:\programme\gemeinsame dateien\avm\de_serv.exe (file missing) S3 OpenVPNService (OpenVPN Service) - c:\programme\openvpn\bin\openvpnserv.exe -- Device Manager: Disabled ---------------------------------------------------- Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318} Description: 1394-Netzwerkadapter Device ID: V1394\NIC1394\814089D823F5A Manufacturer: Microsoft Name: 1394-Netzwerkadapter PNP Device ID: V1394\NIC1394\814089D823F5A Service: NIC1394 -- Scheduled Tasks ------------------------------------------------------------- 2008-03-10 16:34:00 350 --a------ C:\WINDOWS\Tasks\Symantec NetDetect.job 2005-11-08 19:17:36 258 --a------ C:\WINDOWS\Tasks\Registrierungserinnerung 3.job 2005-11-08 19:17:35 258 --a------ C:\WINDOWS\Tasks\Registrierungserinnerung 1.job -- Files created between 2008-02-10 and 2008-03-10 ----------------------------- 2008-03-09 17:56:13 68096 --a------ C:\WINDOWS\system32\zip.exe 2008-03-09 17:56:13 98816 --a------ C:\WINDOWS\system32\sed.exe 2008-03-09 17:56:13 80412 --a------ C:\WINDOWS\system32\grep.exe 2008-03-09 17:56:13 73728 --a------ C:\WINDOWS\system32\fdsv.exe <Not Verified; Smallfrogs Studio; > 2008-03-09 17:56:03 0 dr-h----- C:\Dokumente und Einstellungen\Matz\Recent 2008-03-03 12:38:28 0 d-------- C:\WatchNow 2008-03-02 23:31:39 0 d-------- C:\Programme\Veoh Networks 2008-02-27 11:57:27 0 d-------- C:\Programme\eSignPlus 2008-02-24 15:06:16 0 d-------- C:\Programme\FRITZ!DSL 2008-02-24 15:06:03 55808 -ra------ C:\WINDOWS\system32\avmadd32.dll <Not Verified; AVM GmbH; AVM avmadd32> 2008-02-23 22:49:45 0 d-------- C:\WINDOWS\system32\LogFiles 2008-02-13 21:46:00 0 d-------- C:\Programme\Gemeinsame Dateien\AVSMedia 2008-02-13 21:45:46 261632 --a------ C:\WINDOWS\system32\mcdvd_32.dll <Not Verified; MainConcept; MainConcept DV Codec "2.0.4> 2008-02-13 21:34:36 3082 --a------ C:\WINDOWS\system32\affv9869p3now.sys 2008-02-13 21:25:14 0 d-------- C:\ConverterOutput 2008-02-13 21:25:00 262144 --a------ C:\WINDOWS\system32\TomsMoComp_ff.dll 2008-02-13 21:25:00 395776 --a------ C:\WINDOWS\system32\libmplayer.dll 2008-02-13 21:24:59 112640 --a------ C:\WINDOWS\system32\libmpeg2_ff.dll 2008-02-13 21:24:59 2255360 --a------ C:\WINDOWS\system32\libavcodec.dll 2008-02-13 21:06:43 0 d-------- C:\Softpepper files 2008-02-12 22:55:59 53248 --a------ C:\npegtok.dll <Not Verified; ; Penta Security EGSign Token Plug-in> 2008-02-12 22:55:58 0 d-------- C:\Programme\My Program -- Find3M Report --------------------------------------------------------------- 2008-03-07 20:46:22 315 --a------ C:\Programme\Gemeinsame Dateien\game0.nfo 2008-03-05 19:26:06 0 d-------- C:\Dokumente und Einstellungen\Matz\Anwendungsdaten\teamspeak2 2008-03-02 23:34:00 0 d--h----- C:\Programme\InstallShield Installation Information 2008-02-27 11:56:44 0 d-------- C:\Programme\DVD Shrink 2008-02-27 11:55:33 0 d-------- C:\Programme\Canon 2008-02-24 20:44:28 0 d-------- C:\Programme\Gemeinsame Dateien 2008-02-24 16:57:16 0 d-------- C:\Dokumente und Einstellungen\Matz\Anwendungsdaten\Adobe 2008-02-24 15:22:36 0 d-------- C:\Dokumente und Einstellungen\Matz\Anwendungsdaten\FRITZ! 2008-02-22 22:47:58 0 d-------- C:\Programme\Gemeinsame Dateien\Symantec Shared 2008-02-22 22:44:28 0 d-------- C:\Programme\Symantec 2008-02-18 14:09:38 0 d-------- C:\Programme\Cyworld Studio 2008-02-15 14:30:14 0 d-------- C:\Programme\Gemeinsame Dateien\Adobe 2008-02-13 21:34:51 2572 --a------ C:\WINDOWS\WINDVDBOOTRECDOE.sys 2008-02-09 11:55:00 0 d-------- C:\Programme\NATEON 2008-02-08 20:31:30 0 d-------- C:\Dokumente und Einstellungen\Matz\Anwendungsdaten\Skype 2008-02-08 00:42:11 128065 --a----c- C:\WINDOWS\War3Unin.dat 2008-02-07 19:25:58 0 d-------- C:\Dokumente und Einstellungen\Matz\Anwendungsdaten\ICQ Toolbar 2008-02-06 09:43:44 7168 --a------ C:\WINDOWS\system32\udefrag.exe <Not Verified; DASoft Development Team; UltraDefrag> 2008-02-06 09:43:44 7168 --a------ C:\WINDOWS\system32\defrag_native.exe <Not Verified; DASoft