Home » Viren, Trojaner & Malware Forum » Computer plötzlich langsam » Themenansicht

Computer plötzlich langsam
#0
22.01.2009, 16:33
qbuS
...neu hier

Beiträge: 3
#1 Hallo, ich bin neu hier im Forum und habe auch gleich ein Problem das ich nicht selbst gelöst bekomme.

Das Problem ist, dass der Laptop den ich mir im Dezember gekauft habe seit kurzem extrem lange braucht bis er Windows fertig geladen hat. Vor allem seit der rechner einen internetanschluss hat braucht er sehr lange. Als ich ihn bekommen habe hatte er Vista sehr schnell geladen, und nun braucht er ewig. Ich habe seit dem aber kaum etwas istalliert was dieses verhalten (meiner meinung nach veranlassen könnte, hier mal eine auflistung der dinge die bis jetzt an dem rechner gemacht wurden:

Installationen:
ICQ (nicht als autostart)
Oblivion (Spiel)
ActivePerl (PERL eben...)
WLAN acsess finder (Tcom)

Und ein paar bilder wurden auf den rechner kopiert.

Als AVS habe ich McAfee, dieser meint es sei alles in ordnung.
Ich will nicht bevor ich eine meinung eingeholt habe den rechner mit Anti- Addware, Malware,Spyware-Software zukleistern.

Hat jemand eine idee?
Seitenanfang Seitenende
22.01.2009, 18:02
raman
Moderator

Beiträge: 7805
#2 Nutz mal rsit
RSIT
Random's System Information Tool (RSIT) von random/random liest Systemdetails aus und erstellt ein aussagekräftiges Logfile.
Lade Random's System Information Tool (RSIT) herunter (http://images.malwareremoval.com/random/RSIT.exe)
speichere es auf Deinem Desktop.
Starte mit Doppelklick die RSIT.exe.
Klicke auf Continue, um die Nutzungsbedingungen zu akzeptieren.
Wenn Du HiJackThis nicht installiert hast, wird RSIT das für Dich herunterladen und installieren.
In dem Fall bitte auch die Nutzungsbedingungen von Trend Micro (http://de.trendmicro.com/de/home) für HJT akzeptieren "I accept".
Wenn Deine Firewall fragt, bitte RSIT erlauben, ins Netz zu gehen.
Der Scan startet automatisch, RSIT checkt nun einige wichtige System-Bereiche und produziert Logfiles als Analyse-Grundlage.
Wenn der Scan beendet ist, werden zwei Logfiles erstellt und in Deinem Editor geöffnet.
Bitte poste den Inhalt von C:\rsit\log.txt und C:\rsit\info.txt (<= minimiert) hier in den Thread.
__________
MfG Ralf
SEO-Spam Hunter
Seitenanfang Seitenende
22.01.2009, 19:19
qbuS
...neu hier