Development Team; UltraDefrag> 2008-02-06 09:43:42 10240 --a------ C:\WINDOWS\system32\zenwinx.dll <Not Verified; DASoft Development Team; ZenWINX> 2008-02-06 09:43:42 18432 --a------ C:\WINDOWS\system32\udefrag.dll <Not Verified; DASoft Development Team; UltraDefrag> 2008-02-02 15:36:00 0 d-------- C:\Dokumente und Einstellungen\Matz\Anwendungsdaten\Canon 2008-01-31 20:37:11 0 d-------- C:\Programme\OpenVPN 2008-01-29 11:52:20 0 d-------- C:\Programme\ClubHard 2008-01-26 12:48:22 0 d-------- C:\Programme\CCleaner 2008-01-25 10:07:19 1093632 --a------ C:\WINDOWS\system32\inicrypto30.dll <Not Verified; INITECH (c).; inicrypto30> 2008-01-25 10:07:06 0 d-------- C:\Programme\NPKI 2008-01-25 10:07:06 0 d-------- C:\Programme\INITECH 2008-01-12 09:19:56 4321 --a----c- C:\WINDOWS\mozver.dat -- Registry Dump --------------------------------------------------------------- *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [2005-07-19 19:09] "igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [2005-07-19 19:06] "igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [2005-07-19 19:10] "Apoint"="C:\Programme\Apoint2K\Apoint.exe" [2004-03-24 06:40] "CeEKEY"="C:\Programme\TOSHIBA\E-KEY\CeEKey.exe" [2005-09-06 13:04] "TPNF"="C:\Programme\TOSHIBA\TouchPad\TPTray.exe" [2005-08-25 18:11] "HWSetup"="C:\Programme\TOSHIBA\TOSHIBA Applet\HWSetup.exe" [2004-05-01 12:45] "SVPWUTIL"="C:\Programme\Toshiba\Windows Utilities\SVPWUTIL.exe" [2004-05-01 12:45] "TFncKy"="C:\Programme\Toshiba\TOSHIBA Controls\TFncKy.exe" [2005-05-17 15:02] "dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [2005-05-31 04:33] "SNPSTD2"="C:\WINDOWS\vsnpstd2.exe" [2004-08-30 15:37] "avgnt"="C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe" [2007-10-18 18:40] "LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2005-12-09 15:32] "SSBkgdUpdate"="C:\Programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 09:03] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "TOSCDSPD"="C:\Programme\TOSHIBA\TOSCDSPD\toscdspd.exe" [2005-04-12 09:05] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 13:00] C:\Dokumente und Einstellungen\Matz\Startmen\Programme\Autostart\ Microsoft Office OneNote 2003 Schnellstart.lnk - C:\Programme\Microsoft Office\OFFICE11\ONENOTEM.EXE [2004-06-17 07:03:44] C:\Dokumente und Einstellungen\All Users\Startmen\Programme\Autostart\ AutoCAD Startup Accelerator.lnk - C:\Programme\Gemeinsame Dateien\Autodesk Shared\acstart16.exe [2005-03-05 14:18:22] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] "WinUpdate"= C:\WINDOWS\system32\alrsvcl.exe [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSEXESVC] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Adobe Gamma Loader.lnk] path=C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Adobe Gamma Loader.lnk backup=C:\WINDOWS\pss\Adobe Gamma Loader.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Adobe Gamma.lnk] path=C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Adobe Gamma.lnk backup=C:\WINDOWS\pss\Adobe Gamma.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Adobe Reader - Schnellstart.lnk] path=C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Adobe Reader - Schnellstart.lnk backup=C:\WINDOWS\pss\Adobe Reader - Schnellstart.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Digimax Viewer 2.1.lnk] path=C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Digimax Viewer 2.1.lnk backup=C:\WINDOWS\pss\Digimax Viewer 2.1.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^En-Hae^Startmenü^Programme^Autostart^Microsoft Office OneNote 2003 Schnellstart.lnk] path=C:\Dokumente und Einstellungen\En-Hae\Startmenü\Programme\Autostart\Microsoft Office OneNote 2003 Schnellstart.lnk backup=C:\WINDOWS\pss\Microsoft Office OneNote 2003 Schnellstart.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG] AGRSMMSG.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CFSServ.exe] C:\Programme\Toshiba\ConfigFree\CFSServ.exe -NoClient [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools] "C:\Spiele\daemontools\DAEMON Tools\daemon.exe" -lang 1033 [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ Lite] "C:\Programme\ICQLite\ICQLite.exe" -minimize [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IncrediMail] C:\Programme\IncrediMail\bin\IncMail.exe /c [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] "C:\Programme\MSN Messenger\msnmsgr.exe" /background [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NDSTray.exe] C:\Programme\Toshiba\ConfigFree\NDSTray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Option Bib Logo Log] C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\LICENSE ADMIN OPTION BIB\Debug Real.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PadTouch] C:\Programme\TOSHIBA\Touch and Launch\PadExe.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -onlytray [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] "C:\Spiele\Skype\Phone\Skype.exe" /nosplash /minimized [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmoothView] C:\Programme\TOSHIBA\TOSHIBA Zoom-Dienstprogramm\SmoothView.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\System] rundl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TCtryIOHook] TCtrlIOHook.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ToADiMon.exe] C:\Programme\T-Online\T-Online_Software_5\Basis-Software\Basis1\ToADiMon.exe -TOnlineAutodialStart [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TPSMain] TPSMain.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Tvs] C:\Programme\TOSHIBA\Tvs\TvsTray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant] C:\Spiele\window blinds\Unlocker\UnlockerAssistant.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Up setup else log] C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Deaf Meal Log License\1 dvd blah.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zooming] ZoomingHook.exe -- End of Deckard's System Scanner: finished at 2008-03-10 16:36:31 ------------ und extra.txt Deckard's System Scanner v20071014.68 Extra logfile - please post this as an attachment with your post. -------------------------------------------------------------------------------- -- System Information ---------------------------------------------------------- Microsoft Windows XP Home Edition (build 2600) SP 2.0 Architecture: X86; Language: German CPU 0: Intel(R) Pentium(R) M processor 1.73GHz Percentage of Memory in Use: 42% Physical Memory (total/avail): 502.42 MiB / 289.48 MiB Pagefile Memory (total/avail): 1226.29 MiB / 963.85 MiB Virtual Memory (total/avail): 2047.88 MiB / 1924.3 MiB C: is Fixed (NTFS) - 74.53 GiB total, 4.67 GiB free. D: is CDROM (No Media) E: is CDROM (No Media) \\.\PHYSICALDRIVE0 - HTS541080G9SA00 - 74.53 GiB - 1 partition \PARTITION0 (bootable) - Installierbares Dateisystem - 74.53 GiB - C: -- Security Center ------------------------------------------------------------- AUOptions is scheduled to auto-install. Windows Internal Firewall is enabled. FirstRunDisabled is set. AV: Avira AntiVir PersonalEdition v 7.0.2.245 (Avira GmbH) [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "C:\\Programme\\MSN Messenger\\msnmsgr.exe"="C:\\Programme\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\\Programme\\MSN Messenger\\livecall.exe"="C:\\Programme\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\\Programme\\IncrediMail\\bin\\IncMail.exe"="C:\\Programme\\IncrediMail\\bin\\IncMail.exe:*:Enabled:IncrediMail" "C:\\Programme\\IncrediMail\\bin\\IMApp.exe"="C:\\Programme\\IncrediMail\\bin\\IMApp.exe:*:Enabled:IncrediMail" "C:\\Programme\\ICQLite\\ICQLite.exe"="C:\\Programme\\ICQLite\\ICQLite.exe:*:Enabled:ICQ Lite" "C:\\Programme\\MSN Messenger\\msnmsgr.exe"="C:\\Programme\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\\Programme\\MSN Messenger\\livecall.exe"="C:\\Programme\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" "C:\\Programme\\iTunes\\iTunes.exe"="C:\\Programme\\iTunes\\iTunes.exe:*:Enabled:iTunes" "C:\\WINDOWS\\system32\\skcbgm.exe"="C:\\WINDOWS\\system32\\skcbgm.exe:*:Enabled:SK