Themenstarter

Beiträge: 3
#3 Logfile of random's system information tool 1.05 (written by random/random)
Run by GerChan at 2009-01-22 19:15:43
Microsoft® Windows Vista™ Home Premium Service Pack 1
System drive C: has 163 GB (71%) free of 228 GB
Total RAM: 3066 MB (34% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:16:18, on 22.01.2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Dell\DellDock\DellDock.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\conime.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\T-Online\WLAN-Access Finder\ToWLaAcF.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Users\Tami\Program Files\DNA\btdna.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\Common Files\Marmiko Shared\MWLaMaS.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9f.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Tami\Desktop\RSIT.exe
C:\Program Files\trend micro\Tami.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.de/ig/dell?hl=de&client=dell-row&channel=de&ibd=2081202
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.de/ig/dell?hl=de&client=dell-row&channel=de&ibd=2081202
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer bereitgestellt von Dell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "c:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe" /mode2
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [dellsupportcenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [T-Online_Software_6\WLAN-Access Finder] C:\Program Files\T-Online\WLAN-Access Finder\ToWLaAcF.exe /StartMinimized
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Users\Tami\Program Files\DNA\btdna.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-21-3449956079-783377531-2864643765-1001\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (User 'Alex')
O4 - HKUS\S-1-5-18\..\Run: [T-Online_Software_6\WLAN-Access Finder] C:\Program Files\T-Online\WLAN-Access Finder\ToWLaAcF.exe /StartMinimized (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [T-Online_Software_6\WLAN-Access Finder] C:\Program Files\T-Online\WLAN-Access Finder\ToWLaAcF.exe /StartMinimized (User 'Default user')
O4 - S-1-5-21-3449956079-783377531-2864643765-1001 Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Alex')
O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe
O4 - Global Startup: QuickSet.lnk = C:\Program Files\Dell\QuickSet\quickset.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O13 - Gopher Prefix:
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f091b975\aestsrv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe
O23 - Service: Google Desktop Manager 5.8.809.23506 (GoogleDesktopManager-092308-165331) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: PDK Debug Listener (pdkdebug) - ActiveState - C:\Program Files\ActiveState Perl Dev Kit 7.1\bin\pdkdebug.exe
O23 - Service: SupportSoft Sprocket Service (DellSupportCenter) (sprtsvc_DellSupportCenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f091b975\STacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE

--
End of file - 9818 bytes

======Scheduled tasks folder======

C:\Windows\tasks\McDefragTask.job
C:\Windows\tasks\McQcTask.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - c:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
AskBar BHO - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-09-29 325000]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{377C180E-6F0E-4D4C-980F-F45BD3D40CF4}]
McAfee Phishing Filter - c:\PROGRA~1\mcafee\msk\mcapbho.dll [2007-11-26 324936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll [2007-11-09 58688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll [2009-01-12 657904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA6319C0-31B7-401E-A518-A07C3DB8F777}]
CBrowserHelperObject Object - C:\Program Files\Dell\BAE\BAE.dll [2006-11-09 98304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2008-12-09 958200]
{3041d03e-fd4b-44e0-b742-2d9b88305f98} - Ask Toolbar - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-09-29 325000]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"Apoint"=C:\Program Files\DellTPad\Apoint.exe [2008-07-17 196608]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray.exe [2008-07-17 442433]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]
"Broadcom Wireless Manager UI"=C:\Windows\system32\WLTRAY.exe [2008-08-05 3563520]
"Adobe Reader Speed Launcher"=c:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-12-02 30192]
"Dell Webcam Central"=C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe [2008-06-03 446635]
"mcagent_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2007-08-03 582992]
"PCMService"=C:\Program Files\Dell\MediaDirect\PCMService.exe [2008-07-04 132392]
"dellsupportcenter"=C:\Program Files\Dell Support Center\bin\sprtcmd.exe [2008-10-04 206064]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-21 1233920]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]
"T-Online_Software_6\WLAN-Access Finder"=C:\Program Files\T-Online\WLAN-Access Finder\ToWLaAcF.exe [2008-04-08 671796]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-01-12 39408]
"BitTorrent DNA"=C:\Users\Tami\Program Files\DNA\btdna.exe [2009-01-21 342848]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
QuickSet.lnk - C:\Program Files\Dell\QuickSet\quickset.exe

C:\Users\Tami\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dell Dock.lnk - C:\Program Files\Dell\DellDock\DellDock.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\GoToAssist]
C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll [2008-12-02 10536]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\GoToAssist]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 1 months======