Communications Cyworld BGM Player" "C:\\Programme\\NATEON\\BIN\\NateOnMain.exe"="C:\\Programme\\NATEON\\BIN\\NateOnMain.exe:*:Enabled:NATE ON" "C:\\WINDOWS\\system32\\P3MxSvr.exe"="C:\\WINDOWS\\system32\\P3MxSvr.exe:*:Enabled:Maxmp3 AoD Control" "C:\\WINDOWS\\system32\\p3mxvsvr.exe"="C:\\WINDOWS\\system32\\p3mxvsvr.exe:*:Enabled:MAXMP3 VOD Control" "C:\\WINDOWS\\system32\\mnetasvr.exe"="C:\\WINDOWS\\system32\\mnetasvr.exe:*:Enabled:MNet AoD Server" "C:\\WINDOWS\\system32\\mnetvsvr.exe"="C:\\WINDOWS\\system32\\mnetvsvr.exe:*:Enabled:MNet VoD Server" "D:\\fsetup.exe"="D:\\fsetup.exe:*:Enabled:AVM FSetup Application" "C:\\Programme\\Sopcast\\adv\\SopAdver.exe"="C:\\Programme\\Sopcast\\adv\\SopAdver.exe:*:Enabled:SopCast Adver" "C:\\Programme\\Sopcast\\SopCast.exe"="C:\\Programme\\Sopcast\\SopCast.exe:*:Enabled:SopCast Main Application" "C:\\Programme\\Veoh Networks\\Veoh\\VeohClient.exe"="C:\\Programme\\Veoh Networks\\Veoh\\VeohClient.exe:*:Enabled:Veoh Client" "C:\\Spiele\\Skype\\Phone\\Skype.exe"="C:\\Spiele\\Skype\\Phone\\Skype.exe:*:Enabled:Skype" -- Environment Variables ------------------------------------------------------- ALLUSERSPROFILE=C:\Dokumente und Einstellungen\All Users APPDATA=C:\Dokumente und Einstellungen\Matz\Anwendungsdaten CLASSPATH=.;C:\Programme\Java\jre1.6.0_03\lib\ext\QTJava.zip CommonProgramFiles=C:\Programme\Gemeinsame Dateien COMPUTERNAME=LAPTOP ComSpec=C:\WINDOWS\system32\cmd.exe FP_NO_HOST_CHECK=NO HOMEDRIVE=C: HOMEPATH=\Dokumente und Einstellungen\Matz LOGONSERVER=\\LAPTOP NUMBER_OF_PROCESSORS=1 OS=Windows_NT Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\wbem;C:\Programme\Gemeinsame Dateien\Adobe\AGL;C:\Programme\Gemeinsame Dateien\Autodesk Shared;C:\Programme\QuickTime\QTSystem PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH PROCESSOR_ARCHITECTURE=x86 PROCESSOR_IDENTIFIER=x86 Family 6 Model 13 Stepping 8, GenuineIntel PROCESSOR_LEVEL=6 PROCESSOR_REVISION=0d08 ProgramFiles=C:\Programme PROMPT=$P$G QTJAVA=C:\Programme\Java\jre1.6.0_03\lib\ext\QTJava.zip SESSIONNAME=Console SystemDrive=C: SystemRoot=C:\WINDOWS TEMP=C:\DOKUME~1\Matz\LOKALE~1\Temp TMP=C:\DOKUME~1\Matz\LOKALE~1\Temp USERDOMAIN=LAPTOP USERNAME=Matz USERPROFILE=C:\Dokumente und Einstellungen\Matz windir=C:\WINDOWS -- User Profiles --------------------------------------------------------------- Joshi (admin) En-Hae (admin) Matz (admin) -- Add/Remove Programs --------------------------------------------------------- --> C:\Programme\Real Alternative\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 --> C:\WINDOWS\IsUn0407.exe -fC:\WINDOWS\orun32.isu --> C:\WINDOWS\system32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6} --> C:\WINDOWS\system32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19} --> msiexec /I {2ECE7ECE-D15B-4999-8B8D-01C998F489D5} --> msiexec /I {FA17A726-B229-4116-B793-A2AB1A4EAE2E} --> MsiExec.exe /X{E9F81423-211E-46B6-9AE0-38568BC5CF6F} --> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf ???? --> RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{697E41EA-AEBE-4B5F-884E-87B5CD6C70AC}\setup.exe" -l0x12 -removeonly ½ÎÀÌ¿ùµå ½ºÆ©µð¿À --> RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{6B554094-155B-47C8-9962-5CC9EAA7CFE2}\setup.exe" -l0x12 -removeonly Adobe Bridge 1.0 --> MsiExec.exe /I{AE3D38A6-13B1-40B3-9423-D1FA9982FB6A} Adobe Common File Installer --> MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5102} Adobe Encore DVD FC --> MsiExec.exe /X{F6F6C08A-ED6F-4968-8292-A08E9F02584F} Adobe ExtendScript Toolkit 1.0 --> MsiExec.exe /I{B74D4E10-0000-0000-0000-EDED00000102} Adobe Flash Player 9 ActiveX --> C:\WINDOWS\system32\Macromed\Flash\FlashUtil9c.exe -uninstallUnlock Adobe Help Center 2.0 --> MsiExec.exe /I{8FFC924C-ED06-44CB-8867-3CA778ECE903} Adobe Photoshop CS --> RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}\setup.exe" -l0x9 Adobe Premiere Pro FC --> MsiExec.exe /X{57922B53-02D4-4DFC-AC24-A3519DC1F49A} Adobe Production Studio --> C:\PROGRA~1\INSTAL~1\{AAB06~1\setup.exe /relaunched/rootloc=d:\adobe production studio/lang=0407 Adobe Reader 8.1.2 - Deutsch --> MsiExec.exe /I{AC76BA86-7AD7-1031-7B44-A81200000003} Adobe Stock Photos 1.0 --> MsiExec.exe /I{786C5747-1437-443D-B06E-79A00FE45110} Adobe Video Suite Extras --> MsiExec.exe /I{B3B7836C-A1AD-4A56-811C-C18ABDE5EAAD} AFPL Ghostscript 8.54 --> c:\programme\ghostscript\gs\uninstgs.exe "c:\programme\ghostscript\gs\gs8.54\uninstal.txt" AFPL Ghostscript Fonts --> c:\programme\ghostscript\gs\uninstgs.exe "c:\programme\ghostscript\gs\fonts\uninstal.txt" ALPS Touch Pad Driver --> RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}\setup.exe" UNINSTALL Apple Mobile Device Support --> MsiExec.exe /I{B5C209B1-8DDB-4642-A573-375B951514CB} Apple Software Update --> MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4} AutoCAD 2006 - English --> MsiExec.exe /I{5783F2D7-4001-0409-0002-0060B0CE6BBA} Autodesk DWF Viewer --> C:\PROGRA~1\Autodesk\AUTODE~1\Setup.exe /remove Avira AntiVir PersonalEdition Classic --> C:\Programme\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE Bluetooth Stack for Windows by Toshiba --> MsiExec.exe /X{CEBB6BFB-D708-4F99-A633-BC2600E01EF6} BSPlayer --> "C:\Programme\Webteh\BSplayerPro\uninstall.exe" CCleaner (remove only) --> "C:\Programme\CCleaner\uninst.exe" CD/DVD Drive Acoustic Silencer --> RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}\Setup.exe" -l0x7 Digimax L50 --> RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{5244FA78-794C-4F97-8770-3EA285B29191}\Setup.exe" anything Digimax Viewer 2.1 --> RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{9EE54C1F-FC99-44D6-916A-0CA2D45E740F}\Setup.exe" DivX Web Player --> C:\Programme\DivX\DivXWebPlayerUninstall.exe /PLUGIN DVD Shrink 3.2 --> "C:\Programme\DVD Shrink\unins000.exe" eGSignPlus ActiveX For EBS --> RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{78BB4AA8-C480-4C76-A980-5A02F8762B3D}\Setup.exe" -l0x12 eGSignPlus_Plugin_ForEBS 1.0 --> "C:\Programme\My Program\unins000.exe" FreeRIP v3.03 --> "C:\Programme\FreeRIP3\unins000.exe" GOM Player --> "C:\Programme\GomPlayer\Uninstall.exe" HijackThis 1.99.1 --> C:\Programme\HijackThis\HijackThis.exe /uninstall ICQ 5.1 --> C:\Programme\ICQLite\ICQLiteUninstall.EXE INISafeWeb 6.0 --> C:\Programme\INITECH\INISAFE Web V6\UnINIS61.exe Intel(R) Graphics Media Accelerator Driver for Mobile --> RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2ID PCI\VEN_8086&DEV_2792 PCI\VEN_8086&DEV_2592 InterVideo WinDVD Creator 2 --> "C:\Programme\InstallShield Installation Information\{2FCE4FC5-6930-40E7-A4F1-F862207424EF}\setup.exe" REMOVEALL InterVideo WinDVD for TOSHIBA --> "C:\Programme\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL iriver plus 3 (remove only) --> "C:\Programme\iriver\iriver plus 3\uninstall.exe" iTunes --> MsiExec.exe /I{E3FEE4E7-4488-4A3F-A6BD-13745936EADB} Java(TM) 6 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020} Java(TM) 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030} K-Lite Codec Pack 2.54 Full --> "C:\Programme\K-Lite Codec Pack\unins000.exe" LECTURNITY Player --> MsiExec.exe /X{76668D2C-188A-4AB2-B6DA-E23033981EE3} LiveUpdate 3.0 (Symantec Corporation) --> "C:\Programme\Symantec\LiveUpdate\LSETUP.EXE" /U Logitech QuickCam-Software --> RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{C191BE7C-8542-4A61-973A-714EF76C5995}\setup.exe" -l0x7 Logitech® Camera-Treiber --> "C:\Programme\Gemeinsame Dateien\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT Macromedia Flash Player --> MsiExec.exe /X{0456ebd7-5f67-4ab6-852e-63781e3f389c} Messenger Plus! Live & Sponsor (CiD) --> "C:\Programme\MSN Messenger\Live!