2009-01-22 19:15:44 ----D---- C:\Program Files\trend micro
2009-01-22 19:15:43 ----D---- C:\rsit
2009-01-20 20:37:56 ----D---- C:\Users\Tami\AppData\Roaming\BitTorrent
2009-01-20 20:37:16 ----D---- C:\Users\Tami\AppData\Roaming\DNA
2009-01-20 20:37:16 ----D---- C:\Program Files\DNA
2009-01-20 20:37:16 ----D---- C:\Program Files\BitTorrent
2009-01-20 20:37:02 ----D---- C:\Users\Tami\AppData\Roaming\Mozilla
2009-01-20 20:37:01 ----D---- C:\Program Files\AskBarDis
2009-01-19 21:04:30 ----D---- C:\Windows\system32\Adobe
2009-01-12 22:52:38 ----D---- C:\Users\Tami\AppData\Roaming\Google
2009-01-12 22:50:46 ----D---- C:\ProgramData\Google Updater
2009-01-12 22:15:23 ----D---- C:\Program Files\ICQ6Toolbar
2009-01-12 22:15:22 ----D---- C:\ProgramData\ICQ
2009-01-12 22:09:32 ----D---- C:\Users\Tami\AppData\Roaming\ICQ
2009-01-12 22:08:36 ----D---- C:\Program Files\ICQ6.5
2009-01-12 21:59:41 ----SHD---- C:\Config.Msi
2009-01-12 21:59:41 ----D---- C:\Program Files\MSXML 4.0
2009-01-12 20:42:02 ----D---- C:\Program Files\T-Online
2009-01-12 20:42:02 ----D---- C:\Program Files\Common Files\Marmiko Shared
2009-01-12 20:41:12 ----D---- C:\Program Files\Common Files\T-Com
2009-01-12 20:40:30 ----D---- C:\ProgramData\HotSpot Manager
2009-01-12 19:17:47 ----D---- C:\Users\Tami\AppData\Roaming\Macromedia
2009-01-12 19:10:09 ----D---- C:\Users\Tami\AppData\Roaming\Adobe
2009-01-11 18:24:03 ----D---- C:\Users\Tami\AppData\Roaming\Samsung
2009-01-11 18:15:28 ----D---- C:\Windows\system32\Samsung_USB_Drivers
2009-01-11 18:14:30 ----D---- C:\Program Files\Samsung
2009-01-09 23:36:29 ----D---- C:\Program Files\RAR Password Cracker
2009-01-09 23:26:40 ----D---- C:\Program Files\PowerISO
2009-01-04 10:50:16 ----A---- C:\Windows\system32\mshtml.dll
2009-01-04 10:46:32 ----A---- C:\Windows\system32\tzres.dll
2009-01-03 21:07:34 ----D---- C:\BegPerl
2009-01-03 19:05:35 ----D---- C:\Windows\Downloaded Installations
2009-01-03 18:56:31 ----D---- C:\Program Files\ATI
2009-01-03 17:55:44 ----A---- C:\Windows\system32\gdi32.dll
2009-01-03 17:55:33 ----A---- C:\Windows\system32\Apphlpdm.dll
2009-01-03 17:55:30 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2009-01-03 17:55:14 ----A---- C:\Windows\system32\msxml3.dll
2009-01-03 17:55:10 ----A---- C:\Windows\system32\shell32.dll
2009-01-03 17:54:51 ----A---- C:\Windows\explorer.exe
2009-01-03 17:54:39 ----A---- C:\Windows\system32\ieframe.dll
2009-01-03 17:54:38 ----A---- C:\Windows\system32\urlmon.dll
2009-01-03 17:54:37 ----A---- C:\Windows\system32\wininet.dll
2009-01-03 17:54:36 ----A---- C:\Windows\system32\mstime.dll
2009-01-03 17:54:36 ----A---- C:\Windows\system32\iertutil.dll
2009-01-03 17:54:33 ----A---- C:\Windows\system32\jsproxy.dll
2009-01-03 17:53:50 ----A---- C:\Windows\system32\win32spl.dll
2009-01-03 17:53:45 ----A---- C:\Windows\system32\WMVCORE.DLL
2009-01-03 17:53:45 ----A---- C:\Windows\system32\mf.dll
2009-01-03 17:53:43 ----A---- C:\Windows\system32\WMNetMgr.dll
2009-01-03 17:53:43 ----A---- C:\Windows\system32\logagent.exe
2009-01-03 17:53:36 ----A---- C:\Windows\system32\ntoskrnl.exe
2009-01-03 17:53:36 ----A---- C:\Windows\system32\ntkrnlpa.exe
2009-01-03 17:47:52 ----A---- C:\Windows\system32\msxml6.dll
2009-01-03 17:40:14 ----A---- C:\Windows\system32\wups2.dll
2009-01-03 17:40:14 ----A---- C:\Windows\system32\wuauclt.exe
2009-01-03 17:40:13 ----A---- C:\Windows\system32\wuaueng.dll
2009-01-03 17:39:01 ----A---- C:\Windows\system32\wups.dll
2009-01-03 17:39:01 ----A---- C:\Windows\system32\wudriver.dll
2009-01-03 17:39:00 ----A---- C:\Windows\system32\wuapi.dll
2009-01-03 17:38:32 ----A---- C:\Windows\system32\wuwebv.dll
2009-01-03 17:38:31 ----A---- C:\Windows\system32\wuapp.exe
2009-01-02 23:01:38 ----D---- C:\Program Files\Bethesda Softworks
2009-01-02 23:01:07 ----A---- C:\Windows\system32\d3dx9_27.dll
2008-12-31 14:52:47 ----D---- C:\Program Files\ActiveState Perl Dev Kit 7.1
2008-12-31 14:43:50 ----D---- C:\Perl
2008-12-24 13:36:17 ----D---- C:\ProgramData\Roxio