\Messenger Plus! Live\Uninstall.exe" Microsoft Age of Empires Gold --> "C:\Programme\Gemeinsame Dateien\UNINSTAL.EXE" /runtemp Microsoft Age of Empires II --> "C:\Spiele\AoE\UNINSTAL.EXE" /runtemp /uninstall Microsoft Age of Empires II: The Conquerors Expansion --> "C:\Spiele\AoE\UNINSTALX.EXE" /runtemp /addremove Microsoft Office OneNote 2003 --> MsiExec.exe /I{91A10407-6000-11D3-8CFE-0150048383C9} Microsoft Office Professional Edition 2003 --> MsiExec.exe /I{90110407-6000-11D3-8CFE-0150048383C9} Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft Works --> MsiExec.exe /I{B26E3B0D-C2FA-4370-B068-7C476766F029} Mindjet MindManager Viewer 6 --> MsiExec.exe /X{322C8187-4192-4165-87D3-16058E787D45} Mozilla Firefox (2.0.0.11) --> C:\Programme\Mozilla Firefox\uninstall\helper.exe Music Rescue 3.1.6 --> "C:\Programme\iTunes\Music Rescue\unins000.exe" Norton Security Center --> MsiExec.exe /X{503AA035-41E2-4858-B31F-1E49AC66C309} OpenVPN 2.0.9-gui-1.0.3 --> C:\Programme\OpenVPN\Uninstall.exe PDF Blender --> C:\Programme\PDFBlender\PDF Blender\uninstall.exe PDFCreator --> C:\Programme\PDFCreator\unins000.exe PhotoNow! 1.0 --> RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{D36DD326-7280-11D8-97C8-000129760CBE}\setup.exe" -uninstall PowerDirector --> RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\setup.exe" -uninstall PowerDVD --> C:\WINDOWS\IsUn0407.exe -fC:\Programme\CyberLink\PowerDVD\Uninst.isu QuickTime --> MsiExec.exe /I{5B09BD67-4C99-46A1-8161-B7208CE18121} Real Alternative 1.60 Lite --> "C:\Programme\GomPlayer\Real Alternative\unins000.exe" RealPlayer --> C:\Programme\Real Alternative\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 Realtek AC'97 Audio --> RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" -l0x7 -removeonly REALTEK Gigabit and Fast Ethernet NIC Driver --> RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{94FB906A-CF42-4128-A509-D353026A607E}\Setup.exe" -l0x7 REMOVE ScanSoft OmniPage SE 4 --> MsiExec.exe /I{DEE88727-779B-47A9-ACEF-F87CA5F92A65} SD Secure Module --> MsiExec.exe /X{C45F4811-31D5-4786-801D-F79CD06EDD85} Sicherheitsupdate für Windows XP (KB943055) --> "C:\WINDOWS\$NtUninstallKB943055$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB944533) --> "C:\WINDOWS\$NtUninstallKB944533$\spuninst\spuninst.exe" Sicherheitsupdate für Windows XP (KB946026) --> "C:\WINDOWS\$NtUninstallKB946026$\spuninst\spuninst.exe" Skype 3.0 --> "C:\Spiele\Skype\Phone\unins000.exe" Skype Plugin Manager --> MsiExec.exe /I{3D5E5C0A-5B36-4F98-99A7-287F7DBDCE03} SmartSound Quicktracks Plugin --> C:\PROGRA~1\GEMEIN~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E} Sonic DLA --> MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6} Sonic RecordNow! --> MsiExec.exe /I{9541FED0-327F-4DF0-8B96-EF57EF622F19} T-DSL Treiber --> RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{511A5609-446A-11D5-9FA6-0060087051D5}\Setup.exe" T-Online 5.0 --> RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{8283FCCD-AC71-4DC1-A81E-4F244FBBE11D}\setup.exe" CPAS T-Online Copas --> C:\PROGRA~1\T-Online\Copas\UNWISE.EXE /U C:\PROGRA~1\T-Online\Copas\INSTALL.LOG T-Online Direktanwahl --> C:\Programme\T-Online\T-Online_Software_5\Basis-Software\Basis1\ToADInst.exe TeamSpeak 2 RC2 --> C:\Programme\Teamspeak2_RC2\unins000.exe Texas Instruments PCIxx21/x515 drivers. --> C:\PROGRA~1\GEMEIN~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{E18E644D-4FC1-4E7F-87B7-A0288A14A322} /l1031 TOSHIBA Accessibility --> C:\PROGRA~1\GEMEIN~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{3A57482F-BEBC-47E4-ADA1-6302403C7E50} /l1031 TOSHIBA Assist --> RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{12B3A009-A080-4619-9A2A-C6DB151D8D67}\Setup.exe" -l0x7 TOSHIBA Benutzerhandbücher --> RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{3EB6332B-AF02-457C-A31C-835458C5B48B}\setup.exe" -l0x7 -removeonly TOSHIBA ConfigFree --> RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}\setup.exe" -l0x7 UNINSTALL TOSHIBA Controls --> RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{A6690C0E-B96E-4F0F-A8EB-D5B332454AC6}\Setup.exe" -l0x7 UNINSTALL TOSHIBA