======List of files/folders modified in the last 1 months======

2009-01-22 19:16:10 ----D---- C:\Windows\Prefetch
2009-01-22 19:16:02 ----D---- C:\Windows\Temp
2009-01-22 19:15:44 ----RD---- C:\Program Files
2009-01-21 14:14:09 ----SHD---- C:\System Volume Information
2009-01-19 21:05:19 ----D---- C:\Windows\System32
2009-01-19 21:04:32 ----SD---- C:\Windows\Downloaded Program Files
2009-01-17 17:49:26 ----D---- C:\Windows\system32\catroot2
2009-01-16 20:22:46 ----SD---- C:\ProgramData\Microsoft
2009-01-16 12:28:10 ----D---- C:\Windows\winsxs
2009-01-16 12:28:10 ----D---- C:\Windows\system32\drivers
2009-01-15 07:16:49 ----D---- C:\Windows\system32\catroot
2009-01-14 22:00:48 ----SD---- C:\Users\Tami\AppData\Roaming\Microsoft
2009-01-14 13:11:55 ----D---- C:\Program Files\McAfee
2009-01-12 22:52:23 ----SHD---- C:\Windows\Installer
2009-01-12 22:52:06 ----D---- C:\Program Files\Google
2009-01-12 22:50:46 ----HD---- C:\ProgramData
2009-01-12 22:15:20 ----HD---- C:\Program Files\InstallShield Installation Information
2009-01-12 22:00:08 ----D---- C:\Windows\Debug
2009-01-12 21:58:44 ----D---- C:\Windows
2009-01-12 20:42:02 ----D---- C:\Program Files\Common Files
2009-01-11 18:21:48 ----D---- C:\Windows\inf
2009-01-11 18:11:48 ----D---- C:\Program Files\Common Files\Adobe
2009-01-10 02:35:28 ----A---- C:\Windows\system32\mrt.exe
2009-01-10 01:33:46 ----D---- C:\Windows\system32\config
2009-01-10 01:33:40 ----D---- C:\Windows\Tasks
2009-01-10 01:33:40 ----D---- C:\Windows\system32\wbem
2009-01-10 01:33:40 ----D---- C:\Windows\system32\spool
2009-01-10 01:33:40 ----D---- C:\Windows\system32\Msdtc
2009-01-10 01:33:40 ----D---- C:\Windows\system32\CodeIntegrity
2009-01-10 01:33:40 ----D---- C:\Windows\registration
2009-01-04 11:25:21 ----D---- C:\Windows\rescache
2009-01-04 11:07:06 ----D---- C:\Windows\AppPatch
2009-01-04 11:07:03 ----D---- C:\Windows\system32\de-DE
2009-01-04 11:07:00 ----D---- C:\Windows\system32\migration
2009-01-03 18:54:21 ----D---- C:\Program Files\Dell
2009-01-03 18:45:19 ----D---- C:\DELL
2009-01-03 17:46:37 ----D---- C:\ProgramData\Dell
2009-01-02 23:01:12 ----RSD---- C:\Windows\assembly
2009-01-02 23:01:10 ----D---- C:\Windows\Microsoft.NET
2008-12-31 23:02:00 ----D---- C:\Windows\system32\LogFiles
2008-12-28 14:44:39 ----D---- C:\Windows\system32\WDI
2008-12-26 17:06:31 ----A---- C:\Windows\system32\PerfStringBackup.INI
2008-12-24 16:51:42 ----D---- C:\Windows\Logs
2008-12-24 13:25:51 ----SHD---- C:\$Recycle.Bin
2008-12-24 13:24:48 ----RD---- C:\Users

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 mfehidk;McAfee Inc. mfehidk; C:\Windows\system32\drivers\mfehidk.sys [2007-11-22 201320]
R1 MPFP;MPFP; C:\Windows\System32\Drivers\Mpfp.sys [2007-07-13 125728]
R1 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys [2006-07-24 5632]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2008-07-03 46592]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2008-07-03 43008]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2008-07-03 38400]
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows 2000/XP/Vista; C:\Windows\system32\DRIVERS\Apfiltr.sys [2008-07-17 170032]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-07-18 3847168]
R3 BCM42RLY;BCM42RLY; C:\Windows\system32\drivers\BCM42RLY.sys [2008-08-05 18424]
R3 BCM43XX;Treiber für Dell Wireless WLAN Karte; C:\Windows\system32\DRIVERS\bcmwl6.sys [2008-08-05 1207288]
R3 CmBatt;Treiber für Microsoft-ACPI-Kontrollmethodenkompatible Batterie; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 HdAudAddService;Microsoft 1.1 UAA-Funktionstreiber für High Definition Audio-Dienst; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
R3 itecir;ITECIR Infrared Receiver; C:\Windows\system32\DRIVERS\itecir.sys [2008-07-28 54784]
R3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60x.sys [2008-05-29 203264]
R3 mfeavfk;McAfee Inc. mfeavfk; C:\Windows\system32\drivers\mfeavfk.sys [2007-11-22 79304]
R3 mfebopk;McAfee Inc. mfebopk; C:\Windows\system32\drivers\mfebopk.sys [2007-11-22 35240]
R3 mfesmfk;McAfee Inc. mfesmfk; C:\Windows\system32\drivers\mfesmfk.sys [2007-12-02 40488]
R3 OA001Ufd;Creative Camera OA001 Upper Filter Driver; C:\Windows\system32\DRIVERS\OA001Ufd.sys [2008-09-22 144672]
R3 OA001Vid;Creative Camera OA001 Function Driver; C:\Windows\system32\DRIVERS\OA001Vid.sys [2008-09-22 277632]
R3 RLDesignVirtualAudioCableWdm;Live! Cam Virtual; C:\Windows\system32\DRIVERS\livecamv.sys [2007-01-15 31616]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt.sys [2008-07-17 379904]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
S3 drmkaud;Microsoft Kernel-DRM-Audioentschlüsselung; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 e1express;Intel(R) PRO/1000 PCI Express-Netzwerkverbindungstreiber; C:\Windows\system32\DRIVERS\e1e6032.sys [2008-01-21 220672]
S3 mferkdk;McAfee Inc. mferkdk; C:\Windows\system32\drivers\mferkdk.sys [2007-11-22 33832]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Proxy für Streaming Clock; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Proxy für Streaming Quality Manager; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-07-18 3847168]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\Windows\system32\DRIVERS\ss_bus.sys [2007-05-02 83592]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\Windows\system32\DRIVERS\ss_mdfl.sys [2007-05-02 15112]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\Windows\system32\DRIVERS\ss_mdm.sys [2007-05-02 109704]
S3 VST_DPV;VST_DPV; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2008-01-21 987648]
S3 VSTHWBS2;VSTHWBS2; C:\Windows\system32\DRIVERS\VSTBS23.SYS [2008-01-21 251904]