Hardware Setup --> C:\PROGRA~1\GEMEIN~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{5279374D-87FE-4879-9385-F17278EBB9D3} /l1031 TOSHIBA Hotkey-Dienstprogramm --> C:\PROGRA~1\GEMEIN~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{7900D3A6-A9E8-4954-ACCB-AB15867978BF} /l1031 TOSHIBA PC-Diagnose-Tool --> C:\WINDOWS\IsUn0407.exe -fC:\Programme\TOSHIBA\PCDiag\Uninst.isu TOSHIBA Power Saver --> C:\WINDOWS\IsUn0407.exe -f"C:\Programme\TOSHIBA\Power Saver\Uninst.isu" -c"C:\WINDOWS\system32\TPSDel.dll" TOSHIBA SD-Speicherkarten-Formatierung --> RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{48CF9A66-5F03-4025-ABD0-B3A3FA095A59}\setup.exe" TOSHIBA Software Modem --> Tosmreg -U TOSHIBA Supervisorkennwort --> C:\PROGRA~1\GEMEIN~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE} /l1031 TOSHIBA Virtual Sound --> RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{8B12BA86-ADAC-4BA6-B441-FFC591087252}\setup.exe" /uninstall TOSHIBA Zoom-Dienstprogramm --> RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{64212898-097F-4F3F-AECA-6D34A7EF82DF}\setup.exe" Touch and Launch --> RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{5D96E2B1-D9AC-46E0-9073-425C5F63E338}\setup.exe" Touchpad EIN/AUS-Utility --> C:\PROGRA~1\GEMEIN~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{80977342-27E8-4FF7-8B6A-D8D89461DA7F} /l1031 Trust WB-3100P Portable Webcam --> RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{EADAA6F7-991F-4CE9-B5CE-FCF3D81F7C7D}\Setup.exe" -l0x9 Unlocker 1.8.0 --> C:\Spiele\window blinds\Unlocker\uninst.exe VeohTV BETA --> C:\Programme\InstallShield Installation Information\{D1B11537-EA51-4DD8-BF1E-098BEE48868D}\setup.exe -runfromtemp -l0x0409 Warcraft III: All Products --> C:\WINDOWS\War3Unin.exe C:\WINDOWS\War3Unin.dat WavePad Uninstall --> C:\Programme\NCH Swift Sound\WavePad\uninst.exe Windows Live Messenger --> MsiExec.exe /I{279DB581-239C-4E13-97F8-0F48E40BE75C} Windows Live Sign-in Assistant --> MsiExec.exe /I{49672EC2-171B-47B4-8CE7-50D7806360D7} Windows XP-Hotfix - KB884018 --> WinRAR archiver --> C:\Programme\WinRAR\uninstall.exe WinZip --> "C:\Programme\WinZip\WINZIP32.EXE" /uninstall WinZip Self-Extractor --> "C:\Programme\WinZip Self-Extractor\wzipse32.exe" -uninstall XviD MPEG-4 Video Codec --> C:\Programme\XviD\unins000.exe -- Application Event Log ------------------------------------------------------- Event Record #/Type13983 / Success Event Submitted/Written: 03/08/2008 03:54:32 PM Event ID/Source: 12001 / usnjsvc Event Description: The Messenger Sharing USN Journal Reader service started successfully. Event Record #/Type13944 / Success Event Submitted/Written: 03/07/2008 08:46:57 PM Event ID/Source: 12001 / usnjsvc Event Description: The Messenger Sharing USN Journal Reader service started successfully. Event Record #/Type13850 / Error Event Submitted/Written: 03/06/2008 09:16:21 PM Event ID/Source: 1000 / Application Error Event Description: Fehlgeschlagene Anwendung explorer.exe, Version 6.0.2900.3156, fehlgeschlagenes Modul unknown, Version 0.0.0.0, Fehleradresse 0x00000000. Das medienspezifische Ereignis für [explorer.exe!ws!] wird verarbeitet. Event Record #/Type13849 / Error Event Submitted/Written: 03/06/2008 09:15:42 PM Event ID/Source: 1000 / Windows Live Messenger Event Description: msnmsgr.exe8.1.178.045b12d6aunknown0.0.0.000000000000000000 Event Record #/Type13842 / Error Event Submitted/Written: 03/06/2008 09:14:02 PM Event ID/Source: 1000 / Windows Live Messenger Event Description: msnmsgr.exe8.1.178.045b12d6aunknown0.0.0.000000000000000000 -- Security Event Log ---------------------------------------------------------- No Errors/Warnings found. -- System Event Log ------------------------------------------------------------ Event Record #/Type75037 / Warning Event Submitted/Written: 03/09/2008 09:53:55 PM / 03/09/2008 09:54:01 PM Event ID/Source: 18 / avgntflt Event Description: TIMEOUT<System> C:\ComboFix\ComboFix.txt Event Record #/Type75018 / Warning Event Submitted/Written: 03/09/2008 07:52:49 PM Event ID/Source: 4226 / Tcpip Event Description: TCP/IP hat das Sicherheitslimit erreicht, das für die Anzahl gleichzeitiger TCP-Verbindungsversuche festgelegt wurde. Event Record #/Type74752 / Warning Event Submitted/Written: 03/09/2008 06:40:58 PM Event ID/Source: 1003 / Dhcp Event Description: Der Computer konnte die Netzwerkadresse, die durch den DHCP-Server für die Netzwerkkarte mit der Netzwerkadresse 0013CE894F31 zugeteilt wurde, nicht erneuern. Der folgende Fehler ist aufgetreten: %%1223. Es wird weiterhin im Hintergrund versucht, eine Adresse vom Netzwerkadressserver (DHCP) zu erhalten. Event Record #/Type74734 / Error Event Submitted/Written: 03/09/2008 06:23:49 PM Event ID/Source: 10010 / DCOM Event Description: Der Server "{078AEF33-C48A-49F7-AFF3-A0EE810BFE7C}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Event Record #/Type74733 / Error Event Submitted/Written: 03/09/2008 06:21:32 PM Event ID/Source: 10010 / DCOM Event Description: Der Server "{C2BFE331-6739-4270-86C9-493D9A04CD38}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. -- End of Deckard's System Scanner: finished at 2008-03-10 16:36:31 ------------ |
|
|
|
|
|
|
10.03.2008, 23:57
Ehrenmitglied
Beiträge: 6028 |
#6
Neben Antivir wird auch noch Norton benutzt,einer zuviel
Entferne die Back-Ups von Hijack This Benutze mal AVG Anti Spyware http://board.protecus.de/t29853.htm Malwarebytes Anti-Malware Download MBAM zum Desktop Doppelklick mbam-setup und waehle Deutsch,das Program wird jetzt ge-updatet Waehle bei Reiter “Scanner”>Schnell Scan durchfuehren Waehle alle Laufwerke>Scan laufen lassen Wenn am Ende infizierungen gefunden werden,anhaacken und entfernen lassen Unter Scanberichte stet das log (mbam-log-XX-XX-XXXX.txt) Poste dessen inhalt hier ins Forum Note: Wenn MBAM Schwierigkeiten damit hat Daten zu entfernen wird es gemeldet und klicke OK Danach wird gefragt den Rechner neu zu starten,lass es zu __________ MfG Argus |
|
|
|
|
|
|
14.03.2008, 17:10
Member
Themenstarter Beiträge: 19 |
#7
Hi!
bei mir läufts wieder prima! war zum glück doch kein virus...hatte mein internet falsch eingestellt... trotzdem danke für alles!! herzlichste grüße Ma-Zhe! |
|
|
|
|
|
|
14.03.2008, 17:19
Ehrenmitglied
Beiträge: 6028 |
#8
Java
Dein Java software ist veraltet, Download jre-6u5-windows-i586-p.exe Scrolle runter nach ----> Java Runtime Environment (JRE) 6 Update 5 The Java SE Runtime Environment (JRE) allows end-users to run Java applications. Klicke auf Download Setze in haeckchen bei --->"Accept License Agreement". Klicke “Windows Offline Installation, Multi-language” um “jre-6u5-windows-i586-p.exe” zum Desktop zu installieren Schliesse alle Programme auch dein Webbrowser Ueber "Start -> Einstellungen -> Systemsteuerung -> Software Und entferne alle aeltere versionen von Java Runtime Environment (JRE of J2SE) Nachdem alles entfernt wurde --->Rechner neu starten Installiere jetzt vom Desktop aus ---> jre-6u5-windows-i586-p.exe Und Malwarebytes Anti-Malware ist kostenlos  __________ MfG Argus |
|
|
|
|
|
Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!
bitte erst » hier kostenlos registrieren!!
Folgende Themen könnten Dich auch interessieren:
Seite(n): 1
Copyright © 2024, Protecus.de - Protecus Team - Impressum / Mediadaten
ich habe folgende Probleme:
-Internet super lahm
-Desktop verknüpfungen verschwunden
-für einen Download von 8.8 MB (neue Vers von DrWeb) brauche ich fast eine Stunde.
-seiten laden sich super lahm! (für diese seite habe ich ne minute gewartet!
ich habe seit letzter woche Montag eine Fritzbox und gehe über WLAN ins internet!
Übertragungsrate ist 54.0 Mbit/s
aber bis vor 2 Tagen hat alles wunderbar geklappt.
Seitdem ist mein laptop super lahm geworden.
Antivir findet nichts. CCleaner und ATF Cleaner bringen auch nichts...(von der Geschwindigkeit her)
Online Auswertung von Hijackthis findet auch nichts.
hoffe ihr könnt mir helfen!
LG
Ma-Zhe