S3 winachsf;winachsf; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2008-01-21 654336]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f091b975\aestsrv.exe [2008-07-17 73728]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2008-07-18 692224]
R2 DockLoginService;Dock Login Service; C:\Program Files\Dell\DellDock\DockLogin.exe [2008-09-23 155648]
R2 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-01-12 168432]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2008-10-19 222456]
R2 mcmscsvc;McAfee Services; C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe [2008-01-09 767976]
R2 McNASvc;McAfee Network Agent; c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe [2008-01-25 2458128]
R2 McProxy;McAfee Proxy Service; c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe [2007-08-15 359248]
R2 McShield;McAfee Real-time Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [2007-07-24 144704]
R2 MpfService;McAfee Personal Firewall Service; C:\Program Files\McAfee\MPF\MPFSrv.exe [2007-07-18 856864]
R2 MSK80Service;McAfee Anti-Spam Service; C:\Program Files\McAfee\MSK\MskSrver.exe [2007-11-26 23880]
R2 pdkdebug;PDK Debug Listener; C:\Program Files\ActiveState Perl Dev Kit 7.1\bin\pdkdebug.exe [2008-01-29 118869]
R2 sprtsvc_DellSupportCenter;SupportSoft Sprocket Service (DellSupportCenter); C:\Program Files\Dell Support Center\bin\sprtsvc.exe [2008-10-04 201968]
R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f091b975\STacSV.exe [2008-07-17 221239]
R2 wltrysvc;Dell Wireless WLAN Tray Service; C:\Windows\System32\WLTRYSVC.EXE [2008-08-05 24064]
R3 McSysmon;McAfee SystemGuards; C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe [2007-12-05 695624]
S3 GoogleDesktopManager-092308-165331;Google Desktop Manager 5.8.809.23506; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-12-02 30192]
S3 GoToAssist;GoToAssist; C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe [2008-12-02 16680]
S3 McODS;McAfee Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe [2007-11-07 378184]
S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2008-03-24 74384]

-----------------EOF-----------------
Seitenanfang Seitenende
22.01.2009, 19:34
raman
Moderator

Beiträge: 7805
#4 Ausser Bittorrent kann ich nichts wirklich sonderbares sehen. Was nicht bedeutet, das ein Rootkitscan nicht noch etwas anderes zeigen koennte.

Wenn du willst, kannst du ein Gmer Report erstellen. Es braucht nicht viel zum installieren( nur drei dateien, die man mit dem uninstall einfach loeschen kann).

Eine Anleitung findest du hier:
http://www.hijackthis-forum.de/tipps-tricks/16868-rootkits-kurz-anleitung-gmer.html

Du solltest es als Administrator ausfuehren...
__________
MfG Ralf
SEO-Spam Hunter
Seitenanfang Seitenende
22.01.2009, 23:13
qbuS
...neu hier

Themenstarter

Beiträge: 3
#5 Ok, das werde ich morgen machen. Danke für die Zeit und Hilfe! sobald ich weiter bin melde ich mich.
Seitenanfang Seitenende
Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!

Folgende Themen könnten Dich auch interessieren:
  • »
  • »
  • »
  • »
  • »
Seite(n): 1